Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Odd browser behavior, mouse button functions changed


  • Please log in to reply
3 replies to this topic

#1 ModernYankee

ModernYankee

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:01:08 PM

Posted 08 July 2014 - 12:59 PM

Hello,

 

Today, as I was browsing around the internet, I found firefox starting to behave strangely. Each time I went to open a new tab, firefox opened a new window instead. My mouse scroll wheel also started to control the 'forward' and 'back' buttons in the browser(so, if I scrolled down, I would return to a previous page). The scrolling function on webpages also seemed to be disabled(the scroll bar on the side did nothing). I did not think much of this, thinking perhaps my settings in the browser had changed(perhaps after an update of some sort), however upon checking the settings, none had been modified.

 

I closed down firefox at this point, and decided to restart it, at which point I was given the option of resetting firefox, or starting it in safe mode. I chose first to start in safe mode, however the behavior I've described persisted anyway. Safe mode seemed to function fine otherwise(it reset my homepage to the default firefox page and so on) but the abnormal behavior with browser functions continued.

 

I then closed it down, again, after taking another look at the browser settings(they had not changed from before). I then tried 'resetting' as the prompt came up when I restarted firefox, and firefox went through the reset process, backing up the old data from the browser, importing some bookmarks and so on, and then resetting everything else. The reset completed, however firefox did not start after the reset process. Again, I was prompted to either 'reset' or 'start in safe mode' whenever I clicked the firefox icon.

 

At this point I thought I may have picked up a virus or piece of malware, or perhaps a malicous script or something lingering in the browser. I tried clearing data manually from firefox with CCleaner(a third party cookie and miscellaneous file clearing program), however this did not help the issue. I then went on to see if this was purely contained to firefox. Upon trying Internet explorer, the same exact behavior firefox exhibited began to come about in IE. I closed down internet explorer and went back to my desktop.

 

I then noticed that whenever I clicked an icon on my desktop, ten or more other icons would also highlight. This was rather strange, as the only key I was hitting was the left mouse button. Similarly, icons and folders would not deselect when I clicked on them. I decided at this point something was wrong, and began a quick threat scan on malware bytes antimalware. It came back negative, nothing suspicous found.

 

Even so, my mouse and browsers were now all acting strangely, so I decided to disconnect it from the internet and restart it in safe mode. I will note, that before starting in safe mode, my computer began to behave rather sluggishly, taking quite a long time to even open the start menu, or register that I had clicked restart.

 

Booting into safemode seemed to alleviate things, the computer was responsive again, and my browsers have exhibited none of the behavior I've described. My mouse is also not selecting multiple items on the desktop when I click on a single icon, nor is it having trouble deselecting items as it was earlier.

 

I then began a scan with Malwarebytes Antimalware, Microsoft Security Essentials, and Spybot:Search and Destroy, although then paused them to run Rkill.exe. After running Rkill(which found nothing running), I restarted each of the scans.

 

Currently Spybot has completed its scans and the other two are still going, with spybot only finding minor problems(little tracking cookies and so on) of no real threat(Spybot has since fixed the issues it found).

 

What do you suppose is happening, and how can I fix it?

 

Thanks for suffering through my wall of text.

 

I'm on Windows 7 Home Premium, Service Pack 1. I can post more specs, if you need them.


Edited by ModernYankee, 08 July 2014 - 01:01 PM.


BC AdBot (Login to Remove)

 


#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,428 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:02:08 PM

Posted 08 July 2014 - 02:10 PM

After those are done please do these.
 
Please download MiniToolBox, save it to your desktop and run it.
Checkmark the following checkboxes:
  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Users, Partitions and Memory size.
  • Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.
    Note: When using "Reset FF Proxy Settings" option Firefox should be closed.
     
    Download TDSSKiller and save it to your desktop.
  • Extract (unzip) its contents to your desktop.
  • Open the TDSSKiller folder and doubleclick on TDSSKiller.exe to run the application, then on Start Scan.
  • If an infected file is detected, the default action will be Cure, click on Continue.
  • If a suspicious file is detected, the default action will be Skip, click on Continue.
  • It may ask you to reboot the computer to complete the process. Click on Reboot Now.
  • If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
  • If a reboot is required, the report can also be found in your root directory (usually C:\ folder) in the form of TDSSKiller_xxxx_log.txt. Please copy and paste the contents of that file here.
  • .
    .
    .
    ADW Cleaner
    Please download AdwCleaner by Xplode and save to your Desktop.
  • Double-click on AdwCleaner.exe to run the tool.
    Vista/Windows 7/8 users right-click and select Run As Administrator.
  • Click on the Scan button.
  • AdwCleaner will begin...be patient as the scan may take some time to complete.
  • After the scan has finished, click on the Report button...a logfile (AdwCleaner[R0].txt) will open in Notepad for review.
  • After reviewing the log, click on the Clean button.
  • Press OK when asked to close all programs and follow the onscreen prompts.
  • Press OK again to allow AdwCleaner to restart the computer and complete the removal process.
  • After rebooting, a logfile report (AdwCleaner[S0].txt) will open automatically.
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of all logfiles are saved in the C:\AdwCleaner folder which was created when running the tool.
  • -- Note: The contents of the AdwCleaner log file may be confusing. Unless you see a program name that you recognize and know should not be removed, don't worry about it. If you see an entry you want to keep, return to AdwCleaner before cleaning...all detected items will be listed (and checked) in each tab. Click on each one and uncheck any items you want to keep (except you cannot uncheck Chrome and Firefox preferences lines).

    .
    thisisujrt.gif Please download Junkware Removal Tool to your desktop.
  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.
  • .
    .
    .
    .
  • Last run ESET.
  • Hold down Control and click on this link to open ESET OnlineScan in a new window.
  • Click the esetonlinebtn.png button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
  • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
  • Double click on the esetsmartinstaller_enu.png icon on your desktop.
  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under scan settings, check "Scan Archives" and "Remove found threats"
  • Click Advanced settings and select the following:
  • Scan potentially unwanted applications
  • Scan for potentially unsafe applications
  • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Click the Back button.
  • Click the Finish button.
  • NOTE:Sometimes if ESET finds no infections it will not create a log.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#3 ModernYankee

ModernYankee
  • Topic Starter

  • Members
  • 11 posts
  • OFFLINE
  •  
  • Local time:01:08 PM

Posted 10 July 2014 - 10:08 AM

Text already listed above, it was all a bit long to quote

Okay, all the scans have finished and the computer seems to be back to normal. Here's the results(nothing really to report, Microsoft Security Essentials found nothing, Malwarebytes found nothing, rkill found nothing--even after several of the restarts I had to do through the process, JRT found nothing as far as I know, Spybot didn't find anything extravagent, and AdwCleaner only found two files to clean out. I'm not sure about TDSSKiller, but that's what the logs are for. Oh, and it didn't seem like MiniToolbox found much. ESET found some things, twelve files that it subsequently cleaned, but as far as I know most of the files it listed have been ones I've had for a while, and they've never caused issues to the best of my knowledge.

