Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Gameharbor site opens on startup


  • This topic is locked This topic is locked
10 replies to this topic

#1 dylan458

dylan458

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:03:46 AM

Posted 12 October 2014 - 01:29 PM

Hey hows it going, This problem just recently started and I've seen past topics that have the same problem with this Gameharbor.org website opening on the startup of their computer, due from using cracks. 

 

I ran the scan on the Farbar recovery scan tool, heres the FRST

 
 
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 12-10-2014
Ran by Dylan (administrator) on DYLANS-HP on 12-10-2014 13:18:18
Running from C:\Users\Dylan\Downloads
Loaded Profile: Dylan (Available profiles: Dylan & Holly)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(SEIKO EPSON CORPORATION) C:\Program Files\EPSON\EpsonCustomerParticipation\EPCP.exe
(Seiko Epson Corporation) C:\Windows\System32\escsvc64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(PDF Complete Inc) C:\Program Files (x86)\PDF Complete\pdfsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Program Files\Core Temp\Core Temp.exe
(AddGadgets) C:\Users\Dylan\Desktop\PCMeter\PCMeterV0.3.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\WMPSideShowGadget.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe
(Logitech Inc.) C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe
(Logitech Inc.) C:\Program Files\Logitech\GamePanel Software\LGDevAgt.exe
(Logitech Inc.) C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe
(S p i g o t, I n c.) C:\Users\Dylan\AppData\Roaming\Search Protection\SearchProtection.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Cristi) C:\Program Files (x86)\Dual Monitor\DualMonitor.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(SAMSUNG Electornics Co., Ltd.) C:\Users\Dylan\AppData\Roaming\VERIZON\UA_ar\UA.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\EPSON Software\Event Manager\EEventManager.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Razer Inc.) C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
 
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [hpsysdrv] => c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe [62768 2008-11-20] (Hewlett-Packard)
HKLM\...\Run: [Nvtmru] => "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe"
HKLM\...\Run: [Launch LGDCore] => C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe [4725320 2010-08-03] (Logitech Inc.)
HKLM\...\Run: [Launch LgDeviceAgent] => C:\Program Files\Logitech\GamePanel Software\LgDevAgt.exe [415816 2010-08-03] (Logitech Inc.)
HKLM\...\Run: [Launch LCDMon] => C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe [2412616 2010-08-03] (Logitech Inc.)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2460488 2014-09-16] (NVIDIA Corporation)
HKLM-x32\...\Run: [Microsoft Default Manager] => C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe [288088 2009-11-11] (Microsoft Corporation)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [4085896 2014-08-27] (AVAST Software)
HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [1058880 2013-03-28] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-01-17] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-09-01] (Apple Inc.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Razer Synapse] => C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe [585560 2014-06-23] (Razer Inc.)
HKLM\...\RunOnce: [NCPluginUpdater] => C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe [21720 2014-09-26] (Hewlett-Packard)
HKU\S-1-5-21-732149340-772113115-3497680213-1000\...\Run: [SearchProtection] => C:\Users\Dylan\AppData\Roaming\Search Protection\SearchProtection.EXE [1110888 2014-09-25] (S p i g o t, I n c.)
HKU\S-1-5-21-732149340-772113115-3497680213-1000\...\Run: [CMD] => cmd.exe /c start http://adverttraff.org && exit <===== ATTENTION
HKU\S-1-5-21-732149340-772113115-3497680213-1000\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [43816 2014-08-08] (Apple Inc.)
HKU\S-1-5-21-732149340-772113115-3497680213-1000\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [43816 2014-08-14] (Apple Inc.)
HKU\S-1-5-21-732149340-772113115-3497680213-1000\...\Run: [iCloudDrive] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe [43816 2014-08-15] (Apple Inc.)
HKU\S-1-5-21-732149340-772113115-3497680213-1000\...\Run: [dualmonitor] => C:\Program Files (x86)\Dual Monitor\DualMonitor.exe [478720 2013-02-18] (Cristi)
HKU\S-1-5-21-732149340-772113115-3497680213-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [6482200 2014-09-26] (Piriform Ltd)
HKU\S-1-5-21-732149340-772113115-3497680213-1000\...\MountPoints2: J - J:\SETUP.EXE
HKU\S-1-5-21-732149340-772113115-3497680213-1000\...\MountPoints2: K - K:\setup.exe
HKU\S-1-5-21-732149340-772113115-3497680213-1000\...\MountPoints2: L - L:\setup.exe
HKU\S-1-5-21-732149340-772113115-3497680213-1000\...\MountPoints2: {0d94e651-00a6-11e0-b28f-d485649b86de} - J:\Install.exe
HKU\S-1-5-21-732149340-772113115-3497680213-1000\...\MountPoints2: {0d94e674-00a6-11e0-b28f-d485649b86de} - O:\Install.exe
HKU\S-1-5-21-732149340-772113115-3497680213-1000\...\MountPoints2: {2b065ba8-92f3-11e3-9a30-806e6f6e6963} - E:\Autorun.exe
HKU\S-1-5-21-732149340-772113115-3497680213-1000\...\MountPoints2: {36b94185-d85c-11e3-9733-d485649b86de} - K:\VZW_Software_upgrade_assistant.exe
Startup: C:\Users\Dylan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Verizon Wireless Software Utility Application for Android – Samsung.lnk
ShortcutTarget: Verizon Wireless Software Utility Application for Android – Samsung.lnk -> C:\Users\Dylan\AppData\Roaming\VERIZON\UA_ar\UA.exe (SAMSUNG Electornics Co., Ltd.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Dylan\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Dylan\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Dylan\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Dylan\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Dylan\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Dylan\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Dylan\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Dylan\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.)
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://search.yahoo.com/?type=282369&fr=spigot-yhp-ie
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPDSK/1
URLSearchHook: HKLM-x32 - DVDVideoSoftTB Toolbar - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files (x86)\DVDVideoSoftTB\tbDVDV.dll (Conduit Ltd.)
URLSearchHook: HKCU - (No Name) - {00000000-6E41-4FD3-8538-502F5495E5FC} - No File
URLSearchHook: HKCU - DVDVideoSoftTB Toolbar - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files (x86)\DVDVideoSoftTB\tbDVDV.dll (Conduit Ltd.)
URLSearchHook: HKCU - (No Name) - {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - No File
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM - {488361CF-B7B5-40C9-8103-38546E4F1EA0} URL = http://www.ask.com/web?q={searchterms}&l=dis&o=ushpd
SearchScopes: HKLM - {BE9DE604-5A72-44B0-B6D8-1BFEF04E1B3A} URL = http://search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPDTDF
SearchScopes: HKLM - {D52D1E63-031A-4AE2-A135-AEDCF9E974F2} URL = http://en.wikipedia.org/wiki/Special:Search?search={searchTerms}
SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM-x32 - {488361CF-B7B5-40C9-8103-38546E4F1EA0} URL = http://www.ask.com/web?q={searchterms}&l=dis&o=ushpd
SearchScopes: HKLM-x32 - {BE9DE604-5A72-44B0-B6D8-1BFEF04E1B3A} URL = http://search.yahoo.com/search?p={searchTerms}&ei={inputEncoding}&fr=chr-hp-psg&type=HPDTDF
SearchScopes: HKLM-x32 - {D52D1E63-031A-4AE2-A135-AEDCF9E974F2} URL = http://en.wikipedia.org/wiki/Special:Search?search={searchTerms}
SearchScopes: HKCU - DefaultScope {BE9DE604-5A72-44B0-B6D8-1BFEF04E1B3A} URL = https://search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=282369&p={searchTerms}
SearchScopes: HKCU - {171DEBEB-C3D4-40b7-AC73-056A5EBA4A7E} URL = 
SearchScopes: HKCU - {488361CF-B7B5-40C9-8103-38546E4F1EA0} URL = http://www.ask.com/web?q={searchterms}&l=dis&o=ushpd
SearchScopes: HKCU - {BE9DE604-5A72-44B0-B6D8-1BFEF04E1B3A} URL = https://search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=282369&p={searchTerms}
SearchScopes: HKCU - {D52D1E63-031A-4AE2-A135-AEDCF9E974F2} URL = http://en.wikipedia.org/wiki/Special:Search?search={searchTerms}
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Skype add-on for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll (Hewlett-Packard)
BHO-x32: Adobe PDF Reader Link Helper -> {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: DVDVideoSoftTB Toolbar -> {872b5b88-9db5-4310-bdd0-ac189557e5f5} -> C:\Program Files (x86)\DVDVideoSoftTB\tbDVDV.dll (Conduit Ltd.)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Skype Browser Helper -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: No Name -> {D4027C7F-154A-4066-A1AD-4243D8127440} ->  No File
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
BHO-x32: Yontoo -> {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} -> C:\Program Files (x86)\Yontoo\YontooIEClient.dll (Yontoo LLC)
Toolbar: HKLM - avast! WebRep - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} -  No File
Toolbar: HKLM-x32 - DVDVideoSoftTB Toolbar - {872b5b88-9db5-4310-bdd0-ac189557e5f5} - C:\Program Files (x86)\DVDVideoSoftTB\tbDVDV.dll (Conduit Ltd.)
Toolbar: HKLM-x32 - No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} -  No File
Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File
Toolbar: HKCU - No Name - {872B5B88-9DB5-4310-BDD0-AC189557E5F5} -  No File
Toolbar: HKCU - No Name - {BF7380FA-E3B4-4DB2-AF3E-9D8783A45BFC} -  No File
Toolbar: HKCU - No Name - {30F9B915-B755-4826-820B-08FBA6BD249D} -  No File
Toolbar: HKCU - No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} -  No File
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.254.254
 
FireFox:
========
FF ProfilePath: C:\Users\Dylan\AppData\Roaming\Mozilla\Firefox\Profiles\atsiy84j.default
FF SearchEngineOrder.1: Ask.com
FF DefaultSearchEngine: Yahoo!
FF SelectedSearchEngine: Yahoo!
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_11_5_502_149.dll ()
FF Plugin: @garmin.com/GpsControl -> C:\Program Files\Garmin GPS Plugin\npGarmin.dll (GARMIN Corp.)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_149.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @esn/npbattlelog,version=2.4.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.4.0\npbattlelog.dll (EA Digital Illusions CE AB)
FF Plugin-x32: @garmin.com/GpsControl -> C:\Program Files (x86)\Garmin GPS Plugin\npGarmin.dll No File
FF Plugin-x32: @java.com/DTPlugin,version=10.45.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.45.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF user.js: detected! => C:\Users\Dylan\AppData\Roaming\Mozilla\Firefox\Profiles\atsiy84j.default\user.js
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\NPcol400.dll (Catalina Marketing Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF SearchPlugin: C:\Users\Dylan\AppData\Roaming\Mozilla\Firefox\Profiles\atsiy84j.default\searchplugins\yahoo_ff.xml
FF Extension: Conduit Engine  - C:\Users\Dylan\AppData\Roaming\Mozilla\Firefox\Profiles\atsiy84j.default\Extensions\engine@conduit.com [2011-03-21]
FF Extension: LogMeIn, Inc. Remote Access Plugin - C:\Users\Dylan\AppData\Roaming\Mozilla\Firefox\Profiles\atsiy84j.default\Extensions\LogMeInClient@logmein.com [2011-06-14]
FF Extension: OneClickDownloader - C:\Users\Dylan\AppData\Roaming\Mozilla\Firefox\Profiles\atsiy84j.default\Extensions\OneClickDownload@OneClickDownload.com [2012-10-20]
FF Extension: Yontoo - C:\Users\Dylan\AppData\Roaming\Mozilla\Firefox\Profiles\atsiy84j.default\Extensions\plugin@yontoo.com [2012-07-01]
FF Extension: DVDVideoSoftTB Community Toolbar - C:\Users\Dylan\AppData\Roaming\Mozilla\Firefox\Profiles\atsiy84j.default\Extensions\{872b5b88-9db5-4310-bdd0-ac189557e5f5} [2012-11-21]
FF Extension: uTorrentBar Community Toolbar - C:\Users\Dylan\AppData\Roaming\Mozilla\Firefox\Profiles\atsiy84j.default\Extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} [2012-11-21]
FF Extension: 4chan Extension - C:\Users\Dylan\AppData\Roaming\Mozilla\Firefox\Profiles\atsiy84j.default\Extensions\extension@4chan.org.xpi [2012-02-12]
FF Extension: Adblock Plus - C:\Users\Dylan\AppData\Roaming\Mozilla\Firefox\Profiles\atsiy84j.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2011-11-19]
FF Extension: Greasemonkey - C:\Users\Dylan\AppData\Roaming\Mozilla\Firefox\Profiles\atsiy84j.default\Extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi [2012-08-24]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2013-08-19]
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1} [2012-11-21]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} [2012-11-21]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} [2012-11-21]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} [2012-11-21]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2013-08-19]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2012-01-25]
 
Chrome: 
=======
CHR HomePage: Default -> https://www.google.com/
CHR Profile: C:\Users\Dylan\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Dylan\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-05-21]
CHR Extension: (avast! Online Security) - C:\Users\Dylan\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-08-27]
CHR Extension: (Skype Click to Call) - C:\Users\Dylan\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2013-08-19]
CHR Extension: (Google Wallet) - C:\Users\Dylan\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-20]
CHR Extension: (Space Planet) - C:\Users\Dylan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppcocpoeoiajndepaaimnnglicichmbb [2014-10-10]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-08-27]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx [2013-05-14]
CHR HKLM-x32\...\Chrome\Extension: [niapdbllcanepiiimjjndipklodoedlc] - C:\Users\Dylan\AppData\Local\Temp\YontooLayers.crx [2013-05-14]
CHR HKLM-x32\...\Chrome\Extension: [pmlghpafmmnmmkjdhacccolfgnkiboco] - C:\Program Files (x86)\1ClickDownload\oneclickdownloader10.crx [2013-05-14]
 
==================== Services (Whitelisted) =================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-08-27] (AVAST Software)
S4 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [49152 2013-03-02] () [File not signed]
R2 EpsonScanSvc; C:\Windows\system32\EscSvc64.exe [144560 2012-05-17] (Seiko Epson Corporation)
S3 FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [651720 2010-10-17] (Macrovision Europe Ltd.) [File not signed]
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1148744 2014-09-16] (NVIDIA Corporation)
R2 HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [86528 2012-09-27] (Hewlett-Packard Company) [File not signed]
R2 LightScribeService; c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [73728 2010-05-19] (Hewlett-Packard Company) [File not signed]
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe [376144 2014-07-19] (LogMeIn, Inc.)
R2 LogMeIn; C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe [407424 2010-12-16] (LogMeIn, Inc.)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2013-10-23] (Microsoft Corporation)
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [348376 2013-10-23] (Microsoft Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1795912 2014-09-16] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [19439944 2014-09-16] (NVIDIA Corporation)
R2 pdfcDispatcher; C:\Program Files (x86)\PDF Complete\pdfsvc.exe [635416 2009-10-14] (PDF Complete Inc)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2014-06-02] ()
 
==================== Drivers (Whitelisted) ====================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-08-27] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-08-27] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-08-27] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-08-27] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1041168 2014-08-27] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [427360 2014-08-27] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [92008 2014-08-27] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [224896 2014-08-27] ()
S2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [310728 2011-07-31] ()
S3 CpqDfw; C:\Windows\System32\drivers\CpqDfw.sys [27456 2012-05-29] (Windows ® Codename Longhorn DDK provider)
S3 CYUSB; C:\Windows\System32\Drivers\CYUSB.sys [47104 2009-08-10] (Cypress Semiconductor)
S3 danewFltr; C:\Windows\System32\drivers\danew.sys [12032 2010-03-23] (Razer (Asia-Pacific) Pte Ltd) [File not signed]
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [43168 2011-07-31] ()
R2 LMIInfo; C:\Program Files (x86)\LogMeIn\x64\RaInfo.sys [16056 2013-06-07] (LogMeIn, Inc.)
S4 LMIRfsClientNP; No ImagePath
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [248240 2013-09-27] (Microsoft Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [134944 2013-09-27] (Microsoft Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19272 2014-09-16] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [38048 2014-09-04] (NVIDIA Corporation)
R3 rzdaendpt; C:\Windows\System32\DRIVERS\rzdaendpt.sys [33448 2014-05-19] (Razer Inc)
R3 rzvkeyboard; C:\Windows\System32\DRIVERS\rzvkeyboard.sys [31400 2014-05-19] (Razer Inc)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [834544 2010-12-05] () [File not signed]
S3 usbbus; C:\Windows\System32\DRIVERS\lgx64bus.sys [17920 2008-11-11] (LG Electronics Inc.)
S3 UsbDiag; C:\Windows\System32\DRIVERS\lgx64diag.sys [27136 2008-11-11] (LG Electronics Inc.)
S3 USBModem; C:\Windows\System32\DRIVERS\lgx64modem.sys [33792 2008-11-11] (LG Electronics Inc.)
U3 acax2xvn; C:\Windows\System32\Drivers\acax2xvn.sys [0 ] (Microsoft Corporation)
R3 ALSysIO; \??\C:\Users\Dylan\AppData\Local\Temp\ALSysIO64.sys [X]
S3 GGSAFERDriver; \??\C:\Program Files (x86)\Garena\safedrv.sys [X]
S1 MpKsl8bede882; \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{512B9F8D-CF19-40A8-BACF-4D9393528237}\MpKsl8bede882.sys [X]
S3 sxuptp; system32\DRIVERS\sxuptp.sys [X]
S3 VBoxNetFlt; system32\DRIVERS\VBoxNetFlt.sys [X]
R3 WinRing0_1_2_0; \??\C:\Users\Dylan\AppData\Local\Temp\tmp157.tmp [X]
S3 X6va003; \??\C:\Users\Dylan\AppData\Local\Temp\0039F73.tmp [X]
S3 XFDriver64; \??\C:\Program Files (x86)\Xfire2\XFDriver64.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
 
 
==================== One Month Created Files and Folders ========
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2014-10-12 13:18 - 2014-10-12 13:19 - 00032141 _____ () C:\Users\Dylan\Downloads\FRST.txt
2014-10-12 13:18 - 2014-10-12 13:18 - 00000000 ____D () C:\FRST
2014-10-12 13:17 - 2014-10-12 13:17 - 02110464 _____ (Farbar) C:\Users\Dylan\Downloads\FRST64.exe
2014-10-12 01:00 - 2014-10-12 13:05 - 00000168 _____ () C:\Windows\setupact.log
2014-10-12 01:00 - 2014-10-12 01:00 - 00000000 _____ () C:\Windows\setuperr.log
2014-10-11 23:26 - 2014-10-11 23:27 - 04965896 _____ (Piriform Ltd) C:\Users\Dylan\Downloads\ccsetup418.exe
2014-10-10 19:16 - 2014-10-10 19:16 - 00002217 _____ () C:\Users\Public\Desktop\Google Chrome (2).lnk
2014-10-10 19:15 - 2014-10-10 19:15 - 00001012 _____ () C:\Users\Public\Desktop\Dual Monitor.lnk
2014-10-10 19:15 - 2014-10-10 19:15 - 00000000 ____D () C:\Users\Dylan\AppData\Roaming\Dual Monitor
2014-10-10 19:15 - 2014-10-10 19:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dual Monitor
2014-10-10 19:15 - 2014-10-10 19:15 - 00000000 ____D () C:\Program Files (x86)\Dual Monitor
2014-10-10 19:14 - 2014-10-10 19:14 - 00855093 _____ (Cristi Diaconu ) C:\Users\Dylan\Downloads\DualMonitor 1.22 Setup.exe
2014-10-10 18:22 - 2014-10-10 18:22 - 00002217 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-10-10 18:22 - 2014-10-10 18:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-10-10 18:19 - 2014-10-12 13:07 - 00000892 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-10-10 18:19 - 2014-10-12 01:24 - 00000896 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-10-10 18:19 - 2014-10-10 18:19 - 00003892 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-10-10 18:19 - 2014-10-10 18:19 - 00003640 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-10-10 16:41 - 2014-10-10 16:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast
2014-10-08 12:17 - 2014-10-08 12:17 - 00000000 ____D () C:\Users\Dylan\Documents\WB Games
2014-10-08 12:17 - 2014-10-08 12:17 - 00000000 ____D () C:\Users\Dylan\AppData\Roaming\Steam
2014-10-08 11:53 - 2014-10-11 23:26 - 00000000 ____D () C:\Program Files (x86)\Middle Earth Shadow of Mordor
2014-10-07 22:58 - 2014-10-07 22:59 - 00000000 ____D () C:\Program Files (x86)\Google
2014-10-06 20:03 - 2014-10-11 15:09 - 00000000 ____D () C:\Users\Dylan\AppData\Roaming\TS3Client
2014-10-06 20:03 - 2014-10-06 20:03 - 00001212 _____ () C:\Users\Dylan\Desktop\TeamSpeak 3 Client.lnk
2014-10-06 20:03 - 2014-10-06 20:03 - 00000000 ____D () C:\Users\Dylan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client
2014-10-06 20:03 - 2014-10-06 20:03 - 00000000 ____D () C:\Users\Dylan\AppData\Local\TeamSpeak 3 Client
2014-10-06 19:58 - 2014-10-06 19:59 - 28115400 _____ (TeamSpeak Systems GmbH) C:\Users\Dylan\Downloads\TeamSpeak3-Client-win32-3.0.16.exe
2014-10-06 13:38 - 2014-10-06 13:38 - 27301724 _____ () C:\Users\Dylan\Downloads\torbrowser-install-3.6.6_en-US.exe
2014-10-05 21:15 - 2014-10-05 21:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mumble
2014-10-05 21:13 - 2014-10-05 21:15 - 00000000 ____D () C:\Program Files (x86)\Mumble
2014-10-05 21:12 - 2014-10-05 21:13 - 15391888 _____ () C:\Users\Dylan\Downloads\mumble-1.2.8_plus_MumbleComSkin.exe
2014-10-04 15:03 - 2014-10-12 13:08 - 00000000 ___RD () C:\Users\Dylan\iCloudDrive
2014-10-04 15:03 - 2014-10-04 15:03 - 00000000 ____D () C:\Users\Dylan\AppData\Local\Apple Inc
2014-10-04 14:18 - 2014-10-04 14:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud
2014-10-02 17:20 - 2014-10-04 22:38 - 00000000 ____D () C:\Users\Dylan\AppData\Local\DisplayFusion
2014-10-02 17:11 - 2014-10-02 17:11 - 00000000 __SHD () C:\Users\Dylan\AppData\Roaming\Common
2014-10-02 17:11 - 2014-10-02 17:11 - 00000000 ____D () C:\ProgramData\Binary Fortress Software
2014-10-02 17:10 - 2010-07-21 00:22 - 00000000 ____D () C:\Program Files (x86)\DisplayFusion
2014-10-02 17:06 - 2014-10-02 17:07 - 10533864 _____ (Binary Fortress Software ) C:\Users\Dylan\Downloads\DisplayFusionSetup-6.1.2.exe
2014-10-02 16:58 - 2014-10-02 16:58 - 00000000 ____D () C:\Program Files (x86)\AGEIA Technologies
2014-10-02 16:57 - 2014-09-13 15:13 - 00613696 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2014-10-02 16:53 - 2014-09-16 23:51 - 00197408 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys
2014-10-02 16:53 - 2014-09-16 23:51 - 00031520 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll
2014-10-02 16:53 - 2014-09-13 18:48 - 00867528 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2014-10-02 16:52 - 2014-09-13 18:48 - 31887680 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2014-10-02 16:52 - 2014-09-13 18:48 - 24552592 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2014-10-02 16:52 - 2014-09-13 18:48 - 20922512 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2014-10-02 16:52 - 2014-09-13 18:48 - 19954520 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2014-10-02 16:52 - 2014-09-13 18:48 - 17259664 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2014-10-02 16:52 - 2014-09-13 18:48 - 14026304 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2014-10-02 16:52 - 2014-09-13 18:48 - 13939272 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2014-10-02 16:52 - 2014-09-13 18:48 - 13157696 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2014-10-02 16:52 - 2014-09-13 18:48 - 11392576 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2014-10-02 16:52 - 2014-09-13 18:48 - 11330776 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2014-10-02 16:52 - 2014-09-13 18:48 - 04287296 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2014-10-02 16:52 - 2014-09-13 18:48 - 04008592 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2014-10-02 16:52 - 2014-09-13 18:48 - 01876296 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6434411.dll
2014-10-02 16:52 - 2014-09-13 18:48 - 01539272 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6434411.dll
2014-10-02 16:52 - 2014-09-13 18:48 - 00957584 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2014-10-02 16:52 - 2014-09-13 18:48 - 00925896 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2014-10-02 16:52 - 2014-09-13 18:48 - 00919240 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2014-10-02 16:52 - 2014-09-13 18:48 - 00894096 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2014-10-02 16:52 - 2014-09-13 18:48 - 00501064 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2014-10-02 16:52 - 2014-09-13 18:48 - 00417096 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2014-10-02 16:52 - 2014-09-13 18:48 - 00393024 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2014-10-02 16:52 - 2014-09-13 18:48 - 00352016 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2014-10-02 16:52 - 2014-09-13 18:48 - 00348304 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2014-10-02 16:52 - 2014-09-13 18:48 - 00303600 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2014-10-02 16:52 - 2014-09-13 18:48 - 00174856 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2014-10-02 16:52 - 2014-09-13 18:48 - 00156840 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2014-10-02 16:39 - 2014-10-02 16:40 - 07525087 _____ () C:\Users\Dylan\Downloads\Chronokeeper0.7.8.1.0.0.0.1.zip
2014-10-02 16:24 - 2014-10-02 16:24 - 00600638 _____ () C:\Users\Dylan\Downloads\OnTopReplica-3_5_1-Setup.exe
2014-10-02 16:24 - 2014-10-02 16:24 - 00000000 ____D () C:\Users\Dylan\AppData\Local\Lorenz_Cuno_Klopfenstein
2014-10-02 16:23 - 2014-10-02 16:23 - 00600635 _____ () C:\Users\Dylan\Downloads\ontopreplica-setup.exe
2014-10-02 16:08 - 2014-10-02 16:08 - 00000000 ____D () C:\Users\Dylan\AppData\Local\Razer
2014-10-01 15:52 - 2014-10-01 15:52 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_rzudd_01009.Wdf
2014-10-01 15:48 - 2014-10-01 15:48 - 00000000 ____D () C:\Users\Public\Documents\CrashDump
2014-10-01 15:47 - 2014-10-01 15:47 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_rzdaendpt_01009.Wdf
2014-10-01 15:46 - 2014-10-01 15:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Razer
2014-10-01 15:03 - 2014-10-01 15:03 - 00000000 ____D () C:\Users\Dylan\Downloads\codex-middle.earth.shadow.of.mordor
2014-10-01 12:23 - 2014-10-10 19:29 - 00000000 ____D () C:\Users\Dylan\Downloads\Middle.Earth.Shadow.of.Mordor-CODEX
2014-09-30 00:46 - 2014-09-04 14:14 - 00038048 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2014-09-30 00:46 - 2014-09-04 14:14 - 00032416 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2014-09-27 10:39 - 2014-09-28 22:07 - 00000000 ____D () C:\Users\Dylan\AppData\Local\Warframe
2014-09-26 21:27 - 2014-09-26 21:27 - 00000222 _____ () C:\Users\Dylan\Desktop\Warframe.url
2014-09-26 12:56 - 2014-09-26 12:56 - 00001320 _____ () C:\Users\Dylan\Desktop\Gauntlet.lnk
2014-09-26 12:30 - 2014-09-26 12:30 - 00000000 ____D () C:\Users\Dylan\AppData\Roaming\Arrowhead
2014-09-26 12:19 - 2014-09-26 12:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gauntlet
2014-09-26 12:18 - 2014-09-26 20:10 - 00000000 ____D () C:\Program Files (x86)\Gauntlet
2014-09-26 12:06 - 2014-09-26 12:16 - 00000000 ____D () C:\Users\Dylan\Documents\Endless Legend
2014-09-26 01:51 - 2014-09-26 03:35 - 00000000 ____D () C:\Users\Dylan\Downloads\Gauntlet [Steam-Rip]
2014-09-25 20:12 - 2014-09-25 20:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-09-25 20:11 - 2014-09-25 20:12 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-09-25 20:11 - 2014-09-25 20:12 - 00000000 ____D () C:\Program Files\iTunes
2014-09-25 20:11 - 2014-09-25 20:12 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-09-25 20:11 - 2014-09-25 20:11 - 00000000 ____D () C:\Program Files\iPod
2014-09-15 11:08 - 2014-09-15 11:08 - 00000000 ____D () C:\Users\Dylan\Downloads\Pink Floyd 1973 The Dark Side Of The Moon 2011 Remastered & Arts 320 Kbps
2014-09-13 14:24 - 2014-09-14 00:29 - 00000000 ____D () C:\Users\Dylan\Downloads\Rocksmith 2014 + All DLC's (including RS1) and No Cable Fix
2014-09-13 11:54 - 2014-09-13 11:54 - 00000000 ____D () C:\Users\Holly\AppData\Local\Apple
 
