Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Infected by Contextual Tool Yourprofitclub


  • This topic is locked This topic is locked
14 replies to this topic

#1 BathroomCitizen

BathroomCitizen

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:07:59 AM

Posted 27 August 2014 - 05:59 PM

It seems that I've been infected by the malware called Contextual Tool Yourprofitclub.

It shows up on my Programs and Features install list: I can try to uninstall it, then he asks me to enter a code that appears on the screen, and then nothing—the malware still shows up on the list.

 

This malware affects me by randomly redirecting my browser to some promotional website that I don't care anything about.

 

Here's the log generated by DDS:

 

DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 10.0.9200.17054  BrowserJavaVersion: 10.55.2
Run by OEM at 0:52:40 on 2014-08-28
Microsoft Windows 7 Enterprise   6.1.7601.1.1252.39.1040.18.8182.5514 [GMT 2:00]
.
AV: Microsoft Security Essentials *Enabled/Updated* {641105E6-77ED-3F35-A304-765193BCB75F}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Spybot - Search and Destroy *Enabled/Updated* {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
SP: Microsoft Security Essentials *Enabled/Updated* {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Program Files\Microsoft Security Client\MsMpEng.exe
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
F:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\system32\PnkBstrA.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTMon.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\atieclxx.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files (x86)\Sapphire TRIXX\TRIXX.exe
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Windows\WindowsMobile\wmdc.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Windows\system32\svchost.exe -k WindowsMobile
C:\Program Files\TortoiseSVN\bin\TSVNCache.exe
C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe
C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM64.exe
F:\Programmi\Steam\Steam.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files (x86)\PicPick\picpick.exe
C:\Program Files (x86)\ASUS\ASUS Ai Charger\AiChargerAP.exe
C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe
C:\Program Files (x86)\Evernote\Evernote\EvernoteTray.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
F:\Programmi\Steam\bin\steamwebhelper.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files\Microsoft Security Client\NisSrv.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
C:\Windows\system32\taskhost.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_14_0_0_179.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_14_0_0_179.exe
C:\Windows\System32\svchost.exe -k swprv
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uSearch Bar = Preserve
BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL
BHO: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Evernote extension: {92EF2EAD-A7CE-4424-B0DB-499CF856608E} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL
BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
uRun: [MobileDocuments] C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe
uRun: [TomTomHOME.exe] "C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe"
uRun: [HydraVisionDesktopManager] "C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe"
uRun: [Google Update] "C:\Users\OEM\AppData\Local\Google\Update\GoogleUpdate.exe" /c
uRun: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
uRun: [Steam] "F:\Programmi\Steam\steam.exe" -silent
uRun: [PicPick Start] C:\Program Files (x86)\PicPick\picpick.exe /startup
uRun: [Spybot-S&D Cleaning] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe" /autoclean
mRun: [JMB36X IDE Setup] C:\Windows\RaidTool\xInsIDE.exe
mRun: [ASUS Ai Charger] C:\Program Files (x86)\ASUS\ASUS Ai Charger\AiChargerAP.exe
mRun: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
mRun: [ATICustomerCare] "c:\Program Files (x86)\ATI\ATICustomerCare\ATICustomerCare.exe"
mRun: [amd_dc_opt] C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [AdobeCS5.5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" -launchedbylogin
mRun: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun
mRun: [SDTray] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"
StartupFolder: C:\Users\OEM\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\EVERNO~1.LNK - C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe
StartupFolder: C:\Users\OEM\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\EVERNO~2.LNK - C:\Program Files (x86)\Evernote\Evernote\EvernoteTray.exe
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:0
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableLUA = dword:0
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-System: PromptOnSecureDesktop = dword:0
IE: Clip image - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\Clip.html?clipAction=4
IE: Clip selection - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\Clip.html?clipAction=3
IE: Clip this page - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\Clip.html?clipAction=1
IE: Clip URL - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\Clip.html?clipAction=0
IE: New note - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\NewNote.html
IE: Scarica con Mipony - F:\Program Files (x86)\MiPony\Browser\IEContext.htm
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
IE: {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
IE: {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
IE: {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\AddNote.html
Trusted Zone: clonewarsadventures.com
Trusted Zone: freerealms.com
Trusted Zone: soe.com
Trusted Zone: sony.com
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
TCP: NameServer = 192.168.1.254
TCP: Interfaces\{C67B1BB6-DCE9-4877-ACFE-D62D73C34B49} : DHCPNameServer = 192.168.1.254
TCP: Interfaces\{DDABC75F-632D-4F01-8C3E-FA79B34739F9} : DHCPNameServer = 7.254.254.254
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
Notify: SDWinLogon - SDWinLogon.dll
SSODL: WebCheck - <orphaned>
SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL
x64-BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL
x64-BHO: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL
x64-BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
x64-BHO: Hotspot Shield Class: {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} -
x64-Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
x64-Run: [Skytel] C:\Program Files\Realtek\Audio\HDA\Skytel.exe
x64-Run: [IAAnotif] C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe
x64-Run: [Windows Mobile Device Center] C:\Windows\WindowsMobile\wmdc.exe
x64-Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
x64-Run: [AdobeAAMUpdater-1.0] "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
x64-IE: {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\AddNote.html
x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
x64-SSODL: WebCheck - <orphaned>
x64-SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\OEM\AppData\Roaming\Mozilla\Firefox\Profiles\d0s9sl1h.default\
FF - prefs.js: network.proxy.type - 2
FF - plugin: C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL
FF - plugin: C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL
FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Battlelog Web Plugins\2.4.0\npbattlelog.dll
FF - plugin: C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
FF - plugin: C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll
FF - plugin: C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypchub.dll
FF - plugin: C:\Users\OEM\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll
FF - plugin: C:\Users\OEM\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll
FF - plugin: C:\Users\OEM\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll
FF - plugin: C:\Users\OEM\AppData\Roaming\Mozilla\plugins\npo1d.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_179.dll
.
============= SERVICES / DRIVERS ===============
.
R0 AiCharger;ASUS Charger Driver;C:\Windows\System32\drivers\AiCharger.sys [2011-2-8 14592]
R0 MpFilter;Microsoft Malware Protection Driver;C:\Windows\System32\drivers\MpFilter.sys [2014-1-25 268512]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;C:\Windows\System32\drivers\dtsoftbus01.sys [2013-11-8 283064]
R1 EIO64;EIO Driver;C:\Windows\System32\drivers\EIO64.sys [2011-2-8 16384]
R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2014-4-18 239616]
R2 AsSysCtrlService;ASUS System Control Service;C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe [2011-2-8 96896]
R2 HiPatchService;Hi-Rez Studios Authenticate and Update Service;F:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [2012-12-8 9216]
R2 NisDrv;Microsoft Network Inspection System;C:\Windows\System32\drivers\NisDrvWFP.sys [2010-10-24 133928]
R2 SDScannerService;Spybot-S&D 2 Scanner Service;C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [2014-8-28 1738168]
R2 SDUpdateService;Spybot-S&D 2 Updating Service;C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2014-8-28 2088408]
R2 SDWSCService;Spybot-S&D 2 Security Center Service;C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [2014-8-28 171928]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service;C:\Windows\System32\drivers\AtihdW76.sys [2013-12-19 94720]
R3 NisSrv;Microsoft Network Inspection;C:\Program Files\Microsoft Security Client\NisSrv.exe [2014-3-11 347872]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2010-6-23 344680]
R3 tap0901t;TAP-Win32 Adapter V9 (Tunngle);C:\Windows\System32\drivers\tap0901t.sys [2013-9-29 31232]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-9-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-9-11 124088]
S3 Desura Install Service;Desura Install Service;C:\Program Files (x86)\Common Files\Desura\desura_service.exe [2012-1-24 1051088]
S3 DrvAgent64;DrvAgent64;C:\Windows\SysWOW64\drivers\DrvAgent64.SYS [2014-8-12 21712]
S3 ffusb2audio;Focusrite USB 2.0 Audio Driver;C:\Windows\System32\drivers\ffusb2audio.sys [2013-7-13 126768]
S3 Futuremark SystemInfo Service;Futuremark SystemInfo Service;C:\Program Files (x86)\Futuremark\SystemInfo\FMSISvc.exe [2014-1-28 520416]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2013-3-13 19456]
S3 Samsung UPD Service2;Samsung UPD Service2;C:\Windows\System32\SUPDSvc2.exe [2012-5-26 165456]
S3 StorSvc;Storage Service;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2009-7-14 27136]
S3 SwitchBoard;SwitchBoard;C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-2-19 517096]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2013-3-13 57856]
S3 TunngleService;TunngleService;C:\Program Files (x86)\Tunngle\TnglCtrl.exe [2013-9-29 759192]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2012-12-13 54784]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2011-2-12 1255736]
SUnknown tsusbhub;tsusbhub; [x]
.
=============== Created Last 30 ================
.
2014-08-27 22:14:51    21040    ----a-w-    C:\Windows\System32\sdnclean64.exe
2014-08-27 22:14:50    --------    d-----w-    C:\ProgramData\Spybot - Search & Destroy
2014-08-27 22:14:46    --------    d-----w-    C:\Program Files (x86)\Spybot - Search & Destroy 2
2014-08-27 21:36:26    75888    ----a-w-    C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{05C725C3-664B-4D09-BFA4-B193588B0442}\offreg.dll
2014-08-27 21:18:27    3163648    ----a-w-    C:\Windows\System32\win32k.sys
2014-08-27 21:18:26    404480    ----a-w-    C:\Windows\System32\gdi32.dll
2014-08-27 21:18:26    311808    ----a-w-    C:\Windows\SysWow64\gdi32.dll
2014-08-27 17:42:48    122584    ----a-w-    C:\Windows\System32\drivers\MBAMSwissArmy.sys
2014-08-27 17:42:34    91352    ----a-w-    C:\Windows\System32\drivers\mbamchameleon.sys
2014-08-27 17:42:34    63704    ----a-w-    C:\Windows\System32\drivers\mwac.sys
2014-08-27 17:42:34    --------    d-----w-    C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-08-27 17:16:47    11319192    ----a-w-    C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{05C725C3-664B-4D09-BFA4-B193588B0442}\mpengine.dll
2014-08-26 22:05:57    --------    d-----w-    C:\Program Files (x86)\LibreOffice 4
2014-08-26 16:07:30    11319192    ----a-w-    C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2014-08-20 23:36:04    --------    d-----w-    C:\Program Files (x86)\PCSX2 1.2.1
2014-08-20 14:50:03    1169712    ------w-    C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{6C718DB7-52B9-4027-A09D-71F8313F79A2}\gapaengine.dll
2014-08-20 01:20:10    --------    d-----w-    C:\Users\OEM\AppData\Roaming\3Stars
2014-08-19 15:03:43    --------    d-----w-    C:\Users\OEM\AppData\Local\Adobe
2014-08-18 03:09:21    --------    d-----w-    C:\Users\OEM\AppData\Local\gtk-2.0
2014-08-18 02:22:51    --------    d-----w-    C:\Users\OEM\AppData\Roaming\PicPick
2014-08-18 02:22:51    --------    d-----w-    C:\ProgramData\PicPick
2014-08-18 02:22:27    --------    d-----w-    C:\Program Files (x86)\PicPick
2014-08-18 02:20:49    --------    d-----w-    C:\Program Files\paint.net
2014-08-18 02:20:20    --------    d-----w-    C:\Users\OEM\AppData\Local\paint.net
2014-08-18 02:16:06    --------    d-----w-    C:\Program Files (x86)\Sapphire TRIXX
2014-08-17 02:08:26    --------    d-----w-    C:\Users\OEM\.thumbnails
2014-08-17 02:07:28    --------    d-----w-    C:\Users\OEM\AppData\Local\fontconfig
2014-08-17 02:07:23    --------    d-----w-    C:\Users\OEM\AppData\Local\gegl-0.2
2014-08-17 02:07:23    --------    d-----w-    C:\Users\OEM\.gimp-2.8
2014-08-16 23:58:57    --------    d-----w-    C:\Program Files\Futuremark
2014-08-16 23:31:15    --------    d-----w-    C:\Users\OEM\AppData\Local\IsolatedStorage
2014-08-16 23:31:14    --------    d-----w-    C:\Users\OEM\AppData\Local\Futuremark_Corporation
2014-08-16 22:58:14    --------    d-----w-    C:\Program Files (x86)\NVIDIA Corporation
2014-08-16 22:46:50    --------    d-----w-    C:\Program Files (x86)\Futuremark
2014-08-16 15:55:32    --------    d-----w-    C:\Program Files\GIMP 2
2014-08-16 15:30:06    --------    d-----w-    C:\ProgramData\NovaTech Network
2014-08-16 15:29:12    --------    d-----w-    C:\Program Files (x86)\Novawave
2014-08-16 15:15:13    --------    d-----w-    C:\Windows\Downloaded Installations
2014-08-15 22:46:18    13368    ----a-w-    C:\Windows\SysWow64\drivers\AsUpIO.sys
2014-08-15 16:17:13    --------    d-----w-    C:\Users\OEM\AppData\Local\EvernoteNW
2014-08-15 16:13:47    --------    d-----w-    C:\Users\OEM\AppData\Local\Evernote
2014-08-15 16:13:25    --------    d-----w-    C:\Program Files (x86)\Evernote
2014-08-12 23:02:56    99480    ----a-w-    C:\Windows\SysWow64\infocardapi.dll
2014-08-12 23:02:56    619672    ----a-w-    C:\Windows\SysWow64\icardagt.exe
2014-08-12 23:02:56    171160    ----a-w-    C:\Windows\System32\infocardapi.dll
2014-08-12 23:02:56    1389208    ----a-w-    C:\Windows\System32\icardagt.exe
2014-08-12 23:02:55    8856    ----a-w-    C:\Windows\SysWow64\icardres.dll
2014-08-12 23:02:55    8856    ----a-w-    C:\Windows\System32\icardres.dll
2014-08-12 23:02:44    35480    ----a-w-    C:\Windows\SysWow64\TsWpfWrp.exe
2014-08-12 23:02:44    35480    ----a-w-    C:\Windows\System32\TsWpfWrp.exe
2014-08-12 22:59:36    3241984    ----a-w-    C:\Windows\System32\msi.dll
2014-08-12 01:43:37    21712    ----a-w-    C:\Windows\SysWow64\drivers\DrvAgent64.SYS
2014-08-12 01:43:37    --------    d-----w-    C:\Users\OEM\AppData\Local\eSupport.com
2014-08-12 01:08:06    --------    d-----w-    C:\Program Files\CPUID
2014-08-11 23:14:03    76152    ----a-w-    C:\Windows\System32\PnkBstrA.exe
2014-08-11 17:01:20    --------    d-----w-    C:\Users\OEM\AppData\Roaming\library_dir
2014-08-11 16:53:09    --------    d-----w-    C:\Users\OEM\AppData\Roaming\Raptr
2014-08-11 16:53:09    --------    d-----w-    C:\Program Files (x86)\Raptr
2014-08-11 16:52:56    --------    d-----w-    C:\Program Files (x86)\AMD AVT
2014-08-11 16:47:28    --------    d-----w-    C:\Program Files\AMD
2014-08-11 16:23:54    --------    d-----w-    C:\Users\OEM\AppData\Local\ESN
2014-08-11 10:05:07    --------    d-----w-    C:\Program Files (x86)\Battlelog Web Plugins
2014-08-11 10:04:50    215416    ----a-w-    C:\Windows\SysWow64\PnkBstrB.exe
2014-08-11 10:04:48    76888    ----a-w-    C:\Windows\SysWow64\PnkBstrA.exe
2014-08-03 21:57:53    --------    d-----w-    C:\Users\OEM\AppData\Roaming\Ice-pick Lodge
2014-08-03 17:11:33    --------    d-----w-    C:\Users\OEM\AppData\Roaming\Trine2
2014-08-03 09:53:47    188304    ----a-w-    C:\Program Files (x86)\Mozilla Firefox\plugins\nppdf32.dll
2014-07-30 21:04:06    93808    ----a-w-    C:\Program Files (x86)\Mozilla Firefox\webapprt-stub.exe
2014-07-29 01:12:07    --------    d-----w-    C:\Users\OEM\AppData\Local\Cockatrice
.
==================== Find3M  ====================
.
2014-08-18 20:51:27    71344    ----a-w-    C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2014-08-18 20:51:27    699568    ----a-w-    C:\Windows\SysWow64\FlashPlayerApp.exe
2014-08-16 23:23:48    466456    ----a-w-    C:\Windows\System32\wrap_oal.dll
2014-08-16 23:23:48    444952    ----a-w-    C:\Windows\SysWow64\wrap_oal.dll
2014-08-16 23:23:48    122904    ----a-w-    C:\Windows\System32\OpenAL32.dll
2014-08-16 23:23:48    109080    ----a-w-    C:\Windows\SysWow64\OpenAL32.dll
2014-08-14 15:11:03    214392    ----a-w-    C:\Windows\SysWow64\PnkBstrB.ex0
2014-08-07 02:06:41    529920    ----a-w-    C:\Windows\System32\aepdu.dll
2014-08-07 02:01:34    424448    ----a-w-    C:\Windows\System32\aeinv.dll
2014-07-24 12:10:54    2240000    ----a-w-    C:\Windows\System32\wininet.dll
2014-07-24 12:09:37    3959296    ----a-w-    C:\Windows\System32\jscript9.dll
2014-07-24 12:09:33    67072    ----a-w-    C:\Windows\System32\iesetup.dll
2014-07-24 12:09:33    136704    ----a-w-    C:\Windows\System32\iesysprep.dll
2014-07-24 12:09:00    1508864    ----a-w-    C:\Windows\System32\inetcpl.cpl
2014-07-24 10:52:27    1766400    ----a-w-    C:\Windows\SysWow64\wininet.dll
2014-07-24 10:51:27    2861568    ----a-w-    C:\Windows\SysWow64\jscript9.dll
2014-07-24 10:51:22    61440    ----a-w-    C:\Windows\SysWow64\iesetup.dll
2014-07-24 10:51:22    109056    ----a-w-    C:\Windows\SysWow64\iesysprep.dll
2014-07-24 10:51:02    1440768    ----a-w-    C:\Windows\SysWow64\inetcpl.cpl
2014-07-24 10:33:52    2706432    ----a-w-    C:\Windows\System32\mshtml.tlb
2014-07-24 10:29:20    2706432    ----a-w-    C:\Windows\SysWow64\mshtml.tlb
2014-07-24 09:37:18    89600    ----a-w-    C:\Windows\System32\RegisterIEPKEYs.exe
2014-07-24 09:32:28    71680    ----a-w-    C:\Windows\SysWow64\RegisterIEPKEYs.exe
2014-07-22 13:14:46    137376    ----a-w-    C:\Windows\System32\vcomp120.dll
2014-07-16 03:23:41    2048    ----a-w-    C:\Windows\System32\tzres.dll
2014-07-16 02:46:02    2048    ----a-w-    C:\Windows\SysWow64\tzres.dll
2014-07-14 02:02:45    1216000    ----a-w-    C:\Windows\System32\rpcrt4.dll
2014-07-14 01:40:58    664064    ----a-w-    C:\Windows\SysWow64\rpcrt4.dll
2014-07-09 02:03:23    7168    ----a-w-    C:\Windows\System32\KBDYAK.DLL
2014-07-09 02:03:22    7168    ----a-w-    C:\Windows\System32\KBDBASH.DLL
2014-07-09 01:31:42    7168    ----a-w-    C:\Windows\SysWow64\KBDYAK.DLL
2014-07-09 01:31:41    6656    ----a-w-    C:\Windows\SysWow64\KBDBASH.DLL
2014-07-03 23:02:54    111016    ----a-w-    C:\Windows\System32\WindowsAccessBridge-64.dll
2014-06-18 02:18:30    692736    ----a-w-    C:\Windows\System32\osk.exe
2014-06-18 01:51:32    646144    ----a-w-    C:\Windows\SysWow64\osk.exe
2014-06-16 02:10:19    985536    ----a-w-    C:\Windows\System32\drivers\dxgkrnl.sys
2014-06-06 10:10:34    624128    ----a-w-    C:\Windows\System32\qedit.dll
2014-06-06 09:44:17    509440    ----a-w-    C:\Windows\SysWow64\qedit.dll
2014-06-05 14:45:15    1460736    ----a-w-    C:\Windows\System32\lsasrv.dll
2014-06-05 14:26:58    22016    ----a-w-    C:\Windows\SysWow64\secur32.dll
2014-06-05 14:25:49    96768    ----a-w-    C:\Windows\SysWow64\sspicli.dll
2014-06-03 10:02:37    112064    ----a-w-    C:\Windows\System32\consent.exe
2014-06-03 10:02:21    504320    ----a-w-    C:\Windows\System32\msihnd.dll
2014-06-03 10:02:12    1941504    ----a-w-    C:\Windows\System32\authui.dll
2014-06-03 09:29:50    337408    ----a-w-    C:\Windows\SysWow64\msihnd.dll
2014-06-03 09:29:50    2363392    ----a-w-    C:\Windows\SysWow64\msi.dll
2014-06-03 09:29:40    1805824    ----a-w-    C:\Windows\SysWow64\authui.dll
2014-05-30 08:08:52    210944    ----a-w-    C:\Windows\System32\wdigest.dll
2014-05-30 08:08:49    86528    ----a-w-    C:\Windows\System32\TSpkg.dll
2014-05-30 08:08:47    340992    ----a-w-    C:\Windows\System32\schannel.dll
2014-05-30 08:08:41    314880    ----a-w-    C:\Windows\System32\msv1_0.dll
2014-05-30 08:08:41    307200    ----a-w-    C:\Windows\System32\ncrypt.dll
2014-05-30 08:08:36    728064    ----a-w-    C:\Windows\System32\kerberos.dll
2014-05-30 08:08:31    22016    ----a-w-    C:\Windows\System32\credssp.dll
2014-05-30 07:52:51    172032    ----a-w-    C:\Windows\SysWow64\wdigest.dll
2014-05-30 07:52:49    65536    ----a-w-    C:\Windows\SysWow64\TSpkg.dll
2014-05-30 07:52:45    247808    ----a-w-    C:\Windows\SysWow64\schannel.dll
2014-05-30 07:52:41    220160    ----a-w-    C:\Windows\SysWow64\ncrypt.dll
2014-05-30 07:52:40    259584    ----a-w-    C:\Windows\SysWow64\msv1_0.dll
2014-05-30 07:52:36    550912    ----a-w-    C:\Windows\SysWow64\kerberos.dll
2014-05-30 07:52:30    17408    ----a-w-    C:\Windows\SysWow64\credssp.dll
2014-05-30 06:45:52    497152    ----a-w-    C:\Windows\System32\drivers\afd.sys
.
============= FINISH:  0:52:48,27 ===============

Attached Files



BC AdBot (Login to Remove)

 


#2 fireman4it

fireman4it

    Bleepin' Fireman


  • Malware Response Team
  • 13,505 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Greenup, Ill USA
  • Local time:12:59 AM

Posted 27 August 2014 - 06:40 PM

Hello 

BathroomCitizen

,

  • Welcome to Bleeping Computer.
  • My name is fireman4it and I will be helping you with your Malware problem.

    Please take note of some guidelines for this fix:
  • Refrain from making any changes to your computer including installing/uninstall programs, deleting files, modifying the registry, and running scanners or tools.
      
  • If you do not understand any step(s) provided, please do not hesitate to ask before continuing.
      
  • Even if things appear to be better, it might not mean we are finished. Please continue to follow my instructions and reply back until I give you the "all clean".
  • In the upper right hand corner of the topic you will see a button called Follow This Topic.I suggest you click it and select Immediate E-Mail notification and click on Follow This Topic. This way you will be advised when we respond to your topic and facilitate the cleaning of your machine.

      
  • Finally, please reply using the Post  button in the lower right hand corner of your screen. Do not start a new topic. The logs that you post should be pasted directly into the reply, unless they do not fit into the post.

 

 

1.

Please download AdwCleaner by Xplode and save to your Desktop.

  • Double click on AdwCleaner.exe to run the tool .
  • Click on the Scan button.
  • AdwCleaner will begin to scan your computer.
  • After the scan has finished...
  • Click on the Clean button.
  • Press OK when asked to close all programs and follow the onscreen prompts.
  • Press OK again to allow AdwCleaner to restart the computer and complete the removal process.
  • After rebooting, a logfile report (AdwCleaner[S#].txt) will open automatically (where the largest value of # represents the most recent report).
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of that logfile will also be saved in the C:\AdwCleaner folder.

 

2.

Download and run Junkware Removal Tool. ***Your Anti Virus may see this download as malicious, don't worry continue on. 

Please download Junkware Removal Tool to your desktop.

 

  • shut down your protection software now to avoid potential conflicts.
  • run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator"
    the tool will open and start scanning your system
  • please be patient as this can take a while to complete depending on your system's specifications
  • on completion, a log (JRT.txt) is saved to your desktop and will automatically open
  • post the contents of JRT.txt into your next Reply.

 

 

3.

Please download Farbar Recovery Scan Tool and save it to your Desktop.

Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.

  • Right click to run as administrator (XP users click run after receipt of Windows Security Warning - Open File). When the tool opens click Yes to disclaimer.
  • Press Scan button.
  • It will produce a log called FRST.txt in the same directory the tool is run from.
  • Please copy and paste log back here.
  • The first time the tool is run it generates another log (Addition.txt - also located in the same directory as FRST.exe/FRST64.exe). Please also paste that along with the FRST.txt into your reply.


" Extinguishing Malware from the world"

The Virus, Trojan, Spyware, and Malware Removal forum is very busy. If I'm helping you and I've not posted back within 24 hrs., send a PM with your topic link. Thank you.

ALL OTHER HELP REQUESTS VIA THE PM SYSTEM WILL BE IGNORED. The Forums are there for a reason!
Thanks-


  userbar_eis_500.gif

If I have helped you, consider making a donation to help me continue the fight against Malware! Just click btn_donate_LG.gif


#3 BathroomCitizen

BathroomCitizen
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:07:59 AM

Posted 27 August 2014 - 07:48 PM

Thanks fireman!

 

Here are the results (it seems that AdwCleaner translated its report in italian, my native language :) )

 

# AdwCleaner v3.308 - Rapporto creato 28/08/2014 in 02:26:50
# Aggiornato 20/08/2014 di Xplode
# Sistema operativo : Windows 7 Enterprise Service Pack 1 (64 bits)
# Nome utente : OEM - OEM-PC
# In esecuzione da : C:\Users\OEM\Desktop\AdwCleaner.exe
# Opzione : Pulisci

***** [ Servizi ] *****


***** [ File / Cartelle ] *****

Cartella Eliminato : C:\Windows\installer\{86d4b82a-abed-442a-be86-96357b70f4fe}
Cartella Eliminato : C:\Users\OEM\AppData\Local\eSupport.com

***** [ Compiti ] *****

Compito Eliminati : Scheduled Update for Ask Toolbar

***** [ Collegamenti ] *****


***** [ Registro ] *****

Chiave Eliminati : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{74F475FA-6C75-43BD-AAB9-ECDA6184F600}
Chiave Eliminati : HKLM\SOFTWARE\Microsoft\Tracing\AskInstallChecker_RASAPI32
Chiave Eliminati : HKLM\SOFTWARE\Microsoft\Tracing\AskInstallChecker_RASMANCS
Chiave Eliminati : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_rasapi32
Chiave Eliminati : HKLM\SOFTWARE\Microsoft\Tracing\askpartnercobrandingtool_rasmancs
Chiave Eliminati : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32
Chiave Eliminati : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs
Chiave Eliminati : HKLM\SOFTWARE\Microsoft\Tracing\bi_client_RASAPI32
Chiave Eliminati : HKLM\SOFTWARE\Microsoft\Tracing\bi_client_RASMANCS
Chiave Eliminati : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_hamachi_RASAPI32
Chiave Eliminati : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_for_hamachi_RASMANCS
Chiave Eliminati : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_per_siw_RASAPI32
Chiave Eliminati : HKLM\SOFTWARE\Microsoft\Tracing\SoftonicDownloader_per_siw_RASMANCS
Chiave Eliminati : HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
Chiave Eliminati : HKLM\SOFTWARE\Classes\CLSID\{6DDA37BA-0553-499A-AE0D-BEBA67204548}
Chiave Eliminati : HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
Chiave Eliminati : HKLM\SOFTWARE\Classes\TypeLib\{E69D4A59-73DE-4E38-9FB3-740EC4D9060D}
Chiave Eliminati : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}
Chiave Eliminati : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}
Chiave Eliminati : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Chiave Eliminati : [x64] HKLM\SOFTWARE\Classes\CLSID\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}
Chiave Eliminati : [x64] HKLM\SOFTWARE\Classes\CLSID\{6DDA37BA-0553-499A-AE0D-BEBA67204548}
Chiave Eliminati : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F9E4A054-E9B1-4BC3-83A3-76A1AE736170}
Chiave Eliminati : HKCU\Software\cacaoweb
Chiave Eliminati : HKCU\Software\OCS
Chiave Eliminati : HKCU\Software\Softonic
Chiave Eliminati : HKCU\Software\YahooPartnerToolbar
Chiave Eliminati : HKCU\Software\AppDataLow\Software\AskToolbar
Chiave Eliminati : HKLM\SOFTWARE\Conduit
Chiave Eliminati : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE}
Chiave Eliminati : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Steam App 228200
Chiave Eliminati : HKLM\SOFTWARE\Classes\Installer\Features\A28B4D68DEBAA244EB686953B7074FEF
Chiave Eliminati : HKLM\SOFTWARE\Classes\Installer\Products\A28B4D68DEBAA244EB686953B7074FEF
Chiave Eliminati : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0E12F736682067FDE4D1158D5940A82E
Chiave Eliminati : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\261F213D1F55267499B1F87D0CC3BCF7
Chiave Eliminati : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2B0D56C4F4C46D844A57FFED6F0D2852
Chiave Eliminati : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\49D4375FE41653242AEA4C969E4E65E0
Chiave Eliminati : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6F7467AF8F29C134CBBAB394ECCFDE96
Chiave Eliminati : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\741B4ADF27276464790022C965AB6DA8
Chiave Eliminati : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7DE196B10195F5647A2B21B761F3DE01
Chiave Eliminati : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9D4F5849367142E4685ED8C25E44C5ED
Chiave Eliminati : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A5875B04372C19545BEB90D4D606C472
Chiave Eliminati : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A876D9E80B896EC44A8620248CC79296
Chiave Eliminati : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B66FFAB725B92594C986DE826A867888
Chiave Eliminati : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BCDA179D619B91648538E3394CAC94CC
Chiave Eliminati : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D677B1A9671D4D4004F6F2A4469E86EA
Chiave Eliminati : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DD1402A9DD4215A43ABDE169A41AFA0E
Chiave Eliminati : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E36E114A0EAD2AD46B381D23AD69CDDF
Chiave Eliminati : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EF8E618DB3AEDFBB384561B5C548F65E
Chiave Eliminati : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF
Chiave Eliminati : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\F928123A039649549966D4C29D35B1C9

***** [ Browser ] *****

-\\ Internet Explorer v10.0.9200.17054


-\\ Mozilla Firefox v31.0 (x86 it)

[ File : C:\Users\OEM\AppData\Roaming\Mozilla\Firefox\Profiles\d0s9sl1h.default\prefs.js ]

Riga eliminata : user_pref("extensions.asktb.cbid", "F4");
Riga eliminata : user_pref("extensions.asktb.crumb", "2011.05.09+02.15.42-toolbar007iad-IT-Um9tZSxJdGFseQ%3D%3D");
Riga eliminata : user_pref("extensions.asktb.default-channel-url-mask", "hxxp://it.ask.com/web?q={query}&qsrc={qsrc}&o={o}&l={l}");
Riga eliminata : user_pref("extensions.asktb.dtid", "YYYYYYYYIT");
Riga eliminata : user_pref("extensions.asktb.fresh-install", false);
Riga eliminata : user_pref("extensions.asktb.l", "dis");
Riga eliminata : user_pref("extensions.asktb.last-config-req", "1304932541351");
Riga eliminata : user_pref("extensions.asktb.locale", "it_IT");
Riga eliminata : user_pref("extensions.asktb.o", "101699");
Riga eliminata : user_pref("extensions.asktb.overlay-reloaded-using-restart", true);
Riga eliminata : user_pref("extensions.asktb.qsrc", "2871");
Riga eliminata : user_pref("extensions.asktb.r", "4");
Riga eliminata : user_pref("extensions.asktb.search-suggestions-enabled", true);

*************************

AdwCleaner[R0].txt - [7478 octets] - [28/08/2014 02:25:27]
AdwCleaner[S0].txt - [7252 octets] - [28/08/2014 02:26:50]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [7312 octets] ##########

 

 

JRT Results:

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 7 Enterprise x64
Ran by OEM on 28/08/2014 at  2:35:08,02
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\installer\upgradecodes\f928123a039649549966d4c29d35b1c9
Successfully deleted: [Registry Key] "hkey_current_user\software\microsoft\internet explorer\low rights\elevationpolicy\{a5aa24ea-11b8-4113-95ae-9ed71deaf12a}"



~~~ Files



