Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Another Gameharbor case, I need help please?


  • This topic is locked This topic is locked
9 replies to this topic

#1 tytinlove

tytinlove

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:09:38 AM

Posted 13 September 2014 - 05:17 PM

Hello! I also ran into the same problem from looking up too much cracks :( Can you help me please?

 

Here are my logs:

 

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 12-09-2014
Ran by USER (administrator) on USER-PC on 14-09-2014 05:10:21
Running from D:\
Platform: Microsoft Windows 7 Ultimate  (X86) OS Language: English (United States)
Internet Explorer Version 8
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\wisptis.exe
(Microsoft Corporation) C:\Windows\System32\wisptis.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe
(ASUS) C:\Program Files\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUS) C:\Program Files\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(Fuyu LIMITED) C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Intel Corporation) C:\Program Files\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\VS7DEBUG\MDM.EXE
(ASUS) C:\Program Files\ASUS\ATK Package\ATK Hotkey\HControl.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Protexis Inc.) C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
(Wacom Technology, Corp.) C:\Windows\System32\Wacom_Tablet.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\Version9\TeamViewer_Service.exe
(Wacom Technology, Corp.) C:\Windows\System32\WTablet\Wacom_TabletUser.exe
(Wacom Technology, Corp.) C:\Windows\System32\Wacom_Tablet.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(LogMeIn Inc.) D:\Hamachi\hamachi-2.exe
(Adobe Systems Inc.) E:\New folder (2)\Acrobat 10.0\Acrobat\acrotray.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
() C:\Program Files\UniKey\UniKeyNT.exe
(Akamai Technologies, Inc.) C:\Users\USER\AppData\Local\Akamai\netsession_win.exe
(Akamai Technologies, Inc.) C:\Users\USER\AppData\Local\Akamai\netsession_win.exe
(LogMeIn, Inc.) D:\Hamachi\LMIGuardianSvc.exe
(ASUS) C:\Program Files\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe
(ASUS) C:\Program Files\ASUS\ATK Package\ATK Hotkey\WDC.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ink\InputPersonalization.exe
(Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files\Intel\Intel® Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Windows\System32\wuauclt.exe
(Google Inc.) C:\Users\USER\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\USER\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\USER\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\USER\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\USER\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\USER\AppData\Local\Google\Chrome\Application\chrome.exe
 
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [TaskTray] => [X]
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [499608 2011-03-30] (Adobe Systems Incorporated)
HKLM\...\Run: [SwitchBoard] => C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM\...\Run: [AdobeCS5.5ServiceManager] => C:\Program Files\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe [1523360 2011-01-12] (Adobe Systems Incorporated)
HKLM\...\Run: [Adobe Acrobat Speed Launcher] => E:\New folder (2)\Acrobat 10.0\Acrobat\Acrobat_sl.exe [36760 2010-10-25] (Adobe Systems Incorporated)
HKLM\...\Run: [Acrobat Assistant 8.0] => E:\New folder (2)\Acrobat 10.0\Acrobat\Acrotray.exe [821144 2010-10-25] (Adobe Systems Inc.)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [256896 2014-07-25] (Oracle Corporation)
HKU\S-1-5-21-3538827583-4056727531-2038248145-1000\...\Run: [UniKey] => C:\Program Files\UniKey\UniKeyNT.exe [261632 2009-11-02] ()
HKU\S-1-5-21-3538827583-4056727531-2038248145-1000\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-3538827583-4056727531-2038248145-1000\...\Run: [Google Update] => "C:\Users\USER\AppData\Local\Google\Update\GoogleUpdate.exe" /c
HKU\S-1-5-21-3538827583-4056727531-2038248145-1000\...\Run: [Akamai NetSession Interface] => C:\Users\USER\AppData\Local\Akamai\netsession_win.exe [4672920 2014-04-17] (Akamai Technologies, Inc.)
HKU\S-1-5-21-3538827583-4056727531-2038248145-1000\...\MountPoints2: {03e33801-3b15-11e4-9cde-485b396752c4} - H:\Setup\rsrc\Autorun.exe
HKU\S-1-5-21-3538827583-4056727531-2038248145-1000\...\MountPoints2: {03e3380c-3b15-11e4-9cde-485b396752c4} - J:\Setup\rsrc\Autorun.exe
HKU\S-1-5-21-3538827583-4056727531-2038248145-1000\...\MountPoints2: {2c41b542-b88c-11e2-9d4c-485b396752c4} - H:\Startme.exe
HKU\S-1-5-21-3538827583-4056727531-2038248145-1000\...\MountPoints2: {feb81d2f-f1ae-11de-bc75-806e6f6e6963} - E:\setup.exe
AppInit_DLLs: C:\Windows\system32\nvinit.dll => C:\Windows\system32\nvinit.dll [141336 2013-10-23] (NVIDIA Corporation)
ShellIconOverlayIdentifiers: IDM Shell Extension -> {CDC95B92-E27C-4745-A8C5-64A52A78855D} => C:\Program Files\Internet Download Manager\IDMShellExt.dll (Tonec Inc.)
ShellIconOverlayIdentifiers: ShareOverlay -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer32.dll (IvoSoft)
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x93DD195858F8CC01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe http://www.istartsurf.com/?type=sc&ts=1410606164&from=smt&uid=ST9320325AS_5VD3VWNHXXXX5VD3VWNH
SearchScopes: HKLM - {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2786678
SearchScopes: HKCU - {74A33656-7C36-4919-9754-8B519E0832AF} URL = http://vn.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=382950&p={searchTerms}
SearchScopes: HKCU - {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2786678
BHO: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files\Internet Download Manager\IDMIECC.dll (Internet Download Manager, Tonec Inc.)
BHO: No Name -> {02478D38-C3F9-4efb-9B51-7695ECA05670} ->  No File
BHO: ContributeBHO Class -> {074C1DC5-9320-4A9A-947D-C042949C6216} -> E:\New folder (2)\Adobe Contribute CS5.1\Plugins\IEPlugin\contributeieplugin.dll (Adobe Systems, Inc.)
BHO: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer32.dll (IvoSoft)
BHO: Groove GFS Browser Helper -> {4DB74D06-491C-440D-305E-012400990F3E} -> C:\Windows\system32\coolbact.dll ()
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Adobe PDF Conversion Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
BHO: QUICKfind BHO Object -> {C08DF07A-3E49-4E25-9AB0-D3882835F153} -> C:\Program Files\IDM\QUICKfind\PlugIns\IEHelp.dll (IDM)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: SmartSelect Class -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO: Hotspot Shield Class -> {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} -> D:\MMORPG\New folder\Hotspot Shield\HssIE\HssIE.dll No File
Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll (IvoSoft)
Toolbar: HKLM - Contribute Toolbar - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - E:\New folder (2)\Adobe Contribute CS5.1\Plugins\IEPlugin\contributeieplugin.dll (Adobe Systems, Inc.)
Toolbar: HKLM - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKCU - No Name - {472734EA-242A-422B-ADF8-83D1E48CC825} -  No File
Toolbar: HKCU - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
DPF: {0D8004AA-A1CB-4F92-BBEB-0A824B1EE2A2} http://ws.nopp.co.kr/Game/Common/HGLauncher.cab
DPF: {8768D5EA-5412-4810-A032-09AD2A726C69} http://bgweb.nowcdn.co.kr/Bin/DownStarter2.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
ShellExecuteHooks: SABShellExecuteHook Class - {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL No File [ ]
Winsock: Catalog5 09 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\..\Interfaces\{A3DC6051-4A2D-4157-85D9-6DC36188E32F}: [NameServer] 10.4.56.1
 
FireFox:
========
FF ProfilePath: C:\Users\USER\AppData\Roaming\Mozilla\Firefox\Profiles\oflyruqz.default
FF DefaultSearchEngine: Google
FF SelectedSearchEngine: Google
FF Keyword.URL: hxxp://www.google.co.in/search?btnG=Google+Search&q=
FF NetworkProxy: "gopher", ""
FF NetworkProxy: "gopher_port", 0
FF NetworkProxy: "http", "localhost"
FF NetworkProxy: "http_port", 9666
FF NetworkProxy: "no_proxies_on", "localhost, 127.0.0.1, stealthy.co"
FF NetworkProxy: "socks", "localhost"
FF NetworkProxy: "socks_port", 9050
FF NetworkProxy: "socks_remote_dns", true
FF NetworkProxy: "ssl", "localhost"
FF NetworkProxy: "ssl_port", 9666
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
FF Plugin: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw_1202122.dll (Adobe Systems, Inc.)
FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6 -> C:\Program Files\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\4.0.60310.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @pandonetworks.com/PandoWebPlugin -> C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin: @raidcall.com/RCplugin -> C:\Users\USER\AppData\LocalLow\raidcall\plugins\webplugin.dll (Raidcall)
FF Plugin: @raidcall.en/RCplugin -> C:\Users\USER\AppData\Roaming\raidcall\plugins\nprcplugin.dll (Raidcall)
FF Plugin: @raidcall.kr/RCplugin -> C:\Users\USER\AppData\Roaming\RCKR\plugins\nprcplugin.dll (Raidcall)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @dreamwork.com/JewelPlugin -> C:\Windows\Downloaded Program Files\npJewel.dll (梦工厂网络信息有限公司)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 -> C:\Users\USER\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll No File
FF Plugin HKCU: @tools.google.com/Google Update;version=9 -> C:\Users\USER\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll No File
FF Plugin HKCU: pandonetworks.com/PandoWebPlugin -> C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\NPOFF12.DLL (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin6.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin7.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npwachk.dll (Nullsoft, Inc.)
FF Extension: IDM CC - C:\Users\USER\AppData\Roaming\Mozilla\Firefox\Profiles\oflyruqz.default\Extensions\mozilla_cc@internetdownloadmanager.com [2014-09-11]
FF Extension: pricecchop - C:\Users\USER\AppData\Roaming\Mozilla\Firefox\Profiles\oflyruqz.default\Extensions\Xex@YR.net [2014-09-04]
FF Extension: uTorrentBar Community Toolbar - C:\Users\USER\AppData\Roaming\Mozilla\Firefox\Profiles\oflyruqz.default\Extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} [2013-02-09]
FF Extension: Bitdefender QuickScan - C:\Users\USER\AppData\Roaming\Mozilla\Firefox\Profiles\oflyruqz.default\Extensions\{e001c731-5e37-4538-a5cb-8168736a2360} [2014-07-18]
FF Extension: anonymoX - C:\Users\USER\AppData\Roaming\Mozilla\Firefox\Profiles\oflyruqz.default\Extensions\client@anonymox.net.xpi [2012-09-06]
FF Extension: YouTube2mp3.to: Convert YouTube Video to MP3 - C:\Users\USER\AppData\Roaming\Mozilla\Firefox\Profiles\oflyruqz.default\Extensions\contact@youtube2mp3.to.xpi [2012-09-11]
FF Extension: MEGA - C:\Users\USER\AppData\Roaming\Mozilla\Firefox\Profiles\oflyruqz.default\Extensions\firefox@mega.co.nz.xpi [2014-07-31]
FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} [2014-09-03]
FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} [2014-09-03]
FF Extension: No Name - C:\Program Files\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2014-09-03]
FF HKLM\...\Firefox\Extensions: [{01A8CA0A-4C96-465b-A49B-65C46FAD54F9}] - E:\New folder (2)\Adobe Contribute CS5.1\Plugins\FirefoxPlugin\{01A8CA0A-4C96-465b-A49B-65C46FAD54F9}
FF Extension: Adobe Contribute Toolbar - E:\New folder (2)\Adobe Contribute CS5.1\Plugins\FirefoxPlugin\{01A8CA0A-4C96-465b-A49B-65C46FAD54F9} [2013-10-28]
FF HKLM\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - E:\New folder (2)\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: Adobe Acrobat - Create PDF - E:\New folder (2)\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn [2013-10-28]
FF HKCU\...\Firefox\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\USER\AppData\Roaming\IDM\idmmzcc5
FF Extension: IDM CC - C:\Users\USER\AppData\Roaming\IDM\idmmzcc5 [2012-06-21]
FF HKCU\...\SeaMonkey\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\USER\AppData\Roaming\IDM\idmmzcc5
 
Chrome: 
=======
CHR HomePage: Default -> https://www.google.com/
CHR StartupUrls: Default -> "hxxp://www.istartsurf.com/?type=hp&ts=1410606164&from=smt&uid=ST9320325AS_5VD3VWNHXXXX5VD3VWNH"
CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}{google:searchVersion}{google:sessionToken}sugkey={google:suggestAPIKeyParameter}
CHR CustomProfile: C:\Users\USER\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\USER\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-09-04]
CHR Extension: (Google Wallet) - C:\Users\USER\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-24]
CHR HKLM\...\Chrome\Extension: [bejbohlohkkgompgecdcbbglkpjfjgdj] - C:\Users\USER\AppData\Local\Temp\crx177.tmp []
CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-07-14]
CHR StartMenuInternet: Google Chrome - C:\Users\USER\AppData\Local\Google\Chrome\Application\chrome.exe
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
 
========================== Services (Whitelisted) =================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 ASLDRService; C:\Program Files\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe [84536 2009-06-15] (ASUS)
R2 ATKGFNEXSrv; C:\Program Files\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe [96896 2009-12-15] (ASUS)
R2 c2cautoupdatesvc; C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
S3 Disc Soft Bus Service; D:\Daemon\DiscSoftBusService.exe [887056 2014-07-10] (Disc Soft Ltd)
R2 Hamachi2Svc; D:\Hamachi\hamachi-2.exe [1890128 2014-09-04] (LogMeIn Inc.)
S2 jofaiffg; C:\Windows\System32\svchost.exe [20992 2009-07-14] (Microsoft Corporation)
S3 msiserver; C:\Windows\System32\msiexec.exe [73216 2011-08-30] (Microsoft Corporation) [File not signed]
S2 Network Driver; C:\Windows\TEMP\bhuj4rtjr.bat [75 2011-08-30] () [File not signed]
S3 npggsvc; C:\Windows\system32\GameMon.des [5267776 2014-01-22] (INCA Internet Co., Ltd.)
S2 NWCWorkstation; C:\Windows\System32\svchost.exe [20992 2009-07-14] (Microsoft Corporation)
S3 Sony PC Companion; C:\Program Files\Sony\Sony PC Companion\PCCService.exe [155824 2013-02-04] (Avanquest Software)
S3 SwitchBoard; C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
R2 TabletServiceWacom; C:\Windows\system32\Wacom_Tablet.exe [1373480 2007-09-08] (Wacom Technology, Corp.)
R2 WindowsMangerProtect; C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe [528896 2014-09-13] (Fuyu LIMITED) [File not signed]
S4 cFosSpeedS; "C:\Program Files\cFosSpeed\spd.exe" -service [X]
S3 DAUpdaterSvc; H:\Games\steamapps\common\Dragon Age Ultimate Edition\bin_ship\DAUpdaterSvc.Service.exe [X]
S4 HotspotShieldService; D:\MMORPG\New folder\Hotspot Shield\bin\openvpnas.exe [X]
S2 HssSrv; D:\MMORPG\New folder\Hotspot Shield\HssWPR\hsssrv.exe [X]
S3 HssTrayService; D:\MMORPG\New folder\Hotspot Shield\bin\HssTrayService.EXE [X]
S2 HssWd; D:\MMORPG\New folder\Hotspot Shield\bin\hsswd.exe -product HSS [X]
 
==================== Drivers (Whitelisted) ====================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
S3 1394hub; C:\Windows\System32\svchost.exe [20992 2009-07-14] (Microsoft Corporation)
S3 apf003; C:\Windows\system32\apf003.sys [13232 2012-05-11] () [File not signed]
S3 apf004; C:\Windows\system32\apf004.sys [15112 2014-03-19] ()
R2 ASMMAP; C:\Program Files\ASUS\ATK Package\ATKGFNEX\ASMMAP.sys [13880 2009-07-02] (ASUS)
R1 cFosSpeed; C:\Windows\System32\DRIVERS\cfosspeed6.sys [1187512 2011-02-09] (cFos Software GmbH)
S3 cpudrv; C:\Program Files\SystemRequirementsLab\cpudrv.sys [11336 2011-06-02] ()
R3 dtscsibus; C:\Windows\System32\DRIVERS\dtscsibus.sys [24704 2014-09-13] (Disc Soft Ltd)
R3 ETD; C:\Windows\System32\DRIVERS\ETD.sys [109960 2010-04-13] (ELAN Microelectronic Corp.)
R3 hamachi; C:\Windows\System32\DRIVERS\hamachi.sys [26176 2009-03-18] (LogMeIn, Inc.)
R3 HssDrv; C:\Windows\System32\DRIVERS\HssDrv.sys [37376 2010-09-23] (AnchorFree Inc.)
R0 iaStorA; C:\Windows\System32\DRIVERS\iaStorA.sys [526392 2012-11-19] (Intel Corporation)
R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [25656 2012-11-19] (Intel Corporation)
R1 ISODrive; C:\Program Files\UltraISO\drivers\ISODrive.sys [82320 2010-01-29] (EZB Systems, Inc.)
S3 L1E; C:\Windows\System32\DRIVERS\L1E62x86.sys [47104 2009-07-14] (Atheros Communications, Inc.)
S3 msloop; C:\Windows\System32\DRIVERS\loop.sys [5632 2009-07-14] (Microsoft Corporation)
R3 MTsensor; C:\Windows\System32\DRIVERS\ATKACPI.sys [14392 2009-05-13] (ASUS)
S3 ncvet.dll; C:\Windows\Temp\ncvet.dll [24144 2012-08-03] (Beijing Joychina Network Technologies Co., Ltd.)
R3 nusb3hub; C:\Windows\System32\DRIVERS\nusb3hub.sys [69504 2011-06-10] (Renesas Electronics Corporation)
R3 nusb3xhc; C:\Windows\System32\DRIVERS\nusb3xhc.sys [161664 2011-06-10] (Renesas Electronics Corporation)
R0 nvpciflt; C:\Windows\System32\DRIVERS\nvpciflt.sys [27936 2013-10-23] (NVIDIA Corporation)
R3 S6000KNT; C:\Windows\System32\Drivers\S6000KNT.sys [167576 2010-08-05] (Windows ® Win 7 DDK provider)
S3 SCREAMINGBDRIVER; C:\Windows\System32\drivers\ScreamingBAudio.sys [34896 2010-07-01] (Screaming Bee LLC)
R3 taphss; C:\Windows\System32\DRIVERS\taphss.sys [32768 2010-09-23] (AnchorFree Inc)
S3 tenCapture; C:\Windows\System32\DRIVERS\tenCapture.sys [20664 2012-07-20] (Hajo Krabbenhöft)
S3 apf001; \??\D:\MMORPG\SoftnyxGame\GunBoundIS\apf001.sys [X]
S3 EagleNT; \??\C:\Windows\system32\drivers\EagleNT.sys [X]
S3 EagleXNt; \??\C:\Windows\system32\drivers\EagleXNt.sys [X]
S4 nvvad_WaveExtensible; system32\drivers\nvvad32v.sys [X]
U5 UnlockerDriver5; C:\Program Files\Unlocker\UnlockerDriver5.sys [4096 2010-07-05] () [File not signed]
S3 WinRing0_1_2_0; \??\D:\MMORPG\Game Booster\Driver\WinRing0.sys [X]
S3 XDva359; \??\C:\Windows\system32\XDva359.sys [X]
S3 XDva370; \??\C:\Windows\system32\XDva370.sys [X]
S3 XDva388; \??\C:\Windows\system32\XDva388.sys [X]
S3 XDva398; \??\C:\Windows\system32\XDva398.sys [X]
S3 XDva403; \??\C:\Windows\system32\XDva403.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
 
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
 
NETSVC: jofaiffg -> No Registry Path.
 
==================== One Month Created Files and Folders ========
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2014-09-14 05:01 - 2014-09-14 05:10 - 00000000 ____D () C:\FRST
2014-09-14 04:16 - 2014-09-14 04:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sony
2014-09-14 04:16 - 2014-09-14 04:16 - 00000000 ____D () C:\ProgramData\Sony
2014-09-14 04:16 - 2014-09-14 04:16 - 00000000 ____D () C:\Program Files\Sony
2014-09-14 01:43 - 2014-09-14 01:43 - 00000822 _____ () C:\Users\Public\Desktop\Torchlight 2.v 1.25.5.2 + 1 DLC.lnk
2014-09-14 01:43 - 2014-09-14 01:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Repack by Fenixx
2014-09-13 23:43 - 2014-09-13 23:43 - 00000000 ____D () C:\Users\USER\Documents\ValiantHearts
2014-09-13 23:35 - 2014-09-13 23:35 - 00000667 _____ () C:\Users\Public\Desktop\Valiant Hearts The Great War.lnk
2014-09-13 23:35 - 2014-09-13 23:35 - 00000667 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Valiant Hearts The Great War.lnk
2014-09-13 22:33 - 2014-09-13 22:34 - 00000025 _____ () C:\Users\USER\AppData\Roaming\mbam.context.scan
2014-09-13 21:33 - 2014-09-14 04:02 - 00110296 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-09-13 21:32 - 2014-09-13 21:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-09-13 21:32 - 2014-09-13 21:32 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware
2014-09-13 21:32 - 2014-05-12 07:26 - 00051928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-09-13 21:32 - 2014-05-12 07:25 - 00074456 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-09-13 21:15 - 2014-09-13 21:15 - 00000000 ____D () C:\Users\USER\AppData\Roaming\Wayforward Technologies
2014-09-13 18:06 - 2014-09-13 18:06 - 00000000 ____D () C:\Users\USER\AppData\Local\Disc_Soft_Ltd
2014-09-13 18:04 - 2014-09-13 18:04 - 00000000 ____D () C:\ProgramData\WindowsMangerProtect
2014-09-13 17:59 - 2014-09-13 18:06 - 00000000 ____D () C:\Users\USER\AppData\Roaming\DAEMON Tools Ultra
2014-09-13 17:59 - 2014-09-13 17:59 - 00024704 _____ (Disc Soft Ltd) C:\Windows\system32\Drivers\dtscsibus.sys
2014-09-13 17:59 - 2014-09-13 17:59 - 00000592 _____ () C:\Users\USER\Desktop\DAEMON Tools Ultra.lnk
2014-09-13 17:59 - 2014-09-13 17:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Ultra
2014-09-13 17:54 - 2014-09-13 17:58 - 00000000 ____D () C:\ProgramData\DAEMON Tools Ultra
2014-09-11 20:23 - 2014-09-11 20:23 - 00000000 ____D () C:\ProgramData\FEA3F5DE-0F10-454D-B6C0-55E35B170A9D
2014-09-11 20:23 - 2014-09-11 20:23 - 00000000 ____D () C:\ProgramData\69B6DBD2-8E05-476F-B662-CF8D235FD499
2014-09-11 19:52 - 2014-09-11 19:52 - 00000631 _____ () C:\Users\Public\Desktop\CLIP STUDIO PAINT.lnk
2014-09-11 19:52 - 2014-09-11 19:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CLIP STUDIO
2014-09-11 19:49 - 2014-09-11 19:49 - 00001666 _____ () C:\Users\USER\Desktop\PaintTool SAI  1.2.lnk
2014-09-09 19:26 - 2014-09-09 19:26 - 00000986 _____ () C:\Users\USER\Desktop\The.Sims.4.Launcher - Shortcut.lnk
2014-09-08 01:06 - 2014-09-08 01:06 - 00001050 _____ () C:\Users\USER\Desktop\Origin - Shortcut.lnk
2014-09-07 14:00 - 2014-09-07 14:00 - 00000000 ____D () C:\Users\USER\Documents\Electronic Arts
2014-09-07 13:47 - 2014-09-07 19:30 - 00000000 ____D () C:\Users\USER\AppData\Roaming\Origin
2014-09-07 13:47 - 2014-09-07 13:56 - 00000000 ____D () C:\Users\USER\AppData\Local\Origin
2014-09-07 13:41 - 2014-09-11 18:40 - 00000000 ____D () C:\ProgramData\Origin
2014-09-07 13:37 - 2014-09-07 13:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The SIMS 4 Deluxe Edition
2014-09-06 13:04 - 2014-09-06 13:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2014-09-06 13:04 - 2009-03-18 18:35 - 00026176 ____H (LogMeIn, Inc.) C:\Windows\system32\hamachi.sys
2014-09-04 02:12 - 2014-09-14 04:36 - 00000000 ____D () C:\Users\HomeGroupUser$
2014-09-04 02:12 - 2014-09-14 04:36 - 00000000 ____D () C:\Users\Guest
2014-09-04 02:12 - 2014-09-14 04:36 - 00000000 ____D () C:\Users\Administrator
2014-09-04 02:12 - 2014-09-04 02:12 - 00000394 __RSH () C:\ProgramData\ntuser.pol
2014-09-04 02:12 - 2014-09-04 02:12 - 00000000 ____D () C:\Users\USER\AppData\Local\Torch
2014-09-04 02:12 - 2014-09-04 02:12 - 00000000 ____D () C:\Users\USER\AppData\Local\Comodo
2014-09-04 02:12 - 2014-09-04 02:12 - 00000000 ____D () C:\Users\USER\AppData\Local\Chromatic Browser
2014-09-04 02:12 - 2014-09-04 02:12 - 00000000 ____D () C:\Users\UpdatusUser\AppData\Local\Torch
2014-09-04 02:12 - 2014-09-04 02:12 - 00000000 ____D () C:\Users\UpdatusUser\AppData\Local\Google
2014-09-04 02:12 - 2014-09-04 02:12 - 00000000 ____D () C:\Users\UpdatusUser\AppData\Local\Comodo
2014-09-04 02:12 - 2014-09-04 02:12 - 00000000 ____D () C:\Users\UpdatusUser\AppData\Local\Chromatic Browser
2014-09-04 02:12 - 2014-09-04 02:12 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Torch
2014-09-04 02:12 - 2014-09-04 02:12 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Google
2014-09-04 02:12 - 2014-09-04 02:12 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Comodo
2014-09-04 02:12 - 2014-09-04 02:12 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Chromatic Browser
2014-09-04 02:12 - 2014-09-04 02:12 - 00000000 ____D () C:\Users\Guest\AppData\Local\Torch
2014-09-04 02:12 - 2014-09-04 02:12 - 00000000 ____D () C:\Users\Guest\AppData\Local\Google
2014-09-04 02:12 - 2014-09-04 02:12 - 00000000 ____D () C:\Users\Guest\AppData\Local\Comodo
2014-09-04 02:12 - 2014-09-04 02:12 - 00000000 ____D () C:\Users\Guest\AppData\Local\Chromatic Browser
2014-09-04 02:12 - 2014-09-04 02:12 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Torch
2014-09-04 02:12 - 2014-09-04 02:12 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Google
2014-09-04 02:12 - 2014-09-04 02:12 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Comodo
2014-09-04 02:12 - 2014-09-04 02:12 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Chromatic Browser
2014-09-04 02:12 - 2014-09-04 02:12 - 00000000 ____D () C:\ProgramData\a07991f999d76e2c
2014-09-03 10:56 - 2014-09-03 10:56 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-09-02 00:20 - 2014-09-02 00:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cooking Academy 3 - Recipe for Success
2014-08-30 19:51 - 2014-09-14 04:48 - 00000000 ____D () C:\Users\USER\AppData\Local\LogMeIn Hamachi
2014-08-30 17:19 - 2014-08-30 17:19 - 00000000 ____D () C:\Users\USER\AppData\Local\LogMeIn
2014-08-30 17:19 - 2014-08-30 17:19 - 00000000 ____D () C:\ProgramData\LogMeIn
2014-08-28 23:14 - 2014-08-28 23:14 - 00131072 _____ () C:\Windows\Minidump\082814-61682-01.dmp
2014-08-28 22:27 - 2014-08-28 22:27 - 00000000 ____D () C:\Windows\Gas Station - Rush Hour!
2014-08-27 00:52 - 2014-08-27 00:52 - 00000000 ____D () C:\Users\USER\AppData\Roaming\PURE WOOL
2014-08-27 00:46 - 2014-08-27 00:46 - 00000069 _____ () C:\Windows\Wininit.INI
2014-08-17 17:10 - 2014-08-17 17:10 - 00000000 ____D () C:\Users\USER\Documents\USER-PC
2014-08-15 23:51 - 2014-08-15 23:51 - 00000000 ____D () C:\Users\USER\AppData\Local\{CB867424-B6C9-48B4-8427-9B085DD6764C}
2014-08-15 13:00 - 2014-08-15 13:00 - 00000000 ____D () C:\Program Files\Common Files\Skype
 