==================== One Month Modified Files and Folders =======
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2014-10-12 13:15 - 2010-08-15 01:51 - 01194237 _____ () C:\Windows\WindowsUpdate.log
2014-10-12 13:12 - 2010-09-25 10:39 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-10-12 13:11 - 2010-09-25 05:15 - 00003930 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{A5260E60-952A-4C43-B6D0-F9FE84C1C654}
2014-10-12 13:09 - 2012-09-05 23:29 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-10-12 13:05 - 2014-05-26 18:10 - 00000966 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Client.lnk
2014-10-12 13:05 - 2014-05-26 18:10 - 00000950 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Control Panel.lnk
2014-10-12 13:04 - 2010-10-01 20:17 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-10-12 13:04 - 2009-07-14 00:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-10-12 01:30 - 2010-11-08 16:50 - 00000000 ____D () C:\ProgramData\LogMeIn
2014-10-12 01:27 - 2014-08-30 18:27 - 00000911 _____ () C:\Windows\Tasks\EPSON XP-610 Series Update {CF03BCF8-DB26-498D-8115-8FCBE9C606A0}.job
2014-10-12 01:27 - 2014-08-30 18:27 - 00000725 _____ () C:\Windows\Tasks\EPSON XP-610 Series Invitation {CF03BCF8-DB26-498D-8115-8FCBE9C606A0}.job
2014-10-11 23:31 - 2010-12-05 15:29 - 00000000 ____D () C:\Users\Dylan\AppData\Roaming\uTorrent
2014-10-11 23:30 - 2012-01-12 00:04 - 00000000 ____D () C:\Users\Dylan\AppData\Roaming\TeamViewer
2014-10-11 23:29 - 2010-10-01 19:01 - 00000000 ____D () C:\Users\Dylan\AppData\Local\CrashDumps
2014-10-11 23:29 - 2010-09-25 08:37 - 00000000 ____D () C:\Windows\Minidump
2014-10-11 23:27 - 2012-08-10 16:23 - 00000784 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-10-11 23:27 - 2012-08-10 16:23 - 00000000 ____D () C:\Program Files\CCleaner
2014-10-11 19:49 - 2009-07-13 23:45 - 00015792 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-10-11 19:49 - 2009-07-13 23:45 - 00015792 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-10-10 21:01 - 2012-10-01 16:25 - 00003186 _____ () C:\Windows\System32\Tasks\HPCeeScheduleForDylan
2014-10-10 21:01 - 2012-10-01 16:25 - 00000332 _____ () C:\Windows\Tasks\HPCeeScheduleForDylan.job
2014-10-10 19:29 - 2010-09-28 05:26 - 00000000 ____D () C:\Users\Holly
2014-10-10 19:29 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\AppCompat
2014-10-10 19:28 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\registration
2014-10-10 18:19 - 2012-09-14 23:51 - 00000000 ____D () C:\Users\Dylan\AppData\Local\Google
2014-10-10 18:19 - 2011-09-20 15:41 - 00000000 ____D () C:\Users\Dylan\AppData\Local\Deployment
2014-10-10 16:41 - 2013-01-12 16:57 - 00001928 _____ () C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2014-10-10 16:33 - 2010-08-15 01:52 - 00000000 ____D () C:\ProgramData\PDFC
2014-10-10 16:31 - 2010-09-25 05:04 - 00000000 ____D () C:\Users\Dylan
2014-10-07 15:54 - 2014-01-11 01:31 - 00000000 ____D () C:\Users\Dylan\AppData\Roaming\Guild Wars 2
2014-10-07 15:52 - 2012-09-16 00:31 - 00000000 ____D () C:\Users\Dylan\Documents\Guild Wars 2
2014-10-07 15:51 - 2012-03-13 18:48 - 00000000 ____D () C:\Users\Dylan\AppData\Roaming\Mumble
2014-10-06 15:01 - 2011-11-21 21:22 - 00000000 _____ () C:\Windows\system32\HP_ActiveX_Patch_NOT_DETECTED.txt
2014-10-06 15:01 - 2010-10-11 18:25 - 00000052 _____ () C:\Windows\SysWOW64\DOErrors.log
2014-10-06 14:59 - 2010-10-11 18:24 - 00000000 ____D () C:\Users\Dylan\AppData\Roaming\HP Support Assistant
2014-10-06 14:59 - 2010-09-26 05:47 - 00000000 ____D () C:\Users\Dylan\AppData\Roaming\HpUpdate
2014-10-04 16:28 - 2012-11-22 21:39 - 00000000 ____D () C:\Program Files (x86)\Diablo III
2014-10-04 16:27 - 2014-02-13 04:00 - 00000000 ____D () C:\Program Files (x86)\Hearthstone
2014-10-04 16:26 - 2014-02-13 03:37 - 00000000 ____D () C:\Program Files (x86)\Battle.net
2014-10-04 16:25 - 2014-02-13 03:37 - 00000000 ____D () C:\Users\Dylan\AppData\Local\Battle.net
2014-10-04 15:03 - 2010-10-01 19:59 - 00000000 ____D () C:\Users\Dylan\AppData\Roaming\Apple Computer
2014-10-02 16:58 - 2010-12-31 23:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2014-10-02 16:57 - 2010-10-01 20:16 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2014-10-02 16:06 - 2014-08-23 16:52 - 00000000 ____D () C:\Program Files (x86)\Razer
2014-10-02 16:04 - 2009-07-13 23:45 - 00460312 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-10-02 02:25 - 2010-09-25 05:05 - 00120824 _____ () C:\Users\Dylan\AppData\Local\GDIPFONTCACHEV1.DAT
2014-10-01 15:48 - 2014-05-10 15:49 - 00000000 ____D () C:\Users\Dylan\AppData\Roaming\VERIZON
2014-10-01 15:41 - 2013-04-06 21:18 - 00000000 ____D () C:\Games
2014-10-01 15:40 - 2010-11-08 17:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\San Andreas Multiplayer
2014-10-01 15:34 - 2014-01-27 14:51 - 00000000 ____D () C:\Users\Dylan\Downloads\Lindsey Stirling - Lindsey Stirling [2013] [Limited Deluxe Edition] [Mp3-320]-V3nom [GLT]
2014-10-01 15:28 - 2010-10-02 00:09 - 00000000 ____D () C:\Users\Dylan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2014-10-01 15:20 - 2009-07-14 00:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-10-01 15:18 - 2010-09-25 08:41 - 00000000 ____D () C:\Program Files (x86)\Electronic Arts
2014-10-01 15:15 - 2010-10-08 18:09 - 00000000 ____D () C:\Program Files (x86)\DVDVideoSoft
2014-10-01 15:13 - 2010-10-01 18:30 - 00000000 ____D () C:\Users\Dylan\AppData\Local\Thunderbird
2014-10-01 15:12 - 2010-08-15 01:51 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-10-01 15:12 - 2009-07-14 00:13 - 00808206 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-10-01 15:07 - 2010-09-25 08:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Electronic Arts
2014-09-30 00:47 - 2010-10-01 20:16 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2014-09-25 20:12 - 2014-08-30 17:16 - 00001745 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-09-22 01:42 - 2010-10-01 17:37 - 00278152 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-09-18 18:24 - 2009-07-14 00:08 - 00032652 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-09-16 23:51 - 2014-01-29 22:34 - 01538880 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdagenco6420103.dll
2014-09-16 21:13 - 2014-06-04 23:11 - 01291280 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspbridge.dll
2014-09-16 21:13 - 2013-10-30 11:18 - 02193560 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2014-09-16 21:12 - 2014-06-04 23:11 - 01715224 _____ (NVIDIA Corporation) C:\Windows\system32\nvspbridge64.dll
2014-09-16 21:12 - 2013-10-30 11:18 - 02799784 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2014-09-13 18:48 - 2014-08-27 17:55 - 18106152 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2014-09-13 18:48 - 2014-01-29 22:34 - 16875856 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2014-09-13 18:48 - 2013-10-31 23:19 - 00984424 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2014-09-13 18:48 - 2012-09-24 19:07 - 02838424 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2014-09-13 18:48 - 2011-12-10 22:00 - 20589536 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2014-09-13 18:48 - 2011-12-10 22:00 - 03223120 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2014-09-13 18:48 - 2011-12-10 22:00 - 00026956 _____ () C:\Windows\system32\nvinfo.pb
2014-09-13 16:53 - 2011-12-10 22:05 - 06890696 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2014-09-13 16:53 - 2011-12-10 22:05 - 03529872 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2014-09-13 16:53 - 2011-12-10 22:05 - 00934216 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2014-09-13 16:53 - 2011-12-10 22:05 - 00385168 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2014-09-13 16:53 - 2011-12-10 22:05 - 00062608 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
 
Files to move or delete:
====================
C:\Users\Dylan\CrossFire_Setup_v1052.exe
 
 
Some content of TEMP:
====================
C:\Users\Holly\AppData\Local\Temp\TB_9E03.exe
 
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2014-10-11 05:00
 
==================== End Of Log ============================
 
And the Addition
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 12-10-2014
Ran by Dylan at 2014-10-12 13:20:18
Running from C:\Users\Dylan\Downloads
Boot Mode: Normal
==========================================================
 
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Microsoft Security Essentials (Enabled - Up to date) {641105E6-77ED-3F35-A304-765193BCB75F}
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
AS: Microsoft Security Essentials (Enabled - Up to date) {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
 
==================== Installed Programs ======================
 
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
 Update for Microsoft Office 2007 (KB2508958) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0C5823AA-7B6F-44E1-8D5B-8FD1FF0E6438}) (Version:  - Microsoft)
µTorrent (HKCU\...\uTorrent) (Version: 3.4.2.34024 - BitTorrent Inc.)
7-Zip 9.20 (HKLM-x32\...\7-Zip) (Version:  - )
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Adobe Acrobat 5.0 (HKLM-x32\...\Adobe Acrobat 5.0) (Version: 5.0 - Adobe Systems, Inc.)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.4.0.2540 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 3.4.0.2540 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 10 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 10.0.42.34 - Adobe Systems Incorporated)
Adobe Flash Player 11 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 11.5.502.149 - Adobe Systems Incorporated)
Adobe Photoshop Elements 7.0 (HKLM-x32\...\Adobe Photoshop Elements 7) (Version: 7.0 - Adobe Systems Incorporated)
Adobe Photoshop Elements 7.0 (x32 Version: 7.0.0.3 - Adobe Systems Incorporated) Hidden
Adobe Photoshop.com Inspiration Browser (HKLM-x32\...\PhotoshopdotcomInspirationBrowser.4C35C4D325D350FE0114230CBADCA2DDD0AC8D25.1) (Version: 2.61 - Adobe Systems Incorporated)
Adobe Reader 9.5.5 (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-A95000000001}) (Version: 9.5.5 - Adobe Systems Incorporated)
Apple Application Support (HKLM-x32\...\{78002155-F025-4070-85B3-7C0453561701}) (Version: 3.0.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{B678797F-DF38-4556-8A31-8B818E261868}) (Version: 8.0.0.23 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ATI Catalyst Install Manager (HKLM\...\{7C7A5A92-046C-A38C-AE0F-8F9CCA0F67A8}) (Version: 3.0.774.0 - ATI Technologies, Inc.)
avast! Free Antivirus (HKLM-x32\...\avast) (Version: 9.0.2021 - AVAST Software)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.4.0 - EA Digital Illusions CE AB)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Call of Duty: United Offensive (HKLM-x32\...\Steam App 2640) (Version:  - Activision)
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - ATI) Hidden
Catalyst Control Center Core Implementation (x32 Version: 2010.0511.2153.37435 - ATI) Hidden
Catalyst Control Center Graphics Full Existing (x32 Version: 2010.0511.2153.37435 - ATI) Hidden
Catalyst Control Center Graphics Full New (x32 Version: 2010.0511.2153.37435 - ATI) Hidden
Catalyst Control Center Graphics Light (x32 Version: 2010.0511.2153.37435 - ATI) Hidden
Catalyst Control Center Graphics Previews Vista (x32 Version: 2010.0511.2153.37435 - ATI) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2010.0511.2153.37435 - ATI Technologies, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2010.0511.2153.37435 - ATI) Hidden
CCC Help Chinese Standard (x32 Version: 2010.0511.2152.37435 - ATI) Hidden
CCC Help Chinese Traditional (x32 Version: 2010.0511.2152.37435 - ATI) Hidden
CCC Help Czech (x32 Version: 2010.0511.2152.37435 - ATI) Hidden
CCC Help Danish (x32 Version: 2010.0511.2152.37435 - ATI) Hidden
CCC Help Dutch (x32 Version: 2010.0511.2152.37435 - ATI) Hidden
CCC Help English (x32 Version: 2010.0511.2152.37435 - ATI) Hidden
CCC Help Finnish (x32 Version: 2010.0511.2152.37435 - ATI) Hidden
CCC Help French (x32 Version: 2010.0511.2152.37435 - ATI) Hidden
CCC Help German (x32 Version: 2010.0511.2152.37435 - ATI) Hidden
CCC Help Greek (x32 Version: 2010.0511.2152.37435 - ATI) Hidden
CCC Help Hungarian (x32 Version: 2010.0511.2152.37435 - ATI) Hidden
CCC Help Italian (x32 Version: 2010.0511.2152.37435 - ATI) Hidden
CCC Help Japanese (x32 Version: 2010.0511.2152.37435 - ATI) Hidden
CCC Help Korean (x32 Version: 2010.0511.2152.37435 - ATI) Hidden
CCC Help Norwegian (x32 Version: 2010.0511.2152.37435 - ATI) Hidden
CCC Help Polish (x32 Version: 2010.0511.2152.37435 - ATI) Hidden
CCC Help Portuguese (x32 Version: 2010.0511.2152.37435 - ATI) Hidden
CCC Help Russian (x32 Version: 2010.0511.2152.37435 - ATI) Hidden
CCC Help Spanish (x32 Version: 2010.0511.2152.37435 - ATI) Hidden
CCC Help Swedish (x32 Version: 2010.0511.2152.37435 - ATI) Hidden
CCC Help Thai (x32 Version: 2010.0511.2152.37435 - ATI) Hidden
CCC Help Turkish (x32 Version: 2010.0511.2152.37435 - ATI) Hidden
ccc-core-static (x32 Version: 2010.0511.2153.37435 - ATI) Hidden
ccc-utility64 (Version: 2010.0511.2153.37435 - ATI) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 4.18 - Piriform)
CinemaNow Media Manager (HKLM-x32\...\{6C122441-1861-4CD7-B1C5-A163A6984E12}) (Version: 1.9.1.105 - CinemaNow, Inc.)
Command & Conquer™: Generals and Zero Hour (HKLM-x32\...\{609F6FD5-4B22-4D7A-AD30-8C9DD480D5BE}) (Version: 1.0.0.0 - Electronic Arts, Inc.)
Core Temp version 0.99.7 (HKLM\...\{086D343F-8E78-4AFC-81AC-D6D414AFD8AC}_is1) (Version: 0.99.7 - Arthur Liberman)
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version:  - )
CyberLink DVD Suite Deluxe (HKLM-x32\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 7.0.2823 - CyberLink Corp.)
CyberLink DVD Suite Deluxe (x32 Version: 7.0.2823 - CyberLink Corp.) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (HKLM-x32\...\{90140000-0019-0000-0000-0000000FF1CE}_Office14.PUBLISHER_{81FB7C60-565A-4869-9D90-3BE1D270E8B7}) (Version:  - Microsoft)
Diablo III (HKLM-x32\...\Diablo III) (Version:  - Blizzard Entertainment)
Dota 2 (HKLM-x32\...\Steam App 570) (Version:  - )
Dragon Age: Origins (HKLM-x32\...\{AEC81925-9C76-4707-84A9-40696C613ED3}) (Version: 1.03 - Electronic Arts, Inc.)
Dropbox (HKCU\...\Dropbox) (Version: 2.6.24 - Dropbox, Inc.)
Dual Monitor 1.22 (HKLM-x32\...\{64AA3F94-ED4A-4A4B-B72C-B7A1481ED5D8}_is1) (Version: 1.22.021813 - Cristi Diaconu)
Dust: An Elysian Tail (HKLM-x32\...\Steam App 236090) (Version:  - Humble Hearts LLC)
DVD Menu Pack for HP MediaSmart Video (HKLM-x32\...\InstallShield_{FB4BB287-37F9-4E27-9C4D-2D3882E08EFF}) (Version: 4.1.4030 - Hewlett-Packard)
DVD Menu Pack for HP MediaSmart Video (x32 Version: 4.1.4030 - Hewlett-Packard) Hidden
DVDVideoSoftTB Toolbar (HKLM-x32\...\DVDVideoSoftTB Toolbar) (Version:  - )
EPSON Connect version 1.0 (HKLM-x32\...\EPSON Connect_is1) (Version: 1.0 - Epson America Inc.)
Epson Customer Participation (HKLM\...\{814FA673-A085-403C-9545-747FC1495069}) (Version: 1.6.3.0 - SEIKO EPSON CORPORATION)
Epson Event Manager (HKLM-x32\...\{116DBCAF-9544-4592-9156-AC99F6C2D426}) (Version: 3.10.0016 - Seiko Epson Corporation)
Epson Print CD (HKLM-x32\...\{D16A31F9-276D-4968-A753-FFEAC56995D0}) (Version: 2.21.00 - SEIKO EPSON CORPORATION)
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version:  - Seiko Epson Corporation)
EPSON XP-610 Series Printer Uninstall (HKLM\...\EPSON XP-610 Series) (Version:  - SEIKO EPSON Corporation)
EPSON XP-610 User’s Guide version 1.0 (HKLM-x32\...\UsersGuideEPSON XP-610 User’s Guide_is1) (Version: 1.0 - )
EpsonNet Print (HKLM-x32\...\{3E31400D-274E-4647-916C-2CACC3741799}) (Version: 2.6.0 - SEIKO EPSON CORPORATION)
EVGA Precision X 4.2.1 (HKLM-x32\...\PrecisionX) (Version: 4.2.1 - EVGA Corporation)
Free Studio version 4.9 (HKLM-x32\...\Free Studio_is1) (Version:  - DVDVideoSoft Limited.)
GameRanger (HKCU\...\GameRanger) (Version:  - GameRanger Technologies)
Garmin Communicator Plugin (HKLM-x32\...\{032A13FF-D26D-4844-9597-7EF698627985}) (Version: 4.1.0 - Garmin Ltd or its subsidiaries)
Garmin Communicator Plugin x64 (HKLM\...\{AFA301E1-B410-4F1B-B1C0-2E92FDCD94AD}) (Version: 4.1.0 - Garmin Ltd or its subsidiaries)
Gauntlet (HKLM-x32\...\Gauntlet_is1) (Version: 1.0 - Релиз от R.G. Steamgames)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 38.0.2125.101 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.5 - Google Inc.) Hidden
Halo: Spartan Assault (HKLM-x32\...\Steam App 277430) (Version:  - Vanguard Games)
Hearthstone (HKLM-x32\...\Hearthstone) (Version:  - Blizzard Entertainment)
Heroes of Newerth (HKLM-x32\...\hon) (Version: 2.3.0 - S2 Games)
Hewlett-Packard ACLM.NET v1.2.1.1 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
HP Customer Experience Enhancements (x32 Version: 6.0.1.7 - Hewlett-Packard) Hidden
HP MediaSmart CinemaNow 2.0 (HKLM-x32\...\{9008D736-35CA-40DB-A2BE-5F32D954E5AA}) (Version: 2.0 - Hewlett-Packard)
HP MediaSmart DVD (HKLM-x32\...\InstallShield_{DCCAD079-F92C-44DA-B258-624FC6517A5A}) (Version: 4.1.4229 - Hewlett-Packard)
HP MediaSmart DVD (x32 Version: 4.1.4229 - Hewlett-Packard) Hidden
HP MediaSmart Music (HKLM-x32\...\InstallShield_{91A34181-9FAD-43AB-A35F-E7A8945B7E1C}) (Version: 4.1.4301 - Hewlett-Packard)
HP MediaSmart Music (x32 Version: 4.1.4301 - Hewlett-Packard) Hidden
HP MediaSmart Photo (HKLM-x32\...\InstallShield_{6DAF8CDC-9B04-413B-A0F2-BCC13CF8A5BF}) (Version: 4.1.4211 - Hewlett-Packard)
HP MediaSmart Photo (x32 Version: 4.1.4211 - Hewlett-Packard) Hidden
HP MediaSmart SmartMenu (HKLM\...\{5B08AF35-B699-4A44-BB89-3E51E70611E8}) (Version: 3.1.1.12 - Hewlett-Packard)
HP MediaSmart Video (HKLM-x32\...\InstallShield_{D12E3E7F-1B13-4933-A915-16C7DD37A095}) (Version: 4.1.4214 - Hewlett-Packard)
HP MediaSmart Video (x32 Version: 4.1.4214 - Hewlett-Packard) Hidden
HP MediaSmart/TouchSmart Netflix (HKLM-x32\...\{BDDA1E1E-204E-4368-B0C2-737F16B76307}) (Version: 1.0.3.0 - Hewlett-Packard)
HP Odometer (HKLM-x32\...\{B8AC1A89-FFD1-4F97-8051-E505A160F562}) (Version: 2.10.0000 - Hewlett-Packard)
HP Product Detection (HKLM-x32\...\{A436F67F-687E-4736-BD2B-537121A804CF}) (Version: 11.14.0001 - HP)
HP Setup (HKLM-x32\...\{72D90DB3-A16A-4545-B555-868471101833}) (Version: 8.1.4186.3400 - Hewlett-Packard)
HP Support Assistant (HKLM-x32\...\{EE202411-2C26-49E8-9784-1BC1DBF7DE96}) (Version: 7.0.39.15 - Hewlett-Packard Company)
HP Support Information (HKLM-x32\...\{B9A03B7B-E0FF-4FB3-BA83-762E58A1B0AA}) (Version: 10.1.0002 - Hewlett-Packard)
HP Update (HKLM-x32\...\{DE77FE3F-A33D-499A-87AD-5FC406617B40}) (Version: 5.002.003.003 - Hewlett-Packard)
HP Vision Hardware Diagnostics (HKLM\...\{D79A02E9-6713-4335-9668-AAC7474C0C0E}) (Version: 2.1.2.27173 - Hewlett-Packard)
iCloud (HKLM\...\{6096C0CC-7E19-4355-87F0-627EC5AA146D}) (Version: 4.0.3.56 - Apple Inc.)
iTunes (HKLM\...\{F46AA0F1-E284-4878-A462-5F11B9166C0E}) (Version: 11.4.0.18 - Apple Inc.)
Java 7 Update 45 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217017FF}) (Version: 7.0.450 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
jZip (HKLM-x32\...\jZip) (Version:  - Discordia Limited.)
Kobo (HKLM-x32\...\Kobo) (Version:  - )
LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.2823 - CyberLink Corp.)
LabelPrint (x32 Version: 2.5.2823 - CyberLink Corp.) Hidden
Left 4 Dead 2 (HKLM-x32\...\Steam App 550) (Version:  - Valve)
LG USB Modem driver (HKLM-x32\...\{C3ABE126-2BB2-4246-BFE1-6797679B3579}) (Version:  - )
LightScribe System Software (HKLM-x32\...\{46BA053F-57B3-4153-BDB6-D37EEC8B12D7}) (Version: 1.18.15.1 - LightScribe)
Logitech GamePanel Software 3.06.109 (HKLM\...\{A1E85B9A-AFAD-4D38-AF01-6B020DD5213A}) (Version: 3.06.109 - Logitech Inc.)
LogMeIn (HKLM-x32\...\{5D112C61-C8D0-4718-8DD7-B9115EB9AF90}) (Version: 4.1.1558 - LogMeIn, Inc.)
LTCM Client (HKLM-x32\...\{B38E9B55-7136-4E66-A084-320512FF3F6F}) (Version: 1.20.3792 - Leader Technologies Inc)
Microsoft .NET Framework 1.1 (HKLM-x32\...\Microsoft .NET Framework 1.1  (1033)) (Version:  - )
Microsoft .NET Framework 1.1 (x32 Version: 1.1.4322 - Microsoft) Hidden
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Chart Controls for Microsoft .NET Framework 3.5 (KB2500170) (HKLM-x32\...\{41785C66-90F2-40CE-8CB5-1C94BFC97280}) (Version: 3.5.30730.0 - Microsoft Corporation)
Microsoft Default Manager (x32 Version: 2.1.55.0 - Microsoft Corporation) Hidden
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}) (Version: 3.5.92.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Excel MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (HKLM-x32\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden
Microsoft Office Publisher 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Publisher 2010 (HKLM-x32\...\Office14.PUBLISHER) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Security Client (Version: 4.4.0304.0 - Microsoft Corporation) Hidden
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.4.304.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.20913.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175 (HKLM\...\{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}) (Version: 8.0.51011 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (HKLM\...\{8338783A-0968-3B85-AFC7-BAAE0A63DC50}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM-x32\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (x32 Version: 3.0.5305.0 - Microsoft Corp.) Hidden
Microsoft XNA Framework Redistributable 3.1 (HKLM-x32\...\{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}) (Version: 3.1.10527.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Mozilla Firefox 16.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 16.0 (x86 en-US)) (Version: 16.0 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP2 Parser and SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
Mumble 1.2.8 (HKLM-x32\...\{A9DBD31A-A09F-4C7E-86D1-3B21C59000D1}) (Version: 1.2.8 - Thorvald Natvig)
NVIDIA 3D Vision Controller Driver (x32 Version: 280.19 - NVIDIA Corporation) Hidden
NVIDIA 3D Vision Controller Driver 344.11 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 344.11 - NVIDIA Corporation)
NVIDIA 3D Vision Driver 344.11 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 344.11 - NVIDIA Corporation)
NVIDIA Control Panel 344.11 (Version: 344.11 - NVIDIA Corporation) Hidden
NVIDIA GeForce Experience 2.1.2 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1.2 - NVIDIA Corporation)
NVIDIA GeForce Experience Service (Version: 16.13.42 - NVIDIA Corporation) Hidden
NVIDIA Graphics Driver 344.11 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 344.11 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.32.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.32.1 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.162.1274 - NVIDIA Corporation) Hidden
NVIDIA LED Visualizer 1.0 (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA Network Service (Version: 2.0 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.14.0702 - NVIDIA Corporation) Hidden
NVIDIA PhysX System Software 9.14.0702 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.14.0702 - NVIDIA Corporation)
NVIDIA ShadowPlay 16.13.42 (Version: 16.13.42 - NVIDIA Corporation) Hidden
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.12.6514 - NVIDIA Corporation) Hidden
NVIDIA Update 16.13.42 (Version: 16.13.42 - NVIDIA Corporation) Hidden
NVIDIA Update Core (Version: 16.13.42 - NVIDIA Corporation) Hidden
NVIDIA Virtual Audio 1.2.25 (Version: 1.2.25 - NVIDIA Corporation) Hidden
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
Origin (HKLM-x32\...\Origin) (Version: 9.4.5.195 - Electronic Arts, Inc.)
PDF Complete Special Edition (HKLM-x32\...\PDF Complete) (Version: 3.5.111 - PDF Complete, Inc)
PhotoshopdotcomInspirationBrowser (x32 Version: 0.0.0 - Adobe Systems Incorporated) Hidden
PictureMover (HKLM-x32\...\{264FE20A-757B-492a-B0C3-4009E2997D8A}) (Version: 3.5.0.28 - Hewlett-Packard Company)
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
PowerISO (HKLM-x32\...\PowerISO) (Version: 4.7 - PowerISO Computing, Inc.)
PressReader (HKLM-x32\...\{912CED74-88D3-4C5B-ACB0-13231864975D}) (Version: 5.10.621.0 -  NewspaperDirect Inc.)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.991 - Even Balance, Inc.)
QuickTime 7 (HKLM-x32\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)
Rapture3D 2.4.8 Game (HKLM-x32\...\{D2FCA41E-AC01-4DCD-B3A7-DC9E32363065}}_is1) (Version:  - Blue Ripple Sound)
Razer Synapse 2.0 (HKLM-x32\...\{0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6}) (Version: 1.18.15.20888 - Razer Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6196 - Realtek Semiconductor Corp.)
Recovery Manager (x32 Version: 5.5.2926 - CyberLink Corp.) Hidden
Rise of the Witch King Unofficial Patch 2.02 (HKCU\...\Rise of the Witch King Unofficial Patch 2.02) (Version:  - )
Roxio CinemaNow 2.0 (x32 Version: 1.0.284 - Hewlett-Packard) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.45.0 - SAMSUNG Electronics Co., Ltd.)
Search Protection (HKCU\...\Search Protection) (Version: 9.8.0.2 - Spigot, Inc.) <==== ATTENTION
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0019-0000-0000-0000000FF1CE}_Office14.PUBLISHER_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (x32 Version:  - Microsoft) Hidden
SHIELD Streaming (Version: 3.1.200 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 16.13.42 - NVIDIA Corporation) Hidden
Skype Click to Call (HKLM-x32\...\{B6CF2967-C81E-40C0-9815-C05774FEF120}) (Version: 6.9.12585 - Skype Technologies S.A.)
Skype™ 6.6 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.6.106 - Skype Technologies S.A.)
Software Updater (HKLM-x32\...\{7ACB9D1D-5B26-4CE4-964A-1EB22461E6F6}) (Version: 4.1.0 - SEIKO EPSON CORPORATION)
StarCraft II (HKLM-x32\...\StarCraft II) (Version:  - Blizzard Entertainment)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve)
SUABnR (HKLM-x32\...\InstallShield_{2485354C-6B65-4978-BB91-CCE61442377B}) (Version: 1.1.0.13103_1 - Samsung Electronics Co., Ltd.)
SUABnR (x32 Version: 1.1.0.13103_1 - Samsung Electronics Co., Ltd.) Hidden
Team Fortress 2 (HKLM-x32\...\Steam App 440) (Version:  - Valve)
TeamSpeak 3 Client (HKCU\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
TeamViewer 8 (HKLM-x32\...\TeamViewer 8) (Version: 8.0.20935 - TeamViewer)
The Battle for Middle-earth ™ II (HKLM-x32\...\{2A9F95AB-65A3-432c-8631-B8BC5BF7477A}) (Version:  - )
The Elder Scrolls V: Skyrim (HKLM-x32\...\Steam App 72850) (Version:  - Bethesda Game Studios)
The Lord of the Rings, The Rise of the Witch-king (HKLM-x32\...\{8BCAFB73-49AE-4AC4-00A1-70E4EC38BD4E}) (Version:  - )
TomTom HOME (HKLM-x32\...\{EC5F4C1B-F838-4CB7-8561-8F809296428B}) (Version: 2.9.5 - TomTom)
TomTom HOME Visual Studio Merge Modules (HKLM-x32\...\{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}) (Version: 1.0.2 - TomTom International B.V.)
Uninstall 1.0.0.1 (HKLM-x32\...\Uninstall_is1) (Version:  - )
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2810071) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PUBLISHER_{001E8BF3-EDC3-4D5E-9C11-1D0E599B6497}) (Version:  - Microsoft)
Update for Microsoft Office 2007 Help for Common Features (KB963673) (HKLM-x32\...\{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AB365889-0395-4FAD-B702-CA5985D53D42}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{A024FC7B-77DE-45DE-A058-1C049A17BFB3}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6FAA03BD-2B51-4029-9AD9-64A3B8E3C84C}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-002A-0000-1000-0000000FF1CE}_HOMESTUDENTR_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition (HKLM-x32\...\{90140000-0019-0000-0000-0000000FF1CE}_Office14.PUBLISHER_{DADF7E25-FFA4-4D02-BE84-1DAE62C18516}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{90140000-0019-0000-0000-0000000FF1CE}_Office14.PUBLISHER_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PUBLISHER_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition (HKLM-x32\...\{90140000-0019-0000-0000-0000000FF1CE}_Office14.PUBLISHER_{287A1E92-9E41-4BC1-8920-B3D0E9220800}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition (HKLM-x32\...\{90140000-0019-0000-0000-0000000FF1CE}_Office14.PUBLISHER_{9D69691D-823D-4C3E-9B12-563A3F520366}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{90140000-0019-0000-0000-0000000FF1CE}_Office14.PUBLISHER_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PUBLISHER_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (HKLM-x32\...\{90140000-0019-0000-0000-0000000FF1CE}_Office14.PUBLISHER_{35698CB7-AAA2-4577-B505-DBFF504AEF23}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (HKLM-x32\...\{90140000-0019-0000-0000-0000000FF1CE}_Office14.PUBLISHER_{5AA578BB-759C-40FD-9661-A737C0884541}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2837583) 32-Bit Edition (HKLM-x32\...\{90140000-0019-0000-0000-0000000FF1CE}_Office14.PUBLISHER_{E21274CE-CA0C-49FA-93F4-DC292A052264}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0409-0000-0000000FF1CE}_Office14.PUBLISHER_{B5C70C99-B109-42FD-B219-FF12CA543F19}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition (HKLM-x32\...\{90140000-001F-040C-0000-0000000FF1CE}_Office14.PUBLISHER_{82F87E28-B18E-46D6-A399-E2F19CF5949B}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0C0A-0000-0000000FF1CE}_Office14.PUBLISHER_{5E8EB600-8B94-429E-873E-98369C6DC1BC}) (Version:  - Microsoft)
Update for Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0409-0000-0000000FF1CE}_HOMESTUDENTR_{199DF7B6-169C-448C-B511-1054101BE9C9}) (Version:  - Microsoft)
Update for Microsoft Office OneNote 2007 Help (KB963670) (HKLM-x32\...\{90120000-00A1-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2744EF05-38E1-4D5D-B333-E021EDAEA245}) (Version:  - Microsoft)
Update for Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0409-0000-0000000FF1CE}_HOMESTUDENTR_{397B1D4F-ED7B-4ACA-A637-43B670843876}) (Version:  - Microsoft)
Update for Microsoft Office Script Editor Help (KB963671) (HKLM-x32\...\{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{CD11C6A2-FFC6-4271-8EAB-79C3582F505C}) (Version:  - Microsoft)
Update for Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0409-0000-0000000FF1CE}_HOMESTUDENTR_{80E762AA-C921-4839-9D7D-DB62A72C0726}) (Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PUBLISHER_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version:  - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PUBLISHER_{F9F5A080-AF38-4966-9A6B-C43DCA465035}) (Version:  - Microsoft)
Ventrilo Client for Windows x64 (HKLM\...\{EEB3F6BB-318D-4CE5-989F-8191FCBFB578}) (Version: 3.0.8.0 - Flagship Industries, Inc.)
Verizon Wireless Software Upgrade Assistant - Samsung(ar) (HKLM-x32\...\{A3070098-A41D-42D9-B6D3-2EF15285E719}) (Version: 2.14.0605 - Samsung Electronics Co., Ltd.)
Verizon Wireless Software Utility Application for Android - Samsung (HKLM-x32\...\{B5300E76-AA13-4542-8E0E-776A280FE47E}) (Version: 2.14.0503 - Samsung Electronics Co., Ltd.)
Warframe (HKLM-x32\...\Steam App 230410) (Version:  - Digital Extremes)
WestwoodChat (HKLM-x32\...\{7CAE6A67-AF7B-4A6A-8705-8AFACA45BB60}) (Version: 1.0.0.0 - WestwoodChat)
WestwoodOnline (HKLM-x32\...\{BBCD6D56-8A26-4DDE-9482-DBC9C7B7341D}) (Version: 1.0.0.0 - WestwoodOnline)
Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3502.0922 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Messenger (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Sync (HKLM-x32\...\{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}) (Version: 14.0.8089.726 - Microsoft Corporation)
Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
WinRAR 4.00 (64-bit) (HKLM\...\WinRAR archiver) (Version: 4.00.0 - win.rar GmbH)
WinZip 15.0 (HKLM-x32\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C240C0}) (Version: 15.0.9334 - WinZip Computing, S.L. )
Yontoo 1.10.02 (HKLM\...\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}) (Version: 1.10.02 - Yontoo LLC) <==== ATTENTION
Zinio Reader 4 (HKLM-x32\...\ZinioReader4.9310D8F796442B71068C511E15D70529A702D19D.1) (Version: 4.0.2811 - Zinio LLC)
Zinio Reader 4 (x32 Version: 4.0.2811 - Zinio LLC) Hidden
 
