Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Trojan/RAT keylogger on Win7


  • This topic is locked This topic is locked
8 replies to this topic

#1 Simcity42

Simcity42

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:07:37 AM

Posted 08 September 2014 - 08:43 PM

Hi there,

I've been having issues with this PC which I believe has either a Trojan and/or remote access capability mainly because I have had Gmail hacked, my Lastpass accessed, and back in April (before I took this offline until recently) I saw a window opening TOR late at night. Malwarebytes AntiMalware Chameleon will not run and I believe remote access is ongoing. There's also strange port activity and previously the Netgear router was accessed (I fopund a c:\netgear folder with firmware and there was guest access of some sort).

~~~~~~~~~~~~~~~~~~~~~~~~~~~

 

DDS Log:

``````````````````

 

DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 11.0.9600.17041  BrowserJavaVersion: 10.55.2
Run by sim at 21:03:45 on 2014-09-08
Microsoft Windows 7 Ultimate   6.1.7601.1.1252.61.1033.18.16367.14504 [GMT 10:00]
.
AV: avast! Antivirus *Disabled/Outdated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: avast! Antivirus *Disabled/Outdated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
FW: avast! Antivirus *Disabled* {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k apphost
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Windows\system32\CISVC.EXE
C:\Windows\System32\svchost.exe -k ipripsvc
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
C:\Program Files (x86)\Memeo\AutoBackup\MemeoBackgroundService.exe
C:\Program Files\Microsoft LifeCam\MSCamS64.exe
C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe
C:\Windows\System32\tcpsvcs.exe
C:\Windows\System32\snmp.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\taskhost.exe
C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\GIGABYTE\smart6\dbios\SDBMSG.exe
C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler.exe
C:\Windows\system32\sppsvc.exe
C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler64.exe
C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = about:Tabs
BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL
BHO: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Evernote extension: {92EF2EAD-A7CE-4424-B0DB-499CF856608E} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll
BHO: LastPass Vault: {95D9ECF5-2A4D-4550-BE49-70D42F71296E} - C:\Program Files (x86)\LastPass\LPToolbar.dll
BHO: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL
BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
TB: LastPass Toolbar: {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files (x86)\LastPass\LPToolbar.dll
uRun: [DU Meter] "C:\Program Files (x86)\DU Meter\DUMeter.exe" /autostart
mRun: [ConnectionCenter] :"C:\Program Files (x86)\Citrix\ICA Client\concentr.exe" /startup
mRun: [kbdsprt] <no file>
mRunOnce: [SDBOK] C:\Program Files (x86)\GIGABYTE\smart6\dbios\run.exe
dRunOnce: [osk.exe] osk.exe
StartupFolder: C:\Users\sim\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\EVERNO~1.LNK - C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe
StartupFolder: C:\Users\sim\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\MAGICD~1.LNK - C:\Program Files (x86)\MagicDisc\MagicDisc.exe
StartupFolder: C:\Users\sim\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\ONENOT~1.LNK - C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
StartupFolder: C:\Users\sim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\startup.BAT
StartupFolder: C:\Users\sim\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\~DISAB~1\Dropbox.lnk - C:\Users\sim\AppData\Roaming\Dropbox\bin\Dropbox.exe
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
uPolicies-Explorer: NoDrives = dword:0
mPolicies-Explorer: NoDrives = dword:0
mPolicies-System: ConsentPromptBehaviorAdmin = dword:0
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableLUA = dword:0
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-System: PromptOnSecureDesktop = dword:0
IE: Clip image - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\Clip.html?clipAction=4
IE: Clip selection - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\Clip.html?clipAction=3
IE: Clip this page - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\Clip.html?clipAction=1
IE: Clip URL - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\Clip.html?clipAction=0
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: LastPass - C:\Users\sim\AppData\LocalLow\LastPass\context.html?cmd=lastpass
IE: LastPass Fill Forms - C:\Users\sim\AppData\LocalLow\LastPass\context.html?cmd=fillforms
IE: New note - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\NewNote.html
IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
IE: {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files (x86)\PokerStars\PokerStarsUpdate.exe
IE: {43699cd0-e34f-11de-8a39-0800200c9a66} - {95D9ECF5-2A4D-4550-BE49-70D42F71296E} - C:\Program Files (x86)\LastPass\LPToolbar.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
IE: {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\AddNote.html
DPF: {3746422E-4692-4429-9698-E3EB34FE07BC} - hxxp://192.168.0.11:88/FSIPCam.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab
TCP: Interfaces\{0DEC0C84-8684-4425-B871-32E5B2E21192} : NameServer = 203.12.160.35,203.12.160.36
TCP: Interfaces\{1BF1EDE6-333B-4D26-A1A1-3B0A9A777467} : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{33434BE9-6FD9-44DD-B6F4-D2751C514D61} : DHCPNameServer = 192.168.0.1 192.168.0.1
TCP: Interfaces\{5BB4DA0B-F7D7-43EA-8B83-A7EBD08EC6CE} : NameServer = 8.8.8.8,8.8.4.4
TCP: Interfaces\{8796F4E8-4358-4A67-A7E3-B5871C55ACBB} : NameServer = 8.8.8.8,8.8.4.4
TCP: Interfaces\{8796F4E8-4358-4A67-A7E3-B5871C55ACBB}\E45445745414257383 : DHCPNameServer = 192.168.0.1
TCP: Interfaces\{9555047F-9CC0-4DB2-B447-F3139E8DF164} : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{CFF70676-4963-4CE3-A104-8CDAA5F56353} : DHCPNameServer = 208.67.222.222 208.67.220.220
TCP: Interfaces\{FC475F42-555E-47BE-A4BA-782CAC1A063D} : NameServer = 8.8.8.8,8.8.4.4
Filter: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
Filter: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
Filter: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
Filter: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
Filter: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
Filter: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
Filter: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
Filter: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
Filter: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
Filter: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
Filter: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
Filter: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
Filter: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
Filter: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
Filter: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
Filter: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
SSODL: WebCheck - <orphaned>
SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL
x64-BHO: GBHO.BHO: {45d30484-7ded-43d9-957a-d2fd1f046511} -
x64-BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL
x64-BHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: LastPass Vault: {95D9ECF5-2A4D-4550-BE49-70D42F71296E} - C:\Program Files (x86)\LastPass\LPToolbar_x64.dll
x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL
x64-TB: Smart Recovery 2: {1d09c093-f71e-43c3-b948-19316cbd695e} -
x64-TB: LastPass Toolbar: {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files (x86)\LastPass\LPToolbar_x64.dll
x64-Run: [IAStorIcon] :"C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIconLaunch.exe" "C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe" 60
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
x64-IE: {43699cd0-e34f-11de-8a39-0800200c9a66} - {95D9ECF5-2A4D-4550-BE49-70D42F71296E} - C:\Program Files (x86)\LastPass\LPToolbar_x64.dll
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
x64-IE: {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\AddNote.html
x64-DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.8.0/jinstall-1_8_0_05-windows-i586.cab
x64-DPF: {CAFEEFAC-0018-0000-0005-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.8.0/jinstall-1_8_0_05-windows-i586.cab
x64-DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.8.0/jinstall-1_8_0_05-windows-i586.cab
x64-Filter: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - <orphaned>
x64-Filter: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - <orphaned>
x64-Filter: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - <orphaned>
x64-Filter: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - <orphaned>
x64-Filter: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - <orphaned>
x64-Filter: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - <orphaned>
x64-Filter: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - <orphaned>
x64-Filter: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - <orphaned>
x64-Filter: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - <orphaned>
x64-Filter: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - <orphaned>
x64-Filter: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - <orphaned>
x64-Filter: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - <orphaned>
x64-Filter: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - <orphaned>
x64-Filter: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - <orphaned>
x64-Filter: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - <orphaned>
x64-Filter: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - <orphaned>
x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
x64-Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - <orphaned>
x64-SSODL: WebCheck - <orphaned>
x64-SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\sim\AppData\Roaming\Mozilla\Firefox\Profiles\asxdzmnq.default\
FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL
FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
FF - plugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
FF - plugin: C:\Program Files (x86)\LastPass\nplastpass.dll
FF - plugin: C:\Program Files (x86)\LastPass\nplastpass64.dll
FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
FF - plugin: C:\Program Files\Citrix\Secure Access Client\npagee.dll
FF - plugin: C:\Program Files\Citrix\Secure Access Client\npagee64.dll
FF - plugin: C:\Users\sim\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll
.
============= SERVICES / DRIVERS ===============
.
R0 aswRvrt;avast! Revert;C:\Windows\System32\drivers\aswRvrt.sys [2014-4-19 65776]
R0 aswVmm;avast! VM Monitor;C:\Windows\System32\drivers\aswVmm.sys [2014-4-19 224896]
R1 AppleCharger;AppleCharger;C:\Windows\System32\drivers\AppleCharger.sys [2011-7-18 21104]
R1 aswSnx;aswSnx;C:\Windows\System32\drivers\aswSnx.sys [2014-4-19 1041168]
R1 aswSP;aswSP;C:\Windows\System32\drivers\aswsp.sys [2014-4-19 427360]
R1 ctxusbm;Citrix USB Monitor Driver;C:\Windows\System32\drivers\ctxusbm.sys [2010-7-14 87600]
R2 aswHwid;avast! HardwareID;C:\Windows\System32\drivers\aswHwid.sys [2014-4-19 29208]
R2 aswMonFlt;aswMonFlt;C:\Windows\System32\drivers\aswMonFlt.sys [2014-4-19 79184]
R2 aswStm;aswStm;C:\Windows\System32\drivers\aswStm.sys [2014-4-19 92008]
R2 avast! Antivirus;avast! Antivirus;C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2014-8-26 50344]
R2 iprip;RIP Listener;C:\Windows\System32\svchost.exe -k ipripsvc [2009-7-14 27136]
R2 LxrSII1d;Secure II Driver;C:\Windows\System32\drivers\LxrSII1d.sys [2012-8-11 63064]
R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [2014-9-3 1809720]
R2 MemeoBackgroundService;MemeoBackgroundService;C:\Program Files (x86)\Memeo\AutoBackup\MemeoBackgroundService.exe [2011-5-5 25824]
R2 NvNetworkService;NVIDIA Network Service;C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2014-2-26 1593632]
R2 NvStreamSvc;NVIDIA Streamer Service;C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2014-1-2 16939296]
R2 PMBDeviceInfoProvider;PMBDeviceInfoProvider;C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe [2012-11-27 479840]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2014-8-26 411936]
R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;C:\Windows\System32\drivers\nusb3hub.sys [2010-11-19 80384]
R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;C:\Windows\System32\drivers\nusb3xhc.sys [2010-11-19 181248]
R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);C:\Windows\System32\drivers\nvvad64v.sys [2014-2-26 39200]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-9-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-9-11 124088]
S2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;"C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe" --> C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [?]
S3 AppleChargerSrv;AppleChargerSrv;system32\AppleChargerSrv.exe --> system32\AppleChargerSrv.exe [?]
S3 BVRPMPR5a64;BVRPMPR5a64 NDIS Protocol Driver;C:\Windows\System32\drivers\BVRPMPR5a64.SYS [2012-1-14 35840]
S3 DrvAgent64;DrvAgent64;C:\Windows\SysWOW64\drivers\DrvAgent64.SYS [2014-2-6 21712]
S3 etdrv;etdrv;C:\Windows\etdrv.sys [2012-1-3 25640]
S3 GVTDrv64;GVTDrv64;C:\Windows\GVTDrv64.sys [2011-7-18 30528]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2014-4-19 111616]
S3 MotioninJoyXFilter;MotioninJoy Virtual Xinput device Filter Driver;C:\Windows\System32\drivers\MijXfilt.sys [2012-11-27 121416]
S3 Netaapl;Apple Mobile Device Ethernet Service;C:\Windows\System32\drivers\netaapl64.sys [2013-7-25 23040]
S3 netr7364;RT73 USB Extensible Wireless LAN Card Driver;C:\Windows\System32\drivers\netr7364.sys [2011-10-5 729152]
S3 PORTMON;PORTMON;C:\apps\SysinternalsSuite\PORTMSYS.SYS [2014-9-5 28656]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2013-3-4 19456]
S3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2014-1-1 726160]
S3 Smart TimeLock;Smart TimeLock;C:\Program Files (x86)\GIGABYTE\smart6\timelock\TimeMgmtDaemon.exe [2011-7-18 114688]
S3 teamviewervpn;TeamViewer VPN Adapter;C:\Windows\System32\drivers\teamviewervpn.sys [2014-3-3 35112]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2013-3-4 57856]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2012-12-13 54784]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2011-7-18 1255736]
S4 DES2 Service;DES2 Service for Energy Saving.;C:\Program Files (x86)\GIGABYTE\EnergySaver2\des2svr.exe [2011-7-18 68136]
S4 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-10-23 172192]
.
=============== File Associations ===============
.
FileExt: .txt: SynWrite="C:\apps\SynWrite\Syn.exe" "%1"
FileExt: .ini: Applications\notepad++.exe="C:\Program Files (x86)\Notepad++\notepad++.exe" "%1" [UserChoice]
.
=============== Created Last 30 ================
.
2014-09-08 07:10:41    --------    d-----w-    C:\Users\sim\AppData\Roaming\NetBeans
2014-09-08 07:10:41    --------    d-----w-    C:\Users\sim\AppData\Local\NetBeans
2014-09-08 01:54:53    --------    d-----we    C:\java
2014-09-04 13:16:23    --------    d-----w-    C:\Users\sim\AppData\Local\{D0ACB0A5-3E18-4EFB-989C-B7F103CD4292}
2014-09-04 02:40:21    --------    d-----w-    C:\ProgramData\Sony Corporation
2014-09-03 11:37:35    --------    d-----w-    C:\Users\sim\AppData\Roaming\NVIDIA Corporation
2014-09-03 11:30:12    --------    d-sh--w-    C:\$RECYCLE.BIN
2014-09-03 11:30:11    --------    d-----w-    C:\Users\sim\AppData\Local\temp
2014-09-03 11:22:03    98816    ----a-w-    C:\Windows\sed.exe
2014-09-03 11:22:03    256000    ----a-w-    C:\Windows\PEV.exe
2014-09-03 11:22:03    208896    ----a-w-    C:\Windows\MBR.exe
2014-09-03 10:34:29    91352    ----a-w-    C:\Windows\System32\drivers\mbamchameleon.sys
2014-09-03 10:34:29    63704    ----a-w-    C:\Windows\System32\drivers\mwac.sys
2014-09-03 10:34:29    25816    ----a-w-    C:\Windows\System32\drivers\mbam.sys
2014-09-03 10:34:29    --------    d-----w-    C:\ProgramData\Malwarebytes
2014-09-03 10:34:29    --------    d-----w-    C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-09-01 15:20:42    --------    d-----w-    C:\Windows\rescache
2014-08-28 12:38:11    --------    d-----w-    C:\AdwCleaner
2014-08-28 11:58:38    --------    d-----w-    C:\TDSSKiller_Quarantine
2014-08-28 04:15:01    --------    d-----w-    C:\!!
2014-08-28 02:23:46    --------    d-----w-    C:\OpenSSL-Win64
2014-08-27 02:24:46    99480    ----a-w-    C:\Windows\SysWow64\infocardapi.dll
2014-08-27 02:24:46    619672    ----a-w-    C:\Windows\SysWow64\icardagt.exe
2014-08-27 02:24:46    171160    ----a-w-    C:\Windows\System32\infocardapi.dll
2014-08-27 02:24:46    1389208    ----a-w-    C:\Windows\System32\icardagt.exe
2014-08-27 02:24:45    8856    ----a-w-    C:\Windows\SysWow64\icardres.dll
2014-08-27 02:24:45    8856    ----a-w-    C:\Windows\System32\icardres.dll
2014-08-27 02:24:37    35480    ----a-w-    C:\Windows\SysWow64\TsWpfWrp.exe
2014-08-27 02:24:37    35480    ----a-w-    C:\Windows\System32\TsWpfWrp.exe
2014-08-26 12:43:40    11319192    ----a-w-    C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{3DD26A82-E378-47DB-915B-97DC8C22E409}\mpengine.dll
2014-08-26 12:35:34    2620928    ----a-w-    C:\Windows\System32\wucltux.dll
2014-08-26 12:32:31    97792    ----a-w-    C:\Windows\System32\wudriver.dll
2014-08-26 12:32:31    92672    ----a-w-    C:\Windows\SysWow64\wudriver.dll
2014-08-26 12:27:46    609240    ----a-w-    C:\Windows\SysWow64\nvStreaming.exe
2014-08-26 12:24:50    36864    ----a-w-    C:\Windows\System32\wuapp.exe
2014-08-26 12:24:50    33792    ----a-w-    C:\Windows\SysWow64\wuapp.exe
2014-08-26 12:24:50    198600    ----a-w-    C:\Windows\System32\wuwebv.dll
2014-08-26 12:24:50    179656    ----a-w-    C:\Windows\SysWow64\wuwebv.dll
2014-08-26 12:12:02    43152    ----a-w-    C:\Windows\avastSS.scr
2014-08-22 14:35:31    2555680    ----a-w-    C:\Windows\System32\nvsvcr.dll
2014-08-22 14:23:49    --------    d-----w-    C:\Program Files\NVIDIA GPU Computing Toolkit
2014-08-22 14:23:48    2814656    ----a-w-    C:\Windows\SysWow64\nvapi.dll
2014-08-22 14:23:48    1832224    ----a-w-    C:\Windows\System32\nvdispco6432057.dll
2014-08-22 14:23:48    1511712    ----a-w-    C:\Windows\System32\nvdispgenco6432057.dll
2014-08-22 14:23:48    14498552    ----a-w-    C:\Windows\SysWow64\nvd3dum.dll
2014-08-21 04:43:33    --------    d-----w-    C:\Program Files\NetBeans 8.0
2014-08-21 04:38:32    --------    d-----w-    C:\Users\sim\.nbi
.
==================== Find3M  ====================
.
2014-09-08 11:03:06    25640    ----a-w-    C:\Windows\gdrv.sys
2014-08-26 12:12:02    93568    ----a-w-    C:\Windows\System32\drivers\aswRdr2.sys
2014-08-26 12:12:02    92008    ----a-w-    C:\Windows\System32\drivers\aswStm.sys
2014-08-26 12:12:02    79184    ----a-w-    C:\Windows\System32\drivers\aswMonFlt.sys
2014-08-26 12:12:02    65776    ----a-w-    C:\Windows\System32\drivers\aswRvrt.sys
2014-08-26 12:12:02    29208    ----a-w-    C:\Windows\System32\drivers\aswHwid.sys
2014-08-26 12:12:02    224896    ----a-w-    C:\Windows\System32\drivers\aswVmm.sys
2014-08-26 12:12:02    1041168    ----a-w-    C:\Windows\System32\drivers\aswSnx.sys
2014-08-06 09:59:08    354304    ----a-w-    C:\Windows\System32\ssleay32.dll
2014-08-06 09:59:08    354304    ----a-w-    C:\Windows\System32\libssl32.dll
2014-08-06 09:58:50    1650688    ----a-w-    C:\Windows\System32\libeay32.dll
2014-08-04 23:20:00    270496    ------w-    C:\Windows\System32\MpSigStub.exe
2014-07-02 18:55:43    6783776    ----a-w-    C:\Windows\System32\nvcpl.dll
2014-07-02 18:55:43    3522392    ----a-w-    C:\Windows\System32\nvsvc64.dll
2014-07-02 18:55:41    935368    ----a-w-    C:\Windows\System32\nvvsvc.exe
2014-07-02 18:55:41    62808    ----a-w-    C:\Windows\System32\nvshext.dll
2014-07-02 18:55:41    386520    ----a-w-    C:\Windows\System32\nvmctray.dll
2014-07-02 10:14:12    3826628    ----a-w-    C:\Windows\System32\nvcoproc.bin
2014-04-29 09:28:38    14936064    ----a-w-    C:\Program Files (x86)\Common Files\lpuninstall.exe
2012-07-12 08:28:44    2174976    ----a-w-    C:\Program Files (x86)\Common Files\atimpenc.dll
.
============= FINISH: 21:04:01.50 ===============
 



BC AdBot (Login to Remove)

 


m

#2 HelpBot

HelpBot

    Bleepin' Binary Bot


  • Bots
  • 12,549 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:04:37 PM

Posted 13 September 2014 - 08:45 PM

Hello and welcome to Bleeping Computer!

I am HelpBot: an automated program designed to help the Bleeping Computer Staff better assist you! This message contains very important information, so please read through all of it before doing anything.

We apologize for the delay in responding to your request for help. Here at Bleeping Computer we get overwhelmed at times, and we are trying our best to keep up. Please note that your topic was not intentionally overlooked. Our mission is to help everyone in need, but sometimes it takes just a little longer to get to every request for help. No one is ignored here.

To help Bleeping Computer better assist you please perform the following steps:

***************************************************

step1.gif In order to continue receiving help at BleepingComputer.com, YOU MUST tell me if you still need help or if your issue has already been resolved on your own or through another resource! To tell me this, please click on the following link and follow the instructions there.

CLICK THIS LINK >>> http://www.bleepingcomputer.com/logreply/547418 <<< CLICK THIS LINK



If you no longer need help, then all you needed to do was the previous instructions of telling me so. You can skip the rest of this post. If you do need help please continue with Step 2 below.

***************************************************

step2.gifIf you still need help, I would like you to post a Reply to this topic (click the "Add Reply" button in the lower right hand of this page). In that reply, please include the following information:

  • If you have not done so already, include a clear description of the problems you're having, along with any steps you may have performed so far.
  • A new DDS log. For your convenience, you will find the instructions for generating these logs repeated at the bottom of this post.
    • Please do this even if you have previously posted logs for us.
    • If you were unable to produce the logs originally please try once more.
    • If you are unable to create a log please provide detailed information about your installed Windows Operating System including the Version, Edition and if it is a 32bit or a 64bit system.
    • If you are unsure about any of these characteristics just post what you can and we will guide you.
  • Please tell us if you have your original Windows CD/DVD available.
  • Upon completing the above steps and posting a reply, another staff member will review your topic and do their best to resolve your issues.

Thank you for your patience, and again sorry for the delay.

***************************************************

We need to see some information about what is happening in your machine. Please perform the following scan again:

  • Download DDS by sUBs from the following link if you no longer have it available and save it to your destop.

    DDS.com Download Link
  • Double click on the DDS icon, allow it to run.
  • A small box will open, with an explanation about the tool. No input is needed, the scan is running.
  • Notepad will open with the results.
  • Follow the instructions that pop up for posting the results.
  • Close the program window, and delete the program from your desktop.
Please note: You may have to disable any script protection running if the scan fails to run. After downloading the tool, disconnect from the internet and disable all antivirus protection. Run the scan, enable your A/V and reconnect to the internet.

Information on A/V control can be found HERE.

As I am just a silly little program running on the BleepingComputer.com servers, please do not send me private messages as I do not know how to read and reply to them! Thanks!

#3 HelpBot

HelpBot

    Bleepin' Binary Bot


  • Bots
  • 12,549 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:04:37 PM

Posted 18 September 2014 - 08:50 PM

Hello again!

I haven't heard from you in 5 days. Therefore, I am going to assume that you no longer need our help, and close this topic.

If you do still need help, please send a Private Message to any Moderator within the next five days. Be sure to include a link to your topic in your Private Message.

Thank you for using Bleeping Computer, and have a great day!

#4 Simcity42

Simcity42
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:07:37 AM

Posted 20 September 2014 - 05:37 AM

Topic re-openjed by MOD - I'll post the logs ASAP! Thank you! (I'd thought I slipped thru the cracks and was forgotten =D)

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 

If you do still need help, please send a Private Message to any Moderator within the next five days. Be sure to include a link to your topic in your Private Message.
 



#5 nasdaq

nasdaq

  • Malware Response Team
  • 38,238 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:03:37 PM

Posted 20 September 2014 - 08:21 AM

Hello, Welcome to BleepingComputer.
I'm nasdaq and will be helping you.

If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps in the order listed.
===

I reviewed your DDS log nothing suspicious was found.

Please run these tools and post the logs.

Please download AdwCleaner by Xplode onto your Desktop.
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click the Scan button and wait for the process to complete.
  • Click the Report button and the report will open in Notepad.
IMPORTANT
  • If you click the Clean button all items listed in the report will be removed.
If you find some false positive items or programs that you wish to keep, Close the AdwCleaner windows.
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click the Scan button and wait for the process to complete.
  • Check off the element(s) you wish to keep.
  • Click on the Clean button follow the prompts.
  • A log file will automatically open after the scan has finished.
  • Please post the content of that log file with your next answer.
  • You can find the log file at C:\AdwCleaner[Sn].txt (n is a number).
===

Download the version of this tool for your operating system.
Farbar Recovery Scan Tool (64 bit)
Farbar Recovery Scan Tool (32 bit)
and save it to a folder on your computer's Desktop.
Double-click to run it. When the tool opens click Yes to disclaimer.
Press Scan button.
It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.
===

Please paste the logs in your next reply DO NOT ATTACH THEM unless specified.
To attach a file select the "More Reply Option" and follow the instructions.

