Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Nasty Svchost infection. What do?


  • This topic is locked This topic is locked
33 replies to this topic

#1 Neo160

Neo160

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Local time:07:36 AM

Posted 06 July 2014 - 03:04 AM

Hello Gentleman (and Women), i've a bad case of a nasty svchost rootkit infection.  Every attempt so far has failed at resolving the issue. I'm running Avast Internet Security (premium trial), and after clicking an ad i really regret clicking, the web shield shows an svchost attempting to spam links, to probably more ads.
 
My Operating system:
 
Windows 7 home premium (64 bit)
 
My attempts so far:
 
rkill64 did not detect
 
tdsskiller did not detect
 
adwcleaner cleaned alot of adware, did not resolve the issue
 
aswMBR did not resolve
 
Malwarebytes Anti-Rootkit Beta did not detect  or resolve
 
I did run Combofix (yessss i know, bad juju, useless unless an expert reads the logs). I took no action based on any logs. I won't post any logs according to the rules here or unless asked.
 
RogueKiller came REAL close, during the initial scan it detects an infected svchost.exe and terminates two instances of it. the first is labelled as Root.Zekos (screenshot available on request).
 
the problem, is that once it does this, windows brings a pop-up with, windows must now restart because the DCOM Server Process Launcher service. I've tried to scan in safe-mode, computer still forces a restart.
 
any help is very much appreciated.
 
 result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 05-07-2014 01
Ran by Owner (administrator) on OWNER-PC on 06-07-2014 03:12:54
Running from C:\Users\Owner\Desktop
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(SANDBOXIE L.T.D) C:\Program Files\Sandboxie\SbieSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\afwServ.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\VS7DEBUG\mdm.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(pdfforge GbR) C:\Program Files (x86)\PDF Architect\HelperService.exe
(pdfforge GbR) C:\Program Files (x86)\PDF Architect\ConversionService.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
(Dropbox, Inc.) C:\Users\Owner\AppData\Roaming\Dropbox\bin\Dropbox.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.1.362.0\SeaPort.EXE
(Microsoft Corporation) C:\Windows\System32\taskmgr.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_14_0_0_125.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_14_0_0_125.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [Nvtmru] => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe [1028384 2013-11-08] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\nvspcap64.dll [1100248 2013-12-09] (NVIDIA Corporation)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2279712 2013-12-09] (NVIDIA Corporation)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-09-17] (Apple Inc.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [4086432 2014-06-29] (AVAST Software)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-688074385-1042068862-3521065105-1000\...\Run: [PeerBlock] => C:\Program Files\PeerBlock\peerblock.exe [2646128 2010-11-06] (PeerBlock, LLC)
HKU\S-1-5-21-688074385-1042068862-3521065105-1000\...\Policies\system: [LogonHoursAction] 2
HKU\S-1-5-21-688074385-1042068862-3521065105-1000\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
Startup: C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Owner\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
ShellIconOverlayIdentifiers: 00avast -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
ShellIconOverlayIdentifiers: DropboxExt1 -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: DropboxExt2 -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: DropboxExt3 -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: DropboxExt4 -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers-x32: DropboxExt1 -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers-x32: DropboxExt2 -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers-x32: DropboxExt3 -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers-x32: Groove Explorer Icon Overlay 1 (GFS Unread Stub) -> {99FD978C-D287-4F50-827F-B2C658EDA8E7} => C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: Groove Explorer Icon Overlay 2 (GFS Stub) -> {AB5C5600-7E6E-4B06-9197-9ECEF74D31CC} => C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: Groove Explorer Icon Overlay 2.5 (GFS Unread Folder) -> {920E6DB1-9907-4370-B3A0-BAFC03D81399} => C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: Groove Explorer Icon Overlay 3 (GFS Folder) -> {16F3DD56-1AF5-4347-846D-7C10C4192619} => C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: Groove Explorer Icon Overlay 4 (GFS Unread Mark) -> {2916C86E-86A6-43FE-8112-43ABE6BF8DCC} => C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
GroupPolicyUsers\S-1-5-21-688074385-1042068862-3521065105-1006\User: Group Policy restriction detected <======= ATTENTION
GroupPolicyUsers\S-1-5-21-688074385-1042068862-3521065105-1005\User: Group Policy restriction detected <======= ATTENTION

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 - DefaultScope value is missing.
SearchScopes: HKLM-x32 - {2D630589-DC33-C5FD-CD29-16B8D2371F81} URL =
SearchScopes: HKLM-x32 - {9ACB459A-40B1-4819-A754-8512D452BB66} URL = http://search.sweetim.com/search.asp?src=6&q={searchTerms}&crg=3.1010000.10005&barid={CCEF7D6B-3D0B-11E2-96C0-E840F2683643}
SearchScopes: HKLM-x32 - {D0D37FEA-61D5-4BE1-96E1-36C44A7E73A8 URL = http://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=dnld2msd&cd=2XzuyEtN2Y1L1Qzu0EzzyEtD0FtByCzztAyCyEtA0EtAzztAtN0D0Tzu0CyCtCyBtN1L2XzutBtFtBtFyEtFyBtAtCtN1L1Czu1Q1G1I1Q1H1B1Q&cr=998810204&ir=
SearchScopes: HKCU - {539E4BE0-507E-5C33-5E55-7AED3C9E2DB8} URL =
SearchScopes: HKCU - {8EEAC88A-079B-4b2c-80C1-7836F79EB40A} URL = http://us.yhs4.search.yahoo.com/yhs/search?hspart=w3i&hsimp=yhs-ri1_trans&p={searchterms}&type=W3i_DS,136,0_0,Search,20140208,19704,0,85,5275
SearchScopes: HKCU - {9ACB459A-40B1-4819-A754-8512D452BB66} URL = http://search.sweetim.com/search.asp?src=6&q={searchTerms}&crg=3.1010000.10005&barid={CCEF7D6B-3D0B-11E2-96C0-E840F2683643}
SearchScopes: HKCU - {D0D37FEA-61D5-4BE1-96E1-36C44A7E73A8 URL = http://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=dnld2msd&cd=2XzuyEtN2Y1L1Qzu0EzzyEtD0FtByCzztAyCyEtA0EtAzztAtN0D0Tzu0CyCtCyBtN1L2XzutBtFtBtFyEtFyBtAtCtN1L1Czu1Q1G1I1Q1H1B1Q&cr=998810204&ir=
SearchScopes: HKCU - {D0D37FEA-61D5-4BE1-96E1-36C44A7E73A8} URL = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3287806&CUI=UN80223329523987484&UM=2
BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: PDF Architect Helper - {3A2D5EBA-F86D-4BD3-A177-019765996711} - C:\Program Files (x86)\PDF Architect\PDFIEHelper.dll (pdfforge GbR)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO-x32: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Microsoft Web Test Recorder 10.0 Helper - {876d9f09-c6d6-4324-a2cc-04dd9a4de12f} - C:\Program Files (x86)\Microsoft Visual Studio 11.0\Common7\IDE\PrivateAssemblies\Microsoft.VisualStudio.QualityTools.RecorderBarBHO100.dll (Microsoft Corporation)
BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.362.0\BingExt.dll (Microsoft Corporation.)
BHO-x32: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.362.0\BingExt.dll (Microsoft Corporation.)
Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Filter: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File
Filter: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File
Filter: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File
Filter: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File
Filter: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File
Filter: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File
Filter: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File
Filter: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File
Filter: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File
Filter: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File
Filter: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File
Filter: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File
Filter: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File
Filter: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File
Filter: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File
Filter: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File
Filter-x32: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File
Filter-x32: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File
Filter-x32: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File
Filter-x32: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File
Filter-x32: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File
Filter-x32: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File
Filter-x32: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File
Filter-x32: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File
Filter-x32: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File
Filter-x32: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File
Filter-x32: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File
Filter-x32: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File
Filter-x32: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File
Filter-x32: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File
Filter-x32: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File
Filter-x32: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 68.238.64.12
Tcpip\..\Interfaces\{E6D99105-EA10-4CCF-B8B5-4544C6D44705}: [NameServer]8.26.56.26,156.154.70.22

FireFox:
========
FF ProfilePath: C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\6w55vip2.default
FF Homepage: https://thepiratebay.se/
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_125.dll ()
FF Plugin: @java.com/DTPlugin,version=10.25.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_125.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @Citrix.com/npican - C:\Program Files (x86)\Citrix\ICA Client\npicaN.dll No File
FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~4\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @Nero.com/KM - C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL (Nero AG)
FF Plugin-x32: @nexon.net/NxGame - C:\ProgramData\NexonUS\NGM\npNxGameUS.dll No File
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @raidcall.en/RCplugin - C:\Users\Owner\AppData\Roaming\raidcall\plugins\nprcplugin.dll (Raidcall)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.7 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\Owner\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin HKCU: ubisoft.com/uplaypc - C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll No File
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\NPFxViewer.dll ()
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin6.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin7.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npwachk.dll (Nullsoft, Inc.)
FF SearchPlugin: C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\6w55vip2.default\searchplugins\Startpins.xml
FF Extension: ProxTube - Unblock YouTube - C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\6w55vip2.default\Extensions\ich@maltegoetz.de [2013-12-11]
FF Extension: Ghostery - C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\6w55vip2.default\Extensions\firefox@ghostery.com.xpi [2014-04-20]
FF Extension: MEGA - C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\6w55vip2.default\Extensions\firefox@mega.co.nz.xpi [2013-11-30]
FF Extension: YouTube to MP3 Button - C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\6w55vip2.default\Extensions\flvto@hotger.com.xpi [2013-03-28]
FF Extension: Ez Magnetz - C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\6w55vip2.default\Extensions\jid0-hEo9PFAuKveAlwkQpAvV5BhJsWE@jetpack.xpi [2013-06-25]
FF Extension: Status-4-Evar - C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\6w55vip2.default\Extensions\status4evar@caligonstudios.com.xpi [2012-06-17]
FF Extension: Session Manager - C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\6w55vip2.default\Extensions\{1280606b-2510-4fe0-97ef-9b5a22eafe30}.xpi [2012-08-11]
FF Extension: ReloadEvery - C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\6w55vip2.default\Extensions\{888d99e7-e8b5-46a3-851e-1ec45da1e644}.xpi [2012-10-15]
FF Extension: FlashResizer - C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\6w55vip2.default\Extensions\{C6F77964-B0B5-4953-A144-93051184EC0C}.xpi [2014-05-22]
FF Extension: Adblock Plus - C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\6w55vip2.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2012-06-25]
FF HKLM-x32\...\Firefox\Extensions: [FFPDFArchitectConverter@pdfarchitect.com] - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt
FF Extension: PDF Architect Converter For Firefox - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt [2013-01-22]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-06-13]

Chrome:
=======
CHR HomePage:
CHR NewTab: "chrome-extension://pflphaooapbgpeakohlggbpidpppgdff/content/newtab/newtab.html"
CHR DefaultNewTabURL:
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\pdf.dll ()
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll No File
CHR Plugin: (Winamp Application Detector) - C:\Program Files (x86)\Mozilla Firefox\plugins\npwachk.dll (Nullsoft, Inc.)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~4\Office14\NPAUTHZ.DLL (Microsoft Corporation)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (Citrix ICA Client) - C:\Program Files (x86)\Citrix\ICA Client\npicaN.dll No File
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.124\npGoogleUpdate3.dll No File
CHR Plugin: (NVIDIA 3D Vision) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
CHR Plugin: (NVIDIA 3D VISION) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
CHR Plugin: (Java Deployment Toolkit 7.0.50.255) - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
CHR Plugin: (Java™ Platform SE 7 U5) - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (Uplay PC) - C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll No File
CHR Plugin: (Windows Live™ Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (iTunes Application Detector) - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Plugin: (Nexon Game Controller) - C:\ProgramData\NexonUS\NGM\npNxGameUS.dll No File
CHR Plugin: (Unity Player) - C:\Users\Owner\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_287.dll No File
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll No File
CHR Extension: (No Name) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\acohkacenjkkllhbfgfflibmenakobco [2014-06-13]
CHR Extension: (Google Drive) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2012-12-07]
CHR Extension: (YouTube) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-12-07]
CHR Extension: (Google Search) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-12-07]
CHR Extension: (avast! Online Security) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-06-13]
CHR Extension: (Google Wallet) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-23]
CHR Extension: (Status Bar) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\ojjdiklbbogaliiljdbpbkkkghendjja [2013-03-15]
CHR Extension: (Gmail) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-12-07]
CHR HKLM-x32\...\Chrome\Extension: [gfdifeicmijiobaflmbcnohpplhiipka] - C:\Users\Owner\AppData\Roaming\youtube2mp3\youtube2mp3.crx [2012-11-19]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-06-29]

==================== Services (Whitelisted) =================

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-06-29] (AVAST Software)
R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [106488 2014-06-29] (AVAST Software)
R2 DcomLaunch; C:\Windows\system32\rpcss.dll [528384 2010-11-20] (Microsoft Corporation) [File not signed]
S3 fussvc; C:\Program Files (x86)\Windows Kits\8.0\App Certification Kit\fussvc.exe [139776 2012-07-25] (Microsoft Corporation) [File not signed]
R2 MDM; C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [335872 2006-10-26] (Microsoft Corporation) [File not signed]
S3 npggsvc; C:\Windows\SysWOW64\GameMon.des [3953632 2012-03-06] (INCA Internet Co., Ltd.) [File not signed]
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1494304 2013-12-09] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [15129376 2013-12-09] (NVIDIA Corporation)
R2 PDF Architect Helper Service; C:\Program Files (x86)\PDF Architect\HelperService.exe [1324104 2013-01-09] (pdfforge GbR)
R2 PDF Architect Service; C:\Program Files (x86)\PDF Architect\ConversionService.exe [795208 2013-01-09] (pdfforge GbR)
R2 RpcSs; C:\Windows\system32\rpcss.dll [528384 2010-11-20] (Microsoft Corporation) [File not signed]
R2 SbieSvc; C:\Program Files\Sandboxie\SbieSvc.exe [94992 2011-11-23] (SANDBOXIE L.T.D)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
S3 Te.Service; C:\Program Files (x86)\Windows Kits\8.0\Testing\Runtimes\TAEF\Wex.Services.exe [126976 2012-07-25] (Microsoft Corporation) [File not signed]
S3 TunngleService; C:\Program Files (x86)\Tunngle\TnglCtrl.exe [759192 2013-09-03] (Tunngle.net GmbH) [File not signed]
S4 HiPatchService; C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [X]
S2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [X]

==================== Drivers (Whitelisted) ====================

U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-13] (Microsoft Corporation)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-06-29] ()
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [28184 2014-06-29] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-06-29] (AVAST Software)
R0 aswNdisFlt; C:\Windows\System32\DRIVERS\aswNdisFlt.sys [448400 2014-06-29] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-06-29] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-06-29] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1041168 2014-06-29] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [427360 2014-07-04] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [92008 2014-06-29] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [224896 2014-06-29] ()
S3 CorsairCAHS1; C:\Windows\System32\drivers\CAHS164.sys [1308160 2011-06-16] (C-Media Electronics Inc)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [39200 2013-12-05] (NVIDIA Corporation)
S3 pbfilter; C:\Program Files\PeerBlock\pbfilter.sys [24176 2010-11-06] ()
R3 SbieDrv; C:\Program Files\Sandboxie\SbieDrv.sys [149888 2012-09-05] (SANDBOXIE L.T.D) [File not signed]
S3 Serial; C:\Windows\system32\drivers\serial.sys [94208 2009-07-13] (Brother Industries Ltd.)
R3 tap0901t; C:\Windows\System32\DRIVERS\tap0901t.sys [31232 2009-09-16] (Tunngle.net)
S3 VSPerfDrv110; C:\Program Files (x86)\Microsoft Visual Studio 11.0\Team Tools\Performance Tools\x64\VSPerfDrv110.sys [70264 2012-07-13] (Microsoft Corporation)
S3 WinRing0_1_2_0; C:\Program Files (x86)\Razer\Razer Game Booster\Driver\WinRing0x64.sys [14544 2012-11-13] (OpenLibSys.org)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-07-06 03:12 - 2014-07-06 03:13 - 00029746 _____ () C:\Users\Owner\Desktop\FRST.txt
2014-07-06 03:12 - 2014-07-06 03:12 - 00000000 ____D () C:\FRST
2014-07-06 02:50 - 2014-07-06 02:50 - 02084352 _____ (Farbar) C:\Users\Owner\Desktop\FRST64.exe
2014-07-05 23:51 - 2014-07-05 23:51 - 00031691 _____ () C:\ComboFix.txt
2014-07-05 23:17 - 2014-07-05 23:17 - 00991232 _____ () C:\Users\Owner\Desktop\MicrosoftFixit50267.msi
2014-07-05 23:10 - 2014-07-05 23:10 - 04745728 _____ (AVAST Software) C:\Users\Owner\Desktop\aswMBR.exe
2014-07-05 22:59 - 2014-07-05 22:59 - 01062136 _____ (Bleeping Computer, LLC) C:\Users\Owner\Desktop\rkill64.exe
2014-07-05 22:44 - 2014-07-05 22:59 - 00001420 _____ () C:\Users\Owner\Desktop\Rkill.txt
2014-07-05 22:44 - 2014-07-05 22:44 - 01942776 _____ (Bleeping Computer, LLC) C:\Users\Owner\Desktop\rkill.exe
2014-07-05 22:36 - 2014-07-05 22:36 - 00001069 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-07-05 22:36 - 2014-07-05 22:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-07-05 22:36 - 2014-07-05 22:36 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-07-05 22:36 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-07-05 22:36 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-07-05 22:34 - 2014-07-05 22:35 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Owner\Desktop\mbam-setup-2.0.2.1012.exe
2014-07-05 22:04 - 2014-07-05 22:04 - 00000000 ____D () C:\Users\Owner\Downloads\Assault Android Cactus
2014-07-05 21:51 - 2014-07-05 22:36 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-07-05 21:51 - 2014-07-05 22:36 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-07-05 21:51 - 2014-07-05 22:30 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2014-07-05 21:51 - 2014-07-05 22:21 - 00000000 ____D () C:\Users\Owner\Desktop\mbar
2014-07-05 21:51 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-07-05 21:50 - 2014-07-05 21:50 - 14349744 _____ (Malwarebytes Corp.) C:\Users\Owner\Desktop\mbar-1.07.0.1012.exe
2014-07-05 21:44 - 2014-07-05 21:44 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-07-05 21:41 - 2014-07-05 21:44 - 02347384 _____ (ESET) C:\Users\Owner\Desktop\esetsmartinstaller_enu.exe
2014-07-05 21:26 - 2014-07-05 22:29 - 00001060 _____ () C:\Windows\DtcInstall.log
2014-07-05 20:52 - 2014-07-05 20:52 - 04707328 _____ () C:\Users\Owner\Desktop\RogueKiller.exe
2014-07-05 20:52 - 2014-07-05 20:52 - 00000000 ____D () C:\ProgramData\RogueKiller
2014-07-05 20:00 - 2014-07-05 23:51 - 00000000 ____D () C:\Qoobox
2014-07-05 20:00 - 2011-06-25 23:45 - 00256000 _____ () C:\Windows\PEV.exe
2014-07-05 20:00 - 2010-11-07 10:20 - 00208896 _____ () C:\Windows\MBR.exe
2014-07-05 20:00 - 2009-04-19 21:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-07-05 20:00 - 2000-08-30 17:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-07-05 20:00 - 2000-08-30 17:00 - 00406528 ____R (SteelWerX) C:\Windows\SWSC.exe
2014-07-05 20:00 - 2000-08-30 17:00 - 00098816 _____ () C:\Windows\sed.exe
2014-07-05 20:00 - 2000-08-30 17:00 - 00080412 _____ () C:\Windows\grep.exe
2014-07-05 20:00 - 2000-08-30 17:00 - 00068096 _____ () C:\Windows\zip.exe
2014-07-05 19:59 - 2014-07-05 20:23 - 00000000 ____D () C:\Windows\erdnt
2014-07-05 19:47 - 2014-07-05 19:52 - 00000000 ____D () C:\AdwCleaner
2014-07-05 19:47 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll
2014-07-05 19:46 - 2014-07-05 19:46 - 05213907 ____R (Swearware) C:\Users\Owner\Desktop\ComboFix.exe
2014-07-05 19:46 - 2014-07-05 19:46 - 01346519 _____ () C:\Users\Owner\Desktop\AdwCleaner.exe
2014-07-05 19:38 - 2014-07-05 19:38 - 04181856 _____ (Kaspersky Lab ZAO) C:\Users\Owner\Desktop\tdsskiller.exe
2014-07-05 18:18 - 2014-07-05 18:18 - 00321220 ____S () C:\Windows\system32\dddzsnt.fjk
2014-07-05 16:35 - 2014-07-05 18:43 - 00000000 ____D () C:\Users\Owner\Downloads\Soldier.Of.Fortune.II.Double.Helix.Gold.Edition.PC.Game(djDEVASTATE™)
2014-07-04 22:24 - 2014-07-05 20:05 - 00000929 _____ () C:\Users\Owner\Desktop\mono - Shortcut.lnk
2014-07-04 22:17 - 2014-07-04 22:17 - 00000000 ____D () C:\Users\Owner\Downloads\mono
2014-07-04 22:06 - 2014-07-04 22:09 - 00000000 ____D () C:\Users\Owner\Downloads\ss2
2014-07-04 22:06 - 2014-07-04 22:06 - 00851613 _____ () C:\Users\Owner\Downloads\ss2.zip
2014-07-04 05:15 - 2014-07-04 05:15 - 00073728 _____ () C:\Users\Owner\Documents\backup dogecoins yo.dat
2014-07-01 10:13 - 2014-07-01 10:13 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\Code Force Limited
2014-07-01 09:56 - 2014-06-27 19:38 - 00000000 ____D () C:\Users\Owner\Downloads\Distant Worlds Universe
2014-07-01 09:56 - 2014-06-27 19:24 - 00000000 ____D () C:\Users\Owner\Downloads\races
2014-07-01 09:56 - 2014-06-27 19:24 - 00000000 ____D () C:\Users\Owner\Downloads\Policy
2014-07-01 09:56 - 2014-06-27 19:24 - 00000000 ____D () C:\Users\Owner\Downloads\Help
2014-07-01 09:56 - 2014-06-27 19:24 - 00000000 ____D () C:\Users\Owner\Downloads\AutoPlay
2014-07-01 09:56 - 2014-06-27 19:04 - 11760640 _____ (Code Force Limited) C:\Users\Owner\Downloads\DistantWorlds.exe
2014-07-01 09:56 - 2014-06-27 19:04 - 06727680 _____ (Matrix Publishing Ltd.) C:\Users\Owner\Downloads\autorun.exe
2014-07-01 09:56 - 2014-06-27 19:04 - 00454849 _____ () C:\Users\Owner\Downloads\GameText.txt
2014-07-01 09:56 - 2014-06-27 19:04 - 00325968 _____ () C:\Users\Owner\Downloads\lua5.1.dll
2014-07-01 09:56 - 2014-06-27 19:04 - 00276592 _____ () C:\Users\Owner\Downloads\TitleFont.xnb
2014-07-01 09:56 - 2014-06-27 19:04 - 00276592 _____ () C:\Users\Owner\Downloads\NormalFont.xnb
2014-07-01 09:56 - 2014-06-27 19:04 - 00081008 _____ () C:\Users\Owner\Downloads\SmallFont.xnb
2014-07-01 09:56 - 2014-06-27 19:03 - 00276592 _____ () C:\Users\Owner\Downloads\BoldFont.xnb
2014-07-01 09:56 - 2014-06-27 19:03 - 00081008 _____ () C:\Users\Owner\Downloads\TinyFont.xnb
2014-07-01 09:56 - 2014-06-27 19:03 - 00004326 _____ () C:\Users\Owner\Downloads\fighters.txt
2014-07-01 09:56 - 2014-06-20 20:55 - 00057758 _____ () C:\Users\Owner\Downloads\research.txt
2014-07-01 09:56 - 2014-06-20 20:55 - 00022263 _____ () C:\Users\Owner\Downloads\components.txt
2014-07-01 09:56 - 2014-06-20 20:55 - 00014405 _____ () C:\Users\Owner\Downloads\facilities.txt
2014-07-01 09:56 - 2014-06-14 12:09 - 00000008 _____ () C:\Users\Owner\Downloads\steam_appid.txt
2014-07-01 09:56 - 2014-06-12 22:02 - 00000649 _____ () C:\Users\Owner\Downloads\Startup.ini
2014-07-01 09:49 - 2014-07-01 09:49 - 00002225 _____ () C:\Users\Public\Desktop\Distant Worlds Universe.lnk
2014-07-01 09:49 - 2014-07-01 09:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Slitherine Ltd
2014-07-01 09:48 - 2014-07-01 09:48 - 00000000 ____D () C:\Program Files (x86)\Slitherine Ltd
2014-07-01 09:30 - 2014-07-01 09:32 - 18324715 _____ () C:\Users\Owner\Downloads\METACRITIC WINPATCH LULS HERRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRERERERERERER.rar
2014-07-01 09:29 - 2014-07-05 16:42 - 00000000 ____D () C:\Users\Owner\Downloads\Distant.Worlds.Universe-SKIDROW
2014-06-30 22:09 - 2014-06-30 23:49 - 00000000 ____D () C:\Users\Owner\Documents\Xenonauts
2014-06-30 22:09 - 2014-06-30 22:09 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\PlayFirst
2014-06-30 22:09 - 2014-06-30 22:09 - 00000000 ____D () C:\ProgramData\PlayFirst
2014-06-30 22:08 - 2014-06-30 22:08 - 00001625 _____ () C:\Users\Public\Desktop\Xenonauts.lnk
2014-06-30 21:29 - 2014-06-30 21:29 - 34888300 ____R (XGen Studios, Inc. ) C:\Users\Owner\Desktop\Stick RPG 2 Director's Cut V 1.0.exe
2014-06-30 20:44 - 2014-06-30 20:54 - 00000000 ____D () C:\Users\Owner\Downloads\Xenonauts - GoG
2014-06-29 21:22 - 2014-06-29 21:22 - 00001979 _____ () C:\Users\Public\Desktop\avast! Internet Security.lnk
2014-06-29 21:21 - 2014-06-29 21:21 - 00448400 _____ (AVAST Software) C:\Windows\system32\Drivers\aswNdisFlt.sys
2014-06-29 21:21 - 2014-06-29 21:21 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-06-29 21:21 - 2014-06-29 21:21 - 00028184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2014-06-27 23:45 - 2014-06-27 23:45 - 00001164 _____ () C:\Users\Owner\Desktop\ShovelKnight.lnk
2014-06-27 06:37 - 2014-06-27 06:37 - 00000222 _____ () C:\Users\Owner\Desktop\Terraria.url
2014-06-27 02:16 - 2014-06-27 02:16 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\Yacht Club Games
2014-06-27 02:15 - 2014-06-27 23:46 - 00000000 ____D () C:\Users\Owner\Downloads\Shovel Knight v1.0a
2014-06-27 02:12 - 2014-06-27 02:13 - 104853246 ____R () C:\Users\Owner\Downloads\Shovel Knight v1.0a.7z
2014-06-17 22:09 - 2014-06-17 22:09 - 00000000 ____D () C:\Users\Owner\AppData\Local\Smellyriver
2014-06-17 22:08 - 2014-06-17 22:09 - 00000000 ____D () C:\Users\Owner\Downloads\STI.1.3.3.40
2014-06-17 22:04 - 2014-06-17 22:06 - 15538041 _____ () C:\Users\Owner\Downloads\STI.1.3.3.40.zip
2014-06-16 19:05 - 2014-01-08 19:22 - 05694464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2014-06-16 19:05 - 2014-01-03 15:44 - 06574592 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2014-06-16 19:05 - 2013-11-23 11:26 - 00417792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2014-06-16 19:05 - 2013-11-23 10:47 - 00465920 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2014-06-16 19:04 - 2014-05-08 02:32 - 03178496 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2014-06-16 19:04 - 2014-05-08 02:32 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\RdpGroupPolicyExtension.dll
2014-06-16 19:04 - 2014-02-03 19:32 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2014-06-16 19:04 - 2014-02-03 19:04 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2014-06-16 19:04 - 2013-12-24 16:09 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2014-06-16 19:04 - 2013-12-24 15:48 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2014-06-16 19:04 - 2013-11-26 01:16 - 03419136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2014-06-16 19:04 - 2013-11-22 15:48 - 03928064 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2014-06-16 10:18 - 2014-06-16 10:18 - 00001017 _____ () C:\Users\Public\Desktop\Doom Warrior.lnk
2014-06-16 10:18 - 2014-06-16 10:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Doom Warrior
2014-06-16 10:18 - 2014-06-16 10:18 - 00000000 ____D () C:\Program Files (x86)\Doom Warrior
2014-06-16 10:14 - 2014-06-16 10:15 - 360364056 _____ (Creaky Corpse Ltd ) C:\Users\Owner\Downloads\DoomWarriorWin.exe
2014-06-15 22:22 - 2014-06-15 22:22 - 00000000 ____D () C:\Users\Owner\Downloads\Game of Thrones S04E10 HDTV x264-KILLERS[ettv]
2014-06-14 14:07 - 2014-06-14 14:07 - 00000000 ____D () C:\Users\Family\AppData\Roaming\AVAST Software
2014-06-14 03:03 - 2014-06-14 03:03 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-06-13 20:15 - 2014-06-13 20:15 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\com.blinkworks.IGTM
2014-06-13 19:56 - 2014-06-13 19:56 - 00000222 _____ () C:\Users\Owner\Desktop\Indie Game The Movie.url
2014-06-13 19:15 - 2014-06-13 19:25 - 00000000 ____D () C:\Windows\system32\MRT
2014-06-13 19:11 - 2013-05-09 22:56 - 14631424 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2014-06-13 19:11 - 2013-05-09 22:56 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2014-06-13 19:11 - 2013-05-09 21:56 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2014-06-13 19:11 - 2013-05-09 21:56 - 11410432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2014-06-13 18:57 - 2013-10-14 18:00 - 00028368 _____ (Microsoft Corporation) C:\Windows\system32\IEUDINIT.EXE
2014-06-13 18:54 - 2014-06-13 18:54 - 23414784 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-06-13 18:54 - 2014-06-13 18:54 - 17271296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-06-13 18:54 - 2014-06-13 18:54 - 13522944 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-06-13 18:54 - 2014-06-13 18:54 - 11725312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-06-13 18:54 - 2014-06-13 18:54 - 05782528 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-06-13 18:54 - 2014-06-13 18:54 - 04244992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-06-13 18:54 - 2014-06-13 18:54 - 02768384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-06-13 18:54 - 2014-06-13 18:54 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-06-13 18:54 - 2014-06-13 18:54 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-06-13 18:54 - 2014-06-13 18:54 - 02266112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-06-13 18:54 - 2014-06-13 18:54 - 02179072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-06-13 18:54 - 2014-06-13 18:54 - 02040832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-06-13 18:54 - 2014-06-13 18:54 - 01964544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-06-13 18:54 - 2014-06-13 18:54 - 01790976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-06-13 18:54 - 2014-06-13 18:54 - 01398272 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-06-13 18:54 - 2014-06-13 18:54 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-06-13 18:54 - 2014-06-13 18:54 - 01143296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-06-13 18:54 - 2014-06-13 18:54 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-06-13 18:54 - 2014-06-13 18:54 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2014-06-13 18:54 - 2014-06-13 18:54 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-06-13 18:54 - 2014-06-13 18:54 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-06-13 18:54 - 2014-06-13 18:54 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-06-13 18:54 - 2014-06-13 18:54 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-06-13 18:54 - 2014-06-13 18:54 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-06-13 18:54 - 2014-06-13 18:54 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll
2014-06-13 18:54 - 2014-06-13 18:54 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-06-13 18:54 - 2014-06-13 18:54 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2014-06-13 18:54 - 2014-06-13 18:54 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2014-06-13 18:54 - 2014-06-13 18:54 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-06-13 18:54 - 2014-06-13 18:54 - 00608768 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-06-13 18:54 - 2014-06-13 18:54 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-06-13 18:54 - 2014-06-13 18:54 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-06-13 18:54 - 2014-06-13 18:54 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-06-13 18:54 - 2014-06-13 18:54 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-06-13 18:54 - 2014-06-13 18:54 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-06-13 18:54 - 2014-06-13 18:54 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-06-13 18:54 - 2014-06-13 18:54 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-06-13 18:54 - 2014-06-13 18:54 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2014-06-13 18:54 - 2014-06-13 18:54 - 00368128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-06-13 18:54 - 2014-06-13 18:54 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2014-06-13 18:54 - 2014-06-13 18:54 - 00295424 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-06-13 18:54 - 2014-06-13 18:54 - 00266456 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-06-13 18:54 - 2014-06-13 18:54 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2014-06-13 18:54 - 2014-06-13 18:54 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2014-06-13 18:54 - 2014-06-13 18:54 - 00242688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-06-13 18:54 - 2014-06-13 18:54 - 00240856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-06-13 18:54 - 2014-06-13 18:54 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-06-13 18:54 - 2014-06-13 18:54 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2014-06-13 18:54 - 2014-06-13 18:54 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2014-06-13 18:54 - 2014-06-13 18:54 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2014-06-13 18:54 - 2014-06-13 18:54 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-06-13 18:54 - 2014-06-13 18:54 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2014-06-13 18:54 - 2014-06-13 18:54 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2014-06-13 18:54 - 2014-06-13 18:54 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2014-06-13 18:54 - 2014-06-13 18:54 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-06-13 18:54 - 2014-06-13 18:54 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2014-06-13 18:54 - 2014-06-13 18:54 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2014-06-13 18:54 - 2014-06-13 18:54 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2014-06-13 18:54 - 2014-06-13 18:54 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2014-06-13 18:54 - 2014-06-13 18:54 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-06-13 18:54 - 2014-06-13 18:54 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2014-06-13 18:54 - 2014-06-13 18:54 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2014-06-13 18:54 - 2014-06-13 18:54 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2014-06-13 18:54 - 2014-06-13 18:54 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2014-06-13 18:54 - 2014-06-13 18:54 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-06-13 18:54 - 2014-06-13 18:54 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2014-06-13 18:54 - 2014-06-13 18:54 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-06-13 18:54 - 2014-06-13 18:54 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2014-06-13 18:54 - 2014-06-13 18:54 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2014-06-13 18:54 - 2014-06-13 18:54 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2014-06-13 18:54 - 2014-06-13 18:54 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2014-06-13 18:54 - 2014-06-13 18:54 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2014-06-13 18:54 - 2014-06-13 18:54 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-06-13 18:54 - 2014-06-13 18:54 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-06-13 18:54 - 2014-06-13 18:54 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2014-06-13 18:54 - 2014-06-13 18:54 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2014-06-13 18:54 - 2014-06-13 18:54 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2014-06-13 18:54 - 2014-06-13 18:54 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2014-06-13 18:54 - 2014-06-13 18:54 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2014-06-13 18:54 - 2014-06-13 18:54 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-06-13 18:54 - 2014-06-13 18:54 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2014-06-13 18:54 - 2014-06-13 18:54 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-06-13 18:54 - 2014-06-13 18:54 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2014-06-13 18:54 - 2014-06-13 18:54 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2014-06-13 18:54 - 2014-06-13 18:54 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-06-13 18:54 - 2014-06-13 18:54 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-06-13 18:54 - 2014-06-13 18:54 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2014-06-13 18:54 - 2014-06-13 18:54 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2014-06-13 18:54 - 2014-06-13 18:54 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-06-13 18:54 - 2014-06-13 18:54 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-06-13 18:54 - 2014-06-13 18:54 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2014-06-13 18:54 - 2014-06-13 18:54 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2014-06-13 18:54 - 2014-06-13 18:54 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-06-13 18:54 - 2014-06-13 18:54 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2014-06-13 18:54 - 2014-06-13 18:54 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2014-06-13 18:54 - 2014-06-13 18:54 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-06-13 18:54 - 2014-06-13 18:54 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-06-13 18:54 - 2014-06-13 18:54 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2014-06-13 18:54 - 2014-06-13 18:54 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-06-13 18:54 - 2014-06-13 18:54 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-06-13 18:54 - 2014-06-13 18:54 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-06-13 18:54 - 2014-06-13 18:54 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2014-06-13 18:54 - 2014-06-13 18:54 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2014-06-13 18:54 - 2014-06-13 18:54 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2014-06-13 18:54 - 2014-06-13 18:54 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2014-06-13 18:54 - 2014-06-13 18:54 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2014-06-13 18:54 - 2014-06-13 18:54 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2014-06-13 18:54 - 2014-06-13 18:54 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-06-13 18:53 - 2014-06-13 18:57 - 00009784 _____ () C:\Windows\IE11_main.log
2014-06-13 18:48 - 2013-10-01 19:22 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\TsUsbFlt.sys
2014-06-13 18:48 - 2013-10-01 19:11 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyControl.exe
2014-06-13 18:48 - 2013-10-01 19:08 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2014-06-13 18:48 - 2013-10-01 18:48 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\MsRdpWebAccess.dll
2014-06-13 18:48 - 2013-10-01 18:48 - 00018944 _____ (Microsoft Corporation) C:\Windows\system32\wksprtPS.dll
2014-06-13 18:48 - 2013-10-01 18:29 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2014-06-13 18:48 - 2013-10-01 18:10 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbGDCoInstaller.dll
2014-06-13 18:48 - 2013-10-01 17:15 - 01057280 _____ (Microsoft Corporation) C:\Windows\system32\rdvidcrl.dll
2014-06-13 18:48 - 2013-10-01 17:14 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MsRdpWebAccess.dll
2014-06-13 18:48 - 2013-10-01 17:14 - 00017920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wksprtPS.dll
2014-06-13 18:48 - 2013-10-01 17:08 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2014-06-13 18:48 - 2013-10-01 17:01 - 00420864 _____ (Microsoft Corporation) C:\Windows\system32\wksprt.exe
2014-06-13 18:48 - 2013-10-01 16:58 - 00053248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2014-06-13 18:48 - 2013-10-01 16:31 - 01147392 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
2014-06-13 18:48 - 2013-10-01 16:08 - 00855552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdvidcrl.dll
2014-06-13 18:48 - 2013-10-01 15:34 - 01068544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe
2014-06-13 18:31 - 2012-08-23 07:13 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2014-06-13 18:31 - 2012-08-23 07:10 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpvideominiport.sys
2014-06-13 18:31 - 2012-08-23 07:08 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\TsUsbGD.sys
2014-06-13 18:31 - 2012-08-23 04:12 - 00192000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpendp_winip.dll
2014-06-13 18:31 - 2012-08-23 03:51 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\rdpendp_winip.dll
2014-06-13 18:13 - 2013-01-13 14:17 - 00009728 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2014-06-13 18:13 - 2013-01-13 14:17 - 00002560 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll
2014-06-13 18:13 - 2013-01-13 14:16 - 00010752 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll
2014-06-13 18:13 - 2013-01-13 14:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll
2014-06-13 18:13 - 2013-01-13 14:11 - 00005632 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2014-06-13 18:13 - 2013-01-13 14:11 - 00005632 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll
2014-06-13 18:13 - 2013-01-13 14:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-user32-l1-1-0.dll
2014-06-13 18:13 - 2013-01-13 14:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-version-l1-1-0.dll
2014-06-13 18:13 - 2013-01-13 14:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll
2014-06-13 18:13 - 2013-01-13 13:35 - 00010752 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2014-06-13 18:13 - 2013-01-13 13:35 - 00009728 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2014-06-13 18:13 - 2013-01-13 13:35 - 00002560 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2014-06-13 18:13 - 2013-01-13 13:32 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2014-06-13 18:13 - 2013-01-13 13:31 - 01247744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2014-06-13 18:13 - 2013-01-13 13:31 - 00005632 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2014-06-13 18:13 - 2013-01-13 13:31 - 00005632 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2014-06-13 18:13 - 2013-01-13 13:31 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2014-06-13 18:13 - 2013-01-13 13:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2014-06-13 18:13 - 2013-01-13 13:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2014-06-13 18:13 - 2013-01-13 13:20 - 00293376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxgi.dll
2014-06-13 18:13 - 2013-01-13 13:09 - 00249856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1core.dll
2014-06-13 18:13 - 2013-01-13 13:08 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10core.dll
2014-06-13 18:13 - 2013-01-13 12:59 - 01643520 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2014-06-13 18:13 - 2013-01-13 12:58 - 01175552 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2014-06-13 18:13 - 2013-01-13 12:54 - 00604160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10level9.dll
2014-06-13 18:13 - 2013-01-13 12:53 - 00207872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecsExt.dll
2014-06-13 18:13 - 2013-01-13 12:53 - 00187392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIAnimation.dll
2014-06-13 18:13 - 2013-01-13 12:49 - 00363008 _____ (Microsoft Corporation) C:\Windows\system32\dxgi.dll
2014-06-13 18:13 - 2013-01-13 12:48 - 00161792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1.dll
2014-06-13 18:13 - 2013-01-13 12:46 - 01080832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10.dll
2014-06-13 18:13 - 2013-01-13 12:38 - 00333312 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1core.dll
2014-06-13 18:13 - 2013-01-13 12:38 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\d3d10core.dll
2014-06-13 18:13 - 2013-01-13 12:25 - 00245248 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecsExt.dll
2014-06-13 18:13 - 2013-01-13 12:24 - 00648192 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll
2014-06-13 18:13 - 2013-01-13 12:24 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\UIAnimation.dll
2014-06-13 18:13 - 2013-01-13 12:20 - 01238528 _____ (Microsoft Corporation) C:\Windows\system32\d3d10.dll
2014-06-13 18:13 - 2013-01-13 12:20 - 00194560 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1.dll
2014-06-13 18:13 - 2013-01-13 11:34 - 00364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsGdiConverter.dll
2014-06-13 18:13 - 2013-01-13 11:09 - 00522752 _____ (Microsoft Corporation) C:\Windows\system32\XpsGdiConverter.dll
2014-06-13 18:13 - 2013-01-13 10:26 - 01158144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsPrint.dll
2014-06-13 18:13 - 2013-01-13 10:05 - 01682432 _____ (Microsoft Corporation) C:\Windows\system32\XpsPrint.dll
2014-06-13 18:13 - 2013-01-03 23:11 - 02776576 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2014-06-13 18:13 - 2013-01-03 23:11 - 02284544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2014-06-13 17:58 - 2013-09-07 19:27 - 00327168 _____ (Microsoft Corporation) C:\Windows\system32\mswsock.dll
2014-06-13 17:58 - 2013-09-07 19:03 - 00231424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mswsock.dll
2014-06-13 17:58 - 2013-08-28 19:16 - 01732032 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2014-06-13 17:58 - 2013-08-28 19:16 - 00859648 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2014-06-13 17:58 - 2013-08-28 19:13 - 00878080 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2014-06-13 17:58 - 2013-08-28 18:50 - 01292192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2014-06-13 17:58 - 2013-08-28 18:50 - 00619520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll
2014-06-13 17:58 - 2013-08-28 18:48 - 00640512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2014-06-13 17:58 - 2013-07-08 22:52 - 00224256 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2014-06-13 17:58 - 2013-07-08 21:52 - 00175104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2014-06-13 17:58 - 2013-05-09 22:49 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\cryptdlg.dll
2014-06-13 17:58 - 2013-05-09 20:20 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptdlg.dll
2014-06-13 17:58 - 2013-02-26 23:02 - 00111448 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2014-06-13 17:58 - 2013-02-26 22:47 - 00070144 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2014-06-13 17:57 - 2014-04-11 19:22 - 00155072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2014-06-13 17:57 - 2014-04-11 19:22 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2014-06-13 17:57 - 2014-04-11 19:19 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-06-13 17:57 - 2014-04-11 19:19 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2014-06-13 17:57 - 2014-04-11 19:19 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2014-06-13 17:57 - 2014-04-11 19:19 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2014-06-13 17:57 - 2014-04-11 19:19 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2014-06-13 17:57 - 2014-04-11 19:12 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-06-13 17:57 - 2014-04-11 19:10 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-06-13 17:57 - 2014-03-04 02:47 - 05550016 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-06-13 17:57 - 2014-03-04 02:44 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2014-06-13 17:57 - 2014-03-04 02:44 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-06-13 17:57 - 2014-03-04 02:44 - 00722944 _____ (Microsoft Corporation) C:\Windows\system32\objsel.dll
2014-06-13 17:57 - 2014-03-04 02:44 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2014-06-13 17:57 - 2014-03-04 02:44 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2014-06-13 17:57 - 2014-03-04 02:44 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-06-13 17:57 - 2014-03-04 02:44 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-06-13 17:57 - 2014-03-04 02:44 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2014-06-13 17:57 - 2014-03-04 02:44 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-06-13 17:57 - 2014-03-04 02:44 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-06-13 17:57 - 2014-03-04 02:44 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\wincredprovider.dll
2014-06-13 17:57 - 2014-03-04 02:44 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2014-06-13 17:57 - 2014-03-04 02:44 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2014-06-13 17:57 - 2014-03-04 02:43 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2014-06-13 17:57 - 2014-03-04 02:43 - 00057344 _____ (Microsoft Corporation) C:\Windows\system32\cngprovider.dll
2014-06-13 17:57 - 2014-03-04 02:43 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\adprovider.dll
2014-06-13 17:57 - 2014-03-04 02:43 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\capiprovider.dll
2014-06-13 17:57 - 2014-03-04 02:43 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\dpapiprovider.dll
2014-06-13 17:57 - 2014-03-04 02:43 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\dimsroam.dll
2014-06-13 17:57 - 2014-03-04 02:43 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-06-13 17:57 - 2014-03-04 02:20 - 03969984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2014-06-13 17:57 - 2014-03-04 02:20 - 03914176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2014-06-13 17:57 - 2014-03-04 02:17 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-06-13 17:57 - 2014-03-04 02:17 - 00538112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\objsel.dll
2014-06-13 17:57 - 2014-03-04 02:17 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2014-06-13 17:57 - 2014-03-04 02:17 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-06-13 17:57 - 2014-03-04 02:17 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2014-06-13 17:57 - 2014-03-04 02:17 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-06-13 17:57 - 2014-03-04 02:17 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cngprovider.dll
2014-06-13 17:57 - 2014-03-04 02:17 - 00049664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adprovider.dll
2014-06-13 17:57 - 2014-03-04 02:17 - 00048128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\capiprovider.dll
2014-06-13 17:57 - 2014-03-04 02:17 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpapiprovider.dll
2014-06-13 17:57 - 2014-03-04 02:17 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dimsroam.dll
2014-06-13 17:57 - 2014-03-04 02:17 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wincredprovider.dll
2014-06-13 17:57 - 2014-03-04 02:17 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-06-13 17:57 - 2014-03-04 02:17 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2014-06-13 17:57 - 2014-03-04 02:16 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2014-06-13 17:57 - 2014-03-04 02:16 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2014-06-13 17:57 - 2014-03-04 02:16 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2014-06-13 17:57 - 2014-03-04 02:16 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2014-06-13 17:57 - 2014-03-04 01:09 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2014-06-13 17:57 - 2014-03-04 01:09 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2014-06-13 17:57 - 2013-12-03 19:27 - 00488448 _____ (Microsoft Corporation) C:\Windows\system32\secproc.dll
2014-06-13 17:57 - 2013-12-03 19:27 - 00485888 _____ (Microsoft Corporation) C:\Windows\system32\secproc_isv.dll
2014-06-13 17:57 - 2013-12-03 19:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp_isv.dll
2014-06-13 17:57 - 2013-12-03 19:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp.dll
2014-06-13 17:57 - 2013-12-03 19:26 - 00528384 _____ (Microsoft Corporation) C:\Windows\system32\msdrm.dll
2014-06-13 17:57 - 2013-12-03 19:16 - 00658432 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_isv.exe
2014-06-13 17:57 - 2013-12-03 19:16 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate.exe
2014-06-13 17:57 - 2013-12-03 19:16 - 00553984 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp.exe
2014-06-13 17:57 - 2013-12-03 19:16 - 00552960 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp_isv.exe
2014-06-13 17:57 - 2013-12-03 19:03 - 00428032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc.dll
2014-06-13 17:57 - 2013-12-03 19:03 - 00423936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_isv.dll
2014-06-13 17:57 - 2013-12-03 19:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp_isv.dll
2014-06-13 17:57 - 2013-12-03 19:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp.dll
2014-06-13 17:57 - 2013-12-03 19:02 - 00390144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdrm.dll
2014-06-13 17:57 - 2013-12-03 18:54 - 00594944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_isv.exe
2014-06-13 17:57 - 2013-12-03 18:54 - 00572416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate.exe
2014-06-13 17:57 - 2013-12-03 18:54 - 00510976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp.exe
2014-06-13 17:57 - 2013-12-03 18:54 - 00508928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp_isv.exe
2014-06-13 17:57 - 2013-09-24 19:21 - 00307200 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2014-06-13 17:57 - 2013-09-24 18:56 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2014-06-13 17:57 - 2013-08-01 19:14 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2014-06-13 17:57 - 2013-08-01 19:12 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2014-06-13 17:57 - 2013-08-01 19:12 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2014-06-13 17:57 - 2013-08-01 19:12 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2014-06-13 17:57 - 2013-08-01 19:12 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2014-06-13 17:57 - 2013-08-01 19:12 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2014-06-13 17:57 - 2013-08-01 19:12 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2014-06-13 17:57 - 2013-08-01 19:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2014-06-13 17:57 - 2013-08-01 19:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2014-06-13 17:57 - 2013-08-01 19:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2014-06-13 17:57 - 2013-08-01 19:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2014-06-13 17:57 - 2013-08-01 19:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2014-06-13 17:57 - 2013-08-01 19:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2014-06-13 17:57 - 2013-08-01 19:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2014-06-13 17:57 - 2013-08-01 19:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2014-06-13 17:57 - 2013-08-01 19:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2014-06-13 17:57 - 2013-08-01 19:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2014-06-13 17:57 - 2013-08-01 19:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2014-06-13 17:57 - 2013-08-01 19:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2014-06-13 17:57 - 2013-08-01 19:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2014-06-13 17:57 - 2013-08-01 19:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2014-06-13 17:57 - 2013-08-01 19:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2014-06-13 17:57 - 2013-08-01 19:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2014-06-13 17:57 - 2013-08-01 19:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2014-06-13 17:57 - 2013-08-01 19:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2014-06-13 17:57 - 2013-08-01 19:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2014-06-13 17:57 - 2013-08-01 19:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2014-06-13 17:57 - 2013-08-01 19:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2014-06-13 17:57 - 2013-08-01 19:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2014-06-13 17:57 - 2013-08-01 19:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2014-06-13 17:57 - 2013-08-01 19:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2014-06-13 17:57 - 2013-08-01 18:48 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2014-06-13 17:57 - 2013-08-01 18:48 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2014-06-13 17:57 - 2013-08-01 18:48 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2014-06-13 17:57 - 2013-08-01 18:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2014-06-13 17:57 - 2013-08-01 18:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2014-06-13 17:57 - 2013-08-01 18:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2014-06-13 17:57 - 2013-08-01 18:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2014-06-13 17:57 - 2013-08-01 18:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2014-06-13 17:57 - 2013-08-01 18:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2014-06-13 17:57 - 2013-08-01 18:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2014-06-13 17:57 - 2013-08-01 18:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2014-06-13 17:57 - 2013-08-01 18:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2014-06-13 17:57 - 2013-08-01 18:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2014-06-13 17:57 - 2013-08-01 18:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2014-06-13 17:57 - 2013-08-01 18:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2014-06-13 17:57 - 2013-08-01 18:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2014-06-13 17:57 - 2013-08-01 18:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2014-06-13 17:57 - 2013-08-01 18:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2014-06-13 17:57 - 2013-08-01 18:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2014-06-13 17:57 - 2013-08-01 18:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2014-06-13 17:57 - 2013-08-01 18:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2014-06-13 17:57 - 2013-08-01 18:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2014-06-13 17:57 - 2013-08-01 18:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2014-06-13 17:57 - 2013-08-01 18:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2014-06-13 17:57 - 2013-08-01 18:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2014-06-13 17:57 - 2013-08-01 18:09 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2014-06-13 17:57 - 2013-08-01 17:59 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2014-06-13 17:57 - 2013-08-01 17:43 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2014-06-13 17:57 - 2013-08-01 17:43 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2014-06-13 17:57 - 2013-08-01 17:43 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2014-06-13 17:57 - 2013-08-01 17:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2014-06-13 17:57 - 2013-07-04 05:18 - 00458712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2014-06-13 17:56 - 2014-06-08 02:13 - 00506368 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-06-13 17:56 - 2014-06-08 02:08 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-06-13 17:56 - 2014-04-04 19:47 - 01903552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2014-06-13 17:56 - 2014-04-04 19:47 - 00288192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2014-06-13 17:56 - 2014-03-24 19:43 - 14175744 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-06-13 17:56 - 2014-03-24 19:09 - 12874240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-06-13 17:56 - 2013-11-26 04:40 - 00376768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2014-06-13 17:56 - 2013-06-14 21:32 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2014-06-13 17:55 - 2013-10-03 19:28 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\SmartcardCredentialProvider.dll
2014-06-13 17:55 - 2013-10-03 19:25 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\credui.dll
2014-06-13 17:55 - 2013-10-03 19:24 - 01930752 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2014-06-13 17:55 - 2013-10-03 18:58 - 00152576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SmartcardCredentialProvider.dll
2014-06-13 17:55 - 2013-10-03 18:56 - 01796096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2014-06-13 17:55 - 2013-10-03 18:56 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credui.dll
2014-06-13 17:55 - 2013-07-25 19:24 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\shdocvw.dll
2014-06-13 17:55 - 2013-07-25 18:55 - 00180224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shdocvw.dll
2014-06-13 17:54 - 2014-01-23 19:37 - 01684928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2014-06-13 17:54 - 2013-11-11 19:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-06-13 17:54 - 2013-11-11 19:07 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-06-13 17:54 - 2013-10-11 19:32 - 00150016 _____ (Microsoft Corporation) C:\Windows\system32\wshom.ocx
2014-06-13 17:54 - 2013-10-11 19:31 - 00202752 _____ (Microsoft Corporation) C:\Windows\system32\scrrun.dll
2014-06-13 17:54 - 2013-10-11 19:04 - 00121856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshom.ocx
2014-06-13 17:54 - 2013-10-11 19:03 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scrrun.dll
2014-06-13 17:54 - 2013-10-11 18:33 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\wscript.exe
2014-06-13 17:54 - 2013-10-11 18:33 - 00156160 _____ (Microsoft Corporation) C:\Windows\system32\cscript.exe
2014-06-13 17:54 - 2013-10-11 18:15 - 00141824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wscript.exe
2014-06-13 17:54 - 2013-10-11 18:15 - 00126976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cscript.exe
2014-06-13 17:54 - 2013-10-05 13:25 - 01474048 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2014-06-13 17:54 - 2013-10-05 12:57 - 01168384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2014-06-13 17:54 - 2013-07-08 22:46 - 00184320 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2014-06-13 17:54 - 2013-07-08 22:46 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2014-06-13 17:54 - 2013-07-08 21:46 - 00140288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2014-06-13 17:54 - 2013-07-08 21:46 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2014-06-13 17:54 - 2013-06-05 22:50 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2014-06-13 17:54 - 2013-06-05 22:49 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2014-06-13 17:54 - 2013-06-05 22:49 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2014-06-13 17:54 - 2013-06-05 22:47 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2014-06-13 17:54 - 2013-06-05 21:57 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2014-06-13 17:54 - 2013-06-05 21:51 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2014-06-13 17:54 - 2013-06-05 21:50 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2014-06-13 17:54 - 2013-06-05 20:30 - 00368128 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2014-06-13 17:54 - 2013-06-05 20:01 - 00295424 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2014-06-13 17:54 - 2013-06-05 20:01 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2014-06-13 17:54 - 2013-04-25 16:30 - 01505280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d11.dll
2014-06-13 17:54 - 2013-03-31 15:52 - 01887232 _____ (Microsoft Corporation) C:\Windows\system32\d3d11.dll
2014-06-13 17:53 - 2013-05-12 22:50 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\certenc.dll
2014-06-13 17:53 - 2013-05-12 20:43 - 01192448 _____ (Microsoft Corporation) C:\Windows\system32\certutil.exe
2014-06-13 17:53 - 2013-05-12 20:08 - 00903168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certutil.exe
2014-06-13 17:53 - 2013-05-12 20:08 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certenc.dll
2014-06-13 17:52 - 2014-02-03 19:35 - 00274880 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys
2014-06-13 17:52 - 2014-02-03 19:35 - 00190912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
2014-06-13 17:52 - 2014-02-03 19:35 - 00027584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Diskdump.sys
2014-06-13 17:52 - 2014-02-03 19:28 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\iologmsg.dll
2014-06-13 17:52 - 2014-02-03 19:00 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iologmsg.dll
2014-06-13 17:52 - 2013-12-31 16:05 - 00420008 _____ () C:\Windows\SysWOW64\locale.nls
2014-06-13 17:52 - 2013-12-31 16:04 - 00420008 _____ () C:\Windows\system32\locale.nls
2014-06-13 17:52 - 2013-10-02 19:23 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-06-13 17:52 - 2013-10-02 19:00 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-06-13 17:52 - 2013-09-27 18:09 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2014-06-13 17:52 - 2013-09-24 19:23 - 01030144 _____ (Microsoft Corporation) C:\Windows\system32\TSWorkspace.dll
2014-06-13 17:52 - 2013-09-24 18:57 - 00792576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSWorkspace.dll
2014-06-13 17:52 - 2013-07-20 03:33 - 00124112 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2014-06-13 17:52 - 2013-07-20 03:33 - 00102608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2014-06-13 17:52 - 2013-07-04 05:57 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2014-06-13 17:52 - 2013-07-04 05:50 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
2014-06-13 17:52 - 2013-07-04 05:50 - 00102400 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll
2014-06-13 17:52 - 2013-07-04 04:57 - 00205824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll
2014-06-13 17:52 - 2013-07-04 04:51 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll
2014-06-13 17:52 - 2013-07-04 04:50 - 00530432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.dll
2014-06-13 17:52 - 2013-07-04 03:11 - 00140800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2014-06-13 17:52 - 2013-06-25 15:55 - 00785624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Wdf01000.sys
2014-06-13 17:51 - 2014-04-24 19:34 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2014-06-13 17:51 - 2014-04-24 19:06 - 00626688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
2014-06-13 17:51 - 2014-02-06 18:23 - 03156480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-06-13 17:51 - 2014-01-28 19:32 - 00484864 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2014-06-13 17:51 - 2014-01-28 19:06 - 00381440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
2014-06-13 17:51 - 2013-11-26 18:41 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2014-06-13 17:51 - 2013-11-26 18:41 - 00325120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2014-06-13 17:51 - 2013-11-26 18:41 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2014-06-13 17:51 - 2013-11-26 18:41 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2014-06-13 17:51 - 2013-11-26 18:41 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2014-06-13 17:51 - 2013-11-26 18:41 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
2014-06-13 17:51 - 2013-11-26 18:41 - 00007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2014-06-13 17:51 - 2013-10-29 19:32 - 00335360 _____ (Microsoft Corporation) C:\Windows\system32\msieftp.dll
2014-06-13 17:51 - 2013-10-29 19:19 - 00301568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msieftp.dll
2014-06-13 17:51 - 2013-10-18 19:18 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\imagehlp.dll
2014-06-13 17:51 - 2013-10-18 18:36 - 00159232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imagehlp.dll
2014-06-13 17:51 - 2013-08-04 19:25 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ataport.sys
2014-06-13 17:51 - 2013-07-25 02:25 - 01888768 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2014-06-13 17:51 - 2013-07-25 01:57 - 01620992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2014-06-13 17:51 - 2013-07-08 22:51 - 01217024 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2014-06-13 17:51 - 2013-07-08 21:52 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2014-06-13 17:51 - 2013-02-11 21:12 - 00019968 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usb8023.sys
2014-06-13 17:51 - 2013-01-23 23:01 - 00223752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fvevol.sys
2014-06-13 17:50 - 2014-03-26 07:44 - 02002432 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2014-06-13 17:50 - 2014-03-26 07:44 - 01882112 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-06-13 17:50 - 2014-03-26 07:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2014-06-13 17:50 - 2014-03-26 07:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-06-13 17:50 - 2014-03-26 07:27 - 01389056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2014-06-13 17:50 - 2014-03-26 07:27 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-06-13 17:50 - 2014-03-26 07:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll
2014-06-13 17:50 - 2014-03-26 07:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2014-06-13 17:50 - 2014-02-03 19:32 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-06-13 17:50 - 2014-02-03 19:04 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2014-06-13 17:50 - 2014-01-27 19:32 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll
2014-06-13 17:50 - 2013-10-11 19:30 - 00830464 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll
2014-06-13 17:50 - 2013-10-11 19:29 - 00859648 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2014-06-13 17:50 - 2013-10-11 19:29 - 00324096 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL
2014-06-13 17:50 - 2013-10-11 19:03 - 00656896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll
2014-06-13 17:50 - 2013-10-11 19:01 - 00216576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FWPUCLNT.DLL
2014-06-13 17:50 - 2013-10-03 19:16 - 00116736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys
2014-06-13 17:50 - 2013-10-03 18:36 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys
2014-06-13 17:50 - 2013-08-01 05:09 - 00983488 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2014-06-13 17:50 - 2013-07-12 03:41 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbcir.sys
2014-06-13 17:50 - 2013-07-02 21:40 - 00042496 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbscan.sys
2014-06-13 17:50 - 2013-07-02 21:05 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys
2014-06-13 17:50 - 2013-07-02 21:05 - 00032896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidparse.sys
2014-06-13 17:50 - 2013-04-25 22:51 - 00751104 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2014-06-13 17:50 - 2013-04-25 21:55 - 00492544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32spl.dll
2014-06-13 17:50 - 2013-04-09 23:01 - 00265064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
2014-06-13 17:50 - 2013-03-18 22:53 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\wwanprotdim.dll
2014-06-13 17:50 - 2011-02-03 04:25 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll
2014-06-13 17:41 - 2013-08-27 18:12 - 00461312 _____ (Microsoft Corporation) C:\Windows\system32\scavengeui.dll
2014-06-13 16:58 - 2014-07-05 22:53 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-06-13 16:58 - 2014-07-04 09:21 - 00427360 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2014-06-13 16:58 - 2014-06-29 21:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast
2014-06-13 16:58 - 2014-06-29 21:21 - 01041168 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys
2014-06-13 16:58 - 2014-06-29 21:21 - 00307344 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-06-13 16:58 - 2014-06-29 21:21 - 00224896 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2014-06-13 16:58 - 2014-06-29 21:21 - 00093568 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2014-06-13 16:58 - 2014-06-29 21:21 - 00092008 _____ (AVAST Software) C:\Windows\system32\Drivers\aswstm.sys
2014-06-13 16:58 - 2014-06-29 21:21 - 00079184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-06-13 16:58 - 2014-06-29 21:21 - 00065776 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2014-06-13 16:58 - 2014-06-29 21:21 - 00029208 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2014-06-13 16:58 - 2014-06-13 16:58 - 01039096 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys.1402703924607
2014-06-13 16:58 - 2014-06-13 16:58 - 00423240 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys.1402703924607
2014-06-13 16:58 - 2014-06-13 16:58 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\AVAST Software
2014-06-13 16:57 - 2014-06-13 16:57 - 00000000 ____D () C:\Program Files\AVAST Software
2014-06-13 16:54 - 2014-06-13 16:54 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-06-13 16:53 - 2014-06-13 16:53 - 94714880 _____ (AVAST Software) C:\Users\Owner\Downloads\avast_free_antivirus_setup.exe
2014-06-12 10:54 - 2014-06-12 10:54 - 00000776 _____ () C:\Users\Public\Desktop\World of Tanks.lnk
2014-06-12 10:54 - 2014-06-12 10:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\World of Tanks
2014-06-12 10:49 - 2014-06-12 10:49 - 09237816 _____ (Wargaming.net ) C:\Users\Owner\Downloads\WoT_internet_install_na.exe
2014-06-09 23:27 - 2014-06-09 23:27 - 00000220 _____ () C:\Users\Owner\Desktop\Star Trek Online.url
2014-06-08 22:19 - 2014-06-08 22:19 - 00000000 ____D () C:\Users\Owner\Downloads\Game of Thrones S04E09 HDTV x264-KILLERS[ettv]
2014-06-08 17:38 - 2014-06-08 17:38 - 00001252 _____ () C:\Users\Owner\Desktop\TF2Idle v1.6.0 - Shortcut.lnk
2014-06-08 14:22 - 2014-06-08 14:22 - 00001093 _____ () C:\Users\Owner\Desktop\StarCitizen.lnk
2014-06-08 14:22 - 2014-06-08 14:22 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\StarCitizen
2014-06-08 12:29 - 2014-06-08 12:29 - 32802904 _____ () C:\Users\Owner\Downloads\StarCitizenInstaller.exe
2014-06-08 02:21 - 2014-06-08 02:21 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\MKKE
2014-06-08 02:17 - 2014-06-08 02:18 - 00000000 ____D () C:\Program Files (x86)\Mortal Kombat Complete Edition
2014-06-08 02:17 - 2014-06-08 02:17 - 00002018 _____ () C:\Users\Public\Desktop\Mortal Kombat Complete Edition.lnk
2014-06-08 02:17 - 2014-06-08 02:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mortal Kombat Complete Edition
2014-06-08 01:49 - 2014-06-08 01:49 - 00000848 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Total War ROME II.lnk
2014-06-08 01:49 - 2014-06-08 01:49 - 00000836 _____ () C:\Users\Public\Desktop\Total War ROME II.lnk
2014-06-08 01:31 - 2014-06-08 02:02 - 00000000 ____D () C:\Program Files (x86)\Total War ROME II
2014-06-08 00:19 - 2014-06-08 00:19 - 00000000 ____D () C:\Users\Owner\Downloads\soundtrack
2014-06-08 00:19 - 2014-06-08 00:19 - 00000000 ____D () C:\Users\Owner\Downloads\DesktopDungeons_Data
2014-06-08 00:19 - 2014-06-08 00:19 - 00000000 ____D () C:\Users\Owner\Downloads\3DMGAME
2014-06-08 00:19 - 2013-11-26 00:15 - 09153024 _____ () C:\Users\Owner\Downloads\DesktopDungeons.exe
2014-06-08 00:19 - 2013-11-26 00:15 - 00331776 _____ (Ludosity AB) C:\Users\Owner\Downloads\SteamworksManaged.dll
2014-06-08 00:19 - 2013-11-26 00:10 - 00001504 _____ () C:\Users\Owner\Downloads\3DMGAME.ini
2014-06-08 00:19 - 2013-10-14 02:27 - 00246784 _____ () C:\Users\Owner\Downloads\steam_api.dll
2014-06-07 23:57 - 2014-06-08 00:07 - 510772932 ____R () C:\Users\Owner\Downloads\3DMGAME-Desktop.Dungeons.Special.Edition.Build.2013.11.26.Cracked-3DM.7z
2014-06-07 23:44 - 2014-06-08 00:06 - 3991830528 _____ () C:\Users\Owner\Downloads\Mortal_Kombat_Complete_Edition_RePack_ENG.iso