==================== Custom CLSID (selected items): ==========================
 
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
 
CustomCLSID: HKU\S-1-5-21-732149340-772113115-3497680213-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Dylan\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-732149340-772113115-3497680213-1000_Classes\CLSID\{083f5ae0-2b0a-11dd-bd0b-0800200c9a66}\InprocServer32 -> C:\Windows\system32\mscoree.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-732149340-772113115-3497680213-1000_Classes\CLSID\{25815CC0-43F4-3C75-8C3A-A139D9ADE740}\InprocServer32 -> C:\Windows\system32\mscoree.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-732149340-772113115-3497680213-1000_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users\Dylan\AppData\Local\Google\Update\1.3.23.9\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-732149340-772113115-3497680213-1000_Classes\CLSID\{5b55a44a-d008-49aa-9234-86fb7709bc0a}\InprocServer32 -> C:\Windows\system32\mscoree.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-732149340-772113115-3497680213-1000_Classes\CLSID\{9CF1512B-6019-4573-9466-57AA61960209}\InprocServer32 -> C:\Windows\system32\mscoree.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-732149340-772113115-3497680213-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Dylan\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-732149340-772113115-3497680213-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Dylan\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-732149340-772113115-3497680213-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Dylan\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-732149340-772113115-3497680213-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Dylan\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-732149340-772113115-3497680213-1000_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\Dylan\AppData\Local\Google\Update\1.3.24.7\psuser_64.dll No File
 
==================== Restore Points  =========================
 
21-07-2010 05:31:01 Removed WestwoodChat
07-10-2014 17:03:09 Windows Update
10-10-2014 19:34:37 Windows Update
10-10-2014 21:32:38 avast! antivirus system restore point
10-10-2014 23:23:09 Windows Update
 
==================== Hosts content: ==========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2009-07-13 21:34 - 2009-06-10 16:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
 
==================== Scheduled Tasks (whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
 
Task: {0E93729B-DEA2-4B05-8783-EB9B82937E58} - System32\Tasks\EPSON XP-610 Series Update {CF03BCF8-DB26-498D-8115-8FCBE9C606A0} => C:\Windows\system32\spool\DRIVERS\x64\3\E_ITSLQE.EXE [2013-02-27] (SEIKO EPSON CORPORATION)
Task: {1AB57755-8FD7-432C-9A70-19D49DB4E606} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-09-26] (Piriform Ltd)
Task: {29ADE07F-2250-4A53-96F7-E864594E659A} - System32\Tasks\Core Temp Autostart => C:\Program Files\Core Temp\Core Temp.exe [2010-07-02] ()
Task: {2C8D1AA1-4D00-4B39-9ED4-3630EA86B431} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2012-09-27] (Hewlett-Packard Company)
Task: {38B46E76-98F1-4608-AF31-EC22F55B5899} - System32\Tasks\HPCeeScheduleForDylan => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-13] (Hewlett-Packard)
Task: {43A43A09-B1C1-470A-B056-C0B1DFAEFF64} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-10] (Google Inc.)
Task: {58F60788-1182-4E17-9B34-9B34F52AA8C4} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2012-09-27] (Hewlett-Packard Company)
Task: {60E762D2-368E-4537-B936-7A45B6929058} - System32\Tasks\{D2703A6C-80DA-4AC3-8E4A-313B841ABC4E} => Firefox.exe http://ui.skype.com/ui/0/5.3.0.111/en/abandoninstall?page=tsChrome&amp;installinfo=google-toolbar:notoffered;ienotdefaultbrowser2,google-chrome:offered-installed;madedefault
Task: {72CA2BC7-BE5F-45F4-858C-B1F870F4902F} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2014-09-03] (Hewlett-Packard)
Task: {765C2AA4-C0FD-4542-B17A-53D5EB46B8F2} - System32\Tasks\{F84A67E3-AC60-46F2-92DF-8CB2DA7C5C40} => C:\Program Files (x86)\Skype\\Phone\Skype.exe [2013-06-21] (Skype Technologies S.A.)
Task: {79BFA70C-06D0-448E-B9C2-405486C59C6D} - System32\Tasks\PCMeter\Startup => C:\Users\Dylan\Desktop\PCMeter\PCMeterV0.3.exe [2012-08-25] (AddGadgets)
Task: {7A253C94-3293-4CA8-98BE-AB3056C247F6} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-10] (Google Inc.)
Task: {8288043C-4A9A-476C-BAD0-CEE1CDA29B28} - System32\Tasks\Apple Diagnostics => C:\Program Files (x86)\Common Files\Apple\Internet Services\EReporter.exe [2014-08-25] (Apple Inc.)
Task: {8E0B08C5-E91E-4EFB-97A1-B0B083E75A50} - System32\Tasks\{6E519831-7E4E-4B2F-83FE-5916AC68D920} => C:\Users\Dylan\Desktop\SKIDROW\FalloutNVLauncher.exe
Task: {A5DABCD1-6B04-421E-950A-AA70FBDC7645} - System32\Tasks\SidebarExecute => C:\Program Files (x86)\Windows Sidebar\sidebar.exe [2010-11-20] (Microsoft Corporation)
Task: {C7E69528-D376-481E-BB7A-56594C291191} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2014-05-12] (Hewlett-Packard Company)
Task: {DF5D2A89-8FC3-4D3C-A358-53389C62B79B} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {E68F3576-32C9-499A-AA6F-FA6F70705829} - System32\Tasks\EPSON XP-610 Series Invitation {CF03BCF8-DB26-498D-8115-8FCBE9C606A0} => C:\Windows\system32\spool\DRIVERS\x64\3\E_ITSLQE.EXE [2013-02-27] (SEIKO EPSON CORPORATION)
Task: {F1388B62-4BA2-4432-B8C6-45382BDD9BF5} - System32\Tasks\PC Meter\Startup => C:\Users\Dylan\Desktop\PCMeter\PCMeter.exe
Task: {FFC09314-2F12-4C6F-9A72-A4EC39B63938} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-08-27] (AVAST Software)
Task: C:\Windows\Tasks\EPSON XP-610 Series Invitation {CF03BCF8-DB26-498D-8115-8FCBE9C606A0}.job => C:\Windows\system32\spool\DRIVERS\x64\3\E_ITSLQE.EXE
Task: C:\Windows\Tasks\EPSON XP-610 Series Update {CF03BCF8-DB26-498D-8115-8FCBE9C606A0}.job => C:\Windows\system32\spool\DRIVERS\x64\3\E_ITSLQE.EXE
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\HPCeeScheduleForDylan.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
 
==================== Loaded Modules (whitelisted) =============
 
2011-12-10 22:05 - 2014-09-13 16:53 - 00116880 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2010-10-02 23:34 - 2014-06-02 03:05 - 00076888 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2011-08-03 03:39 - 2010-07-02 13:52 - 00530448 _____ () C:\Program Files\Core Temp\Core Temp.exe
2014-10-10 19:15 - 2013-02-18 08:23 - 00695808 _____ () C:\Program Files (x86)\Dual Monitor\ExplorerHook64.dll
2014-08-27 17:10 - 2014-08-27 17:10 - 00301152 _____ () C:\Program Files\AVAST Software\Avast\aswProperty.dll
2014-10-11 14:16 - 2014-10-11 14:16 - 02873856 _____ () C:\Program Files\AVAST Software\Avast\defs\14101101\algo.dll
2014-10-12 13:10 - 2014-10-12 13:10 - 02873856 _____ () C:\Program Files\AVAST Software\Avast\defs\14101200\algo.dll
2014-02-12 20:58 - 2014-02-12 20:58 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-02-12 20:58 - 2014-02-12 20:58 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2014-08-27 17:10 - 2014-08-27 17:10 - 19329904 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2014-10-10 18:22 - 2014-10-01 00:54 - 01042760 _____ () C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.101\libglesv2.dll
2014-10-10 18:22 - 2014-10-01 00:54 - 00211272 _____ () C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.101\libegl.dll
2014-10-10 18:22 - 2014-10-01 00:54 - 08911176 _____ () C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.101\pdf.dll
2014-10-10 18:22 - 2014-10-01 00:54 - 01681224 _____ () C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.101\ffmpegsumo.dll
2014-08-30 22:20 - 2014-08-21 13:15 - 01171456 _____ () C:\Program Files (x86)\Steam\libavcodec-56.dll
2014-08-30 22:20 - 2014-08-21 13:15 - 00442368 _____ () C:\Program Files (x86)\Steam\libavutil-54.dll
2014-08-30 22:20 - 2014-08-21 13:15 - 00332800 _____ () C:\Program Files (x86)\Steam\libavresample-2.dll
2013-03-12 17:10 - 2014-09-03 14:28 - 00774656 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2014-05-21 23:17 - 2014-09-22 23:32 - 02226880 _____ () C:\Program Files (x86)\Steam\video.dll
2014-08-30 22:20 - 2014-08-21 13:15 - 00403968 _____ () C:\Program Files (x86)\Steam\libavformat-56.dll
2014-08-30 22:20 - 2014-08-21 13:15 - 00485888 _____ () C:\Program Files (x86)\Steam\libswscale-3.dll
2011-07-12 23:08 - 2014-09-22 23:32 - 00679616 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2014-10-10 18:22 - 2014-10-01 00:54 - 14891848 _____ () C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.101\PepperFlash\pepflashplayer.dll
2010-10-01 17:25 - 2014-09-04 18:29 - 34589376 _____ () C:\Program Files (x86)\Steam\bin\libcef.dll
2014-08-14 21:33 - 2014-09-04 18:29 - 00837824 _____ () C:\Program Files (x86)\Steam\bin\ffmpegsumo.dll
 
==================== Alternate Data Streams (whitelisted) =========
 
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
 
 
==================== Safe Mode (whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
 
==================== EXE Association (whitelisted) =============
 
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
 
 
==================== MSCONFIG/TASK MANAGER disabled items =========
 
(Currently there is no automatic fix for this section.)
 
MSCONFIG\Services: BEService => 3
MSCONFIG\Services: CinemaNow Service => 2
MSCONFIG\Services: DAUpdaterSvc => 3
MSCONFIG\Services: LMIMaint => 2
MSCONFIG\Services: LogMeIn => 2
MSCONFIG\Services: MozillaMaintenance => 3
MSCONFIG\Services: SkypeUpdate => 2
MSCONFIG\Services: TeamViewer7 => 2
MSCONFIG\Services: TomTomHOMEService => 2
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Snapfish PictureMover.lnk => C:\Windows\pss\Snapfish PictureMover.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^Dylan^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OneNote 2007 Screen Clipper and Launcher.lnk => C:\Windows\pss\OneNote 2007 Screen Clipper and Launcher.lnk.Startup
MSCONFIG\startupfolder: C:^Users^Dylan^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Xfire.lnk => C:\Windows\pss\Xfire.lnk.Startup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: Adobe Reader Speed Launcher => "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: DAEMON Tools Lite => "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
MSCONFIG\startupreg: EPLTarget => 
MSCONFIG\startupreg: Google Update => "C:\Users\Dylan\AppData\Local\Google\Update\GoogleUpdate.exe" /c
MSCONFIG\startupreg: HP Software Update => c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: LogMeIn GUI => "C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe"
MSCONFIG\startupreg: LTCM Client => C:\Program Files (x86)\LTCM Client\ltcmClient.exe /startup
MSCONFIG\startupreg: MSC => "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
MSCONFIG\startupreg: NVIDIA nTune => "C:\Program Files (x86)\NVIDIA Corporation\nTune\nTuneCmd.exe" clear
MSCONFIG\startupreg: PDF Complete => C:\Program Files (x86)\PDF Complete\pdfsty.exe
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
MSCONFIG\startupreg: SmartMenu => C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe /background
MSCONFIG\startupreg: StartCCC => "c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: TomTomHOME.exe => "C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe"
 
========================= Accounts: ==========================
 
Administrator (S-1-5-21-732149340-772113115-3497680213-500 - Administrator - Disabled)
ASPNET (S-1-5-21-732149340-772113115-3497680213-1005 - Limited - Enabled)
Dylan (S-1-5-21-732149340-772113115-3497680213-1000 - Administrator - Enabled) => C:\Users\Dylan
Guest (S-1-5-21-732149340-772113115-3497680213-501 - Limited - Disabled)
Holly (S-1-5-21-732149340-772113115-3497680213-1001 - Administrator - Enabled) => C:\Users\Holly
HomeGroupUser$ (S-1-5-21-732149340-772113115-3497680213-1003 - Limited - Enabled)
 
==================== Faulty Device Manager Devices =============
 
Name: LogMeIn Mirror Driver
Description: LogMeIn Mirror Driver
Class Guid: {4d36e968-e325-11ce-bfc1-08002be10318}
Manufacturer: LogMeIn, Inc.
Service: lmimirr
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
 
Name: MpKsl8bede882
Description: MpKsl8bede882
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: MpKsl8bede882
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (10/12/2014 01:10:11 PM) (Source: Windows Search Service) (EventID: 7010) (User: )
Description: The index cannot be initialized.
 
 
Details:
The content index catalog is corrupt.  (HRESULT : 0xc0041801) (0xc0041801)
 
Error: (10/12/2014 01:10:11 PM) (Source: Windows Search Service) (EventID: 3058) (User: )
Description: The application cannot be initialized.
 
Context: Windows Application
 
 
Details:
The content index catalog is corrupt.  (HRESULT : 0xc0041801) (0xc0041801)
 
Error: (10/12/2014 01:10:11 PM) (Source: Windows Search Service) (EventID: 3028) (User: )
Description: The gatherer object cannot be initialized.
 
Context: Windows Application, SystemIndex Catalog
 
 
Details:
The content index catalog is corrupt.  (HRESULT : 0xc0041801) (0xc0041801)
 
Error: (10/12/2014 01:10:11 PM) (Source: Windows Search Service) (EventID: 3029) (User: )
Description: The plug-in in <Search.TripoliIndexer> cannot be initialized.
 
Context: Windows Application, SystemIndex Catalog
 
 
Details:
Element not found.  (HRESULT : 0x80070490) (0x80070490)
 
Error: (10/12/2014 01:09:54 PM) (Source: Windows Search Service) (EventID: 3029) (User: )
Description: The plug-in in <Search.JetPropStore> cannot be initialized.
 
Context: Windows Application, SystemIndex Catalog
 
 
Details:
The content index catalog is corrupt.  (HRESULT : 0xc0041801) (0xc0041801)
 
Error: (10/12/2014 01:09:53 PM) (Source: Windows Search Service) (EventID: 9002) (User: )
Description: The Windows Search Service cannot load the property store information.
 
Context: Windows Application, SystemIndex Catalog
 
 
Details:
The content index database is corrupt.  (HRESULT : 0xc0041800) (0xc0041800)
 
Error: (10/12/2014 01:09:53 PM) (Source: Windows Search Service) (EventID: 7042) (User: )
Description: The Windows Search Service is being stopped because there is a problem with the indexer: The catalog is corrupt.
 
 
Details:
The content index catalog is corrupt.  (HRESULT : 0xc0041801) (0xc0041801)
 
Error: (10/12/2014 01:09:53 PM) (Source: Windows Search Service) (EventID: 7040) (User: )
Description: The search service has detected corrupted data files in the index {id=4700}. The service will attempt to automatically correct this problem by rebuilding the index.
 
 
Details:
The content index catalog is corrupt.  (HRESULT : 0xc0041801) (0xc0041801)
 
Error: (10/12/2014 01:09:53 PM) (Source: Windows Search Service) (EventID: 9000) (User: )
Description: The Windows Search Service cannot open the Jet property store.
 
 
Details:
0x%08x (0xc0041800 - The content index database is corrupt.  (HRESULT : 0xc0041800))
 
Error: (10/12/2014 01:09:50 PM) (Source: ESENT) (EventID: 455) (User: )
Description: Windows (6960) Windows: Error -1811 occurred while opening logfile C:\ProgramData\Microsoft\Search\Data\Applications\Windows\MSS0057E.log.
 
 
System errors:
=============
Error: (10/12/2014 01:10:35 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Windows Search service failed to start due to the following error: 
%%1053
 
Error: (10/12/2014 01:10:35 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Windows Search service to connect.
 
Error: (10/12/2014 01:10:28 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The WinRing0_1_2_0 service failed to start due to the following error: 
%%2
 
Error: (10/12/2014 01:10:12 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Windows Search service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 30000 milliseconds: Restart the service.
 
Error: (10/12/2014 01:10:12 PM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: The Windows Search service terminated with service-specific error %%-1073473535.
 
Error: (10/12/2014 01:05:10 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The atksgt service failed to start due to the following error: 
%%1275
 
Error: (10/12/2014 01:05:10 PM) (Source: Application Popup) (EventID: 875) (User: )
Description: Driver atksgt.sys has been blocked from loading.
 
Error: (10/12/2014 01:04:50 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10000) (User: NT AUTHORITY)
Description: WLAN Extensibility Module has failed to start.
 
Module Path: C:\Windows\system32\RAIHV.dll
Error Code: 126
 
Error: (10/11/2014 07:39:13 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The WinRing0_1_2_0 service failed to start due to the following error: 
%%2
 
Error: (10/11/2014 07:35:48 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The atksgt service failed to start due to the following error: 
%%1275
 
 
Microsoft Office Sessions:
=========================
 
==================== Memory info =========================== 
 
Processor: AMD Phenom™ II X4 820 Processor
Percentage of memory in use: 46%
Total physical RAM: 6143.29 MB
Available physical RAM: 3297.98 MB
Total Pagefile: 12284.75 MB
Available Pagefile: 9022.84 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB
 
==================== Drives ================================
 
Drive c: (OS) (Fixed) (Total:919.33 GB) (Free:216.64 GB) NTFS
Drive d: (HP_RECOVERY) (Fixed) (Total:12.08 GB) (Free:1.48 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive e: (LOTRBFME2EP1) (CDROM) (Total:2.5 GB) (Free:0 GB) UDF
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 855ED430)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=919.3 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=12.1 GB) - (Type=07 NTFS)
 
==================== End Of Log ============================
 
If anyone can help me with this, it would be greatly appreciated. Thank you
Edit: sry for double post

Edited by dylan458, 12 October 2014 - 01:36 PM.


BC AdBot (Login to Remove)

 


m

#2 deeprybka

deeprybka

  • Malware Response Team
  • 5,198 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:10:46 AM

Posted 14 October 2014 - 02:17 PM

Hi & :welcome: to Bleeping Computer Forums!
My name is Jürgen and I will be assisting you with your Malware related problems.

Before we move on, please read the following points carefully: :exclame:

  • My native language isn't English. So please do not use slang or idioms. It could be hard for me to read. Thanks for your understanding.
  • Please read my instructions completely. If there is anything that you do not understand kindly ask before proceeding.
  • Perform everything in the correct order. Sometimes one step requires the previous one.
  • If you have any problems while you are follow my instructions, Stop there and tell me the exact nature of your problem.
  • Do not run any other scans without instruction or Add/ Remove Software unless I tell you to do so. This would change the output of our tools and could be confusing for me.
  • Post all Logfiles as a reply rather than as an attachment unless I specifically ask you. If you can not post all logfiles in one reply, feel free to use more posts.
  • If I don't hear from you within 5 days from this initial or any subsequent post, then this thread will be closed.
  • If I don't reply within 24 hours please PM me!
  • Stay with me. I will give you some advice about prevention after the cleanup process. Absence of symptoms does not always mean the computer is clean.

warning.gif P2P warning!

Going over your logs I noticed that you have µTorrent installed.

  • Avoid gaming sites, pirated software, cracking tools, keygens, and peer-to-peer (P2P) file sharing programs.
  • They are a security risk which can make your computer susceptible to a wide variety of malware infections, remote attacks, exposure of personal information, and identity theft. Many malicious worms and Trojans spread across P2P file sharing networks, gaming and underground sites.
  • Users visiting such pages may see innocuous-looking banner ads containing code which can trigger pop-up ads and malicious Flash ads that install viruses, Trojans and spyware. Ads are a target for hackers because they offer a stealthy way to distribute malware to a wide range of Internet users.
  • The best way to reduce the risk of infection is to avoid these types of web sites and not use any P2P applications.

It is pretty much certain that if you continue to use P2P programs, you will get infected again.
I would recommend that you uninstall µTorrent, however that choice is up to you. If you choose to remove these programs, you can do so via  hidden2.png > Control Panel > Add/Remove Programs.

If you wish to keep it, please do not use it until your computer is cleaned.


xgoGMWSt.gif.pagespeed.ic.T3xMEQZT0d.png Multiple Anti-Virus-Software warning!

It is inadvisable to have more than one Anti-Virus installed on your computer at the same time. Doing so may:

  • Cause conflicts, negatively impacting the effectiveness of each Anti-Virus installed.
  • Trigger false-positives.
  • Trigger false-negatives, where neither programme detects malware.
  • Cause system instability/performance issues. Your system may lock up or slow down due to both software attempting to access the same file at the same time.

Step 1

  • Press the WindowsKey.png + R on your keyboard at the same time. Type appwiz.cpl and click OK.
  • Search for Microsoft Security Essentials , right-click the entry and click Uninstall.

Step 2

Please uninstall some PUP/Adware-programs:

  • Windows 7w7.png: Click on the hidden2.png button, open Control Panel and click Uninstall a program.
  • Search and select the following programs one by one and click on Uninstall:

    Search Protection
    Yontoo 1.10.02

Step 3

Please download adwcleaner.png AdwCleaner (by Xplode) and save it to your Desktop.

  • Double click on AdwCleaner.exe to run the tool.
    Vista/Windows 7/8 users right-click and select "Run As Administrator"
  • Click on the Scan button.
  • After the scan has finished, click on the Clean button.
  • Press OK when asked to close all programs and follow the onscreen prompts.
  • After rebooting, a log file (that is saved in C:\AdwCleaner[S#].txt) will open automatically.
    Copy and paste the contents of that logfile in your next reply.

Step 4

Please download mbam.png Malwarebytes Anti-Malware and save it to your desktop.

  • Please open Malwarebytes Anti-Malware.
  • Please update the database by clicking on the "Update Now" button.
  • Following the update and click "Settings" and go to "Detection and Protection"
  • Make sure "Scan for Rootkits" is checked.
  • Click on Dashboard, then click on Scan Now to start the scan.
    (If Malware or Potentially Unwanted Programs [PUPs] are found, you will receive a prompt so that you can decide what you want to do. I suggest "Quarantine". Click the button: Apply All Actions.)
  • A window with an option to view the detailed log will appear. Click on "View Detailed Log".
  • After viewing the results, please click on the "Copy to Clipboard" button and then OK.
  • Return to our forum. Paste your log into your next reply.

Step 5

frst.pngfrstscan.png

Start FRST with administator privileges.

  • Make sure the following option is checked: addition.png
  • Press the Scan button.
  • When finished, FRST will produce two logs (FRST.txt and Addition.txt) in the same directory the tool was run from.
    Please copy and paste these logs in your next reply.

regards,
deeprybka
:busy:
Neminem laede, immo omnes, quantum potes, iuva. Arthur Schopenhauer
 
unite_blue.png
asap.png

#3 dylan458

dylan458
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:03:46 AM

Posted 14 October 2014 - 03:52 PM

Thank you very much, when i ran the FRST it only gave me the FRST.txt log, i dont see the other Addition.txt log.

Attached Files



#4 deeprybka

deeprybka

  • Malware Response Team
  • 5,198 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:10:46 AM

Posted 14 October 2014 - 03:56 PM

You are more than welcome!
 

i dont see the other Addition.txt log.

 

Make sure the following option is checked: addition.png

 
:wink:

Please paste the logs!

 

 

 

mbam.png
How to get logs:
(Export log to save as txt)

  • After the restart once you are back at your desktop, open MBAM once more.
  • Click on the History tab > Application Logs.
  • Double click on the scan log which shows the Date and time of the scan just performed.
  • Click 'Export'.
  • Click 'Text file (*.txt)'
  • In the Save File dialog box which appears, click on Desktop.
  • In the File name: box type a name for your scan log.
  • A message box named 'File Saved' should appear stating "Your file has been successfully exported".
  • Click Ok
  • Attach that saved log to your next reply.

