Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Tuvaro Search, Clean PC 365, Air Software Updater, HQ Video Pro Ads, A


  • This topic is locked This topic is locked

#1
Bmache

Bmache

    Member

  • Member
  • PipPip
  • 11 posts

Here with my friend's computer. There seems to be quite a bit of malware on it and it is running much slower than when I gave this computer to him. It has a few interesting issues:

 

Google has been replaced with Tuvaro Bing on both Firefox and Chrome

Several popup ads when clicking on input fields

There is an Air Software updater and Advanced System Protector

Can't download malwarebytes - keeps turning into a website advertising Clean PC 365

Several ads on websites with a tag under them saying HQ Video Pro

 

Those are the few things I noticed just by using it to get to this website to seek help in cleaning it. There are probably quite a few others.

 

Here is the OTL Log:

OTL logfile created on: 7/30/2014 11:23:48 PM - Run 2
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Brian\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17207)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
 
3.80 Gb Total Physical Memory | 1.61 Gb Available Physical Memory | 42.35% Memory free
7.60 Gb Paging File | 4.77 Gb Available in Paging File | 62.77% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 116.44 Gb Total Space | 50.82 Gb Free Space | 43.64% Space Free | Partition Type: NTFS
Drive D: | 329.79 Gb Total Space | 314.16 Gb Free Space | 95.26% Space Free | Partition Type: NTFS
 
Computer Name: CHARLIE | User Name: Brian | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
[color=#E56717]========== Processes (SafeList) ==========[/color]
 
PRC - C:\Users\Brian\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\Right Backup\RBClientService.exe (Systweak)
PRC - C:\Program Files (x86)\Right Backup\RightBackup.exe (Systweak)
PRC - C:\Program Files (x86)\Advanced System Protector\AdvancedSystemProtector.exe (Systweak)
PRC - C:\ProgramData\XRtVYg\SycvOme.exe (Green Fire Software)
PRC - C:\Program Files (x86)\Software Updater\SoftwareUpdater.exe (Software Updater)
PRC - C:\Program Files (x86)\YouTube Accelerator\YouTubeAcceleratorService.exe (GOOBZO)
PRC - C:\Program Files (x86)\YouTube Accelerator\YouTubeAccelerator.exe (GOOBZO)
PRC - C:\Program Files (x86)\HQPro-1.9\HQPro-1.9-nova.exe (HQ-1.9)
PRC - C:\Program Files (x86)\-ViewPassword-soft\ViewPasswordFIXQNw.exe ()
PRC - C:\Program Files (x86)\-ViewPassword-soft\ViewPasswordHh174.exe ()
PRC - C:\Program Files (x86)\Browsersafeguard\BrowserSafeguard.exe ()
PRC - C:\Program Files (x86)\LPT\srptsl.exe ()
PRC - C:\Program Files (x86)\LPT\srpts.exe ()
PRC - C:\Program Files (x86)\LPT\srptm.exe ()
PRC - C:\Program Files\pcmax\pcmax.exe ()
PRC - C:\Program Files (x86)\pastaleads\PastaLeadsService.exe ()
PRC - C:\Program Files (x86)\pastaleads\PastaLeadsWinApp.exe ()
PRC - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe (Oracle Corporation)
PRC - C:\Users\Brian\AppData\Local\Akamai\netsession_win.exe (Akamai Technologies, Inc.)
PRC - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
PRC - C:\Users\Brian\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)
PRC - C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe ()
PRC - C:\Windows\KMService.exe ()
PRC - C:\Windows\SysWOW64\srvany.exe ()
PRC - C:\Windows\AsScrPro.exe (ASUS)
PRC - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe (ASUS)
PRC - C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe (ASUS)
PRC - C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe (NEC Electronics Corporation)
PRC - C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe (ASUS)
PRC - C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe (ASUS)
PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation)
PRC - C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe (CyberLink)
PRC - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe (ASUS)
PRC - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe (ASUS)
PRC - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe (ASUS)
PRC - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe (ASUS)
PRC - C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe (ASUS)
 
 
[color=#E56717]========== Modules (No Company Name) ==========[/color]
 
MOD - C:\ProgramData\XRtVYg\dat\BKaCaSI.dll ()
MOD - C:\Program Files (x86)\Advanced System Protector\aspsys.dll ()
MOD - C:\Program Files (x86)\HQPro-1.9\HQPro-1.9-nova.dll ()
MOD - C:\Program Files (x86)\-ViewPassword-soft\ViewPasswordFIXQNw.exe ()
MOD - C:\Program Files (x86)\-ViewPassword-soft\ViewPasswordHh174.dll ()
MOD - C:\Program Files (x86)\Browsersafeguard\BrowserSafeguard.exe ()
MOD - C:\Program Files (x86)\LPT\srut.dll ()
MOD - C:\Program Files (x86)\LPT\srpt.dll ()
MOD - C:\Program Files (x86)\LPT\srptc.dll ()
MOD - C:\Program Files (x86)\LPT\srptm.exe ()
MOD - C:\Program Files (x86)\LPT\sppsm.dll ()
MOD - C:\Program Files (x86)\LPT\Smartbar.Resources.HistoryAndStatsWrapper.dll ()
MOD - C:\Program Files (x86)\LPT\Smartbar.Personalization.Common.dll ()
MOD - C:\Program Files (x86)\LPT\Smartbar.Infrastructure.Utilities.dll ()
MOD - C:\Program Files (x86)\LPT\Smartbar.Common.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.WorkflowServ#\f06f43b818a973641a1e579ba110aee9\System.WorkflowServices.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel#\fd7da43b8c67eaf65b685b5c0623ba06\System.ServiceModel.Web.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\Microsoft.VisualBas#\359e693030a92977455667e67fb74267\Microsoft.VisualBasic.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Management\4412bbbb473c356b5ea3e1ea13b25f52\System.Management.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\CustomMarshalers\d682d06abf8257c72ce11cefd1d74cf5\CustomMarshalers.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Seri#\f177ea74036d5fdc6c6b9c967dc877cf\System.Runtime.Serialization.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\SMDiagnostics\8a01cb6ca56adf4f33cdad0592538b58\SMDiagnostics.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceModel\7f5c4c0fda2a127b85a269d11fe56fa8\System.ServiceModel.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Core\868ad9d8acc0bf80a973c0e4e9cae4fa\System.Core.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\72284863df9bea3f081ae98996400619\PresentationFramework.Aero.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.ServiceProce#\b34b348a9935338b1282fd0c9309eb1f\System.ServiceProcess.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web.Services\71b2513cf76669cf6960908e211710db\System.Web.Services.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Web\47e4da7e3f6bd1ce5ea9283c808ce9f9\System.Web.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\98c91b8d3f1d54c41ada5f37e0935303\System.Runtime.Remoting.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.EnterpriseSe#\6b0a1d4b63fb0ef68c0c1cd107ce9ba4\System.EnterpriseServices.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Transactions\4f66c3dc2cd6583df3fcc393edcb48a7\System.Transactions.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Data\ffa238a8bca0a438348228c2b94103af\System.Data.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\71faa40ff5c4aea5d150eb8f9c0665a9\PresentationFramework.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\8bc548587e91ecf0552a40e47bbf99cc\System.Windows.Forms.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\5c24d3b0041ebf4f48a93615b9fa3de9\System.Drawing.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Deployment\7c233151b685c540524f87931632423a\System.Deployment.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Data.SqlXml\6a5e8dcdee321bff4851b99b5356a08e\System.Data.SqlXml.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\217ece46920546d718414291d463bb1c\System.Xml.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\5b6ddf934128d538cd5cd77bf4209b93\System.Configuration.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\660ac5d6da77df8e86fb26f05c6a9816\PresentationCore.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\1d696b2d3de530f7ee971070263667ff\WindowsBase.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\System\b3a78269847005365001c33870cd121f\System.ni.dll ()
MOD - C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\ede2c6c842840e009f01bcc74fa4c457\mscorlib.ni.dll ()
MOD - C:\Users\Brian\AppData\Local\Google\Chrome\Application\35.0.1916.153\ppGoogleNaClPluginChrome.dll ()
MOD - C:\Users\Brian\AppData\Local\Google\Chrome\Application\35.0.1916.153\PepperFlash\pepflashplayer.dll ()
MOD - C:\Users\Brian\AppData\Local\Google\Chrome\Application\35.0.1916.153\pdf.dll ()
MOD - C:\Users\Brian\AppData\Local\Google\Chrome\Application\35.0.1916.153\libglesv2.dll ()
MOD - C:\Users\Brian\AppData\Local\Google\Chrome\Application\35.0.1916.153\libegl.dll ()
MOD - C:\Users\Brian\AppData\Local\Google\Chrome\Application\35.0.1916.153\ffmpegsumo.dll ()
MOD - C:\Program Files (x86)\pastaleads\PastaLeadsWinApp.exe ()
MOD - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll ()
MOD - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll ()
MOD - C:\Windows\assembly\GAC_32\System.Transactions\2.0.0.0__b77a5c561934e089\System.Transactions.dll ()
MOD - C:\Windows\assembly\GAC\Microsoft.mshtml\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.mshtml.dll ()
MOD - C:\Windows\assembly\GAC_MSIL\Microsoft.VisualStudio.Diagnostics.ServiceModelSink\3.0.0.0__b03f5f7f11d50a3a\Microsoft.VisualStudio.Diagnostics.ServiceModelSink.dll ()
MOD - C:\Program Files (x86)\Right Backup\System.Data.SQLite.dll ()
MOD - C:\Program Files (x86)\Advanced System Protector\System.Data.SQLite.dll ()
MOD - C:\Windows\assembly\GAC_32\System.Data\2.0.0.0__b77a5c561934e089\System.Data.dll ()
MOD - C:\Windows\assembly\GAC_32\CustomMarshalers\2.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll ()
MOD - C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvcPS.dll ()
MOD - C:\Program Files (x86)\CyberLink\Power2Go\CLMediaLibrary.dll ()
MOD - C:\Program Files\LinkShellExtension\32\RockallDLL.dll ()
 
 
[color=#E56717]========== Services (SafeList) ==========[/color]
 
SRV:[b]64bit:[/b] - (SMUpd) -- C:\Program Files\Common Files\Goobzo\GBUpdate\smu.exe (Search Module Ltd.)
SRV:[b]64bit:[/b] - (IEEtwCollectorService) -- C:\Windows\SysNative\IEEtwCollector.exe (Microsoft Corporation)
SRV:[b]64bit:[/b] - (pcmaxservice) -- C:\Program Files\pcmax\pcmax.exe ()
SRV:[b]64bit:[/b] - (NisSrv) -- C:\Program Files\Microsoft Security Client\NisSrv.exe (Microsoft Corporation)
SRV:[b]64bit:[/b] - (MsMpSvc) -- C:\Program Files\Microsoft Security Client\MsMpEng.exe (Microsoft Corporation)
SRV:[b]64bit:[/b] - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV:[b]64bit:[/b] - (EvtEng) -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe (Intel(R) Corporation)
SRV:[b]64bit:[/b] - (MyWiFiDHCPDNS) -- C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe ()
SRV:[b]64bit:[/b] - (RegSrvc) -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe (Intel(R) Corporation)
SRV:[b]64bit:[/b] - (AFBAgent) -- C:\Windows\SysNative\FBAgent.exe (ASUSTeK Computer Inc.)
SRV:[b]64bit:[/b] - (64af91bf) -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)
SRV - (RBClientService) -- C:\Program Files (x86)\Right Backup\RBClientService.exe (Systweak)
SRV - (globalUpdatem) -- C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe (globalUpdate)
SRV - (globalUpdate) -- C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe (globalUpdate)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (SycvOme) -- C:\ProgramData\XRtVYg\SycvOme.exe (Green Fire Software)
SRV - (YouTubeAcceleratorService) -- C:\Program Files (x86)\YouTube Accelerator\YouTubeAcceleratorService.exe (GOOBZO)
SRV - (ViewPassword) -- C:\Program Files (x86)\-ViewPassword-soft\ViewPasswordHh174.exe ()
SRV - (LPTSystemUpdater) -- C:\Program Files (x86)\LPT\srpts.exe ()
SRV - (pastaleadsServiceCore) -- C:\Program Files (x86)\pastaleads\PastaLeadsService.exe ()
SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (IePluginServices) -- C:\ProgramData\IePluginServices\PluginService.exe (Cherished Technololgy LIMITED)
SRV - (VsEtwService120) -- C:\Program Files (x86)\Microsoft Visual Studio 12.0\Common7\Packages\Debugger\Services\VsEtwService.exe (Microsoft Corporation)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (nvUpdatusService) -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation)
SRV - (Stereo Service) -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (NVIDIA Corporation)
SRV - (PassThru Service) -- C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe ()
SRV - (KMService) -- C:\Windows\SysWOW64\srvany.exe ()
SRV - (ATKGFNEXSrv) -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe (ASUS)
SRV - (UNS) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe (Intel Corporation)
SRV - (LMS) -- C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Intel Corporation)
SRV - (ASLDRService) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe (ASUS)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
 
 
[color=#E56717]========== Driver Services (SafeList) ==========[/color]
 
DRV:[b]64bit:[/b] - (SMUpdd) -- C:\Program Files\Common Files\Goobzo\GBUpdate\smw.sys ()
DRV:[b]64bit:[/b] - (NisDrv) -- C:\Windows\SysNative\drivers\NisDrvWFP.sys (Microsoft Corporation)
DRV:[b]64bit:[/b] - (MotioninJoyXFilter) -- C:\Windows\SysNative\drivers\MijXfilt.sys (MotioninJoy)
DRV:[b]64bit:[/b] - (dg_ssudbus) -- C:\Windows\SysNative\drivers\ssudbus.sys (DEVGURU Co., LTD.(www.devguru.co.kr))
DRV:[b]64bit:[/b] - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:[b]64bit:[/b] - (nvpciflt) -- C:\Windows\SysNative\drivers\nvpciflt.sys (NVIDIA Corporation)
DRV:[b]64bit:[/b] - (S3XXx64) -- C:\Windows\SysNative\drivers\S3XXx64.sys (Identive)
DRV:[b]64bit:[/b] - (RdpVideoMiniport) -- C:\Windows\SysNative\drivers\rdpvideominiport.sys (Microsoft Corporation)
DRV:[b]64bit:[/b] - (GEARAspiWDM) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys (GEAR Software Inc.)
DRV:[b]64bit:[/b] - (fssfltr) -- C:\Windows\SysNative\drivers\fssfltr.sys (Microsoft Corporation)
DRV:[b]64bit:[/b] - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:[b]64bit:[/b] - (tap0901) -- C:\Windows\SysNative\drivers\tap0901.sys (The OpenVPN Project)
DRV:[b]64bit:[/b] - (igfx) -- C:\Windows\SysNative\drivers\igdkmd64.sys (Intel Corporation)
DRV:[b]64bit:[/b] - (xusb21) -- C:\Windows\SysNative\drivers\xusb21.sys (Microsoft Corporation)
DRV:[b]64bit:[/b] - (Point64) -- C:\Windows\SysNative\drivers\point64.sys (Microsoft Corporation)
DRV:[b]64bit:[/b] - (pneteth) -- C:\Windows\SysNative\drivers\pneteth.sys (June Fabrics Technology Inc.)
DRV:[b]64bit:[/b] - (WCMVCAM) -- C:\Windows\SysNative\drivers\wcmvcam64.sys (Windows (R) Win 7 DDK provider)
DRV:[b]64bit:[/b] - (dc3d) -- C:\Windows\SysNative\drivers\dc3d.sys (Microsoft Corporation)
DRV:[b]64bit:[/b] - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:[b]64bit:[/b] - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:[b]64bit:[/b] - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:[b]64bit:[/b] - (sptd) -- C:\Windows\SysNative\drivers\sptd.sys ()
DRV:[b]64bit:[/b] - (ivusb) -- C:\Windows\SysNative\drivers\ivusb.sys (Initio Corporation)
DRV:[b]64bit:[/b] - (htcnprot) -- C:\Windows\SysNative\drivers\htcnprot.sys (Windows (R) Win 7 DDK provider)
DRV:[b]64bit:[/b] - (wdkmd) -- C:\Windows\SysNative\drivers\WDKMD.sys (Intel Corporation)
DRV:[b]64bit:[/b] - (L1C) -- C:\Windows\SysNative\drivers\L1C62x64.sys (Atheros Communications, Inc.)
DRV:[b]64bit:[/b] - (ETD) -- C:\Windows\SysNative\drivers\ETD.sys (ELAN Microelectronic Corp.)
DRV:[b]64bit:[/b] - (NETw5s64) -- C:\Windows\SysNative\drivers\NETw5s64.sys (Intel Corporation)
DRV:[b]64bit:[/b] - (Impcd) -- C:\Windows\SysNative\drivers\Impcd.sys (Intel Corporation)
DRV:[b]64bit:[/b] - (IntcDAud) -- C:\Windows\SysNative\drivers\IntcDAud.sys (Intel(R) Corporation)
DRV:[b]64bit:[/b] - (nusb3xhc) -- C:\Windows\SysNative\drivers\nusb3xhc.sys (NEC Electronics Corporation)
DRV:[b]64bit:[/b] - (nusb3hub) -- C:\Windows\SysNative\drivers\nusb3hub.sys (NEC Electronics Corporation)
DRV:[b]64bit:[/b] - (iaStor) -- C:\Windows\SysNative\drivers\iaStor.sys (Intel Corporation)
DRV:[b]64bit:[/b] - (HTCAND64) -- C:\Windows\SysNative\drivers\ANDROIDUSB.sys (HTC, Corporation)
DRV:[b]64bit:[/b] - (HECIx64) -- C:\Windows\SysNative\drivers\HECIx64.sys (Intel Corporation)
DRV:[b]64bit:[/b] - (SNP2UVC) -- C:\Windows\SysNative\drivers\snp2uvc.sys ()
DRV:[b]64bit:[/b] - (kbfiltr) -- C:\Windows\SysNative\drivers\kbfiltr.sys ( )
DRV:[b]64bit:[/b] - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:[b]64bit:[/b] - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:[b]64bit:[/b] - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:[b]64bit:[/b] - (athr) -- C:\Windows\SysNative\drivers\athrx.sys (Atheros Communications, Inc.)
DRV:[b]64bit:[/b] - (SiSGbeLH) -- C:\Windows\SysNative\drivers\SiSG664.sys (Silicon Integrated Systems Corp.)
DRV:[b]64bit:[/b] - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:[b]64bit:[/b] - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:[b]64bit:[/b] - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:[b]64bit:[/b] - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:[b]64bit:[/b] - (MTsensor) -- C:\Windows\SysNative\drivers\ATK64AMD.sys (ASUS)
DRV:[b]64bit:[/b] - (WimFltr) -- C:\Windows\SysNative\drivers\WimFltr.sys (Microsoft Corporation)
DRV:[b]64bit:[/b] - (WDC_SAM) -- C:\Windows\SysNative\drivers\wdcsam64.sys (Western Digital Technologies)
DRV:[b]64bit:[/b] - (ManyCam) -- C:\Windows\SysNative\drivers\ManyCam_x64.sys (ManyCam LLC.)
DRV - (GEARAspiWDM) -- C:\Windows\SysWOW64\drivers\GEARAspiWDM.sys (GEAR Software Inc.)
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)
DRV - (ASMMAP64) -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys (ASUS)
 
 
[color=#E56717]========== Standard Registry (SafeList) ==========[/color]
 
 
[color=#E56717]========== Internet Explorer ==========[/color]
 
IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.v9.com/?type=hp&ts=1404043206&from=air&uid=ST9500325AS_6VE8N045XXXX6VE8N045&i=psd&t=344dffdc0
IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.v9.com/web/?type=ds&ts=1404043206&from=air&uid=ST9500325AS_6VE8N045XXXX6VE8N045&i=psd&t=344dffdc0&q={searchTerms}
IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://search.v9.com/web/?type=ds&ts=1404043206&from=air&uid=ST9500325AS_6VE8N045XXXX6VE8N045&i=psd&t=344dffdc0&q={searchTerms}
IE:[b]64bit:[/b] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.v9.com/?type=hp&ts=1404043206&from=air&uid=ST9500325AS_6VE8N045XXXX6VE8N045&i=psd&t=344dffdc0
IE:[b]64bit:[/b] - HKLM\..\SearchScopes,DefaultScope = {33BB0A4E-99AF-4226-BDF6-49120163DE86}
IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}: "URL" = http://search.v9.com/web/?type=ds&ts=1404043206&from=air&uid=ST9500325AS_6VE8N045XXXX6VE8N045&i=psd&t=344dffdc0&q={searchTerms}
IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{460C3D19-B3D4-4964-A550-77D263B0CCCB}: "URL" = http://www-search.net/search.aspx?s=E6Mwlimyu1,e3c303cd-2507-421f-a35e-47ff424255e2,&q={searchTerms}
IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{77AA745B-F4F8-45DA-9B14-61D2D95054C8}: "URL" = http://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=bndl1_14_26&cd=2XzuyEtN2Y1L1QzutBtD0C0FtAtDtAyEyBzy0A0AzyzztAyDtN0D0Tzu0SzytBtCtN1L2XzutBtFtBtCtFtCtCtFtBtN1L1Czu1S1G1Q1ItC1VtCyE1VtByCtN1L1G1B1V1N2Y1L1Qzu2SyDyD0FtBzzyEtCyDtGtC0DtCzztGtCzzyC0EtGyB0BtCyCtGtCtAyC0ByC0FtA0CyEzz0BtD2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyD0D0FtDtDtByD0AtGtDtAyB0DtG0FyDyBtBtG0F0CtB0DtGyD0BtBzz0D0CyBzztD0AzzyD2Q&cr=1371696044&ir=
IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{7F4EFF06-7032-458e-AE16-1C1D8255C28A}: "URL" = http://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=adk_14_18&cd=2XzuyEtN2Y1L1QzutBtD0C0FtAtDtAyEyBzy0A0AzyzztAyDtN0D0Tzu0SzytDtAtN1L2XzutBtFtBtCtFyEtFtCtN1L1Czu1T1Q1J1VtCyE1VtCzztN1L1G1B1V1N2Y1L1Qzu2StDyBtC0F0C0FyCzytG0A0B0CtBtGzyyC0BtAtG0D0ByE0BtGtC0AzzyB0A0EtCyByDyCyDyD2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyD0D0FtDtDtByD0AtGtDtAyB0DtG0FyDyBtBtG0F0CtB0DtGyD0BtBzz0D0CyBzztD0AzzyD2Q&cr=5182463&ir=
IE:[b]64bit:[/b] - HKLM\..\SearchScopes\{A33DB9FD-7A8A-496E-92D3-9CFCF9D9E1C9}: "URL" = http://www-search.net/search.aspx?s=E6Mwlimyu1,e3c303cd-2507-421f-a35e-47ff424255e2,&q={searchTerms}
IE:[b]64bit:[/b] - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
IE:[b]64bit:[/b] - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <-loopback>
IE:[b]64bit:[/b] - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:49253;https=127.0.0.1:49253
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.v9.com/?type=hp&ts=1404043206&from=air&uid=ST9500325AS_6VE8N045XXXX6VE8N045&i=psd&t=344dffdc0
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.v9.com/web/?type=ds&ts=1404043206&from=air&uid=ST9500325AS_6VE8N045XXXX6VE8N045&i=psd&t=344dffdc0&q={searchTerms}
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://search.v9.com/web/?type=ds&ts=1404043206&from=air&uid=ST9500325AS_6VE8N045XXXX6VE8N045&i=psd&t=344dffdc0&q={searchTerms}
IE - HKLM\..\SearchScopes,DefaultScope = {33BB0A4E-99AF-4226-BDF6-49120163DE86}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&form=ASUTDF&pc=MAAU&src=IE-SearchBox
IE - HKLM\..\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}: "URL" = http://search.v9.com/web/?type=ds&ts=1404043206&from=air&uid=ST9500325AS_6VE8N045XXXX6VE8N045&i=psd&t=344dffdc0&q={searchTerms}
IE - HKLM\..\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}: "URL" = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ASUT
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 1
IE - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <-loopback>
IE - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=127.0.0.1:49253;https=127.0.0.1:49253
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.v9.com/?type=hp&ts=1404043206&from=air&uid=ST9500325AS_6VE8N045XXXX6VE8N045&i=psd&t=344dffdc0
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://feed.helperbar.com/?p=mKO_AwFzXIpYRaHp8Pk5fza5XP2LokZRZTrGrmUdZw5a1hndvGLVL8mGEIpL4vXP-S-E705Jq8Ql6ZTZDN3BKD0IQJbUbd2LUh080hQZ0xfXNDHzlhKgSP1Fe5hY_1Pi0E5O-xM8qlGq7DNglRZ3VEwd1zd1HmzMMZzXqx0aE-pzPg82v9_qHd6PWGb8FwACdgoXeL2UYrPgFJKoLH_5NsvZurtcRdI,&q={searchTerms}
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://feed.helperbar.com/?p=mKO_AwFzXIpYRaHp8Pk5fza5XP2LokZRZTrGrmUdZw5a1hndvGLVL8mGEIpL4vXP-S-E705Jq8Ql6ZTZDN3BKD0IQJbUbd2LUh080hQZ0xfXNDHzlhKgSP1Fe5hY_1Pi0E5O-xM8qlGq7DNglRZ3VEwd1zd1HmzMMZzXqx0aE-pzPg82v9_qHd6PWGb8FwACdgoXeL2UYrPgFJKoLH_5NsvZurtcRdI,&q={searchTerms}
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://start.mysearchdial.com/?f=1&a=bndl1_14_26&cd=2XzuyEtN2Y1L1QzutBtD0C0FtAtDtAyEyBzy0A0AzyzztAyDtN0D0Tzu0SzytBtCtN1L2XzutBtFtBtCtFtCtCtFtBtN1L1Czu1S1G1Q1ItC1VtCyE1VtByCtN1L1G1B1V1N2Y1L1Qzu2SyDyD0FtBzzyEtCyDtGtC0DtCzztGtCzzyC0EtGyB0BtCyCtGtCtAyC0ByC0FtA0CyEzz0BtD2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyD0D0FtDtDtByD0AtGtDtAyB0DtG0FyDyBtBtG0F0CtB0DtGyD0BtBzz0D0CyBzztD0AzzyD2Q&cr=1371696044&ir=
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://feed.helperbar.com/?p=mKO_AwFzXIpYRaHp8Pk5fza5XP2LokZRZTrGrmUdZw5a1hndvGLVL8mGEIpL4vXP-S-E705Jq8Ql6ZTZDN3BKD0IQJbUbd2LUh080hQZ0xfXNDHzlhKgSP1Fe5hY_1Pi0E5O-xM8qlGq7DNglRZ3VEwd1zd1HmzMMZzXqx0aE-pzPg82v9_qHd6PWGb8FwACdgoXeL2UYrPgFJKoLH_5NsvZurtcRdI,&q={searchTerms}
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://feed.helperbar.com/?p=mKO_AwFzXIpYRaHp8Pk5fza5XP2LokZRZTrGrmUdZw5a1hndvGLVL8mGEIpL4vXP-S-E705Jq8Ql6ZTZDN3BKD0IQJbUbd2LUh080hQZ0xfXNDHzlhKgSP1Fe5hY_1Pi0E5O-xM8qlGq7DNglRZ3VEwd1zd1HmzMMZzXqx0aE-pzPg82v9_qHd6PWGb8FwACdgoXeL2UYrPgFJKoLH_5NsvZurtcRdI,&q={searchTerms}
IE - HKCU\..\URLSearchHook: {84FF7BD6-B47F-46F8-9130-01B2696B36CB} - No CLSID value found
IE - HKCU\..\SearchScopes,DefaultScope = {7F4EFF06-7032-458e-AE16-1C1D8255C28A}
IE - HKCU\..\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}: "URL" = http://feed.helperbar.com/?p=mKO_AwFzXIpYRaHp8Pk5fza5XP2LokZRZTrGrmUdZw5a1hndvGLVL8mGEIpL4vXP-S-E705Jq8Ql6ZTZDN3BKD0IQJbUbd2LUh080hQZ0xfXNDHzlhKgSP1Fe5hY_1Pi0E5O-xM8qlGq7DNglRZ3VEwd1zd1HmzMMZzXqx0aE-pzPg82v9_qHd6PWGb8FwACdgoXeL2UYrPgFJKoLH_5NsvZurtcRdI,&q={searchTerms}
IE - HKCU\..\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}: "URL" = http://www.trovi.com/Results.aspx?gd=&ctid=CT3324863&octid=EB_ORIGINAL_CTID&ISID=M9C68602D-5624-4211-86E7-87BFF588998F&SearchSource=58&CUI=&UM=5&UP=SP983BF1C8-15AB-4A6C-9C57-8A617517B96B&q={searchTerms}&SSPV=
IE - HKCU\..\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}: "URL" = http://search.v9.com/web/?type=ds&ts=1404043206&from=air&uid=ST9500325AS_6VE8N045XXXX6VE8N045&i=psd&t=344dffdc0&q={searchTerms}
IE - HKCU\..\SearchScopes\{460C3D19-B3D4-4964-A550-77D263B0CCCB}: "URL" = http://www-search.net/search.aspx?s=E6Mwlimyu1,e3c303cd-2507-421f-a35e-47ff424255e2,&q={searchTerms}
IE - HKCU\..\SearchScopes\{77AA745B-F4F8-45DA-9B14-61D2D95054C8}: "URL" = http://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=bndl1_14_26&cd=2XzuyEtN2Y1L1QzutBtD0C0FtAtDtAyEyBzy0A0AzyzztAyDtN0D0Tzu0SzytBtCtN1L2XzutBtFtBtCtFtCtCtFtBtN1L1Czu1S1G1Q1ItC1VtCyE1VtByCtN1L1G1B1V1N2Y1L1Qzu2SyDyD0FtBzzyEtCyDtGtC0DtCzztGtCzzyC0EtGyB0BtCyCtGtCtAyC0ByC0FtA0CyEzz0BtD2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyD0D0FtDtDtByD0AtGtDtAyB0DtG0FyDyBtBtG0F0CtB0DtGyD0BtBzz0D0CyBzztD0AzzyD2Q&cr=1371696044&ir=
IE - HKCU\..\SearchScopes\{7F4EFF06-7032-458e-AE16-1C1D8255C28A}: "URL" = http://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=adk_14_18&cd=2XzuyEtN2Y1L1QzutBtD0C0FtAtDtAyEyBzy0A0AzyzztAyDtN0D0Tzu0SzytDtAtN1L2XzutBtFtBtCtFyEtFtCtN1L1Czu1T1Q1J1VtCyE1VtCzztN1L1G1B1V1N2Y1L1Qzu2StDyBtC0F0C0FyCzytG0A0B0CtBtGzyyC0BtAtG0D0ByE0BtGtC0AzzyB0A0EtCyByDyCyDyD2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyD0D0FtDtDtByD0AtGtDtAyB0DtG0FyDyBtBtG0F0CtB0DtGyD0BtBzz0D0CyBzztD0AzzyD2Q&cr=5182463&ir=
IE - HKCU\..\SearchScopes\{80c554b9-c7f8-4a21-9471-06d606da78a2}: "URL" = http://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
IE - HKCU\..\SearchScopes\{A33DB9FD-7A8A-496E-92D3-9CFCF9D9E1C9}: "URL" = http://www-search.net/search.aspx?s=E6Mwlimyu1,e3c303cd-2507-421f-a35e-47ff424255e2,&q={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <-loopback>;<local>
 
[color=#E56717]========== FireFox ==========[/color]
 
FF - prefs.js..browser.search.defaultenginename: ""
FF - prefs.js..browser.search.order.1: "Google"
FF - prefs.js..browser.search.selectedEngine: "Mysearchdial"
FF - prefs.js..browser.startup.homepage: "http://start.mysearchdial.com/?f=1&a=bndl1_14_26&cd=2XzuyEtN2Y1L1QzutBtD0C0FtAtDtAyEyBzy0A0AzyzztAyDtN0D0Tzu0SzytBtCtN1L2XzutBtFtBtCtFtCtCtFtBtN1L1Czu1S1G1Q1ItC1VtCyE1VtByCtN1L1G1B1V1N2Y1L1Qzu2SyDyD0FtBzzyEtCyDtGtC0DtCzztGtCzzyC0EtGyB0BtCyCtGtCtAyC0ByC0FtA0CyEzz0BtD2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyD0D0FtDtDtByD0AtGtDtAyB0DtG0FyDyBtBtG0F0CtB0DtGyD0BtBzz0D0CyBzztD0AzzyD2Q&cr=1371696044&ir="
FF - prefs.js..extensions.enabledAddons: {55A8EC97-6AF6-442c-877F-11C51DBD162D}:1.0.6
FF - prefs.js..extensions.enabledAddons: {ad9a41d2-9a49-4fa6-a79e-71a0785364c8}:9.5.3
FF - prefs.js..extensions.enabledAddons: [email protected]bda57173b.com:0.94.51
FF - prefs.js..extensions.enabledAddons: [email protected]4e2e4d3ad.com:0.94.73
FF - prefs.js..keyword.URL: "http://www-search.net/search.aspx?s=E6Mwlimyu1,e3c303cd-2507-421f-a35e-47ff424255e2,&q="
 
 
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_145.dll File not found
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.45.2: C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.45.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF:[b]64bit:[/b] - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~4\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@canon.com/MycameraPlugin: D:\Program Files (x86)\Canon\ZoomBrowser EX\Program\NPCIG.dll File not found
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.60.2: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.60.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3508.0205: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF - HKLM\Software\MozillaPlugins\@staging.google.com/globalUpdate Update;version=10: C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll (globalUpdate)
FF - HKLM\Software\MozillaPlugins\@staging.google.com/globalUpdate Update;version=4: C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll (globalUpdate)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=8: D:\Program Files (x86)\Google\Update\1.2.183.13\npGoogleOneClick8.dll File not found
FF - HKLM\Software\MozillaPlugins\Adobe Reader: D:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\Brian\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Users\Brian\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O1DPlugin: C:\Users\Brian\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Brian\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Brian\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\{55A8EC97-6AF6-442c-877F-11C51DBD162D}: C:\Program Files (x86)\Tomabo\YouTube Video Downloader\YTVD_FF.xpi [2013/05/13 12:09:18 | 000,009,989 | ---- | M] ()
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\\[email protected]: C:\Users\Brian\AppData\Roaming\Mozilla\Firefox\Profiles\y1ghqeww.default\extensions\[email protected] [2014/07/11 17:34:36 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0.1\extensions\\Components: D:\Program Files (x86)\Mozilla Firefox\components [2011/12/28 23:08:18 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 9.0.1\extensions\\Plugins: D:\Program Files (x86)\Mozilla Firefox\plugins
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\{735C497D-D20D-45CB-51DE-4E6626FEAD4D}: C:\Program Files (x86)\-ViewPassword-soft\174.xpi [2014/06/22 04:33:08 | 000,015,309 | ---- | M] ()
 
