Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

extendedunlimited.org keeps reinstalling itself


  • This topic is locked This topic is locked
11 replies to this topic

#1 Evrai_Terrule

Evrai_Terrule

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Local time:08:09 PM

Posted 10 September 2014 - 06:16 PM

Today I turned on my computer and command prompt popped up then disappeared and "extendedunlimited.org" loads on Google Chrome. I have tried to follow some of the standard virus and malware removal paths I normally use to no avail. Windows Security, Malwarebytes, Hitman Pro, and ADW Cleaner did not take care of it. Each time one of the programs removes the suspected items and reboots the computer command prompt just pops right back up followed immediately by Chrome with "extendedunlimited.org" again. Any help would be greatly appreciated. Thanks!



BC AdBot (Login to Remove)

 


#2 aharonov

aharonov

  • Malware Response Team
  • 2,441 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:09 AM

Posted 10 September 2014 - 06:57 PM

Hi,

please run a FRST scan:


Please download Farbar Recovery Scan Tool and save it to your Desktop.
(If you are not sure which version (32-/64-bit) applies to your system, download and try to start both of them as just the right one will run.)
  • Start FRST with administator privileges.
  • Make sure the option Addition.txt is checked and press the Scan button.
  • When finished, FRST will produce two logs (FRST.txt and Addition.txt) in the same directory the tool was run from.
  • Please copy and paste these logs in your next reply.


#3 Evrai_Terrule

Evrai_Terrule
  • Topic Starter

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Local time:08:09 PM

Posted 10 September 2014 - 07:37 PM

Hello Aharonov and thank you very much for your quick response! Here are the requested FRST logs:

 

FRST.txt

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 10-09-2014
Ran by Stargazer (administrator) on STARGAZER-PC on 10-09-2014 17:21:44
Running from C:\Users\Stargazer\Desktop
Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Normal
 
The only official download link for FRST:
Download link from any site other than Bleeping Computer is unpermitted or outdated.
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(Logitech, Inc.) C:\Program Files\Common Files\Logishrd\Bluetooth\LBTServ.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(SurfRight B.V.) C:\Program Files\HitmanPro\hmpsched.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
() C:\Program Files (x86)\MSI Afterburner\Bundle\OSDServer\RTSS.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Logitech Inc.) C:\Program Files\Logitech\SetPoint\LBTWiz.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Microsoft Corporation) C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Binary Fortress Software) C:\Program Files (x86)\DisplayFusion\DisplayFusionService.exe
(http://tortoisesvn.net) C:\Program Files\TortoiseSVN\bin\TSVNCache.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(UC-Logic Technology Corp.) C:\Windows\System32\drivers\WTSrv.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
() C:\Program Files (x86)\NETGEAR\WNA3100\WifiSvc.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Windows\System32\alg.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Valve Corporation) C:\Games\Steam\Steam.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Razer USA Ltd) C:\Program Files (x86)\Razer\Nostromo\RazerNostromoSysTray.exe
(Tablet Driver) C:\Windows\SysWOW64\WTClient.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Dropbox, Inc.) C:\Users\Stargazer\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
(OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Valve Corporation) C:\Games\Steam\bin\steamwebhelper.exe
(Intuit Inc.) C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Cubic Reality Software) C:\Program Files (x86)\CubicExplorer\CubicExplorer.exe
 
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [Kernel and Hardware Abstraction Layer] => C:\Windows\KHALMNPR.EXE [130576 2009-06-17] (Logitech, Inc.)
HKLM\...\Run: [Bluetooth Connection Assistant] => LBTWIZ.EXE -silent
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1271072 2014-03-11] (Microsoft Corporation)
HKLM\...\Run: [XboxStat] => C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe [825184 2009-09-30] (Microsoft Corporation)
HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [7406392 2012-11-28] (Logitech Inc.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [6548112 2012-06-12] (Realtek Semiconductor)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2234144 2014-02-05] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [ROC_roc_ssl_v12] => "C:\Program Files (x86)\AVG Secure Search\ROC_roc_ssl_v12.exe" / /PROMPT /CMPID=roc_ssl_v12
HKLM-x32\...\Run: [Razer Nostromo Driver] => C:\Program Files (x86)\Razer\Nostromo\RazerNostromoSysTray.exe [978840 2011-07-19] (Razer USA Ltd)
HKLM-x32\...\Run: [WTClient] => C:\Windows\SysWOW64\WTClient.exe [40832 2012-12-22] (Tablet Driver)
HKLM-x32\...\Run: [EaseUS EPM tray] => C:\Program Files (x86)\EaseUS\EaseUS Partition Master 9.2.2\bin\EpmNews.exe
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-11-02] (Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-07-25] (Oracle Corporation)
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
HKU\S-1-5-21-544419344-474059564-3579960994-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3673728 2012-11-06] (DT Soft Ltd)
HKU\S-1-5-21-544419344-474059564-3579960994-1000\...\Run: [Steam] => C:\Games\Steam\steam.exe [1939136 2014-08-28] (Valve Corporation)
HKU\S-1-5-21-544419344-474059564-3579960994-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [21650016 2014-07-24] (Skype Technologies S.A.)
HKU\S-1-5-21-544419344-474059564-3579960994-1000\...\Run: [CMD] => cmd.exe /c start http://extendedunlimited.org && exit <===== ATTENTION
HKU\S-1-5-21-544419344-474059564-3579960994-1000\...\MountPoints2: E - E:\LaunchU3.exe -a
HKU\S-1-5-21-544419344-474059564-3579960994-1000\...\MountPoints2: {1d7be1a4-de5f-11e3-965a-001f20132f9c} - E:\VZW_Software_upgrade_assistant.exe
HKU\S-1-5-21-544419344-474059564-3579960994-1000\...\MountPoints2: {466c40c7-e788-11e2-a14a-d43d7e4cc89c} - E:\setup.exe -a
HKU\S-1-5-21-544419344-474059564-3579960994-1000\...\MountPoints2: {5e37498c-44e6-11e2-b3ef-d43d7e4cc89c} - G:\setup.exe
HKU\S-1-5-21-544419344-474059564-3579960994-1000\...\MountPoints2: {7b729212-4171-11e2-b219-d43d7e4cc89c} - "E:\WD SmartWare.exe" autoplay=true
Startup: C:\Users\Stargazer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Stargazer\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\Stargazer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk
ShortcutTarget: OpenOffice.org 3.4.1.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()
ShellIconOverlayIdentifiers: 1TortoiseNormal -> {C5994560-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)
ShellIconOverlayIdentifiers: 2TortoiseModified -> {C5994561-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)
ShellIconOverlayIdentifiers: 3TortoiseConflict -> {C5994562-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)
ShellIconOverlayIdentifiers: 4TortoiseLocked -> {C5994563-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)
ShellIconOverlayIdentifiers: 5TortoiseReadOnly -> {C5994564-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)
ShellIconOverlayIdentifiers: 6TortoiseDeleted -> {C5994565-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)
ShellIconOverlayIdentifiers: 7TortoiseAdded -> {C5994566-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)
ShellIconOverlayIdentifiers: 8TortoiseIgnored -> {C5994567-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)
ShellIconOverlayIdentifiers: 9TortoiseUnversioned -> {C5994568-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: 1TortoiseNormal -> {C5994560-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: 2TortoiseModified -> {C5994561-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: 3TortoiseConflict -> {C5994562-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: 4TortoiseLocked -> {C5994563-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: 5TortoiseReadOnly -> {C5994564-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: 6TortoiseDeleted -> {C5994565-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: 7TortoiseAdded -> {C5994566-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: 8TortoiseIgnored -> {C5994567-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: 9TortoiseUnversioned -> {C5994568-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xA891ABB627D9CD01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-US
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: PodcastBHO Class -> {65134FDF-F8A5-4B3D-91D9-CDF273CFD578} -> C:\Program Files (x86)\Common Files\doubleTwist\IEPodcastPlugin.dll (doubleTwist Corporation)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\..\Interfaces\{6EB73536-8471-4BAE-B022-5DB1FF2B236A}: [NameServer] 209.18.47.61,209.18.47.62
 
FireFox:
========
FF ProfilePath: C:\Users\Stargazer\AppData\Roaming\Mozilla\Firefox\Profiles\ec2inpv5.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_145.dll ()
FF Plugin: @microsoft.com/GENUINE -> C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.65.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.65.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @doubletwist.com/NPPodcast -> C:\Program Files (x86)\Common Files\doubleTwist\NPPodcast.dll (doubleTwist Corporation)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Stargazer\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Extension: Adblock Plus - C:\Users\Stargazer\AppData\Roaming\Mozilla\Firefox\Profiles\ec2inpv5.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-04-22]
 
Chrome: 
=======
CHR HomePage: Default -> hxxp://www.yibis.com/
CHR StartupUrls: Default -> "hxxp://playstarbound.com/", "hxxp://www.cheapassgamer.com/forum/10-video-game-deals/", "hxxp://slickdeals.net/deals/games/", "https://www.humblebundle.com/", "hxxp://www.bundlestars.com/", "hxxp://groupees.com/", "hxxp://www.indieroyale.com/", "hxxp://www.indiegala.com/", "hxxp://www.blinkbundle.com/", "https://indiegamestand.com/", "hxxp://www.amazon.com/mobile-apps/b/ref=topnav_storetab_mas?ie=UTF8&node=2350149011", "hxxp://www.whatpumpkin.com/home.php"
CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}{google:searchVersion}{google:sessionToken}sugkey={google:suggestAPIKeyParameter}
CHR Profile: C:\Users\Stargazer\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Entanglement Web App) - C:\Users\Stargazer\AppData\Local\Google\Chrome\User Data\Default\Extensions\aciahcmjmecflokailenpkdchphgkefd [2012-12-08]
CHR Extension: (Angry Birds) - C:\Users\Stargazer\AppData\Local\Google\Chrome\User Data\Default\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj [2012-12-08]
CHR Extension: (Google Drive) - C:\Users\Stargazer\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2012-12-08]
CHR Extension: (Missing e) - C:\Users\Stargazer\AppData\Local\Google\Chrome\User Data\Default\Extensions\bcjbagclppcgdbpobcpoojdjdmcjhpid [2012-12-08]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Stargazer\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-05-23]
CHR Extension: (YouTube) - C:\Users\Stargazer\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-12-08]
CHR Extension: (Google Search) - C:\Users\Stargazer\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-12-08]
CHR Extension: (Tampermonkey) - C:\Users\Stargazer\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2013-06-04]
CHR Extension: (AdBlock) - C:\Users\Stargazer\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-01-16]
CHR Extension: (FlashBlock) - C:\Users\Stargazer\AppData\Local\Google\Chrome\User Data\Default\Extensions\gofhjkjmkpinhpoiabjplobcaignabnl [2012-12-08]
CHR Extension: (TinEye Reverse Image Search) - C:\Users\Stargazer\AppData\Local\Google\Chrome\User Data\Default\Extensions\haebnnbpedcbhciplfhjjkbafijpncjl [2012-12-08]
CHR Extension: (Isoball 3) - C:\Users\Stargazer\AppData\Local\Google\Chrome\User Data\Default\Extensions\iajlkcpgcnbhfhpdeooockfaincfkjjj [2012-12-08]
CHR Extension: (Google Play Music) - C:\Users\Stargazer\AppData\Local\Google\Chrome\User Data\Default\Extensions\icppfcnhkcmnfdhfhphakoifcfokfdhg [2012-12-08]
CHR Extension: (Steam Market Auto-Agree) - C:\Users\Stargazer\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlicldafjdigokihkkdlbpfgehihjodl [2014-06-19]
CHR Extension: (Google Play) - C:\Users\Stargazer\AppData\Local\Google\Chrome\User Data\Default\Extensions\komhbcfkdcgmcdoenjcjheifdiabikfi [2012-12-08]
CHR Extension: (TumTaster) - C:\Users\Stargazer\AppData\Local\Google\Chrome\User Data\Default\Extensions\nanfbkacbckngfcklahdgfagjlghfbgm [2012-12-08]
CHR Extension: (Google Wallet) - C:\Users\Stargazer\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-20]
CHR Extension: (Hover Zoom) - C:\Users\Stargazer\AppData\Local\Google\Chrome\User Data\Default\Extensions\nonjdcjchghhkdoolnlbekcfllmednbl [2012-12-08]
CHR Extension: (Enhanced Steam) - C:\Users\Stargazer\AppData\Local\Google\Chrome\User Data\Default\Extensions\okadibdjfemgnhjiembecghcbfknbfhg [2014-06-21]
CHR Extension: (Bastion) - C:\Users\Stargazer\AppData\Local\Google\Chrome\User Data\Default\Extensions\oohphhdkahjlioohbalmicpokoefkgid [2013-06-04]
CHR Extension: (Gmail) - C:\Users\Stargazer\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-12-08]
 
==================== Services (Whitelisted) =================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2369720 2014-08-01] (Microsoft Corporation)
R2 DisplayFusionService; C:\Program Files (x86)\DisplayFusion\DisplayFusionService.exe [1375600 2013-11-27] (Binary Fortress Software)
R2 HitmanProScheduler; C:\Program Files\HitmanPro\hmpsched.exe [127752 2014-09-10] (SurfRight B.V.)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2014-03-11] (Microsoft Corporation)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [347872 2014-03-11] (Microsoft Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1593632 2014-02-05] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [16941856 2014-02-05] (NVIDIA Corporation)
R2 WinTabService; C:\Windows\System32\Drivers\WTSRV.EXE [81792 2012-12-22] (UC-Logic Technology Corp.)
R2 WSWNA3100; C:\Program Files (x86)\NETGEAR\WNA3100\WifiSvc.exe [285152 2010-08-26] ()
S2 ADExchange; C:\Program Files (x86)\Common Files\ArcSoft\esinter\Bin\eservutil.exe [X]
 
==================== Drivers (Whitelisted) ====================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2012-12-13] (DT Soft Ltd)
R3 LGSHidFilt; C:\Windows\System32\DRIVERS\LGSHidFilt.Sys [66360 2012-10-02] (Logitech Inc.)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [268512 2014-01-25] (Microsoft Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [133928 2014-03-11] (Microsoft Corporation)
S3 NPF; C:\Windows\System32\DRIVERS\npf.sys [47632 2010-02-03] (CACE Technologies, Inc.)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [39200 2013-12-27] (NVIDIA Corporation)
S3 PTSimHid; C:\Windows\System32\DRIVERS\PTSimHid.sys [22912 2012-12-22] (UC-Logic Technology Corp.)
S3 RTCore64; C:\Program Files (x86)\MSI Afterburner\RTCore64.sys [13368 2012-11-19] ()
R3 rzjoystk; C:\Windows\System32\DRIVERS\rzjoystk.sys [19968 2011-03-24] (Razer USA Ltd)
S3 RzSynapse; C:\Windows\System32\DRIVERS\RzSynapse.sys [157184 2011-07-14] (Razer USA Ltd)
S3 ViaUsbModemDriver; C:\Windows\System32\DRIVERS\VIA_USB_MODEM.sys [28160 2011-10-04] ()
S3 VIA_USB_ETS; C:\Windows\System32\DRIVERS\VIA_USB_ETS.sys [21760 2011-10-04] (Via Telecom, Inc.)
S1 ArcCtrl; system32\drivers\ArcCtrl.sys [X]
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
S3 MSICDSetup; \??\D:\CDriver64.sys [X]
S3 MSI_MSIBIOS_010507; \??\C:\Program Files (x86)\MSI\Live Update 5\msibios64_100507.sys [X]
S3 NTIOLib_1_0_4; \??\C:\Program Files (x86)\MSI\Live Update 5\NTIOLib_X64.sys [X]
S3 NTIOLib_1_0_C; \??\D:\NTIOLib_X64.sys [X]
S3 Tablet2k; "%SystemRoot%\System32\Drivers\Tablet2k.sys" [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
 