Edited by deeprybka, 14 October 2014 - 04:00 PM.

regards,
deeprybka
:busy:
Neminem laede, immo omnes, quantum potes, iuva. Arthur Schopenhauer
 
unite_blue.png
asap.png

#5 dylan458

dylan458
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:03:46 AM

Posted 14 October 2014 - 04:46 PM

Thanks

 

Heres the new FRST if that is needed

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 12-10-2014
Ran by Dylan (administrator) on DYLANS-HP on 14-10-2014 16:43:29
Running from C:\Users\Dylan\Downloads
Loaded Profile: Dylan (Available profiles: Dylan & Holly)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AMD) C:\Windows\System32\atieclxx.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(SEIKO EPSON CORPORATION) C:\Program Files\EPSON\EpsonCustomerParticipation\EPCP.exe
(Seiko Epson Corporation) C:\Windows\System32\escsvc64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(PDF Complete Inc) C:\Program Files (x86)\PDF Complete\pdfsvc.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
() C:\Program Files\Core Temp\Core Temp.exe
(AddGadgets) C:\Users\Dylan\Desktop\PCMeter\PCMeterV0.3.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\WMPSideShowGadget.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe
(Logitech Inc.) C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe
(Logitech Inc.) C:\Program Files\Logitech\GamePanel Software\LGDevAgt.exe
(Logitech Inc.) C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Cristi) C:\Program Files (x86)\Dual Monitor\DualMonitor.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(SAMSUNG Electornics Co., Ltd.) C:\Users\Dylan\AppData\Roaming\VERIZON\UA_ar\UA.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\EPSON Software\Event Manager\EEventManager.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Razer Inc.) C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
 
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [hpsysdrv] => c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe [62768 2008-11-20] (Hewlett-Packard)
HKLM\...\Run: [Nvtmru] => "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe"
HKLM\...\Run: [Launch LGDCore] => C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe [4725320 2010-08-03] (Logitech Inc.)
HKLM\...\Run: [Launch LgDeviceAgent] => C:\Program Files\Logitech\GamePanel Software\LgDevAgt.exe [415816 2010-08-03] (Logitech Inc.)
HKLM\...\Run: [Launch LCDMon] => C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe [2412616 2010-08-03] (Logitech Inc.)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2463552 2014-10-04] (NVIDIA Corporation)
HKLM-x32\...\Run: [Microsoft Default Manager] => C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe [288088 2009-11-11] (Microsoft Corporation)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [4085896 2014-08-27] (AVAST Software)
HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [1058880 2013-03-28] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-01-17] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-09-01] (Apple Inc.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Razer Synapse] => C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe [585560 2014-06-23] (Razer Inc.)
HKLM\...\RunOnce: [NCPluginUpdater] => C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe [21720 2014-10-07] (Hewlett-Packard)
HKU\S-1-5-21-732149340-772113115-3497680213-1000\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [43816 2014-08-08] (Apple Inc.)
HKU\S-1-5-21-732149340-772113115-3497680213-1000\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [43816 2014-08-14] (Apple Inc.)
HKU\S-1-5-21-732149340-772113115-3497680213-1000\...\Run: [iCloudDrive] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe [43816 2014-08-15] (Apple Inc.)
HKU\S-1-5-21-732149340-772113115-3497680213-1000\...\Run: [dualmonitor] => C:\Program Files (x86)\Dual Monitor\DualMonitor.exe [478720 2013-02-18] (Cristi)
HKU\S-1-5-21-732149340-772113115-3497680213-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [6482200 2014-09-26] (Piriform Ltd)
HKU\S-1-5-21-732149340-772113115-3497680213-1000\...\MountPoints2: J - J:\SETUP.EXE
HKU\S-1-5-21-732149340-772113115-3497680213-1000\...\MountPoints2: K - K:\Installer.exe
HKU\S-1-5-21-732149340-772113115-3497680213-1000\...\MountPoints2: L - L:\setup.exe
HKU\S-1-5-21-732149340-772113115-3497680213-1000\...\MountPoints2: {0d94e651-00a6-11e0-b28f-d485649b86de} - J:\Install.exe
HKU\S-1-5-21-732149340-772113115-3497680213-1000\...\MountPoints2: {0d94e674-00a6-11e0-b28f-d485649b86de} - O:\Install.exe
HKU\S-1-5-21-732149340-772113115-3497680213-1000\...\MountPoints2: {2b065ba8-92f3-11e3-9a30-806e6f6e6963} - E:\Autorun.exe
HKU\S-1-5-21-732149340-772113115-3497680213-1000\...\MountPoints2: {36b94185-d85c-11e3-9733-d485649b86de} - K:\VZW_Software_upgrade_assistant.exe
Startup: C:\Users\Dylan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Verizon Wireless Software Utility Application for Android – Samsung.lnk
ShortcutTarget: Verizon Wireless Software Utility Application for Android – Samsung.lnk -> C:\Users\Dylan\AppData\Roaming\VERIZON\UA_ar\UA.exe (SAMSUNG Electornics Co., Ltd.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Dylan\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Dylan\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Dylan\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Dylan\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Dylan\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Dylan\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Dylan\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Dylan\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.)
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPDSK/1
Toolbar: HKLM - avast! WebRep - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} -  No File
Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.254.254
 
FireFox:
========
FF ProfilePath: C:\Users\Dylan\AppData\Roaming\Mozilla\Firefox\Profiles\atsiy84j.default
FF DefaultSearchEngine: Yahoo!
FF SelectedSearchEngine: Yahoo!
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_11_5_502_149.dll ()
FF Plugin: @garmin.com/GpsControl -> C:\Program Files\Garmin GPS Plugin\npGarmin.dll (GARMIN Corp.)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_149.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @esn/npbattlelog,version=2.4.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.4.0\npbattlelog.dll (EA Digital Illusions CE AB)
FF Plugin-x32: @garmin.com/GpsControl -> C:\Program Files (x86)\Garmin GPS Plugin\npGarmin.dll No File
FF Plugin-x32: @java.com/DTPlugin,version=10.45.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.45.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\NPcol400.dll (Catalina Marketing Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF SearchPlugin: C:\Users\Dylan\AppData\Roaming\Mozilla\Firefox\Profiles\atsiy84j.default\searchplugins\yahoo_ff.xml
FF Extension: LogMeIn, Inc. Remote Access Plugin - C:\Users\Dylan\AppData\Roaming\Mozilla\Firefox\Profiles\atsiy84j.default\Extensions\LogMeInClient@logmein.com [2011-06-14]
FF Extension: 4chan Extension - C:\Users\Dylan\AppData\Roaming\Mozilla\Firefox\Profiles\atsiy84j.default\Extensions\extension@4chan.org.xpi [2012-02-12]
FF Extension: Adblock Plus - C:\Users\Dylan\AppData\Roaming\Mozilla\Firefox\Profiles\atsiy84j.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2011-11-19]
FF Extension: Greasemonkey - C:\Users\Dylan\AppData\Roaming\Mozilla\Firefox\Profiles\atsiy84j.default\Extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi [2012-08-24]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2013-08-19]
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1} [2012-11-21]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} [2012-11-21]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} [2012-11-21]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} [2012-11-21]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2013-08-19]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2012-01-25]
FF Extension: No Name - C:\Users\Dylan\AppData\Roaming\Mozilla\Firefox\Profiles\atsiy84j.default\extensions\plugin@yontoo.com [Not Found]
 
Chrome: 
=======
CHR HomePage: Default -> https://www.google.com/
CHR Profile: C:\Users\Dylan\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Dylan\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-05-21]
CHR Extension: (avast! Online Security) - C:\Users\Dylan\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-08-27]
CHR Extension: (Skype Click to Call) - C:\Users\Dylan\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2013-08-19]
CHR Extension: (Google Wallet) - C:\Users\Dylan\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-20]
CHR Extension: (Space Planet) - C:\Users\Dylan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppcocpoeoiajndepaaimnnglicichmbb [2014-10-10]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-08-27]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx [2013-05-14]
 
==================== Services (Whitelisted) =================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-08-27] (AVAST Software)
S4 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [49152 2013-03-02] () [File not signed]
R2 EpsonScanSvc; C:\Windows\system32\EscSvc64.exe [144560 2012-05-17] (Seiko Epson Corporation)
S3 FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [651720 2010-10-17] (Macrovision Europe Ltd.) [File not signed]
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1149760 2014-10-04] (NVIDIA Corporation)
R2 HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [86528 2012-09-27] (Hewlett-Packard Company) [File not signed]
R2 LightScribeService; c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [73728 2010-05-19] (Hewlett-Packard Company) [File not signed]
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe [376144 2014-07-19] (LogMeIn, Inc.)
R2 LogMeIn; C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe [407424 2010-12-16] (LogMeIn, Inc.)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1796928 2014-10-04] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [19440960 2014-10-04] (NVIDIA Corporation)
R2 pdfcDispatcher; C:\Program Files (x86)\PDF Complete\pdfsvc.exe [635416 2009-10-14] (PDF Complete Inc)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2014-06-02] ()
 
==================== Drivers (Whitelisted) ====================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-08-27] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-08-27] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-08-27] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-08-27] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1041168 2014-08-27] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [427360 2014-08-27] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [92008 2014-08-27] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [224896 2014-08-27] ()
S2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [310728 2011-07-31] ()
S3 CpqDfw; C:\Windows\System32\drivers\CpqDfw.sys [27456 2012-05-29] (Windows ® Codename Longhorn DDK provider)
S3 CYUSB; C:\Windows\System32\Drivers\CYUSB.sys [47104 2009-08-10] (Cypress Semiconductor)
S3 danewFltr; C:\Windows\System32\drivers\danew.sys [12032 2010-03-23] (Razer (Asia-Pacific) Pte Ltd) [File not signed]
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [43168 2011-07-31] ()
R2 LMIInfo; C:\Program Files (x86)\LogMeIn\x64\RaInfo.sys [16056 2013-06-07] (LogMeIn, Inc.)
S4 LMIRfsClientNP; No ImagePath
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [20288 2014-10-04] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [38048 2014-09-04] (NVIDIA Corporation)
R3 rzdaendpt; C:\Windows\System32\DRIVERS\rzdaendpt.sys [33448 2014-05-19] (Razer Inc)
R3 rzvkeyboard; C:\Windows\System32\DRIVERS\rzvkeyboard.sys [31400 2014-05-19] (Razer Inc)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [834544 2010-12-05] () [File not signed]
S3 usbbus; C:\Windows\System32\DRIVERS\lgx64bus.sys [17920 2008-11-11] (LG Electronics Inc.)
S3 UsbDiag; C:\Windows\System32\DRIVERS\lgx64diag.sys [27136 2008-11-11] (LG Electronics Inc.)
S3 USBModem; C:\Windows\System32\DRIVERS\lgx64modem.sys [33792 2008-11-11] (LG Electronics Inc.)
U3 a12uxbe8; C:\Windows\System32\Drivers\a12uxbe8.sys [0 ] (Microsoft Corporation)
R3 ALSysIO; \??\C:\Users\Dylan\AppData\Local\Temp\ALSysIO64.sys [X]
S3 GGSAFERDriver; \??\C:\Program Files (x86)\Garena\safedrv.sys [X]
S1 MpKsl8bede882; \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{512B9F8D-CF19-40A8-BACF-4D9393528237}\MpKsl8bede882.sys [X]
S3 sxuptp; system32\DRIVERS\sxuptp.sys [X]
S3 VBoxNetFlt; system32\DRIVERS\VBoxNetFlt.sys [X]
R3 WinRing0_1_2_0; \??\C:\Users\Dylan\AppData\Local\Temp\tmp70DB.tmp [X]
S3 X6va003; \??\C:\Users\Dylan\AppData\Local\Temp\0039F73.tmp [X]
S3 XFDriver64; \??\C:\Program Files (x86)\Xfire2\XFDriver64.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
 
 
==================== One Month Created Files and Folders ========
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2014-10-14 14:49 - 2014-10-14 16:40 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-10-14 14:49 - 2014-10-14 14:49 - 00001064 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-10-14 14:49 - 2014-10-14 14:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-10-14 14:49 - 2014-10-14 14:49 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-10-14 14:49 - 2014-10-14 14:49 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-10-14 14:49 - 2014-10-01 11:11 - 00093400 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-10-14 14:49 - 2014-10-01 11:11 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-10-14 14:49 - 2014-10-01 11:11 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-10-14 14:47 - 2014-10-14 14:48 - 19828376 _____ (Malwarebytes Corporation ) C:\Users\Dylan\Downloads\mbam-setup-2.0.3.1025.exe
2014-10-14 14:40 - 2014-10-14 16:13 - 00000504 _____ () C:\Windows\setupact.log
2014-10-14 14:40 - 2014-10-14 16:12 - 00084328 _____ () C:\Windows\PFRO.log
2014-10-14 14:40 - 2014-10-14 14:40 - 00000000 _____ () C:\Windows\setuperr.log
2014-10-14 14:34 - 2014-10-14 15:41 - 00000000 ____D () C:\AdwCleaner
2014-10-14 14:34 - 2014-10-14 14:34 - 01976320 _____ () C:\Users\Dylan\Downloads\adwcleaner_4.000.exe
2014-10-12 18:01 - 2014-10-13 05:33 - 00000000 ____D () C:\Users\Dylan\Downloads\Darksiders - SKIDROW
2014-10-12 13:20 - 2014-10-12 13:21 - 00057678 _____ () C:\Users\Dylan\Downloads\Addition.txt
2014-10-12 13:18 - 2014-10-14 16:44 - 00024101 _____ () C:\Users\Dylan\Downloads\FRST.txt
2014-10-12 13:18 - 2014-10-14 16:43 - 00000000 ____D () C:\FRST
2014-10-12 13:17 - 2014-10-12 13:17 - 02110464 _____ (Farbar) C:\Users\Dylan\Downloads\FRST64.exe
2014-10-11 23:26 - 2014-10-11 23:27 - 04965896 _____ (Piriform Ltd) C:\Users\Dylan\Downloads\ccsetup418.exe
2014-10-10 19:16 - 2014-10-10 19:16 - 00002217 _____ () C:\Users\Public\Desktop\Google Chrome (2).lnk
2014-10-10 19:15 - 2014-10-10 19:15 - 00001012 _____ () C:\Users\Public\Desktop\Dual Monitor.lnk
2014-10-10 19:15 - 2014-10-10 19:15 - 00000000 ____D () C:\Users\Dylan\AppData\Roaming\Dual Monitor
2014-10-10 19:15 - 2014-10-10 19:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dual Monitor
2014-10-10 19:15 - 2014-10-10 19:15 - 00000000 ____D () C:\Program Files (x86)\Dual Monitor
2014-10-10 19:14 - 2014-10-10 19:14 - 00855093 _____ (Cristi Diaconu ) C:\Users\Dylan\Downloads\DualMonitor 1.22 Setup.exe
2014-10-10 18:22 - 2014-10-10 18:22 - 00002217 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-10-10 18:22 - 2014-10-10 18:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-10-10 18:19 - 2014-10-14 16:24 - 00000896 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-10-10 18:19 - 2014-10-14 16:16 - 00000892 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-10-10 18:19 - 2014-10-10 18:19 - 00003892 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-10-10 18:19 - 2014-10-10 18:19 - 00003640 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-10-10 16:41 - 2014-10-10 16:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast
2014-10-08 12:17 - 2014-10-08 12:17 - 00000000 ____D () C:\Users\Dylan\Documents\WB Games
2014-10-08 12:17 - 2014-10-08 12:17 - 00000000 ____D () C:\Users\Dylan\AppData\Roaming\Steam
2014-10-08 11:53 - 2014-10-11 23:26 - 00000000 ____D () C:\Program Files (x86)\Middle Earth Shadow of Mordor
2014-10-07 22:58 - 2014-10-07 22:59 - 00000000 ____D () C:\Program Files (x86)\Google
2014-10-06 20:03 - 2014-10-13 20:34 - 00000000 ____D () C:\Users\Dylan\AppData\Roaming\TS3Client
2014-10-06 20:03 - 2014-10-06 20:03 - 00001212 _____ () C:\Users\Dylan\Desktop\TeamSpeak 3 Client.lnk
2014-10-06 20:03 - 2014-10-06 20:03 - 00000000 ____D () C:\Users\Dylan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client
2014-10-06 20:03 - 2014-10-06 20:03 - 00000000 ____D () C:\Users\Dylan\AppData\Local\TeamSpeak 3 Client
2014-10-06 19:58 - 2014-10-06 19:59 - 28115400 _____ (TeamSpeak Systems GmbH) C:\Users\Dylan\Downloads\TeamSpeak3-Client-win32-3.0.16.exe
2014-10-06 13:38 - 2014-10-06 13:38 - 27301724 _____ () C:\Users\Dylan\Downloads\torbrowser-install-3.6.6_en-US.exe
2014-10-05 21:15 - 2014-10-05 21:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mumble
2014-10-05 21:13 - 2014-10-05 21:15 - 00000000 ____D () C:\Program Files (x86)\Mumble
2014-10-05 21:12 - 2014-10-05 21:13 - 15391888 _____ () C:\Users\Dylan\Downloads\mumble-1.2.8_plus_MumbleComSkin.exe
2014-10-04 15:03 - 2014-10-14 16:17 - 00000000 ___RD () C:\Users\Dylan\iCloudDrive
2014-10-04 15:03 - 2014-10-04 15:03 - 00000000 ____D () C:\Users\Dylan\AppData\Local\Apple Inc
2014-10-04 14:18 - 2014-10-04 14:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud
2014-10-02 17:20 - 2014-10-04 22:38 - 00000000 ____D () C:\Users\Dylan\AppData\Local\DisplayFusion
2014-10-02 17:11 - 2014-10-02 17:11 - 00000000 __SHD () C:\Users\Dylan\AppData\Roaming\Common
2014-10-02 17:11 - 2014-10-02 17:11 - 00000000 ____D () C:\ProgramData\Binary Fortress Software
2014-10-02 17:10 - 2010-07-21 00:22 - 00000000 ____D () C:\Program Files (x86)\DisplayFusion
2014-10-02 17:06 - 2014-10-02 17:07 - 10533864 _____ (Binary Fortress Software ) C:\Users\Dylan\Downloads\DisplayFusionSetup-6.1.2.exe
2014-10-02 16:58 - 2014-10-02 16:58 - 00000000 ____D () C:\Program Files (x86)\AGEIA Technologies
2014-10-02 16:57 - 2014-09-13 15:13 - 00613696 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2014-10-02 16:53 - 2014-09-16 23:51 - 00197408 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys
2014-10-02 16:53 - 2014-09-16 23:51 - 00031520 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll
2014-10-02 16:53 - 2014-09-13 18:48 - 00867528 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2014-10-02 16:52 - 2014-09-13 18:48 - 31887680 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2014-10-02 16:52 - 2014-09-13 18:48 - 24552592 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2014-10-02 16:52 - 2014-09-13 18:48 - 20922512 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2014-10-02 16:52 - 2014-09-13 18:48 - 19954520 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2014-10-02 16:52 - 2014-09-13 18:48 - 17259664 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2014-10-02 16:52 - 2014-09-13 18:48 - 14026304 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2014-10-02 16:52 - 2014-09-13 18:48 - 13939272 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2014-10-02 16:52 - 2014-09-13 18:48 - 13157696 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2014-10-02 16:52 - 2014-09-13 18:48 - 11392576 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2014-10-02 16:52 - 2014-09-13 18:48 - 11330776 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2014-10-02 16:52 - 2014-09-13 18:48 - 04287296 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2014-10-02 16:52 - 2014-09-13 18:48 - 04008592 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2014-10-02 16:52 - 2014-09-13 18:48 - 01876296 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6434411.dll
2014-10-02 16:52 - 2014-09-13 18:48 - 01539272 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6434411.dll
2014-10-02 16:52 - 2014-09-13 18:48 - 00957584 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2014-10-02 16:52 - 2014-09-13 18:48 - 00925896 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2014-10-02 16:52 - 2014-09-13 18:48 - 00919240 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2014-10-02 16:52 - 2014-09-13 18:48 - 00894096 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2014-10-02 16:52 - 2014-09-13 18:48 - 00501064 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2014-10-02 16:52 - 2014-09-13 18:48 - 00417096 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2014-10-02 16:52 - 2014-09-13 18:48 - 00393024 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2014-10-02 16:52 - 2014-09-13 18:48 - 00352016 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2014-10-02 16:52 - 2014-09-13 18:48 - 00348304 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2014-10-02 16:52 - 2014-09-13 18:48 - 00303600 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2014-10-02 16:52 - 2014-09-13 18:48 - 00174856 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2014-10-02 16:52 - 2014-09-13 18:48 - 00156840 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2014-10-02 16:39 - 2014-10-02 16:40 - 07525087 _____ () C:\Users\Dylan\Downloads\Chronokeeper0.7.8.1.0.0.0.1.zip
2014-10-02 16:24 - 2014-10-02 16:24 - 00600638 _____ () C:\Users\Dylan\Downloads\OnTopReplica-3_5_1-Setup.exe
2014-10-02 16:24 - 2014-10-02 16:24 - 00000000 ____D () C:\Users\Dylan\AppData\Local\Lorenz_Cuno_Klopfenstein
2014-10-02 16:23 - 2014-10-02 16:23 - 00600635 _____ () C:\Users\Dylan\Downloads\ontopreplica-setup.exe
2014-10-02 16:08 - 2014-10-02 16:08 - 00000000 ____D () C:\Users\Dylan\AppData\Local\Razer
2014-10-01 15:52 - 2014-10-01 15:52 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_rzudd_01009.Wdf
2014-10-01 15:48 - 2014-10-01 15:48 - 00000000 ____D () C:\Users\Public\Documents\CrashDump
2014-10-01 15:47 - 2014-10-01 15:47 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_rzdaendpt_01009.Wdf
2014-10-01 15:46 - 2014-10-01 15:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Razer
2014-10-01 15:03 - 2014-10-01 15:03 - 00000000 ____D () C:\Users\Dylan\Downloads\codex-middle.earth.shadow.of.mordor
2014-10-01 12:23 - 2014-10-10 19:29 - 00000000 ____D () C:\Users\Dylan\Downloads\Middle.Earth.Shadow.of.Mordor-CODEX
2014-09-30 00:46 - 2014-09-04 14:14 - 00038048 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2014-09-30 00:46 - 2014-09-04 14:14 - 00032416 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2014-09-27 10:39 - 2014-09-28 22:07 - 00000000 ____D () C:\Users\Dylan\AppData\Local\Warframe
2014-09-26 21:27 - 2014-09-26 21:27 - 00000222 _____ () C:\Users\Dylan\Desktop\Warframe.url
2014-09-26 12:56 - 2014-09-26 12:56 - 00001320 _____ () C:\Users\Dylan\Desktop\Gauntlet.lnk
2014-09-26 12:30 - 2014-09-26 12:30 - 00000000 ____D () C:\Users\Dylan\AppData\Roaming\Arrowhead
2014-09-26 12:19 - 2014-09-26 12:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gauntlet
2014-09-26 12:18 - 2014-09-26 20:10 - 00000000 ____D () C:\Program Files (x86)\Gauntlet
2014-09-26 12:06 - 2014-09-26 12:16 - 00000000 ____D () C:\Users\Dylan\Documents\Endless Legend
2014-09-26 01:51 - 2014-09-26 03:35 - 00000000 ____D () C:\Users\Dylan\Downloads\Gauntlet [Steam-Rip]
2014-09-25 20:12 - 2014-09-25 20:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-09-25 20:11 - 2014-09-25 20:12 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-09-25 20:11 - 2014-09-25 20:12 - 00000000 ____D () C:\Program Files\iTunes
2014-09-25 20:11 - 2014-09-25 20:12 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-09-25 20:11 - 2014-09-25 20:11 - 00000000 ____D () C:\Program Files\iPod
2014-09-15 11:08 - 2014-09-15 11:08 - 00000000 ____D () C:\Users\Dylan\Downloads\Pink Floyd 1973 The Dark Side Of The Moon 2011 Remastered & Arts 320 Kbps
 
==================== One Month Modified Files and Folders =======
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2014-10-14 16:27 - 2014-08-30 18:27 - 00000911 _____ () C:\Windows\Tasks\EPSON XP-610 Series Update {CF03BCF8-DB26-498D-8115-8FCBE9C606A0}.job
2014-10-14 16:27 - 2014-08-30 18:27 - 00000725 _____ () C:\Windows\Tasks\EPSON XP-610 Series Invitation {CF03BCF8-DB26-498D-8115-8FCBE9C606A0}.job
2014-10-14 16:21 - 2010-09-25 10:39 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-10-14 16:20 - 2009-07-13 23:45 - 00015792 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-10-14 16:20 - 2009-07-13 23:45 - 00015792 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-10-14 16:16 - 2010-08-15 01:51 - 01277182 _____ () C:\Windows\WindowsUpdate.log
2014-10-14 16:13 - 2014-05-26 18:10 - 00000966 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Client.lnk
2014-10-14 16:13 - 2014-05-26 18:10 - 00000950 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Control Panel.lnk
2014-10-14 16:12 - 2010-10-01 20:17 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-10-14 16:12 - 2009-07-14 00:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-10-14 15:29 - 2012-09-05 23:29 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-10-14 15:25 - 2011-06-30 11:35 - 00000000 ____D () C:\Windows\1C4551A64743409391E41477CD655043.TMP
2014-10-14 14:48 - 2010-09-25 05:15 - 00003930 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{A5260E60-952A-4C43-B6D0-F9FE84C1C654}
2014-10-14 14:30 - 2011-04-22 21:34 - 00001945 _____ () C:\Windows\epplauncher.mif
2014-10-14 12:50 - 2010-12-05 15:29 - 00000000 ____D () C:\Users\Dylan\AppData\Roaming\uTorrent
2014-10-14 12:50 - 2010-11-08 16:50 - 00000000 ____D () C:\ProgramData\LogMeIn
2014-10-13 14:34 - 2011-11-21 21:22 - 00000000 _____ () C:\Windows\system32\HP_ActiveX_Patch_NOT_DETECTED.txt
2014-10-13 14:34 - 2010-10-11 18:25 - 00000052 _____ () C:\Windows\SysWOW64\DOErrors.log
2014-10-13 14:32 - 2010-10-11 18:24 - 00000000 ____D () C:\Users\Dylan\AppData\Roaming\HP Support Assistant
2014-10-13 14:32 - 2010-09-26 05:47 - 00000000 ____D () C:\Users\Dylan\AppData\Roaming\HpUpdate
2014-10-11 23:30 - 2012-01-12 00:04 - 00000000 ____D () C:\Users\Dylan\AppData\Roaming\TeamViewer
2014-10-11 23:29 - 2010-10-01 19:01 - 00000000 ____D () C:\Users\Dylan\AppData\Local\CrashDumps
2014-10-11 23:29 - 2010-09-25 08:37 - 00000000 ____D () C:\Windows\Minidump
2014-10-11 23:27 - 2012-08-10 16:23 - 00000784 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-10-11 23:27 - 2012-08-10 16:23 - 00000000 ____D () C:\Program Files\CCleaner
2014-10-10 21:01 - 2012-10-01 16:25 - 00003186 _____ () C:\Windows\System32\Tasks\HPCeeScheduleForDylan
2014-10-10 21:01 - 2012-10-01 16:25 - 00000332 _____ () C:\Windows\Tasks\HPCeeScheduleForDylan.job
2014-10-10 19:29 - 2010-09-28 05:26 - 00000000 ____D () C:\Users\Holly
2014-10-10 19:29 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\AppCompat
2014-10-10 19:28 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\registration
2014-10-10 18:19 - 2012-09-14 23:51 - 00000000 ____D () C:\Users\Dylan\AppData\Local\Google
2014-10-10 18:19 - 2011-09-20 15:41 - 00000000 ____D () C:\Users\Dylan\AppData\Local\Deployment
2014-10-10 16:41 - 2013-01-12 16:57 - 00001928 _____ () C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2014-10-10 16:33 - 2010-08-15 01:52 - 00000000 ____D () C:\ProgramData\PDFC
2014-10-10 16:31 - 2010-09-25 05:04 - 00000000 ____D () C:\Users\Dylan
2014-10-07 15:54 - 2014-01-11 01:31 - 00000000 ____D () C:\Users\Dylan\AppData\Roaming\Guild Wars 2
2014-10-07 15:52 - 2012-09-16 00:31 - 00000000 ____D () C:\Users\Dylan\Documents\Guild Wars 2
2014-10-07 15:51 - 2012-03-13 18:48 - 00000000 ____D () C:\Users\Dylan\AppData\Roaming\Mumble
2014-10-04 16:28 - 2012-11-22 21:39 - 00000000 ____D () C:\Program Files (x86)\Diablo III
2014-10-04 16:27 - 2014-02-13 04:00 - 00000000 ____D () C:\Program Files (x86)\Hearthstone
2014-10-04 16:26 - 2014-02-13 03:37 - 00000000 ____D () C:\Program Files (x86)\Battle.net
2014-10-04 16:25 - 2014-02-13 03:37 - 00000000 ____D () C:\Users\Dylan\AppData\Local\Battle.net
2014-10-04 15:03 - 2010-10-01 19:59 - 00000000 ____D () C:\Users\Dylan\AppData\Roaming\Apple Computer
2014-10-04 01:42 - 2014-06-04 23:11 - 01291280 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspbridge.dll
2014-10-04 01:42 - 2013-10-30 11:18 - 02197680 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2014-10-04 01:41 - 2014-06-04 23:11 - 01715224 _____ (NVIDIA Corporation) C:\Windows\system32\nvspbridge64.dll
2014-10-04 01:41 - 2013-10-30 11:18 - 02800296 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2014-10-02 16:58 - 2010-12-31 23:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2014-10-02 16:57 - 2010-10-01 20:16 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2014-10-02 16:06 - 2014-08-23 16:52 - 00000000 ____D () C:\Program Files (x86)\Razer
2014-10-02 16:04 - 2009-07-13 23:45 - 00460312 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-10-02 02:25 - 2010-09-25 05:05 - 00120824 _____ () C:\Users\Dylan\AppData\Local\GDIPFONTCACHEV1.DAT
2014-10-01 15:48 - 2014-05-10 15:49 - 00000000 ____D () C:\Users\Dylan\AppData\Roaming\VERIZON
2014-10-01 15:41 - 2013-04-06 21:18 - 00000000 ____D () C:\Games
2014-10-01 15:40 - 2010-11-08 17:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\San Andreas Multiplayer
2014-10-01 15:34 - 2014-01-27 14:51 - 00000000 ____D () C:\Users\Dylan\Downloads\Lindsey Stirling - Lindsey Stirling [2013] [Limited Deluxe Edition] [Mp3-320]-V3nom [GLT]
2014-10-01 15:28 - 2010-10-02 00:09 - 00000000 ____D () C:\Users\Dylan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2014-10-01 15:20 - 2009-07-14 00:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-10-01 15:18 - 2010-09-25 08:41 - 00000000 ____D () C:\Program Files (x86)\Electronic Arts
2014-10-01 15:15 - 2010-10-08 18:09 - 00000000 ____D () C:\Program Files (x86)\DVDVideoSoft
2014-10-01 15:13 - 2010-10-01 18:30 - 00000000 ____D () C:\Users\Dylan\AppData\Local\Thunderbird
2014-10-01 15:12 - 2010-08-15 01:51 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-10-01 15:12 - 2009-07-14 00:13 - 00808206 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-10-01 15:07 - 2010-09-25 08:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Electronic Arts
2014-09-30 00:47 - 2010-10-01 20:16 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2014-09-25 20:12 - 2014-08-30 17:16 - 00001745 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-09-22 01:42 - 2010-10-01 17:37 - 00278152 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-09-18 18:24 - 2009-07-14 00:08 - 00032652 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-09-16 23:51 - 2014-01-29 22:34 - 01538880 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdagenco6420103.dll
2014-09-14 00:29 - 2014-09-13 14:24 - 00000000 ____D () C:\Users\Dylan\Downloads\Rocksmith 2014 + All DLC's (including RS1) and No Cable Fix
 