[2011/01/06 14:12:51 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Brian\AppData\Roaming\mozilla\Extensions
[2011/01/06 14:12:51 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Brian\AppData\Roaming\mozilla\Extensions\[email protected]
[2014/07/30 19:15:47 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Brian\AppData\Roaming\mozilla\Firefox\Profiles\y1ghqeww.default\extensions
[2014/07/10 17:05:34 | 000,000,000 | ---D | M] ("MySearchDial NewTab") -- C:\Users\Brian\AppData\Roaming\mozilla\Firefox\Profiles\y1ghqeww.default\extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}
[2014/07/09 17:41:17 | 000,000,000 | ---D | M] ("SmartSaver+ 10") -- C:\Users\Brian\AppData\Roaming\mozilla\Firefox\Profiles\y1ghqeww.default\extensions\[email protected]bda57173b.com
[2014/06/22 04:35:16 | 000,000,000 | ---D | M] ("HQPro-1.9") -- C:\Users\Brian\AppData\Roaming\mozilla\Firefox\Profiles\y1ghqeww.default\extensions\[email protected]4e2e4d3ad.com
[2014/07/11 17:34:36 | 000,000,000 | ---D | M] ("Fast Start") -- C:\Users\Brian\AppData\Roaming\mozilla\Firefox\Profiles\y1ghqeww.default\extensions\[email protected]
[2014/07/11 17:32:26 | 000,000,000 | ---D | M] (cosstminn) -- C:\Users\Brian\AppData\Roaming\mozilla\Firefox\Profiles\y1ghqeww.default\extensions\[email protected]
[2014/07/30 18:12:48 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Brian\AppData\Roaming\mozilla\Firefox\Profiles\y1ghqeww.default\extensions\staged
[2014/06/22 04:35:48 | 000,000,000 | ---D | M] (SupraSavings) -- C:\Users\Brian\AppData\Roaming\mozilla\Firefox\Profiles\y1ghqeww.default\extensions\[email protected]
[2014/07/30 17:47:50 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Brian\AppData\Roaming\mozilla\Firefox\Profiles\y1ghqeww.default\extensions\[email protected]bda57173b.com\extensionData
[2014/07/30 17:47:52 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Brian\AppData\Roaming\mozilla\Firefox\Profiles\y1ghqeww.default\extensions\[email protected]bda57173b.com\extensionData\plugins
[2014/07/30 17:47:52 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Brian\AppData\Roaming\mozilla\Firefox\Profiles\y1ghqeww.default\extensions\[email protected]bda57173b.com\extensionData\userCode
[2014/07/30 17:47:53 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Brian\AppData\Roaming\mozilla\Firefox\Profiles\y1ghqeww.default\extensions\[email protected]4e2e4d3ad.com\extensionData
[2014/07/30 17:47:54 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Brian\AppData\Roaming\mozilla\Firefox\Profiles\y1ghqeww.default\extensions\[email protected]4e2e4d3ad.com\extensionData\plugins
[2014/07/30 17:47:54 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Brian\AppData\Roaming\mozilla\Firefox\Profiles\y1ghqeww.default\extensions\[email protected]4e2e4d3ad.com\extensionData\userCode
[2014/07/30 17:49:38 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Brian\AppData\Roaming\mozilla\Firefox\Profiles\y1ghqeww.default\extensions\staged\[email protected]bda57173b.com\extensionData
[2014/07/11 17:34:39 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Brian\AppData\Roaming\mozilla\Firefox\Profiles\y1ghqeww.default\extensions\staged\[email protected]bda57173b.com\extensionData\plugins
[2014/07/11 17:34:39 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Brian\AppData\Roaming\mozilla\Firefox\Profiles\y1ghqeww.default\extensions\staged\[email protected]bda57173b.com\extensionData\userCode
[2014/07/30 17:49:38 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Brian\AppData\Roaming\mozilla\Firefox\Profiles\y1ghqeww.default\extensions\staged\[email protected]4e2e4d3ad.com\extensionData
[2014/07/11 17:34:33 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Brian\AppData\Roaming\mozilla\Firefox\Profiles\y1ghqeww.default\extensions\staged\[email protected]4e2e4d3ad.com\extensionData\plugins
[2014/07/11 17:34:33 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Brian\AppData\Roaming\mozilla\Firefox\Profiles\y1ghqeww.default\extensions\staged\[email protected]4e2e4d3ad.com\extensionData\userCode
[2014/07/30 19:15:34 | 000,000,001 | ---- | M] () (No name found) -- C:\Users\Brian\AppData\Roaming\mozilla\firefox\profiles\y1ghqeww.default\extensions\[email protected]
[2014/07/10 17:05:58 | 000,002,803 | ---- | M] () -- C:\Users\Brian\AppData\Roaming\mozilla\firefox\profiles\y1ghqeww.default\searchplugins\Mysearchdial.xml
[2012/02/27 14:18:17 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2013/06/23 13:53:21 | 000,000,000 | ---D | M] (Skype Click to Call) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}
[2013/05/13 12:09:18 | 000,009,989 | ---- | M] () (No name found) -- C:\PROGRAM FILES (X86)\TOMABO\YOUTUBE VIDEO DOWNLOADER\YTVD_FF.XPI
 
[color=#E56717]========== Chrome  ==========[/color]
 
CHR - default_search_provider: Search (Enabled)
CHR - default_search_provider: search_url = http://www-search.net/search.aspx?s=E6Mwlimyu1,e3c303cd-2507-421f-a35e-47ff424255e2,&q={searchTerms}
CHR - default_search_provider: suggest_url = http://api.searchpredict.com/api/?rqtype=ffplugin&siteID=8661&dbCode=1&command={searchTerms},
CHR - homepage: http://www-search.net/?s=E6Mwlimyu1,e3c303cd-2507-421f-a35e-47ff424255e2,
CHR - plugin: Error reading preferences file
CHR - Extension: Google Docs = C:\Users\Brian\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.0.0.6_0\
CHR - Extension: Google Docs = C:\Users\Brian\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.7_0\
CHR - Extension: Google Drive = C:\Users\Brian\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.2_0\
CHR - Extension: Google Drive = C:\Users\Brian\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: Google Voice Search Hotword (Beta) = C:\Users\Brian\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn\0.1.1.5019_0\
CHR - Extension: Google Voice Search Hotword (Beta) = C:\Users\Brian\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn\0.1.1.5023_0\
CHR - Extension: YouTube = C:\Users\Brian\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: YouTube = C:\Users\Brian\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Search = C:\Users\Brian\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: Search = C:\Users\Brian\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: HQPro-1.9 = C:\Users\Brian\AppData\Local\Google\Chrome\User Data\Default\Extensions\deghekbbihbapplmbffglehkdhkeibbm\1.26.73_0\
CHR - Extension: MySearchDial = C:\Users\Brian\AppData\Local\Google\Chrome\User Data\Default\Extensions\iagcajndpnfncplednpbnkahadegklfa\9.4.24_0\
CHR - Extension: YouTube Video Downloader Extension = C:\Users\Brian\AppData\Local\Google\Chrome\User Data\Default\Extensions\igljnkmljjbhcellpnjppojkfdfmkjmp\1.0.5_0\
CHR - Extension: SASS Inspector = C:\Users\Brian\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkofmbmllpgfbnonmnenkiakimpgoamn\102\
CHR - Extension: cosstminn = C:\Users\Brian\AppData\Local\Google\Chrome\User Data\Default\Extensions\nbhgdhnjbodilabcjbogfnppbopbdgob\2.0\
CHR - Extension: Google Wallet = C:\Users\Brian\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\
CHR - Extension: Gmail = C:\Users\Brian\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
CHR - Extension: Gmail = C:\Users\Brian\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\
 
O1 HOSTS File: ([2014/07/30 23:10:36 | 000,000,098 | ---- | M]) - C:\Windows\SysNative\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1       localhost
O1 - Hosts: ::1       localhost
O2:[b]64bit:[/b] - BHO: (SmartSaver+ 10) - {11111111-1111-1111-1111-110411891118} - C:\Program Files (x86)\SmartSaver+ 10\SmartSaver+ 10-bho64.dll (smart-saverplus)
O2:[b]64bit:[/b] - BHO: (HQPro-1.9) - {11111111-1111-1111-1111-110511311172} - C:\Program Files (x86)\HQPro-1.9\HQPro-1.9-bho64.dll (HQ-1.9)
O2:[b]64bit:[/b] - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2:[b]64bit:[/b] - BHO: (no name) - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - No CLSID value found.
O2:[b]64bit:[/b] - BHO: (dealstear) - {BA686A29-A489-3038-9006-C9B9977F34AE} - C:\ProgramData\dealstear\ZX7.x64.dll ()
O2:[b]64bit:[/b] - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (2rs3) - {10AD2C61-0898-4348-8600-14A342F22AC3} - C:\Program Files (x86)\SupraSavings\2rs3.dll ()
O2 - BHO: (SmartSaver+ 10) - {11111111-1111-1111-1111-110411891118} - C:\Program Files (x86)\SmartSaver+ 10\SmartSaver+ 10-bho.dll (smart-saverplus)
O2 - BHO: (HQPro-1.9) - {11111111-1111-1111-1111-110511311172} - C:\Program Files (x86)\HQPro-1.9\HQPro-1.9-bho.dll (HQ-1.9)
O2 - BHO: (IETabPage Class) - {3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} - C:\Program Files (x86)\SupTab\SupTab.dll (Thinknice Co. Limited)
O2 - BHO: (ViewPassword) - {3CB547DB-A0E4-1686-7034-692987A1F99C} - C:\Program Files (x86)\-ViewPassword-soft\174.dll ()
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (no name) - {84FF7BD6-B47F-46F8-9130-01B2696B36CB} - No CLSID value found.
O2 - BHO: (dealstear) - {BA686A29-A489-3038-9006-C9B9977F34AE} - C:\ProgramData\dealstear\ZX7.dll ()
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3:[b]64bit:[/b] - HKLM\..\Toolbar: (no name) - {ae07101b-46d4-4a98-af68-0333ea26e113} - No CLSID value found.
O3:[b]64bit:[/b] - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - {ae07101b-46d4-4a98-af68-0333ea26e113} - No CLSID value found.
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No CLSID value found.
O4:[b]64bit:[/b] - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4:[b]64bit:[/b] - HKLM..\Run: [ETDWare] C:\Program Files\Elantech\ETDCtrl.exe (ELAN Microelectronic Corp.)
O4:[b]64bit:[/b] - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:[b]64bit:[/b] - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:[b]64bit:[/b] - HKLM..\Run: [IntelliPoint] C:\Program Files\Microsoft IntelliPoint\ipoint.exe (Microsoft Corporation)
O4:[b]64bit:[/b] - HKLM..\Run: [MSC] C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4:[b]64bit:[/b] - HKLM..\Run: [pcreg] C:\Program Files\pcmax\service.exe ()
O4:[b]64bit:[/b] - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4 - HKLM..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe (ASUS)
O4 - HKLM..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe (ASUS)
O4 - HKLM..\Run: [BrowserSafeguard] C:\Program Files (x86)\Browsersafeguard\BrowserSafeguard.exe ()
O4 - HKLM..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe (ASUS)
O4 - HKLM..\Run: [NUSB3MON] C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe (NEC Electronics Corporation)
O4 - HKLM..\Run: [pcreg] C:\Program Files\pcmax\service.exe ()
O4 - HKLM..\Run: [UpdateLBPShortCut] C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [UpdateP2GoShortCut] C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKCU..\Run: [AdobeBridge]  File not found
O4 - HKCU..\Run: [Akamai NetSession Interface] C:\Users\Brian\AppData\Local\Akamai\netsession_win.exe (Akamai Technologies, Inc.)
O4 - HKCU..\Run: [Facebook Update] C:\Users\Brian\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)
O4 - HKCU..\Run: [GoobzoYouTubeAccelerator] C:\Program Files (x86)\YouTube Accelerator\YouTubeAccelerator.exe (GOOBZO)
O4 - HKCU..\Run: [pcreg] C:\Program Files\pcmax\service.exe ()
O4 - Startup: C:\Users\Brian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk = C:\Program Files (x86)\ERUNT\AUTOBACK.EXE ()
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Low Rights present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HideSCAHealth = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HideSCAHealth = 1
O8:[b]64bit:[/b] - Extra context menu item: Append Link Target to Existing PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html File not found
O8:[b]64bit:[/b] - Extra context menu item: Append to Existing PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html File not found
O8:[b]64bit:[/b] - Extra context menu item: Convert Link Target to Adobe PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html File not found
O8:[b]64bit:[/b] - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html File not found
O8:[b]64bit:[/b] - Extra context menu item: Download video on this page - C:\Program Files (x86)\Tomabo\YouTube Video Downloader\YTVD_IE.dll (Tomabo)
O8:[b]64bit:[/b] - Extra context menu item: Download video this links to - C:\Program Files (x86)\Tomabo\YouTube Video Downloader\YTVD_IE.dll (Tomabo)
O8 - Extra context menu item: Append Link Target to Existing PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html File not found
O8 - Extra context menu item: Append to Existing PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html File not found
O8 - Extra context menu item: Convert Link Target to Adobe PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html File not found
O8 - Extra context menu item: Convert to Adobe PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html File not found
O8 - Extra context menu item: Download video on this page - C:\Program Files (x86)\Tomabo\YouTube Video Downloader\YTVD_IE.dll (Tomabo)
O8 - Extra context menu item: Download video this links to - C:\Program Files (x86)\Tomabo\YouTube Video Downloader\YTVD_IE.dll (Tomabo)
O9:[b]64bit:[/b] - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - Reg Error: Key error. File not found
O9 - Extra Button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - Reg Error: Key error. File not found
O9 - Extra Button: Download Video - {B4FECE59-6D0A-4EE6-A07F-E6A94F846E55} - C:\Program Files (x86)\Tomabo\YouTube Video Downloader\YTVD_IE.dll (Tomabo)
O9 - Extra 'Tools' menuitem : Download video on this page - {B4FECE59-6D0A-4EE6-A07F-E6A94F846E55} - C:\Program Files (x86)\Tomabo\YouTube Video Downloader\YTVD_IE.dll (Tomabo)
O10:[b]64bit:[/b] - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files (x86)\YouTube Accelerator\ytalsp.dll (GOOBZO)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files (x86)\YouTube Accelerator\ytalsp.dll (GOOBZO)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Program Files (x86)\YouTube Accelerator\ytalsp.dll (GOOBZO)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Program Files (x86)\YouTube Accelerator\ytalsp.dll (GOOBZO)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Program Files (x86)\YouTube Accelerator\ytalsp.dll (GOOBZO)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Program Files (x86)\YouTube Accelerator\ytalsp.dll (GOOBZO)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Program Files (x86)\YouTube Accelerator\ytalsp.dll (GOOBZO)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Program Files (x86)\YouTube Accelerator\ytalsp.dll (GOOBZO)
O10 - Protocol_Catalog9\Catalog_Entries\000000000019 - C:\Program Files (x86)\YouTube Accelerator\ytalsp.dll (GOOBZO)
O13[b]64bit:[/b] - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: clonewarsadventures.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: freerealms.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: soe.com ([]* in Trusted sites)
O15 - HKCU\..Trusted Domains: sony.com ([]* in Trusted sites)
O16:[b]64bit:[/b] - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 10.45.2)
O16:[b]64bit:[/b] - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16:[b]64bit:[/b] - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 10.45.2)
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} http://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab (System Requirements Lab Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 10.60.2)
O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_29-windows-i586.cab (Java Plug-in 10.60.2)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{13D3EBAB-B189-4AE6-92C6-5A56315F2E0D}: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{7C78E3E7-25E5-4AEF-8CAD-132B4AF319A9}: NameServer = 0.0.0.0
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{99845CB9-F2FC-4311-AEE3-AE4530AF5334}: DhcpNameServer = 192.168.1.1
O18:[b]64bit:[/b] - Protocol\Handler\livecall - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\ms-help - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\ms-itss - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\msnim - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\wlmailhtml - No CLSID value found
O18:[b]64bit:[/b] - Protocol\Handler\wlpg - No CLSID value found
O20:[b]64bit:[/b] - AppInit_DLLs: (C:\PROGRA~3\FASTAN~1\FASTAN~2.DLL) - C:\ProgramData\Fast And Safe\FastAndSafe_x64.dll ()
O20:[b]64bit:[/b] - AppInit_DLLs: (C:\Windows\system32\nvinitx.dll) - C:\Windows\SysNative\nvinitx.dll (NVIDIA Corporation)
O20 - AppInit_DLLs: (c:\progra~3\fastan~1\fastan~1.dll) - c:\ProgramData\Fast And Safe\FastAndSafe.dll ()
O20 - AppInit_DLLs: (C:\Windows\SysWOW64\nvinit.dll) - C:\Windows\SysWOW64\nvinit.dll (NVIDIA Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKCU Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20:[b]64bit:[/b] - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O20:[b]64bit:[/b] - Winlogon\Notify\ScCertProp: DllName - (wlnotify.dll) -  File not found
O21:[b]64bit:[/b] - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O27:[b]64bit:[/b] - HKLM IFEO\DatamngrCoordinator.exe: Debugger - C:\Windows\SysNative\tasklist.exe (Microsoft Corporation)
O27 - HKLM IFEO\DatamngrCoordinator.exe: Debugger - C:\Windows\SysWow64\tasklist.exe (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:[b]64bit:[/b] - HKLM\..comfile [open] -- "%1" %*
O35:[b]64bit:[/b] - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...com [@ = comfile] -- "%1" %*
O37:[b]64bit:[/b] - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]
 
[2014/07/30 23:18:45 | 004,181,856 | ---- | C] (Kaspersky Lab ZAO) -- C:\Users\Brian\Desktop\tdsskiller.exe
[2014/07/30 23:17:46 | 000,000,000 | ---D | C] -- C:\Users\Brian\Desktop\GooredFix Backups
[2014/07/30 23:17:11 | 000,071,398 | ---- | C] (jpshortstuff) -- C:\Users\Brian\Desktop\GooredFix.exe
[2014/07/30 23:10:35 | 000,000,000 | ---D | C] -- C:\_OTM
[2014/07/30 23:09:21 | 000,522,240 | ---- | C] (OldTimer Tools) -- C:\Users\Brian\Desktop\OTM.exe
[2014/07/30 23:06:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ERUNT
[2014/07/30 23:06:28 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\ERUNT
[2014/07/30 19:08:30 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\NV
[2014/07/30 19:08:30 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\NV
[2014/07/30 18:41:40 | 000,000,000 | ---D | C] -- C:\Users\Brian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller
[2014/07/30 18:12:33 | 000,000,000 | ---D | C] -- C:\Users\Brian\AppData\Local\Packages
[2014/07/30 18:12:24 | 000,000,000 | ---D | C] -- C:\ProgramData\dealstear
[2014/07/30 17:43:00 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Brian\Desktop\OTL.exe
[2014/07/30 17:32:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Fast And Safe
[2014/07/11 17:34:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Sony
[2014/07/10 17:33:12 | 000,000,000 | ---D | C] -- C:\Users\Brian\AppData\Local\1118
[2014/07/10 17:32:41 | 000,000,000 | ---D | C] -- C:\Users\Brian\AppData\Local\Chromatic Browser
[2014/07/10 17:32:41 | 000,000,000 | ---D | C] -- C:\ProgramData\4a607f86f23577d7
[2014/07/10 17:32:40 | 000,000,000 | ---D | C] -- C:\Users\Brian\AppData\Local\Torch
[2014/07/10 17:32:38 | 000,000,000 | ---D | C] -- C:\Users\Brian\AppData\Local\Comodo
[2014/07/10 17:09:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Open JDK Explorer
[2014/07/10 17:07:48 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\PCFixSpeed
[2014/07/10 17:02:31 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Right Backup
[2014/07/10 17:00:25 | 000,000,000 | ---D | C] -- C:\Users\Brian\AppData\Roaming\rightbackup
[2014/07/09 17:44:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZip
[2014/07/09 17:43:53 | 000,000,000 | ---D | C] -- C:\Users\Brian\AppData\Local\WinZip
[2014/07/09 17:43:24 | 000,000,000 | ---D | C] -- C:\ProgramData\WinZip
[2014/07/09 17:43:20 | 000,000,000 | ---D | C] -- C:\Program Files\WinZip
[2014/07/09 17:43:05 | 000,000,000 | ---D | C] -- C:\Users\Brian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VOPackage
[2014/07/09 17:43:04 | 000,000,000 | ---D | C] -- C:\Users\Brian\AppData\Roaming\VOPackage
[2014/07/09 17:42:49 | 000,000,000 | ---D | C] -- C:\rbtemp
[2014/07/09 17:42:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Right Backup
[2014/07/09 17:42:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced System Protector
[2014/07/09 17:42:22 | 000,000,000 | ---D | C] -- C:\ProgramData\Systweak
[2014/07/09 17:42:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Advanced System Protector
[2014/07/09 17:41:55 | 000,000,000 | ---D | C] -- C:\Users\Brian\AppData\Roaming\Systweak
[2014/07/09 17:41:54 | 000,020,328 | ---- | C] (Systweak Inc., (www.systweak.com)) -- C:\Windows\SysNative\roboot64.exe
[2014/07/09 17:40:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SmartSaver+ 10
[2014/07/09 17:40:16 | 000,000,000 | ---D | C] -- C:\Users\Brian\AppData\Roaming\MySearchDial
[2014/07/09 17:39:57 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mysearchdial
[2014/07/09 17:39:28 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Downloader
[2014/07/09 17:39:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Media Downloader
[2014/07/08 17:11:52 | 000,000,000 | ---D | C] -- C:\Users\Brian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2014/07/02 19:04:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JavaLive! Manager
[2014/07/02 19:04:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\JavaLive! Manager
[2014/07/02 19:02:51 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\LPT
[1 C:\Users\Brian\Documents\*.tmp files -> C:\Users\Brian\Documents\*.tmp -> ]
[1 C:\Users\Brian\AppData\Local\*.tmp files -> C:\Users\Brian\AppData\Local\*.tmp -> ]
 
[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]
 
[2014/07/30 23:21:45 | 000,009,920 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014/07/30 23:21:45 | 000,009,920 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014/07/30 23:18:50 | 004,181,856 | ---- | M] (Kaspersky Lab ZAO) -- C:\Users\Brian\Desktop\tdsskiller.exe
[2014/07/30 23:17:11 | 000,071,398 | ---- | M] (jpshortstuff) -- C:\Users\Brian\Desktop\GooredFix.exe
[2014/07/30 23:14:05 | 000,000,428 | ---- | M] () -- C:\Windows\tasks\ViewPassword Update.job
[2014/07/30 23:13:57 | 000,003,452 | ---- | M] () -- C:\Windows\tasks\64e36912-3c31-4f29-91f8-31bef7612b98-11.job
[2014/07/30 23:13:57 | 000,002,770 | ---- | M] () -- C:\Windows\tasks\64e36912-3c31-4f29-91f8-31bef7612b98-3.job
[2014/07/30 23:13:57 | 000,002,370 | ---- | M] () -- C:\Windows\tasks\64e36912-3c31-4f29-91f8-31bef7612b98-4.job
[2014/07/30 23:13:57 | 000,001,442 | ---- | M] () -- C:\Windows\tasks\64e36912-3c31-4f29-91f8-31bef7612b98-6.job
[2014/07/30 23:13:57 | 000,001,392 | ---- | M] () -- C:\Windows\tasks\64e36912-3c31-4f29-91f8-31bef7612b98-5.job
[2014/07/30 23:13:57 | 000,001,310 | ---- | M] () -- C:\Windows\tasks\64e36912-3c31-4f29-91f8-31bef7612b98-2.job
[2014/07/30 23:13:39 | 000,001,444 | ---- | M] () -- C:\Windows\tasks\64e36912-3c31-4f29-91f8-31bef7612b98-1.job
[2014/07/30 23:13:38 | 000,001,378 | ---- | M] () -- C:\Windows\tasks\64e36912-3c31-4f29-91f8-31bef7612b98-7.job
[2014/07/30 23:13:38 | 000,000,418 | ---- | M] () -- C:\Windows\tasks\ViewPassword_wd.job
[2014/07/30 23:13:09 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014/07/30 23:13:01 | 3061,702,656 | -HS- | M] () -- C:\hiberfil.sys
[2014/07/30 23:10:36 | 000,000,098 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\Hosts
[2014/07/30 23:09:22 | 000,522,240 | ---- | M] (OldTimer Tools) -- C:\Users\Brian\Desktop\OTM.exe
[2014/07/30 23:06:41 | 000,001,110 | ---- | M] () -- C:\Users\Brian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk
[2014/07/30 19:11:10 | 000,001,742 | ---- | M] () -- C:\Windows\SysNative\ServiceFilter.ini
[2014/07/30 18:55:13 | 000,000,908 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2382725470-2412313811-1806556634-1001UA.job
[2014/07/30 18:41:41 | 000,001,270 | ---- | M] () -- C:\Users\Brian\Desktop\Revo Uninstaller.lnk
[2014/07/30 18:38:01 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2014/07/30 18:34:32 | 000,000,928 | ---- | M] () -- C:\Windows\tasks\FacebookUpdateTaskUserS-1-5-21-2382725470-2412313811-1806556634-1001UA.job
[2014/07/30 17:43:04 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Brian\Desktop\OTL.exe
[2014/07/30 17:34:00 | 000,800,938 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2014/07/30 17:34:00 | 000,674,902 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2014/07/30 17:34:00 | 000,127,832 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2014/07/29 12:41:39 | 000,000,908 | ---- | M] () -- C:\Windows\tasks\globalUpdateUpdateTaskMachineUA.job
[2014/07/11 17:24:21 | 007,969,920 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2014/07/10 21:34:06 | 000,003,189 | ---- | M] () -- C:\Windows\SysNative\AutoRunFilter.ini
[2014/07/10 17:07:35 | 000,002,011 | ---- | M] () -- C:\Users\Brian\Application Data\Microsoft\Internet Explorer\Quick Launch\Paltalk Messenger.lnk
[2014/07/10 17:07:33 | 000,001,226 | ---- | M] () -- C:\Users\Brian\Application Data\Microsoft\Internet Explorer\Quick Launch\Upgrade to Paltalk Extreme.lnk
[2014/07/10 17:05:46 | 000,000,000 | ---- | M] () -- C:\end
[2014/07/10 17:02:36 | 000,001,056 | ---- | M] () -- C:\Users\Public\Desktop\Right Backup.lnk
[2014/07/09 17:51:12 | 000,135,168 | ---- | M] () -- C:\Users\Brian\AppData\Local\ChromeHitoryDB
[2014/07/09 17:44:04 | 000,002,283 | ---- | M] () -- C:\Users\Public\Desktop\WinZip.lnk
[2014/07/09 17:42:29 | 000,001,207 | ---- | M] () -- C:\Users\Public\Desktop\Advanced System Protector.lnk
[2014/07/09 17:41:36 | 000,001,458 | ---- | M] () -- C:\Windows\tasks\e71ba47a-c90a-4fcb-a811-4305fd02ffd7-5_user.job
[2014/07/09 17:41:36 | 000,001,440 | ---- | M] () -- C:\Windows\tasks\e71ba47a-c90a-4fcb-a811-4305fd02ffd7-5.job
[2014/07/09 17:41:23 | 000,001,344 | ---- | M] () -- C:\Windows\tasks\e71ba47a-c90a-4fcb-a811-4305fd02ffd7-2.job
[2014/07/09 17:41:19 | 000,001,576 | ---- | M] () -- C:\Windows\tasks\e71ba47a-c90a-4fcb-a811-4305fd02ffd7-1.job
[2014/07/09 17:41:13 | 000,002,322 | ---- | M] () -- C:\Windows\tasks\e71ba47a-c90a-4fcb-a811-4305fd02ffd7-4.job
[2014/07/09 17:41:04 | 000,001,580 | ---- | M] () -- C:\Windows\tasks\e71ba47a-c90a-4fcb-a811-4305fd02ffd7-6.job
[2014/07/09 17:41:04 | 000,001,510 | ---- | M] () -- C:\Windows\tasks\e71ba47a-c90a-4fcb-a811-4305fd02ffd7-7.job
[2014/07/09 17:40:58 | 000,003,804 | ---- | M] () -- C:\Windows\tasks\e71ba47a-c90a-4fcb-a811-4305fd02ffd7-11.job
[2014/07/09 17:40:57 | 000,000,958 | ---- | M] () -- C:\Windows\tasks\globalUpdateUpdateTaskMachineCore1cf9bc6d9e5a9a1.job
[2014/07/09 17:40:52 | 000,002,434 | ---- | M] () -- C:\Windows\tasks\e71ba47a-c90a-4fcb-a811-4305fd02ffd7-3.job
[2014/07/09 17:39:30 | 000,001,236 | ---- | M] () -- C:\Users\Public\Desktop\Media Downloader.lnk
[2014/07/08 17:11:52 | 000,002,373 | ---- | M] () -- C:\Users\Brian\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2014/07/08 17:11:52 | 000,002,371 | ---- | M] () -- C:\Users\Brian\Desktop\Google Chrome.lnk
[2014/07/02 16:53:07 | 000,256,968 | ---- | M] () -- C:\Users\Brian\Desktop\DriverFinder_Setup.exe
[2014/07/01 21:27:00 | 000,001,122 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SoftwareUpdater.lnk
[1 C:\Users\Brian\Documents\*.tmp files -> C:\Users\Brian\Documents\*.tmp -> ]
[1 C:\Users\Brian\AppData\Local\*.tmp files -> C:\Users\Brian\AppData\Local\*.tmp -> ]
 
[color=#E56717]========== Files Created - No Company Name ==========[/color]
 
[2014/07/30 23:06:41 | 000,001,110 | ---- | C] () -- C:\Users\Brian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk
[2014/07/30 18:41:41 | 000,001,270 | ---- | C] () -- C:\Users\Brian\Desktop\Revo Uninstaller.lnk
[2014/07/10 17:09:44 | 000,135,168 | ---- | C] () -- C:\Users\Brian\AppData\Local\ChromeHitoryDB
[2014/07/10 17:07:35 | 000,002,011 | ---- | C] () -- C:\Users\Brian\Application Data\Microsoft\Internet Explorer\Quick Launch\Paltalk Messenger.lnk
[2014/07/10 17:07:33 | 000,001,226 | ---- | C] () -- C:\Users\Brian\Application Data\Microsoft\Internet Explorer\Quick Launch\Upgrade to Paltalk Extreme.lnk
[2014/07/09 17:44:04 | 000,002,283 | ---- | C] () -- C:\Users\Public\Desktop\WinZip.lnk
[2014/07/09 17:42:44 | 000,001,056 | ---- | C] () -- C:\Users\Public\Desktop\Right Backup.lnk
[2014/07/09 17:42:29 | 000,001,207 | ---- | C] () -- C:\Users\Public\Desktop\Advanced System Protector.lnk
[2014/07/09 17:42:16 | 000,016,896 | ---- | C] () -- C:\Windows\SysNative\sasnative64.exe
[2014/07/09 17:41:41 | 000,000,000 | ---- | C] () -- C:\end
[2014/07/09 17:41:36 | 000,001,458 | ---- | C] () -- C:\Windows\tasks\e71ba47a-c90a-4fcb-a811-4305fd02ffd7-5_user.job
[2014/07/09 17:41:32 | 000,001,440 | ---- | C] () -- C:\Windows\tasks\e71ba47a-c90a-4fcb-a811-4305fd02ffd7-5.job
[2014/07/09 17:41:23 | 000,001,344 | ---- | C] () -- C:\Windows\tasks\e71ba47a-c90a-4fcb-a811-4305fd02ffd7-2.job
[2014/07/09 17:41:19 | 000,001,576 | ---- | C] () -- C:\Windows\tasks\e71ba47a-c90a-4fcb-a811-4305fd02ffd7-1.job
[2014/07/09 17:41:13 | 000,002,322 | ---- | C] () -- C:\Windows\tasks\e71ba47a-c90a-4fcb-a811-4305fd02ffd7-4.job
[2014/07/09 17:41:04 | 000,001,580 | ---- | C] () -- C:\Windows\tasks\e71ba47a-c90a-4fcb-a811-4305fd02ffd7-6.job
[2014/07/09 17:41:04 | 000,001,510 | ---- | C] () -- C:\Windows\tasks\e71ba47a-c90a-4fcb-a811-4305fd02ffd7-7.job
[2014/07/09 17:40:58 | 000,003,804 | ---- | C] () -- C:\Windows\tasks\e71ba47a-c90a-4fcb-a811-4305fd02ffd7-11.job
[2014/07/09 17:40:57 | 000,000,958 | ---- | C] () -- C:\Windows\tasks\globalUpdateUpdateTaskMachineCore1cf9bc6d9e5a9a1.job
[2014/07/09 17:40:51 | 000,002,434 | ---- | C] () -- C:\Windows\tasks\e71ba47a-c90a-4fcb-a811-4305fd02ffd7-3.job
[2014/07/09 17:39:30 | 000,001,236 | ---- | C] () -- C:\Users\Public\Desktop\Media Downloader.lnk
[2014/07/08 17:11:52 | 000,002,373 | ---- | C] () -- C:\Users\Brian\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2014/07/08 17:11:52 | 000,002,371 | ---- | C] () -- C:\Users\Brian\Desktop\Google Chrome.lnk
[2014/07/02 16:54:18 | 000,256,968 | ---- | C] () -- C:\Users\Brian\Desktop\DriverFinder_Setup.exe
[2014/06/22 05:18:01 | 000,000,046 | ---- | C] () -- C:\Users\Brian\AppData\Roaming\WB.CFG
[2013/12/04 00:15:42 | 000,925,184 | ---- | C] () -- C:\Windows\expstart.exe
[2013/03/14 19:41:06 | 000,000,262 | ---- | C] () -- C:\Windows\{EEB3F6BB-318D-4CE5-989F-8191FCBFB578}_WiseFW.ini
[2011/08/04 12:22:16 | 000,000,093 | ---- | C] () -- C:\Users\Brian\AppData\Local\fusioncache.dat
[2011/06/11 10:21:27 | 000,000,132 | ---- | C] () -- C:\Users\Brian\AppData\Roaming\Adobe PNG Format CS5 Prefs
[2011/02/01 19:29:23 | 000,000,600 | ---- | C] () -- C:\Users\Brian\AppData\Roaming\winscp.rnd
[2010/09/19 23:33:37 | 000,000,132 | ---- | C] () -- C:\Users\Brian\AppData\Roaming\Adobe GIF Format CS5 Prefs
[2010/08/30 00:17:07 | 000,001,456 | ---- | C] () -- C:\Users\Brian\AppData\Local\Adobe Save for Web 12.0 Prefs
[2010/08/30 00:07:50 | 000,000,124 | ---- | C] () -- C:\Users\Brian\webct_upload_applet.properties
[2010/08/28 20:17:56 | 000,007,600 | ---- | C] () -- C:\Users\Brian\AppData\Local\Resmon.ResmonCfg
[2010/08/27 18:56:23 | 000,001,070 | ---- | C] () -- C:\Users\Brian\Application Mover.cfg
[2010/08/12 13:14:24 | 000,131,368 | ---- | C] () -- C:\ProgramData\FullRemove.exe
[2005/07/01 08:30:11 | 000,001,492 | -H-- | C] () -- C:\Users\Brian\AppData\Roaming\Brianlog.dat
 