Anyway, here are the logs:

 

Malwarebytes:

 

Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 7/8/2014
Scan Time: 12:16:44 PM
Logfile: Malwarebytes Scan Log.txt
Administrator: Yes

Version: 2.00.2.1012
Malware Database: v2014.07.08.06
Rootkit Database: v2014.07.07.01
License: Premium
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled

OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: Brighton

Scan Type: Custom Scan
Result: Completed
Objects Scanned: 2182977
Time Elapsed: 12 hr, 16 min, 25 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 0
(No malicious items detected)

Registry Values: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Folders: 0
(No malicious items detected)

Files: 0
(No malicious items detected)

Physical Sectors: 0
(No malicious items detected)


(end)

 

MiniToolBox:

 

MiniToolBox by Farbar  Version: 06-07-2014
Ran by Brighton (administrator) on 09-07-2014 at 08:27:38
Running from "C:\Users\Brighton\Desktop\Things to fix the comp\MiniToolBox"
Microsoft Windows 7 Home Premium  Service Pack 1 (X64)
Boot Mode: Network
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================

127.0.0.1    localhost
127.0.0.1    www.007guard.com
127.0.0.1    007guard.com
127.0.0.1    008i.com
127.0.0.1    www.008k.com
127.0.0.1    008k.com
127.0.0.1    www.00hq.com
127.0.0.1    00hq.com
127.0.0.1    010402.com
127.0.0.1    www.032439.com
127.0.0.1    032439.com
127.0.0.1    www.0scan.com
127.0.0.1    0scan.com
127.0.0.1    1000gratisproben.com
127.0.0.1    www.1000gratisproben.com
127.0.0.1    1001namen.com
127.0.0.1    www.1001namen.com
127.0.0.1    100888290cs.com
127.0.0.1    www.100888290cs.com

There are 15473 more lines starting with "127.0.0.1"

========================= IP Configuration: ================================

Realtek PCIe GBE Family Controller = Local Area Connection (Connected)
Hamachi Network Interface = Hamachi (Connected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled
add route prefix=0.0.0.0/0 interface="Hamachi" nexthop=25.0.0.1 publish=Yes
set interface interface="Hamachi" forwarding=disabled advertise=disabled metric=9000 siteprefixlength=0 nud=disabled routerdiscovery=disabled managedaddress=disabled otherstateful=disabled weakhostsend=disabled weakhostreceive=disabled ignoredefaultroutes=disabled advertisedrouterlifetime=0 advertisedefaultroute=disabled currenthoplimit=0 forcearpndwolpattern=disabled enabledirectedmacwolpattern=disabled


popd
# End of IPv4 configuration



Windows IP Configuration

   Host Name . . . . . . . . . . . . : INFINITY_2_1
   Primary Dns Suffix  . . . . . . . :
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No
   DNS Suffix Search List. . . . . . : mshome.net

Ethernet adapter Local Area Connection:

   Connection-specific DNS Suffix  . : westell.com
   Description . . . . . . . . . . . : Realtek PCIe GBE Family Controller
   Physical Address. . . . . . . . . : 94-DE-80-2D-82-C0
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::255b:d7d9:18e5:acd%11(Preferred)
   IPv4 Address. . . . . . . . . . . : 192.168.1.18(Preferred)
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : Wednesday, July 09, 2014 8:23:03 AM
   Lease Expires . . . . . . . . . . : Thursday, July 10, 2014 8:23:03 AM
   Default Gateway . . . . . . . . . : 192.168.1.1
   DHCP Server . . . . . . . . . . . : 192.168.1.1
   DHCPv6 IAID . . . . . . . . . . . : 244637312
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-1A-91-75-42-94-DE-80-2D-82-C0
   DNS Servers . . . . . . . . . . . : fe80::15da:422:90f2:378e%11
                                       192.168.1.1
   NetBIOS over Tcpip. . . . . . . . : Enabled
   Connection-specific DNS Suffix Search List :
                                       mshome.net

Ethernet adapter Hamachi:

   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Hamachi Network Interface
   Physical Address. . . . . . . . . : 7A-79-19-C4-02-81
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   IPv6 Address. . . . . . . . . . . : 2620:9b::19c4:281(Preferred)
   Link-local IPv6 Address . . . . . : fe80::a1ae:4f18:9fcd:93e2%15(Preferred)
   IPv4 Address. . . . . . . . . . . : 25.196.2.129(Preferred)
   Subnet Mask . . . . . . . . . . . : 255.0.0.0
   Lease Obtained. . . . . . . . . . : Wednesday, July 09, 2014 8:22:59 AM
   Lease Expires . . . . . . . . . . : Thursday, July 09, 2015 8:25:06 AM
   Default Gateway . . . . . . . . . : 2620:9b::1900:1
                                       25.0.0.1
   DHCP Server . . . . . . . . . . . : 25.0.0.1
   DHCPv6 IAID . . . . . . . . . . . : 343570931
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-1A-91-75-42-94-DE-80-2D-82-C0
   DNS Servers . . . . . . . . . . . : fec0:0:0:ffff::1%1
                                       fec0:0:0:ffff::2%1
                                       fec0:0:0:ffff::3%1
   NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter isatap.{F7422126-50DC-4C9A-A6F3-F7C7923C1934}:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.westell.com:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 9:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
DNS request timed out.
    timeout was 2 seconds.
Server:  UnKnown
Address:  fe80::15da:422:90f2:378e

DNS request timed out.
    timeout was 2 seconds.
DNS request timed out.
    timeout was 2 seconds.
DNS request timed out.
    timeout was 2 seconds.
DNS request timed out.
    timeout was 2 seconds.

Pinging google.com [74.125.226.5] with 32 bytes of data:
Reply from 74.125.226.5: bytes=32 time=19ms TTL=57
Reply from 74.125.226.5: bytes=32 time=19ms TTL=57

Ping statistics for 74.125.226.5:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 19ms, Maximum = 19ms, Average = 19ms
DNS request timed out.
    timeout was 2 seconds.
Server:  UnKnown
Address:  fe80::15da:422:90f2:378e

DNS request timed out.
    timeout was 2 seconds.
DNS request timed out.
    timeout was 2 seconds.
DNS request timed out.
    timeout was 2 seconds.
DNS request timed out.
    timeout was 2 seconds.

Pinging yahoo.com [98.139.183.24] with 32 bytes of data:
Reply from 98.139.183.24: bytes=32 time=33ms TTL=53
Reply from 98.139.183.24: bytes=32 time=32ms TTL=53

Ping statistics for 98.139.183.24:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 32ms, Maximum = 33ms, Average = 32ms

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
 11...94 de 80 2d 82 c0 ......Realtek PCIe GBE Family Controller
 15...7a 79 19 c4 02 81 ......Hamachi Network Interface
  1...........................Software Loopback Interface 1
 14...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
 16...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2
 17...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0         25.0.0.1     25.196.2.129   9256
          0.0.0.0          0.0.0.0      192.168.1.1     192.168.1.18     20
         25.0.0.0        255.0.0.0         On-link      25.196.2.129   9256
     25.196.2.129  255.255.255.255         On-link      25.196.2.129   9256
   25.255.255.255  255.255.255.255         On-link      25.196.2.129   9256
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
      192.168.1.0    255.255.255.0         On-link      192.168.1.18    276
     192.168.1.18  255.255.255.255         On-link      192.168.1.18    276
    192.168.1.255  255.255.255.255         On-link      192.168.1.18    276
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link      192.168.1.18    276
        224.0.0.0        240.0.0.0         On-link      25.196.2.129   9256
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
  255.255.255.255  255.255.255.255         On-link      192.168.1.18    276
  255.255.255.255  255.255.255.255         On-link      25.196.2.129   9256
===========================================================================
Persistent Routes:
  Network Address          Netmask  Gateway Address  Metric
          0.0.0.0          0.0.0.0         25.0.0.1  Default
===========================================================================

IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
 15   9020 ::/0                     2620:9b::1900:1
  1    306 ::1/128                  On-link
 15    276 2620:9b::/96             On-link
 15    276 2620:9b::19c4:281/128    On-link
 11    276 fe80::/64                On-link
 15    276 fe80::/64                On-link
 11    276 fe80::255b:d7d9:18e5:acd/128
                                    On-link
 15    276 fe80::a1ae:4f18:9fcd:93e2/128
                                    On-link
  1    306 ff00::/8                 On-link
 11    276 ff00::/8                 On-link
 15    276 ff00::/8                 On-link
===========================================================================
Persistent Routes:
 If Metric Network Destination      Gateway
  0 4294967295 2620:9b::/96             On-link
  0   9000 ::/0                     2620:9b::1900:1
===========================================================================
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 07 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145648] (Microsoft Corp.)
Catalog5 09 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145648] (Microsoft Corp.)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [132968] (Apple Inc.)
x64-Catalog5 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171760] (Microsoft Corp.)
x64-Catalog5 09 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [171760] (Microsoft Corp.)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (07/09/2014 08:24:29 AM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/08/2014 00:00:25 PM) (Source: WinMgmt) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/08/2014 10:01:38 AM) (Source: MsiInstaller) (User: INFINITY_2_1)
Description: Product: Akamai NetSession Interface -- Error 1310. Error writing to file: C:\Users\Brighton\AppData\Local\Akamai\admintool.exe.  System error 0.  Verify that you have access to that directory.

Error: (07/08/2014 10:01:13 AM) (Source: MsiInstaller) (User: INFINITY_2_1)
Description: Product: Akamai NetSession Interface -- Error 1310. Error writing to file: C:\Users\Brighton\AppData\Local\Akamai\admintool.exe.  System error 0.  Verify that you have access to that directory.

Error: (07/07/2014 07:51:01 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 12995

Error: (07/07/2014 07:51:01 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 12995

Error: (07/07/2014 07:51:01 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (07/07/2014 07:51:00 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 11997

Error: (07/07/2014 07:51:00 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 11997

Error: (07/07/2014 07:51:00 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second


System errors:
=============
Error: (07/09/2014 08:25:08 AM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (07/09/2014 08:25:08 AM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (07/09/2014 08:25:08 AM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (07/09/2014 08:25:06 AM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (07/09/2014 08:25:06 AM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (07/09/2014 08:25:06 AM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (07/09/2014 08:25:06 AM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (07/09/2014 08:25:06 AM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (07/09/2014 08:25:06 AM) (Source: Service Control Manager) (User: )
Description: The Computer Browser service depends on the Server service which failed to start because of the following error:
%%1068

Error: (07/09/2014 08:25:04 AM) (Source: Service Control Manager) (User: )
Description: The PnP-X IP Bus Enumerator service depends on the Function Discovery Provider Host service which failed to start because of the following error:
%%1068


Microsoft Office Sessions:
=========================
Error: (07/09/2014 08:24:29 AM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/08/2014 00:00:25 PM) (Source: WinMgmt)(User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (07/08/2014 10:01:38 AM) (Source: MsiInstaller)(User: INFINITY_2_1)
Description: Product: Akamai NetSession Interface -- Error 1310. Error writing to file: C:\Users\Brighton\AppData\Local\Akamai\admintool.exe.  System error 0.  Verify that you have access to that directory.(NULL)(NULL)(NULL)(NULL)(NULL)

Error: (07/08/2014 10:01:13 AM) (Source: MsiInstaller)(User: INFINITY_2_1)
Description: Product: Akamai NetSession Interface -- Error 1310. Error writing to file: C:\Users\Brighton\AppData\Local\Akamai\admintool.exe.  System error 0.  Verify that you have access to that directory.(NULL)(NULL)(NULL)(NULL)(NULL)

Error: (07/07/2014 07:51:01 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 12995

Error: (07/07/2014 07:51:01 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 12995

Error: (07/07/2014 07:51:01 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (07/07/2014 07:51:00 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 11997

Error: (07/07/2014 07:51:00 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: m->NextScheduledEvent 11997

Error: (07/07/2014 07:51:00 PM) (Source: Bonjour Service)(User: )
Description: Task Scheduling Error: Continuously busy for more than a second


CodeIntegrity Errors:
===================================
  Date: 2014-01-11 00:42:30.093
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2014-01-11 00:42:30.062
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.