Files to move or delete:
====================
C:\Users\Dylan\CrossFire_Setup_v1052.exe
 
 
Some content of TEMP:
====================
C:\Users\Dylan\AppData\Local\Temp\sqlite3.dll
C:\Users\Holly\AppData\Local\Temp\TB_9E03.exe
 
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2014-10-11 05:00
 
==================== End Of Log ============================
 
And then the Addition.txt
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 12-10-2014
Ran by Dylan at 2014-10-14 16:44:37
Running from C:\Users\Dylan\Downloads
Boot Mode: Normal
==========================================================
 
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
 
==================== Installed Programs ======================
 
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
 Update for Microsoft Office 2007 (KB2508958) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{0C5823AA-7B6F-44E1-8D5B-8FD1FF0E6438}) (Version:  - Microsoft)
µTorrent (HKCU\...\uTorrent) (Version: 3.4.2.34024 - BitTorrent Inc.)
7-Zip 9.20 (HKLM-x32\...\7-Zip) (Version:  - )
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Adobe Acrobat 5.0 (HKLM-x32\...\Adobe Acrobat 5.0) (Version: 5.0 - Adobe Systems, Inc.)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.4.0.2540 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 3.4.0.2540 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 10 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 10.0.42.34 - Adobe Systems Incorporated)
Adobe Flash Player 11 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 11.5.502.149 - Adobe Systems Incorporated)
Adobe Photoshop Elements 7.0 (HKLM-x32\...\Adobe Photoshop Elements 7) (Version: 7.0 - Adobe Systems Incorporated)
Adobe Photoshop Elements 7.0 (x32 Version: 7.0.0.3 - Adobe Systems Incorporated) Hidden
Adobe Photoshop.com Inspiration Browser (HKLM-x32\...\PhotoshopdotcomInspirationBrowser.4C35C4D325D350FE0114230CBADCA2DDD0AC8D25.1) (Version: 2.61 - Adobe Systems Incorporated)
Adobe Reader 9.5.5 (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-A95000000001}) (Version: 9.5.5 - Adobe Systems Incorporated)
Apple Application Support (HKLM-x32\...\{78002155-F025-4070-85B3-7C0453561701}) (Version: 3.0.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{B678797F-DF38-4556-8A31-8B818E261868}) (Version: 8.0.0.23 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ATI Catalyst Install Manager (HKLM\...\{7C7A5A92-046C-A38C-AE0F-8F9CCA0F67A8}) (Version: 3.0.774.0 - ATI Technologies, Inc.)
avast! Free Antivirus (HKLM-x32\...\avast) (Version: 9.0.2021 - AVAST Software)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.4.0 - EA Digital Illusions CE AB)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Call of Duty: United Offensive (HKLM-x32\...\Steam App 2640) (Version:  - Activision)
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - ATI) Hidden
Catalyst Control Center Core Implementation (x32 Version: 2010.0511.2153.37435 - ATI) Hidden
Catalyst Control Center Graphics Full Existing (x32 Version: 2010.0511.2153.37435 - ATI) Hidden
Catalyst Control Center Graphics Full New (x32 Version: 2010.0511.2153.37435 - ATI) Hidden
Catalyst Control Center Graphics Light (x32 Version: 2010.0511.2153.37435 - ATI) Hidden
Catalyst Control Center Graphics Previews Vista (x32 Version: 2010.0511.2153.37435 - ATI) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2010.0511.2153.37435 - ATI Technologies, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2010.0511.2153.37435 - ATI) Hidden
CCC Help Chinese Standard (x32 Version: 2010.0511.2152.37435 - ATI) Hidden
CCC Help Chinese Traditional (x32 Version: 2010.0511.2152.37435 - ATI) Hidden
CCC Help Czech (x32 Version: 2010.0511.2152.37435 - ATI) Hidden
CCC Help Danish (x32 Version: 2010.0511.2152.37435 - ATI) Hidden
CCC Help Dutch (x32 Version: 2010.0511.2152.37435 - ATI) Hidden
CCC Help English (x32 Version: 2010.0511.2152.37435 - ATI) Hidden
CCC Help Finnish (x32 Version: 2010.0511.2152.37435 - ATI) Hidden
CCC Help French (x32 Version: 2010.0511.2152.37435 - ATI) Hidden
CCC Help German (x32 Version: 2010.0511.2152.37435 - ATI) Hidden
CCC Help Greek (x32 Version: 2010.0511.2152.37435 - ATI) Hidden
CCC Help Hungarian (x32 Version: 2010.0511.2152.37435 - ATI) Hidden
CCC Help Italian (x32 Version: 2010.0511.2152.37435 - ATI) Hidden
CCC Help Japanese (x32 Version: 2010.0511.2152.37435 - ATI) Hidden
CCC Help Korean (x32 Version: 2010.0511.2152.37435 - ATI) Hidden
CCC Help Norwegian (x32 Version: 2010.0511.2152.37435 - ATI) Hidden
CCC Help Polish (x32 Version: 2010.0511.2152.37435 - ATI) Hidden
CCC Help Portuguese (x32 Version: 2010.0511.2152.37435 - ATI) Hidden
CCC Help Russian (x32 Version: 2010.0511.2152.37435 - ATI) Hidden
CCC Help Spanish (x32 Version: 2010.0511.2152.37435 - ATI) Hidden
CCC Help Swedish (x32 Version: 2010.0511.2152.37435 - ATI) Hidden
CCC Help Thai (x32 Version: 2010.0511.2152.37435 - ATI) Hidden
CCC Help Turkish (x32 Version: 2010.0511.2152.37435 - ATI) Hidden
ccc-core-static (x32 Version: 2010.0511.2153.37435 - ATI) Hidden
ccc-utility64 (Version: 2010.0511.2153.37435 - ATI) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 4.18 - Piriform)
CinemaNow Media Manager (HKLM-x32\...\{6C122441-1861-4CD7-B1C5-A163A6984E12}) (Version: 1.9.1.105 - CinemaNow, Inc.)
Command & Conquer™: Generals and Zero Hour (HKLM-x32\...\{609F6FD5-4B22-4D7A-AD30-8C9DD480D5BE}) (Version: 1.0.0.0 - Electronic Arts, Inc.)
Core Temp version 0.99.7 (HKLM\...\{086D343F-8E78-4AFC-81AC-D6D414AFD8AC}_is1) (Version: 0.99.7 - Arthur Liberman)
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version:  - )
CyberLink DVD Suite Deluxe (HKLM-x32\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 7.0.2823 - CyberLink Corp.)
CyberLink DVD Suite Deluxe (x32 Version: 7.0.2823 - CyberLink Corp.) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (HKLM-x32\...\{90140000-0019-0000-0000-0000000FF1CE}_Office14.PUBLISHER_{81FB7C60-565A-4869-9D90-3BE1D270E8B7}) (Version:  - Microsoft)
Diablo III (HKLM-x32\...\Diablo III) (Version:  - Blizzard Entertainment)
Dota 2 (HKLM-x32\...\Steam App 570) (Version:  - )
Dragon Age: Origins (HKLM-x32\...\{AEC81925-9C76-4707-84A9-40696C613ED3}) (Version: 1.03 - Electronic Arts, Inc.)
Dropbox (HKCU\...\Dropbox) (Version: 2.6.24 - Dropbox, Inc.)
Dual Monitor 1.22 (HKLM-x32\...\{64AA3F94-ED4A-4A4B-B72C-B7A1481ED5D8}_is1) (Version: 1.22.021813 - Cristi Diaconu)
Dust: An Elysian Tail (HKLM-x32\...\Steam App 236090) (Version:  - Humble Hearts LLC)
DVD Menu Pack for HP MediaSmart Video (HKLM-x32\...\InstallShield_{FB4BB287-37F9-4E27-9C4D-2D3882E08EFF}) (Version: 4.1.4030 - Hewlett-Packard)
DVD Menu Pack for HP MediaSmart Video (x32 Version: 4.1.4030 - Hewlett-Packard) Hidden
EPSON Connect version 1.0 (HKLM-x32\...\EPSON Connect_is1) (Version: 1.0 - Epson America Inc.)
Epson Customer Participation (HKLM\...\{814FA673-A085-403C-9545-747FC1495069}) (Version: 1.6.3.0 - SEIKO EPSON CORPORATION)
Epson Event Manager (HKLM-x32\...\{116DBCAF-9544-4592-9156-AC99F6C2D426}) (Version: 3.10.0016 - Seiko Epson Corporation)
Epson Print CD (HKLM-x32\...\{D16A31F9-276D-4968-A753-FFEAC56995D0}) (Version: 2.21.00 - SEIKO EPSON CORPORATION)
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version:  - Seiko Epson Corporation)
EPSON XP-610 Series Printer Uninstall (HKLM\...\EPSON XP-610 Series) (Version:  - SEIKO EPSON Corporation)
EPSON XP-610 User’s Guide version 1.0 (HKLM-x32\...\UsersGuideEPSON XP-610 User’s Guide_is1) (Version: 1.0 - )
EpsonNet Print (HKLM-x32\...\{3E31400D-274E-4647-916C-2CACC3741799}) (Version: 2.6.0 - SEIKO EPSON CORPORATION)
EVGA Precision X 4.2.1 (HKLM-x32\...\PrecisionX) (Version: 4.2.1 - EVGA Corporation)
Free Studio version 4.9 (HKLM-x32\...\Free Studio_is1) (Version:  - DVDVideoSoft Limited.)
GameRanger (HKCU\...\GameRanger) (Version:  - GameRanger Technologies)
Garmin Communicator Plugin (HKLM-x32\...\{032A13FF-D26D-4844-9597-7EF698627985}) (Version: 4.1.0 - Garmin Ltd or its subsidiaries)
Garmin Communicator Plugin x64 (HKLM\...\{AFA301E1-B410-4F1B-B1C0-2E92FDCD94AD}) (Version: 4.1.0 - Garmin Ltd or its subsidiaries)
Gauntlet (HKLM-x32\...\Gauntlet_is1) (Version: 1.0 - Релиз от R.G. Steamgames)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 38.0.2125.101 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.5 - Google Inc.) Hidden
Halo: Spartan Assault (HKLM-x32\...\Steam App 277430) (Version:  - Vanguard Games)
Hearthstone (HKLM-x32\...\Hearthstone) (Version:  - Blizzard Entertainment)
Heroes of Newerth (HKLM-x32\...\hon) (Version: 2.3.0 - S2 Games)
Hewlett-Packard ACLM.NET v1.2.1.1 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
HP Customer Experience Enhancements (x32 Version: 6.0.1.7 - Hewlett-Packard) Hidden
HP MediaSmart CinemaNow 2.0 (HKLM-x32\...\{9008D736-35CA-40DB-A2BE-5F32D954E5AA}) (Version: 2.0 - Hewlett-Packard)
HP MediaSmart DVD (HKLM-x32\...\InstallShield_{DCCAD079-F92C-44DA-B258-624FC6517A5A}) (Version: 4.1.4229 - Hewlett-Packard)
HP MediaSmart DVD (x32 Version: 4.1.4229 - Hewlett-Packard) Hidden
HP MediaSmart Music (HKLM-x32\...\InstallShield_{91A34181-9FAD-43AB-A35F-E7A8945B7E1C}) (Version: 4.1.4301 - Hewlett-Packard)
HP MediaSmart Music (x32 Version: 4.1.4301 - Hewlett-Packard) Hidden
HP MediaSmart Photo (HKLM-x32\...\InstallShield_{6DAF8CDC-9B04-413B-A0F2-BCC13CF8A5BF}) (Version: 4.1.4211 - Hewlett-Packard)
HP MediaSmart Photo (x32 Version: 4.1.4211 - Hewlett-Packard) Hidden
HP MediaSmart SmartMenu (HKLM\...\{5B08AF35-B699-4A44-BB89-3E51E70611E8}) (Version: 3.1.1.12 - Hewlett-Packard)
HP MediaSmart Video (HKLM-x32\...\InstallShield_{D12E3E7F-1B13-4933-A915-16C7DD37A095}) (Version: 4.1.4214 - Hewlett-Packard)
HP MediaSmart Video (x32 Version: 4.1.4214 - Hewlett-Packard) Hidden
HP MediaSmart/TouchSmart Netflix (HKLM-x32\...\{BDDA1E1E-204E-4368-B0C2-737F16B76307}) (Version: 1.0.3.0 - Hewlett-Packard)
HP Odometer (HKLM-x32\...\{B8AC1A89-FFD1-4F97-8051-E505A160F562}) (Version: 2.10.0000 - Hewlett-Packard)
HP Product Detection (HKLM-x32\...\{A436F67F-687E-4736-BD2B-537121A804CF}) (Version: 11.14.0001 - HP)
HP Setup (HKLM-x32\...\{72D90DB3-A16A-4545-B555-868471101833}) (Version: 8.1.4186.3400 - Hewlett-Packard)
HP Support Assistant (HKLM-x32\...\{EE202411-2C26-49E8-9784-1BC1DBF7DE96}) (Version: 7.0.39.15 - Hewlett-Packard Company)
HP Support Information (HKLM-x32\...\{B9A03B7B-E0FF-4FB3-BA83-762E58A1B0AA}) (Version: 10.1.0002 - Hewlett-Packard)
HP Update (HKLM-x32\...\{DE77FE3F-A33D-499A-87AD-5FC406617B40}) (Version: 5.002.003.003 - Hewlett-Packard)
HP Vision Hardware Diagnostics (HKLM\...\{D79A02E9-6713-4335-9668-AAC7474C0C0E}) (Version: 2.1.2.27173 - Hewlett-Packard)
iCloud (HKLM\...\{6096C0CC-7E19-4355-87F0-627EC5AA146D}) (Version: 4.0.3.56 - Apple Inc.)
iTunes (HKLM\...\{F46AA0F1-E284-4878-A462-5F11B9166C0E}) (Version: 11.4.0.18 - Apple Inc.)
Java 7 Update 45 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217017FF}) (Version: 7.0.450 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Kobo (HKLM-x32\...\Kobo) (Version:  - )
LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.2823 - CyberLink Corp.)
LabelPrint (x32 Version: 2.5.2823 - CyberLink Corp.) Hidden
Left 4 Dead 2 (HKLM-x32\...\Steam App 550) (Version:  - Valve)
LG USB Modem driver (HKLM-x32\...\{C3ABE126-2BB2-4246-BFE1-6797679B3579}) (Version:  - )
LightScribe System Software (HKLM-x32\...\{46BA053F-57B3-4153-BDB6-D37EEC8B12D7}) (Version: 1.18.15.1 - LightScribe)
Logitech GamePanel Software 3.06.109 (HKLM\...\{A1E85B9A-AFAD-4D38-AF01-6B020DD5213A}) (Version: 3.06.109 - Logitech Inc.)
LogMeIn (HKLM-x32\...\{5D112C61-C8D0-4718-8DD7-B9115EB9AF90}) (Version: 4.1.1558 - LogMeIn, Inc.)
LTCM Client (HKLM-x32\...\{B38E9B55-7136-4E66-A084-320512FF3F6F}) (Version: 1.20.3792 - Leader Technologies Inc)
Malwarebytes Anti-Malware version 2.0.3.1025 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.3.1025 - Malwarebytes Corporation)
Microsoft .NET Framework 1.1 (HKLM-x32\...\Microsoft .NET Framework 1.1  (1033)) (Version:  - )
Microsoft .NET Framework 1.1 (x32 Version: 1.1.4322 - Microsoft) Hidden
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Chart Controls for Microsoft .NET Framework 3.5 (KB2500170) (HKLM-x32\...\{41785C66-90F2-40CE-8CB5-1C94BFC97280}) (Version: 3.5.30730.0 - Microsoft Corporation)
Microsoft Default Manager (x32 Version: 2.1.55.0 - Microsoft Corporation) Hidden
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}) (Version: 3.5.92.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Excel MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (HKLM-x32\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden
Microsoft Office Publisher 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Publisher 2010 (HKLM-x32\...\Office14.PUBLISHER) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.20913.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175 (HKLM\...\{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}) (Version: 8.0.51011 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (HKLM\...\{8338783A-0968-3B85-AFC7-BAAE0A63DC50}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM-x32\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (x32 Version: 3.0.5305.0 - Microsoft Corp.) Hidden
Microsoft XNA Framework Redistributable 3.1 (HKLM-x32\...\{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}) (Version: 3.1.10527.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Mozilla Firefox 16.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 16.0 (x86 en-US)) (Version: 16.0 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP2 Parser and SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
Mumble 1.2.8 (HKLM-x32\...\{A9DBD31A-A09F-4C7E-86D1-3B21C59000D1}) (Version: 1.2.8 - Thorvald Natvig)
NVIDIA 3D Vision Controller Driver (x32 Version: 280.19 - NVIDIA Corporation) Hidden
NVIDIA 3D Vision Controller Driver 344.11 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 344.11 - NVIDIA Corporation)
NVIDIA 3D Vision Driver 344.11 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 344.11 - NVIDIA Corporation)
NVIDIA Control Panel 344.11 (Version: 344.11 - NVIDIA Corporation) Hidden
NVIDIA GeForce Experience 2.1.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1.3 - NVIDIA Corporation)
NVIDIA GeForce Experience Service (Version: 16.13.56 - NVIDIA Corporation) Hidden
NVIDIA Graphics Driver 344.11 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 344.11 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.32.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.32.1 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.162.1274 - NVIDIA Corporation) Hidden
NVIDIA LED Visualizer 1.0 (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA Network Service (Version: 2.0 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.14.0702 - NVIDIA Corporation) Hidden
NVIDIA PhysX System Software 9.14.0702 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.14.0702 - NVIDIA Corporation)
NVIDIA ShadowPlay 16.13.56 (Version: 16.13.56 - NVIDIA Corporation) Hidden
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.12.6514 - NVIDIA Corporation) Hidden
NVIDIA Update 16.13.56 (Version: 16.13.56 - NVIDIA Corporation) Hidden
NVIDIA Update Core (Version: 16.13.56 - NVIDIA Corporation) Hidden
NVIDIA Virtual Audio 1.2.25 (Version: 1.2.25 - NVIDIA Corporation) Hidden
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
Origin (HKLM-x32\...\Origin) (Version: 9.4.5.195 - Electronic Arts, Inc.)
PDF Complete Special Edition (HKLM-x32\...\PDF Complete) (Version: 3.5.111 - PDF Complete, Inc)
PhotoshopdotcomInspirationBrowser (x32 Version: 0.0.0 - Adobe Systems Incorporated) Hidden
PictureMover (HKLM-x32\...\{264FE20A-757B-492a-B0C3-4009E2997D8A}) (Version: 3.5.0.28 - Hewlett-Packard Company)
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
PowerISO (HKLM-x32\...\PowerISO) (Version: 4.7 - PowerISO Computing, Inc.)
PressReader (HKLM-x32\...\{912CED74-88D3-4C5B-ACB0-13231864975D}) (Version: 5.10.621.0 -  NewspaperDirect Inc.)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.991 - Even Balance, Inc.)
QuickTime 7 (HKLM-x32\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)
Rapture3D 2.4.8 Game (HKLM-x32\...\{D2FCA41E-AC01-4DCD-B3A7-DC9E32363065}}_is1) (Version:  - Blue Ripple Sound)
Razer Synapse 2.0 (HKLM-x32\...\{0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6}) (Version: 1.18.15.20888 - Razer Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6196 - Realtek Semiconductor Corp.)
Recovery Manager (x32 Version: 5.5.2926 - CyberLink Corp.) Hidden
Rise of the Witch King Unofficial Patch 2.02 (HKCU\...\Rise of the Witch King Unofficial Patch 2.02) (Version:  - )
Roxio CinemaNow 2.0 (x32 Version: 1.0.284 - Hewlett-Packard) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.45.0 - SAMSUNG Electronics Co., Ltd.)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0019-0000-0000-0000000FF1CE}_Office14.PUBLISHER_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (x32 Version:  - Microsoft) Hidden
SHIELD Streaming (Version: 3.1.1000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 16.13.56 - NVIDIA Corporation) Hidden
Skype Click to Call (HKLM-x32\...\{B6CF2967-C81E-40C0-9815-C05774FEF120}) (Version: 6.9.12585 - Skype Technologies S.A.)
Skype™ 6.6 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.6.106 - Skype Technologies S.A.)
Software Updater (HKLM-x32\...\{7ACB9D1D-5B26-4CE4-964A-1EB22461E6F6}) (Version: 4.1.0 - SEIKO EPSON CORPORATION)
StarCraft II (HKLM-x32\...\StarCraft II) (Version:  - Blizzard Entertainment)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve)
SUABnR (HKLM-x32\...\InstallShield_{2485354C-6B65-4978-BB91-CCE61442377B}) (Version: 1.1.0.13103_1 - Samsung Electronics Co., Ltd.)
SUABnR (x32 Version: 1.1.0.13103_1 - Samsung Electronics Co., Ltd.) Hidden
Team Fortress 2 (HKLM-x32\...\Steam App 440) (Version:  - Valve)
TeamSpeak 3 Client (HKCU\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
TeamViewer 8 (HKLM-x32\...\TeamViewer 8) (Version: 8.0.20935 - TeamViewer)
The Battle for Middle-earth ™ II (HKLM-x32\...\{2A9F95AB-65A3-432c-8631-B8BC5BF7477A}) (Version:  - )
The Elder Scrolls V: Skyrim (HKLM-x32\...\Steam App 72850) (Version:  - Bethesda Game Studios)
The Lord of the Rings, The Rise of the Witch-king (HKLM-x32\...\{8BCAFB73-49AE-4AC4-00A1-70E4EC38BD4E}) (Version:  - )
TomTom HOME (HKLM-x32\...\{EC5F4C1B-F838-4CB7-8561-8F809296428B}) (Version: 2.9.5 - TomTom)
TomTom HOME Visual Studio Merge Modules (HKLM-x32\...\{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}) (Version: 1.0.2 - TomTom International B.V.)
Uninstall 1.0.0.1 (HKLM-x32\...\Uninstall_is1) (Version:  - )
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2810071) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PUBLISHER_{001E8BF3-EDC3-4D5E-9C11-1D0E599B6497}) (Version:  - Microsoft)
Update for Microsoft Office 2007 Help for Common Features (KB963673) (HKLM-x32\...\{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AB365889-0395-4FAD-B702-CA5985D53D42}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{A024FC7B-77DE-45DE-A058-1C049A17BFB3}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6FAA03BD-2B51-4029-9AD9-64A3B8E3C84C}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-002A-0000-1000-0000000FF1CE}_HOMESTUDENTR_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition (HKLM-x32\...\{90140000-0019-0000-0000-0000000FF1CE}_Office14.PUBLISHER_{DADF7E25-FFA4-4D02-BE84-1DAE62C18516}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{90140000-0019-0000-0000-0000000FF1CE}_Office14.PUBLISHER_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PUBLISHER_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition (HKLM-x32\...\{90140000-0019-0000-0000-0000000FF1CE}_Office14.PUBLISHER_{287A1E92-9E41-4BC1-8920-B3D0E9220800}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition (HKLM-x32\...\{90140000-0019-0000-0000-0000000FF1CE}_Office14.PUBLISHER_{9D69691D-823D-4C3E-9B12-563A3F520366}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{90140000-0019-0000-0000-0000000FF1CE}_Office14.PUBLISHER_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PUBLISHER_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (HKLM-x32\...\{90140000-0019-0000-0000-0000000FF1CE}_Office14.PUBLISHER_{35698CB7-AAA2-4577-B505-DBFF504AEF23}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (HKLM-x32\...\{90140000-0019-0000-0000-0000000FF1CE}_Office14.PUBLISHER_{5AA578BB-759C-40FD-9661-A737C0884541}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2837583) 32-Bit Edition (HKLM-x32\...\{90140000-0019-0000-0000-0000000FF1CE}_Office14.PUBLISHER_{E21274CE-CA0C-49FA-93F4-DC292A052264}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0409-0000-0000000FF1CE}_Office14.PUBLISHER_{B5C70C99-B109-42FD-B219-FF12CA543F19}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition (HKLM-x32\...\{90140000-001F-040C-0000-0000000FF1CE}_Office14.PUBLISHER_{82F87E28-B18E-46D6-A399-E2F19CF5949B}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0C0A-0000-0000000FF1CE}_Office14.PUBLISHER_{5E8EB600-8B94-429E-873E-98369C6DC1BC}) (Version:  - Microsoft)
Update for Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0409-0000-0000000FF1CE}_HOMESTUDENTR_{199DF7B6-169C-448C-B511-1054101BE9C9}) (Version:  - Microsoft)
Update for Microsoft Office OneNote 2007 Help (KB963670) (HKLM-x32\...\{90120000-00A1-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2744EF05-38E1-4D5D-B333-E021EDAEA245}) (Version:  - Microsoft)
Update for Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0409-0000-0000000FF1CE}_HOMESTUDENTR_{397B1D4F-ED7B-4ACA-A637-43B670843876}) (Version:  - Microsoft)
Update for Microsoft Office Script Editor Help (KB963671) (HKLM-x32\...\{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{CD11C6A2-FFC6-4271-8EAB-79C3582F505C}) (Version:  - Microsoft)
Update for Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0409-0000-0000000FF1CE}_HOMESTUDENTR_{80E762AA-C921-4839-9D7D-DB62A72C0726}) (Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PUBLISHER_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version:  - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PUBLISHER_{F9F5A080-AF38-4966-9A6B-C43DCA465035}) (Version:  - Microsoft)
Ventrilo Client for Windows x64 (HKLM\...\{EEB3F6BB-318D-4CE5-989F-8191FCBFB578}) (Version: 3.0.8.0 - Flagship Industries, Inc.)
Verizon Wireless Software Upgrade Assistant - Samsung(ar) (HKLM-x32\...\{A3070098-A41D-42D9-B6D3-2EF15285E719}) (Version: 2.14.0605 - Samsung Electronics Co., Ltd.)
Verizon Wireless Software Utility Application for Android - Samsung (HKLM-x32\...\{B5300E76-AA13-4542-8E0E-776A280FE47E}) (Version: 2.14.0503 - Samsung Electronics Co., Ltd.)
Warframe (HKLM-x32\...\Steam App 230410) (Version:  - Digital Extremes)
WestwoodChat (HKLM-x32\...\{7CAE6A67-AF7B-4A6A-8705-8AFACA45BB60}) (Version: 1.0.0.0 - WestwoodChat)
WestwoodOnline (HKLM-x32\...\{BBCD6D56-8A26-4DDE-9482-DBC9C7B7341D}) (Version: 1.0.0.0 - WestwoodOnline)
Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3502.0922 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4225.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Language Selector (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Messenger (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Sync (HKLM-x32\...\{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}) (Version: 14.0.8089.726 - Microsoft Corporation)
Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
WinRAR 4.00 (64-bit) (HKLM\...\WinRAR archiver) (Version: 4.00.0 - win.rar GmbH)
WinZip 15.0 (HKLM-x32\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C240C0}) (Version: 15.0.9334 - WinZip Computing, S.L. )
Zinio Reader 4 (HKLM-x32\...\ZinioReader4.9310D8F796442B71068C511E15D70529A702D19D.1) (Version: 4.0.2811 - Zinio LLC)
Zinio Reader 4 (x32 Version: 4.0.2811 - Zinio LLC) Hidden
 