[color=#E56717]========== ZeroAccess Check ==========[/color]
 
[2009/07/13 23:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2014/03/24 21:43:12 | 014,175,744 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2014/03/24 21:09:54 | 012,874,240 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2012/08/21 08:11:31 | 000,857,088 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2012/08/21 08:37:44 | 000,636,928 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2012/08/21 08:08:38 | 000,453,120 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
 
[color=#E56717]========== LOP Check ==========[/color]
 
[2011/09/05 20:40:04 | 000,000,000 | ---D | M] -- C:\Users\Brian\AppData\Roaming\.minecraft
[2011/02/02 11:59:35 | 000,000,000 | ---D | M] -- C:\Users\Brian\AppData\Roaming\aicon
[2011/07/24 19:57:33 | 000,000,000 | ---D | M] -- C:\Users\Brian\AppData\Roaming\Audacity
[2014/06/14 22:22:25 | 000,000,000 | ---D | M] -- C:\Users\Brian\AppData\Roaming\AVG
[2013/05/22 03:08:47 | 000,000,000 | ---D | M] -- C:\Users\Brian\AppData\Roaming\Awesomium
[2013/03/09 00:46:43 | 000,000,000 | ---D | M] -- C:\Users\Brian\AppData\Roaming\calibre
[2011/12/24 19:18:02 | 000,000,000 | ---D | M] -- C:\Users\Brian\AppData\Roaming\com.adobe.dmp.contentviewer
[2011/12/24 19:18:05 | 000,000,000 | ---D | M] -- C:\Users\Brian\AppData\Roaming\com.adobe.WidgetBrowser.E7BED6E5DDA59983786DD72EBFA46B1598278E07.1
[2011/12/27 00:33:10 | 000,000,000 | ---D | M] -- C:\Users\Brian\AppData\Roaming\com.destroytoday.destroytwitter
[2014/06/09 12:47:20 | 000,000,000 | ---D | M] -- C:\Users\Brian\AppData\Roaming\com.torparse.TorparseApplication
[2014/06/09 13:40:46 | 000,000,000 | ---D | M] -- C:\Users\Brian\AppData\Roaming\Dropbox
[2014/06/22 04:49:40 | 000,000,000 | ---D | M] -- C:\Users\Brian\AppData\Roaming\DVDVideoSoft
[2011/01/08 17:24:16 | 000,000,000 | ---D | M] -- C:\Users\Brian\AppData\Roaming\Garritan
[2012/08/16 03:39:36 | 000,000,000 | ---D | M] -- C:\Users\Brian\AppData\Roaming\IObit
[2013/03/10 15:42:19 | 000,000,000 | ---D | M] -- C:\Users\Brian\AppData\Roaming\Kalypso Media
[2010/08/26 00:18:38 | 000,000,000 | ---D | M] -- C:\Users\Brian\AppData\Roaming\LolClient
[2011/09/08 22:34:19 | 000,000,000 | ---D | M] -- C:\Users\Brian\AppData\Roaming\Mael
[2011/01/08 17:23:59 | 000,000,000 | ---D | M] -- C:\Users\Brian\AppData\Roaming\MakeMusic
[2011/07/28 20:28:34 | 000,000,000 | ---D | M] -- C:\Users\Brian\AppData\Roaming\ManyCam
[2014/06/09 12:26:56 | 000,000,000 | ---D | M] -- C:\Users\Brian\AppData\Roaming\Moonchild Productions
[2013/11/25 10:48:46 | 000,000,000 | ---D | M] -- C:\Users\Brian\AppData\Roaming\MotioninJoy
[2013/08/18 05:42:33 | 000,000,000 | ---D | M] -- C:\Users\Brian\AppData\Roaming\Mumble
[2014/07/09 17:40:16 | 000,000,000 | ---D | M] -- C:\Users\Brian\AppData\Roaming\MySearchDial
[2013/12/15 14:27:26 | 000,000,000 | ---D | M] -- C:\Users\Brian\AppData\Roaming\NCSOFT
[2014/06/22 04:48:38 | 000,000,000 | ---D | M] -- C:\Users\Brian\AppData\Roaming\OpenCandy
[2012/02/23 20:22:19 | 000,000,000 | ---D | M] -- C:\Users\Brian\AppData\Roaming\Opera
[2011/12/24 19:07:41 | 000,000,000 | ---D | M] -- C:\Users\Brian\AppData\Roaming\PACE Anti-Piracy
[2011/05/27 17:21:29 | 000,000,000 | ---D | M] -- C:\Users\Brian\AppData\Roaming\Plogue
[2014/06/09 13:24:29 | 000,000,000 | ---D | M] -- C:\Users\Brian\AppData\Roaming\raidcall
[2014/07/10 17:03:19 | 000,000,000 | ---D | M] -- C:\Users\Brian\AppData\Roaming\rightbackup
[2011/11/25 20:32:44 | 000,000,000 | ---D | M] -- C:\Users\Brian\AppData\Roaming\Seagate
[2011/01/06 14:12:50 | 000,000,000 | ---D | M] -- C:\Users\Brian\AppData\Roaming\Songbird2
[2014/06/29 07:00:42 | 000,000,000 | ---D | M] -- C:\Users\Brian\AppData\Roaming\SupTab
[2012/01/09 22:44:22 | 000,000,000 | ---D | M] -- C:\Users\Brian\AppData\Roaming\SystemRequirementsLab
[2014/07/10 21:37:37 | 000,000,000 | ---D | M] -- C:\Users\Brian\AppData\Roaming\Systweak
[2014/06/29 06:10:39 | 000,000,000 | ---D | M] -- C:\Users\Brian\AppData\Roaming\Tomabo
[2014/06/09 12:43:58 | 000,000,000 | ---D | M] -- C:\Users\Brian\AppData\Roaming\Trillian
[2013/03/10 16:09:27 | 000,000,000 | ---D | M] -- C:\Users\Brian\AppData\Roaming\Tropico 4
[2011/07/01 23:12:12 | 000,000,000 | ---D | M] -- C:\Users\Brian\AppData\Roaming\ts3overlay
[2014/07/09 17:43:05 | 000,000,000 | ---D | M] -- C:\Users\Brian\AppData\Roaming\VOPackage
[2011/08/05 09:23:16 | 000,000,000 | ---D | M] -- C:\Users\Brian\AppData\Roaming\WebcamMax
[2013/05/29 19:25:30 | 000,000,000 | ---D | M] -- C:\Users\Brian\AppData\Roaming\webex
[2013/03/09 01:07:48 | 000,000,000 | ---D | M] -- C:\Users\Brian\AppData\Roaming\X-Chat 2
 
[color=#E56717]========== Purity Check ==========[/color]
 
 
 
[color=#E56717]========== Alternate Data Streams ==========[/color]
 
@Alternate Data Stream - 122 bytes -> C:\ProgramData\Temp:56E2E879
@Alternate Data Stream - 119 bytes -> C:\ProgramData\Temp:5C321E34
@Alternate Data Stream - 1155 bytes -> C:\ProgramData\Microsoft:c7wMWfpDZco0CueOuX3NgczI
@Alternate Data Stream - 1074 bytes -> C:\ProgramData\Microsoft:oE5zZeoZTDVj6Nuj4gytnH0
@Alternate Data Stream - 1032 bytes -> C:\Users\Brian\AppData\Local\Temp:6AoWPJmFJPkxRQPMwNY

< End of report >


  • 0

Advertisements


#2
Valinorum

Valinorum

    GeekU Guardian Bot

  • GeekU Moderator
  • 2,915 posts
Hi Bmache, :)

:welcome:

My name is Valinorum and I will be the acolyte today. Before we proceed, please, acknowledge yourself the following(s):
  • Please do not create any new threads on this while we are working on your system as it wastes another volunteer's time. If you are being helped/have solved the issue/no longer wish to continue, notify me in your reply and I will quickly close this thread. Failing to comply will result in denial of future assistance.
  • Please do not install any new software while we are working on this system as it may hinder our process.
  • Malware removal is a complicated process so don't stop following the steps even if the symptoms are not found. Keep up with me until I declare you clean.
  • Please do not try to fix anything without being ask.
  • Please do not attach your logs or put them inside code/quote tags. Do a Copy/Paste of the entire contents of the log file and submit it inside your post unless directed otherwise.
  • Please print or save the instructions I give you for quick reference. We may be using Safe mode which will cut you off from internet and you will not always be able to access this thread.
  • Back up your data. I will not knowingly suggest your any course that might damage your system but sometimes Malware infections are so severe that only option we have is to re-format and re-install the operating system.
  • If you are confused about any instruction stop and ask. Do not keep on going.
  • Do not repeat the steps if you face any problems.
  • I am not an omniscient. There are things even I cannot foresee. But what I know took years to learn and perfect the skill. This site is run by volunteers who help people in need in their own free time. I would ask you to respect their time and be patient as sometimes real life demands our time and replies to you can be delayed.
  • Private Message(PM) if and only if I have not responded to your thread within three days or your query is offtopic and personal. Do not PM me under any other circumstances. Your thread is the only medium of communication.
  • The fixes are for your system only. Please refrain from using these fixes on other system as it may do serious damage.
 

Please post the Extras.txt located in C:\Users\Brian\Desktop and post the logs as it is without using code/quote tags.

 
  • Step #1 Scan with Farbar Recovery Scan Tool
    • Please download Farbar Recovery Scan Tool by Farbar to your Desktop from the link below.
      Download link for 32 bit system
      Download link for 64 bit system
    • Right-click on the program and choose Run as administrator;
    • Put tick-mark on all boxes under Whitelist and Optional Scan;
    • Click on Scan;
    • After the scan two notepad files will be opened --
      • FRST.txt;
      • Addition.txt
    • Copy and Paste the contents of the logs in your next reply.
 
  • Required Log(s):
    • OTL Log(s) --
      • Extras.txt
    • FRST Log(s) --
      • FRST.txt
      • Addition.txt
Regards,
Valinorum
  • 0

#3
Bmache

Bmache

    Member

  • Topic Starter
  • Member
  • PipPip
  • 11 posts

Thanks for getting to this. So everything you said is loud and clear, I'll try to communicate tot him not to download anything new while we are cleaning this up. A couple of new notes:

 

The longer this site is up it starts to play audio and this reply box gets replaced with a website. Also, this site was being blocked by RocketTab or something, but I was able to bypass it by going in to settings and removing the proxy.

 

Also, OTL didn't produce an extras.txt so I'm not sure how to get that to you. If there is a way I can produce it again (I tried running the scan again with Use whitelist on the Extra registry section) let me know.

 

FRST.txt

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 31-07-2014 02
Ran by Brian (administrator) on CHARLIE on 01-08-2014 13:26:22
Running from C:\Users\Brian\Desktop
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Normal
 
The only official download link for FRST:
Download link from any site other than Bleeping Computer is unpermitted or outdated.
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(ASUSTeK Computer Inc.) C:\Windows\System32\FBAgent.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
() C:\Windows\SysWOW64\srvany.exe
() C:\Windows\KMService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
() C:\Program Files (x86)\LPT\srpts.exe
() C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
() C:\Program Files (x86)\pastaleads\PastaLeadsService.exe
() C:\Program Files (x86)\LPT\srptsl.exe
() C:\Program Files\pcmax\pcmax.exe
(Systweak) C:\Program Files (x86)\Right Backup\RBClientService.exe
(Intel® Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
(Search Module Ltd.) C:\Program Files\Common Files\Goobzo\GBUpdate\smu.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Green Fire Software) C:\ProgramData\XRtVYg\SycvOme.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(GOOBZO) C:\Program Files (x86)\YouTube Accelerator\YouTubeAcceleratorService.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
() C:\Program Files (x86)\LPT\srptm.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(HQ-1.9) C:\Program Files (x86)\HQPro-1.9\HQPro-1.9-nova.exe
() C:\Program Files (x86)\-ViewPassword-soft\ViewPasswordFIXQNw.exe
(ATK) C:\Program Files\P4G\BatteryLife.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe
(Systweak) C:\Program Files (x86)\Right Backup\RightBackup.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe
(Systweak) C:\Program Files (x86)\Advanced System Protector\AdvancedSystemProtector.exe
(ELAN Microelectronic Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Microsoft Corporation) C:\Program Files\Microsoft IntelliPoint\ipoint.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Google Inc.) C:\Users\Brian\AppData\Local\Google\Update\GoogleUpdate.exe
(Facebook Inc.) C:\Users\Brian\AppData\Local\Facebook\Update\FacebookUpdate.exe
(Akamai Technologies, Inc.) C:\Users\Brian\AppData\Local\Akamai\netsession_win.exe
(ELAN Microelectronic Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(GOOBZO) C:\Program Files (x86)\YouTube Accelerator\YouTubeAccelerator.exe
(Akamai Technologies, Inc.) C:\Users\Brian\AppData\Local\Akamai\netsession_win.exe
() C:\Program Files (x86)\pastaleads\PastaLeadsWinApp.exe
(Software Updater) C:\Program Files (x86)\Software Updater\SoftwareUpdater.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
(NEC Electronics Corporation) C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
(SRS Labs, Inc.) C:\Program Files\SRS Labs\SRS Premium Sound Control Panel\SRSPremiumPanel_64.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(ASUS) C:\Windows\AsScrPro.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
() C:\Program Files (x86)\-ViewPassword-soft\ViewPasswordHh174.exe
() C:\Program Files (x86)\pastaleads\ScheduledTask.exe
 
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [499608 2011-03-30] (Adobe Systems Incorporated)
HKLM\...\Run: [ETDWare] => C:\Program Files\Elantech\ETDCtrl.exe [649608 2010-04-13] (ELAN Microelectronic Corp.)
HKLM\...\Run: [IntelliPoint] => C:\Program Files\Microsoft IntelliPoint\ipoint.exe [2417032 2011-08-01] (Microsoft Corporation)
HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [1271072 2014-03-11] (Microsoft Corporation)
HKLM\...\Run: [pcreg] => C:\Program Files\pcmax\service.exe [79088 2014-05-29] ()
HKLM-x32\...\Run: [UpdateLBPShortCut] => C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe [222504 2009-05-20] (CyberLink Corp.)
HKLM-x32\...\Run: [UpdateP2GoShortCut] => C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe [222504 2009-05-20] (CyberLink Corp.)
HKLM-x32\...\Run: [ATKOSD2] => C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [7350912 2010-02-04] (ASUS)
HKLM-x32\...\Run: [ATKMEDIA] => C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe [170624 2010-01-05] (ASUS)
HKLM-x32\...\Run: [HControlUser] => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe [105016 2009-06-19] (ASUS)
HKLM-x32\...\Run: [NUSB3MON] => C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [106496 2010-01-22] (NEC Electronics Corporation)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [QuickTime Task] => D:\Program Files (x86)\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-05-07] (Oracle Corporation)
HKLM-x32\...\Run: [BrowserSafeguard] => C:\Program Files (x86)\Browsersafeguard\BrowserSafeguard.exe [363008 2014-06-22] ()
HKLM-x32\...\Run: [pcreg] => C:\Program Files\pcmax\service.exe [79088 2014-05-29] ()
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-05-26] (Apple Inc.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\ScCertProp: wlnotify.dll [X]
HKLM\...\Policies\Explorer: [HideSCAHealth] 1
HKU\S-1-5-21-2382725470-2412313811-1806556634-1001\...\Run: [Google Update] => C:\Users\Brian\AppData\Local\Google\Update\GoogleUpdate.exe [135664 2010-08-12] (Google Inc.)
HKU\S-1-5-21-2382725470-2412313811-1806556634-1001\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-2382725470-2412313811-1806556634-1001\...\Run: [Facebook Update] => C:\Users\Brian\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2012-08-16] (Facebook Inc.)
HKU\S-1-5-21-2382725470-2412313811-1806556634-1001\...\Run: [Akamai NetSession Interface] => C:\Users\Brian\AppData\Local\Akamai\netsession_win.exe [4672920 2014-04-17] (Akamai Technologies, Inc.)
HKU\S-1-5-21-2382725470-2412313811-1806556634-1001\...\Run: [pcreg] => C:\Program Files\pcmax\service.exe [79088 2014-05-29] ()
HKU\S-1-5-21-2382725470-2412313811-1806556634-1001\...\Run: [GoobzoYouTubeAccelerator] => C:\Program Files (x86)\YouTube Accelerator\YouTubeAccelerator.exe [2218856 2014-06-22] (GOOBZO)
HKU\S-1-5-21-2382725470-2412313811-1806556634-1001\...\Policies\Explorer: [HideSCAHealth] 1
HKU\S-1-5-21-2382725470-2412313811-1806556634-1001\...\Winlogon: [Shell] C:\Windows\explorer.exe [2871808 2011-02-25] (Microsoft Corporation) <==== ATTENTION 
AppInit_DLLs: C:\PROGRA~3\FASTAN~1\FASTAN~2.DLL => C:\ProgramData\Fast And Safe\FastAndSafe_x64.dll [4302848 2014-07-30] ()
AppInit_DLLs: ,C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [168616 2013-09-05] (NVIDIA Corporation)
AppInit_DLLs-x32: c:\progra~3\fastan~1\fastan~1.dll => c:\ProgramData\Fast And Safe\FastAndSafe.dll [4125696 2014-07-30] ()
AppInit_DLLs-x32: ,C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [141336 2013-09-05] (NVIDIA Corporation)
IFEO\DatamngrCoordinator.exe: [Debugger] tasklist.exe
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\PastaQuotes.lnk
ShortcutTarget: PastaQuotes.lnk -> C:\Program Files (x86)\pastaleads\PastaLeadsWinApp.exe ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SoftwareUpdater.lnk
ShortcutTarget: SoftwareUpdater.lnk -> C:\Program Files (x86)\Software Updater\SoftwareUpdater.exe (Software Updater)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SRS Premium Sound.lnk
ShortcutTarget: SRS Premium Sound.lnk -> C:\Windows\Installer\{E5CF6B9C-3ABE-43C9-9413-AD5FFC98F049}\NewShortcut5_21C7B668029A47458B27645FE6E4A715.exe (Acresso Software Inc.)
Startup: C:\Users\Brian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk
ShortcutTarget: ERUNT AutoBackup.lnk -> C:\Program Files (x86)\ERUNT\AUTOBACK.EXE ()
ShellIconOverlayIdentifiers:  SkyDrive1 -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\Brian\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll (Microsoft Corporation)
ShellIconOverlayIdentifiers:  SkyDrive2 -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\Brian\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll (Microsoft Corporation)
ShellIconOverlayIdentifiers:  SkyDrive3 -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\Brian\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll (Microsoft Corporation)
ShellIconOverlayIdentifiers: GDriveSharedOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} =>  No File
ShellIconOverlayIdentifiers: HardLinkMenu -> {0A479751-02BC-11d3-A855-0004AC2568AA} => C:\Program Files\LinkShellExtension\HardlinkShellExt.dll (Hermann Schinagl)
ShellIconOverlayIdentifiers: IconOverlayHardLink -> {0A479751-02BC-11d3-A855-0004AC2568DD} => C:\Program Files\LinkShellExtension\HardlinkShellExt.dll (Hermann Schinagl)
ShellIconOverlayIdentifiers: IconOverlaySymbolicLink -> {0A479751-02BC-11d3-A855-0004AC2568EE} => C:\Program Files\LinkShellExtension\HardlinkShellExt.dll (Hermann Schinagl)
ShellIconOverlayIdentifiers-x32:  SkyDrive1 -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\Brian\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\SkyDriveShell.dll (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32:  SkyDrive2 -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\Brian\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\SkyDriveShell.dll (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32:  SkyDrive3 -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\Brian\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\SkyDriveShell.dll (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: HardLinkMenu -> {0A479751-02BC-11d3-A855-0004AC2568AA} => C:\Program Files\LinkShellExtension\32\HardlinkShellExt.dll (Hermann Schinagl)
ShellIconOverlayIdentifiers-x32: IconOverlayHardLink -> {0A479751-02BC-11d3-A855-0004AC2568DD} => C:\Program Files\LinkShellExtension\32\HardlinkShellExt.dll (Hermann Schinagl)
ShellIconOverlayIdentifiers-x32: IconOverlaySymbolicLink -> {0A479751-02BC-11d3-A855-0004AC2568EE} => C:\Program Files\LinkShellExtension\32\HardlinkShellExt.dll (Hermann Schinagl)
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://start.mysearc...=1371696044&ir=
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://feed.helperba...q={searchTerms}
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.v9.com/?t...psd&t=344dffdc0
HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://feed.helperba...q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.v9.com...q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.v9.com/?t...psd&t=344dffdc0
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.v9.com/?t...psd&t=344dffdc0
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.v9.com...q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.v9.com...q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.v9.com/?t...psd&t=344dffdc0
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://search.v9.com...q={searchTerms}
URLSearchHook: HKCU - (No Name) - {84FF7BD6-B47F-46F8-9130-01B2696B36CB} - No File
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://search.v9.com...q={searchTerms}
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKLM - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://search.v9.com...q={searchTerms}
SearchScopes: HKLM - {460C3D19-B3D4-4964-A550-77D263B0CCCB} URL = http://www-search.ne...q={searchTerms}
SearchScopes: HKLM - {77AA745B-F4F8-45DA-9B14-61D2D95054C8} URL = http://start.mysearc...=1371696044&ir=
SearchScopes: HKLM - {7F4EFF06-7032-458e-AE16-1C1D8255C28A} URL = http://start.mysearc...&cr=5182463&ir=
SearchScopes: HKLM - {A33DB9FD-7A8A-496E-92D3-9CFCF9D9E1C9} URL = http://www-search.ne...q={searchTerms}
SearchScopes: HKLM-x32 - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://search.v9.com...q={searchTerms}
SearchScopes: HKLM-x32 - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://search.v9.com...q={searchTerms}
SearchScopes: HKLM-x32 - {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = http://www.google.co...ng}&rlz=1I7ASUT
SearchScopes: HKCU - DefaultScope {7F4EFF06-7032-458e-AE16-1C1D8255C28A} URL = http://www-search.ne...q={searchTerms}
SearchScopes: HKCU - {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = http://feed.helperba...q={searchTerms}
SearchScopes: HKCU - {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = http://www.trovi.com...rchTerms}&SSPV=
SearchScopes: HKCU - {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = http://search.v9.com...q={searchTerms}
SearchScopes: HKCU - {460C3D19-B3D4-4964-A550-77D263B0CCCB} URL = http://www-search.ne...q={searchTerms}
SearchScopes: HKCU - {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = 
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = 
SearchScopes: HKCU - {77AA745B-F4F8-45DA-9B14-61D2D95054C8} URL = http://start.mysearc...=1371696044&ir=
SearchScopes: HKCU - {7F4EFF06-7032-458e-AE16-1C1D8255C28A} URL = http://www-search.ne...q={searchTerms}
SearchScopes: HKCU - {80c554b9-c7f8-4a21-9471-06d606da78a2} URL = http://www.bing.com/...=MSSEDF&pc=MSSE
SearchScopes: HKCU - {A33DB9FD-7A8A-496E-92D3-9CFCF9D9E1C9} URL = http://www-search.ne...q={searchTerms}
BHO: SmartSaver+ 10 -> {11111111-1111-1111-1111-110411891118} -> C:\Program Files (x86)\SmartSaver+ 10\SmartSaver+ 10-bho64.dll (smart-saverplus)
BHO: HQPro-1.9 -> {11111111-1111-1111-1111-110511311172} -> C:\Program Files (x86)\HQPro-1.9\HQPro-1.9-bho64.dll (HQ-1.9)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: No Name -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} ->  No File
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: dealstear -> {BA686A29-A489-3038-9006-C9B9977F34AE} -> C:\ProgramData\dealstear\ZX7.x64.dll ()
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: 2rs3 -> {10AD2C61-0898-4348-8600-14A342F22AC3} -> C:\Program Files (x86)\SupraSavings\2rs3.dll ()
BHO-x32: SmartSaver+ 10 -> {11111111-1111-1111-1111-110411891118} -> C:\Program Files (x86)\SmartSaver+ 10\SmartSaver+ 10-bho.dll (smart-saverplus)
BHO-x32: HQPro-1.9 -> {11111111-1111-1111-1111-110511311172} -> C:\Program Files (x86)\HQPro-1.9\HQPro-1.9-bho.dll (HQ-1.9)
BHO-x32: IETabPage Class -> {3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} -> C:\Program Files (x86)\SupTab\SupTab.dll (Thinknice Co. Limited)
BHO-x32: ViewPassword -> {3CB547DB-A0E4-1686-7034-692987A1F99C} -> C:\Program Files (x86)\-ViewPassword-soft\174.dll ()
BHO-x32: Search Helper -> {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} -> C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: No Name -> {84FF7BD6-B47F-46F8-9130-01B2696B36CB} ->  No File
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: dealstear -> {BA686A29-A489-3038-9006-C9B9977F34AE} -> C:\ProgramData\dealstear\ZX7.dll ()
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - No Name - {ae07101b-46d4-4a98-af68-0333ea26e113} -  No File
Toolbar: HKLM-x32 - No Name - {ae07101b-46d4-4a98-af68-0333ea26e113} -  No File
Toolbar: HKCU - No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} -  No File
Toolbar: HKCU - No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} -  No File
DPF: HKLM-x32 {1E54D648-B804-468d-BC78-4AFFED8E262F} http://www.nvidia.co...sreqlab_nvd.cab
Winsock: Catalog9 01 C:\Program Files (x86)\YouTube Accelerator\ytalsp.dll [177512] (GOOBZO)
Winsock: Catalog9 02 C:\Program Files (x86)\YouTube Accelerator\ytalsp.dll [177512] (GOOBZO)
Winsock: Catalog9 03 C:\Program Files (x86)\YouTube Accelerator\ytalsp.dll [177512] (GOOBZO)
Winsock: Catalog9 04 C:\Program Files (x86)\YouTube Accelerator\ytalsp.dll [177512] (GOOBZO)
Winsock: Catalog9 05 C:\Program Files (x86)\YouTube Accelerator\ytalsp.dll [177512] (GOOBZO)
Winsock: Catalog9 06 C:\Program Files (x86)\YouTube Accelerator\ytalsp.dll [177512] (GOOBZO)
Winsock: Catalog9 07 C:\Program Files (x86)\YouTube Accelerator\ytalsp.dll [177512] (GOOBZO)
Winsock: Catalog9 08 C:\Program Files (x86)\YouTube Accelerator\ytalsp.dll [177512] (GOOBZO)
Winsock: Catalog9 19 C:\Program Files (x86)\YouTube Accelerator\ytalsp.dll [177512] (GOOBZO)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{7C78E3E7-25E5-4AEF-8CAD-132B4AF319A9}: [NameServer]0.0.0.0
 
FireFox:
========
FF ProfilePath: C:\Users\Brian\AppData\Roaming\Mozilla\Firefox\Profiles\y1ghqeww.default
FF NewTab: about:newtab
FF DefaultSearchEngine: user_pref("browser.search.defaultenginename", "");
FF SearchEngineOrder.1: Google
FF SelectedSearchEngine: Mysearchdial
FF Homepage: hxxp://start.mysearchdial.com/?f=1&a=bndl1_14_26&cd=2XzuyEtN2Y1L1QzutBtD0C0FtAtDtAyEyBzy0A0AzyzztAyDtN0D0Tzu0SzytBtCtN1L2XzutBtFtBtCtFtCtCtFtBtN1L1Czu1S1G1Q1ItC1VtCyE1VtByCtN1L1G1B1V1N2Y1L1Qzu2SyDyD0FtBzzyEtCyDtGtC0DtCzztGtCzzyC0EtGyB0BtCyCtGtCtAyC0ByC0FtA0CyEzz0BtD2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyD0D0FtDtDtByD0AtGtDtAyB0DtG0FyDyBtBtG0F0CtB0DtGyD0BtBzz0D0CyBzztD0AzzyD2Q&cr=1371696044&ir=
FF Keyword.URL: hxxp://www-search.net/search.aspx?s=E6Mwlimyu1,e3c303cd-2507-421f-a35e-47ff424255e2,&q=
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_145.dll ()
FF Plugin: @java.com/DTPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~4\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @canon.com/MycameraPlugin - D:\Program Files (x86)\Canon\ZoomBrowser EX\Program\NPCIG.dll No File
FF Plugin-x32: @java.com/DTPlugin,version=10.60.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.60.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin-x32: @staging.google.com/globalUpdate Update;version=10 - C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll (globalUpdate)
FF Plugin-x32: @staging.google.com/globalUpdate Update;version=4 - C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\npGoogleUpdate4.dll (globalUpdate)
FF Plugin-x32: @tools.google.com/Google Update;version=8 - D:\Program Files (x86)\Google\Update\1.2.183.13\npGoogleOneClick8.dll No File
FF Plugin-x32: Adobe Reader - D:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin - C:\Users\Brian\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF Plugin HKCU: @talk.google.com/GoogleTalkPlugin - C:\Users\Brian\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin HKCU: @talk.google.com/O1DPlugin - C:\Users\Brian\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\Brian\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\Brian\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF user.js: detected! => C:\Users\Brian\AppData\Roaming\Mozilla\Firefox\Profiles\y1ghqeww.default\user.js
FF Plugin ProgramFiles/Appdata: C:\Users\Brian\AppData\Roaming\mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\Brian\AppData\Roaming\mozilla\plugins\npo1d.dll (Google)
FF SearchPlugin: C:\Users\Brian\AppData\Roaming\Mozilla\Firefox\Profiles\y1ghqeww.default\searchplugins\Mysearchdial.xml
FF Extension: SmartSaver+ 10 - C:\Users\Brian\AppData\Roaming\Mozilla\Firefox\Profiles\y1ghqeww.default\Extensions\[email protected]bda57173b.com [2014-07-09]
FF Extension: HQPro-1.9 - C:\Users\Brian\AppData\Roaming\Mozilla\Firefox\Profiles\y1ghqeww.default\Extensions\[email protected]4e2e4d3ad.com [2014-06-22]
FF Extension: Fast Start - C:\Users\Brian\AppData\Roaming\Mozilla\Firefox\Profiles\y1ghqeww.default\Extensions\[email protected] [2014-07-11]
FF Extension: cosstminn - C:\Users\Brian\AppData\Roaming\Mozilla\Firefox\Profiles\y1ghqeww.default\Extensions\[email protected] [2014-07-11]
FF Extension: No Name - C:\Users\Brian\AppData\Roaming\Mozilla\Firefox\Profiles\y1ghqeww.default\Extensions\staged [2014-07-11]
FF Extension: SupraSavings - C:\Users\Brian\AppData\Roaming\Mozilla\Firefox\Profiles\y1ghqeww.default\Extensions\[email protected] [2014-06-22]
FF Extension: MySearchDial NewTab - C:\Users\Brian\AppData\Roaming\Mozilla\Firefox\Profiles\y1ghqeww.default\Extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8} [2014-07-10]
FF Extension: No Name - C:\Users\Brian\AppData\Roaming\Mozilla\Firefox\Profiles\y1ghqeww.default\Extensions\[email protected] [2014-07-30]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2012-02-27]
FF HKLM-x32\...\Firefox\Extensions: [{55A8EC97-6AF6-442c-877F-11C51DBD162D}] - C:\Program Files (x86)\Tomabo\YouTube Video Downloader\YTVD_FF.xpi
FF Extension: YouTube Video Downloader Extension - C:\Program Files (x86)\Tomabo\YouTube Video Downloader\YTVD_FF.xpi [2014-06-10]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Users\Brian\AppData\Roaming\Mozilla\Firefox\Profiles\y1ghqeww.default\extensions\[email protected]
FF HKCU\...\Firefox\Extensions: [{735C497D-D20D-45CB-51DE-4E6626FEAD4D}] - C:\Program Files (x86)\-ViewPassword-soft\174.xpi
FF Extension: No Name - C:\Program Files (x86)\-ViewPassword-soft\174.xpi [2014-06-22]
FF StartMenuInternet: FIREFOX.EXE - D:\Program Files (x86)\Mozilla Firefox\firefox.exe
 