~~~ Folders

Successfully deleted: [Folder] "C:\Windows\syswow64\ai_recyclebin"



~~~ FireFox

Emptied folder: C:\Users\OEM\AppData\Roaming\mozilla\firefox\profiles\d0s9sl1h.default\minidumps [268 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 28/08/2014 at  2:39:14,63
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 

 

 

FRST Results:

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 25-08-2014
Ran by OEM (administrator) on OEM-PC on 28-08-2014 02:41:23
Running from C:\Users\OEM\Desktop
Platform: Windows 7 Enterprise Service Pack 1 (X64) OS Language: Italian (Italy)
Internet Explorer Version 10
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
() C:\Program Files (x86)\Sapphire TRIXX\TRIXX.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Hi-Rez Studios) F:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAAnotif.exe
(Microsoft Corporation) C:\Windows\WindowsMobile\wmdc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(http://tortoisesvn.net) C:\Program Files\TortoiseSVN\bin\TSVNCache.exe
() C:\Windows\System32\PnkBstrA.exe
(AMD) C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe
(AMD) C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM64.exe
(Disc Soft Ltd) C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
(Valve Corporation) F:\Programmi\Steam\Steam.exe
(NTeWORKS) C:\Program Files (x86)\PicPick\picpick.exe
(Evernote Corp., 305 Walnut Street, Redwood City, CA 94063) C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe
(Evernote Corp., 305 Walnut Street, Redwood City, CA 94063) C:\Program Files (x86)\Evernote\Evernote\EvernoteTray.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Ai Charger\AiChargerAP.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Valve Corporation) F:\Programmi\Steam\bin\steamwebhelper.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Intel Corporation) C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\IAANTmon.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_14_0_0_179.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_14_0_0_179.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [7833120 2011-02-08] (Realtek Semiconductor)
HKLM\...\Run: [Skytel] => C:\Program Files\Realtek\Audio\HDA\Skytel.exe [1833504 2011-02-08] (Realtek Semiconductor Corp.)
HKLM\...\Run: [IAAnotif] => C:\Program Files (x86)\Intel\Intel Matrix Storage Manager\iaanotif.exe [186904 2009-06-04] (Intel Corporation)
HKLM\...\Run: [Windows Mobile Device Center] => C:\Windows\WindowsMobile\wmdc.exe [660360 2007-05-31] (Microsoft Corporation)
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1271072 2014-03-11] (Microsoft Corporation)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [499608 2011-03-15] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [JMB36X IDE Setup] => C:\Windows\RaidTool\xInsIDE.exe [36864 2011-02-08] ()
HKLM-x32\...\Run: [ASUS Ai Charger] => C:\Program Files (x86)\ASUS\ASUS Ai Charger\AiChargerAP.exe [465536 2010-05-10] (ASUSTek Computer Inc.)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM-x32\...\Run: [ATICustomerCare] => c:\Program Files (x86)\ATI\ATICustomerCare\ATICustomerCare.exe [311296 2010-05-04] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [amd_dc_opt] => C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe [77824 2008-07-22] (AMD)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43816 2014-07-03] (Apple Inc.)
HKLM-x32\...\Run: [AdobeCS5.5ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe [1523360 2011-01-12] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-01-17] (Apple Inc.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767200 2014-04-17] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4101576 2014-06-24] (Safer-Networking Ltd.)
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-21-1732696791-2687864788-3126902200-1000\...\Run: [MobileDocuments] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe
HKU\S-1-5-21-1732696791-2687864788-3126902200-1000\...\Run: [TomTomHOME.exe] => "C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe"
HKU\S-1-5-21-1732696791-2687864788-3126902200-1000\...\Run: [HydraVisionDesktopManager] => C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe [393216 2010-11-18] (AMD)
HKU\S-1-5-21-1732696791-2687864788-3126902200-1000\...\Run: [Google Update] => C:\Users\OEM\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2013-05-02] (Google Inc.)
HKU\S-1-5-21-1732696791-2687864788-3126902200-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3675352 2013-10-28] (Disc Soft Ltd)
HKU\S-1-5-21-1732696791-2687864788-3126902200-1000\...\Run: [Steam] => F:\Programmi\Steam\steam.exe [1937600 2014-08-14] (Valve Corporation)
HKU\S-1-5-21-1732696791-2687864788-3126902200-1000\...\Run: [PicPick Start] => C:\Program Files (x86)\PicPick\picpick.exe [16609600 2014-08-26] (NTeWORKS)
HKU\S-1-5-21-1732696791-2687864788-3126902200-1000\...\Run: [Spybot-S&D Cleaning] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe [4566952 2014-06-24] (Safer-Networking Ltd.)
HKU\S-1-5-21-1732696791-2687864788-3126902200-1000\...\MountPoints2: G - G:\install.bat
HKU\S-1-5-21-1732696791-2687864788-3126902200-1000\...\MountPoints2: {30c7ce42-7849-11e1-b680-485b3908f1e8} - G:\autoplay.exe
HKU\S-1-5-21-1732696791-2687864788-3126902200-1000\...\MountPoints2: {45ff04b8-b563-11e1-bf26-485b3908f1e8} - G:\install.bat
HKU\S-1-5-21-1732696791-2687864788-3126902200-1000\...\MountPoints2: {5408cdcf-9a5f-11e0-85b3-485b3908f1e8} - G:\SETUP.EXE
HKU\S-1-5-21-1732696791-2687864788-3126902200-1000\...\MountPoints2: {e28b466b-7c42-11e2-b97e-485b3908f1e8} - G:\Splash.exe
Startup: C:\Users\OEM\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EvernoteClipper.lnk
ShortcutTarget: EvernoteClipper.lnk -> C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
Startup: C:\Users\OEM\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EvernoteTray.lnk
ShortcutTarget: EvernoteTray.lnk -> C:\Program Files (x86)\Evernote\Evernote\EvernoteTray.exe (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
ShellIconOverlayIdentifiers: 1TortoiseNormal -> {C5994560-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)
ShellIconOverlayIdentifiers: 2TortoiseModified -> {C5994561-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)
ShellIconOverlayIdentifiers: 3TortoiseConflict -> {C5994562-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)
ShellIconOverlayIdentifiers: 4TortoiseLocked -> {C5994563-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)
ShellIconOverlayIdentifiers: 5TortoiseReadOnly -> {C5994564-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)
ShellIconOverlayIdentifiers: 6TortoiseDeleted -> {C5994565-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)
ShellIconOverlayIdentifiers: 7TortoiseAdded -> {C5994566-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)
ShellIconOverlayIdentifiers: 8TortoiseIgnored -> {C5994567-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)
ShellIconOverlayIdentifiers: 9TortoiseUnversioned -> {C5994568-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)
ShellIconOverlayIdentifiers: DropboxExt1 -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\OEM\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: DropboxExt2 -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\OEM\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: DropboxExt3 -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\OEM\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: DropboxExt4 -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\OEM\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: 1TortoiseNormal -> {C5994560-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: 2TortoiseModified -> {C5994561-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: 3TortoiseConflict -> {C5994562-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: 4TortoiseLocked -> {C5994563-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: 5TortoiseReadOnly -> {C5994564-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: 6TortoiseDeleted -> {C5994565-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: 7TortoiseAdded -> {C5994566-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: 8TortoiseIgnored -> {C5994567-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: 9TortoiseUnversioned -> {C5994568-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: DropboxExt1 -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\OEM\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: DropboxExt2 -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\OEM\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: DropboxExt3 -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\OEM\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: DropboxExt4 -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\OEM\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.)
BootExecute: autocheck autochk * sdnclean64.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://it.msn.com/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = it-IT
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xBC9D6336690DCF01
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: Evernote extension -> {92EF2EAD-A7CE-4424-B0DB-499CF856608E} -> C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
DPF: HKLM-x32 {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254

FireFox:
========
FF ProfilePath: C:\Users\OEM\AppData\Roaming\Mozilla\Firefox\Profiles\d0s9sl1h.default
FF NetworkProxy: "autoconfig_url", "https://mediahint.com/default.pac"
FF NetworkProxy: "type", 2
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_179.dll ()
FF Plugin: @java.com/DTPlugin,version=10.60.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.60.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_179.dll ()
FF Plugin-x32: @esn/npbattlelog,version=2.4.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.4.0\npbattlelog.dll (EA Digital Illusions CE AB)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.55.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.55.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @talk.google.com/GoogleTalkPlugin -> C:\Users\OEM\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin HKCU: @talk.google.com/O1DPlugin -> C:\Users\OEM\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 -> C:\Users\OEM\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 -> C:\Users\OEM\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\OEM\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin HKCU: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll ()
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npwachk.dll (Nullsoft, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\OEM\AppData\Roaming\mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\OEM\AppData\Roaming\mozilla\plugins\npo1d.dll (Google)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazon-it.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-it.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\hoepli.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-it.xml
FF Extension: Evernote Web Clipper - C:\Users\OEM\AppData\Roaming\Mozilla\Firefox\Profiles\d0s9sl1h.default\Extensions\{E0B8C461-F8FB-49b4-8373-FE32E9252800} [2014-08-15]
FF Extension: Media Hint - C:\Users\OEM\AppData\Roaming\Mozilla\Firefox\Profiles\d0s9sl1h.default\Extensions\mediahint@jetpack.xpi [2013-12-07]
FF Extension: z - C:\Program Files (x86)\Mozilla Firefox\extensions\{125d3439-dec5-9c17-b2ee-c21533f03319} [2014-07-30]

Chrome:
=======

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.02\AsSysCtrlService.exe [96896 2011-02-08] (ASUSTeK Computer Inc.)
S3 Futuremark SystemInfo Service; C:\Program Files (x86)\Futuremark\SystemInfo\FMSISvc.exe [520416 2014-01-28] (Futuremark)
R2 HiPatchService; F:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [9216 2014-08-22] (Hi-Rez Studios) [File not signed]
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2014-03-11] (Microsoft Corporation)
S3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [347872 2014-03-11] (Microsoft Corporation)
R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [76152 2014-08-12] ()
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2014-08-11] ()
S3 Samsung UPD Service2; C:\Windows\System32\SUPDSvc2.exe [165456 2011-12-02] (Samsung Electronics)
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2088408 2014-06-27] (Safer-Networking Ltd.)
R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [171928 2014-04-25] (Safer-Networking Ltd.)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
S3 TunngleService; C:\Program Files (x86)\Tunngle\TnglCtrl.exe [759192 2013-09-03] (Tunngle.net GmbH) [File not signed]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [13440 2011-02-08] ()
R1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [13368 2009-07-06] ()
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2013-11-08] (Disc Soft Ltd)
R1 EIO64; C:\Windows\System32\DRIVERS\EIO64.sys [16384 2011-02-08] (ASUSTeK Computer Inc.)
S3 ffusb2audio; C:\Windows\System32\DRIVERS\ffusb2audio.sys [126768 2013-06-17] (Focusrite Audio Engineering Limited.)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [268512 2014-01-25] (Microsoft Corporation)
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [15416 2011-02-08] ()
S3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [133928 2014-03-11] (Microsoft Corporation)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [381440 2013-11-08] (Duplex Secure Ltd.)
R3 tap0901t; C:\Windows\System32\DRIVERS\tap0901t.sys [31232 2009-09-16] (Tunngle.net)
U3 aczaeypv; C:\Windows\System32\Drivers\aczaeypv.sys [0 ] (Intel Corporation)
S3 cpuz136; \??\C:\Windows\TEMP\cpuz136\cpuz136_x64.sys [X]
S3 GPUZ; \??\C:\Windows\TEMP\GPUZ.sys [X]
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
R3 TRIXX; \??\C:\Users\OEM\AppData\Local\Temp\TRIXX.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-08-28 02:41 - 2014-08-28 02:42 - 00025430 _____ () C:\Users\OEM\Desktop\FRST.txt
2014-08-28 02:41 - 2014-08-28 02:41 - 00000000 ____D () C:\FRST
2014-08-28 02:40 - 2014-08-28 02:40 - 02103296 _____ (Farbar) C:\Users\OEM\Desktop\FRST64.exe
2014-08-28 02:40 - 2014-08-28 02:26 - 00007476 _____ () C:\Users\OEM\Desktop\AdwCleaner[S0].txt
2014-08-28 02:39 - 2014-08-28 02:39 - 00001115 _____ () C:\Users\OEM\Desktop\JRT.txt
2014-08-28 02:35 - 2014-08-28 02:35 - 00000000 ____D () C:\Windows\ERUNT
2014-08-28 02:25 - 2014-08-28 02:26 - 00000000 ____D () C:\AdwCleaner
2014-08-28 00:38 - 2014-08-28 00:47 - 00688992 ____R (Swearware) C:\Users\OEM\Downloads\dds.com
2014-08-28 00:15 - 2014-08-28 00:15 - 00000000 ____D () C:\Windows\System32\Tasks\Safer-Networking
2014-08-28 00:14 - 2014-08-28 01:04 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-08-28 00:14 - 2014-08-28 00:16 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2
2014-08-28 00:14 - 2014-08-28 00:14 - 00001395 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
2014-08-28 00:14 - 2014-08-28 00:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
2014-08-28 00:14 - 2013-09-20 10:49 - 00021040 _____ (Safer Networking Limited) C:\Windows\system32\sdnclean64.exe
2014-08-28 00:12 - 2014-08-28 00:14 - 46525608 _____ (Safer-Networking Ltd. ) C:\Users\OEM\Downloads\spybot-2.4.exe
2014-08-27 23:18 - 2014-08-23 04:07 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-08-27 23:18 - 2014-08-23 03:45 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-08-27 23:18 - 2014-08-23 02:59 - 03163648 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-08-27 19:42 - 2014-08-27 20:07 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-08-27 19:42 - 2014-08-27 19:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-08-27 19:42 - 2014-08-27 19:42 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-08-27 19:42 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-08-27 19:42 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-08-27 19:38 - 2014-08-27 19:39 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\OEM\Downloads\mbam-setup-2.0.2.1012.exe
2014-08-27 04:54 - 2014-08-27 04:54 - 00006657 _____ () C:\Users\OEM\AppData\Local\recently-used.xbel
2014-08-27 03:31 - 2013-11-29 00:47 - 2693955584 _____ () C:\Users\OEM\Downloads\Shadow of the Colossus.iso
2014-08-27 01:26 - 2014-08-27 01:26 - 00000000 ____D () C:\Users\OEM\Documents\Reus
2014-08-27 00:06 - 2014-08-27 00:06 - 00000000 ___SD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LibreOffice 4.3
2014-08-27 00:05 - 2014-08-27 00:06 - 00000000 ____D () C:\Program Files (x86)\LibreOffice 4
2014-08-26 20:06 - 2014-08-26 20:14 - 223113216 _____ () C:\Users\OEM\Downloads\LibreOffice_4.3.0_Win_x86.msi
2014-08-26 17:54 - 2014-08-26 18:00 - 12244008 _____ () C:\Users\OEM\Downloads\picpick_inst.exe
2014-08-22 16:52 - 2014-08-22 16:52 - 00003252 _____ () C:\Windows\System32\Tasks\Sapphire TRIXX
2014-08-21 01:36 - 2014-08-21 01:40 - 00000000 ____D () C:\Program Files (x86)\PCSX2 1.2.1
2014-08-21 01:36 - 2014-08-21 01:36 - 00000000 ____D () C:\Users\OEM\Documents\PCSX2
2014-08-21 01:36 - 2014-08-21 01:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PCSX2
2014-08-20 18:29 - 2014-08-20 18:29 - 00000000 ____D () C:\Users\OEM\Documents\PVZ Garden Warfare
2014-08-20 03:20 - 2014-08-21 02:43 - 00000000 ____D () C:\Users\OEM\AppData\Roaming\3Stars
2014-08-19 17:03 - 2014-08-19 17:03 - 00000000 ____D () C:\Users\OEM\AppData\Local\Adobe
2014-08-18 05:09 - 2014-08-18 23:48 - 00000000 ____D () C:\Users\OEM\AppData\Local\gtk-2.0
2014-08-18 05:03 - 2014-08-18 05:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileOptimizer
2014-08-18 05:00 - 2014-08-18 05:01 - 23237764 _____ (Javier Gutiérrez Chamorro (Guti)) C:\Users\OEM\Downloads\FileOptimizerSetup.exe
2014-08-18 04:42 - 2014-08-18 05:53 - 00000000 ____D () C:\Users\OEM\Downloads\Gifcam
2014-08-18 04:40 - 2014-07-12 10:43 - 01595904 _____ (BahraniApps) C:\Users\OEM\Downloads\GifCam.exe
2014-08-18 04:39 - 2014-08-18 04:39 - 00700220 _____ () C:\Users\OEM\Downloads\GifCam.zip
2014-08-18 04:25 - 2014-08-27 04:24 - 00000000 ____D () C:\Users\OEM\Downloads\PicPick Screenshots
2014-08-18 04:22 - 2014-08-18 04:22 - 00000000 ____D () C:\Users\OEM\AppData\Roaming\PicPick
2014-08-18 04:22 - 2014-08-18 04:22 - 00000000 ____D () C:\ProgramData\PicPick
2014-08-18 04:22 - 2014-08-18 04:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PicPick
2014-08-18 04:22 - 2014-08-18 04:22 - 00000000 ____D () C:\Program Files (x86)\PicPick
2014-08-18 04:21 - 2014-08-18 04:21 - 00001210 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\paint.net.lnk
2014-08-18 04:20 - 2014-08-18 04:33 - 00000000 ____D () C:\Users\OEM\AppData\Local\paint.net
2014-08-18 04:20 - 2014-08-18 04:20 - 00000000 ____D () C:\Program Files\paint.net
2014-08-18 04:16 - 2014-08-18 04:16 - 00000000 ____D () C:\Users\OEM\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Sapphire TRIXX
2014-08-18 04:16 - 2014-08-18 04:16 - 00000000 ____D () C:\Program Files (x86)\Sapphire TRIXX
2014-08-17 04:08 - 2014-08-17 04:08 - 00000000 ____D () C:\Users\OEM\.thumbnails
2014-08-17 04:07 - 2014-08-27 04:55 - 00000000 ____D () C:\Users\OEM\.gimp-2.8
2014-08-17 04:07 - 2014-08-17 04:07 - 00000000 ____D () C:\Users\OEM\AppData\Local\gegl-0.2
2014-08-17 03:13 - 2014-08-17 03:13 - 00262144 ____N () C:\Windows\Minidump\081714-26707-01.dmp
2014-08-17 01:58 - 2014-08-17 01:58 - 00000000 ____D () C:\Program Files\Futuremark
2014-08-17 01:31 - 2014-08-17 02:08 - 00000000 ____D () C:\Users\OEM\Documents\3DMark 11
2014-08-17 01:31 - 2014-08-17 01:41 - 271860249 _____ () C:\Users\OEM\Downloads\3DMark11-v1-0-132.zip
2014-08-17 01:31 - 2014-08-17 01:31 - 00000000 ____D () C:\Users\OEM\AppData\Local\IsolatedStorage
2014-08-17 01:31 - 2014-08-17 01:31 - 00000000 ____D () C:\Users\OEM\AppData\Local\Futuremark_Corporation
2014-08-17 00:58 - 2014-08-17 00:58 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2014-08-17 00:58 - 2014-08-17 00:58 - 00000000 ____D () C:\Program Files (x86)\AGEIA Technologies
2014-08-17 00:46 - 2014-08-17 03:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Futuremark
2014-08-17 00:46 - 2014-08-17 03:02 - 00000000 ____D () C:\Program Files (x86)\Futuremark
2014-08-17 00:22 - 2014-08-17 00:32 - 294237056 _____ (Futuremark Corporation) C:\Users\OEM\Downloads\3DMark_11_v103_installer.exe
2014-08-16 23:39 - 2014-08-16 23:39 - 00262144 ____N () C:\Windows\Minidump\081614-39671-01.dmp
2014-08-16 23:29 - 2014-08-16 23:44 - 00000000 ____D () C:\Users\OEM\Downloads\Novabench Results
2014-08-16 23:13 - 2014-08-16 23:13 - 00262144 ____N () C:\Windows\Minidump\081614-25552-01.dmp
2014-08-16 17:56 - 2014-08-16 17:56 - 00000894 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIMP 2.lnk
2014-08-16 17:55 - 2014-08-16 17:55 - 00000000 ____D () C:\Program Files\GIMP 2
2014-08-16 17:39 - 2014-08-16 17:47 - 90396104 _____ (The GIMP Team ) C:\Users\OEM\Downloads\gimp-2.8.10-setup.exe
2014-08-16 17:30 - 2014-08-16 17:30 - 00000000 ____D () C:\ProgramData\NovaTech Network
2014-08-16 17:29 - 2014-08-16 17:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NovaBench
2014-08-16 17:29 - 2014-08-16 17:29 - 00000000 ____D () C:\Program Files (x86)\Novawave
2014-08-16 17:28 - 2014-08-16 17:29 - 12256936 _____ (Novawave Inc. ) C:\Users\OEM\Downloads\novabench3.exe
2014-08-16 17:22 - 2014-08-16 17:22 - 00003208 _____ () C:\Windows\System32\Tasks\{2B4342E2-95A0-4533-AA66-A43CD6A4FF30}
2014-08-16 17:19 - 2014-08-17 03:58 - 00000022 _____ () C:\Windows\GPU-Z.INI
2014-08-16 17:15 - 2014-08-16 17:15 - 00000000 ____D () C:\Windows\Downloaded Installations
2014-08-16 00:46 - 2009-07-06 10:48 - 00013368 _____ () C:\Windows\SysWOW64\Drivers\AsUpIO.sys
2014-08-16 00:36 - 2014-08-16 00:36 - 00003130 _____ () C:\Windows\System32\Tasks\{CDB0F234-0E84-4790-BCC7-33B50AA8E2FE}
2014-08-15 18:17 - 2014-08-16 00:28 - 00000000 ____D () C:\Users\OEM\AppData\Local\EvernoteNW
2014-08-15 18:13 - 2014-08-15 18:13 - 00000000 ____D () C:\Users\OEM\AppData\Local\Evernote
2014-08-15 18:13 - 2014-08-15 18:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Evernote
2014-08-15 18:13 - 2014-08-15 18:13 - 00000000 ____D () C:\Program Files (x86)\Evernote
2014-08-15 04:23 - 2014-08-15 04:24 - 00266632 _____ () C:\Windows\Minidump\081514-20701-01.dmp
2014-08-15 03:59 - 2014-08-15 03:59 - 00266632 _____ () C:\Windows\Minidump\081514-33571-01.dmp
2014-08-13 01:02 - 2014-07-01 00:24 - 00008856 _____ (Microsoft Corporation) C:\Windows\system32\icardres.dll
2014-08-13 01:02 - 2014-07-01 00:14 - 00008856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardres.dll
2014-08-13 01:02 - 2014-06-06 08:16 - 00035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe
2014-08-13 01:02 - 2014-06-06 08:12 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2014-08-13 01:02 - 2014-03-09 23:48 - 01389208 _____ (Microsoft Corporation) C:\Windows\system32\icardagt.exe
2014-08-13 01:02 - 2014-03-09 23:48 - 00171160 _____ (Microsoft Corporation) C:\Windows\system32\infocardapi.dll
2014-08-13 01:02 - 2014-03-09 23:47 - 00619672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardagt.exe
2014-08-13 01:02 - 2014-03-09 23:47 - 00099480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\infocardapi.dll