==================== One Month Modified Files and Folders =======
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2014-09-14 05:10 - 2014-09-14 05:01 - 00000000 ____D () C:\FRST
2014-09-14 04:56 - 2011-08-18 17:00 - 00000904 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3538827583-4056727531-2038248145-1000UA.job
2014-09-14 04:53 - 2009-12-26 06:44 - 01584258 _____ () C:\Windows\WindowsUpdate.log
2014-09-14 04:52 - 2009-07-14 11:34 - 00019760 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-09-14 04:52 - 2009-07-14 11:34 - 00019760 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-09-14 04:48 - 2014-08-30 19:51 - 00000000 ____D () C:\Users\USER\AppData\Local\LogMeIn Hamachi
2014-09-14 04:47 - 2011-08-31 00:27 - 00157331 _____ () C:\Windows\AutoKMS.log
2014-09-14 04:47 - 2011-08-31 00:26 - 00476850 _____ () C:\Windows\PFRO.log
2014-09-14 04:47 - 2011-08-31 00:26 - 00222503 _____ () C:\Windows\setupact.log
2014-09-14 04:47 - 2010-12-27 23:11 - 00000000 ____D () C:\Users\USER\AppData\Roaming\WTablet
2014-09-14 04:47 - 2009-07-14 11:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-09-14 04:44 - 2012-07-25 23:17 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-09-14 04:38 - 2009-12-25 15:55 - 00000000 ____D () C:\Program Files\Adobe
2014-09-14 04:36 - 2014-09-04 02:12 - 00000000 ____D () C:\Users\HomeGroupUser$
2014-09-14 04:36 - 2014-09-04 02:12 - 00000000 ____D () C:\Users\Guest
2014-09-14 04:36 - 2014-09-04 02:12 - 00000000 ____D () C:\Users\Administrator
2014-09-14 04:36 - 2012-08-15 14:23 - 00000000 ____D () C:\Users\matt
2014-09-14 04:36 - 2009-07-14 09:37 - 00000000 ___RD () C:\Users\Public
2014-09-14 04:34 - 2010-10-14 20:25 - 00000000 ____D () C:\Users\USER\Desktop\UD
2014-09-14 04:33 - 2013-06-02 03:15 - 00607426 _____ () C:\Windows\DPINST.LOG
2014-09-14 04:23 - 2014-09-14 04:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sony
2014-09-14 04:22 - 2009-12-25 15:59 - 00000000 ___HD () C:\Program Files\InstallShield Installation Information
2014-09-14 04:16 - 2014-09-14 04:16 - 00000000 ____D () C:\ProgramData\Sony
2014-09-14 04:16 - 2014-09-14 04:16 - 00000000 ____D () C:\Program Files\Sony
2014-09-14 04:02 - 2014-09-13 21:33 - 00110296 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-09-14 03:58 - 2009-07-14 09:37 - 00000000 ____D () C:\Windows\TAPI
2014-09-14 03:41 - 2011-07-28 01:03 - 00000000 ____D () C:\Users\USER\AppData\Roaming\uTorrent
2014-09-14 01:44 - 2014-05-09 17:36 - 00000000 ____D () C:\Users\USER\Documents\My Games
2014-09-14 01:44 - 2013-02-05 13:47 - 00000000 ____D () C:\ProgramData\RELOADED
2014-09-14 01:44 - 2011-07-28 18:04 - 00000000 ____D () C:\Windows\system32\directx
2014-09-14 01:43 - 2014-09-14 01:43 - 00000822 _____ () C:\Users\Public\Desktop\Torchlight 2.v 1.25.5.2 + 1 DLC.lnk
2014-09-14 01:43 - 2014-09-14 01:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Repack by Fenixx
2014-09-13 23:43 - 2014-09-13 23:43 - 00000000 ____D () C:\Users\USER\Documents\ValiantHearts
2014-09-13 23:41 - 2014-06-21 21:32 - 00000000 ____D () C:\ProgramData\Orbit
2014-09-13 23:35 - 2014-09-13 23:35 - 00000667 _____ () C:\Users\Public\Desktop\Valiant Hearts The Great War.lnk
2014-09-13 23:35 - 2014-09-13 23:35 - 00000667 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Valiant Hearts The Great War.lnk
2014-09-13 22:56 - 2011-08-18 17:00 - 00000852 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3538827583-4056727531-2038248145-1000Core.job
2014-09-13 22:36 - 2010-08-31 16:34 - 00000000 ____D () C:\Users\USER\AppData\Roaming\DMCache
2014-09-13 22:34 - 2014-09-13 22:33 - 00000025 _____ () C:\Users\USER\AppData\Roaming\mbam.context.scan
2014-09-13 21:46 - 2009-12-25 15:46 - 00001417 _____ () C:\Users\USER\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-09-13 21:45 - 2011-04-08 12:18 - 00001108 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-09-13 21:32 - 2014-09-13 21:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-09-13 21:32 - 2014-09-13 21:32 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware
2014-09-13 21:32 - 2013-01-30 18:06 - 00000000 ____D () C:\Users\USER\AppData\Roaming\Malwarebytes
2014-09-13 21:32 - 2013-01-30 18:06 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-09-13 21:15 - 2014-09-13 21:15 - 00000000 ____D () C:\Users\USER\AppData\Roaming\Wayforward Technologies
2014-09-13 20:24 - 2013-01-27 08:13 - 00245620 _____ () C:\Windows\DirectX.log
2014-09-13 19:47 - 2012-04-10 21:57 - 00000000 ____D () C:\Users\USER\AppData\Roaming\Skype
2014-09-13 18:35 - 2011-07-08 12:14 - 00000000 ____D () C:\Users\USER\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2014-09-13 18:06 - 2014-09-13 18:06 - 00000000 ____D () C:\Users\USER\AppData\Local\Disc_Soft_Ltd
2014-09-13 18:06 - 2014-09-13 17:59 - 00000000 ____D () C:\Users\USER\AppData\Roaming\DAEMON Tools Ultra
2014-09-13 18:06 - 2009-12-25 15:58 - 00000000 ____D () C:\Program Files\Common Files\InstallShield
2014-09-13 18:04 - 2014-09-13 18:04 - 00000000 ____D () C:\ProgramData\WindowsMangerProtect
2014-09-13 17:59 - 2014-09-13 17:59 - 00024704 _____ (Disc Soft Ltd) C:\Windows\system32\Drivers\dtscsibus.sys
2014-09-13 17:59 - 2014-09-13 17:59 - 00000592 _____ () C:\Users\USER\Desktop\DAEMON Tools Ultra.lnk
2014-09-13 17:59 - 2014-09-13 17:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Ultra
2014-09-13 17:58 - 2014-09-13 17:54 - 00000000 ____D () C:\ProgramData\DAEMON Tools Ultra
2014-09-13 15:20 - 2010-08-31 17:18 - 00000000 ____D () C:\ProgramData\Temp
2014-09-13 15:12 - 2009-12-25 15:49 - 00786256 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-09-13 00:12 - 2014-03-29 01:10 - 00000418 _____ () C:\Windows\Tasks\At1.job
2014-09-12 13:40 - 2013-06-07 07:40 - 00000000 ____D () C:\Users\USER\AppData\Roaming\FileZilla
2014-09-11 23:44 - 2012-07-25 23:17 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2014-09-11 23:44 - 2012-07-24 16:21 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2014-09-11 20:23 - 2014-09-11 20:23 - 00000000 ____D () C:\ProgramData\FEA3F5DE-0F10-454D-B6C0-55E35B170A9D
2014-09-11 20:23 - 2014-09-11 20:23 - 00000000 ____D () C:\ProgramData\69B6DBD2-8E05-476F-B662-CF8D235FD499
2014-09-11 19:52 - 2014-09-11 19:52 - 00000631 _____ () C:\Users\Public\Desktop\CLIP STUDIO PAINT.lnk
2014-09-11 19:52 - 2014-09-11 19:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CLIP STUDIO
2014-09-11 19:49 - 2014-09-11 19:49 - 00001666 _____ () C:\Users\USER\Desktop\PaintTool SAI  1.2.lnk
2014-09-11 18:40 - 2014-09-07 13:41 - 00000000 ____D () C:\ProgramData\Origin
2014-09-10 23:08 - 2013-12-15 09:35 - 00002658 _____ () C:\Users\USER\Desktop\New Text Document.txt
2014-09-09 19:26 - 2014-09-09 19:26 - 00000986 _____ () C:\Users\USER\Desktop\The.Sims.4.Launcher - Shortcut.lnk
2014-09-08 01:06 - 2014-09-08 01:06 - 00001050 _____ () C:\Users\USER\Desktop\Origin - Shortcut.lnk
2014-09-07 19:30 - 2014-09-07 13:47 - 00000000 ____D () C:\Users\USER\AppData\Roaming\Origin
2014-09-07 14:00 - 2014-09-07 14:00 - 00000000 ____D () C:\Users\USER\Documents\Electronic Arts
2014-09-07 14:00 - 2012-03-05 09:30 - 00000000 ____D () C:\ProgramData\Electronic Arts
2014-09-07 13:56 - 2014-09-07 13:47 - 00000000 ____D () C:\Users\USER\AppData\Local\Origin
2014-09-07 13:37 - 2014-09-07 13:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The SIMS 4 Deluxe Edition
2014-09-06 13:04 - 2014-09-06 13:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2014-09-04 10:09 - 2012-04-26 09:50 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2014-09-04 02:12 - 2014-09-04 02:12 - 00000394 __RSH () C:\ProgramData\ntuser.pol
2014-09-04 02:12 - 2014-09-04 02:12 - 00000000 ____D () C:\Users\USER\AppData\Local\Torch
2014-09-04 02:12 - 2014-09-04 02:12 - 00000000 ____D () C:\Users\USER\AppData\Local\Comodo
2014-09-04 02:12 - 2014-09-04 02:12 - 00000000 ____D () C:\Users\USER\AppData\Local\Chromatic Browser
2014-09-04 02:12 - 2014-09-04 02:12 - 00000000 ____D () C:\Users\UpdatusUser\AppData\Local\Torch
2014-09-04 02:12 - 2014-09-04 02:12 - 00000000 ____D () C:\Users\UpdatusUser\AppData\Local\Google
2014-09-04 02:12 - 2014-09-04 02:12 - 00000000 ____D () C:\Users\UpdatusUser\AppData\Local\Comodo
2014-09-04 02:12 - 2014-09-04 02:12 - 00000000 ____D () C:\Users\UpdatusUser\AppData\Local\Chromatic Browser
2014-09-04 02:12 - 2014-09-04 02:12 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Torch
2014-09-04 02:12 - 2014-09-04 02:12 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Google
2014-09-04 02:12 - 2014-09-04 02:12 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Comodo
2014-09-04 02:12 - 2014-09-04 02:12 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Chromatic Browser
2014-09-04 02:12 - 2014-09-04 02:12 - 00000000 ____D () C:\Users\Guest\AppData\Local\Torch
2014-09-04 02:12 - 2014-09-04 02:12 - 00000000 ____D () C:\Users\Guest\AppData\Local\Google
2014-09-04 02:12 - 2014-09-04 02:12 - 00000000 ____D () C:\Users\Guest\AppData\Local\Comodo
2014-09-04 02:12 - 2014-09-04 02:12 - 00000000 ____D () C:\Users\Guest\AppData\Local\Chromatic Browser
2014-09-04 02:12 - 2014-09-04 02:12 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Torch
2014-09-04 02:12 - 2014-09-04 02:12 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Google
2014-09-04 02:12 - 2014-09-04 02:12 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Comodo
2014-09-04 02:12 - 2014-09-04 02:12 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Chromatic Browser
2014-09-04 02:12 - 2014-09-04 02:12 - 00000000 ____D () C:\ProgramData\a07991f999d76e2c
2014-09-04 02:12 - 2011-07-28 01:06 - 00000000 ____D () C:\Users\USER\AppData\Local\Google
2014-09-03 10:56 - 2014-09-03 10:56 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-09-03 08:59 - 2010-09-02 09:34 - 00000000 ____D () C:\Users\USER\AppData\Local\Adobe
2014-09-02 00:21 - 2011-06-06 14:59 - 00000000 ____D () C:\ProgramData\Fugazo
2014-09-02 00:20 - 2014-09-02 00:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cooking Academy 3 - Recipe for Success
2014-09-02 00:19 - 2011-07-25 18:08 - 00000000 ____D () C:\Users\USER\AppData\Roaming\LeeGT-Games
2014-09-01 23:41 - 2014-01-05 20:57 - 00000000 ____D () C:\Users\USER\AppData\Roaming\Fugazo
2014-08-30 17:19 - 2014-08-30 17:19 - 00000000 ____D () C:\Users\USER\AppData\Local\LogMeIn
2014-08-30 17:19 - 2014-08-30 17:19 - 00000000 ____D () C:\ProgramData\LogMeIn
2014-08-28 23:14 - 2014-08-28 23:14 - 00131072 _____ () C:\Windows\Minidump\082814-61682-01.dmp
2014-08-28 23:14 - 2011-03-06 01:51 - 00000000 ____D () C:\Windows\Minidump
2014-08-28 22:27 - 2014-08-28 22:27 - 00000000 ____D () C:\Windows\Gas Station - Rush Hour!
2014-08-27 02:12 - 2012-06-21 18:05 - 00000000 ____D () C:\Users\USER\AppData\Roaming\IDM
2014-08-27 00:52 - 2014-08-27 00:52 - 00000000 ____D () C:\Users\USER\AppData\Roaming\PURE WOOL
2014-08-27 00:46 - 2014-08-27 00:46 - 00000069 _____ () C:\Windows\Wininit.INI
2014-08-26 23:45 - 2009-12-25 15:54 - 00000000 ____D () C:\ProgramData\Yahoo!
2014-08-26 23:45 - 2009-12-25 15:54 - 00000000 ____D () C:\Program Files\Yahoo!
2014-08-26 23:43 - 2014-04-19 01:12 - 00000000 ____D () C:\Program Files\Common Files\Blizzard Entertainment
2014-08-24 15:24 - 2013-12-24 22:58 - 00000132 _____ () C:\Users\USER\AppData\Roaming\Adobe PNG Format CS5 Prefs
2014-08-23 00:30 - 2012-12-06 22:37 - 00000578 _____ () C:\Windows\system32\UpgradeErrorReport.txt
2014-08-22 10:05 - 2009-07-14 11:33 - 04158288 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-08-21 20:24 - 2012-06-16 21:47 - 00171664 _____ () C:\Windows\system32\GDIPFONTCACHEV1.DAT
2014-08-17 17:10 - 2014-08-17 17:10 - 00000000 ____D () C:\Users\USER\Documents\USER-PC
2014-08-16 21:00 - 2013-12-26 20:51 - 00000000 ____D () C:\Users\USER\Documents\My eBooks
2014-08-15 23:51 - 2014-08-15 23:51 - 00000000 ____D () C:\Users\USER\AppData\Local\{CB867424-B6C9-48B4-8427-9B085DD6764C}
2014-08-15 13:00 - 2014-08-15 13:00 - 00000000 ____D () C:\Program Files\Common Files\Skype
2014-08-15 13:00 - 2012-04-10 21:56 - 00000000 ____D () C:\ProgramData\Skype
 
Files to move or delete:
====================
C:\Windows\Tasks\At1.job
 
 
Some content of TEMP:
====================
C:\Users\USER\AppData\Local\Temp\AutoUI.exe
C:\Users\USER\AppData\Local\Temp\AVGTBInstall.exe
C:\Users\USER\AppData\Local\Temp\bchx2.exe
C:\Users\USER\AppData\Local\Temp\bdfilters.dll
C:\Users\USER\AppData\Local\Temp\bdinst.exe
C:\Users\USER\AppData\Local\Temp\bitool.dll
C:\Users\USER\AppData\Local\Temp\CLI.exe
C:\Users\USER\AppData\Local\Temp\CmdLineExt02.dll
C:\Users\USER\AppData\Local\Temp\contentDATs.exe
C:\Users\USER\AppData\Local\Temp\drm_dyndata_7400009.dll
C:\Users\USER\AppData\Local\Temp\EAD1016.exe
C:\Users\USER\AppData\Local\Temp\EAD1E0A.exe
C:\Users\USER\AppData\Local\Temp\EAD1F42.exe
C:\Users\USER\AppData\Local\Temp\EAD2164.exe
C:\Users\USER\AppData\Local\Temp\EAD25E7.exe
C:\Users\USER\AppData\Local\Temp\EAD297F.exe
C:\Users\USER\AppData\Local\Temp\EAD398.exe
C:\Users\USER\AppData\Local\Temp\EAD4143.exe
C:\Users\USER\AppData\Local\Temp\EAD42D9.exe
C:\Users\USER\AppData\Local\Temp\EAD499C.exe
C:\Users\USER\AppData\Local\Temp\EAD4A86.exe
C:\Users\USER\AppData\Local\Temp\EAD4DC1.exe
C:\Users\USER\AppData\Local\Temp\EAD5772.exe
C:\Users\USER\AppData\Local\Temp\EAD57C0.exe
C:\Users\USER\AppData\Local\Temp\EAD6019.exe
C:\Users\USER\AppData\Local\Temp\EAD6356.exe
C:\Users\USER\AppData\Local\Temp\EAD63D2.exe
C:\Users\USER\AppData\Local\Temp\EAD685.exe
C:\Users\USER\AppData\Local\Temp\EAD6C87.exe
C:\Users\USER\AppData\Local\Temp\EAD7473.exe
C:\Users\USER\AppData\Local\Temp\EAD78D7.exe
C:\Users\USER\AppData\Local\Temp\EAD7BA4.exe
C:\Users\USER\AppData\Local\Temp\EAD7C31.exe
C:\Users\USER\AppData\Local\Temp\EAD8C.exe
C:\Users\USER\AppData\Local\Temp\EAD8C85.exe
C:\Users\USER\AppData\Local\Temp\EAD8EF5.exe
C:\Users\USER\AppData\Local\Temp\EAD90BA.exe
C:\Users\USER\AppData\Local\Temp\EAD9414.exe
C:\Users\USER\AppData\Local\Temp\EAD94EE.exe
C:\Users\USER\AppData\Local\Temp\EAD955B.exe
C:\Users\USER\AppData\Local\Temp\EAD96E1.exe
C:\Users\USER\AppData\Local\Temp\EAD9877.exe
C:\Users\USER\AppData\Local\Temp\EAD99CE.exe
C:\Users\USER\AppData\Local\Temp\EAD9A89.exe
C:\Users\USER\AppData\Local\Temp\EAD9B06.exe
C:\Users\USER\AppData\Local\Temp\EAD9B16.exe
C:\Users\USER\AppData\Local\Temp\EAD9B73.exe
C:\Users\USER\AppData\Local\Temp\EAD9BB2.exe
C:\Users\USER\AppData\Local\Temp\EAD9C5D.exe
C:\Users\USER\AppData\Local\Temp\EAD9D57.exe
C:\Users\USER\AppData\Local\Temp\EAD9E31.exe
C:\Users\USER\AppData\Local\Temp\EAD9EAE.exe
C:\Users\USER\AppData\Local\Temp\EAD9EBE.exe
C:\Users\USER\AppData\Local\Temp\EAD9FC7.exe
C:\Users\USER\AppData\Local\Temp\EADA015.exe
C:\Users\USER\AppData\Local\Temp\EADA0C1.exe
C:\Users\USER\AppData\Local\Temp\EADA10F.exe
C:\Users\USER\AppData\Local\Temp\EADA19B.exe
C:\Users\USER\AppData\Local\Temp\EADA1E9.exe
C:\Users\USER\AppData\Local\Temp\EADA1F9.exe
C:\Users\USER\AppData\Local\Temp\EADA340.exe
C:\Users\USER\AppData\Local\Temp\EADA350.exe
C:\Users\USER\AppData\Local\Temp\EADA3FB.exe
C:\Users\USER\AppData\Local\Temp\EADA42A.exe
C:\Users\USER\AppData\Local\Temp\EADA469.exe
C:\Users\USER\AppData\Local\Temp\EADA4B7.exe
C:\Users\USER\AppData\Local\Temp\EADA4F5.exe
C:\Users\USER\AppData\Local\Temp\EADA572.exe
C:\Users\USER\AppData\Local\Temp\EADA68B.exe
C:\Users\USER\AppData\Local\Temp\EADA736.exe
C:\Users\USER\AppData\Local\Temp\EADA765.exe
C:\Users\USER\AppData\Local\Temp\EADA794.exe
C:\Users\USER\AppData\Local\Temp\EADA820.exe
C:\Users\USER\AppData\Local\Temp\EADA8FB.exe
C:\Users\USER\AppData\Local\Temp\EADA91A.exe
C:\Users\USER\AppData\Local\Temp\EADA949.exe
C:\Users\USER\AppData\Local\Temp\EADA9B6.exe
C:\Users\USER\AppData\Local\Temp\EADA9D5.exe
C:\Users\USER\AppData\Local\Temp\EADA9E5.exe
C:\Users\USER\AppData\Local\Temp\EADAA61.exe
C:\Users\USER\AppData\Local\Temp\EADAACF.exe
C:\Users\USER\AppData\Local\Temp\EADAAFD.exe
C:\Users\USER\AppData\Local\Temp\EADAAFE.exe
C:\Users\USER\AppData\Local\Temp\EADAB1D.exe
C:\Users\USER\AppData\Local\Temp\EADABF7.exe
C:\Users\USER\AppData\Local\Temp\EADACD1.exe
C:\Users\USER\AppData\Local\Temp\EADADBB.exe
C:\Users\USER\AppData\Local\Temp\EADADDB.exe
C:\Users\USER\AppData\Local\Temp\EADADEA.exe
C:\Users\USER\AppData\Local\Temp\EADAF22.exe
C:\Users\USER\AppData\Local\Temp\EADB02B.exe
C:\Users\USER\AppData\Local\Temp\EADB0E7.exe
C:\Users\USER\AppData\Local\Temp\EADB52B.exe
C:\Users\USER\AppData\Local\Temp\EADB5B7.exe
C:\Users\USER\AppData\Local\Temp\EADBAA7.exe
C:\Users\USER\AppData\Local\Temp\EADBAA8.exe
C:\Users\USER\AppData\Local\Temp\EADBBFE.exe
C:\Users\USER\AppData\Local\Temp\EADBD07.exe
C:\Users\USER\AppData\Local\Temp\EADBDD2.exe
C:\Users\USER\AppData\Local\Temp\EADBE10.exe
C:\Users\USER\AppData\Local\Temp\EADBFA6.exe
C:\Users\USER\AppData\Local\Temp\EADC080.exe
C:\Users\USER\AppData\Local\Temp\EADC254.exe
C:\Users\USER\AppData\Local\Temp\EADC476.exe
C:\Users\USER\AppData\Local\Temp\EADC4B5.exe
C:\Users\USER\AppData\Local\Temp\EADC611.exe
C:\Users\USER\AppData\Local\Temp\EADC6D7.exe
C:\Users\USER\AppData\Local\Temp\EADC7B1.exe
C:\Users\USER\AppData\Local\Temp\EADC8D9.exe
C:\Users\USER\AppData\Local\Temp\EADC928.exe
C:\Users\USER\AppData\Local\Temp\EADC9A4.exe
C:\Users\USER\AppData\Local\Temp\EADCA31.exe
C:\Users\USER\AppData\Local\Temp\EADCE84.exe
C:\Users\USER\AppData\Local\Temp\EADCEB3.exe
C:\Users\USER\AppData\Local\Temp\EADD133.exe
C:\Users\USER\AppData\Local\Temp\EADD47D.exe
C:\Users\USER\AppData\Local\Temp\EADDF46.exe
C:\Users\USER\AppData\Local\Temp\EADE030.exe
C:\Users\USER\AppData\Local\Temp\EADE223.exe
C:\Users\USER\AppData\Local\Temp\EADE243.exe
C:\Users\USER\AppData\Local\Temp\EADE4A3.exe
C:\Users\USER\AppData\Local\Temp\EADEB95.exe
C:\Users\USER\AppData\Local\Temp\EADEC70.exe
C:\Users\USER\AppData\Local\Temp\EADF201.exe
C:\Users\USER\AppData\Local\Temp\EADF5B.exe
C:\Users\USER\AppData\Local\Temp\EADF6DC.exe
C:\Users\USER\AppData\Local\Temp\EADFDDE.exe
C:\Users\USER\AppData\Local\Temp\FHFEA9.tmp.exe
C:\Users\USER\AppData\Local\Temp\FileUnlocker_Installer.exe
C:\Users\USER\AppData\Local\Temp\GameA1.01.0041Patch_signed.exe
C:\Users\USER\AppData\Local\Temp\GameA1.01.0042Patch_signed.exe
C:\Users\USER\AppData\Local\Temp\GameA1.01.0043Patch_signed.exe
C:\Users\USER\AppData\Local\Temp\GameA1.01.0044Patch_signed.exe
C:\Users\USER\AppData\Local\Temp\GameA1.01.0045Patch_signed.exe
C:\Users\USER\AppData\Local\Temp\GameA1.01.0046Patch_signed.exe
C:\Users\USER\AppData\Local\Temp\GameA1.01.0047Patch_signed.exe
C:\Users\USER\AppData\Local\Temp\GameA1.01.0048Patch_signed.exe
C:\Users\USER\AppData\Local\Temp\GameA1.01.0049Patch_signed.exe
C:\Users\USER\AppData\Local\Temp\GameA1.01.0050Patch_signed.exe
C:\Users\USER\AppData\Local\Temp\GameA1.01.0051Patch.exe
C:\Users\USER\AppData\Local\Temp\GameA1.01.0052Patch.exe
C:\Users\USER\AppData\Local\Temp\GameA1.01.0053Patch.exe
C:\Users\USER\AppData\Local\Temp\GameA1.01.0054Patch.exe
C:\Users\USER\AppData\Local\Temp\GameA1.01.0055Patch.exe
C:\Users\USER\AppData\Local\Temp\GameA1.01.0056Patch.exe
C:\Users\USER\AppData\Local\Temp\GameA1.01.0057Patch.exe
C:\Users\USER\AppData\Local\Temp\GameA1.01.0058Patch.exe
C:\Users\USER\AppData\Local\Temp\GameA1.01.0059Patch.exe
C:\Users\USER\AppData\Local\Temp\GameA1.01.0060Patch.exe
C:\Users\USER\AppData\Local\Temp\GameA1.01.0061Patch.exe
C:\Users\USER\AppData\Local\Temp\GameA1.01.0062Patch.exe
C:\Users\USER\AppData\Local\Temp\GameA1.01.0063Patch.exe
C:\Users\USER\AppData\Local\Temp\GameA1.01.0064Patch.exe
C:\Users\USER\AppData\Local\Temp\GameA1.01.0065Patch.exe
C:\Users\USER\AppData\Local\Temp\GameA1.01.0066Patch.exe
C:\Users\USER\AppData\Local\Temp\GameA1.01.0067Patch.exe
C:\Users\USER\AppData\Local\Temp\GameA1.01.0068Patch.exe
C:\Users\USER\AppData\Local\Temp\GameA1.01.0069Patch.exe
C:\Users\USER\AppData\Local\Temp\GameA1.01.0070Patch.exe
C:\Users\USER\AppData\Local\Temp\GLF3EBE.tmp.dll
C:\Users\USER\AppData\Local\Temp\GLFA579.tmp.dll
C:\Users\USER\AppData\Local\Temp\GURB2BB.exe
C:\Users\USER\AppData\Local\Temp\handbrake-setup.exe
C:\Users\USER\AppData\Local\Temp\ICReinstall_113_Animated_Powerpoint_Templates-last.zip_downloader.exe
C:\Users\USER\AppData\Local\Temp\installapi.exe
C:\Users\USER\AppData\Local\Temp\installerdll.dll
C:\Users\USER\AppData\Local\Temp\installerdll218729.dll
C:\Users\USER\AppData\Local\Temp\installerdll249539.dll
C:\Users\USER\AppData\Local\Temp\installerdll586782.dll
C:\Users\USER\AppData\Local\Temp\installerdll6154957.dll
C:\Users\USER\AppData\Local\Temp\installerdll6177374.dll
C:\Users\USER\AppData\Local\Temp\jre-6u29-windows-i586-iftw-rv.exe
C:\Users\USER\AppData\Local\Temp\jre-6u31-windows-i586-iftw-rv.exe
C:\Users\USER\AppData\Local\Temp\jre-6u33-windows-i586-iftw.exe
C:\Users\USER\AppData\Local\Temp\jre-6u35-windows-i586-iftw.exe
C:\Users\USER\AppData\Local\Temp\jre-6u37-windows-i586-iftw.exe
C:\Users\USER\AppData\Local\Temp\jre-7u11-windows-i586-iftw.exe
C:\Users\USER\AppData\Local\Temp\jre-7u13-windows-i586-iftw.exe
C:\Users\USER\AppData\Local\Temp\jre-7u15-windows-i586-iftw.exe
C:\Users\USER\AppData\Local\Temp\jre-7u17-windows-i586-iftw.exe
C:\Users\USER\AppData\Local\Temp\jre-7u45-windows-i586-iftw.exe
C:\Users\USER\AppData\Local\Temp\jre-7u55-windows-i586-iftw.exe
C:\Users\USER\AppData\Local\Temp\jre-7u65-windows-i586-iftw.exe
C:\Users\USER\AppData\Local\Temp\jre-7u67-windows-i586-iftw.exe
C:\Users\USER\AppData\Local\Temp\KERNEL.DLL
C:\Users\USER\AppData\Local\Temp\kpinstaller.exe
C:\Users\USER\AppData\Local\Temp\lowproc.exe
C:\Users\USER\AppData\Local\Temp\nircmd.exe
C:\Users\USER\AppData\Local\Temp\pv.exe
C:\Users\USER\AppData\Local\Temp\rootsupd.exe
C:\Users\USER\AppData\Local\Temp\SecurityScan_Release.exe
C:\Users\USER\AppData\Local\Temp\Setup.exe
C:\Users\USER\AppData\Local\Temp\SkypeSetup.exe
C:\Users\USER\AppData\Local\Temp\smt_istartsurf.exe
C:\Users\USER\AppData\Local\Temp\stubhelper.dll
C:\Users\USER\AppData\Local\Temp\swt-win32-3349.dll
C:\Users\USER\AppData\Local\Temp\swt-win32-3740.dll
C:\Users\USER\AppData\Local\Temp\tbuTo2.dll
C:\Users\USER\AppData\Local\Temp\Uninstall.exe
C:\Users\USER\AppData\Local\Temp\UninstallEADM.dll
C:\Users\USER\AppData\Local\Temp\UnlockerInstaller.exe
C:\Users\USER\AppData\Local\Temp\utt7C57.tmp.exe
C:\Users\USER\AppData\Local\Temp\vcredist_x64.exe
C:\Users\USER\AppData\Local\Temp\vcredist_x86.exe
C:\Users\USER\AppData\Local\Temp\vfind.exe
C:\Users\USER\AppData\Local\Temp\WindowsInstaller-KB893803-v2-x86.exe
C:\Users\USER\AppData\Local\Temp\xmlUpdater.exe
C:\Users\USER\AppData\Local\Temp\ylshkv33.dll
C:\Users\USER\AppData\Local\Temp\_Mr_Jones'_Graveyard_Shift.exe
 
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2014-08-18 19:14
 
==================== End Of Log ============================
 
 
 
 
 
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 12-09-2014
Ran by USER at 2014-09-14 05:11:32
Running from D:\
Boot Mode: Normal
==========================================================
 
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 
==================== Installed Programs ======================
 