 
==================== One Month Created Files and Folders ========
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2014-09-10 17:21 - 2014-09-10 17:22 - 00024739 _____ () C:\Users\Stargazer\Desktop\FRST.txt
2014-09-10 17:21 - 2014-09-10 17:21 - 00000000 ____D () C:\FRST
2014-09-10 17:20 - 2014-09-10 17:20 - 02105856 _____ (Farbar) C:\Users\Stargazer\Desktop\FRST64.exe
2014-09-10 15:44 - 2014-09-10 15:44 - 00001634 _____ () C:\Windows\system32\.crusader
2014-09-10 15:19 - 2014-09-10 15:45 - 00000000 ____D () C:\ProgramData\HitmanPro
2014-09-10 15:19 - 2014-09-10 15:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HitmanPro
2014-09-10 15:19 - 2014-09-10 15:20 - 00000000 ____D () C:\Program Files\HitmanPro
2014-09-10 13:47 - 2014-09-10 13:49 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-09-10 13:47 - 2014-09-10 13:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-09-10 13:47 - 2014-09-10 13:48 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-09-10 13:47 - 2014-09-10 13:47 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-09-10 13:47 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-09-10 13:47 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-09-10 13:47 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-09-10 13:36 - 2014-09-10 13:36 - 00000000 ____D () C:\Windows\ERUNT
2014-09-10 13:21 - 2014-09-10 13:22 - 11194928 _____ (SurfRight B.V.) C:\Users\Stargazer\Downloads\HitmanPro_x64.exe
2014-09-10 13:20 - 2014-09-10 13:20 - 17523384 _____ (Malwarebytes Corporation ) C:\Users\Stargazer\Downloads\mb3-setup-1878.1878-3.5.1.2522.exe
2014-09-10 13:19 - 2014-09-10 13:19 - 01016261 _____ (Thisisu) C:\Users\Stargazer\Downloads\JRT.exe
2014-09-10 12:56 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll
2014-09-10 12:55 - 2014-09-10 13:30 - 00000000 ____D () C:\AdwCleaner
2014-09-10 12:54 - 2014-09-10 12:54 - 01370467 _____ () C:\Users\Stargazer\Downloads\adwcleaner_3.309.exe
2014-09-09 14:34 - 2014-09-09 14:36 - 00000000 ____D () C:\Users\Stargazer\.lennasinception
2014-09-09 14:34 - 2014-09-09 14:34 - 00000000 ____D () C:\Users\Stargazer\Downloads\lennasinception_beta3a
2014-09-09 14:33 - 2014-09-09 14:33 - 00000208 _____ () C:\Users\Stargazer\Desktop\Prison Architect.url
2014-09-09 14:32 - 2014-09-09 14:33 - 42633558 _____ () C:\Users\Stargazer\Downloads\lennasinception_beta3a.zip
2014-09-09 14:31 - 2014-09-09 14:31 - 00000208 _____ () C:\Users\Stargazer\Desktop\Papers, Please.url
2014-09-09 14:30 - 2014-09-09 14:30 - 00000208 _____ () C:\Users\Stargazer\Desktop\LUFTRAUSERS.url
2014-09-09 14:30 - 2014-09-09 14:30 - 00000208 _____ () C:\Users\Stargazer\Desktop\Gunpoint.url
2014-09-09 14:30 - 2014-09-09 14:30 - 00000208 _____ () C:\Users\Stargazer\Desktop\Gone Home.url
2014-09-09 14:29 - 2014-09-09 14:29 - 00000208 _____ () C:\Users\Stargazer\Desktop\Hammerwatch.url
2014-09-08 16:01 - 2014-09-08 16:01 - 00000208 _____ () C:\Users\Stargazer\Desktop\Five Nights at Freddy's.url
2014-09-08 15:37 - 2014-09-08 15:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-09-08 02:08 - 2014-09-08 02:08 - 00000000 __SHD () C:\Users\Stargazer\AppData\Local\EmieUserList
2014-09-08 02:08 - 2014-09-08 02:08 - 00000000 __SHD () C:\Users\Stargazer\AppData\Local\EmieSiteList
2014-09-07 00:49 - 2014-09-07 00:49 - 00004673 _____ () C:\Users\Stargazer\Downloads\{EHT PERSONALIZED TORRENT - DO NOT REDISTRIBUTE} [Kannel] The Sorority Pledge.zip.torrent
2014-09-06 13:24 - 2012-01-20 13:01 - 01355776 _____ (Microsoft Corporation) C:\Program Files\MSVBVM50.DLL
2014-09-06 13:24 - 2012-01-20 13:01 - 01355776 _____ (Microsoft Corporation) C:\Program Files (x86)\MSVBVM50.DLL
2014-09-06 12:57 - 2014-09-06 12:57 - 00000000 ____D () C:\ProgramData\Caphyon
2014-09-06 12:56 - 2014-09-06 12:57 - 00000000 ____D () C:\Users\Stargazer\AppData\Roaming\The Prince of Codes
2014-09-06 12:48 - 2014-09-06 14:01 - 00000000 ____D () C:\Users\Stargazer\Downloads\Minecraft PS3
2014-09-05 12:33 - 2014-09-05 12:33 - 00000208 _____ () C:\Users\Stargazer\Desktop\Lifeless Planet.url
2014-09-04 22:26 - 2014-09-04 22:26 - 00073461 _____ () C:\Users\Stargazer\Downloads\[kickass.to]dead.rising.3.apocalypse.edition.2014.pc.repack.by.r.g.steamgames.torrent
2014-09-04 22:14 - 2014-09-04 22:14 - 00033452 _____ () C:\Users\Stargazer\Downloads\[kickass.to]how.to.train.your.dragon.2.2014.1080p.web.dl.aac2.0.h264.rarbg.torrent
2014-09-04 22:12 - 2014-09-04 22:12 - 00016166 _____ () C:\Users\Stargazer\Downloads\[kickass.to]guardians.of.the.galaxy.awesome.mix.vol.1.original.motion.pic.torrent
2014-09-04 18:09 - 2014-09-04 18:21 - 443370443 _____ () C:\Users\Stargazer\Downloads\The_Last_Phoenix_Greenlight_Demo.rar
2014-09-03 23:48 - 2014-09-03 23:48 - 00000208 _____ () C:\Users\Stargazer\Desktop\Vitrum.url
2014-09-03 23:48 - 2014-09-03 23:48 - 00000208 _____ () C:\Users\Stargazer\Desktop\The Maker's Eden.url
2014-09-03 00:31 - 2014-09-03 00:31 - 00020648 _____ () C:\Users\Stargazer\Downloads\[kickass.to]shrek.the.musical.2013.1080p.brrip.x264.yify.torrent
2014-09-02 00:28 - 2014-09-02 00:28 - 00012364 _____ () C:\Users\Stargazer\Downloads\{EHT PERSONALIZED TORRENT - DO NOT REDISTRIBUTE} Crazy Girlfriend with Remote (Ongoing).zip.torrent
2014-09-01 23:54 - 2014-09-02 00:40 - 97133418 _____ (DigiPen Institute of Technology ) C:\Users\Stargazer\Downloads\Solace_setup.exe
2014-09-01 23:54 - 2014-09-02 00:37 - 58730811 _____ (DigiPen Institute of Technology ) C:\Users\Stargazer\Downloads\AFlippingGoodTime_Setup_08_13_14.exe
2014-09-01 23:54 - 2014-09-02 00:25 - 189434642 _____ (Double++ ) C:\Users\Stargazer\Downloads\deity_setup.exe
2014-09-01 12:29 - 2014-09-01 12:30 - 00022196 _____ () C:\Users\Stargazer\Downloads\[kickass.to]south.park.the.stick.of.truth.pc.game.dlc.nosteam.torrent
2014-09-01 11:38 - 2014-09-01 11:38 - 00000208 _____ () C:\Users\Stargazer\Desktop\Residue Final Cut.url
2014-09-01 11:32 - 2014-09-01 11:32 - 00000208 _____ () C:\Users\Stargazer\Desktop\Speed Kills.url
2014-09-01 11:32 - 2014-09-01 11:32 - 00000208 _____ () C:\Users\Stargazer\Desktop\Dungeons The Eye of Draconus.url
2014-09-01 02:55 - 2014-09-01 02:55 - 00000000 ____D () C:\Users\Stargazer\AppData\Roaming\SuperLemonadeFactory
2014-08-30 19:37 - 2014-08-30 19:37 - 00000000 __SHD () C:\found.000
2014-08-29 19:37 - 2014-08-29 19:37 - 00000000 ____D () C:\Users\Stargazer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Seagate
2014-08-29 19:37 - 2014-08-29 19:37 - 00000000 ____D () C:\Program Files (x86)\Seagate
2014-08-29 19:36 - 2014-08-29 19:37 - 26771088 _____ () C:\Users\Stargazer\Downloads\SeaToolsforWindowsSetup.exe
2014-08-28 23:16 - 2014-08-28 23:17 - 20789309 _____ () C:\Users\Stargazer\Downloads\valthirianarc2.swf
2014-08-28 23:16 - 2014-08-28 23:16 - 00052904 _____ () C:\Users\Stargazer\Downloads\secure_va2-hacked.swf
2014-08-28 23:13 - 2014-08-28 23:14 - 05312093 _____ () C:\Users\Stargazer\Downloads\valthirian-arc-5655.swf
2014-08-28 22:54 - 2014-08-28 23:53 - 318007758 _____ () C:\Users\Stargazer\Downloads\Blackmoon Prophecy Plus.rar
2014-08-28 22:50 - 2014-08-28 23:31 - 156535452 _____ () C:\Users\Stargazer\Downloads\TheDrop.zip
2014-08-28 22:50 - 2014-08-28 23:19 - 401510416 _____ () C:\Users\Stargazer\Downloads\Super_Mario_RPG_The_Starlite_Worlds.zip
2014-08-28 22:49 - 2014-08-28 23:09 - 172765216 _____ () C:\Users\Stargazer\Downloads\Super Mario RPG The Seven Sages.zip
2014-08-28 22:48 - 2014-08-28 22:59 - 78429413 _____ () C:\Users\Stargazer\Downloads\TLoZ-CPW.zip
2014-08-28 22:43 - 2014-08-28 22:45 - 15539455 _____ () C:\Users\Stargazer\Downloads\Batang.ttf
2014-08-28 22:42 - 2014-08-28 23:46 - 295144329 _____ () C:\Users\Stargazer\Downloads\Middens 3.5.zip
2014-08-28 22:35 - 2014-08-28 23:30 - 165665365 _____ () C:\Users\Stargazer\Downloads\Miserere v1.02x.zip
2014-08-28 22:30 - 2014-08-28 22:41 - 56310117 _____ (Igor Pavlov) C:\Users\Stargazer\Downloads\VorlorN.exe
2014-08-28 22:29 - 2014-08-28 22:45 - 84599019 _____ () C:\Users\Stargazer\Downloads\Dreaming Mary.exe
2014-08-28 22:27 - 2014-08-28 22:29 - 07897713 _____ () C:\Users\Stargazer\Downloads\Sunset Over Imdahl.zip
2014-08-28 22:23 - 2014-08-28 22:31 - 60761164 _____ () C:\Users\Stargazer\Downloads\Safety_ Life Is A Maze v1.2_1.zip
2014-08-28 13:27 - 2014-08-28 13:27 - 00000000 ____D () C:\Windows\System32\Tasks\Leader Technologies
2014-08-27 12:38 - 2014-08-22 19:07 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-08-27 12:38 - 2014-08-22 18:45 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-08-27 12:38 - 2014-08-22 17:59 - 03163648 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-08-27 11:14 - 2014-08-27 11:14 - 00000000 ____D () C:\Users\Stargazer\AppData\Local\CKY
2014-08-27 02:31 - 2014-08-27 02:31 - 00001107 _____ () C:\Users\Stargazer\Desktop\Katawa Shoujo.lnk
2014-08-27 02:31 - 2014-08-27 02:31 - 00000000 ____D () C:\Users\Stargazer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Katawa Shoujo
2014-08-27 02:30 - 2014-08-27 02:31 - 00000000 ____D () C:\Program Files (x86)\Katawa Shoujo
2014-08-27 02:19 - 2014-08-27 02:19 - 00008372 _____ () C:\Users\Stargazer\Downloads\{EHT PERSONALIZED TORRENT - DO NOT REDISTRIBUTE} (C82) [pantwo (ZIZ)] Touzoku Tsumami (Thief Catching) (Final Fantasy IX) [English] =SW=.zip.torrent
2014-08-27 02:14 - 2014-08-27 02:14 - 03534855 _____ () C:\Users\Stargazer\Downloads\1432 - Harvest Moon - Friends of Mineral Town (E)(GBA).zip
2014-08-27 02:08 - 2014-08-27 02:08 - 00170233 _____ () C:\Users\Stargazer\Downloads\Harvest Moon - FoMT (True Love Edition v3.0).ips
2014-08-26 21:51 - 2014-08-26 21:51 - 00015193 _____ () C:\Users\Stargazer\Downloads\[yibis]_One_Piece_656_[720p][DEF225A0].mkv.torrent
2014-08-26 21:51 - 2014-08-26 21:51 - 00014593 _____ () C:\Users\Stargazer\Downloads\[yibis]_One_Piece_654_[720p][14F36EA1].mkv (1).torrent
2014-08-26 21:51 - 2014-08-26 21:51 - 00013373 _____ () C:\Users\Stargazer\Downloads\[yibis]_One_Piece_653_[720p][A70EF017].mkv (1).torrent
2014-08-26 21:51 - 2014-08-26 21:51 - 00013113 _____ () C:\Users\Stargazer\Downloads\[yibis]_One_Piece_655_[720p][3F86D296].mkv.torrent
2014-08-25 15:41 - 2014-08-25 15:41 - 00000208 _____ () C:\Users\Stargazer\Desktop\Tiny Barbarian DX.url
2014-08-25 15:41 - 2014-08-25 15:41 - 00000208 _____ () C:\Users\Stargazer\Desktop\Full Bore.url
2014-08-22 16:33 - 2014-08-22 16:33 - 00262192 _____ () C:\Windows\Minidump\082214-39733-01.dmp
2014-08-20 18:33 - 2014-05-14 09:23 - 02477536 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2014-08-20 18:33 - 2014-05-14 09:23 - 00058336 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2014-08-20 18:33 - 2014-05-14 09:23 - 00044512 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2014-08-20 18:33 - 2014-05-14 09:21 - 02620928 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2014-08-20 18:32 - 2014-05-14 09:23 - 00700384 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2014-08-20 18:32 - 2014-05-14 09:23 - 00581600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2014-08-20 18:32 - 2014-05-14 09:23 - 00198600 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2014-08-20 18:32 - 2014-05-14 09:23 - 00179656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2014-08-20 18:32 - 2014-05-14 09:23 - 00038880 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2014-08-20 18:32 - 2014-05-14 09:23 - 00036320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2014-08-20 18:32 - 2014-05-14 09:20 - 00097792 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2014-08-20 18:32 - 2014-05-14 09:20 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2014-08-20 18:32 - 2014-05-14 09:17 - 00092672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2014-08-20 18:32 - 2014-05-14 09:17 - 00033792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2014-08-19 23:36 - 2014-08-19 23:36 - 00272808 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-08-19 23:36 - 2014-08-19 23:36 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-08-19 23:36 - 2014-08-19 23:36 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-08-19 12:01 - 2014-08-19 12:01 - 00000208 _____ () C:\Users\Stargazer\Desktop\Super Lemonade Factory.url
2014-08-19 11:58 - 2014-08-19 11:58 - 00000208 _____ () C:\Users\Stargazer\Desktop\Whispering Willows.url
2014-08-18 19:50 - 2014-08-18 19:57 - 00000000 ____D () C:\Users\Stargazer\AppData\Local\Luna
2014-08-16 01:41 - 2014-06-30 15:24 - 00008856 _____ (Microsoft Corporation) C:\Windows\system32\icardres.dll
2014-08-16 01:41 - 2014-06-30 15:14 - 00008856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardres.dll
2014-08-16 01:41 - 2014-03-09 14:48 - 01389208 _____ (Microsoft Corporation) C:\Windows\system32\icardagt.exe
2014-08-16 01:41 - 2014-03-09 14:48 - 00171160 _____ (Microsoft Corporation) C:\Windows\system32\infocardapi.dll
2014-08-16 01:41 - 2014-03-09 14:47 - 00619672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardagt.exe
2014-08-16 01:41 - 2014-03-09 14:47 - 00099480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\infocardapi.dll
2014-08-16 01:40 - 2014-06-05 23:16 - 00035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe
2014-08-16 01:40 - 2014-06-05 23:12 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2014-08-15 21:23 - 2014-07-15 20:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-08-15 21:23 - 2014-07-15 19:46 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-08-15 21:23 - 2014-06-24 19:05 - 14175744 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-08-15 21:23 - 2014-06-24 18:41 - 12874240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-08-15 21:23 - 2014-06-15 19:10 - 00985536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2014-08-15 21:23 - 2014-06-03 03:02 - 03241984 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-08-15 21:23 - 2014-06-03 03:02 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2014-08-15 21:23 - 2014-06-03 03:02 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2014-08-15 21:23 - 2014-06-03 03:02 - 00112064 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2014-08-15 21:23 - 2014-06-03 02:29 - 02363392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-08-15 21:23 - 2014-06-03 02:29 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2014-08-15 21:23 - 2014-06-03 02:29 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2014-08-15 21:22 - 2014-08-06 19:06 - 00529920 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-08-15 21:22 - 2014-08-06 19:01 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-08-15 21:22 - 2014-07-31 16:41 - 00348856 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-08-15 21:22 - 2014-07-31 16:16 - 00307384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-08-15 21:22 - 2014-07-25 07:52 - 23645696 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-08-15 21:22 - 2014-07-25 07:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-08-15 21:22 - 2014-07-25 07:01 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-08-15 21:22 - 2014-07-25 06:51 - 17524224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-08-15 21:22 - 2014-07-25 06:30 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-08-15 21:22 - 2014-07-25 06:28 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-08-15 21:22 - 2014-07-25 06:28 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-08-15 21:22 - 2014-07-25 06:25 - 02774528 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-08-15 21:22 - 2014-07-25 06:25 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-08-15 21:22 - 2014-07-25 06:11 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-08-15 21:22 - 2014-07-25 06:10 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-08-15 21:22 - 2014-07-25 06:04 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-08-15 21:22 - 2014-07-25 06:03 - 00598016 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-08-15 21:22 - 2014-07-25 06:00 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-08-15 21:22 - 2014-07-25 06:00 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-08-15 21:22 - 2014-07-25 05:59 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-08-15 21:22 - 2014-07-25 05:47 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-08-15 21:22 - 2014-07-25 05:40 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-08-15 21:22 - 2014-07-25 05:34 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-08-15 21:22 - 2014-07-25 05:34 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-08-15 21:22 - 2014-07-25 05:33 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-08-15 21:22 - 2014-07-25 05:30 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-08-15 21:22 - 2014-07-25 05:28 - 05824512 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-08-15 21:22 - 2014-07-25 05:28 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-08-15 21:22 - 2014-07-25 05:21 - 02184704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-08-15 21:22 - 2014-07-25 05:19 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-08-15 21:22 - 2014-07-25 05:18 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-08-15 21:22 - 2014-07-25 05:17 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-08-15 21:22 - 2014-07-25 05:17 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-08-15 21:22 - 2014-07-25 05:12 - 00438784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-08-15 21:22 - 2014-07-25 05:10 - 00292864 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-08-15 21:22 - 2014-07-25 05:10 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-08-15 21:22 - 2014-07-25 05:08 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-08-15 21:22 - 2014-07-25 05:06 - 04204032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-08-15 21:22 - 2014-07-25 04:52 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-08-15 21:22 - 2014-07-25 04:47 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-08-15 21:22 - 2014-07-25 04:43 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-08-15 21:22 - 2014-07-25 04:42 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-08-15 21:22 - 2014-07-25 04:39 - 02087936 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-08-15 21:22 - 2014-07-25 04:39 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-08-15 21:22 - 2014-07-25 04:36 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-08-15 21:22 - 2014-07-25 04:34 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-08-15 21:22 - 2014-07-25 04:29 - 00239616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-08-15 21:22 - 2014-07-25 04:23 - 13547008 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-08-15 21:22 - 2014-07-25 04:13 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-08-15 21:22 - 2014-07-25 04:07 - 02001920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-08-15 21:22 - 2014-07-25 04:07 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-08-15 21:22 - 2014-07-25 04:03 - 11772928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-08-15 21:22 - 2014-07-25 03:52 - 02266624 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-08-15 21:22 - 2014-07-25 03:26 - 01431040 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-08-15 21:22 - 2014-07-25 03:17 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-08-15 21:22 - 2014-07-25 03:09 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-08-15 21:22 - 2014-07-25 03:05 - 01792512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-08-15 21:22 - 2014-07-25 03:00 - 01169920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-08-15 21:22 - 2014-07-13 19:02 - 01216000 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2014-08-15 21:22 - 2014-07-13 18:40 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2014-08-15 18:11 - 2014-08-15 18:11 - 00001218 _____ () C:\Users\Stargazer\Desktop\Wooden Floor.lnk
 