2014-08-13 01:01 - 2014-07-24 14:11 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-08-13 01:01 - 2014-07-24 14:10 - 02240000 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-08-13 01:01 - 2014-07-24 14:10 - 01407488 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-08-13 01:01 - 2014-07-24 14:09 - 19279872 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-08-13 01:01 - 2014-07-24 14:09 - 15399936 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-08-13 01:01 - 2014-07-24 14:09 - 03959296 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-08-13 01:01 - 2014-07-24 14:09 - 02655232 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-08-13 01:01 - 2014-07-24 14:09 - 01508864 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-08-13 01:01 - 2014-07-24 14:09 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-08-13 01:01 - 2014-07-24 14:09 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-08-13 01:01 - 2014-07-24 14:09 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-08-13 01:01 - 2014-07-24 14:09 - 00451584 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-08-13 01:01 - 2014-07-24 14:09 - 00281600 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-08-13 01:01 - 2014-07-24 14:09 - 00255488 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-08-13 01:01 - 2014-07-24 14:09 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-08-13 01:01 - 2014-07-24 14:09 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2014-08-13 01:01 - 2014-07-24 14:09 - 00097280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-08-13 01:01 - 2014-07-24 14:09 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-08-13 01:01 - 2014-07-24 14:09 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-08-13 01:01 - 2014-07-24 14:09 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-08-13 01:01 - 2014-07-24 12:52 - 01766400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-08-13 01:01 - 2014-07-24 12:52 - 01180672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-08-13 01:01 - 2014-07-24 12:51 - 14371328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-08-13 01:01 - 2014-07-24 12:51 - 13757440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-08-13 01:01 - 2014-07-24 12:51 - 02861568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-08-13 01:01 - 2014-07-24 12:51 - 02054656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-08-13 01:01 - 2014-07-24 12:51 - 01440768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-08-13 01:01 - 2014-07-24 12:51 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-08-13 01:01 - 2014-07-24 12:51 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-08-13 01:01 - 2014-07-24 12:51 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-08-13 01:01 - 2014-07-24 12:51 - 00357888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-08-13 01:01 - 2014-07-24 12:51 - 00226816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-08-13 01:01 - 2014-07-24 12:51 - 00226816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-08-13 01:01 - 2014-07-24 12:51 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-08-13 01:01 - 2014-07-24 12:51 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2014-08-13 01:01 - 2014-07-24 12:51 - 00080384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-08-13 01:01 - 2014-07-24 12:51 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-08-13 01:01 - 2014-07-24 12:51 - 00039936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-08-13 01:01 - 2014-07-24 12:51 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-08-13 01:01 - 2014-07-24 12:33 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-08-13 01:01 - 2014-07-24 12:29 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-08-13 01:01 - 2014-07-24 11:37 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2014-08-13 01:01 - 2014-07-24 11:32 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2014-08-13 00:59 - 2014-08-07 04:06 - 00529920 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-08-13 00:59 - 2014-08-07 04:01 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-08-13 00:59 - 2014-07-16 05:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-08-13 00:59 - 2014-07-16 04:46 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-08-13 00:59 - 2014-07-14 04:02 - 01216000 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2014-08-13 00:59 - 2014-07-14 03:40 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2014-08-13 00:59 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDYAK.DLL
2014-08-13 00:59 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDTAT.DLL
2014-08-13 00:59 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU1.DLL
2014-08-13 00:59 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDBASH.DLL
2014-08-13 00:59 - 2014-07-09 04:03 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU.DLL
2014-08-13 00:59 - 2014-07-09 03:31 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDYAK.DLL
2014-08-13 00:59 - 2014-07-09 03:31 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDTAT.DLL
2014-08-13 00:59 - 2014-07-09 03:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU1.DLL
2014-08-13 00:59 - 2014-07-09 03:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU.DLL
2014-08-13 00:59 - 2014-07-09 03:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDBASH.DLL
2014-08-13 00:59 - 2014-07-09 00:38 - 00419992 _____ () C:\Windows\system32\locale.nls
2014-08-13 00:59 - 2014-07-09 00:30 - 00419992 _____ () C:\Windows\SysWOW64\locale.nls
2014-08-13 00:59 - 2014-06-25 04:05 - 14175744 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-08-13 00:59 - 2014-06-25 03:41 - 12874240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-08-13 00:59 - 2014-06-16 04:10 - 00985536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2014-08-13 00:59 - 2014-06-03 12:02 - 03241984 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-08-13 00:59 - 2014-06-03 12:02 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2014-08-13 00:59 - 2014-06-03 12:02 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2014-08-13 00:59 - 2014-06-03 12:02 - 00112064 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2014-08-13 00:59 - 2014-06-03 11:29 - 02363392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-08-13 00:59 - 2014-06-03 11:29 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2014-08-13 00:59 - 2014-06-03 11:29 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2014-08-12 03:43 - 2014-08-12 03:43 - 00021712 _____ (Phoenix Technologies) C:\Windows\SysWOW64\Drivers\DrvAgent64.SYS
2014-08-12 03:08 - 2014-08-12 03:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPUID
2014-08-12 03:08 - 2014-08-12 03:08 - 00000000 ____D () C:\Program Files\CPUID
2014-08-12 01:14 - 2014-08-12 01:14 - 00076152 _____ () C:\Windows\system32\PnkBstrA.exe
2014-08-11 19:01 - 2014-08-11 19:01 - 00000000 ____D () C:\Users\OEM\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AMD Gaming Evolved
2014-08-11 19:01 - 2014-08-11 19:01 - 00000000 ____D () C:\Users\OEM\AppData\Roaming\library_dir
2014-08-11 19:01 - 2014-08-11 19:01 - 00000000 ____D () C:\ProgramData\ATI
2014-08-11 18:53 - 2014-08-11 21:45 - 00000000 ____D () C:\Users\OEM\AppData\Roaming\Raptr
2014-08-11 18:53 - 2014-08-11 19:01 - 00000000 ____D () C:\Program Files (x86)\Raptr
2014-08-11 18:52 - 2014-08-11 18:52 - 00056100 _____ () C:\Windows\SysWOW64\CCCInstall_201408111852435399.log
2014-08-11 18:52 - 2014-08-11 18:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center
2014-08-11 18:52 - 2014-08-11 18:52 - 00000000 ____D () C:\Program Files (x86)\AMD AVT
2014-08-11 18:47 - 2014-08-11 18:47 - 00000000 ____D () C:\Program Files\AMD
2014-08-11 18:24 - 2014-08-11 23:24 - 00000000 ____D () C:\Users\OEM\Documents\Battlefield 4
2014-08-11 18:23 - 2014-08-11 18:23 - 00000000 ____D () C:\Users\OEM\AppData\Local\ESN
2014-08-11 13:12 - 2014-08-11 13:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wing Commander III
2014-08-11 12:05 - 2014-08-12 03:24 - 00000000 ____D () C:\Program Files (x86)\Battlelog Web Plugins
2014-08-11 12:04 - 2014-08-14 17:11 - 00215416 _____ () C:\Windows\SysWOW64\PnkBstrB.exe
2014-08-11 12:04 - 2014-08-11 12:04 - 00076888 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2014-08-03 23:57 - 2014-08-03 23:57 - 00000000 ____D () C:\Users\OEM\AppData\Roaming\Ice-pick Lodge
2014-08-03 19:11 - 2014-08-03 19:11 - 00000000 ____D () C:\Users\OEM\AppData\Roaming\Trine2
2014-08-03 04:10 - 2014-08-03 04:10 - 00000768 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Diablo IIIBlizzard Technical Support.lnk
2014-08-03 04:10 - 2014-08-03 04:10 - 00000767 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Diablo IIIBattle.net Account Management.lnk
2014-08-03 04:10 - 2014-08-03 04:10 - 00000752 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Diablo IIIDiablo III.lnk
2014-08-03 04:10 - 2014-08-03 04:10 - 00000711 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Diablo IIIDiablo III - Manual.lnk
2014-08-03 04:10 - 2014-08-03 04:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Diablo III
2014-08-02 16:56 - 2014-05-14 18:23 - 02477536 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2014-08-02 16:56 - 2014-05-14 18:23 - 00700384 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2014-08-02 16:56 - 2014-05-14 18:23 - 00581600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2014-08-02 16:56 - 2014-05-14 18:23 - 00058336 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2014-08-02 16:56 - 2014-05-14 18:23 - 00044512 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2014-08-02 16:56 - 2014-05-14 18:23 - 00038880 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2014-08-02 16:56 - 2014-05-14 18:23 - 00036320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2014-08-02 16:56 - 2014-05-14 18:21 - 02620928 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2014-08-02 16:56 - 2014-05-14 18:20 - 00097792 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2014-08-02 16:56 - 2014-05-14 18:17 - 00092672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2014-08-02 16:56 - 2014-05-14 09:23 - 00198600 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2014-08-02 16:56 - 2014-05-14 09:23 - 00179656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2014-08-02 16:56 - 2014-05-14 09:20 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2014-08-02 16:56 - 2014-05-14 09:17 - 00033792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2014-07-30 23:04 - 2014-07-30 23:04 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-07-29 23:37 - 2014-07-30 01:01 - 216182632 _____ () C:\Users\OEM\Downloads\Uprising_2_Lead_and_Destroy_ISO.rar.part
2014-07-29 03:12 - 2014-07-29 03:12 - 00000000 ____D () C:\Users\OEM\AppData\Local\Cockatrice
2014-07-29 03:11 - 2014-07-29 03:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cockatrice

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-08-28 02:42 - 2014-08-28 02:41 - 00025430 _____ () C:\Users\OEM\Desktop\FRST.txt
2014-08-28 02:41 - 2014-08-28 02:41 - 00000000 ____D () C:\FRST
2014-08-28 02:40 - 2014-08-28 02:40 - 02103296 _____ (Farbar) C:\Users\OEM\Desktop\FRST64.exe
2014-08-28 02:39 - 2014-08-28 02:39 - 00001115 _____ () C:\Users\OEM\Desktop\JRT.txt
2014-08-28 02:36 - 2009-07-14 06:45 - 00020256 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-08-28 02:36 - 2009-07-14 06:45 - 00020256 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-08-28 02:35 - 2014-08-28 02:35 - 00000000 ____D () C:\Windows\ERUNT
2014-08-28 02:35 - 2009-09-03 14:18 - 00744242 _____ () C:\Windows\system32\perfh010.dat
2014-08-28 02:35 - 2009-09-03 14:18 - 00148416 _____ () C:\Windows\system32\perfc010.dat
2014-08-28 02:35 - 2009-09-03 14:02 - 00692030 _____ () C:\Windows\system32\perfh007.dat
2014-08-28 02:35 - 2009-09-03 14:02 - 00149942 _____ () C:\Windows\system32\perfc007.dat
2014-08-28 02:35 - 2009-09-03 13:44 - 00740538 _____ () C:\Windows\system32\perfh00C.dat
2014-08-28 02:35 - 2009-09-03 13:44 - 00150406 _____ () C:\Windows\system32\perfc00C.dat
2014-08-28 02:35 - 2009-09-03 13:30 - 00738320 _____ () C:\Windows\system32\perfh013.dat
2014-08-28 02:35 - 2009-09-03 13:30 - 00153928 _____ () C:\Windows\system32\perfc013.dat
2014-08-28 02:35 - 2009-07-14 07:13 - 04294238 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-08-28 02:33 - 2011-02-08 19:22 - 01086419 _____ () C:\Windows\WindowsUpdate.log
2014-08-28 02:30 - 2013-01-16 23:08 - 00001140 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-08-28 02:30 - 2012-09-13 15:55 - 00000978 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-08-28 02:28 - 2011-02-09 11:29 - 00348644 _____ () C:\Windows\PFRO.log
2014-08-28 02:28 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-08-28 02:28 - 2009-07-14 06:51 - 00233848 _____ () C:\Windows\setupact.log
2014-08-28 02:26 - 2014-08-28 02:40 - 00007476 _____ () C:\Users\OEM\Desktop\AdwCleaner[S0].txt
2014-08-28 02:26 - 2014-08-28 02:25 - 00000000 ____D () C:\AdwCleaner
2014-08-28 02:25 - 2013-05-14 22:16 - 00001152 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1732696791-2687864788-3126902200-1000UA.job
2014-08-28 02:25 - 2013-01-16 23:08 - 00001144 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-08-28 01:04 - 2014-08-28 00:14 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-08-28 00:47 - 2014-08-28 00:38 - 00688992 ____R (Swearware) C:\Users\OEM\Downloads\dds.com
2014-08-28 00:25 - 2013-05-14 22:16 - 00001100 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1732696791-2687864788-3126902200-1000Core.job
2014-08-28 00:16 - 2014-08-28 00:14 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2
2014-08-28 00:15 - 2014-08-28 00:15 - 00000000 ____D () C:\Windows\System32\Tasks\Safer-Networking
2014-08-28 00:14 - 2014-08-28 00:14 - 00001395 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot-S&D Start Center.lnk
2014-08-28 00:14 - 2014-08-28 00:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spybot - Search & Destroy 2
2014-08-28 00:14 - 2014-08-28 00:12 - 46525608 _____ (Safer-Networking Ltd. ) C:\Users\OEM\Downloads\spybot-2.4.exe
2014-08-27 23:36 - 2012-11-18 15:50 - 00000000 ____D () C:\Users\OEM\AppData\Local\TSVNCache
2014-08-27 23:36 - 2009-07-14 06:45 - 05022200 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-08-27 23:34 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\security
2014-08-27 20:07 - 2014-08-27 19:42 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-08-27 19:42 - 2014-08-27 19:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-08-27 19:42 - 2014-08-27 19:42 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-08-27 19:42 - 2011-05-08 18:40 - 00000000 ____D () C:\Users\OEM\AppData\Roaming\Malwarebytes
2014-08-27 19:42 - 2011-05-08 18:40 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-08-27 19:39 - 2014-08-27 19:38 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\OEM\Downloads\mbam-setup-2.0.2.1012.exe
2014-08-27 19:07 - 2011-10-18 23:12 - 00000003 _____ () C:\Windows\system32\HRUPPROG.TXT
2014-08-27 18:17 - 2013-07-26 03:23 - 00000000 ____D () C:\Program Files (x86)\Steinberg
2014-08-27 18:05 - 2013-07-27 01:04 - 00000000 ____D () C:\Program Files (x86)\Waves
2014-08-27 18:05 - 2011-02-08 19:37 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-08-27 18:03 - 2013-07-26 03:33 - 00000000 ____D () C:\Program Files (x86)\Toontrack
2014-08-27 18:03 - 2013-07-26 03:29 - 00000000 ____D () C:\Program Files (x86)\VstPlugins
2014-08-27 17:56 - 2013-11-13 04:14 - 00000000 ____D () C:\giochi
2014-08-27 17:56 - 2011-02-14 23:48 - 00000000 ____D () C:\Users\OEM\Documents\My Games
2014-08-27 04:55 - 2014-08-17 04:07 - 00000000 ____D () C:\Users\OEM\.gimp-2.8
2014-08-27 04:54 - 2014-08-27 04:54 - 00006657 _____ () C:\Users\OEM\AppData\Local\recently-used.xbel
2014-08-27 04:24 - 2014-08-18 04:25 - 00000000 ____D () C:\Users\OEM\Downloads\PicPick Screenshots
2014-08-27 01:26 - 2014-08-27 01:26 - 00000000 ____D () C:\Users\OEM\Documents\Reus
2014-08-27 01:26 - 2011-02-08 19:47 - 00123208 _____ () C:\Users\OEM\AppData\Local\GDIPFONTCACHEV1.DAT
2014-08-27 00:06 - 2014-08-27 00:06 - 00000000 ___SD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LibreOffice 4.3
2014-08-27 00:06 - 2014-08-27 00:05 - 00000000 ____D () C:\Program Files (x86)\LibreOffice 4
2014-08-26 20:14 - 2014-08-26 20:06 - 223113216 _____ () C:\Users\OEM\Downloads\LibreOffice_4.3.0_Win_x86.msi
2014-08-26 18:15 - 2012-01-24 01:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Desura
2014-08-26 18:15 - 2009-07-14 07:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-08-26 18:00 - 2014-08-26 17:54 - 12244008 _____ () C:\Users\OEM\Downloads\picpick_inst.exe
2014-08-26 04:28 - 2014-03-12 02:43 - 00000000 ____D () C:\Users\OEM\AppData\Local\Battle.net
2014-08-23 04:07 - 2014-08-27 23:18 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-08-23 03:45 - 2014-08-27 23:18 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-08-23 02:59 - 2014-08-27 23:18 - 03163648 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-08-22 19:01 - 2014-03-12 02:43 - 00000000 ____D () C:\Program Files (x86)\Battle.net
2014-08-22 16:52 - 2014-08-22 16:52 - 00003252 _____ () C:\Windows\System32\Tasks\Sapphire TRIXX
2014-08-22 00:56 - 2011-10-28 01:37 - 00000000 ____D () C:\ProgramData\Origin
2014-08-21 02:43 - 2014-08-20 03:20 - 00000000 ____D () C:\Users\OEM\AppData\Roaming\3Stars
2014-08-21 01:52 - 2011-06-28 15:44 - 00000000 ____D () C:\Users\OEM\AppData\Roaming\uTorrent
2014-08-21 01:40 - 2014-08-21 01:36 - 00000000 ____D () C:\Program Files (x86)\PCSX2 1.2.1
2014-08-21 01:36 - 2014-08-21 01:36 - 00000000 ____D () C:\Users\OEM\Documents\PCSX2
2014-08-21 01:36 - 2014-08-21 01:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PCSX2
2014-08-21 01:36 - 2011-06-11 00:24 - 00000000 ____D () C:\Windows\SysWOW64\directx
2014-08-20 18:29 - 2014-08-20 18:29 - 00000000 ____D () C:\Users\OEM\Documents\PVZ Garden Warfare
2014-08-20 18:08 - 2012-03-12 18:54 - 00000000 ____D () C:\ProgramData\PopCap Games
2014-08-19 17:03 - 2014-08-19 17:03 - 00000000 ____D () C:\Users\OEM\AppData\Local\Adobe
2014-08-19 03:07 - 2014-03-12 19:12 - 00000000 ____D () C:\Program Files (x86)\Hearthstone
2014-08-18 23:48 - 2014-08-18 05:09 - 00000000 ____D () C:\Users\OEM\AppData\Local\gtk-2.0
2014-08-18 22:51 - 2012-09-13 15:55 - 00003916 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-08-18 22:51 - 2012-04-04 12:26 - 00699568 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-08-18 22:51 - 2011-05-15 15:08 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-08-18 05:53 - 2014-08-18 04:42 - 00000000 ____D () C:\Users\OEM\Downloads\Gifcam
2014-08-18 05:03 - 2014-08-18 05:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileOptimizer
2014-08-18 05:01 - 2014-08-18 05:00 - 23237764 _____ (Javier Gutiérrez Chamorro (Guti)) C:\Users\OEM\Downloads\FileOptimizerSetup.exe
2014-08-18 04:39 - 2014-08-18 04:39 - 00700220 _____ () C:\Users\OEM\Downloads\GifCam.zip
2014-08-18 04:33 - 2014-08-18 04:20 - 00000000 ____D () C:\Users\OEM\AppData\Local\paint.net
2014-08-18 04:22 - 2014-08-18 04:22 - 00000000 ____D () C:\Users\OEM\AppData\Roaming\PicPick
2014-08-18 04:22 - 2014-08-18 04:22 - 00000000 ____D () C:\ProgramData\PicPick
2014-08-18 04:22 - 2014-08-18 04:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PicPick
2014-08-18 04:22 - 2014-08-18 04:22 - 00000000 ____D () C:\Program Files (x86)\PicPick
2014-08-18 04:21 - 2014-08-18 04:21 - 00001210 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\paint.net.lnk
2014-08-18 04:20 - 2014-08-18 04:20 - 00000000 ____D () C:\Program Files\paint.net
2014-08-18 04:16 - 2014-08-18 04:16 - 00000000 ____D () C:\Users\OEM\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Sapphire TRIXX
2014-08-18 04:16 - 2014-08-18 04:16 - 00000000 ____D () C:\Program Files (x86)\Sapphire TRIXX
2014-08-17 18:17 - 2012-04-04 02:11 - 00000000 ____D () C:\Users\OEM\Documents\StarCraft II
2014-08-17 04:08 - 2014-08-17 04:08 - 00000000 ____D () C:\Users\OEM\.thumbnails
2014-08-17 04:08 - 2011-02-08 19:22 - 00000000 ____D () C:\Users\OEM
2014-08-17 04:07 - 2014-08-17 04:07 - 00000000 ____D () C:\Users\OEM\AppData\Local\gegl-0.2
2014-08-17 03:58 - 2014-08-16 17:19 - 00000022 _____ () C:\Windows\GPU-Z.INI
2014-08-17 03:13 - 2014-08-17 03:13 - 00262144 ____N () C:\Windows\Minidump\081714-26707-01.dmp
2014-08-17 03:13 - 2011-05-31 23:58 - 00000000 ____D () C:\Windows\Minidump
2014-08-17 03:06 - 2013-07-26 04:25 - 00000000 ____D () C:\Program Files\Native Instruments
2014-08-17 03:06 - 2013-02-15 01:03 - 00000000 ____D () C:\ProgramData\Native Instruments
2014-08-17 03:06 - 2013-02-15 01:02 - 00000000 ____D () C:\Program Files\Common Files\Native Instruments
2014-08-17 03:06 - 2013-02-14 23:06 - 00091714 _____ () C:\Windows\DPINST.LOG
2014-08-17 03:02 - 2014-08-17 00:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Futuremark
2014-08-17 03:02 - 2014-08-17 00:46 - 00000000 ____D () C:\Program Files (x86)\Futuremark
2014-08-17 02:08 - 2014-08-17 01:31 - 00000000 ____D () C:\Users\OEM\Documents\3DMark 11
2014-08-17 02:03 - 2011-07-26 17:42 - 00000000 ____D () C:\Users\OEM\AppData\Local\Futuremark
2014-08-17 01:58 - 2014-08-17 01:58 - 00000000 ____D () C:\Program Files\Futuremark
2014-08-17 01:58 - 2014-03-17 05:35 - 00000000 ____D () C:\ProgramData\Package Cache
2014-08-17 01:58 - 2011-02-12 12:54 - 00162187 _____ () C:\Windows\DirectX.log
2014-08-17 01:41 - 2014-08-17 01:31 - 271860249 _____ () C:\Users\OEM\Downloads\3DMark11-v1-0-132.zip
2014-08-17 01:31 - 2014-08-17 01:31 - 00000000 ____D () C:\Users\OEM\AppData\Local\IsolatedStorage
2014-08-17 01:31 - 2014-08-17 01:31 - 00000000 ____D () C:\Users\OEM\AppData\Local\Futuremark_Corporation
2014-08-17 01:23 - 2011-06-12 17:34 - 00466456 _____ (Creative Labs) C:\Windows\system32\wrap_oal.dll
2014-08-17 01:23 - 2011-06-12 17:34 - 00444952 _____ (Creative Labs) C:\Windows\SysWOW64\wrap_oal.dll
2014-08-17 01:23 - 2011-06-12 17:34 - 00122904 _____ (Portions © Creative Labs Inc. and NVIDIA Corp.) C:\Windows\system32\OpenAL32.dll
2014-08-17 01:23 - 2011-06-12 17:34 - 00109080 _____ (Portions © Creative Labs Inc. and NVIDIA Corp.) C:\Windows\SysWOW64\OpenAL32.dll
2014-08-17 01:23 - 2011-06-12 17:34 - 00000000 ____D () C:\Program Files (x86)\OpenAL
2014-08-17 00:58 - 2014-08-17 00:58 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2014-08-17 00:58 - 2014-08-17 00:58 - 00000000 ____D () C:\Program Files (x86)\AGEIA Technologies
2014-08-17 00:32 - 2014-08-17 00:22 - 294237056 _____ (Futuremark Corporation) C:\Users\OEM\Downloads\3DMark_11_v103_installer.exe
2014-08-16 23:44 - 2014-08-16 23:29 - 00000000 ____D () C:\Users\OEM\Downloads\Novabench Results
2014-08-16 23:39 - 2014-08-16 23:39 - 00262144 ____N () C:\Windows\Minidump\081614-39671-01.dmp
2014-08-16 23:21 - 2011-02-08 19:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS
2014-08-16 23:21 - 2011-02-08 19:52 - 00000000 ____D () C:\Program Files (x86)\ASUS
2014-08-16 23:13 - 2014-08-16 23:13 - 00262144 ____N () C:\Windows\Minidump\081614-25552-01.dmp
2014-08-16 23:12 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\LiveKernelReports
2014-08-16 21:45 - 2013-11-01 18:46 - 00000000 ___RD () C:\Users\OEM\Dropbox
2014-08-16 21:45 - 2011-07-09 00:05 - 00000000 ____D () C:\Users\OEM\AppData\Roaming\Dropbox
2014-08-16 17:56 - 2014-08-16 17:56 - 00000894 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIMP 2.lnk
2014-08-16 17:55 - 2014-08-16 17:55 - 00000000 ____D () C:\Program Files\GIMP 2
2014-08-16 17:47 - 2014-08-16 17:39 - 90396104 _____ (The GIMP Team ) C:\Users\OEM\Downloads\gimp-2.8.10-setup.exe
2014-08-16 17:30 - 2014-08-16 17:30 - 00000000 ____D () C:\ProgramData\NovaTech Network
2014-08-16 17:29 - 2014-08-16 17:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NovaBench
2014-08-16 17:29 - 2014-08-16 17:29 - 00000000 ____D () C:\Program Files (x86)\Novawave
2014-08-16 17:29 - 2014-08-16 17:28 - 12256936 _____ (Novawave Inc. ) C:\Users\OEM\Downloads\novabench3.exe
2014-08-16 17:22 - 2014-08-16 17:22 - 00003208 _____ () C:\Windows\System32\Tasks\{2B4342E2-95A0-4533-AA66-A43CD6A4FF30}
2014-08-16 17:15 - 2014-08-16 17:15 - 00000000 ____D () C:\Windows\Downloaded Installations
2014-08-16 16:33 - 2013-01-16 23:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2014-08-16 01:09 - 2011-09-19 23:06 - 00684544 ___SH () C:\Users\OEM\Documents\Thumbs.db
2014-08-16 00:46 - 2011-02-08 20:01 - 00000000 ____D () C:\Windows\System32\Tasks\ASUS
2014-08-16 00:36 - 2014-08-16 00:36 - 00003130 _____ () C:\Windows\System32\Tasks\{CDB0F234-0E84-4790-BCC7-33B50AA8E2FE}
2014-08-16 00:28 - 2014-08-15 18:17 - 00000000 ____D () C:\Users\OEM\AppData\Local\EvernoteNW
2014-08-15 18:13 - 2014-08-15 18:13 - 00000000 ____D () C:\Users\OEM\AppData\Local\Evernote
2014-08-15 18:13 - 2014-08-15 18:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Evernote
2014-08-15 18:13 - 2014-08-15 18:13 - 00000000 ____D () C:\Program Files (x86)\Evernote
2014-08-15 04:24 - 2014-08-15 04:23 - 00266632 _____ () C:\Windows\Minidump\081514-20701-01.dmp
2014-08-15 04:23 - 2013-08-24 04:19 - 213381520 _____ () C:\Windows\MEMORY.DMP
2014-08-15 03:59 - 2014-08-15 03:59 - 00266632 _____ () C:\Windows\Minidump\081514-33571-01.dmp
2014-08-14 17:11 - 2014-08-11 12:04 - 00215416 _____ () C:\Windows\SysWOW64\PnkBstrB.exe
2014-08-14 17:11 - 2011-06-19 02:20 - 00214392 _____ () C:\Windows\SysWOW64\PnkBstrB.ex0
2014-08-13 19:07 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-08-13 01:13 - 2011-02-09 11:19 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-08-13 01:08 - 2013-07-12 20:45 - 00000000 ____D () C:\Windows\system32\MRT
2014-08-13 01:05 - 2011-02-08 20:27 - 99218768 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-08-13 01:02 - 2014-05-07 05:04 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-08-12 22:32 - 2009-07-14 07:08 - 00032556 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-08-12 03:43 - 2014-08-12 03:43 - 00021712 _____ (Phoenix Technologies) C:\Windows\SysWOW64\Drivers\DrvAgent64.SYS
2014-08-12 03:24 - 2014-08-11 12:05 - 00000000 ____D () C:\Program Files (x86)\Battlelog Web Plugins
2014-08-12 03:08 - 2014-08-12 03:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPUID
2014-08-12 03:08 - 2014-08-12 03:08 - 00000000 ____D () C:\Program Files\CPUID
2014-08-12 01:14 - 2014-08-12 01:14 - 00076152 _____ () C:\Windows\system32\PnkBstrA.exe
2014-08-12 01:04 - 2011-06-19 02:21 - 00000000 ____D () C:\Users\OEM\AppData\Local\PunkBuster
2014-08-11 23:24 - 2014-08-11 18:24 - 00000000 ____D () C:\Users\OEM\Documents\Battlefield 4
2014-08-11 21:48 - 2013-10-12 18:20 - 00000000 ____D () C:\Users\OEM\AppData\Local\Arma 3
2014-08-11 21:45 - 2014-08-11 18:53 - 00000000 ____D () C:\Users\OEM\AppData\Roaming\Raptr
2014-08-11 19:01 - 2014-08-11 19:01 - 00000000 ____D () C:\Users\OEM\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AMD Gaming Evolved
2014-08-11 19:01 - 2014-08-11 19:01 - 00000000 ____D () C:\Users\OEM\AppData\Roaming\library_dir
2014-08-11 19:01 - 2014-08-11 19:01 - 00000000 ____D () C:\ProgramData\ATI
2014-08-11 19:01 - 2014-08-11 18:53 - 00000000 ____D () C:\Program Files (x86)\Raptr