Wait for further instructions.

#6 Simcity42

Simcity42
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:07:37 AM

Posted 21 September 2014 - 10:49 PM

# AdwCleaner v3.310 - Report created 22/09/2014 at 12:14:42
# Updated 12/09/2014 by Xplode
# Operating System : Windows 7 Ultimate Service Pack 1 (64 bits)
# Username : sim - BUSHIDO
# Running from : C:\desktop\rk\adwcleaner_3.310.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****


***** [ Scheduled Tasks ] *****


***** [ Shortcuts ] *****


***** [ Registry ] *****


***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17280


-\\ Mozilla Firefox v32.0.2 (x86 en-US)

[ File : C:\Users\Mathew\AppData\Roaming\Mozilla\Firefox\Profiles\z1wlywpj.default\prefs.js ]


[ File : C:\Users\sim\AppData\Roaming\Mozilla\Firefox\Profiles\asxdzmnq.default\prefs.js ]


-\\ Google Chrome v

[ File : C:\Users\sim\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [6009 octets] - [28/08/2014 22:38:15]
AdwCleaner[R1].txt - [2214 octets] - [22/09/2014 09:05:38]
AdwCleaner[R2].txt - [1399 octets] - [22/09/2014 11:38:58]
AdwCleaner[R3].txt - [1156 octets] - [22/09/2014 12:07:43]
AdwCleaner[S0].txt - [5983 octets] - [28/08/2014 22:40:16]
AdwCleaner[S1].txt - [1174 octets] - [22/09/2014 12:14:42]

########## EOF - C:\AdwCleaner\AdwCleaner[S1].txt - [1234 octets] ##########
 

 

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 21-09-2014 01
Ran by sim (administrator) on BUSHIDO on 22-09-2014 11:32:22
Running from C:\Users\sim\Desktop\rk
Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(CobianSoft, Luis Cobian) C:\Program Files (x86)\Cobian Backup 11\cbVSCService11.exe
(Microsoft Corporation) C:\Windows\System32\CISVC.EXE
(TeamViewer) C:\Program Files (x86)\ITbrain Agent\itbrain_agent.exe
(Memeo) C:\Program Files (x86)\Memeo\AutoBackup\MemeoBackgroundService.exe
(Microsoft Corporation) C:\Program Files\Microsoft LifeCam\MSCamS64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe
(Microsoft Corporation) C:\Windows\System32\TCPSVCS.EXE
(Microsoft Corporation) C:\Windows\System32\snmp.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer9\TeamViewer_Service.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer9\TeamViewer.exe
() C:\Program Files (x86)\GIGABYTE\smart6\dbios\SDBMSG.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer9\tv_w32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer9\tv_x64.exe
(Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Evernote Corp., 305 Walnut Street, Redwood City, CA 94063) C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe
(MagicISO, Inc.) C:\Program Files (x86)\MagicDisc\MagicDisc.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
(UVViewSoft) C:\apps\SynWrite\Syn.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler64.exe
(Microsoft Corporation) C:\Windows\System32\CIDAEMON.EXE


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [IAStorIcon] => :"C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIconLaunch.exe" "C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe" 60
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [kbdsprt] => [X]
HKLM-x32\...\Run: [NUSB3MON] => C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [113288 2010-11-17] (Renesas Electronics Corporation)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [4085896 2014-08-26] (AVAST Software)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-22] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [ISUSScheduler] => C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe [81920 2005-02-17] (InstallShield Software Corporation)
HKLM-x32\...\RunOnce: [SDBOK] => C:\Program Files (x86)\GIGABYTE\smart6\dbios\run.exe [207400 2009-07-06] ()
HKU\.DEFAULT\...\RunOnce: [osk.exe] => C:\Windows\system32\osk.exe [692736 2014-06-18] (Microsoft Corporation)
HKU\S-1-5-21-225003192-1978909567-2472267684-1019\...\Run: [ISUSPM Startup] => C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe [221184 2005-02-17] (InstallShield Software Corporation)
HKU\S-1-5-21-225003192-1978909567-2472267684-1019\...\Policies\system: [LogonHoursAction] 2
HKU\S-1-5-21-225003192-1978909567-2472267684-1019\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
IFEO\notepad.exe: [Debugger] "C:\Program Files\Notepad2\Notepad2.exe" /z
Startup: C:\Users\sim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\sim\AppData\Roaming\Dropbox\bin\Dropbox.exe (No File)
Startup: C:\Users\sim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EvernoteClipper.lnk
ShortcutTarget: EvernoteClipper.lnk -> C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
Startup: C:\Users\sim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MagicDisc.lnk
ShortcutTarget: MagicDisc.lnk -> C:\Program Files (x86)\MagicDisc\MagicDisc.exe (MagicISO, Inc.)
Startup: C:\Users\sim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Screen Clipper and Launcher.lnk
ShortcutTarget: OneNote 2010 Screen Clipper and Launcher.lnk -> C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)
Startup: C:\Users\sim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\startup.BAT ()
ShellIconOverlayIdentifiers: 00avast -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
GroupPolicyUsers\S-1-5-21-225003192-1978909567-2472267684-1026\User: Group Policy restriction detected <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:Tabs
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xFB7EDBFC7614CF01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-AU
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
BHO: GBHO.BHO -> {45d30484-7ded-43d9-957a-d2fd1f046511} -> C:\Windows\system32\mscoree.dll (Microsoft Corporation)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: LastPass Vault -> {95D9ECF5-2A4D-4550-BE49-70D42F71296E} -> C:\Program Files (x86)\LastPass\LPToolbar_x64.dll (LastPass)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Evernote extension -> {92EF2EAD-A7CE-4424-B0DB-499CF856608E} -> C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
BHO-x32: LastPass Vault -> {95D9ECF5-2A4D-4550-BE49-70D42F71296E} -> C:\Program Files (x86)\LastPass\LPToolbar.dll (LastPass)
BHO-x32: Skype Browser Helper -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
Toolbar: HKLM - Smart Recovery 2 - {1d09c093-f71e-43c3-b948-19316cbd695e} - C:\Windows\system32\mscoree.dll (Microsoft Corporation)
Toolbar: HKLM - LastPass Toolbar - {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files (x86)\LastPass\LPToolbar_x64.dll (LastPass)
Toolbar: HKLM-x32 - LastPass Toolbar - {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files (x86)\LastPass\LPToolbar.dll (LastPass)
DPF: HKLM-x32 {3746422E-4692-4429-9698-E3EB34FE07BC} http://192.168.0.11:88/FSIPCam.cab
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} -  No File
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Filter: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File
Filter: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File
Filter: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File
Filter: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File
Filter: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File
Filter: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File
Filter: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File
Filter: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File
Filter: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File
Filter: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File
Filter: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File
Filter: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File
Filter: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File
Filter: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File
Filter: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File
Filter: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File
Filter-x32: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Filter-x32: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll (Citrix Systems, Inc.)
Tcpip\..\Interfaces\{0DEC0C84-8684-4425-B871-32E5B2E21192}: [NameServer] 203.12.160.35,203.12.160.36
Tcpip\..\Interfaces\{5BB4DA0B-F7D7-43EA-8B83-A7EBD08EC6CE}: [NameServer] 8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{8796F4E8-4358-4A67-A7E3-B5871C55ACBB}: [NameServer] 8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{FC475F42-555E-47BE-A4BA-782CAC1A063D}: [NameServer] 8.8.8.8,8.8.4.4

FireFox:
========
FF ProfilePath: C:\Users\sim\AppData\Roaming\Mozilla\Firefox\Profiles\asxdzmnq.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_179.dll ()
FF Plugin: @Citrix.com/npagee64,version=9.1.102.8 -> C:\Program Files\Citrix\Secure Access Client\npagee64.dll (Citrix Systems, Inc.)
FF Plugin: @lastpass.com/NPLastPass -> C:\Program Files (x86)\LastPass\nplastpass64.dll (LastPass)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_179.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @Citrix.com/npagee,version=9.1.102.8 -> C:\Program Files\Citrix\Secure Access Client\npagee.dll (Citrix Systems, Inc.)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @lastpass.com/NPLastPass -> C:\Program Files (x86)\LastPass\nplastpass.dll (LastPass)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 -> C:\Users\sim\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 -> C:\Users\sim\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\CCMSDK.dll (Citrix Systems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\cgpcfg.dll (Citrix Systems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\CgpCore.dll (Citrix Systems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\confmgr.dll (Citrix Systems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\ctxlogging.dll (Citrix Systems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\ctxmui.dll (Citrix Systems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\icafile.dll (Citrix Systems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\icalogon.dll (Citrix Systems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npicaN.dll ()
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\sslsdk_b.dll (Citrix Systems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\TcpPServ.dll (Citrix Systems, Inc.)
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2014-09-20]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} [2014-09-20]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} [2014-09-20]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2014-09-20]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-04-19]
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird

Chrome:
=======
CHR Profile: C:\Users\sim\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Docs) - C:\Users\sim\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-12-31]
CHR Extension: (Google Drive) - C:\Users\sim\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-09-08]
CHR Extension: (YouTube) - C:\Users\sim\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-09-08]
CHR Extension: (Google Search) - C:\Users\sim\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-09-08]
CHR Extension: (avast! Online Security) - C:\Users\sim\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-04-22]
CHR Extension: (Gmail) - C:\Users\sim\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-09-08]
CHR Profile: C:\Users\sim\AppData\Local\Google\Chrome\User Data\Profile 1
CHR Extension: (DHC - REST HTTP API Client) - C:\Users\sim\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aejoelaoggembcahagimdiliamlcdmfm [2014-09-20]
CHR Extension: (My Java Zone App) - C:\Users\sim\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\afhehmgbcnndefkbkdlelnplpomlblap [2014-09-20]
CHR Extension: (Google Docs) - C:\Users\sim\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2014-01-01]
CHR Extension: (Google Drive) - C:\Users\sim\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-09-02]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\sim\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-09-09]
CHR Extension: (YouTube) - C:\Users\sim\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-09-02]
CHR Extension: (Syntaxtic!) - C:\Users\sim\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\cgjalgdhmbpaacnnejmodfinclbdgaci [2014-09-20]
CHR Extension: (Google Search) - C:\Users\sim\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-09-02]
CHR Extension: (GreenAddress) - C:\Users\sim\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\dgbimgjoijjemhdamicmljbncacfndmp [2014-09-20]
CHR Extension: (Bit Kit) - C:\Users\sim\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\dghafchcacmkakfojlnihphhabgggmpk [2014-09-20]
CHR Extension: (Python Shell) - C:\Users\sim\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\diebclfbkfamdacginejnaookipodhng [2014-09-20]
CHR Extension: (MightyText - SMS Text Messaging from Computer) - C:\Users\sim\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\dkfhfaphfkopdgpbfkebjfcblcafcmpi [2014-09-20]
CHR Extension: (Multiple Account Checker for Gmail™) - C:\Users\sim\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\dnimhgelcnggigekhdjlifjpndgmnglm [2014-09-20]
CHR Extension: (Google Apps Script) - C:\Users\sim\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\eoieeedlomnegifmaghhjnghhmcldobl [2014-09-20]
CHR Extension: (Postman - REST Client) - C:\Users\sim\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\fdmmgilgnpjigdojojpjoooidkmcomcm [2014-09-20]
CHR Extension: (Authy Chrome Extension) - C:\Users\sim\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\fhgenkpocbhhddlgkjnfghpjanffonno [2014-09-20]
CHR Extension: (BitcoinTalk++) - C:\Users\sim\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\fpjmgnodlbpbdfmehnbnmacajbllkfai [2014-09-20]
CHR Extension: (Authy) - C:\Users\sim\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gaedmjdfmmahhbjefcbgaolhhanlaolb [2014-09-20]
CHR Extension: (Blockchain) - C:\Users\sim\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\glaohkkooicollgefkkmndjcbblominl [2014-09-20]
CHR Extension: (Hackers toolkit) - C:\Users\sim\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gnniaejgfdelaafcjopndjdebjfnkljf [2014-09-20]
CHR Extension: (avast! Online Security) - C:\Users\sim\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-04-19]
CHR Extension: (LastPass: Free Password Manager) - C:\Users\sim\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\hdokiejnpimakedhajhdlcegeplioahd [2014-09-20]
CHR Extension: (Advanced REST client) - C:\Users\sim\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\hgmloofddffdnphfgcellkdfbfbjeloo [2014-09-20]
CHR Extension: (Google Keep - notes and lists) - C:\Users\sim\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\hmjkmjkepdijhoojdojkdfohbdgmmhki [2014-09-20]
CHR Extension: (Hasher) - C:\Users\sim\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\kignjplbjlocolcfldfhbonmbblpfbjb [2014-09-20]
CHR Extension: (Evernote Web) - C:\Users\sim\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lbfehkoinhhcknnbdgnnmjhiladcgbol [2014-09-20]
CHR Extension: (KryptoKit Bitcoin Wallet) - C:\Users\sim\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lhhipingoaiddcoalochnbjlkifbpmoj [2014-09-20]
CHR Extension: (Numerics Calculator & Converter) - C:\Users\sim\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\liglcienpnkhdajdfmnpbgmpjglonipe [2014-09-20]
CHR Extension: (Google Drawings) - C:\Users\sim\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\mkaakpdehdafacodkgkpghoibnmamcme [2014-09-20]
CHR Extension: (Google Wallet) - C:\Users\sim\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-09-09]
CHR Extension: (Gmail) - C:\Users\sim\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-09-02]
CHR Profile: C:\Users\sim\AppData\Local\Google\Chrome\User Data\Profile 1.BAK
CHR Extension: (DHC - REST HTTP API Client) - C:\Users\sim\AppData\Local\Google\Chrome\User Data\Profile 1.BAK\Extensions\aejoelaoggembcahagimdiliamlcdmfm [2014-04-20]
CHR Extension: (The Walking Dead Game) - C:\Users\sim\AppData\Local\Google\Chrome\User Data\Profile 1.BAK\Extensions\aidjfhobaaklkklocfbhninlokoampki [2014-03-08]
CHR Extension: (Blockchain.info Address Search) - C:\Users\sim\AppData\Local\Google\Chrome\User Data\Profile 1.BAK\Extensions\aipmpbhchlkopmpoaipbelfpniojcnkb [2014-01-01]
CHR Extension: (Awesome Screenshot: Capture & Annotate) - C:\Users\sim\AppData\Local\Google\Chrome\User Data\Profile 1.BAK\Extensions\alelhddbbhepgpmgidjdcjakblofbmce [2014-04-02]
CHR Extension: (reddit companion) - C:\Users\sim\AppData\Local\Google\Chrome\User Data\Profile 1.BAK\Extensions\algjnflpgoopkdijmkalfcifomdhmcbe [2014-01-01]
CHR Extension: (Chrome Currency Converter) - C:\Users\sim\AppData\Local\Google\Chrome\User Data\Profile 1.BAK\Extensions\anbfhidldjknonaihbalghlebaijealk [2014-01-01]
CHR Extension: (Collate) - C:\Users\sim\AppData\Local\Google\Chrome\User Data\Profile 1.BAK\Extensions\anlcpclkmbeeoglfgbfboogijdkbohkn [2014-01-01]
CHR Extension: (Google Docs) - C:\Users\sim\AppData\Local\Google\Chrome\User Data\Profile 1.BAK\Extensions\aohghmighlieiainnegkcijnfilokake [2014-01-01]
CHR Extension: (Send to OneNote) - C:\Users\sim\AppData\Local\Google\Chrome\User Data\Profile 1.BAK\Extensions\aokbjibjnekbfdjilfpoknnokaffoinp [2014-05-02]
CHR Extension: (Lucidchart Diagrams - Online) - C:\Users\sim\AppData\Local\Google\Chrome\User Data\Profile 1.BAK\Extensions\apboafhkiegglekeafbckfjldecefkhn [2014-03-22]
CHR Extension: (Google Drive) - C:\Users\sim\AppData\Local\Google\Chrome\User Data\Profile 1.BAK\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-01-01]
CHR Extension: (Easy SoundCloud Download) - C:\Users\sim\AppData\Local\Google\Chrome\User Data\Profile 1.BAK\Extensions\baccjnddbmbhkkckiahhbmcboaelkeci [2014-01-01]
CHR Extension: (Writebox) - C:\Users\sim\AppData\Local\Google\Chrome\User Data\Profile 1.BAK\Extensions\bbehjmjchoiaglkeboicbgkpfafcmhij [2014-04-10]
CHR Extension: (Bitcoin Utility Belt) - C:\Users\sim\AppData\Local\Google\Chrome\User Data\Profile 1.BAK\Extensions\bejgfgaachlgfbdboheckmhpfodgfien [2014-01-01]
CHR Extension: (Redbooth (formerly Teambox)) - C:\Users\sim\AppData\Local\Google\Chrome\User Data\Profile 1.BAK\Extensions\bgecckpiojpahjlndlofcljgacdfkifk [2014-01-01]
CHR Extension: (QuickMark QR Code Extension) - C:\Users\sim\AppData\Local\Google\Chrome\User Data\Profile 1.BAK\Extensions\bhddglpocgogkbpkbkoieiplhgbjmiim [2014-01-01]
CHR Extension: (Geek-KB) - C:\Users\sim\AppData\Local\Google\Chrome\User Data\Profile 1.BAK\Extensions\bhkjbenaagodgbidonmfagmhdmoamlli [2014-05-02]
CHR Extension: (Gliffy Diagrams) - C:\Users\sim\AppData\Local\Google\Chrome\User Data\Profile 1.BAK\Extensions\bhmicilclplefnflapjmnngmkkkkpfad [2014-03-22]
CHR Extension: (iCloud) - C:\Users\sim\AppData\Local\Google\Chrome\User Data\Profile 1.BAK\Extensions\bjhodfififgcgedifpkenofdhlaafokk [2014-01-01]
CHR Extension: (Fast Bookmark) - C:\Users\sim\AppData\Local\Google\Chrome\User Data\Profile 1.BAK\Extensions\bkolccbclokgkhcciikgbkcmnagimjib [2014-03-07]
CHR Extension: (YouTube) - C:\Users\sim\AppData\Local\Google\Chrome\User Data\Profile 1.BAK\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-01-01]
CHR Extension: (Minimalist for Everything) - C:\Users\sim\AppData\Local\Google\Chrome\User Data\Profile 1.BAK\Extensions\bmihblnpomgpjkfddepdpdafhhepdbek [2014-02-08]
CHR Extension: (Skulpt Interpreter) - C:\Users\sim\AppData\Local\Google\Chrome\User Data\Profile 1.BAK\Extensions\bocjplmmdjglmffmpofmmndklbdpcmeb [2014-03-08]
CHR Extension: (Facebook) - C:\Users\sim\AppData\Local\Google\Chrome\User Data\Profile 1.BAK\Extensions\boeajhmfdjldchidhphikilcgdacljfm [2014-01-01]
CHR Extension: (TV) - C:\Users\sim\AppData\Local\Google\Chrome\User Data\Profile 1.BAK\Extensions\bppbpeijolfcampacpljolaegibfhjph [2014-01-01]
CHR Extension: (Proxy Switchy!) - C:\Users\sim\AppData\Local\Google\Chrome\User Data\Profile 1.BAK\Extensions\caehdcpeofiiigpdhbabniblemipncjj [2014-01-04]
CHR Extension: (SiteLauncher) - C:\Users\sim\AppData\Local\Google\Chrome\User Data\Profile 1.BAK\Extensions\calhgleedaaigmhnoklfenlfhlbfdloo [2014-01-01]
CHR Extension: (Chrome RDP) - C:\Users\sim\AppData\Local\Google\Chrome\User Data\Profile 1.BAK\Extensions\cbkkbcmdlboombapidmoeolnmdacpkch [2014-03-22]
CHR Extension: (Twitter for Chrome) - C:\Users\sim\AppData\Local\Google\Chrome\User Data\Profile 1.BAK\Extensions\cdoinklelehcpndgmcddkkdhibpoglnk [2014-01-01]
CHR Extension: (OneNote Online) - C:\Users\sim\AppData\Local\Google\Chrome\User Data\Profile 1.BAK\Extensions\ciniambnphakdoflgeamacamhfllbkmo [2014-05-02]
CHR Extension: (Linker) - C:\Users\sim\AppData\Local\Google\Chrome\User Data\Profile 1.BAK\Extensions\ckcoijfcabafapaglopkkieacmgjbelf [2014-03-26]
CHR Extension: (RegExp Tester App) - C:\Users\sim\AppData\Local\Google\Chrome\User Data\Profile 1.BAK\Extensions\cmmblmkfaijaadfjapjddbeaoffeccib [2014-04-20]
CHR Extension: (Random Password Generator) - C:\Users\sim\AppData\Local\Google\Chrome\User Data\Profile 1.BAK\Extensions\cojhllgmlkomkgeoonoonkkckmeokggi [2014-05-02]
CHR Extension: (Google Search) - C:\Users\sim\AppData\Local\Google\Chrome\User Data\Profile 1.BAK\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-01-01]
CHR Extension: (iMacros for Chrome) - C:\Users\sim\AppData\Local\Google\Chrome\User Data\Profile 1.BAK\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp [2014-04-10]
CHR Extension: (Awesome Bookmarks Widget [ANTP]) - C:\Users\sim\AppData\Local\Google\Chrome\User Data\Profile 1.BAK\Extensions\cpomkeboefacdfaoklfekfleengjeodf [2014-01-01]
CHR Extension: (CardDesk (beta)) - C:\Users\sim\AppData\Local\Google\Chrome\User Data\Profile 1.BAK\Extensions\dcnogbkhgiehkecklomiedldanmoaecg [2014-03-23]
CHR Extension: (Read Later Fast) - C:\Users\sim\AppData\Local\Google\Chrome\User Data\Profile 1.BAK\Extensions\decdfngdidijkdjgbknlnepdljfaepji [2014-04-10]
CHR Extension: (Swap My Cookies) - C:\Users\sim\AppData\Local\Google\Chrome\User Data\Profile 1.BAK\Extensions\dffhipnliikkblkhpjapbecpmoilcama [2014-04-20]
CHR Extension: (GreenAddress.it) - C:\Users\sim\AppData\Local\Google\Chrome\User Data\Profile 1.BAK\Extensions\dgbimgjoijjemhdamicmljbncacfndmp [2014-03-26]
CHR Extension: (Bit Kit) - C:\Users\sim\AppData\Local\Google\Chrome\User Data\Profile 1.BAK\Extensions\dghafchcacmkakfojlnihphhabgggmpk [2014-01-01]
CHR Extension: (SureUtils » REST API Client) - C:\Users\sim\AppData\Local\Google\Chrome\User Data\Profile 1.BAK\Extensions\dgkahgnanakhlgjkeefeddoeoinbobbk [2014-03-07]
CHR Extension: (Tampermonkey) - C:\Users\sim\AppData\Local\Google\Chrome\User Data\Profile 1.BAK\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2014-01-04]
CHR Extension: (Bitcoin Easy Check) - C:\Users\sim\AppData\Local\Google\Chrome\User Data\Profile 1.BAK\Extensions\dimfclahciiblaklehjikenimaafpaef [2014-01-01]
CHR Extension: (Dark Theme) - C:\Users\sim\AppData\Local\Google\Chrome\User Data\Profile 1.BAK\Extensions\djlgdeklopcjagknhlchbdjekgpgenad [2014-02-08]
CHR Extension: (Google News) - C:\Users\sim\AppData\Local\Google\Chrome\User Data\Profile 1.BAK\Extensions\dllkocilcinkggkchnjgegijklcililc [2014-01-01]
CHR Extension: (Cryptsy Dogecoin (DOGE) Live Ticker) - C:\Users\sim\AppData\Local\Google\Chrome\User Data\Profile 1.BAK\Extensions\dncahcnbdmhcngfmlblipfiiccddhjba [2014-02-26]
CHR Extension: (Multiple Account Checker for Gmailâ„¢) - C:\Users\sim\AppData\Local\Google\Chrome\User Data\Profile 1.BAK\Extensions\dnimhgelcnggigekhdjlifjpndgmnglm [2014-01-01]
CHR Extension: (Java API Search) - C:\Users\sim\AppData\Local\Google\Chrome\User Data\Profile 1.BAK\Extensions\dphfngjamcomlehblpblaacingmaojnm [2014-02-08]
CHR Extension: (Springpad Clipper) - C:\Users\sim\AppData\Local\Google\Chrome\User Data\Profile 1.BAK\Extensions\eclcnlepmfepnccogfjdafhhlgcfdmnj [2014-01-01]
CHR Extension: (Torrent Turbo Search App) - C:\Users\sim\AppData\Local\Google\Chrome\User Data\Profile 1.BAK\Extensions\eegbffmjdkflkcfncpfjjbggbdlnbdif [2014-01-01]
CHR Extension: (Chromebleed) - C:\Users\sim\AppData\Local\Google\Chrome\User Data\Profile 1.BAK\Extensions\eeoekjnjgppnaegdjbcafdggilajhpic [2014-04-18]
CHR Extension: (imgur Extension by Metronomik) - C:\Users\sim\AppData\Local\Google\Chrome\User Data\Profile 1.BAK\Extensions\ehoopddfhgaehhmphfcooacjdpmbjlao [2014-01-17]
CHR Extension: (Black Menu for Googleâ„¢) - C:\Users\sim\AppData\Local\Google\Chrome\User Data\Profile 1.BAK\Extensions\eignhdfgaldabilaaegmdfbajngjmoke [2014-01-01]
CHR Extension: (Gmail Offline) - C:\Users\sim\AppData\Local\Google\Chrome\User Data\Profile 1.BAK\Extensions\ejidjjhkpiempkbhmpbfngldlkglhimk [2014-01-01]
CHR Extension: (Google Calendar) - C:\Users\sim\AppData\Local\Google\Chrome\User Data\Profile 1.BAK\Extensions\ejjicmeblgpmajnghnpcppodonldlgfn [2014-01-01]
CHR Extension: (Box - 10GB of FREE storage) - C:\Users\sim\AppData\Local\Google\Chrome\User Data\Profile 1.BAK\Extensions\ejnkaeblpdcamcioiiabclakabcbjmbl [2014-01-01]
CHR Extension: (FXBTC Litecoin (LTC) Live Ticker) - C:\Users\sim\AppData\Local\Google\Chrome\User Data\Profile 1.BAK\Extensions\ekbdgbkkieelpjaadfggicnepfigkkgj [2014-01-05]
CHR Extension: (QR Code Maker and Decoder) - C:\Users\sim\AppData\Local\Google\Chrome\User Data\Profile 1.BAK\Extensions\ekkkpjnnhmokcnfdllcgldppopnneooi [2014-01-01]
CHR Extension: (Silver Bird) - C:\Users\sim\AppData\Local\Google\Chrome\User Data\Profile 1.BAK\Extensions\encaiiljifbdbjlphpgpiimidegddhic [2014-04-04]
CHR Extension: (Google Apps Script) - C:\Users\sim\AppData\Local\Google\Chrome\User Data\Profile 1.BAK\Extensions\eoieeedlomnegifmaghhjnghhmcldobl [2014-03-26]
CHR Extension: (md everywhere) - C:\Users\sim\AppData\Local\Google\Chrome\User Data\Profile 1.BAK\Extensions\epgcecfkfjhjpbglakgiallbmnidomgh [2014-04-05]
CHR Extension: (Wordpress Themes) - C:\Users\sim\AppData\Local\Google\Chrome\User Data\Profile 1.BAK\Extensions\faomlffijfdkplfihocejidnijnbajan [2014-05-02]
CHR Extension: (Biticker) - C:\Users\sim\AppData\Local\Google\Chrome\User Data\Profile 1.BAK\Extensions\fblekdojabihjdhndhmloalbcnnejddl [2014-01-04]
CHR Extension: (CryoWallet.com) - C:\Users\sim\AppData\Local\Google\Chrome\User Data\Profile 1.BAK\Extensions\fdjcpegfgobhcjeodebempmpeaicekig [2014-03-26]
CHR Extension: (Postman - REST Client) - C:\Users\sim\AppData\Local\Google\Chrome\User Data\Profile 1.BAK\Extensions\fdmmgilgnpjigdojojpjoooidkmcomcm [2014-03-26]
CHR Extension: (Google Sheets) - C:\Users\sim\AppData\Local\Google\Chrome\User Data\Profile 1.BAK\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-02-05]
CHR Extension: (Koding) - C:\Users\sim\AppData\Local\Google\Chrome\User Data\Profile 1.BAK\Extensions\fgbjpbdfegnodokpoejnbhnblcojccal [2014-03-26]
CHR Extension: (QR Code Generator for Whatsapp and SMS) - C:\Users\sim\AppData\Local\Google\Chrome\User Data\Profile 1.BAK\Extensions\fghaphhjjindgcnpfamdgindjhiifhih [2014-01-01]
CHR Extension: (Super-Cache) - C:\Users\sim\AppData\Local\Google\Chrome\User Data\Profile 1.BAK\Extensions\fglobbnbihckpkodmeefhagijjcjnbeh [2014-04-15]
CHR Extension: (Postman - REST Client (Packaged app)) - C:\Users\sim\AppData\Local\Google\Chrome\User Data\Profile 1.BAK\Extensions\fhbjgbiflinjbdggehcddcbncdddomop [2014-03-26]
CHR Extension: (Sociomark Beta) - C:\Users\sim\AppData\Local\Google\Chrome\User Data\Profile 1.BAK\Extensions\fhcplmkobpdjpfjdlcddnmlififhoanb [2014-05-03]
CHR Extension: (Authy Chrome Extension) - C:\Users\sim\AppData\Local\Google\Chrome\User Data\Profile 1.BAK\Extensions\fhgenkpocbhhddlgkjnfghpjanffonno [2014-05-02]
CHR Extension: (NetBank) - C:\Users\sim\AppData\Local\Google\Chrome\User Data\Profile 1.BAK\Extensions\fjnpedghacgigoamalnfnikaagobdbjp [2014-01-01]
CHR Extension: (iCloud Bookmarks) - C:\Users\sim\AppData\Local\Google\Chrome\User Data\Profile 1.BAK\Extensions\fkepacicchenbjecpbpbclokcabebhah [2014-01-03]
CHR Extension: (Springpad) - C:\Users\sim\AppData\Local\Google\Chrome\User Data\Profile 1.BAK\Extensions\fkmopoamfjnmppabeaphohombnjcjgla [2014-01-01]
CHR Extension: (Highlight to Search) - C:\Users\sim\AppData\Local\Google\Chrome\User Data\Profile 1.BAK\Extensions\floipahigmmkfhkoapmnijnlnboniglg [2014-01-01]
CHR Extension: (EditThisCookie) - C:\Users\sim\AppData\Local\Google\Chrome\User Data\Profile 1.BAK\Extensions\fngmhnnpilhplaeedifhccceomclgfbg [2014-04-10]
CHR Extension: (XKit) - C:\Users\sim\AppData\Local\Google\Chrome\User Data\Profile 1.BAK\Extensions\fpfgeeomkfdefkckijiabdbogjkdaecd [2014-05-02]
CHR Extension: (Authy) - C:\Users\sim\AppData\Local\Google\Chrome\User Data\Profile 1.BAK\Extensions\gaedmjdfmmahhbjefcbgaolhhanlaolb [2014-05-02]
CHR Extension: (MPOS Dashboard) - C:\Users\sim\AppData\Local\Google\Chrome\User Data\Profile 1.BAK\Extensions\gbkkeiehdoobjfcfhfbkdoccobjfllgc [2014-03-07]
CHR Extension: (HTTPS Everywhere) - C:\Users\sim\AppData\Local\Google\Chrome\User Data\Profile 1.BAK\Extensions\gcbommkclmclpchllfjekcdonpmejbdp [2014-01-01]
CHR Extension: (The QR Code Generator) - C:\Users\sim\AppData\Local\Google\Chrome\User Data\Profile 1.BAK\Extensions\gcmhlmapohffdglflokbgknlknnmogbb [2014-03-07]
CHR Extension: (Facebook for Chrome) - C:\Users\sim\AppData\Local\Google\Chrome\User Data\Profile 1.BAK\Extensions\gdalhedleemkkdjddjgfjmcnbpejpapp [2014-01-01]
CHR Extension: (Python Shell) - C:\Users\sim\AppData\Local\Google\Chrome\User Data\Profile 1.BAK\Extensions\gdiimmpmdoofmahingpgabiikimjgcia [2014-04-10]
CHR Extension: (Pheeva Bitcoin Wallet  ) - C:\Users\sim\AppData\Local\Google\Chrome\User Data\Profile 1.BAK\Extensions\ghcmpillaodklpeihaebpllefacgmehf [2014-03-07]
CHR Extension: (Subtext Editor) - C:\Users\sim\AppData\Local\Google\Chrome\User Data\Profile 1.BAK\Extensions\ghfooiajeobmcfhmajcblmompfdehnli [2014-03-08]
CHR Extension: (Pastebin.com) - C:\Users\sim\AppData\Local\Google\Chrome\User Data\Profile 1.BAK\Extensions\ghipmampnddcpdlppkkamoankmkmcbmh [2014-01-04]
CHR Extension: (Bitcoin Live) - C:\Users\sim\AppData\Local\Google\Chrome\User Data\Profile 1.BAK\Extensions\gihnmkplbiedplobapnkhgblipfgjoci [2014-01-01]
CHR Extension: (BusyFlow) - C:\Users\sim\AppData\Local\Google\Chrome\User Data\Profile 1.BAK\Extensions\gjhjccacdkkkgeldlbkihfgdhainpona [2014-03-22]
CHR Extension: (Blockchain) - C:\Users\sim\AppData\Local\Google\Chrome\User Data\Profile 1.BAK\Extensions\glaohkkooicollgefkkmndjcbblominl [2014-03-22]
CHR Extension: (How to Create a Website) - C:\Users\sim\AppData\Local\Google\Chrome\User Data\Profile 1.BAK\Extensions\glhgncblmgjdmblagojieghbgbennhnp [2014-05-02]
CHR Extension: (Save to Google Drive) - C:\Users\sim\AppData\Local\Google\Chrome\User Data\Profile 1.BAK\Extensions\gmbmikajjgmnabiglmofipeabaddhgne [2014-01-01]
CHR Extension: (avast! Online Security) - C:\Users\sim\AppData\Local\Google\Chrome\User Data\Profile 1.BAK\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-04-19]
CHR Extension: (Google Project Hosting) - C:\Users\sim\AppData\Local\Google\Chrome\User Data\Profile 1.BAK\Extensions\gpamkbhofeehomgnflocnjjcmcfibone [2014-04-19]
CHR Extension: (Pin It Button) - C:\Users\sim\AppData\Local\Google\Chrome\User Data\Profile 1.BAK\Extensions\gpdjojdkbbmdfjfahjcgigfpmkopogic [2014-04-19]
CHR Extension: (Drive Notepad) - C:\Users\sim\AppData\Local\Google\Chrome\User Data\Profile 1.BAK\Extensions\gpgjomejfimnbmobcocilppikhncegaj [2014-01-01]
CHR Extension: (Nimbus Notes) - C:\Users\sim\AppData\Local\Google\Chrome\User Data\Profile 1.BAK\Extensions\haafigbapbpbpnmgcknnmilaaaimggpk [2014-04-19]
CHR Extension: (TweetDeck by Twitter) - C:\Users\sim\AppData\Local\Google\Chrome\User Data\Profile 1.BAK\Extensions\hbdpomandigafcibbmofojjchbcdagbl [2014-03-12]
CHR Extension: (LastPass: Free Password Manager) - C:\Users\sim\AppData\Local\Google\Chrome\User Data\Profile 1.BAK\Extensions\hdokiejnpimakedhajhdlcegeplioahd [2014-01-01]
CHR Extension: (Advanced REST client) - C:\Users\sim\AppData\Local\Google\Chrome\User Data\Profile 1.BAK\Extensions\hgmloofddffdnphfgcellkdfbfbjeloo [2014-03-26]
CHR Extension: (Imgur Uploader) - C:\Users\sim\AppData\Local\Google\Chrome\User Data\Profile 1.BAK\Extensions\hgmpmjpekinnebjgnakcahjikbomnmlb [2014-04-05]
CHR Extension: (Cryptick) - C:\Users\sim\AppData\Local\Google\Chrome\User Data\Profile 1.BAK\Extensions\hgpkneikppcmcjnahjlnaifigbedncke [2014-01-07]
CHR Extension: (Post to WordPress) - C:\Users\sim\AppData\Local\Google\Chrome\User Data\Profile 1.BAK\Extensions\hhmhfcfbheceghfbfjgkjnlhooadpnej [2014-04-10]
CHR Extension: (BetYourBits - Bitcoin prediction market) - C:\Users\sim\AppData\Local\Google\Chrome\User Data\Profile 1.BAK\Extensions\hjigjegciahfkajmbgfdicgbonbckfcg [2014-01-01]
CHR Extension: (Bitcoin) - C:\Users\sim\AppData\Local\Google\Chrome\User Data\Profile 1.BAK\Extensions\hlbcbefdgkijadppmojnghjbinmjmenp [2014-01-01]
CHR Extension: (One Last Pass ( Password Manager )) - C:\Users\sim\AppData\Local\Google\Chrome\User Data\Profile 1.BAK\Extensions\hlcjfeemfanamjbekpmdhcefejlgpnke [2014-01-01]
CHR Extension: (Google Keep – notes and lists) - C:\Users\sim\AppData\Local\Google\Chrome\User Data\Profile 1.BAK\Extensions\hmjkmjkepdijhoojdojkdfohbdgmmhki [2014-03-22]
CHR Extension: (Pixlr Express) - C:\Users\sim\AppData\Local\Google\Chrome\User Data\Profile 1.BAK\Extensions\hojmjpdlmjopaeginhldhiokeidchjid [2014-04-10]
CHR Extension: (goo.gl URL Shortener) - C:\Users\sim\AppData\Local\Google\Chrome\User Data\Profile 1.BAK\Extensions\iblijlcdoidgdpfknkckljiocdbnlagk [2014-01-01]
CHR Extension: (Pixlr Editor) - C:\Users\sim\AppData\Local\Google\Chrome\User Data\Profile 1.BAK\Extensions\icmaknaampgiegkcjlimdiidlhopknpk [2014-01-01]
CHR Extension: (Chrome to Mobile) - C:\Users\sim\AppData\Local\Google\Chrome\User Data\Profile 1.BAK\Extensions\idknbmbdnapjicclomlijcgfpikmndhd [2014-01-01]
CHR Extension: (Auto Refresh) - C:\Users\sim\AppData\Local\Google\Chrome\User Data\Profile 1.BAK\Extensions\ifooldnmmcmlbdennkpdnlnbgbmfalko [2014-01-01]
CHR Extension: (My Diary) - C:\Users\sim\AppData\Local\Google\Chrome\User Data\Profile 1.BAK\Extensions\igfnkanfehhehlajnhpajibfcfgkaikl [2014-05-02]
CHR Extension: (SourceKit) - C:\Users\sim\AppData\Local\Google\Chrome\User Data\Profile 1.BAK\Extensions\iieeldjdihkpoapgipfkeoddjckopgjg [2014-01-01]
CHR Extension: (mxHero for Chrome) - C:\Users\sim\AppData\Local\Google\Chrome\User Data\Profile 1.BAK\Extensions\ijhapcklhkanndjbdnhichfmolhiaekg [2014-04-10]
CHR Extension: (currency24.ch) - C:\Users\sim\AppData\Local\Google\Chrome\User Data\Profile 1.BAK\Extensions\inibkfdmjebahkecjjadakafhbokljma [2014-01-04]
CHR Extension: (Sync Google Driveâ„¢ with Dropbox, Box, ...) - C:\Users\sim\AppData\Local\Google\Chrome\User Data\Profile 1.BAK\Extensions\iobcbdgacfkninlcbphihhdlkobkehia [2014-03-26]
CHR Extension: (Dropbox) - C:\Users\sim\AppData\Local\Google\Chrome\User Data\Profile 1.BAK\Extensions\ioekoebejdcmnlefjiknokhhafglcjdl [2014-01-01]
CHR Extension: (Bitcoin Monitor) - C:\Users\sim\AppData\Local\Google\Chrome\User Data\Profile 1.BAK\Extensions\ioginkmkfijeihjhhhggjpkhmolnbpmm [2014-01-01]
CHR Extension: (Clearly) - C:\Users\sim\AppData\Local\Google\Chrome\User Data\Profile 1.BAK\Extensions\iooicodkiihhpojmmeghjclgihfjdjhj [2014-04-15]
CHR Extension: (SoundCloud) - C:\Users\sim\AppData\Local\Google\Chrome\User Data\Profile 1.BAK\Extensions\ipebkipbeggmmkjjljenoblnfaenambp [2014-01-01]
CHR Extension: (Cookies) - C:\Users\sim\AppData\Local\Google\Chrome\User Data\Profile 1.BAK\Extensions\iphcomljdfghbkdcfndaijbokpgddeno [2014-04-19]
CHR Extension: (sFTP Client (FTP, SFTP, SSH Support)) - C:\Users\sim\AppData\Local\Google\Chrome\User Data\Profile 1.BAK\Extensions\jajcoljhdglkjpfefjkgiohbhnkkmipm [2014-05-02]
CHR Extension: (Mymail-Crypt for Gmailâ„¢) - C:\Users\sim\AppData\Local\Google\Chrome\User Data\Profile 1.BAK\Extensions\jcaobjhdnlpmopmjhijplpjhlplfkhba [2014-01-01]