==================== One Month Modified Files and Folders =======
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2014-09-10 17:22 - 2014-09-10 17:21 - 00024739 _____ () C:\Users\Stargazer\Desktop\FRST.txt
2014-09-10 17:21 - 2014-09-10 17:21 - 00000000 ____D () C:\FRST
2014-09-10 17:20 - 2014-09-10 17:20 - 02105856 _____ (Farbar) C:\Users\Stargazer\Desktop\FRST64.exe
2014-09-10 17:00 - 2012-12-08 18:00 - 00000904 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-09-10 16:49 - 2013-01-23 20:46 - 00000000 ____D () C:\Users\Stargazer\AppData\Roaming\Skype
2014-09-10 16:05 - 2012-12-08 17:00 - 02083755 _____ () C:\Windows\WindowsUpdate.log
2014-09-10 16:01 - 2013-04-03 16:25 - 00000000 ____D () C:\Users\Stargazer\Desktop\Utilities
2014-09-10 15:57 - 2009-07-13 21:45 - 00026368 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-09-10 15:57 - 2009-07-13 21:45 - 00026368 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-09-10 15:51 - 2012-12-08 04:49 - 00000000 ___RD () C:\Users\Stargazer\Dropbox
2014-09-10 15:51 - 2012-12-08 04:46 - 00000000 ____D () C:\Users\Stargazer\AppData\Roaming\Dropbox
2014-09-10 15:49 - 2013-08-17 22:45 - 00000438 _____ () C:\Windows\system32\Drivers\etc\hosts.ics
2014-09-10 15:49 - 2012-12-08 18:00 - 00000900 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-09-10 15:48 - 2014-01-13 02:53 - 00000000 ____D () C:\Users\Stargazer\AppData\Local\TSVNCache
2014-09-10 15:48 - 2013-01-29 19:27 - 00000354 _____ () C:\Windows\Tasks\ROC_JAN2013_TB_rmv.job
2014-09-10 15:48 - 2009-07-13 21:51 - 00232604 _____ () C:\Windows\setupact.log
2014-09-10 15:47 - 2012-12-08 17:18 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-09-10 15:47 - 2010-11-20 20:47 - 00283252 _____ () C:\Windows\PFRO.log
2014-09-10 15:47 - 2009-07-13 22:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-09-10 15:45 - 2014-09-10 15:19 - 00000000 ____D () C:\ProgramData\HitmanPro
2014-09-10 15:44 - 2014-09-10 15:44 - 00001634 _____ () C:\Windows\system32\.crusader
2014-09-10 15:44 - 2014-08-01 19:40 - 00000000 ____D () C:\Users\Stargazer\Downloads\Platformines
2014-09-10 15:20 - 2014-09-10 15:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HitmanPro
2014-09-10 15:20 - 2014-09-10 15:19 - 00000000 ____D () C:\Program Files\HitmanPro
2014-09-10 15:14 - 2009-07-13 20:20 - 00000000 ____D () C:\Windows\Help
2014-09-10 13:49 - 2014-09-10 13:47 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-09-10 13:48 - 2014-09-10 13:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-09-10 13:48 - 2014-09-10 13:47 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-09-10 13:47 - 2014-09-10 13:47 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-09-10 13:36 - 2014-09-10 13:36 - 00000000 ____D () C:\Windows\ERUNT
2014-09-10 13:30 - 2014-09-10 12:55 - 00000000 ____D () C:\AdwCleaner
2014-09-10 13:22 - 2014-09-10 13:21 - 11194928 _____ (SurfRight B.V.) C:\Users\Stargazer\Downloads\HitmanPro_x64.exe
2014-09-10 13:20 - 2014-09-10 13:20 - 17523384 _____ (Malwarebytes Corporation ) C:\Users\Stargazer\Downloads\mb3-setup-1878.1878-3.5.1.2522.exe
2014-09-10 13:19 - 2014-09-10 13:19 - 01016261 _____ (Thisisu) C:\Users\Stargazer\Downloads\JRT.exe
2014-09-10 12:54 - 2014-09-10 12:54 - 01370467 _____ () C:\Users\Stargazer\Downloads\adwcleaner_3.309.exe
2014-09-09 14:36 - 2014-09-09 14:34 - 00000000 ____D () C:\Users\Stargazer\.lennasinception
2014-09-09 14:34 - 2014-09-09 14:34 - 00000000 ____D () C:\Users\Stargazer\Downloads\lennasinception_beta3a
2014-09-09 14:34 - 2012-12-08 17:03 - 00000000 ____D () C:\Users\Stargazer
2014-09-09 14:33 - 2014-09-09 14:33 - 00000208 _____ () C:\Users\Stargazer\Desktop\Prison Architect.url
2014-09-09 14:33 - 2014-09-09 14:32 - 42633558 _____ () C:\Users\Stargazer\Downloads\lennasinception_beta3a.zip
2014-09-09 14:31 - 2014-09-09 14:31 - 00000208 _____ () C:\Users\Stargazer\Desktop\Papers, Please.url
2014-09-09 14:30 - 2014-09-09 14:30 - 00000208 _____ () C:\Users\Stargazer\Desktop\LUFTRAUSERS.url
2014-09-09 14:30 - 2014-09-09 14:30 - 00000208 _____ () C:\Users\Stargazer\Desktop\Gunpoint.url
2014-09-09 14:30 - 2014-09-09 14:30 - 00000208 _____ () C:\Users\Stargazer\Desktop\Gone Home.url
2014-09-09 14:29 - 2014-09-09 14:29 - 00000208 _____ () C:\Users\Stargazer\Desktop\Hammerwatch.url
2014-09-08 18:39 - 2009-07-13 22:13 - 00782470 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-09-08 16:01 - 2014-09-08 16:01 - 00000208 _____ () C:\Users\Stargazer\Desktop\Five Nights at Freddy's.url
2014-09-08 16:00 - 2012-12-23 15:09 - 00000000 ____D () C:\Users\Stargazer\Downloads\Tixati Completed
2014-09-08 15:37 - 2014-09-08 15:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-09-08 02:08 - 2014-09-08 02:08 - 00000000 __SHD () C:\Users\Stargazer\AppData\Local\EmieUserList
2014-09-08 02:08 - 2014-09-08 02:08 - 00000000 __SHD () C:\Users\Stargazer\AppData\Local\EmieSiteList
2014-09-07 01:06 - 2012-12-08 16:44 - 00000000 ____D () C:\Users\Stargazer\Documents\Junk
2014-09-07 00:53 - 2012-12-09 02:21 - 00000000 ____D () C:\Users\Stargazer\AppData\Roaming\tixati
2014-09-07 00:51 - 2012-12-09 02:22 - 00000000 ____D () C:\Users\Stargazer\Downloads\Tixati
2014-09-07 00:49 - 2014-09-07 00:49 - 00004673 _____ () C:\Users\Stargazer\Downloads\{EHT PERSONALIZED TORRENT - DO NOT REDISTRIBUTE} [Kannel] The Sorority Pledge.zip.torrent
2014-09-06 14:01 - 2014-09-06 12:48 - 00000000 ____D () C:\Users\Stargazer\Downloads\Minecraft PS3
2014-09-06 12:57 - 2014-09-06 12:57 - 00000000 ____D () C:\ProgramData\Caphyon
2014-09-06 12:57 - 2014-09-06 12:56 - 00000000 ____D () C:\Users\Stargazer\AppData\Roaming\The Prince of Codes
2014-09-05 15:54 - 2012-12-13 17:44 - 00000000 ____D () C:\Users\Stargazer\Documents\My Games
2014-09-05 15:08 - 2014-07-28 22:36 - 00000000 ____D () C:\Users\Stargazer\Desktop\Games to Try
2014-09-05 14:22 - 2013-04-03 22:01 - 00000000 ____D () C:\Users\Stargazer\Desktop\Games
2014-09-05 12:33 - 2014-09-05 12:33 - 00000208 _____ () C:\Users\Stargazer\Desktop\Lifeless Planet.url
2014-09-04 23:38 - 2012-12-20 23:16 - 00000000 ____D () C:\Users\Stargazer\AppData\Local\Paint.NET
2014-09-04 22:27 - 2013-11-28 21:28 - 00000000 ____D () C:\Users\Stargazer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2014-09-04 22:26 - 2014-09-04 22:26 - 00073461 _____ () C:\Users\Stargazer\Downloads\[kickass.to]dead.rising.3.apocalypse.edition.2014.pc.repack.by.r.g.steamgames.torrent
2014-09-04 22:14 - 2014-09-04 22:14 - 00033452 _____ () C:\Users\Stargazer\Downloads\[kickass.to]how.to.train.your.dragon.2.2014.1080p.web.dl.aac2.0.h264.rarbg.torrent
2014-09-04 22:12 - 2014-09-04 22:12 - 00016166 _____ () C:\Users\Stargazer\Downloads\[kickass.to]guardians.of.the.galaxy.awesome.mix.vol.1.original.motion.pic.torrent
2014-09-04 18:21 - 2014-09-04 18:09 - 443370443 _____ () C:\Users\Stargazer\Downloads\The_Last_Phoenix_Greenlight_Demo.rar
2014-09-03 23:48 - 2014-09-03 23:48 - 00000208 _____ () C:\Users\Stargazer\Desktop\Vitrum.url
2014-09-03 23:48 - 2014-09-03 23:48 - 00000208 _____ () C:\Users\Stargazer\Desktop\The Maker's Eden.url
2014-09-03 00:31 - 2014-09-03 00:31 - 00020648 _____ () C:\Users\Stargazer\Downloads\[kickass.to]shrek.the.musical.2013.1080p.brrip.x264.yify.torrent
2014-09-02 00:40 - 2014-09-01 23:54 - 97133418 _____ (DigiPen Institute of Technology ) C:\Users\Stargazer\Downloads\Solace_setup.exe
2014-09-02 00:37 - 2014-09-01 23:54 - 58730811 _____ (DigiPen Institute of Technology ) C:\Users\Stargazer\Downloads\AFlippingGoodTime_Setup_08_13_14.exe
2014-09-02 00:28 - 2014-09-02 00:28 - 00012364 _____ () C:\Users\Stargazer\Downloads\{EHT PERSONALIZED TORRENT - DO NOT REDISTRIBUTE} Crazy Girlfriend with Remote (Ongoing).zip.torrent
2014-09-02 00:25 - 2014-09-01 23:54 - 189434642 _____ (Double++ ) C:\Users\Stargazer\Downloads\deity_setup.exe
2014-09-01 12:30 - 2014-09-01 12:29 - 00022196 _____ () C:\Users\Stargazer\Downloads\[kickass.to]south.park.the.stick.of.truth.pc.game.dlc.nosteam.torrent
2014-09-01 11:38 - 2014-09-01 11:38 - 00000208 _____ () C:\Users\Stargazer\Desktop\Residue Final Cut.url
2014-09-01 11:32 - 2014-09-01 11:32 - 00000208 _____ () C:\Users\Stargazer\Desktop\Speed Kills.url
2014-09-01 11:32 - 2014-09-01 11:32 - 00000208 _____ () C:\Users\Stargazer\Desktop\Dungeons The Eye of Draconus.url
2014-09-01 02:55 - 2014-09-01 02:55 - 00000000 ____D () C:\Users\Stargazer\AppData\Roaming\SuperLemonadeFactory
2014-08-30 22:21 - 2014-03-05 12:52 - 00000000 ____D () C:\Users\Stargazer\Downloads\Diablo 3
2014-08-30 21:54 - 2013-07-24 16:07 - 00000000 ____D () C:\Users\Stargazer\Downloads\Inspiration
2014-08-30 19:37 - 2014-08-30 19:37 - 00000000 __SHD () C:\found.000
2014-08-29 19:38 - 2013-06-27 14:53 - 00000000 ____D () C:\ProgramData\Package Cache
2014-08-29 19:37 - 2014-08-29 19:37 - 00000000 ____D () C:\Users\Stargazer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Seagate
2014-08-29 19:37 - 2014-08-29 19:37 - 00000000 ____D () C:\Program Files (x86)\Seagate
2014-08-29 19:37 - 2014-08-29 19:36 - 26771088 _____ () C:\Users\Stargazer\Downloads\SeaToolsforWindowsSetup.exe
2014-08-29 10:32 - 2009-07-13 20:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-08-29 10:24 - 2012-12-08 17:23 - 00118872 _____ () C:\Users\Stargazer\AppData\Local\GDIPFONTCACHEV1.DAT
2014-08-29 10:23 - 2009-07-13 21:45 - 00468008 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-08-28 23:53 - 2014-08-28 22:54 - 318007758 _____ () C:\Users\Stargazer\Downloads\Blackmoon Prophecy Plus.rar
2014-08-28 23:46 - 2014-08-28 22:42 - 295144329 _____ () C:\Users\Stargazer\Downloads\Middens 3.5.zip
2014-08-28 23:31 - 2014-08-28 22:50 - 156535452 _____ () C:\Users\Stargazer\Downloads\TheDrop.zip
2014-08-28 23:30 - 2014-08-28 22:35 - 165665365 _____ () C:\Users\Stargazer\Downloads\Miserere v1.02x.zip
2014-08-28 23:19 - 2014-08-28 22:50 - 401510416 _____ () C:\Users\Stargazer\Downloads\Super_Mario_RPG_The_Starlite_Worlds.zip
2014-08-28 23:17 - 2014-08-28 23:16 - 20789309 _____ () C:\Users\Stargazer\Downloads\valthirianarc2.swf
2014-08-28 23:16 - 2014-08-28 23:16 - 00052904 _____ () C:\Users\Stargazer\Downloads\secure_va2-hacked.swf
2014-08-28 23:14 - 2014-08-28 23:13 - 05312093 _____ () C:\Users\Stargazer\Downloads\valthirian-arc-5655.swf
2014-08-28 23:09 - 2014-08-28 22:49 - 172765216 _____ () C:\Users\Stargazer\Downloads\Super Mario RPG The Seven Sages.zip
2014-08-28 22:59 - 2014-08-28 22:48 - 78429413 _____ () C:\Users\Stargazer\Downloads\TLoZ-CPW.zip
2014-08-28 22:45 - 2014-08-28 22:43 - 15539455 _____ () C:\Users\Stargazer\Downloads\Batang.ttf
2014-08-28 22:45 - 2014-08-28 22:29 - 84599019 _____ () C:\Users\Stargazer\Downloads\Dreaming Mary.exe
2014-08-28 22:41 - 2014-08-28 22:30 - 56310117 _____ (Igor Pavlov) C:\Users\Stargazer\Downloads\VorlorN.exe
2014-08-28 22:31 - 2014-08-28 22:23 - 60761164 _____ () C:\Users\Stargazer\Downloads\Safety_ Life Is A Maze v1.2_1.zip
2014-08-28 22:29 - 2014-08-28 22:27 - 07897713 _____ () C:\Users\Stargazer\Downloads\Sunset Over Imdahl.zip
2014-08-28 13:27 - 2014-08-28 13:27 - 00000000 ____D () C:\Windows\System32\Tasks\Leader Technologies
2014-08-28 12:15 - 2013-02-01 13:03 - 00000000 ____D () C:\Program Files\Microsoft Office 15
2014-08-28 12:03 - 2013-01-23 20:46 - 00000000 ____D () C:\ProgramData\Skype
2014-08-27 11:14 - 2014-08-27 11:14 - 00000000 ____D () C:\Users\Stargazer\AppData\Local\CKY
2014-08-27 02:31 - 2014-08-27 02:31 - 00001107 _____ () C:\Users\Stargazer\Desktop\Katawa Shoujo.lnk
2014-08-27 02:31 - 2014-08-27 02:31 - 00000000 ____D () C:\Users\Stargazer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Katawa Shoujo
2014-08-27 02:31 - 2014-08-27 02:30 - 00000000 ____D () C:\Program Files (x86)\Katawa Shoujo
2014-08-27 02:19 - 2014-08-27 02:19 - 00008372 _____ () C:\Users\Stargazer\Downloads\{EHT PERSONALIZED TORRENT - DO NOT REDISTRIBUTE} (C82) [pantwo (ZIZ)] Touzoku Tsumami (Thief Catching) (Final Fantasy IX) [English] =SW=.zip.torrent
2014-08-27 02:14 - 2014-08-27 02:14 - 03534855 _____ () C:\Users\Stargazer\Downloads\1432 - Harvest Moon - Friends of Mineral Town (E)(GBA).zip
2014-08-27 02:08 - 2014-08-27 02:08 - 00170233 _____ () C:\Users\Stargazer\Downloads\Harvest Moon - FoMT (True Love Edition v3.0).ips
2014-08-26 21:51 - 2014-08-26 21:51 - 00015193 _____ () C:\Users\Stargazer\Downloads\[yibis]_One_Piece_656_[720p][DEF225A0].mkv.torrent
2014-08-26 21:51 - 2014-08-26 21:51 - 00014593 _____ () C:\Users\Stargazer\Downloads\[yibis]_One_Piece_654_[720p][14F36EA1].mkv (1).torrent
2014-08-26 21:51 - 2014-08-26 21:51 - 00013373 _____ () C:\Users\Stargazer\Downloads\[yibis]_One_Piece_653_[720p][A70EF017].mkv (1).torrent
2014-08-26 21:51 - 2014-08-26 21:51 - 00013113 _____ () C:\Users\Stargazer\Downloads\[yibis]_One_Piece_655_[720p][3F86D296].mkv.torrent
2014-08-25 15:41 - 2014-08-25 15:41 - 00000208 _____ () C:\Users\Stargazer\Desktop\Tiny Barbarian DX.url
2014-08-25 15:41 - 2014-08-25 15:41 - 00000208 _____ () C:\Users\Stargazer\Desktop\Full Bore.url
2014-08-22 19:34 - 2013-04-18 21:57 - 00000000 ____D () C:\ProgramData\Origin
2014-08-22 19:07 - 2014-08-27 12:38 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-08-22 18:45 - 2014-08-27 12:38 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-08-22 17:59 - 2014-08-27 12:38 - 03163648 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-08-22 16:49 - 2013-04-18 21:56 - 00000000 ____D () C:\Program Files (x86)\Origin
2014-08-22 16:33 - 2014-08-22 16:33 - 00262192 _____ () C:\Windows\Minidump\082214-39733-01.dmp
2014-08-22 16:33 - 2014-05-20 01:56 - 00000000 ____D () C:\Windows\Minidump
2014-08-21 09:03 - 2009-07-13 20:20 - 00000000 ____D () C:\Windows\rescache
2014-08-21 00:03 - 2012-12-08 13:13 - 00000000 ____D () C:\Users\Stargazer\Documents\DnD
2014-08-19 23:37 - 2013-10-20 13:46 - 00000000 ____D () C:\ProgramData\Oracle
2014-08-19 23:36 - 2014-08-19 23:36 - 00272808 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-08-19 23:36 - 2014-08-19 23:36 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-08-19 23:36 - 2014-08-19 23:36 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-08-19 23:36 - 2014-07-25 21:33 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-08-19 23:36 - 2014-07-25 21:32 - 00000000 ____D () C:\Program Files (x86)\Java
2014-08-19 12:01 - 2014-08-19 12:01 - 00000208 _____ () C:\Users\Stargazer\Desktop\Super Lemonade Factory.url
2014-08-19 11:58 - 2014-08-19 11:58 - 00000208 _____ () C:\Users\Stargazer\Desktop\Whispering Willows.url
2014-08-18 19:57 - 2014-08-18 19:50 - 00000000 ____D () C:\Users\Stargazer\AppData\Local\Luna
2014-08-16 13:21 - 2009-07-13 20:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-08-16 01:40 - 2014-04-30 00:24 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-08-15 18:11 - 2014-08-15 18:11 - 00001218 _____ () C:\Users\Stargazer\Desktop\Wooden Floor.lnk
2014-08-14 14:21 - 2012-12-08 04:47 - 00000000 ____D () C:\Users\Stargazer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-08-11 09:45 - 2014-03-17 19:50 - 00000000 ____D () C:\Users\Stargazer\Powersaves3DS
 