2014-08-11 18:52 - 2014-08-11 18:52 - 00056100 _____ () C:\Windows\SysWOW64\CCCInstall_201408111852435399.log
2014-08-11 18:52 - 2014-08-11 18:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center
2014-08-11 18:52 - 2014-08-11 18:52 - 00000000 ____D () C:\Program Files (x86)\AMD AVT
2014-08-11 18:52 - 2012-03-13 19:40 - 00000000 ____D () C:\ProgramData\AMD
2014-08-11 18:52 - 2011-02-08 19:44 - 00000000 ____D () C:\Program Files\ATI Technologies
2014-08-11 18:47 - 2014-08-11 18:47 - 00000000 ____D () C:\Program Files\AMD
2014-08-11 18:23 - 2014-08-11 18:23 - 00000000 ____D () C:\Users\OEM\AppData\Local\ESN
2014-08-11 13:12 - 2014-08-11 13:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wing Commander III
2014-08-11 12:44 - 2014-07-14 23:14 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-08-11 12:04 - 2014-08-11 12:04 - 00076888 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2014-08-11 03:51 - 2014-07-24 18:07 - 00000000 ____D () C:\Users\OEM\AppData\Local\Origin
2014-08-09 04:08 - 2014-07-24 18:07 - 00000000 ____D () C:\Users\OEM\AppData\Roaming\Origin
2014-08-07 04:06 - 2014-08-13 00:59 - 00529920 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-08-07 04:01 - 2014-08-13 00:59 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-08-07 02:18 - 2012-03-20 17:26 - 00000000 ____D () C:\Users\OEM\AppData\Roaming\vlc
2014-08-04 23:00 - 2011-01-26 13:48 - 00000000 ____D () C:\Users\OEM\Documents\work
2014-08-03 23:57 - 2014-08-03 23:57 - 00000000 ____D () C:\Users\OEM\AppData\Roaming\Ice-pick Lodge
2014-08-03 19:11 - 2014-08-03 19:11 - 00000000 ____D () C:\Users\OEM\AppData\Roaming\Trine2
2014-08-03 04:10 - 2014-08-03 04:10 - 00000768 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Diablo IIIBlizzard Technical Support.lnk
2014-08-03 04:10 - 2014-08-03 04:10 - 00000767 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Diablo IIIBattle.net Account Management.lnk
2014-08-03 04:10 - 2014-08-03 04:10 - 00000752 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Diablo IIIDiablo III.lnk
2014-08-03 04:10 - 2014-08-03 04:10 - 00000711 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Diablo IIIDiablo III - Manual.lnk
2014-08-03 04:10 - 2014-08-03 04:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Diablo III
2014-07-31 21:58 - 2012-04-25 01:53 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-07-30 23:04 - 2014-07-30 23:04 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-07-30 01:01 - 2014-07-29 23:37 - 216182632 _____ () C:\Users\OEM\Downloads\Uprising_2_Lead_and_Destroy_ISO.rar.part
2014-07-29 03:12 - 2014-07-29 03:12 - 00000000 ____D () C:\Users\OEM\AppData\Local\Cockatrice
2014-07-29 03:11 - 2014-07-29 03:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cockatrice

Some content of TEMP:
====================
C:\Users\OEM\AppData\Local\Temp\7z.dll
C:\Users\OEM\AppData\Local\Temp\DTLite4453-0297.exe
C:\Users\OEM\AppData\Local\Temp\DTLite4454-0315.exe
C:\Users\OEM\AppData\Local\Temp\DTLite4461-0328.exe
C:\Users\OEM\AppData\Local\Temp\DTLite4481-0347.exe
C:\Users\OEM\AppData\Local\Temp\exe2pin.exe
C:\Users\OEM\AppData\Local\Temp\HiPatchSelfUpdateWindow.exe
C:\Users\OEM\AppData\Local\Temp\HiRezLauncherControls.dll
C:\Users\OEM\AppData\Local\Temp\installChecker.exe
C:\Users\OEM\AppData\Local\Temp\installerdll36744725.dll
C:\Users\OEM\AppData\Local\Temp\installerdll36753554.dll
C:\Users\OEM\AppData\Local\Temp\installerdll5131106.dll
C:\Users\OEM\AppData\Local\Temp\installerdll92551524.dll
C:\Users\OEM\AppData\Local\Temp\installerdll92554691.dll
C:\Users\OEM\AppData\Local\Temp\installerdll92562787.dll
C:\Users\OEM\AppData\Local\Temp\jre-6u26-windows-i586-iftw-rv.exe
C:\Users\OEM\AppData\Local\Temp\jre-6u29-windows-i586-iftw-rv.exe
C:\Users\OEM\AppData\Local\Temp\jre-6u31-windows-i586-iftw-rv.exe
C:\Users\OEM\AppData\Local\Temp\jre-7u11-windows-i586-iftw.exe
C:\Users\OEM\AppData\Local\Temp\jre-7u13-windows-i586-iftw.exe
C:\Users\OEM\AppData\Local\Temp\jre-7u15-windows-i586-iftw.exe
C:\Users\OEM\AppData\Local\Temp\jre-7u17-windows-i586-iftw.exe
C:\Users\OEM\AppData\Local\Temp\jre-7u21-windows-i586-iftw.exe
C:\Users\OEM\AppData\Local\Temp\jre-7u25-windows-i586-iftw.exe
C:\Users\OEM\AppData\Local\Temp\jre-7u45-windows-i586-iftw.exe
C:\Users\OEM\AppData\Local\Temp\jre-7u5-windows-i586-iftw.exe
C:\Users\OEM\AppData\Local\Temp\jre-7u51-windows-i586-iftw.exe
C:\Users\OEM\AppData\Local\Temp\jre-7u55-windows-i586-iftw.exe
C:\Users\OEM\AppData\Local\Temp\jre-7u7-windows-i586-iftw.exe
C:\Users\OEM\AppData\Local\Temp\jre-7u9-windows-i586-iftw.exe
C:\Users\OEM\AppData\Local\Temp\mediaget-uninstaller.exe
C:\Users\OEM\AppData\Local\Temp\Nexus%20Mod%20Manager-0.13.1.exe
C:\Users\OEM\AppData\Local\Temp\Nexus%20Mod%20Manager-0.42.0.exe
C:\Users\OEM\AppData\Local\Temp\Nexus%20Mod%20Manager-0.42.1.exe
C:\Users\OEM\AppData\Local\Temp\Nexus%20Mod%20Manager-0.43.1.exe
C:\Users\OEM\AppData\Local\Temp\Nexus%20Mod%20Manager-0.44.10.exe
C:\Users\OEM\AppData\Local\Temp\Nexus%20Mod%20Manager-0.44.5.exe
C:\Users\OEM\AppData\Local\Temp\OriginLauncher92551524.exe
C:\Users\OEM\AppData\Local\Temp\Quarantine.exe
C:\Users\OEM\AppData\Local\Temp\raptrpatch.exe
C:\Users\OEM\AppData\Local\Temp\raptr_stub.exe
C:\Users\OEM\AppData\Local\Temp\rootsupd.exe
C:\Users\OEM\AppData\Local\Temp\Setup_Downloader_3.3.5_stable.exe
C:\Users\OEM\AppData\Local\Temp\Setup_Downloader_3.3.6_beta.exe
C:\Users\OEM\AppData\Local\Temp\sonarinst.exe
C:\Users\OEM\AppData\Local\Temp\sqlite-3.7.2-sqlitejdbc.dll
C:\Users\OEM\AppData\Local\Temp\swt-win32-3349.dll
C:\Users\OEM\AppData\Local\Temp\tmp187F.exe
C:\Users\OEM\AppData\Local\Temp\tmp328D.exe
C:\Users\OEM\AppData\Local\Temp\tmp4933.exe
C:\Users\OEM\AppData\Local\Temp\tmp5837.exe
C:\Users\OEM\AppData\Local\Temp\tmpA24D.exe
C:\Users\OEM\AppData\Local\Temp\tmpA28F.tmp.exe
C:\Users\OEM\AppData\Local\Temp\tmpB8DA.exe
C:\Users\OEM\AppData\Local\Temp\tmpCBBF.exe
C:\Users\OEM\AppData\Local\Temp\tmpD9AB.exe
C:\Users\OEM\AppData\Local\Temp\Uninstaller-3548.exe
C:\Users\OEM\AppData\Local\Temp\Uninstaller-3912.exe
C:\Users\OEM\AppData\Local\Temp\Uninstaller-5292.exe
C:\Users\OEM\AppData\Local\Temp\Uninstaller-5340.exe
C:\Users\OEM\AppData\Local\Temp\Uninstaller-5368.exe
C:\Users\OEM\AppData\Local\Temp\Uninstaller-5996.exe
C:\Users\OEM\AppData\Local\Temp\utt38B0.tmp.exe
C:\Users\OEM\AppData\Local\Temp\utt3C56.tmp.exe
C:\Users\OEM\AppData\Local\Temp\uttA55A.tmp.exe
C:\Users\OEM\AppData\Local\Temp\uttEE3C.tmp.exe
C:\Users\OEM\AppData\Local\Temp\uttEF68.tmp.exe
C:\Users\OEM\AppData\Local\Temp\vcredist_x64.exe
C:\Users\OEM\AppData\Local\Temp\vcredist_x86.exe
C:\Users\OEM\AppData\Local\Temp\vlc-2.0.2-win32.exe
C:\Users\OEM\AppData\Local\Temp\vlc-2.0.4-win32.exe
C:\Users\OEM\AppData\Local\Temp\vlc-2.0.5-win32.exe
C:\Users\OEM\AppData\Local\Temp\vlc-2.0.6-win32.exe
C:\Users\OEM\AppData\Local\Temp\vlc-2.0.7-win32.exe
C:\Users\OEM\AppData\Local\Temp\vlc-2.0.8-win32.exe
C:\Users\OEM\AppData\Local\Temp\vlc-2.1.1-win32.exe
C:\Users\OEM\AppData\Local\Temp\vlc-2.1.2-win32.exe
C:\Users\OEM\AppData\Local\Temp\vlc-2.1.3-win32.exe
C:\Users\OEM\AppData\Local\Temp\vlc-2.1.5-win32.exe
C:\Users\OEM\AppData\Local\Temp\WindowsInstaller-KB893803-v2-x86.exe
C:\Users\OEM\AppData\Local\Temp\winzip1632_2_wrapped.exe
C:\Users\OEM\AppData\Local\Temp\xuninst.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-08-17 19:44

==================== End Of Log ============================
 

 

 

Addition:

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 25-08-2014
Ran by OEM at 2014-08-28 02:42:44
Running from C:\Users\OEM\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Microsoft Security Essentials (Disabled - Up to date) {641105E6-77ED-3F35-A304-765193BCB75F}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Spybot - Search and Destroy (Enabled - Up to date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
AS: Microsoft Security Essentials (Disabled - Up to date) {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKCU\...\uTorrent) (Version: 3.4.2.32239 - BitTorrent Inc.)
µTorrent (HKLM-x32\...\uTorrent) (Version: 3.3.0.29625 - BitTorrent Inc.)
3DMark 11 (HKLM-x32\...\{f9e83b9c-ab7e-4005-8f32-4ea69703a5e4}) (Version: 1.0.132.0 - Futuremark)
3DMark 11 (Version: 1.0.132.0 - Futuremark) Hidden
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Abalone (HKLM-x32\...\Steam App 279480) (Version:  - sppa4apps)
Ace of Spades (HKLM-x32\...\Steam App 224540) (Version:  - Jagex Limited)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 2.5.1.17730 - Adobe Systems Inc.)
Adobe AIR (x32 Version: 2.5.1.17730 - Adobe Systems Inc.) Hidden
Adobe Community Help (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.4.980 - Adobe Systems Incorporated.)
Adobe Community Help (x32 Version: 3.4.980 - Adobe Systems Incorporated.) Hidden
Adobe Flash Player 14 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 14.0.0.145 - Adobe Systems Incorporated)
Adobe Flash Player 14 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 14.0.0.179 - Adobe Systems Incorporated)
Adobe Illustrator CS5.1 (HKLM-x32\...\{23767F5D-A80C-4264-B8EA-ED4085FC332A}) (Version: 15.1 - Adobe Systems Incorporated)
Adobe Photoshop CS5.1 (HKLM-x32\...\{9158FF30-78D7-40EF-B83E-451AC5334640}) (Version: 12.1 - Adobe Systems Incorporated)
Adobe Reader X (10.1.11) - Italiano (HKLM-x32\...\{AC76BA86-7AD7-1040-7B44-AA1000000001}) (Version: 10.1.11 - Adobe Systems Incorporated)
Age of Empires II: HD Edition (HKLM-x32\...\Steam App 221380) (Version:  - Hidden Path Entertainment, Ensemble Studios)
Age of Mythology: Extended Edition (HKLM-x32\...\Steam App 266840) (Version:  - SkyBox Labs)
Aggiornamento driver Centro gestione dispositivi Windows Mobile (HKLM\...\{92DBCA36-9B41-4DD1-941A-AED149DD37F0}) (Version: 6.1.6965.0 - Microsoft Corporation)
AirBuccaneers (HKLM-x32\...\Steam App 223630) (Version:  - )
Alan Wake's American Nightmare (HKLM-x32\...\Steam App 202750) (Version:  - Remedy Entertainment)
Aliens versus Predator Classic 2000 (HKLM-x32\...\Steam App 3730) (Version:  - Rebellion)
Alpha Kimori™ Episode One  (HKLM-x32\...\Steam App 265870) (Version:  - Sherman3D)
Alpha Protocol (HKLM-x32\...\Steam App 34010) (Version:  - Obsidian Entertainment)
AMD Accelerated Video Transcoding (Version: 13.30.100.40417 - Advanced Micro Devices, Inc.) Hidden
AMD APP SDK Runtime (Version: 10.0.1084.4 - Advanced Micro Devices Inc.) Hidden
AMD Catalyst Control Center (x32 Version: 2014.0417.2226.38446 - Advanced Micro Devices, Inc.) Hidden
AMD Catalyst Install Manager (HKLM\...\{6119B3A6-3603-9695-0398-CDF2AF0A13F8}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
AMD Drag and Drop Transcoding (Version: 2.00.0000 - ATI Technologies Inc.) Hidden
AMD Media Foundation Decoders (Version: 1.0.71219.1540 - Advanced Micro Devices, Inc.) Hidden
AMD Wireless Display v3.0 (Version: 1.0.0.15 - Advanced Micro Devices, Inc.) Hidden
Amnesia: The Dark Descent (HKLM-x32\...\Steam App 57300) (Version:  - )
Anachronox (HKLM-x32\...\Steam App 242940) (Version:  - )
Antichamber (HKLM-x32\...\Steam App 219890) (Version:  - )
Antisquad (HKLM-x32\...\Steam App 268200) (Version:  - InsGames)
Apple Mobile Device Support (HKLM\...\{6AF2AC2A-3532-43FD-9F4D-BDC9C0D724C7}) (Version: 7.1.2.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
applicationupdater (HKCU\...\SOE-C:/Users/OEM/AppData/Local/Sony Online Entertainment/ApplicationUpdater) (Version:  - Sony Online Entertainment)
Aquaria (HKLM-x32\...\Steam App 24420) (Version:  - Bit Blot, LLC)
ArcaniA – Gothic 4 (HKLM-x32\...\Steam App 39690) (Version:  - Spellbound Studios)
Arma 3 Alpha (HKLM-x32\...\Steam App 107410) (Version:  - Bohemia Interactive)
Arma Tactics (HKLM-x32\...\Steam App 224860) (Version:  - Bohemia Interactive)
Arsenal of Democracy (HKLM-x32\...\Steam App 42850) (Version:  - BL-Logic)
Artemis Artemis (HKLM-x32\...\Artemis) (Version: 1.51.0 - Thom Robertson)
ASUS Ai Charger (HKLM-x32\...\{7FB64E72-9B0E-4460-A821-040C341E414A}) (Version: 1.00.06 - ASUSTeK Computer Inc.)
ASUSUpdate (HKLM-x32\...\{587178E7-B1DF-494E-9838-FA4DD36E873C}) (Version: 7.17.17 - ASUSTeK Computer Inc.)
ATI Catalyst Registration (x32 Version: 3.00.0000 - ATI Technologies Inc.) Hidden
Audacity 1.3.13 (Unicode) (HKLM-x32\...\Audacity 1.3 Beta (Unicode)_is1) (Version:  - Audacity Team)
Audiosurf (HKLM-x32\...\Steam App 12900) (Version:  - Dylan Fitterer)
Avadon: The Black Fortress (HKLM-x32\...\Steam App 112100) (Version:  - Spiderweb Software)
Avencast (HKLM-x32\...\Steam App 46410) (Version:  - ClockStone Studios)
Aveyond Lord of Twilight (HKLM-x32\...\Steam App 272010) (Version:  - Amaranth Games, LLC)
Awesomenauts (HKLM-x32\...\Steam App 204300) (Version:  - Ronimo Games)
Baldur's Gate: Enhanced Edition (HKLM-x32\...\Steam App 228280) (Version:  - Overhaul Games)
Ballpoint Universe: Infinite (HKLM-x32\...\Steam App 259390) (Version:  - Arachnid Games)
Bang Bang Racing (HKLM-x32\...\Steam App 207020) (Version:  - Digital Reality Software & Playbox)
Bardbarian (HKLM-x32\...\Steam App 269490) (Version:  - TreeFortress Games)
Bastion (HKLM-x32\...\Steam App 107100) (Version:  - Supergiant Games)
Batman: Arkham City GOTY (HKLM-x32\...\Steam App 200260) (Version:  - Rocksteady Studios)
Battle for Wesnoth 1.11.0 (HKLM-x32\...\Battle for Wesnoth 1.11.0) (Version: 1.11.0 - )
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.4.0 - EA Digital Illusions CE AB)
BattlEye for OA Uninstall (HKLM-x32\...\BattlEye for OA) (Version:  - )
BattlEye Uninstall (HKLM-x32\...\BattlEye for A2) (Version:  - )
Beatbuddy: Tale of the Guardians (HKLM-x32\...\Steam App 231040) (Version:  - Threaks)
Bejeweled 3 (HKLM-x32\...\Steam App 78000) (Version:  - PopCap Games, Inc.)
Ben There, Dan That! (HKLM-x32\...\Steam App 37420) (Version:  - Zombie Cow Studios)
Bionic Dues (HKLM-x32\...\Steam App 238910) (Version:  - Arcen Games, LLC)
BioShock 2 (HKLM-x32\...\Steam App 8850) (Version:  - 2K Marin)
BioShock Infinite (HKLM-x32\...\Steam App 8870) (Version:  - Irrational Games)
BIT.TRIP BEAT (HKLM-x32\...\Steam App 63700) (Version:  - Gaijin Games)
BIT.TRIP Presents... Runner2: Future Legend of Rhythm Alien (HKLM-x32\...\Steam App 218060) (Version:  - Gaijin Games)
Blackguards (HKLM-x32\...\Steam App 249650) (Version:  - Daedalic Entertainment)
Blade Symphony (HKLM-x32\...\Steam App 225600) (Version:  - Puny Human Games)
Block Story (HKLM-x32\...\Steam App 270110) (Version:  - MindBlocks Studio, LLC)
Blockland (HKLM-x32\...\Blockland) (Version:  - )
Blocks That Matter (HKLM-x32\...\Steam App 111800) (Version:  - Swing Swing Submarine)
Bob Came in Pieces (HKLM-x32\...\Steam App 46000) (Version:  - Ludosity)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
BookWorm Deluxe (HKLM-x32\...\Steam App 3370) (Version:  - PopCap Games, Inc.)
Borderlands (HKLM-x32\...\Steam App 8980) (Version:  - Gearbox Software)
Botanicula (HKLM-x32\...\Steam App 207690) (Version:  - )
Breath of Death VII  (HKLM-x32\...\Steam App 107300) (Version:  - Zeboyd Games)
Broforce (HKLM-x32\...\Steam App 274190) (Version:  - Free Lives)
Broken Age (HKLM-x32\...\Steam App 232790) (Version:  - Double Fine Productions)
Brothers - A Tale of Two Sons (HKLM-x32\...\Steam App 225080) (Version:  - Starbreeze Studios AB)
Bullet Candy (HKLM-x32\...\Steam App 6600) (Version:  - R C Knight)
Burnout Paradise: The Ultimate Box (HKLM-x32\...\Steam App 24740) (Version:  - Criterion Games)
Call of Juarez: Bound in Blood (HKLM-x32\...\Steam App 21980) (Version:  - Techland)
Capsule (HKLM-x32\...\Capsule) (Version: 1.0.000 - Green Man Gaming Limited)
Captain Morgane and the Golden Turtle (HKLM-x32\...\Steam App 264320) (Version:  - WizarBox)
Carmageddon (HKLM-x32\...\Carmageddon_is1) (Version:  - GOG.com)
Carmageddon Max Pack (HKLM-x32\...\Steam App 282010) (Version:  - )
Carmageddon: Reincarnation (HKLM-x32\...\Steam App 249380) (Version:  - Stainless Games Ltd)
Carrier Command: Gaea Mission (HKLM-x32\...\Steam App 65740) (Version:  - Bohemia Interactive)
CastleMiner Z (HKLM-x32\...\Steam App 253430) (Version:  - DigitalDNA Games LLC)
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2014.0417.2226.38446 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2014.0417.2226.38446 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2014.0417.2226.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Standard (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Traditional (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Czech (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Danish (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Dutch (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help English (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Finnish (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help French (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help German (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Greek (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Hungarian (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Italian (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Japanese (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Korean (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Norwegian (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Polish (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Portuguese (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Russian (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Spanish (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Swedish (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Thai (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Turkish (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
ccc-utility64 (Version: 2014.0417.2226.38446 - Advanced Micro Devices, Inc.) Hidden
Centro gestione dispositivi Windows Mobile (HKLM\...\{626672CD-BFCF-49A9-AEFE-AB0FED3BFC5B}) (Version: 6.1.6965.0 - Microsoft Corporation)
Chains (HKLM-x32\...\Steam App 11360) (Version:  - 2DEngine.com)
Chainsaw Warrior (HKLM-x32\...\Steam App 251710) (Version:  - Auroch Digital)
Chaser (HKLM-x32\...\Steam App 39670) (Version:  - Cauldron)
Chivalry: Medieval Warfare (HKLM-x32\...\Steam App 219640) (Version:  - )
Chompy Chomp Chomp (HKLM-x32\...\Steam App 292570) (Version:  - Utopian World of Sandwiches)
Choplifter HD (HKLM-x32\...\Steam App 202070) (Version:  - inXile Entertainment)
Chronology (HKLM-x32\...\Steam App 269330) (Version:  - osao games)
Cities XL Platinum (HKLM-x32\...\Steam App 231140) (Version:  - Focus Home Interactive)
Cloudbuilt (HKLM-x32\...\Steam App 262390) (Version:  - Coilworks)
Cobi Treasure Deluxe (HKLM-x32\...\Steam App 301690) (Version:  - Cobra Mobile)
Coldfire Keep (HKLM-x32\...\Steam App 296530) (Version:  - Steve Jarman)
Command & Conquer Generals (HKLM-x32\...\InstallShield_{06F80017-8F98-4C94-B868-52358569FC32}) (Version: 0.50.0000 - Electronic Arts)
Command & Conquer Generals (x32 Version: 0.50.0000 - Electronic Arts) Hidden
Command and Conquer 3: Kane's Wrath (HKLM-x32\...\Steam App 24810) (Version:  - EA Los Angeles)
Command and Conquer 3: Tiberium Wars (HKLM-x32\...\Steam App 24790) (Version:  - EA Los Angeles)
Command and Conquer: Red Alert 3 (HKLM-x32\...\Steam App 17480) (Version:  - EA Los Angeles)
Command and ConquerTM Generals Zero Hour (HKLM-x32\...\InstallShield_{F3E9C243-122E-4D6B-ACC1-E1FEC02F6CA1}) (Version: 1.00.0000 - Electronic Arts)
Command and ConquerTM Generals Zero Hour (x32 Version: 1.00.0000 - Electronic Arts) Hidden
Commandos: Behind Enemy Lines (HKLM-x32\...\Steam App 6800) (Version:  - Pyro Studios)
Concursion (HKLM-x32\...\Steam App 303340) (Version:  - Puuba)
Confrontation (HKLM-x32\...\Steam App 204560) (Version:  - Cyanide Studios)
Conquest of Elysium 3 (HKLM-x32\...\Steam App 211900) (Version:  - Illwinter Game Design)
Contagion (HKLM-x32\...\Steam App 238430) (Version:  - Monochrome LLC)
Contextual Tool Yourprofitclub (HKLM-x32\...\49988caf) (Version:  - ) <==== ATTENTION
Cook, Serve, Delicious! (HKLM-x32\...\Steam App 247020) (Version:  - Vertigo Gaming)
Cortex Command (HKLM-x32\...\Steam App 209670) (Version:  - )
Cosmic DJ (HKLM-x32\...\Steam App 297110) (Version:  - Gl33k)
Costume Quest (HKLM-x32\...\Steam App 115100) (Version:  - Double Fine Productions)
Counter-Strike: Global Offensive - SDK (HKLM-x32\...\Steam App 745) (Version:  - )
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version:  - )
CPUID CPU-Z 1.70 (HKLM\...\CPUID CPU-Z_is1) (Version:  - )
Cthulhu Saves the World  (HKLM-x32\...\Steam App 107310) (Version:  - Zeboyd Games)
Cubemen (HKLM-x32\...\Steam App 207250) (Version:  - 3 Sprockets)
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.48.1.0347 - Disc Soft Ltd)
Daikatana (HKLM-x32\...\Steam App 242980) (Version:  - )
Dark Messiah of Might & Magic Single Player (HKLM-x32\...\Steam App 2100) (Version:  - Arkane Studios)
Dark Scavenger (HKLM-x32\...\Steam App 293880) (Version:  - Psydra Games LLC)
Dark Souls: Prepare to Die Edition (HKLM-x32\...\Steam App 211420) (Version:  - )
Day One: Garry's Incident (HKLM-x32\...\Steam App 242800) (Version:  - Wild Games Studio)
Dead Island (HKLM-x32\...\Steam App 91310) (Version:  - Techland)
Dead Rising 2 (HKLM-x32\...\Steam App 45740) (Version:  - Blue Castle Games)
Dead Space (HKLM-x32\...\Steam App 17470) (Version:  - EA Redwood Shores)
Deadlight (HKLM-x32\...\Steam App 211400) (Version:  - Tequila Works, S.L.)
Dear Esther (HKLM-x32\...\Steam App 203810) (Version:  - thechineseroom & Robert Briscoe)
Dear Leader Prototype (HKLM-x32\...\Steam App 285250) (Version:  - )
Death to Spies (HKLM-x32\...\Steam App 9800) (Version:  - Haggard Games)
DEFCON (HKLM-x32\...\Steam App 1520) (Version:  - Introversion Software)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{132D27B8-C656-44BD-8C16-73C54EA8A85F}) (Version:  - Microsoft)
Depression Quest (HKLM-x32\...\Steam App 270170) (Version:  - The Quinnspiracy)
Desktop Dungeons (HKLM-x32\...\Steam App 226620) (Version:  - QCF Design)
Desura (HKLM-x32\...\Desura) (Version: 100.57 - Desura)
Desura: Conquest of Elysium 3 (HKLM-x32\...\Desura_70914205024288) (Version: Full - Illwinter Game Design)
Desura: Dominions 4: Thrones of Ascension (HKLM-x32\...\Desura_104943230910496) (Version: Full - Illwinter Game Design)
Deus Ex: Game of the Year Edition (HKLM-x32\...\Steam App 6910) (Version:  - Ion Storm)
Deus Ex: Human Revolution (HKLM-x32\...\Steam App 28050) (Version:  - Eidos Montreal)
D-Fend Reloaded 1.4.0 (deinstall) (HKLM-x32\...\D-Fend Reloaded) (Version: 1.4.0 - Alexander Herzog)
Diablo III (HKLM-x32\...\Diablo III) (Version:  - Blizzard Entertainment)
Dishonored (HKLM-x32\...\Steam App 205100) (Version:  - Arkane Studios)
Divekick (HKLM-x32\...\Steam App 244730) (Version:  - Iron Galaxy Studios)
Divinity II: Developer's Cut (HKLM-x32\...\Steam App 219780) (Version:  - Larian Studios)
DLC Quest (HKLM-x32\...\Steam App 230050) (Version:  - Going Loud Studios)
Dominions 4 (HKLM-x32\...\Steam App 259060) (Version:  - )
Don't Starve (HKLM-x32\...\Steam App 219740) (Version:  - )
DOOM 3 (HKLM-x32\...\Steam App 9050) (Version:  - id Software)
Doomsday Engine 1.9.10 (HKLM-x32\...\Doomsday Engine_is1) (Version:  - deng Team)
Driftmoon Alpha 8.2 (HKLM-x32\...\{D1FCD6BD-3EEC-4E9A-9611-47FEACE94BEE}_is1) (Version:  - Instant Kingdom)
Dropbox (HKCU\...\Dropbox) (Version: 2.4.11 - Dropbox, Inc.)
Dual-Core Optimizer (HKLM-x32\...\{9FD6F1A8-5550-46AF-8509-271DF0E768B5}) (Version: 1.1.4.0169 - AMD)
Dungeons of Dredmor (HKLM-x32\...\Steam App 98800) (Version:  - Gaslamp Games, Inc.)
Dust: An Elysian Tail (HKLM-x32\...\Steam App 236090) (Version:  - Humble Hearts LLC)
E.Y.E: Divine Cybermancy (HKLM-x32\...\Steam App 91700) (Version:  - Streum On Studio)
Earth Defense Force: Insect Armageddon (HKLM-x32\...\Steam App 23530) (Version:  - )
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version:  - )
EPU-6 Engine (HKLM-x32\...\{56B83336-FBC1-4C46-8613-90A9E3B440D6}) (Version: 1.03.04 - )
Eufloria (HKLM-x32\...\Steam App 41210) (Version:  - Rudolf Kremers & Alex May)
Euro Truck Simulator 2 (HKLM-x32\...\Steam App 227300) (Version:  - SCS Software)
Evernote v. 5.5.3 (HKLM-x32\...\{B1A0F908-1448-11E4-8684-00163E98E7D0}) (Version: 5.5.3.4236 - Evernote Corp.)
F.E.A.R. (HKLM-x32\...\Steam App 21090) (Version:  - Monolith )
Fallout: New Vegas (HKLM-x32\...\Steam App 22380) (Version:  - Obsidian Entertainment)
Famaze (HKLM-x32\...\Steam App 297210) (Version:  - Oryx Design Lab)
Farming Simulator 2013 (HKLM-x32\...\Steam App 220260) (Version:  - Giants Software)
Fate of the World (HKLM-x32\...\Steam App 80200) (Version:  - Red Redemption)
FEZ (HKLM-x32\...\Steam App 224760) (Version:  - Polytron Corporation)
Five Nights at Freddy's (HKLM-x32\...\Steam App 319510) (Version:  - Scott Cawthon)
Focusrite USB 2.0 Audio Driver 2.5b2 (HKLM\...\Focusrite USB 2.0 Audio Driver_is1) (Version: 2.5b2 - Focusrite Audio Engineering Limited.)
Foxit Reader (HKLM-x32\...\Foxit Reader) (Version: 4.3.1.323 - Foxit Corporation)
Fraps (remove only) (HKLM-x32\...\Fraps) (Version:  - )
Free to Play (HKLM-x32\...\Steam App 245550) (Version:  - Valve)
Freespace 2 (HKLM-x32\...\Freespace 2_is1) (Version:  - GOG.com)