==================== One Month Modified Files and Folders =======

2014-07-06 03:13 - 2014-07-06 03:12 - 00029746 _____ () C:\Users\Owner\Desktop\FRST.txt
2014-07-06 03:12 - 2014-07-06 03:12 - 00000000 ____D () C:\FRST
2014-07-06 03:02 - 2012-12-07 18:53 - 00000896 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-07-06 02:50 - 2014-07-06 02:50 - 02084352 _____ (Farbar) C:\Users\Owner\Desktop\FRST64.exe
2014-07-06 02:19 - 2012-07-02 16:09 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-07-06 02:00 - 2012-06-17 13:08 - 00000000 ____D () C:\Users\Owner\AppData\Local\Adobe
2014-07-06 00:30 - 2009-07-13 21:45 - 00016976 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-07-06 00:30 - 2009-07-13 21:45 - 00016976 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-07-06 00:27 - 2009-07-13 22:13 - 00782470 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-07-06 00:26 - 2012-03-20 09:27 - 01876746 _____ () C:\Windows\WindowsUpdate.log
2014-07-06 00:23 - 2012-06-27 22:29 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\Dropbox
2014-07-06 00:22 - 2014-05-17 23:56 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\DropboxMaster
2014-07-06 00:22 - 2012-12-07 18:53 - 00000892 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-07-06 00:22 - 2012-06-27 22:31 - 00000000 ___RD () C:\Users\Owner\Dropbox
2014-07-06 00:21 - 2014-03-15 02:27 - 00268348 _____ () C:\Windows\PFRO.log
2014-07-06 00:21 - 2014-03-01 22:05 - 00026228 _____ () C:\Windows\setupact.log
2014-07-06 00:21 - 2012-06-17 13:30 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-07-06 00:21 - 2009-07-13 22:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-07-06 00:20 - 2014-04-25 16:59 - 00000797 _____ () C:\Users\Owner\Desktop\New Text Document (2).txt
2014-07-05 23:57 - 2009-07-13 20:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-07-05 23:51 - 2014-07-05 23:51 - 00031691 _____ () C:\ComboFix.txt
2014-07-05 23:51 - 2014-07-05 20:00 - 00000000 ____D () C:\Qoobox
2014-07-05 23:51 - 2013-09-03 05:02 - 00000000 ____D () C:\Users\Owner\AppData\Local\Apps\2.0
2014-07-05 23:51 - 2009-07-13 20:20 - 00000000 __RHD () C:\Users\Default
2014-07-05 23:47 - 2009-07-13 19:34 - 00000215 _____ () C:\Windows\system.ini
2014-07-05 23:17 - 2014-07-05 23:17 - 00991232 _____ () C:\Users\Owner\Desktop\MicrosoftFixit50267.msi
2014-07-05 23:10 - 2014-07-05 23:10 - 04745728 _____ (AVAST Software) C:\Users\Owner\Desktop\aswMBR.exe
2014-07-05 22:59 - 2014-07-05 22:59 - 01062136 _____ (Bleeping Computer, LLC) C:\Users\Owner\Desktop\rkill64.exe
2014-07-05 22:59 - 2014-07-05 22:44 - 00001420 _____ () C:\Users\Owner\Desktop\Rkill.txt
2014-07-05 22:53 - 2014-06-13 16:58 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-07-05 22:50 - 2012-09-14 19:58 - 00000000 ____D () C:\Windows\Minidump
2014-07-05 22:49 - 2013-12-06 22:01 - 00000000 ____D () C:\Users\Owner\stratumproxy
2014-07-05 22:44 - 2014-07-05 22:44 - 01942776 _____ (Bleeping Computer, LLC) C:\Users\Owner\Desktop\rkill.exe
2014-07-05 22:36 - 2014-07-05 22:36 - 00001069 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-07-05 22:36 - 2014-07-05 22:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-07-05 22:36 - 2014-07-05 22:36 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-07-05 22:36 - 2014-07-05 21:51 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-07-05 22:36 - 2014-07-05 21:51 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-07-05 22:35 - 2014-07-05 22:34 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Owner\Desktop\mbam-setup-2.0.2.1012.exe
2014-07-05 22:30 - 2014-07-05 21:51 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2014-07-05 22:29 - 2014-07-05 21:26 - 00001060 _____ () C:\Windows\DtcInstall.log
2014-07-05 22:25 - 2009-07-13 20:20 - 00000000 ____D () C:\Windows\Registration
2014-07-05 22:22 - 2009-07-13 20:20 - 00000000 ____D () C:\Windows\TAPI
2014-07-05 22:21 - 2014-07-05 21:51 - 00000000 ____D () C:\Users\Owner\Desktop\mbar
2014-07-05 22:21 - 2012-08-23 03:12 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\BitTorrent
2014-07-05 22:20 - 2013-12-06 22:01 - 00000000 ____D () C:\Users\Owner\cudaminer
2014-07-05 22:20 - 2013-02-25 23:24 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\Tunngle
2014-07-05 22:20 - 2013-02-06 22:29 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\CyberLink
2014-07-05 22:20 - 2013-01-30 04:33 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\PDAppFlex
2014-07-05 22:20 - 2012-12-01 17:18 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\AnvSoft
2014-07-05 22:20 - 2012-11-18 23:24 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\driveridentifier
2014-07-05 22:20 - 2012-11-16 19:33 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\Winamp
2014-07-05 22:20 - 2012-07-30 07:06 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\TS3Client
2014-07-05 22:20 - 2012-07-16 05:53 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\LoneSurvivor
2014-07-05 22:20 - 2012-07-07 18:26 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\UFOAI
2014-07-05 22:20 - 2012-06-17 13:08 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\Macromedia
2014-07-05 22:04 - 2014-07-05 22:04 - 00000000 ____D () C:\Users\Owner\Downloads\Assault Android Cactus
2014-07-05 21:50 - 2014-07-05 21:50 - 14349744 _____ (Malwarebytes Corp.) C:\Users\Owner\Desktop\mbar-1.07.0.1012.exe
2014-07-05 21:44 - 2014-07-05 21:44 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-07-05 21:44 - 2014-07-05 21:41 - 02347384 _____ (ESET) C:\Users\Owner\Desktop\esetsmartinstaller_enu.exe
2014-07-05 20:52 - 2014-07-05 20:52 - 04707328 _____ () C:\Users\Owner\Desktop\RogueKiller.exe
2014-07-05 20:52 - 2014-07-05 20:52 - 00000000 ____D () C:\ProgramData\RogueKiller
2014-07-05 20:23 - 2014-07-05 19:59 - 00000000 ____D () C:\Windows\erdnt
2014-07-05 20:21 - 2009-07-13 19:34 - 00000027 _____ () C:\Windows\system32\Drivers\etc\hosts.old
2014-07-05 20:20 - 2012-06-17 13:08 - 00000000 ____D () C:\Users\Owner
2014-07-05 20:05 - 2014-07-04 22:24 - 00000929 _____ () C:\Users\Owner\Desktop\mono - Shortcut.lnk
2014-07-05 19:52 - 2014-07-05 19:47 - 00000000 ____D () C:\AdwCleaner
2014-07-05 19:46 - 2014-07-05 19:46 - 05213907 ____R (Swearware) C:\Users\Owner\Desktop\ComboFix.exe
2014-07-05 19:46 - 2014-07-05 19:46 - 01346519 _____ () C:\Users\Owner\Desktop\AdwCleaner.exe
2014-07-05 19:38 - 2014-07-05 19:38 - 04181856 _____ (Kaspersky Lab ZAO) C:\Users\Owner\Desktop\tdsskiller.exe
2014-07-05 19:27 - 2012-06-17 19:52 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-07-05 18:49 - 2009-07-13 22:08 - 00032624 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-07-05 18:46 - 2014-02-27 19:19 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\Dogecoin
2014-07-05 18:43 - 2014-07-05 16:35 - 00000000 ____D () C:\Users\Owner\Downloads\Soldier.Of.Fortune.II.Double.Helix.Gold.Edition.PC.Game(djDEVASTATE™)
2014-07-05 18:28 - 2012-07-19 06:04 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-07-05 18:18 - 2014-07-05 18:18 - 00321220 ____S () C:\Windows\system32\dddzsnt.fjk
2014-07-05 18:18 - 2009-07-13 20:20 - 00000000 ____D () C:\Windows\system32\sysprep
2014-07-05 16:42 - 2014-07-01 09:29 - 00000000 ____D () C:\Users\Owner\Downloads\Distant.Worlds.Universe-SKIDROW
2014-07-04 22:17 - 2014-07-04 22:17 - 00000000 ____D () C:\Users\Owner\Downloads\mono
2014-07-04 22:09 - 2014-07-04 22:06 - 00000000 ____D () C:\Users\Owner\Downloads\ss2
2014-07-04 22:07 - 2012-06-18 12:33 - 00000000 ____D () C:\Users\Owner\AppData\Local\CrashDumps
2014-07-04 22:06 - 2014-07-04 22:06 - 00851613 _____ () C:\Users\Owner\Downloads\ss2.zip
2014-07-04 21:42 - 2012-06-17 18:06 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\Skype
2014-07-04 09:21 - 2014-06-13 16:58 - 00427360 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2014-07-04 05:15 - 2014-07-04 05:15 - 00073728 _____ () C:\Users\Owner\Documents\backup dogecoins yo.dat
2014-07-01 10:13 - 2014-07-01 10:13 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\Code Force Limited
2014-07-01 10:13 - 2012-06-18 15:35 - 00000000 ____D () C:\Users\Owner\Documents\My Games
2014-07-01 09:49 - 2014-07-01 09:49 - 00002225 _____ () C:\Users\Public\Desktop\Distant Worlds Universe.lnk
2014-07-01 09:49 - 2014-07-01 09:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Slitherine Ltd
2014-07-01 09:48 - 2014-07-01 09:48 - 00000000 ____D () C:\Program Files (x86)\Slitherine Ltd
2014-07-01 09:32 - 2014-07-01 09:30 - 18324715 _____ () C:\Users\Owner\Downloads\METACRITIC WINPATCH LULS HERRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRERERERERERER.rar
2014-07-01 05:56 - 2014-03-24 01:25 - 00000000 ____D () C:\Users\Owner\Zomboid
2014-06-30 23:49 - 2014-06-30 22:09 - 00000000 ____D () C:\Users\Owner\Documents\Xenonauts
2014-06-30 22:09 - 2014-06-30 22:09 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\PlayFirst
2014-06-30 22:09 - 2014-06-30 22:09 - 00000000 ____D () C:\ProgramData\PlayFirst
2014-06-30 22:08 - 2014-06-30 22:08 - 00001625 _____ () C:\Users\Public\Desktop\Xenonauts.lnk
2014-06-30 22:08 - 2013-11-29 02:27 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com
2014-06-30 22:08 - 2009-07-13 22:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-06-30 21:55 - 2014-04-15 23:55 - 00000000 ____D () C:\GOG Games
2014-06-30 21:29 - 2014-06-30 21:29 - 34888300 ____R (XGen Studios, Inc. ) C:\Users\Owner\Desktop\Stick RPG 2 Director's Cut V 1.0.exe
2014-06-30 20:54 - 2014-06-30 20:44 - 00000000 ____D () C:\Users\Owner\Downloads\Xenonauts - GoG
2014-06-29 21:22 - 2014-06-29 21:22 - 00001979 _____ () C:\Users\Public\Desktop\avast! Internet Security.lnk
2014-06-29 21:22 - 2014-06-13 16:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast
2014-06-29 21:21 - 2014-06-29 21:21 - 00448400 _____ (AVAST Software) C:\Windows\system32\Drivers\aswNdisFlt.sys
2014-06-29 21:21 - 2014-06-29 21:21 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-06-29 21:21 - 2014-06-29 21:21 - 00028184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2014-06-29 21:21 - 2014-06-13 16:58 - 01041168 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys
2014-06-29 21:21 - 2014-06-13 16:58 - 00307344 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-06-29 21:21 - 2014-06-13 16:58 - 00224896 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2014-06-29 21:21 - 2014-06-13 16:58 - 00093568 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2014-06-29 21:21 - 2014-06-13 16:58 - 00092008 _____ (AVAST Software) C:\Windows\system32\Drivers\aswstm.sys
2014-06-29 21:21 - 2014-06-13 16:58 - 00079184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-06-29 21:21 - 2014-06-13 16:58 - 00065776 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2014-06-29 21:21 - 2014-06-13 16:58 - 00029208 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2014-06-27 23:46 - 2014-06-27 02:15 - 00000000 ____D () C:\Users\Owner\Downloads\Shovel Knight v1.0a
2014-06-27 23:45 - 2014-06-27 23:45 - 00001164 _____ () C:\Users\Owner\Desktop\ShovelKnight.lnk
2014-06-27 19:38 - 2014-07-01 09:56 - 00000000 ____D () C:\Users\Owner\Downloads\Distant Worlds Universe
2014-06-27 19:24 - 2014-07-01 09:56 - 00000000 ____D () C:\Users\Owner\Downloads\races
2014-06-27 19:24 - 2014-07-01 09:56 - 00000000 ____D () C:\Users\Owner\Downloads\Policy
2014-06-27 19:24 - 2014-07-01 09:56 - 00000000 ____D () C:\Users\Owner\Downloads\Help
2014-06-27 19:24 - 2014-07-01 09:56 - 00000000 ____D () C:\Users\Owner\Downloads\AutoPlay
2014-06-27 19:04 - 2014-07-01 09:56 - 11760640 _____ (Code Force Limited) C:\Users\Owner\Downloads\DistantWorlds.exe
2014-06-27 19:04 - 2014-07-01 09:56 - 06727680 _____ (Matrix Publishing Ltd.) C:\Users\Owner\Downloads\autorun.exe
2014-06-27 19:04 - 2014-07-01 09:56 - 00454849 _____ () C:\Users\Owner\Downloads\GameText.txt
2014-06-27 19:04 - 2014-07-01 09:56 - 00325968 _____ () C:\Users\Owner\Downloads\lua5.1.dll
2014-06-27 19:04 - 2014-07-01 09:56 - 00276592 _____ () C:\Users\Owner\Downloads\TitleFont.xnb
2014-06-27 19:04 - 2014-07-01 09:56 - 00276592 _____ () C:\Users\Owner\Downloads\NormalFont.xnb
2014-06-27 19:04 - 2014-07-01 09:56 - 00081008 _____ () C:\Users\Owner\Downloads\SmallFont.xnb
2014-06-27 19:03 - 2014-07-01 09:56 - 00276592 _____ () C:\Users\Owner\Downloads\BoldFont.xnb
2014-06-27 19:03 - 2014-07-01 09:56 - 00081008 _____ () C:\Users\Owner\Downloads\TinyFont.xnb
2014-06-27 19:03 - 2014-07-01 09:56 - 00004326 _____ () C:\Users\Owner\Downloads\fighters.txt
2014-06-27 06:37 - 2014-06-27 06:37 - 00000222 _____ () C:\Users\Owner\Desktop\Terraria.url
2014-06-27 02:16 - 2014-06-27 02:16 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\Yacht Club Games
2014-06-27 02:13 - 2014-06-27 02:12 - 104853246 ____R () C:\Users\Owner\Downloads\Shovel Knight v1.0a.7z
2014-06-25 03:27 - 2014-05-15 04:18 - 00000000 ____D () C:\Users\Owner\Downloads\Tropico 4 - FLT
2014-06-20 20:55 - 2014-07-01 09:56 - 00057758 _____ () C:\Users\Owner\Downloads\research.txt
2014-06-20 20:55 - 2014-07-01 09:56 - 00022263 _____ () C:\Users\Owner\Downloads\components.txt
2014-06-20 20:55 - 2014-07-01 09:56 - 00014405 _____ () C:\Users\Owner\Downloads\facilities.txt
2014-06-20 08:13 - 2009-07-13 20:20 - 00000000 ____D () C:\Windows\rescache
2014-06-20 05:32 - 2013-06-20 04:43 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\vlc
2014-06-20 01:32 - 2012-09-04 14:04 - 00011880 _____ () C:\Windows\Sandboxie.ini
2014-06-19 22:49 - 2013-01-11 19:24 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-06-17 22:09 - 2014-06-17 22:09 - 00000000 ____D () C:\Users\Owner\AppData\Local\Smellyriver
2014-06-17 22:09 - 2014-06-17 22:08 - 00000000 ____D () C:\Users\Owner\Downloads\STI.1.3.3.40
2014-06-17 22:06 - 2014-06-17 22:04 - 15538041 _____ () C:\Users\Owner\Downloads\STI.1.3.3.40.zip
2014-06-17 19:57 - 2012-12-07 18:53 - 00003892 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-06-17 19:57 - 2012-12-07 18:53 - 00003640 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-06-16 19:07 - 2012-06-18 15:34 - 00774592 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-06-16 10:18 - 2014-06-16 10:18 - 00001017 _____ () C:\Users\Public\Desktop\Doom Warrior.lnk
2014-06-16 10:18 - 2014-06-16 10:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Doom Warrior
2014-06-16 10:18 - 2014-06-16 10:18 - 00000000 ____D () C:\Program Files (x86)\Doom Warrior
2014-06-16 10:15 - 2014-06-16 10:14 - 360364056 _____ (Creaky Corpse Ltd ) C:\Users\Owner\Downloads\DoomWarriorWin.exe
2014-06-15 22:22 - 2014-06-15 22:22 - 00000000 ____D () C:\Users\Owner\Downloads\Game of Thrones S04E10 HDTV x264-KILLERS[ettv]
2014-06-14 20:10 - 2012-07-02 16:09 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-06-14 20:10 - 2012-06-17 17:14 - 00699056 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-06-14 20:10 - 2011-10-27 03:51 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-06-14 20:08 - 2012-06-17 13:43 - 00000000 ____D () C:\Program Files\Webroot
2014-06-14 14:10 - 2012-06-18 14:39 - 00000632 __RSH () C:\Users\Owner\ntuser.pol
2014-06-14 14:10 - 2012-06-17 13:10 - 00001420 _____ () C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-06-14 14:07 - 2014-06-14 14:07 - 00000000 ____D () C:\Users\Family\AppData\Roaming\AVAST Software
2014-06-14 14:07 - 2012-06-26 04:42 - 00001420 _____ () C:\Users\Family\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-06-14 14:07 - 2012-06-26 04:42 - 00000906 __RSH () C:\Users\Family\ntuser.pol
2014-06-14 14:07 - 2012-06-26 04:42 - 00000000 ____D () C:\Users\Family
2014-06-14 13:38 - 2009-07-13 20:20 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2014-06-14 13:37 - 2007-07-11 18:49 - 00000000 ____D () C:\Windows\Panther
2014-06-14 13:35 - 2014-03-15 02:27 - 05038800 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-06-14 13:33 - 2012-12-14 01:04 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-06-14 13:33 - 2012-12-14 01:04 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-06-14 12:09 - 2014-07-01 09:56 - 00000008 _____ () C:\Users\Owner\Downloads\steam_appid.txt
2014-06-14 03:03 - 2014-06-14 03:03 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-06-14 03:03 - 2010-11-21 00:17 - 00000000 ____D () C:\Program Files\Windows Journal
2014-06-14 03:03 - 2009-07-13 22:32 - 00000000 ____D () C:\Program Files\Windows Defender
2014-06-14 03:03 - 2009-07-13 22:32 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
2014-06-14 03:03 - 2009-07-13 20:20 - 00000000 ____D () C:\Windows\SysWOW64\zh-HK
2014-06-14 03:03 - 2009-07-13 20:20 - 00000000 ____D () C:\Windows\SysWOW64\tr-TR
2014-06-14 03:03 - 2009-07-13 20:20 - 00000000 ____D () C:\Windows\system32\zh-HK
2014-06-14 03:03 - 2009-07-13 20:20 - 00000000 ____D () C:\Windows\system32\tr-TR
2014-06-14 03:03 - 2009-07-13 20:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-06-14 00:07 - 2013-11-27 23:05 - 00000000 ____D () C:\Users\Owner\Downloads\Hammerwatch
2014-06-13 20:15 - 2014-06-13 20:15 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\com.blinkworks.IGTM
2014-06-13 19:56 - 2014-06-13 19:56 - 00000222 _____ () C:\Users\Owner\Desktop\Indie Game The Movie.url
2014-06-13 19:25 - 2014-06-13 19:15 - 00000000 ____D () C:\Windows\system32\MRT
2014-06-13 19:14 - 2012-06-17 18:33 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-06-13 18:57 - 2014-06-13 18:53 - 00009784 _____ () C:\Windows\IE11_main.log
2014-06-13 18:54 - 2014-06-13 18:54 - 23414784 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-06-13 18:54 - 2014-06-13 18:54 - 17271296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-06-13 18:54 - 2014-06-13 18:54 - 13522944 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-06-13 18:54 - 2014-06-13 18:54 - 11725312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-06-13 18:54 - 2014-06-13 18:54 - 05782528 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-06-13 18:54 - 2014-06-13 18:54 - 04244992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-06-13 18:54 - 2014-06-13 18:54 - 02768384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-06-13 18:54 - 2014-06-13 18:54 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-06-13 18:54 - 2014-06-13 18:54 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-06-13 18:54 - 2014-06-13 18:54 - 02266112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-06-13 18:54 - 2014-06-13 18:54 - 02179072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-06-13 18:54 - 2014-06-13 18:54 - 02040832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-06-13 18:54 - 2014-06-13 18:54 - 01964544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-06-13 18:54 - 2014-06-13 18:54 - 01790976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-06-13 18:54 - 2014-06-13 18:54 - 01398272 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-06-13 18:54 - 2014-06-13 18:54 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-06-13 18:54 - 2014-06-13 18:54 - 01143296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-06-13 18:54 - 2014-06-13 18:54 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-06-13 18:54 - 2014-06-13 18:54 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2014-06-13 18:54 - 2014-06-13 18:54 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-06-13 18:54 - 2014-06-13 18:54 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-06-13 18:54 - 2014-06-13 18:54 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-06-13 18:54 - 2014-06-13 18:54 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-06-13 18:54 - 2014-06-13 18:54 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-06-13 18:54 - 2014-06-13 18:54 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll
2014-06-13 18:54 - 2014-06-13 18:54 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-06-13 18:54 - 2014-06-13 18:54 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2014-06-13 18:54 - 2014-06-13 18:54 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2014-06-13 18:54 - 2014-06-13 18:54 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-06-13 18:54 - 2014-06-13 18:54 - 00608768 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-06-13 18:54 - 2014-06-13 18:54 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-06-13 18:54 - 2014-06-13 18:54 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-06-13 18:54 - 2014-06-13 18:54 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-06-13 18:54 - 2014-06-13 18:54 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-06-13 18:54 - 2014-06-13 18:54 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-06-13 18:54 - 2014-06-13 18:54 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-06-13 18:54 - 2014-06-13 18:54 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-06-13 18:54 - 2014-06-13 18:54 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2014-06-13 18:54 - 2014-06-13 18:54 - 00368128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-06-13 18:54 - 2014-06-13 18:54 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2014-06-13 18:54 - 2014-06-13 18:54 - 00295424 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-06-13 18:54 - 2014-06-13 18:54 - 00266456 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-06-13 18:54 - 2014-06-13 18:54 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2014-06-13 18:54 - 2014-06-13 18:54 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2014-06-13 18:54 - 2014-06-13 18:54 - 00242688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-06-13 18:54 - 2014-06-13 18:54 - 00240856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-06-13 18:54 - 2014-06-13 18:54 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-06-13 18:54 - 2014-06-13 18:54 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2014-06-13 18:54 - 2014-06-13 18:54 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2014-06-13 18:54 - 2014-06-13 18:54 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2014-06-13 18:54 - 2014-06-13 18:54 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-06-13 18:54 - 2014-06-13 18:54 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2014-06-13 18:54 - 2014-06-13 18:54 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2014-06-13 18:54 - 2014-06-13 18:54 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2014-06-13 18:54 - 2014-06-13 18:54 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-06-13 18:54 - 2014-06-13 18:54 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2014-06-13 18:54 - 2014-06-13 18:54 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2014-06-13 18:54 - 2014-06-13 18:54 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2014-06-13 18:54 - 2014-06-13 18:54 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2014-06-13 18:54 - 2014-06-13 18:54 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-06-13 18:54 - 2014-06-13 18:54 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2014-06-13 18:54 - 2014-06-13 18:54 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2014-06-13 18:54 - 2014-06-13 18:54 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2014-06-13 18:54 - 2014-06-13 18:54 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2014-06-13 18:54 - 2014-06-13 18:54 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-06-13 18:54 - 2014-06-13 18:54 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2014-06-13 18:54 - 2014-06-13 18:54 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-06-13 18:54 - 2014-06-13 18:54 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2014-06-13 18:54 - 2014-06-13 18:54 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2014-06-13 18:54 - 2014-06-13 18:54 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2014-06-13 18:54 - 2014-06-13 18:54 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2014-06-13 18:54 - 2014-06-13 18:54 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2014-06-13 18:54 - 2014-06-13 18:54 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-06-13 18:54 - 2014-06-13 18:54 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-06-13 18:54 - 2014-06-13 18:54 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2014-06-13 18:54 - 2014-06-13 18:54 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2014-06-13 18:54 - 2014-06-13 18:54 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2014-06-13 18:54 - 2014-06-13 18:54 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2014-06-13 18:54 - 2014-06-13 18:54 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2014-06-13 18:54 - 2014-06-13 18:54 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-06-13 18:54 - 2014-06-13 18:54 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2014-06-13 18:54 - 2014-06-13 18:54 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-06-13 18:54 - 2014-06-13 18:54 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2014-06-13 18:54 - 2014-06-13 18:54 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2014-06-13 18:54 - 2014-06-13 18:54 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-06-13 18:54 - 2014-06-13 18:54 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-06-13 18:54 - 2014-06-13 18:54 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2014-06-13 18:54 - 2014-06-13 18:54 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2014-06-13 18:54 - 2014-06-13 18:54 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-06-13 18:54 - 2014-06-13 18:54 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-06-13 18:54 - 2014-06-13 18:54 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2014-06-13 18:54 - 2014-06-13 18:54 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2014-06-13 18:54 - 2014-06-13 18:54 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-06-13 18:54 - 2014-06-13 18:54 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2014-06-13 18:54 - 2014-06-13 18:54 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2014-06-13 18:54 - 2014-06-13 18:54 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-06-13 18:54 - 2014-06-13 18:54 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-06-13 18:54 - 2014-06-13 18:54 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2014-06-13 18:54 - 2014-06-13 18:54 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-06-13 18:54 - 2014-06-13 18:54 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-06-13 18:54 - 2014-06-13 18:54 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-06-13 18:54 - 2014-06-13 18:54 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2014-06-13 18:54 - 2014-06-13 18:54 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2014-06-13 18:54 - 2014-06-13 18:54 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2014-06-13 18:54 - 2014-06-13 18:54 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2014-06-13 18:54 - 2014-06-13 18:54 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2014-06-13 18:54 - 2014-06-13 18:54 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2014-06-13 18:54 - 2014-06-13 18:54 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-06-13 18:46 - 2011-10-27 03:42 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-06-13 18:46 - 2011-10-27 03:42 - 00000000 ____D () C:\ProgramData\Skype
2014-06-13 18:44 - 2012-11-02 03:02 - 00000039 _____ () C:\Windows\vbaddin.ini
2014-06-13 18:11 - 2012-12-14 01:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2014-06-13 16:58 - 2014-06-13 16:58 - 01039096 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys.1402703924607
2014-06-13 16:58 - 2014-06-13 16:58 - 00423240 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys.1402703924607
2014-06-13 16:58 - 2014-06-13 16:58 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\AVAST Software
2014-06-13 16:57 - 2014-06-13 16:57 - 00000000 ____D () C:\Program Files\AVAST Software
2014-06-13 16:54 - 2014-06-13 16:54 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-06-13 16:53 - 2014-06-13 16:53 - 94714880 _____ (AVAST Software) C:\Users\Owner\Downloads\avast_free_antivirus_setup.exe
2014-06-12 22:02 - 2014-07-01 09:56 - 00000649 _____ () C:\Users\Owner\Downloads\Startup.ini
2014-06-12 10:54 - 2014-06-12 10:54 - 00000776 _____ () C:\Users\Public\Desktop\World of Tanks.lnk
2014-06-12 10:54 - 2014-06-12 10:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\World of Tanks
2014-06-12 10:54 - 2012-08-04 14:17 - 00000000 ___HD () C:\Windows\msdownld.tmp
2014-06-12 10:54 - 2012-08-04 14:17 - 00000000 ____D () C:\Windows\SysWOW64\directx
2014-06-12 10:54 - 2012-08-04 14:16 - 00000000 ____D () C:\Games
2014-06-12 10:49 - 2014-06-12 10:49 - 09237816 _____ (Wargaming.net ) C:\Users\Owner\Downloads\WoT_internet_install_na.exe
2014-06-11 18:03 - 2013-01-30 04:48 - 00000132 _____ () C:\Users\Owner\AppData\Roaming\Adobe PNG Format CS6 Prefs
2014-06-10 01:54 - 2014-03-09 21:38 - 00074275 _____ () C:\Windows\DirectX.log
2014-06-09 23:27 - 2014-06-09 23:27 - 00000220 _____ () C:\Users\Owner\Desktop\Star Trek Online.url
2014-06-08 22:19 - 2014-06-08 22:19 - 00000000 ____D () C:\Users\Owner\Downloads\Game of Thrones S04E09 HDTV x264-KILLERS[ettv]
2014-06-08 17:38 - 2014-06-08 17:38 - 00001252 _____ () C:\Users\Owner\Desktop\TF2Idle v1.6.0 - Shortcut.lnk
2014-06-08 14:23 - 2013-09-04 15:02 - 00000000 ____D () C:\Users\Owner\Documents\StarCitizen
2014-06-08 14:22 - 2014-06-08 14:22 - 00001093 _____ () C:\Users\Owner\Desktop\StarCitizen.lnk
2014-06-08 14:22 - 2014-06-08 14:22 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\StarCitizen
2014-06-08 12:29 - 2014-06-08 12:29 - 32802904 _____ () C:\Users\Owner\Downloads\StarCitizenInstaller.exe
2014-06-08 02:21 - 2014-06-08 02:21 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\MKKE
2014-06-08 02:21 - 2013-05-14 20:37 - 00000000 ____D () C:\ProgramData\Steam
2014-06-08 02:18 - 2014-06-08 02:17 - 00000000 ____D () C:\Program Files (x86)\Mortal Kombat Complete Edition
2014-06-08 02:17 - 2014-06-08 02:17 - 00002018 _____ () C:\Users\Public\Desktop\Mortal Kombat Complete Edition.lnk
2014-06-08 02:17 - 2014-06-08 02:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mortal Kombat Complete Edition
2014-06-08 02:13 - 2014-06-13 17:56 - 00506368 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-06-08 02:08 - 2014-06-13 17:56 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-06-08 02:02 - 2014-06-08 01:31 - 00000000 ____D () C:\Program Files (x86)\Total War ROME II
2014-06-08 01:49 - 2014-06-08 01:49 - 00000848 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Total War ROME II.lnk
2014-06-08 01:49 - 2014-06-08 01:49 - 00000836 _____ () C:\Users\Public\Desktop\Total War ROME II.lnk
2014-06-08 01:26 - 2014-05-20 17:27 - 00000000 ____D () C:\Program Files (x86)\Wolfenstein The New Order
2014-06-08 01:23 - 2012-08-07 06:58 - 00207360 ___SH () C:\Users\Owner\Thumbs.db
2014-06-08 00:19 - 2014-06-08 00:19 - 00000000 ____D () C:\Users\Owner\Downloads\soundtrack
2014-06-08 00:19 - 2014-06-08 00:19 - 00000000 ____D () C:\Users\Owner\Downloads\DesktopDungeons_Data
2014-06-08 00:19 - 2014-06-08 00:19 - 00000000 ____D () C:\Users\Owner\Downloads\3DMGAME
2014-06-08 00:07 - 2014-06-07 23:57 - 510772932 ____R () C:\Users\Owner\Downloads\3DMGAME-Desktop.Dungeons.Special.Edition.Build.2013.11.26.Cracked-3DM.7z
2014-06-08 00:06 - 2014-06-07 23:44 - 3991830528 _____ () C:\Users\Owner\Downloads\Mortal_Kombat_Complete_Edition_RePack_ENG.iso

Files to move or delete:
====================
C:\Users\Owner\berkelium.exe


Some content of TEMP:
====================
C:\Users\Owner\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpe8lflx.dll


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll
[2010-11-20 20:24] - [2010-11-20 20:24] - 0528384 ____A (Microsoft Corporation) 852B6FB865EC42D1DB310B1AFD1A9FB3

 ATTENTION ======> If the system is having audio adware rpcss.dll is patched. Google the MD5, if the MD5 is unique the file is infected.
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


testsigning: ==> Check for possible unsigned rootkit driver <===== ATTENTION!