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
’±‚Ì“Å ‰Ø‚̽ (HKCU\...\{DCFCA897-6B4F-4F95-BB1C-9154420EDB88}) (Version:  - )
µTorrent (HKCU\...\uTorrent) (Version: 3.4.2.32126 - BitTorrent Inc.)
7-Zip 9.20 (HKLM\...\7-Zip) (Version:  - )
ACDSee Photo Manager 12 (HKLM\...\{A5CBD7C5-CF16-443F-A4F2-3503C9DE311B}) (Version: 12.0.344 - ACD Systems International Inc.)
Adobe Acrobat X Pro - English, Français, Deutsch (HKLM\...\{AC76BA86-1033-F400-7760-000000000005}) (Version: 10.0.0 - Adobe Systems)
Adobe Creative Suite 5.5 Master Collection (HKLM\...\{D57FC112-312E-4D70-860F-2DB8FB6858F0}) (Version: 5.5 - Adobe Systems Incorporated)
Adobe Flash Player 15 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 15.0.0.152 - Adobe Systems Incorporated)
Adobe Flash Player 15 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 15.0.0.152 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.05) (HKLM\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.05 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.0 (HKLM\...\Adobe Shockwave Player) (Version: 12.0.2.122 - Adobe Systems, Inc.)
Adobe Widget Browser (HKLM\...\com.adobe.WidgetBrowser.E7BED6E5DDA59983786DD72EBFA46B1598278E07.1) (Version: 2.0 Build 230 - Adobe Systems Incorporated.)
Adobe Widget Browser (Version: 2.0.230 - Adobe Systems Incorporated.) Hidden
Aegisub 2.1.8 (HKLM\...\{24BC8B57-716C-444F-B46B-A3349B9164C5}_is1) (Version: 2.1.8 - Aegisub Team)
Akamai NetSession Interface (HKCU\...\Akamai) (Version:  - Akamai Technologies, Inc)
Apple Application Support (HKLM\...\{122ADF8C-DDA1-480C-9936-C88F2825B265}) (Version: 2.1.9 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{8F1ADE4D-EFAC-4F5A-B346-23C2687FAF50}) (Version: 5.2.0.6 - Apple Inc.)
Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ASUSDVD (HKLM\...\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}) (Version:  - )
Atheros Driver Installation Program (HKLM\...\{C3A32068-8AB1-4327-BB16-BED9C6219DC7}) (Version: 9.2 - Atheros)
ATK Package (HKLM\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0004 - ASUS)
Aura Kingdom (HKLM\...\Aura Kingdom) (Version:  - )
Autodesk DWF Viewer (HKLM\...\Autodesk DWF Viewer) (Version: 6.5 - Autodesk, Inc.)
Bandisoft MPEG-1 Decoder (HKLM\...\BandiMPEG1) (Version:  - )
Battle.net (HKLM\...\Battle.net) (Version:  - Blizzard Entertainment)
BattleBlock Theater (HKLM\...\Steam App 238460) (Version:  - The Behemoth)
Bonjour (HKLM\...\{79155F2B-9895-49D7-8612-D92580E0DE5B}) (Version: 3.0.0.10 - Apple Inc.)
Charlaine Harris Dying for Daylight 1.00 (HKLM\...\Charlaine Harris Dying for Daylight 1.00) (Version:  - )
Classic Shell (HKLM\...\{6E328D2B-D432-4120-9E98-6A21CC0B71F9}) (Version: 1.9.2 - IvoSoft)
CLIP STUDIO PAINT (HKLM\...\{E4F184C1-E62E-44F0-B142-AB6197490834}) (Version: 1.3.1 - CELSYS)
Compatibility Pack for the 2007 Office system (HKLM\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6514.5001 - Microsoft Corporation)
Content (Version: 1.00.0000 - Your Company Name) Hidden
Cooking Academy 3 - Recipe for Success (HKLM\...\{9F29A9CB-F75C-4EA5-88E4-6E87FC0AA02C}) (Version: 1.0.0 - LeeGT-Games)
Corel Painter 11 - ICA (Version: 11.0 - Corel Corporation) Hidden
Corel Painter 11 - IPM (Version: 011 - Corel Corporation) Hidden
Corel Painter 11 (HKLM\...\_{5B51BB5F-4E7C-4275-A653-E98534E9C1D2}) (Version:  - Corel Corporation)
Corel Painter 11 (Version: 11.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - Capture (Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - Common (Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - Connect (Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - Custom Data (Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - Draw (Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - EN (Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - Filters (Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - FontNav (Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - IPM (Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - PHOTO-PAINT (Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - Photozoom Plugin (Version: 15.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - Redist (Version: 15.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - Setup Files (Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - VBA (Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - VideoBrowser (Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - VSTA (Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - WT (Version: 15.3 -  Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 (Version: 15.3 - Corel Corporation) Hidden
CorelDRAW® Graphics Suite X5 (HKLM\...\_{CE54DCE1-E00A-4D91-ACB9-A2D916C24051}) (Version: 15.2.0.686 - Corel Corporation)
CyberLink YouCam (HKLM\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 1.0.2115 - CyberLink Corp.)
CyberLink YouCam (Version: 1.0.2115 - CyberLink Corp.) Hidden
D3DX10 (Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Ultra (HKLM\...\DAEMON Tools Ultra) (Version: 2.4.0.0280 - Disc Soft Ltd)
Delicious 8- Emily's Wonder Wedding Premium Edition (HKLM\...\Delicious 8- Emily's Wonder Wedding Premium EditionFinal) (Version: Final - AllSmartGames)
Divinity Original Sin (HKLM\...\RGl2aW5pdHlPcmlnaW5hbFNpbg==_is1) (Version: 1 - )
Dragon Age: Origins - Ultimate Edition (HKLM\...\Steam App 47810) (Version:  - BioWare)
Driver Genius Professional Edition (HKLM\...\Driver Genius Professional Edition_is1) (Version: 11.0 - Driver-Soft Inc.)
ETDWare PS/2-x86 7.0.5.11_WHQL (HKLM\...\Elantech) (Version: 7.0.5.11 - ELAN Microelectronics Corp.)
ffdshow [rev 3154] [2009-12-09] (HKLM\...\ffdshow_is1) (Version: 1.0 - )
File Splitter and Joiner (FFSJ v3.3) (HKLM\...\File Splitter and Joiner_is1) (Version:  - Le Minh Hoang)
FileZilla Client 3.9.0.3 (HKLM\...\FileZilla Client) (Version: 3.9.0.3 - Tim Kosse)
Google Chrome (HKCU\...\Google Chrome) (Version: 37.0.2062.103 - Google Inc.)
Hero Editor V1.04 (HKLM\...\ST6UNST #1) (Version:  - )
Heroine's Quest: The Herald of Ragnarok (HKLM\...\Steam App 283880) (Version:  - Crystal Shard)
IconHandler 32 bit (Version: 2.0 - Corel Corporation) Hidden
Intel® Management Engine Components (HKLM\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 6.0.0.1179 - Intel Corporation)
Intel® Processor Graphics (HKLM\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2622 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.7.0.1013 - Intel Corporation)
Internet Download Manager (HKLM\...\Internet Download Manager) (Version:  - )
iTunes (HKLM\...\{6AD9F5F3-5BD0-4000-BD9C-B536CF86D988}) (Version: 10.6.3.25 - Apple Inc.)
Java 7 Update 67 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F03217067FF}) (Version: 7.0.670 - Oracle)
Java Auto Updater (Version: 2.1.67.1 - Oracle, Inc.) Hidden
KAMI (HKLM\...\Steam App 272040) (Version:  - State of Play Games)
Langauge (Version: 1.00.0000 - Your Company Name) Hidden
Left 4 Dead 2 (HKLM\...\Steam App 550) (Version:  - Valve)
LINE (HKLM\...\LINE) (Version: 3.7.0.34 - LINE Corporation)
LogMeIn Hamachi (HKLM\...\LogMeIn Hamachi) (Version: 2.2.0.236 - LogMeIn, Inc.)
LogMeIn Hamachi (Version: 2.2.0.236 - LogMeIn, Inc.) Hidden
Malwarebytes Anti-Malware version 2.0.2.1012 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Manga Studio (HKLM\...\{CFA66508-B19D-4032-AB0A-EBBA2BDF1368}) (Version: 5.0.0 - Smith Micro)
Microsoft .NET Framework 4.5 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50709 - Microsoft Corporation)
Microsoft .NET Framework 4.5 (Version: 4.5.50709 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6012.5000 - Microsoft Corporation) Hidden
Microsoft Office Access MUI (English) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Access Setup Metadata MUI (English) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Enterprise 2007 (HKLM\...\ENTERPRISE) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (English) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Groove MUI (English) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Groove Setup Metadata MUI (English) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (English) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (English) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (English) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (English) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (English) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 4.0.60310.0 - Microsoft Corporation)
Microsoft SOAP Toolkit 3.0 (HKLM\...\{BCB4C18A-ACA6-4383-8688-E19933A705DD}) (Version: 3.0.1325.4 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Text-to-Speech Engine 4.0 (English) (HKLM\...\MSTTS) (Version:  - )
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM\...\{86CE1746-9EFF-3C9C-8755-81EA8903AC34}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106 (HKLM\...\{615bc16d-60f5-482e-91b3-b51d8130963b}) (Version: 11.0.51106.1 - Корпорация Майкрософт)
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.51106 (Version: 11.0.51106 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.51106 (Version: 11.0.51106 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual Studio Tools for Applications 2.0 - ENU (HKLM\...\{AA4A4B2C-0465-3CF8-BA76-27A027D8ACAB}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2.0 Runtime (HKLM\...\{299C0434-4F4E-341F-A916-4E07AEB35E79}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (HKLM\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
Microsoft XNA Framework Redistributable 4.0 (HKLM\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
Microsoft_VC80_ATL_x86 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_CRT_x86 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFC_x86 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFCLOC_x86 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC90_ATL_x86 (Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_CRT_x86 (Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFC_x86 (Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFCLOC_x86 (Version: 1.00.0000 - Adobe) Hidden
MobileMe Control Panel (HKLM\...\{779DECD7-E072-4B56-9B6B-BEB5973EEEB5}) (Version: 3.1.6.0 - Apple Inc.)
Mobipocket Reader 6.2 (HKLM\...\{342126E1-173C-4585-BFBE-3EBDD20E3E9E}) (Version: 6.2.608 - Mobipocket.com)
Mozilla Firefox 32.0 (x86 en-US) (HKLM\...\Mozilla Firefox 32.0 (x86 en-US)) (Version: 32.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
MPC-HC 1.7.0.7691 (8d311b0) Beta (HKLM\...\{2624B969-7135-4EB1-B0F6-2D8C397B45F7}_is1) (Version: 1.7.0.7691 - MPC-HC Team)
MSVCRT (Version: 15.4.2862.0708 - Microsoft) Hidden
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Nero 7 Essentials (HKLM\...\{BC61F51E-8AF7-46B9-AF20-B33B5EE81033}) (Version: 7.03.0188 - Nero AG)
neroxml (Version: 1.0.0 - Nero AG) Hidden
Northern Tale 4 (HKLM\...\{C264AA3D-C38F-4F28-A937-D75F465F67DF}) (Version: 1.0.0 - LeeGT-Games)
Notepad++ (HKLM\...\Notepad++) (Version: 6.6.1 - Notepad++ Team)
NVIDIA Control Panel 331.65 (Version: 331.65 - NVIDIA Corporation) Hidden
NVIDIA Display Control Panel (HKLM\...\NVIDIA Display Control Panel) (Version: 6.14.12.5715 - NVIDIA Corporation)
NVIDIA Graphics Driver 331.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 331.65 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.140.952 - NVIDIA Corporation) Hidden
NVIDIA Optimus 9.3.21 (Version: 9.3.21 - NVIDIA Corporation) Hidden
NVIDIA PhysX (HKLM\...\{B4F3A360-E1E2-479D-ADE7-9BE3B07F4539}) (Version: 9.10.0223 - NVIDIA Corporation)
NVIDIA Update Components (Version: 9.3.21 - NVIDIA Corporation) Hidden
OpenAL (HKLM\...\OpenAL) (Version:  - )
Origin (HKLM\...\Origin) (Version: 9.4.22.2815 - Electronic Arts, Inc.)
osu! (HKLM\...\{C3592426-531E-4110-911D-BFECE2CE284C}) (Version: 0.0.0.0 - peppy)
Oxford Advanced Learner's Dictionary - 8th Edition (HKLM\...\NSIS_oald8) (Version:  - )
Pando Media Booster (HKLM\...\{980A182F-E0A2-4A40-94C1-AE0C1235902E}) (Version: 2.6.0.8 - Pando Networks Inc.)
Paradise Quest 1.00 (HKLM\...\Paradise Quest 1.00) (Version:  - )
Path of Exile (HKLM\...\{90A4562F-D4A1-4B65-906D-41F236CF6902}) (Version: 1.1.3.32881 - Grinding Gear Games)
PCSX2 - Playstation 2 Emulator (HKLM\...\pcsx2-r5350) (Version:  - )
PCSX2 - Playstation 2 Emulator (HKLM\...\pcsx2-r5875) (Version:  - )
PDF Settings CS5 (Version: 10.0 - Adobe Systems Incorporated) Hidden
Phantasy Star Online 2 (HKLM\...\http://pso2.jp/appid/release/asiasoft_sg_is1) (Version:  - Asiasoft)
Picture Resize Genius 2.9.8 (HKLM\...\Picture Resize Genius_is1) (Version:  - Lonking Software,LLC)
Playtrickster (HKCU\...\Playtrickster) (Version: 00.01.00.00 - Privatia co.,ltd.)
Power Mp3 Cutter(Mp3 Sound Cutter) 1.40 (HKLM\...\Power Mp3 Cutter(Mp3 Sound Cutter)_is1) (Version:  - CooolSoft, Inc.)
PxMergeModule (Version: 1.00.0000 - Your Company Name) Hidden
QUICKfind server v1.1 (HKLM\...\QUICKfind) (Version:  - IDM)
QuickTime (HKLM\...\{C9E14402-3631-4182-B377-6B0DFB1C0339}) (Version: 7.70.80.34 - Apple Inc.)
Ragnarok Online (HKLM\...\Ragnarok Online) (Version:  - )
Ragnarok Renewal (HKLM\...\Raganrok Renewal) (Version:  - )
RaidCall (HKLM\...\RaidCall) (Version: 7.0.2-1.0.1464.29 - raidcall.com)
Rainbow Web 3 (HKLM\...\Rainbow Web 3_is1) (Version:  - Sugar Games)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6438 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Card Reader (HKLM\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7600.30126 - Realtek Semiconductor Corp.)
Renesas Electronics USB 3.0 Host Controller Driver (HKLM\...\InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.1.19.0 - Renesas Electronics Corporation)
Renesas Electronics USB 3.0 Host Controller Driver (Version: 2.1.19.0 - Renesas Electronics Corporation) Hidden
Risen (HKLM\...\Steam App 40300) (Version:  - Piranha – Bytes)
RTP for RM2K (Png, Wav, Midi, Fonts) (HKLM\...\RTP for RM2K (Png, Wav, Midi, Fonts)) (Version:  - )
Sable Maze - Sullivan River CE [Updated] (HKLM\...\Sable Maze - Sullivan River CE [Updated]Final) (Version: Final - AllSmartGames)
Secrets Of Rome (HKLM\...\Secrets Of Rome_is1) (Version: 1.0 - Media Contact LLC)
Skype Click to Call (HKLM\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.3.16540.9015 - Microsoft Corporation)
Skype™ 6.18 (HKLM\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.18.106 - Skype Technologies S.A.)
Sony PC Companion 2.10.221 (HKLM\...\{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}) (Version: 2.10.221 - Sony)
Spirits (HKLM\...\Steam App 210170) (Version:  - Spaces of Play)
Starbound (HKLM\...\Steam App 211820) (Version:  - )
Steam (HKLM\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
SteamWorld Dig (HKLM\...\GOGPACKSTEAMWORLDDIG_is1) (Version: 2.0.0.2 - GOG.com)
swMSM (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
System Requirements Lab for Intel (HKLM\...\{53C63F43-B827-42D9-8886-4698D91EA33B}) (Version: 4.5.15.0 - Husdawg, LLC)
TeamViewer 9 (HKLM\...\TeamViewer 9) (Version: 9.0.28223 - TeamViewer)
The Book of Unwritten Tales (HKLM\...\Steam App 215160) (Version:  - KING Art)
The Happy Herefter (HKLM\...\The Happy HerefterFinal) (Version: Final - AllSmartGames)
The Night of the Rabbit (HKLM\...\Steam App 230820) (Version:  - Daedalic Entertainment)
The Promised Land (HKLM\...\The Promised LandFinal) (Version: Final - AllSmartGames)
The SIMS 4 Deluxe Edition (HKLM\...\The SIMS 4 Deluxe Edition_is1) (Version: 1.0 - Релиз от R.G. Steamgames)
Tiny and Big: Grandpa's Leftovers (HKLM\...\Steam App 205910) (Version:  - Black Pants Game Studio)
Tiny Token Empires (HKLM\...\{1D43ECE9-5F1B-4CB7-8645-8AA01D6E96B9}) (Version: 3.3.0.63135 - LeeGT-Games)
Torchlight 2.v 1.25.5.2 + 1 DLC (HKLM\...\Torchlight 2.v 1.25.5.2 + 1 DLC_is1) (Version: Torchlight 2.v 1.25.5.2 + 1 DLC - Repack by Fenixx (01.06.2013))
Tower of Elements (HKLM\...\Tower of ElementsFinal) (Version: Final - AllSmartGames)
UltraISO Premium V9.5 (HKLM\...\UltraISO_is1) (Version:  - )
UniKey 4.0 NT (HKLM\...\UniKey) (Version: 4.0 NT - Pham Kim Long)
UniKey 4.0 RC2 (build 1101) (HKLM\...\{F1CDC990-C599-4F9A-9586-8457F60021DA}_is1) (Version:  - Pham Kim Long)
Uninstall LAC VIET mtd2002-EVA (HKLM\...\LAC VIET mtd2002-EVA_is1) (Version: 4.0 - LAC VIET Corp.)
Unlocker 1.9.1 (HKLM\...\Unlocker) (Version: 1.9.1 - Cedrick Collomb)
Update Manager (Version: 4.60 - Corel Corporation) Hidden
USB2.0 2.0M UVC WebCam (HKLM\...\{FC9B811E-39BC-4813-9E29-B83CCF700010}) (Version: 2.103.13.5 - ALi)
Valiant Hearts: The Great War (HKLM\...\VmFsaWFudEhlYXJ0c1RoZUdyZWF0V2Fy_is1) (Version: 1 - )
Vampire - The Masquerade Bloodlines (HKLM\...\InstallShield_{C4E2A4A7-B623-40CB-8EEA-72F577E49D56}) (Version: 1.00.0000 - Activision)
Visual Basic for Applications ® Core - English (Version: 6.4.99.69 - Microsoft Corporation) Hidden
Visual Basic for Applications ® Core (Version: 6.4.99.69 - Microsoft Corporation) Hidden
Wacom Tablet (HKLM\...\Wacom Tablet Driver) (Version:  - Wacom Technology Corp.)
Winamp (HKLM\...\Winamp) (Version: 5.63  - Nullsoft, Inc)
Winamp Detector Plug-in (HKCU\...\Winamp Detect) (Version: 1.0.0.1 - Nullsoft, Inc)
Windows Live Communications Platform (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM\...\WinLiveSuite) (Version: 15.4.3538.0513 - Microsoft Corporation)
Windows Live Essentials (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0 - Microsoft Corporation) Hidden
Windows Live Installer (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Movie Maker (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live SOXE (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Resource Kit Tools - SubInAcl.exe (HKLM\...\{D3EE034D-5B92-4A55-AA02-2E6D0A6A96EE}) (Version: 5.2.3790.1164 - Microsoft Corporation)
WindowsMangerProtect20.0.0.722 (HKLM\...\WindowsMangerProtect) (Version: 20.0.0.722 - WindowsProtect LIMITED) <==== ATTENTION
WinRAR 5.01 (32-bit) (HKLM\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)
XSplit Gamecaster (HKLM\...\{27E6D8B1-70BC-4981-AE4D-B7C73475C416}) (Version: 1.8.1406.0910 - SplitmediaLabs)
Yahoo! Messenger (HKLM\...\Yahoo! Messenger) (Version:  - Yahoo! Inc.)
ドットカレシ-We're 8bit Lovers!- Ⅰでんせつのおとめ (HKLM\...\{50AB4E03-3F22-4B32-B952-B5093970B224}) (Version: 1.0.0 - Rejet)
参千世界遊戯 (HKCU\...\{F3E0335D-D4A2-4E15-B7BB-2E9F5C85C982}) (Version:  - girls★dynamics)
赤ずきんと迷いの森 (HKLM\...\{575BEB1C-1D64-4049-A9E4-E1081CC737EC}) (Version:  - )
 
==================== Custom CLSID (selected items): ==========================
 
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
 
CustomCLSID: HKU\S-1-5-21-3538827583-4056727531-2038248145-1000_Classes\CLSID\{00B7E0AB-817A-44AD-A04B-D1148D524136}\InprocServer32 -> C:\Windows\System32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3538827583-4056727531-2038248145-1000_Classes\CLSID\{022105BD-948A-40C9-AB42-A3300DDF097F}\localserver32 -> "C:\Users\USER\AppData\Local\Google\Update\GoogleUpdate.exe" No File
CustomCLSID: HKU\S-1-5-21-3538827583-4056727531-2038248145-1000_Classes\CLSID\{035FBE31-3755-450A-A775-5E6BBD43D344}\InprocServer32 -> C:\Users\USER\AppData\Local\Google\Update\1.3.21.135\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-3538827583-4056727531-2038248145-1000_Classes\CLSID\{037FB476-15E0-4ED1-B11A-E420B750B1A8}\localserver32 -> C:\Program Files\Common Files\InstallShield\UpdateService\agent.exe (Macrovision Corporation)
CustomCLSID: HKU\S-1-5-21-3538827583-4056727531-2038248145-1000_Classes\CLSID\{095A2EEC-F7FE-42E8-96FB-C20E53081908}\InprocServer32 -> C:\Users\USER\AppData\Local\Google\Update\1.3.21.99\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-3538827583-4056727531-2038248145-1000_Classes\CLSID\{218D2740-5A50-42A8-AB9F-62FF1B168782}\InprocServer32 -> C:\Users\USER\AppData\Local\Google\Update\1.3.21.69\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-3538827583-4056727531-2038248145-1000_Classes\CLSID\{22181302-A8A6-4F84-A541-E5CBFC70CC43}\localserver32 -> "C:\Users\USER\AppData\Local\Google\Update\1.3.24.15\GoogleUpdateOnDemand.exe" No File
CustomCLSID: HKU\S-1-5-21-3538827583-4056727531-2038248145-1000_Classes\CLSID\{2837E0FE-686B-4CB0-BE53-0EA097EAF71B}\InprocServer32 -> C:\Windows\Downloaded Program Files\isusweb.dll (Macrovision Corporation)
CustomCLSID: HKU\S-1-5-21-3538827583-4056727531-2038248145-1000_Classes\CLSID\{2F0E2680-9FF5-43C0-B76E-114A56E93598}\localserver32 -> "C:\Users\USER\AppData\Local\Google\Update\1.3.24.15\GoogleUpdateOnDemand.exe" No File
CustomCLSID: HKU\S-1-5-21-3538827583-4056727531-2038248145-1000_Classes\CLSID\{3100A299-7D18-481A-B24A-23BDEFB424B8}\InprocServer32 -> C:\Users\USER\AppData\Local\Google\Update\1.3.21.68\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-3538827583-4056727531-2038248145-1000_Classes\CLSID\{31261F21-2B16-45EE-BEAB-07C4CFA18B65}\InprocServer32 -> C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
CustomCLSID: HKU\S-1-5-21-3538827583-4056727531-2038248145-1000_Classes\CLSID\{320F0FDB-BE0A-4648-9D18-4A2C3448C007}\InprocServer32 -> C:\Users\USER\AppData\Local\Google\Update\1.3.21.79\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-3538827583-4056727531-2038248145-1000_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users\USER\AppData\Local\Google\Update\1.3.23.9\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-3538827583-4056727531-2038248145-1000_Classes\CLSID\{51F9E8EF-59D7-475B-A106-C7EA6F30C119}\localserver32 -> "C:\Users\USER\AppData\Local\Google\Update\1.3.24.15\GoogleUpdateOnDemand.exe" No File
CustomCLSID: HKU\S-1-5-21-3538827583-4056727531-2038248145-1000_Classes\CLSID\{5AFAFE48-7107-4FE5-B21A-86A4254541DD}\localserver32 -> C:\Program Files\Common Files\InstallShield\UpdateService\agent.exe (Macrovision Corporation)
CustomCLSID: HKU\S-1-5-21-3538827583-4056727531-2038248145-1000_Classes\CLSID\{5B7524C8-2446-40E9-9474-94A779DBA224}\InprocServer32 -> C:\Windows\Downloaded Program Files\isusweb.dll (Macrovision Corporation)
CustomCLSID: HKU\S-1-5-21-3538827583-4056727531-2038248145-1000_Classes\CLSID\{5C65F4B0-3651-4514-B207-D10CB699B14B}\localserver32 -> C:\Users\USER\AppData\Local\Google\Chrome\Application\37.0.2062.103\delegate_execute.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3538827583-4056727531-2038248145-1000_Classes\CLSID\{621D3650-F1D3-414C-97F9-03A02B211261}\localserver32 -> C:\Program Files\Common Files\InstallShield\UpdateService\ISDM.exe (Macrovision Corporation)
CustomCLSID: HKU\S-1-5-21-3538827583-4056727531-2038248145-1000_Classes\CLSID\{623E415A-22EF-4DAA-A2FF-E68E77A673C9}\localserver32 -> C:\Program Files\Common Files\InstallShield\UpdateService\ISDM.exe (Macrovision Corporation)
CustomCLSID: HKU\S-1-5-21-3538827583-4056727531-2038248145-1000_Classes\CLSID\{62A0D750-DED9-448C-B693-406B34BB0892}\InprocServer32 -> C:\Users\USER\AppData\Local\Google\Update\1.3.21.145\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-3538827583-4056727531-2038248145-1000_Classes\CLSID\{634059C0-D264-4B2C-AE80-F73E48D33E5B}\InprocServer32 -> C:\Users\USER\AppData\Local\Google\Update\1.3.21.123\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-3538827583-4056727531-2038248145-1000_Classes\CLSID\{6D7374DE-63AA-473C-8C02-60D9CDCD84C5}\InprocServer32 -> C:\Users\USER\AppData\Local\Google\Update\1.3.21.153\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-3538827583-4056727531-2038248145-1000_Classes\CLSID\{7C6E29BC-8B8B-4C3D-859E-AF6CD158BE0F}\InprocServer32 -> C:\Windows\System32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3538827583-4056727531-2038248145-1000_Classes\CLSID\{885BB46A-3F1E-44C3-A01B-A7D9260CC98B}\InprocServer32 -> C:\Windows\Downloaded Program Files\dwusplay.dll (InstallShield Software Corporation)
CustomCLSID: HKU\S-1-5-21-3538827583-4056727531-2038248145-1000_Classes\CLSID\{88D969C0-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\System32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3538827583-4056727531-2038248145-1000_Classes\CLSID\{88D969C1-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\System32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3538827583-4056727531-2038248145-1000_Classes\CLSID\{88D969C2-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\System32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3538827583-4056727531-2038248145-1000_Classes\CLSID\{88D969C3-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\System32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3538827583-4056727531-2038248145-1000_Classes\CLSID\{88D969C4-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\System32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3538827583-4056727531-2038248145-1000_Classes\CLSID\{88D969C5-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\System32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3538827583-4056727531-2038248145-1000_Classes\CLSID\{88D969C6-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\System32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3538827583-4056727531-2038248145-1000_Classes\CLSID\{88D969C8-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\System32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3538827583-4056727531-2038248145-1000_Classes\CLSID\{88D969C9-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\System32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3538827583-4056727531-2038248145-1000_Classes\CLSID\{88D969CA-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\System32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3538827583-4056727531-2038248145-1000_Classes\CLSID\{88D969D6-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\System32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3538827583-4056727531-2038248145-1000_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\USER\AppData\Local\Google\Update\1.3.24.15\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-3538827583-4056727531-2038248145-1000_Classes\CLSID\{915C2CEB-216B-4B7C-89E4-9ED3512D58D9}\localserver32 -> C:\Program Files\Common Files\InstallShield\UpdateService\ISDM.exe (Macrovision Corporation)
CustomCLSID: HKU\S-1-5-21-3538827583-4056727531-2038248145-1000_Classes\CLSID\{91EFB276-CEFE-48EC-BB3A-57795A7B4008}\InprocServer32 -> C:\Users\USER\AppData\Local\Google\Update\1.3.21.149\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-3538827583-4056727531-2038248145-1000_Classes\CLSID\{92C5E738-7372-4CD6-BE57-15833624EBF3}\localserver32 -> C:\Program Files\Common Files\InstallShield\UpdateService\ISDM.exe (Macrovision Corporation)
CustomCLSID: HKU\S-1-5-21-3538827583-4056727531-2038248145-1000_Classes\CLSID\{9CAAD2EA-177B-4D07-871F-47255B5D30F3}\localserver32 -> C:\Program Files\Common Files\InstallShield\UpdateService\ISDM.exe (Macrovision Corporation)
CustomCLSID: HKU\S-1-5-21-3538827583-4056727531-2038248145-1000_Classes\CLSID\{A45426FB-E444-42B2-AA56-419F8FBEEC61}\InprocServer32 -> C:\Users\USER\AppData\Local\Google\Update\1.3.22.3\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-3538827583-4056727531-2038248145-1000_Classes\CLSID\{A54D478D-4F70-4F72-9A74-17C9986E35AB}\InprocServer32 -> C:\Users\USER\AppData\Local\Google\Update\1.3.21.165\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-3538827583-4056727531-2038248145-1000_Classes\CLSID\{B391A1DB-28C8-4506-A43C-5BD6051F16BA}\localserver32 -> C:\Program Files\Common Files\InstallShield\UpdateService\ISDM.exe (Macrovision Corporation)
CustomCLSID: HKU\S-1-5-21-3538827583-4056727531-2038248145-1000_Classes\CLSID\{C3101A8B-0EE1-4612-BFE9-41FFC1A3C19D}\InprocServer32 -> C:\Users\USER\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll No File
CustomCLSID: HKU\S-1-5-21-3538827583-4056727531-2038248145-1000_Classes\CLSID\{C442AC41-9200-4770-8CC0-7CDB4F245C55}\InprocServer32 -> C:\Users\USER\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll No File
CustomCLSID: HKU\S-1-5-21-3538827583-4056727531-2038248145-1000_Classes\CLSID\{C5A2122B-A05B-4FD8-AE49-91990AE10998}\InprocServer32 -> C:\Users\USER\AppData\Local\Google\Update\1.3.21.115\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-3538827583-4056727531-2038248145-1000_Classes\CLSID\{E42CE23D-69F9-480A-A15F-BFF5E4D170C3}\localserver32 -> C:\Program Files\Common Files\InstallShield\UpdateService\agent.exe (Macrovision Corporation)
CustomCLSID: HKU\S-1-5-21-3538827583-4056727531-2038248145-1000_Classes\CLSID\{E50C953D-311A-481B-8F8D-C55E65AF7417}\localserver32 -> C:\Program Files\Common Files\InstallShield\UpdateService\ISDM.exe (Macrovision Corporation)
CustomCLSID: HKU\S-1-5-21-3538827583-4056727531-2038248145-1000_Classes\CLSID\{E67BE843-BBBE-4484-95FB-05271AE86750}\localserver32 -> "C:\Users\USER\AppData\Local\Google\Update\1.3.24.15\GoogleUpdateOnDemand.exe" No File
CustomCLSID: HKU\S-1-5-21-3538827583-4056727531-2038248145-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\USER\AppData\Local\Google\Update\1.3.24.15\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-3538827583-4056727531-2038248145-1000_Classes\CLSID\{E9880553-B8A7-4960-A668-95C68BED571E}\InprocServer32 -> C:\Windows\Downloaded Program Files\isusweb.dll (Macrovision Corporation)
CustomCLSID: HKU\S-1-5-21-3538827583-4056727531-2038248145-1000_Classes\CLSID\{E9A93328-79D4-4AED-A778-146E7191F8BC}\localserver32 -> C:\Program Files\Common Files\InstallShield\UpdateService\ISDM.exe (Macrovision Corporation)
CustomCLSID: HKU\S-1-5-21-3538827583-4056727531-2038248145-1000_Classes\CLSID\{EB06378B-ABB6-4B3C-9B40-D488DD8A6E93}\InprocServer32 -> C:\Users\USER\AppData\Local\Google\Update\1.3.22.5\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-3538827583-4056727531-2038248145-1000_Classes\CLSID\{F1522EC1-F84F-4CE2-A38C-F9384B0DFD41}\localserver32 -> C:\Program Files\Common Files\InstallShield\UpdateService\agent.exe (Macrovision Corporation)
CustomCLSID: HKU\S-1-5-21-3538827583-4056727531-2038248145-1000_Classes\CLSID\{F28C2F70-47DE-4EA5-8F6D-7D1476CD1EF5}\localserver32 -> D:\Shin_Megami_Tensei_Devil_Summoner_Raidou_Kuzunoha_vs_the_Soulless_Army_USA.exe No File
CustomCLSID: HKU\S-1-5-21-3538827583-4056727531-2038248145-1000_Classes\CLSID\{FB994D36-B312-46CE-A40B-CF63980641F9}\InprocServer32 -> C:\Users\USER\AppData\Local\Google\Update\1.3.21.111\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-3538827583-4056727531-2038248145-1000_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\USER\AppData\Local\Google\Update\1.3.24.7\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-3538827583-4056727531-2038248145-1000_Classes\CLSID\{FFF2D28F-E4EE-44D9-8104-8E71556757F6}\localserver32 -> C:\Program Files\Common Files\InstallShield\UpdateService\agent.exe (Macrovision Corporation)
CustomCLSID: HKU\S-1-5-21-3538827583-4056727531-2038248145-1004_Classes\CLSID\{00B7E0AB-817A-44AD-A04B-D1148D524136}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3538827583-4056727531-2038248145-1004_Classes\CLSID\{022105BD-948A-40C9-AB42-A3300DDF097F}\localserver32 -> "C:\Users\USER\AppData\Local\Google\Update\GoogleUpdate.exe" No File
CustomCLSID: HKU\S-1-5-21-3538827583-4056727531-2038248145-1004_Classes\CLSID\{035FBE31-3755-450A-A775-5E6BBD43D344}\InprocServer32 -> C:\Users\UpdatusUser\AppData\Local\Google\Update\1.3.21.135\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-3538827583-4056727531-2038248145-1004_Classes\CLSID\{037FB476-15E0-4ED1-B11A-E420B750B1A8}\localserver32 -> C:\Program Files\Common Files\InstallShield\UpdateService\agent.exe (Macrovision Corporation)
CustomCLSID: HKU\S-1-5-21-3538827583-4056727531-2038248145-1004_Classes\CLSID\{095A2EEC-F7FE-42E8-96FB-C20E53081908}\InprocServer32 -> C:\Users\UpdatusUser\AppData\Local\Google\Update\1.3.21.99\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-3538827583-4056727531-2038248145-1004_Classes\CLSID\{218D2740-5A50-42A8-AB9F-62FF1B168782}\InprocServer32 -> C:\Users\UpdatusUser\AppData\Local\Google\Update\1.3.21.69\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-3538827583-4056727531-2038248145-1004_Classes\CLSID\{22181302-A8A6-4F84-A541-E5CBFC70CC43}\localserver32 -> "C:\Users\USER\AppData\Local\Google\Update\1.3.21.135\GoogleUpdateOnDemand.exe" No File
CustomCLSID: HKU\S-1-5-21-3538827583-4056727531-2038248145-1004_Classes\CLSID\{2837E0FE-686B-4CB0-BE53-0EA097EAF71B}\InprocServer32 -> C:\Windows\Downloaded Program Files\isusweb.dll (Macrovision Corporation)
CustomCLSID: HKU\S-1-5-21-3538827583-4056727531-2038248145-1004_Classes\CLSID\{28B7AA99-C0F9-4C47-995E-8A8D729603A1}\localserver32 -> C:\Program Files\AutoCAD 2007\acad.exe /Automation No File
CustomCLSID: HKU\S-1-5-21-3538827583-4056727531-2038248145-1004_Classes\CLSID\{2F0E2680-9FF5-43C0-B76E-114A56E93598}\localserver32 -> "C:\Users\USER\AppData\Local\Google\Update\1.3.21.135\GoogleUpdateOnDemand.exe" No File
CustomCLSID: HKU\S-1-5-21-3538827583-4056727531-2038248145-1004_Classes\CLSID\{3100A299-7D18-481A-B24A-23BDEFB424B8}\InprocServer32 -> C:\Users\UpdatusUser\AppData\Local\Google\Update\1.3.21.68\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-3538827583-4056727531-2038248145-1004_Classes\CLSID\{31261F21-2B16-45EE-BEAB-07C4CFA18B65}\InprocServer32 -> C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
CustomCLSID: HKU\S-1-5-21-3538827583-4056727531-2038248145-1004_Classes\CLSID\{320F0FDB-BE0A-4648-9D18-4A2C3448C007}\InprocServer32 -> C:\Users\UpdatusUser\AppData\Local\Google\Update\1.3.21.79\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-3538827583-4056727531-2038248145-1004_Classes\CLSID\{444785F1-DE89-4295-863A-D46C3A781394}\InprocServer32 -> C:\Users\UpdatusUser\AppData\LocalLow\Unity\WebPlayer\loader\UnityWebPluginAX.ocx No File
CustomCLSID: HKU\S-1-5-21-3538827583-4056727531-2038248145-1004_Classes\CLSID\{51F9E8EF-59D7-475B-A106-C7EA6F30C119}\localserver32 -> "C:\Users\USER\AppData\Local\Google\Update\1.3.21.135\GoogleUpdateOnDemand.exe" No File
CustomCLSID: HKU\S-1-5-21-3538827583-4056727531-2038248145-1004_Classes\CLSID\{5AFAFE48-7107-4FE5-B21A-86A4254541DD}\localserver32 -> C:\Program Files\Common Files\InstallShield\UpdateService\agent.exe (Macrovision Corporation)
CustomCLSID: HKU\S-1-5-21-3538827583-4056727531-2038248145-1004_Classes\CLSID\{5B7524C8-2446-40E9-9474-94A779DBA224}\InprocServer32 -> C:\Windows\Downloaded Program Files\isusweb.dll (Macrovision Corporation)
CustomCLSID: HKU\S-1-5-21-3538827583-4056727531-2038248145-1004_Classes\CLSID\{5C65F4B0-3651-4514-B207-D10CB699B14B}\localserver32 -> "C:\Users\USER\AppData\Local\Google\Chrome\Application\26.0.1410.43\delegate_execute.exe" No File
CustomCLSID: HKU\S-1-5-21-3538827583-4056727531-2038248145-1004_Classes\CLSID\{621D3650-F1D3-414C-97F9-03A02B211261}\localserver32 -> C:\Program Files\Common Files\InstallShield\UpdateService\ISDM.exe (Macrovision Corporation)
CustomCLSID: HKU\S-1-5-21-3538827583-4056727531-2038248145-1004_Classes\CLSID\{623E415A-22EF-4DAA-A2FF-E68E77A673C9}\localserver32 -> C:\Program Files\Common Files\InstallShield\UpdateService\ISDM.exe (Macrovision Corporation)
CustomCLSID: HKU\S-1-5-21-3538827583-4056727531-2038248145-1004_Classes\CLSID\{62A0D750-DED9-448C-B693-406B34BB0892}\InprocServer32 -> C:\Users\UpdatusUser\AppData\Local\Google\Update\1.3.21.145\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-3538827583-4056727531-2038248145-1004_Classes\CLSID\{634059C0-D264-4B2C-AE80-F73E48D33E5B}\InprocServer32 -> C:\Users\UpdatusUser\AppData\Local\Google\Update\1.3.21.123\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-3538827583-4056727531-2038248145-1004_Classes\CLSID\{6D7374DE-63AA-473C-8C02-60D9CDCD84C5}\InprocServer32 -> C:\Users\UpdatusUser\AppData\Local\Google\Update\1.3.21.153\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-3538827583-4056727531-2038248145-1004_Classes\CLSID\{7AABBB95-79BE-4C0F-8024-EB6AF271231C}\localserver32 -> C:\Program Files\AutoCAD 2007\acad.exe No File
CustomCLSID: HKU\S-1-5-21-3538827583-4056727531-2038248145-1004_Classes\CLSID\{7C6E29BC-8B8B-4C3D-859E-AF6CD158BE0F}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3538827583-4056727531-2038248145-1004_Classes\CLSID\{885BB46A-3F1E-44C3-A01B-A7D9260CC98B}\InprocServer32 -> C:\Windows\Downloaded Program Files\dwusplay.dll (InstallShield Software Corporation)
CustomCLSID: HKU\S-1-5-21-3538827583-4056727531-2038248145-1004_Classes\CLSID\{88D969C0-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3538827583-4056727531-2038248145-1004_Classes\CLSID\{88D969C1-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3538827583-4056727531-2038248145-1004_Classes\CLSID\{88D969C2-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3538827583-4056727531-2038248145-1004_Classes\CLSID\{88D969C3-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3538827583-4056727531-2038248145-1004_Classes\CLSID\{88D969C4-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3538827583-4056727531-2038248145-1004_Classes\CLSID\{88D969C5-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3538827583-4056727531-2038248145-1004_Classes\CLSID\{88D969C6-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3538827583-4056727531-2038248145-1004_Classes\CLSID\{88D969C8-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3538827583-4056727531-2038248145-1004_Classes\CLSID\{88D969C9-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3538827583-4056727531-2038248145-1004_Classes\CLSID\{88D969CA-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3538827583-4056727531-2038248145-1004_Classes\CLSID\{88D969D6-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3538827583-4056727531-2038248145-1004_Classes\CLSID\{915C2CEB-216B-4B7C-89E4-9ED3512D58D9}\localserver32 -> C:\Program Files\Common Files\InstallShield\UpdateService\ISDM.exe (Macrovision Corporation)
CustomCLSID: HKU\S-1-5-21-3538827583-4056727531-2038248145-1004_Classes\CLSID\{91EFB276-CEFE-48EC-BB3A-57795A7B4008}\InprocServer32 -> C:\Users\UpdatusUser\AppData\Local\Google\Update\1.3.21.149\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-3538827583-4056727531-2038248145-1004_Classes\CLSID\{92C5E738-7372-4CD6-BE57-15833624EBF3}\localserver32 -> C:\Program Files\Common Files\InstallShield\UpdateService\ISDM.exe (Macrovision Corporation)
CustomCLSID: HKU\S-1-5-21-3538827583-4056727531-2038248145-1004_Classes\CLSID\{9CAAD2EA-177B-4D07-871F-47255B5D30F3}\localserver32 -> C:\Program Files\Common Files\InstallShield\UpdateService\ISDM.exe (Macrovision Corporation)
CustomCLSID: HKU\S-1-5-21-3538827583-4056727531-2038248145-1004_Classes\CLSID\{A45426FB-E444-42B2-AA56-419F8FBEEC61}\InprocServer32 -> C:\Users\UpdatusUser\AppData\Local\Google\Update\1.3.22.3\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-3538827583-4056727531-2038248145-1004_Classes\CLSID\{A54D478D-4F70-4F72-9A74-17C9986E35AB}\InprocServer32 -> C:\Users\UpdatusUser\AppData\Local\Google\Update\1.3.21.165\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-3538827583-4056727531-2038248145-1004_Classes\CLSID\{B391A1DB-28C8-4506-A43C-5BD6051F16BA}\localserver32 -> C:\Program Files\Common Files\InstallShield\UpdateService\ISDM.exe (Macrovision Corporation)
CustomCLSID: HKU\S-1-5-21-3538827583-4056727531-2038248145-1004_Classes\CLSID\{C3101A8B-0EE1-4612-BFE9-41FFC1A3C19D}\InprocServer32 -> C:\Users\UpdatusUser\AppData\Local\Google\Update\1.3.21.135\npGoogleUpdate3.dll No File
CustomCLSID: HKU\S-1-5-21-3538827583-4056727531-2038248145-1004_Classes\CLSID\{C442AC41-9200-4770-8CC0-7CDB4F245C55}\InprocServer32 -> C:\Users\UpdatusUser\AppData\Local\Google\Update\1.3.21.135\npGoogleUpdate3.dll No File
CustomCLSID: HKU\S-1-5-21-3538827583-4056727531-2038248145-1004_Classes\CLSID\{C5A2122B-A05B-4FD8-AE49-91990AE10998}\InprocServer32 -> C:\Users\UpdatusUser\AppData\Local\Google\Update\1.3.21.115\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-3538827583-4056727531-2038248145-1004_Classes\CLSID\{E2C40589-DE61-11ce-BAE0-0020AF6D7005}\InprocServer32 -> C:\Program Files\AutoCAD 2007\acadficn.dll No File
CustomCLSID: HKU\S-1-5-21-3538827583-4056727531-2038248145-1004_Classes\CLSID\{E42CE23D-69F9-480A-A15F-BFF5E4D170C3}\localserver32 -> C:\Program Files\Common Files\InstallShield\UpdateService\agent.exe (Macrovision Corporation)
CustomCLSID: HKU\S-1-5-21-3538827583-4056727531-2038248145-1004_Classes\CLSID\{E50C953D-311A-481B-8F8D-C55E65AF7417}\localserver32 -> C:\Program Files\Common Files\InstallShield\UpdateService\ISDM.exe (Macrovision Corporation)
CustomCLSID: HKU\S-1-5-21-3538827583-4056727531-2038248145-1004_Classes\CLSID\{E67BE843-BBBE-4484-95FB-05271AE86750}\localserver32 -> "C:\Users\USER\AppData\Local\Google\Update\1.3.21.135\GoogleUpdateOnDemand.exe" No File
CustomCLSID: HKU\S-1-5-21-3538827583-4056727531-2038248145-1004_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\UpdatusUser\AppData\Local\Google\Update\1.3.21.135\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-3538827583-4056727531-2038248145-1004_Classes\CLSID\{E9880553-B8A7-4960-A668-95C68BED571E}\InprocServer32 -> C:\Windows\Downloaded Program Files\isusweb.dll (Macrovision Corporation)
CustomCLSID: HKU\S-1-5-21-3538827583-4056727531-2038248145-1004_Classes\CLSID\{E9A93328-79D4-4AED-A778-146E7191F8BC}\localserver32 -> C:\Program Files\Common Files\InstallShield\UpdateService\ISDM.exe (Macrovision Corporation)
CustomCLSID: HKU\S-1-5-21-3538827583-4056727531-2038248145-1004_Classes\CLSID\{EB06378B-ABB6-4B3C-9B40-D488DD8A6E93}\InprocServer32 -> C:\Users\UpdatusUser\AppData\Local\Google\Update\1.3.22.5\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-3538827583-4056727531-2038248145-1004_Classes\CLSID\{F1522EC1-F84F-4CE2-A38C-F9384B0DFD41}\localserver32 -> C:\Program Files\Common Files\InstallShield\UpdateService\agent.exe (Macrovision Corporation)
CustomCLSID: HKU\S-1-5-21-3538827583-4056727531-2038248145-1004_Classes\CLSID\{F7D4B6AD-AB5F-4fe8-9469-3A4697E41129}\InprocServer32 -> C:\Users\UpdatusUser\AppData\Roaming\Kalydo\KalydoPlayer\bin2\kalydoplayer.dll No File
CustomCLSID: HKU\S-1-5-21-3538827583-4056727531-2038248145-1004_Classes\CLSID\{FB994D36-B312-46CE-A40B-CF63980641F9}\InprocServer32 -> C:\Users\UpdatusUser\AppData\Local\Google\Update\1.3.21.111\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-3538827583-4056727531-2038248145-1004_Classes\CLSID\{FFF2D28F-E4EE-44D9-8104-8E71556757F6}\localserver32 -> C:\Program Files\Common Files\InstallShield\UpdateService\agent.exe (Macrovision Corporation)
 