FTL: Faster Than Light (HKLM-x32\...\Steam App 212680) (Version:  - )
FUEL (HKLM-x32\...\Steam App 12800) (Version:  - Asobo Studio SARL)
Futuremark SystemInfo (HKLM-x32\...\{032DC00A-51D1-4D28-BFB7-1D0E85291E11}) (Version: 4.25.366 - Futuremark)
Game Dev Tycoon (HKLM-x32\...\Steam App 239820) (Version:  - Greenheart Games)
Game of Thrones  (HKLM-x32\...\Steam App 208730) (Version:  - Cyanide Studios)
gamelauncher-code4344-beta (HKCU\...\SOE-) (Version:  - Sony Online Entertainment)
gamelauncher-code4344-beta (HKCU\...\SOE-F:/giochi/Sony Online Entertainment/Installed Games/PlanetSide 2 Beta) (Version:  - Sony Online Entertainment)
Garry's Mod (HKLM-x32\...\Steam App 4000) (Version:  - Team Garry)
Giana Sisters: Twisted Dreams (HKLM-x32\...\Steam App 223220) (Version:  - Black Forest Games)
GIMP 2.8.10 (HKLM\...\GIMP-2_is1) (Version: 2.8.10 - The GIMP Team)
Gone Home (HKLM-x32\...\Steam App 232430) (Version:  - The Fullbright Company)
Google Drive (HKLM-x32\...\{C6640705-7479-4EE5-BC86-879F05F65E74}) (Version: 1.17.7290.4094 - Google, Inc.)
Google Talk Plugin (HKLM-x32\...\{C1E3DFE7-4EAD-3E9E-A826-E06055BA5921}) (Version: 5.4.2.18903 - Google)
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
Ground Pounders Demo (HKLM-x32\...\Steam App 289740) (Version:  - Kerberos Productions Inc.)
Guacamelee! Gold Edition (HKLM-x32\...\Steam App 214770) (Version:  - DrinkBox Studios)
Guise Of The Wolf (HKLM-x32\...\Steam App 259640) (Version:  - FUN Creators)
Guitar Pro 6 (HKLM-x32\...\{14A487F2-1259-4E6C-AE3C-3C888DDBCB60}_is1) (Version:  - Arobas Music)
Gun Monkeys (HKLM-x32\...\Steam App 239450) (Version:  - Size Five Games)
Gunpoint (HKLM-x32\...\Steam App 206190) (Version:  - Suspicious Developments)
Hack, Slash, Loot (HKLM-x32\...\Steam App 207430) (Version:  - David Williamson)
Half Minute Hero: Super Mega Neo Climax Ultimate Boy (HKLM-x32\...\Steam App 214830) (Version:  - )
Half-Life (HKLM-x32\...\Steam App 70) (Version:  - Valve)
Half-Life 2 (HKLM-x32\...\Steam App 220) (Version:  - Valve)
Half-Life 2: Deathmatch (HKLM-x32\...\Steam App 320) (Version:  - Valve)
Half-Life: Blue Shift (HKLM-x32\...\Steam App 130) (Version:  - Gearbox)
Half-Life: Opposing Force (HKLM-x32\...\Steam App 50) (Version:  - Gearbox)
HAWKEN (HKLM-x32\...\Steam App 271290) (Version:  - )
Hearthstone (HKLM-x32\...\Hearthstone) (Version:  - Blizzard Entertainment)
Heroes of Might and Magic 3 Complete (HKLM-x32\...\Heroes of Might and Magic 3 Complete_is1) (Version:  - GOG.com)
Heroes Rise: HeroFall Demo (HKLM-x32\...\Steam App 313920) (Version:  - Choice of Games)
Hi-Rez Studios Authenticate and Update Service (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF1FC}) (Version: 3.0.0.0 - Hi-Rez Studios)
Hotline Miami (HKLM-x32\...\Steam App 219150) (Version:  - )
HydraVision (x32 Version: 4.2.184.0 - ATI Technologies Inc.) Hidden
Incredipede (HKLM-x32\...\Steam App 230150) (Version:  - Colin Northway with art by Thomas Shahan)
inMomentum (HKLM-x32\...\Steam App 110400) (Version:  - Digital Arrow)
Installer (x32 Version: 1.0.0 - Sierra Entertainment, Inc.) Hidden
Intel® Matrix Storage Manager (HKLM\...\{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}) (Version:  - Intel Corporation)
Java 7 Update 55 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217045FF}) (Version: 7.0.550 - Oracle)
Java 7 Update 60 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F06417060FF}) (Version: 7.0.600 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Java™ 6 Update 31 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216031FF}) (Version: 6.0.310 - Oracle)
JavaFX 2.1.1 (HKLM-x32\...\{1111706F-666A-4037-7777-211328764D10}) (Version: 2.1.1 - Oracle Corporation)
Jazzpunk (HKLM-x32\...\Steam App 250260) (Version:  - Necrophone Games)
JMicron JMB36X Driver (HKLM-x32\...\{3A1B5D40-41E9-43FA-8C7B-A8667F5586EF}) (Version: 1.00.0000 - JMICRON Technology Corp.)
Just Cause 2 (HKLM-x32\...\Steam App 8190) (Version:  - Avalanche Studios)
Kairo (HKLM-x32\...\Steam App 233230) (Version:  - Richard Perrin)
Killing Floor (HKLM-x32\...\Steam App 1250) (Version:  - Tripwire Interactive)
Knytt Underground (HKLM-x32\...\Steam App 248190) (Version:  - Nifflas' Games)
La-Mulana (HKLM-x32\...\Steam App 230700) (Version:  - NIGORO)
Left 4 Dead 2 (HKLM-x32\...\Steam App 550) (Version:  - Valve)
Legacy of Kain (HKLM-x32\...\KainUninstallKey) (Version:  - )
Legend of Dungeon (HKLM-x32\...\Steam App 238280) (Version:  - )
Legend of Grimrock (HKLM-x32\...\Steam App 207170) (Version:  - )
Legends of Aethereus (HKLM-x32\...\Steam App 248410) (Version:  - Three Gates)
LEGO Batman 2 (HKLM-x32\...\Steam App 213330) (Version:  - )
LEGO Lord of the Rings (HKLM-x32\...\Steam App 214510) (Version:  - Traveller's Tales)
LEGO MARVEL Super Heroes (HKLM-x32\...\Steam App 249130) (Version:  - Traveller's Tales)
LibreOffice 4.3.0.4 (HKLM-x32\...\{5C005E2A-AEAE-4DF7-B7CA-1E6DCDD2AEA4}) (Version: 4.3.0.4 - The Document Foundation)
LIMBO (HKLM-x32\...\Steam App 48000) (Version:  - Playdead)
Little Inferno (HKLM-x32\...\Steam App 221260) (Version:  - Tomorrow Corporation)
Machinarium (HKLM-x32\...\Steam App 40700) (Version:  - Amanita Design)
Magicka (HKLM-x32\...\Steam App 42910) (Version:  - Arrowhead Game Studios AB)
Magicka: Wizard Wars (HKLM-x32\...\Steam App 202090) (Version:  - Paradox North)
Malwarebytes Anti-Malware version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Marc Eckō's Getting Up: Contents Under Pressure (HKLM-x32\...\Steam App 260190) (Version:  - The Collective)
Mark of the Ninja (HKLM-x32\...\Steam App 214560) (Version:  - Klei Entertainment)
McPixel (HKLM-x32\...\Steam App 220860) (Version:  - Sos)
Men of War (HKLM-x32\...\Steam App 7830) (Version:  - Best Way)
Metal Drift (HKLM-x32\...\Steam App 32200) (Version:  - Black Jacket Studios)
Miasmata (HKLM-x32\...\Steam App 223510) (Version:  - )
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (ITA) (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (Italiano) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1040) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Antimalware Service IT-IT Language Pack (Version: 3.0.8402.2 - Microsoft Corporation) Hidden
Microsoft Chart Controls for Microsoft .NET Framework 3.5 (KB2500170) (HKLM-x32\...\{41785C66-90F2-40CE-8CB5-1C94BFC97280}) (Version: 3.5.30730.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{42AA4CA8-DCD8-4308-BCAB-0B6D75856A9D}) (Version: 3.5.95.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)
Microsoft Office Access MUI (Italian) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (Italian) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Groove MUI (Italian) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (Italian) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (Italian) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (Italian) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (Italian) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUSR) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (German) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Italian) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (Italian) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (Italian) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (Italian) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (Italian) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (Italian) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Security Client (Version: 4.5.0216.0 - Microsoft Corporation) Hidden
Microsoft Security Client IT-IT Language Pack (Version: 2.1.1116.0 - Microsoft Corporation) Hidden
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.5.216.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (HKLM-x32\...\{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM-x32\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft XNA Framework Redistributable 3.1 (HKLM-x32\...\{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}) (Version: 3.1.10527.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Microsoft_VC80_ATL_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_ATL_x86_x64 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_CRT_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_CRT_x86_x64 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFC_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFC_x86_x64 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFCLOC_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFCLOC_x86_x64 (Version: 80.50727.4053 - Adobe) Hidden
Microsoft_VC90_ATL_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_ATL_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_CRT_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_CRT_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFC_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFC_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFCLOC_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFCLOC_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
Millie (HKLM-x32\...\Steam App 294230) (Version:  - Forever Entertainment S. A.)
MirrorMoon EP (HKLM-x32\...\Steam App 231310) (Version:  - Santa Ragione)
Mirror's Edge (HKLM-x32\...\Steam App 17410) (Version:  - DICE)
Monaco (HKLM-x32\...\Steam App 113020) (Version:  - )
Mount & Blade (HKLM-x32\...\Steam App 22100) (Version:  - Paradox Interactive)
Mount & Blade: Warband (HKLM-x32\...\Steam App 48700) (Version:  - Taleworlds Entertainment)
Mount & Blade: With Fire and Sword (HKLM-x32\...\Steam App 48720) (Version:  - )
Mozilla Firefox 31.0 (x86 it) (HKLM-x32\...\Mozilla Firefox 31.0 (x86 it)) (Version: 31.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
Mumble 1.2.3 (HKLM-x32\...\{0BB88FD3-120D-4192-89B5-D770C9B4AD80}) (Version: 1.2.3 - Thorvald Natvig)
MyTomTom 3.1.0.530 (HKLM-x32\...\MyTomTom) (Version: 3.1.0.530 - TomTom)
Natural Selection 2 (HKLM-x32\...\Steam App 4920) (Version:  - Unknown Worlds Entertainment)
Neverwinter Nights 2 Adventure Pack: Mysteries of Westgate (HKLM-x32\...\Mysteries of Westgate) (Version:  - )
Neverwinter Nights 2 Complete (HKLM-x32\...\GOGPACKNWN2COMPLETE_is1) (Version: 2.0.0.5 - GOG.com)
Neverwinter Nights Diamond Edition (HKLM-x32\...\Neverwinter Nights Diamond Edition_is1) (Version:  - GOG.com)
Nexus Mod Manager (HKLM\...\6af12c54-643b-4752-87d0-8335503010de_is1) (Version: 0.44.10 - Black Tree Gaming)
Nidhogg (HKLM-x32\...\Steam App 94400) (Version:  - Messhof)
No More Room in Hell (HKLM-x32\...\Steam App 224260) (Version:  - No More Room in Hell Team)
NovaBench 3.0.4 (HKLM-x32\...\{88603FC0-6B3C-442D-981E-E3D49F083548}_is1) (Version:  - Novawave Inc.)
Nox 1.2b (HKLM-x32\...\Nox_is1) (Version:  - Noxforum.net, with permission from EA)
NVIDIA PhysX (HKLM-x32\...\{80407BA7-7763-4395-AB98-5233F1B34E65}) (Version: 9.13.1220 - NVIDIA Corporation)
Octodad: Dadliest Catch (HKLM-x32\...\Steam App 224480) (Version:  - Young Horses)
Odamex 0.6.2 (HKLM-x32\...\{2E517BBB-916F-4AB6-80E0-D4A292513F7A}_is1) (Version: 0.6.2 - Odamex Dev Team)
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
Orcs Must Die! (HKLM-x32\...\Steam App 102600) (Version:  - Robot Entertainment)
Organ Trail: Director's Cut (HKLM-x32\...\Steam App 233740) (Version:  - The Men Who Wear Many Hats)
Origin (HKLM-x32\...\Origin) (Version: 9.4.11.2806 - Electronic Arts, Inc.)
Osmos (HKLM-x32\...\Steam App 29180) (Version:  - Hemisphere Games)
Outlast (HKLM-x32\...\Steam App 238320) (Version:  - Red Barrels)
Overgrowth (HKLM-x32\...\Steam App 25000) (Version:  - Wolfire)
Overlord (HKLM-x32\...\Steam App 11450) (Version:  - Triumph Studios)
Overlord: Raising Hell (HKLM-x32\...\Steam App 12710) (Version:  - Triumph Studios)
Painkiller Hell & Damnation (HKLM-x32\...\Steam App 214870) (Version:  - The Farm 51)
paint.net (HKLM\...\{F509C1F4-0029-49F9-B145-A4C4E8DF481A}) (Version: 4.0.3 - dotPDN LLC)
Papers, Please (HKLM-x32\...\Steam App 239030) (Version:  - 3909)
Papo & Yo (HKLM-x32\...\Steam App 227080) (Version:  - Minority Media Inc.)
Paranormal (HKLM\...\UDK-7c7cef06-ccac-47c6-b3bb-117e4cd466ac) (Version:  - Epic Games, Inc.)
Path of Exile (HKLM-x32\...\Steam App 238960) (Version:  - Grinding Gear Games)
PCSX2 - Playstation 2 Emulator (HKLM-x32\...\pcsx2-r5875) (Version:  - )
PDF Settings CS5 (x32 Version: 10.0 - Adobe Systems Incorporated) Hidden
PeerBlock 1.1 (r518) (HKLM\...\{015C5B35-B678-451C-9AEE-821E8D69621C}_is1) (Version: 1.1.0.518 - PeerBlock, LLC)
Peggle (HKLM-x32\...\{715AD72D-887A-459E-988B-D4F3E87FA24B}) (Version: 1.04.0.0 - PopCap Games)
Peggle Deluxe (HKLM-x32\...\Steam App 3480) (Version:  - PopCap Games, Inc.)
PicPick (HKLM-x32\...\PicPick) (Version: 3.4.1 - NTeWORKS)
Pirates, Vikings, & Knights II (HKLM-x32\...\Steam App 17570) (Version:  - PVKII Team)
PixelJunk Eden (HKLM-x32\...\Steam App 105800) (Version:  - Q-Games, Ltd.)
Plants vs. Zombies: Game of the Year (HKLM-x32\...\Steam App 3590) (Version:  - PopCap)
Portal (HKLM-x32\...\Steam App 400) (Version:  - Valve)
Proteus (HKLM-x32\...\Steam App 219680) (Version:  - )
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.)
QuickTime 7 (HKLM-x32\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)
Qvadriga Demo (HKLM-x32\...\Qvadriga Demo1.00) (Version: 1.00 - Slitherine)
RAGE (HKLM-x32\...\Steam App 9200) (Version:  - id Software)
Raptr (HKLM-x32\...\Raptr) (Version:  - )
RC2 (HKLM-x32\...\AHL - Directors Cut RC2_is1) (Version:  - )
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.5859 - Realtek Semiconductor Corp.)
Receiver (HKLM-x32\...\Steam App 234190) (Version:  - Wolfire Games)
Redshirt (HKLM-x32\...\Steam App 247870) (Version:  - The Tiniest Shark)
Renegade X (HKLM-x32\...\UDK-4fc3a6b6-3d0e-4dce-b127-8e60191e2b1e) (Version: Open Beta 1 - Totem Arts)
Retro City Rampage™ (HKLM-x32\...\Steam App 204630) (Version:  - )
Reus (HKLM-x32\...\Steam App 222730) (Version:  - Abbey Games)
RIFT™ (HKLM-x32\...\Steam App 39120) (Version:  - Trion Worlds)
Ring Runner: Flight of the Sages (HKLM-x32\...\Steam App 258010) (Version:  - Triple.B.Titles)
Risen3D version 2.2.14 (HKLM-x32\...\Risen3D_is1) (Version:  - )
Risk of Rain (HKLM-x32\...\Steam App 248820) (Version:  - )
Rock of Ages (HKLM-x32\...\Steam App 22230) (Version:  - ACE Team)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.1.0.6 - Rockstar Games)
Rogue Shooter: The FPS Roguelike (HKLM-x32\...\Steam App 295770) (Version:  - Hippomancer)
RUSH (HKLM-x32\...\Steam App 38720) (Version:  - Two Tribes)
Rush Bros (HKLM-x32\...\Steam App 234490) (Version:  - XYLA Entertainment)
Rust (HKLM-x32\...\Steam App 252490) (Version:  - Facepunch Studios)
S.T.A.L.K.E.R.: Shadow of Chernobyl (HKLM-x32\...\Steam App 4500) (Version:  - GSC Game World)
Saints Row IV (HKLM-x32\...\Steam App 206420) (Version:  - Deep Silver Volition)
Saints Row: The Third (HKLM-x32\...\Steam App 55230) (Version:  - Volition)
Samorost 2 (HKLM-x32\...\Steam App 40720) (Version:  - Amanita Design)
Samsung Universal Print Driver (HKLM-x32\...\Samsung Universal Print Driver) (Version: 2.03.01.00:36 - Samsung Electronics Co., Ltd.)
Sapphire TRIXX (HKLM-x32\...\Sapphire TRIXX) (Version:  - )
Saturday Morning RPG (HKLM-x32\...\Steam App 263320) (Version:  - Mighty Rabbit Studios)
Scarlett MixControl 1.5 (HKLM-x32\...\Saffire USB 26_is1) (Version: 1.5 - Focusrite Audio Engineering Limited)
Scoregasm (HKLM-x32\...\Steam App 202410) (Version:  - RC Knight)
Secrets of Rætikon (HKLM-x32\...\Steam App 246680) (Version:  - Broken Rules)
Sequence (HKLM-x32\...\Steam App 200910) (Version:  - Iridium Studios)
Serena (HKLM-x32\...\Steam App 272060) (Version:  - Senscape)
Serious Sam Double D XXL (HKLM-x32\...\Steam App 111600) (Version:  - Mommy's Best Games)
Serious Sam: The Random Encounter (HKLM-x32\...\Steam App 201480) (Version:  - Vlambeer)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (x32 Version:  - Microsoft) Hidden
Shadow Warrior Classic Redux (HKLM-x32\...\Steam App 225160) (Version:  - 3D Realms)
Shadowrun Returns (HKLM-x32\...\Steam App 234650) (Version:  - Harebrained Schemes)
Shelter (HKLM-x32\...\Steam App 244710) (Version:  - Might and Delight)
Sid Meier's Civilization V (HKLM-x32\...\Steam App 8930) (Version:  - Firaxis Games)
Sins of a Solar Empire: Rebellion (HKLM-x32\...\Steam App 204880) (Version:  - Ironclad Games)
Sir, You Are Being Hunted (HKLM-x32\...\Steam App 242880) (Version:  - )
SIW version 2010.07.14 (HKLM-x32\...\{AB67580-257C-45FF-B8F4-C8C30682091A}_is1) (Version: 2010.07.14 - Topala Software Solutions)
Sky Rogue Alpha version 15 (HKLM-x32\...\{7A64CD8F-9A3B-48F7-923D-C817F7C9E703}_is1) (Version: 15 - Kenny Backus)
Sleeping Dogs™ (HKLM-x32\...\Steam App 202170) (Version:  - United Front Games)
Solium Infernum (HKLM-x32\...\{203F2870-8644-4972-9E14-9E191A6C09C0}) (Version:  - )
Songr (HKLM-x32\...\Songr) (Version: 2.0.2289 - Xamasoft)
Sonic & All-Stars Racing Transformed (HKLM-x32\...\Steam App 212480) (Version:  - Sumo Digital)
Source SDK Base 2007 (HKLM-x32\...\Steam App 218) (Version:  - Valve)
Source SDK Base 2013 Multiplayer (HKLM-x32\...\Steam App 243750) (Version:  - )
Spelunky (HKLM-x32\...\Steam App 239350) (Version:  - )
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.4.40 - Safer-Networking Ltd.)
Star Wars - Battlefront II (HKLM-x32\...\Steam App 6060) (Version:  - Pandemic Studios)
Star Wars - Jedi Knight II: Jedi Outcast (HKLM-x32\...\Steam App 6030) (Version:  - Raven Software)
Star Wars Jedi Knight: Jedi Academy (HKLM-x32\...\Steam App 6020) (Version:  - Raven Software)
Star Wars Republic Commando (HKLM-x32\...\Steam App 6000) (Version:  - LucasArts)
Starbound (HKLM-x32\...\Steam App 211820) (Version:  - )
StarCraft II (HKLM-x32\...\StarCraft II) (Version:  - Blizzard Entertainment)
Starscape (HKLM-x32\...\Steam App 20700) (Version:  - Moonpod)
Stealth Bastard Deluxe (HKLM-x32\...\Steam App 209190) (Version:  - Curve Studios)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
Steam Marines (HKLM-x32\...\Steam App 253630) (Version:  - )
SteamWorld Dig (HKLM-x32\...\Steam App 252410) (Version:  - Image&amp;Form)
Steed Prototype (HKLM-x32\...\Steam App 285270) (Version:  - )
Storm in a Teacup (HKLM-x32\...\Steam App 104020) (Version:  - Cobra Mobile)
Strike Suit Infinity (HKLM-x32\...\Steam App 234160) (Version:  - )
Strike Suit Zero (HKLM-x32\...\Steam App 209540) (Version:  - )
Sunrider: First Arrival (HKLM-x32\...\Steam App 313730) (Version:  - Love in Space)
Super Hexagon (HKLM-x32\...\Steam App 221640) (Version:  - )
Super Toy Cars (HKLM-x32\...\Steam App 116100) (Version:  - Eclipse Games)
Superbrothers: Sword & Sworcery EP (HKLM-x32\...\Steam App 204060) (Version:  - Capybara)
Supporto applicazioni Apple (HKLM-x32\...\{21ECABC3-40B2-42DF-8E21-ACF3A4D0D95A}) (Version: 3.0.5 - Apple Inc.)
Surgeon Simulator 2013 (HKLM-x32\...\Steam App 233720) (Version:  - )
SWAT 4 - The Stetchkov Syndicate (HKLM-x32\...\InstallShield_{97E12F84-C033-4DA2-97D2-F540C3E292EA}) (Version: 1.0.0 - Sierra Entertainment, Inc.)
SWAT 4 (HKLM-x32\...\InstallShield_{8E1CCF20-9E12-4824-BD59-7AD9E0486DD8}) (Version: 1.0.31763 - Nome società)
SWAT 4 (x32 Version: 1.0.31763 - Nome società) Hidden
Tales of Maj'Eyal (HKLM-x32\...\Steam App 259680) (Version:  - DarkGod)
Team Fortress 2 (HKLM-x32\...\Steam App 440) (Version:  - Valve)
Team Fortress Classic (HKLM-x32\...\Steam App 20) (Version:  - Valve)
Terraria (HKLM-x32\...\Steam App 105600) (Version:  - Re-Logic)
The Ball (HKLM-x32\...\Steam App 35460) (Version:  - Teotl Studios)
The Banner Saga (HKLM-x32\...\Steam App 237990) (Version:  - Stoic)
The Banner Saga: Factions (HKLM-x32\...\Steam App 219340) (Version:  - Stoic)
The Binding of Isaac (HKLM-x32\...\Steam App 113200) (Version:  - Edmund McMillen and Florian Himsl)
The Blackwell Legacy (HKLM-x32\...\Steam App 80330) (Version:  - Wadjet Eye Games)
The Bridge (HKLM-x32\...\Steam App 204240) (Version:  - Ty Taylor and Mario Castañeda)
The Bureau: XCOM Declassified (HKLM-x32\...\Steam App 65930) (Version:  - 2K Marin)
The Cat Lady (HKLM-x32\...\Steam App 253110) (Version:  - Harvester Games)
The Darkness II (HKLM-x32\...\Steam App 67370) (Version:  - Digital Extremes)
The Elder Scrolls III: Morrowind (HKLM-x32\...\Steam App 22320) (Version:  - Bethesda Softworks)
The Expendabros (HKLM-x32\...\Steam App 312990) (Version:  - Free Lives)
The Lord of the Rings: War in the North (HKLM-x32\...\Steam App 32800) (Version:  - Snowblind Studios)
The Stanley Parable (HKLM-x32\...\Steam App 221910) (Version:  - Galactic Cafe)
The Swapper (HKLM-x32\...\Steam App 231160) (Version:  - Olli Harjola, Otto Hantula, Tom Jubert, Carlo Castellano)
The Walking Dead (HKLM-x32\...\Steam App 207610) (Version:  - )
The White Birch Prototype (HKLM-x32\...\Steam App 228040) (Version:  - )
The Witcher 2: Assassins of Kings Enhanced Edition (HKLM-x32\...\Steam App 20920) (Version:  - CD Projekt RED)
The Wolf Among Us (HKLM-x32\...\Steam App 250320) (Version:  - Telltale Games)
Thirty Flights of Loving (HKLM-x32\...\Steam App 214700) (Version:  - )
Tiny and Big: Grandpa's Leftovers (HKLM-x32\...\Steam App 205910) (Version:  - Black Pants Game Studio)
To the Moon (HKLM-x32\...\Steam App 206440) (Version:  - Freebird Games)
To the Moon (HKLM-x32\...\To the Moon) (Version: 1.0 - Freebird Games)
Tomb Raider (HKLM-x32\...\Steam App 203160) (Version:  - Crystal Dynamics)
TomTom HOME Visual Studio Merge Modules (HKLM-x32\...\{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}) (Version: 1.0.2 - TomTom International B.V.)
TortoiseSVN 1.7.10.23359 (64 bit) (HKLM\...\{71EFF430-1A34-423E-8EAF-A80173960A8E}) (Version: 1.7.23359 - TortoiseSVN)
Total War: SHOGUN 2 (HKLM-x32\...\Steam App 34330) (Version:  - The Creative Assembly)
Tower of Guns (HKLM-x32\...\Steam App 266110) (Version:  - Terrible Posture Games)
Tribes 2 (HKLM-x32\...\Tribes 2) (Version: 1.0.0.0 - Sierra On-Line)
Tribes: Ascend (HKLM-x32\...\Steam App 17080) (Version:  - Hi-Rez Studios)
Tunngle beta (HKLM-x32\...\Tunngle beta_is1) (Version:  - Tunngle.net GmbH)
Type:Rider (HKLM-x32\...\Steam App 258890) (Version:  - Ex Nihilo)
Ubisoft Game Launcher (HKLM-x32\...\{888F1505-C2B3-4FDE-835D-36353EBD4754}) (Version: 1.0.0.0 - UBISOFT)
Unity of Command (HKLM-x32\...\Steam App 218090) (Version:  - 2x2 Games)
Unity Web Player (HKCU\...\UnityWebPlayer) (Version: 4.5.1f3 - Unity Technologies ApS)
Unreal Tournament 2004 (HKLM-x32\...\Unreal Tournament 2004_is1) (Version:  - GOG.com)
Unturned (HKLM-x32\...\Steam App 304930) (Version:  - Nelson Sexton)
Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{B4A38370-2ADB-46B0-A1B0-0C4A2F7DCA31}) (Version:  - Microsoft)
Update for Microsoft Excel 2010 (KB2837600) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{4ACD847E-547D-493F-9A86-F73EAE1B5174}) (Version:  - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2878281) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{302A8FE3-EBF5-486C-A431-16A1CD914443}) (Version:  - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2878281) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{302A8FE3-EBF5-486C-A431-16A1CD914443}) (Version:  - Microsoft)
Update for Microsoft InfoPath 2010 (KB2817369) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{4EEA3D3E-989C-4DF4-AB0A-3042C0C12AA3}) (Version:  - Microsoft)
Update for Microsoft InfoPath 2010 (KB2817396) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{39767ECA-1731-45DB-AB5B-6BF40E151D66}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2494150) (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{3FCFD88F-4D13-4F38-8625-ABABEA7F61EA}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{DADF7E25-FFA4-4D02-BE84-1DAE62C18516}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{287A1E92-9E41-4BC1-8920-B3D0E9220800}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{9D69691D-823D-4C3E-9B12-563A3F520366}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2687502) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0409-0000-0000000FF1CE}_Office14.PROPLUSR_{7DE7DF97-82FE-4B3A-AB8D-1621F9CC464A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{35698CB7-AAA2-4577-B505-DBFF504AEF23}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{5AA578BB-759C-40FD-9661-A737C0884541}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2825635) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{F1A20C69-9FE5-40FD-9CD5-84EABC2EF64A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2825640) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{BA610006-2C39-4419-9834-CF61AB24810A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2837581) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{334FB202-28D7-4BA4-8BC9-4FE4AB233EA0}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2837606) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{B0D672F7-883E-4279-8E75-D97A5445AB46}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2878252) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{B0DB9F71-E0F7-4FE6-8925-35B860CAC0C4}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2881028) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0407-0000-0000000FF1CE}_Office14.PROPLUSR_{EAD7BEF9-B28C-425F-B2C5-538CB27EF013}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2881028) 32-Bit Edition (HKLM-x32\...\{90140000-001F-040C-0000-0000000FF1CE}_Office14.PROPLUSR_{089DBFD7-8211-43B2-AAAE-5BDD8C23E3A8}) (Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version:  - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM-x32\...\{90140000-001A-0410-0000-0000000FF1CE}_Office14.PROPLUSR_{BC402055-F185-4D14-A664-12ED2EF8B5B6}) (Version:  - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{2AB483F1-C86E-427A-83B4-23889B03512D}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition (HKLM-x32\...\{90140000-0018-0410-0000-0000000FF1CE}_Office14.PROPLUSR_{9FD4ABF7-0359-4953-BAC8-0F99C873797E}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{2BA40F82-F3A4-441C-BF1A-ED4C42FF4872}) (Version:  - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{F9F5A080-AF38-4966-9A6B-C43DCA465035}) (Version:  - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{F9F5A080-AF38-4966-9A6B-C43DCA465035}) (Version:  - Microsoft)