=========================== Installed Programs ============================
Adobe Flash Player 13 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 13.0.0.214 - Adobe Systems Incorporated)
Adobe Flash Player 14 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 14.0.0.125 - Adobe Systems Incorporated)
Adobe Photoshop CS6 (HKLM-x32\...\{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}) (Version: 13.0 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.07) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.07 - Adobe Systems Incorporated)
Age of Conan: Unchained - US version (HKLM-x32\...\Steam App 218170) (Version:  - Funcom)
Akamai NetSession Interface (HKCU\...\Akamai) (Version:  - Akamai Technologies, Inc)
alien_crossfire (HKLM\...\{fa451eea-8a73-486b-9ea0-9628c2c2c3ad}.sdb) (Version:  - )
alpha_centauri (HKLM\...\{fe81cd48-2ed2-4e7d-886c-b65767350095}.sdb) (Version:  - )
AMD Accelerated Video Transcoding (Version: 13.30.100.40417 - Advanced Micro Devices, Inc.) Hidden
AMD Catalyst Control Center (x32 Version: 2014.0417.2226.38446 - Advanced Micro Devices, Inc.) Hidden
AMD Catalyst Install Manager (HKLM\...\{6119B3A6-3603-9695-0398-CDF2AF0A13F8}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
AMD Drag and Drop Transcoding (Version: 2.00.0000 - Advanced Micro Devices, Inc.) Hidden
AMD Fuel (Version: 2014.0417.2226.38446 - Advanced Micro Devices, Inc.) Hidden
AMD Media Foundation Decoders (Version: 1.0.81206.1620 - Advanced Micro Devices, Inc.) Hidden
AMD Steady Video Plug-In  (Version: 2.07.0000 - AMD) Hidden
AMD Wireless Display v3.0 (Version: 1.0.0.14 - Advanced Micro Devices, Inc.) Hidden
AMD Wireless Display v3.0 (Version: 1.0.0.15 - Advanced Micro Devices, Inc.) Hidden
Another World 20th Anniversary Edition (HKLM-x32\...\GOGPACKANOTHERWORLD20_is1) (Version: 2.0.0.6 - GOG.com)
Any Audio Converter 4.0.2 (HKLM-x32\...\Any Audio Converter_is1) (Version:  - Any-Audio-Converter.com)
Any Video Converter 5.0.9 (HKLM-x32\...\Any Video Converter_is1) (Version:  - Any-Video-Converter.com)
Apple Application Support (HKLM-x32\...\{D9DAD0FF-495A-472B-9F10-BAE430A26682}) (Version: 3.0.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{787136D2-F0F8-4625-AA3F-72D7795AC842}) (Version: 7.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ArcaniA – Gothic 4 (HKLM-x32\...\Steam App 39690) (Version:  - Spellbound Studios)
Audacity 2.0.3 (HKLM-x32\...\Audacity_is1) (Version: 2.0.3 - Audacity Team)
Autodesk Design Review 2013 (HKLM-x32\...\Autodesk Design Review 2013) (Version: 13.0.0.82 - Autodesk, Inc.)
Autodesk Design Review 2013 (x32 Version: 13.0.0.82 - Autodesk, Inc.) Hidden
Autodesk Download Manager (HKLM-x32\...\{2F48C80C-3A76-495A-A4B5-C0CC946FEEBD}) (Version: 2.0.6.0 - Autodesk, Inc.)
Autodesk DWG TrueView 2014 (HKLM\...\DWG TrueView 2014) (Version: 19.1.18.0 - Autodesk)
Autodesk Inventor Content Center Libraries 2014 (Desktop Content) (HKLM\...\{B46DECD1-1864-4EF1-0000-22D71E81877C}) (Version: 18.0.17000.0000 - Autodesk)
Autodesk Inventor Professional 2014 - English (HKLM\...\Autodesk Inventor Professional 2014) (Version: 18.0.17000.0000 - Autodesk)
Autodesk Inventor Professional 2014 (Version: 18.0.17000.0000 - Autodesk) Hidden
Autodesk Inventor Professional 2014 English Language Pack (Version: 18.0.17000.0000 - Autodesk) Hidden
Autodesk Material Library 2014 (HKLM-x32\...\{644F9B19-A462-499C-BF4D-300ABC2A28B1}) (Version: 4.0.19.0 - Autodesk)
Autodesk Material Library Base Resolution Image Library 2014 (HKLM-x32\...\{51BF3210-B825-4092-8E0D-66D689916E02}) (Version: 4.0.19.0 - Autodesk)
Autodesk Material Library Low Resolution Image Library 2014 (HKLM-x32\...\{5C29CC1F-218F-4C30-948A-11066CAC59FB}) (Version: 4.0.19.0 - Autodesk)
Autodesk ReCap (HKLM\...\Autodesk ReCap) (Version: 1.0.43.27 - Autodesk)
Autodesk ReCap (Version: 1.0.43.27 - Autodesk) Hidden
Autodesk ReCap Language Pack-English (Version: 1.0.43.27 - Autodesk) Hidden
Autodesk Revit Interoperability for Inventor 2014 (HKLM\...\Autodesk Revit Interoperability for Inventor 2014) (Version: 13.02.15161 - Autodesk)
Autodesk Revit Interoperability for Inventor 2014 (Version: 13.02.15161 - Autodesk) Hidden
Autodesk Vault Basic 2014 (Client) (HKLM\...\Autodesk Vault Basic 2014 (Client)) (Version: 18.0.86.0 - Autodesk)
Autodesk Vault Basic 2014 (Client) (Version: 18.0.86.0 - Autodesk) Hidden
Autodesk Vault Basic 2014 (Client) English Language Pack (Version: 18.0.86.0 - Autodesk) Hidden
b17 (HKLM\...\{a72284ca-4c4a-4905-b08e-b1a1bb839ee5}.sdb) (Version:  - )
B-17: Flying Fortress – The Mighty Eighth (HKLM-x32\...\B-17: Flying Fortress – The Mighty Eighth_is1) (Version:  - GOG.com)
Bandicam (HKLM-x32\...\Bandicam) (Version: 1.9.0.396 - Bandisoft.com)
Bandisoft MPEG-1 Decoder (HKLM-x32\...\BandiMPEG1) (Version:  - Bandisoft.com)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.3.2 - EA Digital Illusions CE AB)
Blades of Time (HKLM-x32\...\Steam App 208670) (Version:  - Gaijin Entertainment Corporation)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
calibre (HKLM-x32\...\{B704D3AE-4443-40BA-B8B3-F0762ED4E8BC}) (Version: 0.9.42 - Kovid Goyal)
Call of Cthulhu: Dark Corners of the Earth (HKLM-x32\...\Steam App 22340) (Version:  - Headfirst Productions)
Call of Duty (HKLM-x32\...\Steam App 2620) (Version:  - Infinity Ward)
Call of Duty: United Offensive (HKLM-x32\...\Steam App 2640) (Version:  - Gray Matter Studios)
Cannon Fodder (HKLM-x32\...\GOGPACKCANNONFODDER_is1) (Version: 2.0.0.3 - GOG.com)
Capitalism 2 (HKLM-x32\...\GOGPACKCAPITALISM2_is1) (Version: 2.1.0.6 - GOG.com)
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2014.0417.2226.38446 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2014.0417.2226.38446 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2014.0417.2226.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Standard (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Traditional (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Czech (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Danish (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Dutch (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help English (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Finnish (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help French (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help German (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Greek (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Hungarian (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Italian (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Japanese (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Korean (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Norwegian (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Polish (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Portuguese (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Russian (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Spanish (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Swedish (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Thai (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Turkish (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
ccc-utility64 (Version: 2014.0417.2226.38446 - Advanced Micro Devices, Inc.) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 4.09 - Piriform)
Compatibility Pack for the 2007 Office system (HKLM-x32\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
CPUID HWMonitor 1.25 (HKLM\...\CPUID HWMonitor_is1) (Version:  - )
Crusader No Regret (HKLM-x32\...\GOGPACKCRUSADERNOREGRET_is1) (Version: 2.0.0.8 - GOG.com)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Daggerfall (HKLM-x32\...\{75118CF3-44B5-411A-B3DD-C10432217693}) (Version: 1.00.0000 - Bethesda Softworks)
Dead Space 2 (HKLM-x32\...\Steam App 47780) (Version:  - Visceral Games)
DEFCON (HKLM-x32\...\Steam App 1520) (Version:  - Introversion Software)
DJ OldGames Package: MechWarrior (HKLM-x32\...\MechWarrior89) (Version: 1.0.3.0 - DJ)
DJ OldGames Package: Space Hulk (CD) (HKLM-x32\...\SpaceHulk(CD)97) (Version: 1.0.3.0 - DJ)
DOOM 3 (HKLM-x32\...\Steam App 9050) (Version:  - id Software)
DWG TrueView 2014 (Version: 19.1.18.0 - Autodesk) Hidden
Eco Materials Adviser for Autodesk Inventor 2014 (64-bit) (HKLM\...\{530B8614-C5DE-475B-AF6F-71BED461552C}) (Version: 4.4.1.0 - Granta Design Limited)
Eldritch (HKLM-x32\...\Steam App 252630) (Version:  - Minor Key Games)
Empire: Total War (HKLM-x32\...\Steam App 10500) (Version:  - The Creative Assembly)
EPSON Printer Software (HKLM\...\EPSON Printer and Utilities) (Version:  - )
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version:  - )
eReg (x32 Version: 1.20.138.34 - Logitech, Inc.) Hidden