LastRegBack: 2014-06-28 00:42

==================== End Of Log ============================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 05-07-2014 01
Ran by Owner at 2014-07-06 03:13:38
Running from C:\Users\Owner\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
FW: avast! Antivirus (Enabled) {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}

==================== Installed Programs ======================

 Tools for .Net 3.5 (x32 Version: 3.11.50727 - Microsoft Corporation) Hidden
 Update for Microsoft Office 2007 (KB2508958) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0C5823AA-7B6F-44E1-8D5B-8FD1FF0E6438}) (Version:  - Microsoft)
7-Zip 9.20 (HKLM-x32\...\7-Zip) (Version:  - )
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Addon Sync 2009 (HKLM-x32\...\{4E3AA543-09D7-401E-9DF2-2591D24C7C49}) (Version: 1.0.67 - YomaTools)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.5.0.1060 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 3.5.0.1060 - Adobe Systems Incorporated) Hidden
Adobe Download Assistant (HKLM-x32\...\com.adobe.downloadassistant.AdobeDownloadAssistant) (Version: 1.2.5 - Adobe Systems Incorporated)
Adobe Download Assistant (x32 Version: 1.2.5 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 11 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 11.5.502.146 - Adobe Systems Incorporated)
Adobe Flash Player 14 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 14.0.0.125 - Adobe Systems Incorporated)
Adobe Photoshop CS6 (HKLM-x32\...\{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}) (Version: 13.0 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.07) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.07 - Adobe Systems Incorporated)
Always Sometimes Monsters (HKLM-x32\...\Steam App 274310) (Version:  - Vagabond Dog)
Apple Application Support (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{2EF5D87E-B7BD-458F-8428-E4D0B8B4E65C}) (Version: 7.0.0.117 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
applicationupdater (HKCU\...\SOE-C:/Users/Owner/AppData/Local/Sony Online Entertainment/ApplicationUpdater) (Version:  - Sony Online Entertainment)
Arma: Cold War Assault (HKLM-x32\...\Steam App 65790) (Version:  - Bohemia Interactive)
AutoHotkey 1.0.48.05 (HKLM-x32\...\AutoHotkey) (Version: 1.0.48.05 - Chris Mallett)
avast! Internet Security (HKLM-x32\...\Avast) (Version: 9.0.2021 - AVAST Software)
Awesomenauts (HKLM-x32\...\Steam App 204300) (Version:  - Ronimo Games)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
BattlEye for OA Uninstall (HKLM-x32\...\BattlEye for OA) (Version:  - )
Bing Bar (HKLM-x32\...\{16793295-2366-40F7-A045-A3E42A81365E}) (Version: 7.1.362.0 - Microsoft Corporation)
BIT.TRIP RUNNER (HKLM-x32\...\Steam App 63710) (Version:  - Gaijin Games)
BitTorrent (HKCU\...\BitTorrent) (Version: 7.9.2.32128 - BitTorrent Inc.)
Blacklight: Retribution (HKLM-x32\...\Steam App 209870) (Version:  - )
Blade Symphony (HKLM-x32\...\Steam App 225600) (Version:  - Puny Human Games)
BLAZBLUE -CALAMITY TRIGGER- (HKLM-x32\...\GFWL_{415807D5-45E8-4635-A5A9-C81000008400}) (Version: 1.0.0000.132 - ARC SYSTEM WORKS)
BLAZBLUE -CALAMITY TRIGGER- (x32 Version: 1.0.0000.132 - ARC SYSTEM WORKS) Hidden
Blend for Visual Studio 2012 (x32 Version: 5.0.30709.0 - Microsoft Corporation) Hidden
Blend for Visual Studio 2012 ENU resources (x32 Version: 5.0.30709.0 - Microsoft Corporation) Hidden
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Broforce (HKLM-x32\...\Steam App 274190) (Version:  - Free Lives)
Cave Story+ (HKLM-x32\...\Steam App 200900) (Version:  - )
CCleaner (HKLM\...\CCleaner) (Version: 3.25 - Piriform)
Cheat Engine 6.2 (HKLM-x32\...\Cheat Engine 6.2_is1) (Version:  - Dark Byte)
Citrix Authentication Manager (x32 Version: 3.0.0.47031 - Citrix Systems, Inc.) Hidden
Citrix Receiver (HDX Flash Redirection) (x32 Version: 13.3.0.55 - Citrix Systems, Inc.) Hidden
Citrix Receiver (HKLM-x32\...\CitrixOnlinePluginPackWeb) (Version: 13.3.0.55 - Citrix Systems, Inc.)
Citrix Receiver Inside (x32 Version: 3.3.0.17208 - Citrix Systems, Inc.) Hidden
Citrix Receiver Updater (x32 Version: 3.3.0.17207 - Citrix Systems, Inc.) Hidden
Citrix Receiver(Aero) (x32 Version: 13.3.0.55 - Citrix Systems, Inc.) Hidden
Citrix Receiver(DV) (x32 Version: 13.3.0.55 - Citrix Systems, Inc.) Hidden
Citrix Receiver(USB) (x32 Version: 13.3.0.55 - Citrix Systems, Inc.) Hidden
Combined Community Codec Pack 2010-10-10 (HKLM-x32\...\Combined Community Codec Pack_is1) (Version: 2010.10.10.0 - CCCP Project)
Contagion (HKLM-x32\...\Steam App 238430) (Version:  - Monochrome LLC)
Counter-Strike (HKLM-x32\...\Steam App 10) (Version:  - Valve)
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version:  - )
CyberLink MediaEspresso (HKLM-x32\...\InstallShield_{E3739848-5329-48E3-8D28-5BBD6E8BE384}) (Version: 6.5.1720_38230 - CyberLink Corp.)
CyberLink MediaEspresso (x32 Version: 6.5.1720_38230 - CyberLink Corp.) Hidden
CyberLink PowerDVD 10 (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.2531.52 - CyberLink Corp.)
CyberLink PowerDVD 10 (x32 Version: 10.0.2531.52 - CyberLink Corp.) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dark Souls Prepare to Die Edition (HKLM-x32\...\GFWL_{4E4D0FA1-F880-4CCB-999A-501000008200}) (Version: 1.0.0000.130 - NAMCO BANDAI Games Europe S.A.S.)
Dark Souls Prepare to Die Edition (x32 Version: 1.0.0000.130 - NAMCO BANDAI Games Europe S.A.S.) Hidden
DEFCON Demo (HKLM-x32\...\Steam App 1522) (Version:  - Introversion Software)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (HKLM-x32\...\{91140000-003B-0000-0000-0000000FF1CE}_Office14.PRJPROR_{CA75CBF9-B078-47CB-ABA3-74EFD4FC9A43}) (Version:  - Microsoft)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (HKLM-x32\...\{91140000-0057-0000-0000-0000000FF1CE}_Office14.VISIOR_{CA75CBF9-B078-47CB-ABA3-74EFD4FC9A43}) (Version:  - Microsoft)
Democracy 3 (HKLM-x32\...\GOGPACKDEMOCRACY3_is1) (Version: 2.0.0.3 - GOG.com)
Desura (HKLM-x32\...\Desura) (Version: 100.53 - Desura)
Desura: Epic Inventor (HKLM-x32\...\Desura_69831873265696) (Version: Full - Pixel Prone)
Desura: Kill Fun Yeah (HKLM-x32\...\Desura_75926431858720) (Version: Demo - Arctic Anteater)
Desura: Naev (HKLM-x32\...\Desura_71730248810528) (Version: Full - Naev Dev Team)
Desura: Omegalodon (HKLM-x32\...\Desura_72632191942688) (Version: Demo - North of Earth)
Desura: Savage XR (HKLM-x32\...\Desura_339302416416) (Version: Full - S2 Games)
Desura: Zombie Grinder (HKLM-x32\...\Desura_65884798320672) (Version: Alpha - Twin Drills)
Deus Ex: Game of the Year Edition (HKLM-x32\...\Steam App 6910) (Version:  - Eidos)
Deus Ex: Human Revolution - The Missing Link (HKLM-x32\...\Steam App 201280) (Version:  - Eidos Montreal)
Deus Ex: Human Revolution (HKLM-x32\...\Steam App 28050) (Version:  - Eidos Montreal)
Deus Ex: Invisible War (HKLM-x32\...\Steam App 6920) (Version:  - Eidos)
Dia (remove only) (HKLM-x32\...\Dia) (Version:  - )
Diablo III (HKLM-x32\...\Diablo III) (Version:  - Blizzard Entertainment)
Dictation Pro (HKLM-x32\...\Dictation Pro_is1) (Version:  - Deskshare Inc.)
Distant Worlds Universe (HKLM-x32\...\Distant Worlds Universe_is1) (Version:  - )
Dogecoin (HKCU\...\Dogecoin) (Version: 1.5.2.0 - Dogecoin)
Doom Warrior (HKLM-x32\...\{ECD05543-FB6F-45A9-8CA5-7BBF5FAABE31}_is1) (Version: 1.07 - Creaky Corpse Ltd)
Dota 2 (HKLM-x32\...\Steam App 570) (Version:  - Valve)
Dotfuscator and Analytics Community Edition (x32 Version: 5.5.4521.29298 - PreEmptive Solutions) Hidden
DriverIdentifier 4.2.2 (HKLM-x32\...\{40A3E5DB-5EF8-4F04-BF3E-7AB87C4AE85A}_is1) (Version:  - DriverIdentifier)
Dropbox (HKCU\...\Dropbox) (Version: 2.8.2 - Dropbox, Inc.)
Dungeon of the Endless (HKLM-x32\...\Steam App 249050) (Version:  - AMPLITUDE Studios)
Dwarfs!? (HKLM-x32\...\Steam App 35480) (Version:  - Power of 2)
Dynasty Warriors 8 Xtreme Legends (HKLM-x32\...\Dynasty Warriors 8 Xtreme Legends_is1) (Version:  - )
Easy GIF Animator 5.6 (HKLM-x32\...\Easy GIF Animator_is1) (Version: Easy GIF Animator 5.0 - Karlis Blumentals)
EDGE (HKLM-x32\...\Steam App 38740) (Version:  - Two Tribes)
eLab Client version 1.2.1.20 (HKLM-x32\...\eLab Client_is1) (Version:  - LabMentors, Inc.)
Endless Space (HKLM-x32\...\Steam App 208140) (Version:  - Amplitude Studios)
Entity Framework Designer for Visual Studio 2012 - enu (HKLM-x32\...\{0A1A1D48-DB23-443A-BC7B-49255D138020}) (Version: 11.1.20702.00 - Microsoft Corporation)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version:  - )
ESG Launchpad (HKCU\...\8ba38ebc79009889) (Version: 1.0.0.7 - The Alpha Company, LLC)
Etron USB3.0 Host Controller (x32 Version: 0.103 - Etron Technology) Hidden
FastStone Image Viewer 4.6 (HKLM-x32\...\FastStone Image Viewer) (Version: 4.6 - FastStone Soft)
Fistful of Frags (HKLM-x32\...\Steam App 265630) (Version:  - Fistful of Frags Team)
FlashDevelop 4.3.0 (HKLM-x32\...\FlashDevelop) (Version: 4.3.0-RTM - FlashDevelop.org)
Flvto Converter (HKLM-x32\...\Flvto Converter) (Version: 0.2.2 - Hotger)
Freenet (HKCU\...\Freenet) (Version:  - )
FTL: Faster Than Light (HKLM-x32\...\Steam App 212680) (Version:  - )
FxFoto by Triscape (HKLM-x32\...\FxFoto) (Version:  - )
Galerie de photos Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
gamelauncher-ps2-live (HKCU\...\SOE-C:/Users/Public/Sony Online Entertainment/Installed Games/PlanetSide 2) (Version:  - Sony Online Entertainment)
Garry's Mod (HKLM-x32\...\Steam App 4000) (Version:  - Garry)
Garry's Mod 13 (HKLM-x32\...\Steam App 4010) (Version:  - TEAM GARRY)
Gateway Recovery Management (HKLM-x32\...\{7F811A54-5A09-4579-90E1-C93498E230D9}) (Version: 5.00.3502 - Gateway Incorporated)
Gateway Registration (HKLM-x32\...\Gateway Registration) (Version: 1.04.3503 - Gateway Incorporated)
Gateway ScreenSaver (HKLM-x32\...\Gateway Screensaver) (Version: 1.1.0225.2011 - Gateway Incorporated)
Gateway Updater (HKLM-x32\...\{EE171732-BEB4-4576-887D-CB62727F01CA}) (Version: 1.02.3501 - Gateway Incorporated)
Gear Up (HKLM-x32\...\Steam App 214420) (Version:  - )
GeForce Experience NvStream Client Components (Version: 1.6.28 - NVIDIA Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 35.0.1916.153 - Google Inc.)
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
Grand Theft Auto IV (HKLM-x32\...\Steam App 12210) (Version:  - Rockstar North)
Grand Theft Auto: Episodes from Liberty City (HKLM-x32\...\Steam App 12220) (Version:  - Rockstar North / Toronto)
Guacamelee! Gold Edition (HKLM-x32\...\GOGPACKGUACAMELEE_is1) (Version: 2.0.0.8 - GOG.com)
Gunpoint Demo (HKLM-x32\...\Steam App 240570) (Version:  - Suspicious Developments)
GunZ 2: The Second Duel (HKLM-x32\...\Steam App 242720) (Version:  - MAIET Entertainment)
Half-Life 2 (HKLM-x32\...\Steam App 220) (Version:  - Valve)
Half-Life 2: Episode One (HKLM-x32\...\Steam App 380) (Version:  - Valve)
Half-Life 2: Episode Two (HKLM-x32\...\Steam App 420) (Version:  - Valve)
Hearthstone (HKLM-x32\...\Hearthstone) (Version:  - Blizzard Entertainment)
Hi-Rez Studios Authenticate and Update Service (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF1FC}) (Version: 3.0.0.0 - Hi-Rez Studios)
Hotkey Utility (HKLM-x32\...\Hotkey Utility) (Version: 2.05.3505 - Gateway Incorporated)
Hotline Miami (HKLM-x32\...\GOGPACKHOTLINEMIAMI_is1) (Version: 2.0.0.4 - GOG.com)
iCloud (HKLM\...\{D0CB24F4-084F-40DE-B6B9-A03626E682F0}) (Version: 2.1.1.3 - Apple Inc.)
Identity Card (HKLM-x32\...\Identity Card) (Version: 1.00.3501 - Gateway Incorporated)
IIS 8.0 Express (HKLM\...\{7BF61FA9-BDFB-4563-98AD-FCB0DA28CCC7}) (Version: 8.0.1557 - Microsoft Corporation)
IIS Express Application Compatibility Database for x64 (HKLM\...\{9f4f4a9b-eec5-4906-92fe-d1f43ccf5c8d}.sdb) (Version:  - )
IIS Express Application Compatibility Database for x86 (HKLM\...\{fdfba1f3-74ae-4255-9c10-a0f552b4610f}.sdb) (Version:  - )
Indie Game: The Movie (HKLM-x32\...\Steam App 207080) (Version:  - BlinkWorks Media)
Intel® Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2353 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.1.0.1008 - Intel Corporation)
iTunes (HKLM\...\{F73A118B-8271-47E2-8790-0C636B2539C5}) (Version: 11.1.0.126 - Apple Inc.)
Java 7 Update 25 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417025FF}) (Version: 7.0.250 - Oracle)
Java 7 Update 25 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.250 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.5 - Sun Microsystems, Inc.) Hidden
Java SE Development Kit 7 Update 25 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0170250}) (Version: 1.7.0.250 - Oracle)
Java™ 6 Update 25 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216025FF}) (Version: 6.0.250 - Oracle)
JavaFX 2.1.1 (HKLM-x32\...\{1111706F-666A-4037-7777-211328764D10}) (Version: 2.1.1 - Oracle Corporation)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Killing Floor (HKLM-x32\...\Steam App 1250) (Version:  - Tripwire Interactive)
Killing Floor Mod: Defence Alliance 2 (HKLM-x32\...\Steam App 35420) (Version:  - )
Krater (HKLM-x32\...\Steam App 42170) (Version:  - )
L.A. Noire (HKLM-x32\...\{915726DF-7891-444A-AA03-0DF1D64F561A}) (Version: 1.00.0000 - Rockstar Games)
Landmark Beta (HKCU\...\SOE-Landmark Beta) (Version: 1.0.3.183 - Sony Online Entertainment)
Left 4 Dead 2 (HKLM-x32\...\Steam App 550) (Version:  - Valve)
Legend of Dungeon 1.0 (HKLM-x32\...\Legend of Dungeon 1.0) (Version: 1.0 - Cat-A-Cat)
Loadout (HKLM-x32\...\Steam App 208090) (Version:  - Edge of Reality)
LocalESPC (x32 Version: 8.59.25584 - Microsoft Corporation) Hidden
LocalESPCui for en-us (x32 Version: 8.59.25584 - Microsoft) Hidden
LoiLo Game Recorder (HKLM\...\{89E4163C-BD19-45A9-BCEB-980741786799}_is1) (Version: 1.1.0.0 - LoiLo inc.)
LoiLoScope 2 (HKLM-x32\...\{CAB75FFC-2377-4B95-A8FA-C9234B812A92}_is1) (Version: 2.5.3.2 - LoiLo inc)
Lone Survivor (HKLM-x32\...\Steam App 209830) (Version:  - )
Magicka: Wizard Wars (HKLM-x32\...\Steam App 202090) (Version:  - Paradox North)
Malwarebytes Anti-Malware version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
MAV (HKLM-x32\...\MAV) (Version: 0.5.15_0 - Puchisoft, Inc.)
MechWarrior Online (HKCU\...\{74d11f91-05cc-44f6-8e49-94fe7f33c79b}) (Version: 1.2.0.0 - Piranha Games Inc.)
MechWarrior Online (x32 Version: 1.2.0.0 - Piranha Games Inc.) Hidden
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
METAL GEAR RISING: REVENGEANCE (HKLM-x32\...\TUVUQUxHRUFSUklTSU5HUkVWRU5HRUFOQ0U=_is1) (Version: 1 - )
Metro Last Light (HKLM-x32\...\Metro Last Light_is1) (Version:  - )
Microsoft .NET Framework 4 Multi-Targeting Pack (x32 Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5 Multi-Targeting Pack (HKLM-x32\...\{5CBFF3F3-2D40-34EE-BCA5-A95BC19E400D}) (Version: 4.5.50709 - Microsoft Corporation)
Microsoft .NET Framework 4.5 SDK (HKLM-x32\...\{1948E039-EC79-4591-951D-9867A8C14C90}) (Version: 4.5.50709 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Chart Controls for Microsoft .NET Framework 3.5 (HKLM-x32\...\{41785C66-90F2-40CE-8CB5-1C94BFC97280}) (Version: 3.5.30730.0 - Microsoft Corporation)
Microsoft Game Studios Common Redistributables Pack 1 (x32 Version: 1.0.0 - Microsoft Game Studios) Hidden
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}) (Version: 3.5.92.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)
Microsoft Help Viewer 2.0 (HKLM-x32\...\Microsoft Help Viewer 2.0) (Version: 2.0.50727 - Microsoft Corporation)
Microsoft Help Viewer 2.0 (x32 Version: 2.0.50727 - Microsoft Corporation) Hidden
Microsoft LightSwitch for Visual Studio 2012 Core (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft LightSwitch for Visual Studio 2012 CoreRes - ENU (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft NuGet - Visual Studio 2012 (x32 Version: 2.0.30625.9003 - Microsoft Corporation) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden
Microsoft Office Access MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Access Setup Metadata MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Groove MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Groove Setup Metadata MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Project MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Project Professional 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden
Microsoft Office Publisher MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Visio 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Visio MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Portable Library Multi-Targeting Pack (x32 Version: 11.0.50709.17929 - Microsoft Corporation) Hidden
Microsoft Portable Library Multi-Targeting Pack Language Pack - enu (x32 Version: 11.0.50709.17929 - Microsoft Corporation) Hidden
Microsoft Project Professional 2010 (HKLM-x32\...\Office14.PRJPROR) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Report Viewer Add-On for Visual Studio 2012 (x32 Version: 11.1.2802.16 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft Silverlight 5 SDK (HKLM-x32\...\{E1FBB3D4-ADB0-4949-B101-855DA061C735}) (Version: 5.0.61118.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server 2012 Command Line Utilities  (HKLM\...\{9D573E71-1077-4C7E-B4DB-4E22A5D2B48B}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Data-Tier App Framework  (HKLM\...\{36E619BC-A234-4EC3-849B-779A7C865A45}) (Version: 11.0.2316.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Data-Tier App Framework  (HKLM-x32\...\{FBA6F90E-36EC-4FC9-9B25-3834E3BD46A8}) (Version: 11.0.2316.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Express LocalDB  (HKLM\...\{13D558FE-A863-402C-B115-160007277033}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Management Objects  (HKLM-x32\...\{DA1C1761-5F4F-4332-AB9D-29EDF3F8EA0A}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Management Objects  (x64) (HKLM\...\{FA0A244E-F3C2-4589-B42A-3D522DE79A42}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Native Client  (HKLM\...\{49D665A2-4C2A-476E-9AB8-FCC425F526FC}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Transact-SQL Compiler Service  (HKLM\...\{BEB0F91E-F2EA-48A1-B938-7857ABF2A93D}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Transact-SQL ScriptDom  (HKLM\...\{0E8670B8-3965-4930-ADA6-570348B67153}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 T-SQL Language Service  (HKLM-x32\...\{6D6D43E5-218C-4B05-92D3-2240810F4760}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 SP1 x64 ENU (HKLM\...\{78909610-D229-459C-A936-25D92283D3FD}) (Version: 4.0.8876.1 - Microsoft Corporation)
Microsoft SQL Server Data Tools - enu (11.1.20627.00) (HKLM-x32\...\{FA804794-2CCB-4301-954F-2C2894698876}) (Version: 11.1.20627.00 - Microsoft Corporation)
Microsoft SQL Server Data Tools Build Utilities - enu (11.1.20627.00) (HKLM-x32\...\{790E9425-8570-493F-9AE7-81AFC9E46930}) (Version: 11.1.20627.00 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (HKLM-x32\...\{A47FD1BF-A815-4A76-BE65-53A15BD5D25D}) (Version: 10.50.1600.1 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (x64) (HKLM\...\{4701DEDE-1888-49E0-BAE5-857875924CA2}) (Version: 10.50.1600.1 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2012 (HKLM-x32\...\{E2082604-4BA5-44BB-BBFB-AF0F3CB8C6AB}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2012 (x64) (HKLM\...\{F1949145-EB64-4DE7-9D81-E6D27937146C}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft Visio Professional 2010 (HKLM-x32\...\Office14.VISIOR) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411 (HKLM-x32\...\{5DA8F6CD-C70E-39D8-8430-3D9808D6BD17}) (Version: 9.0.30411 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012  x64 Designtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 Compilers - ENU Resources (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 Compilers (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 Core Libraries (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 Extended Libraries (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 Microsoft Foundation Class Libraries (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Debug Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Debug Runtime - 11.0.50727 (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2012 Devenv (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2012 Devenv Resources (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2012 IntelliTrace Core amd64 (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2012 IntelliTrace Core x86 (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2012 IntelliTrace Front End x86 (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2012 Performance Collection Tools - ENU (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2012 Performance Collection Tools (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2012 Preparation (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2012 Shell (Minimum) (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2012 Shell (Minimum) Interop Assemblies (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2012 Shell (Minimum) Resources (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2012 Tools for SQL Server Compact 4.0 SP1 ENU (x32 Version: 4.0.8876.1 - Microsoft Corporation) Hidden
Microsoft Visual Studio Premium 2012 - ENU (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio Premium 2012 (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio Professional 2012 - ENU (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio Professional 2012 (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio Team Foundation Server 2012 Object Model (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio Team Foundation Server 2012 Object Model Language Pack - ENU (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio Team Foundation Server 2012 Storyboarding (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio Team Foundation Server 2012 Storyboarding Language Pack - ENU (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio Team Foundation Server 2012 Team Explorer (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio Team Foundation Server 2012 Team Explorer Language Pack - ENU (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio Ultimate 2012 - ENU (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio Ultimate 2012 (HKLM-x32\...\{e238e1a0-7fbd-4146-a4ac-d48badcdf3ae}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual Studio Ultimate 2012 (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio Ultimate 2012 XAML UI Designer Core (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio Ultimate 2012 XAML UI Designer enu Resources (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Web Deploy 3.0 (HKLM\...\{AA72C306-30BE-4BB1-9E42-59552BAD2CDF}) (Version: 3.1236.1631 - Microsoft Corporation)
Microsoft Web Deploy dbSqlPackage Provider - enu (HKLM-x32\...\{E4C33F5B-1B2F-466E-957E-B274F08151A0}) (Version: 10.3.20225.0 - Microsoft Corporation)
Microsoft Web Developer Tools - Visual Studio 2012 (x32 Version: 1.0.30710.0 - Microsoft Corporation) Hidden
Microsoft XML Parser (x32 Version: 8.20.8730.4 - Microsoft Corporation) Hidden
Microsoft XNA Framework Redistributable 3.1 (HKLM-x32\...\{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}) (Version: 3.1.10527.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Microsoft_VC80_CRT_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC90_CRT_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
MotioninJoy Gamepad tool 0.7.1001 (HKLM\...\{330DAC67-5B62-452A-A0E4-6B4A5923940F}_is1) (Version: 0.7.1001 - www.motioninjoy.com)
Mozilla Firefox 30.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 30.0 (x86 en-US)) (Version: 30.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
MP3 To WAV Decoder version 1.0 r2 (HKLM-x32\...\{05B3E767-B182-4279-A35A-A56810C77CFD}_is1) (Version: 1.0 r2 - )
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Mumble 1.2.5 (HKLM-x32\...\{73FBAF60-DF43-4A68-90A4-4B244D237789}) (Version: 1.2.5 - Thorvald Natvig)
MWSnap 3 (HKLM-x32\...\MWSnap 3) (Version: 3.0.0.74 - Mirek Wojtowicz)
Natural Selection 2 (HKLM-x32\...\Steam App 4920) (Version:  - Unknown Worlds Entertainment)
NEO Scavenger Demo (HKLM-x32\...\Steam App 270680) (Version:  - Blue Bottle Games)
Nero 12 (HKLM-x32\...\{560FC78C-A4B2-461D-9B47-820C1EEF87B8}) (Version: 12.0.02000 - )
Nero 12 (HKLM-x32\...\{A2FB4DB1-DCAE-45DF-8755-00DC047ACF80}) (Version: 12.0.03400 - Nero AG)
Nero Audio Pack 1 (x32 Version: 11.0.11500.110.0 - Nero AG) Hidden
Nero BackItUp (x32 Version: 12.0.6002 - Nero AG) Hidden
Nero BackItUp Help (CHM) (x32 Version: 12.0.8000 - Nero AG) Hidden
Nero Blu-ray Player (x32 Version: 12.0.17700 - Nero AG) Hidden
Nero Blu-ray Player Help (CHM) (x32 Version: 12.0.9000 - Nero AG) Hidden
Nero Burning ROM (x32 Version: 12.0.28001 - Nero AG) Hidden
Nero Burning ROM Help (CHM) (x32 Version: 12.0.3000 - Nero AG) Hidden
Nero ControlCenter (x32 Version: 11.0.15500 - Nero AG) Hidden
Nero ControlCenter Help (CHM) (x32 Version: 12.0.7000 - Nero AG) Hidden
Nero Core Components (x32 Version: 11.0.18900 - Nero AG) Hidden
Nero Disc Menus Basic (x32 Version: 12.0.11500 - Nero AG) Hidden
Nero Effects Basic (x32 Version: 12.0.11500 - Nero AG) Hidden
Nero Express (x32 Version: 12.0.28001 - Nero AG) Hidden
Nero Express Help (CHM) (x32 Version: 12.0.5000 - Nero AG) Hidden
Nero Kwik Media (x32 Version: 1.18.19600 - Nero AG) Hidden
Nero Kwik Media Help (CHM) (x32 Version: 12.0.7000 - Nero AG) Hidden
Nero Kwik Themes Basic (x32 Version: 12.0.11500 - Nero AG) Hidden
Nero PiP Effects Basic (x32 Version: 12.0.11500 - Nero AG) Hidden
Nero Recode (x32 Version: 12.0.31001 - Nero AG) Hidden
Nero Recode Help (CHM) (x32 Version: 12.0.7000 - Nero AG) Hidden
Nero RescueAgent (x32 Version: 12.0.10002 - Nero AG) Hidden
Nero RescueAgent Help (CHM) (x32 Version: 12.0.7000 - Nero AG) Hidden
Nero SharedVideoCodecs (x32 Version: 1.0.12100.2.0 - Nero AG) Hidden
Nero Update (x32 Version: 11.0.11800.31.0 - Nero AG) Hidden
Nero Video (x32 Version: 12.0.8000 - Nero AG) Hidden
Nero Video Help (CHM) (x32 Version: 12.0.7000 - Nero AG) Hidden
Nether (HKLM-x32\...\Steam App 247730) (Version:  - Phosphor Games)
Nether Launcher (HKLM\...\{8CE878A2-955B-491F-80D1-2AC021B140F7}) (Version: 16.24.0.0 - Nether Productions, LLC.)
Nidhogg (HKLM-x32\...\TmlkaG9nZw==_is1) (Version: 1 - )
No Time To Explain (HKLM-x32\...\No Time To Explain1.0) (Version: 1.0 - Foxy Games)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.1.4 - )
NVIDIA 3D Vision Controller Driver 335.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 335.21 - NVIDIA Corporation)
NVIDIA 3D Vision Driver 335.23 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 335.23 - NVIDIA Corporation)
NVIDIA Control Panel 335.23 (Version: 335.23 - NVIDIA Corporation) Hidden
NVIDIA GeForce Experience 1.8.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 1.8.1 - NVIDIA Corporation)
NVIDIA Graphics Driver 335.23 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 335.23 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.30.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.30.1 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.147.1067 - NVIDIA Corporation) Hidden
NVIDIA LED Visualizer 1.0 (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA Network Service (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.13.1220 - NVIDIA Corporation) Hidden
NVIDIA PhysX Particle Fluid Demo (HKLM-x32\...\{777748FA-6A51-4923-914C-FCCDA01919BF}) (Version: 1.0.1.4 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)
NVIDIA ShadowPlay 10.11.15 (Version: 10.11.15 - NVIDIA Corporation) Hidden
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.13.3523 - NVIDIA Corporation) Hidden
NVIDIA Update 10.11.15 (Version: 10.11.15 - NVIDIA Corporation) Hidden
NVIDIA Update Core (Version: 10.11.15 - NVIDIA Corporation) Hidden
NVIDIA Virtual Audio 1.2.19 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver) (Version: 1.2.19 - NVIDIA Corporation)
oCam version 22.0.0.0 (HKLM-x32\...\oCam_is1) (Version: 22.0.0.0 - http://ohsoft.net/)
Online Plug-in (x32 Version: 13.3.0.55 - Citrix Systems, Inc.) Hidden
Open Broadcaster Software (HKLM-x32\...\Open Broadcaster Software) (Version:  - )
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
Origin (HKLM-x32\...\Origin) (Version: 9.4.5.195 - Electronic Arts, Inc.)
ORION: Dino Horde (HKLM-x32\...\Steam App 104900) (Version:  - Spiral Game Studios)
PaintTool SAI Ver.1 (HKLM-x32\...\PaintToolSAI) (Version:  - )
Paper Sorcerer (HKLM-x32\...\Steam App 263560) (Version:  - Jesse Gallagher)
Papers Please version 1.1.60-S (HKLM-x32\...\Papers Please_is1) (Version: 1.1.60-S - )
Paranautical Activity (HKLM-x32\...\Steam App 250580) (Version:  - Code Avarice)
PDF Architect (HKLM-x32\...\{80A07844-CA64-4DE4-AB61-D37DDBE8074F}) (Version: 1.0.52.8917 - pdfforge)
PDF Settings CS6 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
PDFCreator (HKLM-x32\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.7.0 - pdfforge)
PeerBlock 1.1 (r518) (HKLM\...\{015C5B35-B678-451C-9AEE-821E8D69621C}_is1) (Version: 1.1.0.518 - PeerBlock, LLC)
Pixel Piracy (HKLM-x32\...\Steam App 264140) (Version:  - Vitali Kirpu)
PlagueInc 1.0 (HKLM-x32\...\PlagueInc 1.0) (Version: 1.0 - Cat-A-Cat)
Planet Explorers (HKLM-x32\...\Steam App 237870) (Version:  - Pathea Games)
PlanetSide 2 (2) (HKCU\...\SOE-PlanetSide 2 (2)) (Version: 1.0.3.183 - Sony Online Entertainment)
PlanetSide 2 (HKCU\...\soe-PlanetSide 2) (Version: 1.0.3.183 - Sony Online Entertainment)
PlanetSide 2 (HKLM-x32\...\Steam App 218230) (Version:  - Sony Online Entertainment)
Poker Night at the Inventory (HKLM-x32\...\Steam App 31280) (Version:  - Telltale Games)
PreEmptive Analytics Visual Studio Components (x32 Version: 1.0.2180.1 - PreEmptive Solutions) Hidden
Prerequisite installer (x32 Version: 12.0.0003 - Nero AG) Hidden
Prerequisites for SSDT  (HKLM-x32\...\{9169C939-ED01-446A-BD0C-29873BAF4E48}) (Version: 11.0.2100.60 - Microsoft Corporation)
PrintKey2000 (HKLM-x32\...\PrintKey2000) (Version:  - )
PrivitizeVPN (HKLM-x32\...\PrivitizeVPN) (Version: 1.0.0 - OOO Industry) <==== ATTENTION
Project Zomboid (HKLM-x32\...\Steam App 108600) (Version:  - Indie Stone Studios)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.992 - Even Balance, Inc.)
QuickTime (HKLM-x32\...\{AF0CE7C0-A3E4-4D73-988B-B29187EC6E9A}) (Version: 7.73.80.64 - Apple Inc.)
RaidCall (HKLM-x32\...\RaidCall) (Version: 7.1.8-1.0.4843.13 - raidcall.com)
Ravaged (HKLM-x32\...\Steam App 96300) (Version:  - )
Razer Game Booster (HKLM-x32\...\{88F0F4FF-B514-4E32-9C17-CAF96D60EAFC}) (Version: 3.5.6.0 - Razer USA Ltd.)
RazorSQL 6.0.1 (HKLM\...\RazorSQL 6.0.1_is1) (Version:  - Richardson Software, LLC)
Realm of the Mad God (HKLM-x32\...\Steam App 200210) (Version:  - )
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.45.516.2011 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6257 - Realtek Semiconductor Corp.)
Recuva (HKLM\...\Recuva) (Version: 1.45 - Piriform)
Retro City Rampage (HKLM-x32\...\GOGPACKRETROCITYRAMPAGE_is1) (Version: 2.9.0.25 - GOG.com)
Rise of the Triad (HKLM-x32\...\UmlzZW9mdGhlVHJpYWQ=_is1) (Version: 1 - )
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.0.0.0 - Rockstar Games)
Rogue Legacy version 0.0.0.9 (HKLM-x32\...\Rogue Legacy_is1) (Version: 0.0.0.9 - WaLMaRT)
Rogue Shooter: The FPS Roguelike (HKLM-x32\...\Steam App 295770) (Version:  - Hippomancer)
Rust (HKLM-x32\...\Steam App 252490) (Version:  - Facepunch Studios)
Saints Row IV (HKLM-x32\...\U2FpbnRzUm93SVY=_is1) (Version: 1 - )
Sanctum 2 (HKLM-x32\...\Steam App 210770) (Version:  - Coffee Stain Studios)
Sandboxie 3.62 (64-bit) (HKLM\...\Sandboxie) (Version: 3.62 - SANDBOXIE L.T.D)
Self-service Plug-in (x32 Version: 3.3.0.27839 - Citrix Systems, Inc.) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{91140000-003B-0000-0000-0000000FF1CE}_Office14.PRJPROR_{58FA40EF-ABA9-4FED-AD3D-318A6073934D}) (Version:  - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{91140000-0057-0000-0000-0000000FF1CE}_Office14.VISIOR_{359ADBEC-068A-4CC9-9174-77AB8EDB867A}) (Version:  - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (x32 Version:  - Microsoft) Hidden
SHIELD Streaming (Version: 1.6.85 - NVIDIA Corporation) Hidden
Simple Port Forwarding (HKLM-x32\...\Simple Port Forwarding) (Version: 3.8.1 - PcWinTech.com)
Sir, You Are Being Hunted (HKLM-x32\...\GOGPACKSIRYOUAREBEINGHUNTED_is1) (Version: 2.0.0.2 - GOG.com)
Six Updater (HKLM-x32\...\{2D8CED57-CCDB-4D86-9087-3BBCAE8F8F22}) (Version: 2.09.7038 - Six Projects)
Skype™ 6.11 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.)
Sniper Elite V2 (HKLM-x32\...\Steam App 63380) (Version:  - Rebellion)
Source Filmmaker (HKLM-x32\...\Steam App 1840) (Version:  - )
Source SDK Base 2013 Multiplayer (HKLM-x32\...\Steam App 243750) (Version:  - )
Space Engineers (HKLM-x32\...\Steam App 244850) (Version:  - )
Space Pirates and Zombies (HKLM-x32\...\Steam App 107200) (Version:  - )
Spore (HKLM-x32\...\Steam App 17390) (Version:  - Maxis)
Star Trek Online (HKLM-x32\...\Steam App 9900) (Version:  - Cryptic Studios)
Star Wars JK II Jedi Outcast (HKLM-x32\...\{576E71DA-3000-48F6-9B21-B9A70D47DFCF}) (Version:  - )
Starbound (HKLM-x32\...\Steam App 211820) (Version:  - )
StarForge Alpha (HKLM-x32\...\Steam App 227680) (Version:  - )
Starsector version 0.6.2a (HKLM-x32\...\{5B8604A9-6871-4A18-974F-8DD9B6D428DA}_is1) (Version: 0.6.2a - )
Statistics Calculator (HKLM-x32\...\{BEAAF4A8-190F-4430-8553-FE12EB1E8604}) (Version:  - )
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
Super Crate Box (HKLM-x32\...\Steam App 212800) (Version:  - )
Super House of Dead Ninjas (HKLM-x32\...\Steam App 224820) (Version:  - )
Sword of the Stars: The Pit (HKLM-x32\...\Steam App 233700) (Version:  - Kerberos Productions)
Tactical Intervention (HKLM-x32\...\Steam App 51100) (Version:  - FIX Korea)
Team Fortress 2 (HKLM-x32\...\Steam App 440) (Version:  - Valve)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.14 - TeamSpeak Systems GmbH)
Teleglitch: Die More Edition (HKLM-x32\...\Steam App 234390) (Version:  - Test3 Projects)
Terraria (HKLM-x32\...\Steam App 105600) (Version:  - Re-Logic)
The Baconing (HKLM-x32\...\Steam App 18070) (Version:  - Hothead Games Inc.)
The Binding of Isaac (HKLM-x32\...\Steam App 113200) (Version:  - )
The Castle Doctrine (HKLM-x32\...\Steam App 249570) (Version:  - Jason Rohrer)
THE EPSILON PROGRAM (HKLM-x32\...\THE EPSILON PROGRAM_is1) (Version:  - THE EPSILON PROGRAM)
The Forest 1.0 (HKLM-x32\...\The Forest 1.0) (Version: 1.0 - Cat-A-Cat)
The Showdown Effect (HKLM-x32\...\Steam App 204080) (Version:  - )
Torchlight (HKLM-x32\...\Steam App 41500) (Version:  - Runic Games, Inc.)
Torrents Downloader (HKLM-x32\...\{6D9D814E-9605-11E2-80DC-95A26188709B}_is1) (Version: 0.1.2013.1008 - Peter Gordon Blue S.L.)
Total War ROME II (HKLM-x32\...\VG90YWxXYXJST01FSUk=_is1) (Version: 1 - )
Tribes: Ascend (HKLM-x32\...\Steam App 17080) (Version:  - )
Triscape FxFoto (HKLM-x32\...\TriscapeFxFoto) (Version:  - )
Tropico 4 1.00 (HKCU\...\Tropico 4) (Version: 1.00 - Kalypso Media)
Tropico 5 (HKLM-x32\...\Tropico 5_is1) (Version:  - )
Tunngle beta (HKLM-x32\...\Tunngle beta_is1) (Version:  - Tunngle.net GmbH)
Unity Web Player (HKCU\...\UnityWebPlayer) (Version:  - Unity Technologies ApS)
Update for  (KB2504637) (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}.KB2504637) (Version: 1 - Microsoft Corporation)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2878281) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PRJPROR_{302A8FE3-EBF5-486C-A431-16A1CD914443}) (Version:  - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2878281) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.VISIOR_{302A8FE3-EBF5-486C-A431-16A1CD914443}) (Version:  - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2878281) 32-Bit Edition (HKLM-x32\...\{91140000-0057-0000-0000-0000000FF1CE}_Office14.VISIOR_{302A8FE3-EBF5-486C-A431-16A1CD914443}) (Version:  - Microsoft)
Update for Microsoft Office 2007 Help for Common Features (KB963673) (HKLM-x32\...\{90120000-006E-0409-0000-0000000FF1CE}_ENTERPRISE_{AB365889-0395-4FAD-B702-CA5985D53D42}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{A024FC7B-77DE-45DE-A058-1C049A17BFB3}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition (HKLM-x32\...\{91140000-003B-0000-0000-0000000FF1CE}_Office14.PRJPROR_{DADF7E25-FFA4-4D02-BE84-1DAE62C18516}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition (HKLM-x32\...\{91140000-0057-0000-0000-0000000FF1CE}_Office14.VISIOR_{DADF7E25-FFA4-4D02-BE84-1DAE62C18516}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PRJPROR_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.VISIOR_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{91140000-003B-0000-0000-0000000FF1CE}_Office14.PRJPROR_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{91140000-0057-0000-0000-0000000FF1CE}_Office14.VISIOR_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition (HKLM-x32\...\{91140000-003B-0000-0000-0000000FF1CE}_Office14.PRJPROR_{287A1E92-9E41-4BC1-8920-B3D0E9220800}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition (HKLM-x32\...\{91140000-0057-0000-0000-0000000FF1CE}_Office14.VISIOR_{287A1E92-9E41-4BC1-8920-B3D0E9220800}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition (HKLM-x32\...\{91140000-003B-0000-0000-0000000FF1CE}_Office14.PRJPROR_{9D69691D-823D-4C3E-9B12-563A3F520366}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition (HKLM-x32\...\{91140000-0057-0000-0000-0000000FF1CE}_Office14.VISIOR_{9D69691D-823D-4C3E-9B12-563A3F520366}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PRJPROR_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.VISIOR_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{91140000-003B-0000-0000-0000000FF1CE}_Office14.PRJPROR_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{91140000-0057-0000-0000-0000000FF1CE}_Office14.VISIOR_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (HKLM-x32\...\{91140000-003B-0000-0000-0000000FF1CE}_Office14.PRJPROR_{5AA578BB-759C-40FD-9661-A737C0884541}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (HKLM-x32\...\{91140000-0057-0000-0000-0000000FF1CE}_Office14.VISIOR_{5AA578BB-759C-40FD-9661-A737C0884541}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2878225) 32-Bit Edition (HKLM-x32\...\{91140000-003B-0000-0000-0000000FF1CE}_Office14.PRJPROR_{EFF5EBA3-40AD-4859-85E7-3C1CF4F297EB}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2878225) 32-Bit Edition (HKLM-x32\...\{91140000-0057-0000-0000-0000000FF1CE}_Office14.VISIOR_{EFF5EBA3-40AD-4859-85E7-3C1CF4F297EB}) (Version:  - Microsoft)
Update for Microsoft Office Access 2007 Help (KB963663) (HKLM-x32\...\{90120000-0015-0409-0000-0000000FF1CE}_ENTERPRISE_{6B76A18A-AA1E-42AB-A7AD-6C84BBB43987}) (Version:  - Microsoft)
Update for Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0409-0000-0000000FF1CE}_ENTERPRISE_{199DF7B6-169C-448C-B511-1054101BE9C9}) (Version:  - Microsoft)
Update for Microsoft Office Infopath 2007 Help (KB963662) (HKLM-x32\...\{90120000-0044-0409-0000-0000000FF1CE}_ENTERPRISE_{716B81B8-B13C-41DF-8EAC-7A2F656CAB63}) (Version:  - Microsoft)
Update for Microsoft Office OneNote 2007 Help (KB963670) (HKLM-x32\...\{90120000-00A1-0409-0000-0000000FF1CE}_ENTERPRISE_{2744EF05-38E1-4D5D-B333-E021EDAEA245}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition (HKLM-x32\...\{90120000-001A-0409-0000-0000000FF1CE}_ENTERPRISE_{ED38F8A3-4F61-494E-8BCA-E3AC7760C924}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2863811) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{53DEC068-4690-4F6B-9946-7D21EF02236B}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 Help (KB963677) (HKLM-x32\...\{90120000-001A-0409-0000-0000000FF1CE}_ENTERPRISE_{0451F231-E3E3-4943-AB9F-58EB96171784}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2881065) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{B7EF38F7-1D58-4085-A9A4-0F6C69A5AA1E}) (Version:  - Microsoft)
Update for Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0409-0000-0000000FF1CE}_ENTERPRISE_{397B1D4F-ED7B-4ACA-A637-43B670843876}) (Version:  - Microsoft)
Update for Microsoft Office Publisher 2007 Help (KB963667) (HKLM-x32\...\{90120000-0019-0409-0000-0000000FF1CE}_ENTERPRISE_{2E40DE55-B289-4C8B-8901-5D369B16814F}) (Version:  - Microsoft)
Update for Microsoft Office Script Editor Help (KB963671) (HKLM-x32\...\{90120000-006E-0409-0000-0000000FF1CE}_ENTERPRISE_{CD11C6A2-FFC6-4271-8EAB-79C3582F505C}) (Version:  - Microsoft)
Update for Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0409-0000-0000000FF1CE}_ENTERPRISE_{80E762AA-C921-4839-9D7D-DB62A72C0726}) (Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PRJPROR_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.VISIOR_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version:  - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PRJPROR_{F9F5A080-AF38-4966-9A6B-C43DCA465035}) (Version:  - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.VISIOR_{F9F5A080-AF38-4966-9A6B-C43DCA465035}) (Version:  - Microsoft)
Update for Microsoft Visio 2010 (KB2880526) 32-Bit Edition (HKLM-x32\...\{90140000-0054-0409-0000-0000000FF1CE}_Office14.VISIOR_{A5659197-BDB5-467F-A71A-1B817DDD7BDD}) (Version:  - Microsoft)
Update for Microsoft Visio 2010 (KB2880526) 32-Bit Edition (HKLM-x32\...\{91140000-0057-0000-0000-0000000FF1CE}_Office14.VISIOR_{7B29D8B8-6A87-496C-A65E-B935E740448A}) (Version:  - Microsoft)
Update for Microsoft Visual Studio 2012 (KB2781514) (HKLM-x32\...\{3786efc1-59ff-4908-8cd6-dc85ec87209e}) (Version: 11.0.50727 - Microsoft Corporation)
Ventrilo Client for Windows x64 (HKLM\...\{EEB3F6BB-318D-4CE5-989F-8191FCBFB578}) (Version: 3.0.8.0 - Flagship Industries, Inc.)
VirtualCloneDrive (HKLM-x32\...\VirtualCloneDrive) (Version:  - Elaborate Bytes)
Visual Studio 2012 Prerequisites - ENU Language Pack (Version: 11.0.50727 - Microsoft Corporation) Hidden
Visual Studio 2012 Prerequisites (Version: 11.0.50727 - Microsoft Corporation) Hidden
Visual Studio Extensions for Windows Library for JavaScript (x32 Version: 1.0.8514.0 - Microsoft Corporation) Hidden
VLC media player 2.0.7 (HKLM-x32\...\VLC media player) (Version: 2.0.7 - VideoLAN)
Warframe (HKLM-x32\...\{49A5AEA6-92E1-46A8-8371-114F1CE2C2A6}) (Version: 1.0.0 - Digital Extremes)
Warframe (HKLM-x32\...\Steam App 230410) (Version:  - Digital Extremes)
WCF Data Services 5.0 (for OData v3) Primary Components (x32 Version: 5.0.50628.0 - Microsoft Corporation) Hidden
WCF Data Services Tools for Microsoft Visual Studio 2012 (x32 Version: 5.0.50710.0 - Microsoft Corporation) Hidden
WCF RIA Services V1.0 SP2 (HKLM-x32\...\{3A523AF9-D32F-4C85-8388-0335731F3405}) (Version: 4.1.61829.0 - Microsoft Corporation)
Welcome App (Start-up experience) (x32 Version: 12.0.15000 - Nero AG) Hidden
Welcome Center (HKLM-x32\...\Gateway Welcome Center) (Version: 1.02.3504 - Gateway Incorporated)
WildStar (HKLM-x32\...\WildStar) (Version:  - NCSOFT)
Winamp Detector Plug-in (HKCU\...\Winamp Detect) (Version: 1.0.0.1 - Nullsoft, Inc)
Windows App Certification Kit Native Components (Version: 8.59.25584 - Microsoft Corporation) Hidden
Windows App Certification Kit x64 (x32 Version: 8.59.25584 - Microsoft Corporation) Hidden
Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Messenger (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Remote Client (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Client Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Runtime Intellisense Content - en-us (x32 Version: 8.59.25584 - Microsoft Corporation) Hidden
Windows Software Development Kit (x32 Version: 8.59.25584 - Microsoft Corporation) Hidden
Windows Software Development Kit DirectX x64 Remote (Version: 8.59.25584 - Microsoft Corporation) Hidden
Windows Software Development Kit DirectX x86 Remote (x32 Version: 8.59.25584 - Microsoft Corporation) Hidden
Windows Software Development Kit for Windows Store Apps (x32 Version: 8.59.25584 - Microsoft Corporation) Hidden
Windows Software Development Kit for Windows Store Apps DirectX x64 Remote (Version: 8.59.25584 - Microsoft Corporation) Hidden
Windows Software Development Kit for Windows Store Apps DirectX x86 Remote (x32 Version: 8.59.25584 - Microsoft Corporation) Hidden
World of Tanks (HKLM-x32\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C812NA}_is1) (Version:  - Wargaming.net)
World of Warcraft (HKLM-x32\...\World of Warcraft) (Version:  - Blizzard Entertainment)
Xenonauts (HKLM-x32\...\GOGPACKXENONAUTS_is1) (Version: 2.0.0.5 - GOG.com)
Xfire (remove only) (HKLM-x32\...\Xfire) (Version:  - )
Zoner GIF Animator 5 (HKLM-x32\...\{2EE90F26-20B3-4423-81DE-E57E5D2E4FEF}) (Version: 5.0.3000.2 - ZONER software)

==================== Restore Points  =========================

06-07-2014 06:18:04 Installed Microsoft Fix it 50267

==================== Hosts content: ==========================

2009-07-13 19:34 - 2013-09-03 17:19 - 00000833 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {14018F38-7497-43FC-939B-79AAED78BFA0} - System32\Tasks\NBAgent => C:\Program Files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe
Task: {1C5113A8-3C8C-459C-9826-1DEA57F176C0} - System32\Tasks\DeviceDetector => C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe
Task: {5B9873F2-CFC8-43C2-BF6F-33BC1D9CE4C0} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-12-07] (Google Inc.)
Task: {73E58A56-E0F9-48C4-9378-EF2BE30A2936} - System32\Tasks\UALU notificatin => C:\Program Files\Gateway\Gateway Updater\UALU.exe [2012-02-06] (Acer Incorporated)
Task: {84C3FCF8-5D72-4AC2-BE40-7147C0E9FFA3} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {8B1CF951-F220-4DE9-863B-4044BBA49CCA} - System32\Tasks\Razer_Game_Booster_AutoUpdate => C:\Program Files (x86)\Razer\Razer Game Booster\AutoUpdate.exe [2012-11-13] () <==== ATTENTION
Task: {8CB08E0C-4806-41CA-A12F-1E5EF7F76A1E} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-06-29] (AVAST Software)
Task: {984DAF4D-7BA3-4AB5-8E83-A43393EA55EE} - System32\Tasks\AdobeAAMUpdater-1.0-Owner-PC-Owner => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2012-04-04] (Adobe Systems Incorporated)
Task: {A09D86A3-0CD9-404D-B3F8-63F1DEB3FC02} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-12-07] (Google Inc.)
Task: {B1E94A3E-ABFE-463F-9F02-6F4BBEEACA01} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-06-14] (Adobe Systems Incorporated)
Task: {DDDD22FE-A0B9-44EB-9241-5CA017126E9A} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2012-11-23] (Piriform Ltd)
Task: {E01CDD64-F0D4-41FA-9595-189C2FB8C20F} - \MySearchDial No Task File <==== ATTENTION
Task: {EE4A2DA2-C3E5-4BE6-B548-35FCF813893D} - System32\Tasks\Recovery Management\Burn Notification => C:\Program Files\Gateway\Gateway Recovery Management\NotificationCenter\Notification.exe [2011-06-17] (Acer)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2013-09-08 11:35 - 2013-09-08 11:35 - 00279464 _____ () C:\Program Files\Java\jre7\bin\jp2iexp.dll
2012-06-17 13:30 - 2014-03-04 06:05 - 00116056 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2012-11-13 22:53 - 2012-11-13 22:53 - 00139024 _____ () C:\Program Files (x86)\Razer\Razer Game Booster\GBV3ContextMenu.dll
2012-12-17 18:14 - 2012-12-17 18:14 - 00954848 _____ () C:\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll
2012-06-18 08:24 - 2012-06-18 08:24 - 00222720 _____ () C:\Program Files (x86)\Notepad++\NppShell_05.dll
2014-06-29 21:21 - 2014-06-29 21:21 - 00301152 _____ () C:\Program Files\AVAST Software\Avast\aswProperty.dll
2014-07-05 11:45 - 2014-07-05 11:45 - 02789888 _____ () C:\Program Files\AVAST Software\Avast\defs\14070501\algo.dll
2014-07-06 01:08 - 2014-07-06 01:08 - 02789888 _____ () C:\Program Files\AVAST Software\Avast\defs\14070600\algo.dll
2012-08-27 22:33 - 2012-08-27 22:33 - 00087912 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2012-08-27 22:33 - 2012-08-27 22:33 - 01242512 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2014-07-06 00:22 - 2014-07-06 00:22 - 00043008 _____ () c:\users\owner\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpe8lflx.dll
2013-08-23 12:01 - 2013-08-23 12:01 - 25100288 _____ () C:\Users\Owner\AppData\Roaming\Dropbox\bin\libcef.dll
2014-06-29 21:21 - 2014-06-29 21:21 - 19329904 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2013-01-11 19:24 - 2014-06-19 22:49 - 03852912 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2014-06-14 20:10 - 2014-06-14 20:10 - 17024688 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_125.dll

==================== Alternate Data Streams (whitelisted) =========


==================== Safe Mode (whitelisted) ===================

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WRkrn => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WRSVC => ""="Service"

==================== EXE Association (whitelisted) =============

HKU\S-1-5-21-688074385-1042068862-3521065105-1000\Software\Classes\exefile: "%1" %* <===== ATTENTION!

==================== MSCONFIG/TASK MANAGER disabled items =========

MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3
MSCONFIG\Services: Desura Install Service => 3
MSCONFIG\Services: GREGService => 2
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: HiPatchService => 2
MSCONFIG\Services: IAStorDataMgrSvc => 2
MSCONFIG\Services: iPod Service => 3
MSCONFIG\Services: Live Updater Service => 2
MSCONFIG\Services: LMS => 2
MSCONFIG\Services: MozillaMaintenance => 3
MSCONFIG\Services: NAUpdate => 2
MSCONFIG\Services: nvsvc => 2
MSCONFIG\Services: nvUpdatusService => 2
MSCONFIG\Services: SbieSvc => 2
MSCONFIG\Services: SkypeUpdate => 2
MSCONFIG\Services: Steam Client Service => 3
MSCONFIG\Services: Stereo Service => 2
MSCONFIG\Services: UNS => 2
MSCONFIG\startupfolder: C:^Users^Owner^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Start Freenet.lnk => C:\Windows\pss\Start Freenet.lnk.Startup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: Adobe Reader Speed Launcher => "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
MSCONFIG\startupreg: AdobeCS6ServiceManager => "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: CitrixReceiver => "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Citrix\Receiver Updater.lnk"
MSCONFIG\startupreg: COMODO => C:\Program Files\COMODO\COMODO GeekBuddy\CLPSLA.exe
MSCONFIG\startupreg: COMODO Internet Security => "C:\Program Files\COMODO\COMODO Internet Security\cfp.exe" -h
MSCONFIG\startupreg: ConnectionCenter => "C:\Program Files (x86)\Citrix\ICA Client\concentr.exe" /startup
MSCONFIG\startupreg: CPA => C:\Program Files\COMODO\COMODO GeekBuddy\VALA.exe
MSCONFIG\startupreg: GrooveMonitor => "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
MSCONFIG\startupreg: Hotkey Utility => C:\Program Files (x86)\Gateway\Hotkey Utility\HotkeyUtility.exe
MSCONFIG\startupreg: HotKeysCmds => C:\Windows\system32\hkcmd.exe
MSCONFIG\startupreg: IgfxTray => C:\Windows\system32\igfxtray.exe
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: Keyboard Inf. => C:\Users\Owner\AppData\Roaming\Macromedia\msdo.exe
MSCONFIG\startupreg: OOTag => C:\Program Files (x86)\Gateway\OOBEOffer\ootag.exe
MSCONFIG\startupreg: Persistence => C:\Windows\system32\igfxpers.exe
MSCONFIG\startupreg: PrivitizeVPN => C:\Program Files (x86)\PrivitizeVPN\PrivitizeVPN.exe /autorun
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: RemoteControl10 => "C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe"
MSCONFIG\startupreg: RtHDVCpl => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: Sweetpacks Communicator => C:\Program Files (x86)\SweetIM\Communicator\SweetPacksUpdateManager.exe
MSCONFIG\startupreg: SwitchBoard => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
MSCONFIG\startupreg: VirtualCloneDrive => "C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (07/06/2014 00:22:50 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/06/2014 00:20:22 AM) (Source: C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe) (EventID: 1) (User: )
Description: C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exeCan't get user token [1008]

Error: (07/05/2014 11:04:26 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (07/05/2014 11:04:23 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (07/05/2014 11:04:22 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (07/05/2014 10:58:20 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/05/2014 10:55:09 PM) (Source: Software Protection Platform Service) (EventID: 1001) (User: )
Description: The Software Protection service failed to start. hr=0x80070057
6.1.7601.17514

Error: (07/05/2014 10:54:01 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/05/2014 10:49:31 PM) (Source: C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe) (EventID: 1) (User: )
Description: C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exeCan't get user token [1008]

Error: (07/05/2014 10:31:43 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


System errors:
=============
Error: (07/06/2014 00:24:47 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Peer Networking Grouping service depends on the Peer Name Resolution Protocol service which failed to start because of the following error:
%%-2140993535

Error: (07/06/2014 00:24:47 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Peer Name Resolution Protocol service terminated with the following error:
%%-2140993535

Error: (07/06/2014 00:24:47 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Peer Networking Grouping service depends on the Peer Name Resolution Protocol service which failed to start because of the following error:
%%-2140993535

Error: (07/06/2014 00:24:47 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Peer Name Resolution Protocol service terminated with the following error:
%%-2140993535

Error: (07/06/2014 00:24:47 AM) (Source: PNRPSvc) (EventID: 102) (User: )
Description: 0x80630801

Error: (07/06/2014 00:24:47 AM) (Source: PNRPSvc) (EventID: 102) (User: )
Description: 0x80630801

Error: (07/06/2014 00:24:37 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Peer Networking Grouping service depends on the Peer Name Resolution Protocol service which failed to start because of the following error:
%%-2140993535

Error: (07/06/2014 00:24:37 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Peer Name Resolution Protocol service terminated with the following error:
%%-2140993535

Error: (07/06/2014 00:24:37 AM) (Source: PNRPSvc) (EventID: 102) (User: )
Description: 0x80630801

Error: (07/06/2014 00:22:00 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Power service terminated with the following error:
%%4203


Microsoft Office Sessions:
=========================
Error: (03/04/2013 08:35:35 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 96379 seconds with 5700 seconds of active time.  This session ended with a crash.


CodeIntegrity Errors:
===================================
  Date: 2014-07-05 20:20:14.186
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2014-07-05 20:20:14.139
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2012-09-05 03:56:37.472
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Sandboxie\SbieDrv.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2012-09-05 03:56:37.457
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Sandboxie\SbieDrv.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2012-09-05 03:56:17.981
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Sandboxie\SbieDrv.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2012-09-05 03:56:17.896
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Sandboxie\SbieDrv.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2012-09-05 03:24:09.825
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Sandboxie\SbieDrv.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2012-09-05 03:24:09.812
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Sandboxie\SbieDrv.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2012-09-05 03:23:56.325
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Sandboxie\SbieDrv.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2012-09-05 03:23:56.312
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Sandboxie\SbieDrv.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.


==================== Memory info ===========================

Percentage of memory in use: 40%
Total physical RAM: 8172.29 MB
Available physical RAM: 4886.51 MB
Total Pagefile: 16342.77 MB
Available Pagefile: 12757.86 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB

==================== Drives ================================

Drive c: (Gateway) (Fixed) (Total:917.41 GB) (Free:14.51 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 932 GB) (Disk ID: 95FC3324)
Partition 1: (Not Active) - (Size=14 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=917 GB) - (Type=07 NTFS)

==================== End Of Log ============================

Edited by hamluis, 06 July 2014 - 10:14 AM.