==================== Custom CLSID (selected items): ==========================
 
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
 
CustomCLSID: HKU\S-1-5-21-732149340-772113115-3497680213-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Dylan\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-732149340-772113115-3497680213-1000_Classes\CLSID\{083f5ae0-2b0a-11dd-bd0b-0800200c9a66}\InprocServer32 -> C:\Windows\system32\mscoree.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-732149340-772113115-3497680213-1000_Classes\CLSID\{25815CC0-43F4-3C75-8C3A-A139D9ADE740}\InprocServer32 -> C:\Windows\system32\mscoree.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-732149340-772113115-3497680213-1000_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users\Dylan\AppData\Local\Google\Update\1.3.23.9\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-732149340-772113115-3497680213-1000_Classes\CLSID\{5b55a44a-d008-49aa-9234-86fb7709bc0a}\InprocServer32 -> C:\Windows\system32\mscoree.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-732149340-772113115-3497680213-1000_Classes\CLSID\{9CF1512B-6019-4573-9466-57AA61960209}\InprocServer32 -> C:\Windows\system32\mscoree.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-732149340-772113115-3497680213-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Dylan\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-732149340-772113115-3497680213-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Dylan\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-732149340-772113115-3497680213-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Dylan\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-732149340-772113115-3497680213-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Dylan\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-732149340-772113115-3497680213-1000_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\Dylan\AppData\Local\Google\Update\1.3.24.7\psuser_64.dll No File
 
==================== Restore Points  =========================
 
21-07-2010 05:31:01 Removed WestwoodChat
10-10-2014 19:34:37 Windows Update
10-10-2014 21:32:38 avast! antivirus system restore point
10-10-2014 23:23:09 Windows Update
12-10-2014 19:28:26 Installed DirectX
 
==================== Hosts content: ==========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2009-07-13 21:34 - 2009-06-10 16:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
 
==================== Scheduled Tasks (whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
 
Task: {0E93729B-DEA2-4B05-8783-EB9B82937E58} - System32\Tasks\EPSON XP-610 Series Update {CF03BCF8-DB26-498D-8115-8FCBE9C606A0} => C:\Windows\system32\spool\DRIVERS\x64\3\E_ITSLQE.EXE [2013-02-27] (SEIKO EPSON CORPORATION)
Task: {1AB57755-8FD7-432C-9A70-19D49DB4E606} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-09-26] (Piriform Ltd)
Task: {29ADE07F-2250-4A53-96F7-E864594E659A} - System32\Tasks\Core Temp Autostart => C:\Program Files\Core Temp\Core Temp.exe [2010-07-02] ()
Task: {2C8D1AA1-4D00-4B39-9ED4-3630EA86B431} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2012-09-27] (Hewlett-Packard Company)
Task: {38B46E76-98F1-4608-AF31-EC22F55B5899} - System32\Tasks\HPCeeScheduleForDylan => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2010-09-13] (Hewlett-Packard)
Task: {43A43A09-B1C1-470A-B056-C0B1DFAEFF64} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-10] (Google Inc.)
Task: {58F60788-1182-4E17-9B34-9B34F52AA8C4} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2012-09-27] (Hewlett-Packard Company)
Task: {60E762D2-368E-4537-B936-7A45B6929058} - System32\Tasks\{D2703A6C-80DA-4AC3-8E4A-313B841ABC4E} => Firefox.exe http://ui.skype.com/ui/0/5.3.0.111/en/abandoninstall?page=tsChrome&amp;installinfo=google-toolbar:notoffered;ienotdefaultbrowser2,google-chrome:offered-installed;madedefault
Task: {72CA2BC7-BE5F-45F4-858C-B1F870F4902F} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2014-09-22] (Hewlett-Packard)
Task: {765C2AA4-C0FD-4542-B17A-53D5EB46B8F2} - System32\Tasks\{F84A67E3-AC60-46F2-92DF-8CB2DA7C5C40} => C:\Program Files (x86)\Skype\\Phone\Skype.exe [2013-06-21] (Skype Technologies S.A.)
Task: {79BFA70C-06D0-448E-B9C2-405486C59C6D} - System32\Tasks\PCMeter\Startup => C:\Users\Dylan\Desktop\PCMeter\PCMeterV0.3.exe [2012-08-25] (AddGadgets)
Task: {7A253C94-3293-4CA8-98BE-AB3056C247F6} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-10] (Google Inc.)
Task: {8288043C-4A9A-476C-BAD0-CEE1CDA29B28} - System32\Tasks\Apple Diagnostics => C:\Program Files (x86)\Common Files\Apple\Internet Services\EReporter.exe [2014-08-25] (Apple Inc.)
Task: {8E0B08C5-E91E-4EFB-97A1-B0B083E75A50} - System32\Tasks\{6E519831-7E4E-4B2F-83FE-5916AC68D920} => C:\Users\Dylan\Desktop\SKIDROW\FalloutNVLauncher.exe
Task: {A5DABCD1-6B04-421E-950A-AA70FBDC7645} - System32\Tasks\SidebarExecute => C:\Program Files (x86)\Windows Sidebar\sidebar.exe [2010-11-20] (Microsoft Corporation)
Task: {C7E69528-D376-481E-BB7A-56594C291191} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2014-05-12] (Hewlett-Packard Company)
Task: {DF5D2A89-8FC3-4D3C-A358-53389C62B79B} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {E68F3576-32C9-499A-AA6F-FA6F70705829} - System32\Tasks\EPSON XP-610 Series Invitation {CF03BCF8-DB26-498D-8115-8FCBE9C606A0} => C:\Windows\system32\spool\DRIVERS\x64\3\E_ITSLQE.EXE [2013-02-27] (SEIKO EPSON CORPORATION)
Task: {F1388B62-4BA2-4432-B8C6-45382BDD9BF5} - System32\Tasks\PC Meter\Startup => C:\Users\Dylan\Desktop\PCMeter\PCMeter.exe
Task: {FFC09314-2F12-4C6F-9A72-A4EC39B63938} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-08-27] (AVAST Software)
Task: C:\Windows\Tasks\EPSON XP-610 Series Invitation {CF03BCF8-DB26-498D-8115-8FCBE9C606A0}.job => C:\Windows\system32\spool\DRIVERS\x64\3\E_ITSLQE.EXE
Task: C:\Windows\Tasks\EPSON XP-610 Series Update {CF03BCF8-DB26-498D-8115-8FCBE9C606A0}.job => C:\Windows\system32\spool\DRIVERS\x64\3\E_ITSLQE.EXE
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\HPCeeScheduleForDylan.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
 
==================== Loaded Modules (whitelisted) =============
 
2011-12-10 22:05 - 2014-09-13 16:53 - 00116880 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2010-10-02 23:34 - 2014-06-02 03:05 - 00076888 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2011-08-03 03:39 - 2010-07-02 13:52 - 00530448 _____ () C:\Program Files\Core Temp\Core Temp.exe
2014-10-10 19:15 - 2013-02-18 08:23 - 00695808 _____ () C:\Program Files (x86)\Dual Monitor\ExplorerHook64.dll
2014-08-27 17:10 - 2014-08-27 17:10 - 00301152 _____ () C:\Program Files\AVAST Software\Avast\aswProperty.dll
2014-10-14 12:25 - 2014-10-14 12:25 - 02873856 _____ () C:\Program Files\AVAST Software\Avast\defs\14101400\algo.dll
2014-02-12 20:58 - 2014-02-12 20:58 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-02-12 20:58 - 2014-02-12 20:58 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2014-08-27 17:10 - 2014-08-27 17:10 - 19329904 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2014-08-30 22:20 - 2014-08-21 13:15 - 01171456 _____ () C:\Program Files (x86)\Steam\libavcodec-56.dll
2014-08-30 22:20 - 2014-08-21 13:15 - 00442368 _____ () C:\Program Files (x86)\Steam\libavutil-54.dll
2014-08-30 22:20 - 2014-08-21 13:15 - 00332800 _____ () C:\Program Files (x86)\Steam\libavresample-2.dll
2013-03-12 17:10 - 2014-09-03 14:28 - 00774656 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2014-05-21 23:17 - 2014-09-22 23:32 - 02226880 _____ () C:\Program Files (x86)\Steam\video.dll
2014-08-30 22:20 - 2014-08-21 13:15 - 00403968 _____ () C:\Program Files (x86)\Steam\libavformat-56.dll
2014-08-30 22:20 - 2014-08-21 13:15 - 00485888 _____ () C:\Program Files (x86)\Steam\libswscale-3.dll
2011-07-12 23:08 - 2014-09-22 23:32 - 00679616 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2014-10-10 18:22 - 2014-10-01 00:54 - 01042760 _____ () C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.101\libglesv2.dll
2014-10-10 18:22 - 2014-10-01 00:54 - 00211272 _____ () C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.101\libegl.dll
2014-10-10 18:22 - 2014-10-01 00:54 - 08911176 _____ () C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.101\pdf.dll
2014-10-10 18:22 - 2014-10-01 00:54 - 01681224 _____ () C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.101\ffmpegsumo.dll
2010-10-01 17:25 - 2014-09-04 18:29 - 34589376 _____ () C:\Program Files (x86)\Steam\bin\libcef.dll
2014-08-14 21:33 - 2014-09-04 18:29 - 00837824 _____ () C:\Program Files (x86)\Steam\bin\ffmpegsumo.dll
2014-10-10 18:22 - 2014-10-01 00:54 - 14891848 _____ () C:\Program Files (x86)\Google\Chrome\Application\38.0.2125.101\PepperFlash\pepflashplayer.dll
 
==================== Alternate Data Streams (whitelisted) =========
 
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
 
 
==================== Safe Mode (whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
 
==================== EXE Association (whitelisted) =============
 
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
 
 
==================== MSCONFIG/TASK MANAGER disabled items =========
 
(Currently there is no automatic fix for this section.)
 
MSCONFIG\Services: BEService => 3
MSCONFIG\Services: CinemaNow Service => 2
MSCONFIG\Services: DAUpdaterSvc => 3
MSCONFIG\Services: LMIMaint => 2
MSCONFIG\Services: LogMeIn => 2
MSCONFIG\Services: MozillaMaintenance => 3
MSCONFIG\Services: SkypeUpdate => 2
MSCONFIG\Services: TeamViewer7 => 2
MSCONFIG\Services: TomTomHOMEService => 2
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Snapfish PictureMover.lnk => C:\Windows\pss\Snapfish PictureMover.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^Dylan^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OneNote 2007 Screen Clipper and Launcher.lnk => C:\Windows\pss\OneNote 2007 Screen Clipper and Launcher.lnk.Startup
MSCONFIG\startupfolder: C:^Users^Dylan^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Xfire.lnk => C:\Windows\pss\Xfire.lnk.Startup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: Adobe Reader Speed Launcher => "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: DAEMON Tools Lite => "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
MSCONFIG\startupreg: EPLTarget => 
MSCONFIG\startupreg: Google Update => "C:\Users\Dylan\AppData\Local\Google\Update\GoogleUpdate.exe" /c
MSCONFIG\startupreg: HP Software Update => c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: LogMeIn GUI => "C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe"
MSCONFIG\startupreg: LTCM Client => C:\Program Files (x86)\LTCM Client\ltcmClient.exe /startup
MSCONFIG\startupreg: MSC => "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
MSCONFIG\startupreg: NVIDIA nTune => "C:\Program Files (x86)\NVIDIA Corporation\nTune\nTuneCmd.exe" clear
MSCONFIG\startupreg: PDF Complete => C:\Program Files (x86)\PDF Complete\pdfsty.exe
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
MSCONFIG\startupreg: SmartMenu => C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe /background
MSCONFIG\startupreg: StartCCC => "c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: TomTomHOME.exe => "C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe"
 
========================= Accounts: ==========================
 
Administrator (S-1-5-21-732149340-772113115-3497680213-500 - Administrator - Disabled)
ASPNET (S-1-5-21-732149340-772113115-3497680213-1005 - Limited - Enabled)
Dylan (S-1-5-21-732149340-772113115-3497680213-1000 - Administrator - Enabled) => C:\Users\Dylan
Guest (S-1-5-21-732149340-772113115-3497680213-501 - Limited - Disabled)
Holly (S-1-5-21-732149340-772113115-3497680213-1001 - Administrator - Enabled) => C:\Users\Holly
HomeGroupUser$ (S-1-5-21-732149340-772113115-3497680213-1003 - Limited - Enabled)
 
==================== Faulty Device Manager Devices =============
 
Name: LogMeIn Mirror Driver
Description: LogMeIn Mirror Driver
Class Guid: {4d36e968-e325-11ce-bfc1-08002be10318}
Manufacturer: LogMeIn, Inc.
Service: lmimirr
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
 
Name: MpKsl8bede882
Description: MpKsl8bede882
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: MpKsl8bede882
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (10/14/2014 02:35:04 PM) (Source: SideBySide) (EventID: 59) (User: )
Description: Activation context generation failed for "1".Error in manifest or policy file "2" on line 3.
Invalid Xml syntax.
 
Error: (10/14/2014 02:32:51 PM) (Source: SideBySide) (EventID: 59) (User: )
Description: Activation context generation failed for "1".Error in manifest or policy file "2" on line 3.
Invalid Xml syntax.
 
Error: (10/14/2014 02:32:22 PM) (Source: SideBySide) (EventID: 59) (User: )
Description: Activation context generation failed for "1".Error in manifest or policy file "2" on line 3.
Invalid Xml syntax.
 
Error: (10/12/2014 06:19:07 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest2" on line C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Component 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
 
Error: (10/12/2014 05:52:39 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest2" on line C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Component 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
 
Error: (10/12/2014 01:10:11 PM) (Source: Windows Search Service) (EventID: 7010) (User: )
Description: The index cannot be initialized.
 
 
Details:
The content index catalog is corrupt.  (HRESULT : 0xc0041801) (0xc0041801)
 
Error: (10/12/2014 01:10:11 PM) (Source: Windows Search Service) (EventID: 3058) (User: )
Description: The application cannot be initialized.
 
Context: Windows Application
 
 
Details:
The content index catalog is corrupt.  (HRESULT : 0xc0041801) (0xc0041801)
 
Error: (10/12/2014 01:10:11 PM) (Source: Windows Search Service) (EventID: 3028) (User: )
Description: The gatherer object cannot be initialized.
 
Context: Windows Application, SystemIndex Catalog
 
 
Details:
The content index catalog is corrupt.  (HRESULT : 0xc0041801) (0xc0041801)
 
Error: (10/12/2014 01:10:11 PM) (Source: Windows Search Service) (EventID: 3029) (User: )
Description: The plug-in in <Search.TripoliIndexer> cannot be initialized.
 
Context: Windows Application, SystemIndex Catalog
 
 
Details:
Element not found.  (HRESULT : 0x80070490) (0x80070490)
 
Error: (10/12/2014 01:09:54 PM) (Source: Windows Search Service) (EventID: 3029) (User: )
Description: The plug-in in <Search.JetPropStore> cannot be initialized.
 
Context: Windows Application, SystemIndex Catalog
 
 
Details:
The content index catalog is corrupt.  (HRESULT : 0xc0041801) (0xc0041801)
 
 
System errors:
=============
Error: (10/14/2014 04:17:51 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The WinRing0_1_2_0 service failed to start due to the following error: 
%%2
 
Error: (10/14/2014 04:12:57 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The atksgt service failed to start due to the following error: 
%%1275
 
Error: (10/14/2014 04:12:57 PM) (Source: Application Popup) (EventID: 875) (User: )
Description: Driver atksgt.sys has been blocked from loading.
 
Error: (10/14/2014 04:12:37 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10000) (User: NT AUTHORITY)
Description: WLAN Extensibility Module has failed to start.
 
Module Path: C:\Windows\system32\RAIHV.dll
Error Code: 126
 
Error: (10/14/2014 03:29:38 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The WinRing0_1_2_0 service failed to start due to the following error: 
%%2
 
Error: (10/14/2014 03:26:11 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The atksgt service failed to start due to the following error: 
%%1275
 
Error: (10/14/2014 03:26:11 PM) (Source: Application Popup) (EventID: 875) (User: )
Description: Driver atksgt.sys has been blocked from loading.
 
Error: (10/14/2014 03:25:47 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10000) (User: NT AUTHORITY)
Description: WLAN Extensibility Module has failed to start.
 
Module Path: C:\Windows\system32\RAIHV.dll
Error Code: 126
 
Error: (10/14/2014 02:44:59 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The WinRing0_1_2_0 service failed to start due to the following error: 
%%2
 
Error: (10/14/2014 02:44:03 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The iPod Service service failed to start due to the following error: 
%%1053
 
 
Microsoft Office Sessions:
=========================
 
==================== Memory info =========================== 
 
Processor: AMD Phenom™ II X4 820 Processor
Percentage of memory in use: 43%
Total physical RAM: 6143.29 MB
Available physical RAM: 3487.73 MB
Total Pagefile: 12284.75 MB
Available Pagefile: 9288.17 MB
Total Virtual: 8192 MB
Available Virtual: 8191.84 MB
 
==================== Drives ================================
 
Drive c: (OS) (Fixed) (Total:919.33 GB) (Free:205.64 GB) NTFS
Drive d: (HP_RECOVERY) (Fixed) (Total:12.08 GB) (Free:1.48 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive e: (LOTRBFME2EP1) (CDROM) (Total:2.5 GB) (Free:0 GB) UDF
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 855ED430)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=919.3 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=12.1 GB) - (Type=07 NTFS)
 
==================== End Of Log ============================

 

Attached Files

  • Attached File  MBAM.txt   49bytes   2 downloads


#6 deeprybka

deeprybka

  • Malware Response Team
  • 5,198 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:10:46 AM

Posted 15 October 2014 - 05:51 AM

Hi,
please do the following:

Step 1

frst.pngfrstfix.png

Press thew7.png + R on your keyboard at the same time. Type notepad and click OK.
  • Copy the entire content of the codebox below and paste into the notepad document:
    Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File
    FF Plugin: @microsoft.com/GENUINE -> disabled No File
    FF Plugin-x32: @garmin.com/GpsControl -> C:\Program Files (x86)\Garmin GPS Plugin\npGarmin.dll No File
    FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
    FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
    HKLM-x32\...\Run: [] => [X]
    FF Extension: No Name - C:\Users\Dylan\AppData\Roaming\Mozilla\Firefox\Profiles\atsiy84j.default\extensions\plugin@yontoo.com [Not Found]
    CHR StartupUrls: Default -> "[url=https://search.yahoo.com/?type=282369&fr=spigot-yhp-ch]https://search.yahoo.com/?type=282369&fr=spigot-yhp-ch"[/url]
    EmptyTemp:
    
     

  • Click File, Save As and type fixlist.txt as the File Name.
Both files, FRST and fixlist.txt have to be in the same location or the fix will not work!
  • Right-click on FRST.gif icon and select RunAsAdmin.jpg Run as Administrator to start the tool.
    (XP users click run after receipt of Windows Security Warning - Open File).
  • Press the Fix button just once and wait.
  • If for some reason the tool needs a restart, please make sure you let the system restart normally. After that let the tool complete its run.
  • When finished FRST will generate a log on the Desktop, called Fixlog.txt.
Please post it to your reply.


After the Reboot:

Step 2

Please download hitmanpro_32.pngHitmanPro 32-bit / HitmanPro 64-bit by SurfRight and save it to your desktop.
  • Right-click onhitmanpro.pngicon and select admin.PNGRun as Administrator to start the tool.
  • If the program won't run please run it while holding down the left CTRL key until it's loaded!
  • Click on the Next button (1). You must agree with the terms of EULA (2 - if asked).
  • Check the box beside "No, I only want to perform a one-time scan to check this computer" and click on the Next button. (3)
  • The program will start to scan the computer. It would only take several minutes.
  • When the scan is done click on Save Log (4) and close HitmanPro! (5)
  • Copy and paste the content of the log file in your next reply.
hitman.gif


Step 3

frst.pngfrstscan.png

Start FRST with administator privileges.
  • Press the Scan button.
  • When finished, FRST will produce a log (FRST.txt) in the same directory the tool was run from.
    Please copy and paste the log in your next reply.

regards,
deeprybka
:busy:
Neminem laede, immo omnes, quantum potes, iuva. Arthur Schopenhauer
 
unite_blue.png
asap.png

#7 dylan458

dylan458
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:03:46 AM

Posted 15 October 2014 - 06:11 PM

HitmanPro 3.7.9.225
www.hitmanpro.com
 
   Computer name . . . . : DYLANS-HP
   Windows . . . . . . . : 6.1.1.7601.X64/4
   User name . . . . . . : Dylans-HP\Dylan
   UAC . . . . . . . . . : Disabled
   License . . . . . . . : Free
 
   Scan date . . . . . . : 2014-10-15 17:55:10
   Scan mode . . . . . . : Normal
   Scan duration . . . . : 12m 10s
   Disk access mode  . . : Direct disk access (SRB)
   Cloud . . . . . . . . : Internet
   Reboot  . . . . . . . : No
 
   Threats . . . . . . . : 0
   Traces  . . . . . . . : 72
 
   Objects scanned . . . : 2,362,827
   Files scanned . . . . : 117,739
   Remnants scanned  . . : 979,685 files / 1,265,403 keys
 
Miniport ____________________________________________________________________
 
   Primary
      DriverObject . . . : FFFFFA80054626B0
      DriverName . . . . : \Driver\amd_sata
      DriverPath . . . . : \SystemRoot\system32\DRIVERS\amd_sata.sys
      StartIo  . . . . . : 0000000000000000 +0
      IRP_MJ_SCSI  . . . : FFFFFA80054402C0 +0
   Solution
      DriverObject . . . : FFFFFA80054626B0
      DriverName . . . . : \Driver\amd_sata
      DriverPath . . . . : \SystemRoot\system32\DRIVERS\amd_sata.sys
      StartIo  . . . . . : 0000000000000000 +0
      IRP_MJ_SCSI  . . . : FFFFF88000C016C0 \SystemRoot\system32\DRIVERS\storport.sys+5824
 
Suspicious files ____________________________________________________________
 
   C:\Users\Dylan\AppData\Local\PunkBuster\BC2\pb\dll\wc002261.dll
      Size . . . . . . . : 951,318 bytes
      Age  . . . . . . . : 1387.7 days (2010-12-28 01:36:35)
      Entropy  . . . . . : 7.6
      SHA-256  . . . . . : 07F342FC49BF00281C514B364399E7FD98C36888DF680304C7807C827336E939
      Fuzzy  . . . . . . : 29.0
         The .reloc (relocation) section in this program contains code. This is an indication of malware infection.
         Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
         Authors name is missing in version info. This is not common to most programs.
         Version control is missing. This file is probably created by an individual. This is not typical for most programs.
         Program contains PE structure anomalies. This is not typical for most programs.
 
   C:\Users\Dylan\AppData\Local\PunkBuster\BC2\pb\dll\wc002272.dll
      Size . . . . . . . : 953,145 bytes
      Age  . . . . . . . : 1223.1 days (2011-06-10 16:06:59)
      Entropy  . . . . . : 7.6
      SHA-256  . . . . . : E1C07F31EC35315E00F8AB0BE5C4F80DD9AAEBEE7E760BBF9AFCC02D35BEBF2F
      Fuzzy  . . . . . . : 29.0
         The .reloc (relocation) section in this program contains code. This is an indication of malware infection.
         Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
         Authors name is missing in version info. This is not common to most programs.
         Version control is missing. This file is probably created by an individual. This is not typical for most programs.
         Program contains PE structure anomalies. This is not typical for most programs.
 
   C:\Users\Dylan\AppData\Local\PunkBuster\BC2\pb\dll\wc002277.dll
      Size . . . . . . . : 960,138 bytes
      Age  . . . . . . . : 1152.8 days (2011-08-19 21:39:29)
      Entropy  . . . . . : 7.6
      SHA-256  . . . . . : 70053EEA7AC3C1427D779B3F258A13CF74B02980DCDDEFBC24B341CFFA1E4AA2
      Fuzzy  . . . . . . : 29.0
         The .reloc (relocation) section in this program contains code. This is an indication of malware infection.
         Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
         Authors name is missing in version info. This is not common to most programs.
         Version control is missing. This file is probably created by an individual. This is not typical for most programs.
         Program contains PE structure anomalies. This is not typical for most programs.
 
   C:\Users\Dylan\AppData\Local\PunkBuster\BC2\pb\pbcl.dll
      Size . . . . . . . : 962,185 bytes
      Age  . . . . . . . : 668.7 days (2012-12-16 02:02:44)
      Entropy  . . . . . : 7.6
      SHA-256  . . . . . : C8E59E65AE451CE761E7C48F8BA802CD17513057DEA65A4D4B4F6001153FD414
      Fuzzy  . . . . . . : 29.0
         The .reloc (relocation) section in this program contains code. This is an indication of malware infection.
         Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
         Authors name is missing in version info. This is not common to most programs.
         Version control is missing. This file is probably created by an individual. This is not typical for most programs.
         Program contains PE structure anomalies. This is not typical for most programs.
 
   C:\Users\Dylan\AppData\Local\PunkBuster\BC2\pb\pbclold.dll
      Size . . . . . . . : 960,138 bytes
      Age  . . . . . . . : 1387.8 days (2010-12-27 22:19:12)
      Entropy  . . . . . : 7.6
      SHA-256  . . . . . : 70053EEA7AC3C1427D779B3F258A13CF74B02980DCDDEFBC24B341CFFA1E4AA2
      Fuzzy  . . . . . . : 29.0
         The .reloc (relocation) section in this program contains code. This is an indication of malware infection.
         Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
         Authors name is missing in version info. This is not common to most programs.
         Version control is missing. This file is probably created by an individual. This is not typical for most programs.
         Program contains PE structure anomalies. This is not typical for most programs.
 
   C:\Users\Dylan\AppData\Local\PunkBuster\BC2\pb\PnkBstrK.sys
      Size . . . . . . . : 139,048 bytes
      Age  . . . . . . . : 1387.8 days (2010-12-27 22:19:24)
      Entropy  . . . . . : 7.8
      SHA-256  . . . . . : A935B2B22381F56ED9F78AF35FE20333F974CB4CB1257763434B7667DE17AD57
      RSA Key Size . . . : 2048
      Authenticode . . . : Valid
      Fuzzy  . . . . . . : 22.0
         The .reloc (relocation) section in this program contains code. This is an indication of malware infection.
         Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
         Authors name is missing in version info. This is not common to most programs.
         Version control is missing. This file is probably created by an individual. This is not typical for most programs.
         Program contains PE structure anomalies. This is not typical for most programs.
         The file is a device driver. Device drivers run as trusted (highly privileged) code.
         Program is code signed with a valid Authenticode certificate.
 
   C:\Users\Dylan\AppData\Local\PunkBuster\BF3\pb\dll\wc002331.dll
      Size . . . . . . . : 963,480 bytes
      Age  . . . . . . . : 135.6 days (2014-06-02 03:05:21)
      Entropy  . . . . . : 7.6
      SHA-256  . . . . . : 4693498864B2A4C15EECDD4D132FFDFEDE3F9E4BAFA427F77BC87046A7352D1E
      RSA Key Size . . . : 2048
      Authenticode . . . : Valid
      Fuzzy  . . . . . . : 22.0
         The .reloc (relocation) section in this program contains code. This is an indication of malware infection.
         Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
         Authors name is missing in version info. This is not common to most programs.
         Version control is missing. This file is probably created by an individual. This is not typical for most programs.
         Program contains PE structure anomalies. This is not typical for most programs.
         Program is code signed with a valid Authenticode certificate.
 
   C:\Users\Dylan\AppData\Local\PunkBuster\BF3\pb\pbcl.dll
      Size . . . . . . . : 963,480 bytes
      Age  . . . . . . . : 135.6 days (2014-06-02 03:05:21)
      Entropy  . . . . . : 7.6
      SHA-256  . . . . . : 4693498864B2A4C15EECDD4D132FFDFEDE3F9E4BAFA427F77BC87046A7352D1E
      RSA Key Size . . . : 2048
      Authenticode . . . : Valid
      Fuzzy  . . . . . . : 22.0
         The .reloc (relocation) section in this program contains code. This is an indication of malware infection.
         Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
         Authors name is missing in version info. This is not common to most programs.
         Version control is missing. This file is probably created by an individual. This is not typical for most programs.
         Program contains PE structure anomalies. This is not typical for most programs.
         Program is code signed with a valid Authenticode certificate.
 
   C:\Users\Dylan\AppData\Local\PunkBuster\BF3\pb\pbclold.dll
      Size . . . . . . . : 951,497 bytes
      Age  . . . . . . . : 137.1 days (2014-05-31 14:51:43)
      Entropy  . . . . . : 7.6
      SHA-256  . . . . . : 43358BBCEC1EBE7927CA3B0A3DCA0597D5E8584F0FCBE987B8126A0C12D73A2B
      Fuzzy  . . . . . . : 29.0
         The .reloc (relocation) section in this program contains code. This is an indication of malware infection.
         Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
         Authors name is missing in version info. This is not common to most programs.
         Version control is missing. This file is probably created by an individual. This is not typical for most programs.
         Program contains PE structure anomalies. This is not typical for most programs.
 
   C:\Users\Dylan\AppData\Local\PunkBuster\BF3\pb\PnkBstrK.sys
      Size . . . . . . . : 140,072 bytes
      Age  . . . . . . . : 137.1 days (2014-05-31 14:51:56)
      Entropy  . . . . . : 7.7
      SHA-256  . . . . . : CC3F4E453FC246B64C09E81BB73741CECC897C805C13815336647E986A60301E
      RSA Key Size . . . : 2048
      Authenticode . . . : Valid
      Fuzzy  . . . . . . : 22.0
         The .reloc (relocation) section in this program contains code. This is an indication of malware infection.
         Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
         Authors name is missing in version info. This is not common to most programs.
         Version control is missing. This file is probably created by an individual. This is not typical for most programs.
         Program contains PE structure anomalies. This is not typical for most programs.
         The file is a device driver. Device drivers run as trusted (highly privileged) code.
         Program is code signed with a valid Authenticode certificate.
 