Some content of TEMP:
====================
C:\Users\Stargazer\AppData\Local\Temp\19c8ee11-2316-4b62-bf11-c46bba2e887c.exe
C:\Users\Stargazer\AppData\Local\Temp\7z.dll
C:\Users\Stargazer\AppData\Local\Temp\7z.exe
C:\Users\Stargazer\AppData\Local\Temp\aoe3-113-english.exe
C:\Users\Stargazer\AppData\Local\Temp\aoe3-114-english.exe
C:\Users\Stargazer\AppData\Local\Temp\aoe3x-105-english.exe
C:\Users\Stargazer\AppData\Local\Temp\aoe3x-106-english.exe
C:\Users\Stargazer\AppData\Local\Temp\aoe3y-102-english.exe
C:\Users\Stargazer\AppData\Local\Temp\aoe3y-103-english.exe
C:\Users\Stargazer\AppData\Local\Temp\AskSLib.dll
C:\Users\Stargazer\AppData\Local\Temp\CopyUpdate.exe
C:\Users\Stargazer\AppData\Local\Temp\devcon64.exe
C:\Users\Stargazer\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmppvorop.dll
C:\Users\Stargazer\AppData\Local\Temp\dtkill.exe
C:\Users\Stargazer\AppData\Local\Temp\Executor.exe
C:\Users\Stargazer\AppData\Local\Temp\ExPromo.exe
C:\Users\Stargazer\AppData\Local\Temp\Foxit Reader Updater.exe
C:\Users\Stargazer\AppData\Local\Temp\Foxit Updater.exe
C:\Users\Stargazer\AppData\Local\Temp\GomAudDnInstaller.exe
C:\Users\Stargazer\AppData\Local\Temp\gtalkwmp1.dll
C:\Users\Stargazer\AppData\Local\Temp\jre-7u11-windows-i586-iftw.exe
C:\Users\Stargazer\AppData\Local\Temp\jre-7u17-windows-i586-iftw.exe
C:\Users\Stargazer\AppData\Local\Temp\jre-7u21-windows-i586-iftw.exe
C:\Users\Stargazer\AppData\Local\Temp\jre-7u25-windows-i586-iftw.exe
C:\Users\Stargazer\AppData\Local\Temp\jre-7u45-windows-i586-iftw.exe
C:\Users\Stargazer\AppData\Local\Temp\jre-7u51-windows-i586-iftw.exe
C:\Users\Stargazer\AppData\Local\Temp\jre-7u55-windows-i586-iftw.exe
C:\Users\Stargazer\AppData\Local\Temp\jre-7u65-windows-i586-iftw.exe
C:\Users\Stargazer\AppData\Local\Temp\jre-7u67-windows-i586-iftw.exe
C:\Users\Stargazer\AppData\Local\Temp\MSETUP4.EXE
C:\Users\Stargazer\AppData\Local\Temp\npp.6.5.5.Installer.exe
C:\Users\Stargazer\AppData\Local\Temp\nvSCPAPI.dll
C:\Users\Stargazer\AppData\Local\Temp\nvStInst.exe
C:\Users\Stargazer\AppData\Local\Temp\OfficeSetup.exe
C:\Users\Stargazer\AppData\Local\Temp\oi_{55C61848-10FB-40FC-A50A-996866BC9FBB}.exe
C:\Users\Stargazer\AppData\Local\Temp\Quarantine.exe
C:\Users\Stargazer\AppData\Local\Temp\revert_aoe3.exe
C:\Users\Stargazer\AppData\Local\Temp\ScriptHelper.exe
C:\Users\Stargazer\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Stargazer\AppData\Local\Temp\sqlite-3.7.2-sqlitejdbc.dll
C:\Users\Stargazer\AppData\Local\Temp\standalonepatcher.exe
C:\Users\Stargazer\AppData\Local\Temp\standalonepatcherX.exe
C:\Users\Stargazer\AppData\Local\Temp\standalonepatcherY.exe
C:\Users\Stargazer\AppData\Local\Temp\Uninst.exe
C:\Users\Stargazer\AppData\Local\Temp\Updater.exe
C:\Users\Stargazer\AppData\Local\Temp\Wildstar.exe
C:\Users\Stargazer\AppData\Local\Temp\xmlUpdater.exe
 
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2014-09-07 17:21
 
==================== End Of Log ============================

 



#4 Evrai_Terrule

Evrai_Terrule
  • Topic Starter

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Local time:08:09 PM

Posted 10 September 2014 - 07:41 PM

EDITED, see below post.


Edited by Evrai_Terrule, 10 September 2014 - 07:57 PM.


#5 Evrai_Terrule

Evrai_Terrule
  • Topic Starter

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Local time:08:09 PM

Posted 10 September 2014 - 07:54 PM

I apologize, apparently the Addition.txt cut off when I tried to post it. This portion should have come before the above post.

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 10-09-2014
Ran by Stargazer at 2014-09-10 17:22:54
Running from C:\Users\Stargazer\Desktop
Boot Mode: Normal
==========================================================
 
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Microsoft Security Essentials (Enabled - Up to date) {641105E6-77ED-3F35-A304-765193BCB75F}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Microsoft Security Essentials (Enabled - Up to date) {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
 