Chrome: 
=======
CHR HomePage: hxxp://www-search.net/?s=E6Mwlimyu1,e3c303cd-2507-421f-a35e-47ff424255e2,
CHR StartupUrls: "hxxp://www-search.net/?s=E6Mwlimyu1,e3c303cd-2507-421f-a35e-47ff424255e2,"
CHR DefaultSearchKeyword: www-search.net
CHR DefaultSearchProvider: Search
CHR DefaultNewTabURL: 
CHR Extension: (Google Docs) - C:\Users\Brian\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-07-08]
CHR Extension: (Google Drive) - C:\Users\Brian\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-07-08]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Brian\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-07-08]
CHR Extension: (YouTube) - C:\Users\Brian\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-07-08]
CHR Extension: (Search) - C:\Users\Brian\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-07-08]
CHR Extension: (HQPro-1.9) - C:\Users\Brian\AppData\Local\Google\Chrome\User Data\Default\Extensions\deghekbbihbapplmbffglehkdhkeibbm [2014-07-10]
CHR Extension: (MySearchDial) - C:\Users\Brian\AppData\Local\Google\Chrome\User Data\Default\Extensions\iagcajndpnfncplednpbnkahadegklfa [2014-07-09]
CHR Extension: (YouTube Video Downloader Extension) - C:\Users\Brian\AppData\Local\Google\Chrome\User Data\Default\Extensions\igljnkmljjbhcellpnjppojkfdfmkjmp [2014-07-08]
CHR Extension: (SASS Inspector) - C:\Users\Brian\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkofmbmllpgfbnonmnenkiakimpgoamn [2014-07-30]
CHR Extension: (cosstminn) - C:\Users\Brian\AppData\Local\Google\Chrome\User Data\Default\Extensions\nbhgdhnjbodilabcjbogfnppbopbdgob [2014-07-10]
CHR Extension: (Google Wallet) - C:\Users\Brian\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-07-08]
CHR Extension: (Gmail) - C:\Users\Brian\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-07-08]
CHR HKCU\...\Chrome\Extension: [apdfllckaahabafndbhieahigkjlhalf] - C:\Users\Brian\AppData\Local\Google\Drive\apdfllckaahabafndbhieahigkjlhalf_live.crx [2014-07-08]
CHR HKLM-x32\...\Chrome\Extension: [igljnkmljjbhcellpnjppojkfdfmkjmp] - C:\Program Files (x86)\Tomabo\YouTube Video Downloader\YTVD_GC.crx [2014-06-10]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx [2014-06-10]
CHR HKLM-x32\...\Chrome\Extension: [pelmeidfhdlhlbjimpabfcbnnojbboma] - C:\Users\Brian\AppData\Local\Google\Chrome\User Data\Default\Extensions\newtabv3.crx [2014-06-10]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
 
==================== Services (Whitelisted) =================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 64af91bf; c:\ProgramData\Fast And Safe\FastAndSafeSvc.dll [186192 2014-07-30] () [File not signed]
S2 globalUpdate; C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [68608 2014-07-09] (globalUpdate) [File not signed]
S3 globalUpdatem; C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [68608 2014-07-09] (globalUpdate) [File not signed]
S4 IePluginServices; C:\ProgramData\IePluginServices\PluginService.exe [704112 2014-05-08] (Cherished Technololgy LIMITED)
R2 KMService; C:\Windows\SysWOW64\srvany.exe [8192 2010-08-25] () [File not signed]
R2 LPTSystemUpdater; C:\Program Files (x86)\LPT\srpts.exe [34072 2014-06-15] ()
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2014-03-11] (Microsoft Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [340240 2010-03-05] ()
R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [347872 2014-03-11] (Microsoft Corporation)
R2 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [80896 2010-09-16] () [File not signed]
R2 pastaleadsServiceCore; C:\Program Files (x86)\pastaleads\PastaLeadsService.exe [381336 2014-05-21] ()
R2 pcmaxservice; C:\Program Files\pcmax\pcmax.exe [233472 2014-06-13] () [File not signed]
R2 RBClientService; C:\Program Files (x86)\Right Backup\RBClientService.exe [48240 2014-07-10] (Systweak)
R2 SMUpd; C:\Program Files\Common Files\Goobzo\GBUpdate\smu.exe [2658664 2014-07-17] (Search Module Ltd.)
R2 SycvOme; C:\ProgramData\XRtVYg\SycvOme.exe [2298224 2014-06-29] (Green Fire Software)
R2 Themes; C:\Windows\system32\themeservice.dll [44544 2010-08-27] (Microsoft Corporation) [File not signed]
R2 ViewPassword; C:\Program Files (x86)\-ViewPassword-soft\ViewPasswordHh174.exe [179712 2014-06-22] () [File not signed]
S3 VsEtwService120; C:\Program Files (x86)\Microsoft Visual Studio 12.0\Common7\Packages\Debugger\Services\VsEtwService.exe [87728 2013-10-05] (Microsoft Corporation)
R2 YouTubeAcceleratorService; C:\Program Files (x86)\YouTube Accelerator\YouTubeAcceleratorService.exe [1502056 2014-06-22] (GOOBZO)
 
==================== Drivers (Whitelisted) ====================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R3 GEARAspiWDM; C:\Windows\SysWOW64\DRIVERS\GEARAspiWDM.sys [15664 2011-02-15] (GEAR Software Inc.)
R3 kbfiltr; C:\Windows\System32\DRIVERS\kbfiltr.sys [15416 2009-07-20] ( )
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [268512 2014-01-25] (Microsoft Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [133928 2014-03-11] (Microsoft Corporation)
S3 S3XXx64; C:\Windows\System32\DRIVERS\S3XXx64.sys [73984 2013-06-05] (Identive)
R3 SMUpdd; C:\Program Files\Common Files\Goobzo\GBUpdate\smw.sys [41320 2014-07-17] ()
R3 SNP2UVC; C:\Windows\System32\DRIVERS\snp2uvc.sys [1800192 2009-08-20] ()
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [828912 2010-08-25] () [File not signed]
S2 WCMVCAM; C:\Windows\System32\DRIVERS\wcmvcam64.sys [1071032 2011-06-23] (Windows ® Win 7 DDK provider)
S3 AmUStor; system32\drivers\AmUStor.SYS [X]
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
S2 iPodDrv; \??\C:\Windows\system32\drivers\iPodDrv.sys [X]
S3 MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [X]
S3 MotioninJoyUSBFilter; system32\DRIVERS\MijUfilt.sys [X]
U3 tmlwf; 
U3 tmwfp; 
 
========================== Drivers MD5 =======================
 
C:\Windows\system32\drivers\1394ohci.sys ==> MD5 is legit
C:\Windows\System32\drivers\ACPI.sys ==> MD5 is legit
C:\Windows\system32\drivers\acpipmi.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\adp94xx.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\adpahci.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\adpu320.sys ==> MD5 is legit
C:\Windows\system32\drivers\afd.sys FA886682CFC5D36718D3E436AACF10B9
C:\Windows\system32\drivers\agp440.sys ==> MD5 is legit
C:\Windows\system32\drivers\aliide.sys ==> MD5 is legit
C:\Windows\system32\drivers\amdide.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\amdk8.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\amdppm.sys ==> MD5 is legit
C:\Windows\system32\drivers\amdsata.sys D4121AE6D0C0E7E13AA221AA57EF2D49
C:\Windows\system32\DRIVERS\amdsbs.sys ==> MD5 is legit
C:\Windows\System32\drivers\amdxata.sys 540DAF1CEA6094886D72126FD7C33048
C:\Windows\system32\drivers\appid.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\arc.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\arcsas.sys ==> MD5 is legit
C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys 4C016FD76ED5C05E84CA8CAB77993961
C:\Windows\System32\DRIVERS\asyncmac.sys ==> MD5 is legit
C:\Windows\System32\drivers\atapi.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\athrx.sys E857EEE6B92AAA473EBB3465ADD8F7E7
C:\Windows\system32\DRIVERS\bxvbda.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\b57nd60a.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Beep.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\blbdrive.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\bowser.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\BrFiltLo.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\BrFiltUp.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Brserid.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BrSerWdm.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BrUsbMdm.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BrUsbSer.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\bthmodem.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\cdfs.sys ==> MD5 is legit
C:\Windows\system32\drivers\cdrom.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\circlass.sys ==> MD5 is legit
C:\Windows\System32\CLFS.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\CmBatt.sys ==> MD5 is legit
C:\Windows\system32\drivers\cmdide.sys ==> MD5 is legit
C:\Windows\System32\Drivers\cng.sys EBF28856F69CF094A902F884CF989706
C:\Windows\System32\DRIVERS\compbatt.sys ==> MD5 is legit
C:\Windows\system32\drivers\CompositeBus.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\crcdisk.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\dc3d.sys 7AF9DAC504FBD047CBC3E64AE52C92BF
C:\Windows\System32\Drivers\dfsc.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ssudbus.sys 955FFE2B1D74A9E0E3E0E558E6A17F3B
C:\Windows\System32\drivers\discache.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\disk.sys ==> MD5 is legit
C:\Windows\system32\drivers\drmkaud.sys ==> MD5 is legit
C:\Windows\System32\drivers\dxgkrnl.sys 88612F1CE3BF42256913BF6E61C70D52
C:\Windows\system32\DRIVERS\evbda.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\elxstor.sys ==> MD5 is legit
C:\Windows\system32\drivers\errdev.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ETD.sys 0975BF32399A24117E317B5BF1D5D0AA
C:\Windows\System32\Drivers\exfat.sys ==> MD5 is legit
C:\Windows\System32\Drivers\fastfat.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\fdc.sys ==> MD5 is legit
C:\Windows\System32\drivers\fileinfo.sys ==> MD5 is legit
C:\Windows\System32\drivers\filetrace.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\flpydisk.sys ==> MD5 is legit
C:\Windows\System32\drivers\fltmgr.sys ==> MD5 is legit
C:\Windows\System32\drivers\FsDepends.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\fssfltr.sys C2E475625F2C6F7DCDE4E920523A0573
C:\Windows\System32\Drivers\Fs_Rec.sys 6BD9295CC032DD3077C671FCCF579A7B
C:\Windows\System32\DRIVERS\fvevol.sys 8F6322049018354F45F05A2FD2D4E5E0
C:\Windows\system32\DRIVERS\gagp30kx.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\GEARAspiWDM.sys 8E98D21EE06192492A5671A6144D092F
C:\Windows\SysWOW64\DRIVERS\GEARAspiWDM.sys 4AC51459805264AFFD5F6FDFB9D9235F
C:\Windows\system32\drivers\hcw85cir.sys ==> MD5 is legit
C:\Windows\system32\drivers\HdAudio.sys 975761C778E33CD22498059B91E7373A
C:\Windows\system32\drivers\HDAudBus.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\HECIx64.sys B6AC71AAA2B10848F57FC49D55A651AF
C:\Windows\system32\DRIVERS\HidBatt.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\hidbth.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\hidir.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\hidusb.sys ==> MD5 is legit
C:\Windows\system32\drivers\HpSAMD.sys ==> MD5 is legit
C:\Windows\System32\Drivers\ANDROIDUSB.sys F47CEC45FB85791D4AB237563AD0FA8F
C:\Windows\System32\DRIVERS\htcnprot.sys B8B1B284362E1D8135112573395D5DA5
C:\Windows\System32\drivers\HTTP.sys ==> MD5 is legit
C:\Windows\System32\drivers\hwpolicy.sys ==> MD5 is legit
C:\Windows\system32\drivers\i8042prt.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\iaStor.sys 42E00996DFC13C46366689C0EA8ABC5E
C:\Windows\system32\drivers\iaStorV.sys AAAF44DB3BD0B9D1FB6969B23ECC8366
C:\Windows\System32\DRIVERS\igdkmd64.sys F4F91789C7C7A159CE8215C1F69F2A85
C:\Windows\system32\DRIVERS\iirsp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\Impcd.sys DD587A55390ED2295BCE6D36AD567DA9
C:\Windows\System32\drivers\RTKVHD64.sys 163F94EBF8F8A98616A6B804AF08D736
C:\Windows\System32\DRIVERS\IntcDAud.sys 58CF58DEE26C909BD6F977B61D246295
C:\Windows\system32\drivers\intelide.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\intelppm.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ipfltdrv.sys ==> MD5 is legit
C:\Windows\system32\drivers\IPMIDrv.sys ==> MD5 is legit
C:\Windows\System32\drivers\ipnat.sys ==> MD5 is legit
C:\Windows\System32\drivers\irenum.sys ==> MD5 is legit
C:\Windows\system32\drivers\isapnp.sys ==> MD5 is legit
C:\Windows\system32\drivers\msiscsi.sys 96BB922A0981BC7432C8CF52B5410FE6
C:\Windows\System32\DRIVERS\ivusb.sys BD5BF20EC242E003A2F570B8754A56D1
C:\Windows\System32\DRIVERS\kbdclass.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\kbdhid.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\kbfiltr.sys E63EF8C3271D014F14E2469CE75FECB4
C:\Windows\System32\Drivers\ksecdd.sys 353009DEDF918B2A51414F330CF72DEC
C:\Windows\System32\Drivers\ksecpkg.sys 1C2D8E18AA8FD50CD04C15CC27F7F5AB
C:\Windows\system32\drivers\ksthunk.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\L1C62x64.sys 9DDC68B87A9B837736A2B193EE14A4A5
C:\Windows\System32\DRIVERS\lltdio.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\lsi_fc.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\lsi_sas.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\lsi_sas2.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\lsi_scsi.sys ==> MD5 is legit
C:\Windows\system32\drivers\luafv.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ManyCam_x64.sys D33E2B74CF8B3A652BF0A9FBD068E87A
C:\Windows\system32\DRIVERS\megasas.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\MegaSR.sys ==> MD5 is legit
C:\Windows\System32\drivers\modem.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\monitor.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\MijXfilt.sys C030F9E822A057C1A7A9BB4EA3E8877E
C:\Windows\System32\DRIVERS\mouclass.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\mouhid.sys ==> MD5 is legit
C:\Windows\System32\drivers\mountmgr.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\MpFilter.sys 9EB89625A82AC961F25E7C865947BF9A
C:\Windows\system32\drivers\mpio.sys ==> MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys ==> MD5 is legit
C:\Windows\system32\drivers\mrxdav.sys 1A4F75E63C9FB84B85DFFC6B63FD5404
C:\Windows\System32\DRIVERS\mrxsmb.sys A5D9106A73DC88564C825D317CAC68AC
C:\Windows\System32\DRIVERS\mrxsmb10.sys D711B3C1D5F42C0C2415687BE09FC163
C:\Windows\System32\DRIVERS\mrxsmb20.sys 9423E9D355C8D303E76B8CFBD8A5C30C
C:\Windows\System32\drivers\msahci.sys ==> MD5 is legit
C:\Windows\system32\drivers\msdsm.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Msfs.sys ==> MD5 is legit
C:\Windows\System32\drivers\mshidkmdf.sys ==> MD5 is legit
C:\Windows\System32\drivers\msisadrv.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSKSSRV.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSPCLOCK.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSPQM.sys ==> MD5 is legit
C:\Windows\System32\Drivers\MsRPC.sys ==> MD5 is legit
C:\Windows\system32\drivers\mssmbios.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSTEE.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\MTConfig.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ATK64AMD.sys 032D35C996F21D19A205A7C8F0B76F3C
C:\Windows\System32\Drivers\mup.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\nwifi.sys ==> MD5 is legit
C:\Windows\System32\drivers\ndis.sys 760E38053BF56E501D562B70AD796B88
C:\Windows\System32\DRIVERS\ndiscap.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndistapi.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndisuio.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndiswan.sys ==> MD5 is legit
C:\Windows\System32\Drivers\NDProxy.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\netbios.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\netbt.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\NETw5s64.sys 24F64343F14A119308456E1CA7507B26
C:\Windows\system32\DRIVERS\nfrd960.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\NisDrvWFP.sys C3E0696C3B42F694C5822776AA6FFFDF
C:\Windows\System32\Drivers\Npfs.sys ==> MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Ntfs.sys 1A29A59A4C5BA6F8C85062A613B7E2B2
C:\Windows\System32\Drivers\Null.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\nusb3hub.sys 8EBCB9165EE7F1571842F4D9D624A74C
C:\Windows\System32\DRIVERS\nusb3xhc.sys 5D54DBB12BBFE07CC283FD39F2CD6D63
C:\Windows\System32\DRIVERS\nvlddmkm.sys 9B93CC9C70EDE60A9C486E7719DB9E8D
C:\Windows\System32\DRIVERS\nvpciflt.sys F76296368BB813E0C6996501A3271C7C
C:\Windows\system32\drivers\nvraid.sys 0A92CB65770442ED0DC44834632F66AD
C:\Windows\system32\drivers\nvstor.sys DAB0E87525C10052BF65F06152F37E4A
C:\Windows\system32\drivers\nv_agp.sys ==> MD5 is legit
C:\Windows\system32\drivers\ohci1394.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\parport.sys ==> MD5 is legit
C:\Windows\System32\drivers\partmgr.sys E9766131EEADE40A27DC27D2D68FBA9C
C:\Windows\System32\drivers\pci.sys ==> MD5 is legit
C:\Windows\System32\drivers\pciide.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\pcmcia.sys ==> MD5 is legit
C:\Windows\System32\drivers\pcw.sys ==> MD5 is legit
C:\Windows\System32\drivers\peauth.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\pneteth.sys 8AC5649C9070674D4607301C180AB10B
C:\Windows\System32\DRIVERS\point64.sys 4F0878FD62D5F7444C5F1C4C66D9D293
C:\Windows\System32\DRIVERS\raspptp.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\processr.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\pacer.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\ql2300.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\ql40xx.sys ==> MD5 is legit
C:\Windows\system32\drivers\qwavedrv.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rasacd.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\AgileVpn.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rasl2tp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\raspppoe.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rassstp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rdbss.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\rdpbus.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\RDPCDD.sys ==> MD5 is legit
C:\Windows\System32\drivers\rdpencdd.sys ==> MD5 is legit
C:\Windows\System32\drivers\rdprefmp.sys ==> MD5 is legit
C:\Windows\System32\drivers\rdpvideominiport.sys 313F68E1A3E6345A4F47A36B07062F34
C:\Windows\System32\Drivers\RDPWD.sys E61608AA35E98999AF9AAEEEA6114B0A
C:\Windows\System32\drivers\rdyboost.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rspndr.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\S3XXx64.sys A49CDA75F8E41F769D19E2669BD62B37
C:\Windows\system32\drivers\sbp2port.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\scfilter.sys ==> MD5 is legit
C:\Windows\System32\Drivers\secdrv.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\serenum.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\serial.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\sermouse.sys ==> MD5 is legit
C:\Windows\system32\drivers\sffdisk.sys ==> MD5 is legit
C:\Windows\system32\drivers\sffp_mmc.sys ==> MD5 is legit
C:\Windows\system32\drivers\sffp_sd.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\sfloppy.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\SiSG664.sys 1BC348CF6BAA90EC8E533EF6E6A69933
C:\Windows\system32\DRIVERS\SiSRaid2.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\sisraid4.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\smb.sys ==> MD5 is legit
C:\Program Files\Common Files\Goobzo\GBUpdate\smw.sys 32CB9FD13482211DC4C744BEEABA24A4
C:\Windows\System32\DRIVERS\snp2uvc.sys 2114518E55B380A3ACC28B2C27FD499A
C:\Windows\System32\Drivers\spldr.sys ==> MD5 is legit
C:\Windows\System32\Drivers\sptd.sys D41D8CD98F00B204E9800998ECF8427E
C:\Windows\System32\DRIVERS\srv.sys 441FBA48BFF01FDB9D5969EBC1838F0B
C:\Windows\System32\DRIVERS\srv2.sys B4ADEBBF5E3677CCE9651E0F01F7CC28
C:\Windows\System32\DRIVERS\srvnet.sys 27E461F0BE5BFF5FC737328F749538C3
C:\Windows\system32\DRIVERS\stexstor.sys ==> MD5 is legit
C:\Windows\system32\drivers\swenum.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\tap0901.sys F9BE29D5E097F03F81D3CD12B794CB66
C:\Windows\System32\drivers\tcpip.sys 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E
C:\Windows\System32\DRIVERS\tcpip.sys 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E
C:\Windows\System32\drivers\tcpipreg.sys 1B16D0BD9841794A6E0CDE0CEF744ABC
C:\Windows\System32\drivers\tdpipe.sys ==> MD5 is legit
C:\Windows\System32\drivers\tdtcp.sys 51C5ECEB1CDEE2468A1748BE550CFBC8
C:\Windows\System32\DRIVERS\tdx.sys ==> MD5 is legit
C:\Windows\system32\drivers\termdd.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\tssecsrv.sys 4CE278FC9671BA81A138D70823FCAA09
C:\Windows\System32\drivers\tsusbflt.sys E9981ECE8D894CEF7038FD1D040EB426
C:\Windows\System32\DRIVERS\tunnel.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\uagp35.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\udfs.sys ==> MD5 is legit
C:\Windows\system32\drivers\uliagpkx.sys ==> MD5 is legit
C:\Windows\system32\drivers\umbus.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\umpass.sys ==> MD5 is legit
C:\Windows\system32\drivers\usbaudio.sys B0435098C81D04CAFFF80DDB746CD3A2
C:\Windows\System32\DRIVERS\usbccgp.sys DCA68B0943D6FA415F0C56C92158A83A
C:\Windows\system32\drivers\usbcir.sys 80B0F7D5CCF86CEB5D402EAAF61FEC31
C:\Windows\system32\drivers\usbehci.sys 18A85013A3E0F7E1755365D287443965
C:\Windows\System32\DRIVERS\usbhub.sys 8D1196CFBB223621F2C67D45710F25BA
C:\Windows\system32\drivers\usbohci.sys 765A92D428A8DB88B960DA5A8D6089DC
C:\Windows\System32\DRIVERS\usbprint.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\usbscan.sys 9661DA76B4531B2DA272ECCE25A8AF24
C:\Windows\System32\DRIVERS\USBSTOR.SYS FED648B01349A3C8395A5169DB5FB7D6
C:\Windows\system32\drivers\usbuhci.sys DD253AFC3BC6CBA412342DE60C3647F3
C:\Windows\System32\Drivers\usbvideo.sys 1F775DA4CF1A3A1834207E975A72E9D7
C:\Windows\System32\drivers\vdrvroot.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vgapnp.sys ==> MD5 is legit
C:\Windows\System32\drivers\vga.sys ==> MD5 is legit
C:\Windows\system32\drivers\vhdmp.sys ==> MD5 is legit
C:\Windows\system32\drivers\viaide.sys ==> MD5 is legit
C:\Windows\System32\drivers\volmgr.sys ==> MD5 is legit
C:\Windows\System32\drivers\volmgrx.sys ==> MD5 is legit
C:\Windows\System32\drivers\volsnap.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\vsmraid.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vwifibus.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vwififlt.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vwifimp.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\wacompen.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\wanarp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\wanarp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\wcmvcam64.sys 3A2D452C40162823B79867040B46D4A8
C:\Windows\system32\DRIVERS\wd.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\wdcsam64.sys ==> MD5 is legit
C:\Windows\System32\drivers\Wdf01000.sys E2C933EDBC389386EBE6D2BA953F43D8
C:\Windows\System32\DRIVERS\WDKMD.sys FE31110E39A0B11ABAE1BA43A2DC94F9
C:\Windows\System32\DRIVERS\wfplwf.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\wimfltr.sys 52DED146E4797E6CCF94799E8E22BB2A
C:\Windows\System32\drivers\wimmount.sys ==> MD5 is legit
C:\Windows\SysWOW64\drivers\wimmount.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\WinUsb.sys FE88B288356E7B47B74B13372ADD906D
C:\Windows\system32\drivers\wmiacpi.sys ==> MD5 is legit
C:\Windows\system32\drivers\ws2ifsl.sys ==> MD5 is legit
C:\Windows\System32\drivers\WudfPf.sys AB886378EEB55C6C75B4F2D14B6C869F
C:\Windows\System32\DRIVERS\WUDFRd.sys DDA4CAF29D8C0A297F886BFE561E6659
C:\Windows\System32\DRIVERS\xusb21.sys 9176C0822FAA649E45121875BE32F5D2
 
==================== NetSvcs (Whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
 