   C:\Users\Dylan\AppData\Local\PunkBuster\BLR\pb\pbcl.dll
      Size . . . . . . . : 963,613 bytes
      Age  . . . . . . . : 832.1 days (2012-07-05 15:48:42)
      Entropy  . . . . . : 7.6
      SHA-256  . . . . . : E7EB0F070DDDBDC1793677B6EF811338CDCEC5AE744A032C223DD1763D97A56B
      Fuzzy  . . . . . . : 29.0
         The .reloc (relocation) section in this program contains code. This is an indication of malware infection.
         Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
         Authors name is missing in version info. This is not common to most programs.
         Version control is missing. This file is probably created by an individual. This is not typical for most programs.
         Program contains PE structure anomalies. This is not typical for most programs.
 
   C:\Users\Dylan\AppData\Local\PunkBuster\BLR\pb\PnkBstrK.sys
      Size . . . . . . . : 140,480 bytes
      Age  . . . . . . . : 832.1 days (2012-07-05 15:49:06)
      Entropy  . . . . . : 7.7
      SHA-256  . . . . . : 64063C820C5972BBD6E524C68065570BF54D85FA0FFE0BD063B6954298F7D015
      RSA Key Size . . . : 2048
      Authenticode . . . : Valid
      Fuzzy  . . . . . . : 22.0
         The .reloc (relocation) section in this program contains code. This is an indication of malware infection.
         Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
         Authors name is missing in version info. This is not common to most programs.
         Version control is missing. This file is probably created by an individual. This is not typical for most programs.
         Program contains PE structure anomalies. This is not typical for most programs.
         The file is a device driver. Device drivers run as trusted (highly privileged) code.
         Program is code signed with a valid Authenticode certificate.
 
   C:\Users\Dylan\AppData\Local\PunkBuster\COD2\pb\pbcl.dll
      Size . . . . . . . : 895,020 bytes
      Age  . . . . . . . : 1212.3 days (2011-06-21 09:52:47)
      Entropy  . . . . . : 7.6
      SHA-256  . . . . . : E5E9F99D84718EF7CF5E6AA6E63DD70E074C3244AADA3F3092EB36165AD095AF
      Fuzzy  . . . . . . : 29.0
         The .reloc (relocation) section in this program contains code. This is an indication of malware infection.
         Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
         Authors name is missing in version info. This is not common to most programs.
         Version control is missing. This file is probably created by an individual. This is not typical for most programs.
         Program contains PE structure anomalies. This is not typical for most programs.
 
   C:\Users\Dylan\AppData\Local\PunkBuster\COD4\pb\pbcl.dll
      Size . . . . . . . : 914,287 bytes
      Age  . . . . . . . : 1469.0 days (2010-10-07 18:53:03)
      Entropy  . . . . . : 7.6
      SHA-256  . . . . . : 36785D9C76A976FEF10D484009C2DDD33375EEC19C3E42A30D0571EC7C866B00
      Fuzzy  . . . . . . : 29.0
         The .reloc (relocation) section in this program contains code. This is an indication of malware infection.
         Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
         Authors name is missing in version info. This is not common to most programs.
         Version control is missing. This file is probably created by an individual. This is not typical for most programs.
         Program contains PE structure anomalies. This is not typical for most programs.
 
   C:\Users\Dylan\AppData\Local\PunkBuster\COD4\pb\pbcls.dll
      Size . . . . . . . : 914,287 bytes
      Age  . . . . . . . : 1469.0 days (2010-10-07 18:53:03)
      Entropy  . . . . . : 7.6
      SHA-256  . . . . . : 36785D9C76A976FEF10D484009C2DDD33375EEC19C3E42A30D0571EC7C866B00
      Fuzzy  . . . . . . : 29.0
         The .reloc (relocation) section in this program contains code. This is an indication of malware infection.
         Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
         Authors name is missing in version info. This is not common to most programs.
         Version control is missing. This file is probably created by an individual. This is not typical for most programs.
         Program contains PE structure anomalies. This is not typical for most programs.
 
   C:\Users\Dylan\AppData\Local\PunkBuster\COD4\pb\PnkBstrK.sys
      Size . . . . . . . : 138,160 bytes
      Age  . . . . . . . : 1469.0 days (2010-10-07 18:55:03)
      Entropy  . . . . . : 7.8
      SHA-256  . . . . . : 171C32702C73ECD6EAD6A120C5E0BCE649444BE4068C4ECA4C548644DF151A5E
      RSA Key Size . . . : 1024
      Authenticode . . . : Valid
      Fuzzy  . . . . . . : 22.0
         The .reloc (relocation) section in this program contains code. This is an indication of malware infection.
         Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
         Authors name is missing in version info. This is not common to most programs.
         Version control is missing. This file is probably created by an individual. This is not typical for most programs.
         Program contains PE structure anomalies. This is not typical for most programs.
         The file is a device driver. Device drivers run as trusted (highly privileged) code.
         Program is code signed with a valid Authenticode certificate.
 
   C:\Users\Dylan\AppData\Local\PunkBuster\COD\pb\pbcl.dll
      Size . . . . . . . : 869,527 bytes
      Age  . . . . . . . : 1218.1 days (2011-06-15 14:38:07)
      Entropy  . . . . . : 7.5
      SHA-256  . . . . . : 6EFC020A37D5684DD4643EEF512D4B4925061043D8FD26106D32CD6F2C73BC7A
      Fuzzy  . . . . . . : 29.0
         The .reloc (relocation) section in this program contains code. This is an indication of malware infection.
         Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
         Authors name is missing in version info. This is not common to most programs.
         Version control is missing. This file is probably created by an individual. This is not typical for most programs.
         Program contains PE structure anomalies. This is not typical for most programs.
 
   C:\Users\Dylan\AppData\Local\PunkBuster\HOS\pb\pbcl.dll
      Size . . . . . . . : 951,877 bytes
      Age  . . . . . . . : 486.2 days (2013-06-16 14:10:01)
      Entropy  . . . . . : 7.6
      SHA-256  . . . . . : 833CB80463E9181DBCC24242B392B70E6E80DD72A07B79727AB9936FCADEDD2A
      Fuzzy  . . . . . . : 29.0
         The .reloc (relocation) section in this program contains code. This is an indication of malware infection.
         Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
         Authors name is missing in version info. This is not common to most programs.
         Version control is missing. This file is probably created by an individual. This is not typical for most programs.
         Program contains PE structure anomalies. This is not typical for most programs.
 
   C:\Users\Dylan\AppData\Local\PunkBuster\HOS\pb\pbclold.dll
      Size . . . . . . . : 951,877 bytes
      Age  . . . . . . . : 491.2 days (2013-06-11 14:06:30)
      Entropy  . . . . . : 7.6
      SHA-256  . . . . . : 833CB80463E9181DBCC24242B392B70E6E80DD72A07B79727AB9936FCADEDD2A
      Fuzzy  . . . . . . : 29.0
         The .reloc (relocation) section in this program contains code. This is an indication of malware infection.
         Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
         Authors name is missing in version info. This is not common to most programs.
         Version control is missing. This file is probably created by an individual. This is not typical for most programs.
         Program contains PE structure anomalies. This is not typical for most programs.
 
   C:\Users\Dylan\AppData\Local\PunkBuster\HOS\pb\PnkBstrK.sys
      Size . . . . . . . : 140,064 bytes
      Age  . . . . . . . : 491.2 days (2013-06-11 14:06:48)
      Entropy  . . . . . : 7.8
      SHA-256  . . . . . : 2AEFE7B3E097739C6102DB1F7228BC5A5573590CE0479B655295B1B3CA567D7B
      RSA Key Size . . . : 2048
      Authenticode . . . : Valid
      Fuzzy  . . . . . . : 22.0
         The .reloc (relocation) section in this program contains code. This is an indication of malware infection.
         Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
         Authors name is missing in version info. This is not common to most programs.
         Version control is missing. This file is probably created by an individual. This is not typical for most programs.
         Program contains PE structure anomalies. This is not typical for most programs.
         The file is a device driver. Device drivers run as trusted (highly privileged) code.
         Program is code signed with a valid Authenticode certificate.
 
   C:\Users\Dylan\AppData\Local\PunkBuster\WAW\pb\dll\wc002259.dll
      Size . . . . . . . : 961,128 bytes
      Age  . . . . . . . : 1398.8 days (2010-12-16 23:01:17)
      Entropy  . . . . . : 7.6
      SHA-256  . . . . . : 292C79D834C7F9B4C541E3C9C9CFE10B3DC15298466D69F0C069AE7DE6B879F7
      Fuzzy  . . . . . . : 29.0
         The .reloc (relocation) section in this program contains code. This is an indication of malware infection.
         Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
         Authors name is missing in version info. This is not common to most programs.
         Version control is missing. This file is probably created by an individual. This is not typical for most programs.
         Program contains PE structure anomalies. This is not typical for most programs.
 
   C:\Users\Dylan\AppData\Local\PunkBuster\WAW\pb\dll\wc002308.dll
      Size . . . . . . . : 965,697 bytes
      Age  . . . . . . . : 620.9 days (2013-02-01 19:31:35)
      Entropy  . . . . . : 7.6
      SHA-256  . . . . . : 466B849A45E907E5A30C890D74F3A37C5C9FC5737BEF8EA216444949004B0C24
      Fuzzy  . . . . . . : 29.0
         The .reloc (relocation) section in this program contains code. This is an indication of malware infection.
         Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
         Authors name is missing in version info. This is not common to most programs.
         Version control is missing. This file is probably created by an individual. This is not typical for most programs.
         Program contains PE structure anomalies. This is not typical for most programs.
 
   C:\Users\Dylan\AppData\Local\PunkBuster\WAW\pb\pbcl.dll
      Size . . . . . . . : 965,697 bytes
      Age  . . . . . . . : 620.9 days (2013-02-01 19:31:35)
      Entropy  . . . . . : 7.6
      SHA-256  . . . . . : 466B849A45E907E5A30C890D74F3A37C5C9FC5737BEF8EA216444949004B0C24
      Fuzzy  . . . . . . : 29.0
         The .reloc (relocation) section in this program contains code. This is an indication of malware infection.
         Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
         Authors name is missing in version info. This is not common to most programs.
         Version control is missing. This file is probably created by an individual. This is not typical for most programs.
         Program contains PE structure anomalies. This is not typical for most programs.
 
   C:\Users\Dylan\AppData\Local\PunkBuster\WAW\pb\pbclold.dll
      Size . . . . . . . : 961,128 bytes
      Age  . . . . . . . : 1473.8 days (2010-10-02 23:38:58)
      Entropy  . . . . . : 7.6
      SHA-256  . . . . . : 292C79D834C7F9B4C541E3C9C9CFE10B3DC15298466D69F0C069AE7DE6B879F7
      Fuzzy  . . . . . . : 29.0
         The .reloc (relocation) section in this program contains code. This is an indication of malware infection.
         Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
         Authors name is missing in version info. This is not common to most programs.
         Version control is missing. This file is probably created by an individual. This is not typical for most programs.
         Program contains PE structure anomalies. This is not typical for most programs.
 
   C:\Users\Dylan\AppData\Local\PunkBuster\WAW\pb\pbcls.dll
      Size . . . . . . . : 894,906 bytes
      Age  . . . . . . . : 1473.7 days (2010-10-03 00:00:02)
      Entropy  . . . . . : 7.6
      SHA-256  . . . . . : 2D2039C8996CF49274B07C84169A3754093F176CF390A846B825AF02B32A73A5
      Fuzzy  . . . . . . : 29.0
         The .reloc (relocation) section in this program contains code. This is an indication of malware infection.
         Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
         Authors name is missing in version info. This is not common to most programs.
         Version control is missing. This file is probably created by an individual. This is not typical for most programs.
         Program contains PE structure anomalies. This is not typical for most programs.
 
   C:\Users\Dylan\AppData\Local\PunkBuster\WAW\pb\PnkBstrK.sys
      Size . . . . . . . : 139,488 bytes
      Age  . . . . . . . : 1473.8 days (2010-10-02 23:39:09)
      Entropy  . . . . . : 7.7
      SHA-256  . . . . . : B521667C371DC46F5CFA81730F2A29091C32BCA2699B6321C79A097068DEF160
      RSA Key Size . . . : 1024
      Authenticode . . . : Valid
      Fuzzy  . . . . . . : 22.0
         The .reloc (relocation) section in this program contains code. This is an indication of malware infection.
         Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
         Authors name is missing in version info. This is not common to most programs.
         Version control is missing. This file is probably created by an individual. This is not typical for most programs.
         Program contains PE structure anomalies. This is not typical for most programs.
         The file is a device driver. Device drivers run as trusted (highly privileged) code.
         Program is code signed with a valid Authenticode certificate.
 
   C:\Users\Dylan\Documents\BFBC2\pb\pbcl.dll
      Size . . . . . . . : 960,138 bytes
      Age  . . . . . . . : 1031.9 days (2011-12-18 19:41:16)
      Entropy  . . . . . : 7.6
      SHA-256  . . . . . : 70053EEA7AC3C1427D779B3F258A13CF74B02980DCDDEFBC24B341CFFA1E4AA2
      Fuzzy  . . . . . . : 29.0
         The .reloc (relocation) section in this program contains code. This is an indication of malware infection.
         Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
         Authors name is missing in version info. This is not common to most programs.
         Version control is missing. This file is probably created by an individual. This is not typical for most programs.
         Program contains PE structure anomalies. This is not typical for most programs.
 
   C:\Users\Dylan\Downloads\FRST-OlderVersion\FRST64.exe
      Size . . . . . . . : 2,110,464 bytes
      Age  . . . . . . . : 3.2 days (2014-10-12 13:17:42)
      Entropy  . . . . . : 7.5
      SHA-256  . . . . . : 0E52DE12BA16B91F3ED2A3407709E1C4984B2BED617C0C58782E1D4FEA74EFCB
      Needs elevation  . : Yes
      Fuzzy  . . . . . . : 24.0
         Program has no publisher information but prompts the user for permission elevation.
         Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
         Authors name is missing in version info. This is not common to most programs.
         Version control is missing. This file is probably created by an individual. This is not typical for most programs.
         Time indicates that the file appeared recently on this computer.
      Forensic Cluster
          0.0s C:\Users\Dylan\Downloads\FRST-OlderVersion\FRST64.exe
          0.0s C:\Users\Dylan\Downloads\FRST-OlderVersion\FRST64.exe
          0.2s C:\Users\Dylan\AppData\Roaming\Dropbox\shellext\l\543ac5c7
 
   C:\Users\Dylan\Downloads\FRST64.exe
      Size . . . . . . . : 2,111,488 bytes
      Age  . . . . . . . : 0.0 days (2014-10-15 17:25:55)
      Entropy  . . . . . : 7.5
      SHA-256  . . . . . : 9E08075333C377229E2763BC669558FC99F9BD3AB1FE14882E581D2F74E9A5BC
      Needs elevation  . : Yes
      Fuzzy  . . . . . . : 24.0
         Program has no publisher information but prompts the user for permission elevation.
         Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
         Authors name is missing in version info. This is not common to most programs.
         Version control is missing. This file is probably created by an individual. This is not typical for most programs.
         Time indicates that the file appeared recently on this computer.
      Forensic Cluster
          0.0s C:\Users\Dylan\Downloads\FRST64.exe
          3.4s C:\Users\Dylan\Downloads\FRST-OlderVersion\
 
 
Potential Unwanted Programs _________________________________________________
 
   HKU\S-1-5-21-732149340-772113115-3497680213-1001\Software\Microsoft\Internet Explorer\SearchScopes\{488361CF-B7B5-40C9-8103-38546E4F1EA0}\ (AskBar)
 
Cookies _____________________________________________________________________
 
   C:\Users\Dylan\AppData\Local\Google\Chrome\User Data\Default\Cookies:doubleclick.net
   C:\Users\Holly\AppData\Roaming\Mozilla\Firefox\Profiles\eda75s1f.default\cookies.sqlite:2o7.net
   C:\Users\Holly\AppData\Roaming\Mozilla\Firefox\Profiles\eda75s1f.default\cookies.sqlite:ad.wsod.com
   C:\Users\Holly\AppData\Roaming\Mozilla\Firefox\Profiles\eda75s1f.default\cookies.sqlite:ad.yieldmanager.com
   C:\Users\Holly\AppData\Roaming\Mozilla\Firefox\Profiles\eda75s1f.default\cookies.sqlite:adbrite.com
   C:\Users\Holly\AppData\Roaming\Mozilla\Firefox\Profiles\eda75s1f.default\cookies.sqlite:ads.associatedcontent.com
   C:\Users\Holly\AppData\Roaming\Mozilla\Firefox\Profiles\eda75s1f.default\cookies.sqlite:ads.inhabitat.com
   C:\Users\Holly\AppData\Roaming\Mozilla\Firefox\Profiles\eda75s1f.default\cookies.sqlite:ads.pointroll.com
   C:\Users\Holly\AppData\Roaming\Mozilla\Firefox\Profiles\eda75s1f.default\cookies.sqlite:ads.undertone.com
   C:\Users\Holly\AppData\Roaming\Mozilla\Firefox\Profiles\eda75s1f.default\cookies.sqlite:advertising.com
   C:\Users\Holly\AppData\Roaming\Mozilla\Firefox\Profiles\eda75s1f.default\cookies.sqlite:apmebf.com
   C:\Users\Holly\AppData\Roaming\Mozilla\Firefox\Profiles\eda75s1f.default\cookies.sqlite:at.atwola.com
   C:\Users\Holly\AppData\Roaming\Mozilla\Firefox\Profiles\eda75s1f.default\cookies.sqlite:atdmt.com
   C:\Users\Holly\AppData\Roaming\Mozilla\Firefox\Profiles\eda75s1f.default\cookies.sqlite:bs.serving-sys.com
   C:\Users\Holly\AppData\Roaming\Mozilla\Firefox\Profiles\eda75s1f.default\cookies.sqlite:chitika.net
   C:\Users\Holly\AppData\Roaming\Mozilla\Firefox\Profiles\eda75s1f.default\cookies.sqlite:clicksor.com
   C:\Users\Holly\AppData\Roaming\Mozilla\Firefox\Profiles\eda75s1f.default\cookies.sqlite:collective-media.net
   C:\Users\Holly\AppData\Roaming\Mozilla\Firefox\Profiles\eda75s1f.default\cookies.sqlite:content.yieldmanager.com
   C:\Users\Holly\AppData\Roaming\Mozilla\Firefox\Profiles\eda75s1f.default\cookies.sqlite:doubleclick.net
   C:\Users\Holly\AppData\Roaming\Mozilla\Firefox\Profiles\eda75s1f.default\cookies.sqlite:edge.ru4.com
   C:\Users\Holly\AppData\Roaming\Mozilla\Firefox\Profiles\eda75s1f.default\cookies.sqlite:fastclick.net
   C:\Users\Holly\AppData\Roaming\Mozilla\Firefox\Profiles\eda75s1f.default\cookies.sqlite:in.getclicky.com
   C:\Users\Holly\AppData\Roaming\Mozilla\Firefox\Profiles\eda75s1f.default\cookies.sqlite:interclick.com
   C:\Users\Holly\AppData\Roaming\Mozilla\Firefox\Profiles\eda75s1f.default\cookies.sqlite:invitemedia.com
   C:\Users\Holly\AppData\Roaming\Mozilla\Firefox\Profiles\eda75s1f.default\cookies.sqlite:kontera.com
   C:\Users\Holly\AppData\Roaming\Mozilla\Firefox\Profiles\eda75s1f.default\cookies.sqlite:media6degrees.com
   C:\Users\Holly\AppData\Roaming\Mozilla\Firefox\Profiles\eda75s1f.default\cookies.sqlite:mediaplex.com
   C:\Users\Holly\AppData\Roaming\Mozilla\Firefox\Profiles\eda75s1f.default\cookies.sqlite:paypal.112.2o7.net
   C:\Users\Holly\AppData\Roaming\Mozilla\Firefox\Profiles\eda75s1f.default\cookies.sqlite:pointroll.com
   C:\Users\Holly\AppData\Roaming\Mozilla\Firefox\Profiles\eda75s1f.default\cookies.sqlite:questionmarket.com
   C:\Users\Holly\AppData\Roaming\Mozilla\Firefox\Profiles\eda75s1f.default\cookies.sqlite:ru4.com
   C:\Users\Holly\AppData\Roaming\Mozilla\Firefox\Profiles\eda75s1f.default\cookies.sqlite:serving-sys.com
   C:\Users\Holly\AppData\Roaming\Mozilla\Firefox\Profiles\eda75s1f.default\cookies.sqlite:snapfish.112.2o7.net
   C:\Users\Holly\AppData\Roaming\Mozilla\Firefox\Profiles\eda75s1f.default\cookies.sqlite:specificclick.net
   C:\Users\Holly\AppData\Roaming\Mozilla\Firefox\Profiles\eda75s1f.default\cookies.sqlite:stats.paypal.com
   C:\Users\Holly\AppData\Roaming\Mozilla\Firefox\Profiles\eda75s1f.default\cookies.sqlite:statse.webtrendslive.com
   C:\Users\Holly\AppData\Roaming\Mozilla\Firefox\Profiles\eda75s1f.default\cookies.sqlite:tacoda.net
   C:\Users\Holly\AppData\Roaming\Mozilla\Firefox\Profiles\eda75s1f.default\cookies.sqlite:track.rewards-confirmation.info
   C:\Users\Holly\AppData\Roaming\Mozilla\Firefox\Profiles\eda75s1f.default\cookies.sqlite:trafficmp.com
   C:\Users\Holly\AppData\Roaming\Mozilla\Firefox\Profiles\eda75s1f.default\cookies.sqlite:tribalfusion.com
   C:\Users\Holly\AppData\Roaming\Mozilla\Firefox\Profiles\eda75s1f.default\cookies.sqlite:www.burstnet.com
   C:\Users\Holly\AppData\Roaming\Mozilla\Firefox\Profiles\eda75s1f.default\cookies.sqlite:zedo.com
 
 
 
 
 
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 15-10-2014 02
Ran by Dylan (administrator) on DYLANS-HP on 15-10-2014 18:09:46
Running from C:\Users\Dylan\Downloads
Loaded Profiles: Dylan & Holly (Available profiles: Dylan & Holly)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AMD) C:\Windows\System32\atieclxx.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Photoshop Elements 7.0\PhotoshopElementsFileAgent.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(SEIKO EPSON CORPORATION) C:\Program Files\EPSON\EpsonCustomerParticipation\EPCP.exe
(Seiko Epson Corporation) C:\Windows\System32\escsvc64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(PDF Complete Inc) C:\Program Files (x86)\PDF Complete\pdfsvc.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
() C:\Program Files\Core Temp\Core Temp.exe
(AddGadgets) C:\Users\Dylan\Desktop\PCMeter\PCMeterV0.3.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\WMPSideShowGadget.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe
(Logitech Inc.) C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe
(Logitech Inc.) C:\Program Files\Logitech\GamePanel Software\LGDevAgt.exe
(Logitech Inc.) C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Cristi) C:\Program Files (x86)\Dual Monitor\DualMonitor.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(SAMSUNG Electornics Co., Ltd.) C:\Users\Dylan\AppData\Roaming\VERIZON\UA_ar\UA.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(SEIKO EPSON CORPORATION) C:\Program Files (x86)\EPSON Software\Event Manager\EEventManager.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Razer Inc.) C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [hpsysdrv] => c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe [62768 2008-11-20] (Hewlett-Packard)
HKLM\...\Run: [Nvtmru] => "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe"
HKLM\...\Run: [Launch LGDCore] => C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe [4725320 2010-08-03] (Logitech Inc.)
HKLM\...\Run: [Launch LgDeviceAgent] => C:\Program Files\Logitech\GamePanel Software\LgDevAgt.exe [415816 2010-08-03] (Logitech Inc.)
HKLM\...\Run: [Launch LCDMon] => C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe [2412616 2010-08-03] (Logitech Inc.)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2463552 2014-10-04] (NVIDIA Corporation)
HKLM-x32\...\Run: [Microsoft Default Manager] => C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe [288088 2009-11-11] (Microsoft Corporation)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [4085896 2014-08-27] (AVAST Software)
HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [1058880 2013-03-28] (SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-01-17] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-09-01] (Apple Inc.)
HKLM-x32\...\Run: [Razer Synapse] => C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe [585560 2014-06-23] (Razer Inc.)
HKLM\...\RunOnce: [NCPluginUpdater] => C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe [21720 2014-10-07] (Hewlett-Packard)
HKU\S-1-5-21-732149340-772113115-3497680213-1000\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [43816 2014-08-08] (Apple Inc.)
HKU\S-1-5-21-732149340-772113115-3497680213-1000\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [43816 2014-08-14] (Apple Inc.)
HKU\S-1-5-21-732149340-772113115-3497680213-1000\...\Run: [iCloudDrive] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe [43816 2014-08-15] (Apple Inc.)
HKU\S-1-5-21-732149340-772113115-3497680213-1000\...\Run: [dualmonitor] => C:\Program Files (x86)\Dual Monitor\DualMonitor.exe [478720 2013-02-18] (Cristi)
HKU\S-1-5-21-732149340-772113115-3497680213-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [6482200 2014-09-26] (Piriform Ltd)
HKU\S-1-5-21-732149340-772113115-3497680213-1000\...\MountPoints2: J - J:\SETUP.EXE
HKU\S-1-5-21-732149340-772113115-3497680213-1000\...\MountPoints2: K - K:\Installer.exe
HKU\S-1-5-21-732149340-772113115-3497680213-1000\...\MountPoints2: L - L:\setup.exe
HKU\S-1-5-21-732149340-772113115-3497680213-1000\...\MountPoints2: {0d94e651-00a6-11e0-b28f-d485649b86de} - J:\Install.exe
HKU\S-1-5-21-732149340-772113115-3497680213-1000\...\MountPoints2: {0d94e674-00a6-11e0-b28f-d485649b86de} - O:\Install.exe
HKU\S-1-5-21-732149340-772113115-3497680213-1000\...\MountPoints2: {2b065ba8-92f3-11e3-9a30-806e6f6e6963} - E:\Autorun.exe
HKU\S-1-5-21-732149340-772113115-3497680213-1000\...\MountPoints2: {36b94185-d85c-11e3-9733-d485649b86de} - K:\VZW_Software_upgrade_assistant.exe
HKU\S-1-5-21-732149340-772113115-3497680213-1001\...\Run: [HPAdvisorDock] => C:\Program Files (x86)\Hewlett-Packard\HP Advisor\Dock\HPAdvisorDock.exe
HKU\S-1-5-21-732149340-772113115-3497680213-1001\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-01-17] (Apple Inc.)
HKU\S-1-5-21-732149340-772113115-3497680213-1001\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [357696 2010-04-01] (DT Soft Ltd)
HKU\S-1-5-21-732149340-772113115-3497680213-1001\...\Run: [NVIDIA nTune] => "C:\Program Files (x86)\NVIDIA Corporation\nTune\nTuneCmd.exe" clear
HKU\S-1-5-21-732149340-772113115-3497680213-1001\...\Run: [EPLTarget\P0000000000000000] => C:\Windows\system32\spool\DRIVERS\x64\3\E_IATILQE.EXE [297024 2013-01-24] (SEIKO EPSON CORPORATION)
HKU\S-1-5-21-732149340-772113115-3497680213-1001\...\MountPoints2: J - J:\SETUP.EXE
HKU\S-1-5-21-732149340-772113115-3497680213-1001\...\MountPoints2: K - K:\Autorun.exe
HKU\S-1-5-21-732149340-772113115-3497680213-1001\...\MountPoints2: {0d94e651-00a6-11e0-b28f-d485649b86de} - J:\autorun.exe
HKU\S-1-5-21-732149340-772113115-3497680213-1001\...\MountPoints2: {712088b3-a84a-11df-ab50-806e6f6e6963} - E:\Autoplay.exe -auto
IFEO\ehshell.exe: [Debugger] "C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe" -MceShellRedirect
Startup: C:\Users\Dylan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Verizon Wireless Software Utility Application for Android – Samsung.lnk
ShortcutTarget: Verizon Wireless Software Utility Application for Android – Samsung.lnk -> C:\Users\Dylan\AppData\Roaming\VERIZON\UA_ar\UA.exe (SAMSUNG Electornics Co., Ltd.)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Dylan\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Dylan\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Dylan\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Dylan\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Dylan\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Dylan\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Dylan\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Dylan\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll (Dropbox, Inc.)
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPDSK/1
Toolbar: HKLM - avast! WebRep - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} -  No File
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.254.254
 
FireFox:
========
FF ProfilePath: C:\Users\Dylan\AppData\Roaming\Mozilla\Firefox\Profiles\atsiy84j.default
FF DefaultSearchEngine: Yahoo!
FF SelectedSearchEngine: Yahoo!
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_11_5_502_149.dll ()
FF Plugin: @garmin.com/GpsControl -> C:\Program Files\Garmin GPS Plugin\npGarmin.dll (GARMIN Corp.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_5_502_149.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @esn/npbattlelog,version=2.4.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.4.0\npbattlelog.dll (EA Digital Illusions CE AB)
FF Plugin-x32: @java.com/DTPlugin,version=10.45.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.45.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\NPcol400.dll (Catalina Marketing Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF SearchPlugin: C:\Users\Dylan\AppData\Roaming\Mozilla\Firefox\Profiles\atsiy84j.default\searchplugins\yahoo_ff.xml
FF Extension: LogMeIn, Inc. Remote Access Plugin - C:\Users\Dylan\AppData\Roaming\Mozilla\Firefox\Profiles\atsiy84j.default\Extensions\LogMeInClient@logmein.com [2011-06-14]
FF Extension: 4chan Extension - C:\Users\Dylan\AppData\Roaming\Mozilla\Firefox\Profiles\atsiy84j.default\Extensions\extension@4chan.org.xpi [2012-02-12]
FF Extension: Adblock Plus - C:\Users\Dylan\AppData\Roaming\Mozilla\Firefox\Profiles\atsiy84j.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2011-11-19]
FF Extension: Greasemonkey - C:\Users\Dylan\AppData\Roaming\Mozilla\Firefox\Profiles\atsiy84j.default\Extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi [2012-08-24]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2013-08-19]
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\extensions\{AB2CE124-6272-4b12-94A9-7303C7397BD1} [2012-11-21]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} [2012-11-21]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} [2012-11-21]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} [2012-11-21]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2013-08-19]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2012-01-25]
FF Extension: No Name - C:\Users\Dylan\AppData\Roaming\Mozilla\Firefox\Profiles\atsiy84j.default\extensions\plugin@yontoo.com [Not Found]
 