Update for Microsoft Visio 2010 (KB2880526) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{7B29D8B8-6A87-496C-A65E-B935E740448A}) (Version:  - Microsoft)
Update for Microsoft Visio Viewer 2010 (KB2837587) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{38CF30E4-3348-4BD1-A859-B630C355A56F}) (Version:  - Microsoft)
Update for Microsoft Word 2010 (KB2880529) 32-Bit Edition (HKLM-x32\...\{91140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUSR_{B9B89E01-5B6B-4F73-BC34-B2C0D8ACB4CD}) (Version:  - Microsoft)
Uplay (HKLM-x32\...\Uplay) (Version: 2.0 - Ubisoft)
Uplink (HKLM-x32\...\Steam App 1510) (Version:  - Introversion Software)
Vampire: The Masquerade - Bloodlines (HKLM-x32\...\Steam App 2600) (Version:  - Activision)
Ventrilo Client for Windows x64 (HKLM\...\{EEB3F6BB-318D-4CE5-989F-8191FCBFB578}) (Version: 3.0.8.0 - Flagship Industries, Inc.)
Visual Studio C++ 10.0 Runtime (HKLM-x32\...\{4412F224-3849-4461-A3E9-DEEF8D252790}) (Version: 10.0.0 - TomTom International B.V.)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.1.5 - VideoLAN)
Wanderlust: Rebirth (HKLM-x32\...\Steam App 211580) (Version:  - Yeti Trunk)
Warframe (HKLM-x32\...\Steam App 230410) (Version:  - )
Warhammer 40,000 Space Marine (HKLM-x32\...\Steam App 55150) (Version:  - Relic)
Warhammer 40,000: Dawn of War – Dark Crusade (HKLM-x32\...\Steam App 4580) (Version:  - Relic Entertainment)
Warhammer 40,000: Dawn of War - Game of the Year Edition (HKLM-x32\...\Steam App 4570) (Version:  - Relic Entertainment)
Warhammer 40,000: Dawn of War – Soulstorm (HKLM-x32\...\Steam App 9450) (Version:  - Relic Entertainment)
Warhammer 40,000: Dawn of War – Winter Assault (HKLM-x32\...\Steam App 9310) (Version:  - Relic Entertainment)
Warhammer® 40,000™: Dawn of War® II – Retribution™ (HKLM-x32\...\Steam App 56400) (Version:  - Relic Entertainment)
Warzone 2100-3.1.0 (HKLM-x32\...\Warzone 2100-3.1.0) (Version: 3.1.0 - Warzone 2100 Project)
Winamp (HKLM-x32\...\Winamp) (Version: 5.621  - Nullsoft, Inc)
Winamp Detector Plug-in (HKCU\...\Winamp Detect) (Version: 1.0.0.1 - Nullsoft, Inc)
Windows Driver Package - Focusrite USB 2.0 Audio Driver (06/17/2013 2.5.64.2) (HKLM\...\82A4D3DBF49D068DA591B228D1E23D1CD8CF9B34) (Version: 06/17/2013 2.5.64.2 - Focusrite)
Windows Driver Package - Focusrite USB 2.0 Audio Driver (09/10/2012 2.4.128.0) (HKLM\...\4214A1CFC1A368A5078729BFD4B211F0CDB5CEC5) (Version: 09/10/2012 2.4.128.0 - Focusrite)
Windows Driver Package - Focusrite USB 2.0 Audio Driver (11/08/2012 2.4.128.0) (HKLM\...\69713B3D0489C8BB035314E27344B56134EC17EE) (Version: 11/08/2012 2.4.128.0 - Focusrite)
Windows Live ID Sign-in Assistant (HKLM\...\{9B48B0AC-C813-4174-9042-476A887592C7}) (Version: 6.500.3165.0 - Microsoft Corporation)
Wing Commander III (HKLM-x32\...\{F96B9930-E22A-44D6-81B5-6C8E92C21B4B}) (Version: 2.0.0.2 - Electronic Arts)
WinRAR 4.00 (64-bit) (HKLM\...\WinRAR archiver) (Version: 4.00.0 - win.rar GmbH)
WinZip 16.0 (HKLM-x32\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C240CC}) (Version: 16.0.9715 - WinZip Computing, S.L. )
Worms Armageddon (HKLM-x32\...\Steam App 217200) (Version:  - Team17 Digital Ltd.)
x2 Server Query (HKLM-x32\...\{E867C1D5-0872-46C1-8190-A77E300AF6B3}) (Version: 1.0.0 - x2)
XCOM: Enemy Unknown (HKLM-x32\...\Steam App 200510) (Version:  - Firaxis Games)
XIII Century (HKLM-x32\...\Steam App 34420) (Version:  - Unicorn Games Studio)
Xiph.Org Open Codecs 0.85.17777 (HKLM-x32\...\Open Codecs) (Version: 0.85.17777 - Xiph.Org)
Zandronum (HKLM-x32\...\Zandronum) (Version: 1.2.2 - Zandronum)
ZDaemon (remove only) (HKLM-x32\...\ZDaemon) (Version:  - )
Zip Motion Block Video codec (Remove Only) (HKLM-x32\...\ZMBV) (Version:  - DOSBox Team)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-1732696791-2687864788-3126902200-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\OEM\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1732696791-2687864788-3126902200-1000_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users\OEM\AppData\Local\Google\Update\1.3.23.9\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-1732696791-2687864788-3126902200-1000_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\OEM\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1732696791-2687864788-3126902200-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\OEM\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1732696791-2687864788-3126902200-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\OEM\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1732696791-2687864788-3126902200-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\OEM\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1732696791-2687864788-3126902200-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\OEM\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1732696791-2687864788-3126902200-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\OEM\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1732696791-2687864788-3126902200-1000_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\OEM\AppData\Local\Google\Update\1.3.24.7\psuser_64.dll No File

==================== Restore Points  =========================

26-08-2014 16:06:53 Windows Update
26-08-2014 17:44:05 OpenOffice 4.1.1 installato
26-08-2014 18:06:46 OpenOffice 4.1.1 rimosso
26-08-2014 22:05:39 Installed LibreOffice 4.3.0.4
27-08-2014 15:56:18 Removed Streets of Moscow
27-08-2014 16:03:05 Removed Superior Drummer 64 bit.
27-08-2014 16:03:27 Removed Superior Drummer Installer.
27-08-2014 16:03:47 Removed Waves Complete V9r8
27-08-2014 16:16:09 Removed Cubase 5
27-08-2014 21:18:32 Windows Update

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2010-05-13 18:53 - 00001204 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1       localhost
127.0.0.1 activate.adobe.com
127.0.0.1 3dns-3.adobe.com
127.0.0.1 adobe-dns-2.adobe.com
127.0.0.1 adobe-dns-3.adobe.com
127.0.0.1 ereg.wip3.adobe.com
127.0.0.1 activate-sea.adobe.com
127.0.0.1 wip3.adobe.com
127.0.0.1 wwis-dubc1-vip60.adobe.com
127.0.0.1 activate-sjc0.adobe.com
127.0.0.1 practivate.adobe.com
127.0.0.1 ereg.adobe.com
127.0.0.1 activate.wip3.adobe.com
127.0.0.1 3dns-2.adobe.com
127.0.0.1 adobe-dns.adobe.com


==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {0070287C-14FE-4976-AAEC-DA761228DEBC} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1732696791-2687864788-3126902200-1000UA => C:\Users\OEM\AppData\Local\Google\Update\GoogleUpdate.exe [2013-05-02] (Google Inc.)
Task: {4A68FC64-D819-424D-B7E5-D782E793A20A} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-01-16] (Google Inc.)
Task: {5A818B9B-DAA8-4F94-898D-57234619FA15} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1732696791-2687864788-3126902200-1000Core => C:\Users\OEM\AppData\Local\Google\Update\GoogleUpdate.exe [2013-05-02] (Google Inc.)
Task: {72EC5D35-E4FB-4E52-B38F-10564704EC32} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-08-18] (Adobe Systems Incorporated)
Task: {8569F33A-D43A-4CDC-911E-581FEC613384} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-01-16] (Google Inc.)
Task: {8874298B-58B0-4C71-A407-87968C7856D2} - System32\Tasks\ASUS\ASUS SIX Engine => C:\Program Files (x86)\ASUS\EPU-6 Engine\SixEngine.exe [2010-03-08] (ASUSTeK Computer Inc.)
Task: {9CB9D1B1-57CA-4473-BB9A-62514956CDD2} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search &amp; Destroy 2\SDUpdate.exe
Task: {B3F0D823-E692-4489-856F-A0F9E7590703} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search &amp; Destroy 2\SDScan.exe
Task: {B95FD073-E95E-49EA-BC6B-236411C95F35} - System32\Tasks\{AD2E827D-16A6-4303-BEE3-646B744269C2} => Firefox.exe http://ui.skype.com/ui/0/5.10.0.116/it/abandoninstall?source=lightinstaller&amp;page=tsInstall
Task: {BC8133E0-EE66-40E3-AE6D-98C363B2F354} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search &amp; Destroy 2\SDImmunize.exe
Task: {CBD354DB-C252-4F9E-B676-7E99DC363657} - System32\Tasks\ASUS\ASUS Update Checker => C:\Program Files (x86)\ASUS\ASUSUpdate\UpdateChecker\UpdateChecker.exe [2009-12-28] (ASUSTeK Computer Inc.)
Task: {D8AACADE-81B2-489B-8CDF-DC3B32E89D0F} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {E41B0CA1-C4E9-4A52-A43D-2830143A6C7F} - System32\Tasks\Sapphire TRIXX => C:\Program Files (x86)\Sapphire TRIXX\TRIXX.exe [2013-12-19] ()
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1732696791-2687864788-3126902200-1000Core.job => C:\Users\OEM\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1732696791-2687864788-3126902200-1000UA.job => C:\Users\OEM\AppData\Local\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2012-05-26 00:05 - 2011-04-11 07:26 - 00034304 _____ () C:\Windows\System32\spd__l.dll
2013-12-19 18:19 - 2013-12-19 18:19 - 05623104 _____ () C:\Program Files (x86)\Sapphire TRIXX\TRIXX.exe
2012-10-08 22:10 - 2012-10-08 22:10 - 00088968 _____ () C:\Program Files\TortoiseSVN\bin\libsasl.dll
2014-08-12 01:14 - 2014-08-12 01:14 - 00076152 _____ () C:\Windows\system32\PnkBstrA.exe
2011-05-11 18:14 - 2011-03-20 17:01 - 00165376 _____ () C:\Program Files\WinRAR\rarext.dll
2014-01-20 14:17 - 2014-01-20 14:17 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-01-20 14:16 - 2014-01-20 14:16 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2014-06-03 22:38 - 2014-08-04 21:15 - 01171456 _____ () F:\Programmi\Steam\libavcodec-55.dll
2014-05-06 22:14 - 2014-08-04 21:15 - 00441856 _____ () F:\Programmi\Steam\libavutil-53.dll
2014-01-09 22:02 - 2014-08-04 21:15 - 00332288 _____ () F:\Programmi\Steam\libavresample-1.dll
2013-03-12 18:10 - 2014-08-04 21:15 - 00769024 _____ () F:\Programmi\Steam\SDL2.dll
2014-06-03 22:38 - 2014-08-14 00:31 - 02144448 _____ () F:\Programmi\Steam\video.dll
2014-06-03 22:38 - 2014-08-04 21:15 - 00403968 _____ () F:\Programmi\Steam\libavformat-55.dll
2014-06-03 22:38 - 2014-07-31 05:47 - 00519168 _____ () F:\Programmi\Steam\libswscale-2.dll
2012-03-30 22:57 - 2014-08-14 00:30 - 00677056 _____ () F:\Programmi\Steam\bin\chromehtml.DLL
2014-07-25 16:22 - 2014-07-25 16:22 - 00436576 _____ () C:\Program Files (x86)\Evernote\Evernote\libxml2.dll
2014-07-25 16:22 - 2014-07-25 16:22 - 00318304 _____ () C:\Program Files (x86)\Evernote\Evernote\libtidy.dll
2012-03-30 22:57 - 2014-08-13 08:27 - 34587328 _____ () F:\Programmi\Steam\bin\libcef.dll
2014-08-28 00:14 - 2014-05-13 12:04 - 00109400 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2014-08-28 00:14 - 2014-05-13 12:04 - 00416600 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl
2014-08-28 00:14 - 2014-05-13 12:04 - 00167768 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2014-08-28 00:14 - 2012-08-23 10:38 - 00574840 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll
2014-08-28 00:14 - 2012-04-03 17:06 - 00565640 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\av\BDSmartDB.dll
2014-07-30 23:04 - 2014-07-30 23:04 - 03800688 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2012-10-08 20:42 - 2012-10-08 20:42 - 00070536 _____ () C:\Program Files\TortoiseSVN\bin\libsasl32.dll
2013-09-05 01:14 - 2013-09-05 01:14 - 04300456 _____ () C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2014-08-18 22:51 - 2014-08-18 22:51 - 17048240 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_179.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)


==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================

System errors:
=============

Microsoft Office Sessions:
=========================

CodeIntegrity Errors:
===================================
  Date: 2011-05-08 21:23:21.354
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\Temp\SiwIo.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2011-05-08 21:23:21.309
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\Temp\SiwIo.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.


==================== Memory info ===========================

Processor: Intel® Core™ i7 CPU 950 @ 3.07GHz
Percentage of memory in use: 30%
Total physical RAM: 8182.09 MB
Available physical RAM: 5660.24 MB
Total Pagefile: 16362.35 MB
Available Pagefile: 13756.18 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:322.74 GB) (Free:58.38 GB) NTFS
Drive d: () (Fixed) (Total:273.44 GB) (Free:51.15 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive f: (DATI) (Fixed) (Total:931.51 GB) (Free:52.74 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 2A77FC0D)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 596.2 GB) (Disk ID: B95DB95D)
Partition 1: (Active) - (Size=273.4 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=322.7 GB) - (Type=07 NTFS)

==================== End Of Log ============================
 



#4 fireman4it

fireman4it

    Bleepin' Fireman


  • Malware Response Team
  • 13,505 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Greenup, Ill USA
  • Local time:12:59 AM

Posted 28 August 2014 - 07:48 PM

1.

Uninstalling A Program Through "add/remove"

Click "start" on the taskbar and then click on the "Control Panel" icon.
Please doubleclick the "Add or Remove Programs" icon
A list of programs installed will be "populated" this may take a bit of time.
If they exist, uninstall the following by clicking on the following entries and selecting "remove":

Contextual Tool Yourprofitclub

Additional instructions can be found here if needed.

 

 

2.

Download attached fixlist.txt file and save it to the Desktop.

NOTE. It's important that both files, FRST/FRST64 and fixlist.txt are in the same location or the fix will not work.

NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system

Run FRST/FRST64 and press the Fix button just once and wait.
If for some reason the tool needs a restart, please make sure you let the system restart normally. After that let the tool complete its run.
When finished FRST will generate a log on the Desktop (Fixlog.txt). Please post it to your reply.

 

Attached File  fixlist.txt   5.29KB   2 downloads

 

How is the machine running now?

 

 


" Extinguishing Malware from the world"

The Virus, Trojan, Spyware, and Malware Removal forum is very busy. If I'm helping you and I've not posted back within 24 hrs., send a PM with your topic link. Thank you.

ALL OTHER HELP REQUESTS VIA THE PM SYSTEM WILL BE IGNORED. The Forums are there for a reason!
Thanks-


  userbar_eis_500.gif

If I have helped you, consider making a donation to help me continue the fight against Malware! Just click btn_donate_LG.gif


#5 BathroomCitizen

BathroomCitizen
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:07:59 AM

Posted 28 August 2014 - 08:05 PM

Thanks, the machine is running quite well!

Unfortunately Contextual Tool Yourprofitclub is still showing on the Programs List.

 

I'm pasting the Fixlog.txt results below here.

 

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 25-08-2014
Ran by OEM at 2014-08-29 02:56:39 Run:1
Running from C:\Users\OEM\Desktop
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
FF NetworkProxy: "autoconfig_url", "https://mediahint.com/default.pac"
FF NetworkProxy: "type", 2
FF Plugin HKCU: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll ()
FF Extension: Media Hint - C:\Users\OEM\AppData\Roaming\Mozilla\Firefox\Profiles\d0s9sl1h.default\Extensions\mediahint@jetpack.xpi [2013-12-07]
FF Extension: z - C:\Program Files (x86)\Mozilla Firefox\extensions\{125d3439-dec5-9c17-b2ee-c21533f03319} [2014-07-30]
S3 cpuz136; \??\C:\Windows\TEMP\cpuz136\cpuz136_x64.sys [X]
S3 GPUZ; \??\C:\Windows\TEMP\GPUZ.sys [X]
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
R3 TRIXX; \??\C:\Users\OEM\AppData\Local\Temp\TRIXX.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
C:\Users\OEM\AppData\Local\Temp\7z.dll
C:\Users\OEM\AppData\Local\Temp\DTLite4453-0297.exe
C:\Users\OEM\AppData\Local\Temp\DTLite4454-0315.exe
C:\Users\OEM\AppData\Local\Temp\DTLite4461-0328.exe
C:\Users\OEM\AppData\Local\Temp\DTLite4481-0347.exe
C:\Users\OEM\AppData\Local\Temp\exe2pin.exe
C:\Users\OEM\AppData\Local\Temp\HiPatchSelfUpdateWindow.exe
C:\Users\OEM\AppData\Local\Temp\HiRezLauncherControls.dll
C:\Users\OEM\AppData\Local\Temp\installChecker.exe
C:\Users\OEM\AppData\Local\Temp\installerdll36744725.dll
C:\Users\OEM\AppData\Local\Temp\installerdll36753554.dll
C:\Users\OEM\AppData\Local\Temp\installerdll5131106.dll
C:\Users\OEM\AppData\Local\Temp\installerdll92551524.dll
C:\Users\OEM\AppData\Local\Temp\installerdll92554691.dll
C:\Users\OEM\AppData\Local\Temp\installerdll92562787.dll
C:\Users\OEM\AppData\Local\Temp\jre-6u26-windows-i586-iftw-rv.exe
C:\Users\OEM\AppData\Local\Temp\jre-6u29-windows-i586-iftw-rv.exe
C:\Users\OEM\AppData\Local\Temp\jre-6u31-windows-i586-iftw-rv.exe
C:\Users\OEM\AppData\Local\Temp\jre-7u11-windows-i586-iftw.exe
C:\Users\OEM\AppData\Local\Temp\jre-7u13-windows-i586-iftw.exe
C:\Users\OEM\AppData\Local\Temp\jre-7u15-windows-i586-iftw.exe
C:\Users\OEM\AppData\Local\Temp\jre-7u17-windows-i586-iftw.exe
C:\Users\OEM\AppData\Local\Temp\jre-7u21-windows-i586-iftw.exe
C:\Users\OEM\AppData\Local\Temp\jre-7u25-windows-i586-iftw.exe
C:\Users\OEM\AppData\Local\Temp\jre-7u45-windows-i586-iftw.exe
C:\Users\OEM\AppData\Local\Temp\jre-7u5-windows-i586-iftw.exe
C:\Users\OEM\AppData\Local\Temp\jre-7u51-windows-i586-iftw.exe
C:\Users\OEM\AppData\Local\Temp\jre-7u55-windows-i586-iftw.exe
C:\Users\OEM\AppData\Local\Temp\jre-7u7-windows-i586-iftw.exe
C:\Users\OEM\AppData\Local\Temp\jre-7u9-windows-i586-iftw.exe
C:\Users\OEM\AppData\Local\Temp\mediaget-uninstaller.exe
C:\Users\OEM\AppData\Local\Temp\Nexus%20Mod%20Manager-0.13.1.exe
C:\Users\OEM\AppData\Local\Temp\Nexus%20Mod%20Manager-0.42.0.exe
C:\Users\OEM\AppData\Local\Temp\Nexus%20Mod%20Manager-0.42.1.exe
C:\Users\OEM\AppData\Local\Temp\Nexus%20Mod%20Manager-0.43.1.exe
C:\Users\OEM\AppData\Local\Temp\Nexus%20Mod%20Manager-0.44.10.exe
C:\Users\OEM\AppData\Local\Temp\Nexus%20Mod%20Manager-0.44.5.exe
C:\Users\OEM\AppData\Local\Temp\OriginLauncher92551524.exe
C:\Users\OEM\AppData\Local\Temp\Quarantine.exe
C:\Users\OEM\AppData\Local\Temp\raptrpatch.exe
C:\Users\OEM\AppData\Local\Temp\raptr_stub.exe
C:\Users\OEM\AppData\Local\Temp\rootsupd.exe
C:\Users\OEM\AppData\Local\Temp\Setup_Downloader_3.3.5_stable.exe
C:\Users\OEM\AppData\Local\Temp\Setup_Downloader_3.3.6_beta.exe
C:\Users\OEM\AppData\Local\Temp\sonarinst.exe
C:\Users\OEM\AppData\Local\Temp\sqlite-3.7.2-sqlitejdbc.dll
C:\Users\OEM\AppData\Local\Temp\swt-win32-3349.dll
C:\Users\OEM\AppData\Local\Temp\tmp187F.exe
C:\Users\OEM\AppData\Local\Temp\tmp328D.exe
C:\Users\OEM\AppData\Local\Temp\tmp4933.exe
C:\Users\OEM\AppData\Local\Temp\tmp5837.exe
C:\Users\OEM\AppData\Local\Temp\tmpA24D.exe
C:\Users\OEM\AppData\Local\Temp\tmpA28F.tmp.exe
C:\Users\OEM\AppData\Local\Temp\tmpB8DA.exe
C:\Users\OEM\AppData\Local\Temp\tmpCBBF.exe
C:\Users\OEM\AppData\Local\Temp\tmpD9AB.exe
C:\Users\OEM\AppData\Local\Temp\Uninstaller-3548.exe
C:\Users\OEM\AppData\Local\Temp\Uninstaller-3912.exe
C:\Users\OEM\AppData\Local\Temp\Uninstaller-5292.exe
C:\Users\OEM\AppData\Local\Temp\Uninstaller-5340.exe
C:\Users\OEM\AppData\Local\Temp\Uninstaller-5368.exe
C:\Users\OEM\AppData\Local\Temp\Uninstaller-5996.exe
C:\Users\OEM\AppData\Local\Temp\utt38B0.tmp.exe
C:\Users\OEM\AppData\Local\Temp\utt3C56.tmp.exe
C:\Users\OEM\AppData\Local\Temp\uttA55A.tmp.exe
C:\Users\OEM\AppData\Local\Temp\uttEE3C.tmp.exe
C:\Users\OEM\AppData\Local\Temp\uttEF68.tmp.exe
C:\Users\OEM\AppData\Local\Temp\vcredist_x64.exe
C:\Users\OEM\AppData\Local\Temp\vcredist_x86.exe
C:\Users\OEM\AppData\Local\Temp\vlc-2.0.2-win32.exe
C:\Users\OEM\AppData\Local\Temp\vlc-2.0.4-win32.exe
C:\Users\OEM\AppData\Local\Temp\vlc-2.0.5-win32.exe
C:\Users\OEM\AppData\Local\Temp\vlc-2.0.6-win32.exe
C:\Users\OEM\AppData\Local\Temp\vlc-2.0.7-win32.exe
C:\Users\OEM\AppData\Local\Temp\vlc-2.0.8-win32.exe
C:\Users\OEM\AppData\Local\Temp\vlc-2.1.1-win32.exe
C:\Users\OEM\AppData\Local\Temp\vlc-2.1.2-win32.exe
C:\Users\OEM\AppData\Local\Temp\vlc-2.1.3-win32.exe
C:\Users\OEM\AppData\Local\Temp\vlc-2.1.5-win32.exe
C:\Users\OEM\AppData\Local\Temp\WindowsInstaller-KB893803-v2-x86.exe
C:\Users\OEM\AppData\Local\Temp\winzip1632_2_wrapped.exe
C:\Users\OEM\AppData\Local\Temp\xuninst.exe














*****************

"HKLM\Software\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\SDWinLogon" => Key deleted successfully.
Firefox Proxy settings were reset.
Firefox Proxy settings were reset.
"HKCU\Software\MozillaPlugins\ubisoft.com/uplaypc" => Key deleted successfully.
C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll => Moved successfully.
C:\Users\OEM\AppData\Roaming\Mozilla\Firefox\Profiles\d0s9sl1h.default\Extensions\mediahint@jetpack.xpi => Moved successfully.
C:\Program Files (x86)\Mozilla Firefox\extensions\{125d3439-dec5-9c17-b2ee-c21533f03319} => Moved successfully.
cpuz136 => Service deleted successfully.
GPUZ => Service deleted successfully.
Synth3dVsc => Service deleted successfully.
TRIXX => Unable to stop service
TRIXX => Service deleted successfully.
tsusbhub => Service deleted successfully.
VGPU => Service deleted successfully.
C:\Users\OEM\AppData\Local\Temp\7z.dll => Moved successfully.
C:\Users\OEM\AppData\Local\Temp\DTLite4453-0297.exe => Moved successfully.
C:\Users\OEM\AppData\Local\Temp\DTLite4454-0315.exe => Moved successfully.
C:\Users\OEM\AppData\Local\Temp\DTLite4461-0328.exe => Moved successfully.
C:\Users\OEM\AppData\Local\Temp\DTLite4481-0347.exe => Moved successfully.
C:\Users\OEM\AppData\Local\Temp\exe2pin.exe => Moved successfully.
C:\Users\OEM\AppData\Local\Temp\HiPatchSelfUpdateWindow.exe => Moved successfully.
C:\Users\OEM\AppData\Local\Temp\HiRezLauncherControls.dll => Moved successfully.
C:\Users\OEM\AppData\Local\Temp\installChecker.exe => Moved successfully.
C:\Users\OEM\AppData\Local\Temp\installerdll36744725.dll => Moved successfully.
C:\Users\OEM\AppData\Local\Temp\installerdll36753554.dll => Moved successfully.
C:\Users\OEM\AppData\Local\Temp\installerdll5131106.dll => Moved successfully.
C:\Users\OEM\AppData\Local\Temp\installerdll92551524.dll => Moved successfully.
C:\Users\OEM\AppData\Local\Temp\installerdll92554691.dll => Moved successfully.
C:\Users\OEM\AppData\Local\Temp\installerdll92562787.dll => Moved successfully.
C:\Users\OEM\AppData\Local\Temp\jre-6u26-windows-i586-iftw-rv.exe => Moved successfully.
C:\Users\OEM\AppData\Local\Temp\jre-6u29-windows-i586-iftw-rv.exe => Moved successfully.
C:\Users\OEM\AppData\Local\Temp\jre-6u31-windows-i586-iftw-rv.exe => Moved successfully.
C:\Users\OEM\AppData\Local\Temp\jre-7u11-windows-i586-iftw.exe => Moved successfully.
C:\Users\OEM\AppData\Local\Temp\jre-7u13-windows-i586-iftw.exe => Moved successfully.
C:\Users\OEM\AppData\Local\Temp\jre-7u15-windows-i586-iftw.exe => Moved successfully.
C:\Users\OEM\AppData\Local\Temp\jre-7u17-windows-i586-iftw.exe => Moved successfully.
C:\Users\OEM\AppData\Local\Temp\jre-7u21-windows-i586-iftw.exe => Moved successfully.
C:\Users\OEM\AppData\Local\Temp\jre-7u25-windows-i586-iftw.exe => Moved successfully.
C:\Users\OEM\AppData\Local\Temp\jre-7u45-windows-i586-iftw.exe => Moved successfully.
C:\Users\OEM\AppData\Local\Temp\jre-7u5-windows-i586-iftw.exe => Moved successfully.
C:\Users\OEM\AppData\Local\Temp\jre-7u51-windows-i586-iftw.exe => Moved successfully.
C:\Users\OEM\AppData\Local\Temp\jre-7u55-windows-i586-iftw.exe => Moved successfully.
C:\Users\OEM\AppData\Local\Temp\jre-7u7-windows-i586-iftw.exe => Moved successfully.
C:\Users\OEM\AppData\Local\Temp\jre-7u9-windows-i586-iftw.exe => Moved successfully.
C:\Users\OEM\AppData\Local\Temp\mediaget-uninstaller.exe => Moved successfully.
C:\Users\OEM\AppData\Local\Temp\Nexus%20Mod%20Manager-0.13.1.exe => Moved successfully.
C:\Users\OEM\AppData\Local\Temp\Nexus%20Mod%20Manager-0.42.0.exe => Moved successfully.
C:\Users\OEM\AppData\Local\Temp\Nexus%20Mod%20Manager-0.42.1.exe => Moved successfully.
C:\Users\OEM\AppData\Local\Temp\Nexus%20Mod%20Manager-0.43.1.exe => Moved successfully.
C:\Users\OEM\AppData\Local\Temp\Nexus%20Mod%20Manager-0.44.10.exe => Moved successfully.
C:\Users\OEM\AppData\Local\Temp\Nexus%20Mod%20Manager-0.44.5.exe => Moved successfully.
C:\Users\OEM\AppData\Local\Temp\OriginLauncher92551524.exe => Moved successfully.
C:\Users\OEM\AppData\Local\Temp\Quarantine.exe => Moved successfully.
C:\Users\OEM\AppData\Local\Temp\raptrpatch.exe => Moved successfully.