==================== Restore Points  =========================
 
13-09-2014 21:44:42 Removed Corel Graphics - Windows Shell Extension.
 
==================== Hosts content: ==========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2013-10-28 12:12 - 2014-08-16 13:28 - 00002778 ____A C:\Windows\system32\Drivers\etc\hosts
173.252.110.27 facebook.com 
173.252.110.27 www.facebook.com 
173.252.110.27 www.login.facebook.com 
173.252.110.27 login.facebook.com 
173.252.110.27 apps.facebook.com 
173.252.110.27 graph.facebook.com 
173.252.110.27 register.facebook.com 
173.252.110.27 vi-vn.connect.facebook.com 
173.252.110.27 vi-vn.facebook.com 
173.252.110.27 static.ak.connect.facebook.com 
173.252.110.27 developers.facebook.com 
173.252.110.27 error.facebook.com 
173.252.110.27 channel.facebook.com 
173.252.110.27 register.facebook.com 
173.252.110.27 bigzipfiles.facebook.com 
173.252.110.27 pixel.facebook.com 
173.252.110.27 upload.facebook.com 
173.252.110.27 register.facebook.com 
173.252.110.27 bigzipfiles.facebook.com 
173.252.110.27 pixel.facebook.com 
173.252.110.27 logins.facebook.com 
173.252.110.27 graph.facebook.com 
173.252.110.27 developers.facebook.com 
173.252.110.27 error.facebook.com 
173.252.110.27 register.facebook.com 
173.252.110.27 blog.facebook.com 
173.252.110.27 channel.facebook.com 
173.252.110.27 connect.facebook.com 
173.252.110.27 bigzipfiles.facebook.com
 
There are 28 more lines.
 
 
==================== Scheduled Tasks (whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
 
Task: {04FA91F9-8B75-4748-92E5-0F3431E1E665} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-09-11] (Adobe Systems Incorporated)
Task: {1A0633A6-BEED-4204-A485-4B4E0D0D00BD} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {2C95B5EA-FD4C-421C-A497-AEFB2E128231} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS.exe [2011-08-23] (Microsoft)
Task: {2DDBF0FC-F895-4FAB-BE37-793AD95CCB32} - System32\Tasks\At1 => C:\Windows\system32\verifieer.exe [2009-07-14] () <==== ATTENTION
Task: {4664D160-C52D-47E9-8829-F7F834720D47} - System32\Tasks\AdobeAAMUpdater-1.0-USER-PC-USER => C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2011-03-30] (Adobe Systems Incorporated)
Task: {529DBEA3-7222-45FA-B609-277557DEA019} - System32\Tasks\Game_Booster_AutoUpdate => D:\MMORPG\Game Booster\AutoUpdate.exe
Task: {6BED4575-FC7F-482E-AD61-DC89358A26AD} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3538827583-4056727531-2038248145-1000Core => C:\Users\USER\AppData\Local\Google\Update\GoogleUpdate.exe
Task: {91507931-A346-4842-ACBE-A63E17585125} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-3538827583-4056727531-2038248145-1000 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe
Task: {A446782B-8E1F-46D8-8942-DC5526344163} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-3538827583-4056727531-2038248145-1000 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe
Task: {AA5F333D-8BD4-4440-971C-6279668B8479} - System32\Tasks\Microsoft\Windows\TabletPC\InputPersonalization => C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe [2009-07-14] (Microsoft Corporation)
Task: {E5B69C99-F13D-4375-B82A-2C85D8DBD7CD} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3538827583-4056727531-2038248145-1000UA => C:\Users\USER\AppData\Local\Google\Update\GoogleUpdate.exe
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\At1.job => C:\Windows\system32\verifieer.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3538827583-4056727531-2038248145-1000Core.job => C:\Users\USER\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3538827583-4056727531-2038248145-1000UA.job => C:\Users\USER\AppData\Local\Google\Update\GoogleUpdate.exe
 
==================== Loaded Modules (whitelisted) =============
 
2013-01-06 00:35 - 2013-10-23 14:19 - 00092448 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax.dll
2006-04-19 06:53 - 2009-11-02 00:42 - 00245248 _____ () C:\Program Files\UniKey\UKHook40.dll
2014-08-13 21:09 - 2014-08-13 21:09 - 00035328 _____ () D:\FileZilla\FileZilla FTP Client\fzshellext.dll
2014-05-24 23:41 - 2014-05-24 23:41 - 00091648 _____ () D:\FileZilla\FileZilla FTP Client\libgcc_s_sjlj-1.dll
2014-05-24 23:41 - 2014-05-24 23:41 - 00892416 _____ () D:\FileZilla\FileZilla FTP Client\libstdc++-6.dll
2011-06-24 22:56 - 2011-06-24 22:56 - 00087328 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2011-06-24 22:56 - 2011-06-24 22:56 - 01241888 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2011-08-09 07:44 - 2011-08-09 07:44 - 00094208 _____ () C:\Windows\System32\IccLibDll.dll
2011-08-31 00:00 - 2009-11-02 00:42 - 00261632 _____ () C:\Program Files\UniKey\UniKeyNT.exe
2013-10-22 03:20 - 2013-10-22 03:20 - 00017920 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\PSIClient\1a6b2d234d57c151d875fe832dbe8231\PSIClient.ni.dll
2014-09-03 07:01 - 2014-08-30 09:49 - 01098056 _____ () C:\Users\USER\AppData\Local\Google\Chrome\Application\37.0.2062.103\libglesv2.dll
2014-09-03 07:01 - 2014-08-30 09:49 - 00174408 _____ () C:\Users\USER\AppData\Local\Google\Chrome\Application\37.0.2062.103\libegl.dll
2014-09-03 07:01 - 2014-08-30 09:49 - 08577864 _____ () C:\Users\USER\AppData\Local\Google\Chrome\Application\37.0.2062.103\pdf.dll
2014-09-03 07:01 - 2014-08-30 09:49 - 00331592 _____ () C:\Users\USER\AppData\Local\Google\Chrome\Application\37.0.2062.103\ppGoogleNaClPluginChrome.dll
2014-09-03 07:01 - 2014-08-30 09:49 - 01660232 _____ () C:\Users\USER\AppData\Local\Google\Chrome\Application\37.0.2062.103\ffmpegsumo.dll
2014-09-03 07:01 - 2014-08-30 09:49 - 14669128 _____ () C:\Users\USER\AppData\Local\Google\Chrome\Application\37.0.2062.103\PepperFlash\pepflashplayer.dll
 
==================== Alternate Data Streams (whitelisted) =========
 
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
 
AlternateDataStreams: C:\ProgramData\Temp:0153AF32
AlternateDataStreams: C:\ProgramData\Temp:02CC0035
AlternateDataStreams: C:\ProgramData\Temp:0785072C
AlternateDataStreams: C:\ProgramData\Temp:0BCD6B91
AlternateDataStreams: C:\ProgramData\Temp:10F6E97E
AlternateDataStreams: C:\ProgramData\Temp:12E00730
AlternateDataStreams: C:\ProgramData\Temp:24051EFF
AlternateDataStreams: C:\ProgramData\Temp:26499772
AlternateDataStreams: C:\ProgramData\Temp:2652902F
AlternateDataStreams: C:\ProgramData\Temp:28BEC2EC
AlternateDataStreams: C:\ProgramData\Temp:2AE74FF9
AlternateDataStreams: C:\ProgramData\Temp:2D6D1D25
AlternateDataStreams: C:\ProgramData\Temp:371A321E
AlternateDataStreams: C:\ProgramData\Temp:378824DE
AlternateDataStreams: C:\ProgramData\Temp:3B07E6F4
AlternateDataStreams: C:\ProgramData\Temp:430C6D84
AlternateDataStreams: C:\ProgramData\Temp:4B244549
AlternateDataStreams: C:\ProgramData\Temp:4C3D5A8B
AlternateDataStreams: C:\ProgramData\Temp:4CD3F344
AlternateDataStreams: C:\ProgramData\Temp:51F01E9D
AlternateDataStreams: C:\ProgramData\Temp:56C66609
AlternateDataStreams: C:\ProgramData\Temp:587F3582
AlternateDataStreams: C:\ProgramData\Temp:58E38390
AlternateDataStreams: C:\ProgramData\Temp:5ED747B8
AlternateDataStreams: C:\ProgramData\Temp:6268C8DB
AlternateDataStreams: C:\ProgramData\Temp:63C68F03
AlternateDataStreams: C:\ProgramData\Temp:6423D635
AlternateDataStreams: C:\ProgramData\Temp:65B8AF94
AlternateDataStreams: C:\ProgramData\Temp:65C4D44A
AlternateDataStreams: C:\ProgramData\Temp:689AB7E9
AlternateDataStreams: C:\ProgramData\Temp:6A0A47E7
AlternateDataStreams: C:\ProgramData\Temp:6EE8565A
AlternateDataStreams: C:\ProgramData\Temp:735FF509
AlternateDataStreams: C:\ProgramData\Temp:774A0E14
AlternateDataStreams: C:\ProgramData\Temp:774C075A
AlternateDataStreams: C:\ProgramData\Temp:7BBC3CCD
AlternateDataStreams: C:\ProgramData\Temp:86E0BFC8
AlternateDataStreams: C:\ProgramData\Temp:8855A119
AlternateDataStreams: C:\ProgramData\Temp:8AED9359
AlternateDataStreams: C:\ProgramData\Temp:8E5EA40F
AlternateDataStreams: C:\ProgramData\Temp:9FD757A9
AlternateDataStreams: C:\ProgramData\Temp:A4E7D25F
AlternateDataStreams: C:\ProgramData\Temp:A819A132
AlternateDataStreams: C:\ProgramData\Temp:AD2DB2F9
AlternateDataStreams: C:\ProgramData\Temp:B0456F0C
AlternateDataStreams: C:\ProgramData\Temp:BD34FFC5
AlternateDataStreams: C:\ProgramData\Temp:C2F24DB5
AlternateDataStreams: C:\ProgramData\Temp:C5DC2B0C
AlternateDataStreams: C:\ProgramData\Temp:CB959782
AlternateDataStreams: C:\ProgramData\Temp:D026A5A4
AlternateDataStreams: C:\ProgramData\Temp:D4558A0B
AlternateDataStreams: C:\ProgramData\Temp:D611F185
AlternateDataStreams: C:\ProgramData\Temp:D6255023
AlternateDataStreams: C:\ProgramData\Temp:D999FFD5
AlternateDataStreams: C:\ProgramData\Temp:DA5888A7
AlternateDataStreams: C:\ProgramData\Temp:DBC3D477
AlternateDataStreams: C:\ProgramData\Temp:DFC5A2B2
AlternateDataStreams: C:\ProgramData\Temp:E0888117
AlternateDataStreams: C:\ProgramData\Temp:E153075C
AlternateDataStreams: C:\ProgramData\Temp:E2CFA9CD
AlternateDataStreams: C:\ProgramData\Temp:E5B07840
AlternateDataStreams: C:\ProgramData\Temp:E6708F08
AlternateDataStreams: C:\ProgramData\Temp:E690114B
AlternateDataStreams: C:\ProgramData\Temp:E8C44CB4
AlternateDataStreams: C:\ProgramData\Temp:ECF3C50F
AlternateDataStreams: C:\ProgramData\Temp:ED0B32CA
AlternateDataStreams: C:\ProgramData\Temp:EE198B1F
AlternateDataStreams: C:\ProgramData\Temp:F0F9D08A
AlternateDataStreams: C:\ProgramData\Temp:F5FC5DCE
AlternateDataStreams: C:\ProgramData\Temp:F610C203
AlternateDataStreams: C:\ProgramData\Temp:F89F2593
AlternateDataStreams: C:\ProgramData\Temp:F93626B6
AlternateDataStreams: C:\ProgramData\Temp:FB4262DE
 
==================== Safe Mode (whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"
 
==================== EXE Association (whitelisted) =============
 
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
 
 
==================== MSCONFIG/TASK MANAGER disabled items =========
 
(Currently there is no automatic fix for this section.)
 
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: Akamai NetSession Interface => "C:\Users\USER\AppData\Local\Akamai\netsession_win.exe"
MSCONFIG\startupreg: AppleSyncNotifier => C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe
MSCONFIG\startupreg: APSDaemon => "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: ATKMEDIA => C:\Program Files\ASUS\ATK Package\ATK Media\DMedia.exe
MSCONFIG\startupreg: ATKOSD2 => C:\Program Files\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
MSCONFIG\startupreg: cFosSpeed => C:\Program Files\cFosSpeed\cFosSpeed.exe
MSCONFIG\startupreg: Classic Start Menu => "C:\Program Files\Classic Shell\ClassicStartMenu.exe"
MSCONFIG\startupreg: CMD => cmd.exe /c start http://extendedunlimited.org && exit
MSCONFIG\startupreg: DAEMON Tools Ultra Agent => "D:\Daemon\DTAgent.exe" -autorun
MSCONFIG\startupreg: EA Core => "C:\Program Files\Electronic Arts\EADM\Core.exe" -silent
MSCONFIG\startupreg: ETDWare => %ProgramFiles%\Elantech\ETDCtrl.exe
MSCONFIG\startupreg: Google Update => "C:\Users\USER\AppData\Local\Google\Update\GoogleUpdate.exe" /c
MSCONFIG\startupreg: GrooveMonitor => "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
MSCONFIG\startupreg: HControlUser => C:\Program Files\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
MSCONFIG\startupreg: HotKeysCmds => C:\Windows\system32\hkcmd.exe
MSCONFIG\startupreg: IAStorIcon => C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIconLaunch.exe "C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe" 60
MSCONFIG\startupreg: IgfxTray => C:\Windows\system32\igfxtray.exe
MSCONFIG\startupreg: ISUSPM Startup => "C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -startup
MSCONFIG\startupreg: ISUSScheduler => "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: LogMeIn Hamachi Ui => "D:\Hamachi\hamachi-2-ui.exe" --auto-start
MSCONFIG\startupreg: Messenger (Yahoo!) => "C:\PROGRA~1\Yahoo!\Messenger\YahooMessenger.exe" -quiet
MSCONFIG\startupreg: mtd2002Svr => "C:\Program Files\mtd2002"\mtdserver.exe -f
MSCONFIG\startupreg: NeroFilterCheck => C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
MSCONFIG\startupreg: NUSB3MON => "C:\Program Files\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
MSCONFIG\startupreg: OfficeSyncProcess => "C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE"
MSCONFIG\startupreg: ONAIR => C:\Program Files\ONAIR\ONAIR.exe
MSCONFIG\startupreg: Pando Media Booster => C:\Program Files\Pando Networks\Media Booster\PMB.exe
MSCONFIG\startupreg: Persistence => C:\Windows\system32\igfxpers.exe
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: RemoteControl => "C:\Program Files\ASUSTek\ASUSDVD\PDVDServ.exe"
MSCONFIG\startupreg: RtHDVCpl => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s
MSCONFIG\startupreg: S6000Mnt => Rundll32.exe S6000Rmv.dll ,WinMainRmv /StartStillMnt
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: UCam_Menu => "C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\YouCam" UpdateWithCreateOnce "Software\CyberLink\YouCam\1.0"
 
==================== Faulty Device Manager Devices =============
 
Name: 
Description: 
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
 
Name: Microsoft Loopback Adapter
Description: Microsoft Loopback Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: msloop
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (09/14/2014 04:36:01 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
.
 
Error: (09/14/2014 04:36:01 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
.
 
Error: (09/14/2014 04:36:01 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
.
 
Error: (09/14/2014 04:36:01 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
.
 
Error: (09/14/2014 04:36:01 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
.
 
Error: (09/14/2014 04:36:00 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
.
 
Error: (09/14/2014 04:36:00 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
.
 
Error: (09/14/2014 04:36:00 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
.
 
Error: (09/14/2014 04:36:00 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
.
 
Error: (09/14/2014 04:36:00 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
.
 
 
System errors:
=============
Error: (09/14/2014 04:47:48 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Client Service for NetWare service terminated with the following error: 
%%2
 
Error: (09/14/2014 04:47:47 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Network Driver service to connect.
 
Error: (09/14/2014 04:47:47 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Composite Bus Enumerator Monitor service terminated with the following error: 
%%2
 
Error: (09/14/2014 04:47:47 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Hotspot Shield Monitoring Service service failed to start due to the following error: 
%%2
 
Error: (09/14/2014 04:47:47 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Hotspot Shield Routing Service service failed to start due to the following error: 
%%2
 
Error: (09/14/2014 04:26:59 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The LogMeIn Hamachi Tunneling Engine service terminated unexpectedly.  It has done this 1 time(s).
 
Error: (09/14/2014 04:26:55 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Disc Soft Bus Service service terminated unexpectedly.  It has done this 1 time(s).
 
Error: (09/14/2014 04:26:40 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Apple Mobile Device service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 60000 milliseconds: Restart the service.
 
Error: (09/14/2014 04:25:57 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Sony PC Companion service terminated unexpectedly.  It has done this 1 time(s).
 
Error: (09/14/2014 04:25:54 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Skype Click to Call PNR Service service terminated unexpectedly.  It has done this 1 time(s).
 
 
Microsoft Office Sessions:
=========================
Error: (01/30/2013 03:14:37 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 16, Application Name: Microsoft Office Groove, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.6514.5001. This session lasted 13 seconds with 0 seconds of active time.  This session ended with a crash.
 
Error: (08/24/2012 00:02:11 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.6514.5001. This session lasted 27391 seconds with 4080 seconds of active time.  This session ended with a crash.
 
Error: (06/11/2012 05:13:48 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 3, Application Name: Microsoft Office PowerPoint, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.6514.5001. This session lasted 2044 seconds with 900 seconds of active time.  This session ended with a crash.
 
 
CodeIntegrity Errors:
===================================
  Date: 2014-09-13 22:13:30.410
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\KLELAMX86\klelam.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-09-13 22:13:30.407
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\KLELAMX86\klelam.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-09-13 22:13:30.404
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\KLELAMX86\klelam.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-08-22 15:40:21.379
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-08-22 15:40:21.374
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-08-22 15:40:21.369
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-08-22 15:40:21.360
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-08-22 15:40:21.353
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-08-22 15:40:21.349
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-08-22 15:40:21.343
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\KLELAMX86\klelam.sys because the set of per-page image hashes could not be found on the system.
 
 
==================== Memory info =========================== 
 
Processor: Intel® Core™ i5 CPU M 430 @ 2.27GHz
Percentage of memory in use: 49%
Total physical RAM: 2732.48 MB
Available physical RAM: 1376.59 MB
Total Pagefile: 5463.23 MB
Available Pagefile: 3728.32 MB
Total Virtual: 2047.88 MB
Available Virtual: 1899.36 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:48.83 GB) (Free:2.41 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (DATA) (Fixed) (Total:126.95 GB) (Free:20.98 GB) NTFS
Drive e: (File) (Fixed) (Total:122.3 GB) (Free:63.4 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298.1 GB) (Disk ID: EC6EDAB1)
Partition 1: (Active) - (Size=48.8 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=127 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=122.3 GB) - (Type=07 NTFS)
 
==================== End Of Log ============================
 
 
 
 
Thank you!
 


BC AdBot (Login to Remove)

 


#2 tytinlove

tytinlove
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:09:38 AM

Posted 15 September 2014 - 12:42 AM

Anyone help, please? :(



#3 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:10:38 PM

Posted 15 September 2014 - 11:19 AM

Hello tytinlove

Go back into MSCONFIG and reinstate the cmd.exe /c start http://extendedunlimited.org && exit entry

Then rerun FRST and send me the report please

gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#4 tytinlove

tytinlove
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:09:38 AM

Posted 15 September 2014 - 01:35 PM

Hello tytinlove

Go back into MSCONFIG and reinstate the cmd.exe /c start http://extendedunlimited.org && exit entry

Then rerun FRST and send me the report please

gringo

Hi gringo, I re-ran the FRST check and here are the files.