ESN Sonar (HKLM-x32\...\ESN Sonar-0.70.4) (Version: 0.70.4 - ESN Social Software AB)
Etron USB3.0 Host Controller (HKLM-x32\...\InstallShield_{DFBB738C-71D8-4DC5-B8D2-D65C37680E27}) (Version: 0.115 - Etron Technology)
Etron USB3.0 Host Controller (x32 Version: 0.115 - Etron Technology) Hidden
EVE Online (HKLM-x32\...\Steam App 8500) (Version:  - CCP)
Evochron Mercenary (HKLM-x32\...\Steam App 71000) (Version:  - StarWraith 3D Games LLC)
Fallout 3 (HKCU\...\{974C4B12-4D02-4879-85E0-61C95CC63E9E}) (Version: 1.00.0000 - Bethesda Softworks)
Fallout Mod Manager 0.13.21 (HKLM-x32\...\Generic Mod Manager_is1) (Version:  - Q, Timeslip)
Far Cry 3 (HKLM-x32\...\{E3B9C5A9-BD7A-4B56-B754-FAEA7DD6FA88}) (Version: 1.05 - Ubisoft)
Far Cry 3 Blood Dragon (HKLM-x32\...\{A071F478-73E0-4143-AE55-4DD6BABD74F5}) (Version: 1.02 - Ubisoft)
FARO LS 1.1.501.0 (64bit) (HKLM-x32\...\{8A470330-70B2-49AD-86AF-79885EF9898A}) (Version: 5.1.0.30630 - FARO Scanner Production)
GameMaker-Studio 1.3 (HKCU\...\GameMaker-Studio13) (Version:  - YoYo Games Ltd.)
GameSpy Comrade (HKLM-x32\...\{5F4C776F-8CBD-4C4F-892F-B568ABDD70C8}) (Version: 1.5.0.156 - GameSpy)
Garry's Mod (HKLM-x32\...\Steam App 4000) (Version:  - Garry)
GOG.com Downloader version 3.6.0 (HKLM-x32\...\{456A5815-604D-4D72-94DF-346D2B978A59}_is1) (Version: 3.6.0 - GOG.com)
GOG.com Total Annihilation (HKLM\...\{dcc95d97-ee91-44e0-b7ad-28da4a49d273}.sdb) (Version:  - )
GT Legends (HKLM-x32\...\Steam App 44690) (Version:  - SimBin Studios AB)
Half-Life (HKLM-x32\...\Steam App 70) (Version:  - Valve)
Half-Life: Blue Shift (HKLM-x32\...\Steam App 130) (Version:  - Gearbox Software)
Half-Life: Opposing Force (HKLM-x32\...\Steam App 50) (Version:  - Gearbox Software)
Hawken (HKCU\...\Hawken) (Version:  - Meteor Entertainment)
Heaven Benchmark version 4.0 (HKLM-x32\...\Unigine Heaven Benchmark (Basic Edition)_is1) (Version: 4.0 - Unigine Corp.)
HP Officejet 4620 series Basic Device Software (HKLM\...\{B411AD10-1BC9-4939-8848-BC5E66F662B7}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Officejet 4620 series Help (HKLM-x32\...\{606C37AB-EB04-4270-A592-201A03C2DB36}) (Version: 6.0.0 - Hewlett Packard)
I Have No Mouth, and I Must Scream (HKLM-x32\...\GOGPACKIHAVENOMOUTH_is1) (Version: 2.0.0.7 - GOG.com)
I.R.I.S. OCR (HKLM-x32\...\{CA6BCA2F-EDEB-408F-850B-31404BE16A61}) (Version: 12.3.4.0 - HP)
ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.8.0 - LIGHTNING UK!)
Impulse (HKLM-x32\...\Impulse) (Version: 1.0 - Stardock)
Impulse (x32 Version: 1.0 - Stardock Corporation) Hidden
Iron Europe (HKLM-x32\...\{7735559E-F41A-480F-A5FC-174F8B9EB58E}_is1) (Version: 1.0.0 - Iron Europe Development Team)
Iron Europe (HKLM-x32\...\{957609F3-9CF1-4726-8F8F-1C1AAC063917}_is1) (Version: 1.1.0 - Iron Europe Development Team)
Iron Grip: Marauders (HKLM-x32\...\Steam App 31740) (Version:  - ISOTX)
Iron Storm (HKLM-x32\...\Iron Storm_is1) (Version:  - GOG.com)
IsoBuster 1.5 (HKLM-x32\...\IsoBuster_is1) (Version: 1.5 - Smart Projects)
iTunes (HKLM\...\{5A68A656-979F-4168-8795-E2E368AA4DC2}) (Version: 11.2.2.3 - Apple Inc.)
Java 7 Update 55 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217040FF}) (Version: 7.0.550 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Junk Mail filter update (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Kairo (HKLM-x32\...\Steam App 233230) (Version:  - Richard Perrin)
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version:  - )
Left 4 Dead 2 (HKLM-x32\...\Steam App 550) (Version:  - Valve)
LEGO Digital Designer (HKLM-x32\...\New LEGO Digital Designer) (Version:  - LEGO A/S)
Light Replacement Mod (LRM) v4.0 Mega Pack (HKLM-x32\...\Light Replacement Mod (LRM) v4.0 Mega Pack) (Version:  - MRTNRLN)
Logitech Gaming Software (Version: 8.45.88 - Logitech Inc.) Hidden
Logitech Gaming Software 8.53 (HKLM\...\Logitech Gaming Software) (Version: 8.53.154 - Logitech Inc.)
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.214 - LogMeIn, Inc.)
LogMeIn Hamachi (x32 Version: 2.2.0.214 - LogMeIn, Inc.) Hidden
Lost Planet: Extreme Condition (HKLM-x32\...\Steam App 6510) (Version:  - CAPCOM Co., Ltd.)
Magic 2014  (HKLM-x32\...\Steam App 213850) (Version:  - Stainless Games)
Malwarebytes Anti-Malware version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Master of Orion 1 and 2 (HKLM-x32\...\GOGPACKMASTEROFORION12_is1) (Version: 2.0.0.16 - GOG.com)
Max Payne 3 (HKLM-x32\...\Steam App 204100) (Version:  - Rockstar Studios)
MechWarrior Online (HKLM-x32\...\{ffbbd184-8eba-469f-bb26-ea4e1f6bfd4c}) (Version: 1.4.1.0 - Piranha Games Inc.)
MechWarrior Online (x32 Version: 1.4.1.0 - Piranha Games Inc.) Hidden
Medal of Honor - Allied Assault War Chest (HKLM-x32\...\GOGPACKMEDALOFHONORPACK_is1) (Version: 2.0.0.21 - GOG.com)
Metro: Last Light (HKLM-x32\...\Steam App 43160) (Version:  - 4A Games)
Microsoft .NET Framework 1.1 (HKLM-x32\...\{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}) (Version: 1.1.4322 - Microsoft)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Age of Empires II (HKLM-x32\...\Age of Empires 2.0) (Version:  - )
Microsoft Age of Empires II: The Conquerors Expansion (HKLM-x32\...\Age of Empires II: The Conquerors Expansion 1.0) (Version:  - )
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Chart Controls for Microsoft .NET Framework 3.5 (KB2500170) (HKLM-x32\...\{41785C66-90F2-40CE-8CB5-1C94BFC97280}) (Version: 3.5.30730.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}) (Version: 3.5.92.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)
Microsoft Halo (HKLM-x32\...\Halo) (Version:  - Microsoft)
Microsoft Office 365 - en-us (HKLM\...\O365HomePremRetail - en-us) (Version: 15.0.4623.1003 - Microsoft Corporation)
Microsoft Security Client (Version: 4.5.0216.0 - Microsoft Corporation) Hidden
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.5.216.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft SkyDrive (HKCU\...\SkyDriveSetup.exe) (Version: 17.0.2003.1112 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual Basic for Applications 7.1 (x64) (Version: 7.1.00.00 - Microsoft Corporation) Hidden
Microsoft Visual Basic for Applications 7.1 (x64) English (Version: 7.1.0.0 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (HKLM\...\{14297226-E0A0-3781-8911-E9D529552663}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 x64 ATL Runtime 9.0.30729 (x32 Version: 9.0.30729 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2008 x64 CRT Runtime 9.0.30729 (x32 Version: 9.0.30729 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2008 x64 MFC Runtime 9.0.30729 (x32 Version: 9.0.30729 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2008 x64 OpenMP Runtime 9.0.30729 (x32 Version: 9.0.30729 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2008 x86 ATL Runtime 9.0.30729 (x32 Version: 9.0.30729 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2008 x86 CRT Runtime 9.0.30729 (x32 Version: 9.0.30729 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2008 x86 MFC Runtime 9.0.30729 (x32 Version: 9.0.30729 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2008 x86 OpenMP Runtime 9.0.30729 (x32 Version: 9.0.30729 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.50727 (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.50727 (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Works 6-9 Converter (HKLM-x32\...\{95140000-0137-0409-0000-0000000FF1CE}) (Version: 14.0.6120.5002 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Microsoft_VC80_CRT_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC90_CRT_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Miner Wars 2081 (HKLM-x32\...\Steam App 223430) (Version:  - Keen Software House)
Morrowind (HKLM-x32\...\{C325F588-D6B1-4A7F-B6A2-914C75DDA348}) (Version:  - )
Motorola Mobile Drivers Installation 6.3.0 (HKLM\...\{759E6A2F-1F01-45EF-A0C4-22F1B56CB975}) (Version: 6.3.0 - Motorola Mobility LLC)
Mount&Blade (HKLM-x32\...\Mount&Blade) (Version:  - )
Movie Maker (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Mozilla Firefox 30.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 30.0 (x86 en-US)) (Version: 30.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden
MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP2 Parser and SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
My Game Long Name (HKLM\...\UDK-c4c6ec78-4a02-4e96-928e-60ad6ca0505f) (Version:  - Epic Games, Inc.)
Natural Mod (HKLM-x32\...\Natural Mod) (Version: 2.0.2 - pydon)
Naval Warfare (HKLM-x32\...\Steam App 98500) (Version:  - Game Distillery s.r.o.)
Nexus Mod Manager (HKLM\...\6af12c54-643b-4752-87d0-8335503010de_is1) (Version: 0.50.3 - Black Tree Gaming)
Nidhogg (HKLM-x32\...\Steam App 94400) (Version:  - Messhof)