 
==================== One Month Created Files and Folders ========
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2014-08-01 13:26 - 2014-08-01 13:27 - 00057433 _____ () C:\Users\Brian\Desktop\FRST.txt
2014-08-01 13:25 - 2014-08-01 13:26 - 00000000 ____D () C:\FRST
2014-08-01 12:50 - 2014-08-01 12:50 - 02094080 _____ (Farbar) C:\Users\Brian\Desktop\FRST64.exe
2014-08-01 12:45 - 2014-08-01 12:45 - 00000000 ____D () C:\Users\Brian\AppData\Local\BrowserSafeguard
2014-07-31 18:51 - 2014-01-08 21:22 - 05694464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2014-07-31 18:51 - 2014-01-03 17:44 - 06574592 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2014-07-31 18:42 - 2014-05-14 11:23 - 02477536 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2014-07-31 18:42 - 2014-05-14 11:23 - 00058336 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2014-07-31 18:42 - 2014-05-14 11:23 - 00044512 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2014-07-31 18:42 - 2014-05-14 11:21 - 02620928 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2014-07-31 18:41 - 2014-05-14 11:23 - 00700384 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2014-07-31 18:41 - 2014-05-14 11:23 - 00581600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2014-07-31 18:41 - 2014-05-14 11:23 - 00038880 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2014-07-31 18:41 - 2014-05-14 11:23 - 00036320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2014-07-31 18:41 - 2014-05-14 11:20 - 00097792 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2014-07-31 18:41 - 2014-05-14 11:17 - 00092672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2014-07-31 18:41 - 2014-05-14 09:23 - 00198600 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2014-07-31 18:41 - 2014-05-14 09:23 - 00179656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2014-07-31 18:41 - 2014-05-14 09:20 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2014-07-31 18:41 - 2014-05-14 09:17 - 00033792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2014-07-30 23:39 - 2014-08-01 13:24 - 00160938 _____ () C:\Users\Brian\Desktop\OTL.Txt
2014-07-30 23:22 - 2014-07-30 23:22 - 00006434 _____ () C:\Users\Brian\Desktop\07302014_231035.log
2014-07-30 23:18 - 2014-07-30 23:18 - 04181856 _____ (Kaspersky Lab ZAO) C:\Users\Brian\Desktop\tdsskiller.exe
2014-07-30 23:17 - 2014-07-30 23:22 - 00002290 _____ () C:\Users\Brian\Desktop\GooredFix.txt
2014-07-30 23:17 - 2014-07-30 23:17 - 00071398 _____ (jpshortstuff) C:\Users\Brian\Desktop\GooredFix.exe
2014-07-30 23:17 - 2014-07-30 23:17 - 00000000 ____D () C:\Users\Brian\Desktop\GooredFix Backups
2014-07-30 23:10 - 2014-07-30 23:10 - 00000000 ____D () C:\_OTM
2014-07-30 23:09 - 2014-07-30 23:09 - 00522240 _____ (OldTimer Tools) C:\Users\Brian\Desktop\OTM.exe
2014-07-30 23:06 - 2014-07-30 23:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ERUNT
2014-07-30 23:06 - 2014-07-30 23:06 - 00000000 ____D () C:\Program Files (x86)\ERUNT
2014-07-30 23:05 - 2014-07-30 23:05 - 00791393 _____ (Lars Hederer ) C:\Users\Brian\Downloads\erunt-setup.exe
2014-07-30 19:15 - 2014-07-30 19:15 - 01237208 _____ () C:\Users\Brian\Downloads\Setup (6).exe
2014-07-30 19:15 - 2014-07-30 19:15 - 01237208 _____ () C:\Users\Brian\Downloads\Setup (5).exe
2014-07-30 19:08 - 2014-07-30 19:08 - 00000000 ____D () C:\Windows\SysWOW64\NV
2014-07-30 19:08 - 2014-07-30 19:08 - 00000000 ____D () C:\Windows\system32\NV
2014-07-30 19:01 - 2013-10-01 21:22 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\TsUsbFlt.sys
2014-07-30 19:01 - 2013-10-01 21:11 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyControl.exe
2014-07-30 19:01 - 2013-10-01 21:08 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2014-07-30 19:01 - 2013-10-01 20:48 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\MsRdpWebAccess.dll
2014-07-30 19:01 - 2013-10-01 20:48 - 00018944 _____ (Microsoft Corporation) C:\Windows\system32\wksprtPS.dll
2014-07-30 19:01 - 2013-10-01 20:29 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2014-07-30 19:01 - 2013-10-01 20:10 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbGDCoInstaller.dll
2014-07-30 19:01 - 2013-10-01 19:15 - 01057280 _____ (Microsoft Corporation) C:\Windows\system32\rdvidcrl.dll
2014-07-30 19:01 - 2013-10-01 19:14 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MsRdpWebAccess.dll
2014-07-30 19:01 - 2013-10-01 19:14 - 00017920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wksprtPS.dll
2014-07-30 19:01 - 2013-10-01 19:08 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2014-07-30 19:01 - 2013-10-01 19:01 - 00420864 _____ (Microsoft Corporation) C:\Windows\system32\wksprt.exe
2014-07-30 19:01 - 2013-10-01 18:58 - 00053248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2014-07-30 19:01 - 2013-10-01 18:31 - 01147392 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
2014-07-30 19:01 - 2013-10-01 18:08 - 00855552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdvidcrl.dll
2014-07-30 19:01 - 2013-10-01 17:34 - 01068544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe
2014-07-30 18:42 - 2013-09-24 21:23 - 01030144 _____ (Microsoft Corporation) C:\Windows\system32\TSWorkspace.dll
2014-07-30 18:42 - 2013-09-24 20:57 - 00792576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSWorkspace.dll
2014-07-30 18:41 - 2014-07-30 18:41 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Brian\Downloads\revosetup.exe
2014-07-30 18:41 - 2014-07-30 18:41 - 00001270 _____ () C:\Users\Brian\Desktop\Revo Uninstaller.lnk
2014-07-30 18:36 - 2014-08-01 12:40 - 00003068 _____ () C:\Windows\System32\Tasks\Right Backup_startup
2014-07-30 18:12 - 2014-07-30 18:12 - 00000000 ____D () C:\Users\Brian\AppData\Local\Packages
2014-07-30 18:12 - 2014-07-30 18:12 - 00000000 ____D () C:\ProgramData\dealstear
2014-07-30 17:43 - 2014-07-30 17:43 - 00602112 _____ (OldTimer Tools) C:\Users\Brian\Desktop\OTL.exe
2014-07-30 17:32 - 2014-07-30 17:32 - 00000000 ____D () C:\ProgramData\Fast And Safe
2014-07-11 17:45 - 2014-07-11 17:45 - 00270592 _____ () C:\Users\Brian\Downloads\Setup (4).exe
2014-07-11 17:38 - 2014-06-05 09:45 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-07-11 17:38 - 2014-06-05 09:26 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-07-11 17:38 - 2014-06-05 09:25 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-07-11 17:37 - 2001-09-13 02:15 - 00090112 ____N (Sony Corporation) C:\Windows\snymsico.dll
2014-07-11 17:36 - 2014-07-11 17:36 - 00003124 _____ () C:\Windows\System32\Tasks\{B5FA72D1-E74B-4CA5-967F-2315E8718358}
2014-07-11 17:35 - 2014-07-11 17:35 - 01767968 _____ (Sony Corporation ) C:\Users\Brian\Downloads\PA_DRIVER (2).EXE
2014-07-11 17:34 - 2014-07-11 17:34 - 00000000 ____D () C:\Program Files (x86)\Sony
2014-07-11 17:34 - 2003-11-10 12:31 - 00036232 ____N (Sony Corporation) C:\Windows\SysWOW64\Drivers\NETMD033.sys
2014-07-11 17:34 - 2003-04-01 18:55 - 00035319 ____N (Sony Corporation) C:\Windows\SysWOW64\Drivers\NETMD031.sys
2014-07-11 17:34 - 2002-08-08 15:51 - 00038951 ____N (Sony Corporation) C:\Windows\SysWOW64\Drivers\NETMDUSB.sys
2014-07-11 17:32 - 2014-07-11 17:32 - 01767968 _____ (Sony Corporation ) C:\Users\Brian\Downloads\PA_DRIVER (1).EXE
2014-07-11 17:32 - 2014-07-11 17:32 - 01210528 _____ () C:\Users\Brian\Downloads\Setup (3).exe
2014-07-11 17:31 - 2014-07-11 17:32 - 01767968 _____ (Sony Corporation ) C:\Users\Brian\Downloads\PA_DRIVER.EXE
2014-07-10 18:02 - 2014-06-29 21:09 - 00519168 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-07-10 18:02 - 2014-06-29 21:04 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-07-10 18:01 - 2014-06-20 15:14 - 00266424 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-07-10 18:01 - 2014-06-20 14:39 - 00240824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-07-10 18:01 - 2014-06-18 20:39 - 23464448 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-07-10 18:01 - 2014-06-18 20:06 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-07-10 18:01 - 2014-06-18 20:06 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-07-10 18:01 - 2014-06-18 19:48 - 02768384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-07-10 18:01 - 2014-06-18 19:42 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-07-10 18:01 - 2014-06-18 19:42 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-07-10 18:01 - 2014-06-18 19:41 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-07-10 18:01 - 2014-06-18 19:41 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-07-10 18:01 - 2014-06-18 19:32 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-07-10 18:01 - 2014-06-18 19:31 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-07-10 18:01 - 2014-06-18 19:26 - 00598016 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-07-10 18:01 - 2014-06-18 19:24 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-07-10 18:01 - 2014-06-18 19:24 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-07-10 18:01 - 2014-06-18 19:23 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-07-10 18:01 - 2014-06-18 19:16 - 17276416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-07-10 18:01 - 2014-06-18 19:14 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-07-10 18:01 - 2014-06-18 19:09 - 00452608 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-07-10 18:01 - 2014-06-18 18:59 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-07-10 18:01 - 2014-06-18 18:56 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-07-10 18:01 - 2014-06-18 18:53 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-07-10 18:01 - 2014-06-18 18:51 - 05721088 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-07-10 18:01 - 2014-06-18 18:50 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-07-10 18:01 - 2014-06-18 18:48 - 00292864 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-07-10 18:01 - 2014-06-18 18:39 - 00608768 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-07-10 18:01 - 2014-06-18 18:38 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-07-10 18:01 - 2014-06-18 18:37 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-07-10 18:01 - 2014-06-18 18:36 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-07-10 18:01 - 2014-06-18 18:35 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-07-10 18:01 - 2014-06-18 18:33 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-07-10 18:01 - 2014-06-18 18:32 - 02179072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-07-10 18:01 - 2014-06-18 18:28 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-07-10 18:01 - 2014-06-18 18:28 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-07-10 18:01 - 2014-06-18 18:27 - 02040832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-07-10 18:01 - 2014-06-18 18:27 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-07-10 18:01 - 2014-06-18 18:25 - 00442368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-07-10 18:01 - 2014-06-18 18:23 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-07-10 18:01 - 2014-06-18 18:22 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-07-10 18:01 - 2014-06-18 18:12 - 00367616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-07-10 18:01 - 2014-06-18 18:06 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-07-10 18:01 - 2014-06-18 18:01 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-07-10 18:01 - 2014-06-18 17:59 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-07-10 18:01 - 2014-06-18 17:58 - 02266112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-07-10 18:01 - 2014-06-18 17:58 - 00239616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-07-10 18:01 - 2014-06-18 17:52 - 04254720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-07-10 18:01 - 2014-06-18 17:51 - 13527040 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-07-10 18:01 - 2014-06-18 17:49 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-07-10 18:01 - 2014-06-18 17:46 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-07-10 18:01 - 2014-06-18 17:45 - 01964544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-07-10 18:01 - 2014-06-18 17:35 - 11742208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-07-10 18:01 - 2014-06-18 17:34 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-07-10 18:01 - 2014-06-18 17:15 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-07-10 18:01 - 2014-06-18 17:13 - 01791488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-07-10 18:01 - 2014-06-18 17:09 - 01139200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-07-10 18:01 - 2014-06-18 17:07 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-07-10 18:01 - 2014-06-17 21:18 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe
2014-07-10 18:01 - 2014-06-17 20:51 - 00646144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\osk.exe
2014-07-10 18:01 - 2014-06-17 20:10 - 03157504 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-07-10 18:01 - 2014-05-30 01:45 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2014-07-10 17:33 - 2014-07-10 17:40 - 00000000 ____D () C:\Users\Brian\AppData\Local\1118
2014-07-10 17:32 - 2014-07-30 18:13 - 00000000 ____D () C:\ProgramData\4a607f86f23577d7
2014-07-10 17:32 - 2014-07-10 17:32 - 00000000 ____D () C:\Users\UpdatusUser\AppData\Local\Torch
2014-07-10 17:32 - 2014-07-10 17:32 - 00000000 ____D () C:\Users\UpdatusUser\AppData\Local\Google
2014-07-10 17:32 - 2014-07-10 17:32 - 00000000 ____D () C:\Users\UpdatusUser\AppData\Local\Comodo
2014-07-10 17:32 - 2014-07-10 17:32 - 00000000 ____D () C:\Users\UpdatusUser\AppData\Local\Chromatic Browser
2014-07-10 17:32 - 2014-07-10 17:32 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Torch
2014-07-10 17:32 - 2014-07-10 17:32 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Google
2014-07-10 17:32 - 2014-07-10 17:32 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Comodo
2014-07-10 17:32 - 2014-07-10 17:32 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Chromatic Browser
2014-07-10 17:32 - 2014-07-10 17:32 - 00000000 ____D () C:\Users\HomeGroupUser$
2014-07-10 17:32 - 2014-07-10 17:32 - 00000000 ____D () C:\Users\Guest\AppData\Local\Torch
2014-07-10 17:32 - 2014-07-10 17:32 - 00000000 ____D () C:\Users\Guest\AppData\Local\Google
2014-07-10 17:32 - 2014-07-10 17:32 - 00000000 ____D () C:\Users\Guest\AppData\Local\Comodo
2014-07-10 17:32 - 2014-07-10 17:32 - 00000000 ____D () C:\Users\Guest\AppData\Local\Chromatic Browser
2014-07-10 17:32 - 2014-07-10 17:32 - 00000000 ____D () C:\Users\Guest
2014-07-10 17:32 - 2014-07-10 17:32 - 00000000 ____D () C:\Users\Brian\AppData\Local\Torch
2014-07-10 17:32 - 2014-07-10 17:32 - 00000000 ____D () C:\Users\Brian\AppData\Local\Comodo
2014-07-10 17:32 - 2014-07-10 17:32 - 00000000 ____D () C:\Users\Brian\AppData\Local\Chromatic Browser
2014-07-10 17:32 - 2014-07-10 17:32 - 00000000 ____D () C:\Users\ASPNET\AppData\Local\Torch
2014-07-10 17:32 - 2014-07-10 17:32 - 00000000 ____D () C:\Users\ASPNET\AppData\Local\Google
2014-07-10 17:32 - 2014-07-10 17:32 - 00000000 ____D () C:\Users\ASPNET\AppData\Local\Comodo
2014-07-10 17:32 - 2014-07-10 17:32 - 00000000 ____D () C:\Users\ASPNET\AppData\Local\Chromatic Browser
2014-07-10 17:32 - 2014-07-10 17:32 - 00000000 ____D () C:\Users\ASPNET
2014-07-10 17:32 - 2014-07-10 17:32 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Torch
2014-07-10 17:32 - 2014-07-10 17:32 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Google
2014-07-10 17:32 - 2014-07-10 17:32 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Comodo
2014-07-10 17:32 - 2014-07-10 17:32 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Chromatic Browser
2014-07-10 17:32 - 2014-07-10 17:32 - 00000000 ____D () C:\Users\Administrator
2014-07-10 17:09 - 2014-07-10 17:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Open JDK Explorer
2014-07-10 17:09 - 2014-07-09 17:51 - 00135168 _____ () C:\Users\Brian\AppData\Local\ChromeHitoryDB
2014-07-10 17:07 - 2014-07-10 17:40 - 00000000 ____D () C:\Program Files (x86)\PCFixSpeed
2014-07-10 17:05 - 2014-07-10 17:05 - 01410208 _____ () C:\Users\Brian\Downloads\Setup (2).exe
2014-07-10 17:05 - 2014-07-10 17:05 - 00247160 _____ (System Applet ) C:\Users\Brian\Downloads\Java_Updater_Setup.exe
2014-07-10 17:02 - 2014-07-10 17:02 - 00000000 ____D () C:\Program Files (x86)\Right Backup
2014-07-10 17:00 - 2014-07-10 17:03 - 00000000 ____D () C:\Users\Brian\AppData\Roaming\rightbackup
2014-07-10 16:59 - 2014-08-01 11:52 - 00002130 _____ () C:\Windows\setupact.log
2014-07-10 16:59 - 2014-07-30 18:18 - 00004306 _____ () C:\Windows\PFRO.log
2014-07-10 16:59 - 2014-07-10 16:59 - 00000000 _____ () C:\Windows\setuperr.log
2014-07-09 17:44 - 2014-07-09 17:44 - 00002289 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\WinZip.lnk
2014-07-09 17:44 - 2014-07-09 17:44 - 00002283 _____ () C:\Users\Public\Desktop\WinZip.lnk
2014-07-09 17:44 - 2014-07-09 17:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZip
2014-07-09 17:43 - 2014-07-11 17:26 - 00000000 ____D () C:\ProgramData\WinZip
2014-07-09 17:43 - 2014-07-09 17:43 - 00000000 ____D () C:\Users\Brian\AppData\Roaming\VOPackage
2014-07-09 17:43 - 2014-07-09 17:43 - 00000000 ____D () C:\Users\Brian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VOPackage
2014-07-09 17:43 - 2014-07-09 17:43 - 00000000 ____D () C:\Users\Brian\AppData\Local\WinZip
2014-07-09 17:43 - 2014-07-09 17:43 - 00000000 ____D () C:\Program Files\WinZip
2014-07-09 17:42 - 2014-08-01 12:40 - 00003120 _____ () C:\Windows\System32\Tasks\Advanced System Protector_startup
2014-07-09 17:42 - 2014-07-10 17:02 - 00001056 _____ () C:\Users\Public\Desktop\Right Backup.lnk
2014-07-09 17:42 - 2014-07-10 17:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Right Backup
2014-07-09 17:42 - 2014-07-09 17:42 - 00001207 _____ () C:\Users\Public\Desktop\Advanced System Protector.lnk
2014-07-09 17:42 - 2014-07-09 17:42 - 00000000 ____D () C:\rbtemp
2014-07-09 17:42 - 2014-07-09 17:42 - 00000000 ____D () C:\ProgramData\Systweak
2014-07-09 17:42 - 2014-07-09 17:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced System Protector
2014-07-09 17:42 - 2014-07-09 17:42 - 00000000 ____D () C:\Program Files (x86)\Advanced System Protector
2014-07-09 17:42 - 2012-07-25 12:03 - 00016896 _____ () C:\Windows\system32\sasnative64.exe
2014-07-09 17:41 - 2014-07-10 21:37 - 00000000 ____D () C:\Users\Brian\AppData\Roaming\Systweak
2014-07-09 17:41 - 2014-07-10 17:05 - 00000000 _____ () C:\end
2014-07-09 17:41 - 2014-07-09 17:41 - 00002322 _____ () C:\Windows\Tasks\e71ba47a-c90a-4fcb-a811-4305fd02ffd7-4.job
2014-07-09 17:41 - 2014-07-09 17:41 - 00001580 _____ () C:\Windows\Tasks\e71ba47a-c90a-4fcb-a811-4305fd02ffd7-6.job
2014-07-09 17:41 - 2014-07-09 17:41 - 00001576 _____ () C:\Windows\Tasks\e71ba47a-c90a-4fcb-a811-4305fd02ffd7-1.job
2014-07-09 17:41 - 2014-07-09 17:41 - 00001510 _____ () C:\Windows\Tasks\e71ba47a-c90a-4fcb-a811-4305fd02ffd7-7.job
2014-07-09 17:41 - 2014-07-09 17:41 - 00001458 _____ () C:\Windows\Tasks\e71ba47a-c90a-4fcb-a811-4305fd02ffd7-5_user.job
2014-07-09 17:41 - 2014-07-09 17:41 - 00001440 _____ () C:\Windows\Tasks\e71ba47a-c90a-4fcb-a811-4305fd02ffd7-5.job
2014-07-09 17:41 - 2014-07-09 17:41 - 00001344 _____ () C:\Windows\Tasks\e71ba47a-c90a-4fcb-a811-4305fd02ffd7-2.job
2014-07-09 17:41 - 2014-06-30 17:55 - 00020328 _____ (Systweak Inc., (www.systweak.com)) C:\Windows\system32\roboot64.exe
2014-07-09 17:40 - 2014-07-09 17:41 - 00000000 ____D () C:\Program Files (x86)\SmartSaver+ 10
2014-07-09 17:40 - 2014-07-09 17:40 - 00003804 _____ () C:\Windows\Tasks\e71ba47a-c90a-4fcb-a811-4305fd02ffd7-11.job
2014-07-09 17:40 - 2014-07-09 17:40 - 00002434 _____ () C:\Windows\Tasks\e71ba47a-c90a-4fcb-a811-4305fd02ffd7-3.job
2014-07-09 17:40 - 2014-07-09 17:40 - 00000958 _____ () C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore1cf9bc6d9e5a9a1.job
2014-07-09 17:40 - 2014-07-09 17:40 - 00000000 ____D () C:\Users\Brian\AppData\Roaming\MySearchDial
2014-07-09 17:39 - 2014-07-09 17:39 - 00001236 _____ () C:\Users\Public\Desktop\Media Downloader.lnk
2014-07-09 17:39 - 2014-07-09 17:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Downloader
2014-07-09 17:39 - 2014-07-09 17:39 - 00000000 ____D () C:\Program Files (x86)\Mysearchdial
2014-07-09 17:39 - 2014-07-09 17:39 - 00000000 ____D () C:\Program Files (x86)\Media Downloader
2014-07-09 17:39 - 2014-06-06 05:10 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-07-09 17:39 - 2014-06-06 04:44 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2014-07-09 17:38 - 2014-07-09 17:38 - 00270592 _____ () C:\Users\Brian\Downloads\Setup (1).exe
2014-07-09 17:38 - 2014-05-30 03:08 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-07-09 17:38 - 2014-05-30 03:08 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-07-09 17:38 - 2014-05-30 03:08 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-07-09 17:38 - 2014-05-30 03:08 - 00307200 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2014-07-09 17:38 - 2014-05-30 03:08 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-07-09 17:38 - 2014-05-30 03:08 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-07-09 17:38 - 2014-05-30 03:08 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-07-09 17:38 - 2014-05-30 02:52 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-07-09 17:38 - 2014-05-30 02:52 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2014-07-09 17:38 - 2014-05-30 02:52 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-07-09 17:38 - 2014-05-30 02:52 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2014-07-09 17:38 - 2014-05-30 02:52 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2014-07-09 17:38 - 2014-05-30 02:52 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-07-09 17:38 - 2014-05-30 02:52 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-07-09 17:37 - 2014-07-09 17:37 - 00270592 _____ () C:\Users\Brian\Downloads\Setup.exe
2014-07-08 17:11 - 2014-07-08 17:11 - 00002371 _____ () C:\Users\Brian\Desktop\Google Chrome.lnk
2014-07-08 17:11 - 2014-07-08 17:11 - 00000000 ____D () C:\Users\Brian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-07-04 04:43 - 2014-07-04 04:43 - 00016026 _____ () C:\Windows\SysWOW64\hs_err_pid36308.log
2014-07-02 21:30 - 2014-07-02 21:30 - 00895120 _____ (Google Inc.) C:\Users\Brian\Desktop\ChromeSetup.exe
2014-07-02 19:04 - 2014-07-02 21:19 - 00000000 ____D () C:\Program Files (x86)\JavaLive! Manager
2014-07-02 19:04 - 2014-07-02 19:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JavaLive! Manager
2014-07-02 19:02 - 2014-07-02 19:03 - 00000000 ____D () C:\Program Files (x86)\LPT
2014-07-02 16:54 - 2014-07-02 16:53 - 00256968 _____ () C:\Users\Brian\Desktop\DriverFinder_Setup.exe
 
==================== One Month Modified Files and Folders =======
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2014-08-01 13:27 - 2014-08-01 13:26 - 00057433 _____ () C:\Users\Brian\Desktop\FRST.txt
2014-08-01 13:26 - 2014-08-01 13:25 - 00000000 ____D () C:\FRST
2014-08-01 13:24 - 2014-07-30 23:39 - 00160938 _____ () C:\Users\Brian\Desktop\OTL.Txt
2014-08-01 13:14 - 2010-08-12 12:49 - 01261222 _____ () C:\Windows\WindowsUpdate.log
2014-08-01 12:55 - 2010-08-27 02:40 - 00000908 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2382725470-2412313811-1806556634-1001UA.job
2014-08-01 12:50 - 2014-08-01 12:50 - 02094080 _____ (Farbar) C:\Users\Brian\Desktop\FRST64.exe
2014-08-01 12:49 - 2009-07-13 23:45 - 00009920 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-08-01 12:49 - 2009-07-13 23:45 - 00009920 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-08-01 12:48 - 2014-06-29 07:08 - 00000000 ____D () C:\Users\Brian\AppData\Local\MovieMaster
2014-08-01 12:45 - 2014-08-01 12:45 - 00000000 ____D () C:\Users\Brian\AppData\Local\BrowserSafeguard
2014-08-01 12:40 - 2014-07-30 18:36 - 00003068 _____ () C:\Windows\System32\Tasks\Right Backup_startup
2014-08-01 12:40 - 2014-07-09 17:42 - 00003120 _____ () C:\Windows\System32\Tasks\Advanced System Protector_startup
2014-08-01 12:39 - 2014-06-22 04:35 - 00002370 _____ () C:\Windows\Tasks\64e36912-3c31-4f29-91f8-31bef7612b98-4.job
2014-08-01 12:39 - 2014-06-22 04:35 - 00001444 _____ () C:\Windows\Tasks\64e36912-3c31-4f29-91f8-31bef7612b98-1.job
2014-08-01 12:39 - 2014-06-22 04:35 - 00001392 _____ () C:\Windows\Tasks\64e36912-3c31-4f29-91f8-31bef7612b98-5.job
2014-08-01 12:39 - 2014-06-22 04:35 - 00001310 _____ () C:\Windows\Tasks\64e36912-3c31-4f29-91f8-31bef7612b98-2.job
2014-08-01 12:39 - 2014-06-22 04:34 - 00003452 _____ () C:\Windows\Tasks\64e36912-3c31-4f29-91f8-31bef7612b98-11.job
2014-08-01 12:39 - 2014-06-22 04:34 - 00002770 _____ () C:\Windows\Tasks\64e36912-3c31-4f29-91f8-31bef7612b98-3.job
2014-08-01 12:39 - 2014-06-22 04:34 - 00001442 _____ () C:\Windows\Tasks\64e36912-3c31-4f29-91f8-31bef7612b98-6.job
2014-08-01 12:39 - 2014-06-22 04:34 - 00001378 _____ () C:\Windows\Tasks\64e36912-3c31-4f29-91f8-31bef7612b98-7.job
2014-08-01 12:39 - 2014-06-22 04:33 - 00000428 _____ () C:\Windows\Tasks\ViewPassword Update.job
2014-08-01 12:39 - 2014-06-22 04:33 - 00000418 _____ () C:\Windows\Tasks\ViewPassword_wd.job
2014-08-01 12:39 - 2012-04-16 08:32 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-08-01 12:39 - 2011-07-06 20:02 - 00000928 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2382725470-2412313811-1806556634-1001UA.job
2014-08-01 12:39 - 2010-08-12 13:03 - 00000000 ____D () C:\ProgramData\Temp
2014-08-01 11:52 - 2014-07-10 16:59 - 00002130 _____ () C:\Windows\setupact.log
2014-08-01 11:52 - 2010-08-12 13:27 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-08-01 11:52 - 2009-07-14 00:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-07-31 09:04 - 2011-07-06 20:02 - 00000906 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2382725470-2412313811-1806556634-1001Core.job
2014-07-30 23:22 - 2014-07-30 23:22 - 00006434 _____ () C:\Users\Brian\Desktop\07302014_231035.log
2014-07-30 23:22 - 2014-07-30 23:17 - 00002290 _____ () C:\Users\Brian\Desktop\GooredFix.txt
2014-07-30 23:18 - 2014-07-30 23:18 - 04181856 _____ (Kaspersky Lab ZAO) C:\Users\Brian\Desktop\tdsskiller.exe
2014-07-30 23:17 - 2014-07-30 23:17 - 00071398 _____ (jpshortstuff) C:\Users\Brian\Desktop\GooredFix.exe
2014-07-30 23:17 - 2014-07-30 23:17 - 00000000 ____D () C:\Users\Brian\Desktop\GooredFix Backups
2014-07-30 23:14 - 2010-08-25 22:14 - 00000000 ____D () C:\Windows\ERDNT
2014-07-30 23:10 - 2014-07-30 23:10 - 00000000 ____D () C:\_OTM
2014-07-30 23:09 - 2014-07-30 23:09 - 00522240 _____ (OldTimer Tools) C:\Users\Brian\Desktop\OTM.exe
2014-07-30 23:06 - 2014-07-30 23:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ERUNT
2014-07-30 23:06 - 2014-07-30 23:06 - 00000000 ____D () C:\Program Files (x86)\ERUNT
2014-07-30 23:05 - 2014-07-30 23:05 - 00791393 _____ (Lars Hederer ) C:\Users\Brian\Downloads\erunt-setup.exe
2014-07-30 19:15 - 2014-07-30 19:15 - 01237208 _____ () C:\Users\Brian\Downloads\Setup (6).exe
2014-07-30 19:15 - 2014-07-30 19:15 - 01237208 _____ () C:\Users\Brian\Downloads\Setup (5).exe
2014-07-30 19:11 - 2010-08-12 13:35 - 00001742 _____ () C:\Windows\system32\ServiceFilter.ini
2014-07-30 19:08 - 2014-07-30 19:08 - 00000000 ____D () C:\Windows\SysWOW64\NV
2014-07-30 19:08 - 2014-07-30 19:08 - 00000000 ____D () C:\Windows\system32\NV
2014-07-30 19:05 - 2011-12-24 20:04 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-07-30 19:05 - 2011-12-24 20:04 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-07-30 18:59 - 2014-06-22 04:35 - 00000000 ____D () C:\temp
2014-07-30 18:57 - 2010-08-12 13:25 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2014-07-30 18:51 - 2010-08-12 13:25 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2014-07-30 18:47 - 2011-12-24 20:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2014-07-30 18:41 - 2014-07-30 18:41 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Brian\Downloads\revosetup.exe
2014-07-30 18:41 - 2014-07-30 18:41 - 00001270 _____ () C:\Users\Brian\Desktop\Revo Uninstaller.lnk
2014-07-30 18:41 - 2011-08-03 09:33 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-07-30 18:18 - 2014-07-10 16:59 - 00004306 _____ () C:\Windows\PFRO.log
2014-07-30 18:13 - 2014-07-10 17:32 - 00000000 ____D () C:\ProgramData\4a607f86f23577d7
2014-07-30 18:12 - 2014-07-30 18:12 - 00000000 ____D () C:\Users\Brian\AppData\Local\Packages
2014-07-30 18:12 - 2014-07-30 18:12 - 00000000 ____D () C:\ProgramData\dealstear
2014-07-30 17:43 - 2014-07-30 17:43 - 00602112 _____ (OldTimer Tools) C:\Users\Brian\Desktop\OTL.exe
2014-07-30 17:34 - 2009-07-14 00:13 - 00800938 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-07-30 17:32 - 2014-07-30 17:32 - 00000000 ____D () C:\ProgramData\Fast And Safe
2014-07-30 17:32 - 2014-06-22 04:43 - 00000000 ____D () C:\ProgramData\374311380
2014-07-29 12:41 - 2014-06-22 04:34 - 00000908 _____ () C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job
2014-07-11 17:45 - 2014-07-11 17:45 - 00270592 _____ () C:\Users\Brian\Downloads\Setup (4).exe
2014-07-11 17:36 - 2014-07-11 17:36 - 00003124 _____ () C:\Windows\System32\Tasks\{B5FA72D1-E74B-4CA5-967F-2315E8718358}
2014-07-11 17:35 - 2014-07-11 17:35 - 01767968 _____ (Sony Corporation ) C:\Users\Brian\Downloads\PA_DRIVER (2).EXE
2014-07-11 17:34 - 2014-07-11 17:34 - 00000000 ____D () C:\Program Files (x86)\Sony
2014-07-11 17:34 - 2010-08-12 13:03 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-07-11 17:32 - 2014-07-11 17:32 - 01767968 _____ (Sony Corporation ) C:\Users\Brian\Downloads\PA_DRIVER (1).EXE
2014-07-11 17:32 - 2014-07-11 17:32 - 01210528 _____ () C:\Users\Brian\Downloads\Setup (3).exe
2014-07-11 17:32 - 2014-07-11 17:31 - 01767968 _____ (Sony Corporation ) C:\Users\Brian\Downloads\PA_DRIVER.EXE
2014-07-11 17:26 - 2014-07-09 17:43 - 00000000 ____D () C:\ProgramData\WinZip
2014-07-11 17:24 - 2009-07-13 23:45 - 07969920 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-07-11 17:18 - 2014-06-09 13:39 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-07-11 17:18 - 2009-07-14 02:45 - 00000000 ____D () C:\Program Files\Windows Journal
2014-07-11 17:18 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\SysWOW64\Dism
2014-07-11 17:18 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\system32\Dism
2014-07-10 21:57 - 2010-08-25 23:28 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-07-10 21:55 - 2013-07-13 14:41 - 00000000 ____D () C:\Windows\system32\MRT
2014-07-10 21:53 - 2010-08-29 00:11 - 96441528 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-07-10 21:37 - 2014-07-09 17:41 - 00000000 ____D () C:\Users\Brian\AppData\Roaming\Systweak
2014-07-10 21:34 - 2010-08-12 13:35 - 00003189 _____ () C:\Windows\system32\AutoRunFilter.ini
2014-07-10 21:33 - 2010-08-26 10:04 - 00000000 ____D () C:\Users\Brian
2014-07-10 18:42 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\rescache
2014-07-10 17:40 - 2014-07-10 17:33 - 00000000 ____D () C:\Users\Brian\AppData\Local\1118
2014-07-10 17:40 - 2014-07-10 17:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Open JDK Explorer
2014-07-10 17:40 - 2014-07-10 17:07 - 00000000 ____D () C:\Program Files (x86)\PCFixSpeed
2014-07-10 17:40 - 2014-06-22 04:46 - 00000000 ____D () C:\ProgramData\SearchModule
2014-07-10 17:40 - 2014-06-22 04:33 - 00000000 ____D () C:\Program Files (x86)\-ViewPassword-soft
2014-07-10 17:40 - 2011-11-09 23:22 - 00000000 ____D () C:\Users\Brian\AppData\Local\Akamai
2014-07-10 17:40 - 2010-08-25 23:46 - 00000000 ____D () C:\ProgramData\PMB Files
2014-07-10 17:40 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\registration
2014-07-10 17:40 - 2009-07-13 22:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared
2014-07-10 17:39 - 2010-08-25 21:51 - 00000000 ____D () C:\Users\Brian\AppData\Local\Google
2014-07-10 17:32 - 2014-07-10 17:32 - 00000000 ____D () C:\Users\UpdatusUser\AppData\Local\Torch
2014-07-10 17:32 - 2014-07-10 17:32 - 00000000 ____D () C:\Users\UpdatusUser\AppData\Local\Google
2014-07-10 17:32 - 2014-07-10 17:32 - 00000000 ____D () C:\Users\UpdatusUser\AppData\Local\Comodo
2014-07-10 17:32 - 2014-07-10 17:32 - 00000000 ____D () C:\Users\UpdatusUser\AppData\Local\Chromatic Browser
2014-07-10 17:32 - 2014-07-10 17:32 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Torch
2014-07-10 17:32 - 2014-07-10 17:32 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Google
2014-07-10 17:32 - 2014-07-10 17:32 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Comodo
2014-07-10 17:32 - 2014-07-10 17:32 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Chromatic Browser
2014-07-10 17:32 - 2014-07-10 17:32 - 00000000 ____D () C:\Users\HomeGroupUser$
2014-07-10 17:32 - 2014-07-10 17:32 - 00000000 ____D () C:\Users\Guest\AppData\Local\Torch
2014-07-10 17:32 - 2014-07-10 17:32 - 00000000 ____D () C:\Users\Guest\AppData\Local\Google
2014-07-10 17:32 - 2014-07-10 17:32 - 00000000 ____D () C:\Users\Guest\AppData\Local\Comodo
2014-07-10 17:32 - 2014-07-10 17:32 - 00000000 ____D () C:\Users\Guest\AppData\Local\Chromatic Browser
2014-07-10 17:32 - 2014-07-10 17:32 - 00000000 ____D () C:\Users\Guest
2014-07-10 17:32 - 2014-07-10 17:32 - 00000000 ____D () C:\Users\Brian\AppData\Local\Torch
2014-07-10 17:32 - 2014-07-10 17:32 - 00000000 ____D () C:\Users\Brian\AppData\Local\Comodo
2014-07-10 17:32 - 2014-07-10 17:32 - 00000000 ____D () C:\Users\Brian\AppData\Local\Chromatic Browser
2014-07-10 17:32 - 2014-07-10 17:32 - 00000000 ____D () C:\Users\ASPNET\AppData\Local\Torch
2014-07-10 17:32 - 2014-07-10 17:32 - 00000000 ____D () C:\Users\ASPNET\AppData\Local\Google
2014-07-10 17:32 - 2014-07-10 17:32 - 00000000 ____D () C:\Users\ASPNET\AppData\Local\Comodo
2014-07-10 17:32 - 2014-07-10 17:32 - 00000000 ____D () C:\Users\ASPNET\AppData\Local\Chromatic Browser
2014-07-10 17:32 - 2014-07-10 17:32 - 00000000 ____D () C:\Users\ASPNET
2014-07-10 17:32 - 2014-07-10 17:32 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Torch
2014-07-10 17:32 - 2014-07-10 17:32 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Google
2014-07-10 17:32 - 2014-07-10 17:32 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Comodo
2014-07-10 17:32 - 2014-07-10 17:32 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Chromatic Browser
2014-07-10 17:32 - 2014-07-10 17:32 - 00000000 ____D () C:\Users\Administrator
2014-07-10 17:05 - 2014-07-10 17:05 - 01410208 _____ () C:\Users\Brian\Downloads\Setup (2).exe
2014-07-10 17:05 - 2014-07-10 17:05 - 00247160 _____ (System Applet ) C:\Users\Brian\Downloads\Java_Updater_Setup.exe
2014-07-10 17:05 - 2014-07-09 17:41 - 00000000 _____ () C:\end
2014-07-10 17:03 - 2014-07-10 17:00 - 00000000 ____D () C:\Users\Brian\AppData\Roaming\rightbackup
2014-07-10 17:02 - 2014-07-10 17:02 - 00000000 ____D () C:\Program Files (x86)\Right Backup
2014-07-10 17:02 - 2014-07-09 17:42 - 00001056 _____ () C:\Users\Public\Desktop\Right Backup.lnk
2014-07-10 17:02 - 2014-07-09 17:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Right Backup
2014-07-10 16:59 - 2014-07-10 16:59 - 00000000 _____ () C:\Windows\setuperr.log
2014-07-09 17:51 - 2014-07-10 17:09 - 00135168 _____ () C:\Users\Brian\AppData\Local\ChromeHitoryDB
2014-07-09 17:44 - 2014-07-09 17:44 - 00002289 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\WinZip.lnk
2014-07-09 17:44 - 2014-07-09 17:44 - 00002283 _____ () C:\Users\Public\Desktop\WinZip.lnk
2014-07-09 17:44 - 2014-07-09 17:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZip
2014-07-09 17:43 - 2014-07-09 17:43 - 00000000 ____D () C:\Users\Brian\AppData\Roaming\VOPackage
2014-07-09 17:43 - 2014-07-09 17:43 - 00000000 ____D () C:\Users\Brian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VOPackage
2014-07-09 17:43 - 2014-07-09 17:43 - 00000000 ____D () C:\Users\Brian\AppData\Local\WinZip
2014-07-09 17:43 - 2014-07-09 17:43 - 00000000 ____D () C:\Program Files\WinZip
2014-07-09 17:42 - 2014-07-09 17:42 - 00001207 _____ () C:\Users\Public\Desktop\Advanced System Protector.lnk
2014-07-09 17:42 - 2014-07-09 17:42 - 00000000 ____D () C:\rbtemp
2014-07-09 17:42 - 2014-07-09 17:42 - 00000000 ____D () C:\ProgramData\Systweak
2014-07-09 17:42 - 2014-07-09 17:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced System Protector
2014-07-09 17:42 - 2014-07-09 17:42 - 00000000 ____D () C:\Program Files (x86)\Advanced System Protector
2014-07-09 17:41 - 2014-07-09 17:41 - 00002322 _____ () C:\Windows\Tasks\e71ba47a-c90a-4fcb-a811-4305fd02ffd7-4.job
2014-07-09 17:41 - 2014-07-09 17:41 - 00001580 _____ () C:\Windows\Tasks\e71ba47a-c90a-4fcb-a811-4305fd02ffd7-6.job
2014-07-09 17:41 - 2014-07-09 17:41 - 00001576 _____ () C:\Windows\Tasks\e71ba47a-c90a-4fcb-a811-4305fd02ffd7-1.job
2014-07-09 17:41 - 2014-07-09 17:41 - 00001510 _____ () C:\Windows\Tasks\e71ba47a-c90a-4fcb-a811-4305fd02ffd7-7.job
2014-07-09 17:41 - 2014-07-09 17:41 - 00001458 _____ () C:\Windows\Tasks\e71ba47a-c90a-4fcb-a811-4305fd02ffd7-5_user.job
2014-07-09 17:41 - 2014-07-09 17:41 - 00001440 _____ () C:\Windows\Tasks\e71ba47a-c90a-4fcb-a811-4305fd02ffd7-5.job
2014-07-09 17:41 - 2014-07-09 17:41 - 00001344 _____ () C:\Windows\Tasks\e71ba47a-c90a-4fcb-a811-4305fd02ffd7-2.job
2014-07-09 17:41 - 2014-07-09 17:40 - 00000000 ____D () C:\Program Files (x86)\SmartSaver+ 10
2014-07-09 17:41 - 2011-07-26 08:36 - 00000000 ____D () C:\Program Files (x86)\Google
2014-07-09 17:40 - 2014-07-09 17:40 - 00003804 _____ () C:\Windows\Tasks\e71ba47a-c90a-4fcb-a811-4305fd02ffd7-11.job
2014-07-09 17:40 - 2014-07-09 17:40 - 00002434 _____ () C:\Windows\Tasks\e71ba47a-c90a-4fcb-a811-4305fd02ffd7-3.job
2014-07-09 17:40 - 2014-07-09 17:40 - 00000958 _____ () C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore1cf9bc6d9e5a9a1.job
2014-07-09 17:40 - 2014-07-09 17:40 - 00000000 ____D () C:\Users\Brian\AppData\Roaming\MySearchDial
2014-07-09 17:40 - 2014-06-22 04:18 - 00003506 _____ () C:\Windows\System32\Tasks\MySearchDial
2014-07-09 17:39 - 2014-07-09 17:39 - 00001236 _____ () C:\Users\Public\Desktop\Media Downloader.lnk
2014-07-09 17:39 - 2014-07-09 17:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Downloader
2014-07-09 17:39 - 2014-07-09 17:39 - 00000000 ____D () C:\Program Files (x86)\Mysearchdial
2014-07-09 17:39 - 2014-07-09 17:39 - 00000000 ____D () C:\Program Files (x86)\Media Downloader
2014-07-09 17:38 - 2014-07-09 17:38 - 00270592 _____ () C:\Users\Brian\Downloads\Setup (1).exe
2014-07-09 17:37 - 2014-07-09 17:37 - 00270592 _____ () C:\Users\Brian\Downloads\Setup.exe
2014-07-09 17:29 - 2012-04-16 08:31 - 00699056 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-07-09 17:29 - 2011-05-13 11:26 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-07-09 17:28 - 2014-06-08 18:58 - 11204096 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2014-07-08 17:11 - 2014-07-08 17:11 - 00002371 _____ () C:\Users\Brian\Desktop\Google Chrome.lnk
2014-07-08 17:11 - 2014-07-08 17:11 - 00000000 ____D () C:\Users\Brian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-07-08 17:03 - 2011-10-06 11:32 - 00000000 ____D () C:\Users\Brian\AppData\Roaming\Media Player Classic
2014-07-04 04:43 - 2014-07-04 04:43 - 00016026 _____ () C:\Windows\SysWOW64\hs_err_pid36308.log
2014-07-02 21:30 - 2014-07-02 21:30 - 00895120 _____ (Google Inc.) C:\Users\Brian\Desktop\ChromeSetup.exe
2014-07-02 21:19 - 2014-07-02 19:04 - 00000000 ____D () C:\Program Files (x86)\JavaLive! Manager
2014-07-02 19:04 - 2014-07-02 19:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JavaLive! Manager
2014-07-02 19:03 - 2014-07-02 19:02 - 00000000 ____D () C:\Program Files (x86)\LPT
2014-07-02 16:53 - 2014-07-02 16:54 - 00256968 _____ () C:\Users\Brian\Desktop\DriverFinder_Setup.exe
2014-07-02 16:40 - 2009-07-14 00:09 - 00000000 ____D () C:\Windows\System32\Tasks\WPD
2014-07-02 16:34 - 2009-07-13 23:57 - 00001547 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
 