BC AdBot (Login to Remove)

 


#2 icotonev

icotonev

  • Security Colleague
  • 33 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Bulgaria
  • Local time:09:36 AM

Posted 06 July 2014 - 07:20 AM

icon11.gif Click Start > Run or press Windows Key + R copy/paste the following into the run box that opens and press OK:
c:\ComboFix.txt

Please include the following in your next post:

  • ComboFix log


#3 Neo160

Neo160
  • Topic Starter

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Local time:07:36 AM

Posted 06 July 2014 - 09:29 AM

ComboFix 14-07-03.01 - Owner 07/05/2014  23:31:55.2.4 - x64
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.1.1033.18.8172.6013 [GMT -7:00]
Running from: c:\users\Owner\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
FW: avast! Antivirus *Enabled* {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}
SP: avast! Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((((((   Other Deletions   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
---- Previous Run -------
.
C:\install.exe
c:\users\Melonkracker\AppData\Roaming\Origin
c:\users\Melonkracker\AppData\Roaming\Origin\local.xml
c:\users\Owner\AppData\Local\assembly\tmp
c:\users\Owner\AppData\Roaming\83bda38cc512c8e7280f00598c08acc62
c:\users\Owner\AppData\Roaming\Microsoft\msdo.exe
c:\users\Owner\AppData\Roaming\poclbm
c:\users\Owner\AppData\Roaming\poclbm\poclbm_scrypt.ini
c:\users\Owner\Documents\~WRL2485.tmp
c:\users\Owner\raidcall_v7.1.8.exe
c:\users\Owner\vlc-2.0.7-win32.exe
c:\windows\security\Database\tmp.edb
c:\windows\SysWow64\tmpB176.tmp
c:\windows\SysWow64\tmpB270.tmp
.
.
(((((((((((((((((((((((((   Files Created from 2014-06-06 to 2014-07-06  )))))))))))))))))))))))))))))))
.
.
2014-07-06 06:47 . 2014-07-06 06:47    --------    d-----w-    c:\users\Melonkracker\AppData\Local\temp
2014-07-06 06:47 . 2014-07-06 06:47    --------    d-----w-    c:\users\hedev\AppData\Local\temp
2014-07-06 06:47 . 2014-07-06 06:47    --------    d-----w-    c:\users\Family\AppData\Local\temp
2014-07-06 06:47 . 2014-07-06 06:47    --------    d-----w-    c:\users\Default\AppData\Local\temp
2014-07-06 06:32 . 2014-07-06 06:32    75888    ----a-w-    c:\programdata\Microsoft\Windows Defender\Definition Updates\{4EDC3A94-4145-47AE-9726-C12AB40EA04B}\offreg.dll
2014-07-06 05:36 . 2014-07-06 05:36    --------    d-----w-    c:\program files (x86)\Malwarebytes Anti-Malware
2014-07-06 05:36 . 2014-05-12 14:26    63704    ----a-w-    c:\windows\system32\drivers\mwac.sys
2014-07-06 05:36 . 2014-05-12 14:25    25816    ----a-w-    c:\windows\system32\drivers\mbam.sys
2014-07-06 04:51 . 2014-07-06 05:36    --------    d-----w-    c:\programdata\Malwarebytes
2014-07-06 04:51 . 2014-07-06 05:30    --------    d-----w-    c:\programdata\Malwarebytes' Anti-Malware (portable)
2014-07-06 04:51 . 2014-07-06 05:36    122584    ----a-w-    c:\windows\system32\drivers\MBAMSwissArmy.sys
2014-07-06 04:51 . 2014-05-12 14:26    91352    ----a-w-    c:\windows\system32\drivers\mbamchameleon.sys
2014-07-06 04:44 . 2014-07-06 04:44    --------    d-----w-    c:\program files (x86)\ESET
2014-07-06 03:52 . 2014-07-06 03:52    --------    d-----w-    c:\programdata\RogueKiller
2014-07-06 02:47 . 2010-08-30 15:34    536576    ----a-w-    c:\windows\SysWow64\sqlite3.dll
2014-07-06 02:47 . 2014-07-06 02:52    --------    d-----w-    C:\AdwCleaner
2014-07-05 12:34 . 2014-06-05 10:54    10779000    ----a-w-    c:\programdata\Microsoft\Windows Defender\Definition Updates\{4EDC3A94-4145-47AE-9726-C12AB40EA04B}\mpengine.dll
2014-07-01 17:13 . 2014-07-01 17:13    --------    d-----w-    c:\users\Owner\AppData\Roaming\Code Force Limited
2014-07-01 16:48 . 2014-07-01 16:48    --------    d-----w-    c:\program files (x86)\Slitherine Ltd
2014-07-01 05:09 . 2014-07-01 05:09    --------    d-----w-    c:\users\Owner\AppData\Roaming\PlayFirst
2014-07-01 05:09 . 2014-07-01 05:09    --------    d-----w-    c:\programdata\PlayFirst
2014-06-30 04:21 . 2014-06-30 04:21    28184    ----a-w-    c:\windows\system32\drivers\aswKbd.sys
2014-06-30 04:21 . 2014-06-30 04:21    43152    ----a-w-    c:\windows\avastSS.scr
2014-06-30 04:21 . 2014-06-30 04:21    448400    ----a-w-    c:\windows\system32\drivers\aswNdisFlt.sys
2014-06-27 09:16 . 2014-06-27 09:16    --------    d-----w-    c:\users\Owner\AppData\Roaming\Yacht Club Games
2014-06-18 05:09 . 2014-06-18 05:09    --------    d-----w-    c:\users\Owner\AppData\Local\Smellyriver
2014-06-17 02:05 . 2013-11-23 18:26    417792    ----a-w-    c:\windows\SysWow64\WMPhoto.dll
2014-06-17 02:05 . 2013-11-23 17:47    465920    ----a-w-    c:\windows\system32\WMPhoto.dll
2014-06-17 02:05 . 2014-01-09 02:22    5694464    ----a-w-    c:\windows\SysWow64\mstscax.dll
2014-06-17 02:05 . 2014-01-03 22:44    6574592    ----a-w-    c:\windows\system32\mstscax.dll
2014-06-17 02:04 . 2014-05-08 09:32    16384    ----a-w-    c:\windows\system32\RdpGroupPolicyExtension.dll
2014-06-17 02:04 . 2014-05-08 09:32    3178496    ----a-w-    c:\windows\system32\rdpcorets.dll
2014-06-17 02:04 . 2013-12-24 23:09    1987584    ----a-w-    c:\windows\SysWow64\d3d10warp.dll
2014-06-17 02:04 . 2013-12-24 22:48    2565120    ----a-w-    c:\windows\system32\d3d10warp.dll
2014-06-17 02:04 . 2013-11-22 22:48    3928064    ----a-w-    c:\windows\system32\d2d1.dll
2014-06-17 02:04 . 2014-02-04 02:32    1424384    ----a-w-    c:\windows\system32\WindowsCodecs.dll
2014-06-17 02:04 . 2014-02-04 02:04    1230336    ----a-w-    c:\windows\SysWow64\WindowsCodecs.dll
2014-06-17 02:04 . 2013-11-26 08:16    3419136    ----a-w-    c:\windows\SysWow64\d2d1.dll
2014-06-16 17:18 . 2014-06-16 17:18    --------    d-----w-    c:\program files (x86)\Doom Warrior
2014-06-14 21:07 . 2014-06-14 21:07    --------    d-----w-    c:\users\Family\AppData\Roaming\AVAST Software
2014-06-14 10:03 . 2014-06-14 10:03    --------    d-s---w-    c:\windows\system32\CompatTel
2014-06-14 03:15 . 2014-06-14 03:15    --------    d-----w-    c:\users\Owner\AppData\Roaming\com.blinkworks.IGTM
2014-06-14 02:15 . 2014-06-14 02:25    --------    d-----w-    c:\windows\system32\MRT
2014-06-14 02:11 . 2013-05-10 04:30    167424    ----a-w-    c:\program files\Windows Media Player\wmplayer.exe
2014-06-14 02:11 . 2013-05-10 03:48    164864    ----a-w-    c:\program files (x86)\Windows Media Player\wmplayer.exe
2014-06-14 02:11 . 2013-05-10 05:56    12625920    ----a-w-    c:\windows\system32\wmploc.DLL
2014-06-14 02:11 . 2013-05-10 04:56    12625408    ----a-w-    c:\windows\SysWow64\wmploc.DLL
2014-06-14 02:11 . 2013-05-10 05:56    14631424    ----a-w-    c:\windows\system32\wmp.dll
2014-06-14 02:01 . 2014-06-14 02:01    --------    d-----w-    c:\windows\Migration
2014-06-14 01:57 . 2013-10-15 01:00    28368    ----a-w-    c:\windows\system32\IEUDINIT.EXE
2014-06-14 01:48 . 2013-10-02 01:10    44544    ----a-w-    c:\windows\system32\TsUsbGDCoInstaller.dll
2014-06-14 01:31 . 2012-08-23 14:10    19456    ----a-w-    c:\windows\system32\drivers\rdpvideominiport.sys
2014-06-14 01:31 . 2012-08-23 14:08    30208    ----a-w-    c:\windows\system32\drivers\TsUsbGD.sys
2014-06-14 01:31 . 2012-08-23 14:13    243200    ----a-w-    c:\windows\system32\rdpudd.dll
2014-06-14 01:31 . 2012-08-23 11:12    192000    ----a-w-    c:\windows\SysWow64\rdpendp_winip.dll
2014-06-14 01:31 . 2012-08-23 10:51    228864    ----a-w-    c:\windows\system32\rdpendp_winip.dll
2014-06-14 00:58 . 2013-05-10 05:49    30720    ----a-w-    c:\windows\system32\cryptdlg.dll
2014-06-14 00:57 . 2014-03-04 09:47    5550016    ----a-w-    c:\windows\system32\ntoskrnl.exe
2014-06-14 00:56 . 2014-06-08 09:13    506368    ----a-w-    c:\windows\system32\aepdu.dll
2014-06-14 00:56 . 2014-06-08 09:08    424448    ----a-w-    c:\windows\system32\aeinv.dll
2014-06-14 00:56 . 2014-04-05 02:47    1903552    ----a-w-    c:\windows\system32\drivers\tcpip.sys
2014-06-14 00:56 . 2014-04-05 02:47    288192    ----a-w-    c:\windows\system32\drivers\FWPKCLNT.SYS
2014-06-14 00:56 . 2013-11-26 11:40    376768    ----a-w-    c:\windows\system32\drivers\netio.sys
2014-06-14 00:56 . 2013-06-15 04:32    39936    ----a-w-    c:\windows\system32\drivers\tssecsrv.sys
2014-06-14 00:56 . 2014-03-25 02:43    14175744    ----a-w-    c:\windows\system32\shell32.dll
2014-06-14 00:55 . 2013-07-26 02:24    197120    ----a-w-    c:\windows\system32\shdocvw.dll
2014-06-14 00:55 . 2013-10-04 02:24    1930752    ----a-w-    c:\windows\system32\authui.dll
2014-06-14 00:55 . 2013-10-04 02:28    190464    ----a-w-    c:\windows\system32\SmartcardCredentialProvider.dll
2014-06-14 00:55 . 2013-10-04 02:25    197120    ----a-w-    c:\windows\system32\credui.dll
2014-06-14 00:55 . 2013-10-04 01:58    152576    ----a-w-    c:\windows\SysWow64\SmartcardCredentialProvider.dll
2014-06-14 00:55 . 2013-10-04 01:56    168960    ----a-w-    c:\windows\SysWow64\credui.dll
2014-06-14 00:55 . 2013-10-04 01:56    1796096    ----a-w-    c:\windows\SysWow64\authui.dll
2014-06-14 00:53 . 2013-05-13 03:43    1192448    ----a-w-    c:\windows\system32\certutil.exe
2014-06-14 00:53 . 2013-05-13 03:08    903168    ----a-w-    c:\windows\SysWow64\certutil.exe
2014-06-14 00:53 . 2013-05-13 05:50    52224    ----a-w-    c:\windows\system32\certenc.dll
2014-06-14 00:53 . 2013-05-13 03:08    43008    ----a-w-    c:\windows\SysWow64\certenc.dll
2014-06-14 00:51 . 2013-10-30 02:32    335360    ----a-w-    c:\windows\system32\msieftp.dll
2014-06-14 00:50 . 2014-03-26 14:44    2002432    ----a-w-    c:\windows\system32\msxml6.dll
2014-06-14 00:41 . 2013-08-28 01:12    461312    ----a-w-    c:\windows\system32\scavengeui.dll
2014-06-13 23:58 . 2014-06-13 23:58    --------    d-----w-    c:\users\Owner\AppData\Roaming\AVAST Software
2014-06-13 23:58 . 2014-07-04 16:21    427360    ----a-w-    c:\windows\system32\drivers\aswsp.sys
2014-06-13 23:58 . 2014-06-30 04:21    92008    ----a-w-    c:\windows\system32\drivers\aswstm.sys
2014-06-13 23:58 . 2014-06-30 04:21    224896    ----a-w-    c:\windows\system32\drivers\aswVmm.sys
2014-06-13 23:58 . 2014-06-30 04:21    65776    ----a-w-    c:\windows\system32\drivers\aswRvrt.sys
2014-06-13 23:58 . 2014-06-30 04:21    1041168    ----a-w-    c:\windows\system32\drivers\aswsnx.sys
2014-06-13 23:58 . 2014-06-30 04:21    93568    ----a-w-    c:\windows\system32\drivers\aswRdr2.sys
2014-06-13 23:58 . 2014-06-30 04:21    79184    ----a-w-    c:\windows\system32\drivers\aswMonFlt.sys
2014-06-13 23:58 . 2014-06-30 04:21    29208    ----a-w-    c:\windows\system32\drivers\aswHwid.sys
2014-06-13 23:58 . 2014-06-30 04:21    307344    ----a-w-    c:\windows\system32\aswBoot.exe
2014-06-13 23:57 . 2014-06-13 23:57    --------    d-----w-    c:\program files\AVAST Software
2014-06-13 23:54 . 2014-06-13 23:54    --------    d-----w-    c:\programdata\AVAST Software
2014-06-08 09:21 . 2014-06-08 09:21    --------    d-----w-    c:\users\Owner\AppData\Roaming\MKKE
2014-06-08 09:17 . 2014-06-08 09:18    --------    d-----w-    c:\program files (x86)\Mortal Kombat Complete Edition
2014-06-08 09:01 . 2014-06-08 09:01    --------    d-----w-    c:\users\Owner\AppData\Roaming\The Creative Assembly
2014-06-08 08:31 . 2014-06-08 09:02    --------    d-----w-    c:\program files (x86)\Total War ROME II
.
.
.
((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-06-15 03:10 . 2012-06-18 00:14    699056    ----a-w-    c:\windows\SysWow64\FlashPlayerApp.exe
2014-06-15 03:10 . 2011-10-27 10:51    71344    ----a-w-    c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-06-02 00:17 . 2012-06-17 21:05    95414520    ----a-w-    c:\windows\system32\MRT.exe
.
.
------- Sigcheck -------
Note: Unsigned files aren't necessarily malware.
.
[7] 2010-11-21 . 5C627D1B1138676C0A7AB2C2C190D123 . 512000 . . [6.1.7601.17514] .. c:\windows\winsxs\amd64_microsoft-windows-com-base-qfe-rpcss_31bf3856ad364e35_6.1.7601.17514_none_c7f0e16b547f887d\rpcss.dll
[-] 2010-11-21 . 852B6FB865EC42D1DB310B1AFD1A9FB3 . 528384 . . [6.1.7601.17514] .. c:\windows\system32\rpcss.dll
.
(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-10 23:54    131248    ----a-w-    c:\users\Owner\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-10 23:54    131248    ----a-w-    c:\users\Owner\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-10 23:54    131248    ----a-w-    c:\users\Owner\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"PeerBlock"="c:\program files\PeerBlock\peerblock.exe" [2010-11-07 2646128]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-11-21 959904]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2013-09-14 59720]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2013-09-18 152392]
"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2014-06-30 4086432]
.
c:\users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dropbox.lnk - c:\users\Owner\AppData\Roaming\Dropbox\bin\Dropbox.exe /systemstartup [2014-5-19 33322312]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
"EnableLinkedConnections"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
R2 aswStm;aswStm;c:\windows\system32\drivers\aswStm.sys;c:\windows\SYSNATIVE\drivers\aswStm.sys [x]
R2 BBSvc;BingBar Service;c:\program files (x86)\Microsoft\BingBar\7.1.362.0\BBSvc.exe;c:\program files (x86)\Microsoft\BingBar\7.1.362.0\BBSvc.exe [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 CorsairCAHS1;CA-HS1 Interface;c:\windows\system32\drivers\CAHS164.sys;c:\windows\SYSNATIVE\drivers\CAHS164.sys [x]
R3 Desura Install Service;Desura Install Service;c:\program files (x86)\Common Files\Desura\desura_service.exe;c:\program files (x86)\Common Files\Desura\desura_service.exe [x]
R3 EagleX64;EagleX64;c:\windows\system32\drivers\EagleX64.sys;c:\windows\SYSNATIVE\drivers\EagleX64.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 IntcDAud;Intel® Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
R3 MotioninJoyXFilter;MotioninJoy Virtual Xinput device Filter Driver;c:\windows\system32\DRIVERS\MijXfilt.sys;c:\windows\SYSNATIVE\DRIVERS\MijXfilt.sys [x]
R3 npggsvc;nProtect GameGuard Service;c:\windows\system32\GameMon.des;c:\windows\SYSNATIVE\GameMon.des [x]
R3 pbfilter;pbfilter;c:\program files\PeerBlock\pbfilter.sys;c:\program files\PeerBlock\pbfilter.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
R3 SwitchBoard;Adobe SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [x]
R3 Te.Service;Te.Service;c:\program files (x86)\Windows Kits\8.0\Testing\Runtimes\TAEF\Wex.Services.exe;c:\program files (x86)\Windows Kits\8.0\Testing\Runtimes\TAEF\Wex.Services.exe [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 TunngleService;TunngleService;c:\program files (x86)\Tunngle\TnglCtrl.exe;c:\program files (x86)\Tunngle\TnglCtrl.exe [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R3 WinRing0_1_2_0;WinRing0_1_2_0;c:\program files (x86)\Razer\Razer Game Booster\Driver\WinRing0x64.sys;c:\program files (x86)\Razer\Razer Game Booster\Driver\WinRing0x64.sys [x]
R4 GREGService;GREGService;c:\program files (x86)\Gateway\Registration\GREGsvc.exe;c:\program files (x86)\Gateway\Registration\GREGsvc.exe [x]
R4 HiPatchService;Hi-Rez Studios Authenticate and Update Service;c:\program files (x86)\Hi-Rez Studios\HiPatchService.exe;c:\program files (x86)\Hi-Rez Studios\HiPatchService.exe [x]
R4 IAStorDataMgrSvc;Intel® Rapid Storage Technology;c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe;c:\program files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [x]
R4 Live Updater Service;Live Updater Service;c:\program files\Gateway\Gateway Updater\UpdaterService.exe;c:\program files\Gateway\Gateway Updater\UpdaterService.exe [x]
R4 UNS;Intel® Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [x]
R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe;c:\program files\Windows Live\Mesh\wlcrasvc.exe [x]
S0 aswNdisFlt;Avast! Firewall Driver;c:\windows\system32\DRIVERS\aswNdisFlt.sys;c:\windows\SYSNATIVE\DRIVERS\aswNdisFlt.sys [x]
S0 aswRvrt;avast! Revert; [x]
S0 aswVmm;avast! VM Monitor; [x]
S1 aswKbd;aswKbd;c:\windows\system32\drivers\aswKbd.sys;c:\windows\SYSNATIVE\drivers\aswKbd.sys [x]
S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys;c:\windows\SYSNATIVE\drivers\aswSnx.sys [x]
S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys;c:\windows\SYSNATIVE\drivers\aswSP.sys [x]
S1 ctxusbm;Citrix USB Monitor Driver;c:\windows\system32\DRIVERS\ctxusbm.sys;c:\windows\SYSNATIVE\DRIVERS\ctxusbm.sys [x]
S2 aswHwid;avast! HardwareID;c:\windows\system32\drivers\aswHwid.sys;c:\windows\SYSNATIVE\drivers\aswHwid.sys [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]
S2 avast! Firewall;avast! Firewall;c:\program files\AVAST Software\Avast\afwServ.exe;c:\program files\AVAST Software\Avast\afwServ.exe [x]
S2 NAUpdate;Nero Update;c:\program files (x86)\Nero\Update\NASvc.exe;c:\program files (x86)\Nero\Update\NASvc.exe [x]
S2 NvNetworkService;NVIDIA Network Service;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [x]
S2 NvStreamSvc;NVIDIA Streamer Service;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [x]
S2 PDF Architect Helper Service;PDF Architect Helper Service;c:\program files (x86)\PDF Architect\HelperService.exe;c:\program files (x86)\PDF Architect\HelperService.exe [x]
S2 PDF Architect Service;PDF Architect Service;c:\program files (x86)\PDF Architect\ConversionService.exe;c:\program files (x86)\PDF Architect\ConversionService.exe [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S3 BBUpdate;BBUpdate;c:\program files (x86)\Microsoft\BingBar\7.1.362.0\SeaPort.exe;c:\program files (x86)\Microsoft\BingBar\7.1.362.0\SeaPort.exe [x]
S3 EtronHub3;Etron USB 3.0 Extensible Hub Driver;c:\windows\system32\Drivers\EtronHub3.sys;c:\windows\SYSNATIVE\Drivers\EtronHub3.sys [x]
S3 EtronXHCI;Etron USB 3.0 Extensible Host Controller Driver;c:\windows\system32\Drivers\EtronXHCI.sys;c:\windows\SYSNATIVE\Drivers\EtronXHCI.sys [x]
S3 netr28x;Ralink 802.11n Extensible Wireless Driver;c:\windows\system32\DRIVERS\netr28x.sys;c:\windows\SYSNATIVE\DRIVERS\netr28x.sys [x]
S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x]
S3 tap0901t;TAP-Win32 Adapter V9 (Tunngle);c:\windows\system32\DRIVERS\tap0901t.sys;c:\windows\SYSNATIVE\DRIVERS\tap0901t.sys [x]
.
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - ASWMBR
*Deregistered* - aswMBR
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-06-14 00:44    1091912    ----a-w-    c:\program files (x86)\Google\Chrome\Application\35.0.1916.153\Installer\chrmstp.exe
.
Contents of the 'Scheduled Tasks' folder
.
2014-07-06 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-06-18 03:10]
.
2014-07-06 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-12-08 01:53]
.
2014-07-06 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2012-12-08 01:53]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2014-06-30 04:21    634872    ----a-w-    c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-10 23:54    164016    ----a-w-    c:\users\Owner\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-10 23:54    164016    ----a-w-    c:\users\Owner\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-10 23:54    164016    ----a-w-    c:\users\Owner\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-10 23:54    164016    ----a-w-    c:\users\Owner\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2012-04-04 446392]
"Nvtmru"="c:\program files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe" [2013-11-08 1028384]
"ShadowPlay"="c:\windows\system32\nvspcap64.dll" [2013-12-10 1100248]
"NvBackend"="c:\program files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" [2013-12-10 2279712]
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.google.com
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~4\Office12\EXCEL.EXE/3000
Trusted Zone: clonewarsadventures.com
Trusted Zone: freerealms.com
Trusted Zone: soe.com
Trusted Zone: sony.com
TCP: DhcpNameServer = 192.168.1.1 68.238.64.12
TCP: Interfaces\{E6D99105-EA10-4CCF-B8B5-4544C6D44705}: NameServer = 8.26.56.26,156.154.70.22
FF - ProfilePath - c:\users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\6w55vip2.default\
FF - prefs.js: browser.search.defaulturl -
FF - prefs.js: browser.startup.homepage - hxxps://thepiratebay.se/
.
- - - - ORPHANS REMOVED - - - -
.
Toolbar-Locked - (no file)
Wow6432Node-HKCU-Run-AdobeBridge - (no file)
SafeBoot-25947335.sys
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
Toolbar-Locked - (no file)
AddRemove-GOGPACKSIRYOUAREBEINGHUNTED_is1 - c:\gog games\Sir
AddRemove-Papers Please_is1 - c:\users\Owner\Downloads\Papers
AddRemove-PunkBusterSvc - c:\program files (x86)\Steam\steamapps\common\Red Orchestra 2\Binaries\Win32\pbsvc_hos.exe
AddRemove-WildStar - c:\program files (x86)\NCSOFT\WildStar\Wildstar.exe
AddRemove-{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF1FC} - c:\program files (x86)\hi-rez studios\HiRezGamesDiagAndSupport.exe
.
.
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\npggsvc]
"ImagePath"="c:\windows\system32\GameMon.des -service"
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\Approved Extensions]
@Denied: (2) (LocalSystem)
"{9030D464-4C02-4ABF-8ECC-5164760863C6}"=hex:51,66,7a,6c,4c,1d,38,12,0a,d7,23,
   94,30,02,d1,0f,f1,da,12,24,73,56,27,d2
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\ApprovedExtensionsMigration]
@Denied: (2) (LocalSystem)
"Timestamp"=hex:95,0e,79,15,05,62,cd,01
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\User Preferences]
@Denied: (2) (LocalSystem)
"88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15,
   d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,a9,9a,ae,db,0f,a3,b6,4d,91,66,b6,\
"2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15,
   d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,a9,9a,ae,db,0f,a3,b6,4d,91,66,b6,\
.
[HKEY_USERS\S-1-5-21-688074385-1042068862-3521065105-1000\Software\SecuROM\License information*]
"datasecu"=hex:6e,dc,ca,da,7c,25,4c,1e,ce,ab,9a,7f,f8,7f,25,4a,08,4a,ef,e5,98,
   53,ba,5e,87,40,8c,c6,ca,04,0e,00,4c,2c,0a,6e,0a,a7,93,48,c6,ac,05,60,0c,15,\
"rkeysecu"=hex:2c,e2,ed,78,45,48,ed,1f,96,b7,b4,d0,b6,00,1d,06
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_146_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_5_502_146_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_5_502_146_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_5_502_146_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_146.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_146.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_146.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_5_502_146.ocx, 1"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2014-07-05  23:51:01
ComboFix-quarantined-files.txt  2014-07-06 06:51
.
Pre-Run: 16,283,897,856 bytes free
Post-Run: 15,939,194,880 bytes free
.
- - End Of File - - 52BE1A88865F2574060597EDE5B28AA2
 



#4 icotonev

icotonev

  • Security Colleague
  • 33 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Bulgaria
  • Local time:09:36 AM

Posted 06 July 2014 - 10:13 AM

Start  again  FRST.

 

  • Write the following text into the Search:
rpcss.dll
  • Click on the Search File(s) button.
  • When the search is finished a log file (Search.txt) is save on your flash drive.
  • Copy and paste it in your next reply.

 

Mod Edit:  Topic moved to MRL forum - Hamluis.


Edited by hamluis, 06 July 2014 - 10:25 AM.


#5 Neo160

Neo160
  • Topic Starter

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Local time:07:36 AM

Posted 06 July 2014 - 10:42 AM

Farbar Recovery Scan Tool (x64) Version: 05-07-2014 01
Ran by Owner at 2014-07-06 08:38:00
Running from C:\Users\Owner\Desktop
Boot Mode: Normal

================== Search Files: "rpcss.dll" =============

C:\Windows\winsxs\amd64_microsoft-windows-com-base-qfe-rpcss_31bf3856ad364e35_6.1.7601.17514_none_c7f0e16b547f887d\rpcss.dll
[2010-11-20 20:24][2010-11-20 20:24] 0512000 ____A (Microsoft Corporation) 5C627D1B1138676C0A7AB2C2C190D123 [File is signed]

C:\Windows\System32\rpcss.dll
[2010-11-20 20:24][2010-11-20 20:24] 0528384 ____A (Microsoft Corporation) 852B6FB865EC42D1DB310B1AFD1A9FB3

====== End Of Search ======



#6 B-boy/StyLe/

B-boy/StyLe/

    Bleepin' Freestyler


  • Malware Response Team
  • 8,307 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Bulgaria
  • Local time:09:36 AM

Posted 06 July 2014 - 01:03 PM

Hello,

 

Since the topic was moved from "Am I infected" to this one (Virus, Trojan, Spyware, and Malware Removal Logs) then I'll continue helping you out over here.

 

Please download the latest version of FRST from the link below and run a new scan with it. Make sure that Addition.txt is checked before you proceed with the Scan.

 

http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/

 

Post the logs in your next reply.

 

 

Regards,

Georgi


cXfZ4wS.png


#7 Neo160

Neo160
  • Topic Starter

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Local time:07:36 AM

Posted 06 July 2014 - 01:22 PM

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 05-07-2014 01
Ran by Owner (administrator) on OWNER-PC on 06-07-2014 11:19:55
Running from C:\Users\Owner\Desktop
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(SANDBOXIE L.T.D) C:\Program Files\Sandboxie\SbieSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\afwServ.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\VS7DEBUG\mdm.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(pdfforge GbR) C:\Program Files (x86)\PDF Architect\HelperService.exe
(pdfforge GbR) C:\Program Files (x86)\PDF Architect\ConversionService.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
(Dropbox, Inc.) C:\Users\Owner\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.1.362.0\SeaPort.EXE
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_14_0_0_125.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_14_0_0_125.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [Nvtmru] => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe [1028384 2013-11-08] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\nvspcap64.dll [1100248 2013-12-09] (NVIDIA Corporation)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2279712 2013-12-09] (NVIDIA Corporation)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-09-17] (Apple Inc.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [4086432 2014-06-29] (AVAST Software)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-688074385-1042068862-3521065105-1000\...\Run: [PeerBlock] => C:\Program Files\PeerBlock\peerblock.exe [2646128 2010-11-06] (PeerBlock, LLC)
HKU\S-1-5-21-688074385-1042068862-3521065105-1000\...\Policies\system: [LogonHoursAction] 2
HKU\S-1-5-21-688074385-1042068862-3521065105-1000\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
Startup: C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Owner\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
ShellIconOverlayIdentifiers: 00avast -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
ShellIconOverlayIdentifiers: DropboxExt1 -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: DropboxExt2 -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: DropboxExt3 -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: DropboxExt4 -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers-x32: DropboxExt1 -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers-x32: DropboxExt2 -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers-x32: DropboxExt3 -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers-x32: Groove Explorer Icon Overlay 1 (GFS Unread Stub) -> {99FD978C-D287-4F50-827F-B2C658EDA8E7} => C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: Groove Explorer Icon Overlay 2 (GFS Stub) -> {AB5C5600-7E6E-4B06-9197-9ECEF74D31CC} => C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: Groove Explorer Icon Overlay 2.5 (GFS Unread Folder) -> {920E6DB1-9907-4370-B3A0-BAFC03D81399} => C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: Groove Explorer Icon Overlay 3 (GFS Folder) -> {16F3DD56-1AF5-4347-846D-7C10C4192619} => C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: Groove Explorer Icon Overlay 4 (GFS Unread Mark) -> {2916C86E-86A6-43FE-8112-43ABE6BF8DCC} => C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
GroupPolicyUsers\S-1-5-21-688074385-1042068862-3521065105-1006\User: Group Policy restriction detected <======= ATTENTION
GroupPolicyUsers\S-1-5-21-688074385-1042068862-3521065105-1005\User: Group Policy restriction detected <======= ATTENTION

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 - DefaultScope value is missing.
SearchScopes: HKLM-x32 - {2D630589-DC33-C5FD-CD29-16B8D2371F81} URL =
SearchScopes: HKLM-x32 - {9ACB459A-40B1-4819-A754-8512D452BB66} URL = http://search.sweetim.com/search.asp?src=6&q={searchTerms}&crg=3.1010000.10005&barid={CCEF7D6B-3D0B-11E2-96C0-E840F2683643}
SearchScopes: HKLM-x32 - {D0D37FEA-61D5-4BE1-96E1-36C44A7E73A8 URL = http://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=dnld2msd&cd=2XzuyEtN2Y1L1Qzu0EzzyEtD0FtByCzztAyCyEtA0EtAzztAtN0D0Tzu0CyCtCyBtN1L2XzutBtFtBtFyEtFyBtAtCtN1L1Czu1Q1G1I1Q1H1B1Q&cr=998810204&ir=
SearchScopes: HKCU - {539E4BE0-507E-5C33-5E55-7AED3C9E2DB8} URL =
SearchScopes: HKCU - {8EEAC88A-079B-4b2c-80C1-7836F79EB40A} URL = http://us.yhs4.search.yahoo.com/yhs/search?hspart=w3i&hsimp=yhs-ri1_trans&p={searchterms}&type=W3i_DS,136,0_0,Search,20140208,19704,0,85,5275
SearchScopes: HKCU - {9ACB459A-40B1-4819-A754-8512D452BB66} URL = http://search.sweetim.com/search.asp?src=6&q={searchTerms}&crg=3.1010000.10005&barid={CCEF7D6B-3D0B-11E2-96C0-E840F2683643}
SearchScopes: HKCU - {D0D37FEA-61D5-4BE1-96E1-36C44A7E73A8 URL = http://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=dnld2msd&cd=2XzuyEtN2Y1L1Qzu0EzzyEtD0FtByCzztAyCyEtA0EtAzztAtN0D0Tzu0CyCtCyBtN1L2XzutBtFtBtFyEtFyBtAtCtN1L1Czu1Q1G1I1Q1H1B1Q&cr=998810204&ir=
SearchScopes: HKCU - {D0D37FEA-61D5-4BE1-96E1-36C44A7E73A8} URL = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3287806&CUI=UN80223329523987484&UM=2
BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: PDF Architect Helper - {3A2D5EBA-F86D-4BD3-A177-019765996711} - C:\Program Files (x86)\PDF Architect\PDFIEHelper.dll (pdfforge GbR)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO-x32: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Microsoft Web Test Recorder 10.0 Helper - {876d9f09-c6d6-4324-a2cc-04dd9a4de12f} - C:\Program Files (x86)\Microsoft Visual Studio 11.0\Common7\IDE\PrivateAssemblies\Microsoft.VisualStudio.QualityTools.RecorderBarBHO100.dll (Microsoft Corporation)
BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.362.0\BingExt.dll (Microsoft Corporation.)
BHO-x32: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.1.362.0\BingExt.dll (Microsoft Corporation.)
Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Filter: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File
Filter: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File
Filter: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File
Filter: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File
Filter: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File
Filter: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File
Filter: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File
Filter: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File
Filter: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File
Filter: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File
Filter: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File
Filter: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File
Filter: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File
Filter: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File
Filter: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File
Filter: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File
Filter-x32: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File
Filter-x32: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File
Filter-x32: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File
Filter-x32: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File
Filter-x32: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File
Filter-x32: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File
Filter-x32: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File
Filter-x32: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File
Filter-x32: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File
Filter-x32: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File
Filter-x32: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File
Filter-x32: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File
Filter-x32: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File
Filter-x32: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File
Filter-x32: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File
Filter-x32: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 68.238.64.12
Tcpip\..\Interfaces\{E6D99105-EA10-4CCF-B8B5-4544C6D44705}: [NameServer]8.26.56.26,156.154.70.22

FireFox:
========
FF ProfilePath: C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\6w55vip2.default
FF Homepage: https://thepiratebay.se/
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_125.dll ()
FF Plugin: @java.com/DTPlugin,version=10.25.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_125.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @Citrix.com/npican - C:\Program Files (x86)\Citrix\ICA Client\npicaN.dll No File
FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~4\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @Nero.com/KM - C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL (Nero AG)
FF Plugin-x32: @nexon.net/NxGame - C:\ProgramData\NexonUS\NGM\npNxGameUS.dll No File
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @raidcall.en/RCplugin - C:\Users\Owner\AppData\Roaming\raidcall\plugins\nprcplugin.dll (Raidcall)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.7 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\Owner\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin HKCU: ubisoft.com/uplaypc - C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll No File
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\NPFxViewer.dll ()
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin6.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin7.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npwachk.dll (Nullsoft, Inc.)
FF SearchPlugin: C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\6w55vip2.default\searchplugins\Startpins.xml
FF Extension: ProxTube - Unblock YouTube - C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\6w55vip2.default\Extensions\ich@maltegoetz.de [2013-12-11]
FF Extension: Ghostery - C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\6w55vip2.default\Extensions\firefox@ghostery.com.xpi [2014-04-20]
FF Extension: MEGA - C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\6w55vip2.default\Extensions\firefox@mega.co.nz.xpi [2013-11-30]
FF Extension: YouTube to MP3 Button - C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\6w55vip2.default\Extensions\flvto@hotger.com.xpi [2013-03-28]
FF Extension: Ez Magnetz - C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\6w55vip2.default\Extensions\jid0-hEo9PFAuKveAlwkQpAvV5BhJsWE@jetpack.xpi [2013-06-25]
FF Extension: Status-4-Evar - C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\6w55vip2.default\Extensions\status4evar@caligonstudios.com.xpi [2012-06-17]
FF Extension: Session Manager - C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\6w55vip2.default\Extensions\{1280606b-2510-4fe0-97ef-9b5a22eafe30}.xpi [2012-08-11]
FF Extension: ReloadEvery - C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\6w55vip2.default\Extensions\{888d99e7-e8b5-46a3-851e-1ec45da1e644}.xpi [2012-10-15]
FF Extension: FlashResizer - C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\6w55vip2.default\Extensions\{C6F77964-B0B5-4953-A144-93051184EC0C}.xpi [2014-05-22]
FF Extension: Adblock Plus - C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\6w55vip2.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2012-06-25]
FF HKLM-x32\...\Firefox\Extensions: [FFPDFArchitectConverter@pdfarchitect.com] - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt
FF Extension: PDF Architect Converter For Firefox - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt [2013-01-22]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-06-13]

Chrome:
=======
CHR HomePage:
CHR NewTab: "chrome-extension://pflphaooapbgpeakohlggbpidpppgdff/content/newtab/newtab.html"
CHR DefaultNewTabURL:
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\35.0.1916.114\pdf.dll ()
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll No File
CHR Plugin: (Winamp Application Detector) - C:\Program Files (x86)\Mozilla Firefox\plugins\npwachk.dll (Nullsoft, Inc.)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~4\Office14\NPAUTHZ.DLL (Microsoft Corporation)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (Citrix ICA Client) - C:\Program Files (x86)\Citrix\ICA Client\npicaN.dll No File
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.124\npGoogleUpdate3.dll No File
CHR Plugin: (NVIDIA 3D Vision) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
CHR Plugin: (NVIDIA 3D VISION) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
CHR Plugin: (Java Deployment Toolkit 7.0.50.255) - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
CHR Plugin: (Java™ Platform SE 7 U5) - C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (Uplay PC) - C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll No File
CHR Plugin: (Windows Live Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (iTunes Application Detector) - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Plugin: (Nexon Game Controller) - C:\ProgramData\NexonUS\NGM\npNxGameUS.dll No File
CHR Plugin: (Unity Player) - C:\Users\Owner\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_4_402_287.dll No File
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll No File
CHR Extension: (No Name) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\acohkacenjkkllhbfgfflibmenakobco [2014-06-13]
CHR Extension: (Google Drive) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2012-12-07]
CHR Extension: (YouTube) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-12-07]
CHR Extension: (Google Search) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-12-07]
CHR Extension: (avast! Online Security) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-06-13]
CHR Extension: (Google Wallet) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-23]
CHR Extension: (Status Bar) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\ojjdiklbbogaliiljdbpbkkkghendjja [2013-03-15]
CHR Extension: (Gmail) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-12-07]
CHR HKLM-x32\...\Chrome\Extension: [gfdifeicmijiobaflmbcnohpplhiipka] - C:\Users\Owner\AppData\Roaming\youtube2mp3\youtube2mp3.crx [2012-11-19]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-06-29]

==================== Services (Whitelisted) =================

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-06-29] (AVAST Software)
R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [106488 2014-06-29] (AVAST Software)
R2 DcomLaunch; C:\Windows\system32\rpcss.dll [528384 2010-11-20] (Microsoft Corporation) [File not signed]
S3 fussvc; C:\Program Files (x86)\Windows Kits\8.0\App Certification Kit\fussvc.exe [139776 2012-07-25] (Microsoft Corporation) [File not signed]
R2 MDM; C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [335872 2006-10-26] (Microsoft Corporation) [File not signed]
S3 npggsvc; C:\Windows\SysWOW64\GameMon.des [3953632 2012-03-06] (INCA Internet Co., Ltd.) [File not signed]
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1494304 2013-12-09] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [15129376 2013-12-09] (NVIDIA Corporation)
R2 PDF Architect Helper Service; C:\Program Files (x86)\PDF Architect\HelperService.exe [1324104 2013-01-09] (pdfforge GbR)
R2 PDF Architect Service; C:\Program Files (x86)\PDF Architect\ConversionService.exe [795208 2013-01-09] (pdfforge GbR)
R2 RpcSs; C:\Windows\system32\rpcss.dll [528384 2010-11-20] (Microsoft Corporation) [File not signed]
R2 SbieSvc; C:\Program Files\Sandboxie\SbieSvc.exe [94992 2011-11-23] (SANDBOXIE L.T.D)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
S3 Te.Service; C:\Program Files (x86)\Windows Kits\8.0\Testing\Runtimes\TAEF\Wex.Services.exe [126976 2012-07-25] (Microsoft Corporation) [File not signed]
S3 TunngleService; C:\Program Files (x86)\Tunngle\TnglCtrl.exe [759192 2013-09-03] (Tunngle.net GmbH) [File not signed]
S4 HiPatchService; C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [X]
S2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [X]