NOOK for PC (HKLM-x32\...\BN_DesktopReader) (Version: 2.5.6.9575 - Barnesandnoble.com)
Nuclear Dawn (HKLM-x32\...\Steam App 17710) (Version:  - InterWave Studios)
NVIDIA PhysX (HKLM-x32\...\{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}) (Version: 9.12.1031 - NVIDIA Corporation)
Oblivion (HKLM-x32\...\{35CB6715-41F8-4F99-8881-6FC75BF054B0}) (Version: 1.00.0000 - Bethesda Softworks)
Oblivion mod manager 1.1.12 (HKLM-x32\...\Oblivion mod manager_is1) (Version:  - Timeslip)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4623.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4623.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4623.1003 - Microsoft Corporation) Hidden
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
Origin (HKLM-x32\...\Origin) (Version: 9.3.10.4710 - Electronic Arts, Inc.)
Outlast (HKLM-x32\...\Steam App 238320) (Version:  - Red Barrels)
Painkiller Hell & Damnation (HKLM-x32\...\Steam App 214870) (Version:  - The Farm 51)
paint.net (HKLM\...\{3F5F509B-E226-417C-8CD1-CAAE756C328A}) (Version: 4.0.0 - dotPDN LLC)
Papers, Please (HKLM-x32\...\GOGPACKPAPERSPLEASE_is1) (Version: 2.0.0.4 - GOG.com)
PDF Settings CS6 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
Photo Gallery (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Platform (x32 Version: 1.39 - VIA Technologies, Inc.) Hidden
Proteus (HKLM-x32\...\Steam App 219680) (Version:  - Ed Key and David Kanaga)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.)
QuickTime 7 (HKLM-x32\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)
Race The Sun (HKLM-x32\...\GOGPACKRACETHESUN_is1) (Version: 2.0.0.5 - GOG.com)
Raptr (HKLM-x32\...\Raptr) (Version:  - )
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.48.823.2011 - Realtek)
Risk of Rain (HKLM-x32\...\Steam App 248820) (Version:  - )
Rocksmith 2014 (HKLM-x32\...\Steam App 221680) (Version:  - Ubisoft - San Francisco)
Romae Bellum 3.0 (HKLM-x32\...\Romae Bellum) (Version: 3.0 - )
S.T.A.L.K.E.R. - Call of Pripyat [v1.6.02] (HKLM-x32\...\{406FB8A4-F539-48A9-809C-F94706F9C9F6}_is1) (Version: 1.6.02 - bitComposer Games)
Section 8 (HKLM-x32\...\InstallShield_{E7D59759-9859-4D74-888A-5CC3D888FB6C}) (Version: 1.00.0000 - TimeGate Studios)
Section 8 (x32 Version: 1.00.0000 - TimeGate Studios) Hidden
Shadowrun Returns (HKLM-x32\...\Steam App 234650) (Version:  - Harebrained Schemes)
Sid Meier's Alpha Centauri (HKLM-x32\...\GOGPACKSIDMEIERSALPHACENTAURI_is1) (Version: 2.0.2.23 - GOG.com)
Sid Meier's Alpha Centauri (HKLM-x32\...\Sid Meier's Alpha Centauri_is1) (Version:  - GOG.com)
Sid Meier's Civilization V (HKLM-x32\...\Steam App 8930) (Version:  - 2K Games, Inc.)
Sins of a Solar Empire - Trinity (HKCU\...\Sins of a Solar Empire - Trinity) (Version:  - Stardock Entertainment, Inc.)
Sins of a Solar Empire - Trinity (x32 Version: 1.00 - Stardock Entertainment, Inc.) Hidden
Sir, You Are Being Hunted (HKLM-x32\...\Steam App 242880) (Version:  - )
Skype™ 6.16 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.16.105 - Skype Technologies S.A.)
Smoking Skies (HKLM-x32\...\Smoking_0) (Version:  - The Game Assembly)
Söldner Secret Wars - Community Edition version 33960 (HKLM-x32\...\{F3AF62F5-665E-4B3E-8899-5C46D1793391}_is1) (Version: 33960 - soldnersecretwars.de)
Space Engineers (HKLM-x32\...\Steam App 244850) (Version:  - )
Space Hulk (HKLM-x32\...\Steam App 242570) (Version:  - Full Control Studios)
SpellForce 2 - Faith in Destiny (HKLM-x32\...\Steam App 65530) (Version:  - Mind Over Matter Studios)
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.1.21 - Safer-Networking Ltd.)
Star Swarm Stress Test (HKLM-x32\...\Steam App 267130) (Version:  - Oxide Games)
StarCraft (HKLM-x32\...\StarCraft) (Version:  - Blizzard Entertainment)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
Strike Commander CD-ROM Edition (HKLM-x32\...\GOGPACKSTRIKECOMMANDER_is1) (Version: 2.0.0.5 - GOG.com)
Super Amazing Wagon Adventure (HKLM-x32\...\Steam App 250500) (Version:  - sparsevector)
Supreme Commander (HKLM-x32\...\Steam App 9350) (Version:  - Gas Powered Games)
Supreme Commander: Forged Alliance (HKLM-x32\...\Steam App 9420) (Version:  - Gas Powered Games)
SWAT 3 - Tactical Game of The Year Edition (HKLM-x32\...\GOGPACKSWAT3_is1) (Version: 2.0.0.32 - GOG.com)
Sword of the Stars: The Pit (HKLM-x32\...\Steam App 233700) (Version:  - Kerberos Productions)
Syder Arcade (HKLM-x32\...\Steam App 252310) (Version:  - Studio Evil)
Syndicate Plus (HKLM-x32\...\GOGPACKSYNDICATE_is1) (Version: 2.0.0.12 - GOG.com)
System Requirements Lab CYRI (HKLM-x32\...\{19B0831B-0C18-4103-86E4-90FCD04CD3B9}) (Version: 6.0.12.5 - Husdawg, LLC)
System Requirements Lab Detection (HKLM-x32\...\{A407FC22-36BF-4C82-A516-59D94BC505A9}) (Version: 1.0.5.0 - Husdawg, LLC)
TES Construction Set (HKLM-x32\...\{DB3C800B-081B-4146-B4E3-EFB5B77AA913}) (Version:  - )
The Age of Decadence Demo (HKLM-x32\...\Steam App 265230) (Version:  - Iron Tower Studio)
The Chaos Engine (HKLM-x32\...\Steam App 242530) (Version:  - )
The Elder Scrolls Arena (HKLM-x32\...\{62E2BBFA-BE97-42CD-AE89-A4EEF7F36992}) (Version: 1.00.0000 - Bethesda Softworks)
The Elder Scrolls V: Skyrim (HKLM-x32\...\Steam App 72850) (Version:  - Bethesda Game Studios)
The Stanley Parable (HKLM-x32\...\Steam App 221910) (Version:  - Galactic Cafe)
The Witcher 2 - Assassins of Kings Enhanced Edition (HKLM-x32\...\GOGPACKTHEWITCHER2EE_is1) (Version: 3.4.0.25 - GOG.com)
The Witcher Enhanced Edition Director's Cut (HKLM-x32\...\The Witcher Enhanced Edition Director's Cut_is1) (Version:  - GOG.com)
The Wolf Among Us (HKLM-x32\...\Steam App 250320) (Version:  - )
Titanfall™ (HKLM-x32\...\{347EE0C3-0690-48F6-A231-53853C2A80D6}) (Version: 1.0.3.6 - Electronic Arts)
TortoiseSVN 1.8.2.24708 (64 bit) (HKLM\...\{D0DC3918-460D-4229-811E-41F22D0CD7E9}) (Version: 1.8.24708 - TortoiseSVN)
Total Annihilation - Commander Pack (HKLM-x32\...\GOGPACKTOTALANNIHILATIONCOMMANDERPACK_is1) (Version: 2.0.0.21 - GOG.com)
Total Annihilation (HKLM-x32\...\Total Annihilation) (Version:  - )
Total War: ROME II (HKLM-x32\...\Steam App 214950) (Version:  - Creative Assembly)
Total War: SHOGUN 2 (HKLM-x32\...\Steam App 34330) (Version:  - The Creative Assembly)
Underrail (HKLM-x32\...\Steam App 250520) (Version:  - Stygian Software)
Unity Web Player (HKCU\...\UnityWebPlayer) (Version:  - Unity Technologies ApS)
Uplay (HKLM-x32\...\Uplay) (Version: 2.0 - Ubisoft)
VIA Platform Device Manager (HKLM-x32\...\InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.39 - VIA Technologies, Inc.)
Visual C++ 2008 - x64 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{6DA2B636-698A-3294-BF4A-B5E11B238CDD}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x64 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{8CCEA24C-51AE-3B71-9092-7D0C44DDA2DF}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x64 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{C3A57BB3-9AA6-3F6F-9395-6C062BDD5FC4}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x64 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{F6F09DD8-F39B-3A16-ADB9-C9E6B56903F9}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{04B34E21-5BEE-3D2B-8D3D-E3E80D253F64}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{14866AAD-1F23-39AC-A62B-7091ED1ADE64}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{4B90093A-5D9C-3956-8ABB-95848BE6EFAD}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{B42E259C-E4D4-37F1-A1B2-EB9C4FC5A04D}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Wasteland (HKLM-x32\...\GOGPACKWASTELAND_is1) (Version: 2.0.0.5 - GOG.com)
Wasteland_GOG.com (HKLM\...\{d92dc4a9-7f14-4e04-9a5e-a1efb91b9290}.sdb) (Version:  - )
WebAssign LockDown Browser (HKLM-x32\...\{1F5B9F18-614C-48B9-BE55-8ECD396E51F0}) (Version: 1.04.001 - Respondus, Inc.)
Windows Live Communications Platform (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3508.0205 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4311.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows XP Mode (HKLM\...\{1374CC63-B520-4f3f-98E8-E9020BF01CFF}) (Version: 1.3.7600.16423 - Microsoft Corporation)
WinRAR archiver (HKLM\...\WinRAR archiver) (Version:  - )
Wolfenstein: The New Order (HKLM-x32\...\Steam App 201810) (Version:  - Machine Games)
X-COM: Apocalypse (HKLM-x32\...\Steam App 7660) (Version:  - MicroProse Software, Inc)
XCOM: Enemy Unknown (HKLM-x32\...\Steam App 200510) (Version:  - Firaxis Games)
X-COM: Enforcer (HKLM-x32\...\Steam App 7770) (Version:  - MicroProse Software, Inc)
X-COM: Interceptor (HKLM-x32\...\Steam App 7730) (Version:  - MicroProse Software, Inc)
X-COM: Terror from the Deep (HKLM-x32\...\Steam App 7650) (Version:  - MicroProse Software, Inc)
X-COM: UFO Defense (HKLM-x32\...\Steam App 7760) (Version:  - MicroProse Software, Inc)