Chrome: 
=======
CHR HomePage: Default -> https://www.google.com/
CHR Profile: C:\Users\Dylan\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Dylan\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-05-21]
CHR Extension: (avast! Online Security) - C:\Users\Dylan\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-08-27]
CHR Extension: (Skype Click to Call) - C:\Users\Dylan\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2013-08-19]
CHR Extension: (Google Wallet) - C:\Users\Dylan\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-20]
CHR Extension: (Space Planet) - C:\Users\Dylan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ppcocpoeoiajndepaaimnnglicichmbb [2014-10-10]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-08-27]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx [2013-05-14]
 
==================== Services (Whitelisted) =================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-08-27] (AVAST Software)
S4 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [49152 2013-03-02] () [File not signed]
R2 EpsonScanSvc; C:\Windows\system32\EscSvc64.exe [144560 2012-05-17] (Seiko Epson Corporation)
S3 FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [651720 2010-10-17] (Macrovision Europe Ltd.) [File not signed]
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1149760 2014-10-04] (NVIDIA Corporation)
R2 HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [86528 2012-09-27] (Hewlett-Packard Company) [File not signed]
R2 LightScribeService; c:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [73728 2010-05-19] (Hewlett-Packard Company) [File not signed]
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe [376144 2014-07-19] (LogMeIn, Inc.)
R2 LogMeIn; C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe [407424 2010-12-16] (LogMeIn, Inc.)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1796928 2014-10-04] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [19440960 2014-10-04] (NVIDIA Corporation)
R2 pdfcDispatcher; C:\Program Files (x86)\PDF Complete\pdfsvc.exe [635416 2009-10-14] (PDF Complete Inc)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2014-06-02] ()
 
==================== Drivers (Whitelisted) ====================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-08-27] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-08-27] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-08-27] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-08-27] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1041168 2014-08-27] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [427360 2014-08-27] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [92008 2014-08-27] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [224896 2014-08-27] ()
S2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [310728 2011-07-31] ()
S3 CpqDfw; C:\Windows\System32\drivers\CpqDfw.sys [27456 2012-05-29] (Windows ® Codename Longhorn DDK provider)
S3 CYUSB; C:\Windows\System32\Drivers\CYUSB.sys [47104 2009-08-10] (Cypress Semiconductor)
S3 danewFltr; C:\Windows\System32\drivers\danew.sys [12032 2010-03-23] (Razer (Asia-Pacific) Pte Ltd) [File not signed]
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [43168 2011-07-31] ()
R2 LMIInfo; C:\Program Files (x86)\LogMeIn\x64\RaInfo.sys [16056 2013-06-07] (LogMeIn, Inc.)
S4 LMIRfsClientNP; No ImagePath
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [20288 2014-10-04] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [38048 2014-09-04] (NVIDIA Corporation)
R3 rzdaendpt; C:\Windows\System32\DRIVERS\rzdaendpt.sys [33448 2014-05-19] (Razer Inc)
R3 rzvkeyboard; C:\Windows\System32\DRIVERS\rzvkeyboard.sys [31400 2014-05-19] (Razer Inc)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [834544 2010-12-05] () [File not signed]
S3 usbbus; C:\Windows\System32\DRIVERS\lgx64bus.sys [17920 2008-11-11] (LG Electronics Inc.)
S3 UsbDiag; C:\Windows\System32\DRIVERS\lgx64diag.sys [27136 2008-11-11] (LG Electronics Inc.)
S3 USBModem; C:\Windows\System32\DRIVERS\lgx64modem.sys [33792 2008-11-11] (LG Electronics Inc.)
U3 ai06ui1z; C:\Windows\System32\Drivers\ai06ui1z.sys [0 ] (Microsoft Corporation)
R3 ALSysIO; \??\C:\Users\Dylan\AppData\Local\Temp\ALSysIO64.sys [X]
S3 GGSAFERDriver; \??\C:\Program Files (x86)\Garena\safedrv.sys [X]
S1 MpKsl8bede882; \??\c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{512B9F8D-CF19-40A8-BACF-4D9393528237}\MpKsl8bede882.sys [X]
S3 sxuptp; system32\DRIVERS\sxuptp.sys [X]
S3 VBoxNetFlt; system32\DRIVERS\VBoxNetFlt.sys [X]
R3 WinRing0_1_2_0; \??\C:\Users\Dylan\AppData\Local\Temp\tmpB856.tmp [X]
S3 X6va003; \??\C:\Users\Dylan\AppData\Local\Temp\0039F73.tmp [X]
S3 XFDriver64; \??\C:\Program Files (x86)\Xfire2\XFDriver64.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
 
 
==================== One Month Created Files and Folders ========
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2014-10-15 18:07 - 2014-10-15 18:07 - 00067736 _____ () C:\Users\Dylan\Downloads\hitmanlog.log
2014-10-15 17:54 - 2014-10-15 18:07 - 00000000 ____D () C:\ProgramData\HitmanPro
2014-10-15 17:52 - 2014-10-15 17:54 - 11194928 _____ (SurfRight B.V.) C:\Users\Dylan\Downloads\HitmanPro_x64.exe
2014-10-15 17:25 - 2014-10-15 17:25 - 00000000 ____D () C:\Users\Dylan\Downloads\FRST-OlderVersion
2014-10-14 18:12 - 2014-10-15 00:04 - 00000000 ____D () C:\Users\Dylan\AppData\Local\LogMeInIgnition
2014-10-14 14:49 - 2014-10-14 16:40 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-10-14 14:49 - 2014-10-14 14:49 - 00001064 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-10-14 14:49 - 2014-10-14 14:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-10-14 14:49 - 2014-10-14 14:49 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-10-14 14:49 - 2014-10-14 14:49 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-10-14 14:49 - 2014-10-01 11:11 - 00093400 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-10-14 14:49 - 2014-10-01 11:11 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-10-14 14:49 - 2014-10-01 11:11 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-10-14 14:47 - 2014-10-14 14:48 - 19828376 _____ (Malwarebytes Corporation ) C:\Users\Dylan\Downloads\mbam-setup-2.0.3.1025.exe
2014-10-14 14:40 - 2014-10-15 17:33 - 00000840 _____ () C:\Windows\setupact.log
2014-10-14 14:40 - 2014-10-15 17:32 - 00087576 _____ () C:\Windows\PFRO.log
2014-10-14 14:40 - 2014-10-14 14:40 - 00000000 _____ () C:\Windows\setuperr.log
2014-10-14 14:34 - 2014-10-14 15:41 - 00000000 ____D () C:\AdwCleaner
2014-10-14 14:34 - 2014-10-14 14:34 - 01976320 _____ () C:\Users\Dylan\Downloads\adwcleaner_4.000.exe
2014-10-12 18:01 - 2014-10-13 05:33 - 00000000 ____D () C:\Users\Dylan\Downloads\Darksiders - SKIDROW
2014-10-12 13:20 - 2014-10-14 16:45 - 00057997 _____ () C:\Users\Dylan\Downloads\Addition.txt
2014-10-12 13:18 - 2014-10-15 18:09 - 00024564 _____ () C:\Users\Dylan\Downloads\FRST.txt
2014-10-12 13:18 - 2014-10-15 18:09 - 00000000 ____D () C:\FRST
2014-10-12 13:17 - 2014-10-15 17:25 - 02111488 _____ (Farbar) C:\Users\Dylan\Downloads\FRST64.exe
2014-10-11 23:26 - 2014-10-11 23:27 - 04965896 _____ (Piriform Ltd) C:\Users\Dylan\Downloads\ccsetup418.exe
2014-10-10 19:16 - 2014-10-10 19:16 - 00002217 _____ () C:\Users\Public\Desktop\Google Chrome (2).lnk
2014-10-10 19:15 - 2014-10-10 19:15 - 00001012 _____ () C:\Users\Public\Desktop\Dual Monitor.lnk
2014-10-10 19:15 - 2014-10-10 19:15 - 00000000 ____D () C:\Users\Dylan\AppData\Roaming\Dual Monitor
2014-10-10 19:15 - 2014-10-10 19:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dual Monitor
2014-10-10 19:15 - 2014-10-10 19:15 - 00000000 ____D () C:\Program Files (x86)\Dual Monitor
2014-10-10 19:14 - 2014-10-10 19:14 - 00855093 _____ (Cristi Diaconu ) C:\Users\Dylan\Downloads\DualMonitor 1.22 Setup.exe
2014-10-10 18:22 - 2014-10-10 18:22 - 00002217 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-10-10 18:22 - 2014-10-10 18:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-10-10 18:19 - 2014-10-15 17:43 - 00000892 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-10-10 18:19 - 2014-10-15 17:24 - 00000896 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-10-10 18:19 - 2014-10-10 18:19 - 00003892 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-10-10 18:19 - 2014-10-10 18:19 - 00003640 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-10-10 16:41 - 2014-10-10 16:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast
2014-10-08 12:17 - 2014-10-08 12:17 - 00000000 ____D () C:\Users\Dylan\Documents\WB Games
2014-10-08 12:17 - 2014-10-08 12:17 - 00000000 ____D () C:\Users\Dylan\AppData\Roaming\Steam
2014-10-08 11:53 - 2014-10-11 23:26 - 00000000 ____D () C:\Program Files (x86)\Middle Earth Shadow of Mordor
2014-10-07 22:58 - 2014-10-07 22:59 - 00000000 ____D () C:\Program Files (x86)\Google
2014-10-06 20:03 - 2014-10-13 20:34 - 00000000 ____D () C:\Users\Dylan\AppData\Roaming\TS3Client
2014-10-06 20:03 - 2014-10-06 20:03 - 00001212 _____ () C:\Users\Dylan\Desktop\TeamSpeak 3 Client.lnk
2014-10-06 20:03 - 2014-10-06 20:03 - 00000000 ____D () C:\Users\Dylan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TeamSpeak 3 Client
2014-10-06 20:03 - 2014-10-06 20:03 - 00000000 ____D () C:\Users\Dylan\AppData\Local\TeamSpeak 3 Client
2014-10-06 19:58 - 2014-10-06 19:59 - 28115400 _____ (TeamSpeak Systems GmbH) C:\Users\Dylan\Downloads\TeamSpeak3-Client-win32-3.0.16.exe
2014-10-06 13:38 - 2014-10-06 13:38 - 27301724 _____ () C:\Users\Dylan\Downloads\torbrowser-install-3.6.6_en-US.exe
2014-10-05 21:15 - 2014-10-05 21:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mumble
2014-10-05 21:13 - 2014-10-05 21:15 - 00000000 ____D () C:\Program Files (x86)\Mumble
2014-10-05 21:12 - 2014-10-05 21:13 - 15391888 _____ () C:\Users\Dylan\Downloads\mumble-1.2.8_plus_MumbleComSkin.exe
2014-10-04 15:03 - 2014-10-15 17:44 - 00000000 ___RD () C:\Users\Dylan\iCloudDrive
2014-10-04 15:03 - 2014-10-04 15:03 - 00000000 ____D () C:\Users\Dylan\AppData\Local\Apple Inc
2014-10-04 14:18 - 2014-10-04 14:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud
2014-10-02 17:20 - 2014-10-04 22:38 - 00000000 ____D () C:\Users\Dylan\AppData\Local\DisplayFusion
2014-10-02 17:11 - 2014-10-02 17:11 - 00000000 __SHD () C:\Users\Dylan\AppData\Roaming\Common
2014-10-02 17:11 - 2014-10-02 17:11 - 00000000 ____D () C:\ProgramData\Binary Fortress Software
2014-10-02 17:10 - 2010-07-21 00:22 - 00000000 ____D () C:\Program Files (x86)\DisplayFusion
2014-10-02 17:06 - 2014-10-02 17:07 - 10533864 _____ (Binary Fortress Software ) C:\Users\Dylan\Downloads\DisplayFusionSetup-6.1.2.exe
2014-10-02 16:58 - 2014-10-02 16:58 - 00000000 ____D () C:\Program Files (x86)\AGEIA Technologies
2014-10-02 16:57 - 2014-09-13 15:13 - 00613696 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2014-10-02 16:53 - 2014-09-16 23:51 - 00197408 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys
2014-10-02 16:53 - 2014-09-16 23:51 - 00031520 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll
2014-10-02 16:53 - 2014-09-13 18:48 - 00867528 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2014-10-02 16:52 - 2014-09-13 18:48 - 31887680 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2014-10-02 16:52 - 2014-09-13 18:48 - 24552592 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2014-10-02 16:52 - 2014-09-13 18:48 - 20922512 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2014-10-02 16:52 - 2014-09-13 18:48 - 19954520 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2014-10-02 16:52 - 2014-09-13 18:48 - 17259664 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2014-10-02 16:52 - 2014-09-13 18:48 - 14026304 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2014-10-02 16:52 - 2014-09-13 18:48 - 13939272 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2014-10-02 16:52 - 2014-09-13 18:48 - 13157696 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2014-10-02 16:52 - 2014-09-13 18:48 - 11392576 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2014-10-02 16:52 - 2014-09-13 18:48 - 11330776 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2014-10-02 16:52 - 2014-09-13 18:48 - 04287296 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2014-10-02 16:52 - 2014-09-13 18:48 - 04008592 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2014-10-02 16:52 - 2014-09-13 18:48 - 01876296 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6434411.dll
2014-10-02 16:52 - 2014-09-13 18:48 - 01539272 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6434411.dll
2014-10-02 16:52 - 2014-09-13 18:48 - 00957584 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2014-10-02 16:52 - 2014-09-13 18:48 - 00925896 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2014-10-02 16:52 - 2014-09-13 18:48 - 00919240 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2014-10-02 16:52 - 2014-09-13 18:48 - 00894096 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2014-10-02 16:52 - 2014-09-13 18:48 - 00501064 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2014-10-02 16:52 - 2014-09-13 18:48 - 00417096 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2014-10-02 16:52 - 2014-09-13 18:48 - 00393024 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2014-10-02 16:52 - 2014-09-13 18:48 - 00352016 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2014-10-02 16:52 - 2014-09-13 18:48 - 00348304 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2014-10-02 16:52 - 2014-09-13 18:48 - 00303600 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2014-10-02 16:52 - 2014-09-13 18:48 - 00174856 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2014-10-02 16:52 - 2014-09-13 18:48 - 00156840 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2014-10-02 16:39 - 2014-10-02 16:40 - 07525087 _____ () C:\Users\Dylan\Downloads\Chronokeeper0.7.8.1.0.0.0.1.zip
2014-10-02 16:24 - 2014-10-02 16:24 - 00600638 _____ () C:\Users\Dylan\Downloads\OnTopReplica-3_5_1-Setup.exe
2014-10-02 16:24 - 2014-10-02 16:24 - 00000000 ____D () C:\Users\Dylan\AppData\Local\Lorenz_Cuno_Klopfenstein
2014-10-02 16:23 - 2014-10-02 16:23 - 00600635 _____ () C:\Users\Dylan\Downloads\ontopreplica-setup.exe
2014-10-02 16:08 - 2014-10-02 16:08 - 00000000 ____D () C:\Users\Dylan\AppData\Local\Razer
2014-10-01 15:52 - 2014-10-01 15:52 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_rzudd_01009.Wdf
2014-10-01 15:48 - 2014-10-01 15:48 - 00000000 ____D () C:\Users\Public\Documents\CrashDump
2014-10-01 15:47 - 2014-10-01 15:47 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_rzdaendpt_01009.Wdf
2014-10-01 15:46 - 2014-10-01 15:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Razer
2014-10-01 15:03 - 2014-10-01 15:03 - 00000000 ____D () C:\Users\Dylan\Downloads\codex-middle.earth.shadow.of.mordor
2014-10-01 12:23 - 2014-10-10 19:29 - 00000000 ____D () C:\Users\Dylan\Downloads\Middle.Earth.Shadow.of.Mordor-CODEX
2014-09-30 00:46 - 2014-09-04 14:14 - 00038048 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2014-09-30 00:46 - 2014-09-04 14:14 - 00032416 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2014-09-27 10:39 - 2014-09-28 22:07 - 00000000 ____D () C:\Users\Dylan\AppData\Local\Warframe
2014-09-26 21:27 - 2014-09-26 21:27 - 00000222 _____ () C:\Users\Dylan\Desktop\Warframe.url
2014-09-26 12:56 - 2014-09-26 12:56 - 00001320 _____ () C:\Users\Dylan\Desktop\Gauntlet.lnk
2014-09-26 12:30 - 2014-09-26 12:30 - 00000000 ____D () C:\Users\Dylan\AppData\Roaming\Arrowhead
2014-09-26 12:19 - 2014-09-26 12:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gauntlet
2014-09-26 12:18 - 2014-09-26 20:10 - 00000000 ____D () C:\Program Files (x86)\Gauntlet
2014-09-26 12:06 - 2014-09-26 12:16 - 00000000 ____D () C:\Users\Dylan\Documents\Endless Legend
2014-09-26 01:51 - 2014-09-26 03:35 - 00000000 ____D () C:\Users\Dylan\Downloads\Gauntlet [Steam-Rip]
2014-09-25 20:12 - 2014-09-25 20:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-09-25 20:11 - 2014-09-25 20:12 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-09-25 20:11 - 2014-09-25 20:12 - 00000000 ____D () C:\Program Files\iTunes
2014-09-25 20:11 - 2014-09-25 20:12 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-09-25 20:11 - 2014-09-25 20:11 - 00000000 ____D () C:\Program Files\iPod
2014-09-15 11:08 - 2014-09-15 11:08 - 00000000 ____D () C:\Users\Dylan\Downloads\Pink Floyd 1973 The Dark Side Of The Moon 2011 Remastered & Arts 320 Kbps
 
==================== One Month Modified Files and Folders =======
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2014-10-15 17:42 - 2009-07-13 23:45 - 00015792 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-10-15 17:42 - 2009-07-13 23:45 - 00015792 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-10-15 17:37 - 2010-08-15 01:51 - 01329335 _____ () C:\Windows\WindowsUpdate.log
2014-10-15 17:33 - 2014-05-26 18:10 - 00000966 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Client.lnk
2014-10-15 17:33 - 2014-05-26 18:10 - 00000950 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Control Panel.lnk
2014-10-15 17:32 - 2010-10-01 20:17 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-10-15 17:32 - 2009-07-14 00:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-10-15 17:27 - 2014-08-30 18:27 - 00000911 _____ () C:\Windows\Tasks\EPSON XP-610 Series Update {CF03BCF8-DB26-498D-8115-8FCBE9C606A0}.job
2014-10-15 17:27 - 2014-08-30 18:27 - 00000725 _____ () C:\Windows\Tasks\EPSON XP-610 Series Invitation {CF03BCF8-DB26-498D-8115-8FCBE9C606A0}.job
2014-10-15 17:27 - 2010-09-25 05:04 - 00000000 ____D () C:\Users\Dylan
2014-10-15 17:13 - 2014-02-13 03:37 - 00000000 ____D () C:\Users\Dylan\AppData\Local\Battle.net
2014-10-15 06:42 - 2010-11-08 16:50 - 00000000 ____D () C:\ProgramData\LogMeIn
2014-10-15 06:41 - 2010-09-25 05:15 - 00003930 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{A5260E60-952A-4C43-B6D0-F9FE84C1C654}
2014-10-14 21:01 - 2012-10-01 16:25 - 00003186 _____ () C:\Windows\System32\Tasks\HPCeeScheduleForDylan
2014-10-14 21:01 - 2012-10-01 16:25 - 00000332 _____ () C:\Windows\Tasks\HPCeeScheduleForDylan.job
2014-10-14 18:09 - 2010-09-25 10:39 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-10-14 15:29 - 2012-09-05 23:29 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-10-14 15:25 - 2011-06-30 11:35 - 00000000 ____D () C:\Windows\1C4551A64743409391E41477CD655043.TMP
2014-10-14 14:30 - 2011-04-22 21:34 - 00001945 _____ () C:\Windows\epplauncher.mif
2014-10-14 12:50 - 2010-12-05 15:29 - 00000000 ____D () C:\Users\Dylan\AppData\Roaming\uTorrent
2014-10-13 14:34 - 2011-11-21 21:22 - 00000000 _____ () C:\Windows\system32\HP_ActiveX_Patch_NOT_DETECTED.txt
2014-10-13 14:34 - 2010-10-11 18:25 - 00000052 _____ () C:\Windows\SysWOW64\DOErrors.log
2014-10-13 14:32 - 2010-10-11 18:24 - 00000000 ____D () C:\Users\Dylan\AppData\Roaming\HP Support Assistant
2014-10-13 14:32 - 2010-09-26 05:47 - 00000000 ____D () C:\Users\Dylan\AppData\Roaming\HpUpdate
2014-10-11 23:30 - 2012-01-12 00:04 - 00000000 ____D () C:\Users\Dylan\AppData\Roaming\TeamViewer
2014-10-11 23:29 - 2010-10-01 19:01 - 00000000 ____D () C:\Users\Dylan\AppData\Local\CrashDumps
2014-10-11 23:29 - 2010-09-25 08:37 - 00000000 ____D () C:\Windows\Minidump
2014-10-11 23:27 - 2012-08-10 16:23 - 00000784 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-10-11 23:27 - 2012-08-10 16:23 - 00000000 ____D () C:\Program Files\CCleaner
2014-10-10 19:29 - 2010-09-28 05:26 - 00000000 ____D () C:\Users\Holly
2014-10-10 19:29 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\AppCompat
2014-10-10 19:28 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\registration
2014-10-10 18:19 - 2012-09-14 23:51 - 00000000 ____D () C:\Users\Dylan\AppData\Local\Google
2014-10-10 18:19 - 2011-09-20 15:41 - 00000000 ____D () C:\Users\Dylan\AppData\Local\Deployment
2014-10-10 16:41 - 2013-01-12 16:57 - 00001928 _____ () C:\Users\Public\Desktop\avast! Free Antivirus.lnk
2014-10-10 16:33 - 2010-08-15 01:52 - 00000000 ____D () C:\ProgramData\PDFC
2014-10-07 15:54 - 2014-01-11 01:31 - 00000000 ____D () C:\Users\Dylan\AppData\Roaming\Guild Wars 2
2014-10-07 15:52 - 2012-09-16 00:31 - 00000000 ____D () C:\Users\Dylan\Documents\Guild Wars 2
2014-10-07 15:51 - 2012-03-13 18:48 - 00000000 ____D () C:\Users\Dylan\AppData\Roaming\Mumble
2014-10-04 16:28 - 2012-11-22 21:39 - 00000000 ____D () C:\Program Files (x86)\Diablo III
2014-10-04 16:27 - 2014-02-13 04:00 - 00000000 ____D () C:\Program Files (x86)\Hearthstone
2014-10-04 16:26 - 2014-02-13 03:37 - 00000000 ____D () C:\Program Files (x86)\Battle.net
2014-10-04 15:03 - 2010-10-01 19:59 - 00000000 ____D () C:\Users\Dylan\AppData\Roaming\Apple Computer
2014-10-04 01:42 - 2014-06-04 23:11 - 01291280 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspbridge.dll
2014-10-04 01:42 - 2013-10-30 11:18 - 02197680 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2014-10-04 01:41 - 2014-06-04 23:11 - 01715224 _____ (NVIDIA Corporation) C:\Windows\system32\nvspbridge64.dll
2014-10-04 01:41 - 2013-10-30 11:18 - 02800296 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2014-10-02 16:58 - 2010-12-31 23:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2014-10-02 16:57 - 2010-10-01 20:16 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2014-10-02 16:06 - 2014-08-23 16:52 - 00000000 ____D () C:\Program Files (x86)\Razer
2014-10-02 16:04 - 2009-07-13 23:45 - 00460312 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-10-02 02:25 - 2010-09-25 05:05 - 00120824 _____ () C:\Users\Dylan\AppData\Local\GDIPFONTCACHEV1.DAT
2014-10-01 15:48 - 2014-05-10 15:49 - 00000000 ____D () C:\Users\Dylan\AppData\Roaming\VERIZON
2014-10-01 15:41 - 2013-04-06 21:18 - 00000000 ____D () C:\Games
2014-10-01 15:40 - 2010-11-08 17:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\San Andreas Multiplayer
2014-10-01 15:34 - 2014-01-27 14:51 - 00000000 ____D () C:\Users\Dylan\Downloads\Lindsey Stirling - Lindsey Stirling [2013] [Limited Deluxe Edition] [Mp3-320]-V3nom [GLT]
2014-10-01 15:28 - 2010-10-02 00:09 - 00000000 ____D () C:\Users\Dylan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2014-10-01 15:20 - 2009-07-14 00:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-10-01 15:18 - 2010-09-25 08:41 - 00000000 ____D () C:\Program Files (x86)\Electronic Arts
2014-10-01 15:15 - 2010-10-08 18:09 - 00000000 ____D () C:\Program Files (x86)\DVDVideoSoft
2014-10-01 15:13 - 2010-10-01 18:30 - 00000000 ____D () C:\Users\Dylan\AppData\Local\Thunderbird
2014-10-01 15:12 - 2010-08-15 01:51 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-10-01 15:12 - 2009-07-14 00:13 - 00808206 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-10-01 15:07 - 2010-09-25 08:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Electronic Arts
2014-09-30 00:47 - 2010-10-01 20:16 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2014-09-25 20:12 - 2014-08-30 17:16 - 00001745 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-09-18 18:24 - 2009-07-14 00:08 - 00032652 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-09-16 23:51 - 2014-01-29 22:34 - 01538880 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdagenco6420103.dll
2014-09-15 09:06 - 2010-10-01 17:37 - 00278152 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
 
Files to move or delete:
====================
C:\Users\Dylan\CrossFire_Setup_v1052.exe
 
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2014-10-11 05:00
 
==================== End Of Log ============================Attached File  Fixlog.txt   2.02KB   3 downloads
 


#8 deeprybka

deeprybka

  • Malware Response Team
  • 5,198 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:10:46 AM

Posted 16 October 2014 - 03:57 AM

All right, this is looking very good! No more active ad-/malware has been found. So we're done.

That's it! abklatsch.gif
Your logs look clean to me at the moment. :thumbup2:
We're gonna clean up everything now, close security holes on your computer and in the end I'll provide you with a list of security tips so you hopefully will not need our help anymore in the future.


My help is free for everybody.
If you want to support me fighting against malware or buy me a beer for the assistance you received, then you can consider a donation: btn_donate_SM.gif
Thank you!


Clean Upcleanupm.PNG

Now we remove all the tools we used (including their logs and quarantine folders), restore your settings and delete old and infected system restorepoints:

  • You can uninstall programs that you had to install (e.g. MBAM or ESET Onlinescanner) in the control panel if you so wish.
  • Download delfix.pngDelFix (by Xplode) and save it to your Desktop.
    • Close all running programs and start delfix.exe.
    • Make sure that all available options are checked.
    • Click on Run
    • DelFix should remove all our tools and delete itself afterwards. I don't need the log file.
  • If there is still something left you can delete it manually.

Closing security holes

Many infections happen via drive-by downloads that run unnoticed in the background while the user visits an infected website. To achieve this malware exploits security holes in installed software (e.g. browser or its plugins). Older versions of such software often have lots of known exploitable holes. Therefore it's very important to always keep your software up-to-date.
The following software is outdated. Make sure you remove all old versions and install the current one instead if you need the program:

 

Adobe Flash Player 10 ActiveX
Adobe Flash Player 11 Plugin
Java 7 Update 45
Mozilla Firefox 16.0

 

Tips

I recommend to read and follow the "16 simple and easy ways to keep your computer safe and secure on the Internet" (Link) by Lawrence Abrams.


regards,
deeprybka
:busy:
Neminem laede, immo omnes, quantum potes, iuva. Arthur Schopenhauer
 
unite_blue.png
asap.png

#9 dylan458

dylan458
  • Topic Starter

  • Members
  • 6 posts
  • OFFLINE
  •  
  • Local time:03:46 AM

Posted 18 October 2014 - 01:46 PM

Thank you very much for your help! Everything is back to working normally and its very much appreciated.



#10 deeprybka

deeprybka

  • Malware Response Team
  • 5,198 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:10:46 AM

Posted 19 October 2014 - 06:50 AM

Thank you very much for your help! Everything is back to working normally and its very much appreciated.

 

Glad we could help! abklatsch.gif


regards,
deeprybka
:busy:
Neminem laede, immo omnes, quantum potes, iuva. Arthur Schopenhauer
 
unite_blue.png
asap.png

#11 deeprybka

deeprybka

  • Malware Response Team
  • 5,198 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:10:46 AM

Posted 19 October 2014 - 06:50 AM

It appears that this issue is resolved, therefore I am closing the topic. If that is not the case and you need or wish to continue with this topic, please send me or any Moderator a Personal Message (PM) that you would like this topic re-opened.
regards,
deeprybka
:busy:
Neminem laede, immo omnes, quantum potes, iuva. Arthur Schopenhauer
 
unite_blue.png
asap.png




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users