==================== Drivers (Whitelisted) ====================

U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-13] (Microsoft Corporation)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-06-29] ()
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [28184 2014-06-29] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-06-29] (AVAST Software)
R0 aswNdisFlt; C:\Windows\System32\DRIVERS\aswNdisFlt.sys [448400 2014-06-29] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-06-29] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-06-29] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1041168 2014-06-29] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [427360 2014-07-04] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [92008 2014-06-29] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [224896 2014-06-29] ()
S3 CorsairCAHS1; C:\Windows\System32\drivers\CAHS164.sys [1308160 2011-06-16] (C-Media Electronics Inc)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [39200 2013-12-05] (NVIDIA Corporation)
S3 pbfilter; C:\Program Files\PeerBlock\pbfilter.sys [24176 2010-11-06] ()
R3 SbieDrv; C:\Program Files\Sandboxie\SbieDrv.sys [149888 2012-09-05] (SANDBOXIE L.T.D) [File not signed]
S3 Serial; C:\Windows\system32\drivers\serial.sys [94208 2009-07-13] (Brother Industries Ltd.)
R3 tap0901t; C:\Windows\System32\DRIVERS\tap0901t.sys [31232 2009-09-16] (Tunngle.net)
S3 VSPerfDrv110; C:\Program Files (x86)\Microsoft Visual Studio 11.0\Team Tools\Performance Tools\x64\VSPerfDrv110.sys [70264 2012-07-13] (Microsoft Corporation)
S3 WinRing0_1_2_0; C:\Program Files (x86)\Razer\Razer Game Booster\Driver\WinRing0x64.sys [14544 2012-11-13] (OpenLibSys.org)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-07-06 08:38 - 2014-07-06 08:42 - 00000636 _____ () C:\Users\Owner\Desktop\Search.txt
2014-07-06 03:13 - 2014-07-06 09:53 - 00080939 _____ () C:\Users\Owner\Desktop\Addition.txt
2014-07-06 03:12 - 2014-07-06 11:20 - 00029577 _____ () C:\Users\Owner\Desktop\FRST.txt
2014-07-06 03:12 - 2014-07-06 11:19 - 00000000 ____D () C:\FRST
2014-07-06 02:50 - 2014-07-06 11:19 - 02084352 _____ (Farbar) C:\Users\Owner\Desktop\FRST64.exe
2014-07-05 23:51 - 2014-07-05 23:51 - 00031691 _____ () C:\ComboFix.txt
2014-07-05 23:17 - 2014-07-05 23:17 - 00991232 _____ () C:\Users\Owner\Desktop\MicrosoftFixit50267.msi
2014-07-05 23:10 - 2014-07-05 23:10 - 04745728 _____ (AVAST Software) C:\Users\Owner\Desktop\aswMBR.exe
2014-07-05 22:59 - 2014-07-05 22:59 - 01062136 _____ (Bleeping Computer, LLC) C:\Users\Owner\Desktop\rkill64.exe
2014-07-05 22:44 - 2014-07-05 22:59 - 00001420 _____ () C:\Users\Owner\Desktop\Rkill.txt
2014-07-05 22:44 - 2014-07-05 22:44 - 01942776 _____ (Bleeping Computer, LLC) C:\Users\Owner\Desktop\rkill.exe
2014-07-05 22:36 - 2014-07-05 22:36 - 00001069 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-07-05 22:36 - 2014-07-05 22:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-07-05 22:36 - 2014-07-05 22:36 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-07-05 22:36 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-07-05 22:36 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-07-05 22:34 - 2014-07-05 22:35 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Owner\Desktop\mbam-setup-2.0.2.1012.exe
2014-07-05 22:04 - 2014-07-05 22:04 - 00000000 ____D () C:\Users\Owner\Downloads\Assault Android Cactus
2014-07-05 21:51 - 2014-07-05 22:36 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-07-05 21:51 - 2014-07-05 22:36 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-07-05 21:51 - 2014-07-05 22:30 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2014-07-05 21:51 - 2014-07-05 22:21 - 00000000 ____D () C:\Users\Owner\Desktop\mbar
2014-07-05 21:51 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-07-05 21:50 - 2014-07-05 21:50 - 14349744 _____ (Malwarebytes Corp.) C:\Users\Owner\Desktop\mbar-1.07.0.1012.exe
2014-07-05 21:44 - 2014-07-05 21:44 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-07-05 21:41 - 2014-07-05 21:44 - 02347384 _____ (ESET) C:\Users\Owner\Desktop\esetsmartinstaller_enu.exe
2014-07-05 21:26 - 2014-07-05 22:29 - 00001060 _____ () C:\Windows\DtcInstall.log
2014-07-05 20:52 - 2014-07-05 20:52 - 04707328 _____ () C:\Users\Owner\Desktop\RogueKiller.exe
2014-07-05 20:52 - 2014-07-05 20:52 - 00000000 ____D () C:\ProgramData\RogueKiller
2014-07-05 20:00 - 2014-07-05 23:51 - 00000000 ____D () C:\Qoobox
2014-07-05 20:00 - 2011-06-25 23:45 - 00256000 _____ () C:\Windows\PEV.exe
2014-07-05 20:00 - 2010-11-07 10:20 - 00208896 _____ () C:\Windows\MBR.exe
2014-07-05 20:00 - 2009-04-19 21:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-07-05 20:00 - 2000-08-30 17:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-07-05 20:00 - 2000-08-30 17:00 - 00406528 ____R (SteelWerX) C:\Windows\SWSC.exe
2014-07-05 20:00 - 2000-08-30 17:00 - 00098816 _____ () C:\Windows\sed.exe
2014-07-05 20:00 - 2000-08-30 17:00 - 00080412 _____ () C:\Windows\grep.exe
2014-07-05 20:00 - 2000-08-30 17:00 - 00068096 _____ () C:\Windows\zip.exe
2014-07-05 19:59 - 2014-07-05 20:23 - 00000000 ____D () C:\Windows\erdnt
2014-07-05 19:47 - 2014-07-05 19:52 - 00000000 ____D () C:\AdwCleaner
2014-07-05 19:47 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll
2014-07-05 19:46 - 2014-07-05 19:46 - 05213907 ____R (Swearware) C:\Users\Owner\Desktop\ComboFix.exe
2014-07-05 19:46 - 2014-07-05 19:46 - 01346519 _____ () C:\Users\Owner\Desktop\AdwCleaner.exe
2014-07-05 19:38 - 2014-07-05 19:38 - 04181856 _____ (Kaspersky Lab ZAO) C:\Users\Owner\Desktop\tdsskiller.exe
2014-07-05 18:18 - 2014-07-05 18:18 - 00321220 ____S () C:\Windows\system32\dddzsnt.fjk
2014-07-05 16:35 - 2014-07-05 18:43 - 00000000 ____D () C:\Users\Owner\Downloads\Soldier.Of.Fortune.II.Double.Helix.Gold.Edition.PC.Game(djDEVASTATE™)
2014-07-04 22:24 - 2014-07-05 20:05 - 00000929 _____ () C:\Users\Owner\Desktop\mono - Shortcut.lnk
2014-07-04 22:17 - 2014-07-04 22:17 - 00000000 ____D () C:\Users\Owner\Downloads\mono
2014-07-04 22:06 - 2014-07-04 22:09 - 00000000 ____D () C:\Users\Owner\Downloads\ss2
2014-07-04 22:06 - 2014-07-04 22:06 - 00851613 _____ () C:\Users\Owner\Downloads\ss2.zip
2014-07-04 05:15 - 2014-07-04 05:15 - 00073728 _____ () C:\Users\Owner\Documents\backup dogecoins yo.dat
2014-07-01 10:13 - 2014-07-01 10:13 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\Code Force Limited
2014-07-01 09:56 - 2014-06-27 19:38 - 00000000 ____D () C:\Users\Owner\Downloads\Distant Worlds Universe
2014-07-01 09:56 - 2014-06-27 19:24 - 00000000 ____D () C:\Users\Owner\Downloads\races
2014-07-01 09:56 - 2014-06-27 19:24 - 00000000 ____D () C:\Users\Owner\Downloads\Policy
2014-07-01 09:56 - 2014-06-27 19:24 - 00000000 ____D () C:\Users\Owner\Downloads\Help
2014-07-01 09:56 - 2014-06-27 19:24 - 00000000 ____D () C:\Users\Owner\Downloads\AutoPlay
2014-07-01 09:56 - 2014-06-27 19:04 - 11760640 _____ (Code Force Limited) C:\Users\Owner\Downloads\DistantWorlds.exe
2014-07-01 09:56 - 2014-06-27 19:04 - 06727680 _____ (Matrix Publishing Ltd.) C:\Users\Owner\Downloads\autorun.exe
2014-07-01 09:56 - 2014-06-27 19:04 - 00454849 _____ () C:\Users\Owner\Downloads\GameText.txt
2014-07-01 09:56 - 2014-06-27 19:04 - 00325968 _____ () C:\Users\Owner\Downloads\lua5.1.dll
2014-07-01 09:56 - 2014-06-27 19:04 - 00276592 _____ () C:\Users\Owner\Downloads\TitleFont.xnb
2014-07-01 09:56 - 2014-06-27 19:04 - 00276592 _____ () C:\Users\Owner\Downloads\NormalFont.xnb
2014-07-01 09:56 - 2014-06-27 19:04 - 00081008 _____ () C:\Users\Owner\Downloads\SmallFont.xnb
2014-07-01 09:56 - 2014-06-27 19:03 - 00276592 _____ () C:\Users\Owner\Downloads\BoldFont.xnb
2014-07-01 09:56 - 2014-06-27 19:03 - 00081008 _____ () C:\Users\Owner\Downloads\TinyFont.xnb
2014-07-01 09:56 - 2014-06-27 19:03 - 00004326 _____ () C:\Users\Owner\Downloads\fighters.txt
2014-07-01 09:56 - 2014-06-20 20:55 - 00057758 _____ () C:\Users\Owner\Downloads\research.txt
2014-07-01 09:56 - 2014-06-20 20:55 - 00022263 _____ () C:\Users\Owner\Downloads\components.txt
2014-07-01 09:56 - 2014-06-20 20:55 - 00014405 _____ () C:\Users\Owner\Downloads\facilities.txt
2014-07-01 09:56 - 2014-06-14 12:09 - 00000008 _____ () C:\Users\Owner\Downloads\steam_appid.txt
2014-07-01 09:56 - 2014-06-12 22:02 - 00000649 _____ () C:\Users\Owner\Downloads\Startup.ini
2014-07-01 09:49 - 2014-07-01 09:49 - 00002225 _____ () C:\Users\Public\Desktop\Distant Worlds Universe.lnk
2014-07-01 09:49 - 2014-07-01 09:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Slitherine Ltd
2014-07-01 09:48 - 2014-07-01 09:48 - 00000000 ____D () C:\Program Files (x86)\Slitherine Ltd
2014-07-01 09:30 - 2014-07-01 09:32 - 18324715 _____ () C:\Users\Owner\Downloads\METACRITIC WINPATCH LULS HERRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRERERERERERER.rar
2014-07-01 09:29 - 2014-07-05 16:42 - 00000000 ____D () C:\Users\Owner\Downloads\Distant.Worlds.Universe-SKIDROW
2014-06-30 22:09 - 2014-06-30 23:49 - 00000000 ____D () C:\Users\Owner\Documents\Xenonauts
2014-06-30 22:09 - 2014-06-30 22:09 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\PlayFirst
2014-06-30 22:09 - 2014-06-30 22:09 - 00000000 ____D () C:\ProgramData\PlayFirst
2014-06-30 22:08 - 2014-06-30 22:08 - 00001625 _____ () C:\Users\Public\Desktop\Xenonauts.lnk
2014-06-30 21:29 - 2014-06-30 21:29 - 34888300 ____R (XGen Studios, Inc. ) C:\Users\Owner\Desktop\Stick RPG 2 Director's Cut V 1.0.exe
2014-06-30 20:44 - 2014-06-30 20:54 - 00000000 ____D () C:\Users\Owner\Downloads\Xenonauts - GoG
2014-06-29 21:22 - 2014-06-29 21:22 - 00001979 _____ () C:\Users\Public\Desktop\avast! Internet Security.lnk
2014-06-29 21:21 - 2014-06-29 21:21 - 00448400 _____ (AVAST Software) C:\Windows\system32\Drivers\aswNdisFlt.sys
2014-06-29 21:21 - 2014-06-29 21:21 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-06-29 21:21 - 2014-06-29 21:21 - 00028184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2014-06-27 23:45 - 2014-06-27 23:45 - 00001164 _____ () C:\Users\Owner\Desktop\ShovelKnight.lnk
2014-06-27 06:37 - 2014-06-27 06:37 - 00000222 _____ () C:\Users\Owner\Desktop\Terraria.url
2014-06-27 02:16 - 2014-06-27 02:16 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\Yacht Club Games
2014-06-27 02:15 - 2014-06-27 23:46 - 00000000 ____D () C:\Users\Owner\Downloads\Shovel Knight v1.0a
2014-06-27 02:12 - 2014-06-27 02:13 - 104853246 ____R () C:\Users\Owner\Downloads\Shovel Knight v1.0a.7z
2014-06-17 22:09 - 2014-06-17 22:09 - 00000000 ____D () C:\Users\Owner\AppData\Local\Smellyriver
2014-06-17 22:08 - 2014-06-17 22:09 - 00000000 ____D () C:\Users\Owner\Downloads\STI.1.3.3.40
2014-06-17 22:04 - 2014-06-17 22:06 - 15538041 _____ () C:\Users\Owner\Downloads\STI.1.3.3.40.zip
2014-06-16 19:05 - 2014-01-08 19:22 - 05694464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2014-06-16 19:05 - 2014-01-03 15:44 - 06574592 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2014-06-16 19:05 - 2013-11-23 11:26 - 00417792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2014-06-16 19:05 - 2013-11-23 10:47 - 00465920 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2014-06-16 19:04 - 2014-05-08 02:32 - 03178496 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2014-06-16 19:04 - 2014-05-08 02:32 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\RdpGroupPolicyExtension.dll
2014-06-16 19:04 - 2014-02-03 19:32 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2014-06-16 19:04 - 2014-02-03 19:04 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2014-06-16 19:04 - 2013-12-24 16:09 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2014-06-16 19:04 - 2013-12-24 15:48 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2014-06-16 19:04 - 2013-11-26 01:16 - 03419136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2014-06-16 19:04 - 2013-11-22 15:48 - 03928064 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2014-06-16 10:18 - 2014-06-16 10:18 - 00001017 _____ () C:\Users\Public\Desktop\Doom Warrior.lnk
2014-06-16 10:18 - 2014-06-16 10:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Doom Warrior
2014-06-16 10:18 - 2014-06-16 10:18 - 00000000 ____D () C:\Program Files (x86)\Doom Warrior
2014-06-16 10:14 - 2014-06-16 10:15 - 360364056 _____ (Creaky Corpse Ltd ) C:\Users\Owner\Downloads\DoomWarriorWin.exe
2014-06-15 22:22 - 2014-06-15 22:22 - 00000000 ____D () C:\Users\Owner\Downloads\Game of Thrones S04E10 HDTV x264-KILLERS[ettv]
2014-06-14 14:07 - 2014-06-14 14:07 - 00000000 ____D () C:\Users\Family\AppData\Roaming\AVAST Software
2014-06-14 03:03 - 2014-06-14 03:03 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-06-13 20:15 - 2014-06-13 20:15 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\com.blinkworks.IGTM
2014-06-13 19:56 - 2014-06-13 19:56 - 00000222 _____ () C:\Users\Owner\Desktop\Indie Game The Movie.url
2014-06-13 19:15 - 2014-06-13 19:25 - 00000000 ____D () C:\Windows\system32\MRT
2014-06-13 19:11 - 2013-05-09 22:56 - 14631424 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2014-06-13 19:11 - 2013-05-09 22:56 - 12625920 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2014-06-13 19:11 - 2013-05-09 21:56 - 12625408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2014-06-13 19:11 - 2013-05-09 21:56 - 11410432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2014-06-13 18:57 - 2013-10-14 18:00 - 00028368 _____ (Microsoft Corporation) C:\Windows\system32\IEUDINIT.EXE
2014-06-13 18:54 - 2014-06-13 18:54 - 23414784 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-06-13 18:54 - 2014-06-13 18:54 - 17271296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-06-13 18:54 - 2014-06-13 18:54 - 13522944 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-06-13 18:54 - 2014-06-13 18:54 - 11725312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-06-13 18:54 - 2014-06-13 18:54 - 05782528 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-06-13 18:54 - 2014-06-13 18:54 - 04244992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-06-13 18:54 - 2014-06-13 18:54 - 02768384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-06-13 18:54 - 2014-06-13 18:54 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-06-13 18:54 - 2014-06-13 18:54 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-06-13 18:54 - 2014-06-13 18:54 - 02266112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-06-13 18:54 - 2014-06-13 18:54 - 02179072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-06-13 18:54 - 2014-06-13 18:54 - 02040832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-06-13 18:54 - 2014-06-13 18:54 - 01964544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-06-13 18:54 - 2014-06-13 18:54 - 01790976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-06-13 18:54 - 2014-06-13 18:54 - 01398272 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-06-13 18:54 - 2014-06-13 18:54 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-06-13 18:54 - 2014-06-13 18:54 - 01143296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-06-13 18:54 - 2014-06-13 18:54 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-06-13 18:54 - 2014-06-13 18:54 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2014-06-13 18:54 - 2014-06-13 18:54 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-06-13 18:54 - 2014-06-13 18:54 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-06-13 18:54 - 2014-06-13 18:54 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-06-13 18:54 - 2014-06-13 18:54 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-06-13 18:54 - 2014-06-13 18:54 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-06-13 18:54 - 2014-06-13 18:54 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll
2014-06-13 18:54 - 2014-06-13 18:54 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-06-13 18:54 - 2014-06-13 18:54 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2014-06-13 18:54 - 2014-06-13 18:54 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2014-06-13 18:54 - 2014-06-13 18:54 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-06-13 18:54 - 2014-06-13 18:54 - 00608768 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-06-13 18:54 - 2014-06-13 18:54 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-06-13 18:54 - 2014-06-13 18:54 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-06-13 18:54 - 2014-06-13 18:54 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-06-13 18:54 - 2014-06-13 18:54 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-06-13 18:54 - 2014-06-13 18:54 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-06-13 18:54 - 2014-06-13 18:54 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-06-13 18:54 - 2014-06-13 18:54 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-06-13 18:54 - 2014-06-13 18:54 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2014-06-13 18:54 - 2014-06-13 18:54 - 00368128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-06-13 18:54 - 2014-06-13 18:54 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2014-06-13 18:54 - 2014-06-13 18:54 - 00295424 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-06-13 18:54 - 2014-06-13 18:54 - 00266456 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-06-13 18:54 - 2014-06-13 18:54 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2014-06-13 18:54 - 2014-06-13 18:54 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2014-06-13 18:54 - 2014-06-13 18:54 - 00242688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-06-13 18:54 - 2014-06-13 18:54 - 00240856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-06-13 18:54 - 2014-06-13 18:54 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-06-13 18:54 - 2014-06-13 18:54 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2014-06-13 18:54 - 2014-06-13 18:54 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2014-06-13 18:54 - 2014-06-13 18:54 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2014-06-13 18:54 - 2014-06-13 18:54 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-06-13 18:54 - 2014-06-13 18:54 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2014-06-13 18:54 - 2014-06-13 18:54 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2014-06-13 18:54 - 2014-06-13 18:54 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2014-06-13 18:54 - 2014-06-13 18:54 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-06-13 18:54 - 2014-06-13 18:54 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2014-06-13 18:54 - 2014-06-13 18:54 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2014-06-13 18:54 - 2014-06-13 18:54 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2014-06-13 18:54 - 2014-06-13 18:54 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2014-06-13 18:54 - 2014-06-13 18:54 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-06-13 18:54 - 2014-06-13 18:54 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2014-06-13 18:54 - 2014-06-13 18:54 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2014-06-13 18:54 - 2014-06-13 18:54 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2014-06-13 18:54 - 2014-06-13 18:54 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2014-06-13 18:54 - 2014-06-13 18:54 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-06-13 18:54 - 2014-06-13 18:54 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2014-06-13 18:54 - 2014-06-13 18:54 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-06-13 18:54 - 2014-06-13 18:54 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2014-06-13 18:54 - 2014-06-13 18:54 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2014-06-13 18:54 - 2014-06-13 18:54 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2014-06-13 18:54 - 2014-06-13 18:54 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2014-06-13 18:54 - 2014-06-13 18:54 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2014-06-13 18:54 - 2014-06-13 18:54 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-06-13 18:54 - 2014-06-13 18:54 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-06-13 18:54 - 2014-06-13 18:54 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2014-06-13 18:54 - 2014-06-13 18:54 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2014-06-13 18:54 - 2014-06-13 18:54 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2014-06-13 18:54 - 2014-06-13 18:54 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2014-06-13 18:54 - 2014-06-13 18:54 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2014-06-13 18:54 - 2014-06-13 18:54 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-06-13 18:54 - 2014-06-13 18:54 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2014-06-13 18:54 - 2014-06-13 18:54 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-06-13 18:54 - 2014-06-13 18:54 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2014-06-13 18:54 - 2014-06-13 18:54 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2014-06-13 18:54 - 2014-06-13 18:54 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-06-13 18:54 - 2014-06-13 18:54 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-06-13 18:54 - 2014-06-13 18:54 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2014-06-13 18:54 - 2014-06-13 18:54 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2014-06-13 18:54 - 2014-06-13 18:54 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-06-13 18:54 - 2014-06-13 18:54 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-06-13 18:54 - 2014-06-13 18:54 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2014-06-13 18:54 - 2014-06-13 18:54 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2014-06-13 18:54 - 2014-06-13 18:54 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-06-13 18:54 - 2014-06-13 18:54 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2014-06-13 18:54 - 2014-06-13 18:54 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2014-06-13 18:54 - 2014-06-13 18:54 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-06-13 18:54 - 2014-06-13 18:54 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-06-13 18:54 - 2014-06-13 18:54 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2014-06-13 18:54 - 2014-06-13 18:54 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-06-13 18:54 - 2014-06-13 18:54 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-06-13 18:54 - 2014-06-13 18:54 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-06-13 18:54 - 2014-06-13 18:54 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2014-06-13 18:54 - 2014-06-13 18:54 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2014-06-13 18:54 - 2014-06-13 18:54 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2014-06-13 18:54 - 2014-06-13 18:54 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2014-06-13 18:54 - 2014-06-13 18:54 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2014-06-13 18:54 - 2014-06-13 18:54 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2014-06-13 18:54 - 2014-06-13 18:54 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-06-13 18:53 - 2014-06-13 18:57 - 00009784 _____ () C:\Windows\IE11_main.log
2014-06-13 18:48 - 2013-10-01 19:22 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\TsUsbFlt.sys
2014-06-13 18:48 - 2013-10-01 19:11 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyControl.exe
2014-06-13 18:48 - 2013-10-01 19:08 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2014-06-13 18:48 - 2013-10-01 18:48 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\MsRdpWebAccess.dll
2014-06-13 18:48 - 2013-10-01 18:48 - 00018944 _____ (Microsoft Corporation) C:\Windows\system32\wksprtPS.dll
2014-06-13 18:48 - 2013-10-01 18:29 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2014-06-13 18:48 - 2013-10-01 18:10 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbGDCoInstaller.dll
2014-06-13 18:48 - 2013-10-01 17:15 - 01057280 _____ (Microsoft Corporation) C:\Windows\system32\rdvidcrl.dll
2014-06-13 18:48 - 2013-10-01 17:14 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MsRdpWebAccess.dll
2014-06-13 18:48 - 2013-10-01 17:14 - 00017920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wksprtPS.dll
2014-06-13 18:48 - 2013-10-01 17:08 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2014-06-13 18:48 - 2013-10-01 17:01 - 00420864 _____ (Microsoft Corporation) C:\Windows\system32\wksprt.exe
2014-06-13 18:48 - 2013-10-01 16:58 - 00053248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2014-06-13 18:48 - 2013-10-01 16:31 - 01147392 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
2014-06-13 18:48 - 2013-10-01 16:08 - 00855552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdvidcrl.dll
2014-06-13 18:48 - 2013-10-01 15:34 - 01068544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe
2014-06-13 18:31 - 2012-08-23 07:13 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2014-06-13 18:31 - 2012-08-23 07:10 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpvideominiport.sys
2014-06-13 18:31 - 2012-08-23 07:08 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\TsUsbGD.sys
2014-06-13 18:31 - 2012-08-23 04:12 - 00192000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpendp_winip.dll
2014-06-13 18:31 - 2012-08-23 03:51 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\rdpendp_winip.dll
2014-06-13 18:13 - 2013-01-13 14:17 - 00009728 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2014-06-13 18:13 - 2013-01-13 14:17 - 00002560 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll
2014-06-13 18:13 - 2013-01-13 14:16 - 00010752 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll
2014-06-13 18:13 - 2013-01-13 14:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll
2014-06-13 18:13 - 2013-01-13 14:11 - 00005632 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2014-06-13 18:13 - 2013-01-13 14:11 - 00005632 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll
2014-06-13 18:13 - 2013-01-13 14:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-user32-l1-1-0.dll
2014-06-13 18:13 - 2013-01-13 14:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-version-l1-1-0.dll
2014-06-13 18:13 - 2013-01-13 14:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll
2014-06-13 18:13 - 2013-01-13 13:35 - 00010752 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2014-06-13 18:13 - 2013-01-13 13:35 - 00009728 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2014-06-13 18:13 - 2013-01-13 13:35 - 00002560 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2014-06-13 18:13 - 2013-01-13 13:32 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2014-06-13 18:13 - 2013-01-13 13:31 - 01247744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2014-06-13 18:13 - 2013-01-13 13:31 - 00005632 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2014-06-13 18:13 - 2013-01-13 13:31 - 00005632 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2014-06-13 18:13 - 2013-01-13 13:31 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2014-06-13 18:13 - 2013-01-13 13:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2014-06-13 18:13 - 2013-01-13 13:31 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2014-06-13 18:13 - 2013-01-13 13:20 - 00293376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxgi.dll
2014-06-13 18:13 - 2013-01-13 13:09 - 00249856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1core.dll
2014-06-13 18:13 - 2013-01-13 13:08 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10core.dll
2014-06-13 18:13 - 2013-01-13 12:59 - 01643520 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2014-06-13 18:13 - 2013-01-13 12:58 - 01175552 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2014-06-13 18:13 - 2013-01-13 12:54 - 00604160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10level9.dll
2014-06-13 18:13 - 2013-01-13 12:53 - 00207872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecsExt.dll
2014-06-13 18:13 - 2013-01-13 12:53 - 00187392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIAnimation.dll
2014-06-13 18:13 - 2013-01-13 12:49 - 00363008 _____ (Microsoft Corporation) C:\Windows\system32\dxgi.dll
2014-06-13 18:13 - 2013-01-13 12:48 - 00161792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1.dll
2014-06-13 18:13 - 2013-01-13 12:46 - 01080832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10.dll
2014-06-13 18:13 - 2013-01-13 12:38 - 00333312 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1core.dll
2014-06-13 18:13 - 2013-01-13 12:38 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\d3d10core.dll
2014-06-13 18:13 - 2013-01-13 12:25 - 00245248 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecsExt.dll
2014-06-13 18:13 - 2013-01-13 12:24 - 00648192 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll
2014-06-13 18:13 - 2013-01-13 12:24 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\UIAnimation.dll
2014-06-13 18:13 - 2013-01-13 12:20 - 01238528 _____ (Microsoft Corporation) C:\Windows\system32\d3d10.dll
2014-06-13 18:13 - 2013-01-13 12:20 - 00194560 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1.dll
2014-06-13 18:13 - 2013-01-13 11:34 - 00364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsGdiConverter.dll
2014-06-13 18:13 - 2013-01-13 11:09 - 00522752 _____ (Microsoft Corporation) C:\Windows\system32\XpsGdiConverter.dll
2014-06-13 18:13 - 2013-01-13 10:26 - 01158144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsPrint.dll
2014-06-13 18:13 - 2013-01-13 10:05 - 01682432 _____ (Microsoft Corporation) C:\Windows\system32\XpsPrint.dll
2014-06-13 18:13 - 2013-01-03 23:11 - 02776576 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2014-06-13 18:13 - 2013-01-03 23:11 - 02284544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2014-06-13 17:58 - 2013-09-07 19:27 - 00327168 _____ (Microsoft Corporation) C:\Windows\system32\mswsock.dll
2014-06-13 17:58 - 2013-09-07 19:03 - 00231424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mswsock.dll
2014-06-13 17:58 - 2013-08-28 19:16 - 01732032 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2014-06-13 17:58 - 2013-08-28 19:16 - 00859648 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2014-06-13 17:58 - 2013-08-28 19:13 - 00878080 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2014-06-13 17:58 - 2013-08-28 18:50 - 01292192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2014-06-13 17:58 - 2013-08-28 18:50 - 00619520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll
2014-06-13 17:58 - 2013-08-28 18:48 - 00640512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2014-06-13 17:58 - 2013-07-08 22:52 - 00224256 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2014-06-13 17:58 - 2013-07-08 21:52 - 00175104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2014-06-13 17:58 - 2013-05-09 22:49 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\cryptdlg.dll
2014-06-13 17:58 - 2013-05-09 20:20 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptdlg.dll
2014-06-13 17:58 - 2013-02-26 23:02 - 00111448 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2014-06-13 17:58 - 2013-02-26 22:47 - 00070144 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2014-06-13 17:57 - 2014-04-11 19:22 - 00155072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2014-06-13 17:57 - 2014-04-11 19:22 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2014-06-13 17:57 - 2014-04-11 19:19 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-06-13 17:57 - 2014-04-11 19:19 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2014-06-13 17:57 - 2014-04-11 19:19 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2014-06-13 17:57 - 2014-04-11 19:19 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2014-06-13 17:57 - 2014-04-11 19:19 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2014-06-13 17:57 - 2014-04-11 19:12 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-06-13 17:57 - 2014-04-11 19:10 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-06-13 17:57 - 2014-03-04 02:47 - 05550016 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-06-13 17:57 - 2014-03-04 02:44 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2014-06-13 17:57 - 2014-03-04 02:44 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-06-13 17:57 - 2014-03-04 02:44 - 00722944 _____ (Microsoft Corporation) C:\Windows\system32\objsel.dll
2014-06-13 17:57 - 2014-03-04 02:44 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2014-06-13 17:57 - 2014-03-04 02:44 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2014-06-13 17:57 - 2014-03-04 02:44 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-06-13 17:57 - 2014-03-04 02:44 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-06-13 17:57 - 2014-03-04 02:44 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2014-06-13 17:57 - 2014-03-04 02:44 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-06-13 17:57 - 2014-03-04 02:44 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-06-13 17:57 - 2014-03-04 02:44 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\wincredprovider.dll
2014-06-13 17:57 - 2014-03-04 02:44 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2014-06-13 17:57 - 2014-03-04 02:44 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2014-06-13 17:57 - 2014-03-04 02:43 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2014-06-13 17:57 - 2014-03-04 02:43 - 00057344 _____ (Microsoft Corporation) C:\Windows\system32\cngprovider.dll
2014-06-13 17:57 - 2014-03-04 02:43 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\adprovider.dll
2014-06-13 17:57 - 2014-03-04 02:43 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\capiprovider.dll
2014-06-13 17:57 - 2014-03-04 02:43 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\dpapiprovider.dll
2014-06-13 17:57 - 2014-03-04 02:43 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\dimsroam.dll
2014-06-13 17:57 - 2014-03-04 02:43 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-06-13 17:57 - 2014-03-04 02:20 - 03969984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2014-06-13 17:57 - 2014-03-04 02:20 - 03914176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2014-06-13 17:57 - 2014-03-04 02:17 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-06-13 17:57 - 2014-03-04 02:17 - 00538112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\objsel.dll
2014-06-13 17:57 - 2014-03-04 02:17 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2014-06-13 17:57 - 2014-03-04 02:17 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-06-13 17:57 - 2014-03-04 02:17 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2014-06-13 17:57 - 2014-03-04 02:17 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-06-13 17:57 - 2014-03-04 02:17 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cngprovider.dll
2014-06-13 17:57 - 2014-03-04 02:17 - 00049664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adprovider.dll
2014-06-13 17:57 - 2014-03-04 02:17 - 00048128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\capiprovider.dll
2014-06-13 17:57 - 2014-03-04 02:17 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpapiprovider.dll
2014-06-13 17:57 - 2014-03-04 02:17 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dimsroam.dll
2014-06-13 17:57 - 2014-03-04 02:17 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wincredprovider.dll
2014-06-13 17:57 - 2014-03-04 02:17 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-06-13 17:57 - 2014-03-04 02:17 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2014-06-13 17:57 - 2014-03-04 02:16 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2014-06-13 17:57 - 2014-03-04 02:16 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2014-06-13 17:57 - 2014-03-04 02:16 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2014-06-13 17:57 - 2014-03-04 02:16 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2014-06-13 17:57 - 2014-03-04 01:09 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2014-06-13 17:57 - 2014-03-04 01:09 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2014-06-13 17:57 - 2013-12-03 19:27 - 00488448 _____ (Microsoft Corporation) C:\Windows\system32\secproc.dll
2014-06-13 17:57 - 2013-12-03 19:27 - 00485888 _____ (Microsoft Corporation) C:\Windows\system32\secproc_isv.dll
2014-06-13 17:57 - 2013-12-03 19:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp_isv.dll
2014-06-13 17:57 - 2013-12-03 19:27 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\secproc_ssp.dll
2014-06-13 17:57 - 2013-12-03 19:26 - 00528384 _____ (Microsoft Corporation) C:\Windows\system32\msdrm.dll
2014-06-13 17:57 - 2013-12-03 19:16 - 00658432 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_isv.exe
2014-06-13 17:57 - 2013-12-03 19:16 - 00626176 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate.exe
2014-06-13 17:57 - 2013-12-03 19:16 - 00553984 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp.exe
2014-06-13 17:57 - 2013-12-03 19:16 - 00552960 _____ (Microsoft Corporation) C:\Windows\system32\RMActivate_ssp_isv.exe
2014-06-13 17:57 - 2013-12-03 19:03 - 00428032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc.dll
2014-06-13 17:57 - 2013-12-03 19:03 - 00423936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_isv.dll
2014-06-13 17:57 - 2013-12-03 19:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp_isv.dll
2014-06-13 17:57 - 2013-12-03 19:03 - 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secproc_ssp.dll
2014-06-13 17:57 - 2013-12-03 19:02 - 00390144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdrm.dll
2014-06-13 17:57 - 2013-12-03 18:54 - 00594944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_isv.exe
2014-06-13 17:57 - 2013-12-03 18:54 - 00572416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate.exe
2014-06-13 17:57 - 2013-12-03 18:54 - 00510976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp.exe
2014-06-13 17:57 - 2013-12-03 18:54 - 00508928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RMActivate_ssp_isv.exe
2014-06-13 17:57 - 2013-09-24 19:21 - 00307200 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2014-06-13 17:57 - 2013-09-24 18:56 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2014-06-13 17:57 - 2013-08-01 19:14 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2014-06-13 17:57 - 2013-08-01 19:12 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2014-06-13 17:57 - 2013-08-01 19:12 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2014-06-13 17:57 - 2013-08-01 19:12 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2014-06-13 17:57 - 2013-08-01 19:12 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2014-06-13 17:57 - 2013-08-01 19:12 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2014-06-13 17:57 - 2013-08-01 19:12 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2014-06-13 17:57 - 2013-08-01 19:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2014-06-13 17:57 - 2013-08-01 19:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2014-06-13 17:57 - 2013-08-01 19:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2014-06-13 17:57 - 2013-08-01 19:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2014-06-13 17:57 - 2013-08-01 19:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2014-06-13 17:57 - 2013-08-01 19:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2014-06-13 17:57 - 2013-08-01 19:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2014-06-13 17:57 - 2013-08-01 19:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2014-06-13 17:57 - 2013-08-01 19:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2014-06-13 17:57 - 2013-08-01 19:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2014-06-13 17:57 - 2013-08-01 19:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2014-06-13 17:57 - 2013-08-01 19:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2014-06-13 17:57 - 2013-08-01 19:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2014-06-13 17:57 - 2013-08-01 19:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2014-06-13 17:57 - 2013-08-01 19:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2014-06-13 17:57 - 2013-08-01 19:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2014-06-13 17:57 - 2013-08-01 19:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2014-06-13 17:57 - 2013-08-01 19:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2014-06-13 17:57 - 2013-08-01 19:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2014-06-13 17:57 - 2013-08-01 19:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2014-06-13 17:57 - 2013-08-01 19:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2014-06-13 17:57 - 2013-08-01 19:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2014-06-13 17:57 - 2013-08-01 19:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2014-06-13 17:57 - 2013-08-01 19:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2014-06-13 17:57 - 2013-08-01 18:48 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2014-06-13 17:57 - 2013-08-01 18:48 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2014-06-13 17:57 - 2013-08-01 18:48 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2014-06-13 17:57 - 2013-08-01 18:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2014-06-13 17:57 - 2013-08-01 18:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2014-06-13 17:57 - 2013-08-01 18:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2014-06-13 17:57 - 2013-08-01 18:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2014-06-13 17:57 - 2013-08-01 18:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2014-06-13 17:57 - 2013-08-01 18:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2014-06-13 17:57 - 2013-08-01 18:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2014-06-13 17:57 - 2013-08-01 18:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2014-06-13 17:57 - 2013-08-01 18:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2014-06-13 17:57 - 2013-08-01 18:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2014-06-13 17:57 - 2013-08-01 18:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2014-06-13 17:57 - 2013-08-01 18:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2014-06-13 17:57 - 2013-08-01 18:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2014-06-13 17:57 - 2013-08-01 18:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2014-06-13 17:57 - 2013-08-01 18:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2014-06-13 17:57 - 2013-08-01 18:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2014-06-13 17:57 - 2013-08-01 18:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2014-06-13 17:57 - 2013-08-01 18:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2014-06-13 17:57 - 2013-08-01 18:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2014-06-13 17:57 - 2013-08-01 18:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2014-06-13 17:57 - 2013-08-01 18:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2014-06-13 17:57 - 2013-08-01 18:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2014-06-13 17:57 - 2013-08-01 18:09 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2014-06-13 17:57 - 2013-08-01 17:59 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2014-06-13 17:57 - 2013-08-01 17:43 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2014-06-13 17:57 - 2013-08-01 17:43 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2014-06-13 17:57 - 2013-08-01 17:43 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2014-06-13 17:57 - 2013-08-01 17:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2014-06-13 17:57 - 2013-07-04 05:18 - 00458712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2014-06-13 17:56 - 2014-06-08 02:13 - 00506368 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-06-13 17:56 - 2014-06-08 02:08 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-06-13 17:56 - 2014-04-04 19:47 - 01903552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2014-06-13 17:56 - 2014-04-04 19:47 - 00288192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2014-06-13 17:56 - 2014-03-24 19:43 - 14175744 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-06-13 17:56 - 2014-03-24 19:09 - 12874240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-06-13 17:56 - 2013-11-26 04:40 - 00376768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2014-06-13 17:56 - 2013-06-14 21:32 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys
2014-06-13 17:55 - 2013-10-03 19:28 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\SmartcardCredentialProvider.dll
2014-06-13 17:55 - 2013-10-03 19:25 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\credui.dll
2014-06-13 17:55 - 2013-10-03 19:24 - 01930752 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2014-06-13 17:55 - 2013-10-03 18:58 - 00152576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SmartcardCredentialProvider.dll
2014-06-13 17:55 - 2013-10-03 18:56 - 01796096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2014-06-13 17:55 - 2013-10-03 18:56 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credui.dll
2014-06-13 17:55 - 2013-07-25 19:24 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\shdocvw.dll
2014-06-13 17:55 - 2013-07-25 18:55 - 00180224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shdocvw.dll
2014-06-13 17:54 - 2014-01-23 19:37 - 01684928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2014-06-13 17:54 - 2013-11-11 19:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-06-13 17:54 - 2013-11-11 19:07 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-06-13 17:54 - 2013-10-11 19:32 - 00150016 _____ (Microsoft Corporation) C:\Windows\system32\wshom.ocx
2014-06-13 17:54 - 2013-10-11 19:31 - 00202752 _____ (Microsoft Corporation) C:\Windows\system32\scrrun.dll
2014-06-13 17:54 - 2013-10-11 19:04 - 00121856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshom.ocx
2014-06-13 17:54 - 2013-10-11 19:03 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scrrun.dll
2014-06-13 17:54 - 2013-10-11 18:33 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\wscript.exe
2014-06-13 17:54 - 2013-10-11 18:33 - 00156160 _____ (Microsoft Corporation) C:\Windows\system32\cscript.exe
2014-06-13 17:54 - 2013-10-11 18:15 - 00141824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wscript.exe
2014-06-13 17:54 - 2013-10-11 18:15 - 00126976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cscript.exe
2014-06-13 17:54 - 2013-10-05 13:25 - 01474048 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2014-06-13 17:54 - 2013-10-05 12:57 - 01168384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2014-06-13 17:54 - 2013-07-08 22:46 - 00184320 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2014-06-13 17:54 - 2013-07-08 22:46 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2014-06-13 17:54 - 2013-07-08 21:46 - 00140288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2014-06-13 17:54 - 2013-07-08 21:46 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2014-06-13 17:54 - 2013-06-05 22:50 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2014-06-13 17:54 - 2013-06-05 22:49 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2014-06-13 17:54 - 2013-06-05 22:49 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2014-06-13 17:54 - 2013-06-05 22:47 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2014-06-13 17:54 - 2013-06-05 21:57 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2014-06-13 17:54 - 2013-06-05 21:51 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2014-06-13 17:54 - 2013-06-05 21:50 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2014-06-13 17:54 - 2013-06-05 20:30 - 00368128 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2014-06-13 17:54 - 2013-06-05 20:01 - 00295424 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2014-06-13 17:54 - 2013-06-05 20:01 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2014-06-13 17:54 - 2013-04-25 16:30 - 01505280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d11.dll
2014-06-13 17:54 - 2013-03-31 15:52 - 01887232 _____ (Microsoft Corporation) C:\Windows\system32\d3d11.dll
2014-06-13 17:53 - 2013-05-12 22:50 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\certenc.dll
2014-06-13 17:53 - 2013-05-12 20:43 - 01192448 _____ (Microsoft Corporation) C:\Windows\system32\certutil.exe
2014-06-13 17:53 - 2013-05-12 20:08 - 00903168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certutil.exe
2014-06-13 17:53 - 2013-05-12 20:08 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certenc.dll
2014-06-13 17:52 - 2014-02-03 19:35 - 00274880 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys
2014-06-13 17:52 - 2014-02-03 19:35 - 00190912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
2014-06-13 17:52 - 2014-02-03 19:35 - 00027584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Diskdump.sys
2014-06-13 17:52 - 2014-02-03 19:28 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\iologmsg.dll
2014-06-13 17:52 - 2014-02-03 19:00 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iologmsg.dll
2014-06-13 17:52 - 2013-12-31 16:05 - 00420008 _____ () C:\Windows\SysWOW64\locale.nls
2014-06-13 17:52 - 2013-12-31 16:04 - 00420008 _____ () C:\Windows\system32\locale.nls
2014-06-13 17:52 - 2013-10-02 19:23 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-06-13 17:52 - 2013-10-02 19:00 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-06-13 17:52 - 2013-09-27 18:09 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2014-06-13 17:52 - 2013-09-24 19:23 - 01030144 _____ (Microsoft Corporation) C:\Windows\system32\TSWorkspace.dll
2014-06-13 17:52 - 2013-09-24 18:57 - 00792576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSWorkspace.dll
2014-06-13 17:52 - 2013-07-20 03:33 - 00124112 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2014-06-13 17:52 - 2013-07-20 03:33 - 00102608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2014-06-13 17:52 - 2013-07-04 05:57 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2014-06-13 17:52 - 2013-07-04 05:50 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
2014-06-13 17:52 - 2013-07-04 05:50 - 00102400 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll
2014-06-13 17:52 - 2013-07-04 04:57 - 00205824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll
2014-06-13 17:52 - 2013-07-04 04:51 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll
2014-06-13 17:52 - 2013-07-04 04:50 - 00530432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.dll
2014-06-13 17:52 - 2013-07-04 03:11 - 00140800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2014-06-13 17:52 - 2013-06-25 15:55 - 00785624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Wdf01000.sys
2014-06-13 17:51 - 2014-04-24 19:34 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2014-06-13 17:51 - 2014-04-24 19:06 - 00626688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
2014-06-13 17:51 - 2014-02-06 18:23 - 03156480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-06-13 17:51 - 2014-01-28 19:32 - 00484864 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2014-06-13 17:51 - 2014-01-28 19:06 - 00381440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
2014-06-13 17:51 - 2013-11-26 18:41 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2014-06-13 17:51 - 2013-11-26 18:41 - 00325120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2014-06-13 17:51 - 2013-11-26 18:41 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2014-06-13 17:51 - 2013-11-26 18:41 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2014-06-13 17:51 - 2013-11-26 18:41 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2014-06-13 17:51 - 2013-11-26 18:41 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
2014-06-13 17:51 - 2013-11-26 18:41 - 00007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2014-06-13 17:51 - 2013-10-29 19:32 - 00335360 _____ (Microsoft Corporation) C:\Windows\system32\msieftp.dll
2014-06-13 17:51 - 2013-10-29 19:19 - 00301568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msieftp.dll
2014-06-13 17:51 - 2013-10-18 19:18 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\imagehlp.dll
2014-06-13 17:51 - 2013-10-18 18:36 - 00159232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imagehlp.dll
2014-06-13 17:51 - 2013-08-04 19:25 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ataport.sys
2014-06-13 17:51 - 2013-07-25 02:25 - 01888768 _____ (Microsoft Corporation) C:\Windows\system32\WMVDECOD.DLL
2014-06-13 17:51 - 2013-07-25 01:57 - 01620992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMVDECOD.DLL
2014-06-13 17:51 - 2013-07-08 22:51 - 01217024 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2014-06-13 17:51 - 2013-07-08 21:52 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2014-06-13 17:51 - 2013-02-11 21:12 - 00019968 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usb8023.sys
2014-06-13 17:51 - 2013-01-23 23:01 - 00223752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fvevol.sys
2014-06-13 17:50 - 2014-03-26 07:44 - 02002432 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2014-06-13 17:50 - 2014-03-26 07:44 - 01882112 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-06-13 17:50 - 2014-03-26 07:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2014-06-13 17:50 - 2014-03-26 07:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-06-13 17:50 - 2014-03-26 07:27 - 01389056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2014-06-13 17:50 - 2014-03-26 07:27 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-06-13 17:50 - 2014-03-26 07:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll
2014-06-13 17:50 - 2014-03-26 07:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2014-06-13 17:50 - 2014-02-03 19:32 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-06-13 17:50 - 2014-02-03 19:04 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2014-06-13 17:50 - 2014-01-27 19:32 - 00228864 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll
2014-06-13 17:50 - 2013-10-11 19:30 - 00830464 _____ (Microsoft Corporation) C:\Windows\system32\nshwfp.dll
2014-06-13 17:50 - 2013-10-11 19:29 - 00859648 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2014-06-13 17:50 - 2013-10-11 19:29 - 00324096 _____ (Microsoft Corporation) C:\Windows\system32\FWPUCLNT.DLL
2014-06-13 17:50 - 2013-10-11 19:03 - 00656896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\nshwfp.dll
2014-06-13 17:50 - 2013-10-11 19:01 - 00216576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FWPUCLNT.DLL
2014-06-13 17:50 - 2013-10-03 19:16 - 00116736 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\drmk.sys
2014-06-13 17:50 - 2013-10-03 18:36 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\portcls.sys
2014-06-13 17:50 - 2013-08-01 05:09 - 00983488 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2014-06-13 17:50 - 2013-07-12 03:41 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbcir.sys
2014-06-13 17:50 - 2013-07-02 21:40 - 00042496 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbscan.sys
2014-06-13 17:50 - 2013-07-02 21:05 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys
2014-06-13 17:50 - 2013-07-02 21:05 - 00032896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidparse.sys
2014-06-13 17:50 - 2013-04-25 22:51 - 00751104 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2014-06-13 17:50 - 2013-04-25 21:55 - 00492544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32spl.dll
2014-06-13 17:50 - 2013-04-09 23:01 - 00265064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
2014-06-13 17:50 - 2013-03-18 22:53 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\wwanprotdim.dll
2014-06-13 17:50 - 2011-02-03 04:25 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll
2014-06-13 17:41 - 2013-08-27 18:12 - 00461312 _____ (Microsoft Corporation) C:\Windows\system32\scavengeui.dll
2014-06-13 16:58 - 2014-07-05 22:53 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-06-13 16:58 - 2014-07-04 09:21 - 00427360 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2014-06-13 16:58 - 2014-06-29 21:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast
2014-06-13 16:58 - 2014-06-29 21:21 - 01041168 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys
2014-06-13 16:58 - 2014-06-29 21:21 - 00307344 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-06-13 16:58 - 2014-06-29 21:21 - 00224896 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2014-06-13 16:58 - 2014-06-29 21:21 - 00093568 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2014-06-13 16:58 - 2014-06-29 21:21 - 00092008 _____ (AVAST Software) C:\Windows\system32\Drivers\aswstm.sys
2014-06-13 16:58 - 2014-06-29 21:21 - 00079184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-06-13 16:58 - 2014-06-29 21:21 - 00065776 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2014-06-13 16:58 - 2014-06-29 21:21 - 00029208 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2014-06-13 16:58 - 2014-06-13 16:58 - 01039096 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys.1402703924607
2014-06-13 16:58 - 2014-06-13 16:58 - 00423240 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys.1402703924607
2014-06-13 16:58 - 2014-06-13 16:58 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\AVAST Software
2014-06-13 16:57 - 2014-06-13 16:57 - 00000000 ____D () C:\Program Files\AVAST Software
2014-06-13 16:54 - 2014-06-13 16:54 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-06-13 16:53 - 2014-06-13 16:53 - 94714880 _____ (AVAST Software) C:\Users\Owner\Downloads\avast_free_antivirus_setup.exe
2014-06-12 10:54 - 2014-06-12 10:54 - 00000776 _____ () C:\Users\Public\Desktop\World of Tanks.lnk
2014-06-12 10:54 - 2014-06-12 10:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\World of Tanks
2014-06-12 10:49 - 2014-06-12 10:49 - 09237816 _____ (Wargaming.net ) C:\Users\Owner\Downloads\WoT_internet_install_na.exe
2014-06-09 23:27 - 2014-06-09 23:27 - 00000220 _____ () C:\Users\Owner\Desktop\Star Trek Online.url
2014-06-08 22:19 - 2014-06-08 22:19 - 00000000 ____D () C:\Users\Owner\Downloads\Game of Thrones S04E09 HDTV x264-KILLERS[ettv]
2014-06-08 17:38 - 2014-06-08 17:38 - 00001252 _____ () C:\Users\Owner\Desktop\TF2Idle v1.6.0 - Shortcut.lnk
2014-06-08 14:22 - 2014-06-08 14:22 - 00001093 _____ () C:\Users\Owner\Desktop\StarCitizen.lnk
2014-06-08 14:22 - 2014-06-08 14:22 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\StarCitizen
2014-06-08 12:29 - 2014-06-08 12:29 - 32802904 _____ () C:\Users\Owner\Downloads\StarCitizenInstaller.exe
2014-06-08 02:21 - 2014-06-08 02:21 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\MKKE
2014-06-08 02:17 - 2014-06-08 02:18 - 00000000 ____D () C:\Program Files (x86)\Mortal Kombat Complete Edition
2014-06-08 02:17 - 2014-06-08 02:17 - 00002018 _____ () C:\Users\Public\Desktop\Mortal Kombat Complete Edition.lnk
2014-06-08 02:17 - 2014-06-08 02:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mortal Kombat Complete Edition
2014-06-08 01:49 - 2014-06-08 01:49 - 00000848 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Total War ROME II.lnk
2014-06-08 01:49 - 2014-06-08 01:49 - 00000836 _____ () C:\Users\Public\Desktop\Total War ROME II.lnk
2014-06-08 01:31 - 2014-06-08 02:02 - 00000000 ____D () C:\Program Files (x86)\Total War ROME II
2014-06-08 00:19 - 2014-06-08 00:19 - 00000000 ____D () C:\Users\Owner\Downloads\soundtrack
2014-06-08 00:19 - 2014-06-08 00:19 - 00000000 ____D () C:\Users\Owner\Downloads\DesktopDungeons_Data
2014-06-08 00:19 - 2014-06-08 00:19 - 00000000 ____D () C:\Users\Owner\Downloads\3DMGAME
2014-06-08 00:19 - 2013-11-26 00:15 - 09153024 _____ () C:\Users\Owner\Downloads\DesktopDungeons.exe
2014-06-08 00:19 - 2013-11-26 00:15 - 00331776 _____ (Ludosity AB) C:\Users\Owner\Downloads\SteamworksManaged.dll
2014-06-08 00:19 - 2013-11-26 00:10 - 00001504 _____ () C:\Users\Owner\Downloads\3DMGAME.ini
2014-06-08 00:19 - 2013-10-14 02:27 - 00246784 _____ () C:\Users\Owner\Downloads\steam_api.dll
2014-06-07 23:57 - 2014-06-08 00:07 - 510772932 ____R () C:\Users\Owner\Downloads\3DMGAME-Desktop.Dungeons.Special.Edition.Build.2013.11.26.Cracked-3DM.7z
2014-06-07 23:44 - 2014-06-08 00:06 - 3991830528 _____ () C:\Users\Owner\Downloads\Mortal_Kombat_Complete_Edition_RePack_ENG.iso