==================== Installed Programs ======================
 
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
1000 Amps (HKLM-x32\...\Steam App 205690) (Version:  - Brandon Brizzi)
3089 -- Futuristic Action RPG (HKLM-x32\...\Steam App 263360) (Version:  - Phr00t's Software)
7-Zip 9.20 (HKLM-x32\...\7-Zip) (Version:  - )
99 Spirits (HKLM-x32\...\Steam App 258090) (Version:  - TORaIKI)
Abyss Odyssey (HKLM-x32\...\Abyss Odyssey_is1) (Version:  - )
Aces Wild: Manic Brawling Action! (HKLM-x32\...\Steam App 269230) (Version:  - Culture Attack Studio)
Action Replay PowerSaves 3DS version 1.19 (HKLM-x32\...\{CD24B06F-0A4D-410A-AEF2-DFE6A28AB4C0}_is1) (Version: 1.19 - Datel Design & Development)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.7.0.1860 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 3.7.0.1860 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 11 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 11.9.900.117 - Adobe Systems Incorporated)
Adobe Flash Player 14 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 14.0.0.145 - Adobe Systems Incorporated)
Age of Empires II: HD Edition (HKLM-x32\...\Steam App 221380) (Version:  - Hidden Path Entertainment, Ensemble Studios)
Age of Empires® III: Complete Collection (HKLM-x32\...\Steam App 105450) (Version:  - Ensemble Studios)
Age of Wonders 3 (HKLM-x32\...\Age of Wonders 3_R.G. Mechanics_is1) (Version:  - R.G. Mechanics, markfiter)
Alpha Kimori™ Episode One  (HKLM-x32\...\Steam App 265870) (Version:  - Sherman3D)
Amazon Cloud Player (HKCU\...\Amazon Amazon Cloud Player) (Version: 1.1.0.332 - Amazon Services LLC)
Ampu-Tea (HKLM-x32\...\Steam App 289090) (Version:  - ProjectorGames)
Analogue: A Hate Story (HKLM-x32\...\Steam App 209370) (Version:  - Christine Love)
Antichamber (HKLM-x32\...\Steam App 219890) (Version:  - Alexander Bruce)
Antisquad (HKLM-x32\...\Steam App 268200) (Version:  - InsGames)
Apple Application Support (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{2EF5D87E-B7BD-458F-8428-E4D0B8B4E65C}) (Version: 7.0.0.117 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Aquaria (HKLM-x32\...\Steam App 24420) (Version:  - Bit Blot, LLC)
Asmedia ASM104x USB 3.0 Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.10.1.0 - Asmedia Technology)
Audiogalaxy (HKCU\...\Audiogalaxy) (Version:  - )
Autonomous Prototype (HKLM-x32\...\Steam App 228100) (Version:  - )
Avadon: The Black Fortress (HKLM-x32\...\Steam App 112100) (Version:  - Spiderweb Software)
Avernum: Escape From the Pit (HKLM-x32\...\Steam App 208400) (Version:  - Spiderweb Software)
Battlepillars Gold Edition (HKLM-x32\...\Steam App 280930) (Version:  - Hitcents)
Ben There, Dan That! (HKLM-x32\...\Steam App 37420) (Version:  - Zombie Cow Studios)
Bionic Dues (HKLM-x32\...\Steam App 238910) (Version:  - Arcen Games, LLC)
Black Lake Prototype (HKLM-x32\...\Steam App 228060) (Version:  - )
Blackwell Convergence (HKLM-x32\...\Steam App 80350) (Version:  - )
Blackwell Deception (HKLM-x32\...\Steam App 80360) (Version:  - )
Blackwell Unbound (HKLM-x32\...\Steam App 80340) (Version:  - )
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
BOSS (HKLM-x32\...\BOSS) (Version: 2.1.1 - BOSS Development Team)
BRAZEN Prototype (HKLM-x32\...\Steam App 225120) (Version:  - )
Canon IJ Scan Utility (HKLM-x32\...\Canon_IJ_Scan_Utility) (Version:  - ‪Canon Inc.‬)
Canon MG2200 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG2200_series) (Version: 1.00 - Canon Inc.)
Canon MG2200 series User Registration (HKLM-x32\...\Canon MG2200 series User Registration) (Version:  - Canon Inc.‎)
Canon My Printer (HKLM-x32\...\CanonMyPrinter) (Version: 3.0.0 - Canon Inc.)
Capsule (HKLM-x32\...\Capsule) (Version: 1.0.000 - Green Man Gaming Limited)
Carbon (HKLM-x32\...\{9A781940-AC41-4D5E-8E1E-76A04B916FB9}) (Version: 1.0.0 - ClockworkMod)
Card City Nights (HKLM-x32\...\Steam App 271820) (Version:  - Ludosity)
Cargo! - The quest for gravity (HKLM-x32\...\Steam App 41740) (Version:  - Ice-pick Lodge)
Caster (HKLM-x32\...\Steam App 29800) (Version:  - Elecorn)
Cave Story+ (HKLM-x32\...\Steam App 200900) (Version:  - )
CDDRV_Installer (Version: 4.60 - Logitech) Hidden
Character Builder (HKLM-x32\...\{626C034B-50B8-47BD-AF93-EEFD0FA78FF4}) (Version: 1.10.0000 - Wizards of the Coast)
Cheat Engine 6.2 (HKLM-x32\...\Cheat Engine 6.2_is1) (Version:  - Dark Byte)
Cheat Engine 6.3 (HKLM-x32\...\Cheat Engine 6.3_is1) (Version:  - Cheat Engine)
Cherry Tree High Comedy Club (HKLM-x32\...\Steam App 214610) (Version:  - 773)
Chronology (HKLM-x32\...\Steam App 269330) (Version:  - osao games)
Clockwork Tales: Of Glass and Ink (HKLM-x32\...\Steam App 284830) (Version:  - Artifex Mundi sp. z o.o.)
Clones (HKLM-x32\...\Steam App 72400) (Version:  - Tomkorp Computer Solutions Inc.)
CloudReading (HKLM-x32\...\{41914D8B-9D6E-4764-A1F9-BC43FB6782C1}_is1) (Version: 1.1.47.1220 - Foxit Corporation)
Collage 1.1 (HKLM-x32\...\Collage) (Version: 1.1 - al|together 2006)
Combined Community Codec Pack 2013-03-02 (HKLM-x32\...\Combined Community Codec Pack_is1) (Version: 2013.03.02.0 - CCCP Project)
Comical 0.8 (HKLM-x32\...\Comical_is1) (Version:  - James Athey)
Commander Keen Complete Pack (HKLM-x32\...\Steam App 9180) (Version:  - id Software)
Costume Quest (HKLM-x32\...\Steam App 115100) (Version:  - )
Crazy Machines 2 (HKLM-x32\...\Steam App 18400) (Version:  - Fakt Software)
Cult of the Wind (HKLM-x32\...\Steam App 293840) (Version:  - North of Earth)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.46.1.0327 - DT Soft Ltd)
Darwinia (HKLM-x32\...\Steam App 1500) (Version:  - Introversion Software)
Data Jammers: FastForward (HKLM-x32\...\Steam App 110500) (Version:  - Digital Eel)
Dead Rising 2 (x32 Version: 1.0.0002.130 - Capcom) Hidden
Deadly 30 (HKLM-x32\...\Steam App 264730) (Version:  - Ignatus Zuk and Gonzalo Villagomez)
Defender's Quest: Valley of the Forgotten (HKLM-x32\...\Steam App 218410) (Version:  - Level Up Labs, LLC)
Defy Gravity (HKLM-x32\...\Steam App 96100) (Version:  - Fish Factory Games)
Demolition, Inc. (HKLM-x32\...\Steam App 98600) (Version:  - Zeroscale)
Desura (HKLM-x32\...\Desura) (Version: 100.57 - Desura)
Desura: Alcarys Complex (HKLM-x32\...\Desura_55379308314656) (Version: Full - Modest Arcade)
Desura: Astro Emporia (HKLM-x32\...\Desura_105200928948256) (Version: Full - SquirrelbotGames)
Desura: Bik (HKLM-x32\...\Desura_94953136980000) (Version: Full - Zotnip LLC)
Desura: Bionic Heart (HKLM-x32\...\Desura_75827647610912) (Version: Full - Winter Wolves)
Desura: Blue Rose (HKLM-x32\...\Desura_87930865451040) (Version: Full - White Cat)
Desura: Dark Scavenger (HKLM-x32\...\Desura_63917703299104) (Version: Full - Psydra Games)
Desura: dUpLicity ~Beyond the Lies~ (HKLM-x32\...\Desura_73894912327712) (Version: Full - roseVeRte)
Desura: Eleusis (HKLM-x32\...\Desura_90129888706592) (Version: Full - Nocturnal Works)
Desura: EVE burst error (HKLM-x32\...\Desura_82510616723488) (Version: Full - C's ware)
Desura: Evy: Magic Spheres (HKLM-x32\...\Desura_110853105909792) (Version: Full - HeroCraft)
Desura: FinalExit (HKLM-x32\...\Desura_118953414230048) (Version: Alpha - GorePixelGames)
Desura: Frayed Knights: The Skull of S'makh-Daon (HKLM-x32\...\Desura_67418101645344) (Version: Full - Rampant Games)
Desura: Halloween Otome (HKLM-x32\...\Desura_127719442481184) (Version: Full - Synokoria)
Desura: Heileen (HKLM-x32\...\Desura_67534065762336) (Version: Full - Winter Wolves)
Desura: Heroes of a Broken Land (HKLM-x32\...\Desura_97044786053152) (Version: Full - Winged Pixel)
Desura: Hidden Runaway (HKLM-x32\...\Desura_113653424586784) (Version: Full - Plug In Digital)
Desura: Luna Shattered Hearts Ep1 (HKLM-x32\...\Desura_129854041227296) (Version: Pre-Release - Gillis LLC)
Desura: Magicians and Looters (HKLM-x32\...\Desura_77210627080224) (Version: Full - Morgopolis Studios)
Desura: Perdytacks (HKLM-x32\...\Desura_128187593916448) (Version: Full - AlexCrafter)
Desura: Reef Shot (HKLM-x32\...\Desura_79053168050208) (Version: Full - Nano Games)
Desura: Retro Arcade Adventure Remade (HKLM-x32\...\Desura_70965744631840) (Version: Full - Siactro)
Desura: Shattered Hourglass (HKLM-x32\...\Desura_128200478818336) (Version: Full - sawworm)
Desura: Siege of Inaolia (HKLM-x32\...\Desura_64183991271456) (Version: Alpha - Riftwalker Ltd)
Desura: SOUL GAMBLER (HKLM-x32\...\Desura_125705102819360) (Version: Full - Gamestorming)
Desura: StartBolita (HKLM-x32\...\Desura_73096048410656) (Version: Beta - 5Day Studio)
Desura: Stunt Rally (HKLM-x32\...\Desura_74839805132832) (Version: Full - Stunt Rally Dev Team)
Desura: Wooden Floor (HKLM-x32\...\Desura_122492467281952) (Version: Full - pheenix93)
Diablo II (HKLM-x32\...\Diablo II) (Version:  - Blizzard Entertainment)
Digital - A Love Story 1.1 (HKLM-x32\...\Digital - A Love Story) (Version: 1.1 - Lily of the Valley games)
DirectVobSub 2.41.6609 (64-bit) (HKLM\...\vsfilter64_is1) (Version: 2.41.6609 - MPC-HC Team)
DisplayFusion 5.1.1 (HKLM-x32\...\B076073A-5527-4f4f-B46B-B10692277DA2_is1) (Version: 5.1.1.0 - Binary Fortress Software)
Don't Starve (HKLM-x32\...\Steam App 219740) (Version:  - Klei Entertainment)
don't take it personally, babe, it just ain't your story 1.1 (HKLM-x32\...\don't take it personally, babe, it just ain't your story) (Version: 1.1 - Christine Love)
doubleTwist (HKLM-x32\...\doubleTwist) (Version: 3.2.2.17028 - doubleTwist Corporation)
Dropbox (HKCU\...\Dropbox) (Version: 2.10.27 - Dropbox, Inc.)
Duke Nukem (HKLM-x32\...\Steam App 240160) (Version:  - 3D Realms)
Duke Nukem 2 (HKLM-x32\...\Steam App 240180) (Version:  - 3D Realms)
Dungeon Hearts (HKLM-x32\...\Steam App 229520) (Version:  - )
Dungeon Siege III (HKLM-x32\...\Steam App 39160) (Version:  - Obsidian Entertainment)
Dungeons of Dredmor (HKLM-x32\...\Steam App 98800) (Version:  - )
Dungeons: The Eye of Draconus (HKLM-x32\...\Steam App 303510) (Version:  - SuckerFree Games)
Dysfunctional Systems: Learning to Manage Chaos (HKLM-x32\...\Steam App 248800) (Version:  - Dischan Media)