 

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 12-09-2014
Ran by USER (administrator) on USER-PC on 16-09-2014 01:29:48
Running from D:\
Platform: Microsoft Windows 7 Ultimate  (X86) OS Language: English (United States)
Internet Explorer Version 8
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(ASUS) C:\Program Files\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUS) C:\Program Files\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(Fuyu LIMITED) C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\wisptis.exe
(Microsoft Corporation) C:\Windows\System32\wisptis.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(ASUS) C:\Program Files\ASUS\ATK Package\ATK Hotkey\HControl.exe
(Microsoft Corporation) C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Intel Corporation) C:\Program Files\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\VS7DEBUG\MDM.EXE
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Protexis Inc.) C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
(Wacom Technology, Corp.) C:\Windows\System32\Wacom_Tablet.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\Version9\TeamViewer_Service.exe
(Wacom Technology, Corp.) C:\Windows\System32\WTablet\Wacom_TabletUser.exe
(Wacom Technology, Corp.) C:\Windows\System32\Wacom_Tablet.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(Adobe Systems Inc.) E:\New folder (2)\Acrobat 10.0\Acrobat\acrotray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
() C:\Program Files\UniKey\UniKeyNT.exe
(Akamai Technologies, Inc.) C:\Users\USER\AppData\Local\Akamai\netsession_win.exe
(Akamai Technologies, Inc.) C:\Users\USER\AppData\Local\Akamai\netsession_win.exe
(ASUS) C:\Program Files\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe
(ASUS) C:\Program Files\ASUS\ATK Package\ATK Hotkey\WDC.exe
(Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files\Intel\Intel® Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ink\InputPersonalization.exe
(Microsoft Corporation) C:\Windows\System32\wuauclt.exe
(Google Inc.) C:\Users\USER\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\USER\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\USER\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\USER\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\USER\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\USER\AppData\Local\Google\Chrome\Application\chrome.exe
 
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [TaskTray] => [X]
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [499608 2011-03-30] (Adobe Systems Incorporated)
HKLM\...\Run: [SwitchBoard] => C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM\...\Run: [Acrobat Assistant 8.0] => E:\New folder (2)\Acrobat 10.0\Acrobat\Acrotray.exe [821144 2010-10-25] (Adobe Systems Inc.)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [256896 2014-07-25] (Oracle Corporation)
HKU\S-1-5-21-3538827583-4056727531-2038248145-1000\...\Run: [UniKey] => C:\Program Files\UniKey\UniKeyNT.exe [261632 2009-11-02] ()
HKU\S-1-5-21-3538827583-4056727531-2038248145-1000\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-3538827583-4056727531-2038248145-1000\...\Run: [Google Update] => "C:\Users\USER\AppData\Local\Google\Update\GoogleUpdate.exe" /c
HKU\S-1-5-21-3538827583-4056727531-2038248145-1000\...\Run: [Akamai NetSession Interface] => C:\Users\USER\AppData\Local\Akamai\netsession_win.exe [4672920 2014-04-17] (Akamai Technologies, Inc.)
HKU\S-1-5-21-3538827583-4056727531-2038248145-1000\...\Run: [CMD] => cmd.exe /c start http://extendedunlimited.org && exit <===== ATTENTION
HKU\S-1-5-21-3538827583-4056727531-2038248145-1000\...\MountPoints2: {03e33801-3b15-11e4-9cde-485b396752c4} - H:\Setup\rsrc\Autorun.exe
HKU\S-1-5-21-3538827583-4056727531-2038248145-1000\...\MountPoints2: {03e3380c-3b15-11e4-9cde-485b396752c4} - J:\Setup\rsrc\Autorun.exe
HKU\S-1-5-21-3538827583-4056727531-2038248145-1000\...\MountPoints2: {2c41b542-b88c-11e2-9d4c-485b396752c4} - H:\Startme.exe
HKU\S-1-5-21-3538827583-4056727531-2038248145-1000\...\MountPoints2: {feb81d2f-f1ae-11de-bc75-806e6f6e6963} - E:\setup.exe
AppInit_DLLs: C:\Windows\system32\nvinit.dll => C:\Windows\system32\nvinit.dll [141336 2013-10-23] (NVIDIA Corporation)
ShellIconOverlayIdentifiers: IDM Shell Extension -> {CDC95B92-E27C-4745-A8C5-64A52A78855D} => C:\Program Files\Internet Download Manager\IDMShellExt.dll (Tonec Inc.)
ShellIconOverlayIdentifiers: ShareOverlay -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer32.dll (IvoSoft)
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x93DD195858F8CC01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe http://www.istartsurf.com/?type=sc&ts=1410606164&from=smt&uid=ST9320325AS_5VD3VWNHXXXX5VD3VWNH
SearchScopes: HKLM - {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2786678
SearchScopes: HKCU - {74A33656-7C36-4919-9754-8B519E0832AF} URL = http://vn.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=382950&p={searchTerms}
SearchScopes: HKCU - {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2786678
BHO: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files\Internet Download Manager\IDMIECC.dll (Internet Download Manager, Tonec Inc.)
BHO: No Name -> {02478D38-C3F9-4efb-9B51-7695ECA05670} ->  No File
BHO: ContributeBHO Class -> {074C1DC5-9320-4A9A-947D-C042949C6216} -> E:\New folder (2)\Adobe Contribute CS5.1\Plugins\IEPlugin\contributeieplugin.dll (Adobe Systems, Inc.)
BHO: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer32.dll (IvoSoft)
BHO: Groove GFS Browser Helper -> {4DB74D06-491C-440D-305E-012400990F3E} -> C:\Windows\system32\coolbact.dll ()
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Adobe PDF Conversion Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
BHO: QUICKfind BHO Object -> {C08DF07A-3E49-4E25-9AB0-D3882835F153} -> C:\Program Files\IDM\QUICKfind\PlugIns\IEHelp.dll (IDM)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO: SmartSelect Class -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO: Hotspot Shield Class -> {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} -> D:\MMORPG\New folder\Hotspot Shield\HssIE\HssIE.dll No File
Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll (IvoSoft)
Toolbar: HKLM - Contribute Toolbar - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - E:\New folder (2)\Adobe Contribute CS5.1\Plugins\IEPlugin\contributeieplugin.dll (Adobe Systems, Inc.)
Toolbar: HKLM - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKCU - No Name - {472734EA-242A-422B-ADF8-83D1E48CC825} -  No File
Toolbar: HKCU - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
DPF: {0D8004AA-A1CB-4F92-BBEB-0A824B1EE2A2} http://ws.nopp.co.kr/Game/Common/HGLauncher.cab
DPF: {8768D5EA-5412-4810-A032-09AD2A726C69} http://bgweb.nowcdn.co.kr/Bin/DownStarter2.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
ShellExecuteHooks: SABShellExecuteHook Class - {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - C:\Program Files\SUPERAntiSpyware\SASSEH.DLL No File [ ]
Winsock: Catalog5 09 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 192.168.2.1
Tcpip\..\Interfaces\{A3DC6051-4A2D-4157-85D9-6DC36188E32F}: [NameServer] 10.4.56.1
 
FireFox:
========
FF ProfilePath: C:\Users\USER\AppData\Roaming\Mozilla\Firefox\Profiles\oflyruqz.default
FF DefaultSearchEngine: Google
FF SelectedSearchEngine: Google
FF Keyword.URL: hxxp://www.google.co.in/search?btnG=Google+Search&q=
FF NetworkProxy: "gopher", ""
FF NetworkProxy: "gopher_port", 0
FF NetworkProxy: "http", "localhost"
FF NetworkProxy: "http_port", 9666
FF NetworkProxy: "no_proxies_on", "localhost, 127.0.0.1, stealthy.co"
FF NetworkProxy: "socks", "localhost"
FF NetworkProxy: "socks_port", 9050
FF NetworkProxy: "socks_remote_dns", true
FF NetworkProxy: "ssl", "localhost"
FF NetworkProxy: "ssl_port", 9666
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
FF Plugin: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw_1202122.dll (Adobe Systems, Inc.)
FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6 -> C:\Program Files\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\4.0.60310.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @pandonetworks.com/PandoWebPlugin -> C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin: @raidcall.com/RCplugin -> C:\Users\USER\AppData\LocalLow\raidcall\plugins\webplugin.dll (Raidcall)
FF Plugin: @raidcall.en/RCplugin -> C:\Users\USER\AppData\Roaming\raidcall\plugins\nprcplugin.dll (Raidcall)
FF Plugin: @raidcall.kr/RCplugin -> C:\Users\USER\AppData\Roaming\RCKR\plugins\nprcplugin.dll (Raidcall)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @dreamwork.com/JewelPlugin -> C:\Windows\Downloaded Program Files\npJewel.dll (梦工厂网络信息有限公司)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 -> C:\Users\USER\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll No File
FF Plugin HKCU: @tools.google.com/Google Update;version=9 -> C:\Users\USER\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll No File
FF Plugin HKCU: pandonetworks.com/PandoWebPlugin -> C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\NPOFF12.DLL (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin6.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin7.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npwachk.dll (Nullsoft, Inc.)
FF Extension: IDM CC - C:\Users\USER\AppData\Roaming\Mozilla\Firefox\Profiles\oflyruqz.default\Extensions\mozilla_cc@internetdownloadmanager.com [2014-09-11]
FF Extension: No Name - C:\Users\USER\AppData\Roaming\Mozilla\Firefox\Profiles\oflyruqz.default\Extensions\staged [2014-09-16]
FF Extension: uTorrentBar Community Toolbar - C:\Users\USER\AppData\Roaming\Mozilla\Firefox\Profiles\oflyruqz.default\Extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} [2013-02-09]
FF Extension: anonymoX - C:\Users\USER\AppData\Roaming\Mozilla\Firefox\Profiles\oflyruqz.default\Extensions\client@anonymox.net.xpi [2012-09-06]
FF Extension: MEGA - C:\Users\USER\AppData\Roaming\Mozilla\Firefox\Profiles\oflyruqz.default\Extensions\firefox@mega.co.nz.xpi [2014-07-31]
FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} [2014-09-03]
FF Extension: Java Console - C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} [2014-09-03]
FF Extension: No Name - C:\Program Files\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2014-09-03]
FF HKLM\...\Firefox\Extensions: [{01A8CA0A-4C96-465b-A49B-65C46FAD54F9}] - E:\New folder (2)\Adobe Contribute CS5.1\Plugins\FirefoxPlugin\{01A8CA0A-4C96-465b-A49B-65C46FAD54F9}
FF Extension: Adobe Contribute Toolbar - E:\New folder (2)\Adobe Contribute CS5.1\Plugins\FirefoxPlugin\{01A8CA0A-4C96-465b-A49B-65C46FAD54F9} [2013-10-28]
FF HKLM\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - E:\New folder (2)\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: Adobe Acrobat - Create PDF - E:\New folder (2)\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn [2013-10-28]
FF HKCU\...\Firefox\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\USER\AppData\Roaming\IDM\idmmzcc5
FF Extension: IDM CC - C:\Users\USER\AppData\Roaming\IDM\idmmzcc5 [2012-06-21]
FF HKCU\...\SeaMonkey\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\USER\AppData\Roaming\IDM\idmmzcc5
 
Chrome: 
=======
CHR HomePage: Default -> https://www.google.com/
CHR StartupUrls: Default -> "hxxp://www.istartsurf.com/?type=hp&ts=1410606164&from=smt&uid=ST9320325AS_5VD3VWNHXXXX5VD3VWNH"
CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}{google:searchVersion}{google:sessionToken}sugkey={google:suggestAPIKeyParameter}
CHR CustomProfile: C:\Users\USER\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\USER\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-09-04]
CHR Extension: (Google Wallet) - C:\Users\USER\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-24]
CHR HKLM\...\Chrome\Extension: [bejbohlohkkgompgecdcbbglkpjfjgdj] - C:\Users\USER\AppData\Local\Temp\crx177.tmp []
CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-07-14]
CHR StartMenuInternet: Google Chrome - C:\Users\USER\AppData\Local\Google\Chrome\Application\chrome.exe
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
 
========================== Services (Whitelisted) =================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 ASLDRService; C:\Program Files\ASUS\ATK Package\ATK Hotkey\ASLDRSrv.exe [84536 2009-06-15] (ASUS)
R2 ATKGFNEXSrv; C:\Program Files\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe [96896 2009-12-15] (ASUS)
R2 c2cautoupdatesvc; C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
S3 Disc Soft Bus Service; D:\Daemon\DiscSoftBusService.exe [887056 2014-07-10] (Disc Soft Ltd)
S2 jofaiffg; C:\Windows\System32\svchost.exe [20992 2009-07-14] (Microsoft Corporation)
S3 msiserver; C:\Windows\System32\msiexec.exe [73216 2011-08-30] (Microsoft Corporation) [File not signed]
S2 Network Driver; C:\Windows\TEMP\bhuj4rtjr.bat [75 2011-08-30] () [File not signed]
S3 npggsvc; C:\Windows\system32\GameMon.des [5267776 2014-01-22] (INCA Internet Co., Ltd.)
S2 NWCWorkstation; C:\Windows\System32\svchost.exe [20992 2009-07-14] (Microsoft Corporation)
S3 Sony PC Companion; C:\Program Files\Sony\Sony PC Companion\PCCService.exe [155824 2013-02-04] (Avanquest Software)
S3 SwitchBoard; C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
R2 TabletServiceWacom; C:\Windows\system32\Wacom_Tablet.exe [1373480 2007-09-08] (Wacom Technology, Corp.)
R2 WindowsMangerProtect; C:\ProgramData\WindowsMangerProtect\ProtectWindowsManager.exe [528896 2014-09-13] (Fuyu LIMITED) [File not signed]
S4 cFosSpeedS; "C:\Program Files\cFosSpeed\spd.exe" -service [X]
S3 DAUpdaterSvc; H:\Games\steamapps\common\Dragon Age Ultimate Edition\bin_ship\DAUpdaterSvc.Service.exe [X]
S4 HotspotShieldService; D:\MMORPG\New folder\Hotspot Shield\bin\openvpnas.exe [X]
S2 HssSrv; D:\MMORPG\New folder\Hotspot Shield\HssWPR\hsssrv.exe [X]
S3 HssTrayService; D:\MMORPG\New folder\Hotspot Shield\bin\HssTrayService.EXE [X]
S2 HssWd; D:\MMORPG\New folder\Hotspot Shield\bin\hsswd.exe -product HSS [X]
 
==================== Drivers (Whitelisted) ====================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
S3 1394hub; C:\Windows\System32\svchost.exe [20992 2009-07-14] (Microsoft Corporation)
S3 apf003; C:\Windows\system32\apf003.sys [13232 2012-05-11] () [File not signed]
S3 apf004; C:\Windows\system32\apf004.sys [15112 2014-03-19] ()
R2 ASMMAP; C:\Program Files\ASUS\ATK Package\ATKGFNEX\ASMMAP.sys [13880 2009-07-02] (ASUS)
R1 cFosSpeed; C:\Windows\System32\DRIVERS\cfosspeed6.sys [1187512 2011-02-09] (cFos Software GmbH)
S3 cpudrv; C:\Program Files\SystemRequirementsLab\cpudrv.sys [11336 2011-06-02] ()
R3 dtscsibus; C:\Windows\System32\DRIVERS\dtscsibus.sys [24704 2014-09-13] (Disc Soft Ltd)
R3 ETD; C:\Windows\System32\DRIVERS\ETD.sys [109960 2010-04-13] (ELAN Microelectronic Corp.)
S3 hamachi; C:\Windows\System32\DRIVERS\hamachi.sys [26176 2009-03-18] (LogMeIn, Inc.)
R3 HssDrv; C:\Windows\System32\DRIVERS\HssDrv.sys [37376 2010-09-23] (AnchorFree Inc.)
R0 iaStorA; C:\Windows\System32\DRIVERS\iaStorA.sys [526392 2012-11-19] (Intel Corporation)
R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [25656 2012-11-19] (Intel Corporation)
R1 ISODrive; C:\Program Files\UltraISO\drivers\ISODrive.sys [82320 2010-01-29] (EZB Systems, Inc.)
S3 L1E; C:\Windows\System32\DRIVERS\L1E62x86.sys [47104 2009-07-14] (Atheros Communications, Inc.)
S3 msloop; C:\Windows\System32\DRIVERS\loop.sys [5632 2009-07-14] (Microsoft Corporation)
R3 MTsensor; C:\Windows\System32\DRIVERS\ATKACPI.sys [14392 2009-05-13] (ASUS)
S3 ncvet.dll; C:\Windows\Temp\ncvet.dll [24144 2012-08-03] (Beijing Joychina Network Technologies Co., Ltd.)
R3 nusb3hub; C:\Windows\System32\DRIVERS\nusb3hub.sys [69504 2011-06-10] (Renesas Electronics Corporation)
R3 nusb3xhc; C:\Windows\System32\DRIVERS\nusb3xhc.sys [161664 2011-06-10] (Renesas Electronics Corporation)
R0 nvpciflt; C:\Windows\System32\DRIVERS\nvpciflt.sys [27936 2013-10-23] (NVIDIA Corporation)
R3 S6000KNT; C:\Windows\System32\Drivers\S6000KNT.sys [167576 2010-08-05] (Windows ® Win 7 DDK provider)
S3 SCREAMINGBDRIVER; C:\Windows\System32\drivers\ScreamingBAudio.sys [34896 2010-07-01] (Screaming Bee LLC)
R3 taphss; C:\Windows\System32\DRIVERS\taphss.sys [32768 2010-09-23] (AnchorFree Inc)
S3 tenCapture; C:\Windows\System32\DRIVERS\tenCapture.sys [20664 2012-07-20] (Hajo Krabbenhöft)
S3 apf001; \??\D:\MMORPG\SoftnyxGame\GunBoundIS\apf001.sys [X]
S3 EagleNT; \??\C:\Windows\system32\drivers\EagleNT.sys [X]
S3 EagleXNt; \??\C:\Windows\system32\drivers\EagleXNt.sys [X]
S4 nvvad_WaveExtensible; system32\drivers\nvvad32v.sys [X]
U5 UnlockerDriver5; C:\Program Files\Unlocker\UnlockerDriver5.sys [4096 2010-07-05] () [File not signed]
S3 WinRing0_1_2_0; \??\D:\MMORPG\Game Booster\Driver\WinRing0.sys [X]
S3 XDva359; \??\C:\Windows\system32\XDva359.sys [X]
S3 XDva370; \??\C:\Windows\system32\XDva370.sys [X]
S3 XDva388; \??\C:\Windows\system32\XDva388.sys [X]
S3 XDva398; \??\C:\Windows\system32\XDva398.sys [X]
S3 XDva403; \??\C:\Windows\system32\XDva403.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
 
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
 
NETSVC: jofaiffg -> No Registry Path.
 
==================== One Month Created Files and Folders ========
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2014-09-14 05:01 - 2014-09-16 01:29 - 00000000 ____D () C:\FRST
2014-09-14 04:16 - 2014-09-14 04:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sony
2014-09-14 04:16 - 2014-09-14 04:16 - 00000000 ____D () C:\ProgramData\Sony
2014-09-14 04:16 - 2014-09-14 04:16 - 00000000 ____D () C:\Program Files\Sony
2014-09-14 01:43 - 2014-09-14 01:43 - 00000822 _____ () C:\Users\Public\Desktop\Torchlight 2.v 1.25.5.2 + 1 DLC.lnk
2014-09-14 01:43 - 2014-09-14 01:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Repack by Fenixx
2014-09-13 23:43 - 2014-09-13 23:43 - 00000000 ____D () C:\Users\USER\Documents\ValiantHearts
2014-09-13 23:35 - 2014-09-13 23:35 - 00000667 _____ () C:\Users\Public\Desktop\Valiant Hearts The Great War.lnk
2014-09-13 23:35 - 2014-09-13 23:35 - 00000667 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Valiant Hearts The Great War.lnk
2014-09-13 22:33 - 2014-09-13 22:34 - 00000025 _____ () C:\Users\USER\AppData\Roaming\mbam.context.scan
2014-09-13 21:33 - 2014-09-14 04:02 - 00110296 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-09-13 21:32 - 2014-09-13 21:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-09-13 21:32 - 2014-09-13 21:32 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware
2014-09-13 21:32 - 2014-05-12 07:26 - 00051928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-09-13 21:32 - 2014-05-12 07:25 - 00074456 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-09-13 21:15 - 2014-09-13 21:15 - 00000000 ____D () C:\Users\USER\AppData\Roaming\Wayforward Technologies
2014-09-13 18:06 - 2014-09-13 18:06 - 00000000 ____D () C:\Users\USER\AppData\Local\Disc_Soft_Ltd
2014-09-13 18:04 - 2014-09-13 18:04 - 00000000 ____D () C:\ProgramData\WindowsMangerProtect
2014-09-13 17:59 - 2014-09-13 18:06 - 00000000 ____D () C:\Users\USER\AppData\Roaming\DAEMON Tools Ultra
2014-09-13 17:59 - 2014-09-13 17:59 - 00024704 _____ (Disc Soft Ltd) C:\Windows\system32\Drivers\dtscsibus.sys
2014-09-13 17:59 - 2014-09-13 17:59 - 00000592 _____ () C:\Users\USER\Desktop\DAEMON Tools Ultra.lnk
2014-09-13 17:59 - 2014-09-13 17:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Ultra
2014-09-13 17:54 - 2014-09-13 17:58 - 00000000 ____D () C:\ProgramData\DAEMON Tools Ultra
2014-09-11 20:23 - 2014-09-11 20:23 - 00000000 ____D () C:\ProgramData\FEA3F5DE-0F10-454D-B6C0-55E35B170A9D
2014-09-11 20:23 - 2014-09-11 20:23 - 00000000 ____D () C:\ProgramData\69B6DBD2-8E05-476F-B662-CF8D235FD499
2014-09-11 19:52 - 2014-09-11 19:52 - 00000631 _____ () C:\Users\Public\Desktop\CLIP STUDIO PAINT.lnk
2014-09-11 19:52 - 2014-09-11 19:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CLIP STUDIO
2014-09-11 19:49 - 2014-09-11 19:49 - 00001666 _____ () C:\Users\USER\Desktop\PaintTool SAI  1.2.lnk
2014-09-09 19:26 - 2014-09-09 19:26 - 00000986 _____ () C:\Users\USER\Desktop\The.Sims.4.Launcher - Shortcut.lnk
2014-09-08 01:06 - 2014-09-08 01:06 - 00001050 _____ () C:\Users\USER\Desktop\Origin - Shortcut.lnk
2014-09-07 14:00 - 2014-09-07 14:00 - 00000000 ____D () C:\Users\USER\Documents\Electronic Arts
2014-09-07 13:47 - 2014-09-07 19:30 - 00000000 ____D () C:\Users\USER\AppData\Roaming\Origin
2014-09-07 13:47 - 2014-09-07 13:56 - 00000000 ____D () C:\Users\USER\AppData\Local\Origin
2014-09-07 13:41 - 2014-09-11 18:40 - 00000000 ____D () C:\ProgramData\Origin
2014-09-07 13:37 - 2014-09-07 13:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The SIMS 4 Deluxe Edition
2014-09-06 13:04 - 2009-03-18 18:35 - 00026176 ____H (LogMeIn, Inc.) C:\Windows\system32\hamachi.sys
2014-09-04 02:12 - 2014-09-14 04:36 - 00000000 ____D () C:\Users\HomeGroupUser$
2014-09-04 02:12 - 2014-09-14 04:36 - 00000000 ____D () C:\Users\Guest
2014-09-04 02:12 - 2014-09-14 04:36 - 00000000 ____D () C:\Users\Administrator
2014-09-04 02:12 - 2014-09-04 02:12 - 00000394 __RSH () C:\ProgramData\ntuser.pol
2014-09-04 02:12 - 2014-09-04 02:12 - 00000000 ____D () C:\Users\USER\AppData\Local\Torch
2014-09-04 02:12 - 2014-09-04 02:12 - 00000000 ____D () C:\Users\USER\AppData\Local\Comodo
2014-09-04 02:12 - 2014-09-04 02:12 - 00000000 ____D () C:\Users\USER\AppData\Local\Chromatic Browser
2014-09-04 02:12 - 2014-09-04 02:12 - 00000000 ____D () C:\Users\UpdatusUser\AppData\Local\Torch
2014-09-04 02:12 - 2014-09-04 02:12 - 00000000 ____D () C:\Users\UpdatusUser\AppData\Local\Google
2014-09-04 02:12 - 2014-09-04 02:12 - 00000000 ____D () C:\Users\UpdatusUser\AppData\Local\Comodo
2014-09-04 02:12 - 2014-09-04 02:12 - 00000000 ____D () C:\Users\UpdatusUser\AppData\Local\Chromatic Browser
2014-09-04 02:12 - 2014-09-04 02:12 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Torch
2014-09-04 02:12 - 2014-09-04 02:12 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Google
2014-09-04 02:12 - 2014-09-04 02:12 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Comodo
2014-09-04 02:12 - 2014-09-04 02:12 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Chromatic Browser
2014-09-04 02:12 - 2014-09-04 02:12 - 00000000 ____D () C:\Users\Guest\AppData\Local\Torch
2014-09-04 02:12 - 2014-09-04 02:12 - 00000000 ____D () C:\Users\Guest\AppData\Local\Google
2014-09-04 02:12 - 2014-09-04 02:12 - 00000000 ____D () C:\Users\Guest\AppData\Local\Comodo
2014-09-04 02:12 - 2014-09-04 02:12 - 00000000 ____D () C:\Users\Guest\AppData\Local\Chromatic Browser
2014-09-04 02:12 - 2014-09-04 02:12 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Torch
2014-09-04 02:12 - 2014-09-04 02:12 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Google
2014-09-04 02:12 - 2014-09-04 02:12 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Comodo
2014-09-04 02:12 - 2014-09-04 02:12 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Chromatic Browser
2014-09-04 02:12 - 2014-09-04 02:12 - 00000000 ____D () C:\ProgramData\a07991f999d76e2c
2014-09-03 10:56 - 2014-09-03 10:56 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-09-02 00:20 - 2014-09-02 00:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cooking Academy 3 - Recipe for Success
2014-08-30 19:51 - 2014-09-14 14:30 - 00000000 ____D () C:\Users\USER\AppData\Local\LogMeIn Hamachi
2014-08-30 17:19 - 2014-08-30 17:19 - 00000000 ____D () C:\Users\USER\AppData\Local\LogMeIn
2014-08-30 17:19 - 2014-08-30 17:19 - 00000000 ____D () C:\ProgramData\LogMeIn
2014-08-28 23:14 - 2014-08-28 23:14 - 00131072 _____ () C:\Windows\Minidump\082814-61682-01.dmp
2014-08-28 22:27 - 2014-08-28 22:27 - 00000000 ____D () C:\Windows\Gas Station - Rush Hour!
2014-08-27 00:52 - 2014-08-27 00:52 - 00000000 ____D () C:\Users\USER\AppData\Roaming\PURE WOOL
2014-08-27 00:46 - 2014-08-27 00:46 - 00000069 _____ () C:\Windows\Wininit.INI
2014-08-17 17:10 - 2014-08-17 17:10 - 00000000 ____D () C:\Users\USER\Documents\USER-PC
 