CHR Extension: (ManageWP) - C:\Users\sim\AppData\Local\Google\Chrome\User Data\Profile 1.BAK\Extensions\jfehlfmidmihiohmobbfnbpgkckijbjj [2014-05-02]
CHR Extension: (My Browser Page) - C:\Users\sim\AppData\Local\Google\Chrome\User Data\Profile 1.BAK\Extensions\jghfknlgajlcihkhkhnlcoffhbohnlbg [2014-01-01]
CHR Extension: (QR Code Generator and Reader by QRt.co) - C:\Users\sim\AppData\Local\Google\Chrome\User Data\Profile 1.BAK\Extensions\jgplbpnepehgncoajafebcdlllifnjko [2014-01-01]
CHR Extension: (Google Forms) - C:\Users\sim\AppData\Local\Google\Chrome\User Data\Profile 1.BAK\Extensions\jhknlonaankphkkbnmjdlpehkinifeeg [2014-01-01]
CHR Extension: (Count My Crypto) - C:\Users\sim\AppData\Local\Google\Chrome\User Data\Profile 1.BAK\Extensions\jkcijgnaigkjbbhekfjbhohmflggdllp [2014-04-20]
CHR Extension: (NewTab Connect) - C:\Users\sim\AppData\Local\Google\Chrome\User Data\Profile 1.BAK\Extensions\jlceijfdfeghdhmmbhbcffanmcggoojf [2014-04-19]
CHR Extension: (Doge-dice and Just-dice enhancement suite) - C:\Users\sim\AppData\Local\Google\Chrome\User Data\Profile 1.BAK\Extensions\jlfjchiocgnhgfckjmbjinbbagcnjhck [2014-02-08]
CHR Extension: (Simple Launcher) - C:\Users\sim\AppData\Local\Google\Chrome\User Data\Profile 1.BAK\Extensions\jmdpgpkldaknpknninnhccbgjnjablck [2014-01-01]
CHR Extension: (Scriffon) - C:\Users\sim\AppData\Local\Google\Chrome\User Data\Profile 1.BAK\Extensions\jpcogdkjlajlgojgnjaiojdfepaakkea [2014-05-02]
CHR Extension: (Request Maker) - C:\Users\sim\AppData\Local\Google\Chrome\User Data\Profile 1.BAK\Extensions\kajfghlhfkcocafkcjlajldicbikpgnp [2014-04-10]
CHR Extension: (Mailvelope) - C:\Users\sim\AppData\Local\Google\Chrome\User Data\Profile 1.BAK\Extensions\kajibbejlbohfaggdiogboambcijhkke [2014-01-01]
CHR Extension: (Reddit Enhancement Suite) - C:\Users\sim\AppData\Local\Google\Chrome\User Data\Profile 1.BAK\Extensions\kbmfpngjjgdllneeigpgjifpgocmfgmb [2014-02-08]
CHR Extension: (Chrookmarks - Chrome Bookmarks Menu) - C:\Users\sim\AppData\Local\Google\Chrome\User Data\Profile 1.BAK\Extensions\kcdheengilgkagjehknnnofigbmlnnfj [2014-02-28]
CHR Extension: (Calculator) - C:\Users\sim\AppData\Local\Google\Chrome\User Data\Profile 1.BAK\Extensions\kdkgihpbaofhkiliohfepioflkkbapao [2014-03-26]
CHR Extension: (Mark For Later) - C:\Users\sim\AppData\Local\Google\Chrome\User Data\Profile 1.BAK\Extensions\kfokknghaopioakjibdkmjoaghcileob [2014-01-01]
CHR Extension: (Start - A Better New Tab) - C:\Users\sim\AppData\Local\Google\Chrome\User Data\Profile 1.BAK\Extensions\kgifkabikplflflabkllnpidlbjjpgbp [2014-01-01]
CHR Extension: (WordPress.com) - C:\Users\sim\AppData\Local\Google\Chrome\User Data\Profile 1.BAK\Extensions\khjnjifipfkgglficmipimgjpbmlbemd [2014-05-02]
CHR Extension: (PHPHOST.ORG) - C:\Users\sim\AppData\Local\Google\Chrome\User Data\Profile 1.BAK\Extensions\khkimiladblfhhmefghkpkoikghmdddf [2014-05-02]
CHR Extension: (Nimbus Clipper) - C:\Users\sim\AppData\Local\Google\Chrome\User Data\Profile 1.BAK\Extensions\kiokdhlcmjagacmcgoikapbjmmhfchbi [2014-04-19]
CHR Extension: (Diigo Web) - C:\Users\sim\AppData\Local\Google\Chrome\User Data\Profile 1.BAK\Extensions\kipfakkakbicobflnnminhjjdkglgbmf [2014-01-01]
CHR Extension: (my-diary.org) - C:\Users\sim\AppData\Local\Google\Chrome\User Data\Profile 1.BAK\Extensions\kmajfebnamplgladopdemdaenbhedkhb [2014-05-02]
CHR Extension: (Increase Twitter Followers) - C:\Users\sim\AppData\Local\Google\Chrome\User Data\Profile 1.BAK\Extensions\kmnjphcfolgfnbkmmjpbfjkpcdcgkbjc [2014-04-04]
CHR Extension: (Google Play) - C:\Users\sim\AppData\Local\Google\Chrome\User Data\Profile 1.BAK\Extensions\komhbcfkdcgmcdoenjcjheifdiabikfi [2014-01-01]
CHR Extension: (Divshot) - C:\Users\sim\AppData\Local\Google\Chrome\User Data\Profile 1.BAK\Extensions\lajkckfbiimjdfdfbjgfbdfecnbipdcm [2014-04-20]
CHR Extension: (Neutron Drive) - C:\Users\sim\AppData\Local\Google\Chrome\User Data\Profile 1.BAK\Extensions\lanjfnanlbolmgmnchmhfnicfefjgnff [2014-04-20]
CHR Extension: (QR Code Generator) - C:\Users\sim\AppData\Local\Google\Chrome\User Data\Profile 1.BAK\Extensions\lbddejkiaboppgjbbeljnhdfejceijam [2014-04-20]
CHR Extension: (Evernote Web) - C:\Users\sim\AppData\Local\Google\Chrome\User Data\Profile 1.BAK\Extensions\lbfehkoinhhcknnbdgnnmjhiladcgbol [2014-03-23]
CHR Extension: (Codenvy IDE) - C:\Users\sim\AppData\Local\Google\Chrome\User Data\Profile 1.BAK\Extensions\lefigjbiimiemfhjmibbgemkpenelmag [2014-04-19]
CHR Extension: (The Onion) - C:\Users\sim\AppData\Local\Google\Chrome\User Data\Profile 1.BAK\Extensions\lffbbkfcdoccioifngmngnbbiefiffba [2014-01-01]
CHR Extension: (Tincr) - C:\Users\sim\AppData\Local\Google\Chrome\User Data\Profile 1.BAK\Extensions\lfjbhpnjiajjgnjganiaggebdhhpnbih [2014-04-20]
CHR Extension: (Examine Offline Data (Cookies, HTML5 Storage)) - C:\Users\sim\AppData\Local\Google\Chrome\User Data\Profile 1.BAK\Extensions\lgbennneeiaagpbialihidiohfkcagph [2014-04-18]
CHR Extension: (kwitty) - C:\Users\sim\AppData\Local\Google\Chrome\User Data\Profile 1.BAK\Extensions\lhdicadblnoidhgkllhdgkagmflbmbcn [2014-03-12]
CHR Extension: (KryptoKit Bitcoin Wallet) - C:\Users\sim\AppData\Local\Google\Chrome\User Data\Profile 1.BAK\Extensions\lhhipingoaiddcoalochnbjlkifbpmoj [2014-01-01]
CHR Extension: (JSON Editor) - C:\Users\sim\AppData\Local\Google\Chrome\User Data\Profile 1.BAK\Extensions\lhkmoheomjbkfloacpgllgjcamhihfaj [2014-01-01]
CHR Extension: (Cryptsy Suite) - C:\Users\sim\AppData\Local\Google\Chrome\User Data\Profile 1.BAK\Extensions\ljchklpghhlmekhjenaihefnmfljjing [2014-01-01]
CHR Extension: (Ultimate User Agent Switcher, URL sniffer) - C:\Users\sim\AppData\Local\Google\Chrome\User Data\Profile 1.BAK\Extensions\ljfpjnehmoiabkefmnjegmpdddgcdnpo [2014-04-20]
CHR Extension: (Speed Dial [FVD] - New Tab Page, 3D, Sync...) - C:\Users\sim\AppData\Local\Google\Chrome\User Data\Profile 1.BAK\Extensions\llaficoajjainaijghjlofdfmbjpebpa [2014-04-19]
CHR Extension: (Google Maps) - C:\Users\sim\AppData\Local\Google\Chrome\User Data\Profile 1.BAK\Extensions\lneaknkopdijkpnocmklfnjbeapigfbh [2014-01-01]
CHR Extension: (Lazarus: Form Recovery) - C:\Users\sim\AppData\Local\Google\Chrome\User Data\Profile 1.BAK\Extensions\loljledaigphbcpfhfmgopdkppkifgno [2014-04-18]
CHR Extension: (Unfollowers.me for Twitter) - C:\Users\sim\AppData\Local\Google\Chrome\User Data\Profile 1.BAK\Extensions\lpkloblghngocofmbengmkelnagihbkn [2014-03-12]
CHR Extension: (Vertcoin Mobile Wallet) - C:\Users\sim\AppData\Local\Google\Chrome\User Data\Profile 1.BAK\Extensions\lpmcofaljkkmffchcoajmekdiknndjkc [2014-03-07]
CHR Extension: (Dogecoin Balance Wow) - C:\Users\sim\AppData\Local\Google\Chrome\User Data\Profile 1.BAK\Extensions\mbldbbdmcmpelfakglhfafgiopeepnob [2014-03-07]
CHR Extension: (The Png Project) - C:\Users\sim\AppData\Local\Google\Chrome\User Data\Profile 1.BAK\Extensions\mcioajokdgfncdnnhajlofmphdobjhla [2014-02-07]
CHR Extension: (Google Input Tools) - C:\Users\sim\AppData\Local\Google\Chrome\User Data\Profile 1.BAK\Extensions\mclkkofklkfljcocdinagocijmpgbhab [2014-04-10]
CHR Extension: (Facebook Messenger) - C:\Users\sim\AppData\Local\Google\Chrome\User Data\Profile 1.BAK\Extensions\mdapmeleikeppmfgadilffngabfpibok [2014-02-06]
CHR Extension: (KySSME Extension) - C:\Users\sim\AppData\Local\Google\Chrome\User Data\Profile 1.BAK\Extensions\mffcacefgghbnkeniefhmlooimoicepk [2014-01-01]
CHR Extension: (Encrypt Message) - C:\Users\sim\AppData\Local\Google\Chrome\User Data\Profile 1.BAK\Extensions\mfojkaafodlapmpbjohenfnheigjnjnh [2014-01-01]
CHR Extension: (Awesome New Tab Pageâ„¢) - C:\Users\sim\AppData\Local\Google\Chrome\User Data\Profile 1.BAK\Extensions\mgmiemnjjchgkmgbeljfocdjjnpjnmcg [2014-01-01]
CHR Extension: (iCloud Dashboard) - C:\Users\sim\AppData\Local\Google\Chrome\User Data\Profile 1.BAK\Extensions\mgojgddhfhekopdpkocobommepgdeffb [2014-01-01]
CHR Extension: (Localhost) - C:\Users\sim\AppData\Local\Google\Chrome\User Data\Profile 1.BAK\Extensions\mjhkaggimgaoooehpggbjkankpbkmcjl [2014-03-08]
CHR Extension: (Easy disposable email address) - C:\Users\sim\AppData\Local\Google\Chrome\User Data\Profile 1.BAK\Extensions\mkpfodpjhekjdhkchalfflggeoamfajh [2014-01-01]
CHR Extension: (PHP Docs-to-go) - C:\Users\sim\AppData\Local\Google\Chrome\User Data\Profile 1.BAK\Extensions\mlilmganaobieaclflbciblffhaagnip [2014-04-10]
CHR Extension: (Text) - C:\Users\sim\AppData\Local\Google\Chrome\User Data\Profile 1.BAK\Extensions\mmfbcljfglbokpmkimbfghdkjmjhdgbg [2014-04-19]
CHR Extension: (FastestFox for Chrome) - C:\Users\sim\AppData\Local\Google\Chrome\User Data\Profile 1.BAK\Extensions\mmffncokckfccddfenhkhnllmlobdahm [2014-01-01]
CHR Extension: (QR Code Generator) - C:\Users\sim\AppData\Local\Google\Chrome\User Data\Profile 1.BAK\Extensions\nanmadekhdoofgmhichkcjlgiofmofbl [2014-04-11]
CHR Extension: (Cloud9) - C:\Users\sim\AppData\Local\Google\Chrome\User Data\Profile 1.BAK\Extensions\nbdmccoknlfggadpfkmcpnamfnbkmkcp [2014-04-05]
CHR Extension: (Google Drive Realtime API Playground) - C:\Users\sim\AppData\Local\Google\Chrome\User Data\Profile 1.BAK\Extensions\nbpkmjlnjniammcbgmmhhnoblicpcgpn [2014-03-26]
CHR Extension: (LastPass Vault) - C:\Users\sim\AppData\Local\Google\Chrome\User Data\Profile 1.BAK\Extensions\ncliohomlfopnmlfkepkcbnhmeijkhhf [2014-01-01]
CHR Extension: (CoSchedule) - C:\Users\sim\AppData\Local\Google\Chrome\User Data\Profile 1.BAK\Extensions\nefindgapcoghbdinlldfnmihjidhfid [2014-05-02]
CHR Extension: (Mobincube - FREE smartphone App builder) - C:\Users\sim\AppData\Local\Google\Chrome\User Data\Profile 1.BAK\Extensions\nfbnofjiempfokaedcfllenpopocpjid [2014-04-20]
CHR Extension: (Currency Tycoon) - C:\Users\sim\AppData\Local\Google\Chrome\User Data\Profile 1.BAK\Extensions\nhmaaamfcagpcbemjkcefgadjdhflpcn [2014-01-04]
CHR Extension: (Google Wallet) - C:\Users\sim\AppData\Local\Google\Chrome\User Data\Profile 1.BAK\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-01-01]
CHR Extension: (Neat Bookmarks) - C:\Users\sim\AppData\Local\Google\Chrome\User Data\Profile 1.BAK\Extensions\nnancliccjabjjmipbpjkfbijifaainp [2014-05-02]
CHR Extension: (Python) - C:\Users\sim\AppData\Local\Google\Chrome\User Data\Profile 1.BAK\Extensions\nodpmmidbgeganfponihbgmfcoiibffi [2014-03-08]
CHR Extension: (GIFPAL) - C:\Users\sim\AppData\Local\Google\Chrome\User Data\Profile 1.BAK\Extensions\noohoboklgjeccnihfkbdakbchbhjlch [2014-01-01]
CHR Extension: (Hacker News Reader) - C:\Users\sim\AppData\Local\Google\Chrome\User Data\Profile 1.BAK\Extensions\npalbnjnpgfknopcnjofihcankbnngef [2014-03-07]
CHR Extension: (rollApp File Opener) - C:\Users\sim\AppData\Local\Google\Chrome\User Data\Profile 1.BAK\Extensions\nphbmanpfjfdngbaamhajooihmjacmfe [2014-05-02]
CHR Extension: (Google Chrome to Phone Extension) - C:\Users\sim\AppData\Local\Google\Chrome\User Data\Profile 1.BAK\Extensions\oadboiipflhobonjjffjbfekfjcgkhco [2014-03-26]
CHR Extension: (Twishort) - C:\Users\sim\AppData\Local\Google\Chrome\User Data\Profile 1.BAK\Extensions\oakfhpoofifebonhbmegpdkpjgfmlcdb [2014-05-02]
CHR Extension: (Better History) - C:\Users\sim\AppData\Local\Google\Chrome\User Data\Profile 1.BAK\Extensions\obciceimmggglbmelaidpjlmodcebijb [2014-04-20]
CHR Extension: (My Chrome Theme) - C:\Users\sim\AppData\Local\Google\Chrome\User Data\Profile 1.BAK\Extensions\oehpjpccmlcalbenfhnacjeocbjdonic [2014-04-29]
CHR Extension: (Checker Plus for Gmailâ„¢) - C:\Users\sim\AppData\Local\Google\Chrome\User Data\Profile 1.BAK\Extensions\oeopbcgkkoapgobdbedcemjljbihmemj [2014-01-01]
CHR Extension: (Trello) - C:\Users\sim\AppData\Local\Google\Chrome\User Data\Profile 1.BAK\Extensions\oflhioojkbelepjlnafgmgkkjhojphcg [2014-01-01]
CHR Extension: (Picasa) - C:\Users\sim\AppData\Local\Google\Chrome\User Data\Profile 1.BAK\Extensions\onlgmecjpnejhfeofkgbfgnmdlipdejb [2014-01-01]
CHR Extension: (Google Calendar Checker (by Google)) - C:\Users\sim\AppData\Local\Google\Chrome\User Data\Profile 1.BAK\Extensions\ookhcbgokankfmjafalglpofmolfopek [2014-04-10]
CHR Extension: (Onion News Network) - C:\Users\sim\AppData\Local\Google\Chrome\User Data\Profile 1.BAK\Extensions\paolneildlfbbkcfdkokicbeodacnhfa [2014-01-01]
CHR Extension: (better Browser - for Chrome) - C:\Users\sim\AppData\Local\Google\Chrome\User Data\Profile 1.BAK\Extensions\pbegekjleoplkhibgbmkmnnfffcpfanh [2014-04-19]
CHR Extension: (ChromeGP) - C:\Users\sim\AppData\Local\Google\Chrome\User Data\Profile 1.BAK\Extensions\pebhdbojdpjfidjbneklefmpojncdpmf [2014-01-01]
CHR Extension: (Foreign Exchange) - C:\Users\sim\AppData\Local\Google\Chrome\User Data\Profile 1.BAK\Extensions\pececklmodgdkajddebafcapladgilnk [2014-01-01]
CHR Extension: (Outlook.com) - C:\Users\sim\AppData\Local\Google\Chrome\User Data\Profile 1.BAK\Extensions\pfpeapihoiogbcmdmnibeplnikfnhoge [2014-01-01]
CHR Extension: (Send from Gmail (by Google)) - C:\Users\sim\AppData\Local\Google\Chrome\User Data\Profile 1.BAK\Extensions\pgphcomnlaojlmmcjmiddhdapjpbgeoc [2014-01-01]
CHR Extension: (Evernote Web Clipper) - C:\Users\sim\AppData\Local\Google\Chrome\User Data\Profile 1.BAK\Extensions\pioclpoplcdbaefihamjohnefbikjilc [2014-03-23]
CHR Extension: (Gmail) - C:\Users\sim\AppData\Local\Google\Chrome\User Data\Profile 1.BAK\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-01-01]
CHR Extension: (Bitcoin Address Lookup) - C:\Users\sim\AppData\Local\Google\Chrome\User Data\Profile 1.BAK\Extensions\pmlblkdmadbidammhjiponepngbfcpge [2014-01-01]
CHR Extension: (Writer) - C:\Users\sim\AppData\Local\Google\Chrome\User Data\Profile 1.BAK\Extensions\pnengefjfhgcceajaepbjhanoojifmog [2014-03-22]
CHR Extension: (Secure Shell) - C:\Users\sim\AppData\Local\Google\Chrome\User Data\Profile 1.BAK\Extensions\pnhechapfaindjhompbnflcldabbghjo [2014-03-08]
CHR Extension: (Balsamiq Mockups) - C:\Users\sim\AppData\Local\Google\Chrome\User Data\Profile 1.BAK\Extensions\pplbmgaodhjmbklkgkgmlghaekcfhhkk [2014-04-19]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-08-26]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 AppleChargerSrv; C:\Windows\System32\AppleChargerSrv.exe [31272 2010-04-06] ()
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-08-26] (AVAST Software)
R2 cbVSCService11; C:\Program Files (x86)\Cobian Backup 11\cbVSCService11.exe [67584 2012-12-05] (CobianSoft, Luis Cobian) [File not signed]
S4 DES2 Service; C:\Program Files (x86)\GIGABYTE\EnergySaver2\des2svr.exe [68136 2009-06-17] ()
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [73728 2004-10-22] (Macrovision Corporation) [File not signed]
R2 iprip; C:\Windows\System32\iprip.dll [35328 2009-07-14] (Microsoft Corporation)
R2 ITbrain Agent; C:\Program Files (x86)\ITbrain Agent\itbrain_agent.exe [5567488 2013-08-22] (TeamViewer) [File not signed]
S3 LxrSII1s; C:\Windows\SysWOW64\LxrSII1s.exe [65536 2009-12-30] (Lexar Media, Inc.) [File not signed]
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1593632 2014-01-21] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [16939296 2014-01-21] (NVIDIA Corporation)
S3 OpenVPNService; C:\Program Files\OpenVPN\bin\openvpnserv.exe [37176 2014-08-07] (The OpenVPN Project)
R2 PMBDeviceInfoProvider; C:\Program Files (x86)\Sony\PlayMemories Home\PMBDeviceInfoProvider.exe [479840 2012-11-27] (Sony Corporation)
R2 simptcp; C:\Windows\SysWOW64\tcpsvcs.exe [9216 2009-07-14] (Microsoft Corporation)
S3 Smart TimeLock; C:\Program Files (x86)\GIGABYTE\Smart6\Timelock\TimeMgmtDaemon.exe [114688 2009-10-13] (Gigabyte Technology CO., LTD.) [File not signed]
R2 SNMP; C:\Windows\System32\snmp.exe [49664 2010-11-20] (Microsoft Corporation)
R2 SNMP; C:\Windows\SysWOW64\snmp.exe [47616 2010-11-20] (Microsoft Corporation)
R2 TeamViewer9; C:\Program Files (x86)\TeamViewer9\TeamViewer_Service.exe [4799760 2014-09-13] (TeamViewer GmbH)
S4 AdobeFlashPlayerUpdateSvc; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [X]
S2 IAStorDataMgrSvc; "C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe" [X]
S2 MDM; "C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe" [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R1 AppleCharger; C:\Windows\System32\DRIVERS\AppleCharger.sys [21104 2011-01-10] ()
S1 ASPI32; C:\Windows\SysWow64\Drivers\ASPI32.sys [25244 1999-09-10] (Adaptec) [File not signed]
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-08-26] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-08-26] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-08-26] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-08-26] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1041168 2014-08-26] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [427360 2014-08-26] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [92008 2014-08-26] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [224896 2014-08-26] ()
S3 GVTDrv64; C:\Windows\GVTDrv64.sys [30528 2012-02-23] ()
R1 HWiNFO32; C:\Windows\system32\drivers\HWiNFO64A.SYS [31648 2014-09-22] (REALiX™)
R2 LxrSII1d; C:\Windows\System32\Drivers\LxrSII1d.sys [63064 2009-12-30] (Lexar Media, Inc.)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [39200 2013-12-28] (NVIDIA Corporation)
S3 PORTMON; C:\apps\SysinternalsSuite\PORTMSYS.SYS [28656 2014-09-09] (Systems Internals) [File not signed]
S3 RimUsb; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [27520 2007-05-14] (Research In Motion Limited)
S3 Serial; C:\Windows\system32\DRIVERS\serial.sys [94208 2009-07-14] (Brother Industries Ltd.)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 DUMeterDrv; \??\C:\Program Files (x86)\DU Meter\DUMETR64.SYS [X]
S3 MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [X]
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VBoxNetFlt; system32\DRIVERS\VBoxNetFlt.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-22 11:31 - 2014-09-22 11:32 - 00000000 ____D () C:\FRST
2014-09-22 07:54 - 2014-09-22 08:58 - 00033017 _____ () C:\Users\sim\Desktop\dds.txt
2014-09-22 07:54 - 2014-09-22 08:58 - 00020476 _____ () C:\Users\sim\Desktop\attach.txt
2014-09-22 07:40 - 2014-09-22 07:40 - 00000058 _____ () C:\Users\sim\Desktop\GIGABYTE-DownloadCenter.url
2014-09-22 07:25 - 2014-09-22 07:25 - 00031648 _____ (REALiX™) C:\Windows\system32\Drivers\HWiNFO64A.SYS
2014-09-22 06:24 - 2014-09-22 06:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Evernote
2014-09-22 04:09 - 2014-09-22 04:09 - 00000000 ___DL () C:\Windows\openssl
2014-09-22 04:03 - 2014-09-22 04:03 - 00000869 _____ () C:\Users\Public\Desktop\OpenVPN GUI.lnk
2014-09-22 03:58 - 2014-09-22 04:12 - 00000000 ____D () C:\Program Files\OpenVPN
2014-09-22 03:58 - 2014-09-22 04:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenVPN
2014-09-22 03:58 - 2014-09-22 04:03 - 00000000 ____D () C:\Program Files\TAP-Windows
2014-09-22 03:58 - 2014-09-22 03:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TAP-Windows
2014-09-21 23:41 - 2014-09-22 02:22 - 00001565 _____ () C:\Windows\comsetup.log
2014-09-21 23:39 - 2014-09-21 23:39 - 00000000 ___RD () C:\Users\sim\Documents\Notes
2014-09-21 22:01 - 2014-09-21 22:01 - 00000762 _____ () C:\Users\sim\Desktop\cbSetup.txt
2014-09-21 22:01 - 2014-09-21 22:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cobian Backup 11
2014-09-21 21:56 - 2014-09-21 22:01 - 00000000 ____D () C:\Program Files (x86)\Cobian Backup 11
2014-09-21 21:48 - 2011-05-06 00:00 - 00919552 _____ () C:\Windows\system32\notepad.exe
2014-09-21 21:48 - 2011-05-06 00:00 - 00919552 _____ () C:\Windows\notepad.exe
2014-09-21 15:51 - 2014-09-21 15:51 - 00003122 _____ () C:\Windows\System32\Tasks\{4FC854BA-CAB6-4B90-908A-3FB04B808ADD}
2014-09-21 02:09 - 2014-09-21 02:09 - 00006094 _____ () C:\Users\sim\Desktop\institute.txt
2014-09-20 22:13 - 2014-09-20 22:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PyQt GPL v4.11.2 for Python v3.4 (x64)
2014-09-20 20:33 - 2014-09-20 20:33 - 00688992 ____R (Swearware) C:\Users\sim\Desktop\dds.com
2014-09-20 14:02 - 2014-09-22 11:30 - 00000000 ____D () C:\Program Files (x86)\ITbrain Agent
2014-09-20 14:02 - 2014-09-20 14:02 - 00000000 __HDC () C:\ProgramData\{651038AD-E038-410A-BD90-28FB006FD850}
2014-09-20 13:45 - 2014-09-22 11:30 - 00000000 ____D () C:\Program Files (x86)\TeamViewer9
2014-09-20 13:45 - 2014-09-20 13:45 - 00001051 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 9.lnk
2014-09-20 13:45 - 2014-09-20 13:45 - 00001039 _____ () C:\Users\Public\Desktop\TeamViewer 9.lnk
2014-09-20 05:15 - 2014-09-20 05:15 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-09-20 04:02 - 2014-09-20 04:02 - 00001396 _____ () C:\Users\sim\Desktop\BTC Core.lnk
2014-09-20 01:00 - 2014-09-20 13:29 - 00000000 ____D () C:\Users\sim\Desktop\sim sept
2014-09-20 00:48 - 2014-09-20 01:41 - 00000000 ____D () C:\Users\sim\Desktop\SEPT bugs
2014-09-20 00:23 - 2014-09-20 01:41 - 00000000 ____D () C:\Windows\SysWOW64\electrum_data
2014-09-20 00:23 - 2014-09-20 00:40 - 00000000 ____D () C:\Users\sim\AppData\Roaming\ImgBurn
2014-09-19 22:55 - 2014-09-19 22:55 - 00000000 ____D () C:\ProgramData\Emsisoft
2014-09-19 21:56 - 2014-09-20 01:41 - 00000000 ____D () C:\Program Files (x86)\Emsisoft Anti-Malware
2014-09-19 21:43 - 2014-09-19 21:43 - 00001655 _____ () C:\Users\sim\AppData\Roaming\SvcTraceViewer.exe.settings
2014-09-19 21:14 - 2014-09-20 01:41 - 00000000 ____D () C:\Program Files (x86)\ImgBurn
2014-09-19 18:11 - 2014-09-19 18:11 - 00000000 ____D () C:\Users\sim\.eclipse
2014-09-19 17:11 - 2014-09-19 17:11 - 00000000 ____D () C:\ProgramData\MemeoCommon
2014-09-19 15:04 - 2014-09-19 15:07 - 00000000 ____D () C:\Users\sim\AppData\Roaming\PyBitmessage
2014-09-19 14:23 - 2014-09-21 21:18 - 00000000 ____D () C:\Users\sim\AppData\Roaming\vlc
2014-09-19 13:59 - 2014-09-19 13:59 - 00001263 _____ () C:\Windows\nir.lnk
2014-09-19 13:57 - 2014-09-20 03:19 - 00000000 ____D () C:\Users\sim\AppData\Roaming\BitShares X
2014-09-19 13:57 - 2014-09-19 13:57 - 00000818 _____ () C:\Users\sim\Desktop\BitSharesX.lnk
2014-09-19 13:57 - 2014-09-19 13:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BitSharesX
2014-09-19 12:33 - 2014-09-19 12:34 - 00000000 ____D () C:\Users\sim\AppData\Roaming\SteelBytes
2014-09-19 12:25 - 2014-09-19 12:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java Development Kit
2014-09-19 11:11 - 2014-09-20 01:06 - 00000000 ____D () C:\sim
2014-09-19 00:24 - 2014-09-21 21:58 - 00000000 ____D () C:\Program Files\Bitcoin
2014-09-18 17:35 - 2014-09-18 17:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GEPath 1.4.6
2014-09-18 17:34 - 2014-09-18 17:34 - 00249856 ____N (Microsoft Corporation) C:\Windows\Setup1.exe
2014-09-18 17:34 - 2014-09-18 17:34 - 00073216 _____ (Microsoft Corporation) C:\Windows\ST6UNST.EXE
2014-09-18 17:34 - 2014-09-18 17:34 - 00000000 ____D () C:\Users\sim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GEPath 1.4.6
2014-09-17 16:43 - 2014-09-17 16:43 - 00000353 _____ () C:\Windows\SysWOW64\mugenw.log
2014-09-17 16:42 - 2014-09-20 04:03 - 00000000 ____D () C:\Program Files (x86)\Armory
2014-09-17 16:42 - 2014-09-17 16:42 - 00000981 _____ () C:\Users\Public\Desktop\Bitcoin Armory.lnk
2014-09-17 16:42 - 2014-09-17 16:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Armory
2014-09-17 13:44 - 2000-01-01 10:00 - 00037888 _____ () C:\Windows\Start Tor Browser.exe
2014-09-17 12:53 - 2014-09-17 12:53 - 00302526 ____N () C:\Windows\Minidump\091714-36457-01.dmp
2014-09-16 21:04 - 2014-09-20 04:02 - 00000000 ____D () C:\Users\sim\AppData\Roaming\Bitcoin
2014-09-16 19:57 - 2014-09-16 19:58 - 00000000 ____D () C:\Users\sim\Desktop\Tor Browser 3.6.5
2014-09-15 22:07 - 2014-09-16 00:37 - 00000000 ____D () C:\Windows\sta