EA Installer (HKLM-x32\...\EA Installer.-1202606811) (Version: 2.2.0.62 - Electronic Arts, Inc.)
EA Shared Game Component: Activation (HKLM-x32\...\com.ea.Activation.919CACB699904AC5D41B606703500DD39747C02D.1) (Version: 2.2.0.62 - Electronic Arts)
EA Shared Game Component: Activation (x32 Version: 2.2.0 - Electronic Arts) Hidden
Electronic Super Joy: Groove City (HKLM-x32\...\Steam App 301460) (Version:  - Michael Todd Games)
Epic Battle Fantasy 4 (HKLM-x32\...\Steam App 265610) (Version:  - Matt Roszak)
erLT (x32 Version: 1.20.0137 - Logitech, Inc.) Hidden
Escape Goat (HKLM-x32\...\Steam App 251370) (Version:  - MagicalTimeBean)
Eschalon: Book 1 (HKLM-x32\...\Steam App 25600) (Version:  - Basilisk Games)
Eschalon: Book 2 (HKLM-x32\...\Steam App 25620) (Version:  - Basilisk Games)
EVE Online (remove only) (HKLM-x32\...\EVE) (Version:  - CCP Games Ltd.)
Evil Genius (HKLM-x32\...\Evil Genius_is1) (Version:  - GOG.com)
EvilQuest (HKLM-x32\...\Steam App 263820) (Version:  - Chaosoft Games)
Fallout (HKLM-x32\...\Steam App 38400) (Version:  - Interplay Inc.)
Fallout 2 (HKLM-x32\...\Steam App 38410) (Version:  - Black Isle Studios)
Far Cry 2 (HKLM-x32\...\Steam App 19900) (Version:  - Ubisoft Montreal)
Far Cry® 3 Blood Dragon (HKLM-x32\...\Steam App 233270) (Version:  - Ubisoft Montreal)
Faster Than Light (HKLM-x32\...\Faster Than Light_is1) (Version:  - GOG.com)
Fearless Fantasy (HKLM-x32\...\Steam App 282100) (Version:  - Enter Skies)
Firefall (HKLM-x32\...\Steam App 227700) (Version:  - Red 5 Studios)
Five Nights at Freddy's (HKLM-x32\...\Steam App 319510) (Version:  - Scott Cawthon)
Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 6.1.2.1224 - Foxit Corporation)
Freedom Fall (HKLM-x32\...\Steam App 262770) (Version:  - Stirfire Studios)
Frhed 1.6.0 (HKLM-x32\...\Frhed) (Version: 1.6.0 - Raihan Kibria)
FTL: Faster Than Light (HKLM-x32\...\Steam App 212680) (Version:  - Subset Games)
Full Bore (HKLM-x32\...\Steam App 264060) (Version:  - Whole Hog Games)
Galactic Arms Race (HKLM-x32\...\Steam App 249610) (Version:  - Evolutionary Games)
GameMaker-Studio 1.2 (HKCU\...\GameMaker-Studio12) (Version:  - YoYo Games Ltd.)
GeForce Experience NvStream Client Components (Version: 1.6.28 - NVIDIA Corporation) Hidden
GIMP 2.8.2 (HKLM\...\GIMP-2_is1) (Version: 2.8.2 - The GIMP Team)
Go! Go! Nippon! ~My First Trip to Japan~ (HKLM-x32\...\Steam App 251870) (Version:  - OVERDRIVE)
GOM Player (HKLM-x32\...\GOM Player) (Version: 2.2.56.5183 - Gretech Corporation)
Gone Home (HKLM-x32\...\Steam App 232430) (Version:  - The Fullbright Company)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 37.0.2062.103 - Google Inc.)
Google Talk (remove only) (HKCU\...\{226b64e8-dc75-4eea-a6c8-abcb496320f2}-Google Talk) (Version:  - )
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
Gorky 17 (HKLM-x32\...\Steam App 253920) (Version:  - )
Growing Pains (HKLM-x32\...\Steam App 291610) (Version:  - Smudged Cat Games Ltd)
Gunpoint (HKLM-x32\...\Steam App 206190) (Version:  - Suspicious Developments)
Hack n Slash Prototype (HKLM-x32\...\Steam App 228080) (Version:  - )
Hammerwatch (HKLM-x32\...\Steam App 239070) (Version:  - )
Happy Song Prototype (HKLM-x32\...\Steam App 225940) (Version:  - )
HashCheck Shell Extension (x86-32) (HKLM-x32\...\HashCheck Shell Extension) (Version: 2.1.11.1 - Kai Liu)
HashCheck Shell Extension (x86-64) (HKLM\...\HashCheck Shell Extension) (Version: 2.1.11.1 - Kai Liu)
Hero Siege (HKLM-x32\...\Steam App 269210) (Version:  - Elias Viglione)
HitmanPro 3.7 (HKLM\...\HitmanPro37) (Version: 3.7.9.225 - SurfRight B.V.)
Horizon v2.7.0.0 (HKLM-x32\...\d4cfeebc-b821-40b7-9f81-d366b1466f03_is1) (Version: 2.7.0.0 - Daring Development Inc.)
Hostile Waters: Antaeus Rising (HKLM-x32\...\Steam App 267980) (Version:  - Rage Software)
Hotel Collectors Edition (HKLM-x32\...\Steam App 288750) (Version:  - Cateia Games)
Hotline Miami (HKLM-x32\...\Steam App 219150) (Version:  - )
HP Deskjet 1050 J410 series Basic Device Software (HKLM\...\{F294770E-F869-400F-81C3-614B5F13CA54}) (Version: 28.0.1313.0 - Hewlett-Packard Co.)
Humanity Asset (HKLM-x32\...\Steam App 271640) (Version:  - Browny Application)
iBomber Defense (HKLM-x32\...\Steam App 104000) (Version:  - Cobra Mobile)
Ichi (HKLM-x32\...\Steam App 300300) (Version:  - Stolen Couch Games)
Imagine Me (HKLM-x32\...\Steam App 265670) (Version:  - KinifiGames LLC)
Incredipede (HKLM-x32\...\Steam App 230150) (Version:  - Colin Northway with art by Thomas Shahan)
Infinite Space III: Sea of Stars (HKLM-x32\...\Steam App 269990) (Version:  - Digital Eel)
Ionball 2 : Ionstorm (HKLM-x32\...\Steam App 287120) (Version:  - Ironsun Studios)
iTunes (HKLM\...\{D601CEAD-2E4F-4BBB-85CC-C29A4CE6A3C0}) (Version: 11.1.3.8 - Apple Inc.)
Java 7 Update 65 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217065FF}) (Version: 7.0.650 - Oracle)
Java Auto Updater (x32 Version: 2.1.65.20 - Oracle, Inc.) Hidden
Katawa Shoujo (HKLM-x32\...\Katawa Shoujo) (Version:  - )
KhalInstallWrapper (Version: 2.00.0000 - Logitech) Hidden
Kingdom Tales (HKLM-x32\...\Steam App 276440) (Version:  - Cateia Games)
Kingdoms of Amalur: Reckoning (HKLM-x32\...\{6A9D1594-7791-48f5-9CAA-DE9BCB968320}) (Version: 1.0.0.0 - Electronic Arts)
Knights of Pen and Paper +1 (HKLM-x32\...\Steam App 231740) (Version:  - Behold Studios)
Ku: Shroud of the Morrigan (HKLM-x32\...\Steam App 270330) (Version:  - bitSmith Games)
Kudos 2 (HKLM-x32\...\Kudos 2_is1) (Version:  - Positech Games)
La-Mulana (HKLM-x32\...\Steam App 230700) (Version:  - NIGORO)
Last Dream (HKLM-x32\...\Steam App 266230) (Version:  - White Giant RPG Studios)
Legend of Grimrock (HKLM-x32\...\Steam App 207170) (Version:  - Almost Human Games)
LEVEL 22 (HKLM-x32\...\Steam App 293300) (Version:  - Noego)
Lifeless Planet (HKLM-x32\...\Steam App 261530) (Version:  - Stage 2 Studios)
Logitech Gaming Software (Version: 8.40.83 - Logitech Inc.) Hidden
Logitech Gaming Software 8.40 (HKLM\...\Logitech Gaming Software) (Version: 8.40.83 - Logitech Inc.)
Logitech SetPoint (HKLM-x32\...\{F29B21BD-CAA6-445F-8EF7-A7E2B9D8B14E}) (Version: 4.80 - Logitech)
LUFTRAUSERS (HKLM-x32\...\Steam App 233150) (Version:  - Vlambeer)
Magic ISO Maker v5.5 (build 0281) (HKLM-x32\...\Magic ISO Maker v5.5 (build 0281)) (Version:  - )
Magicka (HKLM-x32\...\Steam App 42910) (Version:  - Arrowhead Game Studios)
Majesty (HKLM-x32\...\Majesty) (Version:  - )
Majesty 2 Collection (HKLM-x32\...\Steam App 73020) (Version:  - 1C:InoCo)
Malwarebytes Anti-Malware version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Mayhem Intergalactic (HKLM-x32\...\Steam App 18600) (Version:  - Inventive Dingo)
McPixel (HKLM-x32\...\Steam App 220860) (Version:  - Sos)
Mechanic Escape (HKLM-x32\...\Steam App 268240) (Version:  - Slak Games)
Media Player Codec Pack 4.2.4 (HKLM-x32\...\Media Player - Codec Pack) (Version: 4.2.4 - Media Player Codec Pack) <==== ATTENTION
MFZ0 codec (Remove Only) (HKLM-x32\...\MFZ0CODEC) (Version:  - )
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft AppLocale (HKLM-x32\...\{394BE3D9-7F57-4638-A8D1-1D88671913B7}) (Version: 1.0.0 - MS)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}) (Version: 3.5.92.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)
Microsoft Office 365 - en-us (HKLM\...\O365HomePremRetail - en-us) (Version: 15.0.4641.1003 - Microsoft Corporation)
Microsoft Security Client (Version: 4.5.0216.0 - Microsoft Corporation) Hidden
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.5.216.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SkyDrive (HKCU\...\SkyDriveSetup.exe) (Version: 16.4.6013.0910 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 Redistributable - x64 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 Redistributable - x86 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106 (HKLM-x32\...\{8e70e4e1-06d7-470b-9f74-a51bef21088e}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005 (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005 (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ Run Time  Lib Setup (HKLM-x32\...\{AAF4238F-7C29-451D-9925-C753271A5728}) (Version: 1.0.0 - Microsoft)
Microsoft Visual F# 2.0 Runtime (HKLM-x32\...\{729A3000-BC8A-3B74-BA5D-5068FE12D70C}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual Studio Express 2013 for Web - ENU (HKLM-x32\...\{3e544097-53d1-4252-98a6-93cc12a6d487}) (Version: 12.0.21005.13 - Microsoft Corporation)
Microsoft Windows Application Compatibility Database (HKLM\...\{deb7008b-681e-4a4a-8aae-cc833e8216ce}.sdb) (Version:  - )
Microsoft Xbox 360 Accessories 1.2 (HKLM\...\{D9C50188-12D5-4D3E-8F00-682346C2AA5F}) (Version: 1.20.146.0 - Microsoft)
Microsoft XNA Framework Redistributable 3.1 (HKLM-x32\...\{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}) (Version: 3.1.10527.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Mnemonic Prototype (HKLM-x32\...\Steam App 285230) (Version:  - )
Modio (HKLM-x32\...\{3DA224A5-666B-4941-8998-2F19C6D126A5}_is1) (Version:  - GameTuts)
Movie Maker (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Mozilla Firefox 20.0.1 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 20.0.1 (x86 en-US)) (Version: 20.0.1 - Mozilla)
MSI Afterburner 2.3.0 (HKLM-x32\...\Afterburner) (Version: 2.3.0 - MSI Co., LTD)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden
MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP2 Parser and SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
MSXML4 Parser (HKLM-x32\...\{01501EBA-EC35-4F9F-8889-3BE346E5DA13}) (Version: 1.0.0 - Microsoft Game Studios)
My Game Long Name (HKLM\...\UDK-4145c412-c046-4e9b-bcb8-e2e0effcde84) (Version:  - Epic Games, Inc.)
My Game Long Name (HKLM\...\UDK-5722195f-b005-4bff-b260-bc4f986d3eed) (Version:  - Epic Games, Inc.)
My Game Long Name (HKLM\...\UDK-57d2abf9-7fbe-4d7f-8db9-047e66d0bf0e) (Version:  - Epic Games, Inc.)
My Game Long Name (HKLM\...\UDK-5f48484f-9a0e-4637-bfa2-db07e3b1f299) (Version:  - Epic Games, Inc.)
My Game Long Name (HKLM\...\UDK-c14344d9-bb41-49d9-864b-a13750ba8866) (Version:  - Epic Games, Inc.)
MyPaint 0.9.1 (HKCU\...\MyPaint) (Version: 0.9.1 - Martin Renold & MyPaint Development Team)