C:\Users\OEM\AppData\Local\Temp\raptr_stub.exe => Moved successfully.
C:\Users\OEM\AppData\Local\Temp\rootsupd.exe => Moved successfully.
C:\Users\OEM\AppData\Local\Temp\Setup_Downloader_3.3.5_stable.exe => Moved successfully.
C:\Users\OEM\AppData\Local\Temp\Setup_Downloader_3.3.6_beta.exe => Moved successfully.
C:\Users\OEM\AppData\Local\Temp\sonarinst.exe => Moved successfully.
C:\Users\OEM\AppData\Local\Temp\sqlite-3.7.2-sqlitejdbc.dll => Moved successfully.
C:\Users\OEM\AppData\Local\Temp\swt-win32-3349.dll => Moved successfully.
C:\Users\OEM\AppData\Local\Temp\tmp187F.exe => Moved successfully.
C:\Users\OEM\AppData\Local\Temp\tmp328D.exe => Moved successfully.
C:\Users\OEM\AppData\Local\Temp\tmp4933.exe => Moved successfully.
C:\Users\OEM\AppData\Local\Temp\tmp5837.exe => Moved successfully.
C:\Users\OEM\AppData\Local\Temp\tmpA24D.exe => Moved successfully.
C:\Users\OEM\AppData\Local\Temp\tmpA28F.tmp.exe => Moved successfully.
C:\Users\OEM\AppData\Local\Temp\tmpB8DA.exe => Moved successfully.
C:\Users\OEM\AppData\Local\Temp\tmpCBBF.exe => Moved successfully.
C:\Users\OEM\AppData\Local\Temp\tmpD9AB.exe => Moved successfully.
C:\Users\OEM\AppData\Local\Temp\Uninstaller-3548.exe => Moved successfully.
C:\Users\OEM\AppData\Local\Temp\Uninstaller-3912.exe => Moved successfully.
C:\Users\OEM\AppData\Local\Temp\Uninstaller-5292.exe => Moved successfully.
C:\Users\OEM\AppData\Local\Temp\Uninstaller-5340.exe => Moved successfully.
C:\Users\OEM\AppData\Local\Temp\Uninstaller-5368.exe => Moved successfully.
C:\Users\OEM\AppData\Local\Temp\Uninstaller-5996.exe => Moved successfully.
C:\Users\OEM\AppData\Local\Temp\utt38B0.tmp.exe => Moved successfully.
C:\Users\OEM\AppData\Local\Temp\utt3C56.tmp.exe => Moved successfully.
C:\Users\OEM\AppData\Local\Temp\uttA55A.tmp.exe => Moved successfully.
C:\Users\OEM\AppData\Local\Temp\uttEE3C.tmp.exe => Moved successfully.
C:\Users\OEM\AppData\Local\Temp\uttEF68.tmp.exe => Moved successfully.
C:\Users\OEM\AppData\Local\Temp\vcredist_x64.exe => Moved successfully.
C:\Users\OEM\AppData\Local\Temp\vcredist_x86.exe => Moved successfully.
C:\Users\OEM\AppData\Local\Temp\vlc-2.0.2-win32.exe => Moved successfully.
C:\Users\OEM\AppData\Local\Temp\vlc-2.0.4-win32.exe => Moved successfully.
C:\Users\OEM\AppData\Local\Temp\vlc-2.0.5-win32.exe => Moved successfully.
C:\Users\OEM\AppData\Local\Temp\vlc-2.0.6-win32.exe => Moved successfully.
C:\Users\OEM\AppData\Local\Temp\vlc-2.0.7-win32.exe => Moved successfully.
C:\Users\OEM\AppData\Local\Temp\vlc-2.0.8-win32.exe => Moved successfully.
C:\Users\OEM\AppData\Local\Temp\vlc-2.1.1-win32.exe => Moved successfully.
C:\Users\OEM\AppData\Local\Temp\vlc-2.1.2-win32.exe => Moved successfully.
C:\Users\OEM\AppData\Local\Temp\vlc-2.1.3-win32.exe => Moved successfully.
C:\Users\OEM\AppData\Local\Temp\vlc-2.1.5-win32.exe => Moved successfully.
C:\Users\OEM\AppData\Local\Temp\WindowsInstaller-KB893803-v2-x86.exe => Moved successfully.
C:\Users\OEM\AppData\Local\Temp\winzip1632_2_wrapped.exe => Moved successfully.
C:\Users\OEM\AppData\Local\Temp\xuninst.exe => Moved successfully.

==== End of Fixlog ====



#6 fireman4it

fireman4it

    Bleepin' Fireman


  • Malware Response Team
  • 13,505 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Greenup, Ill USA
  • Local time:12:59 AM

Posted 28 August 2014 - 08:13 PM

How is the machine running now?


" Extinguishing Malware from the world"

The Virus, Trojan, Spyware, and Malware Removal forum is very busy. If I'm helping you and I've not posted back within 24 hrs., send a PM with your topic link. Thank you.

ALL OTHER HELP REQUESTS VIA THE PM SYSTEM WILL BE IGNORED. The Forums are there for a reason!
Thanks-


  userbar_eis_500.gif

If I have helped you, consider making a donation to help me continue the fight against Malware! Just click btn_donate_LG.gif


#7 BathroomCitizen

BathroomCitizen
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:07:59 AM

Posted 28 August 2014 - 08:15 PM

It's running quite well, but I still have the Contextual Tool Yourprofitclub in my Programs List.

 

Still, I didn't get redirected to any website, for now. It's still too early to tell if there's been any real improvement in that regard!



#8 fireman4it

fireman4it

    Bleepin' Fireman


  • Malware Response Team
  • 13,505 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Greenup, Ill USA
  • Local time:12:59 AM

Posted 28 August 2014 - 08:38 PM

Did you go to programs list and try and Uninstall Contextual Tool Yourprofitclub ?


" Extinguishing Malware from the world"

The Virus, Trojan, Spyware, and Malware Removal forum is very busy. If I'm helping you and I've not posted back within 24 hrs., send a PM with your topic link. Thank you.

ALL OTHER HELP REQUESTS VIA THE PM SYSTEM WILL BE IGNORED. The Forums are there for a reason!
Thanks-


  userbar_eis_500.gif

If I have helped you, consider making a donation to help me continue the fight against Malware! Just click btn_donate_LG.gif


#9 BathroomCitizen

BathroomCitizen
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:07:59 AM

Posted 28 August 2014 - 08:49 PM

Yes, I followed your instructions step by step and it's still there :(

 

I try to uninstall it, it tells me to write a code inside a pop-up box to uninstall it, and then nothing. It just stays in the programs list.



#10 fireman4it

fireman4it

    Bleepin' Fireman


  • Malware Response Team
  • 13,505 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Greenup, Ill USA
  • Local time:12:59 AM

Posted 28 August 2014 - 09:04 PM

You have unwanted programs on your computer system that should be removed.
I recommend using the following program to do this because it is good at removing any stray remnants that uninstallers often leave behind.

1. Please download [u][url=http://www.bleepingcomputer.com/download/revo-uninstaller/]REVO UNINSTALLER[/url][/u] and save it on your computer.

2. Install Revo Uninstaller on your computer system.

3. Once the program is installed start the program and insure the uninstaller tab is active. (See image below)

[url=http://www.bleepstatic.com/fhost/uploads/2/revo-main-menu.png]revo-main-menu.png[/url]

Icons from all your installed programs will appear alphabetically in the main window.

4. Right click the program you wish to uninstall by selecting the program's icon in the main window. A menu will appear such as that shown below.
revo-uninstall.png

5. Next, choose Uninstall from this menu.

A confirmation from the program you wish to uninstall will appear on your screen, such as the one shown in the image below.

6. Please choose YES that you wish to uninstall the program.

revo-confirm.png

By default, Revo Uninstaller will be set to Moderate uninstall Mode.
Please change it to Advanced by clicking the radio button near Advanced as shown below and then click the NEXT button.

revo-advanced1.png

7. Next, you will see this screen where a system restore back up is made.

uninstall-1.png

The program'
s built in uninstaller will appear on screen, confirm removal and the uninstall procedure will begin.

[url=http://www.bleepstatic.com/fhost/uploads/2/confirm.png]confirm.png[/url]

The program you uninstalled will confirm it has been uninstalled and may ask for user feedback as shown below. It is really your choice if you wish to take the time to answer their survey, however it is not important if you do or not and you can skip it by clicking [b][color=#ff0000]NO[/color][/b]

[url=http://www.bleepstatic.com/fhost/uploads/2/uninstall-complete.png]uninstall-complete.png[/url]

If you are told to reboot to complete the uninstall, choose [b][color=#ff0000][u]NO![/u][/color][/b] We still have other things we need to remove from your computer using Revo Uninstaller's other features.

8. Once the program has been successfully uninstalled, click the NEXT button.

next-button.png

Revo Uninstaller will scan your computer for leftover information, files and registry entries.

leftover-info.png

If any registry entries are found, Revo Uninstaller will list those in BOLD text as shown below.

leftover-registry.png

It is safe to remove those entries as they are often only associated with the program you have just removed from your computer system.

9. Look for the Select All button and click it.
All the BOLD entries should now be checked off like shown in the image below.

select-all.png

Look for the DELETE button and click it.
When asked to confirm the deletion, click YES

confirm-delete-registry.png

When finished click the Next button.

Revo may confirm the uninstall is complete and offer a FINISH button. This means the program has been successfully uninstalled and no further action is needed.

If however, any leftover files and folders are found those will be presented. If you want to get rid of them click Select All then Delete.
This will remove those and send them to your RECYCLE BIN. You can then either retrieve them or clean your recycle bin permanently removing them from your computer system.

revo5.png

You can use Revo Uninstaller to remove other unwanted programs from your computer by performing the above procedures for each one.


" Extinguishing Malware from the world"

The Virus, Trojan, Spyware, and Malware Removal forum is very busy. If I'm helping you and I've not posted back within 24 hrs., send a PM with your topic link. Thank you.

ALL OTHER HELP REQUESTS VIA THE PM SYSTEM WILL BE IGNORED. The Forums are there for a reason!
Thanks-


  userbar_eis_500.gif

If I have helped you, consider making a donation to help me continue the fight against Malware! Just click btn_donate_LG.gif


#11 BathroomCitizen

BathroomCitizen
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:07:59 AM

Posted 28 August 2014 - 09:28 PM

It worked, Revo is miracolous!

 

You solved my problems, thanks fireman4it, you are the best!



#12 fireman4it

fireman4it

    Bleepin' Fireman


  • Malware Response Team
  • 13,505 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Greenup, Ill USA
  • Local time:12:59 AM

Posted 29 August 2014 - 10:59 PM

How is the machine running now?


" Extinguishing Malware from the world"

The Virus, Trojan, Spyware, and Malware Removal forum is very busy. If I'm helping you and I've not posted back within 24 hrs., send a PM with your topic link. Thank you.

ALL OTHER HELP REQUESTS VIA THE PM SYSTEM WILL BE IGNORED. The Forums are there for a reason!
Thanks-


  userbar_eis_500.gif

If I have helped you, consider making a donation to help me continue the fight against Malware! Just click btn_donate_LG.gif


#13 BathroomCitizen

BathroomCitizen
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:07:59 AM

Posted 30 August 2014 - 10:03 AM

Perfectly!

 

Thanks again!



#14 fireman4it

fireman4it

    Bleepin' Fireman


  • Malware Response Team
  • 13,505 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Greenup, Ill USA
  • Local time:12:59 AM

Posted 30 August 2014 - 06:51 PM

Hello, BathroomCitizen.
Congratulations! You now appear clean! :cool:

Are things running okay? Do you have any more questions?

System Still Slow?
You may wish to try StartupLite. Simply download this tool to your desktop and run it. It will explain any optional auto-start programs on your system, and offer the option to stop these programs from starting at startup. This will result in fewer programs running when you boot your system, and should improve preformance.
If that does not work, you can try the steps mentioned in Slow Computer/browser? Check Here First; It May Not Be Malware.

We Need to Clean Up Our Mess

 

  • Double click on adwcleaner.exe to run the tool.
  • Click on Uninstall.
  • Confirm with yes.

 

  • Download OTC by OldTimer and save it to your desktop.
  • Double click OTC_Icon.jpg icon to start the program. If you are using Vista, please right-click and choose run as administrator
  • Then Click the big CleanUp.jpg button.
  • You will get a prompt saying "Being Cleanup Process". Please select Yes.
  • Restart your computer when prompted.


Now you should Create a New Restore Point to prevent possible reinfection from an old one. Some of the malware you picked up could have been backed up, renamed and saved in System Restore. Since this is a protected directory your tools cannot access to delete these files, they sometimes can reinfect your system if you accidentally use an old restore point. Setting a new restore point AFTER cleaning your system will help prevent this and enable your computer to "roll-back" to a clean working state.

The easiest and safest way to do this is:
  • Go to Start > Programs > Accessories > System Tools and click "System Restore".
  • Choose the radio button marked "Create a Restore Point" on the first screen then click "Next". Give the R.P. a name, then click "Create". The new point will be stamped with the current date and time. Keep a log of this so you can find it easily should you need to use System Restore.
  • Then use Disk Cleanup to remove all but the most recently created Restore Point.
  • Go to Start > Run and type: Cleanmgr
  • Click "Ok". Disk Cleanup will scan your files for several minutes, then open.
  • Click the "More Options" tab, then click the "Clean up" button under System Restore.
  • Click Ok. You will be prompted with "Are you sure you want to delete all but the most recent restore point?"
  • Click Yes, then click Ok.
  • Click Yes again when prompted with "Are you sure you want to perform these actions?"
  • Disk Cleanup will remove the files and close automatically.
Vista and Windows 7 users can refer to these links: Create a New Restore Point in Vista or Windows 7 and Disk Cleanup in Vista.

 

 

 

 

One of the most common questions found when cleaning malware is "how did my machine get infected?"

There are a variety of reasons, but the most common ones are that you are not practicing Safe Internet, you are not running the proper security software or that your computer's security settings are set too low.

Below I have outlined a series of categories that outline how you can increase the security of your computer to help reduce the chance of being infected again in the future.

Do not use P2P programs
Peer-to-peer or file-sharing programs (such as uTorrent, Limewire and Bitorrent) are probably the primary route of infection nowadays. These programs allow file sharing between users as the name(s) suggest.  It is almost impossible to know whether the file you’re downloading through P2P programs is safe.

It is therefore possible to be infected by downloading infected files via peer-to-peer programs and so I recommend that you do not use these programs. Should you wish to use them, they must be used with extreme care. Some further reading on this subject, along with included links, are as follows: "File-Sharing, otherwise known as Peer To Peer" and "Risks of File-Sharing Technology."

In addition, P2P programs facilitate cyber crime and help distribute pirated software, movies and other illegal material.

Practice Safe Internet
Another one of the main reasons people get infected in the first place is that they are not practicing Safe Internet. You practice Safe Internet when you educate yourself on how to properly use the Internet through the use of security tools and good practice. Knowing how you can get infected and what types of files and sites to avoid will be the most crucial step in keeping your computer malware free. The reality is that the majority of people who are infected with malware are ones who click on things they shouldn't be clicking on.  Whether these things are files or sites it doesn't really matter.  If something is out to get you, and you click on it, it most likely will. 

Below are a list of simple precautions to take to keep your computer clean and running securely:

  • If you receive an attachment from someone you do not know, DO NOT OPEN IT! Simple as that.  Opening attachments from people you do not know is a very common method for viruses or worms to infect your computer.
  • If you receive an attachment and it ends with a .exe, .com, .bat, or .pif do not open the attachment unless you know for a fact that it is clean.  For the casual computer user, you will almost never receive a valid attachment of this type.
  • If you receive an attachment from someone you know, and it looks suspicious, then it probably is.  The email could be from someone you know who is themselves infected with malware which is trying to infect everyone in their address book. A key thing to look out for here is: does the email sound as though it’s from the person you know? Often, the email may simply have a web link or a “Run this file to make your PC run fast” message in it.
  • If you are browsing the Internet and a popup appears saying that you are infected, ignore it!.  These are, as far as I am concerned, scams that are being used to scare you into purchasing a piece of software.  For an example of these types of pop-ups, or Foistware, you should read this article: Foistware, And how to avoid it.
    There are also programs that disguise themselves as Anti-Spyware or security products but are instead scams. Removal instructions for a lot of these "rogues" can be found here.
  • Another tactic to fool you on the web is when a site displays a popup that looks like a normal Windows message  or alert.  When you click on them, though, they instead bring you to another site that is trying to push a product on you, or will download a file to your PC without your knowledge.  You can check to see if it's a real alert by right-clicking on the window.  If there is a menu that comes up saying Add to Favorites... you know it's a fake. DO NOT click on these windows, instead close them by finding the open window on your http://en.wikipedia.org/wiki/Taskbar#Screenshots '>Taskbar, right click and chose close.
  • Do not visit pornographic websites.  I know this may bother some of you, but the fact is that a large amount of malware is pushed through these types of sites.  I am not saying all adult sites do this, but a lot do, as this can often form part of their funding.
  • When using an Instant Messaging program be cautious about clicking on links people send to you.  It is not uncommon for infections to send a message to everyone in the infected person's contact list that contains a link to an infection.  Instead when you receive a message that contains a link you should message back to the person asking if it is legit.
  • Stay away from Warez and Crack sites! As with Peer-2-Peer programs, in addition to the obvious copyright issues, the downloads from these sites are typically overrun with infections.
  • Be careful of what you download off of web sites and Peer-2-Peer networks. Some sites disguise malware as legitimate software to trick you into installing them and Peer-2-Peer networks are crawling with it. If you want to download files from a site, and are not sure if they are legitimate, you can use tools such as BitDefender Traffic Light, Norton Safe Web, or McAfee SiteAdvisor to look up info on the site and stay protected against malicious sites. Please be sure to only choose and install one of those tool bars.
  • DO NOT INSTALL any software without first reading the End User License Agreement, otherwise known as the EULA. A tactic that some developers use is to offer their software for free, but have spyware and other programs you do not want bundled with it. This is where they make their money.  By reading the agreement there is a good chance you can spot this and not install the software.
    Sometimes even legitimate programs will try to bundle extra, unwanted, software with the program you want - this is done to raise money for the program. Be sure to untick any boxes which may indicate that other programs will be downloaded.


Keep Windows up-to-date
Microsoft continually releases security and stability updates for its supported operating systems and you should always apply these to help keep your PC secure.

  • Windows XP users
    You should visit Windows Update to check for the latest updates to your system. The latest service pack (SP3) can be obtained directly from Microsoft here.
  • Windows Vista users
    You should run the Windows Update program from your start menu to access the latest updates to your operating system (information can be found here). The latest service pack (SP2) can be obtained directly from Microsoft here.
  • Windows 7 users
    You should run the Windows Update program from your start menu to access the latest updates to your operating system (information can be found here). The latest service pack (SP1) can be obtained directly from Microsoft here



Keep your browser secure
Most modern browsers have come on in leaps and bounds with their inbuilt, default security. The best way to keep your browser secure nowadays is simply to keep it up-to-date.

The latest versions of the three common browsers can be found below:


Use an AntiVirus Software
It is very important that your computer has an up-to-date anti-virus software on it which has a real-time agent running.  This alone can save you a lot of trouble with malware in the future. 
See this link for a listing of some online & their stand-alone antivirus programs: Virus, Spyware, and Malware Protection and Removal Resources, a couple of free Anti-Virus programs you may be interested in are Microsoft Security Essentials and Avast.

It is imperative that you update your Antivirus software at least once a week (even more if you wish).  If you do not update your antivirus software then it will not be able to catch any of the new variants that may come out.  If you use a commercial antivirus program you must make sure you keep renewing your subscription.  Otherwise, once your subscription runs out, you may not be able to update the programs virus definitions.

Use a Firewall
I can not stress how important it is that you use a Firewall on your computer.  Without a firewall your computer is susceptible to being hacked and taken over. Simply using a Firewall in its default configuration can lower your risk greatly.

All versions of Windows starting from XP have an in-built firewall. With Windows XP this firewall will protect you from incoming traffic (i.e. hackers). Starting with Windows Vista, the firewall was beefed up to also protect you against outgoing traffic (i.e. malicious programs installed on your machine should be blocked from sending data, such as your bank details and passwords, out).

In addition, if you connect to the internet via a router, this will normally have a firewall in-built.

Some people will recommend installing a different firewall (instead of the Windows’ built one), this is personal choice, but the message is to definitely have one! For a tutorial on Firewalls and a listing of some available ones see this link: Understanding and Using Firewalls

Install an Anti-Malware program
Recommended, and free, Anti-Malware programs are Malwarebytes Anti-Malware and SuperAntiSpyware.

You should regularly (perhaps once a week) scan your computer with an Anti-Malware program just as you would with an antivirus software.

Make sure your applications have all of their updates
It is also possible for other programs on your computer to have security vulnerability that can allow malware to infect you.  Therefore, it is very important to check for the latest versions of commonly installed applications that are regularly patched to fix vulnerabilities (such as Adobe Reader and Java).  You can check these by visiting Secunia Software Inspector.

Follow this list and your potential for being infected again will reduce dramatically.


" Extinguishing Malware from the world"

The Virus, Trojan, Spyware, and Malware Removal forum is very busy. If I'm helping you and I've not posted back within 24 hrs., send a PM with your topic link. Thank you.

ALL OTHER HELP REQUESTS VIA THE PM SYSTEM WILL BE IGNORED. The Forums are there for a reason!
Thanks-


  userbar_eis_500.gif

If I have helped you, consider making a donation to help me continue the fight against Malware! Just click btn_donate_LG.gif


#15 fireman4it

fireman4it

    Bleepin' Fireman


  • Malware Response Team
  • 13,505 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Greenup, Ill USA
  • Local time:12:59 AM

Posted 03 September 2014 - 04:54 PM

It appears that this issue is resolved, therefore I am closing the topic. If that is not the case and you need or wish to continue with this topic, please send me or any Moderator a Personal Message (PM) that you would like this topic re-opened.

" Extinguishing Malware from the world"

The Virus, Trojan, Spyware, and Malware Removal forum is very busy. If I'm helping you and I've not posted back within 24 hrs., send a PM with your topic link. Thank you.

ALL OTHER HELP REQUESTS VIA THE PM SYSTEM WILL BE IGNORED. The Forums are there for a reason!
Thanks-


  userbar_eis_500.gif

If I have helped you, consider making a donation to help me continue the fight against Malware! Just click btn_donate_LG.gif





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users