2014-09-12 20:32 - 2014-08-19 08:05 - 00596480 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-09-12 20:31 - 2014-08-20 04:05 - 00374968 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-09-12 20:31 - 2014-08-20 03:39 - 00327872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-09-12 20:31 - 2014-08-19 09:01 - 23591424 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-09-12 20:31 - 2014-08-19 08:29 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-09-12 20:31 - 2014-08-19 08:29 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-09-12 20:31 - 2014-08-19 08:26 - 17455104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-09-12 20:31 - 2014-08-19 08:20 - 02793984 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-09-12 20:31 - 2014-08-19 08:19 - 05833728 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-09-12 20:31 - 2014-08-19 08:15 - 00547328 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-09-12 20:31 - 2014-08-19 08:15 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-09-12 20:31 - 2014-08-19 08:14 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-09-12 20:31 - 2014-08-19 08:14 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-09-12 20:31 - 2014-08-19 08:08 - 04232704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-09-12 20:31 - 2014-08-19 08:08 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-09-12 20:31 - 2014-08-19 08:08 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-09-12 20:31 - 2014-08-19 08:03 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-09-12 20:31 - 2014-08-19 08:03 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-09-12 20:31 - 2014-08-19 08:03 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-09-12 20:31 - 2014-08-19 07:57 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-09-12 20:31 - 2014-08-19 07:56 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-09-12 20:31 - 2014-08-19 07:51 - 00446464 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-09-12 20:31 - 2014-08-19 07:46 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-09-12 20:31 - 2014-08-19 07:45 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-09-12 20:31 - 2014-08-19 07:45 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-09-12 20:31 - 2014-08-19 07:44 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-09-12 20:31 - 2014-08-19 07:44 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-09-12 20:31 - 2014-08-19 07:42 - 02185728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-09-12 20:31 - 2014-08-19 07:40 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-09-12 20:31 - 2014-08-19 07:39 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-09-12 20:31 - 2014-08-19 07:39 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-09-12 20:31 - 2014-08-19 07:39 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-09-12 20:31 - 2014-08-19 07:38 - 00289280 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-09-12 20:31 - 2014-08-19 07:37 - 00440320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-09-12 20:31 - 2014-08-19 07:36 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-09-12 20:31 - 2014-08-19 07:35 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-09-12 20:31 - 2014-08-19 07:27 - 00365056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-09-12 20:31 - 2014-08-19 07:25 - 00727040 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-09-12 20:31 - 2014-08-19 07:25 - 00707072 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-09-12 20:31 - 2014-08-19 07:23 - 02104832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-09-12 20:31 - 2014-08-19 07:23 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-09-12 20:31 - 2014-08-19 07:22 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-09-12 20:31 - 2014-08-19 07:19 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-09-12 20:31 - 2014-08-19 07:17 - 00243200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-09-12 20:31 - 2014-08-19 07:17 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-09-12 20:31 - 2014-08-19 07:16 - 13588480 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-09-12 20:31 - 2014-08-19 07:15 - 11769856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-09-12 20:31 - 2014-08-19 07:15 - 02310656 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-09-12 20:31 - 2014-08-19 07:09 - 00603136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-09-12 20:31 - 2014-08-19 07:08 - 02014208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-09-12 20:31 - 2014-08-19 07:07 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-09-12 20:31 - 2014-08-19 06:55 - 01447424 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-09-12 20:31 - 2014-08-19 06:46 - 01812992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-09-12 20:31 - 2014-08-19 06:38 - 01190400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-09-12 20:31 - 2014-08-19 06:38 - 00775168 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-09-12 20:31 - 2014-08-19 06:36 - 00678400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-09-12 20:25 - 2014-06-27 12:08 - 02777088 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2014-09-12 20:25 - 2014-06-27 11:45 - 02285056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2014-09-12 19:15 - 2014-08-01 21:53 - 01031168 _____ (Microsoft Corporation) C:\Windows\system32\TSWorkspace.dll
2014-09-12 19:15 - 2014-08-01 21:35 - 00793600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSWorkspace.dll
2014-09-12 18:31 - 2014-09-12 18:31 - 00000000 ____D () C:\games
2014-09-12 18:30 - 2014-09-15 14:50 - 00001256 _____ () C:\Users\sim\Desktop\Applewin.lnk
2014-09-11 22:42 - 2014-07-07 12:06 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-09-11 22:42 - 2014-07-07 12:06 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-09-11 22:42 - 2014-07-07 11:40 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-09-11 22:42 - 2014-07-07 11:40 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-09-11 22:42 - 2014-07-07 11:39 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-09-11 22:23 - 2014-06-24 13:29 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2014-09-11 22:23 - 2014-06-24 12:59 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2014-09-10 20:25 - 2014-09-21 22:02 - 00000000 ____D () C:\Users\sim\AppData\Roaming\uTorrent
2014-09-10 18:46 - 2014-06-12 03:36 - 00320216 _____ () C:\Windows\eclipse.exe
2014-09-10 18:45 - 2014-09-10 18:45 - 00000911 _____ () C:\Users\sim\Desktop\Eclipse.lnk
2014-09-10 15:46 - 2014-06-12 03:36 - 00121537 _____ () C:\Program Files\artifacts.xml
2014-09-10 15:46 - 2014-06-12 03:36 - 00000456 _____ () C:\Program Files\eclipse.ini
2014-09-10 15:46 - 2014-06-12 03:36 - 00000000 ____D () C:\Program Files\readme
2014-09-10 15:46 - 2014-06-12 03:36 - 00000000 ____D () C:\Program Files\plugins
2014-09-10 15:46 - 2014-06-12 03:36 - 00000000 ____D () C:\Program Files\features
2014-09-10 15:46 - 2014-06-12 03:36 - 00000000 ____D () C:\Program Files\dropins
2014-09-10 15:46 - 2014-06-12 03:36 - 00000000 ____D () C:\Program Files\configuration
2014-09-10 15:46 - 2014-06-12 03:35 - 00000000 ____D () C:\Program Files\p2
2014-09-10 15:46 - 2014-06-04 20:13 - 00012638 _____ () C:\Program Files\epl-v10.html
2014-09-10 15:46 - 2014-06-04 20:06 - 00009013 _____ () C:\Program Files\notice.html
2014-09-10 15:46 - 2014-06-04 20:06 - 00000060 _____ () C:\Program Files\.eclipseproduct
2014-09-09 18:00 - 2014-09-09 18:00 - 00699568 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-09-09 18:00 - 2014-09-09 18:00 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-09-09 17:54 - 2014-09-19 00:25 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-09-09 17:54 - 2014-09-09 17:54 - 00002021 _____ () C:\Users\Public\Desktop\Adobe Reader XI.lnk
2014-09-09 17:53 - 2014-09-09 17:53 - 00000000 ____D () C:\Program Files (x86)\Adobe
2014-09-09 17:29 - 2014-06-18 12:18 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe
2014-09-09 17:29 - 2014-06-18 11:51 - 00646144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\osk.exe
2014-09-09 17:29 - 2014-05-08 19:32 - 03178496 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2014-09-09 17:29 - 2014-05-08 19:32 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\RdpGroupPolicyExtension.dll
2014-09-09 17:29 - 2014-04-25 12:34 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2014-09-09 17:29 - 2014-04-25 12:06 - 00626688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
2014-09-09 17:29 - 2014-04-05 12:47 - 01903552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2014-09-09 17:29 - 2014-04-05 12:47 - 00288192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2014-09-09 17:29 - 2014-03-27 00:44 - 02002432 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2014-09-09 17:29 - 2014-03-27 00:44 - 01882112 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-09-09 17:29 - 2014-03-27 00:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2014-09-09 17:29 - 2014-03-27 00:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-09-09 17:29 - 2014-03-27 00:27 - 01389056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2014-09-09 17:29 - 2014-03-27 00:27 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-09-09 17:29 - 2014-03-27 00:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll
2014-09-09 17:29 - 2014-03-27 00:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2014-09-09 17:28 - 2014-07-16 13:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-09-09 17:28 - 2014-07-16 12:46 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-09-09 17:28 - 2014-06-25 12:05 - 14175744 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-09-09 17:28 - 2014-06-25 11:41 - 12874240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-09-09 17:28 - 2014-06-16 12:10 - 00985536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2014-09-09 17:28 - 2014-06-06 20:10 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-09-09 17:28 - 2014-06-06 19:44 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2014-09-09 17:28 - 2014-06-03 20:02 - 03241984 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-09-09 17:28 - 2014-06-03 20:02 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2014-09-09 17:28 - 2014-06-03 20:02 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2014-09-09 17:28 - 2014-06-03 20:02 - 00112064 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2014-09-09 17:28 - 2014-06-03 19:29 - 02363392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-09-09 17:28 - 2014-06-03 19:29 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2014-09-09 17:28 - 2014-06-03 19:29 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2014-09-09 17:28 - 2014-05-30 18:08 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-09-09 17:28 - 2014-05-30 18:08 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-09-09 17:28 - 2014-05-30 18:08 - 00307200 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2014-09-09 17:28 - 2014-05-30 18:08 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-09-09 17:28 - 2014-05-30 18:08 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-09-09 17:28 - 2014-05-30 18:08 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-09-09 17:28 - 2014-05-30 17:52 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2014-09-09 17:28 - 2014-05-30 17:52 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-09-09 17:28 - 2014-05-30 17:52 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2014-09-09 17:28 - 2014-05-30 17:52 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2014-09-09 17:28 - 2014-05-30 17:52 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-09-09 17:28 - 2014-05-30 17:52 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-09-09 17:28 - 2014-05-30 16:45 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2014-09-09 17:28 - 2014-03-04 19:47 - 05550016 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-09-09 17:28 - 2014-03-04 19:44 - 00722944 _____ (Microsoft Corporation) C:\Windows\system32\objsel.dll
2014-09-09 17:28 - 2014-03-04 19:44 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2014-09-09 17:28 - 2014-03-04 19:44 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\wincredprovider.dll
2014-09-09 17:28 - 2014-03-04 19:43 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2014-09-09 17:28 - 2014-03-04 19:43 - 00057344 _____ (Microsoft Corporation) C:\Windows\system32\cngprovider.dll
2014-09-09 17:28 - 2014-03-04 19:43 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\adprovider.dll
2014-09-09 17:28 - 2014-03-04 19:43 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\capiprovider.dll
2014-09-09 17:28 - 2014-03-04 19:43 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\dpapiprovider.dll
2014-09-09 17:28 - 2014-03-04 19:43 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\dimsroam.dll
2014-09-09 17:28 - 2014-03-04 19:20 - 03969984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2014-09-09 17:28 - 2014-03-04 19:20 - 03914176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2014-09-09 17:28 - 2014-03-04 19:17 - 00538112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\objsel.dll
2014-09-09 17:28 - 2014-03-04 19:17 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cngprovider.dll
2014-09-09 17:28 - 2014-03-04 19:17 - 00049664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adprovider.dll
2014-09-09 17:28 - 2014-03-04 19:17 - 00048128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\capiprovider.dll
2014-09-09 17:28 - 2014-03-04 19:17 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpapiprovider.dll
2014-09-09 17:28 - 2014-03-04 19:17 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dimsroam.dll
2014-09-09 17:28 - 2014-03-04 19:17 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wincredprovider.dll
2014-09-09 17:28 - 2014-03-04 19:16 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2014-09-09 17:25 - 2014-08-23 12:07 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-09-09 17:25 - 2014-08-23 11:45 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-09-09 17:25 - 2014-08-23 10:59 - 03163648 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-09-09 17:25 - 2014-07-14 12:02 - 01216000 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2014-09-09 17:25 - 2014-07-14 11:40 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2014-09-09 17:25 - 2014-04-12 12:22 - 00155072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2014-09-09 17:25 - 2014-04-12 12:22 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2014-09-09 17:25 - 2014-04-12 12:19 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2014-09-09 17:25 - 2014-04-12 12:19 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2014-09-09 17:25 - 2014-04-12 12:19 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2014-09-09 17:25 - 2014-04-12 12:19 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2014-09-09 17:16 - 2014-03-27 19:50 - 00220960 _____ () C:\Users\sim\Desktop\CryptoGadget.gadget
2014-09-09 14:07 - 2014-09-22 02:57 - 00000000 ____D () C:\Program Files\eclipse
2014-09-08 17:11 - 2014-09-09 20:18 - 00000000 ____D () C:\Users\sim\Documents\NetBeansProjects
2014-09-08 17:10 - 2014-09-08 17:10 - 00000000 ____D () C:\Users\sim\AppData\Roaming\NetBeans
2014-09-08 11:54 - 2014-09-08 11:54 - 00000000 ___DL () C:\java
2014-09-05 14:16 - 2014-09-05 14:16 - 00301582 ____N () C:\Windows\Minidump\090514-33197-01.dmp
2014-09-05 14:10 - 2014-09-05 14:10 - 00301582 ____N () C:\Windows\Minidump\090514-32370-01.dmp
2014-09-04 12:40 - 2014-09-04 12:40 - 00000000 ____D () C:\ProgramData\Sony Corporation
2014-09-03 21:37 - 2014-09-03 21:37 - 00000000 ____D () C:\Users\sim\AppData\Roaming\NVIDIA Corporation
2014-09-03 21:22 - 2011-06-26 16:45 - 00256000 _____ () C:\Windows\PEV.exe
2014-09-03 21:22 - 2010-11-08 03:20 - 00208896 _____ () C:\Windows\MBR.exe
2014-09-03 21:22 - 2000-08-31 10:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-09-03 21:22 - 2000-08-31 10:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-09-03 21:22 - 2000-08-31 10:00 - 00098816 _____ () C:\Windows\sed.exe
2014-09-03 21:22 - 2000-08-31 10:00 - 00080412 _____ () C:\Windows\grep.exe
2014-09-03 21:22 - 2000-08-31 10:00 - 00068096 _____ () C:\Windows\zip.exe
2014-09-02 01:20 - 2014-09-13 12:34 - 00000000 ____D () C:\Windows\rescache
2014-09-02 00:55 - 2014-09-02 00:55 - 00005320 _____ () C:\Windows\system32\NVIDIA System Information 09-02-2014 00-55-18.txt
2014-09-01 23:17 - 2014-09-01 23:17 - 00000037 _____ () C:\Users\sim\AppData\Roaming\mbam.context.scan
2014-09-01 22:49 - 2014-09-01 22:49 - 00301582 ____N () C:\Windows\Minidump\090114-30856-01.dmp
2014-08-28 22:38 - 2014-09-22 09:10 - 00000000 ____D () C:\AdwCleaner
2014-08-28 22:23 - 2014-09-03 21:30 - 00000000 ____D () C:\Qoobox
2014-08-28 22:23 - 2014-09-03 21:27 - 00000000 ____D () C:\Windows\erdnt
2014-08-28 22:05 - 2014-09-22 11:32 - 00000000 ____D () C:\Users\sim\Desktop\rk
2014-08-28 21:58 - 2014-08-28 22:20 - 00000000 ___HD () C:\TDSSKiller_Quarantine
2014-08-28 14:15 - 2014-09-22 07:33 - 00000000 ____D () C:\!!
2014-08-28 12:45 - 2014-08-28 12:45 - 05731200 _____ () C:\Users\sim\Documents\bookmarks_28_08_2014.html
2014-08-28 12:44 - 2014-09-12 20:23 - 00002357 _____ () C:\Users\sim\Desktop\Google Chrome.lnk
2014-08-28 12:43 - 2014-09-22 10:48 - 00000900 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-225003192-1978909567-2472267684-1019UA.job
2014-08-28 12:43 - 2014-09-20 12:48 - 00000848 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-225003192-1978909567-2472267684-1019Core.job
2014-08-28 12:43 - 2014-08-28 12:43 - 00003870 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-225003192-1978909567-2472267684-1019UA
2014-08-28 12:43 - 2014-08-28 12:43 - 00003474 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-225003192-1978909567-2472267684-1019Core
2014-08-28 12:23 - 2014-09-01 17:47 - 00000000 ____D () C:\OpenSSL-Win64
2014-08-28 12:23 - 2014-08-28 12:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenSSL
2014-08-27 13:09 - 2014-08-27 13:09 - 00001207 _____ () C:\Users\sim\Desktop\cmd.lnk
2014-08-27 12:24 - 2014-07-01 08:24 - 00008856 _____ (Microsoft Corporation) C:\Windows\system32\icardres.dll
2014-08-27 12:24 - 2014-07-01 08:14 - 00008856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardres.dll
2014-08-27 12:24 - 2014-06-06 16:16 - 00035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe
2014-08-27 12:24 - 2014-06-06 16:12 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2014-08-27 12:24 - 2014-03-10 07:48 - 01389208 _____ (Microsoft Corporation) C:\Windows\system32\icardagt.exe
2014-08-27 12:24 - 2014-03-10 07:48 - 00171160 _____ (Microsoft Corporation) C:\Windows\system32\infocardapi.dll
2014-08-27 12:24 - 2014-03-10 07:47 - 00619672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardagt.exe
2014-08-27 12:24 - 2014-03-10 07:47 - 00099480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\infocardapi.dll
2014-08-26 22:35 - 2014-05-15 02:23 - 02477536 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2014-08-26 22:35 - 2014-05-15 02:23 - 00058336 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2014-08-26 22:35 - 2014-05-15 02:23 - 00044512 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2014-08-26 22:35 - 2014-05-15 02:21 - 02620928 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2014-08-26 22:32 - 2014-05-15 02:23 - 00700384 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2014-08-26 22:32 - 2014-05-15 02:23 - 00581600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2014-08-26 22:32 - 2014-05-15 02:23 - 00038880 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2014-08-26 22:32 - 2014-05-15 02:23 - 00036320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2014-08-26 22:32 - 2014-05-15 02:20 - 00097792 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2014-08-26 22:32 - 2014-05-15 02:17 - 00092672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2014-08-26 22:27 - 2014-07-03 03:44 - 00609240 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2014-08-26 22:26 - 2014-07-03 06:48 - 31512520 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2014-08-26 22:26 - 2014-07-03 06:48 - 24196896 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2014-08-26 22:26 - 2014-07-03 06:48 - 22994208 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2014-08-26 22:26 - 2014-07-03 06:48 - 18626304 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2014-08-26 22:26 - 2014-07-03 06:48 - 17555104 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2014-08-26 22:26 - 2014-07-03 06:48 - 16122344 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2014-08-26 22:26 - 2014-07-03 06:48 - 15294296 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2014-08-26 22:26 - 2014-07-03 06:48 - 13922752 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2014-08-26 22:26 - 2014-07-03 06:48 - 13835208 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2014-08-26 22:26 - 2014-07-03 06:48 - 12866008 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2014-08-26 22:26 - 2014-07-03 06:48 - 11283344 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2014-08-26 22:26 - 2014-07-03 06:48 - 11222048 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2014-08-26 22:26 - 2014-07-03 06:48 - 04247000 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2014-08-26 22:26 - 2014-07-03 06:48 - 03989960 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2014-08-26 22:26 - 2014-07-03 06:48 - 01890080 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6434052.dll
2014-08-26 22:26 - 2014-07-03 06:48 - 01539928 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6434052.dll
2014-08-26 22:26 - 2014-07-03 06:48 - 00944928 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2014-08-26 22:26 - 2014-07-03 06:48 - 00907096 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2014-08-26 22:26 - 2014-07-03 06:48 - 00903624 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2014-08-26 22:26 - 2014-07-03 06:48 - 00869152 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2014-08-26 22:24 - 2014-05-14 09:23 - 00198600 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2014-08-26 22:24 - 2014-05-14 09:23 - 00179656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2014-08-26 22:24 - 2014-05-14 09:20 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2014-08-26 22:24 - 2014-05-14 09:17 - 00033792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2014-08-26 22:12 - 2014-09-20 01:44 - 00001927 _____ () C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2014-08-26 22:12 - 2014-08-26 22:12 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-08-23 00:59 - 2014-08-23 00:59 - 00001248 _____ () C:\Windows\Applewin.lnk
2014-08-23 00:41 - 2014-08-23 00:41 - 00000916 _____ () C:\Windows\DirectX.log
2014-08-23 00:41 - 2010-05-26 11:41 - 02526056 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_43.dll
2014-08-23 00:41 - 2010-05-26 11:41 - 02401112 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_43.dll
2014-08-23 00:41 - 2010-05-26 11:41 - 01998168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_43.dll
2014-08-23 00:41 - 2010-05-26 11:41 - 01907552 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_43.dll
2014-08-23 00:41 - 2010-05-26 11:41 - 01868128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_43.dll
2014-08-23 00:41 - 2010-05-26 11:41 - 00511328 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_43.dll
2014-08-23 00:41 - 2010-05-26 11:41 - 00470880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_43.dll
2014-08-23 00:41 - 2010-05-26 11:41 - 00276832 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_43.dll
2014-08-23 00:41 - 2010-05-26 11:41 - 00248672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_43.dll
2014-08-23 00:41 - 2009-09-04 17:29 - 05554512 _____ (Microsoft Corporation) C:\Windows\system32\d3dcsx_42.dll
2014-08-23 00:41 - 2009-09-04 17:29 - 05501792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dcsx_42.dll
2014-08-23 00:41 - 2009-09-04 17:29 - 02582888 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_42.dll
2014-08-23 00:41 - 2009-09-04 17:29 - 02475352 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_42.dll
2014-08-23 00:41 - 2009-09-04 17:29 - 01974616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_42.dll
2014-08-23 00:41 - 2009-09-04 17:29 - 01892184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_42.dll
2014-08-23 00:41 - 2009-09-04 17:29 - 00523088 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_42.dll
2014-08-23 00:41 - 2009-09-04 17:29 - 00453456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_42.dll
2014-08-23 00:41 - 2009-09-04 17:29 - 00285024 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_42.dll
2014-08-23 00:41 - 2009-09-04 17:29 - 00235344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_42.dll
2014-08-23 00:41 - 2009-03-09 15:27 - 05425496 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_41.dll
2014-08-23 00:41 - 2009-03-09 15:27 - 04178264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_41.dll
2014-08-23 00:41 - 2009-03-09 15:27 - 02430312 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_41.dll
2014-08-23 00:41 - 2009-03-09 15:27 - 00520544 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_41.dll
2014-08-23 00:41 - 2007-07-19 18:14 - 05073256 _____ (Microsoft Corporation) C:\Windows\system32\d3dx9_35.dll
2014-08-23 00:41 - 2007-07-19 18:14 - 03727720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx9_35.dll
2014-08-23 00:41 - 2007-07-19 18:14 - 01985904 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_35.dll
2014-08-23 00:41 - 2007-07-19 18:14 - 01358192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_35.dll
2014-08-23 00:41 - 2007-07-19 18:14 - 00508264 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_35.dll
2014-08-23 00:41 - 2007-07-19 18:14 - 00444776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_35.dll
2014-08-23 00:35 - 2014-08-23 00:35 - 00001687 _____ () C:\Users\Public\Desktop\NVIDIA Nsight HUD Launcher 3.1.lnk
2014-08-23 00:35 - 2013-06-28 21:26 - 02555680 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2014-08-23 00:23 - 2014-08-23 00:23 - 00000000 ____D () C:\Program Files\NVIDIA GPU Computing Toolkit
2014-08-23 00:23 - 2014-07-03 06:48 - 14498552 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2014-08-23 00:23 - 2014-07-03 06:48 - 02814656 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2014-08-23 00:23 - 2013-06-28 23:20 - 01832224 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6432057.dll
2014-08-23 00:23 - 2013-06-28 23:20 - 01511712 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6432057.dll