Some content of TEMP:
====================
C:\Users\Brian\AppData\Local\Temp\System.Data.SQLite.dll
C:\Users\Brian\AppData\Local\Temp\System.Data.SQLite53008.dll
 
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 
==================== BCD ================================
 
Windows Boot Manager
--------------------
identifier              {bootmgr}
device                  boot
description             Windows Boot Manager
locale                  en-US
inherit                 {globalsettings}
default                 {current}
resumeobject            {8cb2d9b0-7c05-11de-842e-b4611d44fefa}
displayorder            {current}
toolsdisplayorder       {memdiag}
timeout                 30
 
Windows Boot Loader
-------------------
identifier              {572bcd56-ffa7-11d9-aae0-0007e994107d}
device                  ramdisk=[\Device\HarddiskVolume1]\winre.wim,{ad6c7bc8-fa0f-11da-8ddf-0013200354d8}
path                    \windows\system32\boot\winload.exe
description             Windows Recovery Environment
osdevice                ramdisk=[\Device\HarddiskVolume1]\winre.wim,{ad6c7bc8-fa0f-11da-8ddf-0013200354d8}
systemroot              \windows
nx                      OptIn
detecthal               Yes
winpe                   Yes
 
Windows Boot Loader
-------------------
identifier              {current}
device                  boot
path                    \Windows\system32\winload.exe
description             Windows 7
locale                  en-US
loadoptions             ENABLE_INTEGRITY_CHECKS
inherit                 {bootloadersettings}
recoverysequence        {8cb2d9b4-7c05-11de-842e-b4611d44fefa}
recoveryenabled         Yes
testsigning             No
osdevice                boot
systemroot              \Windows
resumeobject            {8cb2d9b0-7c05-11de-842e-b4611d44fefa}
nx                      OptIn
 
Windows Boot Loader
-------------------
identifier              {8cb2d9b4-7c05-11de-842e-b4611d44fefa}
device                  ramdisk=[C:]\Recovery\8cb2d9b4-7c05-11de-842e-b4611d44fefa\Winre.wim,{8cb2d9b5-7c05-11de-842e-b4611d44fefa}
path                    \windows\system32\winload.exe
description             Windows Recovery Environment
inherit                 {bootloadersettings}
osdevice                ramdisk=[C:]\Recovery\8cb2d9b4-7c05-11de-842e-b4611d44fefa\Winre.wim,{8cb2d9b5-7c05-11de-842e-b4611d44fefa}
systemroot              \windows
nx                      OptIn
winpe                   Yes
 
Resume from Hibernate
---------------------
identifier              {8cb2d9b0-7c05-11de-842e-b4611d44fefa}
device                  boot
path                    \Windows\system32\winresume.exe
description             Windows Resume Application
locale                  en-US
inherit                 {resumeloadersettings}
filedevice              partition=C:
filepath                \hiberfil.sys
debugoptionenabled      No
 
Windows Memory Tester
---------------------
identifier              {memdiag}
device                  partition=C:
path                    \boot\memtest.exe
description             Windows Memory Diagnostic
locale                  en-US
inherit                 {globalsettings}
badmemoryaccess         Yes
 
EMS Settings
------------
identifier              {emssettings}
bootems                 Yes
 
Debugger Settings
-----------------
identifier              {dbgsettings}
debugtype               Serial
debugport               1
baudrate                115200
 
RAM Defects
-----------
identifier              {badmemory}
 
Global Settings
---------------
identifier              {globalsettings}
inherit                 {dbgsettings}
                        {emssettings}
                        {badmemory}
 
Boot Loader Settings
--------------------
identifier              {bootloadersettings}
inherit                 {globalsettings}
                        {hypervisorsettings}
 
Hypervisor Settings
-------------------
identifier              {hypervisorsettings}
hypervisordebugtype     Serial
hypervisordebugport     1
hypervisorbaudrate      115200
 
Resume Loader Settings
----------------------
identifier              {resumeloadersettings}
inherit                 {globalsettings}
 
Device options
--------------
identifier              {8cb2d9b5-7c05-11de-842e-b4611d44fefa}
description             Ramdisk Options
ramdisksdidevice        partition=C:
ramdisksdipath          \Recovery\8cb2d9b4-7c05-11de-842e-b4611d44fefa\boot.sdi
 
Device options
--------------
identifier              {ad6c7bc8-fa0f-11da-8ddf-0013200354d8}
description             Ramdisk Device Options
ramdisksdidevice        partition=\Device\HarddiskVolume1
ramdisksdipath          \boot.sdi
 
 
 
LastRegBack: 2014-07-10 18:35
 
==================== End Of Log ============================
 
Addition.txt
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 31-07-2014 02
Ran by Brian at 2014-08-01 13:28:23
Running from C:\Users\Brian\Desktop
Boot Mode: Normal
==========================================================
 
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Microsoft Security Essentials (Enabled - Up to date) {641105E6-77ED-3F35-A304-765193BCB75F}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Microsoft Security Essentials (Enabled - Up to date) {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
 
==================== Installed Programs ======================
 
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
1 Media Player version 2.2.0 (HKLM-x32\...\{6C566E3B-CBFB-4A3C-A8B6-88EA54DE7CA8}_is1) (Version: 2.2.0 - OneFloorApp Ltd.)
Acrobat.com (HKLM-x32\...\{287ECFA4-719A-2143-A09B-D6A12DE54E40}) (Version: 1.6.65 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.9.0.1380 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 3.9.0.1380 - Adobe Systems Incorporated) Hidden
Adobe Community Help (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.4.980 - Adobe Systems Incorporated.)
Adobe Community Help (x32 Version: 3.4.980 - Adobe Systems Incorporated.) Hidden
Adobe Content Viewer (HKLM-x32\...\com.adobe.dmp.contentviewer) (Version: 1.4.0 - Adobe Systems Incorporated)
Adobe Content Viewer (x32 Version: 1.4.0 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 14 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 14.0.0.145 - Adobe Systems Incorporated)
Adobe Flash Player 14 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 14.0.0.145 - Adobe Systems Incorporated)
Adobe Media Player (HKLM-x32\...\com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.8 - Adobe Systems Incorporated)
Adobe Media Player (x32 Version: 1.8 - Adobe Systems Incorporated) Hidden
Adobe Photoshop Lightroom 3.6 64-bit (HKLM\...\{D4F66BBA-D79E-4F11-9B06-70C3D75A2958}) (Version: 3.6.1 - Adobe)
Adobe Reader X (10.1.10) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AA1000000001}) (Version: 10.1.10 - Adobe Systems Incorporated)
Adobe Shockwave Player 11.6 (HKLM-x32\...\Adobe Shockwave Player) (Version: 11.6.3.633 - Adobe Systems, Inc.)
Adobe Widget Browser (HKLM-x32\...\com.adobe.WidgetBrowser.E7BED6E5DDA59983786DD72EBFA46B1598278E07.1) (Version: 2.0 Build 230 - Adobe Systems Incorporated.)
Adobe Widget Browser (x32 Version: 2.0.230 - Adobe Systems Incorporated.) Hidden
Advanced System Protector (HKLM-x32\...\00212D92-C5D8-4ff4-AE50-B20F0F85C40A_Systweak_Ad~B9F029BF_is1) (Version: 2.1.1000.13665 - Systweak Software) <==== ATTENTION
Akamai NetSession Interface (HKCU\...\Akamai) (Version:  - Akamai Technologies, Inc)
Apple Application Support (HKLM-x32\...\{D9DAD0FF-495A-472B-9F10-BAE430A26682}) (Version: 3.0.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{787136D2-F0F8-4625-AA3F-72D7795AC842}) (Version: 7.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Application Mover (x64) (HKLM\...\Application Mover (x64 Shareware)_is1) (Version: 4.1 - Funduc Software Inc.)
ARIA Engine v1.0.9.8 (HKLM\...\ARIA Engine_is1) (Version: v1.0.9.8 - Plogue Art et Technologie, Inc)
Aspell 0.6 Dictionary (Language: en) (HKLM-x32\...\Aspell6-Dictionary-en) (Version:  - )
Aspell Data (HKLM-x32\...\Aspell) (Version:  - )
ASUS AI Recovery (HKLM-x32\...\{06585B02-F20D-4AB2-9A64-86EF2AE0F8F0}) (Version: 1.0.10 - ASUS)
ASUS Power4Gear Hybrid (HKLM\...\{91EFE3A1-585E-4F66-B5F6-F118F56C4C47}) (Version: 1.1.35 - ASUS)
Atheros Communications Inc.® AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 1.0.0.29 - Atheros Communications Inc.)
ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0003 - ASUS)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
BrowserSafeguard with RocketTab (HKLM-x32\...\BrowserSafeguard) (Version:  - BrowserSafeguard with RocketTab) <==== ATTENTION
Build Tools - amd64 (Version: 12.0.21005 - Microsoft Corporation) Hidden
Build Tools - x86 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Build Tools Language Resources - amd64 (Version: 12.0.21005 - Microsoft Corporation) Hidden
Build Tools Language Resources - x86 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 4.09 - Piriform)
Cisco WebEx Meetings (HKCU\...\ActiveTouchMeetingClient) (Version:  - Cisco WebEx LLC)
Compatibility Pack for the 2007 Office system (HKLM-x32\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
CutePDF Writer 3.0 (HKLM\...\CutePDF Writer Installation) (Version:  - )
CyberLink LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.1908 - CyberLink Corp.)
CyberLink LabelPrint (x32 Version: 2.5.1908 - CyberLink Corp.) Hidden
CyberLink Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.1.3602c - CyberLink Corp.)
CyberLink Power2Go (x32 Version: 6.1.3602c - CyberLink Corp.) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
dealstear (HKLM-x32\...\{5E03DFA7-51FC-7C12-CEE5-4D75FBB01E8F}) (Version:  - dEaalstER)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{5C78021E-3C8E-4EDF-97EA-E9B8D808FD6D}) (Version:  - Microsoft)
Entity Framework Tools for Visual Studio 2013 (HKLM-x32\...\{08AEF86A-1956-4846-B906-B01350E96E30}) (Version: 12.0.20912.0 - Microsoft Corporation)
ERUNT 1.1j (HKLM-x32\...\ERUNT_is1) (Version:  - Lars Hederer)
ETDWare PS/2-x64 7.0.5.11_WHQL (HKLM\...\Elantech) (Version: 7.0.5.11 - ELAN Microelectronics Corp.)
Facebook Video Calling 2.0.0.447 (HKLM-x32\...\{8DF41A9F-FE13-43E8-A003-5F9B55A011EE}) (Version: 2.0.447 - Skype Limited)
Fast And Safe (HKLM-x32\...\{5F189DF5-2D05-472B-9091-84D9848AE48B}{64af91bf}) (Version:  - GTgroup) <==== ATTENTION
Fast Boot (HKLM\...\{13F4A7F3-EABC-4261-AF6B-1317777F0755}) (Version: 1.0.5 - ASUS)
Free YouTube to MP3 Converter version 3.12.2.430 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.2.430 - DVDVideoSoft Ltd.)
Garritan ARIA Player v1.02 (HKLM\...\__ARIA_1012___is1) (Version: v1.0.2.1 - Garritan)
Garritan Instruments for Finale (HKLM\...\__ARIA_1013___is1) (Version: v1.0.2.2 - Garritan)
Google Chrome (HKCU\...\Google Chrome) (Version: 35.0.1916.153 - Google Inc.)
Google Talk Plugin (HKLM-x32\...\{C1E3DFE7-4EAD-3E9E-A826-E06055BA5921}) (Version: 5.4.2.18903 - Google)
HQPro-1.9 (HKLM-x32\...\HQPro-1.9) (Version: 1.34.6.10 - HQ-1.9)
HTC BMP USB Driver (HKLM-x32\...\{31A559C1-9E4D-423B-9DD3-34A6C5398752}) (Version: 1.0.5375 - HTC)
HTC Driver Installer (HKLM-x32\...\{6D6664A9-3342-4948-9B7E-034EFE366F0F}) (Version: 3.0.0.005 - HTC Corporation)
inSSIDer 2.0 (HKLM\...\{57019733-78E6-43DE-8E6D-55349F0FDE6F}) (Version: 2.0.7 - MetaGeek)
Intel PROSet Wireless (Version:  - ) Hidden
Intel® Graphics Media Accelerator Driver (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2104 - Intel Corporation)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 6.0.0.1179 - Intel Corporation)
Intel® PROSet/Wireless WiFi Software (HKLM\...\{1A8BA6CE-822D-4888-89E2-ACBF4308F271}) (Version: 13.02.0000 - Intel Corporation)
Intel® Wireless Display (HKLM\...\{C298FF86-AB23-4B58-AC53-A23383C07B3A}) (Version: 1.2.20.0 - Intel Corporation)
iTunes (HKLM\...\{5A68A656-979F-4168-8795-E2E368AA4DC2}) (Version: 11.2.2.3 - Apple Inc.)
Java 7 Update 45 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417045FF}) (Version: 7.0.450 - Oracle)
Java 7 Update 60 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.600 - Oracle)
Java Auto Updater (x32 Version: 2.1.60.19 - Oracle, Inc.) Hidden
Java™ 6 Update 29 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86416029FF}) (Version: 6.0.290 - Oracle)
Java™ 6 Update 29 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216029FF}) (Version: 6.0.290 - Oracle)
Java™ SE Development Kit 6 Update 23 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0160230}) (Version: 1.6.0.230 - Oracle)
Java™ SE Development Kit 6 Update 26 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0160260}) (Version: 1.6.0.260 - Oracle)
Java™ SE Development Kit 6 Update 29 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0160290}) (Version: 1.6.0.290 - Oracle)
Java™ SE Development Kit 7 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0170000}) (Version: 1.7.0.0 - Oracle)
Java™ SE Development Kit 7 Update 1 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0170010}) (Version: 1.7.0.10 - Oracle)
Junk Mail filter update (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
K-Lite Codec Pack 5.3.0 (64-bit) (HKLM\...\KLiteCodecPack64_is1) (Version: 5.3.0 - )
K-Lite Mega Codec Pack 7.8.0 (HKLM-x32\...\KLiteCodecPack_is1) (Version: 7.8.0 - )
Link Shell Extension (HKLM\...\HardlinkShellExt) (Version: 3.7.5.1 - Hermann Schinagl)
Logitech Unifying Software 2.00 (HKLM\...\Logitech Unifying) (Version: 2.00.43 - Logitech)
LPT System Updater Service (HKLM-x32\...\{BC0BF363-63AB-4FF7-8EF1-AE0D7F711B24}) (Version: 1.0.0.0 - LPT) <==== ATTENTION
Media Downloader version 1.5 (HKLM-x32\...\Media Downloader_is1) (Version: 1.5 - Media Downloader)
Microsoft .NET Framework 1.1 (HKLM-x32\...\Microsoft .NET Framework 1.1  (1033)) (Version:  - )
Microsoft .NET Framework 1.1 (x32 Version: 1.1.4322 - Microsoft) Hidden
Microsoft .NET Framework 4 Multi-Targeting Pack (x32 Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5 Multi-Targeting Pack (HKLM-x32\...\{56E962F0-4FB0-3C67-88DB-9EAA6EEFC493}) (Version: 4.5.50710 - Microsoft Corporation)
Microsoft .NET Framework 4.5 SDK (HKLM-x32\...\{4AE57014-05C4-4864-A13D-86517A7E1BA4}) (Version: 4.5.50710 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (ENU) (HKLM-x32\...\{D3517C62-68A5-37CF-92F7-93C029A89681}) (Version: 4.5.50932 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (HKLM-x32\...\{6A0C6700-EA93-372C-8871-DCCF13D160A4}) (Version: 4.5.50932 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 SDK (HKLM-x32\...\{19A5926D-66E1-46FC-854D-163AA10A52D3}) (Version: 4.5.51641 - Microsoft Corporation)
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft C++ REST SDK for Visual Studio 2013 (x32 Version: 1.0 - Microsoft Corporation) Hidden
Microsoft Chart Controls for Microsoft .NET Framework 3.5 (KB2500170) (HKLM-x32\...\{41785C66-90F2-40CE-8CB5-1C94BFC97280}) (Version: 3.5.30730.0 - Microsoft Corporation)
Microsoft Help Viewer 2.1 (HKLM-x32\...\Microsoft Help Viewer 2.1) (Version: 2.1.21005 - Microsoft Corporation)
Microsoft Help Viewer 2.1 (x32 Version: 2.1.21005 - Microsoft Corporation) Hidden
Microsoft IntelliPoint 8.2 (HKLM\...\Microsoft IntelliPoint 8.2) (Version: 8.20.468.0 - Microsoft Corporation)
Microsoft IntelliPoint 8.2 (Version: 8.20.468.0 - Microsoft Corporation) Hidden
Microsoft NuGet - Visual Studio Express 2013 for Windows Desktop (x32 Version: 2.7.40911.287 - Microsoft Corporation) Hidden
Microsoft Office Access MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Access Setup Metadata MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Groove MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook Connector (HKLM-x32\...\{95140000-007A-0409-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation)
Microsoft Office Outlook MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Outlook Social Connector Provider for Windows Live Messenger 32-bit (HKLM-x32\...\{95140000-007D-0409-0000-0000000FF1CE}) (Version: 14.0.5120.5000 - Microsoft Corporation)
Microsoft Search Enhancement Pack (x32 Version: 3.0.133.0 - Microsoft Corporation) Hidden
Microsoft Security Client (Version: 4.5.0216.0 - Microsoft Corporation) Hidden
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.5.216.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SkyDrive (HKCU\...\SkyDriveSetup.exe) (Version: 16.4.6013.0910 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server 2012 Command Line Utilities  (HKLM\...\{58FED865-4F13-408D-A5BF-996019C4B936}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Data-Tier App Framework  (HKLM-x32\...\{1B876496-B3A2-4D22-9B12-B608A3FD4B8B}) (Version: 11.1.2902.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Data-Tier App Framework  (x64) (HKLM\...\{A6BA243E-85A3-4635-A269-32949C98AC7F}) (Version: 11.1.2902.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Express LocalDB  (HKLM\...\{6C026A91-640F-4A23-8B68-05D589CC6F18}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Management Objects  (HKLM-x32\...\{2F7DBBE6-8EBC-495C-9041-46A772F4E311}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Management Objects  (x64) (HKLM\...\{43A5C316-9521-49C3-B9B6-FCE5E1005DF0}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Native Client  (HKLM\...\{D411E9C9-CE62-4DBF-9D92-4CB22B750ED5}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Transact-SQL ScriptDom  (HKLM\...\{54C5041B-0E91-4E92-8417-AAA12493C790}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 T-SQL Language Service  (HKLM-x32\...\{04DD7AF4-A6D3-4E30-9BB9-3B3670719234}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 SP1 x64 ENU (HKLM\...\{78909610-D229-459C-A936-25D92283D3FD}) (Version: 4.0.8876.1 - Microsoft Corporation)
Microsoft SQL Server Data Tools - enu (12.0.30919.1) (HKLM-x32\...\{0D7FCBFB-F478-4D32-901C-83F0BF5A3501}) (Version: 12.0.30919.1 - Microsoft Corporation)
Microsoft SQL Server Data Tools Build Utilities - enu (12.0.30919.1) (HKLM-x32\...\{6781FF9B-E87D-4A03-9373-A55A288B83FA}) (Version: 12.0.30919.1 - Microsoft Corporation)
Microsoft Streets & Trips 2006 with GPS Locator (HKLM-x32\...\{83ED1E80-A1B7-4226-BCF1-AC4A88151A6B}) (Version: 13.00.09.0200 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2012 (HKLM-x32\...\{070C38AC-05CE-43DF-9A20-141332F6AB2B}) (Version: 11.1.3366.16 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2012 (x64) (HKLM\...\{05FF8209-C4F1-4C77-BC28-791653156D20}) (Version: 11.1.3366.16 - Microsoft Corporation)
Microsoft Team Foundation Server 2013 Object Model (x64) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Team Foundation Server 2013 Object Model Language Pack (x64) - ENU (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++  x64 Libraries (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++  x86 Libraries (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175 (HKLM\...\{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}) (Version: 8.0.51011 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148 (HKLM\...\{EE936C7A-EA40-31D5-9B65-8E3E089C3828}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (HKLM-x32\...\{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (HKLM\...\{8338783A-0968-3B85-AFC7-BAAE0A63DC50}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM-x32\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 32bit Compilers - ENU Resources (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Core Libraries (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005 (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Debug Runtime - 12.0.21005 (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005 (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Debug Runtime - 12.0.21005 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86-x64 Compilers (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2013 Express Prerequisites x64 - ENU (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2013 Preparation (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2013 Shell (Minimum) (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2013 Shell (Minimum) Interop Assemblies (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2013 Shell (Minimum) Resources (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2013 Team Explorer Language Pack - ENU (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual Studio Express 2013 for Windows Desktop - ENU (HKLM-x32\...\{bec3d87e-1d6d-4b15-8383-29068c86b888}) (Version: 12.0.21005.13 - Microsoft Corporation)
Microsoft Visual Studio Express 2013 for Windows Desktop - ENU (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual Studio Express 2013 for Windows Desktop (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual Studio Ultimate 2013 XAML UI Designer Core (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual Studio Ultimate 2013 XAML UI Designer enu Resources (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
Microsoft_VC80_ATL_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_ATL_x86_x64 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_CRT_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_CRT_x86_x64 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFC_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFC_x86_x64 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFCLOC_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFCLOC_x86_x64 (Version: 80.50727.4053 - Adobe) Hidden
Microsoft_VC90_ATL_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_ATL_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_CRT_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_CRT_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFC_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFC_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFCLOC_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFCLOC_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
Movie Maker (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Movie Master (HKLM-x32\...\MovieMaster) (Version: 2.7.18 - Green Fire Software)
Mozilla Firefox 9.0.1 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 9.0.1 (x86 en-US)) (Version: 9.0.1 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden
MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB973685) (HKLM-x32\...\{859DFA95-E4A6-48CD-B88E-A3E483E89B44}) (Version: 4.30.2107.0 - Microsoft Corporation)
MyFonts Order M2450391 (HKLM-x32\...\{C33F5967-E096-61D7-DE35-62032378A679}) (Version: 1.0 - MyFonts.com, Inc.)
Mysearchdial (HKLM-x32\...\mysearchdial) (Version:  - Mysearchdial) <==== ATTENTION
NEC Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{D7BF9739-8A68-4335-BBEE-37752AD9E86B}) (Version: 1.0.19.0 - NEC Electronics Corporation)
NEC Electronics USB 3.0 Host Controller Driver (x32 Version: 1.0.19.0 - NEC Electronics Corporation) Hidden
NVIDIA 3D Vision Driver 327.02 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 327.02 - NVIDIA Corporation)
NVIDIA Control Panel 327.02 (Version: 327.02 - NVIDIA Corporation) Hidden
NVIDIA Display Control Panel (HKLM\...\NVIDIA Display Control Panel) (Version: 6.14.12.5737 - NVIDIA Corporation)
NVIDIA Graphics Driver 327.02 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 327.02 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.133.889 - NVIDIA Corporation) Hidden
NVIDIA Optimus 1.10.8 (Version: 1.10.8 - NVIDIA Corporation) Hidden
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.13.2702 - NVIDIA Corporation) Hidden
NVIDIA Update 1.10.8 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.10.8 - NVIDIA Corporation)
NVIDIA Update Components (Version: 1.10.8 - NVIDIA Corporation) Hidden
NVIDIA Updatus (x32 Version: 1.0.3 - NVIDIA Corporation) Hidden
Pando Media Booster (HKLM-x32\...\{980A182F-E0A2-4A40-94C1-AE0C1235902E}) (Version: 2.6.0.1 - Pando Networks Inc.)
PastaQuotes (HKLM-x32\...\pastaleads) (Version: 1.1.0.1 - PastaLeads)
Photo Gallery (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Prerequisites for SSDT  (HKLM-x32\...\{35C1D9D6-87C0-46A3-B1B4-EDBCC063221C}) (Version: 11.1.3000.0 - Microsoft Corporation)
QuickTime (HKLM-x32\...\{B67BAFBA-4C9F-48FA-9496-933E3B255044}) (Version: 7.74.80.86 - Apple Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6077 - Realtek Semiconductor Corp.)
Remote Desktop Access (VuuPC) (HKLM-x32\...\VOPackage) (Version: 1.0.0.0 - CMI Limited) <==== ATTENTION
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Right Backup (HKLM-x32\...\980124D4-3D52-4c2d-AD41-9E90BDF4C031_Systweak_Ri~01F2B2E8_is1) (Version: 2.1.1000.4391 - Systweak Software)
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.4.6.0 - SAMSUNG Electronics Co., Ltd.)
Seagate File Recovery for Windows 2.0 (HKLM-x32\...\Seagate File Recovery for WindowsNSIS) (Version: 2.0.7631 - Seagate)
Search module (HKLM-x32\...\Search module) (Version:  - Search Module)
SeaTools for Windows (HKLM-x32\...\{98613C99-1399-416C-A07C-1EE1C585D872}) (Version: 1.2.0.5 - Seagate Technology)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (x32 Version:  - Microsoft) Hidden
SmartSaver+ 10 (HKLM-x32\...\SmartSaver+ 10) (Version: 1.34.7.1 - smart-saverplus)
Software Updater version 1.9.4 (HKLM-x32\...\Software Updater_is1) (Version: 1.9.4 - )
SRS Premium Sound Control Panel (HKLM\...\{E5CF6B9C-3ABE-43C9-9413-AD5FFC98F049}) (Version: 1.8.50.0 - SRS Labs, Inc.)
suprasavings (HKLM\...\suprasavings) (Version: 2.0.1 - suprasavings) <==== ATTENTION
SupraSavings (x32 Version: 1.0.0.0 - SupraSavings) Hidden <==== ATTENTION
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
System Requirements Lab (HKLM-x32\...\SystemRequirementsLab) (Version:  - )
System Requirements Lab CYRI (HKLM-x32\...\{943A8D28-80D6-41DC-AE94-81FEB42041BF}) (Version: 4.5.1.0 - Husdawg, LLC)
Team Explorer for Microsoft Visual Studio 2013 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version:  - TeamSpeak Systems GmbH)
Update for  (KB2504637) (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}.KB2504637) (Version: 1 - Microsoft Corporation)
Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{B4A38370-2ADB-46B0-A1B0-0C4A2F7DCA31}) (Version:  - Microsoft)
Update for Microsoft Excel 2010 (KB2837600) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{4ACD847E-547D-493F-9A86-F73EAE1B5174}) (Version:  - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2878281) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{302A8FE3-EBF5-486C-A431-16A1CD914443}) (Version:  - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2878281) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUS_{302A8FE3-EBF5-486C-A431-16A1CD914443}) (Version:  - Microsoft)
Update for Microsoft InfoPath 2010 (KB2817369) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{4EEA3D3E-989C-4DF4-AB0A-3042C0C12AA3}) (Version:  - Microsoft)
Update for Microsoft InfoPath 2010 (KB2817396) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{39767ECA-1731-45DB-AB5B-6BF40E151D66}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2494150) (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{3FCFD88F-4D13-4F38-8625-ABABEA7F61EA}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{DADF7E25-FFA4-4D02-BE84-1DAE62C18516}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUS_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{287A1E92-9E41-4BC1-8920-B3D0E9220800}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{9D69691D-823D-4C3E-9B12-563A3F520366}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUS_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{35698CB7-AAA2-4577-B505-DBFF504AEF23}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{5AA578BB-759C-40FD-9661-A737C0884541}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2825635) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{F1A20C69-9FE5-40FD-9CD5-84EABC2EF64A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2825640) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{BA610006-2C39-4419-9834-CF61AB24810A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2837581) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{334FB202-28D7-4BA4-8BC9-4FE4AB233EA0}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2837606) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{B0D672F7-883E-4279-8E75-D97A5445AB46}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2878252) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{B0DB9F71-E0F7-4FE6-8925-35B860CAC0C4}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2881028) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0409-0000-0000000FF1CE}_Office14.PROPLUS_{C0BDC1DE-C35E-422B-8CBD-C1D555468720}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2881028) 32-Bit Edition (HKLM-x32\...\{90140000-001F-040C-0000-0000000FF1CE}_Office14.PROPLUS_{089DBFD7-8211-43B2-AAAE-5BDD8C23E3A8}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2881028) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0C0A-0000-0000000FF1CE}_Office14.PROPLUS_{794A0574-4E2F-4D58-B2A0-D7460ACDC85C}) (Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUS_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version:  - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{2AB483F1-C86E-427A-83B4-23889B03512D}) (Version:  - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM-x32\...\{90140000-001A-0409-0000-0000000FF1CE}_Office14.PROPLUS_{DCE104A1-1875-4469-A83D-A5BFA6C4640F}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{2BA40F82-F3A4-441C-BF1A-ED4C42FF4872}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition (HKLM-x32\...\{90140000-0018-0409-0000-0000000FF1CE}_Office14.PROPLUS_{334AA0A1-2BB1-4D74-B66A-2B2C4D9C2C87}) (Version:  - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{F9F5A080-AF38-4966-9A6B-C43DCA465035}) (Version:  - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUS_{F9F5A080-AF38-4966-9A6B-C43DCA465035}) (Version:  - Microsoft)
Update for Microsoft Visio 2010 (KB2880526) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{7B29D8B8-6A87-496C-A65E-B935E740448A}) (Version:  - Microsoft)
Update for Microsoft Visio Viewer 2010 (KB2837587) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{38CF30E4-3348-4BD1-A859-B630C355A56F}) (Version:  - Microsoft)
Update for Microsoft Word 2010 (KB2880529) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{B9B89E01-5B6B-4F73-BC34-B2C0D8ACB4CD}) (Version:  - Microsoft)
USB2.0 UVC 2M WebCam (HKLM\...\USB2.0 UVC 2M WebCam) (Version: 5.8.54000.206 - Sonix)
Ventrilo Client for Windows x64 (HKLM\...\{EEB3F6BB-318D-4CE5-989F-8191FCBFB578}) (Version: 3.0.8.0 - Flagship Industries, Inc.)
ViewPassword (HKLM-x32\...\49DBFAF9-23C4-A643-5CE3-5ACA5F8CA8B0) (Version:  - ViewPassword-software) <==== ATTENTION
Windows Live Communications Platform (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3508.0205 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Family Safety (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Family Safety (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4311.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Messenger (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Sync (HKLM-x32\...\{B10914FD-8812-47A4-85A1-50FCDE7F1F33}) (Version: 14.0.8117.416 - Microsoft Corporation)
Windows Live UX Platform (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Software Development Kit (x32 Version: 8.100.25984 - Microsoft Corporation) Hidden
Windows Software Development Kit (x32 Version: 8.59.29989 - Microsoft Corporation) Hidden
Windows Software Development Kit DirectX x64 Remote (Version: 8.100.25984 - Microsoft Corporation) Hidden
Windows Software Development Kit DirectX x64 Remote (Version: 8.59.29989 - Microsoft Corporation) Hidden
Windows Software Development Kit DirectX x86 Remote (x32 Version: 8.100.25984 - Microsoft Corporation) Hidden
Windows Software Development Kit DirectX x86 Remote (x32 Version: 8.59.29989 - Microsoft Corporation) Hidden
Windows Software Development Kit for Windows Store Apps (x32 Version: 8.100.25984 - Microsoft Corporation) Hidden
Windows Software Development Kit for Windows Store Apps DirectX x64 Remote (Version: 8.100.25984 - Microsoft Corporation) Hidden
Windows Software Development Kit for Windows Store Apps DirectX x86 Remote (x32 Version: 8.100.25984 - Microsoft Corporation) Hidden
Windows XP Targeting with C++ (x32 Version: 11.0.51106 - Microsoft Corporation) Hidden
WinRAR archiver (HKLM\...\WinRAR archiver) (Version:  - )
WinZip 18.0 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C240DF}) (Version: 18.0.10661 - WinZip Computing, S.L. )
YouTube Accelerator (HKLM-x32\...\YouTube Accelerator) (Version: 3394(build_80) - Goobzo Ltd.)
YouTube Video Downloader 3 (HKLM-x32\...\YouTube Video Downloader_is1) (Version:  - Tomabo)
 
==================== Custom CLSID (selected items): ==========================
 
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
 
CustomCLSID: HKU\S-1-5-21-2382725470-2412313811-1806556634-1001_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\Brian\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-2382725470-2412313811-1806556634-1001_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\Brian\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2382725470-2412313811-1806556634-1001_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\Brian\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2382725470-2412313811-1806556634-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Brian\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-2382725470-2412313811-1806556634-1001_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\Brian\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2382725470-2412313811-1806556634-1001_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Brian\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\FileSyncApi64.dll (Microsoft Corporation)
 
==================== Restore Points  =========================
 
10-07-2014 22:34:55 Restore Operation
10-07-2014 22:47:05 Windows Update
11-07-2014 02:50:13 Windows Update
11-07-2014 22:33:43 Installed Personal Audio Driver
11-07-2014 22:37:02 Installed Personal Audio Driver
11-07-2014 22:46:26 Windows Update
30-07-2014 22:58:01 Windows Update
30-07-2014 23:42:47 Windows Update
30-07-2014 23:42:47 Revo Uninstaller's restore point - Advanced System Protector
31-07-2014 04:11:28 OTM Restore Point
31-07-2014 23:40:55 Windows Update
01-08-2014 00:02:01 Windows Update
 