==================== One Month Modified Files and Folders =======
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2014-09-16 01:29 - 2014-09-14 05:01 - 00000000 ____D () C:\FRST
2014-09-16 00:56 - 2011-08-18 17:00 - 00000904 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3538827583-4056727531-2038248145-1000UA.job
2014-09-16 00:52 - 2011-08-31 00:26 - 00222839 _____ () C:\Windows\setupact.log
2014-09-16 00:44 - 2012-07-25 23:17 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-09-15 22:56 - 2011-08-18 17:00 - 00000852 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3538827583-4056727531-2038248145-1000Core.job
2014-09-15 22:02 - 2012-04-10 21:57 - 00000000 ____D () C:\Users\USER\AppData\Roaming\Skype
2014-09-15 21:39 - 2009-12-26 06:44 - 01757754 _____ () C:\Windows\WindowsUpdate.log
2014-09-15 12:25 - 2009-07-14 11:34 - 00019760 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-09-15 12:25 - 2009-07-14 11:34 - 00019760 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-09-15 12:20 - 2011-08-31 00:27 - 00157546 _____ () C:\Windows\AutoKMS.log
2014-09-15 12:20 - 2010-12-27 23:11 - 00000000 ____D () C:\Users\USER\AppData\Roaming\WTablet
2014-09-15 12:20 - 2009-07-14 11:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-09-14 14:30 - 2014-08-30 19:51 - 00000000 ____D () C:\Users\USER\AppData\Local\LogMeIn Hamachi
2014-09-14 04:47 - 2011-08-31 00:26 - 00476850 _____ () C:\Windows\PFRO.log
2014-09-14 04:38 - 2009-12-25 15:55 - 00000000 ____D () C:\Program Files\Adobe
2014-09-14 04:36 - 2014-09-04 02:12 - 00000000 ____D () C:\Users\HomeGroupUser$
2014-09-14 04:36 - 2014-09-04 02:12 - 00000000 ____D () C:\Users\Guest
2014-09-14 04:36 - 2014-09-04 02:12 - 00000000 ____D () C:\Users\Administrator
2014-09-14 04:36 - 2012-08-15 14:23 - 00000000 ____D () C:\Users\matt
2014-09-14 04:36 - 2009-07-14 09:37 - 00000000 ___RD () C:\Users\Public
2014-09-14 04:34 - 2010-10-14 20:25 - 00000000 ____D () C:\Users\USER\Desktop\UD
2014-09-14 04:33 - 2013-06-02 03:15 - 00607426 _____ () C:\Windows\DPINST.LOG
2014-09-14 04:23 - 2014-09-14 04:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sony
2014-09-14 04:22 - 2009-12-25 15:59 - 00000000 ___HD () C:\Program Files\InstallShield Installation Information
2014-09-14 04:16 - 2014-09-14 04:16 - 00000000 ____D () C:\ProgramData\Sony
2014-09-14 04:16 - 2014-09-14 04:16 - 00000000 ____D () C:\Program Files\Sony
2014-09-14 04:02 - 2014-09-13 21:33 - 00110296 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-09-14 03:58 - 2009-07-14 09:37 - 00000000 ____D () C:\Windows\TAPI
2014-09-14 03:41 - 2011-07-28 01:03 - 00000000 ____D () C:\Users\USER\AppData\Roaming\uTorrent
2014-09-14 01:44 - 2014-05-09 17:36 - 00000000 ____D () C:\Users\USER\Documents\My Games
2014-09-14 01:44 - 2013-02-05 13:47 - 00000000 ____D () C:\ProgramData\RELOADED
2014-09-14 01:44 - 2011-07-28 18:04 - 00000000 ____D () C:\Windows\system32\directx
2014-09-14 01:43 - 2014-09-14 01:43 - 00000822 _____ () C:\Users\Public\Desktop\Torchlight 2.v 1.25.5.2 + 1 DLC.lnk
2014-09-14 01:43 - 2014-09-14 01:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Repack by Fenixx
2014-09-13 23:43 - 2014-09-13 23:43 - 00000000 ____D () C:\Users\USER\Documents\ValiantHearts
2014-09-13 23:41 - 2014-06-21 21:32 - 00000000 ____D () C:\ProgramData\Orbit
2014-09-13 23:35 - 2014-09-13 23:35 - 00000667 _____ () C:\Users\Public\Desktop\Valiant Hearts The Great War.lnk
2014-09-13 23:35 - 2014-09-13 23:35 - 00000667 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Valiant Hearts The Great War.lnk
2014-09-13 22:36 - 2010-08-31 16:34 - 00000000 ____D () C:\Users\USER\AppData\Roaming\DMCache
2014-09-13 22:34 - 2014-09-13 22:33 - 00000025 _____ () C:\Users\USER\AppData\Roaming\mbam.context.scan
2014-09-13 21:46 - 2009-12-25 15:46 - 00001417 _____ () C:\Users\USER\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-09-13 21:45 - 2011-04-08 12:18 - 00001108 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-09-13 21:32 - 2014-09-13 21:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-09-13 21:32 - 2014-09-13 21:32 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware
2014-09-13 21:32 - 2013-01-30 18:06 - 00000000 ____D () C:\Users\USER\AppData\Roaming\Malwarebytes
2014-09-13 21:32 - 2013-01-30 18:06 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-09-13 21:15 - 2014-09-13 21:15 - 00000000 ____D () C:\Users\USER\AppData\Roaming\Wayforward Technologies
2014-09-13 20:24 - 2013-01-27 08:13 - 00245620 _____ () C:\Windows\DirectX.log
2014-09-13 18:35 - 2011-07-08 12:14 - 00000000 ____D () C:\Users\USER\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2014-09-13 18:06 - 2014-09-13 18:06 - 00000000 ____D () C:\Users\USER\AppData\Local\Disc_Soft_Ltd
2014-09-13 18:06 - 2014-09-13 17:59 - 00000000 ____D () C:\Users\USER\AppData\Roaming\DAEMON Tools Ultra
2014-09-13 18:06 - 2009-12-25 15:58 - 00000000 ____D () C:\Program Files\Common Files\InstallShield
2014-09-13 18:04 - 2014-09-13 18:04 - 00000000 ____D () C:\ProgramData\WindowsMangerProtect
2014-09-13 17:59 - 2014-09-13 17:59 - 00024704 _____ (Disc Soft Ltd) C:\Windows\system32\Drivers\dtscsibus.sys
2014-09-13 17:59 - 2014-09-13 17:59 - 00000592 _____ () C:\Users\USER\Desktop\DAEMON Tools Ultra.lnk
2014-09-13 17:59 - 2014-09-13 17:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DAEMON Tools Ultra
2014-09-13 17:58 - 2014-09-13 17:54 - 00000000 ____D () C:\ProgramData\DAEMON Tools Ultra
2014-09-13 15:20 - 2010-08-31 17:18 - 00000000 ____D () C:\ProgramData\Temp
2014-09-13 15:12 - 2009-12-25 15:49 - 00786256 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-09-13 00:12 - 2014-03-29 01:10 - 00000418 _____ () C:\Windows\Tasks\At1.job
2014-09-12 13:40 - 2013-06-07 07:40 - 00000000 ____D () C:\Users\USER\AppData\Roaming\FileZilla
2014-09-11 23:44 - 2012-07-25 23:17 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2014-09-11 23:44 - 2012-07-24 16:21 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2014-09-11 20:23 - 2014-09-11 20:23 - 00000000 ____D () C:\ProgramData\FEA3F5DE-0F10-454D-B6C0-55E35B170A9D
2014-09-11 20:23 - 2014-09-11 20:23 - 00000000 ____D () C:\ProgramData\69B6DBD2-8E05-476F-B662-CF8D235FD499
2014-09-11 19:52 - 2014-09-11 19:52 - 00000631 _____ () C:\Users\Public\Desktop\CLIP STUDIO PAINT.lnk
2014-09-11 19:52 - 2014-09-11 19:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CLIP STUDIO
2014-09-11 19:49 - 2014-09-11 19:49 - 00001666 _____ () C:\Users\USER\Desktop\PaintTool SAI  1.2.lnk
2014-09-11 18:40 - 2014-09-07 13:41 - 00000000 ____D () C:\ProgramData\Origin
2014-09-10 23:08 - 2013-12-15 09:35 - 00002658 _____ () C:\Users\USER\Desktop\New Text Document.txt
2014-09-09 19:26 - 2014-09-09 19:26 - 00000986 _____ () C:\Users\USER\Desktop\The.Sims.4.Launcher - Shortcut.lnk
2014-09-08 01:06 - 2014-09-08 01:06 - 00001050 _____ () C:\Users\USER\Desktop\Origin - Shortcut.lnk
2014-09-07 19:30 - 2014-09-07 13:47 - 00000000 ____D () C:\Users\USER\AppData\Roaming\Origin
2014-09-07 14:00 - 2014-09-07 14:00 - 00000000 ____D () C:\Users\USER\Documents\Electronic Arts
2014-09-07 14:00 - 2012-03-05 09:30 - 00000000 ____D () C:\ProgramData\Electronic Arts
2014-09-07 13:56 - 2014-09-07 13:47 - 00000000 ____D () C:\Users\USER\AppData\Local\Origin
2014-09-07 13:37 - 2014-09-07 13:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The SIMS 4 Deluxe Edition
2014-09-04 10:09 - 2012-04-26 09:50 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2014-09-04 02:12 - 2014-09-04 02:12 - 00000394 __RSH () C:\ProgramData\ntuser.pol
2014-09-04 02:12 - 2014-09-04 02:12 - 00000000 ____D () C:\Users\USER\AppData\Local\Torch
2014-09-04 02:12 - 2014-09-04 02:12 - 00000000 ____D () C:\Users\USER\AppData\Local\Comodo
2014-09-04 02:12 - 2014-09-04 02:12 - 00000000 ____D () C:\Users\USER\AppData\Local\Chromatic Browser
2014-09-04 02:12 - 2014-09-04 02:12 - 00000000 ____D () C:\Users\UpdatusUser\AppData\Local\Torch
2014-09-04 02:12 - 2014-09-04 02:12 - 00000000 ____D () C:\Users\UpdatusUser\AppData\Local\Google
2014-09-04 02:12 - 2014-09-04 02:12 - 00000000 ____D () C:\Users\UpdatusUser\AppData\Local\Comodo
2014-09-04 02:12 - 2014-09-04 02:12 - 00000000 ____D () C:\Users\UpdatusUser\AppData\Local\Chromatic Browser
2014-09-04 02:12 - 2014-09-04 02:12 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Torch
2014-09-04 02:12 - 2014-09-04 02:12 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Google
2014-09-04 02:12 - 2014-09-04 02:12 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Comodo
2014-09-04 02:12 - 2014-09-04 02:12 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Chromatic Browser
2014-09-04 02:12 - 2014-09-04 02:12 - 00000000 ____D () C:\Users\Guest\AppData\Local\Torch
2014-09-04 02:12 - 2014-09-04 02:12 - 00000000 ____D () C:\Users\Guest\AppData\Local\Google
2014-09-04 02:12 - 2014-09-04 02:12 - 00000000 ____D () C:\Users\Guest\AppData\Local\Comodo
2014-09-04 02:12 - 2014-09-04 02:12 - 00000000 ____D () C:\Users\Guest\AppData\Local\Chromatic Browser
2014-09-04 02:12 - 2014-09-04 02:12 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Torch
2014-09-04 02:12 - 2014-09-04 02:12 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Google
2014-09-04 02:12 - 2014-09-04 02:12 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Comodo
2014-09-04 02:12 - 2014-09-04 02:12 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Chromatic Browser
2014-09-04 02:12 - 2014-09-04 02:12 - 00000000 ____D () C:\ProgramData\a07991f999d76e2c
2014-09-04 02:12 - 2011-07-28 01:06 - 00000000 ____D () C:\Users\USER\AppData\Local\Google
2014-09-03 10:56 - 2014-09-03 10:56 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-09-03 08:59 - 2010-09-02 09:34 - 00000000 ____D () C:\Users\USER\AppData\Local\Adobe
2014-09-02 00:21 - 2011-06-06 14:59 - 00000000 ____D () C:\ProgramData\Fugazo
2014-09-02 00:20 - 2014-09-02 00:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cooking Academy 3 - Recipe for Success
2014-09-02 00:19 - 2011-07-25 18:08 - 00000000 ____D () C:\Users\USER\AppData\Roaming\LeeGT-Games
2014-09-01 23:41 - 2014-01-05 20:57 - 00000000 ____D () C:\Users\USER\AppData\Roaming\Fugazo
2014-08-30 17:19 - 2014-08-30 17:19 - 00000000 ____D () C:\Users\USER\AppData\Local\LogMeIn
2014-08-30 17:19 - 2014-08-30 17:19 - 00000000 ____D () C:\ProgramData\LogMeIn
2014-08-28 23:14 - 2014-08-28 23:14 - 00131072 _____ () C:\Windows\Minidump\082814-61682-01.dmp
2014-08-28 23:14 - 2011-03-06 01:51 - 00000000 ____D () C:\Windows\Minidump
2014-08-28 22:27 - 2014-08-28 22:27 - 00000000 ____D () C:\Windows\Gas Station - Rush Hour!
2014-08-27 02:12 - 2012-06-21 18:05 - 00000000 ____D () C:\Users\USER\AppData\Roaming\IDM
2014-08-27 00:52 - 2014-08-27 00:52 - 00000000 ____D () C:\Users\USER\AppData\Roaming\PURE WOOL
2014-08-27 00:46 - 2014-08-27 00:46 - 00000069 _____ () C:\Windows\Wininit.INI
2014-08-26 23:45 - 2009-12-25 15:54 - 00000000 ____D () C:\ProgramData\Yahoo!
2014-08-26 23:45 - 2009-12-25 15:54 - 00000000 ____D () C:\Program Files\Yahoo!
2014-08-26 23:43 - 2014-04-19 01:12 - 00000000 ____D () C:\Program Files\Common Files\Blizzard Entertainment
2014-08-24 15:24 - 2013-12-24 22:58 - 00000132 _____ () C:\Users\USER\AppData\Roaming\Adobe PNG Format CS5 Prefs
2014-08-23 00:30 - 2012-12-06 22:37 - 00000578 _____ () C:\Windows\system32\UpgradeErrorReport.txt
2014-08-22 10:05 - 2009-07-14 11:33 - 04158288 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-08-21 20:24 - 2012-06-16 21:47 - 00171664 _____ () C:\Windows\system32\GDIPFONTCACHEV1.DAT
2014-08-17 17:10 - 2014-08-17 17:10 - 00000000 ____D () C:\Users\USER\Documents\USER-PC
 
Files to move or delete:
====================
C:\Windows\Tasks\At1.job
 
 
Some content of TEMP:
====================
C:\Users\USER\AppData\Local\Temp\AutoUI.exe
C:\Users\USER\AppData\Local\Temp\AVGTBInstall.exe
C:\Users\USER\AppData\Local\Temp\bchx2.exe
C:\Users\USER\AppData\Local\Temp\bdfilters.dll
C:\Users\USER\AppData\Local\Temp\bdinst.exe
C:\Users\USER\AppData\Local\Temp\bitool.dll
C:\Users\USER\AppData\Local\Temp\CLI.exe
C:\Users\USER\AppData\Local\Temp\CmdLineExt02.dll
C:\Users\USER\AppData\Local\Temp\contentDATs.exe
C:\Users\USER\AppData\Local\Temp\drm_dyndata_7400009.dll
C:\Users\USER\AppData\Local\Temp\EAD1016.exe
C:\Users\USER\AppData\Local\Temp\EAD1E0A.exe
C:\Users\USER\AppData\Local\Temp\EAD1F42.exe
C:\Users\USER\AppData\Local\Temp\EAD2164.exe
C:\Users\USER\AppData\Local\Temp\EAD25E7.exe
C:\Users\USER\AppData\Local\Temp\EAD297F.exe
C:\Users\USER\AppData\Local\Temp\EAD398.exe
C:\Users\USER\AppData\Local\Temp\EAD4143.exe
C:\Users\USER\AppData\Local\Temp\EAD42D9.exe
C:\Users\USER\AppData\Local\Temp\EAD499C.exe
C:\Users\USER\AppData\Local\Temp\EAD4A86.exe
C:\Users\USER\AppData\Local\Temp\EAD4DC1.exe
C:\Users\USER\AppData\Local\Temp\EAD5772.exe
C:\Users\USER\AppData\Local\Temp\EAD57C0.exe
C:\Users\USER\AppData\Local\Temp\EAD6019.exe
C:\Users\USER\AppData\Local\Temp\EAD6356.exe
C:\Users\USER\AppData\Local\Temp\EAD63D2.exe
C:\Users\USER\AppData\Local\Temp\EAD685.exe
C:\Users\USER\AppData\Local\Temp\EAD6C87.exe
C:\Users\USER\AppData\Local\Temp\EAD7473.exe
C:\Users\USER\AppData\Local\Temp\EAD78D7.exe
C:\Users\USER\AppData\Local\Temp\EAD7BA4.exe
C:\Users\USER\AppData\Local\Temp\EAD7C31.exe
C:\Users\USER\AppData\Local\Temp\EAD8C.exe
C:\Users\USER\AppData\Local\Temp\EAD8C85.exe
C:\Users\USER\AppData\Local\Temp\EAD8EF5.exe
C:\Users\USER\AppData\Local\Temp\EAD90BA.exe
C:\Users\USER\AppData\Local\Temp\EAD9414.exe
C:\Users\USER\AppData\Local\Temp\EAD94EE.exe
C:\Users\USER\AppData\Local\Temp\EAD955B.exe
C:\Users\USER\AppData\Local\Temp\EAD96E1.exe
C:\Users\USER\AppData\Local\Temp\EAD9877.exe
C:\Users\USER\AppData\Local\Temp\EAD99CE.exe
C:\Users\USER\AppData\Local\Temp\EAD9A89.exe
C:\Users\USER\AppData\Local\Temp\EAD9B06.exe
C:\Users\USER\AppData\Local\Temp\EAD9B16.exe
C:\Users\USER\AppData\Local\Temp\EAD9B73.exe
C:\Users\USER\AppData\Local\Temp\EAD9BB2.exe
C:\Users\USER\AppData\Local\Temp\EAD9C5D.exe
C:\Users\USER\AppData\Local\Temp\EAD9D57.exe
C:\Users\USER\AppData\Local\Temp\EAD9E31.exe
C:\Users\USER\AppData\Local\Temp\EAD9EAE.exe
C:\Users\USER\AppData\Local\Temp\EAD9EBE.exe
C:\Users\USER\AppData\Local\Temp\EAD9FC7.exe
C:\Users\USER\AppData\Local\Temp\EADA015.exe
C:\Users\USER\AppData\Local\Temp\EADA0C1.exe
C:\Users\USER\AppData\Local\Temp\EADA10F.exe
C:\Users\USER\AppData\Local\Temp\EADA19B.exe
C:\Users\USER\AppData\Local\Temp\EADA1E9.exe
C:\Users\USER\AppData\Local\Temp\EADA1F9.exe
C:\Users\USER\AppData\Local\Temp\EADA340.exe
C:\Users\USER\AppData\Local\Temp\EADA350.exe
C:\Users\USER\AppData\Local\Temp\EADA3FB.exe
C:\Users\USER\AppData\Local\Temp\EADA42A.exe
C:\Users\USER\AppData\Local\Temp\EADA469.exe
C:\Users\USER\AppData\Local\Temp\EADA4B7.exe
C:\Users\USER\AppData\Local\Temp\EADA4F5.exe
C:\Users\USER\AppData\Local\Temp\EADA572.exe
C:\Users\USER\AppData\Local\Temp\EADA68B.exe
C:\Users\USER\AppData\Local\Temp\EADA736.exe
C:\Users\USER\AppData\Local\Temp\EADA765.exe
C:\Users\USER\AppData\Local\Temp\EADA794.exe
C:\Users\USER\AppData\Local\Temp\EADA820.exe
C:\Users\USER\AppData\Local\Temp\EADA8FB.exe
C:\Users\USER\AppData\Local\Temp\EADA91A.exe
C:\Users\USER\AppData\Local\Temp\EADA949.exe
C:\Users\USER\AppData\Local\Temp\EADA9B6.exe
C:\Users\USER\AppData\Local\Temp\EADA9D5.exe
C:\Users\USER\AppData\Local\Temp\EADA9E5.exe
C:\Users\USER\AppData\Local\Temp\EADAA61.exe
C:\Users\USER\AppData\Local\Temp\EADAACF.exe
C:\Users\USER\AppData\Local\Temp\EADAAFD.exe
C:\Users\USER\AppData\Local\Temp\EADAAFE.exe
C:\Users\USER\AppData\Local\Temp\EADAB1D.exe
C:\Users\USER\AppData\Local\Temp\EADABF7.exe
C:\Users\USER\AppData\Local\Temp\EADACD1.exe
C:\Users\USER\AppData\Local\Temp\EADADBB.exe
C:\Users\USER\AppData\Local\Temp\EADADDB.exe
C:\Users\USER\AppData\Local\Temp\EADADEA.exe
C:\Users\USER\AppData\Local\Temp\EADAF22.exe
C:\Users\USER\AppData\Local\Temp\EADB02B.exe
C:\Users\USER\AppData\Local\Temp\EADB0E7.exe
C:\Users\USER\AppData\Local\Temp\EADB52B.exe
C:\Users\USER\AppData\Local\Temp\EADB5B7.exe
C:\Users\USER\AppData\Local\Temp\EADBAA7.exe
C:\Users\USER\AppData\Local\Temp\EADBAA8.exe
C:\Users\USER\AppData\Local\Temp\EADBBFE.exe
C:\Users\USER\AppData\Local\Temp\EADBD07.exe
C:\Users\USER\AppData\Local\Temp\EADBDD2.exe
C:\Users\USER\AppData\Local\Temp\EADBE10.exe
C:\Users\USER\AppData\Local\Temp\EADBFA6.exe
C:\Users\USER\AppData\Local\Temp\EADC080.exe
C:\Users\USER\AppData\Local\Temp\EADC254.exe
C:\Users\USER\AppData\Local\Temp\EADC476.exe
C:\Users\USER\AppData\Local\Temp\EADC4B5.exe
C:\Users\USER\AppData\Local\Temp\EADC611.exe
C:\Users\USER\AppData\Local\Temp\EADC6D7.exe
C:\Users\USER\AppData\Local\Temp\EADC7B1.exe
C:\Users\USER\AppData\Local\Temp\EADC8D9.exe
C:\Users\USER\AppData\Local\Temp\EADC928.exe
C:\Users\USER\AppData\Local\Temp\EADC9A4.exe
C:\Users\USER\AppData\Local\Temp\EADCA31.exe
C:\Users\USER\AppData\Local\Temp\EADCE84.exe
C:\Users\USER\AppData\Local\Temp\EADCEB3.exe
C:\Users\USER\AppData\Local\Temp\EADD133.exe
C:\Users\USER\AppData\Local\Temp\EADD47D.exe
C:\Users\USER\AppData\Local\Temp\EADDF46.exe
C:\Users\USER\AppData\Local\Temp\EADE030.exe
C:\Users\USER\AppData\Local\Temp\EADE223.exe
C:\Users\USER\AppData\Local\Temp\EADE243.exe
C:\Users\USER\AppData\Local\Temp\EADE4A3.exe
C:\Users\USER\AppData\Local\Temp\EADEB95.exe
C:\Users\USER\AppData\Local\Temp\EADEC70.exe
C:\Users\USER\AppData\Local\Temp\EADF201.exe
C:\Users\USER\AppData\Local\Temp\EADF5B.exe
C:\Users\USER\AppData\Local\Temp\EADF6DC.exe
C:\Users\USER\AppData\Local\Temp\EADFDDE.exe
C:\Users\USER\AppData\Local\Temp\FHFEA9.tmp.exe
C:\Users\USER\AppData\Local\Temp\FileUnlocker_Installer.exe
C:\Users\USER\AppData\Local\Temp\GameA1.01.0041Patch_signed.exe
C:\Users\USER\AppData\Local\Temp\GameA1.01.0042Patch_signed.exe
C:\Users\USER\AppData\Local\Temp\GameA1.01.0043Patch_signed.exe
C:\Users\USER\AppData\Local\Temp\GameA1.01.0044Patch_signed.exe
C:\Users\USER\AppData\Local\Temp\GameA1.01.0045Patch_signed.exe
C:\Users\USER\AppData\Local\Temp\GameA1.01.0046Patch_signed.exe
C:\Users\USER\AppData\Local\Temp\GameA1.01.0047Patch_signed.exe
C:\Users\USER\AppData\Local\Temp\GameA1.01.0048Patch_signed.exe
C:\Users\USER\AppData\Local\Temp\GameA1.01.0049Patch_signed.exe
C:\Users\USER\AppData\Local\Temp\GameA1.01.0050Patch_signed.exe
C:\Users\USER\AppData\Local\Temp\GameA1.01.0051Patch.exe
C:\Users\USER\AppData\Local\Temp\GameA1.01.0052Patch.exe
C:\Users\USER\AppData\Local\Temp\GameA1.01.0053Patch.exe
C:\Users\USER\AppData\Local\Temp\GameA1.01.0054Patch.exe
C:\Users\USER\AppData\Local\Temp\GameA1.01.0055Patch.exe
C:\Users\USER\AppData\Local\Temp\GameA1.01.0056Patch.exe
C:\Users\USER\AppData\Local\Temp\GameA1.01.0057Patch.exe
C:\Users\USER\AppData\Local\Temp\GameA1.01.0058Patch.exe
C:\Users\USER\AppData\Local\Temp\GameA1.01.0059Patch.exe
C:\Users\USER\AppData\Local\Temp\GameA1.01.0060Patch.exe
C:\Users\USER\AppData\Local\Temp\GameA1.01.0061Patch.exe
C:\Users\USER\AppData\Local\Temp\GameA1.01.0062Patch.exe
C:\Users\USER\AppData\Local\Temp\GameA1.01.0063Patch.exe
C:\Users\USER\AppData\Local\Temp\GameA1.01.0064Patch.exe
C:\Users\USER\AppData\Local\Temp\GameA1.01.0065Patch.exe
C:\Users\USER\AppData\Local\Temp\GameA1.01.0066Patch.exe
C:\Users\USER\AppData\Local\Temp\GameA1.01.0067Patch.exe
C:\Users\USER\AppData\Local\Temp\GameA1.01.0068Patch.exe
C:\Users\USER\AppData\Local\Temp\GameA1.01.0069Patch.exe
C:\Users\USER\AppData\Local\Temp\GameA1.01.0070Patch.exe
C:\Users\USER\AppData\Local\Temp\GLF3EBE.tmp.dll
C:\Users\USER\AppData\Local\Temp\GLFA579.tmp.dll
C:\Users\USER\AppData\Local\Temp\GURB2BB.exe
C:\Users\USER\AppData\Local\Temp\handbrake-setup.exe
C:\Users\USER\AppData\Local\Temp\ICReinstall_113_Animated_Powerpoint_Templates-last.zip_downloader.exe
C:\Users\USER\AppData\Local\Temp\installapi.exe
C:\Users\USER\AppData\Local\Temp\installerdll.dll
C:\Users\USER\AppData\Local\Temp\installerdll218729.dll
C:\Users\USER\AppData\Local\Temp\installerdll249539.dll
C:\Users\USER\AppData\Local\Temp\installerdll586782.dll
C:\Users\USER\AppData\Local\Temp\installerdll6154957.dll
C:\Users\USER\AppData\Local\Temp\installerdll6177374.dll
C:\Users\USER\AppData\Local\Temp\jre-6u29-windows-i586-iftw-rv.exe
C:\Users\USER\AppData\Local\Temp\jre-6u31-windows-i586-iftw-rv.exe
C:\Users\USER\AppData\Local\Temp\jre-6u33-windows-i586-iftw.exe
C:\Users\USER\AppData\Local\Temp\jre-6u35-windows-i586-iftw.exe
C:\Users\USER\AppData\Local\Temp\jre-6u37-windows-i586-iftw.exe
C:\Users\USER\AppData\Local\Temp\jre-7u11-windows-i586-iftw.exe
C:\Users\USER\AppData\Local\Temp\jre-7u13-windows-i586-iftw.exe
C:\Users\USER\AppData\Local\Temp\jre-7u15-windows-i586-iftw.exe
C:\Users\USER\AppData\Local\Temp\jre-7u17-windows-i586-iftw.exe
C:\Users\USER\AppData\Local\Temp\jre-7u45-windows-i586-iftw.exe
C:\Users\USER\AppData\Local\Temp\jre-7u55-windows-i586-iftw.exe
C:\Users\USER\AppData\Local\Temp\jre-7u65-windows-i586-iftw.exe
C:\Users\USER\AppData\Local\Temp\jre-7u67-windows-i586-iftw.exe
C:\Users\USER\AppData\Local\Temp\KERNEL.DLL
C:\Users\USER\AppData\Local\Temp\kpinstaller.exe
C:\Users\USER\AppData\Local\Temp\lowproc.exe
C:\Users\USER\AppData\Local\Temp\nircmd.exe
C:\Users\USER\AppData\Local\Temp\pv.exe
C:\Users\USER\AppData\Local\Temp\rootsupd.exe
C:\Users\USER\AppData\Local\Temp\SecurityScan_Release.exe
C:\Users\USER\AppData\Local\Temp\Setup.exe
C:\Users\USER\AppData\Local\Temp\SkypeSetup.exe
C:\Users\USER\AppData\Local\Temp\smt_istartsurf.exe
C:\Users\USER\AppData\Local\Temp\stubhelper.dll
C:\Users\USER\AppData\Local\Temp\swt-win32-3349.dll
C:\Users\USER\AppData\Local\Temp\swt-win32-3740.dll
C:\Users\USER\AppData\Local\Temp\tbuTo2.dll
C:\Users\USER\AppData\Local\Temp\Uninstall.exe
C:\Users\USER\AppData\Local\Temp\UninstallEADM.dll
C:\Users\USER\AppData\Local\Temp\UnlockerInstaller.exe
C:\Users\USER\AppData\Local\Temp\utt7C57.tmp.exe
C:\Users\USER\AppData\Local\Temp\vcredist_x64.exe
C:\Users\USER\AppData\Local\Temp\vcredist_x86.exe
C:\Users\USER\AppData\Local\Temp\vfind.exe
C:\Users\USER\AppData\Local\Temp\WindowsInstaller-KB893803-v2-x86.exe
C:\Users\USER\AppData\Local\Temp\xmlUpdater.exe
C:\Users\USER\AppData\Local\Temp\ylshkv33.dll
C:\Users\USER\AppData\Local\Temp\_Mr_Jones'_Graveyard_Shift.exe
 
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2014-08-18 19:14
 
==================== End Of Log ============================
 
 
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 12-09-2014
Ran by USER at 2014-09-16 01:31:49
Running from D:\
Boot Mode: Normal
==========================================================
 
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 
==================== Installed Programs ======================
 