========================= Memory info: ===================================

Percentage of memory in use: 8%
Total physical RAM: 16344.73 MB
Available physical RAM: 14969.52 MB
Total Pagefile: 32687.64 MB
Available Pagefile: 31400.51 MB
Total Virtual: 4095.88 MB
Available Virtual: 3991.85 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:1862.92 GB) (Free:912.29 GB) NTFS
3 Drive e: (SCII CE USB) (Removable) (Total:1.96 GB) (Free:0.07 GB) FAT
4 Drive f: (Solid State Drive) (Fixed) (Total:59.62 GB) (Free:59.2 GB) NTFS
5 Drive m: (External Hard Drive) (Fixed) (Total:2794.52 GB) (Free:1380.95 GB) NTFS

========================= Users: ========================================

User accounts for \\INFINITY_2_1

Administrator            ASPNET                   Brighton                 
Guest                    


**** End of log ****
 

TDSSKiller:

 

08:04:00.0996 0x1458  TDSS rootkit removing tool 3.0.0.39 Jun  5 2014 20:35:54
08:04:05.0052 0x1458  ============================================================
08:04:05.0052 0x1458  Current date / time: 2014/07/10 08:04:05.0052
08:04:05.0052 0x1458  SystemInfo:
08:04:05.0052 0x1458  
08:04:05.0052 0x1458  OS Version: 6.1.7601 ServicePack: 1.0
08:04:05.0052 0x1458  Product type: Workstation
08:04:05.0052 0x1458  ComputerName: INFINITY_2_1
08:04:05.0052 0x1458  UserName: Brighton
08:04:05.0052 0x1458  Windows directory: C:\Windows
08:04:05.0052 0x1458  System windows directory: C:\Windows
08:04:05.0052 0x1458  Running under WOW64
08:04:05.0052 0x1458  Processor architecture: Intel x64
08:04:05.0052 0x1458  Number of processors: 8
08:04:05.0052 0x1458  Page size: 0x1000
08:04:05.0052 0x1458  Boot type: Normal boot
08:04:05.0052 0x1458  ============================================================
08:04:05.0286 0x1458  KLMD registered as C:\Windows\system32\drivers\86706261.sys
08:04:05.0817 0x1458  System UUID: {9B417688-4882-32F5-5B61-6B4D9D747BCC}
08:04:06.0597 0x1458  Drive \Device\Harddisk0\DR0 - Size: 0xEE8156000 ( 59.63 Gb ), SectorSize: 0x200, Cylinders: 0x1E67, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
08:04:06.0597 0x1458  Drive \Device\Harddisk1\DR1 - Size: 0x1D1C1116000 ( 1863.02 Gb ), SectorSize: 0x200, Cylinders: 0x3B601, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
08:04:07.0049 0x1458  Drive \Device\Harddisk2\DR2 - Size: 0x2BAA1476000 ( 2794.52 Gb ), SectorSize: 0x1000, Cylinders: 0xB220, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
08:04:07.0065 0x1458  ============================================================
08:04:07.0065 0x1458  \Device\Harddisk0\DR0:
08:04:07.0065 0x1458  MBR partitions:
08:04:07.0065 0x1458  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x773F800
08:04:07.0065 0x1458  \Device\Harddisk1\DR1:
08:04:07.0065 0x1458  MBR partitions:
08:04:07.0065 0x1458  \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
08:04:07.0065 0x1458  \Device\Harddisk1\DR1\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0xE8DD5800
08:04:07.0065 0x1458  \Device\Harddisk2\DR2:
08:04:07.0065 0x1458  MBR partitions:
08:04:07.0065 0x1458  \Device\Harddisk2\DR2\Partition1: MBR, Type 0x7, StartLBA 0x100, BlocksNum 0x2BAA1200
08:04:07.0065 0x1458  ============================================================
08:04:07.0065 0x1458  C: <-> \Device\Harddisk1\DR1\Partition2
08:04:07.0065 0x1458  F: <-> \Device\Harddisk0\DR0\Partition1
08:04:07.0080 0x1458  M: <-> \Device\Harddisk2\DR2\Partition1
08:04:07.0080 0x1458  ============================================================
08:04:07.0080 0x1458  Initialize success
08:04:07.0080 0x1458  ============================================================
08:04:18.0718 0x0a94  Deinitialize success
 