==================== One Month Modified Files and Folders =======

2014-07-06 11:20 - 2014-07-06 03:12 - 00029577 _____ () C:\Users\Owner\Desktop\FRST.txt
2014-07-06 11:19 - 2014-07-06 03:12 - 00000000 ____D () C:\FRST
2014-07-06 11:19 - 2014-07-06 02:50 - 02084352 _____ (Farbar) C:\Users\Owner\Desktop\FRST64.exe
2014-07-06 11:19 - 2012-07-02 16:09 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-07-06 11:02 - 2012-12-07 18:53 - 00000896 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-07-06 10:02 - 2009-07-13 21:45 - 00016976 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-07-06 10:02 - 2009-07-13 21:45 - 00016976 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-07-06 10:00 - 2014-05-17 23:56 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\DropboxMaster
2014-07-06 10:00 - 2012-12-07 18:53 - 00000892 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-07-06 10:00 - 2012-06-27 22:31 - 00000000 ___RD () C:\Users\Owner\Dropbox
2014-07-06 10:00 - 2012-06-27 22:29 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\Dropbox
2014-07-06 10:00 - 2012-03-20 09:27 - 01898441 _____ () C:\Windows\WindowsUpdate.log
2014-07-06 09:55 - 2014-03-01 22:05 - 00026396 _____ () C:\Windows\setupact.log
2014-07-06 09:54 - 2012-06-17 13:30 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-07-06 09:54 - 2009-07-13 22:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-07-06 09:53 - 2014-07-06 03:13 - 00080939 _____ () C:\Users\Owner\Desktop\Addition.txt
2014-07-06 09:53 - 2014-04-25 16:59 - 00001591 _____ () C:\Users\Owner\Desktop\New Text Document (2).txt
2014-07-06 09:53 - 2014-02-27 19:19 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\Dogecoin
2014-07-06 08:42 - 2014-07-06 08:38 - 00000636 _____ () C:\Users\Owner\Desktop\Search.txt
2014-07-06 02:00 - 2012-06-17 13:08 - 00000000 ____D () C:\Users\Owner\AppData\Local\Adobe
2014-07-06 00:27 - 2009-07-13 22:13 - 00782470 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-07-06 00:21 - 2014-03-15 02:27 - 00268348 _____ () C:\Windows\PFRO.log
2014-07-05 23:57 - 2009-07-13 20:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-07-05 23:51 - 2014-07-05 23:51 - 00031691 _____ () C:\ComboFix.txt
2014-07-05 23:51 - 2014-07-05 20:00 - 00000000 ____D () C:\Qoobox
2014-07-05 23:51 - 2013-09-03 05:02 - 00000000 ____D () C:\Users\Owner\AppData\Local\Apps\2.0
2014-07-05 23:51 - 2009-07-13 20:20 - 00000000 __RHD () C:\Users\Default
2014-07-05 23:47 - 2009-07-13 19:34 - 00000215 _____ () C:\Windows\system.ini
2014-07-05 23:17 - 2014-07-05 23:17 - 00991232 _____ () C:\Users\Owner\Desktop\MicrosoftFixit50267.msi
2014-07-05 23:10 - 2014-07-05 23:10 - 04745728 _____ (AVAST Software) C:\Users\Owner\Desktop\aswMBR.exe
2014-07-05 22:59 - 2014-07-05 22:59 - 01062136 _____ (Bleeping Computer, LLC) C:\Users\Owner\Desktop\rkill64.exe
2014-07-05 22:59 - 2014-07-05 22:44 - 00001420 _____ () C:\Users\Owner\Desktop\Rkill.txt
2014-07-05 22:53 - 2014-06-13 16:58 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-07-05 22:50 - 2012-09-14 19:58 - 00000000 ____D () C:\Windows\Minidump
2014-07-05 22:49 - 2013-12-06 22:01 - 00000000 ____D () C:\Users\Owner\stratumproxy
2014-07-05 22:44 - 2014-07-05 22:44 - 01942776 _____ (Bleeping Computer, LLC) C:\Users\Owner\Desktop\rkill.exe
2014-07-05 22:36 - 2014-07-05 22:36 - 00001069 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-07-05 22:36 - 2014-07-05 22:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-07-05 22:36 - 2014-07-05 22:36 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-07-05 22:36 - 2014-07-05 21:51 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-07-05 22:36 - 2014-07-05 21:51 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-07-05 22:35 - 2014-07-05 22:34 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Owner\Desktop\mbam-setup-2.0.2.1012.exe
2014-07-05 22:30 - 2014-07-05 21:51 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2014-07-05 22:29 - 2014-07-05 21:26 - 00001060 _____ () C:\Windows\DtcInstall.log
2014-07-05 22:25 - 2009-07-13 20:20 - 00000000 ____D () C:\Windows\Registration
2014-07-05 22:22 - 2009-07-13 20:20 - 00000000 ____D () C:\Windows\TAPI
2014-07-05 22:21 - 2014-07-05 21:51 - 00000000 ____D () C:\Users\Owner\Desktop\mbar
2014-07-05 22:21 - 2012-08-23 03:12 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\BitTorrent
2014-07-05 22:20 - 2013-12-06 22:01 - 00000000 ____D () C:\Users\Owner\cudaminer
2014-07-05 22:20 - 2013-02-25 23:24 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\Tunngle
2014-07-05 22:20 - 2013-02-06 22:29 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\CyberLink
2014-07-05 22:20 - 2013-01-30 04:33 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\PDAppFlex
2014-07-05 22:20 - 2012-12-01 17:18 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\AnvSoft
2014-07-05 22:20 - 2012-11-18 23:24 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\driveridentifier
2014-07-05 22:20 - 2012-11-16 19:33 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\Winamp
2014-07-05 22:20 - 2012-07-30 07:06 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\TS3Client
2014-07-05 22:20 - 2012-07-16 05:53 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\LoneSurvivor
2014-07-05 22:20 - 2012-07-07 18:26 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\UFOAI
2014-07-05 22:20 - 2012-06-17 13:08 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\Macromedia
2014-07-05 22:04 - 2014-07-05 22:04 - 00000000 ____D () C:\Users\Owner\Downloads\Assault Android Cactus
2014-07-05 21:50 - 2014-07-05 21:50 - 14349744 _____ (Malwarebytes Corp.) C:\Users\Owner\Desktop\mbar-1.07.0.1012.exe
2014-07-05 21:44 - 2014-07-05 21:44 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-07-05 21:44 - 2014-07-05 21:41 - 02347384 _____ (ESET) C:\Users\Owner\Desktop\esetsmartinstaller_enu.exe
2014-07-05 20:52 - 2014-07-05 20:52 - 04707328 _____ () C:\Users\Owner\Desktop\RogueKiller.exe
2014-07-05 20:52 - 2014-07-05 20:52 - 00000000 ____D () C:\ProgramData\RogueKiller
2014-07-05 20:23 - 2014-07-05 19:59 - 00000000 ____D () C:\Windows\erdnt
2014-07-05 20:21 - 2009-07-13 19:34 - 00000027 _____ () C:\Windows\system32\Drivers\etc\hosts.old
2014-07-05 20:20 - 2012-06-17 13:08 - 00000000 ____D () C:\Users\Owner
2014-07-05 20:05 - 2014-07-04 22:24 - 00000929 _____ () C:\Users\Owner\Desktop\mono - Shortcut.lnk
2014-07-05 19:52 - 2014-07-05 19:47 - 00000000 ____D () C:\AdwCleaner
2014-07-05 19:46 - 2014-07-05 19:46 - 05213907 ____R (Swearware) C:\Users\Owner\Desktop\ComboFix.exe
2014-07-05 19:46 - 2014-07-05 19:46 - 01346519 _____ () C:\Users\Owner\Desktop\AdwCleaner.exe
2014-07-05 19:38 - 2014-07-05 19:38 - 04181856 _____ (Kaspersky Lab ZAO) C:\Users\Owner\Desktop\tdsskiller.exe
2014-07-05 19:27 - 2012-06-17 19:52 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-07-05 18:49 - 2009-07-13 22:08 - 00032624 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-07-05 18:43 - 2014-07-05 16:35 - 00000000 ____D () C:\Users\Owner\Downloads\Soldier.Of.Fortune.II.Double.Helix.Gold.Edition.PC.Game(djDEVASTATE™)
2014-07-05 18:28 - 2012-07-19 06:04 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-07-05 18:18 - 2014-07-05 18:18 - 00321220 ____S () C:\Windows\system32\dddzsnt.fjk
2014-07-05 18:18 - 2009-07-13 20:20 - 00000000 ____D () C:\Windows\system32\sysprep
2014-07-05 16:42 - 2014-07-01 09:29 - 00000000 ____D () C:\Users\Owner\Downloads\Distant.Worlds.Universe-SKIDROW
2014-07-04 22:17 - 2014-07-04 22:17 - 00000000 ____D () C:\Users\Owner\Downloads\mono
2014-07-04 22:09 - 2014-07-04 22:06 - 00000000 ____D () C:\Users\Owner\Downloads\ss2
2014-07-04 22:07 - 2012-06-18 12:33 - 00000000 ____D () C:\Users\Owner\AppData\Local\CrashDumps
2014-07-04 22:06 - 2014-07-04 22:06 - 00851613 _____ () C:\Users\Owner\Downloads\ss2.zip
2014-07-04 21:42 - 2012-06-17 18:06 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\Skype
2014-07-04 09:21 - 2014-06-13 16:58 - 00427360 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2014-07-04 05:15 - 2014-07-04 05:15 - 00073728 _____ () C:\Users\Owner\Documents\backup dogecoins yo.dat
2014-07-01 10:13 - 2014-07-01 10:13 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\Code Force Limited
2014-07-01 10:13 - 2012-06-18 15:35 - 00000000 ____D () C:\Users\Owner\Documents\My Games
2014-07-01 09:49 - 2014-07-01 09:49 - 00002225 _____ () C:\Users\Public\Desktop\Distant Worlds Universe.lnk
2014-07-01 09:49 - 2014-07-01 09:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Slitherine Ltd
2014-07-01 09:48 - 2014-07-01 09:48 - 00000000 ____D () C:\Program Files (x86)\Slitherine Ltd
2014-07-01 09:32 - 2014-07-01 09:30 - 18324715 _____ () C:\Users\Owner\Downloads\METACRITIC WINPATCH LULS HERRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRERERERERERER.rar
2014-07-01 05:56 - 2014-03-24 01:25 - 00000000 ____D () C:\Users\Owner\Zomboid
2014-06-30 23:49 - 2014-06-30 22:09 - 00000000 ____D () C:\Users\Owner\Documents\Xenonauts
2014-06-30 22:09 - 2014-06-30 22:09 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\PlayFirst
2014-06-30 22:09 - 2014-06-30 22:09 - 00000000 ____D () C:\ProgramData\PlayFirst
2014-06-30 22:08 - 2014-06-30 22:08 - 00001625 _____ () C:\Users\Public\Desktop\Xenonauts.lnk
2014-06-30 22:08 - 2013-11-29 02:27 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com
2014-06-30 22:08 - 2009-07-13 22:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-06-30 21:55 - 2014-04-15 23:55 - 00000000 ____D () C:\GOG Games
2014-06-30 21:29 - 2014-06-30 21:29 - 34888300 ____R (XGen Studios, Inc. ) C:\Users\Owner\Desktop\Stick RPG 2 Director's Cut V 1.0.exe
2014-06-30 20:54 - 2014-06-30 20:44 - 00000000 ____D () C:\Users\Owner\Downloads\Xenonauts - GoG
2014-06-29 21:22 - 2014-06-29 21:22 - 00001979 _____ () C:\Users\Public\Desktop\avast! Internet Security.lnk
2014-06-29 21:22 - 2014-06-13 16:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast
2014-06-29 21:21 - 2014-06-29 21:21 - 00448400 _____ (AVAST Software) C:\Windows\system32\Drivers\aswNdisFlt.sys
2014-06-29 21:21 - 2014-06-29 21:21 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-06-29 21:21 - 2014-06-29 21:21 - 00028184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2014-06-29 21:21 - 2014-06-13 16:58 - 01041168 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys
2014-06-29 21:21 - 2014-06-13 16:58 - 00307344 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-06-29 21:21 - 2014-06-13 16:58 - 00224896 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2014-06-29 21:21 - 2014-06-13 16:58 - 00093568 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2014-06-29 21:21 - 2014-06-13 16:58 - 00092008 _____ (AVAST Software) C:\Windows\system32\Drivers\aswstm.sys
2014-06-29 21:21 - 2014-06-13 16:58 - 00079184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-06-29 21:21 - 2014-06-13 16:58 - 00065776 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2014-06-29 21:21 - 2014-06-13 16:58 - 00029208 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2014-06-27 23:46 - 2014-06-27 02:15 - 00000000 ____D () C:\Users\Owner\Downloads\Shovel Knight v1.0a
2014-06-27 23:45 - 2014-06-27 23:45 - 00001164 _____ () C:\Users\Owner\Desktop\ShovelKnight.lnk
2014-06-27 19:38 - 2014-07-01 09:56 - 00000000 ____D () C:\Users\Owner\Downloads\Distant Worlds Universe
2014-06-27 19:24 - 2014-07-01 09:56 - 00000000 ____D () C:\Users\Owner\Downloads\races
2014-06-27 19:24 - 2014-07-01 09:56 - 00000000 ____D () C:\Users\Owner\Downloads\Policy
2014-06-27 19:24 - 2014-07-01 09:56 - 00000000 ____D () C:\Users\Owner\Downloads\Help
2014-06-27 19:24 - 2014-07-01 09:56 - 00000000 ____D () C:\Users\Owner\Downloads\AutoPlay
2014-06-27 19:04 - 2014-07-01 09:56 - 11760640 _____ (Code Force Limited) C:\Users\Owner\Downloads\DistantWorlds.exe
2014-06-27 19:04 - 2014-07-01 09:56 - 06727680 _____ (Matrix Publishing Ltd.) C:\Users\Owner\Downloads\autorun.exe
2014-06-27 19:04 - 2014-07-01 09:56 - 00454849 _____ () C:\Users\Owner\Downloads\GameText.txt
2014-06-27 19:04 - 2014-07-01 09:56 - 00325968 _____ () C:\Users\Owner\Downloads\lua5.1.dll
2014-06-27 19:04 - 2014-07-01 09:56 - 00276592 _____ () C:\Users\Owner\Downloads\TitleFont.xnb
2014-06-27 19:04 - 2014-07-01 09:56 - 00276592 _____ () C:\Users\Owner\Downloads\NormalFont.xnb
2014-06-27 19:04 - 2014-07-01 09:56 - 00081008 _____ () C:\Users\Owner\Downloads\SmallFont.xnb
2014-06-27 19:03 - 2014-07-01 09:56 - 00276592 _____ () C:\Users\Owner\Downloads\BoldFont.xnb
2014-06-27 19:03 - 2014-07-01 09:56 - 00081008 _____ () C:\Users\Owner\Downloads\TinyFont.xnb
2014-06-27 19:03 - 2014-07-01 09:56 - 00004326 _____ () C:\Users\Owner\Downloads\fighters.txt
2014-06-27 06:37 - 2014-06-27 06:37 - 00000222 _____ () C:\Users\Owner\Desktop\Terraria.url
2014-06-27 02:16 - 2014-06-27 02:16 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\Yacht Club Games
2014-06-27 02:13 - 2014-06-27 02:12 - 104853246 ____R () C:\Users\Owner\Downloads\Shovel Knight v1.0a.7z
2014-06-25 03:27 - 2014-05-15 04:18 - 00000000 ____D () C:\Users\Owner\Downloads\Tropico 4 - FLT
2014-06-20 20:55 - 2014-07-01 09:56 - 00057758 _____ () C:\Users\Owner\Downloads\research.txt
2014-06-20 20:55 - 2014-07-01 09:56 - 00022263 _____ () C:\Users\Owner\Downloads\components.txt
2014-06-20 20:55 - 2014-07-01 09:56 - 00014405 _____ () C:\Users\Owner\Downloads\facilities.txt
2014-06-20 08:13 - 2009-07-13 20:20 - 00000000 ____D () C:\Windows\rescache
2014-06-20 05:32 - 2013-06-20 04:43 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\vlc
2014-06-20 01:32 - 2012-09-04 14:04 - 00011880 _____ () C:\Windows\Sandboxie.ini
2014-06-19 22:49 - 2013-01-11 19:24 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-06-17 22:09 - 2014-06-17 22:09 - 00000000 ____D () C:\Users\Owner\AppData\Local\Smellyriver
2014-06-17 22:09 - 2014-06-17 22:08 - 00000000 ____D () C:\Users\Owner\Downloads\STI.1.3.3.40
2014-06-17 22:06 - 2014-06-17 22:04 - 15538041 _____ () C:\Users\Owner\Downloads\STI.1.3.3.40.zip
2014-06-17 19:57 - 2012-12-07 18:53 - 00003892 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-06-17 19:57 - 2012-12-07 18:53 - 00003640 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-06-16 19:07 - 2012-06-18 15:34 - 00774592 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-06-16 10:18 - 2014-06-16 10:18 - 00001017 _____ () C:\Users\Public\Desktop\Doom Warrior.lnk
2014-06-16 10:18 - 2014-06-16 10:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Doom Warrior
2014-06-16 10:18 - 2014-06-16 10:18 - 00000000 ____D () C:\Program Files (x86)\Doom Warrior
2014-06-16 10:15 - 2014-06-16 10:14 - 360364056 _____ (Creaky Corpse Ltd ) C:\Users\Owner\Downloads\DoomWarriorWin.exe
2014-06-15 22:22 - 2014-06-15 22:22 - 00000000 ____D () C:\Users\Owner\Downloads\Game of Thrones S04E10 HDTV x264-KILLERS[ettv]
2014-06-14 20:10 - 2012-07-02 16:09 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-06-14 20:10 - 2012-06-17 17:14 - 00699056 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-06-14 20:10 - 2011-10-27 03:51 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-06-14 20:08 - 2012-06-17 13:43 - 00000000 ____D () C:\Program Files\Webroot
2014-06-14 14:10 - 2012-06-18 14:39 - 00000632 __RSH () C:\Users\Owner\ntuser.pol
2014-06-14 14:10 - 2012-06-17 13:10 - 00001420 _____ () C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-06-14 14:07 - 2014-06-14 14:07 - 00000000 ____D () C:\Users\Family\AppData\Roaming\AVAST Software
2014-06-14 14:07 - 2012-06-26 04:42 - 00001420 _____ () C:\Users\Family\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-06-14 14:07 - 2012-06-26 04:42 - 00000906 __RSH () C:\Users\Family\ntuser.pol
2014-06-14 14:07 - 2012-06-26 04:42 - 00000000 ____D () C:\Users\Family
2014-06-14 13:38 - 2009-07-13 20:20 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2014-06-14 13:37 - 2007-07-11 18:49 - 00000000 ____D () C:\Windows\Panther
2014-06-14 13:35 - 2014-03-15 02:27 - 05038800 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-06-14 13:33 - 2012-12-14 01:04 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-06-14 13:33 - 2012-12-14 01:04 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-06-14 12:09 - 2014-07-01 09:56 - 00000008 _____ () C:\Users\Owner\Downloads\steam_appid.txt
2014-06-14 03:03 - 2014-06-14 03:03 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-06-14 03:03 - 2010-11-21 00:17 - 00000000 ____D () C:\Program Files\Windows Journal
2014-06-14 03:03 - 2009-07-13 22:32 - 00000000 ____D () C:\Program Files\Windows Defender
2014-06-14 03:03 - 2009-07-13 22:32 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
2014-06-14 03:03 - 2009-07-13 20:20 - 00000000 ____D () C:\Windows\SysWOW64\zh-HK
2014-06-14 03:03 - 2009-07-13 20:20 - 00000000 ____D () C:\Windows\SysWOW64\tr-TR
2014-06-14 03:03 - 2009-07-13 20:20 - 00000000 ____D () C:\Windows\system32\zh-HK
2014-06-14 03:03 - 2009-07-13 20:20 - 00000000 ____D () C:\Windows\system32\tr-TR
2014-06-14 03:03 - 2009-07-13 20:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-06-14 00:07 - 2013-11-27 23:05 - 00000000 ____D () C:\Users\Owner\Downloads\Hammerwatch
2014-06-13 20:15 - 2014-06-13 20:15 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\com.blinkworks.IGTM
2014-06-13 19:56 - 2014-06-13 19:56 - 00000222 _____ () C:\Users\Owner\Desktop\Indie Game The Movie.url
2014-06-13 19:25 - 2014-06-13 19:15 - 00000000 ____D () C:\Windows\system32\MRT
2014-06-13 19:14 - 2012-06-17 18:33 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-06-13 18:57 - 2014-06-13 18:53 - 00009784 _____ () C:\Windows\IE11_main.log
2014-06-13 18:54 - 2014-06-13 18:54 - 23414784 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-06-13 18:54 - 2014-06-13 18:54 - 17271296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-06-13 18:54 - 2014-06-13 18:54 - 13522944 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-06-13 18:54 - 2014-06-13 18:54 - 11725312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-06-13 18:54 - 2014-06-13 18:54 - 05782528 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-06-13 18:54 - 2014-06-13 18:54 - 04244992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-06-13 18:54 - 2014-06-13 18:54 - 02768384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-06-13 18:54 - 2014-06-13 18:54 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-06-13 18:54 - 2014-06-13 18:54 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-06-13 18:54 - 2014-06-13 18:54 - 02266112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-06-13 18:54 - 2014-06-13 18:54 - 02179072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-06-13 18:54 - 2014-06-13 18:54 - 02040832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-06-13 18:54 - 2014-06-13 18:54 - 01964544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-06-13 18:54 - 2014-06-13 18:54 - 01790976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-06-13 18:54 - 2014-06-13 18:54 - 01398272 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-06-13 18:54 - 2014-06-13 18:54 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-06-13 18:54 - 2014-06-13 18:54 - 01143296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-06-13 18:54 - 2014-06-13 18:54 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-06-13 18:54 - 2014-06-13 18:54 - 00942592 _____ (Microsoft Corporation) C:\Windows\system32\jsIntl.dll
2014-06-13 18:54 - 2014-06-13 18:54 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-06-13 18:54 - 2014-06-13 18:54 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-06-13 18:54 - 2014-06-13 18:54 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-06-13 18:54 - 2014-06-13 18:54 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-06-13 18:54 - 2014-06-13 18:54 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-06-13 18:54 - 2014-06-13 18:54 - 00645120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsIntl.dll
2014-06-13 18:54 - 2014-06-13 18:54 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-06-13 18:54 - 2014-06-13 18:54 - 00616104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dat
2014-06-13 18:54 - 2014-06-13 18:54 - 00616104 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dat
2014-06-13 18:54 - 2014-06-13 18:54 - 00610304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-06-13 18:54 - 2014-06-13 18:54 - 00608768 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-06-13 18:54 - 2014-06-13 18:54 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-06-13 18:54 - 2014-06-13 18:54 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-06-13 18:54 - 2014-06-13 18:54 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-06-13 18:54 - 2014-06-13 18:54 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-06-13 18:54 - 2014-06-13 18:54 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-06-13 18:54 - 2014-06-13 18:54 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-06-13 18:54 - 2014-06-13 18:54 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-06-13 18:54 - 2014-06-13 18:54 - 00413696 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2014-06-13 18:54 - 2014-06-13 18:54 - 00368128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-06-13 18:54 - 2014-06-13 18:54 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2014-06-13 18:54 - 2014-06-13 18:54 - 00295424 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-06-13 18:54 - 2014-06-13 18:54 - 00266456 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-06-13 18:54 - 2014-06-13 18:54 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\msls31.dll
2014-06-13 18:54 - 2014-06-13 18:54 - 00243200 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2014-06-13 18:54 - 2014-06-13 18:54 - 00242688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-06-13 18:54 - 2014-06-13 18:54 - 00240856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-06-13 18:54 - 2014-06-13 18:54 - 00235520 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2014-06-13 18:54 - 2014-06-13 18:54 - 00235008 _____ (Microsoft Corporation) C:\Windows\system32\elshyph.dll
2014-06-13 18:54 - 2014-06-13 18:54 - 00233472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\url.dll
2014-06-13 18:54 - 2014-06-13 18:54 - 00208384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2014-06-13 18:54 - 2014-06-13 18:54 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-06-13 18:54 - 2014-06-13 18:54 - 00194048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\elshyph.dll
2014-06-13 18:54 - 2014-06-13 18:54 - 00182272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msls31.dll
2014-06-13 18:54 - 2014-06-13 18:54 - 00167424 _____ (Microsoft Corporation) C:\Windows\system32\iexpress.exe
2014-06-13 18:54 - 2014-06-13 18:54 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-06-13 18:54 - 2014-06-13 18:54 - 00151552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iexpress.exe
2014-06-13 18:54 - 2014-06-13 18:54 - 00147968 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2014-06-13 18:54 - 2014-06-13 18:54 - 00143872 _____ (Microsoft Corporation) C:\Windows\system32\wextract.exe
2014-06-13 18:54 - 2014-06-13 18:54 - 00139264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wextract.exe
2014-06-13 18:54 - 2014-06-13 18:54 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-06-13 18:54 - 2014-06-13 18:54 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2014-06-13 18:54 - 2014-06-13 18:54 - 00131072 _____ (Microsoft Corporation) C:\Windows\system32\IEAdvpack.dll
2014-06-13 18:54 - 2014-06-13 18:54 - 00127488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2014-06-13 18:54 - 2014-06-13 18:54 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2014-06-13 18:54 - 2014-06-13 18:54 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-06-13 18:54 - 2014-06-13 18:54 - 00111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\IEAdvpack.dll
2014-06-13 18:54 - 2014-06-13 18:54 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-06-13 18:54 - 2014-06-13 18:54 - 00105984 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2014-06-13 18:54 - 2014-06-13 18:54 - 00101376 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2014-06-13 18:54 - 2014-06-13 18:54 - 00090112 _____ (Microsoft Corporation) C:\Windows\system32\SetIEInstalledDate.exe
2014-06-13 18:54 - 2014-06-13 18:54 - 00086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2014-06-13 18:54 - 2014-06-13 18:54 - 00086016 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2014-06-13 18:54 - 2014-06-13 18:54 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-06-13 18:54 - 2014-06-13 18:54 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-06-13 18:54 - 2014-06-13 18:54 - 00083456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2014-06-13 18:54 - 2014-06-13 18:54 - 00081408 _____ (Microsoft Corporation) C:\Windows\system32\icardie.dll
2014-06-13 18:54 - 2014-06-13 18:54 - 00077312 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2014-06-13 18:54 - 2014-06-13 18:54 - 00074240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SetIEInstalledDate.exe
2014-06-13 18:54 - 2014-06-13 18:54 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2014-06-13 18:54 - 2014-06-13 18:54 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-06-13 18:54 - 2014-06-13 18:54 - 00069120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardie.dll
2014-06-13 18:54 - 2014-06-13 18:54 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-06-13 18:54 - 2014-06-13 18:54 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2014-06-13 18:54 - 2014-06-13 18:54 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\pngfilt.dll
2014-06-13 18:54 - 2014-06-13 18:54 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-06-13 18:54 - 2014-06-13 18:54 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-06-13 18:54 - 2014-06-13 18:54 - 00056832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pngfilt.dll
2014-06-13 18:54 - 2014-06-13 18:54 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2014-06-13 18:54 - 2014-06-13 18:54 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-06-13 18:54 - 2014-06-13 18:54 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-06-13 18:54 - 2014-06-13 18:54 - 00048640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmler.dll
2014-06-13 18:54 - 2014-06-13 18:54 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\mshtmler.dll
2014-06-13 18:54 - 2014-06-13 18:54 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-06-13 18:54 - 2014-06-13 18:54 - 00048128 _____ (Microsoft Corporation) C:\Windows\system32\imgutil.dll
2014-06-13 18:54 - 2014-06-13 18:54 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedsbs.dll
2014-06-13 18:54 - 2014-06-13 18:54 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-06-13 18:54 - 2014-06-13 18:54 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-06-13 18:54 - 2014-06-13 18:54 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imgutil.dll
2014-06-13 18:54 - 2014-06-13 18:54 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-06-13 18:54 - 2014-06-13 18:54 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-06-13 18:54 - 2014-06-13 18:54 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-06-13 18:54 - 2014-06-13 18:54 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\licmgr10.dll
2014-06-13 18:54 - 2014-06-13 18:54 - 00024576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\licmgr10.dll
2014-06-13 18:54 - 2014-06-13 18:54 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2014-06-13 18:54 - 2014-06-13 18:54 - 00013312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshta.exe
2014-06-13 18:54 - 2014-06-13 18:54 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2014-06-13 18:54 - 2014-06-13 18:54 - 00012800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
2014-06-13 18:54 - 2014-06-13 18:54 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-06-13 18:46 - 2011-10-27 03:42 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-06-13 18:46 - 2011-10-27 03:42 - 00000000 ____D () C:\ProgramData\Skype
2014-06-13 18:44 - 2012-11-02 03:02 - 00000039 _____ () C:\Windows\vbaddin.ini
2014-06-13 18:11 - 2012-12-14 01:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2014-06-13 16:58 - 2014-06-13 16:58 - 01039096 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys.1402703924607
2014-06-13 16:58 - 2014-06-13 16:58 - 00423240 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys.1402703924607
2014-06-13 16:58 - 2014-06-13 16:58 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\AVAST Software
2014-06-13 16:57 - 2014-06-13 16:57 - 00000000 ____D () C:\Program Files\AVAST Software
2014-06-13 16:54 - 2014-06-13 16:54 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-06-13 16:53 - 2014-06-13 16:53 - 94714880 _____ (AVAST Software) C:\Users\Owner\Downloads\avast_free_antivirus_setup.exe
2014-06-12 22:02 - 2014-07-01 09:56 - 00000649 _____ () C:\Users\Owner\Downloads\Startup.ini
2014-06-12 10:54 - 2014-06-12 10:54 - 00000776 _____ () C:\Users\Public\Desktop\World of Tanks.lnk
2014-06-12 10:54 - 2014-06-12 10:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\World of Tanks
2014-06-12 10:54 - 2012-08-04 14:17 - 00000000 ___HD () C:\Windows\msdownld.tmp
2014-06-12 10:54 - 2012-08-04 14:17 - 00000000 ____D () C:\Windows\SysWOW64\directx
2014-06-12 10:54 - 2012-08-04 14:16 - 00000000 ____D () C:\Games
2014-06-12 10:49 - 2014-06-12 10:49 - 09237816 _____ (Wargaming.net ) C:\Users\Owner\Downloads\WoT_internet_install_na.exe
2014-06-11 18:03 - 2013-01-30 04:48 - 00000132 _____ () C:\Users\Owner\AppData\Roaming\Adobe PNG Format CS6 Prefs
2014-06-10 01:54 - 2014-03-09 21:38 - 00074275 _____ () C:\Windows\DirectX.log
2014-06-09 23:27 - 2014-06-09 23:27 - 00000220 _____ () C:\Users\Owner\Desktop\Star Trek Online.url
2014-06-08 22:19 - 2014-06-08 22:19 - 00000000 ____D () C:\Users\Owner\Downloads\Game of Thrones S04E09 HDTV x264-KILLERS[ettv]
2014-06-08 17:38 - 2014-06-08 17:38 - 00001252 _____ () C:\Users\Owner\Desktop\TF2Idle v1.6.0 - Shortcut.lnk
2014-06-08 14:23 - 2013-09-04 15:02 - 00000000 ____D () C:\Users\Owner\Documents\StarCitizen
2014-06-08 14:22 - 2014-06-08 14:22 - 00001093 _____ () C:\Users\Owner\Desktop\StarCitizen.lnk
2014-06-08 14:22 - 2014-06-08 14:22 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\StarCitizen
2014-06-08 12:29 - 2014-06-08 12:29 - 32802904 _____ () C:\Users\Owner\Downloads\StarCitizenInstaller.exe
2014-06-08 02:21 - 2014-06-08 02:21 - 00000000 ____D () C:\Users\Owner\AppData\Roaming\MKKE
2014-06-08 02:21 - 2013-05-14 20:37 - 00000000 ____D () C:\ProgramData\Steam
2014-06-08 02:18 - 2014-06-08 02:17 - 00000000 ____D () C:\Program Files (x86)\Mortal Kombat Complete Edition
2014-06-08 02:17 - 2014-06-08 02:17 - 00002018 _____ () C:\Users\Public\Desktop\Mortal Kombat Complete Edition.lnk
2014-06-08 02:17 - 2014-06-08 02:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mortal Kombat Complete Edition
2014-06-08 02:13 - 2014-06-13 17:56 - 00506368 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-06-08 02:08 - 2014-06-13 17:56 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-06-08 02:02 - 2014-06-08 01:31 - 00000000 ____D () C:\Program Files (x86)\Total War ROME II
2014-06-08 01:49 - 2014-06-08 01:49 - 00000848 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Total War ROME II.lnk
2014-06-08 01:49 - 2014-06-08 01:49 - 00000836 _____ () C:\Users\Public\Desktop\Total War ROME II.lnk
2014-06-08 01:26 - 2014-05-20 17:27 - 00000000 ____D () C:\Program Files (x86)\Wolfenstein The New Order
2014-06-08 01:23 - 2012-08-07 06:58 - 00207360 ___SH () C:\Users\Owner\Thumbs.db
2014-06-08 00:19 - 2014-06-08 00:19 - 00000000 ____D () C:\Users\Owner\Downloads\soundtrack
2014-06-08 00:19 - 2014-06-08 00:19 - 00000000 ____D () C:\Users\Owner\Downloads\DesktopDungeons_Data
2014-06-08 00:19 - 2014-06-08 00:19 - 00000000 ____D () C:\Users\Owner\Downloads\3DMGAME
2014-06-08 00:07 - 2014-06-07 23:57 - 510772932 ____R () C:\Users\Owner\Downloads\3DMGAME-Desktop.Dungeons.Special.Edition.Build.2013.11.26.Cracked-3DM.7z
2014-06-08 00:06 - 2014-06-07 23:44 - 3991830528 _____ () C:\Users\Owner\Downloads\Mortal_Kombat_Complete_Edition_RePack_ENG.iso

Files to move or delete:
====================
C:\Users\Owner\berkelium.exe


Some content of TEMP:
====================
C:\Users\Owner\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpb32roa.dll


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll
[2010-11-20 20:24] - [2010-11-20 20:24] - 0528384 ____A (Microsoft Corporation) 852B6FB865EC42D1DB310B1AFD1A9FB3

 ATTENTION ======> If the system is having audio adware rpcss.dll is patched. Google the MD5, if the MD5 is unique the file is infected.
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


testsigning: ==> Check for possible unsigned rootkit driver <===== ATTENTION!


LastRegBack: 2014-06-28 00:42

==================== End Of Log ============================


Additional scan result of Farbar Recovery Scan Tool (x64) Version: 05-07-2014 01
Ran by Owner at 2014-07-06 11:20:41
Running from C:\Users\Owner\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
FW: avast! Antivirus (Enabled) {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}

==================== Installed Programs ======================

 Tools for .Net 3.5 (x32 Version: 3.11.50727 - Microsoft Corporation) Hidden
 Update for Microsoft Office 2007 (KB2508958) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0C5823AA-7B6F-44E1-8D5B-8FD1FF0E6438}) (Version:  - Microsoft)
7-Zip 9.20 (HKLM-x32\...\7-Zip) (Version:  - )
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Addon Sync 2009 (HKLM-x32\...\{4E3AA543-09D7-401E-9DF2-2591D24C7C49}) (Version: 1.0.67 - YomaTools)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.5.0.1060 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 3.5.0.1060 - Adobe Systems Incorporated) Hidden
Adobe Download Assistant (HKLM-x32\...\com.adobe.downloadassistant.AdobeDownloadAssistant) (Version: 1.2.5 - Adobe Systems Incorporated)
Adobe Download Assistant (x32 Version: 1.2.5 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 11 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 11.5.502.146 - Adobe Systems Incorporated)
Adobe Flash Player 14 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 14.0.0.125 - Adobe Systems Incorporated)
Adobe Photoshop CS6 (HKLM-x32\...\{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}) (Version: 13.0 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.07) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.07 - Adobe Systems Incorporated)
Always Sometimes Monsters (HKLM-x32\...\Steam App 274310) (Version:  - Vagabond Dog)
Apple Application Support (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{2EF5D87E-B7BD-458F-8428-E4D0B8B4E65C}) (Version: 7.0.0.117 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
applicationupdater (HKCU\...\SOE-C:/Users/Owner/AppData/Local/Sony Online Entertainment/ApplicationUpdater) (Version:  - Sony Online Entertainment)
Arma: Cold War Assault (HKLM-x32\...\Steam App 65790) (Version:  - Bohemia Interactive)
AutoHotkey 1.0.48.05 (HKLM-x32\...\AutoHotkey) (Version: 1.0.48.05 - Chris Mallett)
avast! Internet Security (HKLM-x32\...\Avast) (Version: 9.0.2021 - AVAST Software)
Awesomenauts (HKLM-x32\...\Steam App 204300) (Version:  - Ronimo Games)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
BattlEye for OA Uninstall (HKLM-x32\...\BattlEye for OA) (Version:  - )
Bing Bar (HKLM-x32\...\{16793295-2366-40F7-A045-A3E42A81365E}) (Version: 7.1.362.0 - Microsoft Corporation)
BIT.TRIP RUNNER (HKLM-x32\...\Steam App 63710) (Version:  - Gaijin Games)
BitTorrent (HKCU\...\BitTorrent) (Version: 7.9.2.32128 - BitTorrent Inc.)
Blacklight: Retribution (HKLM-x32\...\Steam App 209870) (Version:  - )
Blade Symphony (HKLM-x32\...\Steam App 225600) (Version:  - Puny Human Games)
BLAZBLUE -CALAMITY TRIGGER- (HKLM-x32\...\GFWL_{415807D5-45E8-4635-A5A9-C81000008400}) (Version: 1.0.0000.132 - ARC SYSTEM WORKS)
BLAZBLUE -CALAMITY TRIGGER- (x32 Version: 1.0.0000.132 - ARC SYSTEM WORKS) Hidden
Blend for Visual Studio 2012 (x32 Version: 5.0.30709.0 - Microsoft Corporation) Hidden
Blend for Visual Studio 2012 ENU resources (x32 Version: 5.0.30709.0 - Microsoft Corporation) Hidden
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Broforce (HKLM-x32\...\Steam App 274190) (Version:  - Free Lives)
Cave Story+ (HKLM-x32\...\Steam App 200900) (Version:  - )
CCleaner (HKLM\...\CCleaner) (Version: 3.25 - Piriform)
Cheat Engine 6.2 (HKLM-x32\...\Cheat Engine 6.2_is1) (Version:  - Dark Byte)
Citrix Authentication Manager (x32 Version: 3.0.0.47031 - Citrix Systems, Inc.) Hidden
Citrix Receiver (HDX Flash Redirection) (x32 Version: 13.3.0.55 - Citrix Systems, Inc.) Hidden
Citrix Receiver (HKLM-x32\...\CitrixOnlinePluginPackWeb) (Version: 13.3.0.55 - Citrix Systems, Inc.)
Citrix Receiver Inside (x32 Version: 3.3.0.17208 - Citrix Systems, Inc.) Hidden
Citrix Receiver Updater (x32 Version: 3.3.0.17207 - Citrix Systems, Inc.) Hidden
Citrix Receiver(Aero) (x32 Version: 13.3.0.55 - Citrix Systems, Inc.) Hidden
Citrix Receiver(DV) (x32 Version: 13.3.0.55 - Citrix Systems, Inc.) Hidden
Citrix Receiver(USB) (x32 Version: 13.3.0.55 - Citrix Systems, Inc.) Hidden
Combined Community Codec Pack 2010-10-10 (HKLM-x32\...\Combined Community Codec Pack_is1) (Version: 2010.10.10.0 - CCCP Project)
Contagion (HKLM-x32\...\Steam App 238430) (Version:  - Monochrome LLC)
Counter-Strike (HKLM-x32\...\Steam App 10) (Version:  - Valve)
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version:  - )
CyberLink MediaEspresso (HKLM-x32\...\InstallShield_{E3739848-5329-48E3-8D28-5BBD6E8BE384}) (Version: 6.5.1720_38230 - CyberLink Corp.)
CyberLink MediaEspresso (x32 Version: 6.5.1720_38230 - CyberLink Corp.) Hidden
CyberLink PowerDVD 10 (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.2531.52 - CyberLink Corp.)
CyberLink PowerDVD 10 (x32 Version: 10.0.2531.52 - CyberLink Corp.) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dark Souls Prepare to Die Edition (HKLM-x32\...\GFWL_{4E4D0FA1-F880-4CCB-999A-501000008200}) (Version: 1.0.0000.130 - NAMCO BANDAI Games Europe S.A.S.)
Dark Souls Prepare to Die Edition (x32 Version: 1.0.0000.130 - NAMCO BANDAI Games Europe S.A.S.) Hidden
DEFCON Demo (HKLM-x32\...\Steam App 1522) (Version:  - Introversion Software)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (HKLM-x32\...\{91140000-003B-0000-0000-0000000FF1CE}_Office14.PRJPROR_{CA75CBF9-B078-47CB-ABA3-74EFD4FC9A43}) (Version:  - Microsoft)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (HKLM-x32\...\{91140000-0057-0000-0000-0000000FF1CE}_Office14.VISIOR_{CA75CBF9-B078-47CB-ABA3-74EFD4FC9A43}) (Version:  - Microsoft)
Democracy 3 (HKLM-x32\...\GOGPACKDEMOCRACY3_is1) (Version: 2.0.0.3 - GOG.com)
Desura (HKLM-x32\...\Desura) (Version: 100.53 - Desura)
Desura: Epic Inventor (HKLM-x32\...\Desura_69831873265696) (Version: Full - Pixel Prone)
Desura: Kill Fun Yeah (HKLM-x32\...\Desura_75926431858720) (Version: Demo - Arctic Anteater)
Desura: Naev (HKLM-x32\...\Desura_71730248810528) (Version: Full - Naev Dev Team)
Desura: Omegalodon (HKLM-x32\...\Desura_72632191942688) (Version: Demo - North of Earth)
Desura: Savage XR (HKLM-x32\...\Desura_339302416416) (Version: Full - S2 Games)
Desura: Zombie Grinder (HKLM-x32\...\Desura_65884798320672) (Version: Alpha - Twin Drills)
Deus Ex: Game of the Year Edition (HKLM-x32\...\Steam App 6910) (Version:  - Eidos)
Deus Ex: Human Revolution - The Missing Link (HKLM-x32\...\Steam App 201280) (Version:  - Eidos Montreal)
Deus Ex: Human Revolution (HKLM-x32\...\Steam App 28050) (Version:  - Eidos Montreal)
Deus Ex: Invisible War (HKLM-x32\...\Steam App 6920) (Version:  - Eidos)
Dia (remove only) (HKLM-x32\...\Dia) (Version:  - )
Diablo III (HKLM-x32\...\Diablo III) (Version:  - Blizzard Entertainment)
Dictation Pro (HKLM-x32\...\Dictation Pro_is1) (Version:  - Deskshare Inc.)
Distant Worlds Universe (HKLM-x32\...\Distant Worlds Universe_is1) (Version:  - )
Dogecoin (HKCU\...\Dogecoin) (Version: 1.5.2.0 - Dogecoin)
Doom Warrior (HKLM-x32\...\{ECD05543-FB6F-45A9-8CA5-7BBF5FAABE31}_is1) (Version: 1.07 - Creaky Corpse Ltd)
Dota 2 (HKLM-x32\...\Steam App 570) (Version:  - Valve)
Dotfuscator and Analytics Community Edition (x32 Version: 5.5.4521.29298 - PreEmptive Solutions) Hidden
DriverIdentifier 4.2.2 (HKLM-x32\...\{40A3E5DB-5EF8-4F04-BF3E-7AB87C4AE85A}_is1) (Version:  - DriverIdentifier)
Dropbox (HKCU\...\Dropbox) (Version: 2.8.2 - Dropbox, Inc.)
Dungeon of the Endless (HKLM-x32\...\Steam App 249050) (Version:  - AMPLITUDE Studios)
Dwarfs!? (HKLM-x32\...\Steam App 35480) (Version:  - Power of 2)
Dynasty Warriors 8 Xtreme Legends (HKLM-x32\...\Dynasty Warriors 8 Xtreme Legends_is1) (Version:  - )
Easy GIF Animator 5.6 (HKLM-x32\...\Easy GIF Animator_is1) (Version: Easy GIF Animator 5.0 - Karlis Blumentals)
EDGE (HKLM-x32\...\Steam App 38740) (Version:  - Two Tribes)
eLab Client version 1.2.1.20 (HKLM-x32\...\eLab Client_is1) (Version:  - LabMentors, Inc.)
Endless Space (HKLM-x32\...\Steam App 208140) (Version:  - Amplitude Studios)
Entity Framework Designer for Visual Studio 2012 - enu (HKLM-x32\...\{0A1A1D48-DB23-443A-BC7B-49255D138020}) (Version: 11.1.20702.00 - Microsoft Corporation)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version:  - )
ESG Launchpad (HKCU\...\8ba38ebc79009889) (Version: 1.0.0.7 - The Alpha Company, LLC)
Etron USB3.0 Host Controller (x32 Version: 0.103 - Etron Technology) Hidden
FastStone Image Viewer 4.6 (HKLM-x32\...\FastStone Image Viewer) (Version: 4.6 - FastStone Soft)
Fistful of Frags (HKLM-x32\...\Steam App 265630) (Version:  - Fistful of Frags Team)
FlashDevelop 4.3.0 (HKLM-x32\...\FlashDevelop) (Version: 4.3.0-RTM - FlashDevelop.org)
Flvto Converter (HKLM-x32\...\Flvto Converter) (Version: 0.2.2 - Hotger)
Freenet (HKCU\...\Freenet) (Version:  - )
FTL: Faster Than Light (HKLM-x32\...\Steam App 212680) (Version:  - )
FxFoto by Triscape (HKLM-x32\...\FxFoto) (Version:  - )
Galerie de photos Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
gamelauncher-ps2-live (HKCU\...\SOE-C:/Users/Public/Sony Online Entertainment/Installed Games/PlanetSide 2) (Version:  - Sony Online Entertainment)
Garry's Mod (HKLM-x32\...\Steam App 4000) (Version:  - Garry)
Garry's Mod 13 (HKLM-x32\...\Steam App 4010) (Version:  - TEAM GARRY)
Gateway Recovery Management (HKLM-x32\...\{7F811A54-5A09-4579-90E1-C93498E230D9}) (Version: 5.00.3502 - Gateway Incorporated)
Gateway Registration (HKLM-x32\...\Gateway Registration) (Version: 1.04.3503 - Gateway Incorporated)
Gateway ScreenSaver (HKLM-x32\...\Gateway Screensaver) (Version: 1.1.0225.2011 - Gateway Incorporated)
Gateway Updater (HKLM-x32\...\{EE171732-BEB4-4576-887D-CB62727F01CA}) (Version: 1.02.3501 - Gateway Incorporated)
Gear Up (HKLM-x32\...\Steam App 214420) (Version:  - )
GeForce Experience NvStream Client Components (Version: 1.6.28 - NVIDIA Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 35.0.1916.153 - Google Inc.)
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
Grand Theft Auto IV (HKLM-x32\...\Steam App 12210) (Version:  - Rockstar North)
Grand Theft Auto: Episodes from Liberty City (HKLM-x32\...\Steam App 12220) (Version:  - Rockstar North / Toronto)
Guacamelee! Gold Edition (HKLM-x32\...\GOGPACKGUACAMELEE_is1) (Version: 2.0.0.8 - GOG.com)
Gunpoint Demo (HKLM-x32\...\Steam App 240570) (Version:  - Suspicious Developments)
GunZ 2: The Second Duel (HKLM-x32\...\Steam App 242720) (Version:  - MAIET Entertainment)
Half-Life 2 (HKLM-x32\...\Steam App 220) (Version:  - Valve)
Half-Life 2: Episode One (HKLM-x32\...\Steam App 380) (Version:  - Valve)
Half-Life 2: Episode Two (HKLM-x32\...\Steam App 420) (Version:  - Valve)
Hearthstone (HKLM-x32\...\Hearthstone) (Version:  - Blizzard Entertainment)
Hi-Rez Studios Authenticate and Update Service (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF1FC}) (Version: 3.0.0.0 - Hi-Rez Studios)
Hotkey Utility (HKLM-x32\...\Hotkey Utility) (Version: 2.05.3505 - Gateway Incorporated)
Hotline Miami (HKLM-x32\...\GOGPACKHOTLINEMIAMI_is1) (Version: 2.0.0.4 - GOG.com)
iCloud (HKLM\...\{D0CB24F4-084F-40DE-B6B9-A03626E682F0}) (Version: 2.1.1.3 - Apple Inc.)
Identity Card (HKLM-x32\...\Identity Card) (Version: 1.00.3501 - Gateway Incorporated)
IIS 8.0 Express (HKLM\...\{7BF61FA9-BDFB-4563-98AD-FCB0DA28CCC7}) (Version: 8.0.1557 - Microsoft Corporation)
IIS Express Application Compatibility Database for x64 (HKLM\...\{9f4f4a9b-eec5-4906-92fe-d1f43ccf5c8d}.sdb) (Version:  - )
IIS Express Application Compatibility Database for x86 (HKLM\...\{fdfba1f3-74ae-4255-9c10-a0f552b4610f}.sdb) (Version:  - )
Indie Game: The Movie (HKLM-x32\...\Steam App 207080) (Version:  - BlinkWorks Media)
Intel® Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2353 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.1.0.1008 - Intel Corporation)
iTunes (HKLM\...\{F73A118B-8271-47E2-8790-0C636B2539C5}) (Version: 11.1.0.126 - Apple Inc.)
Java 7 Update 25 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417025FF}) (Version: 7.0.250 - Oracle)
Java 7 Update 25 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.250 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.5 - Sun Microsystems, Inc.) Hidden
Java SE Development Kit 7 Update 25 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0170250}) (Version: 1.7.0.250 - Oracle)
Java™ 6 Update 25 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216025FF}) (Version: 6.0.250 - Oracle)
JavaFX 2.1.1 (HKLM-x32\...\{1111706F-666A-4037-7777-211328764D10}) (Version: 2.1.1 - Oracle Corporation)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Killing Floor (HKLM-x32\...\Steam App 1250) (Version:  - Tripwire Interactive)
Killing Floor Mod: Defence Alliance 2 (HKLM-x32\...\Steam App 35420) (Version:  - )
Krater (HKLM-x32\...\Steam App 42170) (Version:  - )
L.A. Noire (HKLM-x32\...\{915726DF-7891-444A-AA03-0DF1D64F561A}) (Version: 1.00.0000 - Rockstar Games)
Landmark Beta (HKCU\...\SOE-Landmark Beta) (Version: 1.0.3.183 - Sony Online Entertainment)
Left 4 Dead 2 (HKLM-x32\...\Steam App 550) (Version:  - Valve)
Legend of Dungeon 1.0 (HKLM-x32\...\Legend of Dungeon 1.0) (Version: 1.0 - Cat-A-Cat)
Loadout (HKLM-x32\...\Steam App 208090) (Version:  - Edge of Reality)
LocalESPC (x32 Version: 8.59.25584 - Microsoft Corporation) Hidden
LocalESPCui for en-us (x32 Version: 8.59.25584 - Microsoft) Hidden
LoiLo Game Recorder (HKLM\...\{89E4163C-BD19-45A9-BCEB-980741786799}_is1) (Version: 1.1.0.0 - LoiLo inc.)
LoiLoScope 2 (HKLM-x32\...\{CAB75FFC-2377-4B95-A8FA-C9234B812A92}_is1) (Version: 2.5.3.2 - LoiLo inc)
Lone Survivor (HKLM-x32\...\Steam App 209830) (Version:  - )
Magicka: Wizard Wars (HKLM-x32\...\Steam App 202090) (Version:  - Paradox North)
Malwarebytes Anti-Malware version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
MAV (HKLM-x32\...\MAV) (Version: 0.5.15_0 - Puchisoft, Inc.)
MechWarrior Online (HKCU\...\{74d11f91-05cc-44f6-8e49-94fe7f33c79b}) (Version: 1.2.0.0 - Piranha Games Inc.)
MechWarrior Online (x32 Version: 1.2.0.0 - Piranha Games Inc.) Hidden
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
METAL GEAR RISING: REVENGEANCE (HKLM-x32\...\TUVUQUxHRUFSUklTSU5HUkVWRU5HRUFOQ0U=_is1) (Version: 1 - )
Metro Last Light (HKLM-x32\...\Metro Last Light_is1) (Version:  - )
Microsoft .NET Framework 4 Multi-Targeting Pack (x32 Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5 Multi-Targeting Pack (HKLM-x32\...\{5CBFF3F3-2D40-34EE-BCA5-A95BC19E400D}) (Version: 4.5.50709 - Microsoft Corporation)
Microsoft .NET Framework 4.5 SDK (HKLM-x32\...\{1948E039-EC79-4591-951D-9867A8C14C90}) (Version: 4.5.50709 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Chart Controls for Microsoft .NET Framework 3.5 (HKLM-x32\...\{41785C66-90F2-40CE-8CB5-1C94BFC97280}) (Version: 3.5.30730.0 - Microsoft Corporation)
Microsoft Game Studios Common Redistributables Pack 1 (x32 Version: 1.0.0 - Microsoft Game Studios) Hidden
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}) (Version: 3.5.92.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)
Microsoft Help Viewer 2.0 (HKLM-x32\...\Microsoft Help Viewer 2.0) (Version: 2.0.50727 - Microsoft Corporation)
Microsoft Help Viewer 2.0 (x32 Version: 2.0.50727 - Microsoft Corporation) Hidden
Microsoft LightSwitch for Visual Studio 2012 Core (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft LightSwitch for Visual Studio 2012 CoreRes - ENU (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft NuGet - Visual Studio 2012 (x32 Version: 2.0.30625.9003 - Microsoft Corporation) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden
Microsoft Office Access MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Access Setup Metadata MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Groove MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Groove Setup Metadata MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Project MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Project Professional 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden
Microsoft Office Publisher MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Visio 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Visio MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Portable Library Multi-Targeting Pack (x32 Version: 11.0.50709.17929 - Microsoft Corporation) Hidden
Microsoft Portable Library Multi-Targeting Pack Language Pack - enu (x32 Version: 11.0.50709.17929 - Microsoft Corporation) Hidden
Microsoft Project Professional 2010 (HKLM-x32\...\Office14.PRJPROR) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Report Viewer Add-On for Visual Studio 2012 (x32 Version: 11.1.2802.16 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft Silverlight 5 SDK (HKLM-x32\...\{E1FBB3D4-ADB0-4949-B101-855DA061C735}) (Version: 5.0.61118.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server 2012 Command Line Utilities  (HKLM\...\{9D573E71-1077-4C7E-B4DB-4E22A5D2B48B}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Data-Tier App Framework  (HKLM\...\{36E619BC-A234-4EC3-849B-779A7C865A45}) (Version: 11.0.2316.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Data-Tier App Framework  (HKLM-x32\...\{FBA6F90E-36EC-4FC9-9B25-3834E3BD46A8}) (Version: 11.0.2316.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Express LocalDB  (HKLM\...\{13D558FE-A863-402C-B115-160007277033}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Management Objects  (HKLM-x32\...\{DA1C1761-5F4F-4332-AB9D-29EDF3F8EA0A}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Management Objects  (x64) (HKLM\...\{FA0A244E-F3C2-4589-B42A-3D522DE79A42}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Native Client  (HKLM\...\{49D665A2-4C2A-476E-9AB8-FCC425F526FC}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Transact-SQL Compiler Service  (HKLM\...\{BEB0F91E-F2EA-48A1-B938-7857ABF2A93D}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Transact-SQL ScriptDom  (HKLM\...\{0E8670B8-3965-4930-ADA6-570348B67153}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 T-SQL Language Service  (HKLM-x32\...\{6D6D43E5-218C-4B05-92D3-2240810F4760}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 SP1 x64 ENU (HKLM\...\{78909610-D229-459C-A936-25D92283D3FD}) (Version: 4.0.8876.1 - Microsoft Corporation)
Microsoft SQL Server Data Tools - enu (11.1.20627.00) (HKLM-x32\...\{FA804794-2CCB-4301-954F-2C2894698876}) (Version: 11.1.20627.00 - Microsoft Corporation)
Microsoft SQL Server Data Tools Build Utilities - enu (11.1.20627.00) (HKLM-x32\...\{790E9425-8570-493F-9AE7-81AFC9E46930}) (Version: 11.1.20627.00 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (HKLM-x32\...\{A47FD1BF-A815-4A76-BE65-53A15BD5D25D}) (Version: 10.50.1600.1 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (x64) (HKLM\...\{4701DEDE-1888-49E0-BAE5-857875924CA2}) (Version: 10.50.1600.1 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2012 (HKLM-x32\...\{E2082604-4BA5-44BB-BBFB-AF0F3CB8C6AB}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2012 (x64) (HKLM\...\{F1949145-EB64-4DE7-9D81-E6D27937146C}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft Visio Professional 2010 (HKLM-x32\...\Office14.VISIOR) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411 (HKLM-x32\...\{5DA8F6CD-C70E-39D8-8430-3D9808D6BD17}) (Version: 9.0.30411 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012  x64 Designtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 Compilers - ENU Resources (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 Compilers (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 Core Libraries (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 Extended Libraries (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 Microsoft Foundation Class Libraries (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Debug Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Debug Runtime - 11.0.50727 (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2012 Devenv (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2012 Devenv Resources (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2012 IntelliTrace Core amd64 (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2012 IntelliTrace Core x86 (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2012 IntelliTrace Front End x86 (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2012 Performance Collection Tools - ENU (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2012 Performance Collection Tools (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2012 Preparation (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2012 Shell (Minimum) (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2012 Shell (Minimum) Interop Assemblies (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2012 Shell (Minimum) Resources (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2012 Tools for SQL Server Compact 4.0 SP1 ENU (x32 Version: 4.0.8876.1 - Microsoft Corporation) Hidden
Microsoft Visual Studio Premium 2012 - ENU (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio Premium 2012 (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio Professional 2012 - ENU (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio Professional 2012 (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio Team Foundation Server 2012 Object Model (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio Team Foundation Server 2012 Object Model Language Pack - ENU (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio Team Foundation Server 2012 Storyboarding (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio Team Foundation Server 2012 Storyboarding Language Pack - ENU (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio Team Foundation Server 2012 Team Explorer (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio Team Foundation Server 2012 Team Explorer Language Pack - ENU (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio Ultimate 2012 - ENU (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio Ultimate 2012 (HKLM-x32\...\{e238e1a0-7fbd-4146-a4ac-d48badcdf3ae}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual Studio Ultimate 2012 (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio Ultimate 2012 XAML UI Designer Core (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual Studio Ultimate 2012 XAML UI Designer enu Resources (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Web Deploy 3.0 (HKLM\...\{AA72C306-30BE-4BB1-9E42-59552BAD2CDF}) (Version: 3.1236.1631 - Microsoft Corporation)
Microsoft Web Deploy dbSqlPackage Provider - enu (HKLM-x32\...\{E4C33F5B-1B2F-466E-957E-B274F08151A0}) (Version: 10.3.20225.0 - Microsoft Corporation)
Microsoft Web Developer Tools - Visual Studio 2012 (x32 Version: 1.0.30710.0 - Microsoft Corporation) Hidden
Microsoft XML Parser (x32 Version: 8.20.8730.4 - Microsoft Corporation) Hidden
Microsoft XNA Framework Redistributable 3.1 (HKLM-x32\...\{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}) (Version: 3.1.10527.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Microsoft_VC80_CRT_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC90_CRT_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
MotioninJoy Gamepad tool 0.7.1001 (HKLM\...\{330DAC67-5B62-452A-A0E4-6B4A5923940F}_is1) (Version: 0.7.1001 - www.motioninjoy.com)
Mozilla Firefox 30.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 30.0 (x86 en-US)) (Version: 30.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
MP3 To WAV Decoder version 1.0 r2 (HKLM-x32\...\{05B3E767-B182-4279-A35A-A56810C77CFD}_is1) (Version: 1.0 r2 - )
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Mumble 1.2.5 (HKLM-x32\...\{73FBAF60-DF43-4A68-90A4-4B244D237789}) (Version: 1.2.5 - Thorvald Natvig)
MWSnap 3 (HKLM-x32\...\MWSnap 3) (Version: 3.0.0.74 - Mirek Wojtowicz)
Natural Selection 2 (HKLM-x32\...\Steam App 4920) (Version:  - Unknown Worlds Entertainment)
NEO Scavenger Demo (HKLM-x32\...\Steam App 270680) (Version:  - Blue Bottle Games)
Nero 12 (HKLM-x32\...\{560FC78C-A4B2-461D-9B47-820C1EEF87B8}) (Version: 12.0.02000 - )
Nero 12 (HKLM-x32\...\{A2FB4DB1-DCAE-45DF-8755-00DC047ACF80}) (Version: 12.0.03400 - Nero AG)
Nero Audio Pack 1 (x32 Version: 11.0.11500.110.0 - Nero AG) Hidden
Nero BackItUp (x32 Version: 12.0.6002 - Nero AG) Hidden
Nero BackItUp Help (CHM) (x32 Version: 12.0.8000 - Nero AG) Hidden
Nero Blu-ray Player (x32 Version: 12.0.17700 - Nero AG) Hidden
Nero Blu-ray Player Help (CHM) (x32 Version: 12.0.9000 - Nero AG) Hidden
Nero Burning ROM (x32 Version: 12.0.28001 - Nero AG) Hidden
Nero Burning ROM Help (CHM) (x32 Version: 12.0.3000 - Nero AG) Hidden
Nero ControlCenter (x32 Version: 11.0.15500 - Nero AG) Hidden
Nero ControlCenter Help (CHM) (x32 Version: 12.0.7000 - Nero AG) Hidden
Nero Core Components (x32 Version: 11.0.18900 - Nero AG) Hidden
Nero Disc Menus Basic (x32 Version: 12.0.11500 - Nero AG) Hidden
Nero Effects Basic (x32 Version: 12.0.11500 - Nero AG) Hidden
Nero Express (x32 Version: 12.0.28001 - Nero AG) Hidden
Nero Express Help (CHM) (x32 Version: 12.0.5000 - Nero AG) Hidden
Nero Kwik Media (x32 Version: 1.18.19600 - Nero AG) Hidden
Nero Kwik Media Help (CHM) (x32 Version: 12.0.7000 - Nero AG) Hidden
Nero Kwik Themes Basic (x32 Version: 12.0.11500 - Nero AG) Hidden
Nero PiP Effects Basic (x32 Version: 12.0.11500 - Nero AG) Hidden
Nero Recode (x32 Version: 12.0.31001 - Nero AG) Hidden
Nero Recode Help (CHM) (x32 Version: 12.0.7000 - Nero AG) Hidden
Nero RescueAgent (x32 Version: 12.0.10002 - Nero AG) Hidden
Nero RescueAgent Help (CHM) (x32 Version: 12.0.7000 - Nero AG) Hidden
Nero SharedVideoCodecs (x32 Version: 1.0.12100.2.0 - Nero AG) Hidden
Nero Update (x32 Version: 11.0.11800.31.0 - Nero AG) Hidden
Nero Video (x32 Version: 12.0.8000 - Nero AG) Hidden
Nero Video Help (CHM) (x32 Version: 12.0.7000 - Nero AG) Hidden
Nether (HKLM-x32\...\Steam App 247730) (Version:  - Phosphor Games)
Nether Launcher (HKLM\...\{8CE878A2-955B-491F-80D1-2AC021B140F7}) (Version: 16.24.0.0 - Nether Productions, LLC.)
Nidhogg (HKLM-x32\...\TmlkaG9nZw==_is1) (Version: 1 - )
No Time To Explain (HKLM-x32\...\No Time To Explain1.0) (Version: 1.0 - Foxy Games)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.1.4 - )
NVIDIA 3D Vision Controller Driver 335.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 335.21 - NVIDIA Corporation)
NVIDIA 3D Vision Driver 335.23 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 335.23 - NVIDIA Corporation)
NVIDIA Control Panel 335.23 (Version: 335.23 - NVIDIA Corporation) Hidden
NVIDIA GeForce Experience 1.8.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 1.8.1 - NVIDIA Corporation)
NVIDIA Graphics Driver 335.23 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 335.23 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.30.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.30.1 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.147.1067 - NVIDIA Corporation) Hidden
NVIDIA LED Visualizer 1.0 (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA Network Service (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.13.1220 - NVIDIA Corporation) Hidden
NVIDIA PhysX Particle Fluid Demo (HKLM-x32\...\{777748FA-6A51-4923-914C-FCCDA01919BF}) (Version: 1.0.1.4 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)
NVIDIA ShadowPlay 10.11.15 (Version: 10.11.15 - NVIDIA Corporation) Hidden
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.13.3523 - NVIDIA Corporation) Hidden
NVIDIA Update 10.11.15 (Version: 10.11.15 - NVIDIA Corporation) Hidden
NVIDIA Update Core (Version: 10.11.15 - NVIDIA Corporation) Hidden
NVIDIA Virtual Audio 1.2.19 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver) (Version: 1.2.19 - NVIDIA Corporation)
oCam version 22.0.0.0 (HKLM-x32\...\oCam_is1) (Version: 22.0.0.0 - http://ohsoft.net/)
Online Plug-in (x32 Version: 13.3.0.55 - Citrix Systems, Inc.) Hidden
Open Broadcaster Software (HKLM-x32\...\Open Broadcaster Software) (Version:  - )
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
Origin (HKLM-x32\...\Origin) (Version: 9.4.5.195 - Electronic Arts, Inc.)
ORION: Dino Horde (HKLM-x32\...\Steam App 104900) (Version:  - Spiral Game Studios)
PaintTool SAI Ver.1 (HKLM-x32\...\PaintToolSAI) (Version:  - )
Paper Sorcerer (HKLM-x32\...\Steam App 263560) (Version:  - Jesse Gallagher)
Papers Please version 1.1.60-S (HKLM-x32\...\Papers Please_is1) (Version: 1.1.60-S - )
Paranautical Activity (HKLM-x32\...\Steam App 250580) (Version:  - Code Avarice)
PDF Architect (HKLM-x32\...\{80A07844-CA64-4DE4-AB61-D37DDBE8074F}) (Version: 1.0.52.8917 - pdfforge)
PDF Settings CS6 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
PDFCreator (HKLM-x32\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.7.0 - pdfforge)
PeerBlock 1.1 (r518) (HKLM\...\{015C5B35-B678-451C-9AEE-821E8D69621C}_is1) (Version: 1.1.0.518 - PeerBlock, LLC)
Pixel Piracy (HKLM-x32\...\Steam App 264140) (Version:  - Vitali Kirpu)
PlagueInc 1.0 (HKLM-x32\...\PlagueInc 1.0) (Version: 1.0 - Cat-A-Cat)
Planet Explorers (HKLM-x32\...\Steam App 237870) (Version:  - Pathea Games)
PlanetSide 2 (2) (HKCU\...\SOE-PlanetSide 2 (2)) (Version: 1.0.3.183 - Sony Online Entertainment)
PlanetSide 2 (HKCU\...\soe-PlanetSide 2) (Version: 1.0.3.183 - Sony Online Entertainment)
PlanetSide 2 (HKLM-x32\...\Steam App 218230) (Version:  - Sony Online Entertainment)
Poker Night at the Inventory (HKLM-x32\...\Steam App 31280) (Version:  - Telltale Games)
PreEmptive Analytics Visual Studio Components (x32 Version: 1.0.2180.1 - PreEmptive Solutions) Hidden
Prerequisite installer (x32 Version: 12.0.0003 - Nero AG) Hidden
Prerequisites for SSDT  (HKLM-x32\...\{9169C939-ED01-446A-BD0C-29873BAF4E48}) (Version: 11.0.2100.60 - Microsoft Corporation)
PrintKey2000 (HKLM-x32\...\PrintKey2000) (Version:  - )
PrivitizeVPN (HKLM-x32\...\PrivitizeVPN) (Version: 1.0.0 - OOO Industry) <==== ATTENTION
Project Zomboid (HKLM-x32\...\Steam App 108600) (Version:  - Indie Stone Studios)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.992 - Even Balance, Inc.)
QuickTime (HKLM-x32\...\{AF0CE7C0-A3E4-4D73-988B-B29187EC6E9A}) (Version: 7.73.80.64 - Apple Inc.)
RaidCall (HKLM-x32\...\RaidCall) (Version: 7.1.8-1.0.4843.13 - raidcall.com)
Ravaged (HKLM-x32\...\Steam App 96300) (Version:  - )
Razer Game Booster (HKLM-x32\...\{88F0F4FF-B514-4E32-9C17-CAF96D60EAFC}) (Version: 3.5.6.0 - Razer USA Ltd.)
RazorSQL 6.0.1 (HKLM\...\RazorSQL 6.0.1_is1) (Version:  - Richardson Software, LLC)
Realm of the Mad God (HKLM-x32\...\Steam App 200210) (Version:  - )
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.45.516.2011 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6257 - Realtek Semiconductor Corp.)
Recuva (HKLM\...\Recuva) (Version: 1.45 - Piriform)
Retro City Rampage (HKLM-x32\...\GOGPACKRETROCITYRAMPAGE_is1) (Version: 2.9.0.25 - GOG.com)
Rise of the Triad (HKLM-x32\...\UmlzZW9mdGhlVHJpYWQ=_is1) (Version: 1 - )
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.0.0.0 - Rockstar Games)
Rogue Legacy version 0.0.0.9 (HKLM-x32\...\Rogue Legacy_is1) (Version: 0.0.0.9 - WaLMaRT)
Rogue Shooter: The FPS Roguelike (HKLM-x32\...\Steam App 295770) (Version:  - Hippomancer)
Rust (HKLM-x32\...\Steam App 252490) (Version:  - Facepunch Studios)
Saints Row IV (HKLM-x32\...\U2FpbnRzUm93SVY=_is1) (Version: 1 - )
Sanctum 2 (HKLM-x32\...\Steam App 210770) (Version:  - Coffee Stain Studios)
Sandboxie 3.62 (64-bit) (HKLM\...\Sandboxie) (Version: 3.62 - SANDBOXIE L.T.D)
Self-service Plug-in (x32 Version: 3.3.0.27839 - Citrix Systems, Inc.) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{91140000-003B-0000-0000-0000000FF1CE}_Office14.PRJPROR_{58FA40EF-ABA9-4FED-AD3D-318A6073934D}) (Version:  - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{91140000-0057-0000-0000-0000000FF1CE}_Office14.VISIOR_{359ADBEC-068A-4CC9-9174-77AB8EDB867A}) (Version:  - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (x32 Version:  - Microsoft) Hidden
SHIELD Streaming (Version: 1.6.85 - NVIDIA Corporation) Hidden
Simple Port Forwarding (HKLM-x32\...\Simple Port Forwarding) (Version: 3.8.1 - PcWinTech.com)
Sir, You Are Being Hunted (HKLM-x32\...\GOGPACKSIRYOUAREBEINGHUNTED_is1) (Version: 2.0.0.2 - GOG.com)
Six Updater (HKLM-x32\...\{2D8CED57-CCDB-4D86-9087-3BBCAE8F8F22}) (Version: 2.09.7038 - Six Projects)
Skype™ 6.11 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.)
Sniper Elite V2 (HKLM-x32\...\Steam App 63380) (Version:  - Rebellion)
Source Filmmaker (HKLM-x32\...\Steam App 1840) (Version:  - )
Source SDK Base 2013 Multiplayer (HKLM-x32\...\Steam App 243750) (Version:  - )
Space Engineers (HKLM-x32\...\Steam App 244850) (Version:  - )
Space Pirates and Zombies (HKLM-x32\...\Steam App 107200) (Version:  - )
Spore (HKLM-x32\...\Steam App 17390) (Version:  - Maxis)
Star Trek Online (HKLM-x32\...\Steam App 9900) (Version:  - Cryptic Studios)
Star Wars JK II Jedi Outcast (HKLM-x32\...\{576E71DA-3000-48F6-9B21-B9A70D47DFCF}) (Version:  - )
Starbound (HKLM-x32\...\Steam App 211820) (Version:  - )
StarForge Alpha (HKLM-x32\...\Steam App 227680) (Version:  - )
Starsector version 0.6.2a (HKLM-x32\...\{5B8604A9-6871-4A18-974F-8DD9B6D428DA}_is1) (Version: 0.6.2a - )
Statistics Calculator (HKLM-x32\...\{BEAAF4A8-190F-4430-8553-FE12EB1E8604}) (Version:  - )
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
Super Crate Box (HKLM-x32\...\Steam App 212800) (Version:  - )
Super House of Dead Ninjas (HKLM-x32\...\Steam App 224820) (Version:  - )
Sword of the Stars: The Pit (HKLM-x32\...\Steam App 233700) (Version:  - Kerberos Productions)
Tactical Intervention (HKLM-x32\...\Steam App 51100) (Version:  - FIX Korea)
Team Fortress 2 (HKLM-x32\...\Steam App 440) (Version:  - Valve)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.14 - TeamSpeak Systems GmbH)
Teleglitch: Die More Edition (HKLM-x32\...\Steam App 234390) (Version:  - Test3 Projects)
Terraria (HKLM-x32\...\Steam App 105600) (Version:  - Re-Logic)
The Baconing (HKLM-x32\...\Steam App 18070) (Version:  - Hothead Games Inc.)
The Binding of Isaac (HKLM-x32\...\Steam App 113200) (Version:  - )
The Castle Doctrine (HKLM-x32\...\Steam App 249570) (Version:  - Jason Rohrer)
THE EPSILON PROGRAM (HKLM-x32\...\THE EPSILON PROGRAM_is1) (Version:  - THE EPSILON PROGRAM)
The Forest 1.0 (HKLM-x32\...\The Forest 1.0) (Version: 1.0 - Cat-A-Cat)
The Showdown Effect (HKLM-x32\...\Steam App 204080) (Version:  - )
Torchlight (HKLM-x32\...\Steam App 41500) (Version:  - Runic Games, Inc.)
Torrents Downloader (HKLM-x32\...\{6D9D814E-9605-11E2-80DC-95A26188709B}_is1) (Version: 0.1.2013.1008 - Peter Gordon Blue S.L.)
Total War ROME II (HKLM-x32\...\VG90YWxXYXJST01FSUk=_is1) (Version: 1 - )
Tribes: Ascend (HKLM-x32\...\Steam App 17080) (Version:  - )
Triscape FxFoto (HKLM-x32\...\TriscapeFxFoto) (Version:  - )
Tropico 4 1.00 (HKCU\...\Tropico 4) (Version: 1.00 - Kalypso Media)
Tropico 5 (HKLM-x32\...\Tropico 5_is1) (Version:  - )
Tunngle beta (HKLM-x32\...\Tunngle beta_is1) (Version:  - Tunngle.net GmbH)
Unity Web Player (HKCU\...\UnityWebPlayer) (Version:  - Unity Technologies ApS)
Update for  (KB2504637) (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}.KB2504637) (Version: 1 - Microsoft Corporation)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2878281) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PRJPROR_{302A8FE3-EBF5-486C-A431-16A1CD914443}) (Version:  - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2878281) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.VISIOR_{302A8FE3-EBF5-486C-A431-16A1CD914443}) (Version:  - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2878281) 32-Bit Edition (HKLM-x32\...\{91140000-0057-0000-0000-0000000FF1CE}_Office14.VISIOR_{302A8FE3-EBF5-486C-A431-16A1CD914443}) (Version:  - Microsoft)
Update for Microsoft Office 2007 Help for Common Features (KB963673) (HKLM-x32\...\{90120000-006E-0409-0000-0000000FF1CE}_ENTERPRISE_{AB365889-0395-4FAD-B702-CA5985D53D42}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{A024FC7B-77DE-45DE-A058-1C049A17BFB3}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition (HKLM-x32\...\{91140000-003B-0000-0000-0000000FF1CE}_Office14.PRJPROR_{DADF7E25-FFA4-4D02-BE84-1DAE62C18516}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition (HKLM-x32\...\{91140000-0057-0000-0000-0000000FF1CE}_Office14.VISIOR_{DADF7E25-FFA4-4D02-BE84-1DAE62C18516}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PRJPROR_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.VISIOR_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{91140000-003B-0000-0000-0000000FF1CE}_Office14.PRJPROR_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{91140000-0057-0000-0000-0000000FF1CE}_Office14.VISIOR_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition (HKLM-x32\...\{91140000-003B-0000-0000-0000000FF1CE}_Office14.PRJPROR_{287A1E92-9E41-4BC1-8920-B3D0E9220800}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition (HKLM-x32\...\{91140000-0057-0000-0000-0000000FF1CE}_Office14.VISIOR_{287A1E92-9E41-4BC1-8920-B3D0E9220800}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition (HKLM-x32\...\{91140000-003B-0000-0000-0000000FF1CE}_Office14.PRJPROR_{9D69691D-823D-4C3E-9B12-563A3F520366}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition (HKLM-x32\...\{91140000-0057-0000-0000-0000000FF1CE}_Office14.VISIOR_{9D69691D-823D-4C3E-9B12-563A3F520366}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PRJPROR_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.VISIOR_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{91140000-003B-0000-0000-0000000FF1CE}_Office14.PRJPROR_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{91140000-0057-0000-0000-0000000FF1CE}_Office14.VISIOR_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (HKLM-x32\...\{91140000-003B-0000-0000-0000000FF1CE}_Office14.PRJPROR_{5AA578BB-759C-40FD-9661-A737C0884541}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (HKLM-x32\...\{91140000-0057-0000-0000-0000000FF1CE}_Office14.VISIOR_{5AA578BB-759C-40FD-9661-A737C0884541}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2878225) 32-Bit Edition (HKLM-x32\...\{91140000-003B-0000-0000-0000000FF1CE}_Office14.PRJPROR_{EFF5EBA3-40AD-4859-85E7-3C1CF4F297EB}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2878225) 32-Bit Edition (HKLM-x32\...\{91140000-0057-0000-0000-0000000FF1CE}_Office14.VISIOR_{EFF5EBA3-40AD-4859-85E7-3C1CF4F297EB}) (Version:  - Microsoft)
Update for Microsoft Office Access 2007 Help (KB963663) (HKLM-x32\...\{90120000-0015-0409-0000-0000000FF1CE}_ENTERPRISE_{6B76A18A-AA1E-42AB-A7AD-6C84BBB43987}) (Version:  - Microsoft)
Update for Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0409-0000-0000000FF1CE}_ENTERPRISE_{199DF7B6-169C-448C-B511-1054101BE9C9}) (Version:  - Microsoft)
Update for Microsoft Office Infopath 2007 Help (KB963662) (HKLM-x32\...\{90120000-0044-0409-0000-0000000FF1CE}_ENTERPRISE_{716B81B8-B13C-41DF-8EAC-7A2F656CAB63}) (Version:  - Microsoft)
Update for Microsoft Office OneNote 2007 Help (KB963670) (HKLM-x32\...\{90120000-00A1-0409-0000-0000000FF1CE}_ENTERPRISE_{2744EF05-38E1-4D5D-B333-E021EDAEA245}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition (HKLM-x32\...\{90120000-001A-0409-0000-0000000FF1CE}_ENTERPRISE_{ED38F8A3-4F61-494E-8BCA-E3AC7760C924}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2863811) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{53DEC068-4690-4F6B-9946-7D21EF02236B}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 Help (KB963677) (HKLM-x32\...\{90120000-001A-0409-0000-0000000FF1CE}_ENTERPRISE_{0451F231-E3E3-4943-AB9F-58EB96171784}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2881065) 32-Bit Edition (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{B7EF38F7-1D58-4085-A9A4-0F6C69A5AA1E}) (Version:  - Microsoft)
Update for Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0409-0000-0000000FF1CE}_ENTERPRISE_{397B1D4F-ED7B-4ACA-A637-43B670843876}) (Version:  - Microsoft)
Update for Microsoft Office Publisher 2007 Help (KB963667) (HKLM-x32\...\{90120000-0019-0409-0000-0000000FF1CE}_ENTERPRISE_{2E40DE55-B289-4C8B-8901-5D369B16814F}) (Version:  - Microsoft)
Update for Microsoft Office Script Editor Help (KB963671) (HKLM-x32\...\{90120000-006E-0409-0000-0000000FF1CE}_ENTERPRISE_{CD11C6A2-FFC6-4271-8EAB-79C3582F505C}) (Version:  - Microsoft)
Update for Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0409-0000-0000000FF1CE}_ENTERPRISE_{80E762AA-C921-4839-9D7D-DB62A72C0726}) (Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PRJPROR_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.VISIOR_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version:  - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PRJPROR_{F9F5A080-AF38-4966-9A6B-C43DCA465035}) (Version:  - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.VISIOR_{F9F5A080-AF38-4966-9A6B-C43DCA465035}) (Version:  - Microsoft)
Update for Microsoft Visio 2010 (KB2880526) 32-Bit Edition (HKLM-x32\...\{90140000-0054-0409-0000-0000000FF1CE}_Office14.VISIOR_{A5659197-BDB5-467F-A71A-1B817DDD7BDD}) (Version:  - Microsoft)
Update for Microsoft Visio 2010 (KB2880526) 32-Bit Edition (HKLM-x32\...\{91140000-0057-0000-0000-0000000FF1CE}_Office14.VISIOR_{7B29D8B8-6A87-496C-A65E-B935E740448A}) (Version:  - Microsoft)
Update for Microsoft Visual Studio 2012 (KB2781514) (HKLM-x32\...\{3786efc1-59ff-4908-8cd6-dc85ec87209e}) (Version: 11.0.50727 - Microsoft Corporation)
Ventrilo Client for Windows x64 (HKLM\...\{EEB3F6BB-318D-4CE5-989F-8191FCBFB578}) (Version: 3.0.8.0 - Flagship Industries, Inc.)
VirtualCloneDrive (HKLM-x32\...\VirtualCloneDrive) (Version:  - Elaborate Bytes)
Visual Studio 2012 Prerequisites - ENU Language Pack (Version: 11.0.50727 - Microsoft Corporation) Hidden
Visual Studio 2012 Prerequisites (Version: 11.0.50727 - Microsoft Corporation) Hidden
Visual Studio Extensions for Windows Library for JavaScript (x32 Version: 1.0.8514.0 - Microsoft Corporation) Hidden
VLC media player 2.0.7 (HKLM-x32\...\VLC media player) (Version: 2.0.7 - VideoLAN)
Warframe (HKLM-x32\...\{49A5AEA6-92E1-46A8-8371-114F1CE2C2A6}) (Version: 1.0.0 - Digital Extremes)
Warframe (HKLM-x32\...\Steam App 230410) (Version:  - Digital Extremes)
WCF Data Services 5.0 (for OData v3) Primary Components (x32 Version: 5.0.50628.0 - Microsoft Corporation) Hidden
WCF Data Services Tools for Microsoft Visual Studio 2012 (x32 Version: 5.0.50710.0 - Microsoft Corporation) Hidden
WCF RIA Services V1.0 SP2 (HKLM-x32\...\{3A523AF9-D32F-4C85-8388-0335731F3405}) (Version: 4.1.61829.0 - Microsoft Corporation)
Welcome App (Start-up experience) (x32 Version: 12.0.15000 - Nero AG) Hidden
Welcome Center (HKLM-x32\...\Gateway Welcome Center) (Version: 1.02.3504 - Gateway Incorporated)
WildStar (HKLM-x32\...\WildStar) (Version:  - NCSOFT)
Winamp Detector Plug-in (HKCU\...\Winamp Detect) (Version: 1.0.0.1 - Nullsoft, Inc)
Windows App Certification Kit Native Components (Version: 8.59.25584 - Microsoft Corporation) Hidden
Windows App Certification Kit x64 (x32 Version: 8.59.25584 - Microsoft Corporation) Hidden
Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mesh (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Messenger (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Remote Client (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Client Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live Remote Service Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Runtime Intellisense Content - en-us (x32 Version: 8.59.25584 - Microsoft Corporation) Hidden
Windows Software Development Kit (x32 Version: 8.59.25584 - Microsoft Corporation) Hidden
Windows Software Development Kit DirectX x64 Remote (Version: 8.59.25584 - Microsoft Corporation) Hidden
Windows Software Development Kit DirectX x86 Remote (x32 Version: 8.59.25584 - Microsoft Corporation) Hidden
Windows Software Development Kit for Windows Store Apps (x32 Version: 8.59.25584 - Microsoft Corporation) Hidden
Windows Software Development Kit for Windows Store Apps DirectX x64 Remote (Version: 8.59.25584 - Microsoft Corporation) Hidden
Windows Software Development Kit for Windows Store Apps DirectX x86 Remote (x32 Version: 8.59.25584 - Microsoft Corporation) Hidden
World of Tanks (HKLM-x32\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C812NA}_is1) (Version:  - Wargaming.net)
World of Warcraft (HKLM-x32\...\World of Warcraft) (Version:  - Blizzard Entertainment)
Xenonauts (HKLM-x32\...\GOGPACKXENONAUTS_is1) (Version: 2.0.0.5 - GOG.com)
Xfire (remove only) (HKLM-x32\...\Xfire) (Version:  - )
Zoner GIF Animator 5 (HKLM-x32\...\{2EE90F26-20B3-4423-81DE-E57E5D2E4FEF}) (Version: 5.0.3000.2 - ZONER software)