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
’±‚Ì“Å ‰Ø‚̽ (HKCU\...\{DCFCA897-6B4F-4F95-BB1C-9154420EDB88}) (Version:  - )
µTorrent (HKCU\...\uTorrent) (Version: 3.4.2.32126 - BitTorrent Inc.)
7-Zip 9.20 (HKLM\...\7-Zip) (Version:  - )
ACDSee Photo Manager 12 (HKLM\...\{A5CBD7C5-CF16-443F-A4F2-3503C9DE311B}) (Version: 12.0.344 - ACD Systems International Inc.)
Adobe Acrobat X Pro - English, Français, Deutsch (HKLM\...\{AC76BA86-1033-F400-7760-000000000005}) (Version: 10.0.0 - Adobe Systems)
Adobe Creative Suite 5.5 Master Collection (HKLM\...\{D57FC112-312E-4D70-860F-2DB8FB6858F0}) (Version: 5.5 - Adobe Systems Incorporated)
Adobe Flash Player 15 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 15.0.0.152 - Adobe Systems Incorporated)
Adobe Flash Player 15 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 15.0.0.152 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.05) (HKLM\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.05 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.0 (HKLM\...\Adobe Shockwave Player) (Version: 12.0.2.122 - Adobe Systems, Inc.)
Adobe Widget Browser (HKLM\...\com.adobe.WidgetBrowser.E7BED6E5DDA59983786DD72EBFA46B1598278E07.1) (Version: 2.0 Build 230 - Adobe Systems Incorporated.)
Adobe Widget Browser (Version: 2.0.230 - Adobe Systems Incorporated.) Hidden
Aegisub 2.1.8 (HKLM\...\{24BC8B57-716C-444F-B46B-A3349B9164C5}_is1) (Version: 2.1.8 - Aegisub Team)
Akamai NetSession Interface (HKCU\...\Akamai) (Version:  - Akamai Technologies, Inc)
Apple Application Support (HKLM\...\{122ADF8C-DDA1-480C-9936-C88F2825B265}) (Version: 2.1.9 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{8F1ADE4D-EFAC-4F5A-B346-23C2687FAF50}) (Version: 5.2.0.6 - Apple Inc.)
Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ASUSDVD (HKLM\...\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}) (Version:  - )
Atheros Driver Installation Program (HKLM\...\{C3A32068-8AB1-4327-BB16-BED9C6219DC7}) (Version: 9.2 - Atheros)
ATK Package (HKLM\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0004 - ASUS)
Aura Kingdom (HKLM\...\Aura Kingdom) (Version:  - )
Autodesk DWF Viewer (HKLM\...\Autodesk DWF Viewer) (Version: 6.5 - Autodesk, Inc.)
Bandisoft MPEG-1 Decoder (HKLM\...\BandiMPEG1) (Version:  - )
Battle.net (HKLM\...\Battle.net) (Version:  - Blizzard Entertainment)
BattleBlock Theater (HKLM\...\Steam App 238460) (Version:  - The Behemoth)
Bonjour (HKLM\...\{79155F2B-9895-49D7-8612-D92580E0DE5B}) (Version: 3.0.0.10 - Apple Inc.)
Charlaine Harris Dying for Daylight 1.00 (HKLM\...\Charlaine Harris Dying for Daylight 1.00) (Version:  - )
Classic Shell (HKLM\...\{6E328D2B-D432-4120-9E98-6A21CC0B71F9}) (Version: 1.9.2 - IvoSoft)
CLIP STUDIO PAINT (HKLM\...\{E4F184C1-E62E-44F0-B142-AB6197490834}) (Version: 1.3.1 - CELSYS)
Compatibility Pack for the 2007 Office system (HKLM\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6514.5001 - Microsoft Corporation)
Content (Version: 1.00.0000 - Your Company Name) Hidden
Cooking Academy 3 - Recipe for Success (HKLM\...\{9F29A9CB-F75C-4EA5-88E4-6E87FC0AA02C}) (Version: 1.0.0 - LeeGT-Games)
Corel Painter 11 - ICA (Version: 11.0 - Corel Corporation) Hidden
Corel Painter 11 - IPM (Version: 011 - Corel Corporation) Hidden
Corel Painter 11 (HKLM\...\_{5B51BB5F-4E7C-4275-A653-E98534E9C1D2}) (Version:  - Corel Corporation)
Corel Painter 11 (Version: 11.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - Capture (Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - Common (Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - Connect (Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - Custom Data (Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - Draw (Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - EN (Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - Filters (Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - FontNav (Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - IPM (Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - PHOTO-PAINT (Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - Photozoom Plugin (Version: 15.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - Redist (Version: 15.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - Setup Files (Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - VBA (Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - VideoBrowser (Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - VSTA (Version: 15.3 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 - WT (Version: 15.3 -  Corel Corporation) Hidden
CorelDRAW Graphics Suite X5 (Version: 15.3 - Corel Corporation) Hidden
CorelDRAW® Graphics Suite X5 (HKLM\...\_{CE54DCE1-E00A-4D91-ACB9-A2D916C24051}) (Version: 15.2.0.686 - Corel Corporation)
CyberLink YouCam (HKLM\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 1.0.2115 - CyberLink Corp.)
CyberLink YouCam (Version: 1.0.2115 - CyberLink Corp.) Hidden
D3DX10 (Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Ultra (HKLM\...\DAEMON Tools Ultra) (Version: 2.4.0.0280 - Disc Soft Ltd)
Delicious 8- Emily's Wonder Wedding Premium Edition (HKLM\...\Delicious 8- Emily's Wonder Wedding Premium EditionFinal) (Version: Final - AllSmartGames)
Divinity Original Sin (HKLM\...\RGl2aW5pdHlPcmlnaW5hbFNpbg==_is1) (Version: 1 - )
Dragon Age: Origins - Ultimate Edition (HKLM\...\Steam App 47810) (Version:  - BioWare)
Driver Genius Professional Edition (HKLM\...\Driver Genius Professional Edition_is1) (Version: 11.0 - Driver-Soft Inc.)
ETDWare PS/2-x86 7.0.5.11_WHQL (HKLM\...\Elantech) (Version: 7.0.5.11 - ELAN Microelectronics Corp.)
ffdshow [rev 3154] [2009-12-09] (HKLM\...\ffdshow_is1) (Version: 1.0 - )
File Splitter and Joiner (FFSJ v3.3) (HKLM\...\File Splitter and Joiner_is1) (Version:  - Le Minh Hoang)
FileZilla Client 3.9.0.3 (HKLM\...\FileZilla Client) (Version: 3.9.0.3 - Tim Kosse)
Google Chrome (HKCU\...\Google Chrome) (Version: 37.0.2062.103 - Google Inc.)
Hero Editor V1.04 (HKLM\...\ST6UNST #1) (Version:  - )
Heroine's Quest: The Herald of Ragnarok (HKLM\...\Steam App 283880) (Version:  - Crystal Shard)
IconHandler 32 bit (Version: 2.0 - Corel Corporation) Hidden
Intel® Management Engine Components (HKLM\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 6.0.0.1179 - Intel Corporation)
Intel® Processor Graphics (HKLM\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2622 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.7.0.1013 - Intel Corporation)
Internet Download Manager (HKLM\...\Internet Download Manager) (Version:  - )
iTunes (HKLM\...\{6AD9F5F3-5BD0-4000-BD9C-B536CF86D988}) (Version: 10.6.3.25 - Apple Inc.)
Java 7 Update 67 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F03217067FF}) (Version: 7.0.670 - Oracle)
Java Auto Updater (Version: 2.1.67.1 - Oracle, Inc.) Hidden
KAMI (HKLM\...\Steam App 272040) (Version:  - State of Play Games)
Langauge (Version: 1.00.0000 - Your Company Name) Hidden
Left 4 Dead 2 (HKLM\...\Steam App 550) (Version:  - Valve)
LINE (HKLM\...\LINE) (Version: 3.7.0.34 - LINE Corporation)
Malwarebytes Anti-Malware version 2.0.2.1012 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Manga Studio (HKLM\...\{CFA66508-B19D-4032-AB0A-EBBA2BDF1368}) (Version: 5.0.0 - Smith Micro)
Microsoft .NET Framework 4.5 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50709 - Microsoft Corporation)
Microsoft .NET Framework 4.5 (Version: 4.5.50709 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6012.5000 - Microsoft Corporation) Hidden
Microsoft Office Access MUI (English) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Access Setup Metadata MUI (English) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Enterprise 2007 (HKLM\...\ENTERPRISE) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (English) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Groove MUI (English) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Groove Setup Metadata MUI (English) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (English) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (English) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (English) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (English) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (English) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (English) 2007 (Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 4.0.60310.0 - Microsoft Corporation)
Microsoft SOAP Toolkit 3.0 (HKLM\...\{BCB4C18A-ACA6-4383-8688-E19933A705DD}) (Version: 3.0.1325.4 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Text-to-Speech Engine 4.0 (English) (HKLM\...\MSTTS) (Version:  - )
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM\...\{86CE1746-9EFF-3C9C-8755-81EA8903AC34}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106 (HKLM\...\{615bc16d-60f5-482e-91b3-b51d8130963b}) (Version: 11.0.51106.1 - Корпорация Майкрософт)
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.51106 (Version: 11.0.51106 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.51106 (Version: 11.0.51106 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual Studio Tools for Applications 2.0 - ENU (HKLM\...\{AA4A4B2C-0465-3CF8-BA76-27A027D8ACAB}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2.0 Runtime (HKLM\...\{299C0434-4F4E-341F-A916-4E07AEB35E79}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (HKLM\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
Microsoft XNA Framework Redistributable 4.0 (HKLM\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
Microsoft_VC80_ATL_x86 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_CRT_x86 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFC_x86 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFCLOC_x86 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC90_ATL_x86 (Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_CRT_x86 (Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFC_x86 (Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFCLOC_x86 (Version: 1.00.0000 - Adobe) Hidden
MobileMe Control Panel (HKLM\...\{779DECD7-E072-4B56-9B6B-BEB5973EEEB5}) (Version: 3.1.6.0 - Apple Inc.)
Mobipocket Reader 6.2 (HKLM\...\{342126E1-173C-4585-BFBE-3EBDD20E3E9E}) (Version: 6.2.608 - Mobipocket.com)
Mozilla Firefox 32.0 (x86 en-US) (HKLM\...\Mozilla Firefox 32.0 (x86 en-US)) (Version: 32.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
MPC-HC 1.7.0.7691 (8d311b0) Beta (HKLM\...\{2624B969-7135-4EB1-B0F6-2D8C397B45F7}_is1) (Version: 1.7.0.7691 - MPC-HC Team)
MSVCRT (Version: 15.4.2862.0708 - Microsoft) Hidden
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Nero 7 Essentials (HKLM\...\{BC61F51E-8AF7-46B9-AF20-B33B5EE81033}) (Version: 7.03.0188 - Nero AG)
neroxml (Version: 1.0.0 - Nero AG) Hidden
Northern Tale 4 (HKLM\...\{C264AA3D-C38F-4F28-A937-D75F465F67DF}) (Version: 1.0.0 - LeeGT-Games)
Notepad++ (HKLM\...\Notepad++) (Version: 6.6.1 - Notepad++ Team)
NVIDIA Control Panel 331.65 (Version: 331.65 - NVIDIA Corporation) Hidden
NVIDIA Display Control Panel (HKLM\...\NVIDIA Display Control Panel) (Version: 6.14.12.5715 - NVIDIA Corporation)
NVIDIA Graphics Driver 331.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 331.65 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.140.952 - NVIDIA Corporation) Hidden
NVIDIA Optimus 9.3.21 (Version: 9.3.21 - NVIDIA Corporation) Hidden
NVIDIA PhysX (HKLM\...\{B4F3A360-E1E2-479D-ADE7-9BE3B07F4539}) (Version: 9.10.0223 - NVIDIA Corporation)
NVIDIA Update Components (Version: 9.3.21 - NVIDIA Corporation) Hidden
OpenAL (HKLM\...\OpenAL) (Version:  - )
Origin (HKLM\...\Origin) (Version: 9.4.22.2815 - Electronic Arts, Inc.)
osu! (HKLM\...\{C3592426-531E-4110-911D-BFECE2CE284C}) (Version: 0.0.0.0 - peppy)
Oxford Advanced Learner's Dictionary - 8th Edition (HKLM\...\NSIS_oald8) (Version:  - )
Pando Media Booster (HKLM\...\{980A182F-E0A2-4A40-94C1-AE0C1235902E}) (Version: 2.6.0.8 - Pando Networks Inc.)
Paradise Quest 1.00 (HKLM\...\Paradise Quest 1.00) (Version:  - )
Path of Exile (HKLM\...\{90A4562F-D4A1-4B65-906D-41F236CF6902}) (Version: 1.1.3.32881 - Grinding Gear Games)
PCSX2 - Playstation 2 Emulator (HKLM\...\pcsx2-r5350) (Version:  - )
PCSX2 - Playstation 2 Emulator (HKLM\...\pcsx2-r5875) (Version:  - )
PDF Settings CS5 (Version: 10.0 - Adobe Systems Incorporated) Hidden
Phantasy Star Online 2 (HKLM\...\http://pso2.jp/appid/release/asiasoft_sg_is1) (Version:  - Asiasoft)
Picture Resize Genius 2.9.8 (HKLM\...\Picture Resize Genius_is1) (Version:  - Lonking Software,LLC)
Playtrickster (HKCU\...\Playtrickster) (Version: 00.01.00.00 - Privatia co.,ltd.)
Power Mp3 Cutter(Mp3 Sound Cutter) 1.40 (HKLM\...\Power Mp3 Cutter(Mp3 Sound Cutter)_is1) (Version:  - CooolSoft, Inc.)
PxMergeModule (Version: 1.00.0000 - Your Company Name) Hidden
QUICKfind server v1.1 (HKLM\...\QUICKfind) (Version:  - IDM)
QuickTime (HKLM\...\{C9E14402-3631-4182-B377-6B0DFB1C0339}) (Version: 7.70.80.34 - Apple Inc.)
Ragnarok Online (HKLM\...\Ragnarok Online) (Version:  - )
Ragnarok Renewal (HKLM\...\Raganrok Renewal) (Version:  - )
RaidCall (HKLM\...\RaidCall) (Version: 7.0.2-1.0.1464.29 - raidcall.com)
Rainbow Web 3 (HKLM\...\Rainbow Web 3_is1) (Version:  - Sugar Games)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6438 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Card Reader (HKLM\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7600.30126 - Realtek Semiconductor Corp.)
Renesas Electronics USB 3.0 Host Controller Driver (HKLM\...\InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.1.19.0 - Renesas Electronics Corporation)
Renesas Electronics USB 3.0 Host Controller Driver (Version: 2.1.19.0 - Renesas Electronics Corporation) Hidden
Risen (HKLM\...\Steam App 40300) (Version:  - Piranha – Bytes)
RTP for RM2K (Png, Wav, Midi, Fonts) (HKLM\...\RTP for RM2K (Png, Wav, Midi, Fonts)) (Version:  - )
Sable Maze - Sullivan River CE [Updated] (HKLM\...\Sable Maze - Sullivan River CE [Updated]Final) (Version: Final - AllSmartGames)
Secrets Of Rome (HKLM\...\Secrets Of Rome_is1) (Version: 1.0 - Media Contact LLC)
Skype Click to Call (HKLM\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.3.16540.9015 - Microsoft Corporation)
Skype™ 6.18 (HKLM\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.18.106 - Skype Technologies S.A.)
Sony PC Companion 2.10.221 (HKLM\...\{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}) (Version: 2.10.221 - Sony)
Spirits (HKLM\...\Steam App 210170) (Version:  - Spaces of Play)
Starbound (HKLM\...\Steam App 211820) (Version:  - )
Steam (HKLM\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
SteamWorld Dig (HKLM\...\GOGPACKSTEAMWORLDDIG_is1) (Version: 2.0.0.2 - GOG.com)
swMSM (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
System Requirements Lab for Intel (HKLM\...\{53C63F43-B827-42D9-8886-4698D91EA33B}) (Version: 4.5.15.0 - Husdawg, LLC)
TeamViewer 9 (HKLM\...\TeamViewer 9) (Version: 9.0.28223 - TeamViewer)
The Book of Unwritten Tales (HKLM\...\Steam App 215160) (Version:  - KING Art)
The Happy Herefter (HKLM\...\The Happy HerefterFinal) (Version: Final - AllSmartGames)
The Night of the Rabbit (HKLM\...\Steam App 230820) (Version:  - Daedalic Entertainment)
The Promised Land (HKLM\...\The Promised LandFinal) (Version: Final - AllSmartGames)
The SIMS 4 Deluxe Edition (HKLM\...\The SIMS 4 Deluxe Edition_is1) (Version: 1.0 - Релиз от R.G. Steamgames)
Tiny and Big: Grandpa's Leftovers (HKLM\...\Steam App 205910) (Version:  - Black Pants Game Studio)
Tiny Token Empires (HKLM\...\{1D43ECE9-5F1B-4CB7-8645-8AA01D6E96B9}) (Version: 3.3.0.63135 - LeeGT-Games)
Torchlight 2.v 1.25.5.2 + 1 DLC (HKLM\...\Torchlight 2.v 1.25.5.2 + 1 DLC_is1) (Version: Torchlight 2.v 1.25.5.2 + 1 DLC - Repack by Fenixx (01.06.2013))
Tower of Elements (HKLM\...\Tower of ElementsFinal) (Version: Final - AllSmartGames)
UltraISO Premium V9.5 (HKLM\...\UltraISO_is1) (Version:  - )
UniKey 4.0 NT (HKLM\...\UniKey) (Version: 4.0 NT - Pham Kim Long)
UniKey 4.0 RC2 (build 1101) (HKLM\...\{F1CDC990-C599-4F9A-9586-8457F60021DA}_is1) (Version:  - Pham Kim Long)
Uninstall LAC VIET mtd2002-EVA (HKLM\...\LAC VIET mtd2002-EVA_is1) (Version: 4.0 - LAC VIET Corp.)
Unlocker 1.9.1 (HKLM\...\Unlocker) (Version: 1.9.1 - Cedrick Collomb)
Update Manager (Version: 4.60 - Corel Corporation) Hidden
USB2.0 2.0M UVC WebCam (HKLM\...\{FC9B811E-39BC-4813-9E29-B83CCF700010}) (Version: 2.103.13.5 - ALi)
Valiant Hearts: The Great War (HKLM\...\VmFsaWFudEhlYXJ0c1RoZUdyZWF0V2Fy_is1) (Version: 1 - )
Vampire - The Masquerade Bloodlines (HKLM\...\InstallShield_{C4E2A4A7-B623-40CB-8EEA-72F577E49D56}) (Version: 1.00.0000 - Activision)
Visual Basic for Applications ® Core - English (Version: 6.4.99.69 - Microsoft Corporation) Hidden
Visual Basic for Applications ® Core (Version: 6.4.99.69 - Microsoft Corporation) Hidden
Wacom Tablet (HKLM\...\Wacom Tablet Driver) (Version:  - Wacom Technology Corp.)
Winamp (HKLM\...\Winamp) (Version: 5.63  - Nullsoft, Inc)
Winamp Detector Plug-in (HKCU\...\Winamp Detect) (Version: 1.0.0.1 - Nullsoft, Inc)
Windows Live Communications Platform (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM\...\WinLiveSuite) (Version: 15.4.3538.0513 - Microsoft Corporation)
Windows Live Essentials (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4232.0 - Microsoft Corporation) Hidden
Windows Live Installer (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Movie Maker (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Live SOXE (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
Windows Resource Kit Tools - SubInAcl.exe (HKLM\...\{D3EE034D-5B92-4A55-AA02-2E6D0A6A96EE}) (Version: 5.2.3790.1164 - Microsoft Corporation)
WindowsMangerProtect20.0.0.722 (HKLM\...\WindowsMangerProtect) (Version: 20.0.0.722 - WindowsProtect LIMITED) <==== ATTENTION
WinRAR 5.01 (32-bit) (HKLM\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)
XSplit Gamecaster (HKLM\...\{27E6D8B1-70BC-4981-AE4D-B7C73475C416}) (Version: 1.8.1406.0910 - SplitmediaLabs)
Yahoo! Messenger (HKLM\...\Yahoo! Messenger) (Version:  - Yahoo! Inc.)
ドットカレシ-We're 8bit Lovers!- Ⅰでんせつのおとめ (HKLM\...\{50AB4E03-3F22-4B32-B952-B5093970B224}) (Version: 1.0.0 - Rejet)
参千世界遊戯 (HKCU\...\{F3E0335D-D4A2-4E15-B7BB-2E9F5C85C982}) (Version:  - girls★dynamics)
赤ずきんと迷いの森 (HKLM\...\{575BEB1C-1D64-4049-A9E4-E1081CC737EC}) (Version:  - )
 
==================== Custom CLSID (selected items): ==========================
 
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
 
CustomCLSID: HKU\S-1-5-21-3538827583-4056727531-2038248145-1000_Classes\CLSID\{00B7E0AB-817A-44AD-A04B-D1148D524136}\InprocServer32 -> C:\Windows\System32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3538827583-4056727531-2038248145-1000_Classes\CLSID\{022105BD-948A-40C9-AB42-A3300DDF097F}\localserver32 -> "C:\Users\USER\AppData\Local\Google\Update\GoogleUpdate.exe" No File
CustomCLSID: HKU\S-1-5-21-3538827583-4056727531-2038248145-1000_Classes\CLSID\{035FBE31-3755-450A-A775-5E6BBD43D344}\InprocServer32 -> C:\Users\USER\AppData\Local\Google\Update\1.3.21.135\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-3538827583-4056727531-2038248145-1000_Classes\CLSID\{037FB476-15E0-4ED1-B11A-E420B750B1A8}\localserver32 -> C:\Program Files\Common Files\InstallShield\UpdateService\agent.exe (Macrovision Corporation)
CustomCLSID: HKU\S-1-5-21-3538827583-4056727531-2038248145-1000_Classes\CLSID\{095A2EEC-F7FE-42E8-96FB-C20E53081908}\InprocServer32 -> C:\Users\USER\AppData\Local\Google\Update\1.3.21.99\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-3538827583-4056727531-2038248145-1000_Classes\CLSID\{218D2740-5A50-42A8-AB9F-62FF1B168782}\InprocServer32 -> C:\Users\USER\AppData\Local\Google\Update\1.3.21.69\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-3538827583-4056727531-2038248145-1000_Classes\CLSID\{22181302-A8A6-4F84-A541-E5CBFC70CC43}\localserver32 -> "C:\Users\USER\AppData\Local\Google\Update\1.3.24.15\GoogleUpdateOnDemand.exe" No File
CustomCLSID: HKU\S-1-5-21-3538827583-4056727531-2038248145-1000_Classes\CLSID\{2837E0FE-686B-4CB0-BE53-0EA097EAF71B}\InprocServer32 -> C:\Windows\Downloaded Program Files\isusweb.dll (Macrovision Corporation)
CustomCLSID: HKU\S-1-5-21-3538827583-4056727531-2038248145-1000_Classes\CLSID\{2F0E2680-9FF5-43C0-B76E-114A56E93598}\localserver32 -> "C:\Users\USER\AppData\Local\Google\Update\1.3.24.15\GoogleUpdateOnDemand.exe" No File
CustomCLSID: HKU\S-1-5-21-3538827583-4056727531-2038248145-1000_Classes\CLSID\{3100A299-7D18-481A-B24A-23BDEFB424B8}\InprocServer32 -> C:\Users\USER\AppData\Local\Google\Update\1.3.21.68\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-3538827583-4056727531-2038248145-1000_Classes\CLSID\{31261F21-2B16-45EE-BEAB-07C4CFA18B65}\InprocServer32 -> C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
CustomCLSID: HKU\S-1-5-21-3538827583-4056727531-2038248145-1000_Classes\CLSID\{320F0FDB-BE0A-4648-9D18-4A2C3448C007}\InprocServer32 -> C:\Users\USER\AppData\Local\Google\Update\1.3.21.79\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-3538827583-4056727531-2038248145-1000_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users\USER\AppData\Local\Google\Update\1.3.23.9\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-3538827583-4056727531-2038248145-1000_Classes\CLSID\{51F9E8EF-59D7-475B-A106-C7EA6F30C119}\localserver32 -> "C:\Users\USER\AppData\Local\Google\Update\1.3.24.15\GoogleUpdateOnDemand.exe" No File
CustomCLSID: HKU\S-1-5-21-3538827583-4056727531-2038248145-1000_Classes\CLSID\{5AFAFE48-7107-4FE5-B21A-86A4254541DD}\localserver32 -> C:\Program Files\Common Files\InstallShield\UpdateService\agent.exe (Macrovision Corporation)
CustomCLSID: HKU\S-1-5-21-3538827583-4056727531-2038248145-1000_Classes\CLSID\{5B7524C8-2446-40E9-9474-94A779DBA224}\InprocServer32 -> C:\Windows\Downloaded Program Files\isusweb.dll (Macrovision Corporation)
CustomCLSID: HKU\S-1-5-21-3538827583-4056727531-2038248145-1000_Classes\CLSID\{5C65F4B0-3651-4514-B207-D10CB699B14B}\localserver32 -> C:\Users\USER\AppData\Local\Google\Chrome\Application\37.0.2062.103\delegate_execute.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3538827583-4056727531-2038248145-1000_Classes\CLSID\{621D3650-F1D3-414C-97F9-03A02B211261}\localserver32 -> C:\Program Files\Common Files\InstallShield\UpdateService\ISDM.exe (Macrovision Corporation)
CustomCLSID: HKU\S-1-5-21-3538827583-4056727531-2038248145-1000_Classes\CLSID\{623E415A-22EF-4DAA-A2FF-E68E77A673C9}\localserver32 -> C:\Program Files\Common Files\InstallShield\UpdateService\ISDM.exe (Macrovision Corporation)
CustomCLSID: HKU\S-1-5-21-3538827583-4056727531-2038248145-1000_Classes\CLSID\{62A0D750-DED9-448C-B693-406B34BB0892}\InprocServer32 -> C:\Users\USER\AppData\Local\Google\Update\1.3.21.145\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-3538827583-4056727531-2038248145-1000_Classes\CLSID\{634059C0-D264-4B2C-AE80-F73E48D33E5B}\InprocServer32 -> C:\Users\USER\AppData\Local\Google\Update\1.3.21.123\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-3538827583-4056727531-2038248145-1000_Classes\CLSID\{6D7374DE-63AA-473C-8C02-60D9CDCD84C5}\InprocServer32 -> C:\Users\USER\AppData\Local\Google\Update\1.3.21.153\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-3538827583-4056727531-2038248145-1000_Classes\CLSID\{7C6E29BC-8B8B-4C3D-859E-AF6CD158BE0F}\InprocServer32 -> C:\Windows\System32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3538827583-4056727531-2038248145-1000_Classes\CLSID\{885BB46A-3F1E-44C3-A01B-A7D9260CC98B}\InprocServer32 -> C:\Windows\Downloaded Program Files\dwusplay.dll (InstallShield Software Corporation)
CustomCLSID: HKU\S-1-5-21-3538827583-4056727531-2038248145-1000_Classes\CLSID\{88D969C0-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\System32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3538827583-4056727531-2038248145-1000_Classes\CLSID\{88D969C1-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\System32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3538827583-4056727531-2038248145-1000_Classes\CLSID\{88D969C2-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\System32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3538827583-4056727531-2038248145-1000_Classes\CLSID\{88D969C3-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\System32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3538827583-4056727531-2038248145-1000_Classes\CLSID\{88D969C4-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\System32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3538827583-4056727531-2038248145-1000_Classes\CLSID\{88D969C5-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\System32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3538827583-4056727531-2038248145-1000_Classes\CLSID\{88D969C6-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\System32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3538827583-4056727531-2038248145-1000_Classes\CLSID\{88D969C8-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\System32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3538827583-4056727531-2038248145-1000_Classes\CLSID\{88D969C9-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\System32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3538827583-4056727531-2038248145-1000_Classes\CLSID\{88D969CA-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\System32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3538827583-4056727531-2038248145-1000_Classes\CLSID\{88D969D6-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\System32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3538827583-4056727531-2038248145-1000_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\USER\AppData\Local\Google\Update\1.3.24.15\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-3538827583-4056727531-2038248145-1000_Classes\CLSID\{915C2CEB-216B-4B7C-89E4-9ED3512D58D9}\localserver32 -> C:\Program Files\Common Files\InstallShield\UpdateService\ISDM.exe (Macrovision Corporation)
CustomCLSID: HKU\S-1-5-21-3538827583-4056727531-2038248145-1000_Classes\CLSID\{91EFB276-CEFE-48EC-BB3A-57795A7B4008}\InprocServer32 -> C:\Users\USER\AppData\Local\Google\Update\1.3.21.149\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-3538827583-4056727531-2038248145-1000_Classes\CLSID\{92C5E738-7372-4CD6-BE57-15833624EBF3}\localserver32 -> C:\Program Files\Common Files\InstallShield\UpdateService\ISDM.exe (Macrovision Corporation)
CustomCLSID: HKU\S-1-5-21-3538827583-4056727531-2038248145-1000_Classes\CLSID\{9CAAD2EA-177B-4D07-871F-47255B5D30F3}\localserver32 -> C:\Program Files\Common Files\InstallShield\UpdateService\ISDM.exe (Macrovision Corporation)
CustomCLSID: HKU\S-1-5-21-3538827583-4056727531-2038248145-1000_Classes\CLSID\{A45426FB-E444-42B2-AA56-419F8FBEEC61}\InprocServer32 -> C:\Users\USER\AppData\Local\Google\Update\1.3.22.3\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-3538827583-4056727531-2038248145-1000_Classes\CLSID\{A54D478D-4F70-4F72-9A74-17C9986E35AB}\InprocServer32 -> C:\Users\USER\AppData\Local\Google\Update\1.3.21.165\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-3538827583-4056727531-2038248145-1000_Classes\CLSID\{B391A1DB-28C8-4506-A43C-5BD6051F16BA}\localserver32 -> C:\Program Files\Common Files\InstallShield\UpdateService\ISDM.exe (Macrovision Corporation)
CustomCLSID: HKU\S-1-5-21-3538827583-4056727531-2038248145-1000_Classes\CLSID\{C3101A8B-0EE1-4612-BFE9-41FFC1A3C19D}\InprocServer32 -> C:\Users\USER\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll No File
CustomCLSID: HKU\S-1-5-21-3538827583-4056727531-2038248145-1000_Classes\CLSID\{C442AC41-9200-4770-8CC0-7CDB4F245C55}\InprocServer32 -> C:\Users\USER\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll No File
CustomCLSID: HKU\S-1-5-21-3538827583-4056727531-2038248145-1000_Classes\CLSID\{C5A2122B-A05B-4FD8-AE49-91990AE10998}\InprocServer32 -> C:\Users\USER\AppData\Local\Google\Update\1.3.21.115\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-3538827583-4056727531-2038248145-1000_Classes\CLSID\{E42CE23D-69F9-480A-A15F-BFF5E4D170C3}\localserver32 -> C:\Program Files\Common Files\InstallShield\UpdateService\agent.exe (Macrovision Corporation)
CustomCLSID: HKU\S-1-5-21-3538827583-4056727531-2038248145-1000_Classes\CLSID\{E50C953D-311A-481B-8F8D-C55E65AF7417}\localserver32 -> C:\Program Files\Common Files\InstallShield\UpdateService\ISDM.exe (Macrovision Corporation)
CustomCLSID: HKU\S-1-5-21-3538827583-4056727531-2038248145-1000_Classes\CLSID\{E67BE843-BBBE-4484-95FB-05271AE86750}\localserver32 -> "C:\Users\USER\AppData\Local\Google\Update\1.3.24.15\GoogleUpdateOnDemand.exe" No File
CustomCLSID: HKU\S-1-5-21-3538827583-4056727531-2038248145-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\USER\AppData\Local\Google\Update\1.3.24.15\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-3538827583-4056727531-2038248145-1000_Classes\CLSID\{E9880553-B8A7-4960-A668-95C68BED571E}\InprocServer32 -> C:\Windows\Downloaded Program Files\isusweb.dll (Macrovision Corporation)
CustomCLSID: HKU\S-1-5-21-3538827583-4056727531-2038248145-1000_Classes\CLSID\{E9A93328-79D4-4AED-A778-146E7191F8BC}\localserver32 -> C:\Program Files\Common Files\InstallShield\UpdateService\ISDM.exe (Macrovision Corporation)
CustomCLSID: HKU\S-1-5-21-3538827583-4056727531-2038248145-1000_Classes\CLSID\{EB06378B-ABB6-4B3C-9B40-D488DD8A6E93}\InprocServer32 -> C:\Users\USER\AppData\Local\Google\Update\1.3.22.5\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-3538827583-4056727531-2038248145-1000_Classes\CLSID\{F1522EC1-F84F-4CE2-A38C-F9384B0DFD41}\localserver32 -> C:\Program Files\Common Files\InstallShield\UpdateService\agent.exe (Macrovision Corporation)
CustomCLSID: HKU\S-1-5-21-3538827583-4056727531-2038248145-1000_Classes\CLSID\{F28C2F70-47DE-4EA5-8F6D-7D1476CD1EF5}\localserver32 -> D:\Shin_Megami_Tensei_Devil_Summoner_Raidou_Kuzunoha_vs_the_Soulless_Army_USA.exe No File
CustomCLSID: HKU\S-1-5-21-3538827583-4056727531-2038248145-1000_Classes\CLSID\{FB994D36-B312-46CE-A40B-CF63980641F9}\InprocServer32 -> C:\Users\USER\AppData\Local\Google\Update\1.3.21.111\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-3538827583-4056727531-2038248145-1000_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\USER\AppData\Local\Google\Update\1.3.24.7\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-3538827583-4056727531-2038248145-1000_Classes\CLSID\{FFF2D28F-E4EE-44D9-8104-8E71556757F6}\localserver32 -> C:\Program Files\Common Files\InstallShield\UpdateService\agent.exe (Macrovision Corporation)
CustomCLSID: HKU\S-1-5-21-3538827583-4056727531-2038248145-1004_Classes\CLSID\{00B7E0AB-817A-44AD-A04B-D1148D524136}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3538827583-4056727531-2038248145-1004_Classes\CLSID\{022105BD-948A-40C9-AB42-A3300DDF097F}\localserver32 -> "C:\Users\USER\AppData\Local\Google\Update\GoogleUpdate.exe" No File
CustomCLSID: HKU\S-1-5-21-3538827583-4056727531-2038248145-1004_Classes\CLSID\{035FBE31-3755-450A-A775-5E6BBD43D344}\InprocServer32 -> C:\Users\UpdatusUser\AppData\Local\Google\Update\1.3.21.135\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-3538827583-4056727531-2038248145-1004_Classes\CLSID\{037FB476-15E0-4ED1-B11A-E420B750B1A8}\localserver32 -> C:\Program Files\Common Files\InstallShield\UpdateService\agent.exe (Macrovision Corporation)
CustomCLSID: HKU\S-1-5-21-3538827583-4056727531-2038248145-1004_Classes\CLSID\{095A2EEC-F7FE-42E8-96FB-C20E53081908}\InprocServer32 -> C:\Users\UpdatusUser\AppData\Local\Google\Update\1.3.21.99\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-3538827583-4056727531-2038248145-1004_Classes\CLSID\{218D2740-5A50-42A8-AB9F-62FF1B168782}\InprocServer32 -> C:\Users\UpdatusUser\AppData\Local\Google\Update\1.3.21.69\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-3538827583-4056727531-2038248145-1004_Classes\CLSID\{22181302-A8A6-4F84-A541-E5CBFC70CC43}\localserver32 -> "C:\Users\USER\AppData\Local\Google\Update\1.3.21.135\GoogleUpdateOnDemand.exe" No File
CustomCLSID: HKU\S-1-5-21-3538827583-4056727531-2038248145-1004_Classes\CLSID\{2837E0FE-686B-4CB0-BE53-0EA097EAF71B}\InprocServer32 -> C:\Windows\Downloaded Program Files\isusweb.dll (Macrovision Corporation)
CustomCLSID: HKU\S-1-5-21-3538827583-4056727531-2038248145-1004_Classes\CLSID\{28B7AA99-C0F9-4C47-995E-8A8D729603A1}\localserver32 -> C:\Program Files\AutoCAD 2007\acad.exe /Automation No File
CustomCLSID: HKU\S-1-5-21-3538827583-4056727531-2038248145-1004_Classes\CLSID\{2F0E2680-9FF5-43C0-B76E-114A56E93598}\localserver32 -> "C:\Users\USER\AppData\Local\Google\Update\1.3.21.135\GoogleUpdateOnDemand.exe" No File
CustomCLSID: HKU\S-1-5-21-3538827583-4056727531-2038248145-1004_Classes\CLSID\{3100A299-7D18-481A-B24A-23BDEFB424B8}\InprocServer32 -> C:\Users\UpdatusUser\AppData\Local\Google\Update\1.3.21.68\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-3538827583-4056727531-2038248145-1004_Classes\CLSID\{31261F21-2B16-45EE-BEAB-07C4CFA18B65}\InprocServer32 -> C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
CustomCLSID: HKU\S-1-5-21-3538827583-4056727531-2038248145-1004_Classes\CLSID\{320F0FDB-BE0A-4648-9D18-4A2C3448C007}\InprocServer32 -> C:\Users\UpdatusUser\AppData\Local\Google\Update\1.3.21.79\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-3538827583-4056727531-2038248145-1004_Classes\CLSID\{444785F1-DE89-4295-863A-D46C3A781394}\InprocServer32 -> C:\Users\UpdatusUser\AppData\LocalLow\Unity\WebPlayer\loader\UnityWebPluginAX.ocx No File
CustomCLSID: HKU\S-1-5-21-3538827583-4056727531-2038248145-1004_Classes\CLSID\{51F9E8EF-59D7-475B-A106-C7EA6F30C119}\localserver32 -> "C:\Users\USER\AppData\Local\Google\Update\1.3.21.135\GoogleUpdateOnDemand.exe" No File
CustomCLSID: HKU\S-1-5-21-3538827583-4056727531-2038248145-1004_Classes\CLSID\{5AFAFE48-7107-4FE5-B21A-86A4254541DD}\localserver32 -> C:\Program Files\Common Files\InstallShield\UpdateService\agent.exe (Macrovision Corporation)
CustomCLSID: HKU\S-1-5-21-3538827583-4056727531-2038248145-1004_Classes\CLSID\{5B7524C8-2446-40E9-9474-94A779DBA224}\InprocServer32 -> C:\Windows\Downloaded Program Files\isusweb.dll (Macrovision Corporation)
CustomCLSID: HKU\S-1-5-21-3538827583-4056727531-2038248145-1004_Classes\CLSID\{5C65F4B0-3651-4514-B207-D10CB699B14B}\localserver32 -> "C:\Users\USER\AppData\Local\Google\Chrome\Application\26.0.1410.43\delegate_execute.exe" No File
CustomCLSID: HKU\S-1-5-21-3538827583-4056727531-2038248145-1004_Classes\CLSID\{621D3650-F1D3-414C-97F9-03A02B211261}\localserver32 -> C:\Program Files\Common Files\InstallShield\UpdateService\ISDM.exe (Macrovision Corporation)
CustomCLSID: HKU\S-1-5-21-3538827583-4056727531-2038248145-1004_Classes\CLSID\{623E415A-22EF-4DAA-A2FF-E68E77A673C9}\localserver32 -> C:\Program Files\Common Files\InstallShield\UpdateService\ISDM.exe (Macrovision Corporation)
CustomCLSID: HKU\S-1-5-21-3538827583-4056727531-2038248145-1004_Classes\CLSID\{62A0D750-DED9-448C-B693-406B34BB0892}\InprocServer32 -> C:\Users\UpdatusUser\AppData\Local\Google\Update\1.3.21.145\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-3538827583-4056727531-2038248145-1004_Classes\CLSID\{634059C0-D264-4B2C-AE80-F73E48D33E5B}\InprocServer32 -> C:\Users\UpdatusUser\AppData\Local\Google\Update\1.3.21.123\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-3538827583-4056727531-2038248145-1004_Classes\CLSID\{6D7374DE-63AA-473C-8C02-60D9CDCD84C5}\InprocServer32 -> C:\Users\UpdatusUser\AppData\Local\Google\Update\1.3.21.153\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-3538827583-4056727531-2038248145-1004_Classes\CLSID\{7AABBB95-79BE-4C0F-8024-EB6AF271231C}\localserver32 -> C:\Program Files\AutoCAD 2007\acad.exe No File
CustomCLSID: HKU\S-1-5-21-3538827583-4056727531-2038248145-1004_Classes\CLSID\{7C6E29BC-8B8B-4C3D-859E-AF6CD158BE0F}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3538827583-4056727531-2038248145-1004_Classes\CLSID\{885BB46A-3F1E-44C3-A01B-A7D9260CC98B}\InprocServer32 -> C:\Windows\Downloaded Program Files\dwusplay.dll (InstallShield Software Corporation)
CustomCLSID: HKU\S-1-5-21-3538827583-4056727531-2038248145-1004_Classes\CLSID\{88D969C0-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3538827583-4056727531-2038248145-1004_Classes\CLSID\{88D969C1-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3538827583-4056727531-2038248145-1004_Classes\CLSID\{88D969C2-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3538827583-4056727531-2038248145-1004_Classes\CLSID\{88D969C3-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3538827583-4056727531-2038248145-1004_Classes\CLSID\{88D969C4-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3538827583-4056727531-2038248145-1004_Classes\CLSID\{88D969C5-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3538827583-4056727531-2038248145-1004_Classes\CLSID\{88D969C6-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3538827583-4056727531-2038248145-1004_Classes\CLSID\{88D969C8-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3538827583-4056727531-2038248145-1004_Classes\CLSID\{88D969C9-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3538827583-4056727531-2038248145-1004_Classes\CLSID\{88D969CA-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3538827583-4056727531-2038248145-1004_Classes\CLSID\{88D969D6-F192-11D4-A65F-0040963251E5}\InprocServer32 -> C:\Windows\system32\msxml4.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3538827583-4056727531-2038248145-1004_Classes\CLSID\{915C2CEB-216B-4B7C-89E4-9ED3512D58D9}\localserver32 -> C:\Program Files\Common Files\InstallShield\UpdateService\ISDM.exe (Macrovision Corporation)
CustomCLSID: HKU\S-1-5-21-3538827583-4056727531-2038248145-1004_Classes\CLSID\{91EFB276-CEFE-48EC-BB3A-57795A7B4008}\InprocServer32 -> C:\Users\UpdatusUser\AppData\Local\Google\Update\1.3.21.149\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-3538827583-4056727531-2038248145-1004_Classes\CLSID\{92C5E738-7372-4CD6-BE57-15833624EBF3}\localserver32 -> C:\Program Files\Common Files\InstallShield\UpdateService\ISDM.exe (Macrovision Corporation)
CustomCLSID: HKU\S-1-5-21-3538827583-4056727531-2038248145-1004_Classes\CLSID\{9CAAD2EA-177B-4D07-871F-47255B5D30F3}\localserver32 -> C:\Program Files\Common Files\InstallShield\UpdateService\ISDM.exe (Macrovision Corporation)
CustomCLSID: HKU\S-1-5-21-3538827583-4056727531-2038248145-1004_Classes\CLSID\{A45426FB-E444-42B2-AA56-419F8FBEEC61}\InprocServer32 -> C:\Users\UpdatusUser\AppData\Local\Google\Update\1.3.22.3\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-3538827583-4056727531-2038248145-1004_Classes\CLSID\{A54D478D-4F70-4F72-9A74-17C9986E35AB}\InprocServer32 -> C:\Users\UpdatusUser\AppData\Local\Google\Update\1.3.21.165\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-3538827583-4056727531-2038248145-1004_Classes\CLSID\{B391A1DB-28C8-4506-A43C-5BD6051F16BA}\localserver32 -> C:\Program Files\Common Files\InstallShield\UpdateService\ISDM.exe (Macrovision Corporation)
CustomCLSID: HKU\S-1-5-21-3538827583-4056727531-2038248145-1004_Classes\CLSID\{C3101A8B-0EE1-4612-BFE9-41FFC1A3C19D}\InprocServer32 -> C:\Users\UpdatusUser\AppData\Local\Google\Update\1.3.21.135\npGoogleUpdate3.dll No File
CustomCLSID: HKU\S-1-5-21-3538827583-4056727531-2038248145-1004_Classes\CLSID\{C442AC41-9200-4770-8CC0-7CDB4F245C55}\InprocServer32 -> C:\Users\UpdatusUser\AppData\Local\Google\Update\1.3.21.135\npGoogleUpdate3.dll No File
CustomCLSID: HKU\S-1-5-21-3538827583-4056727531-2038248145-1004_Classes\CLSID\{C5A2122B-A05B-4FD8-AE49-91990AE10998}\InprocServer32 -> C:\Users\UpdatusUser\AppData\Local\Google\Update\1.3.21.115\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-3538827583-4056727531-2038248145-1004_Classes\CLSID\{E2C40589-DE61-11ce-BAE0-0020AF6D7005}\InprocServer32 -> C:\Program Files\AutoCAD 2007\acadficn.dll No File
CustomCLSID: HKU\S-1-5-21-3538827583-4056727531-2038248145-1004_Classes\CLSID\{E42CE23D-69F9-480A-A15F-BFF5E4D170C3}\localserver32 -> C:\Program Files\Common Files\InstallShield\UpdateService\agent.exe (Macrovision Corporation)
CustomCLSID: HKU\S-1-5-21-3538827583-4056727531-2038248145-1004_Classes\CLSID\{E50C953D-311A-481B-8F8D-C55E65AF7417}\localserver32 -> C:\Program Files\Common Files\InstallShield\UpdateService\ISDM.exe (Macrovision Corporation)
CustomCLSID: HKU\S-1-5-21-3538827583-4056727531-2038248145-1004_Classes\CLSID\{E67BE843-BBBE-4484-95FB-05271AE86750}\localserver32 -> "C:\Users\USER\AppData\Local\Google\Update\1.3.21.135\GoogleUpdateOnDemand.exe" No File
CustomCLSID: HKU\S-1-5-21-3538827583-4056727531-2038248145-1004_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\UpdatusUser\AppData\Local\Google\Update\1.3.21.135\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-3538827583-4056727531-2038248145-1004_Classes\CLSID\{E9880553-B8A7-4960-A668-95C68BED571E}\InprocServer32 -> C:\Windows\Downloaded Program Files\isusweb.dll (Macrovision Corporation)
CustomCLSID: HKU\S-1-5-21-3538827583-4056727531-2038248145-1004_Classes\CLSID\{E9A93328-79D4-4AED-A778-146E7191F8BC}\localserver32 -> C:\Program Files\Common Files\InstallShield\UpdateService\ISDM.exe (Macrovision Corporation)
CustomCLSID: HKU\S-1-5-21-3538827583-4056727531-2038248145-1004_Classes\CLSID\{EB06378B-ABB6-4B3C-9B40-D488DD8A6E93}\InprocServer32 -> C:\Users\UpdatusUser\AppData\Local\Google\Update\1.3.22.5\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-3538827583-4056727531-2038248145-1004_Classes\CLSID\{F1522EC1-F84F-4CE2-A38C-F9384B0DFD41}\localserver32 -> C:\Program Files\Common Files\InstallShield\UpdateService\agent.exe (Macrovision Corporation)
CustomCLSID: HKU\S-1-5-21-3538827583-4056727531-2038248145-1004_Classes\CLSID\{F7D4B6AD-AB5F-4fe8-9469-3A4697E41129}\InprocServer32 -> C:\Users\UpdatusUser\AppData\Roaming\Kalydo\KalydoPlayer\bin2\kalydoplayer.dll No File
CustomCLSID: HKU\S-1-5-21-3538827583-4056727531-2038248145-1004_Classes\CLSID\{FB994D36-B312-46CE-A40B-CF63980641F9}\InprocServer32 -> C:\Users\UpdatusUser\AppData\Local\Google\Update\1.3.21.111\psuser.dll No File
CustomCLSID: HKU\S-1-5-21-3538827583-4056727531-2038248145-1004_Classes\CLSID\{FFF2D28F-E4EE-44D9-8104-8E71556757F6}\localserver32 -> C:\Program Files\Common Files\InstallShield\UpdateService\agent.exe (Macrovision Corporation)
 