AdwCleaner:

 

# AdwCleaner v3.215 - Report created 09/07/2014 at 08:53:12
# Updated 09/07/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Brighton - INFINITY_2_1
# Running from : C:\Users\Brighton\Desktop\Things to fix the comp\AdwCleaner\AdwCleaner.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****


***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17126


-\\ Mozilla Firefox v30.0 (en-US)

[ File : C:\Users\Brighton\AppData\Roaming\Mozilla\Firefox\Profiles\a075s8uw.default\prefs.js ]


[ File : C:\Users\Brighton\AppData\Roaming\Mozilla\Firefox\Profiles\fd2q3bz2.default-1404837332932\prefs.js ]


-\\ Google Chrome v

*************************

AdwCleaner[R0].txt - [1840 octets] - [01/09/2013 17:08:04]
AdwCleaner[R1].txt - [1179 octets] - [20/10/2013 17:55:05]
AdwCleaner[R2].txt - [1303 octets] - [25/11/2013 13:41:49]
AdwCleaner[R3].txt - [1260 octets] - [09/01/2014 08:40:13]
AdwCleaner[R4].txt - [1381 octets] - [11/01/2014 01:14:16]
AdwCleaner[R5].txt - [1558 octets] - [09/07/2014 08:36:06]
AdwCleaner[R6].txt - [1678 octets] - [09/07/2014 08:52:12]
AdwCleaner[S0].txt - [1927 octets] - [01/09/2013 17:24:25]
AdwCleaner[S1].txt - [1212 octets] - [20/10/2013 17:56:55]
AdwCleaner[S2].txt - [1368 octets] - [25/11/2013 13:43:25]
AdwCleaner[S3].txt - [1322 octets] - [09/01/2014 08:42:18]
AdwCleaner[S4].txt - [1442 octets] - [11/01/2014 01:17:44]
AdwCleaner[S5].txt - [1619 octets] - [09/07/2014 08:45:34]
AdwCleaner[S6].txt - [1599 octets] - [09/07/2014 08:53:12]

########## EOF - C:\AdwCleaner\AdwCleaner[S6].txt - [1659 octets] ##########
 

JRT :

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 7 Home Premium x64
Ran by Brighton on Wed 07/09/2014 at  8:59:20.74
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys



~~~ Files



~~~ Folders



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Wed 07/09/2014 at  9:06:16.65
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 

ESET :

 

C:\GOG Games\Interstate 76 Arsenal\Process.exe    Win32/PrcView potentially unsafe application    deleted - quarantined
C:\Program Files (x86)\Steam\SteamApps\common\xcom ufo defense\Dosbox.exe    probably unknown NewHeur_PE virus    deleted - quarantined
C:\Users\Brighton\Desktop\Good Old Games Setup folder. Includes Extras\System Shock\System Shock Portable\RES\affinity.exe    Win32/PrcView potentially unsafe application    deleted - quarantined
C:\Users\Brighton\Downloads\any-audio-converter.exe    Win32/OpenCandy potentially unsafe application    deleted - quarantined
C:\Users\Brighton\Downloads\avc-free.exe    Win32/OpenCandy potentially unsafe application    deleted - quarantined
C:\Users\Brighton\Downloads\ccsetup404.exe    Win32/Bundled.Toolbar.Google.D potentially unsafe application    deleted - quarantined
C:\Users\Brighton\Downloads\ccsetup409.exe    Win32/Bundled.Toolbar.Google.D potentially unsafe application    deleted - quarantined
C:\Users\Brighton\Downloads\SYSTEMSHOCK-Portable-v1.2.2.7z    Win32/PrcView potentially unsafe application    deleted - quarantined
M:\BKUP\GOG Games\Interstate 76 Arsenal\Process.exe    Win32/PrcView potentially unsafe application    deleted - quarantined
M:\BKUP\Program Files (x86)\Steam\SteamApps\common\xcom ufo defense\Dosbox.exe    probably unknown NewHeur_PE virus    deleted - quarantined
M:\BKUP\Users\Brighton\AppData\Local\Temp\Rar$DR06.599\SYSTEMSHOCK-Portable-v1.2.2\RES\affinity.exe    Win32/PrcView potentially unsafe application    deleted - quarantined
M:\BKUP\Users\Brighton\Desktop\Good Old Games Setup folder. Includes Extras\System Shock\System Shock Portable\RES\affinity.exe    Win32/PrcView potentially unsafe application    deleted - quarantined
M:\BKUP\Users\Brighton\Downloads\any-audio-converter.exe    Win32/OpenCandy potentially unsafe application    deleted - quarantined
M:\BKUP\Users\Brighton\Downloads\avc-free.exe    Win32/OpenCandy potentially unsafe application    deleted - quarantined
M:\BKUP\Users\Brighton\Downloads\ccsetup404.exe    Win32/Bundled.Toolbar.Google.D potentially unsafe application    deleted - quarantined
M:\BKUP\Users\Brighton\Downloads\ccsetup409.exe    Win32/Bundled.Toolbar.Google.D potentially unsafe application    deleted - quarantined
M:\BKUP\Users\Brighton\Downloads\SYSTEMSHOCK-Portable-v1.2.2.7z    Win32/PrcView potentially unsafe application    deleted - quarantined
 

 

Thanks again for all your help.



#4 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,428 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:02:08 PM

Posted 10 July 2014 - 02:54 PM

Probably just all that junk we pulled off.. .

In Control Panel Uninstall this as it's out dated and vulnerable to malware
Java 7 Update 55 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217040FF}) (Version: 7.0.550 - Oracle)

Reboot

Empty your temp folders using TFC (Temporary File Cleaner)
  • Please download TFC by Old Timer and save it to your desktop.
    alternate download link
  • Save any unsaved work. (TFC will close ALL open programs including your browser!)
  • Double-click on TFC.exe to run it. (If you are using Vista, right-click on the file and choose "Run As Administrator".)
  • Click the Start button to begin the cleaning process and let it run uninterrupted to completion.
  • Important! If TFC prompts you to reboot, please do so immediately. If not prompted, manually reboot the machine anyway allowing Windows to load normally (not into Safe Mode) to ensure a complete clean.
You're welcome!
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users