==================== Hosts content: ==========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2010-08-26 10:32 - 2014-07-30 23:10 - 00000098 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1       localhost
::1       localhost
 
==================== Scheduled Tasks (whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
 
Task: {0071D28C-BC20-44F4-9F98-A8091A8A20FB} - System32\Tasks\ASUS P4G => C:\Program Files\P4G\BatteryLife.exe [2010-04-08] (ATK)
Task: {018333AB-C79C-42AD-8E3F-1B5E15878876} - System32\Tasks\64e36912-3c31-4f29-91f8-31bef7612b98-5 => C:\Program Files (x86)\HQPro-1.9\64e36912-3c31-4f29-91f8-31bef7612b98-5.exe [2014-06-22] (HQ-1.9)
Task: {128C5B45-05B5-42D4-866A-497EBD3F6C42} - System32\Tasks\64e36912-3c31-4f29-91f8-31bef7612b98-1 => C:\Program Files (x86)\HQPro-1.9\HQPro-1.9-codedownloader.exe [2014-06-22] (HQ-1.9)
Task: {175E1781-B7A7-4065-B311-3A4F3A970958} - System32\Tasks\ViewPassword_wd => C:\Program Files (x86)\-ViewPassword-soft\ViewPasswordFIXQNw.exe [2014-06-22] ()
Task: {197B2C43-F266-4F40-8872-226AD749F53D} - System32\Tasks\globalUpdateUpdateTaskMachineUA => C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe [2014-07-09] (globalUpdate)
Task: {1D123A21-1C27-41F4-AA0D-9B32FADFD670} - System32\Tasks\pcreg => C:\Program Files\pcmax\service.exe [2014-05-29] ()
Task: {24A0FE85-2147-4E02-9FCC-149079387F67} - System32\Tasks\P4G Sidebar => C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-20] (Microsoft Corporation)
Task: {2702479C-5089-496B-B116-BE09256E4C4B} - System32\Tasks\PastaQuotes => C:\Program Files (x86)\pastaleads\ScheduledTask.exe [2014-05-21] ()
Task: {32FCAC19-1AE4-4AC5-8181-CBC4A3606EBB} - System32\Tasks\Microsoft_Hardware_Launch_IPoint_exe => C:\Program Files\Microsoft IntelliPoint\IPoint.exe [2011-08-01] (Microsoft Corporation)
Task: {33B548DA-AD4B-4E99-A89D-999B662F9124} - System32\Tasks\YTAUpdate_logon => C:\Program Files (x86)\YouTube Accelerator\Updater.exe [2014-06-22] (Goobzo)
Task: {422201BC-2C8B-47C7-9A88-95F443F57E5E} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-2382725470-2412313811-1806556634-1001UA => C:\Users\Brian\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-08-16] (Facebook Inc.)
Task: {42820F2A-8FFC-4842-9A31-793541A84C44} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-07-09] (Adobe Systems Incorporated)
Task: {456085DF-382C-4A6B-B0E2-928DE88FC4F9} - System32\Tasks\YTAUpdate => C:\Program Files (x86)\YouTube Accelerator\Updater.exe [2014-06-22] (Goobzo)
Task: {4EF2CEC9-B6C7-4CF1-A5E6-C720EB269774} - System32\Tasks\64e36912-3c31-4f29-91f8-31bef7612b98-3 => C:\Program Files (x86)\HQPro-1.9\64e36912-3c31-4f29-91f8-31bef7612b98-3.exe [2014-06-22] (HQ-1.9)
Task: {577C81F6-9B62-4F37-A6D6-FE454080D637} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {5C6B59D3-E62C-48D2-AADF-46222097034C} - System32\Tasks\UNELEVATE_23352 => C:\Program Files (x86)\ShopperPro\JSDriver\1.37.1.189\jsdrv.exe <==== ATTENTION
Task: {6DA3F6EA-16F6-4F60-8113-91807A79F2E5} - System32\Tasks\64e36912-3c31-4f29-91f8-31bef7612b98-7 => C:\Program Files (x86)\HQPro-1.9\HQPro-1.9-nova.exe [2014-06-22] (HQ-1.9)
Task: {6FE8FBFA-872C-48A0-8C84-5BD3350EB404} - System32\Tasks\MySearchDial => C:\Users\Brian\AppData\Roaming\MySearchDial\UpdateProc\UpdateTask.exe [2013-04-12] () <==== ATTENTION
Task: {7210C382-EA7B-4E4B-B895-7BC17107F588} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-12-17] (Piriform Ltd)
Task: {79EFE631-3033-4B79-AA04-D08CCDEEC4F8} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-2382725470-2412313811-1806556634-1001Core => C:\Users\Brian\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-08-16] (Facebook Inc.)
Task: {7F94157B-CD45-465C-9084-E4099E483EB1} - System32\Tasks\Launch HTC Sync Loader => C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe
Task: {AAC5111B-BBBA-4DA8-9F57-85D8CA94EAB2} - System32\Tasks\64e36912-3c31-4f29-91f8-31bef7612b98-6 => C:\Program Files (x86)\HQPro-1.9\HQPro-1.9-novainstaller.exe [2014-06-22] (HQ-1.9)
Task: {B8E93094-7AD1-43E0-A6A6-26A34E981E5E} - System32\Tasks\64e36912-3c31-4f29-91f8-31bef7612b98-2 => C:\Program Files (x86)\HQPro-1.9\64e36912-3c31-4f29-91f8-31bef7612b98-2.exe [2014-06-22] (HQ-1.9)
Task: {BD1EDFF7-4636-4C6B-8C57-FB1F142D2123} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2382725470-2412313811-1806556634-1001UA => C:\Users\Brian\AppData\Local\Google\Update\GoogleUpdate.exe [2010-08-12] (Google Inc.)
Task: {C7C22C28-89E0-4BB6-AF28-9B775C852095} - System32\Tasks\64e36912-3c31-4f29-91f8-31bef7612b98-11 => C:\Program Files (x86)\HQPro-1.9\64e36912-3c31-4f29-91f8-31bef7612b98-11.exe [2014-06-22] (HQ-1.9)
Task: {CA2C56CE-A3D4-4C09-AD9E-10BBB23131A7} - System32\Tasks\64e36912-3c31-4f29-91f8-31bef7612b98-4 => C:\Program Files (x86)\HQPro-1.9\64e36912-3c31-4f29-91f8-31bef7612b98-4.exe [2014-06-22] (HQ-1.9)
Task: {E54F1DDC-2122-45C0-ADC4-54D8F2C2B1EB} - System32\Tasks\BrowserSafeguard Update Task => C:\Program Files (x86)\Browsersafeguard\uninstall.BrowserSafeguard.exe [2014-06-22] () <==== ATTENTION
Task: {F170767C-103A-48AB-AD25-3C95626DAFF4} - System32\Tasks\ViewPassword Update => C:\Program Files (x86)\-ViewPassword-soft\ViewPasswordt83.exe [2014-06-22] ()
Task: {F61CD649-F644-4ACF-81CE-6F5201717F63} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2382725470-2412313811-1806556634-1001Core => C:\Users\Brian\AppData\Local\Google\Update\GoogleUpdate.exe [2010-08-12] (Google Inc.)
Task: {F701B84E-0DFE-49B7-B9DF-F68A9C427FA6} - System32\Tasks\Right Backup_startup => C:\Program Files (x86)\Right Backup\RightBackup.exe [2014-07-10] (Systweak)
Task: {FEC09D1C-D576-4F41-96D3-AE70E1CB1AE2} - System32\Tasks\Advanced System Protector_startup => C:\Program Files (x86)\Advanced System Protector\AdvancedSystemProtector.exe [2014-07-02] (Systweak) <==== ATTENTION
Task: C:\Windows\Tasks\64e36912-3c31-4f29-91f8-31bef7612b98-1.job => C:\Program Files (x86)\HQPro-1.9\HQPro-1.9-codedownloader.exe
Task: C:\Windows\Tasks\64e36912-3c31-4f29-91f8-31bef7612b98-11.job => C:\Program Files (x86)\HQPro-1.9\64e36912-3c31-4f29-91f8-31bef7612b98-11.exe
Task: C:\Windows\Tasks\64e36912-3c31-4f29-91f8-31bef7612b98-2.job => C:\Program Files (x86)\HQPro-1.9\64e36912-3c31-4f29-91f8-31bef7612b98-2.exe
Task: C:\Windows\Tasks\64e36912-3c31-4f29-91f8-31bef7612b98-3.job => C:\Program Files (x86)\HQPro-1.9\64e36912-3c31-4f29-91f8-31bef7612b98-3.exe
Task: C:\Windows\Tasks\64e36912-3c31-4f29-91f8-31bef7612b98-4.job => C:\Program Files (x86)\HQPro-1.9\64e36912-3c31-4f29-91f8-31bef7612b98-4.exe
Task: C:\Windows\Tasks\64e36912-3c31-4f29-91f8-31bef7612b98-5.job => C:\Program Files (x86)\HQPro-1.9\64e36912-3c31-4f29-91f8-31bef7612b98-5.exe
Task: C:\Windows\Tasks\64e36912-3c31-4f29-91f8-31bef7612b98-6.job => C:\Program Files (x86)\HQPro-1.9\HQPro-1.9-novainstaller.exe
Task: C:\Windows\Tasks\64e36912-3c31-4f29-91f8-31bef7612b98-7.job => C:\Program Files (x86)\HQPro-1.9\HQPro-1.9-nova.exe
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\e71ba47a-c90a-4fcb-a811-4305fd02ffd7-1.job => C:\Program Files (x86)\SmartSaver+ 10\SmartSaver+ 10-codedownloader.exe
Task: C:\Windows\Tasks\e71ba47a-c90a-4fcb-a811-4305fd02ffd7-11.job => C:\Program Files (x86)\SmartSaver+ 10\e71ba47a-c90a-4fcb-a811-4305fd02ffd7-11.exe
Task: C:\Windows\Tasks\e71ba47a-c90a-4fcb-a811-4305fd02ffd7-2.job => C:\Program Files (x86)\SmartSaver+ 10\e71ba47a-c90a-4fcb-a811-4305fd02ffd7-2.exe
Task: C:\Windows\Tasks\e71ba47a-c90a-4fcb-a811-4305fd02ffd7-3.job => C:\Program Files (x86)\SmartSaver+ 10\e71ba47a-c90a-4fcb-a811-4305fd02ffd7-3.exe
Task: C:\Windows\Tasks\e71ba47a-c90a-4fcb-a811-4305fd02ffd7-4.job => C:\Program Files (x86)\SmartSaver+ 10\e71ba47a-c90a-4fcb-a811-4305fd02ffd7-4.exe
Task: C:\Windows\Tasks\e71ba47a-c90a-4fcb-a811-4305fd02ffd7-5.job => C:\Program Files (x86)\SmartSaver+ 10\e71ba47a-c90a-4fcb-a811-4305fd02ffd7-5.exe
Task: C:\Windows\Tasks\e71ba47a-c90a-4fcb-a811-4305fd02ffd7-5_user.job => C:\Program Files (x86)\SmartSaver+ 10\e71ba47a-c90a-4fcb-a811-4305fd02ffd7-5.exe
Task: C:\Windows\Tasks\e71ba47a-c90a-4fcb-a811-4305fd02ffd7-6.job => C:\Program Files (x86)\SmartSaver+ 10\SmartSaver+ 10-novainstaller.exe
Task: C:\Windows\Tasks\e71ba47a-c90a-4fcb-a811-4305fd02ffd7-7.job => C:\Program Files (x86)\SmartSaver+ 10\SmartSaver+ 10-nova.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2382725470-2412313811-1806556634-1001Core.job => C:\Users\Brian\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2382725470-2412313811-1806556634-1001UA.job => C:\Users\Brian\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore1cf9bc6d9e5a9a1.job => C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe <==== ATTENTION
Task: C:\Windows\Tasks\globalUpdateUpdateTaskMachineUA.job => C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe <==== ATTENTION
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2382725470-2412313811-1806556634-1001Core.job => C:\Users\Brian\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2382725470-2412313811-1806556634-1001UA.job => C:\Users\Brian\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\ViewPassword Update.job => C:\Program Files (x86)\-ViewPassword-soft\ViewPasswordt83.exe
Task: C:\Windows\Tasks\ViewPassword_wd.job => C:\Program Files (x86)\-ViewPassword-soft\ViewPasswordFIXQNw.exe
 
==================== Loaded Modules (whitelisted) =============
 
2010-03-05 11:21 - 2010-03-05 11:21 - 01501696 _____ () C:\Program Files\Common Files\Intel\WirelessCommon\Libeay32.dll
2010-10-17 21:45 - 2012-03-11 14:56 - 00086608 _____ () C:\Windows\System32\cpwmon64.dll
2010-08-25 23:37 - 2010-08-25 23:34 - 00008192 _____ () C:\Windows\SysWOW64\srvany.exe
2010-08-25 23:37 - 2010-08-25 23:34 - 00151552 _____ () C:\Windows\KMService.exe
2014-06-15 18:14 - 2014-06-15 18:14 - 00034072 _____ () C:\Program Files (x86)\LPT\srpts.exe
2010-09-16 14:06 - 2010-09-16 14:06 - 00080896 _____ () C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
2014-05-21 01:36 - 2014-05-21 01:36 - 00381336 _____ () C:\Program Files (x86)\pastaleads\PastaLeadsService.exe
2014-06-15 18:14 - 2014-06-15 18:14 - 00036120 _____ () C:\Program Files (x86)\LPT\srptsl.exe
2014-06-13 00:55 - 2014-06-13 00:55 - 00233472 _____ () C:\Program Files\pcmax\pcmax.exe
2012-10-12 18:21 - 2013-08-29 17:43 - 00097568 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2014-06-15 18:14 - 2014-06-15 18:14 - 00023832 _____ () C:\Program Files (x86)\LPT\srptm.exe
2004-09-30 13:15 - 2004-09-30 13:15 - 00192000 _____ () C:\Program Files\LinkShellExtension\RockallDLL.dll
2014-06-22 04:33 - 2014-06-22 04:33 - 00100864 _____ () C:\Program Files (x86)\-ViewPassword-soft\ViewPasswordFIXQNw.exe
2010-01-11 12:27 - 2010-01-11 12:27 - 00017920 _____ () C:\Program Files\P4G\DevMng.dll
2010-02-03 19:14 - 2010-02-03 19:14 - 00033792 _____ () C:\Program Files\P4G\OvrClk.dll
2013-09-05 01:17 - 2013-09-05 01:17 - 04300456 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2010-10-20 16:23 - 2010-10-20 16:23 - 08801632 _____ () C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll
2010-08-25 22:36 - 2010-03-15 11:28 - 00166400 _____ () D:\Program Files\WinRAR\rarext.dll
2011-08-31 19:13 - 2011-08-31 19:13 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2014-05-21 01:36 - 2014-05-21 01:36 - 00030104 _____ () C:\Program Files (x86)\pastaleads\PastaLeadsWinApp.exe
2014-06-22 04:33 - 2014-06-22 04:33 - 00179712 _____ () C:\Program Files (x86)\-ViewPassword-soft\ViewPasswordHh174.exe
2014-05-21 01:36 - 2014-05-21 01:36 - 00012184 _____ () C:\Program Files (x86)\pastaleads\ScheduledTask.exe
2014-07-30 17:32 - 2014-07-30 17:32 - 00186192 _____ () c:\ProgramData\Fast And Safe\FastAndSafeSvc.dll
2014-07-30 17:32 - 2014-07-30 17:32 - 04125696 _____ () c:\ProgramData\Fast And Safe\FastAndSafe.dll
2014-04-23 16:05 - 2014-04-23 16:05 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-04-23 16:04 - 2014-04-23 16:04 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2014-06-15 18:14 - 2014-06-15 18:14 - 00043288 _____ () C:\Program Files (x86)\LPT\srptc.dll
2014-06-15 18:13 - 2014-06-15 18:13 - 00018200 _____ () C:\Program Files (x86)\LPT\Smartbar.Common.dll
2014-06-15 18:14 - 2014-06-15 18:14 - 00060184 _____ () C:\Program Files (x86)\LPT\srut.dll
2014-07-10 17:02 - 2013-08-02 19:21 - 00886272 _____ () C:\Program Files (x86)\Right Backup\System.Data.SQLite.dll
2014-06-15 18:14 - 2014-06-15 18:14 - 00077592 _____ () C:\Program Files (x86)\LPT\srpt.dll
2014-06-15 18:14 - 2014-06-15 18:14 - 00067352 _____ () C:\Program Files (x86)\LPT\sppsm.dll
2014-06-15 18:13 - 2014-06-15 18:13 - 00156952 _____ () C:\Program Files (x86)\LPT\Smartbar.Resources.HistoryAndStatsWrapper.dll
2014-06-15 18:13 - 2014-06-15 18:13 - 00027928 _____ () C:\Program Files (x86)\LPT\Smartbar.Personalization.Common.dll
2014-06-15 18:13 - 2014-06-15 18:13 - 00166680 _____ () C:\Program Files (x86)\LPT\Smartbar.Infrastructure.Utilities.dll
2014-06-22 04:33 - 2014-06-22 04:33 - 00172544 _____ () C:\Program Files (x86)\-ViewPassword-soft\ViewPasswordHh174.dll
2014-07-09 17:42 - 2012-07-25 12:03 - 00886272 _____ () C:\Program Files (x86)\Advanced System Protector\System.Data.SQLite.dll
2014-07-09 17:42 - 2014-07-02 17:43 - 01730984 _____ () C:\Program Files (x86)\Advanced System Protector\aspsys.dll
2014-07-09 17:42 - 2012-07-25 12:03 - 00168448 _____ () C:\Program Files (x86)\Advanced System Protector\UNRAR.DLL
2009-11-02 16:20 - 2009-11-02 16:20 - 00619816 _____ () C:\Program Files (x86)\CyberLink\Power2Go\CLMediaLibrary.dll
2009-11-02 16:23 - 2009-11-02 16:23 - 00013096 _____ () C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvcPS.dll
 
==================== Alternate Data Streams (whitelisted) =========
 
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
 
AlternateDataStreams: C:\ProgramData\Microsoft:c7wMWfpDZco0CueOuX3NgczI
AlternateDataStreams: C:\ProgramData\Microsoft:oE5zZeoZTDVj6Nuj4gytnH0
AlternateDataStreams: C:\ProgramData\Temp:56E2E879
AlternateDataStreams: C:\ProgramData\Temp:5C321E34
AlternateDataStreams: C:\Users\Brian\Cookies:4eQ7kx4rxCf1FI3I4wR
AlternateDataStreams: C:\Users\Brian\AppData\Local\Temp:6AoWPJmFJPkxRQPMwNY
 
==================== Safe Mode (whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
 
==================== EXE Association (whitelisted) =============
 
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
 
 
==================== MSCONFIG/TASK MANAGER disabled items =========
 
(Currently there is no automatic fix for this section.)
 
MSCONFIG\startupfolder: C:^Users^Brian^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk => C:\Windows\pss\Dropbox.lnk.Startup
MSCONFIG\startupfolder: C:^Users^Brian^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^ERUNT AutoBackup.lnk => C:\Windows\pss\ERUNT AutoBackup.lnk.Startup
MSCONFIG\startupfolder: C:^Users^Brian^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^JaxUploader.lnk => C:\Windows\pss\JaxUploader.lnk.Startup
MSCONFIG\startupfolder: C:^Users^Brian^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^PdaNet Desktop.lnk => C:\Windows\pss\PdaNet Desktop.lnk.Startup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: Adobe Reader Speed Launcher => "D:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: ASUS Screen Saver Protector => C:\Windows\AsScrPro.exe
MSCONFIG\startupreg: ASUS WebStorage => C:\Program Files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSService.exe
MSCONFIG\startupreg: CLMLServer => "C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe"
MSCONFIG\startupreg: doubleTwist => C:\Program Files (x86)\doubleTwist 2.0\DoubleTwist.DeviceHelper.exe
MSCONFIG\startupreg: ETDWare => %ProgramFiles%\Elantech\ETDCtrl.exe
MSCONFIG\startupreg: FileHippo.com => "D:\Program Files (x86)\FileHippo.com\UpdateChecker.exe" /background
MSCONFIG\startupreg: HTC Sync Loader => "C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe" -startup
MSCONFIG\startupreg: IntelWireless => "C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe" /tf Intel Wireless Tray
MSCONFIG\startupreg: iTunesHelper => "D:\Program Files (x86)\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: RtHDVCpl => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
MSCONFIG\startupreg: Steam => "D:\Program Files (x86)\Steam\Steam.exe" -silent
MSCONFIG\startupreg: WinampAgent => "D:\Program Files (x86)\Winamp\winampa.exe"
 
==================== Faulty Device Manager Devices =============
 
Name: iPodDrv
Description: iPodDrv
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: iPodDrv
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (07/31/2014 09:06:51 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1030
 
Error: (07/31/2014 09:06:51 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1030
 
Error: (07/31/2014 09:06:50 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (07/30/2014 06:14:44 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program SoftwareUpdate.exe version 2.1.3.127 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
 
Process ID: f68
 
Start Time: 01cfac46d981105e
 
Termination Time: 94
 
Application Path: C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe
 
Report Id: 43fc60cc-183f-11e4-b16d-20cf303479aa
 
Error: (07/30/2014 05:29:23 PM) (Source: Google Update) (EventID: 20) (User: CHARLIE)
Description: Network Request Error.
Error: 0x80072ee7. Http status code: 0.
Trying config: source=IE, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=IE, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http s
 
Error: (07/29/2014 00:42:46 PM) (Source: ESENT) (EventID: 412) (User: )
Description: wuaueng.dll (472) SUS20ClientDataStore: Unable to read the header of logfile C:\Windows\SoftwareDistribution\DataStore\Logs\edb.log. Error -501.
 
Error: (07/29/2014 00:42:46 PM) (Source: ESENT) (EventID: 412) (User: )
Description: wuaueng.dll (472) SUS20ClientDataStore: Unable to read the header of logfile C:\Windows\SoftwareDistribution\DataStore\Logs\edb.log. Error -501.
 
Error: (07/29/2014 00:41:34 PM) (Source: Google Update) (EventID: 20) (User: CHARLIE)
Description: Network Request Error.
Error: 0x80072f78. Http status code: 0.
Trying config: source=IE, named proxy=http=127.0.0.1:13933;https=127.0.0.1:13933, bypass=<-loopback>.
trying CUP:WinHTTP.
Send request returned 0x80072f78. Http status code 0.
trying WinHTTP.
Send request returned 0x80042194. Http status code 404.
Trying config: source=auto, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=IE, named proxy=http=127.0.0.1:13933;https=127.0.0.1:13933, bypass=<-loopback>.
trying CUP:WinHT
 
Error: (07/29/2014 00:41:04 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 74069197
 
Error: (07/29/2014 00:41:04 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 74069197
 
 
System errors:
=============
Error: (08/01/2014 00:39:46 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The HomeGroup Provider service depends on the Function Discovery Resource Publication service which failed to start because of the following error: 
%%-2147467259
 
Error: (08/01/2014 00:39:46 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Function Discovery Resource Publication service terminated with the following error: 
%%-2147467259
 
Error: (08/01/2014 11:56:44 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The NVIDIA Update Service Daemon service failed to start due to the following error: 
%%1069
 
Error: (08/01/2014 11:56:44 AM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: The nvUpdatusService service was unable to log on as .\UpdatusUser with the currently configured password due to the following error: 
%%1330
 
To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC).
 
Error: (08/01/2014 11:54:42 AM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: The PastaQuotes service hung on starting.
 
Error: (08/01/2014 11:53:12 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The WebcamMax, WDM Video Capture service failed to start due to the following error: 
%%1058
 
Error: (08/01/2014 11:52:46 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Function Discovery Resource Publication service terminated with the following error: 
%%-2147467259
 
Error: (08/01/2014 11:52:45 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The iPodDrv service failed to start due to the following error: 
%%2
 
Error: (07/31/2014 06:30:36 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The HomeGroup Provider service depends on the Function Discovery Resource Publication service which failed to start because of the following error: 
%%-2147467259
 
Error: (07/31/2014 06:30:36 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Function Discovery Resource Publication service terminated with the following error: 
%%-2147467259
 
 
Microsoft Office Sessions:
=========================
Error: (07/31/2014 09:06:51 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1030
 
Error: (07/31/2014 09:06:51 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1030
 
Error: (07/31/2014 09:06:50 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (07/30/2014 06:14:44 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: SoftwareUpdate.exe2.1.3.127f6801cfac46d981105e94C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe43fc60cc-183f-11e4-b16d-20cf303479aa
 
Error: (07/30/2014 05:29:23 PM) (Source: Google Update) (EventID: 20) (User: CHARLIE)
Description: Network Request Error.
Error: 0x80072ee7. Http status code: 0.
Trying config: source=IE, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=IE, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http s
 
Error: (07/29/2014 00:42:46 PM) (Source: ESENT) (EventID: 412) (User: )
Description: wuaueng.dll472SUS20ClientDataStore: C:\Windows\SoftwareDistribution\DataStore\Logs\edb.log-501
 
Error: (07/29/2014 00:42:46 PM) (Source: ESENT) (EventID: 412) (User: )
Description: wuaueng.dll472SUS20ClientDataStore: C:\Windows\SoftwareDistribution\DataStore\Logs\edb.log-501
 
Error: (07/29/2014 00:41:34 PM) (Source: Google Update) (EventID: 20) (User: CHARLIE)
Description: Network Request Error.
Error: 0x80072f78. Http status code: 0.
Trying config: source=IE, named proxy=http=127.0.0.1:13933;https=127.0.0.1:13933, bypass=<-loopback>.
trying CUP:WinHTTP.
Send request returned 0x80072f78. Http status code 0.
trying WinHTTP.
Send request returned 0x80042194. Http status code 404.
Trying config: source=auto, wpad=1, script=.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=, direct connection.
trying CUP:WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying WinHTTP.
Send request returned 0x80072ee7. Http status code 0.
trying CUP:iexplore.
Send request returned 0x80004005. Http status code 0.
Trying config: source=IE, named proxy=http=127.0.0.1:13933;https=127.0.0.1:13933, bypass=<-loopback>.
trying CUP:WinHT
 
Error: (07/29/2014 00:41:04 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 74069197
 
Error: (07/29/2014 00:41:04 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 74069197
 
 
CodeIntegrity Errors:
===================================
  Date: 2014-06-09 13:38:33.392
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\shell32.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-06-09 13:37:39.349
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\shell32.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-06-09 13:37:09.461
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\shell32.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-06-09 13:37:08.417
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\shell32.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-06-09 13:36:45.436
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\shell32.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-06-09 13:36:42.432
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\shell32.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-06-09 13:36:38.118
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\shell32.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-06-09 13:36:36.399
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\shell32.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-06-09 13:36:28.793
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\shell32.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-06-09 13:36:21.806
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\shell32.dll because the set of per-page image hashes could not be found on the system.
 
 
==================== Memory info =========================== 
 
Percentage of memory in use: 51%
Total physical RAM: 3893.16 MB
Available physical RAM: 1907.57 MB
Total Pagefile: 7784.49 MB
Available Pagefile: 5279.55 MB
Total Virtual: 8192 MB
Available Virtual: 8191.8 MB
 
==================== Drives ================================
 
Drive c: (OS) (Fixed) (Total:116.44 GB) (Free:49.77 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (DATA) (Fixed) (Total:329.79 GB) (Free:314.16 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: E0C5913D)
Partition 1: (Not Active) - (Size=20 GB) - (Type=1C)
Partition 2: (Active) - (Size=116 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=330 GB) - (Type=OF Extended)
 
==================== End Of Log ============================

  • 0

#4
Valinorum

Valinorum

    GeekU Guardian Bot

  • GeekU Moderator
  • 2,915 posts
  • Step #2 Uninstall Programs
    I want you to uninstall the following program(s) listed below due to poor reputation we receive about them. To uninstall a program, go to Start > Control Panel > Uninstall a program or Start > Control Panel > Programs and Features. Wait for the list to fill up and double-click on the items I have listed below and follow the on-screen instruction to remove/uninstall them.
    • YouTube Video Downloader 3
    • YouTube Accelerator
    • ViewPassword
    • suprasavings
    • Software Updater version
    • SmartSaver+ 10
    • Pando Media Booster
    • Mysearchdial
    • LPT System Updater Service
    • Java 6 Update 29
    • Fast And Safe
    • BrowserSafeguard with RocketTab
    • Advanced System Protector
 
  • Step #3 Fix with AdwCleaner
    • Download AdwCleaner by Xplode to your Desktop from the following link.
    • Right-click on AdwCleaner.exe and choose Run as administrator;
    • Click on Scan and let the program run unhindered;
    • When done, click on Clean and allow the system to reboot after it is done;
    • A log will be opened automatically after the restart;
    • Copy and Paste the contents of this log in your reply.
 
  • Step #4 Fix with Junkware Removal Tool
    Download Junkware Removal Tool by thisisu to your Desktop from the link below.
    Download Link 1
    Download Link 2
    • Disable your anti-virus to avoid potential conflicts. For more information please acknowledge yourself this article;
    • Run the program either by double-clicking(Windows XP) or Right-clicking and choosing Run as administrator(Windows Vista and above);
    • Please be patient as the tool cleans your system;
    • After completion of the process a log named JRT.txt will automatically open and is save to your Desktop;
    • Copy and Paste the contents of the log in your next reply.
 

Re-do Step 1

 
  • Required Log(s):
    • AdwCleaner Log
    • Junkware Removal Tool Log
    • FRST Log(s) --
      • FRST.txt
      • Addition.txt
Regards,
Valinorum
  • 0

#5
Bmache

Bmache

    Member

  • Topic Starter
  • Member
  • PipPip
  • 11 posts

Okay, it's already running much smoother but I still notice some ads popup or new tabs open when I click input boxes or just scroll through this website.