==================== Restore Points  =========================
 
 
==================== Hosts content: ==========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2013-10-28 12:12 - 2014-08-16 13:28 - 00002778 ____A C:\Windows\system32\Drivers\etc\hosts
173.252.110.27 facebook.com 
173.252.110.27 www.facebook.com 
173.252.110.27 www.login.facebook.com 
173.252.110.27 login.facebook.com 
173.252.110.27 apps.facebook.com 
173.252.110.27 graph.facebook.com 
173.252.110.27 register.facebook.com 
173.252.110.27 vi-vn.connect.facebook.com 
173.252.110.27 vi-vn.facebook.com 
173.252.110.27 static.ak.connect.facebook.com 
173.252.110.27 developers.facebook.com 
173.252.110.27 error.facebook.com 
173.252.110.27 channel.facebook.com 
173.252.110.27 register.facebook.com 
173.252.110.27 bigzipfiles.facebook.com 
173.252.110.27 pixel.facebook.com 
173.252.110.27 upload.facebook.com 
173.252.110.27 register.facebook.com 
173.252.110.27 bigzipfiles.facebook.com 
173.252.110.27 pixel.facebook.com 
173.252.110.27 logins.facebook.com 
173.252.110.27 graph.facebook.com 
173.252.110.27 developers.facebook.com 
173.252.110.27 error.facebook.com 
173.252.110.27 register.facebook.com 
173.252.110.27 blog.facebook.com 
173.252.110.27 channel.facebook.com 
173.252.110.27 connect.facebook.com 
173.252.110.27 bigzipfiles.facebook.com
 
There are 28 more lines.
 
 
==================== Scheduled Tasks (whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
 
Task: {04FA91F9-8B75-4748-92E5-0F3431E1E665} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-09-11] (Adobe Systems Incorporated)
Task: {1A0633A6-BEED-4204-A485-4B4E0D0D00BD} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {2C95B5EA-FD4C-421C-A497-AEFB2E128231} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS.exe [2011-08-23] (Microsoft)
Task: {2DDBF0FC-F895-4FAB-BE37-793AD95CCB32} - System32\Tasks\At1 => C:\Windows\system32\verifieer.exe [2009-07-14] () <==== ATTENTION
Task: {4664D160-C52D-47E9-8829-F7F834720D47} - System32\Tasks\AdobeAAMUpdater-1.0-USER-PC-USER => C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2011-03-30] (Adobe Systems Incorporated)
Task: {529DBEA3-7222-45FA-B609-277557DEA019} - System32\Tasks\Game_Booster_AutoUpdate => D:\MMORPG\Game Booster\AutoUpdate.exe
Task: {6BED4575-FC7F-482E-AD61-DC89358A26AD} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3538827583-4056727531-2038248145-1000Core => C:\Users\USER\AppData\Local\Google\Update\GoogleUpdate.exe
Task: {91507931-A346-4842-ACBE-A63E17585125} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-3538827583-4056727531-2038248145-1000 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe
Task: {A446782B-8E1F-46D8-8942-DC5526344163} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-3538827583-4056727531-2038248145-1000 => C:\Program Files\Real\RealUpgrade\RealUpgrade.exe
Task: {AA5F333D-8BD4-4440-971C-6279668B8479} - System32\Tasks\Microsoft\Windows\TabletPC\InputPersonalization => C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe [2009-07-14] (Microsoft Corporation)
Task: {E5B69C99-F13D-4375-B82A-2C85D8DBD7CD} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3538827583-4056727531-2038248145-1000UA => C:\Users\USER\AppData\Local\Google\Update\GoogleUpdate.exe
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\At1.job => C:\Windows\system32\verifieer.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3538827583-4056727531-2038248145-1000Core.job => C:\Users\USER\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3538827583-4056727531-2038248145-1000UA.job => C:\Users\USER\AppData\Local\Google\Update\GoogleUpdate.exe
 
==================== Loaded Modules (whitelisted) =============
 
2013-01-06 00:35 - 2013-10-23 14:19 - 00092448 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax.dll
2006-04-19 06:53 - 2009-11-02 00:42 - 00245248 _____ () C:\Program Files\UniKey\UKHook40.dll
2014-08-13 21:09 - 2014-08-13 21:09 - 00035328 _____ () D:\FileZilla\FileZilla FTP Client\fzshellext.dll
2014-05-24 23:41 - 2014-05-24 23:41 - 00091648 _____ () D:\FileZilla\FileZilla FTP Client\libgcc_s_sjlj-1.dll
2014-05-24 23:41 - 2014-05-24 23:41 - 00892416 _____ () D:\FileZilla\FileZilla FTP Client\libstdc++-6.dll
2011-06-24 22:56 - 2011-06-24 22:56 - 00087328 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2011-06-24 22:56 - 2011-06-24 22:56 - 01241888 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2011-08-09 07:44 - 2011-08-09 07:44 - 00094208 _____ () C:\Windows\System32\IccLibDll.dll
2011-08-31 00:00 - 2009-11-02 00:42 - 00261632 _____ () C:\Program Files\UniKey\UniKeyNT.exe
2013-10-22 03:20 - 2013-10-22 03:20 - 00017920 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\PSIClient\1a6b2d234d57c151d875fe832dbe8231\PSIClient.ni.dll
2014-09-03 07:01 - 2014-08-30 09:49 - 01098056 _____ () C:\Users\USER\AppData\Local\Google\Chrome\Application\37.0.2062.103\libglesv2.dll
2014-09-03 07:01 - 2014-08-30 09:49 - 00174408 _____ () C:\Users\USER\AppData\Local\Google\Chrome\Application\37.0.2062.103\libegl.dll
2014-09-03 07:01 - 2014-08-30 09:49 - 08577864 _____ () C:\Users\USER\AppData\Local\Google\Chrome\Application\37.0.2062.103\pdf.dll
2014-09-03 07:01 - 2014-08-30 09:49 - 00331592 _____ () C:\Users\USER\AppData\Local\Google\Chrome\Application\37.0.2062.103\ppGoogleNaClPluginChrome.dll
2014-09-03 07:01 - 2014-08-30 09:49 - 01660232 _____ () C:\Users\USER\AppData\Local\Google\Chrome\Application\37.0.2062.103\ffmpegsumo.dll
 
==================== Alternate Data Streams (whitelisted) =========
 
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
 
AlternateDataStreams: C:\ProgramData\Temp:0153AF32
AlternateDataStreams: C:\ProgramData\Temp:02CC0035
AlternateDataStreams: C:\ProgramData\Temp:0785072C
AlternateDataStreams: C:\ProgramData\Temp:0BCD6B91
AlternateDataStreams: C:\ProgramData\Temp:10F6E97E
AlternateDataStreams: C:\ProgramData\Temp:12E00730
AlternateDataStreams: C:\ProgramData\Temp:24051EFF
AlternateDataStreams: C:\ProgramData\Temp:26499772
AlternateDataStreams: C:\ProgramData\Temp:2652902F
AlternateDataStreams: C:\ProgramData\Temp:28BEC2EC
AlternateDataStreams: C:\ProgramData\Temp:2AE74FF9
AlternateDataStreams: C:\ProgramData\Temp:2D6D1D25
AlternateDataStreams: C:\ProgramData\Temp:371A321E
AlternateDataStreams: C:\ProgramData\Temp:378824DE
AlternateDataStreams: C:\ProgramData\Temp:3B07E6F4
AlternateDataStreams: C:\ProgramData\Temp:430C6D84
AlternateDataStreams: C:\ProgramData\Temp:4B244549
AlternateDataStreams: C:\ProgramData\Temp:4C3D5A8B
AlternateDataStreams: C:\ProgramData\Temp:4CD3F344
AlternateDataStreams: C:\ProgramData\Temp:51F01E9D
AlternateDataStreams: C:\ProgramData\Temp:56C66609
AlternateDataStreams: C:\ProgramData\Temp:587F3582
AlternateDataStreams: C:\ProgramData\Temp:58E38390
AlternateDataStreams: C:\ProgramData\Temp:5ED747B8
AlternateDataStreams: C:\ProgramData\Temp:6268C8DB
AlternateDataStreams: C:\ProgramData\Temp:63C68F03
AlternateDataStreams: C:\ProgramData\Temp:6423D635
AlternateDataStreams: C:\ProgramData\Temp:65B8AF94
AlternateDataStreams: C:\ProgramData\Temp:65C4D44A
AlternateDataStreams: C:\ProgramData\Temp:689AB7E9
AlternateDataStreams: C:\ProgramData\Temp:6A0A47E7
AlternateDataStreams: C:\ProgramData\Temp:6EE8565A
AlternateDataStreams: C:\ProgramData\Temp:735FF509
AlternateDataStreams: C:\ProgramData\Temp:774A0E14
AlternateDataStreams: C:\ProgramData\Temp:774C075A
AlternateDataStreams: C:\ProgramData\Temp:7BBC3CCD
AlternateDataStreams: C:\ProgramData\Temp:86E0BFC8
AlternateDataStreams: C:\ProgramData\Temp:8855A119
AlternateDataStreams: C:\ProgramData\Temp:8AED9359
AlternateDataStreams: C:\ProgramData\Temp:8E5EA40F
AlternateDataStreams: C:\ProgramData\Temp:9FD757A9
AlternateDataStreams: C:\ProgramData\Temp:A4E7D25F
AlternateDataStreams: C:\ProgramData\Temp:A819A132
AlternateDataStreams: C:\ProgramData\Temp:AD2DB2F9
AlternateDataStreams: C:\ProgramData\Temp:B0456F0C
AlternateDataStreams: C:\ProgramData\Temp:BD34FFC5
AlternateDataStreams: C:\ProgramData\Temp:C2F24DB5
AlternateDataStreams: C:\ProgramData\Temp:C5DC2B0C
AlternateDataStreams: C:\ProgramData\Temp:CB959782
AlternateDataStreams: C:\ProgramData\Temp:D026A5A4
AlternateDataStreams: C:\ProgramData\Temp:D4558A0B
AlternateDataStreams: C:\ProgramData\Temp:D611F185
AlternateDataStreams: C:\ProgramData\Temp:D6255023
AlternateDataStreams: C:\ProgramData\Temp:D999FFD5
AlternateDataStreams: C:\ProgramData\Temp:DA5888A7
AlternateDataStreams: C:\ProgramData\Temp:DBC3D477
AlternateDataStreams: C:\ProgramData\Temp:DFC5A2B2
AlternateDataStreams: C:\ProgramData\Temp:E0888117
AlternateDataStreams: C:\ProgramData\Temp:E153075C
AlternateDataStreams: C:\ProgramData\Temp:E2CFA9CD
AlternateDataStreams: C:\ProgramData\Temp:E5B07840
AlternateDataStreams: C:\ProgramData\Temp:E6708F08
AlternateDataStreams: C:\ProgramData\Temp:E690114B
AlternateDataStreams: C:\ProgramData\Temp:E8C44CB4
AlternateDataStreams: C:\ProgramData\Temp:ECF3C50F
AlternateDataStreams: C:\ProgramData\Temp:ED0B32CA
AlternateDataStreams: C:\ProgramData\Temp:EE198B1F
AlternateDataStreams: C:\ProgramData\Temp:F0F9D08A
AlternateDataStreams: C:\ProgramData\Temp:F5FC5DCE
AlternateDataStreams: C:\ProgramData\Temp:F610C203
AlternateDataStreams: C:\ProgramData\Temp:F89F2593
AlternateDataStreams: C:\ProgramData\Temp:F93626B6
AlternateDataStreams: C:\ProgramData\Temp:FB4262DE
 
==================== Safe Mode (whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
 
==================== EXE Association (whitelisted) =============
 
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
 
 
==================== MSCONFIG/TASK MANAGER disabled items =========
 
(Currently there is no automatic fix for this section.)
 
MSCONFIG\startupreg: Adobe Acrobat Speed Launcher => "E:\New folder (2)\Acrobat 10.0\Acrobat\Acrobat_sl.exe"
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: AdobeCS5.5ServiceManager => "C:\Program Files\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" -launchedbylogin
MSCONFIG\startupreg: Akamai NetSession Interface => "C:\Users\USER\AppData\Local\Akamai\netsession_win.exe"
MSCONFIG\startupreg: AppleSyncNotifier => C:\Program Files\Common Files\Apple\Mobile Device Support\AppleSyncNotifier.exe
MSCONFIG\startupreg: APSDaemon => "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: ATKMEDIA => C:\Program Files\ASUS\ATK Package\ATK Media\DMedia.exe
MSCONFIG\startupreg: ATKOSD2 => C:\Program Files\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
MSCONFIG\startupreg: cFosSpeed => C:\Program Files\cFosSpeed\cFosSpeed.exe
MSCONFIG\startupreg: Classic Start Menu => "C:\Program Files\Classic Shell\ClassicStartMenu.exe"
MSCONFIG\startupreg: DAEMON Tools Ultra Agent => "D:\Daemon\DTAgent.exe" -autorun
MSCONFIG\startupreg: EA Core => "C:\Program Files\Electronic Arts\EADM\Core.exe" -silent
MSCONFIG\startupreg: ETDWare => %ProgramFiles%\Elantech\ETDCtrl.exe
MSCONFIG\startupreg: Google Update => "C:\Users\USER\AppData\Local\Google\Update\GoogleUpdate.exe" /c
MSCONFIG\startupreg: GrooveMonitor => "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
MSCONFIG\startupreg: HControlUser => C:\Program Files\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
MSCONFIG\startupreg: HotKeysCmds => C:\Windows\system32\hkcmd.exe
MSCONFIG\startupreg: IAStorIcon => C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIconLaunch.exe "C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe" 60
MSCONFIG\startupreg: IgfxTray => C:\Windows\system32\igfxtray.exe
MSCONFIG\startupreg: ISUSPM Startup => "C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -startup
MSCONFIG\startupreg: ISUSScheduler => "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: LogMeIn Hamachi Ui => "D:\Hamachi\hamachi-2-ui.exe" --auto-start
MSCONFIG\startupreg: Messenger (Yahoo!) => "C:\PROGRA~1\Yahoo!\Messenger\YahooMessenger.exe" -quiet
MSCONFIG\startupreg: mtd2002Svr => "C:\Program Files\mtd2002"\mtdserver.exe -f
MSCONFIG\startupreg: NeroFilterCheck => C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
MSCONFIG\startupreg: NUSB3MON => "C:\Program Files\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
MSCONFIG\startupreg: OfficeSyncProcess => "C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE"
MSCONFIG\startupreg: ONAIR => C:\Program Files\ONAIR\ONAIR.exe
MSCONFIG\startupreg: Pando Media Booster => C:\Program Files\Pando Networks\Media Booster\PMB.exe
MSCONFIG\startupreg: Persistence => C:\Windows\system32\igfxpers.exe
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: RemoteControl => "C:\Program Files\ASUSTek\ASUSDVD\PDVDServ.exe"
MSCONFIG\startupreg: RtHDVCpl => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe -s
MSCONFIG\startupreg: S6000Mnt => Rundll32.exe S6000Rmv.dll ,WinMainRmv /StartStillMnt
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: UCam_Menu => "C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\YouCam" UpdateWithCreateOnce "Software\CyberLink\YouCam\1.0"
 
==================== Faulty Device Manager Devices =============
 
Name: 
Description: 
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
 
Name: Microsoft Loopback Adapter
Description: Microsoft Loopback Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: msloop
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (09/15/2014 06:58:15 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 2278
 
Error: (09/15/2014 06:58:15 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 2278
 
Error: (09/15/2014 06:58:15 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (09/15/2014 06:58:14 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 999
 
Error: (09/15/2014 06:58:14 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 999
 
Error: (09/15/2014 06:58:14 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (09/15/2014 06:01:13 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
.
 
Error: (09/15/2014 06:01:13 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
.
 
Error: (09/15/2014 06:01:13 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
.
 
Error: (09/15/2014 06:01:13 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
.
 
 
System errors:
=============
Error: (09/15/2014 09:39:10 PM) (Source: Disk) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Harddisk1\DR1.
 
Error: (09/15/2014 06:32:39 PM) (Source: volsnap) (EventID: 36) (User: )
Description: The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit.
 
Error: (09/15/2014 00:20:25 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Client Service for NetWare service terminated with the following error: 
%%2
 
Error: (09/15/2014 00:20:24 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Network Driver service to connect.
 
Error: (09/15/2014 00:20:23 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Composite Bus Enumerator Monitor service terminated with the following error: 
%%2
 
Error: (09/15/2014 00:20:23 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Hotspot Shield Monitoring Service service failed to start due to the following error: 
%%2
 
Error: (09/15/2014 00:20:23 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Hotspot Shield Routing Service service failed to start due to the following error: 
%%2
 
Error: (09/14/2014 02:36:31 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Skype Click to Call Updater service terminated unexpectedly.  It has done this 1 time(s).
 
Error: (09/14/2014 02:36:16 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Adobe Acrobat Update Service service terminated unexpectedly.  It has done this 1 time(s).
 
Error: (09/14/2014 02:28:30 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Client Service for NetWare service terminated with the following error: 
%%2
 
 
Microsoft Office Sessions:
=========================
Error: (01/30/2013 03:14:37 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 16, Application Name: Microsoft Office Groove, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.6514.5001. This session lasted 13 seconds with 0 seconds of active time.  This session ended with a crash.
 
Error: (08/24/2012 00:02:11 AM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 0, Application Name: Microsoft Office Word, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.6514.5001. This session lasted 27391 seconds with 4080 seconds of active time.  This session ended with a crash.
 
Error: (06/11/2012 05:13:48 PM) (Source: Microsoft Office 12 Sessions) (EventID: 7001) (User: )
Description: ID: 3, Application Name: Microsoft Office PowerPoint, Application Version: 12.0.4518.1014, Microsoft Office Version: 12.0.6514.5001. This session lasted 2044 seconds with 900 seconds of active time.  This session ended with a crash.
 
 
CodeIntegrity Errors:
===================================
  Date: 2014-09-13 22:13:30.410
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\KLELAMX86\klelam.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-09-13 22:13:30.407
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\KLELAMX86\klelam.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-09-13 22:13:30.404
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\KLELAMX86\klelam.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-08-22 15:40:21.379
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-08-22 15:40:21.374
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-08-22 15:40:21.369
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-08-22 15:40:21.360
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-08-22 15:40:21.353
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-08-22 15:40:21.349
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-08-22 15:40:21.343
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume1\Program Files\Kaspersky Lab\Kaspersky Internet Security 2013\KLELAMX86\klelam.sys because the set of per-page image hashes could not be found on the system.
 
 
==================== Memory info =========================== 
 
Processor: Intel® Core™ i5 CPU M 430 @ 2.27GHz
Percentage of memory in use: 50%
Total physical RAM: 2732.48 MB
Available physical RAM: 1362.34 MB
Total Pagefile: 5463.23 MB
Available Pagefile: 3601.44 MB
Total Virtual: 2047.88 MB
Available Virtual: 1900.43 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:48.83 GB) (Free:2.63 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (DATA) (Fixed) (Total:126.95 GB) (Free:20.98 GB) NTFS
Drive e: (File) (Fixed) (Total:122.3 GB) (Free:63.4 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298.1 GB) (Disk ID: EC6EDAB1)
Partition 1: (Active) - (Size=48.8 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=127 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=122.3 GB) - (Type=07 NTFS)
 
==================== End Of Log ============================
 
 
Are those the right things?
 
Thank you.


#5 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:10:38 PM

Posted 17 September 2014 - 07:07 AM

Hello tytinlove



I need you to download this script I have made for you --> Attached File  fixlist.txt   208bytes   1 downloads

It needs to be saved Next to the "Farbar Recovery Scan Tool" (FRST) program (If asked to overwrite existing one please allow)

Run FRST again but this time press the Fix button just once and wait.


When finished, it will make a log (fixlog.txt) next to FRST. Please copy and paste the content of this file to your reply.


NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system


Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#6 tytinlove

tytinlove
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:09:38 AM

Posted 22 September 2014 - 09:47 AM

Hi gringo, I did what you told me and this is the log:

 

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 12-09-2014
Ran by USER at 2014-09-22 21:42:04 Run:2
Running from D:\
Boot Mode: Normal
 
==============================================
 
Content of fixlist:
*****************
HKU\S-1-5-21-3538827583-4056727531-2038248145-1000\...\Run: [CMD] => cmd.exe /c start http://extendedunlimited.org && exit <===== ATTENTION
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
 
 
*****************
 
HKU\S-1-5-21-3538827583-4056727531-2038248145-1000\Software\Microsoft\Windows\CurrentVersion\Run\\CMD => value deleted successfully.
C:\Windows\system32\GroupPolicy\Machine => Moved successfully.
C:\Windows\system32\GroupPolicy\GPT.ini => Moved successfully.
 
 
The system needed a reboot. 
 
==== End of Fixlog ====


#7 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:10:38 PM

Posted 22 September 2014 - 03:15 PM



Hello tytinlove

These are the programs I would like you to run next, if you have any problems with one of these just skip it and move on to the next one.

-AdwCleaner-

Please download AdwCleaner by Xplode onto your desktop.
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click on Scan.
  • After the scan is complete click on "Clean"
  • Confirm each time with Ok.
  • Your computer will be rebooted automatically. A text file will open after the restart.
  • Please post the content of that logfile with your next answer.
  • You can find the logfile at C:\AdwCleaner[S1].txt as well.
-Junkware-Removal-Tool-

Please download Junkware Removal Tool to your desktop.
  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.
When they are complete let me have the two reports and let me know how things are running.

Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#8 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:10:38 PM

Posted 26 September 2014 - 01:55 PM


Greetings


I have not heard from you in a couple of days so I am coming by to check on you to see if you are having problems or you just need some more time.

Also to remind you that it is very important that we finish the process completely so as to not get reinfected. I will let you know when we are complete and I will ask to remove our tools




Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#9 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:10:38 PM

Posted 29 September 2014 - 08:04 AM



Hello

48 Hour bump

It has been more than 48 hours since my last post.
  • do you still need help with this?
  • do you need more time?
  • are you having problems following my instructions?
  • if after 48hrs you have not replied to this thread then it will have to be closed!
Gringo
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University

#10 gringo_pr

gringo_pr

    Bleepin Gringo


  • Malware Response Team
  • 136,772 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Puerto rico
  • Local time:10:38 PM

Posted 09 October 2014 - 07:22 AM

Due to the lack of feedback, this topic is now closed.

In the event you still have problems, please send me or any Moderator a Private Message and ask them to reopen this topic within the next 5 days.

Please include a link to your topic in the Private Message. Thank you.
I Close My Topics If You Have Not Replied In 5 Days If You Will Be Longer Please Let Me Know

If I Have Not Replied To One Of My Topics In 48 Hrs Please Bump The Topic



My help is free, however, if you wish to make a small donation to show your appreciation or to help me continue the fight against Malware, then click here -->btn_donate_SM.gif<-- Don't worry every little bit helps.

Proud Graduate Of Malware Removal University




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users