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-22 11:32 - 2014-09-22 11:31 - 00000000 ____D () C:\FRST
2014-09-22 11:32 - 2014-08-28 22:05 - 00000000 ____D () C:\Users\sim\Desktop\rk
2014-09-22 11:30 - 2014-09-20 14:02 - 00000000 ____D () C:\Program Files (x86)\ITbrain Agent
2014-09-22 11:30 - 2014-09-20 13:45 - 00000000 ____D () C:\Program Files (x86)\TeamViewer9
2014-09-22 10:48 - 2014-08-28 12:43 - 00000900 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-225003192-1978909567-2472267684-1019UA.job
2014-09-22 09:18 - 2009-07-14 15:13 - 00888442 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-09-22 09:18 - 2009-07-14 14:45 - 00015152 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-09-22 09:18 - 2009-07-14 14:45 - 00015152 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-09-22 09:14 - 2011-07-18 19:30 - 01227767 _____ () C:\Windows\WindowsUpdate.log
2014-09-22 09:12 - 2014-05-01 16:54 - 00000000 ____D () C:\Users\sim\AppData\Roaming\SynWrite
2014-09-22 09:12 - 2014-04-19 00:22 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-09-22 09:12 - 2011-07-18 20:09 - 00025640 _____ (Windows ® Server 2003 DDK provider) C:\Windows\gdrv.sys
2014-09-22 09:11 - 2014-05-06 21:04 - 00065536 _____ () C:\Windows\system32\Ikeext.etl
2014-09-22 09:11 - 2013-10-27 00:39 - 00248600 _____ () C:\Windows\PFRO.log
2014-09-22 09:11 - 2013-10-20 02:50 - 00076172 _____ () C:\Windows\setupact.log
2014-09-22 09:11 - 2011-07-18 20:16 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-09-22 09:11 - 2009-07-14 15:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-09-22 09:10 - 2014-08-28 22:38 - 00000000 ____D () C:\AdwCleaner
2014-09-22 09:05 - 2009-07-14 13:20 - 00000000 ____D () C:\Windows\tracing
2014-09-22 08:58 - 2014-09-22 07:54 - 00033017 _____ () C:\Users\sim\Desktop\dds.txt
2014-09-22 08:58 - 2014-09-22 07:54 - 00020476 _____ () C:\Users\sim\Desktop\attach.txt
2014-09-22 08:56 - 2014-01-02 13:06 - 00000000 ____D () C:\Users\sim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ALTCOIN
2014-09-22 07:40 - 2014-09-22 07:40 - 00000058 _____ () C:\Users\sim\Desktop\GIGABYTE-DownloadCenter.url
2014-09-22 07:33 - 2014-08-28 14:15 - 00000000 ____D () C:\!!
2014-09-22 07:25 - 2014-09-22 07:25 - 00031648 _____ (REALiX™) C:\Windows\system32\Drivers\HWiNFO64A.SYS
2014-09-22 07:16 - 2014-05-02 20:34 - 00000000 ____D () C:\Windows\folders
2014-09-22 07:12 - 2009-07-14 13:20 - 00000000 ____D () C:\Windows\PLA
2014-09-22 07:08 - 2013-12-31 15:52 - 00000000 ____D () C:\Users\sim
2014-09-22 06:24 - 2014-09-22 06:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Evernote
2014-09-22 04:12 - 2014-09-22 03:58 - 00000000 ____D () C:\Program Files\OpenVPN
2014-09-22 04:09 - 2014-09-22 04:09 - 00000000 ___DL () C:\Windows\openssl
2014-09-22 04:03 - 2014-09-22 04:03 - 00000869 _____ () C:\Users\Public\Desktop\OpenVPN GUI.lnk
2014-09-22 04:03 - 2014-09-22 03:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenVPN
2014-09-22 04:03 - 2014-09-22 03:58 - 00000000 ____D () C:\Program Files\TAP-Windows
2014-09-22 03:58 - 2014-09-22 03:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TAP-Windows
2014-09-22 02:57 - 2014-09-09 14:07 - 00000000 ____D () C:\Program Files\eclipse
2014-09-22 02:22 - 2014-09-21 23:41 - 00001565 _____ () C:\Windows\comsetup.log
2014-09-21 23:41 - 2009-07-14 13:20 - 00000000 ____D () C:\Windows\registration
2014-09-21 23:39 - 2014-09-21 23:39 - 00000000 ___RD () C:\Users\sim\Documents\Notes
2014-09-21 22:31 - 2012-07-15 18:19 - 00000000 ____D () C:\ProgramData\TEMP
2014-09-21 22:02 - 2014-09-10 20:25 - 00000000 ____D () C:\Users\sim\AppData\Roaming\uTorrent
2014-09-21 22:01 - 2014-09-21 22:01 - 00000762 _____ () C:\Users\sim\Desktop\cbSetup.txt
2014-09-21 22:01 - 2014-09-21 22:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cobian Backup 11
2014-09-21 22:01 - 2014-09-21 21:56 - 00000000 ____D () C:\Program Files (x86)\Cobian Backup 11
2014-09-21 21:59 - 2014-04-16 22:26 - 00000000 ____D () C:\Users\sim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aiden
2014-09-21 21:58 - 2014-09-19 00:24 - 00000000 ____D () C:\Program Files\Bitcoin
2014-09-21 21:56 - 2014-04-18 09:44 - 00024286 _____ () C:\Users\sim\AppData\Roaming\Notepad2.ini
2014-09-21 21:56 - 2014-04-18 09:44 - 00000000 ____D () C:\Program Files\Notepad2
2014-09-21 21:18 - 2014-09-19 14:23 - 00000000 ____D () C:\Users\sim\AppData\Roaming\vlc
2014-09-21 15:51 - 2014-09-21 15:51 - 00003122 _____ () C:\Windows\System32\Tasks\{4FC854BA-CAB6-4B90-908A-3FB04B808ADD}
2014-09-21 15:06 - 2012-05-05 11:16 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-09-21 15:06 - 2009-07-14 14:45 - 00412376 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-09-21 02:09 - 2014-09-21 02:09 - 00006094 _____ () C:\Users\sim\Desktop\institute.txt
2014-09-21 01:06 - 2013-12-31 17:28 - 00000000 ____D () C:\Program Files\pia_manager
2014-09-21 01:05 - 2011-07-18 22:35 - 00000000 ____D () C:\Program Files (x86)\K-Lite Codec Pack
2014-09-20 22:34 - 2014-05-02 10:44 - 00000000 ____D () C:\Python34
2014-09-20 22:13 - 2014-09-20 22:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PyQt GPL v4.11.2 for Python v3.4 (x64)
2014-09-20 21:32 - 2014-01-04 01:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ConTEXT
2014-09-20 20:33 - 2014-09-20 20:33 - 00688992 ____R (Swearware) C:\Users\sim\Desktop\dds.com
2014-09-20 14:02 - 2014-09-20 14:02 - 00000000 __HDC () C:\ProgramData\{651038AD-E038-410A-BD90-28FB006FD850}
2014-09-20 13:45 - 2014-09-20 13:45 - 00001051 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 9.lnk
2014-09-20 13:45 - 2014-09-20 13:45 - 00001039 _____ () C:\Users\Public\Desktop\TeamViewer 9.lnk
2014-09-20 13:29 - 2014-09-20 01:00 - 00000000 ____D () C:\Users\sim\Desktop\sim sept
2014-09-20 13:25 - 2014-01-02 01:08 - 00000000 ____D () C:\!Incoming
2014-09-20 12:48 - 2014-08-28 12:43 - 00000848 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-225003192-1978909567-2472267684-1019Core.job
2014-09-20 05:15 - 2014-09-20 05:15 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-09-20 04:03 - 2014-09-17 16:42 - 00000000 ____D () C:\Program Files (x86)\Armory
2014-09-20 04:02 - 2014-09-20 04:02 - 00001396 _____ () C:\Users\sim\Desktop\BTC Core.lnk
2014-09-20 04:02 - 2014-09-16 21:04 - 00000000 ____D () C:\Users\sim\AppData\Roaming\Bitcoin
2014-09-20 04:02 - 2014-03-22 04:24 - 00000000 ____D () C:\Users\sim\AppData\Roaming\Armory
2014-09-20 03:32 - 2014-01-02 13:06 - 00000000 ____D () C:\Users\sim\AppData\Roaming\Litecoin
2014-09-20 03:19 - 2014-09-19 13:57 - 00000000 ____D () C:\Users\sim\AppData\Roaming\BitShares X
2014-09-20 01:44 - 2014-08-26 22:12 - 00001927 _____ () C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2014-09-20 01:43 - 2012-02-16 17:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinAVI Video Converter
2014-09-20 01:43 - 2011-10-19 07:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft LifeCam
2014-09-20 01:43 - 2011-10-19 07:31 - 00000000 ____D () C:\Program Files (x86)\Microsoft LifeCam
2014-09-20 01:42 - 2014-08-19 13:20 - 00000000 ____D () C:\Users\Guest
2014-09-20 01:42 - 2014-08-15 22:32 - 00000000 ____D () C:\Users\user.Bushido
2014-09-20 01:42 - 2014-05-11 02:27 - 00000000 ____D () C:\Users\Administrator
2014-09-20 01:42 - 2014-05-01 07:26 - 00000000 ____D () C:\Users\DefaultAppPool
2014-09-20 01:42 - 2014-04-30 07:50 - 00000000 ____D () C:\Users\Classic .NET AppPool
2014-09-20 01:42 - 2013-03-11 19:36 - 00000000 ____D () C:\Users\Jess
2014-09-20 01:42 - 2013-03-03 11:01 - 00000000 ____D () C:\Users\Joshua
2014-09-20 01:42 - 2011-07-19 20:00 - 00000000 ____D () C:\Users\postgres
2014-09-20 01:42 - 2011-07-18 19:35 - 00000000 ____D () C:\Users\Mathew
2014-09-20 01:41 - 2014-09-20 00:48 - 00000000 ____D () C:\Users\sim\Desktop\SEPT bugs
2014-09-20 01:41 - 2014-09-20 00:23 - 00000000 ____D () C:\Windows\SysWOW64\electrum_data
2014-09-20 01:41 - 2014-09-19 21:56 - 00000000 ____D () C:\Program Files (x86)\Emsisoft Anti-Malware
2014-09-20 01:41 - 2014-09-19 21:14 - 00000000 ____D () C:\Program Files (x86)\ImgBurn
2014-09-20 01:41 - 2014-05-03 18:49 - 00000000 ____D () C:\Windows\nvram
2014-09-20 01:41 - 2014-05-03 18:49 - 00000000 ____D () C:\Windows\cfg
2014-09-20 01:41 - 2014-03-19 21:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MagicISO
2014-09-20 01:41 - 2014-03-19 21:52 - 00000000 ____D () C:\Program Files (x86)\MagicISO
2014-09-20 01:41 - 2014-02-06 04:55 - 00000000 ____D () C:\Program Files (x86)\BiosAgentPlus
2014-09-20 01:41 - 2014-01-04 23:32 - 00000000 ____D () C:\Users\sim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Primecoin
2014-09-20 01:41 - 2014-01-03 23:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Feathercoin
2014-09-20 01:41 - 2014-01-02 01:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++
2014-09-20 01:41 - 2014-01-02 01:35 - 00000000 ____D () C:\Program Files (x86)\Notepad++
2014-09-20 01:41 - 2014-01-01 18:13 - 00000000 ____D () C:\Users\sim\AppData\Roaming\IrfanView
2014-09-20 01:41 - 2014-01-01 16:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HWiNFO32
2014-09-20 01:41 - 2014-01-01 16:02 - 00000000 ____D () C:\Program Files (x86)\HWiNFO32
2014-09-20 01:41 - 2013-01-23 21:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Digiarty
2014-09-20 01:41 - 2013-01-23 21:24 - 00000000 ____D () C:\Program Files (x86)\Digiarty
2014-09-20 01:41 - 2012-10-26 17:37 - 00000000 ____D () C:\Program Files (x86)\Turbine
2014-09-20 01:41 - 2012-02-16 17:39 - 00000000 ____D () C:\Users\Mathew\AppData\Roaming\WinAVI
2014-09-20 01:41 - 2012-02-16 17:39 - 00000000 ____D () C:\Program Files (x86)\WinAVI Video Converter
2014-09-20 01:41 - 2011-10-19 07:31 - 00000000 ____D () C:\Program Files\Microsoft LifeCam
2014-09-20 01:41 - 2011-07-28 19:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Total Audio Converter
2014-09-20 01:41 - 2011-07-28 19:12 - 00000000 ____D () C:\Program Files (x86)\TotalAudioConverter
2014-09-20 01:41 - 2011-07-18 22:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack x64
2014-09-20 01:41 - 2011-07-18 22:35 - 00000000 ____D () C:\Program Files\K-Lite Codec Pack x64
2014-09-20 01:41 - 2011-07-18 19:37 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-09-20 01:41 - 2011-07-18 19:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GIGABYTE
2014-09-20 01:41 - 2009-07-14 13:20 - 00000000 ___HD () C:\Windows\system32\GroupPolicy
2014-09-20 01:41 - 2009-07-14 13:20 - 00000000 ____D () C:\Windows\security
2014-09-20 01:06 - 2014-09-19 11:11 - 00000000 ____D () C:\sim
2014-09-20 00:40 - 2014-09-20 00:23 - 00000000 ____D () C:\Users\sim\AppData\Roaming\ImgBurn
2014-09-20 00:13 - 2014-04-29 23:22 - 00000264 _____ () C:\Users\sim\AppData\Roaming\settings.set
2014-09-19 22:55 - 2014-09-19 22:55 - 00000000 ____D () C:\ProgramData\Emsisoft
2014-09-19 21:49 - 2014-08-21 14:38 - 00000000 ____D () C:\Users\sim\.nbi
2014-09-19 21:43 - 2014-09-19 21:43 - 00001655 _____ () C:\Users\sim\AppData\Roaming\SvcTraceViewer.exe.settings
2014-09-19 18:11 - 2014-09-19 18:11 - 00000000 ____D () C:\Users\sim\.eclipse
2014-09-19 17:11 - 2014-09-19 17:11 - 00000000 ____D () C:\ProgramData\MemeoCommon
2014-09-19 15:07 - 2014-09-19 15:04 - 00000000 ____D () C:\Users\sim\AppData\Roaming\PyBitmessage
2014-09-19 14:43 - 2012-11-19 17:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2014-09-19 14:43 - 2011-07-18 20:16 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2014-09-19 14:43 - 2011-07-18 20:15 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2014-09-19 13:59 - 2014-09-19 13:59 - 00001263 _____ () C:\Windows\nir.lnk
2014-09-19 13:57 - 2014-09-19 13:57 - 00000818 _____ () C:\Users\sim\Desktop\BitSharesX.lnk
2014-09-19 13:57 - 2014-09-19 13:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BitSharesX
2014-09-19 12:34 - 2014-09-19 12:33 - 00000000 ____D () C:\Users\sim\AppData\Roaming\SteelBytes
2014-09-19 12:25 - 2014-09-19 12:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java Development Kit
2014-09-19 12:25 - 2013-03-21 20:29 - 00000000 ____D () C:\Program Files\Java
2014-09-19 11:56 - 2012-03-16 20:37 - 00000000 ____D () C:\Program Files (x86)\Java
2014-09-19 11:29 - 2014-03-10 19:27 - 00000000 ____D () C:\Users\sim\.VirtualBox
2014-09-19 11:23 - 2014-04-29 23:10 - 00000000 ____D () C:\Users\sim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2014-09-19 11:23 - 2014-04-29 23:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2014-09-19 11:18 - 2014-01-01 21:10 - 00000000 ____D () C:\BACKUP
2014-09-19 10:38 - 2014-05-02 21:17 - 00135550 _____ () C:\Windows\MAME32ui.ini
2014-09-19 00:25 - 2014-09-09 17:54 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-09-18 17:35 - 2014-09-18 17:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GEPath 1.4.6
2014-09-18 17:34 - 2014-09-18 17:34 - 00249856 ____N (Microsoft Corporation) C:\Windows\Setup1.exe
2014-09-18 17:34 - 2014-09-18 17:34 - 00073216 _____ (Microsoft Corporation) C:\Windows\ST6UNST.EXE
2014-09-18 17:34 - 2014-09-18 17:34 - 00000000 ____D () C:\Users\sim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GEPath 1.4.6
2014-09-18 17:32 - 2014-04-30 22:17 - 00000000 ____D () C:\Users\sim\Documents\Outlook Files
2014-09-17 16:43 - 2014-09-17 16:43 - 00000353 _____ () C:\Windows\SysWOW64\mugenw.log
2014-09-17 16:42 - 2014-09-17 16:42 - 00000981 _____ () C:\Users\Public\Desktop\Bitcoin Armory.lnk
2014-09-17 16:42 - 2014-09-17 16:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Armory
2014-09-17 12:53 - 2014-09-17 12:53 - 00302526 ____N () C:\Windows\Minidump\091714-36457-01.dmp
2014-09-17 12:53 - 2011-09-26 12:40 - 00000000 ____D () C:\Windows\Minidump
2014-09-16 19:59 - 2014-04-10 09:54 - 00000712 _____ () C:\Users\sim\Desktop\tor.lnk
2014-09-16 19:58 - 2014-09-16 19:57 - 00000000 ____D () C:\Users\sim\Desktop\Tor Browser 3.6.5
2014-09-16 19:34 - 2014-01-19 02:53 - 00000000 ____D () C:\TEMP
2014-09-16 00:37 - 2014-09-15 22:07 - 00000000 ____D () C:\Windows\sta
2014-09-15 14:50 - 2014-09-12 18:30 - 00001256 _____ () C:\Users\sim\Desktop\Applewin.lnk
2014-09-15 14:42 - 2012-05-12 15:51 - 00000000 ____D () C:\Program Files (x86)\PokerStars
2014-09-13 12:34 - 2014-09-02 01:20 - 00000000 ____D () C:\Windows\rescache
2014-09-12 20:33 - 2011-07-18 22:04 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-09-12 20:31 - 2011-07-19 20:01 - 00872308 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-09-12 20:30 - 2013-10-26 13:31 - 00000000 ____D () C:\Windows\system32\MRT
2014-09-12 20:23 - 2014-08-28 12:44 - 00002357 _____ () C:\Users\sim\Desktop\Google Chrome.lnk
2014-09-12 18:31 - 2014-09-12 18:31 - 00000000 ____D () C:\games
2014-09-11 20:46 - 2014-05-07 01:32 - 00000828 __RSH () C:\Users\sim\ntuser.pol
2014-09-11 17:09 - 2009-07-14 17:46 - 00000000 ____D () C:\Program Files\Windows Journal
2014-09-11 17:09 - 2009-07-14 13:20 - 00000000 ____D () C:\Windows\SysWOW64\Dism
2014-09-11 17:09 - 2009-07-14 13:20 - 00000000 ____D () C:\Windows\system32\Dism
2014-09-11 17:09 - 2009-07-14 13:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-09-10 18:45 - 2014-09-10 18:45 - 00000911 _____ () C:\Users\sim\Desktop\Eclipse.lnk
2014-09-10 14:45 - 2009-07-14 15:08 - 00032586 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-09-09 20:18 - 2014-09-08 17:11 - 00000000 ____D () C:\Users\sim\Documents\NetBeansProjects
2014-09-09 20:04 - 2014-08-21 14:43 - 00000000 ____D () C:\Program Files\NetBeans 8.0
2014-09-09 18:00 - 2014-09-09 18:00 - 00699568 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-09-09 18:00 - 2014-09-09 18:00 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-09-09 17:54 - 2014-09-09 17:54 - 00002021 _____ () C:\Users\Public\Desktop\Adobe Reader XI.lnk
2014-09-09 17:53 - 2014-09-09 17:53 - 00000000 ____D () C:\Program Files (x86)\Adobe
2014-09-09 17:53 - 2011-07-18 22:34 - 00000000 ____D () C:\ProgramData\Adobe
2014-09-08 20:37 - 2013-12-31 21:56 - 00000000 ____D () C:\Users\sim\AppData\Roaming\Dropbox
2014-09-08 17:10 - 2014-09-08 17:10 - 00000000 ____D () C:\Users\sim\AppData\Roaming\NetBeans
2014-09-08 11:54 - 2014-09-08 11:54 - 00000000 ___DL () C:\java
2014-09-05 16:00 - 2012-10-31 18:07 - 00000000 ____D () C:\Program Files (x86)\VirtualDJ
2014-09-05 14:16 - 2014-09-05 14:16 - 00301582 ____N () C:\Windows\Minidump\090514-33197-01.dmp
2014-09-05 14:10 - 2014-09-05 14:10 - 00301582 ____N () C:\Windows\Minidump\090514-32370-01.dmp
2014-09-04 23:22 - 2013-01-28 17:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PlayMemories Home
2014-09-04 23:21 - 2013-01-28 17:29 - 00000000 ____D () C:\Program Files (x86)\Sony
2014-09-04 12:40 - 2014-09-04 12:40 - 00000000 ____D () C:\ProgramData\Sony Corporation
2014-09-03 21:37 - 2014-09-03 21:37 - 00000000 ____D () C:\Users\sim\AppData\Roaming\NVIDIA Corporation
2014-09-03 21:30 - 2014-08-28 22:23 - 00000000 ____D () C:\Qoobox
2014-09-03 21:27 - 2014-08-28 22:23 - 00000000 ____D () C:\Windows\erdnt
2014-09-03 21:27 - 2009-07-14 12:34 - 00000215 _____ () C:\Windows\system.ini
2014-09-03 20:22 - 2014-03-20 06:33 - 00000000 ____D () C:\Program Files (x86)\epson
2014-09-02 00:55 - 2014-09-02 00:55 - 00005320 _____ () C:\Windows\system32\NVIDIA System Information 09-02-2014 00-55-18.txt
2014-09-02 00:47 - 2014-01-01 16:04 - 00000000 ____D () C:\Program Files\Intel
2014-09-02 00:30 - 2013-12-31 15:52 - 00000000 ____D () C:\Users\sim\AppData\Roaming\Adobe
2014-09-02 00:21 - 2012-03-25 16:48 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DU Meter
2014-09-01 23:17 - 2014-09-01 23:17 - 00000037 _____ () C:\Users\sim\AppData\Roaming\mbam.context.scan
2014-09-01 22:49 - 2014-09-01 22:49 - 00301582 ____N () C:\Windows\Minidump\090114-30856-01.dmp
2014-09-01 17:50 - 2009-07-14 13:20 - 00000000 ____D () C:\Windows\servicing
2014-09-01 17:49 - 2009-07-14 13:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared
2014-09-01 17:47 - 2014-08-28 12:23 - 00000000 ____D () C:\OpenSSL-Win64
2014-08-29 13:01 - 2011-07-18 20:35 - 101694776 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-08-28 22:48 - 2013-12-31 15:05 - 00000000 ____D () C:\Users\Joshua\User Data [BAK]
2014-08-28 22:20 - 2014-08-28 21:58 - 00000000 ___HD () C:\TDSSKiller_Quarantine
2014-08-28 12:45 - 2014-08-28 12:45 - 05731200 _____ () C:\Users\sim\Documents\bookmarks_28_08_2014.html
2014-08-28 12:44 - 2014-01-05 23:20 - 00002349 _____ () C:\Users\sim\Desktop\Chrome App Launcher.lnk
2014-08-28 12:44 - 2014-01-05 23:20 - 00000000 ____D () C:\Users\sim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-08-28 12:43 - 2014-08-28 12:43 - 00003870 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-225003192-1978909567-2472267684-1019UA
2014-08-28 12:43 - 2014-08-28 12:43 - 00003474 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-225003192-1978909567-2472267684-1019Core
2014-08-28 12:30 - 2014-03-07 00:34 - 00000000 ____D () C:\DEC256
2014-08-28 12:23 - 2014-08-28 12:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenSSL
2014-08-27 13:09 - 2014-08-27 13:09 - 00001207 _____ () C:\Users\sim\Desktop\cmd.lnk
2014-08-26 22:57 - 2014-02-06 22:46 - 00000892 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-08-26 22:57 - 2014-02-06 22:46 - 00000888 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-08-26 22:17 - 2014-02-06 22:46 - 00002077 _____ () C:\Users\Public\Desktop\Google Slides.lnk
2014-08-26 22:17 - 2014-02-06 22:46 - 00002075 _____ () C:\Users\Public\Desktop\Google Sheets.lnk
2014-08-26 22:17 - 2014-02-06 22:46 - 00002065 _____ () C:\Users\Public\Desktop\Google Docs.lnk
2014-08-26 22:17 - 2014-02-06 22:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2014-08-26 22:12 - 2014-08-26 22:12 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-08-26 22:12 - 2014-04-19 00:22 - 01041168 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2014-08-26 22:12 - 2014-04-19 00:22 - 00427360 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2014-08-26 22:12 - 2014-04-19 00:22 - 00307344 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-08-26 22:12 - 2014-04-19 00:22 - 00224896 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2014-08-26 22:12 - 2014-04-19 00:22 - 00093568 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2014-08-26 22:12 - 2014-04-19 00:22 - 00092008 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2014-08-26 22:12 - 2014-04-19 00:22 - 00079184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-08-26 22:12 - 2014-04-19 00:22 - 00065776 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2014-08-26 22:12 - 2014-04-19 00:22 - 00029208 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2014-08-26 22:12 - 2014-04-19 00:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast
2014-08-26 22:11 - 2014-02-06 22:46 - 00003892 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-08-26 22:11 - 2014-02-06 22:46 - 00003640 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-08-25 06:53 - 2011-07-18 20:39 - 00270496 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-08-23 12:07 - 2014-09-09 17:25 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-08-23 11:45 - 2014-09-09 17:25 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-08-23 10:59 - 2014-09-09 17:25 - 03163648 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-08-23 00:59 - 2014-08-23 00:59 - 00001248 _____ () C:\Windows\Applewin.lnk
2014-08-23 00:41 - 2014-08-23 00:41 - 00000916 _____ () C:\Windows\DirectX.log
2014-08-23 00:35 - 2014-08-23 00:35 - 00001687 _____ () C:\Users\Public\Desktop\NVIDIA Nsight HUD Launcher 3.1.lnk
2014-08-23 00:35 - 2014-01-02 09:46 - 00000000 ____D () C:\ProgramData\NVIDIA Corporation
2014-08-23 00:23 - 2014-08-23 00:23 - 00000000 ____D () C:\Program Files\NVIDIA GPU Computing Toolkit