Napoleonic Era Open Beta 2 (HKLM-x32\...\Napoleonic Era Open Beta 2) (Version:  - )
NEO Scavenger (HKLM-x32\...\Steam App 248860) (Version:  - Blue Bottle Games)
NETGEAR WNA3100 wireless USB 2.0 adapter (HKLM-x32\...\{C2425F91-1F7B-4037-9A05-9F290184798D}) (Version: 1.01.206 - NETGEAR)
Nethergate: Resurrection (HKLM-x32\...\Steam App 218020) (Version:  - Spiderweb Software)
NightSky (HKLM-x32\...\Steam App 99700) (Version:  - Nicalis)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.5.5 - Notepad++ Team)
NVIDIA 3D Vision Controller Driver 340.50 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 340.50 - NVIDIA Corporation)
NVIDIA 3D Vision Driver 340.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 340.52 - NVIDIA Corporation)
NVIDIA Control Panel 340.52 (Version: 340.52 - NVIDIA Corporation) Hidden
NVIDIA GeForce Experience 1.8.2.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 1.8.2.1 - NVIDIA Corporation)
NVIDIA Graphics Driver 340.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 340.52 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.30.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.30.1 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.157.1165 - NVIDIA Corporation) Hidden
NVIDIA LED Visualizer 1.0 (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA Network Service (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.13.1220 - NVIDIA Corporation) Hidden
NVIDIA PhysX System Software 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)
NVIDIA ShadowPlay 11.10.13 (Version: 11.10.13 - NVIDIA Corporation) Hidden
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.12.6514 - NVIDIA Corporation) Hidden
NVIDIA Update 11.10.13 (Version: 11.10.13 - NVIDIA Corporation) Hidden
NVIDIA Update Core (Version: 11.10.13 - NVIDIA Corporation) Hidden
NVIDIA Virtual Audio 1.2.20 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver) (Version: 1.2.20 - NVIDIA Corporation)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4641.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4641.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4641.1003 - Microsoft Corporation) Hidden
One Finger Death Punch (HKLM-x32\...\Steam App 264200) (Version:  - Silver Dollar Games)
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
OpenOffice.org 3.4.1 (HKLM-x32\...\{9F1F2AEA-C72A-4DD6-991E-C5506A5625E4}) (Version: 3.41.9593 - Apache Software Foundation)
Origin (HKLM-x32\...\Origin) (Version: 9.1.15.109 - Electronic Arts, Inc.)
Outlast (HKLM-x32\...\Steam App 238320) (Version:  - Red Barrels)
Overcast - Walden and the Werewolf (HKLM-x32\...\Steam App 293180) (Version:  - Microblast Games)
Overlord II (HKLM-x32\...\Steam App 12810) (Version:  - Codemasters)
Paint.NET v3.5.10 (HKLM\...\{529125EF-E3AC-4B74-97E6-F688A7C0F1C0}) (Version: 3.60.0 - dotPDN LLC)
Papers, Please (HKLM-x32\...\Steam App 239030) (Version:  - 3909)
Photo Gallery (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
PixelJunk Eden (HKLM-x32\...\Steam App 105800) (Version:  - Q-Games, Ltd.)
Plants vs. Zombies™ (HKLM-x32\...\{5E6536C2-E79A-49CF-83EA-817AD81F9FC8}) (Version: 1.2.0.1093 - Electronic Arts, Inc.)
Populous (HKLM-x32\...\{476CD9DE-C45F-4443-BFA7-E51C58B7E455}) (Version: 1.0.0.0 - Electronic Arts)
Power-Up (HKCU\...\d80199c771c6c9b0) (Version: 1.0.0.17 - Psychotic Psoftware)
Pretentious Game (HKLM-x32\...\Steam App 279540) (Version:  - Keybol)
Primordia (HKLM-x32\...\Steam App 227000) (Version:  - )
Prison Architect (HKLM-x32\...\Steam App 233450) (Version:  - Introversion Software)
Project Aftermath (HKLM-x32\...\Steam App 21400) (Version:  - Games Faction)
Proteus (HKLM-x32\...\Steam App 219680) (Version:  - )
Race The Sun (HKLM-x32\...\Steam App 253030) (Version:  - Flippfly LLC)
Razer Nostromo (HKLM-x32\...\{0214578F-4888-43FB-9E34-C14FCFDEDDEB}) (Version: 2.02.08 - Razer USA Ltd.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.53.216.2012 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6662 - Realtek Semiconductor Corp.)
Recettear: An Item Shop's Tale (HKLM-x32\...\Recettear: An Item Shop's Tale_is1) (Version:  - )
Redshirt (HKLM-x32\...\Steam App 247870) (Version:  - The Tiniest Shark)
Residue: Final Cut (HKLM-x32\...\Steam App 265790) (Version:  - The Working Parts)
Retro City Rampage™ (HKLM-x32\...\Steam App 204630) (Version:  - Vblank Entertainment, Inc.)
Rhythm Destruction (HKLM-x32\...\Steam App 301540) (Version:  - Curious Panda Games)
RingRunner (HKCU\...\ed992021b81ca3db) (Version: 1.0.0.3 - RingRunner)
Rise of Nations (HKLM-x32\...\RiseOfNationsExpansion 1.0) (Version: 1.0 - Microsoft)
Risk of Rain (HKLM-x32\...\Steam App 248820) (Version:  - )
Robin Hood (HKLM-x32\...\Steam App 46560) (Version:  - Spellbound)
Rogue Legacy (HKLM-x32\...\Steam App 241600) (Version:  - Cellar Door Games)
Rogue Legacy version 0.0.0.9 (HKLM-x32\...\Rogue Legacy_is1) (Version: 0.0.0.9 - WaLMaRT)
RPG Maker VX Ace (HKLM-x32\...\Steam App 220700) (Version:  - Enterbrain)
RPG Maker VX RTP (HKLM-x32\...\RPG Maker VX RTP_is1) (Version: 1.02 - Enterbrain)
RPGƒcƒN[ƒ‹2000 ƒ‰ƒ“ƒ^ƒCƒ€ƒpƒbƒP[ƒW (HKLM-x32\...\{33F7A957-A66D-45A1-BADF-6576083B14E2}) (Version:  - )
Runespell: Overture (HKLM-x32\...\Steam App 102200) (Version:  - Mystic Box)
Saira (HKLM-x32\...\Steam App 48900) (Version:  - Nicklas Nygren)
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.4.6.0 - SAMSUNG Electronics Co., Ltd.)
Saturday Morning RPG (HKLM-x32\...\Steam App 263320) (Version:  - Mighty Rabbit Studios)
Science Girls (HKLM-x32\...\Steam App 269010) (Version:  - Spiky Caterpillar)
SeaTools for Windows (HKLM-x32\...\SeaTools for Windows) (Version:  - Seagate Technology)
SEGA Genesis Classics (HKLM-x32\...\SEGAGenesisClassics) (Version:  - SEGA)
Septerra Core (HKLM-x32\...\Steam App 253940) (Version:  - )
Shadowrun Returns (HKLM-x32\...\Steam App 234650) (Version:  - Harebrained Schemes)
SHIELD Streaming (Version: 1.7.321 - NVIDIA Corporation) Hidden
Shiny The Firefly (HKLM-x32\...\Steam App 277510) (Version:  - Stage Clear Studios)
Shovel Knight (HKLM-x32\...\1207664823_is1) (Version: 2.0.0.5 - GOG.com)
Simple Port Tester (HKLM-x32\...\Simple Port Tester3.0.0) (Version: 3.0.0 - PcWinTech.com)
Skype™ 6.18 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.18.106 - Skype Technologies S.A.)
SlimDX Runtime .NET 4.0 x86 (January 2012) (HKLM-x32\...\{7EBD0E43-6AC0-4CA8-9990-00E50069AD29}) (Version: 2.0.13.43 - SlimDX Group)
Sothink SWF to Video Converter (HKLM-x32\...\{1C63AA59-66B2-418C-BDF5-53A534DA5690}_is1) (Version: 2.4 - SourceTec Software Co., LTD)
Soulbringer (HKLM-x32\...\Steam App 283310) (Version:  - Infogames Europe SA)
Space Colony HD (HKLM-x32\...\GOGPACKSPACECOLONYHD_is1) (Version: 2.0.0.5 - GOG.com)
Space Giraffe (HKLM-x32\...\Steam App 27800) (Version:  - Llamasoft LTD)
Space Pirates and Zombies (HKLM-x32\...\Steam App 107200) (Version:  - )
Spacebase DF-9 Prototype (HKLM-x32\...\Steam App 228020) (Version:  - )
Speed Kills (HKLM-x32\...\Steam App 284930) (Version:  - Holy Warp)
Speedball 2 HD (HKLM-x32\...\Steam App 251690) (Version:  - Vivid Games)
Spelunky (HKLM-x32\...\Steam App 239350) (Version:  - )
Splice (HKLM-x32\...\Steam App 209790) (Version:  - Cipher Prime Studios)
Spotify (HKCU\...\Spotify) (Version: 0.9.1.57.ge7405149 - Spotify AB)
Spud's Quest version 1.253 (HKLM-x32\...\{3086468F-2789-4CEB-B87C-83AC312E30E8}_is1) (Version: 1.253 - Chris Davis)
Starbound (HKLM-x32\...\Steam App 211820) (Version:  - )
Starsector by Fractal Softworks LLC (HKLM-x32\...\Starsector) (Version:  - )
StarTopia (HKLM-x32\...\StarTopia_is1) (Version:  - GOG.com)
Stealth Bastard Deluxe (HKLM-x32\...\Steam App 209190) (Version:  - Curve Studios)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
Steam Bandits: Outpost (HKLM-x32\...\Steam App 261350) (Version:  - Iocaine Studios)
SteamWorld Dig (HKLM-x32\...\Steam App 252410) (Version:  - Image&amp;Form)
Sudokuball Detective (HKLM-x32\...\Steam App 288690) (Version:  - Witan Entertainment)
Sweezy Gunner (HKLM-x32\...\Steam App 295730) (Version:  - Windybeard)
Swivel (HKLM-x32\...\Swivel) (Version: 1.11 - Newgrounds.com, Inc.)
Sword of the Stars: The Pit (HKLM-x32\...\Steam App 233700) (Version:  - Kerberos Productions)
System Shock 2 (HKLM-x32\...\Steam App 238210) (Version:  - )
Tablet Driver V5.02 (HKLM-x32\...\TabletDriver) (Version:  - )
tConfig version 0.28.2 (HKLM-x32\...\{224E185A-DCC7-45C5-B04D-77E6CE82D83E}_is1) (Version: 0.28.2 - Surfpup)
TEdit 3 (HKLM-x32\...\{037F3AF7-DE21-4BD7-BD4C-4E2802EE0387}) (Version: 3.4.13291.0 - BinaryConstruct)
TEdit 3 (HKLM-x32\...\{863E5FEA-DB5E-47A1-B435-EE8A28CE7372}) (Version: 3.4.13287.0 - BinaryConstruct)
Terraria (HKLM-x32\...\Steam App 105600) (Version:  - )
Terraria Game Launcher GUI version 1.3 (HKLM-x32\...\Terraria Game Launcher GUI_is1) (Version: 1.3 - )
The Blackwell Legacy (HKLM-x32\...\Steam App 80330) (Version:  - )
The Book of Legends (HKLM-x32\...\Steam App 277470) (Version:  - Aldorlea Games)
The Bridge  (HKLM-x32\...\Steam App 204240) (Version:  - Ty Taylor and Mario Castañeda)
The Cave Soundtrack (HKLM-x32\...\Steam App 221825) (Version:  - Double Fine Productions)
The Desolate Hope (HKLM-x32\...\Steam App 298180) (Version:  - Scott Cawthon)
The Dream Machine (HKLM-x32\...\Steam App 94300) (Version:  - The Sleeping Machine)
The Elder Scrolls V: Skyrim (HKLM-x32\...\Steam App 72850) (Version:  - Bethesda Game Studios)
The Longest Journey (HKLM-x32\...\Steam App 6310) (Version:  - Funcom)
The Maker's Eden (HKLM-x32\...\Steam App 313360) (Version:  - Screwy Lightbulb)
The Ur-Quan Masters 0.7.0 (HKLM-x32\...\The Ur-Quan Masters) (Version: 0.7.0 - )
The White Birch Prototype (HKLM-x32\...\Steam App 228040) (Version:  - )
The Witch's Yarn (HKLM-x32\...\Steam App 287740) (Version:  - Mousechief)
Thirty Flights of Loving (HKLM-x32\...\Steam App 214700) (Version:  - )
Thomas Was Alone (HKLM-x32\...\Steam App 220780) (Version:  - )
Ticket to Ride (HKLM-x32\...\Steam App 108200) (Version:  - Days of Wonder)
Time Gentlemen, Please! (HKLM-x32\...\Steam App 37400) (Version:  - Size Five Games)
Tiny Barbarian DX (HKLM-x32\...\Steam App 253350) (Version:  - StarQuail Games)
Tixati (HKLM-x32\...\tixati) (Version:  - )
TortoiseSVN 1.8.4.24972 (64 bit) (HKLM\...\{A2EFDE01-96B3-4E55-8834-81617ED6BCBE}) (Version: 1.8.24972 - TortoiseSVN)
TRAUMA (HKLM-x32\...\Steam App 98100) (Version:  - Krystian Majewski)
Treasure Adventure Game (HKLM-x32\...\GOGPACKTREASUREADVENTUREGAME_is1) (Version: 2.0.0.4 - GOG.com)
Trine (HKLM-x32\...\Steam App 35700) (Version:  - Frozenbyte)
Tsukumogami (HKLM-x32\...\Steam App 262300) (Version:  - TORaIKI)
TurboTax 2012 (HKLM-x32\...\TurboTax 2012) (Version: 2012.0 - Intuit, Inc)
TurboTax 2012 wcaiper (x32 Version: 012.000.1379 - Intuit Inc.) Hidden
TurboTax 2012 WinPerFedFormset (x32 Version: 012.000.2013 - Intuit Inc.) Hidden
TurboTax 2012 WinPerReleaseEngine (x32 Version: 012.000.0451 - Intuit Inc.) Hidden
TurboTax 2012 WinPerTaxSupport (x32 Version: 012.000.0179 - Intuit Inc.) Hidden
TurboTax 2012 wrapper (x32 Version: 012.000.0127 - Intuit Inc.) Hidden
Two Worlds II (HKLM-x32\...\Steam App 7520) (Version:  - Reality Pump Studios)
Two Worlds II (HKLM-x32\...\Two Worlds II) (Version: 1.3.0.0 - )
Unepic (HKLM-x32\...\Steam App 233980) (Version:  - Francisco Téllez de Meneses)
Unity Web Player (HKCU\...\UnityWebPlayer) (Version: 4.5.0f6 - Unity Technologies ApS)
Universal Adb Driver (HKLM-x32\...\{D9C4202E-6D51-4B06-A8F1-22316E654BCA}) (Version: 1.0.0 - ClockworkMod)
Uplay (HKLM-x32\...\Uplay) (Version: 4.0 - Ubisoft)
Uplink (HKLM-x32\...\Steam App 1510) (Version:  - Introversion Software)
Velocity®Ultra (HKLM-x32\...\Steam App 244890) (Version:  - Curve Studios)
Vitrum (HKLM-x32\...\Steam App 291270) (Version:  - 9heads Game Studios)
Voobly Game Data (HKLM-x32\...\Voobly_is1) (Version: Voobly Game Datas - Voobly)
VUDU To Go (HKLM-x32\...\com.vudu.air.Downloader) (Version: 2.0.7 - Vudu)
VUDU To Go (x32 Version: 2.0.7 - Vudu) Hidden
Wallace & Gromit Ep 1: Fright of the Bumblebees (HKLM-x32\...\Steam App 31100) (Version:  - Telltale Games)
Wallace & Gromit Ep 2: The Last Resort (HKLM-x32\...\Steam App 31110) (Version:  - Telltale Games)
Wallace & Gromit Ep 3: Muzzled! (HKLM-x32\...\Steam App 31120) (Version:  - Telltale Games)
Wallace & Gromit Ep 4: The Bogey Man (HKLM-x32\...\Steam App 31130) (Version:  - Telltale Games)
Warlock - Master of the Arcane (HKLM-x32\...\Steam App 203630) (Version:  - Paradox Interactive)
WazHack (HKLM-x32\...\Steam App 264160) (Version:  - Waz)
Weird Worlds: Return to Infinite Space (HKLM-x32\...\Steam App 226120) (Version:  - Digital Eel)
White Noise Online (HKLM-x32\...\Steam App 293860) (Version:  - Milkstone Studios)
WIDCOMM Bluetooth Software 6.0.1.3100 (HKLM\...\{A13E07E1-A423-44FB-9DEE-B24C75C1BAF2}) (Version: 6.0.1.3100 - Dell)
Windows Live Communications Platform (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3508.0205 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4311.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Phone app for desktop (HKLM-x32\...\{E786AE85-8A30-4CF2-BF70-57404A5CD684}) (Version: 1.0.1720.1 - Microsoft Corporation)
Wizardry 8 (HKLM-x32\...\Steam App 245450) (Version:  - Sir-Tech Canada)
Wolfenstein 3D (HKLM-x32\...\Steam App 2270) (Version:  - id Software)
Wolfenstein 3D: Spear of Destiny (HKLM-x32\...\Steam App 9000) (Version:  - id Software)
World of Goo (HKLM-x32\...\Steam App 22000) (Version:  - 2D Boy)
Worldmerge by youngneil1 version 1.4a (HKLM-x32\...\Worldmerge by youngneil1_is1) (Version: 1.4a - )
Ys I (HKLM-x32\...\Steam App 223810) (Version:  - Nihon Falcom)
Ys II (HKLM-x32\...\Steam App 223870) (Version:  - Nihon Falcom)
Ys Origin (HKLM-x32\...\Steam App 207350) (Version:  - Nihon Falcom)
Ys: The Oath in Felghana (HKLM-x32\...\Steam App 207320) (Version:  - Nihon Falcom)
Zafehouse: Diaries (HKLM-x32\...\Steam App 249360) (Version:  - Screwfly Studios)


#6 Evrai_Terrule

Evrai_Terrule
  • Topic Starter

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Local time:08:09 PM

Posted 10 September 2014 - 07:57 PM

 
==================== Custom CLSID (selected items): ==========================
 
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
 
CustomCLSID: HKU\S-1-5-21-544419344-474059564-3579960994-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Stargazer\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-544419344-474059564-3579960994-1000_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\Stargazer\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-544419344-474059564-3579960994-1000_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\Stargazer\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-544419344-474059564-3579960994-1000_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\Stargazer\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-544419344-474059564-3579960994-1000_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Stargazer\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\FileSyncApi64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-544419344-474059564-3579960994-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Stargazer\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-544419344-474059564-3579960994-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Stargazer\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-544419344-474059564-3579960994-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Stargazer\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-544419344-474059564-3579960994-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Stargazer\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-544419344-474059564-3579960994-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Stargazer\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-544419344-474059564-3579960994-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Stargazer\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-544419344-474059564-3579960994-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Stargazer\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-544419344-474059564-3579960994-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Stargazer\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
 
==================== Restore Points  =========================
 
05-09-2014 22:48:18 Installed DirectX
06-09-2014 19:27:35 Windows Update
06-09-2014 19:56:45 Installed [PS3] Save Resigner
10-09-2014 20:00:46 Windows Update
10-09-2014 20:13:28 Removed [PS3] Save Resigner
10-09-2014 22:42:42 Checkpoint by HitmanPro
10-09-2014 22:43:31 Checkpoint by HitmanPro
 
==================== Hosts content: ==========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2009-07-13 19:34 - 2009-06-10 14:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
 
==================== Scheduled Tasks (whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
 
Task: {633F8700-45EF-41A6-B179-D359280292D7} - System32\Tasks\ROC_JAN2013_TB_rmv => C:\Program Files (x86)\AVG Secure Search\PostInstall\ROC.exe
Task: {7D9608D5-5CDE-4B63-AB8F-B4CFA8907B4F} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-12-08] (Google Inc.)
Task: {88CB54F1-27F9-44E7-B744-7A0F058C3EE8} - System32\Tasks\RTSS => C:\Program Files (x86)\MSI Afterburner\Bundle\OSDServer\RTSS.exe [2012-11-19] ()
Task: {906928C8-597F-4248-9626-A54CD4D85D1A} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2014-08-01] (Microsoft Corporation)
Task: {C2D190F6-5FE8-43AD-AFB4-04047EE2F037} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-12-08] (Google Inc.)
Task: {DEF0B8E7-765F-4E78-9EF4-00FEA4978BC3} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2014-08-28] (Microsoft Corporation)
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\ROC_JAN2013_TB_rmv.job => C:\Program Files (x86)\AVG Secure Search\PostInstall\ROC.exe
 
==================== Loaded Modules (whitelisted) =============
 
2012-12-08 17:17 - 2014-07-02 11:55 - 00116568 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2014-08-28 12:13 - 2014-08-28 12:14 - 08892576 _____ () C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\1033\GrooveIntlResource.dll
2013-11-24 14:37 - 2013-11-24 14:37 - 00075504 _____ () C:\Program Files\TortoiseSVN\bin\TortoiseStub.dll
2013-11-24 14:36 - 2013-11-24 14:36 - 00088304 _____ () C:\Program Files\TortoiseSVN\bin\libsasl.dll
2012-06-18 08:24 - 2012-06-18 08:24 - 00222720 _____ () C:\Program Files (x86)\Notepad++\NppShell_05.dll
2012-11-19 01:57 - 2012-11-19 01:57 - 00166968 _____ () C:\Program Files (x86)\MSI Afterburner\Bundle\OSDServer\RTSS.exe
2014-03-14 22:42 - 2014-05-20 09:19 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2012-12-08 20:10 - 2010-08-26 18:48 - 00285152 _____ () C:\Program Files (x86)\NETGEAR\WNA3100\WifiSvc.exe
2012-11-28 15:13 - 2012-11-28 15:13 - 00087952 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2012-11-28 15:13 - 2012-11-28 15:13 - 01242512 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2012-11-08 05:21 - 2012-11-08 05:21 - 00061440 _____ () C:\Program Files (x86)\MSI Afterburner\Bundle\OSDServer\RTFC.dll
2012-11-08 05:24 - 2012-11-08 05:24 - 00139264 _____ () C:\Program Files (x86)\MSI Afterburner\Bundle\OSDServer\RTUI.dll
2012-11-08 05:46 - 2012-11-08 05:46 - 00061440 _____ () C:\Program Files (x86)\MSI Afterburner\Bundle\OSDServer\RTMUI.dll
2011-04-30 08:04 - 2011-04-30 08:04 - 00013312 _____ () C:\Program Files (x86)\MSI Afterburner\Bundle\OSDServer\RTTSH.dll
2012-11-08 05:56 - 2012-11-08 05:56 - 00122880 _____ () C:\Program Files (x86)\MSI Afterburner\Bundle\OSDServer\RTSSHooks.dll
2012-12-08 20:10 - 2010-07-09 17:38 - 00331776 _____ () C:\Program Files (x86)\NETGEAR\WNA3100\WifiLib.dll
2014-08-28 20:52 - 2014-08-21 11:15 - 01171456 _____ () C:\Games\Steam\libavcodec-56.dll
2014-08-28 20:52 - 2014-08-21 11:15 - 00442368 _____ () C:\Games\Steam\libavutil-54.dll
2014-08-28 20:52 - 2014-08-21 11:15 - 00332800 _____ () C:\Games\Steam\libavresample-2.dll
2014-03-22 23:59 - 2014-08-20 15:38 - 00774656 _____ () C:\Games\Steam\SDL2.dll
2014-05-22 06:37 - 2014-08-28 04:48 - 02224320 _____ () C:\Games\Steam\video.dll
2014-08-28 20:52 - 2014-08-21 11:15 - 00403968 _____ () C:\Games\Steam\libavformat-56.dll
2014-08-28 20:52 - 2014-08-21 11:15 - 00485888 _____ () C:\Games\Steam\libswscale-3.dll
2014-03-22 23:59 - 2014-08-28 04:48 - 00678080 _____ () C:\Games\Steam\bin\chromehtml.DLL
2013-11-24 13:48 - 2013-11-24 13:48 - 00065264 _____ () C:\Program Files\TortoiseSVN\bin\TortoiseStub32.dll
2013-11-24 13:48 - 2013-11-24 13:48 - 00071408 _____ () C:\Program Files\TortoiseSVN\bin\libsasl32.dll
2014-09-10 15:50 - 2014-09-10 15:50 - 00043008 _____ () c:\Users\Stargazer\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmppvorop.dll
2013-08-23 12:01 - 2013-08-23 12:01 - 25100288 _____ () C:\Users\Stargazer\AppData\Roaming\Dropbox\bin\libcef.dll
2012-08-10 17:51 - 2012-08-10 17:51 - 00985088 _____ () C:\Program Files (x86)\OpenOffice.org 3\program\libxml2.dll
2014-03-22 23:59 - 2014-08-20 15:38 - 34589376 _____ () C:\Games\Steam\bin\libcef.dll
 
==================== Alternate Data Streams (whitelisted) =========
 
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
 
 
==================== Safe Mode (whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
 
==================== EXE Association (whitelisted) =============
 
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
 
 
==================== MSCONFIG/TASK MANAGER disabled items =========
 
(Currently there is no automatic fix for this section.)
 