==================== Restore Points  =========================

06-07-2014 06:18:04 Installed Microsoft Fix it 50267

==================== Hosts content: ==========================

2009-07-13 19:34 - 2013-09-03 17:19 - 00000833 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

Task: {14018F38-7497-43FC-939B-79AAED78BFA0} - System32\Tasks\NBAgent => C:\Program Files (x86)\Nero\Nero 10\Nero BackItUp\NBAgent.exe
Task: {1C5113A8-3C8C-459C-9826-1DEA57F176C0} - System32\Tasks\DeviceDetector => C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe
Task: {5B9873F2-CFC8-43C2-BF6F-33BC1D9CE4C0} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-12-07] (Google Inc.)
Task: {73E58A56-E0F9-48C4-9378-EF2BE30A2936} - System32\Tasks\UALU notificatin => C:\Program Files\Gateway\Gateway Updater\UALU.exe [2012-02-06] (Acer Incorporated)
Task: {84C3FCF8-5D72-4AC2-BE40-7147C0E9FFA3} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {8B1CF951-F220-4DE9-863B-4044BBA49CCA} - System32\Tasks\Razer_Game_Booster_AutoUpdate => C:\Program Files (x86)\Razer\Razer Game Booster\AutoUpdate.exe [2012-11-13] () <==== ATTENTION
Task: {8CB08E0C-4806-41CA-A12F-1E5EF7F76A1E} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-06-29] (AVAST Software)
Task: {984DAF4D-7BA3-4AB5-8E83-A43393EA55EE} - System32\Tasks\AdobeAAMUpdater-1.0-Owner-PC-Owner => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2012-04-04] (Adobe Systems Incorporated)
Task: {A09D86A3-0CD9-404D-B3F8-63F1DEB3FC02} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-12-07] (Google Inc.)
Task: {B1E94A3E-ABFE-463F-9F02-6F4BBEEACA01} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-06-14] (Adobe Systems Incorporated)
Task: {DDDD22FE-A0B9-44EB-9241-5CA017126E9A} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2012-11-23] (Piriform Ltd)
Task: {E01CDD64-F0D4-41FA-9595-189C2FB8C20F} - \MySearchDial No Task File <==== ATTENTION
Task: {EE4A2DA2-C3E5-4BE6-B548-35FCF813893D} - System32\Tasks\Recovery Management\Burn Notification => C:\Program Files\Gateway\Gateway Recovery Management\NotificationCenter\Notification.exe [2011-06-17] (Acer)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2012-06-17 13:30 - 2014-03-04 06:05 - 00116056 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2014-06-29 21:21 - 2014-06-29 21:21 - 00301152 _____ () C:\Program Files\AVAST Software\Avast\aswProperty.dll
2014-07-06 01:08 - 2014-07-06 01:08 - 02789888 _____ () C:\Program Files\AVAST Software\Avast\defs\14070600\algo.dll
2012-08-27 22:33 - 2012-08-27 22:33 - 00087912 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2012-08-27 22:33 - 2012-08-27 22:33 - 01242512 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2014-07-06 10:00 - 2014-07-06 10:00 - 00043008 _____ () c:\users\owner\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpb32roa.dll
2013-08-23 12:01 - 2013-08-23 12:01 - 25100288 _____ () C:\Users\Owner\AppData\Roaming\Dropbox\bin\libcef.dll
2014-06-29 21:21 - 2014-06-29 21:21 - 19329904 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2013-01-11 19:24 - 2014-06-19 22:49 - 03852912 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2014-06-14 20:10 - 2014-06-14 20:10 - 17024688 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_125.dll

==================== Alternate Data Streams (whitelisted) =========


==================== Safe Mode (whitelisted) ===================

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WRkrn => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WRSVC => ""="Service"

==================== EXE Association (whitelisted) =============

HKU\S-1-5-21-688074385-1042068862-3521065105-1000\Software\Classes\exefile: "%1" %* <===== ATTENTION!

==================== MSCONFIG/TASK MANAGER disabled items =========

MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3
MSCONFIG\Services: Desura Install Service => 3
MSCONFIG\Services: GREGService => 2
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: HiPatchService => 2
MSCONFIG\Services: IAStorDataMgrSvc => 2
MSCONFIG\Services: iPod Service => 3
MSCONFIG\Services: Live Updater Service => 2
MSCONFIG\Services: LMS => 2
MSCONFIG\Services: MozillaMaintenance => 3
MSCONFIG\Services: NAUpdate => 2
MSCONFIG\Services: nvsvc => 2
MSCONFIG\Services: nvUpdatusService => 2
MSCONFIG\Services: SbieSvc => 2
MSCONFIG\Services: SkypeUpdate => 2
MSCONFIG\Services: Steam Client Service => 3
MSCONFIG\Services: Stereo Service => 2
MSCONFIG\Services: UNS => 2
MSCONFIG\startupfolder: C:^Users^Owner^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Start Freenet.lnk => C:\Windows\pss\Start Freenet.lnk.Startup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: Adobe Reader Speed Launcher => "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
MSCONFIG\startupreg: AdobeCS6ServiceManager => "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: CitrixReceiver => "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Citrix\Receiver Updater.lnk"
MSCONFIG\startupreg: COMODO => C:\Program Files\COMODO\COMODO GeekBuddy\CLPSLA.exe
MSCONFIG\startupreg: COMODO Internet Security => "C:\Program Files\COMODO\COMODO Internet Security\cfp.exe" -h
MSCONFIG\startupreg: ConnectionCenter => "C:\Program Files (x86)\Citrix\ICA Client\concentr.exe" /startup
MSCONFIG\startupreg: CPA => C:\Program Files\COMODO\COMODO GeekBuddy\VALA.exe
MSCONFIG\startupreg: GrooveMonitor => "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
MSCONFIG\startupreg: Hotkey Utility => C:\Program Files (x86)\Gateway\Hotkey Utility\HotkeyUtility.exe
MSCONFIG\startupreg: HotKeysCmds => C:\Windows\system32\hkcmd.exe
MSCONFIG\startupreg: IgfxTray => C:\Windows\system32\igfxtray.exe
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: Keyboard Inf. => C:\Users\Owner\AppData\Roaming\Macromedia\msdo.exe
MSCONFIG\startupreg: OOTag => C:\Program Files (x86)\Gateway\OOBEOffer\ootag.exe
MSCONFIG\startupreg: Persistence => C:\Windows\system32\igfxpers.exe
MSCONFIG\startupreg: PrivitizeVPN => C:\Program Files (x86)\PrivitizeVPN\PrivitizeVPN.exe /autorun
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: RemoteControl10 => "C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe"
MSCONFIG\startupreg: RtHDVCpl => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: Sweetpacks Communicator => C:\Program Files (x86)\SweetIM\Communicator\SweetPacksUpdateManager.exe
MSCONFIG\startupreg: SwitchBoard => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
MSCONFIG\startupreg: VirtualCloneDrive => "C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (07/06/2014 09:56:00 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/06/2014 09:52:20 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: svchost.exe_DcomLaunch, version: 6.1.7600.16385, time stamp: 0x4a5bc3c1
Faulting module name: RPCRT4.dll, version: 6.1.7601.18205, time stamp: 0x51dba4dc
Exception code: 0xc0000005
Fault offset: 0x00000000000dc203
Faulting process id: 0x3a4
Faulting application start time: 0xsvchost.exe_DcomLaunch0
Faulting application path: svchost.exe_DcomLaunch1
Faulting module path: svchost.exe_DcomLaunch2
Report Id: svchost.exe_DcomLaunch3

Error: (07/06/2014 06:04:58 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (07/06/2014 00:22:50 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/06/2014 00:20:22 AM) (Source: C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe) (EventID: 1) (User: )
Description: C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exeCan't get user token [1008]

Error: (07/05/2014 11:04:26 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (07/05/2014 11:04:23 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (07/05/2014 11:04:22 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (07/05/2014 10:58:20 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/05/2014 10:55:09 PM) (Source: Software Protection Platform Service) (EventID: 1001) (User: )
Description: The Software Protection service failed to start. hr=0x80070057
6.1.7601.17514


System errors:
=============
Error: (07/06/2014 10:00:30 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Peer Networking Grouping service depends on the Peer Name Resolution Protocol service which failed to start because of the following error:
%%-2140993535

Error: (07/06/2014 10:00:30 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Peer Name Resolution Protocol service terminated with the following error:
%%-2140993535

Error: (07/06/2014 10:00:30 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Peer Networking Grouping service depends on the Peer Name Resolution Protocol service which failed to start because of the following error:
%%-2140993535

Error: (07/06/2014 10:00:30 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Peer Name Resolution Protocol service terminated with the following error:
%%-2140993535

Error: (07/06/2014 10:00:30 AM) (Source: PNRPSvc) (EventID: 102) (User: )
Description: 0x80630801

Error: (07/06/2014 10:00:30 AM) (Source: PNRPSvc) (EventID: 102) (User: )
Description: 0x80630801

Error: (07/06/2014 10:00:19 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Peer Networking Grouping service depends on the Peer Name Resolution Protocol service which failed to start because of the following error:
%%-2140993535

Error: (07/06/2014 10:00:19 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Peer Name Resolution Protocol service terminated with the following error:
%%-2140993535

Error: (07/06/2014 10:00:19 AM) (Source: PNRPSvc) (EventID: 102) (User: )
Description: 0x80630801

Error: (07/06/2014 09:55:03 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Power service terminated with the following error:
%%4203


Microsoft Office Sessions:
=========================
Error: (03/04/2013 08:35:35 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6668.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 96379 seconds with 5700 seconds of active time.  This session ended with a crash.


CodeIntegrity Errors:
===================================
  Date: 2014-07-05 20:20:14.186
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2014-07-05 20:20:14.139
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2012-09-05 03:56:37.472
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Sandboxie\SbieDrv.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2012-09-05 03:56:37.457
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Sandboxie\SbieDrv.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2012-09-05 03:56:17.981
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Sandboxie\SbieDrv.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2012-09-05 03:56:17.896
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Sandboxie\SbieDrv.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2012-09-05 03:24:09.825
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Sandboxie\SbieDrv.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2012-09-05 03:24:09.812
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Sandboxie\SbieDrv.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2012-09-05 03:23:56.325
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Sandboxie\SbieDrv.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2012-09-05 03:23:56.312
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\Sandboxie\SbieDrv.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.


==================== Memory info ===========================

Percentage of memory in use: 38%
Total physical RAM: 8172.29 MB
Available physical RAM: 5064.52 MB
Total Pagefile: 16342.77 MB
Available Pagefile: 12940.41 MB
Total Virtual: 8192 MB
Available Virtual: 8191.84 MB

==================== Drives ================================

Drive c: (Gateway) (Fixed) (Total:917.41 GB) (Free:14.23 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 932 GB) (Disk ID: 95FC3324)
Partition 1: (Not Active) - (Size=14 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=917 GB) - (Type=07 NTFS)

==================== End Of Log ============================



#8 B-boy/StyLe/

B-boy/StyLe/

    Bleepin' Freestyler


  • Malware Response Team
  • 8,307 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Bulgaria
  • Local time:09:36 AM

Posted 06 July 2014 - 03:38 PM

Hello,

 

 

Please remove all cracked software and illegally obtained copyrighted material you have on the system so we may continue with the clean up.

 

C:\Users\Owner\Downloads\3DMGAME-Desktop.Dungeons.Special.Edition.Build.2013.11.26.Cracked-3DM.7z
C:\Users\Owner\Downloads\Distant.Worlds.Universe-SKIDROW
C:\Users\Owner\Downloads\Mortal_Kombat_Complete_Edition_RePack_ENG.iso

 

FF Extension: ProxTube - Unblock YouTube - C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\6w55vip2.default\Extensions\ich@maltegoetz.de [2013-12-11]

 

http://www.systemlookup.com/FF_Extensions/2891-ich_maltegoetz_de.html

 

 

I suggest you to uninstall BitTorrent as well.


Your log(s) show that you are using so called peer-to-peer or file-sharing programs (in your case BitTorrent). These programs allow to share files between users as the name(s) suggest. In today's world the cyber crime has come to an enormous dimension and any means is used to infect personal computers to make use of their stored data or machine power for further propagation of the malware files. A popular means is the use of file-sharing tools as a tremendous amount of prospective victims can be reached through it.

It is therefore possible to be infected by downloading manipulated files via peer-to-peer tools and thus suggested to be used with intense care. Some further readings on this subject, along the included links, are as follows: "File-Sharing, otherwise known as Peer To Peer" and "Risks of File-Sharing Technology."

It is also important to note that sharing entertainment files and proprietary software infringes the copyright laws in many countries over the world and you are putting yourself at risk of being indicted through organisations watching over the rights of the authors of such files (i.e. the RIAA for music files, or the MPAA for movie files in the USA) or the authors of the files themselves.

Naturally there are also legal ways to use these services, such as downloading Linux distributions or office suites such as "Libre Office or GIMP."

 

etc...

 

Also before I proceed with the fix please let me know if you enabled testsigning for a purpose?

 

Currently your system allow unsigned drivers to run and this could be a security risk. Testsigning should be used only for testing purposes (for developers) or when you have a device that currently doesn't have signed drivers available from the manufacturer...

 

 

 

Regards,

Georgi


cXfZ4wS.png


#9 Neo160

Neo160
  • Topic Starter

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Local time:07:36 AM

Posted 06 July 2014 - 03:59 PM

all quoted software and files removed, as well as bittorrent.

 

testsigning was something i did aloooong time ago to resolve an issue i do not remember of. never did switch that back. any info on that would be appreciated. it may have been when i was trying to deal with a broken usb headset back in the day. it was gicing off driver errors, but it was actually hardware damage to the device itself



#10 B-boy/StyLe/

B-boy/StyLe/

    Bleepin' Freestyler


  • Malware Response Team
  • 8,307 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Bulgaria
  • Local time:09:36 AM

Posted 06 July 2014 - 04:11 PM

Hello,

 

all quoted software and files removed, as well as bittorrent.

 

I hope so. Using cracks is playing with fire though.

Avoid using cracks and unknown programs from sources you don't trust. There are MANY alternative open-source applications.

Malware writers just love cracks and keygens, and will often attach malicious code into them. By using cracks and/or keygens, you are asking for problems.

So my advice is - stay away from them!

 

As for testsigning check the article below and see how to disable it.

 

http://support.microsoft.com/kb/2509241

 

 

 
Please download the following file => [attachment=152094:fixlist.txt] and save it to the Desktop.
NOTE. It's important that both files, FRST and fixlist.txt are in the same location or the fix will not work.

Run FRST and press the Fix button just once and wait.
The tool will make a log on the Desktop (Fixlog.txt). Please post it to your reply.
 

 

Next please run a new scan with the latest version of Rkill and post back the results in your next reply.

Also let me know how are things now. Since here is 00.10 a.m. and I need my sleep I'll catch you tomorrow. :)

 

 

 

Regards,

Georgi


cXfZ4wS.png


#11 Neo160

Neo160
  • Topic Starter

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Local time:07:36 AM

Posted 06 July 2014 - 04:23 PM

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 05-07-2014 01
Ran by Owner at 2014-07-06 14:18:18 Run:1
Running from C:\Users\Owner\Desktop
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
start
GroupPolicyUsers\S-1-5-21-688074385-1042068862-3521065105-1006\User: Group Policy restriction detected <======= ATTENTION
GroupPolicyUsers\S-1-5-21-688074385-1042068862-3521065105-1005\User: Group Policy restriction detected <======= ATTENTION
SearchScopes: HKLM-x32 - DefaultScope value is missing.
SearchScopes: HKLM-x32 - {9ACB459A-40B1-4819-A754-8512D452BB66} URL = http://search.sweetim.com/search.asp?src=6&q={searchTerms}&crg=3.1010000.10005&barid={CCEF7D6B-3D0B-11E2-96C0-E840F2683643}
SearchScopes: HKLM-x32 - {D0D37FEA-61D5-4BE1-96E1-36C44A7E73A8 URL = http://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=dnld2msd&cd=2XzuyEtN2Y1L1Qzu0EzzyEtD0FtByCzztAyCyEtA0EtAzztAtN0D0Tzu0CyCtCyBtN1L2XzutBtFtBtFyEtFyBtAtCtN1L1Czu1Q1G1I1Q1H1B1Q&cr=998810204&ir=
SearchScopes: HKCU - {9ACB459A-40B1-4819-A754-8512D452BB66} URL = http://search.sweetim.com/search.asp?src=6&q={searchTerms}&crg=3.1010000.10005&barid={CCEF7D6B-3D0B-11E2-96C0-E840F2683643}
SearchScopes: HKCU - {D0D37FEA-61D5-4BE1-96E1-36C44A7E73A8 URL = http://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=dnld2msd&cd=2XzuyEtN2Y1L1Qzu0EzzyEtD0FtByCzztAyCyEtA0EtAzztAtN0D0Tzu0CyCtCyBtN1L2XzutBtFtBtFyEtFyBtAtCtN1L1Czu1Q1G1I1Q1H1B1Q&cr=998810204&ir=
SearchScopes: HKCU - {D0D37FEA-61D5-4BE1-96E1-36C44A7E73A8} URL = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3287806&CUI=UN80223329523987484&UM=2
Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File
FF Homepage: https://thepiratebay.se/
CHR Extension: (No Name) - C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\acohkacenjkkllhbfgfflibmenakobco [2014-06-13]
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
2014-07-05 18:18 - 2014-07-05 18:18 - 00321220 ____S () C:\Windows\system32\dddzsnt.fjk
Task: {E01CDD64-F0D4-41FA-9595-189C2FB8C20F} - \MySearchDial No Task File <==== ATTENTION
Replace: C:\Windows\winsxs\amd64_microsoft-windows-com-base-qfe-rpcss_31bf3856ad364e35_6.1.7601.17514_none_c7f0e16b547f887d\rpcss.dll C:\Windows\System32\rpcss.dll
end
*****************

C:\Windows\system32\GroupPolicyUsers\S-1-5-21-688074385-1042068862-3521065105-1006\User => Moved successfully.
C:\Windows\system32\GroupPolicy\GPT.ini => Moved successfully.
C:\Windows\system32\GroupPolicyUsers\S-1-5-21-688074385-1042068862-3521065105-1005\User => Moved successfully.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.
'HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{9ACB459A-40B1-4819-A754-8512D452BB66}' => Key deleted successfully.
'HKCR\Wow6432Node\CLSID\{9ACB459A-40B1-4819-A754-8512D452BB66}'=> Key not found.
'HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{D0D37FEA-61D5-4BE1-96E1-36C44A7E73A8' => Key deleted successfully.
'HKCR\Wow6432Node\CLSID\{D0D37FEA-61D5-4BE1-96E1-36C44A7E73A8'=> Key not found.
'HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9ACB459A-40B1-4819-A754-8512D452BB66}' => Key deleted successfully.
'HKCR\CLSID\{9ACB459A-40B1-4819-A754-8512D452BB66}'=> Key not found.
'HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{D0D37FEA-61D5-4BE1-96E1-36C44A7E73A8' => Key deleted successfully.
'HKCR\CLSID\{D0D37FEA-61D5-4BE1-96E1-36C44A7E73A8'=> Key not found.
'HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{D0D37FEA-61D5-4BE1-96E1-36C44A7E73A8}' => Key deleted successfully.
'HKCR\CLSID\{D0D37FEA-61D5-4BE1-96E1-36C44A7E73A8}'=> Key not found.
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} => value deleted successfully.
'HKCR\CLSID\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA}'=> Key not found.
Firefox homepage deleted successfully.
C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\acohkacenjkkllhbfgfflibmenakobco => Moved successfully.
catchme => Service deleted successfully.
Could not move "C:\Windows\system32\dddzsnt.fjk" => Scheduled to move on reboot.
'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E01CDD64-F0D4-41FA-9595-189C2FB8C20F}' => Key deleted successfully.
'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E01CDD64-F0D4-41FA-9595-189C2FB8C20F}' => Key deleted successfully.
'HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\MySearchDial' => Key deleted successfully.
C:\Windows\System32\rpcss.dll => Moved successfully.
C:\Windows\winsxs\amd64_microsoft-windows-com-base-qfe-rpcss_31bf3856ad364e35_6.1.7601.17514_none_c7f0e16b547f887d\rpcss.dll copied successfully to C:\Windows\System32\rpcss.dll

=> Result of Scheduled Files to move (Boot Mode: Normal) (Date&Time: 2014-07-06 14:20:19)<=

C:\Windows\system32\dddzsnt.fjk => Is moved successfully.

==== End of Fixlog ====



#12 Neo160

Neo160
  • Topic Starter

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Local time:07:36 AM

Posted 06 July 2014 - 04:28 PM

Rkill 2.6.7 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2014 BleepingComputer.com
More Information about Rkill can be found at this link:
 http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 07/06/2014 02:24:52 PM in x64 mode.
Windows Version: Windows 7 Home Premium Service Pack 1

Checking for Windows services to stop:

 * No malware services found to stop.

Checking for processes to terminate:

 * No malware processes found to kill.

Checking Registry for malware related settings:

 * No issues found in the Registry.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

 * No issues found.

Checking Windows Service Integrity:

 * No issues found.

Searching for Missing Digital Signatures:

 * No issues found.

Checking HOSTS File:

 * No issues found.

Program finished at: 07/06/2014 02:27:28 PM
Execution time: 0 hours(s), 2 minute(s), and 35 seconds(s)
 



#13 Neo160

Neo160
  • Topic Starter

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Local time:07:36 AM

Posted 06 July 2014 - 04:39 PM

also, pop-ups have completely stopped. just to double check, i ran a scan of roguekiller, which previously had detected the infection (rkill didn't), and results come up clean. I'd consider this problem resolved.

thanks for the help and the fast response times :thumbup2: .



#14 B-boy/StyLe/

B-boy/StyLe/

    Bleepin' Freestyler


  • Malware Response Team
  • 8,307 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Bulgaria
  • Local time:09:36 AM

Posted 06 July 2014 - 11:52 PM

Nice work! We managed to deal with the trojan. :)

 

However I want to make sure there is nothing lurking on the system so just in case I want you to go through these steps:

 

The most of them should take no more than 5 minutes each (but the time they take to complete can vary depending on the size of your hard and the speed of your computer).

 

 

First please create a new restore point just in case:

 

Create a Restore Point

 

 

 

STEP 1

 

 

Please download AdwCleaner by Xplode and save to your Desktop.

  • Double click on AdwCleaner.exe to run the tool.
    Vista/Windows 7/8 users right-click and select Run As Administrator.
  • Click on the Scan button.
  • AdwCleaner will begin to scan your computer.
  • After the scan has finished click on the Clean button.
  • Press OK when asked to close all programs and follow the onscreen prompts.
  • Press OK again to allow AdwCleaner to restart the computer and complete the removal process.
  • After rebooting, a logfile report (AdwCleaner[S0].txt) will open automatically.
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of that logfile will also be saved in the C:\AdwCleaner folder.

 

 

STEP 2

 

 

thisisujrt.gif  Please download Junkware Removal Tool to your desktop.

  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.

 

 

STEP 3

 

 

  • Please download RogueKillerx64.exe and save to the desktop.
  • Close all windows and browsers
  • Right-click the program and select 'Run as Administrator'
  • Press the scan button.
  • A report opens on the desktop named - RKreport.txt
  • Please copy and past the results at pastebin.com and post the link to the log in your next reply.

 

 

STEP 4
 

 

Please download the latest version of TDSSKiller from here and save it to your Desktop.

  • Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters.
     
  • Put a checkmark beside loaded modules.
    Sbf88.png
  • A reboot will be needed to apply the changes. Do it.
  • TDSSKiller will launch automatically after the reboot. Also your computer may seem very slow and unusable. This is normal. Give it enough time to load your background programs.
  • Then click on Change parameters in TDSSKiller.
  • Check all boxes then click OK.
     
  • Click the Start Scan button.
     
  • The scan should take no longer than 2 minutes.
  • If a suspicious object is detected, the default action will be Skip, click on Continue.
    67776163.jpg
  • If malicious objects are found, they will show in the Scan results - Select action for found objects and offer three options.
    Ensure Cure (default) is selected, then click Continue > Reboot now to finish the cleaning process.
    62117367.jpg
    Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.
  • A report will be created in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and past the results at pastebin.com and post the link to the log in your next reply.

 

 

STEP 5

 

 

Please download Malwarebytes Anti-Malware to your desktop.
 

  • Double-click mbam-setup-2.0.2.1012.exe and follow the prompts to install the program.
  • At the end, be sure a checkmark is placed next to the following:
    • Launch Malwarebytes Anti-Malware
    • A 14 day trial of the Premium features is pre-selected. You may deselect this if you wish, and it will not diminish the scanning and removal capabilities of the program.
  • Click Finish.
  • On the Settings tab > Detection and Protection subtab, Detection Options, tick the box 'Scan for rootkits'.
  • Click on the Scan tab, then click on Scan Now >> . If an update is available, click the Update Now button.
  • A Threat Scan will begin.
  • With some infections, you may see this message box.
    • 'Could not load DDA driver'
  • Click 'Yes' to this message, to allow the driver to load after a restart.
  • Allow the computer to restart. Continue with the rest of these instructions.
  • When the scan is complete, click Apply Actions.
  • Wait for the prompt to restart the computer to appear, then click on Yes.
  • After the restart once you are back at your desktop, open MBAM once more.
  • Click on the History tab > Application Logs.
  • Double click on the scan log which shows the Date and time of the scan just performed.
  • Click 'Copy to Clipboard'
  • Paste the contents of the clipboard into your reply.

 

 

STEP 6

 

 

1.Please download HitmanPro.

  • For 32-bit Operating System - dEMD6.gif.
  • This is the mirror - dEMD6.gif
  • For 64-bit Operating System - dEMD6.gif
  • This is the mirror - dEMD6.gif

2.Launch the program by double clicking on the 5vo5F.jpg icon. (Windows Vista/7 users right click on the HitmanPro icon and select run as administrator).

Note: If the program won't run please then open the program while holding down the left CTRL key until the program is loaded.

3.Click on the next button. You must agree with the terms of EULA. (if asked)

4.Check the box beside "No, I only want to perform a one-time scan to check this computer".

5.Click on the next button.

6.The program will start to scan the computer. The scan will typically take no more than 2-3 minutes.

7.When the scan is done click on drop-down menu of the found entries (if any) and choose - Apply to all => Ignore <= IMPORTANT!!!
 
8.Click on the next button.

9.Click on the "Save Log" button.

10.Save that file to your desktop and post the content of that file in your next reply.
 
Note: if there isn't a dropdown menu when the scan is done then please don't delete anything and close HitmanPro

Navigate to C:\ProgramData\HitmanPro\Logs open the report and copy and paste it to your next reply.

 

 

STEP 7

 

 

I'd like us to scan your machine with ESET OnlineScan

 

  • Hold down Control and click on the following link to open ESET OnlineScan in a new window.
    ESET OnlineScan
  • Click the Run ESET Online Scanner button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
    • Click on esetSmartInstall.png to download the ESET Smart Installer. Save it to your desktop.
    • Double click on the esetSmartInstallDesktopIcon.png icon on your desktop.
  • Check esetAcceptTerms.png
  • Click the esetStart.png button.
  • Accept any security warnings from your browser.
  • Make sure that the option Remove found threats is NOT checked, and the option Scan archives is  checked.
  • Now click on Advanced Settings and select the following:

    • Scan for potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth Technology
  • Push the Start button.
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, push esetListThreats.png
  • Push esetExport.png, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Push the esetBack.png button.
  • Push esetFinish.png

 

 

STEP 8

 

 

And finally let's check for outdated and vulnerable software on your pc.

 

Download Security Check by screen317 from here.

  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.