Files to move or delete:
====================
C:\Users\sim\bitcoind.exe
C:\Users\sim\dec256b.bat
C:\Users\sim\dec256d.bat
C:\Users\sim\dec256E.bat
C:\Users\sim\dec256f.bat
C:\Users\sim\toree.bat


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


testsigning: ==> Check for possible unsigned rootkit driver <===== ATTENTION!


LastRegBack: 2014-09-16 01:34

==================== End Of Log ============================

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 21-09-2014 01
Ran by sim at 2014-09-22 11:32:45
Running from C:\Users\sim\Desktop\rk
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: avast! Antivirus (Disabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Disabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
FW: avast! Antivirus (Disabled) {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

 Update for Microsoft Office 2007 (KB2508958) (HKLM-x32\...\{91120000-0051-0000-0000-0000000FF1CE}_VISPROR_{0C5823AA-7B6F-44E1-8D5B-8FD1FF0E6438}) (Version:  - Microsoft)
@BIOS (HKLM-x32\...\{B2DC3F08-2EB2-49A5-AA24-15DFC8B1CB83}) (Version: 2.11 - GIGABYTE)
7-Zip 9.22beta (HKLM-x32\...\7-Zip) (Version:  - )
Adobe Flash Player 14 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 14.0.0.179 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.09) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.09 - Adobe Systems Incorporated)
Advertising Center (x32 Version: 0.0.0.1 - Nero AG) Hidden
Apple Application Support (HKLM-x32\...\{AAC5D43E-816D-4C2D-8E51-55FFF35BE301}) (Version: 3.0.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{787136D2-F0F8-4625-AA3F-72D7795AC842}) (Version: 7.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{C6579A65-9CAE-4B31-8B6B-3306E0630A66}) (Version: 2.1.3.127 - Apple Inc.)
Application Verifier (x64) (HKLM\...\{89026002-A893-42D9-9E20-6829B844735E}) (Version: 4.1.1078 - Microsoft Corporation)
AutoGreen B10.1021.1 (HKLM-x32\...\InstallShield_{C75FAD21-EC08-42F3-92D6-C9C0AB355345}) (Version: 1.00.0000 - GIGABYTE)
AutoGreen B10.1021.1 (x32 Version: 1.00.0000 - GIGABYTE) Hidden
avast! Free Antivirus (HKLM-x32\...\Avast) (Version: 9.0.2021 - AVAST Software)
Bigasoft iPhone Ringtone Maker 1.7.0.3662 (HKLM-x32\...\{7D35FC6F-BEE0-41B7-8627-0B12FD1586A3}_is1) (Version:  - Bigasoft Corporation)
BIOSAgentPlus by eSupport.com (HKLM-x32\...\BIOSAgentPlus_is1) (Version:  - Copyright © 2013 eSupport.com, Inc • All Rights Reserved)
Bitcoin Armory (HKLM-x32\...\Bitcoin Armory) (Version: 0.92.1.0 - Armory Technologies Inc.)
BitSharesX (64-bit) v0.4.15-a (HKLM\...\68ad7005-8eee-49c9-95ce-9eed97e5b347_is1) (Version: v0.4.15-a - DACSunlimited)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
calibre (HKLM-x32\...\{36E0CAAD-D410-4CA8-9AC0-BBE2691B4A19}) (Version: 0.8.56 - Kovid Goyal)
CCleaner (HKLM\...\CCleaner) (Version: 4.12 - Piriform)
Citrix Access Gateway Endpoint Analysis (HKLM\...\{5BBA6259-71F9-4850-8936-FD9D23DF9BE8}) (Version: 9.1.102.8 - Citrix Systems, Inc.)
Citrix online plug-in - web (HKLM-x32\...\CitrixOnlinePluginPackWeb) (Version: 12.1.0.30 - Citrix Systems, Inc.)
Citrix online plug-in (DV) (x32 Version: 12.1.0.30 - Citrix Systems, Inc.) Hidden
Citrix online plug-in (HDX) (x32 Version: 12.1.0.30 - Citrix Systems, Inc.) Hidden
Citrix online plug-in (USB) (x32 Version: 12.1.0.30 - Citrix Systems, Inc.) Hidden
Citrix online plug-in (Web) (x32 Version: 12.1.0.30 - Citrix Systems, Inc.) Hidden
Cobian Backup 11 Gravity (HKLM-x32\...\CobBackup11) (Version:  - )
ConTEXT v0.98.6 (HKLM-x32\...\{73E0D3A0-9C30-4F59-ABBF-6233686FB396}_is1) (Version:  - ConTEXT Project Ltd)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{5971CA1F-6BDE-498F-952C-9F2BF94070A4}) (Version:  - Microsoft)
DES 2.0 (HKLM-x32\...\{675F86A8-E093-4002-87D5-915CC2C45571}) (Version: 1.00.0000 - Gigabyte)
DolbyFiles (x32 Version: 2.0 - Nero AG) Hidden
Easy Tune 6 B11.0323.1 (HKLM-x32\...\InstallShield_{457D7505-D665-4F95-91C3-ECB8C56E9ACA}) (Version: 1.00.0000 - GIGABYTE)
Easy Tune 6 B11.0323.1 (x32 Version: 1.00.0000 - GIGABYTE) Hidden
Evernote v. 5.6.4 (HKLM-x32\...\{DFDF0BE2-2D71-11E4-9454-00163E98E7D6}) (Version: 5.6.4.4632 - Evernote Corp.)
Facebook Messenger 2.1.4651.0 (HKLM-x32\...\{17D26CDD-B87C-412B-92F0-2D5DD4313522}) (Version: 2.1.4651.0 - Facebook)
GEAR driver installer for AMD64 and Intel EM64T (HKLM\...\{50CBBEC7-1010-41C5-8718-A1A6FEDD9C3A}) (Version: 2.003.1 - GEAR Software, Inc.)
GEPath 1.4.6 (HKLM-x32\...\ST6UNST #1) (Version:  - )
GHOST (HKLM-x32\...\{AC968B0F-024A-4323-BD6B-C2A85D183F34}) (Version: 1.00.0000 - GIGABYTE)
Google Chrome (HKCU\...\Google Chrome) (Version: 37.0.2062.120 - Google Inc.)
Google Drive (HKLM-x32\...\{C6640705-7479-4EE5-BC86-879F05F65E74}) (Version: 1.17.7290.4094 - Google, Inc.)
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
HWiNFO32 Version 4.30 (HKLM-x32\...\HWiNFO32_is1) (Version: 4.30 - Martin Malík - REALiX)
HWiNFO64 Version 4.32 (HKLM\...\HWiNFO64_is1) (Version: 4.32 - Martin Malík - REALiX)
iCloud (HKLM\...\{81E20D41-C277-4526-934D-F2380AF91B78}) (Version: 3.1.0.40 - Apple Inc.)
ImagXpress (x32 Version: 7.0.74.0 - Nero AG) Hidden
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.8.0.1016 - Intel Corporation)
Intel® Rapid Storage Technology (Version: 12.8.0.1016 - Intel Corporation) Hidden
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.37 - Irfan Skiljan)
ITbrain Agent (HKLM-x32\...\ITbrain Agent) (Version: 1.0.0 - TeamViewer)
ITbrain Agent (x32 Version: 1.0 - InstallAware Software Corporation) Hidden
ITbrain Agent (x32 Version: 1.0.0 - TeamViewer) Hidden
iTunes (HKLM\...\{B8BA155B-1E75-405F-9CB4-8A99615D09DC}) (Version: 11.1.5.5 - Apple Inc.)
Java SE Development Kit 8 Update 11 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180110}) (Version: 8.0.110 - Oracle Corporation)
K-Lite Codec Pack (64-bit) v4.7.0 (HKLM\...\KLiteCodecPack64_is1) (Version: 4.7.0 - )
LastPass (uninstall only) (HKLM-x32\...\LastPass) (Version:  - LastPass)
Litecoin (HKCU\...\Litecoin) (Version: 0.8.6.1 - Litecoin project)
Magic ISO Maker v5.5 (build 0281) (HKLM-x32\...\Magic ISO Maker v5.5 (build 0281)) (Version:  - )
Media Center Master (HKLM-x32\...\Media Center Master_is1) (Version: 2.07.14713.819 - Media Center Master, Inc.)
Memeo Instant Backup (HKLM-x32\...\{8E666407-AC41-46a2-9692-6C7BFCBFDD37}) (Version: 4.60.0.7923 - Memeo Inc.)
Menu Templates - Starter Kit (x32 Version: 9.4.2.0 - Nero AG) Hidden
Microsoft .NET Framework 1.1 (HKLM-x32\...\Microsoft .NET Framework 1.1  (1033)) (Version:  - )
Microsoft .NET Framework 1.1 (x32 Version: 1.1.4322 - Microsoft) Hidden
Microsoft .NET Framework 4 Multi-Targeting Pack (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Corporation (Version: 9.1.0.0 - Microsoft Corporation) Hidden
Microsoft Corporation (x32 Version: 9.1.0.0 - Microsoft Corporation) Hidden
Microsoft Help Viewer 1.0 (HKLM\...\Microsoft Help Viewer 1.0) (Version: 1.0.30319 - Microsoft Corporation)
Microsoft Help Viewer 1.0 (Version: 1.0.30319 - Microsoft Corporation) Hidden
Microsoft LifeCam (HKLM\...\{5CE7E3F5-9803-4F32-AA89-2D8848A80109}) (Version: 3.60.253.0 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-0030-0000-0000-0000000FF1CE}_ENTERPRISER_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden
Microsoft Office Access MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Access MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Access Setup Metadata MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Access Setup Metadata MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISER) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Groove MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Groove MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Groove Setup Metadata MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Project 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-003A-0000-0000-0000000FF1CE}_PRJSTDR_{8446EB22-A746-46DC-B1BD-E0DFA1F3CDDA}) (Version:  - Microsoft)
Microsoft Office Project 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden
Microsoft Office Project MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Project Standard 2007 (HKLM-x32\...\PRJSTDR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Project Standard 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden
Microsoft Office Publisher MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Visio 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-0051-0000-0000-0000000FF1CE}_VISPROR_{CE144BF4-4950-4CDB-A5F7-CCE1888F49CB}) (Version:  - Microsoft)
Microsoft Office Visio 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden
Microsoft Office Visio MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Visio Professional 2007 (HKLM-x32\...\VISPROR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Visio Professional 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Sync Framework 2.0 Core Components (x64) ENU  (HKLM\...\{8CCBEC22-D2DB-4DC9-A58A-E1A1F3A38C8A}) (Version: 2.0.1578.0 - Microsoft Corporation)
Microsoft Sync Framework 2.0 Provider Services (x64) ENU  (HKLM\...\{03AC245F-4C64-425C-89CF-7783C1D3AB2C}) (Version: 2.0.1578.0 - Microsoft Corporation)
Microsoft Visual C++  Compilers 2010 Standard - enu - x64 (HKLM\...\{88387B3B-B110-392F-B919-1A15B48F21D4}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Windows Performance Toolkit (HKLM\...\{E7F9E526-2324-437B-A609-E8C5309465CB}) (Version: 4.8.0 - Microsoft Corporation)
Microsoft Windows SDK .NET Framework Tools (30514) (Version: 7.1.30514 - Microsoft) Hidden
Microsoft Windows SDK for Visual Studio .NET 4.0 Framework Tools (Version: 7.1.30514 - Microsoft Corporation) Hidden
Microsoft Windows SDK for Windows 7 (7.1) (HKLM\...\SDKSetup_7.1.7600.0.30514) (Version: 7.1.7600.0.30514 - Microsoft Corporation)
Microsoft Windows SDK for Windows 7 (7.1) (Version: 7.1.30514 - Microsoft Corporation) Hidden
Microsoft Windows SDK for Windows 7 Common Utilities (30514) (Version: 7.1.30514 - Microsoft Corporation) Hidden
Microsoft Windows SDK for Windows 7 Headers and Libraries (30514) (Version: 7.1.30514 - Microsoft Corporation) Hidden
Microsoft Windows SDK for Windows 7 Samples (30514) (Version: 7.1.30514 - Microsoft Corporation) Hidden
Microsoft Windows SDK for Windows 7 Utilities for Win32 Development (30514) (Version: 7.1.30514 - Microsoft Corporation) Hidden
Microsoft Windows SDK Intellisense and Reference Assemblies (30514) (Version: 7.1.30514 - Microsoft Corporation) Hidden
Microsoft Windows SDK MSHelp (30514) (Version: 7.1.30514 - Microsoft Corporation) Hidden
Microsoft Windows SDK Net Fx Interop Headers And Libraries (30514) (Version: 7.1.30514 - Microsoft Corporation) Hidden
Mozilla Firefox 32.0.2 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 32.0.2 (x86 en-US)) (Version: 32.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
MP3 Skype Recorder (HKLM-x32\...\{CB606F47-7D0E-40DF-95BB-0E5413A1295F}) (Version: 3.1.3 - Alexander Nikiforov)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MultiBit 0.5.17 (HKLM-x32\...\MultiBit 0.5.17) (Version: 0.5.17 - )
Nero 9 (HKLM-x32\...\{5ccee852-29b8-4581-8199-7c849f274824}) (Version:  - Nero AG)
Nero ControlCenter (x32 Version: 9.0.0.1 - Nero AG) Hidden
Nero Installer (x32 Version: 4.4.8.1 - Nero AG) Hidden
NeroExpress (x32 Version: 9.4.13.100 - Nero AG) Hidden
NetBeans IDE 8.0 (HKLM\...\nbi-nb-base-8.0.0.0.201403101706) (Version: 8.0 - NetBeans.org)
Notepad X v 2.1.2 (HKLM-x32\...\{1896A2A1-982C-49E8-A63F-A13EC4121E78}_is1) (Version: 2.1.2 - Notepad X)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.5.5 - Notepad++ Team)
Notepad2 (Notepad Replacement) (HKLM\...\Notepad2) (Version: 4.2.25  - Florian Balmer)
NVIDIA 3D Vision Controller Driver 340.50 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 340.50 - NVIDIA Corporation)
NVIDIA 3D Vision Driver 340.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 340.52 - NVIDIA Corporation)
NVIDIA Control Panel 340.52 (Version: 340.52 - NVIDIA Corporation) Hidden
NVIDIA CUDA Documentation 5.5 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_CUDADocumentation_5.5) (Version: 5.5 - NVIDIA Corporation)
NVIDIA GeForce Experience 1.8.2 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 1.8.2 - NVIDIA Corporation)
NVIDIA Graphics Driver 340.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 340.52 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.30.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.30.1 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.157.1165 - NVIDIA Corporation) Hidden
NVIDIA LED Visualizer 1.0 (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA Network Service (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.13.1220 - NVIDIA Corporation) Hidden
NVIDIA PhysX System Software 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)
NVIDIA ShadowPlay 11.10.11 (Version: 11.10.11 - NVIDIA Corporation) Hidden
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.12.6514 - NVIDIA Corporation) Hidden
NVIDIA Update 11.10.11 (Version: 11.10.11 - NVIDIA Corporation) Hidden
NVIDIA Update Core (Version: 11.10.11 - NVIDIA Corporation) Hidden
NVIDIA Virtual Audio 1.2.20 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver) (Version: 1.2.20 - NVIDIA Corporation)
Office Tab (HKLM-x32\...\{FB75BC84-DC75-485D-9F00-1D342085FD03}) (Version: 6.00 - Detong Technology Ltd.)
ON_OFF Charge B11.0110.1 (HKLM-x32\...\{3DECD372-76A1-4483-BF10-B547790A3261}) (Version: 1.00.0001 - GIGABYTE)
OpenSSL 1.0.1i Light (64-bit) (HKLM\...\OpenSSL Light (64-bit)_is1) (Version:  - OpenSSL Win64 Installer Team)
OpenVPN 2.3.4-I603  (HKLM\...\OpenVPN) (Version: 2.3.4-I603 - )
paint.net 4.0 Pre-Release (HKLM\...\{3F5F509B-E226-417C-8CD1-CAAE756C328A}) (Version: 4.0.0 - dotPDN LLC)
Pastebin Desktop (HKLM-x32\...\Pastebin Desktop) (Version:  - )
PlayMemories Home (HKLM-x32\...\{1E5C7043-09C5-4974-A69F-A5271FD82BBC}) (Version: 7.0.00.11271 - Sony Corporation)
PokerStars (HKLM-x32\...\PokerStars) (Version:  - PokerStars)
PyQt GPL v4.11.2 for Python v3.4 (x64) (HKLM\...\PyQt GPL v4.11.2 for Python v3.4 (x64)) (Version: 4.11.2 - )
Python 3.4.0 (64-bit) (HKLM\...\{863162a8-ecc2-35ea-bdf7-e09ac456e164}) (Version: 3.4.150 - Python Software Foundation)
QuickTime (HKLM-x32\...\{B67BAFBA-4C9F-48FA-9496-933E3B255044}) (Version: 7.74.80.86 - Apple Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.61.612.2012 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6449 - Realtek Semiconductor Corp.)
Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.0.30.0 - Renesas Electronics Corporation)
Renesas Electronics USB 3.0 Host Controller Driver (x32 Version: 2.0.30.0 - Renesas Electronics Corporation) Hidden
Send To Toys v2.7 (HKLM\...\Send To Toys_is1) (Version:  - Gabriele Ponti)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (x32 Version:  - Microsoft) Hidden
SHIELD Streaming (Version: 1.7.306 - NVIDIA Corporation) Hidden
Skype Click to Call (HKLM-x32\...\{B6CF2967-C81E-40C0-9815-C05774FEF120}) (Version: 5.6.8442 - Skype Technologies S.A.)
Skype™ 6.14 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.14.104 - Skype Technologies S.A.)
Smart 6 B10.1221.1 (HKLM-x32\...\{3B35725F-C623-4A1E-B5CC-99C0868679E3}) (Version: 1.00.0000 - GIGABYTE)
SoulseekQt (HKLM-x32\...\SoulseekQt) (Version:  - )
SuperCopy 0.61 (HKLM-x32\...\SuperCopy) (Version: 0.61 - Nathanael Jones)
SyncToy 2.1 (x64) (HKLM\...\{88DAAF05-5A72-46D2-A7C5-C3759697E943}) (Version: 2.1.0 - Microsoft)
SynWrite version 6.3.540 (HKLM-x32\...\SynWrite_is1) (Version: 6.3.540 - UVViewSoft)
TAP-Windows 9.21.0 (HKLM\...\TAP-Windows) (Version: 9.21.0 - )
TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.32494 - TeamViewer)
The Ultimate Troubleshooter (HKLM-x32\...\The Ultimate Troubleshooter) (Version:  - AnswersThatWork.com)
The Walking Dead 400 Days (HKLM-x32\...\VGhlV2Fsa2luZ0RlYWQ=_is1) (Version: 1 - )
TotalAudioConverter (HKLM-x32\...\Total Audio Converter_is1) (Version:  - Helmsman, Inc.)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-0030-0000-0000-0000000FF1CE}_ENTERPRISER_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-003A-0000-0000-0000000FF1CE}_PRJSTDR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-0051-0000-0000-0000000FF1CE}_VISPROR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{B4A38370-2ADB-46B0-A1B0-0C4A2F7DCA31}) (Version:  - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2837594) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{D3C85176-ACCC-4AF0-817D-1BC803303B74}) (Version:  - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2837594) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUS_{D3C85176-ACCC-4AF0-817D-1BC803303B74}) (Version:  - Microsoft)
Update for Microsoft InfoPath 2010 (KB2817369) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{4EEA3D3E-989C-4DF4-AB0A-3042C0C12AA3}) (Version:  - Microsoft)
Update for Microsoft InfoPath 2010 (KB2817396) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{39767ECA-1731-45DB-AB5B-6BF40E151D66}) (Version:  - Microsoft)
Update for Microsoft Office 2007 Help for Common Features (KB963673) (HKLM-x32\...\{90120000-006E-0409-0000-0000000FF1CE}_ENTERPRISER_{AB365889-0395-4FAD-B702-CA5985D53D42}) (Version:  - Microsoft)
Update for Microsoft Office 2007 Help for Common Features (KB963673) (HKLM-x32\...\{90120000-006E-0409-0000-0000000FF1CE}_PRJSTDR_{AB365889-0395-4FAD-B702-CA5985D53D42}) (Version:  - Microsoft)
Update for Microsoft Office 2007 Help for Common Features (KB963673) (HKLM-x32\...\{90120000-006E-0409-0000-0000000FF1CE}_VISPROR_{AB365889-0395-4FAD-B702-CA5985D53D42}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (HKLM-x32\...\{91120000-0030-0000-0000-0000000FF1CE}_ENTERPRISER_{A024FC7B-77DE-45DE-A058-1C049A17BFB3}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (HKLM-x32\...\{91120000-003A-0000-0000-0000000FF1CE}_PRJSTDR_{A024FC7B-77DE-45DE-A058-1C049A17BFB3}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (HKLM-x32\...\{91120000-0051-0000-0000-0000000FF1CE}_VISPROR_{A024FC7B-77DE-45DE-A058-1C049A17BFB3}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISER_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-002A-0000-1000-0000000FF1CE}_PRJSTDR_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-002A-0000-1000-0000000FF1CE}_VISPROR_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{91120000-0030-0000-0000-0000000FF1CE}_ENTERPRISER_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{91120000-003A-0000-0000-0000000FF1CE}_PRJSTDR_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{91120000-0051-0000-0000-0000000FF1CE}_VISPROR_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (HKLM-x32\...\{91120000-0030-0000-0000-0000000FF1CE}_ENTERPRISER_{E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (HKLM-x32\...\{91120000-003A-0000-0000-0000000FF1CE}_PRJSTDR_{E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (HKLM-x32\...\{91120000-0051-0000-0000-0000000FF1CE}_VISPROR_{E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{DADF7E25-FFA4-4D02-BE84-1DAE62C18516}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUS_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{287A1E92-9E41-4BC1-8920-B3D0E9220800}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{9D69691D-823D-4C3E-9B12-563A3F520366}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2687502) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0409-0000-0000000FF1CE}_Office14.PROPLUS_{7DE7DF97-82FE-4B3A-AB8D-1621F9CC464A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUS_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{5AA578BB-759C-40FD-9661-A737C0884541}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2825640) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{BA610006-2C39-4419-9834-CF61AB24810A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2837606) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{B0D672F7-883E-4279-8E75-D97A5445AB46}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2878225) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{EFF5EBA3-40AD-4859-85E7-3C1CF4F297EB}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2881028) 32-Bit Edition (HKLM-x32\...\{90140000-001F-040C-0000-0000000FF1CE}_Office14.PROPLUS_{089DBFD7-8211-43B2-AAAE-5BDD8C23E3A8}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2881028) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0C0A-0000-0000000FF1CE}_Office14.PROPLUS_{794A0574-4E2F-4D58-B2A0-D7460ACDC85C}) (Version:  - Microsoft)
Update for Microsoft Office Access 2007 Help (KB963663) (HKLM-x32\...\{90120000-0015-0409-0000-0000000FF1CE}_ENTERPRISER_{6B76A18A-AA1E-42AB-A7AD-6C84BBB43987}) (Version:  - Microsoft)
Update for Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0409-0000-0000000FF1CE}_ENTERPRISER_{199DF7B6-169C-448C-B511-1054101BE9C9}) (Version:  - Microsoft)
Update for Microsoft Office Infopath 2007 Help (KB963662) (HKLM-x32\...\{90120000-0044-0409-0000-0000000FF1CE}_ENTERPRISER_{716B81B8-B13C-41DF-8EAC-7A2F656CAB63}) (Version:  - Microsoft)
Update for Microsoft Office OneNote 2007 Help (KB963670) (HKLM-x32\...\{90120000-00A1-0409-0000-0000000FF1CE}_ENTERPRISER_{2744EF05-38E1-4D5D-B333-E021EDAEA245}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition (HKLM-x32\...\{90120000-001A-0409-0000-0000000FF1CE}_ENTERPRISER_{ED38F8A3-4F61-494E-8BCA-E3AC7760C924}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2863811) 32-Bit Edition (HKLM-x32\...\{91120000-0030-0000-0000-0000000FF1CE}_ENTERPRISER_{53DEC068-4690-4F6B-9946-7D21EF02236B}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 Help (KB963677) (HKLM-x32\...\{90120000-001A-0409-0000-0000000FF1CE}_ENTERPRISER_{0451F231-E3E3-4943-AB9F-58EB96171784}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2889914) 32-Bit Edition (HKLM-x32\...\{91120000-0030-0000-0000-0000000FF1CE}_ENTERPRISER_{F3F83933-75FC-4B60-84F2-3F8FA63D042E}) (Version:  - Microsoft)
Update for Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0409-0000-0000000FF1CE}_ENTERPRISER_{397B1D4F-ED7B-4ACA-A637-43B670843876}) (Version:  - Microsoft)
Update for Microsoft Office Project 2007 Help (KB963668) (HKLM-x32\...\{90120000-00B4-0409-0000-0000000FF1CE}_PRJSTDR_{1DF07773-4289-4998-BC2C-83539AD85C50}) (Version:  - Microsoft)
Update for Microsoft Office Publisher 2007 Help (KB963667) (HKLM-x32\...\{90120000-0019-0409-0000-0000000FF1CE}_ENTERPRISER_{2E40DE55-B289-4C8B-8901-5D369B16814F}) (Version:  - Microsoft)
Update for Microsoft Office Script Editor Help (KB963671) (HKLM-x32\...\{90120000-006E-0409-0000-0000000FF1CE}_ENTERPRISER_{CD11C6A2-FFC6-4271-8EAB-79C3582F505C}) (Version:  - Microsoft)
Update for Microsoft Office Script Editor Help (KB963671) (HKLM-x32\...\{90120000-006E-0409-0000-0000000FF1CE}_PRJSTDR_{CD11C6A2-FFC6-4271-8EAB-79C3582F505C}) (Version:  - Microsoft)
Update for Microsoft Office Script Editor Help (KB963671) (HKLM-x32\...\{90120000-006E-0409-0000-0000000FF1CE}_VISPROR_{CD11C6A2-FFC6-4271-8EAB-79C3582F505C}) (Version:  - Microsoft)
Update for Microsoft Office Visio 2007 Help (KB963666) (HKLM-x32\...\{90120000-0054-0409-0000-0000000FF1CE}_VISPROR_{D2C4ACC9-12F5-4E1C-81A8-5DC878AC6278}) (Version:  - Microsoft)
Update for Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0409-0000-0000000FF1CE}_ENTERPRISER_{80E762AA-C921-4839-9D7D-DB62A72C0726}) (Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUS_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version:  - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{2AB483F1-C86E-427A-83B4-23889B03512D}) (Version:  - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM-x32\...\{90140000-001A-0409-0000-0000000FF1CE}_Office14.PROPLUS_{DCE104A1-1875-4469-A83D-A5BFA6C4640F}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{2BA40F82-F3A4-441C-BF1A-ED4C42FF4872}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition (HKLM-x32\...\{90140000-0018-0409-0000-0000000FF1CE}_Office14.PROPLUS_{334AA0A1-2BB1-4D74-B66A-2B2C4D9C2C87}) (Version:  - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{F9F5A080-AF38-4966-9A6B-C43DCA465035}) (Version:  - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUS_{F9F5A080-AF38-4966-9A6B-C43DCA465035}) (Version:  - Microsoft)
Update for Microsoft Visio 2010 (KB2553444) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{799005D3-9B70-4219-AFE0-BC479614CC4D}) (Version:  - Microsoft)
Update for Microsoft Visio Viewer 2010 (KB2810066) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{8C55AA83-54C2-4236-A622-78440A411DC5}) (Version:  - Microsoft)
Update for Microsoft Word 2010 (KB2880529) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{B9B89E01-5B6B-4F73-BC34-B2C0D8ACB4CD}) (Version:  - Microsoft)
Vim 7.3 (self-installing) (HKLM\...\Vim 7.3) (Version:  - )
VirtualDJ Home FREE (HKLM-x32\...\{A6AC699F-8315-40CA-8F70-E917494978AB}) (Version: 7.4 - Atomix Productions)
VirtualDJ PRO Full (HKLM-x32\...\{311545C7-3432-4EB3-9229-D5E8DB10AE8A}) (Version: 7.2 - Atomix Productions)
Visual C++ 9.0 CRT (x86) WinSXS MSM (x32 Version: 9.0 - Microsoft Corporation) Hidden
Visual C++ 9.0 OpenMP (x86) WinSXS MSM (x32 Version: 9.0 - Microsoft Corporation) Hidden
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
VLC media player 2.1.3 (HKLM-x32\...\VLC media player) (Version: 2.1.3 - VideoLAN)
WinAVI Video Converter (HKLM-x32\...\WinAVI Video Converter 10.1_is1) (Version:  - ZJ Computing,Inc.)
Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Device Integrator (HKLM-x32\...\WindowsLiveDeviceIntegrator) (Version: 1.0.104.0 - Microsoft Corporation)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3555.0308 - Microsoft Corporation) Hidden
Windows Live Messenger (x32 Version: 15.4.3538.0513 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows SDK IntellisenseNFX (x32 Version: 7.1.30514 - Microsoft) Hidden
WinRAR 5.00 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.00.0 - win.rar GmbH)
Winrar Activator version 1.2 (HKLM-x32\...\{AE0B3F2A-EB65-4D01-A3E1-6D879C6AAF2A}_is1) (Version: 1.2 - Rarlab)
WinRAR archiver (HKLM-x32\...\WinRAR archiver) (Version:  - )
WinX DVD Ripper Platinum 7.0.0 (HKLM-x32\...\WinX DVD Ripper Platinum_is1) (Version:  - Digiarty Software, Inc.)
WinX HD Video Converter Deluxe 3.12.5 (HKLM-x32\...\WinX HD Video Converter Deluxe_is1) (Version:  - Digiarty Software,Inc.)
XviD & MP3 Codec Pack (remove only) (HKLM-x32\...\XviD & MP3 Codec Pack_is1) (Version:  - )
XviD MPEG-4 Video Codec (HKLM-x32\...\XviD_is1) (Version: XviD-1.0.3-20122004 - XviD Team (Koepi))