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^TotalMedia Server.lnk => C:\Windows\pss\TotalMedia Server.lnk.CommonStartup
MSCONFIG\startupreg: Amazon Cloud Player => C:\Users\Stargazer\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: Audiogalaxy => "C:\Users\Stargazer\AppData\Local\Audiogalaxy\Audiogalaxy.exe" /startup
MSCONFIG\startupreg: googletalk => C:\Users\Stargazer\AppData\Roaming\Google\Google Talk\googletalk.exe /autostart
MSCONFIG\startupreg: LogMeIn Hamachi Ui => "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
MSCONFIG\startupreg: Spotify Web Helper => "C:\Users\Stargazer\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
MSCONFIG\startupreg: Voobly => "C:\Program Files (x86)\Voobly\voobly.exe" --startup
 
==================== Faulty Device Manager Devices =============
 
Name: HID-compliant game controller
Description: HID-compliant game controller
Class Guid: {745a17a0-74d3-11d0-b6fe-00a0c90f57da}
Manufacturer: (Standard system devices)
Service: 
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
 
Name: ArcCtrl
Description: ArcCtrl
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: ArcCtrl
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (09/10/2014 03:49:06 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (09/10/2014 03:44:37 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine RegSetValueExW(0x0000030c,SYSTEM\CurrentControlSet\Services\VSS\Diag\VssvcPublisher,0,REG_BINARY,00000000019BF250.72).  hr = 0x80070005, Access is denied.
.
 
Error: (09/10/2014 03:44:37 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine RegSetValueExW(0x000008e4,(null),0,REG_BINARY,0000000003BAE0F0.72).  hr = 0x80070005, Access is denied.
.
 
 
Operation:
   BackupShutdown Event
 
Context:
   Execution Context: Writer
   Writer Class Id: {a6ad56c2-b509-4e6c-bb19-49d8f43532f0}
   Writer Name: WMI Writer
   Writer Instance ID: {91253dea-ea99-44f5-a3b1-864abc94ac01}
 
Error: (09/10/2014 03:44:37 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine RegSetValueExW(0x00000348,(null),0,REG_BINARY,00000000082CE2E0.72).  hr = 0x80070005, Access is denied.
.
 
 
Operation:
   BackupShutdown Event
 
Context:
   Execution Context: Writer
   Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
   Writer Name: System Writer
   Writer Instance ID: {e2b47c88-7edb-49a9-a14f-466527d63dfc}
 
Error: (09/10/2014 03:44:37 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine RegSetValueExW(0x000001d4,(null),0,REG_BINARY,00000000015AF020.72).  hr = 0x80070005, Access is denied.
.
 
 
Operation:
   BackupShutdown Event
 
Context:
   Execution Context: Writer
   Writer Class Id: {542da469-d3e1-473c-9f4f-7847f01fc64f}
   Writer Name: COM+ REGDB Writer
   Writer Instance ID: {fac26588-f851-431f-a2e4-fa2e0749a73a}
 
Error: (09/10/2014 03:44:37 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine RegSetValueExW(0x000008e4,(null),0,REG_BINARY,0000000003BAE0F0.72).  hr = 0x80070005, Access is denied.
.
 
 
Operation:
   BackupShutdown Event
 
Context:
   Execution Context: Writer
   Writer Class Id: {a6ad56c2-b509-4e6c-bb19-49d8f43532f0}
   Writer Name: WMI Writer
   Writer Instance ID: {91253dea-ea99-44f5-a3b1-864abc94ac01}
 
Error: (09/10/2014 03:44:37 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine RegSetValueExW(0x00000348,(null),0,REG_BINARY,00000000082CE2E0.72).  hr = 0x80070005, Access is denied.
.
 
 
Operation:
   BackupShutdown Event
 
Context:
   Execution Context: Writer
   Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
   Writer Name: System Writer
   Writer Instance ID: {e2b47c88-7edb-49a9-a14f-466527d63dfc}
 
Error: (09/10/2014 03:44:37 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine RegSetValueExW(0x00000204,(null),0,REG_BINARY,0000000001C3EBA0.72).  hr = 0x80070005, Access is denied.
.
 
 
Operation:
   BackupShutdown Event
 
Context:
   Execution Context: Writer
   Writer Class Id: {4dc3bdd4-ab48-4d07-adb0-3bee2926fd7f}
   Writer Name: Shadow Copy Optimization Writer
   Writer Instance ID: {e1f3c5e5-913b-4909-9328-9ff24f3d0adf}
 
Error: (09/10/2014 03:44:37 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine RegSetValueExW(0x000001c8,(null),0,REG_BINARY,0000000001CBEC40.72).  hr = 0x80070005, Access is denied.
.
 
 
Operation:
   BackupShutdown Event
 
Context:
   Execution Context: Writer
   Writer Class Id: {afbab4a2-367d-4d15-a586-71dbb18f8485}
   Writer Name: Registry Writer
   Writer Instance ID: {2c913c39-6f55-4f16-8609-2924c0fe94d4}
 
Error: (09/10/2014 03:44:37 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine RegSetValueExW(0x000001d4,(null),0,REG_BINARY,00000000015AF020.72).  hr = 0x80070005, Access is denied.
.
 
 
Operation:
   BackupShutdown Event
 
Context:
   Execution Context: Writer
   Writer Class Id: {542da469-d3e1-473c-9f4f-7847f01fc64f}
   Writer Name: COM+ REGDB Writer
   Writer Instance ID: {fac26588-f851-431f-a2e4-fa2e0749a73a}
 
 
System errors:
=============
Error: (09/10/2014 05:04:10 PM) (Source: ipnathlp) (EventID: 31004) (User: )
Description: 0
 
Error: (09/10/2014 03:49:42 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {995C996E-D918-4A8C-A302-45719A6F4EA7}
 
Error: (09/10/2014 03:49:08 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load: 
ArcCtrl
 
Error: (09/10/2014 03:48:20 PM) (Source: Microsoft-Windows-Eventlog) (EventID: 23) (User: NT AUTHORITY)
Description: The event logging service encountered an error (res=23) while initializing logging resources for channel Microsoft-Windows-Known Folders API Service.
 
Error: (09/10/2014 03:48:19 PM) (Source: Disk) (EventID: 7) (User: )
Description: The device, \Device\Harddisk0\DR0, has a bad block.
 
Error: (09/10/2014 03:48:16 PM) (Source: Disk) (EventID: 7) (User: )
Description: The device, \Device\Harddisk0\DR0, has a bad block.
 
Error: (09/10/2014 03:48:13 PM) (Source: Disk) (EventID: 7) (User: )
Description: The device, \Device\Harddisk0\DR0, has a bad block.
 
Error: (09/10/2014 03:48:10 PM) (Source: Disk) (EventID: 7) (User: )
Description: The device, \Device\Harddisk0\DR0, has a bad block.
 
Error: (09/10/2014 03:48:07 PM) (Source: Disk) (EventID: 7) (User: )
Description: The device, \Device\Harddisk0\DR0, has a bad block.
 
Error: (09/10/2014 03:47:46 PM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: The HitmanPro 3.7 Crusader (Boot) service terminated with service-specific error %%0.
 
 
Microsoft Office Sessions:
=========================
Error: (09/10/2014 03:49:06 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (09/10/2014 03:44:37 PM) (Source: VSS) (EventID: 8193) (User: )
Description: RegSetValueExW(0x0000030c,SYSTEM\CurrentControlSet\Services\VSS\Diag\VssvcPublisher,0,REG_BINARY,00000000019BF250.72)0x80070005, Access is denied.
 
Error: (09/10/2014 03:44:37 PM) (Source: VSS) (EventID: 8193) (User: )
Description: RegSetValueExW(0x000008e4,(null),0,REG_BINARY,0000000003BAE0F0.72)0x80070005, Access is denied.
 
 
Operation:
   BackupShutdown Event
 
Context:
   Execution Context: Writer
   Writer Class Id: {a6ad56c2-b509-4e6c-bb19-49d8f43532f0}
   Writer Name: WMI Writer
   Writer Instance ID: {91253dea-ea99-44f5-a3b1-864abc94ac01}
 
Error: (09/10/2014 03:44:37 PM) (Source: VSS) (EventID: 8193) (User: )
Description: RegSetValueExW(0x00000348,(null),0,REG_BINARY,00000000082CE2E0.72)0x80070005, Access is denied.
 
 
Operation:
   BackupShutdown Event
 
Context:
   Execution Context: Writer
   Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
   Writer Name: System Writer
   Writer Instance ID: {e2b47c88-7edb-49a9-a14f-466527d63dfc}
 
Error: (09/10/2014 03:44:37 PM) (Source: VSS) (EventID: 8193) (User: )
Description: RegSetValueExW(0x000001d4,(null),0,REG_BINARY,00000000015AF020.72)0x80070005, Access is denied.
 
 
Operation:
   BackupShutdown Event
 
Context:
   Execution Context: Writer
   Writer Class Id: {542da469-d3e1-473c-9f4f-7847f01fc64f}
   Writer Name: COM+ REGDB Writer
   Writer Instance ID: {fac26588-f851-431f-a2e4-fa2e0749a73a}
 
Error: (09/10/2014 03:44:37 PM) (Source: VSS) (EventID: 8193) (User: )
Description: RegSetValueExW(0x000008e4,(null),0,REG_BINARY,0000000003BAE0F0.72)0x80070005, Access is denied.
 
 
Operation:
   BackupShutdown Event
 
Context:
   Execution Context: Writer
   Writer Class Id: {a6ad56c2-b509-4e6c-bb19-49d8f43532f0}
   Writer Name: WMI Writer
   Writer Instance ID: {91253dea-ea99-44f5-a3b1-864abc94ac01}
 
Error: (09/10/2014 03:44:37 PM) (Source: VSS) (EventID: 8193) (User: )
Description: RegSetValueExW(0x00000348,(null),0,REG_BINARY,00000000082CE2E0.72)0x80070005, Access is denied.
 
 
Operation:
   BackupShutdown Event
 
Context:
   Execution Context: Writer
   Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
   Writer Name: System Writer
   Writer Instance ID: {e2b47c88-7edb-49a9-a14f-466527d63dfc}
 
Error: (09/10/2014 03:44:37 PM) (Source: VSS) (EventID: 8193) (User: )
Description: RegSetValueExW(0x00000204,(null),0,REG_BINARY,0000000001C3EBA0.72)0x80070005, Access is denied.
 
 
Operation:
   BackupShutdown Event
 
Context:
   Execution Context: Writer
   Writer Class Id: {4dc3bdd4-ab48-4d07-adb0-3bee2926fd7f}
   Writer Name: Shadow Copy Optimization Writer
   Writer Instance ID: {e1f3c5e5-913b-4909-9328-9ff24f3d0adf}
 
Error: (09/10/2014 03:44:37 PM) (Source: VSS) (EventID: 8193) (User: )
Description: RegSetValueExW(0x000001c8,(null),0,REG_BINARY,0000000001CBEC40.72)0x80070005, Access is denied.
 
 
Operation:
   BackupShutdown Event
 
Context:
   Execution Context: Writer
   Writer Class Id: {afbab4a2-367d-4d15-a586-71dbb18f8485}
   Writer Name: Registry Writer
   Writer Instance ID: {2c913c39-6f55-4f16-8609-2924c0fe94d4}
 
Error: (09/10/2014 03:44:37 PM) (Source: VSS) (EventID: 8193) (User: )
Description: RegSetValueExW(0x000001d4,(null),0,REG_BINARY,00000000015AF020.72)0x80070005, Access is denied.
 
 
Operation:
   BackupShutdown Event
 
Context:
   Execution Context: Writer
   Writer Class Id: {542da469-d3e1-473c-9f4f-7847f01fc64f}
   Writer Name: COM+ REGDB Writer
   Writer Instance ID: {fac26588-f851-431f-a2e4-fa2e0749a73a}
 
 
==================== Memory info =========================== 
 
Processor: AMD FX™-8120 Eight-Core Processor 
Percentage of memory in use: 28%
Total physical RAM: 8162.12 MB
Available physical RAM: 5860.35 MB
Total Pagefile: 16322.41 MB
Available Pagefile: 13878.25 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:1862.92 GB) (Free:90.52 GB) NTFS
Drive g: (Abyss Odyssey) (CDROM) (Total:1.16 GB) (Free:0 GB) CDFS
Drive i: () (Fixed) (Total:465.76 GB) (Free:16.77 GB) NTFS ==>[System with boot components (obtained from reading drive)]
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: 90FE5AF7)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=1862.9 GB) - (Type=07 NTFS)
 
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 7B8F82A7)
Partition 1: (Not Active) - (Size=465.8 GB) - (Type=07 NTFS)
 
==================== End Of Log ============================


#7 aharonov

aharonov

  • Malware Response Team
  • 2,441 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:09 AM

Posted 11 September 2014 - 04:30 AM

Ok, is the problem gone after this fix?


Please download this attached Attached File  fixlist.txt   149bytes   6 downloads and save it in the same directory as FRST.
  • Start FRST with Administrator privileges.
  • Press the Fix button.
  • When finished, a log file (Fixlog.txt) pops up and is saved to the same location the tool was run from.
    Please copy and paste its contents in your next reply.


#8 Evrai_Terrule

Evrai_Terrule
  • Topic Starter

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Local time:08:09 PM

Posted 11 September 2014 - 07:06 PM

Everything appears to have been fixed, no pop ups of command prompt or Chrome on that horrible website. Here is the fixlog.txt. Thanks so much!

 

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 10-09-2014
Ran by Stargazer at 2014-09-11 16:16:38 Run:1
Running from C:\Users\Stargazer\Desktop
Boot Mode: Normal
==============================================
 
Content of fixlist:
*****************
HKU\S-1-5-21-544419344-474059564-3579960994-1000\...\Run: [CMD] => cmd.exe /c start http://extendedunlimited.org && exit <===== ATTENTION
EmptyTemp:
*****************
 
HKU\S-1-5-21-544419344-474059564-3579960994-1000\Software\Microsoft\Windows\CurrentVersion\Run\\CMD => value deleted successfully.
EmptyTemp: => Removed 4.2 GB temporary data.
 
 
The system needed a reboot. 
 
==== End of Fixlog ====

Edited by Evrai_Terrule, 11 September 2014 - 07:07 PM.


#9 aharonov

aharonov

  • Malware Response Team
  • 2,441 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:09 AM

Posted 12 September 2014 - 04:54 AM

Ok, then we're done.

My help is free for everybody.
If you want to support me fighting against malware or buy me a beer for the assistance you received, then you can consider a donation: btn_donate_SM.gif.
Thank you!

#10 Evrai_Terrule

Evrai_Terrule
  • Topic Starter

  • Members
  • 18 posts
  • OFFLINE
  •  
  • Local time:08:09 PM

Posted 12 September 2014 - 08:21 PM

Can do, your help is definitely worth supporting. Thanks again!



#11 aharonov

aharonov

  • Malware Response Team
  • 2,441 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:09 AM

Posted 13 September 2014 - 05:15 AM

Thank you and take care.

#12 aharonov

aharonov

  • Malware Response Team
  • 2,441 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:09 AM

Posted 13 September 2014 - 05:15 AM

It appears that this issue is resolved, therefore I am closing the topic. If that is not the case and you need or wish to continue with this topic, please send me or any Moderator a Personal Message (PM) that you would like this topic re-opened.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users