 

and then if there aren't any issues left I'll give you my final recommendations. :)

 

 

Regards,

Georgi


cXfZ4wS.png


#15 Neo160

Neo160
  • Topic Starter

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Local time:07:36 AM

Posted 07 July 2014 - 02:17 PM

# AdwCleaner v3.214 - Report created 07/07/2014 at 12:09:20
# Updated 29/06/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Owner - OWNER-PC
# Running from : C:\Users\Owner\Desktop\AdwCleaner.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****


***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17126


-\\ Mozilla Firefox v30.0 (en-US)

[ File : C:\Users\Family\AppData\Roaming\Mozilla\Firefox\Profiles\h1rxej71.default\prefs.js ]


[ File : C:\Users\Melonkracker\AppData\Roaming\Mozilla\Firefox\Profiles\uuxnq12t.default\prefs.js ]


[ File : C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\6w55vip2.default\prefs.js ]


-\\ Google Chrome v35.0.1916.153

[ File : C:\Users\Family\AppData\Local\Google\Chrome\User Data\Default\preferences ]


[ File : C:\Users\Melonkracker\AppData\Local\Google\Chrome\User Data\Default\preferences ]


[ File : C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [48616 octets] - [05/07/2014 19:47:05]
AdwCleaner[R1].txt - [1410 octets] - [07/07/2014 12:08:09]
AdwCleaner[S0].txt - [48634 octets] - [05/07/2014 19:51:34]
AdwCleaner[S1].txt - [1331 octets] - [07/07/2014 12:09:20]

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [1391 octets] ##########

 

Posted Today, 08:35 PM

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 7 Home Premium x64
Ran by Owner on Mon 07/07/2014 at 12:18:47.73
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-688074385-1042068862-3521065105-1000\Software\sweetim



~~~ Files



~~~ Folders

Successfully deleted: [Folder] "C:\ProgramData\boost_interprocess"
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{0ADFB4D0-2400-4681-B41C-5578F0DF2F1E}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{259C4394-E2C9-474D-A0C7-A0AA02557FD5}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{5356F2BF-CEC9-40A7-9D8D-57B7A2602557}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{6F76504C-FBC5-449F-A38C-3B694B5E207E}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{D34AF1C8-3975-4B61-8A8A-DF13310C5D45}
Successfully deleted: [Empty Folder] C:\Users\Owner\appdata\local\{F2B55A15-6310-4561-9DAB-AC2818EF65D7}



~~~ FireFox

Successfully deleted the following from C:\Users\Owner\AppData\Roaming\mozilla\firefox\profiles\6w55vip2.default\prefs.js

user_pref("browser.search.defaultengine", "Privitize VPN");
Emptied folder: C:\Users\Owner\AppData\Roaming\mozilla\firefox\profiles\6w55vip2.default\minidumps [265 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Mon 07/07/2014 at 12:25:02.63
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 

http://pastebin.com/JqcxdJPP

 

http://pastebin.com/uv2pHgir

 

Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 7/7/2014
Scan Time: 2:18:25 PM
Logfile:
Administrator: Yes

Version: 2.00.2.1012
Malware Database: v2014.07.07.09
Rootkit Database: v2014.07.03.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled

OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: Owner

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 424105
Time Elapsed: 12 min, 0 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 0
(No malicious items detected)

Registry Values: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Folders: 0
(No malicious items detected)

Files: 0
(No malicious items detected)

Physical Sectors: 0
(No malicious items detected)


(end)

 

 

HitmanPro 3.7.9.220
www.hitmanpro.com

   Computer name . . . . : OWNER-PC
   Windows . . . . . . . : 6.1.1.7601.X64/4
   User name . . . . . . : Owner-PC\Owner
   UAC . . . . . . . . . : Enabled
   License . . . . . . . : Free

   Scan date . . . . . . : 2014-07-08 10:12:53
   Scan mode . . . . . . : Normal
   Scan duration . . . . : 14m 57s
   Disk access mode  . . : Direct disk access (SRB)
   Cloud . . . . . . . . : Internet
   Reboot  . . . . . . . : No

   Threats . . . . . . . : 2
   Traces  . . . . . . . : 248

   Objects scanned . . . : 3,088,819
   Files scanned . . . . : 167,922
   Remnants scanned  . . : 1,247,449 files / 1,673,448 keys

Malware _____________________________________________________________________

   C:\Users\Owner\mining\guiminer-scrypt_win32_binaries_v0.04\cgminer\cgminer.exe
      Size . . . . . . . : 567,310 bytes
      Age  . . . . . . . : 23.6 days (2014-06-14 20:09:43)
      Entropy  . . . . . : 6.4
      SHA-256  . . . . . : A8EDACB3FAC182C3FF9BA997D9D0EB7D4C09BFB5FEAF00657257BB3A01D0B568
    > Kaspersky  . . . . : not-a-virus:RiskTool.Win32.BitCoinMiner.cpc
      Fuzzy  . . . . . . : 106.0
      Forensic Cluster
          0.0s C:\Users\Owner\mining\guiminer-scrypt_win32_binaries_v0.04\cgminer\cgminer.exe
          0.0s C:\ProgramData\AVAST Software\Avast\exclusions.ini

   C:\Users\Owner\wow\Such coin\much profit\cudaminer-2014-02-18\cudaminer-2014-02-18\x86\cudaminer.exe
      Size . . . . . . . : 5,744,128 bytes
      Age  . . . . . . . : 130.2 days (2014-02-28 04:47:40)
      Entropy  . . . . . : 7.2
      SHA-256  . . . . . : EBA9E5D689193EB3CD4EF150D9DD54952ACD6E9E74CD46F3ECA85310E6A7D9BD
    > Kaspersky  . . . . : not-a-virus:RiskTool.Win32.BitCoinMiner.mxx
      Fuzzy  . . . . . . : 108.0


Suspicious files ____________________________________________________________

   C:\Users\Melonkracker\AppData\Local\PunkBuster\BLR\pb\pbcl.dll
      Size . . . . . . . : 963,613 bytes
      Age  . . . . . . . : 734.3 days (2012-07-04 03:03:43)
      Entropy  . . . . . : 7.6
      SHA-256  . . . . . : E7EB0F070DDDBDC1793677B6EF811338CDCEC5AE744A032C223DD1763D97A56B
      Fuzzy  . . . . . . : 29.0
         The .reloc (relocation) section in this program contains code. This is an indication of malware infection.
         Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
         Authors name is missing in version info. This is not common to most programs.
         Version control is missing. This file is probably created by an individual. This is not typical for most programs.
         Program contains PE structure anomalies. This is not typical for most programs.

   C:\Users\Melonkracker\AppData\Local\PunkBuster\BLR\pb\PnkBstrK.sys
      Size . . . . . . . : 140,360 bytes
      Age  . . . . . . . : 734.3 days (2012-07-04 03:03:52)
      Entropy  . . . . . : 7.8
      SHA-256  . . . . . : 0F41B3843E2D2D1BB1ACF8B7CAA293309CC1CF8CF478B1AC86DD6BB214928DC4
      RSA Key Size . . . : 2048
      Authenticode . . . : Valid
      Fuzzy  . . . . . . : 22.0
         The .reloc (relocation) section in this program contains code. This is an indication of malware infection.
         Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
         Authors name is missing in version info. This is not common to most programs.
         Version control is missing. This file is probably created by an individual. This is not typical for most programs.
         Program contains PE structure anomalies. This is not typical for most programs.
         The file is a device driver. Device drivers run as trusted (highly privileged) code.
         Program is code signed with a valid Authenticode certificate.

   C:\Users\Owner\AppData\Local\PunkBuster\APB\pb\pbcl.dll
      Size . . . . . . . : 968,536 bytes
      Age  . . . . . . . : 414.4 days (2013-05-19 23:45:11)
      Entropy  . . . . . : 7.6
      SHA-256  . . . . . : 5B7AAFE720F6D7E618784C9AC16A6FD2329B7B0170E24B642D0059971B6C5B7A
      RSA Key Size . . . : 2048
      Authenticode . . . : Valid
      Fuzzy  . . . . . . : 22.0
         The .reloc (relocation) section in this program contains code. This is an indication of malware infection.
         Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
         Authors name is missing in version info. This is not common to most programs.
         Version control is missing. This file is probably created by an individual. This is not typical for most programs.
         Program contains PE structure anomalies. This is not typical for most programs.
         Program is code signed with a valid Authenticode certificate.

   C:\Users\Owner\AppData\Local\PunkBuster\APB\pb\pbclold.dll
      Size . . . . . . . : 968,536 bytes
      Age  . . . . . . . : 420.5 days (2013-05-13 22:30:25)
      Entropy  . . . . . : 7.6
      SHA-256  . . . . . : 5B7AAFE720F6D7E618784C9AC16A6FD2329B7B0170E24B642D0059971B6C5B7A
      RSA Key Size . . . : 2048
      Authenticode . . . : Valid
      Fuzzy  . . . . . . : 22.0
         The .reloc (relocation) section in this program contains code. This is an indication of malware infection.
         Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
         Authors name is missing in version info. This is not common to most programs.
         Version control is missing. This file is probably created by an individual. This is not typical for most programs.
         Program contains PE structure anomalies. This is not typical for most programs.
         Program is code signed with a valid Authenticode certificate.

   C:\Users\Owner\AppData\Local\PunkBuster\APB\pb\PnkBstrK.sys
      Size . . . . . . . : 139,656 bytes
      Age  . . . . . . . : 420.5 days (2013-05-13 22:30:36)
      Entropy  . . . . . : 7.7
      SHA-256  . . . . . : 0C20AD6DD97FF44B94AF48A1FC7A0FDEB8D94E8727A76333B3453B35F27B628F
      RSA Key Size . . . : 2048
      Authenticode . . . : Valid
      Fuzzy  . . . . . . : 22.0
         The .reloc (relocation) section in this program contains code. This is an indication of malware infection.
         Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
         Authors name is missing in version info. This is not common to most programs.
         Version control is missing. This file is probably created by an individual. This is not typical for most programs.
         Program contains PE structure anomalies. This is not typical for most programs.
         The file is a device driver. Device drivers run as trusted (highly privileged) code.
         Program is code signed with a valid Authenticode certificate.

   C:\Users\Owner\AppData\Local\PunkBuster\BLR\pb\pbcl.dll
      Size . . . . . . . : 963,613 bytes
      Age  . . . . . . . : 735.2 days (2012-07-03 04:30:18)
      Entropy  . . . . . : 7.6
      SHA-256  . . . . . : E7EB0F070DDDBDC1793677B6EF811338CDCEC5AE744A032C223DD1763D97A56B
      Fuzzy  . . . . . . : 29.0
         The .reloc (relocation) section in this program contains code. This is an indication of malware infection.
         Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
         Authors name is missing in version info. This is not common to most programs.
         Version control is missing. This file is probably created by an individual. This is not typical for most programs.
         Program contains PE structure anomalies. This is not typical for most programs.

   C:\Users\Owner\AppData\Local\PunkBuster\BLR\pb\PnkBstrK.sys
      Size . . . . . . . : 140,360 bytes
      Age  . . . . . . . : 735.2 days (2012-07-03 04:30:29)
      Entropy  . . . . . : 7.8
      SHA-256  . . . . . : 0F41B3843E2D2D1BB1ACF8B7CAA293309CC1CF8CF478B1AC86DD6BB214928DC4
      RSA Key Size . . . : 2048
      Authenticode . . . : Valid
      Fuzzy  . . . . . . : 22.0
         The .reloc (relocation) section in this program contains code. This is an indication of malware infection.
         Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
         Authors name is missing in version info. This is not common to most programs.
         Version control is missing. This file is probably created by an individual. This is not typical for most programs.
         Program contains PE structure anomalies. This is not typical for most programs.
         The file is a device driver. Device drivers run as trusted (highly privileged) code.
         Program is code signed with a valid Authenticode certificate.

   C:\Users\Owner\AppData\Local\PunkBuster\FC3\pb\pbcl.dll
      Size . . . . . . . : 953,886 bytes
      Age  . . . . . . . : 583.8 days (2012-12-01 14:04:04)
      Entropy  . . . . . : 7.6
      SHA-256  . . . . . : 6D5E2CD4A7A43EB00B600BA783AD3BEE6B817C030A40600D40367173A6ECEB13
      Fuzzy  . . . . . . : 29.0
         The .reloc (relocation) section in this program contains code. This is an indication of malware infection.
         Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
         Authors name is missing in version info. This is not common to most programs.
         Version control is missing. This file is probably created by an individual. This is not typical for most programs.
         Program contains PE structure anomalies. This is not typical for most programs.

   C:\Users\Owner\AppData\Local\PunkBuster\FC3\pb\pbcls.dll
      Size . . . . . . . : 953,886 bytes
      Age  . . . . . . . : 583.8 days (2012-12-01 14:04:04)
      Entropy  . . . . . : 7.6
      SHA-256  . . . . . : 6D5E2CD4A7A43EB00B600BA783AD3BEE6B817C030A40600D40367173A6ECEB13
      Fuzzy  . . . . . . : 29.0
         The .reloc (relocation) section in this program contains code. This is an indication of malware infection.
         Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
         Authors name is missing in version info. This is not common to most programs.
         Version control is missing. This file is probably created by an individual. This is not typical for most programs.
         Program contains PE structure anomalies. This is not typical for most programs.

   C:\Users\Owner\AppData\Local\PunkBuster\FC3\pb\PnkBstrK.sys
      Size . . . . . . . : 138,032 bytes
      Age  . . . . . . . : 583.8 days (2012-12-01 14:04:28)
      Entropy  . . . . . : 7.8
      SHA-256  . . . . . : ABAF3FACF01E10E4C685F79C3B9E5D2118B3CF8629C4277EBE035B2A10474148
      RSA Key Size . . . : 2048
      Authenticode . . . : Valid
      Fuzzy  . . . . . . : 22.0
         The .reloc (relocation) section in this program contains code. This is an indication of malware infection.
         Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
         Authors name is missing in version info. This is not common to most programs.
         Version control is missing. This file is probably created by an individual. This is not typical for most programs.
         Program contains PE structure anomalies. This is not typical for most programs.
         The file is a device driver. Device drivers run as trusted (highly privileged) code.
         Program is code signed with a valid Authenticode certificate.

   C:\Users\Owner\AppData\Local\PunkBuster\HOS\pb\pbcl.dll
      Size . . . . . . . : 951,877 bytes
      Age  . . . . . . . : 190.5 days (2013-12-29 22:41:36)
      Entropy  . . . . . : 7.6
      SHA-256  . . . . . : 833CB80463E9181DBCC24242B392B70E6E80DD72A07B79727AB9936FCADEDD2A
      Fuzzy  . . . . . . : 29.0
         The .reloc (relocation) section in this program contains code. This is an indication of malware infection.
         Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
         Authors name is missing in version info. This is not common to most programs.
         Version control is missing. This file is probably created by an individual. This is not typical for most programs.
         Program contains PE structure anomalies. This is not typical for most programs.

   C:\Users\Owner\AppData\Local\PunkBuster\HOS\pb\pbclold.dll
      Size . . . . . . . : 951,877 bytes
      Age  . . . . . . . : 200.5 days (2013-12-19 21:29:40)
      Entropy  . . . . . : 7.6
      SHA-256  . . . . . : 833CB80463E9181DBCC24242B392B70E6E80DD72A07B79727AB9936FCADEDD2A
      Fuzzy  . . . . . . : 29.0
         The .reloc (relocation) section in this program contains code. This is an indication of malware infection.
         Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
         Authors name is missing in version info. This is not common to most programs.
         Version control is missing. This file is probably created by an individual. This is not typical for most programs.
         Program contains PE structure anomalies. This is not typical for most programs.

   C:\Users\Owner\AppData\Local\PunkBuster\HOS\pb\PnkBstrK.sys
      Size . . . . . . . : 139,112 bytes
      Age  . . . . . . . : 200.5 days (2013-12-19 21:29:51)
      Entropy  . . . . . : 7.7
      SHA-256  . . . . . : 22A0F36A4E6891CDCFDF3460A19285662D017B02266D5D9A7EED43CF74B0A39A
      RSA Key Size . . . : 2048
      Authenticode . . . : Valid
      Fuzzy  . . . . . . : 22.0
         The .reloc (relocation) section in this program contains code. This is an indication of malware infection.
         Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
         Authors name is missing in version info. This is not common to most programs.
         Version control is missing. This file is probably created by an individual. This is not typical for most programs.
         Program contains PE structure anomalies. This is not typical for most programs.
         The file is a device driver. Device drivers run as trusted (highly privileged) code.
         Program is code signed with a valid Authenticode certificate.

   C:\Users\Owner\AppData\Local\PunkBuster\TWZ\pb\pbcl.dll
      Size . . . . . . . : 964,936 bytes
      Age  . . . . . . . : 377.4 days (2013-06-26 01:33:30)
      Entropy  . . . . . : 7.6
      SHA-256  . . . . . : 4B79C9E2ED01AF93CE240F235DB266B9276F6EEB9497D341B2CC04B7B640B3AE
      RSA Key Size . . . : 2048
      Authenticode . . . : Valid
      Fuzzy  . . . . . . : 22.0
         The .reloc (relocation) section in this program contains code. This is an indication of malware infection.
         Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
         Authors name is missing in version info. This is not common to most programs.
         Version control is missing. This file is probably created by an individual. This is not typical for most programs.
         Program contains PE structure anomalies. This is not typical for most programs.
         Program is code signed with a valid Authenticode certificate.

   C:\Users\Owner\AppData\Local\PunkBuster\TWZ\pb\PnkBstrK.sys
      Size . . . . . . . : 139,528 bytes
      Age  . . . . . . . : 377.4 days (2013-06-26 01:33:42)
      Entropy  . . . . . : 7.7
      SHA-256  . . . . . : C2657515354653B5A7C17F3F9CA4B5F97B9442C976F5A9FC9A5FDB8A7392138E
      RSA Key Size . . . : 2048
      Authenticode . . . : Valid
      Fuzzy  . . . . . . : 22.0
         The .reloc (relocation) section in this program contains code. This is an indication of malware infection.
         Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
         Authors name is missing in version info. This is not common to most programs.
         Version control is missing. This file is probably created by an individual. This is not typical for most programs.
         Program contains PE structure anomalies. This is not typical for most programs.
         The file is a device driver. Device drivers run as trusted (highly privileged) code.
         Program is code signed with a valid Authenticode certificate.

   C:\Users\Owner\Desktop\FRST64.exe
      Size . . . . . . . : 2,084,352 bytes
      Age  . . . . . . . : 2.0 days (2014-07-06 11:18:59)
      Entropy  . . . . . : 7.5
      SHA-256  . . . . . : 7A418A9E5BAC292758ECC94531F2FAB96264A33AAE3E880CF17B2AA603058676
      Needs elevation  . : Yes
      Fuzzy  . . . . . . : 24.0
         Program has no publisher information but prompts the user for permission elevation.
         Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
         Authors name is missing in version info. This is not common to most programs.
         Version control is missing. This file is probably created by an individual. This is not typical for most programs.
         Time indicates that the file appeared recently on this computer.
      Forensic Cluster
          0.0s C:\Users\Owner\Desktop\FRST64.exe
          0.1s C:\Users\Owner\AppData\Roaming\Dropbox\shellext\l\53b99313
          0.1s C:\Users\Owner\AppData\Roaming\Dropbox\shellext\l\53b99313
          0.1s C:\Users\Owner\AppData\Roaming\Dropbox\shellext\l\53b99313
          0.1s C:\Users\Owner\AppData\Roaming\Dropbox\shellext\l\53b99313
          0.1s C:\Users\Owner\AppData\Roaming\Dropbox\shellext\l\53b99313
          0.1s C:\Users\Owner\AppData\Roaming\Dropbox\shellext\l\53b99313
          0.1s C:\Users\Owner\AppData\Roaming\Dropbox\shellext\l\53b99313
          0.1s C:\Users\Owner\AppData\Roaming\Dropbox\shellext\l\53b99313
          0.1s C:\Users\Owner\AppData\Roaming\Dropbox\shellext\l\53b99313
          0.1s C:\Users\Owner\AppData\Roaming\Dropbox\shellext\l\53b99313
          0.1s C:\Users\Owner\AppData\Roaming\Dropbox\shellext\l\53b99313
          0.1s C:\Users\Owner\AppData\Roaming\Dropbox\shellext\l\53b99313
          0.1s C:\Users\Owner\AppData\Roaming\Dropbox\shellext\l\53b99313
          0.1s C:\Users\Owner\AppData\Roaming\Dropbox\shellext\l\53b99313
          0.1s C:\Users\Owner\AppData\Roaming\Dropbox\shellext\l\53b99313
          0.1s C:\Users\Owner\AppData\Roaming\Dropbox\shellext\l\53b99313
          0.1s C:\Users\Owner\AppData\Roaming\Dropbox\shellext\l\53b99313

   C:\Users\Owner\Favorites\STUFFSIES\Clean Up\MiniToolBox.exe
      Size . . . . . . . : 401,920 bytes
      Age  . . . . . . . : 2.6 days (2014-07-05 19:25:14)
      Entropy  . . . . . : 7.9
      SHA-256  . . . . . : 5BA21018ABFE5B58424BFDB5D28412D08EFF86840BCB7AE1D80FD0FF0EB6193F
      Needs elevation  . : Yes
      Fuzzy  . . . . . . : 24.0
         Program has no publisher information but prompts the user for permission elevation.
         Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
         Authors name is missing in version info. This is not common to most programs.
         Version control is missing. This file is probably created by an individual. This is not typical for most programs.
         Time indicates that the file appeared recently on this computer.
      References
         HKU\S-1-5-21-688074385-1042068862-3521065105-1000\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\C:\Users\Owner\Favorites\STUFFSIES\Clean Up\MiniToolBox.exe

   C:\Windows\SysWOW64\GameMon.des
      Size . . . . . . . : 3,953,632 bytes
      Age  . . . . . . . : 730.8 days (2012-07-07 15:33:37)
      Entropy  . . . . . : 7.9
      SHA-256  . . . . . : AEAACE5F6B3F0AE65CC941909314B8D4E49A4796E454029DAF182F9141294F5D
      Product  . . . . . : nProtect Game Monitor
      Publisher  . . . . : INCA Internet Co., Ltd.
      Description  . . . : nProtect Game Monitor Rev 1836
      Version  . . . . . : 2012.3.5.1
      Service  . . . . . : npggsvc
      LanguageID . . . . : 1042
      Fuzzy  . . . . . . : 34.0
         The file name extension of this program is not common.
         Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
         Starts automatically as a service during system bootup.
         The file is located in a folder that contains core operating system files from Windows. This is not typical for most programs and is only common to system tools, drivers and hacking utilities.
      Startup
         HKLM\SYSTEM\CurrentControlSet\Services\npggsvc\


Potential Unwanted Programs _________________________________________________

   HKLM\SOFTWARE\Classes\Installer\UpgradeCodes\A97CEC23332751B47BA4B95BAA50C9D0\ (Sweetpacks)
   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\A97CEC23332751B47BA4B95BAA50C9D0\ (Sweetpacks)
   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\02F47BF73B948514FAACADD8CBBDF37D\ (Sweetpacks)
   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\080D9F5E1E95FEE4794CE438E635239E\ (Sweetpacks)
   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1E264E0A5959A1C46BA9175A878B12EA\ (Sweetpacks)
   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2E6768B6932D112438F047C54D180635\ (Sweetpacks)
   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\351716A953E21214898904032EAE2E81\ (Sweetpacks)
   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\397C771A7BCAC904697C3EC629ED33ED\ (Sweetpacks)
   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\69D6A6B2ED56AF24EA6335EAD6E91CA4\ (Sweetpacks)
   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7FFA128C2B0FF414D805FC5627883401\ (Sweetpacks)
   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\86EDC790504E1834DBC20C9A04328FD2\ (Sweetpacks)
   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\97C3D0F82E712E241A2F969F45E3351C\ (Sweetpacks)
   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\98CC8BF5A4A6E6C4ABF7051DDAB8B058\ (Sweetpacks)
   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9E7F556BF224D804D96A96F0F6344789\ (Sweetpacks)
   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A189D17A469616C4688D23E192996267\ (Sweetpacks)
   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BF4F885EDEE45644EB1E0C99E0162399\ (Sweetpacks)
   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CE21F3FD57B244142880EF15A165A156\ (Sweetpacks)
   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D15DAF33C220F91468A1D7D57C31ACD7\ (Sweetpacks)
   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D3BA76A44C779424889063D5098ED2D6\ (Sweetpacks)
   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D6D0EB9FDBD90C04D92A7E729058F10D\ (Sweetpacks)
   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E4748F9A4181FCE46A23C13B517B9420\ (Sweetpacks)

Cookies _____________________________________________________________________

   C:\Users\Family\AppData\Roaming\Mozilla\Firefox\Profiles\h1rxej71.default\cookies.sqlite:247realmedia.com
   C:\Users\Family\AppData\Roaming\Mozilla\Firefox\Profiles\h1rxej71.default\cookies.sqlite:a1.interclick.com
   C:\Users\Family\AppData\Roaming\Mozilla\Firefox\Profiles\h1rxej71.default\cookies.sqlite:ad.360yield.com
   C:\Users\Family\AppData\Roaming\Mozilla\Firefox\Profiles\h1rxej71.default\cookies.sqlite:ad.mlnadvertising.com
   C:\Users\Family\AppData\Roaming\Mozilla\Firefox\Profiles\h1rxej71.default\cookies.sqlite:ad.yieldmanager.com
   C:\Users\Family\AppData\Roaming\Mozilla\Firefox\Profiles\h1rxej71.default\cookies.sqlite:ads.cleveland.com
   C:\Users\Family\AppData\Roaming\Mozilla\Firefox\Profiles\h1rxej71.default\cookies.sqlite:ads.nj.com
   C:\Users\Family\AppData\Roaming\Mozilla\Firefox\Profiles\h1rxej71.default\cookies.sqlite:ads.nola.com
   C:\Users\Family\AppData\Roaming\Mozilla\Firefox\Profiles\h1rxej71.default\cookies.sqlite:ads.p161.net
   C:\Users\Family\AppData\Roaming\Mozilla\Firefox\Profiles\h1rxej71.default\cookies.sqlite:ads.pointroll.com
   C:\Users\Family\AppData\Roaming\Mozilla\Firefox\Profiles\h1rxej71.default\cookies.sqlite:ads.pubmatic.com
   C:\Users\Family\AppData\Roaming\Mozilla\Firefox\Profiles\h1rxej71.default\cookies.sqlite:ads.undertone.com
   C:\Users\Family\AppData\Roaming\Mozilla\Firefox\Profiles\h1rxej71.default\cookies.sqlite:ads.videohub.tv
   C:\Users\Family\AppData\Roaming\Mozilla\Firefox\Profiles\h1rxej71.default\cookies.sqlite:ads.vlmac.com
   C:\Users\Family\AppData\Roaming\Mozilla\Firefox\Profiles\h1rxej71.default\cookies.sqlite:ads.yahoo.com
   C:\Users\Family\AppData\Roaming\Mozilla\Firefox\Profiles\h1rxej71.default\cookies.sqlite:adserver.adtechus.com
   C:\Users\Family\AppData\Roaming\Mozilla\Firefox\Profiles\h1rxej71.default\cookies.sqlite:adtech.de
   C:\Users\Family\AppData\Roaming\Mozilla\Firefox\Profiles\h1rxej71.default\cookies.sqlite:adtechus.com
   C:\Users\Family\AppData\Roaming\Mozilla\Firefox\Profiles\h1rxej71.default\cookies.sqlite:advertising-support.com
   C:\Users\Family\AppData\Roaming\Mozilla\Firefox\Profiles\h1rxej71.default\cookies.sqlite:advertising.com
   C:\Users\Family\AppData\Roaming\Mozilla\Firefox\Profiles\h1rxej71.default\cookies.sqlite:amtrak.112.2o7.net
   C:\Users\Family\AppData\Roaming\Mozilla\Firefox\Profiles\h1rxej71.default\cookies.sqlite:apmebf.com
   C:\Users\Family\AppData\Roaming\Mozilla\Firefox\Profiles\h1rxej71.default\cookies.sqlite:ar.atwola.com
   C:\Users\Family\AppData\Roaming\Mozilla\Firefox\Profiles\h1rxej71.default\cookies.sqlite:at.atwola.com
   C:\Users\Family\AppData\Roaming\Mozilla\Firefox\Profiles\h1rxej71.default\cookies.sqlite:atdmt.com
   C:\Users\Family\AppData\Roaming\Mozilla\Firefox\Profiles\h1rxej71.default\cookies.sqlite:atwola.com
   C:\Users\Family\AppData\Roaming\Mozilla\Firefox\Profiles\h1rxej71.default\cookies.sqlite:bs.serving-sys.com
   C:\Users\Family\AppData\Roaming\Mozilla\Firefox\Profiles\h1rxej71.default\cookies.sqlite:burstnet.com
   C:\Users\Family\AppData\Roaming\Mozilla\Firefox\Profiles\h1rxej71.default\cookies.sqlite:c.atdmt.com
   C:\Users\Family\AppData\Roaming\Mozilla\Firefox\Profiles\h1rxej71.default\cookies.sqlite:care2.112.2o7.net
   C:\Users\Family\AppData\Roaming\Mozilla\Firefox\Profiles\h1rxej71.default\cookies.sqlite:casalemedia.com
   C:\Users\Family\AppData\Roaming\Mozilla\Firefox\Profiles\h1rxej71.default\cookies.sqlite:collective-media.net
   C:\Users\Family\AppData\Roaming\Mozilla\Firefox\Profiles\h1rxej71.default\cookies.sqlite:doubleclick.net
   C:\Users\Family\AppData\Roaming\Mozilla\Firefox\Profiles\h1rxej71.default\cookies.sqlite:ehg-verizon.hitbox.com
   C:\Users\Family\AppData\Roaming\Mozilla\Firefox\Profiles\h1rxej71.default\cookies.sqlite:fastclick.net
   C:\Users\Family\AppData\Roaming\Mozilla\Firefox\Profiles\h1rxej71.default\cookies.sqlite:h.atdmt.com
   C:\Users\Family\AppData\Roaming\Mozilla\Firefox\Profiles\h1rxej71.default\cookies.sqlite:hitbox.com
   C:\Users\Family\AppData\Roaming\Mozilla\Firefox\Profiles\h1rxej71.default\cookies.sqlite:interclick.com
   C:\Users\Family\AppData\Roaming\Mozilla\Firefox\Profiles\h1rxej71.default\cookies.sqlite:invitemedia.com
   C:\Users\Family\AppData\Roaming\Mozilla\Firefox\Profiles\h1rxej71.default\cookies.sqlite:media6degrees.com
   C:\Users\Family\AppData\Roaming\Mozilla\Firefox\Profiles\h1rxej71.default\cookies.sqlite:mediaplex.com
   C:\Users\Family\AppData\Roaming\Mozilla\Firefox\Profiles\h1rxej71.default\cookies.sqlite:network.realmedia.com
   C:\Users\Family\AppData\Roaming\Mozilla\Firefox\Profiles\h1rxej71.default\cookies.sqlite:paypal.112.2o7.net
   C:\Users\Family\AppData\Roaming\Mozilla\Firefox\Profiles\h1rxej71.default\cookies.sqlite:pointroll.com
   C:\Users\Family\AppData\Roaming\Mozilla\Firefox\Profiles\h1rxej71.default\cookies.sqlite:pool-eu-ie.creative-serving.com
   C:\Users\Family\AppData\Roaming\Mozilla\Firefox\Profiles\h1rxej71.default\cookies.sqlite:questionmarket.com
   C:\Users\Family\AppData\Roaming\Mozilla\Firefox\Profiles\h1rxej71.default\cookies.sqlite:realmedia.com
   C:\Users\Family\AppData\Roaming\Mozilla\Firefox\Profiles\h1rxej71.default\cookies.sqlite:revsci.net
   C:\Users\Family\AppData\Roaming\Mozilla\Firefox\Profiles\h1rxej71.default\cookies.sqlite:ru4.com
   C:\Users\Family\AppData\Roaming\Mozilla\Firefox\Profiles\h1rxej71.default\cookies.sqlite:serving-sys.com
   C:\Users\Family\AppData\Roaming\Mozilla\Firefox\Profiles\h1rxej71.default\cookies.sqlite:smartadserver.com
   C:\Users\Family\AppData\Roaming\Mozilla\Firefox\Profiles\h1rxej71.default\cookies.sqlite:specificclick.net
   C:\Users\Family\AppData\Roaming\Mozilla\Firefox\Profiles\h1rxej71.default\cookies.sqlite:stats.paypal.com
   C:\Users\Family\AppData\Roaming\Mozilla\Firefox\Profiles\h1rxej71.default\cookies.sqlite:statse.webtrendslive.com
   C:\Users\Family\AppData\Roaming\Mozilla\Firefox\Profiles\h1rxej71.default\cookies.sqlite:t.pointroll.com
   C:\Users\Family\AppData\Roaming\Mozilla\Firefox\Profiles\h1rxej71.default\cookies.sqlite:tacoda.at.atwola.com
   C:\Users\Family\AppData\Roaming\Mozilla\Firefox\Profiles\h1rxej71.default\cookies.sqlite:track.adform.net
   C:\Users\Family\AppData\Roaming\Mozilla\Firefox\Profiles\h1rxej71.default\cookies.sqlite:trafficmp.com
   C:\Users\Family\AppData\Roaming\Mozilla\Firefox\Profiles\h1rxej71.default\cookies.sqlite:tribalfusion.com
   C:\Users\Family\AppData\Roaming\Mozilla\Firefox\Profiles\h1rxej71.default\cookies.sqlite:verizontelecom.112.2o7.net
   C:\Users\Family\AppData\Roaming\Mozilla\Firefox\Profiles\h1rxej71.default\cookies.sqlite:www.burstnet.com
   C:\Users\Family\AppData\Roaming\Mozilla\Firefox\Profiles\h1rxej71.default\cookies.sqlite:www.googleadservices.com
   C:\Users\Family\AppData\Roaming\Mozilla\Firefox\Profiles\h1rxej71.default\cookies.sqlite:zedo.com
   C:\Users\Melonkracker\AppData\Local\Google\Chrome\User Data\Default\Cookies:doubleclick.net
   C:\Users\Melonkracker\AppData\Roaming\Mozilla\Firefox\Profiles\uuxnq12t.default\cookies.sqlite:247realmedia.com
   C:\Users\Melonkracker\AppData\Roaming\Mozilla\Firefox\Profiles\uuxnq12t.default\cookies.sqlite:2o7.net
   C:\Users\Melonkracker\AppData\Roaming\Mozilla\Firefox\Profiles\uuxnq12t.default\cookies.sqlite:a1.interclick.com
   C:\Users\Melonkracker\AppData\Roaming\Mozilla\Firefox\Profiles\uuxnq12t.default\cookies.sqlite:ad.360yield.com
   C:\Users\Melonkracker\AppData\Roaming\Mozilla\Firefox\Profiles\uuxnq12t.default\cookies.sqlite:ad.e-kolay.net
   C:\Users\Melonkracker\AppData\Roaming\Mozilla\Firefox\Profiles\uuxnq12t.default\cookies.sqlite:ad.mlnadvertising.com
   C:\Users\Melonkracker\AppData\Roaming\Mozilla\Firefox\Profiles\uuxnq12t.default\cookies.sqlite:ad.propellerads.com
   C:\Users\Melonkracker\AppData\Roaming\Mozilla\Firefox\Profiles\uuxnq12t.default\cookies.sqlite:ad.yabuka.com
   C:\Users\Melonkracker\AppData\Roaming\Mozilla\Firefox\Profiles\uuxnq12t.default\cookies.sqlite:ad.yieldmanager.com
   C:\Users\Melonkracker\AppData\Roaming\Mozilla\Firefox\Profiles\uuxnq12t.default\cookies.sqlite:adbrite.com
   C:\Users\Melonkracker\AppData\Roaming\Mozilla\Firefox\Profiles\uuxnq12t.default\cookies.sqlite:adinterax.com
   C:\Users\Melonkracker\AppData\Roaming\Mozilla\Firefox\Profiles\uuxnq12t.default\cookies.sqlite:adlegend.com
   C:\Users\Melonkracker\AppData\Roaming\Mozilla\Firefox\Profiles\uuxnq12t.default\cookies.sqlite:ads.ad4game.com
   C:\Users\Melonkracker\AppData\Roaming\Mozilla\Firefox\Profiles\uuxnq12t.default\cookies.sqlite:ads.adap.tv
   C:\Users\Melonkracker\AppData\Roaming\Mozilla\Firefox\Profiles\uuxnq12t.default\cookies.sqlite:ads.adk2.com
   C:\Users\Melonkracker\AppData\Roaming\Mozilla\Firefox\Profiles\uuxnq12t.default\cookies.sqlite:ads.advertisespace.com
   C:\Users\Melonkracker\AppData\Roaming\Mozilla\Firefox\Profiles\uuxnq12t.default\cookies.sqlite:ads.al.com
   C:\Users\Melonkracker\AppData\Roaming\Mozilla\Firefox\Profiles\uuxnq12t.default\cookies.sqlite:ads.bridgetrack.com
   C:\Users\Melonkracker\AppData\Roaming\Mozilla\Firefox\Profiles\uuxnq12t.default\cookies.sqlite:ads.cleveland.com
   C:\Users\Melonkracker\AppData\Roaming\Mozilla\Firefox\Profiles\uuxnq12t.default\cookies.sqlite:ads.creative-serving.com
   C:\Users\Melonkracker\AppData\Roaming\Mozilla\Firefox\Profiles\uuxnq12t.default\cookies.sqlite:ads.flesheatingzipper.com
   C:\Users\Melonkracker\AppData\Roaming\Mozilla\Firefox\Profiles\uuxnq12t.default\cookies.sqlite:ads.gamerpublishing.com
   C:\Users\Melonkracker\AppData\Roaming\Mozilla\Firefox\Profiles\uuxnq12t.default\cookies.sqlite:ads.glispa.com
   C:\Users\Melonkracker\AppData\Roaming\Mozilla\Firefox\Profiles\uuxnq12t.default\cookies.sqlite:ads.intergi.com
   C:\Users\Melonkracker\AppData\Roaming\Mozilla\Firefox\Profiles\uuxnq12t.default\cookies.sqlite:ads.mlive.com
   C:\Users\Melonkracker\AppData\Roaming\Mozilla\Firefox\Profiles\uuxnq12t.default\cookies.sqlite:ads.nj.com
   C:\Users\Melonkracker\AppData\Roaming\Mozilla\Firefox\Profiles\uuxnq12t.default\cookies.sqlite:ads.nola.com
   C:\Users\Melonkracker\AppData\Roaming\Mozilla\Firefox\Profiles\uuxnq12t.default\cookies.sqlite:ads.ookla.com
   C:\Users\Melonkracker\AppData\Roaming\Mozilla\Firefox\Profiles\uuxnq12t.default\cookies.sqlite:ads.oregonlive.com
   C:\Users\Melonkracker\AppData\Roaming\Mozilla\Firefox\Profiles\uuxnq12t.default\cookies.sqlite:ads.p161.net
   C:\Users\Melonkracker\AppData\Roaming\Mozilla\Firefox\Profiles\uuxnq12t.default\cookies.sqlite:ads.pointroll.com
   C:\Users\Melonkracker\AppData\Roaming\Mozilla\Firefox\Profiles\uuxnq12t.default\cookies.sqlite:ads.pubmatic.com
   C:\Users\Melonkracker\AppData\Roaming\Mozilla\Firefox\Profiles\uuxnq12t.default\cookies.sqlite:ads.stickyadstv.com
   C:\Users\Melonkracker\AppData\Roaming\Mozilla\Firefox\Profiles\uuxnq12t.default\cookies.sqlite:ads.undertone.com
   C:\Users\Melonkracker\AppData\Roaming\Mozilla\Firefox\Profiles\uuxnq12t.default\cookies.sqlite:ads.yahoo.com
   C:\Users\Melonkracker\AppData\Roaming\Mozilla\Firefox\Profiles\uuxnq12t.default\cookies.sqlite:adserver.adtechus.com
   C:\Users\Melonkracker\AppData\Roaming\Mozilla\Firefox\Profiles\uuxnq12t.default\cookies.sqlite:adserver2.gamerpublishing.com
   C:\Users\Melonkracker\AppData\Roaming\Mozilla\Firefox\Profiles\uuxnq12t.default\cookies.sqlite:adtech.de
   C:\Users\Melonkracker\AppData\Roaming\Mozilla\Firefox\Profiles\uuxnq12t.default\cookies.sqlite:adtechus.com
   C:\Users\Melonkracker\AppData\Roaming\Mozilla\Firefox\Profiles\uuxnq12t.default\cookies.sqlite:adultswim.com
   C:\Users\Melonkracker\AppData\Roaming\Mozilla\Firefox\Profiles\uuxnq12t.default\cookies.sqlite:advertising.com
   C:\Users\Melonkracker\AppData\Roaming\Mozilla\Firefox\Profiles\uuxnq12t.default\cookies.sqlite:apmebf.com
   C:\Users\Melonkracker\AppData\Roaming\Mozilla\Firefox\Profiles\uuxnq12t.default\cookies.sqlite:ar.atwola.com
   C:\Users\Melonkracker\AppData\Roaming\Mozilla\Firefox\Profiles\uuxnq12t.default\cookies.sqlite:at.atwola.com
   C:\Users\Melonkracker\AppData\Roaming\Mozilla\Firefox\Profiles\uuxnq12t.default\cookies.sqlite:atdmt.com
   C:\Users\Melonkracker\AppData\Roaming\Mozilla\Firefox\Profiles\uuxnq12t.default\cookies.sqlite:atwola.com
   C:\Users\Melonkracker\AppData\Roaming\Mozilla\Firefox\Profiles\uuxnq12t.default\cookies.sqlite:bs.serving-sys.com
   C:\Users\Melonkracker\AppData\Roaming\Mozilla\Firefox\Profiles\uuxnq12t.default\cookies.sqlite:burstnet.com
   C:\Users\Melonkracker\AppData\Roaming\Mozilla\Firefox\Profiles\uuxnq12t.default\cookies.sqlite:c.atdmt.com
   C:\Users\Melonkracker\AppData\Roaming\Mozilla\Firefox\Profiles\uuxnq12t.default\cookies.sqlite:casalemedia.com
   C:\Users\Melonkracker\AppData\Roaming\Mozilla\Firefox\Profiles\uuxnq12t.default\cookies.sqlite:cmp.112.2o7.net
   C:\Users\Melonkracker\AppData\Roaming\Mozilla\Firefox\Profiles\uuxnq12t.default\cookies.sqlite:collective-media.net
   C:\Users\Melonkracker\AppData\Roaming\Mozilla\Firefox\Profiles\uuxnq12t.default\cookies.sqlite:cpmstar.com
   C:\Users\Melonkracker\AppData\Roaming\Mozilla\Firefox\Profiles\uuxnq12t.default\cookies.sqlite:doubleclick.net
   C:\Users\Melonkracker\AppData\Roaming\Mozilla\Firefox\Profiles\uuxnq12t.default\cookies.sqlite:eaeacom.112.2o7.net
   C:\Users\Melonkracker\AppData\Roaming\Mozilla\Firefox\Profiles\uuxnq12t.default\cookies.sqlite:ehg-verizon.hitbox.com
   C:\Users\Melonkracker\AppData\Roaming\Mozilla\Firefox\Profiles\uuxnq12t.default\cookies.sqlite:emjcd.com
   C:\Users\Melonkracker\AppData\Roaming\Mozilla\Firefox\Profiles\uuxnq12t.default\cookies.sqlite:exoclick.com
   C:\Users\Melonkracker\AppData\Roaming\Mozilla\Firefox\Profiles\uuxnq12t.default\cookies.sqlite:fastclick.net
   C:\Users\Melonkracker\AppData\Roaming\Mozilla\Firefox\Profiles\uuxnq12t.default\cookies.sqlite:games.adultswim.com
   C:\Users\Melonkracker\AppData\Roaming\Mozilla\Firefox\Profiles\uuxnq12t.default\cookies.sqlite:googleads.g.doubleclick.net
   C:\Users\Melonkracker\AppData\Roaming\Mozilla\Firefox\Profiles\uuxnq12t.default\cookies.sqlite:h.atdmt.com
   C:\Users\Melonkracker\AppData\Roaming\Mozilla\Firefox\Profiles\uuxnq12t.default\cookies.sqlite:hitbox.com
   C:\Users\Melonkracker\AppData\Roaming\Mozilla\Firefox\Profiles\uuxnq12t.default\cookies.sqlite:in.getclicky.com
   C:\Users\Melonkracker\AppData\Roaming\Mozilla\Firefox\Profiles\uuxnq12t.default\cookies.sqlite:interclick.com
   C:\Users\Melonkracker\AppData\Roaming\Mozilla\Firefox\Profiles\uuxnq12t.default\cookies.sqlite:invitemedia.com
   C:\Users\Melonkracker\AppData\Roaming\Mozilla\Firefox\Profiles\uuxnq12t.default\cookies.sqlite:kontera.com
   C:\Users\Melonkracker\AppData\Roaming\Mozilla\Firefox\Profiles\uuxnq12t.default\cookies.sqlite:lego.112.2o7.net
   C:\Users\Melonkracker\AppData\Roaming\Mozilla\Firefox\Profiles\uuxnq12t.default\cookies.sqlite:media6degrees.com
   C:\Users\Melonkracker\AppData\Roaming\Mozilla\Firefox\Profiles\uuxnq12t.default\cookies.sqlite:mediaplex.com
   C:\Users\Melonkracker\AppData\Roaming\Mozilla\Firefox\Profiles\uuxnq12t.default\cookies.sqlite:msnbc.112.2o7.net
   C:\Users\Melonkracker\AppData\Roaming\Mozilla\Firefox\Profiles\uuxnq12t.default\cookies.sqlite:network.realmedia.com
   C:\Users\Melonkracker\AppData\Roaming\Mozilla\Firefox\Profiles\uuxnq12t.default\cookies.sqlite:pcworldcommunication.122.2o7.net
   C:\Users\Melonkracker\AppData\Roaming\Mozilla\Firefox\Profiles\uuxnq12t.default\cookies.sqlite:pointroll.com
   C:\Users\Melonkracker\AppData\Roaming\Mozilla\Firefox\Profiles\uuxnq12t.default\cookies.sqlite:pool-eu-ie.creative-serving.com
   C:\Users\Melonkracker\AppData\Roaming\Mozilla\Firefox\Profiles\uuxnq12t.default\cookies.sqlite:popsci.com.122.2o7.net
   C:\Users\Melonkracker\AppData\Roaming\Mozilla\Firefox\Profiles\uuxnq12t.default\cookies.sqlite:questionmarket.com
   C:\Users\Melonkracker\AppData\Roaming\Mozilla\Firefox\Profiles\uuxnq12t.default\cookies.sqlite:realmedia.com
   C:\Users\Melonkracker\AppData\Roaming\Mozilla\Firefox\Profiles\uuxnq12t.default\cookies.sqlite:revsci.net
   C:\Users\Melonkracker\AppData\Roaming\Mozilla\Firefox\Profiles\uuxnq12t.default\cookies.sqlite:ru4.com
   C:\Users\Melonkracker\AppData\Roaming\Mozilla\Firefox\Profiles\uuxnq12t.default\cookies.sqlite:server.cpmstar.com
   C:\Users\Melonkracker\AppData\Roaming\Mozilla\Firefox\Profiles\uuxnq12t.default\cookies.sqlite:serving-sys.com
   C:\Users\Melonkracker\AppData\Roaming\Mozilla\Firefox\Profiles\uuxnq12t.default\cookies.sqlite:smartadserver.com
   C:\Users\Melonkracker\AppData\Roaming\Mozilla\Firefox\Profiles\uuxnq12t.default\cookies.sqlite:specificclick.net
   C:\Users\Melonkracker\AppData\Roaming\Mozilla\Firefox\Profiles\uuxnq12t.default\cookies.sqlite:statcounter.com
   C:\Users\Melonkracker\AppData\Roaming\Mozilla\Firefox\Profiles\uuxnq12t.default\cookies.sqlite:stats.adotube.com
   C:\Users\Melonkracker\AppData\Roaming\Mozilla\Firefox\Profiles\uuxnq12t.default\cookies.sqlite:stats.tf
   C:\Users\Melonkracker\AppData\Roaming\Mozilla\Firefox\Profiles\uuxnq12t.default\cookies.sqlite:statse.webtrendslive.com
   C:\Users\Melonkracker\AppData\Roaming\Mozilla\Firefox\Profiles\uuxnq12t.default\cookies.sqlite:survey.g.doubleclick.net
   C:\Users\Melonkracker\AppData\Roaming\Mozilla\Firefox\Profiles\uuxnq12t.default\cookies.sqlite:synacor.112.2o7.net
   C:\Users\Melonkracker\AppData\Roaming\Mozilla\Firefox\Profiles\uuxnq12t.default\cookies.sqlite:t.pointroll.com
   C:\Users\Melonkracker\AppData\Roaming\Mozilla\Firefox\Profiles\uuxnq12t.default\cookies.sqlite:tacoda.at.atwola.com
   C:\Users\Melonkracker\AppData\Roaming\Mozilla\Firefox\Profiles\uuxnq12t.default\cookies.sqlite:tacoda.net
   C:\Users\Melonkracker\AppData\Roaming\Mozilla\Firefox\Profiles\uuxnq12t.default\cookies.sqlite:testdata.coremetrics.com
   C:\Users\Melonkracker\AppData\Roaming\Mozilla\Firefox\Profiles\uuxnq12t.default\cookies.sqlite:track.adform.net
   C:\Users\Melonkracker\AppData\Roaming\Mozilla\Firefox\Profiles\uuxnq12t.default\cookies.sqlite:tribalfusion.com
   C:\Users\Melonkracker\AppData\Roaming\Mozilla\Firefox\Profiles\uuxnq12t.default\cookies.sqlite:uk.sitestat.com
   C:\Users\Melonkracker\AppData\Roaming\Mozilla\Firefox\Profiles\uuxnq12t.default\cookies.sqlite:verizontelecom.112.2o7.net
   C:\Users\Melonkracker\AppData\Roaming\Mozilla\Firefox\Profiles\uuxnq12t.default\cookies.sqlite:weborama.fr
   C:\Users\Melonkracker\AppData\Roaming\Mozilla\Firefox\Profiles\uuxnq12t.default\cookies.sqlite:www.adultswim.com
   C:\Users\Melonkracker\AppData\Roaming\Mozilla\Firefox\Profiles\uuxnq12t.default\cookies.sqlite:www.burstnet.com
   C:\Users\Melonkracker\AppData\Roaming\Mozilla\Firefox\Profiles\uuxnq12t.default\cookies.sqlite:www.googleadservices.com
   C:\Users\Melonkracker\AppData\Roaming\Mozilla\Firefox\Profiles\uuxnq12t.default\cookies.sqlite:xiti.com
   C:\Users\Melonkracker\AppData\Roaming\Mozilla\Firefox\Profiles\uuxnq12t.default\cookies.sqlite:yadro.ru
   C:\Users\Melonkracker\AppData\Roaming\Mozilla\Firefox\Profiles\uuxnq12t.default\cookies.sqlite:yieldmanager.net
   C:\Users\Melonkracker\AppData\Roaming\Mozilla\Firefox\Profiles\uuxnq12t.default\cookies.sqlite:zedo.com
   C:\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Cookies:doubleclick.net
   C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Cookies\14M7XG7X.txt
   C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Cookies\1O8S9RY1.txt
   C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Cookies\3OQCVJRT.txt
   C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Cookies\4CMFHRNI.txt
   C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Cookies\520NXNRF.txt
   C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Cookies\71EAC4AJ.txt
   C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Cookies\AR1OIGPW.txt
   C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Cookies\E7ENSHJ1.txt
   C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Cookies\J54YG97D.txt
   C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Cookies\L31HK7K0.txt
   C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Cookies\MEU61PTQ.txt
   C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Cookies\NT1WC1AU.txt
   C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Cookies\O24SV8HR.txt
   C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Cookies\OUCPX6C3.txt
   C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Cookies\VF6U3ZVK.txt
   C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Cookies\W1B1FO4L.txt
   C:\Users\Owner\AppData\Roaming\Microsoft\Windows\Cookies\WX198MK9.txt
   C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\6w55vip2.default\cookies.sqlite:2o7.net
   C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\6w55vip2.default\cookies.sqlite:ad.mlnadvertising.com
   C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\6w55vip2.default\cookies.sqlite:ads.yahoo.com
   C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\6w55vip2.default\cookies.sqlite:atdmt.com
   C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\6w55vip2.default\cookies.sqlite:doubleclick.net
   C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\6w55vip2.default\cookies.sqlite:hearstmagazines.112.2o7.net
   C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\6w55vip2.default\cookies.sqlite:media6degrees.com
   C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\6w55vip2.default\cookies.sqlite:microsoftsto.112.2o7.net
   C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\6w55vip2.default\cookies.sqlite:pcworldcommunication.122.2o7.net
   C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\6w55vip2.default\cookies.sqlite:questionmarket.com
   C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\6w55vip2.default\cookies.sqlite:ru4.com
   C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\6w55vip2.default\cookies.sqlite:serving-sys.com
   C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\6w55vip2.default\cookies.sqlite:stats.paypal.com
   C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\6w55vip2.default\cookies.sqlite:statse.webtrendslive.com
   C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\6w55vip2.default\cookies.sqlite:timeinc.122.2o7.net
   C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\6w55vip2.default\cookies.sqlite:warnerbros.112.2o7.net
   C:\Users\Owner\AppData\Roaming\Mozilla\Firefox\Profiles\6w55vip2.default\cookies.sqlite:xiti.com
 

 

 

C:\$RECYCLE.BIN\S-1-5-21-688074385-1042068862-3521065105-1000\$RD6P6BP.dll    a variant of Win32/Packed.VMProtect.ABD trojan
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Conduit\Community Alerts\Alert.dll.vir    Win32/Toolbar.Conduit.Y potentially unwanted application
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Conduit\CT3287806\plugins\TBVerifier.dll.vir    Win32/Toolbar.Conduit.AC potentially unwanted application
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SweetIM\Communicator\mgcommon.dll.vir    a variant of Win32/SweetIM.L potentially unwanted application
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SweetIM\Communicator\mgcommunication.dll.vir    a variant of Win32/SweetIM.L potentially unwanted application
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SweetIM\Communicator\mgsimcommon.dll.vir    a variant of Win32/SweetIM.L potentially unwanted application
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SweetIM\Communicator\mgxml_wrapper.dll.vir    a variant of Win32/SweetIM.L potentially unwanted application
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SweetIM\Communicator\SweetPacksUpdateManager.exe.vir    a variant of Win32/SweetIM.F potentially unwanted application
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SweetIM\Communicator\resources\sqlite\mgSqlite3.dll.vir    Win32/SweetIM.K potentially unwanted application
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\ClearHist.exe.vir    a variant of Win32/SweetIM.L potentially unwanted application
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgcommon.dll.vir    a variant of Win32/SweetIM.L potentially unwanted application
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgconfig.dll.vir    a variant of Win32/SweetIM.L potentially unwanted application
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgHelper.dll.vir    a variant of Win32/SweetIM.L potentially unwanted application
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgHelperApp.exe.vir    a variant of Win32/SweetIM.L potentially unwanted application
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mghooking.dll.vir    a variant of Win32/SweetIM.L potentially unwanted application
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mglogger.dll.vir    a variant of Win32/SweetIM.L potentially unwanted application
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgsimcommon.dll.vir    a variant of Win32/SweetIM.L potentially unwanted application
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll.vir    a variant of Win32/SweetIM.L potentially unwanted application
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgToolbarProxy.dll.vir    a variant of Win32/SweetIM.L potentially unwanted application
C:\AdwCleaner\Quarantine\C\Program Files (x86)\SweetIM\Toolbars\Internet Explorer\mgxml_wrapper.dll.vir    a variant of Win32/SweetIM.L potentially unwanted application
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Vid-Saver\ButtonUtil.dll.vir    a variant of Win32/Toolbar.CrossRider.G potentially unwanted application
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Vid-Saver\Uninstall.exe.vir    Win32/Toolbar.CrossRider.B potentially unwanted application
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Vid-Saver\Vid-Saver-bg.exe.vir    a variant of Win32/Toolbar.CrossRider.E potentially unwanted application
C:\AdwCleaner\Quarantine\C\Program Files (x86)\Vid-Saver\Vid-Saver.exe.vir    a variant of Win32/Toolbar.CrossRider.E potentially unwanted application
C:\AdwCleaner\Quarantine\C\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\acohkacenjkkllhbfgfflibmenakobco\10.16.70.1_0\plugins\ConduitChromeApiPlugin.dll.vir    a variant of Win32/Toolbar.Conduit.AH potentially unwanted application
C:\AdwCleaner\Quarantine\C\Users\Owner\AppData\Local\Google\Chrome\User Data\Default\Extensions\acohkacenjkkllhbfgfflibmenakobco\10.16.70.1_0\plugins\TBVerifier.dll.vir    Win32/Toolbar.Conduit.AC potentially unwanted application
C:\FRST\Quarantine\C\Windows\system32\rpcss.dll.xBAD    Win64/Patched.I trojan
C:\OEM\Preload\Autorun\APP\Nero 10 Essentials Gateway Edition\ISSetupPrerequisites\{BF80A1C0-C3FF-4B1C-ABEF-22CD4F97A0AB}\Toolbar.exe    a variant of Win32/Bundled.Toolbar.Ask.A potentially unsafe application
C:\Program Files (x86)\Dogecoin\dogecoin-qt.exe    a variant of Win32/BitCoinMiner.BJ potentially unsafe application
C:\Qoobox\Quarantine\C\Users\Owner\AppData\Roaming\Microsoft\msdo.exe.vir    a variant of Win32/CoinMiner.CG trojan
C:\Users\Owner\AppData\Local\CRE\acohkacenjkkllhbfgfflibmenakobco.crx    a variant of Win32/Toolbar.Conduit.AH potentially unwanted application
C:\Users\Owner\Desktop\PDFCreator-1_7_0_setup.exe    Win32/InstallMonetizer.AQ potentially unwanted application
C:\Users\Owner\Desktop\Desktop Folders\Brothersoft_downloader_For_Statistics_Calculator.exe    a variant of Win32/BSDownloader potentially unwanted application
C:\Users\Owner\Downloads\cbsidlm-cbsi134-Easy_GIF_Animator-SEO-10202399.exe    a variant of Win32/CNETInstaller.B potentially unwanted application
C:\Users\Owner\Downloads\cbsidlm-tr1_11-Easy_GIF_Animator-SEO-10202399.exe    Win32/DownloadAdmin.G potentially unwanted application
C:\Users\Owner\Downloads\cbsidlm-tr1_8-AVI_to_MP4_Converter-SEO2-10912245.exe    Win32/DownloadAdmin.E potentially unwanted application
C:\Users\Owner\Downloads\dogecoin-1.5.2.0-win32-setup.exe    a variant of Win32/BitCoinMiner.BJ potentially unsafe application
C:\Users\Owner\Favorites\STUFFSIES\Backups\Mozilla Firefox Backup\4a71fmuz.default\extensions\{8bdea9d6-6f62-45eb-8ee9-8a81af0d2f94}\chrome\swag_bucks.jar    Win32/Toolbar.Conduit potentially unwanted application
C:\Users\Owner\Favorites\STUFFSIES\Backups\Mozilla Firefox Backup\4a71fmuz.default\extensions\{a44cf835-9485-401c-b076-57e3b79dcf0a}\chrome.manifest    Win32/TrojanDownloader.Tracur.F trojan
C:\Users\Owner\Favorites\STUFFSIES\Backups\Mozilla Firefox Backup\4a71fmuz.default\extensions\{dc4b2f54-b56e-4872-9401-f9f072b194d5}\chrome.manifest    Win32/TrojanDownloader.Tracur.F trojan
C:\Users\Owner\Favorites\STUFFSIES\Clean Up\ccsetup311.exe    Win32/Bundled.Toolbar.Google.E potentially unsafe application
C:\Users\Owner\Favorites\STUFFSIES\Clean Up\cnet2_speedtestv14_zip.exe    a variant of Win32/InstallCore.D potentially unwanted application
C:\Users\Owner\mining\guiminer-scrypt_win32_binaries_v0.04\cgminer\cgminer.exe    a variant of Win32/BitCoinMiner.BY potentially unsafe application
C:\Users\Owner\wow\Such coin\much profit\cudaminer-2014-02-18.zip    probably a variant of Win64/BitCoinMiner.U potentially unsafe application
C:\Users\Owner\wow\Such coin\much profit\cudaminer-2014-02-18\cudaminer-2014-02-18\x64\cudaminer.exe    probably a variant of Win64/BitCoinMiner.U potentially unsafe application
C:\Users\Owner\wow\Such coin\much profit\cudaminer-2014-02-18\cudaminer-2014-02-18\x86\cudaminer.exe    a variant of Win32/BitCoinMiner.BV potentially unsafe application
 


Edited by Neo160, 08 July 2014 - 12:34 PM.





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users