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-225003192-1978909567-2472267684-1019_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\sim\AppData\Roaming\Dropbox\bin\Dropbox.exe /autoplay No File
CustomCLSID: HKU\S-1-5-21-225003192-1978909567-2472267684-1019_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\sim\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-225003192-1978909567-2472267684-1019_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\sim\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll (Google Inc.)

==================== Restore Points  =========================

20-09-2014 15:45:55 Windows Backup
21-09-2014 05:49:50 sept21_pre_may_rollback
21-09-2014 12:04:46 pre_may
21-09-2014 17:58:16 Device Driver Package Install: TAP-Windows Provider V9 Network adapters
21-09-2014 20:23:21 Installed Evernote v. 5.6.4

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 12:34 - 2014-09-03 21:27 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1       localhost

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {0B64BA62-0F05-4E18-AB53-32EA8522F5F9} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\Windows\ehome\ehrec.exe
Task: {15EF524C-CCA3-463B-AE61-740B74825E05} - System32\Tasks\{390DDF28-E98A-48A6-BA76-04AB6262AD91} => C:\Program Files (x86)\Skype\Phone\Skype.exe [2014-02-10] (Skype Technologies S.A.)
Task: {1831FC8C-2119-43F0-AC83-1C12C197CDE5} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-225003192-1978909567-2472267684-1000Core => C:\Users\Mathew\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: {20528055-CE3A-4844-B396-2B03E4303CB9} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-02-06] (Google Inc.)
Task: {2B5C85A9-9F02-408C-9AFC-94C04878BFCF} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-03-19] (Piriform Ltd)
Task: {45D4EDFA-6E95-43B9-AD1C-BB00BE766339} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-225003192-1978909567-2472267684-1000UA => C:\Users\Mathew\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: {49D6539E-AFE4-4464-9F85-9D37FBF95752} - System32\Tasks\Auto Shutdown at Midday => C:\Windows\System32\shutdown.exe [2009-07-14] (Microsoft Corporation)
Task: {536267F2-E1EC-4D6E-8413-2E9357DD36BF} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {6274CAA1-713D-4005-917E-B1FB389DA483} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\Windows\ehome\mcupdate.exe
Task: {72E31062-05AB-43D5-9F64-F251D92BD12E} - System32\Tasks\InstallShield Software online update program => C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe [2005-02-17] (InstallShield Software Corporation)
Task: {76D4B7B6-9D30-4211-ACFD-2418FED3897E} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-08-26] (AVAST Software)
Task: {78CC8190-A3F4-443D-AA03-607BACD655F1} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-225003192-1978909567-2472267684-1019UA => C:\Users\sim\AppData\Local\Google\Update\GoogleUpdate.exe [2014-08-26] (Google Inc.)
Task: {7DD6468F-E96E-44C6-A629-8CD5A3AE3EBB} - System32\Tasks\SidebarExecute => C:\Program Files (x86)\Windows Sidebar\sidebar.exe [2010-11-20] (Microsoft Corporation)
Task: {812B7EFA-B140-4510-9221-6A82B33025EE} - System32\Tasks\InstallShield Software update service => C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe [2005-02-17] (InstallShield Software Corporation)
Task: {8333AA6F-3990-4E18-B692-F4E1354F6E92} - System32\Tasks\wakeup => C:\Users\sim\Desktop\wakeup.bat
Task: {87A6AF07-91C5-4384-AF06-397F87C22901} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-02-06] (Google Inc.)
Task: {91C9D236-54AD-4D7F-8829-363E2576B1E2} - System32\Tasks\AutoKMS => C:\AutoKMS\AutoKMS.exe
Task: {D7549726-F06D-431D-8043-0195718F4D24} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-225003192-1978909567-2472267684-1019Core => C:\Users\sim\AppData\Local\Google\Update\GoogleUpdate.exe [2014-08-26] (Google Inc.)
Task: {DD511F0E-8E2A-4485-8224-6F8A1ED55311} - System32\Tasks\Auto Shutdown of computer => C:\Windows\System32\shutdown.exe [2009-07-14] (Microsoft Corporation)
Task: {F4CEC84A-9DC3-4208-9EE8-AF413F7351F2} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-225003192-1978909567-2472267684-1019Core.job => C:\Users\sim\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-225003192-1978909567-2472267684-1019UA.job => C:\Users\sim\AppData\Local\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2014-01-02 09:47 - 2014-07-03 04:55 - 00116568 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2013-09-04 23:17 - 2013-09-04 23:17 - 04300456 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2010-10-20 14:23 - 2010-10-20 14:23 - 08801632 _____ () C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll
2011-07-18 19:38 - 2009-12-01 14:13 - 00035880 _____ () C:\Program Files (x86)\GIGABYTE\smart6\dbios\SDBMSG.exe
2011-07-18 19:38 - 2011-07-18 19:38 - 00008704 _____ () C:\Windows\assembly\GAC_64\GBHO\1.0.0.0__709f1911357dc329\GBHO.dll
2012-06-19 01:24 - 2012-06-19 01:24 - 00222720 _____ () C:\Program Files (x86)\Notepad++\NppShell_05.dll
2014-08-26 22:12 - 2014-08-26 22:12 - 00301152 _____ () C:\Program Files\AVAST Software\Avast\aswProperty.dll
2014-09-22 06:54 - 2014-09-22 06:54 - 02864640 _____ () C:\Program Files\AVAST Software\Avast\defs\14092101\algo.dll
2014-02-05 23:52 - 2014-02-05 23:52 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-02-05 23:52 - 2014-02-05 23:52 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2011-07-18 19:38 - 2009-06-10 16:28 - 00106496 _____ () C:\Program Files (x86)\GIGABYTE\smart6\dbios\DBIOS.dll
2014-08-26 22:12 - 2014-08-26 22:12 - 19329904 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2014-08-26 16:47 - 2014-08-26 16:47 - 00436576 _____ () C:\Program Files (x86)\Evernote\Evernote\libxml2.dll
2014-08-26 16:47 - 2014-08-26 16:47 - 00318304 _____ () C:\Program Files (x86)\Evernote\Evernote\libtidy.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\ProgramData\TEMP:58A5270D
AlternateDataStreams: C:\ProgramData\TEMP:992566D9
AlternateDataStreams: C:\ProgramData\TEMP:A5C00DEE
AlternateDataStreams: C:\ProgramData\TEMP:D2F2F703
AlternateDataStreams: C:\ProgramData\TEMP:EB2C187A
AlternateDataStreams: C:\ProgramData\TEMP:FB1B13D8

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\44545534.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\44545534.sys => ""="Driver"

==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3
MSCONFIG\Services: Apple Mobile Device => 2
MSCONFIG\Services: Bonjour Service => 2
MSCONFIG\Services: DES2 Service => 2
MSCONFIG\Services: iPod Service => 3
MSCONFIG\Services: SkypeUpdate => 2
MSCONFIG\startupfolder: C:^Users^sim^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^click.to.lnk => C:\Windows\pss\click.to.lnk.Startup
MSCONFIG\startupfolder: C:^Users^sim^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OneNote 2010 Screen Clipper and Launcher.lnk => C:\Windows\pss\OneNote 2010 Screen Clipper and Launcher.lnk.Startup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: AppleIEDAV => C:\Program Files (x86)\Common Files\Apple\Internet Services\AppleIEDAV.exe
MSCONFIG\startupreg: ApplePhotoStreams => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: BCSSync => "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
MSCONFIG\startupreg: DU Meter => "C:\Program Files (x86)\DU Meter\DUMeter.exe" /autostart
MSCONFIG\startupreg: GoogleChromeAutoLaunch_1EA426539D00D0726F5EBAA2CD8B5E27 => "C:\Users\Joshua\AppData\Local\Google\Chrome\Application\chrome.exe" --no-startup-window
MSCONFIG\startupreg: iCloudServices => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: Memeo Instant Backup => C:\Program Files (x86)\Memeo\AutoBackup\MemeoLauncher2.exe --silent --no_ui
MSCONFIG\startupreg: msnmsgr => "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
MSCONFIG\startupreg: NvBackend => "C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
MSCONFIG\startupreg: Nvtmru => "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe"
MSCONFIG\startupreg: PMBVolumeWatcher => C:\Program Files (x86)\Sony\PlayMemories Home\PMBVolumeWatcher.exe
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: RTHDVCPL => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
MSCONFIG\startupreg: ShadowPlay => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files\Java\jre8\bin\jusched.exe"
MSCONFIG\startupreg: uTorrent => "C:\Users\sim\AppData\Roaming\uTorrent\uTorrent.exe"  /MINIMIZED
MSCONFIG\startupreg: WindowsLiveDeviceIntegrator => C:\Program Files (x86)\Windows Live\Device Integrator\wldi.exe

==================== Faulty Device Manager Devices =============

Name: Realtek PCIe GBE Family Controller
Description: Realtek PCIe GBE Family Controller
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Realtek
Service: RTL8167
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Microsoft Virtual WiFi Miniport Adapter #6
Description: Microsoft Virtual WiFi Miniport Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: vwifimp
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: VirtualBox Host-Only Ethernet Adapter
Description: VirtualBox Host-Only Ethernet Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Oracle Corporation
Service: VBoxNetAdp
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (09/22/2014 06:37:29 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (09/21/2014 11:22:29 PM) (Source: Windows Search Service) (EventID: 7042) (User: )
Description: The Windows Search Service is being stopped because there is a problem with the indexer: The catalog is corrupt.


Details:
    The content index catalog is corrupt.   0xc0041801 (0xc0041801)

Error: (09/21/2014 11:22:29 PM) (Source: Windows Search Service) (EventID: 7040) (User: )
Description: The search service has detected corrupted data files in the index {id=2350}. The service will attempt to automatically correct this problem by rebuilding the index.


Details:
    The content index catalog is corrupt.   0xc0041801 (0xc0041801)

Error: (09/21/2014 09:56:35 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (09/21/2014 03:27:10 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: SendToAdd.exe, version: 0.0.0.0, time stamp: 0x5006ed1a
Faulting module name: ntdll.dll, version: 6.1.7601.18247, time stamp: 0x521eaf24
Exception code: 0xc0000005
Fault offset: 0x000000000005320e
Faulting process id: 0x108c
Faulting application start time: 0xSendToAdd.exe0
Faulting application path: SendToAdd.exe1
Faulting module path: SendToAdd.exe2
Report Id: SendToAdd.exe3

Error: (09/21/2014 04:55:26 AM) (Source: SideBySide) (EventID: 75) (User: )
Description: Activation context generation failed for "1".Error in manifest or policy file "2" on line 3.
Multiple requestedPrivileges elements are not allowed in manifest.

Error: (09/21/2014 01:40:41 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: bitcoin-qt.exe, version: 0.9.2.1, time stamp: 0x51a93980
Faulting module name: bitcoin-qt.exe, version: 0.9.2.1, time stamp: 0x51a93980
Exception code: 0x40000015
Fault offset: 0x0000000000f0d720
Faulting process id: 0x1ad8
Faulting application start time: 0xbitcoin-qt.exe0
Faulting application path: bitcoin-qt.exe1
Faulting module path: bitcoin-qt.exe2
Report Id: bitcoin-qt.exe3

Error: (09/21/2014 01:10:55 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Set6881.tmp, version: 11.0.0.28844, time stamp: 0x4250bcf6
Faulting module name: Set6881.tmp, version: 11.0.0.28844, time stamp: 0x4250bcf6
Exception code: 0xc0000005
Fault offset: 0x0000742e
Faulting process id: 0x128c
Faulting application start time: 0xSet6881.tmp0
Faulting application path: Set6881.tmp1
Faulting module path: Set6881.tmp2
Report Id: Set6881.tmp3

Error: (09/20/2014 00:08:00 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: bitcoin-qt.exe, version: 0.9.2.1, time stamp: 0x51a93980
Faulting module name: ntdll.dll, version: 6.1.7601.18247, time stamp: 0x521eaf24
Exception code: 0xc0000374
Fault offset: 0x00000000000c4102
Faulting process id: 0xb30
Faulting application start time: 0xbitcoin-qt.exe0
Faulting application path: bitcoin-qt.exe1
Faulting module path: bitcoin-qt.exe2
Report Id: bitcoin-qt.exe3

Error: (09/20/2014 05:31:07 AM) (Source: SideBySide) (EventID: 75) (User: )
Description: Activation context generation failed for "1".Error in manifest or policy file "2" on line 3.
Multiple requestedPrivileges elements are not allowed in manifest.


System errors:
=============
Error: (09/22/2014 11:32:43 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Diagnostic Service Host service failed to start due to the following error:
%%1297

Error: (09/22/2014 11:32:41 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Diagnostic Service Host service failed to start due to the following error:
%%1297

Error: (09/22/2014 11:32:41 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Diagnostic Service Host service failed to start due to the following error:
%%1297

Error: (09/22/2014 11:32:41 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Diagnostic Service Host service failed to start due to the following error:
%%1297

Error: (09/22/2014 11:32:41 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Diagnostic Service Host service failed to start due to the following error:
%%1297

Error: (09/22/2014 11:32:41 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Diagnostic Service Host service failed to start due to the following error:
%%1297

Error: (09/22/2014 11:32:41 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Diagnostic Service Host service failed to start due to the following error:
%%1297

Error: (09/22/2014 11:32:41 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Diagnostic Service Host service failed to start due to the following error:
%%1297

Error: (09/22/2014 11:32:41 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Diagnostic Service Host service failed to start due to the following error:
%%1297

Error: (09/22/2014 11:32:39 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Diagnostic Service Host service failed to start due to the following error:
%%1297


Microsoft Office Sessions:
=========================
Error: (08/22/2014 01:34:44 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.6695.5000, Microsoft Office Version: 12.0.6612.1000. This session lasted 26 seconds with 0 seconds of active time.  This session ended with a crash.


CodeIntegrity Errors:
===================================
  Date: 2014-09-09 22:11:33.447
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\NirSoftOpenedFilesDriver.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2014-09-09 22:11:33.322
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\NirSoftOpenedFilesDriver.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2014-09-09 22:11:24.087
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\NirSoftOpenedFilesDriver.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2014-09-09 22:11:23.962
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\NirSoftOpenedFilesDriver.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2014-09-09 17:26:47.570
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\apps\SysinternalsSuite\PORTMSYS.SYS because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2014-09-09 17:26:47.429
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\apps\SysinternalsSuite\PORTMSYS.SYS because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2014-09-05 14:28:08.112
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\apps\SysinternalsSuite\PORTMSYS.SYS because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2014-09-05 14:28:08.003
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\apps\SysinternalsSuite\PORTMSYS.SYS because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2014-09-03 21:25:55.659
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2014-09-03 21:25:55.566
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.


==================== Memory info ===========================

Processor: Intel® Core™ i7-2600K CPU @ 3.40GHz
Percentage of memory in use: 16%
Total physical RAM: 16367.3 MB
Available physical RAM: 13622.32 MB
Total Pagefile: 32732.79 MB
Available Pagefile: 29995.93 MB
Total Virtual: 8192 MB
Available Virtual: 8191.8 MB

==================== Drives ================================

Drive c: © (Fixed) (Total:111.69 GB) (Free:6.34 GB) NTFS
Drive d: (1.5Tb) (Fixed) (Total:1397.26 GB) (Free:320.86 GB) NTFS
Drive e: (CRYPTO) (Fixed) (Total:1863.01 GB) (Free:1666.28 GB) NTFS
Drive f: (Repair disc Windows 7 64-bit) (CDROM) (Total:0.16 GB) (Free:0 GB) UDF
Drive k: (CRYPTO) (Fixed) (Total:1863.01 GB) (Free:1666.28 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 111.8 GB) (Disk ID: 85DA5D24)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=111.7 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: F5F19257)
Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS)

========================================================
Disk: 2 (Size: 1397.3 GB) (Disk ID: 2DDAD32F)
Partition 1: (Not Active) - (Size=1397.3 GB) - (Type=07 NTFS)

==================== End Of Log ============================



#7 nasdaq

nasdaq

  • Malware Response Team
  • 38,238 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:03:37 PM

Posted 22 September 2014 - 07:39 AM


Open notepad (Start =>All Programs => Accessories => Notepad). Please copy the entire contents of the code box below.
 
start

HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [kbdsprt] => [X]
IFEO\notepad.exe: [Debugger] "C:\Program Files\Notepad2\Notepad2.exe" /z
ShortcutTarget: Dropbox.lnk -> C:\Users\sim\AppData\Roaming\Dropbox\bin\Dropbox.exe (No File)
GroupPolicyUsers\S-1-5-21-225003192-1978909567-2472267684-1026\User: Group Policy restriction detected <======= ATTENTION
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} -  No File
Filter: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File
Filter: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File
Filter: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File
Filter: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File
Filter: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File
Filter: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File
Filter: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File
Filter: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File
Filter: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File
Filter: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File
Filter: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File
Filter: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File
Filter: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File
Filter: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File
Filter: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File
Filter: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} -  No File
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
CHR Extension: (Awesome New Tab Pageâ¢) - C:\Users\sim\AppData\Local\Google\Chrome\User Data\Profile 1.BAK\Extensions\mgmiemnjjchgkmgbeljfocdjjnpjnmcg [2014-01-01]
S4 AdobeFlashPlayerUpdateSvc; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [X]
S2 IAStorDataMgrSvc; "C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe" [X]
S2 MDM; "C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe" [X]
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 DUMeterDrv; \??\C:\Program Files (x86)\DU Meter\DUMETR64.SYS [X]
S3 MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [X]
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VBoxNetFlt; system32\DRIVERS\VBoxNetFlt.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
C:\Users\sim\bitcoind.exe
C:\Users\sim\dec256b.bat
C:\Users\sim\dec256d.bat
C:\Users\sim\dec256E.bat
C:\Users\sim\dec256f.bat
C:\Users\sim\toree.bat
AlternateDataStreams: C:\ProgramData\TEMP:58A5270D
AlternateDataStreams: C:\ProgramData\TEMP:992566D9
AlternateDataStreams: C:\ProgramData\TEMP:A5C00DEE
AlternateDataStreams: C:\ProgramData\TEMP:D2F2F703
AlternateDataStreams: C:\ProgramData\TEMP:EB2C187A
AlternateDataStreams: C:\ProgramData\TEMP:FB1B13D8

End
Save the files as fixlist.txt into the same folder as FRST

Run FRST and click Fix only once and wait.

Restart the computer normally to reset the registry.

The tool will create a log (Fixlog.txt) please post it to your reply.

==

Download Security Check by screen317 from here.
  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • A Notepad document should open automatically called checkup.txt; please post the contents of that document.
p.s.
If the SecurityCheck program fails to run for any reason, run it as an Administrator.

If the site is busy or not available use this mirror site:
http://www.bleepingcomputer.com/download/securitycheck/
==

How is the computer running now?

p.s. Do you intent to keep all the BAK Chrome extentions?

#8 nasdaq

nasdaq

  • Malware Response Team
  • 38,238 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:03:37 PM

Posted 28 September 2014 - 08:29 AM

Are you still with me?

#9 nasdaq

nasdaq

  • Malware Response Team
  • 38,238 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:03:37 PM

Posted 04 October 2014 - 09:05 AM

Due to the lack of feedback, this topic is now closed.

In the event you still have problems, please send me or any Moderator a Private Message and ask them to reopen this topic within the next 5 days.

Please include a link to your topic in the Private Message. Thank you.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users