 

# AdwCleaner v3.302 - Report created 01/08/2014 at 14:46:53
# Updated 30/07/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Brian - CHARLIE
# Running from : C:\Users\Brian\Desktop\adwcleaner_3.302.exe
# Option : Clean
 
***** [ Services ] *****
 
[#] Service Deleted : globalUpdate
[#] Service Deleted : globalUpdatem
[#] Service Deleted : IePluginServices
Service Deleted : LPTSystemUpdater
Service Deleted : SMUpd
Service Deleted : SMUpdd
 
***** [ Files / Folders ] *****
 
Folder Deleted : C:\ProgramData\374311380 
Folder Deleted : C:\ProgramData\IePluginServices
Folder Deleted : C:\ProgramData\Partner
Folder Deleted : C:\ProgramData\pastaleads
Folder Deleted : C:\ProgramData\SearchModule
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Open JDK Explorer
Folder Deleted : C:\Program Files (x86)\globalUpdate
Folder Deleted : C:\Program Files (x86)\LPT
Folder Deleted : C:\Program Files (x86)\PCFixSpeed
Folder Deleted : C:\Program Files (x86)\Software Updater
Folder Deleted : C:\Program Files (x86)\SupTab
Folder Deleted : C:\Program Files\003
Folder Deleted : C:\Users\Administrator\AppData\Local\Chromatic Browser
Folder Deleted : C:\Users\Administrator\AppData\Local\torch
Folder Deleted : C:\Users\ASPNET\AppData\Local\Chromatic Browser
Folder Deleted : C:\Users\ASPNET\AppData\Local\torch
Folder Deleted : C:\Users\Brian\AppData\Local\Browsersafeguard
Folder Deleted : C:\Users\Brian\AppData\Local\Chromatic Browser
Folder Deleted : C:\Users\Brian\AppData\Local\globalUpdate
Folder Deleted : C:\Users\Brian\AppData\Local\torch
Folder Deleted : C:\Users\Brian\AppData\Roaming\OpenCandy
Folder Deleted : C:\Users\Brian\AppData\Roaming\SupTab
Folder Deleted : C:\Users\Brian\AppData\Roaming\Systweak
Folder Deleted : C:\Users\Brian\AppData\Roaming\VOPackage
Folder Deleted : C:\Users\Brian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VOPackage
Folder Deleted : C:\Users\Brian\Documents\PC Speed Maximizer
Folder Deleted : C:\Users\Guest\AppData\Local\Chromatic Browser
Folder Deleted : C:\Users\Guest\AppData\Local\torch
Folder Deleted : C:\Users\HomeGroupUser$\AppData\Local\Chromatic Browser
Folder Deleted : C:\Users\HomeGroupUser$\AppData\Local\torch
Folder Deleted : C:\Users\Public\Documents\Goobzo
Folder Deleted : C:\Users\Public\Documents\ShopperPro
Folder Deleted : C:\Users\UpdatusUser\AppData\Local\Chromatic Browser
Folder Deleted : C:\Users\UpdatusUser\AppData\Local\torch
Folder Deleted : C:\Users\Brian\AppData\Roaming\Mozilla\Firefox\Profiles\y1ghqeww.default\Extensions\{ad9a41d2-9a49-4fa6-a79e-71a0785364c8}
Folder Deleted : C:\Users\Brian\AppData\Roaming\Mozilla\Firefox\Profiles\y1ghqeww.default\Extensions\[email protected]
Folder Deleted : C:\Users\Brian\AppData\Local\Google\Chrome\User Data\Default\Extensions\iagcajndpnfncplednpbnkahadegklfa
File Deleted : C:\END
File Deleted : C:\Windows\System32\roboot64.exe
File Deleted : C:\Users\Brian\AppData\Roaming\Mozilla\Firefox\Profiles\y1ghqeww.default\searchplugins\Mysearchdial.xml
File Deleted : C:\Users\Brian\AppData\Roaming\Mozilla\Firefox\Profiles\y1ghqeww.default\user.js
File Deleted : C:\Users\Brian\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage
File Deleted : C:\Users\Brian\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.superfish.com_0.localstorage-journal
File Deleted : C:\Users\Brian\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.wajam.com_0.localstorage
File Deleted : C:\Users\Brian\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.wajam.com_0.localstorage-journal
File Deleted : C:\Users\Brian\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_inst.shoppingate.info_0.localstorage
File Deleted : C:\Users\Brian\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxps_inst.shoppingate.info_0.localstorage-journal
 
***** [ Scheduled Tasks ] *****
 
Task Deleted : globalUpdateUpdateTaskMachineUA
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [[email protected]]
Key Deleted : HKCU\Software\Google\Chrome\Extensions\iagcajndpnfncplednpbnkahadegklfa
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\iagcajndpnfncplednpbnkahadegklfa
Key Deleted : [x64] HKLM\SOFTWARE\Google\Chrome\Extensions\iagcajndpnfncplednpbnkahadegklfa
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma
Key Deleted : HKCU\Software\Google\Chrome\Extensions\pflphaooapbgpeakohlggbpidpppgdff
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\pflphaooapbgpeakohlggbpidpppgdff
Key Deleted : [x64] HKLM\SOFTWARE\Google\Chrome\Extensions\pflphaooapbgpeakohlggbpidpppgdff
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.OneClickCtrl.10
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.OneClickProcessLauncherMachine.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdate.Update3WebControl.4
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoCreateAsync.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreClass.1
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CoreMachineClass.1
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.CredentialDialogMachine.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachine.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassMachineFallback.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.OnDemandCOMClassSvc.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.ProcessLauncher.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3COMClassService.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachine.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebMachineFallback.1.0
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc
Key Deleted : HKLM\SOFTWARE\Classes\globalUpdateUpdate.Update3WebSvc.1.0
Key Deleted : HKLM\SOFTWARE\Classes\Iminent
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\AdvancedSystemProtector_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\AdvancedSystemProtector_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\AskInstallChecker_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\AskInstallChecker_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\WajamInternetEnhancer_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\WajamInternetEnhancer_RASMANCS
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=10
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@staging.google.com/globalUpdate Update;version=4
Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\IePluginServices
Key Deleted : HKCU\Software\AppDataLow\{5F189DF5-2D05-472B-9091-84D9848AE48B}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{02A96331-0CA6-40E2-A87D-C224601985EB}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{051E9166-B275-4683-907B-372FAE22BC7C}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3B5702BA-7F4C-4D1A-B026-1E9A01D43978}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{69F256DF-BA98-45E9-86EA-FC3CFECF9D30}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6E87FC94-9866-49B9-8E93-5736D6DE3DD7}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7E49F793-B3CD-4BF7-8419-B34B8BD30E61}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{834469E3-CA2B-4F21-A5CA-4F6F4DBCDE87}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{8529FAA3-5BFD-43C1-AB35-B53C4B96C6E5}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{ADBC39BE-3D20-4333-8D99-E91EB1B62474}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CFC47BB5-5FB5-4AD0-8427-6AA04334A3FC}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E06CA7F5-BA34-4FF6-8D24-B1BDC594D91F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E5A7A645-8318-4895-B85C-EDC606B80DB6}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F6421EE5-A5BE-4D31-81D5-C16B7BF48E4C}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FD8E81D0-F5FE-4CB1-9AEA-1E163D2BAB78}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{917CAAE9-DD47-4025-936E-1414F07DF5B8}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EAF749DC-CD87-4B04-B22A-D4AC3FBCB2BC}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{968EDCE0-C10A-47BB-B3B6-FDF09F2A417D}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{E2343056-CC08-46AC-B898-BFC7ACF4E755}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{84FF7BD6-B47F-46F8-9130-01B2696B36CB}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{10AD2C61-0898-4348-8600-14A342F22AC3}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{10AD2C61-0898-4348-8600-14A342F22AC3}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68B81CCD-A80C-4060-8947-5AE69ED01199}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E6B969FB-6D33-48D2-9061-8BBD4899EB08}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{460C3D19-B3D4-4964-A550-77D263B0CCCB}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{77AA745B-F4F8-45DA-9B14-61D2D95054C8}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{7F4EFF06-7032-458E-AE16-1C1D8255C28A}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{A33DB9FD-7A8A-496E-92D3-9CFCF9D9E1C9}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{84FF7BD6-B47F-46F8-9130-01B2696B36CB}]
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{051E9166-B275-4683-907B-372FAE22BC7C}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{E5A7A645-8318-4895-B85C-EDC606B80DB6}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{917CAAE9-DD47-4025-936E-1414F07DF5B8}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C58D664A-3DBC-4925-AE74-0382007DF113}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C776D7F4-BA85-4B75-AAFC-3A0A11FE6E36}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{EAF749DC-CD87-4B04-B22A-D4AC3FBCB2BC}
Value Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{460C3D19-B3D4-4964-A550-77D263B0CCCB}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{77AA745B-F4F8-45DA-9B14-61D2D95054C8}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{7F4EFF06-7032-458E-AE16-1C1D8255C28A}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{A33DB9FD-7A8A-496E-92D3-9CFCF9D9E1C9}
Key Deleted : HKCU\Software\GlobalUpdate
Key Deleted : HKCU\Software\Goobzo
Key Deleted : HKCU\Software\ilivid
Key Deleted : HKCU\Software\Optimizer Pro
Key Deleted : HKCU\Software\simplytech
Key Deleted : HKCU\Software\SmartBar
Key Deleted : HKCU\Software\SoftwareUpdater
Key Deleted : HKCU\Software\systweak
Key Deleted : HKCU\Software\YahooPartnerToolbar
Key Deleted : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
Key Deleted : HKCU\Software\AppDataLow\Software\Crossrider
Key Deleted : HKCU\Software\AppDataLow\Software\DynConIE
Key Deleted : HKCU\Software\AppDataLow\Software\simplytech
Key Deleted : HKCU\Software\AppDataLow\Software\Supra Savings
Key Deleted : HKLM\Software\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Key Deleted : HKLM\Software\{5F189DF5-2D05-472B-9091-84D9848AE48B}
Key Deleted : HKLM\Software\{6791A2F3-FC80-475C-A002-C014AF797E9C}
Key Deleted : HKLM\Software\{77D46E27-0E41-4478-87A6-AABE6FBCF252}
Key Deleted : HKLM\Software\GlobalUpdate
Key Deleted : HKLM\Software\Goobzo
Key Deleted : HKLM\Software\Iminent
Key Deleted : HKLM\Software\SupDp
Key Deleted : HKLM\Software\SupTab
Key Deleted : HKLM\Software\systweak
Key Deleted : HKLM\Software\V9Software
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\VOPackage
Key Deleted : [x64] HKLM\SOFTWARE\LevelQualityWatcher
Key Deleted : [x64] HKLM\SOFTWARE\suprasavings
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\DatamngrCoordinator.exe
 
***** [ Browsers ] *****
 
-\\ Internet Explorer v11.0.9600.17207
 
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Search Page]
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Page_URL]
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Search Bar]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Search [Default_Search_URL]
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Search [SearchAssistant]
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\SearchUrl [Default]
Setting Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
Setting Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
Setting Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
Setting Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]
 
-\\ Mozilla Firefox v9.0.1 (en-US)
 
[ File : C:\Users\Brian\AppData\Roaming\Mozilla\Firefox\Profiles\y1ghqeww.default\prefs.js ]
 
Line Deleted : user_pref("browser.search.selectedEngine", "Mysearchdial");
Line Deleted : user_pref("browser.startup.homepage", "hxxp://start.mysearchdial.com/?f=1&a=bndl1_14_26&cd=2XzuyEtN2Y1L1QzutBtD0C0FtAtDtAyEyBzy0A0AzyzztAyDtN0D0Tzu0SzytBtCtN1L2XzutBtFtBtCtFtCtCtFtBtN1L1Czu1S1G1Q1ItC1[...]
Line Deleted : user_pref("extensions.crossrider.bic", "147180644b1c589a27855dbdd79c4944");
Line Deleted : user_pref("extensions.irmysearch.aflt", "bndl1_14_26");
Line Deleted : user_pref("extensions.irmysearch.cd", "2XzuyEtN2Y1L1QzutBtD0C0FtAtDtAyEyBzy0A0AzyzztAyDtN0D0Tzu0SzytBtCtN1L2XzutBtFtBtCtFtCtCtFtBtN1L1Czu1S1G1Q1ItC1VtCyE1VtByCtN1L1G1B1V1N2Y1L1Qzu2SyDyD0FtBzzyEtCyDtGt[...]
Line Deleted : user_pref("extensions.irmysearch.cr", "1371696044");
Line Deleted : user_pref("extensions.irmysearch.instlRef", "bndl1_14_26");
Line Deleted : user_pref("keyword.URL", "hxxp://www-search.net/search.aspx?s=E6Mwlimyu1,e3c303cd-2507-421f-a35e-47ff424255e2,&q=");
 
-\\ Google Chrome v
 
[ File : C:\Users\Brian\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
Deleted [Search Provider] : hxxp://search.aol.com/aol/search?query={searchTerms}
Deleted [Search Provider] : hxxp://www.ask.com/web?q={searchTerms}
Deleted [Search Provider] : hxxp://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=bndl1_14_26&cd=2XzuyEtN2Y1L1QzutBtD0C0FtAtDtAyEyBzy0A0AzyzztAyDtN0D0Tzu0SzytBtCtN1L2XzutBtFtBtCtFtCtCtFtBtN1L1Czu1S1G1Q1ItC1VtCyE1VtByCtN1L1G1B1V1N2Y1L1Qzu2SyDyD0FtBzzyEtCyDtGtC0DtCzztGtCzzyC0EtGyB0BtCyCtGtCtAyC0ByC0FtA0CyEzz0BtD2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyD0D0FtDtDtByD0AtGtDtAyB0DtG0FyDyBtBtG0F0CtB0DtGyD0BtBzz0D0CyBzztD0AzzyD2Q&cr=1371696044&ir=
Deleted [Search Provider] : hxxp://www-search.net/search.aspx?s=E6Mwlimyu1,e3c303cd-2507-421f-a35e-47ff424255e2,&q={searchTerms}
Deleted [Startup_urls] : hxxp://www-search.net/?s=E6Mwlimyu1,e3c303cd-2507-421f-a35e-47ff424255e2,
Deleted [Homepage] : hxxp://www-search.net/?s=E6Mwlimyu1,e3c303cd-2507-421f-a35e-47ff424255e2,
Deleted [Extension] : iagcajndpnfncplednpbnkahadegklfa
Deleted [Extension] : pflphaooapbgpeakohlggbpidpppgdff
 
*************************
 
AdwCleaner[R0].txt - [23125 octets] - [01/08/2014 14:45:31]
AdwCleaner[S0].txt - [19477 octets] - [01/08/2014 14:46:53]
 
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [19538 octets] ##########
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 7 Home Premium x64
Ran by Brian on Fri 08/01/2014 at 14:54:09.95
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
 
~~~ Services
 
 
 
~~~ Registry Values
 
 
 
~~~ Registry Keys
 
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{11111111-1111-1111-1111-110511311172}
 
 
 
~~~ Files
 
 
 
~~~ Folders
 
Successfully deleted: [Empty Folder] C:\Users\Brian\appdata\local\{855A0D17-644A-4B4F-B2C7-40C1BE1DEAE5}
Successfully deleted: [Empty Folder] C:\Users\Brian\appdata\local\{F9DB6C9E-97ED-4E55-AF1D-F8D5C58F1891}
 
 
 
~~~ Event Viewer Logs were cleared
 
 
 
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Fri 08/01/2014 at 14:59:46.07
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 31-07-2014 02
Ran by Brian (administrator) on CHARLIE on 01-08-2014 15:01:01
Running from C:\Users\Brian\Desktop
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Normal
 
The only official download link for FRST:
Download link from any site other than Bleeping Computer is unpermitted or outdated.
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(ASUSTeK Computer Inc.) C:\Windows\System32\FBAgent.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe
(ATK) C:\Program Files\P4G\BatteryLife.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
() C:\Windows\SysWOW64\srvany.exe
() C:\Windows\KMService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
() C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
() C:\Program Files\pcmax\pcmax.exe
(Intel® Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Green Fire Software) C:\ProgramData\XRtVYg\SycvOme.exe
(ASUS) C:\Windows\AsScrPro.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
(ELAN Microelectronic Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Microsoft Corporation) C:\Program Files\Microsoft IntelliPoint\ipoint.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Facebook Inc.) C:\Users\Brian\AppData\Local\Facebook\Update\FacebookUpdate.exe
(Akamai Technologies, Inc.) C:\Users\Brian\AppData\Local\Akamai\netsession_win.exe
(SRS Labs, Inc.) C:\Program Files\SRS Labs\SRS Premium Sound Control Panel\SRSPremiumPanel_64.exe
(ELAN Microelectronic Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Akamai Technologies, Inc.) C:\Users\Brian\AppData\Local\Akamai\netsession_win.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
(NEC Electronics Corporation) C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Google Inc.) C:\Users\Brian\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Brian\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Brian\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Brian\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Brian\AppData\Local\Google\Chrome\Application\chrome.exe
 
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [499608 2011-03-30] (Adobe Systems Incorporated)
HKLM\...\Run: [ETDWare] => C:\Program Files\Elantech\ETDCtrl.exe [649608 2010-04-13] (ELAN Microelectronic Corp.)
HKLM\...\Run: [IntelliPoint] => C:\Program Files\Microsoft IntelliPoint\ipoint.exe [2417032 2011-08-01] (Microsoft Corporation)
HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [1271072 2014-03-11] (Microsoft Corporation)
HKLM\...\Run: [pcreg] => C:\Program Files\pcmax\service.exe [79088 2014-05-29] ()
HKLM-x32\...\Run: [UpdateLBPShortCut] => C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe [222504 2009-05-20] (CyberLink Corp.)
HKLM-x32\...\Run: [UpdateP2GoShortCut] => C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe [222504 2009-05-20] (CyberLink Corp.)
HKLM-x32\...\Run: [ATKOSD2] => C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [7350912 2010-02-04] (ASUS)
HKLM-x32\...\Run: [ATKMEDIA] => C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe [170624 2010-01-05] (ASUS)
HKLM-x32\...\Run: [HControlUser] => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe [105016 2009-06-19] (ASUS)
HKLM-x32\...\Run: [NUSB3MON] => C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [106496 2010-01-22] (NEC Electronics Corporation)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [QuickTime Task] => D:\Program Files (x86)\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKLM-x32\...\Run: [pcreg] => C:\Program Files\pcmax\service.exe [79088 2014-05-29] ()
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-05-26] (Apple Inc.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\ScCertProp: wlnotify.dll [X]
HKLM\...\Policies\Explorer: [HideSCAHealth] 1
HKU\S-1-5-21-2382725470-2412313811-1806556634-1001\...\Run: [Google Update] => C:\Users\Brian\AppData\Local\Google\Update\GoogleUpdate.exe [135664 2010-08-12] (Google Inc.)
HKU\S-1-5-21-2382725470-2412313811-1806556634-1001\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-2382725470-2412313811-1806556634-1001\...\Run: [Facebook Update] => C:\Users\Brian\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2012-08-16] (Facebook Inc.)
HKU\S-1-5-21-2382725470-2412313811-1806556634-1001\...\Run: [Akamai NetSession Interface] => C:\Users\Brian\AppData\Local\Akamai\netsession_win.exe [4672920 2014-04-17] (Akamai Technologies, Inc.)
HKU\S-1-5-21-2382725470-2412313811-1806556634-1001\...\Run: [pcreg] => C:\Program Files\pcmax\service.exe [79088 2014-05-29] ()
HKU\S-1-5-21-2382725470-2412313811-1806556634-1001\...\Policies\Explorer: [HideSCAHealth] 1
HKU\S-1-5-21-2382725470-2412313811-1806556634-1001\...\Winlogon: [Shell] C:\Windows\explorer.exe [2871808 2011-02-25] (Microsoft Corporation) <==== ATTENTION 
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SRS Premium Sound.lnk
ShortcutTarget: SRS Premium Sound.lnk -> C:\Windows\Installer\{E5CF6B9C-3ABE-43C9-9413-AD5FFC98F049}\NewShortcut5_21C7B668029A47458B27645FE6E4A715.exe (Acresso Software Inc.)
Startup: C:\Users\Brian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk
ShortcutTarget: ERUNT AutoBackup.lnk -> C:\Program Files (x86)\ERUNT\AUTOBACK.EXE ()
ShellIconOverlayIdentifiers:  SkyDrive1 -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\Brian\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll (Microsoft Corporation)
ShellIconOverlayIdentifiers:  SkyDrive2 -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\Brian\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll (Microsoft Corporation)
ShellIconOverlayIdentifiers:  SkyDrive3 -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\Brian\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll (Microsoft Corporation)
ShellIconOverlayIdentifiers: GDriveSharedOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} =>  No File
ShellIconOverlayIdentifiers: HardLinkMenu -> {0A479751-02BC-11d3-A855-0004AC2568AA} => C:\Program Files\LinkShellExtension\HardlinkShellExt.dll (Hermann Schinagl)
ShellIconOverlayIdentifiers: IconOverlayHardLink -> {0A479751-02BC-11d3-A855-0004AC2568DD} => C:\Program Files\LinkShellExtension\HardlinkShellExt.dll (Hermann Schinagl)
ShellIconOverlayIdentifiers: IconOverlaySymbolicLink -> {0A479751-02BC-11d3-A855-0004AC2568EE} => C:\Program Files\LinkShellExtension\HardlinkShellExt.dll (Hermann Schinagl)
ShellIconOverlayIdentifiers-x32:  SkyDrive1 -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\Brian\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\SkyDriveShell.dll (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32:  SkyDrive2 -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\Brian\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\SkyDriveShell.dll (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32:  SkyDrive3 -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\Brian\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\SkyDriveShell.dll (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32: HardLinkMenu -> {0A479751-02BC-11d3-A855-0004AC2568AA} => C:\Program Files\LinkShellExtension\32\HardlinkShellExt.dll (Hermann Schinagl)
ShellIconOverlayIdentifiers-x32: IconOverlayHardLink -> {0A479751-02BC-11d3-A855-0004AC2568DD} => C:\Program Files\LinkShellExtension\32\HardlinkShellExt.dll (Hermann Schinagl)
ShellIconOverlayIdentifiers-x32: IconOverlaySymbolicLink -> {0A479751-02BC-11d3-A855-0004AC2568EE} => C:\Program Files\LinkShellExtension\32\HardlinkShellExt.dll (Hermann Schinagl)
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
SearchScopes: HKLM-x32 - {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = http://www.google.co...ng}&rlz=1I7ASUT
SearchScopes: HKCU - {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = 
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = 
SearchScopes: HKCU - {80c554b9-c7f8-4a21-9471-06d606da78a2} URL = http://www.bing.com/...=MSSEDF&pc=MSSE
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: No Name -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} ->  No File
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: dealstear -> {BA686A29-A489-3038-9006-C9B9977F34AE} -> C:\ProgramData\dealstear\ZX7.x64.dll ()
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Search Helper -> {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} -> C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: dealstear -> {BA686A29-A489-3038-9006-C9B9977F34AE} -> C:\ProgramData\dealstear\ZX7.dll ()
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKCU - No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} -  No File
Toolbar: HKCU - No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} -  No File
DPF: HKLM-x32 {1E54D648-B804-468d-BC78-4AFFED8E262F} http://www.nvidia.co...sreqlab_nvd.cab
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{7C78E3E7-25E5-4AEF-8CAD-132B4AF319A9}: [NameServer]0.0.0.0
 
FireFox:
========
FF ProfilePath: C:\Users\Brian\AppData\Roaming\Mozilla\Firefox\Profiles\y1ghqeww.default
FF NewTab: about:newtab
FF DefaultSearchEngine: user_pref("browser.search.defaultenginename", "");
FF SearchEngineOrder.1: Google
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_145.dll ()
FF Plugin: @java.com/DTPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~4\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @canon.com/MycameraPlugin - D:\Program Files (x86)\Canon\ZoomBrowser EX\Program\NPCIG.dll No File
FF Plugin-x32: @java.com/DTPlugin,version=10.60.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin - C:\Program Files (x86)\Java\jre7\bin\new_plugin\npjp2.dll No File
FF Plugin-x32: @java.com/JavaPlugin,version=10.60.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=8 - D:\Program Files (x86)\Google\Update\1.2.183.13\npGoogleOneClick8.dll No File
FF Plugin-x32: Adobe Reader - D:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin - C:\Users\Brian\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF Plugin HKCU: @talk.google.com/GoogleTalkPlugin - C:\Users\Brian\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin HKCU: @talk.google.com/O1DPlugin - C:\Users\Brian\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\Brian\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\Brian\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\Brian\AppData\Roaming\mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\Brian\AppData\Roaming\mozilla\plugins\npo1d.dll (Google)
FF Extension: cosstminn - C:\Users\Brian\AppData\Roaming\Mozilla\Firefox\Profiles\y1ghqeww.default\Extensions\[email protected] [2014-07-11]
FF Extension: No Name - C:\Users\Brian\AppData\Roaming\Mozilla\Firefox\Profiles\y1ghqeww.default\Extensions\staged [2014-07-11]
FF Extension: No Name - C:\Users\Brian\AppData\Roaming\Mozilla\Firefox\Profiles\y1ghqeww.default\Extensions\[email protected] [2014-07-30]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2012-02-27]
FF Extension: No Name - C:\Program Files (x86)\Tomabo\YouTube Video Downloader\YTVD_FF.xpi []
FF StartMenuInternet: FIREFOX.EXE - D:\Program Files (x86)\Mozilla Firefox\firefox.exe
 
Chrome: 
=======
CHR HomePage: hxxp://www.google.com/
CHR Extension: (Google Docs) - C:\Users\Brian\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-07-08]
CHR Extension: (Google Drive) - C:\Users\Brian\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-07-08]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Brian\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-07-08]
CHR Extension: (YouTube) - C:\Users\Brian\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-07-08]
CHR Extension: (Search) - C:\Users\Brian\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-07-08]
CHR Extension: (SASS Inspector) - C:\Users\Brian\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkofmbmllpgfbnonmnenkiakimpgoamn [2014-07-30]
CHR Extension: (cosstminn) - C:\Users\Brian\AppData\Local\Google\Chrome\User Data\Default\Extensions\nbhgdhnjbodilabcjbogfnppbopbdgob [2014-07-10]
CHR Extension: (Google Wallet) - C:\Users\Brian\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-07-08]
CHR Extension: (Gmail) - C:\Users\Brian\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-07-08]
CHR HKCU\...\Chrome\Extension: [apdfllckaahabafndbhieahigkjlhalf] - C:\Users\Brian\AppData\Local\Google\Drive\apdfllckaahabafndbhieahigkjlhalf_live.crx [2014-07-08]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx [2014-07-08]
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
 
==================== Services (Whitelisted) =================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 KMService; C:\Windows\SysWOW64\srvany.exe [8192 2010-08-25] () [File not signed]
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2014-03-11] (Microsoft Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [340240 2010-03-05] ()
R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [347872 2014-03-11] (Microsoft Corporation)
R2 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [80896 2010-09-16] () [File not signed]
R2 pcmaxservice; C:\Program Files\pcmax\pcmax.exe [233472 2014-06-13] () [File not signed]
R2 SycvOme; C:\ProgramData\XRtVYg\SycvOme.exe [2298224 2014-06-29] (Green Fire Software)
R2 Themes; C:\Windows\system32\themeservice.dll [44544 2010-08-27] (Microsoft Corporation) [File not signed]
S3 VsEtwService120; C:\Program Files (x86)\Microsoft Visual Studio 12.0\Common7\Packages\Debugger\Services\VsEtwService.exe [87728 2013-10-05] (Microsoft Corporation)
 
==================== Drivers (Whitelisted) ====================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R3 GEARAspiWDM; C:\Windows\SysWOW64\DRIVERS\GEARAspiWDM.sys [15664 2011-02-15] (GEAR Software Inc.)
R3 kbfiltr; C:\Windows\System32\DRIVERS\kbfiltr.sys [15416 2009-07-20] ( )
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [268512 2014-01-25] (Microsoft Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [133928 2014-03-11] (Microsoft Corporation)
S3 S3XXx64; C:\Windows\System32\DRIVERS\S3XXx64.sys [73984 2013-06-05] (Identive)
R3 SNP2UVC; C:\Windows\System32\DRIVERS\snp2uvc.sys [1800192 2009-08-20] ()
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [828912 2010-08-25] () [File not signed]
S2 WCMVCAM; C:\Windows\System32\DRIVERS\wcmvcam64.sys [1071032 2011-06-23] (Windows ® Win 7 DDK provider)
S3 AmUStor; system32\drivers\AmUStor.SYS [X]
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
S2 iPodDrv; \??\C:\Windows\system32\drivers\iPodDrv.sys [X]
S3 MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [X]
S3 MotioninJoyUSBFilter; system32\DRIVERS\MijUfilt.sys [X]
U3 tmlwf; 
U3 tmwfp; 
 
========================== Drivers MD5 =======================
 
C:\Windows\system32\drivers\1394ohci.sys ==> MD5 is legit
C:\Windows\System32\drivers\ACPI.sys ==> MD5 is legit
C:\Windows\system32\drivers\acpipmi.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\adp94xx.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\adpahci.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\adpu320.sys ==> MD5 is legit
C:\Windows\system32\drivers\afd.sys FA886682CFC5D36718D3E436AACF10B9
C:\Windows\system32\drivers\agp440.sys ==> MD5 is legit
C:\Windows\system32\drivers\aliide.sys ==> MD5 is legit
C:\Windows\system32\drivers\amdide.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\amdk8.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\amdppm.sys ==> MD5 is legit
C:\Windows\system32\drivers\amdsata.sys D4121AE6D0C0E7E13AA221AA57EF2D49
C:\Windows\system32\DRIVERS\amdsbs.sys ==> MD5 is legit
C:\Windows\System32\drivers\amdxata.sys 540DAF1CEA6094886D72126FD7C33048
C:\Windows\system32\drivers\appid.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\arc.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\arcsas.sys ==> MD5 is legit
C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys 4C016FD76ED5C05E84CA8CAB77993961
C:\Windows\System32\DRIVERS\asyncmac.sys ==> MD5 is legit
C:\Windows\System32\drivers\atapi.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\athrx.sys E857EEE6B92AAA473EBB3465ADD8F7E7
C:\Windows\system32\DRIVERS\bxvbda.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\b57nd60a.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Beep.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\blbdrive.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\bowser.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\BrFiltLo.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\BrFiltUp.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Brserid.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BrSerWdm.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BrUsbMdm.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BrUsbSer.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\bthmodem.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\cdfs.sys ==> MD5 is legit
C:\Windows\system32\drivers\cdrom.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\circlass.sys ==> MD5 is legit
C:\Windows\System32\CLFS.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\CmBatt.sys ==> MD5 is legit
C:\Windows\system32\drivers\cmdide.sys ==> MD5 is legit
C:\Windows\System32\Drivers\cng.sys EBF28856F69CF094A902F884CF989706
C:\Windows\System32\DRIVERS\compbatt.sys ==> MD5 is legit
C:\Windows\system32\drivers\CompositeBus.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\crcdisk.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\dc3d.sys 7AF9DAC504FBD047CBC3E64AE52C92BF
C:\Windows\System32\Drivers\dfsc.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ssudbus.sys 955FFE2B1D74A9E0E3E0E558E6A17F3B
C:\Windows\System32\drivers\discache.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\disk.sys ==> MD5 is legit
C:\Windows\system32\drivers\drmkaud.sys ==> MD5 is legit
C:\Windows\System32\drivers\dxgkrnl.sys 88612F1CE3BF42256913BF6E61C70D52
C:\Windows\system32\DRIVERS\evbda.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\elxstor.sys ==> MD5 is legit
C:\Windows\system32\drivers\errdev.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ETD.sys 0975BF32399A24117E317B5BF1D5D0AA
C:\Windows\System32\Drivers\exfat.sys ==> MD5 is legit
C:\Windows\System32\Drivers\fastfat.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\fdc.sys ==> MD5 is legit
C:\Windows\System32\drivers\fileinfo.sys ==> MD5 is legit
C:\Windows\System32\drivers\filetrace.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\flpydisk.sys ==> MD5 is legit
C:\Windows\System32\drivers\fltmgr.sys ==> MD5 is legit
C:\Windows\System32\drivers\FsDepends.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\fssfltr.sys C2E475625F2C6F7DCDE4E920523A0573
C:\Windows\System32\Drivers\Fs_Rec.sys 6BD9295CC032DD3077C671FCCF579A7B
C:\Windows\System32\DRIVERS\fvevol.sys 8F6322049018354F45F05A2FD2D4E5E0
C:\Windows\system32\DRIVERS\gagp30kx.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\GEARAspiWDM.sys 8E98D21EE06192492A5671A6144D092F
C:\Windows\SysWOW64\DRIVERS\GEARAspiWDM.sys 4AC51459805264AFFD5F6FDFB9D9235F
C:\Windows\system32\drivers\hcw85cir.sys ==> MD5 is legit
C:\Windows\system32\drivers\HdAudio.sys 975761C778E33CD22498059B91E7373A
C:\Windows\system32\drivers\HDAudBus.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\HECIx64.sys B6AC71AAA2B10848F57FC49D55A651AF
C:\Windows\system32\DRIVERS\HidBatt.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\hidbth.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\hidir.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\hidusb.sys ==> MD5 is legit
C:\Windows\system32\drivers\HpSAMD.sys ==> MD5 is legit
C:\Windows\System32\Drivers\ANDROIDUSB.sys F47CEC45FB85791D4AB237563AD0FA8F
C:\Windows\System32\DRIVERS\htcnprot.sys B8B1B284362E1D8135112573395D5DA5
C:\Windows\System32\drivers\HTTP.sys ==> MD5 is legit
C:\Windows\System32\drivers\hwpolicy.sys ==> MD5 is legit
C:\Windows\system32\drivers\i8042prt.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\iaStor.sys 42E00996DFC13C46366689C0EA8ABC5E
C:\Windows\system32\drivers\iaStorV.sys AAAF44DB3BD0B9D1FB6969B23ECC8366
C:\Windows\System32\DRIVERS\igdkmd64.sys F4F91789C7C7A159CE8215C1F69F2A85
C:\Windows\system32\DRIVERS\iirsp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\Impcd.sys DD587A55390ED2295BCE6D36AD567DA9
C:\Windows\System32\drivers\RTKVHD64.sys 163F94EBF8F8A98616A6B804AF08D736
C:\Windows\System32\DRIVERS\IntcDAud.sys 58CF58DEE26C909BD6F977B61D246295
C:\Windows\system32\drivers\intelide.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\intelppm.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ipfltdrv.sys ==> MD5 is legit
C:\Windows\system32\drivers\IPMIDrv.sys ==> MD5 is legit
C:\Windows\System32\drivers\ipnat.sys ==> MD5 is legit
C:\Windows\System32\drivers\irenum.sys ==> MD5 is legit
C:\Windows\system32\drivers\isapnp.sys ==> MD5 is legit
C:\Windows\system32\drivers\msiscsi.sys 96BB922A0981BC7432C8CF52B5410FE6
C:\Windows\System32\DRIVERS\ivusb.sys BD5BF20EC242E003A2F570B8754A56D1
C:\Windows\System32\DRIVERS\kbdclass.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\kbdhid.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\kbfiltr.sys E63EF8C3271D014F14E2469CE75FECB4
C:\Windows\System32\Drivers\ksecdd.sys 353009DEDF918B2A51414F330CF72DEC
C:\Windows\System32\Drivers\ksecpkg.sys 1C2D8E18AA8FD50CD04C15CC27F7F5AB
C:\Windows\system32\drivers\ksthunk.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\L1C62x64.sys 9DDC68B87A9B837736A2B193EE14A4A5
C:\Windows\System32\DRIVERS\lltdio.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\lsi_fc.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\lsi_sas.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\lsi_sas2.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\lsi_scsi.sys ==> MD5 is legit
C:\Windows\system32\drivers\luafv.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ManyCam_x64.sys D33E2B74CF8B3A652BF0A9FBD068E87A
C:\Windows\system32\DRIVERS\megasas.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\MegaSR.sys ==> MD5 is legit
C:\Windows\System32\drivers\modem.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\monitor.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\MijXfilt.sys C030F9E822A057C1A7A9BB4EA3E8877E
C:\Windows\System32\DRIVERS\mouclass.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\mouhid.sys ==> MD5 is legit
C:\Windows\System32\drivers\mountmgr.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\MpFilter.sys 9EB89625A82AC961F25E7C865947BF9A
C:\Windows\system32\drivers\mpio.sys ==> MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys ==> MD5 is legit
C:\Windows\system32\drivers\mrxdav.sys 1A4F75E63C9FB84B85DFFC6B63FD5404
C:\Windows\System32\DRIVERS\mrxsmb.sys A5D9106A73DC88564C825D317CAC68AC
C:\Windows\System32\DRIVERS\mrxsmb10.sys D711B3C1D5F42C0C2415687BE09FC163
C:\Windows\System32\DRIVERS\mrxsmb20.sys 9423E9D355C8D303E76B8CFBD8A5C30C
C:\Windows\System32\drivers\msahci.sys ==> MD5 is legit
C:\Windows\system32\drivers\msdsm.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Msfs.sys ==> MD5 is legit
C:\Windows\System32\drivers\mshidkmdf.sys ==> MD5 is legit
C:\Windows\System32\drivers\msisadrv.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSKSSRV.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSPCLOCK.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSPQM.sys ==> MD5 is legit
C:\Windows\System32\Drivers\MsRPC.sys ==> MD5 is legit
C:\Windows\system32\drivers\mssmbios.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSTEE.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\MTConfig.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ATK64AMD.sys 032D35C996F21D19A205A7C8F0B76F3C
C:\Windows\System32\Drivers\mup.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\nwifi.sys ==> MD5 is legit
C:\Windows\System32\drivers\ndis.sys 760E38053BF56E501D562B70AD796B88
C:\Windows\System32\DRIVERS\ndiscap.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndistapi.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndisuio.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndiswan.sys ==> MD5 is legit
C:\Windows\System32\Drivers\NDProxy.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\netbios.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\netbt.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\NETw5s64.sys 24F64343F14A119308456E1CA7507B26
C:\Windows\system32\DRIVERS\nfrd960.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\NisDrvWFP.sys C3E0696C3B42F694C5822776AA6FFFDF
C:\Windows\System32\Drivers\Npfs.sys ==> MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Ntfs.sys 1A29A59A4C5BA6F8C85062A613B7E2B2
C:\Windows\System32\Drivers\Null.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\nusb3hub.sys 8EBCB9165EE7F1571842F4D9D624A74C
C:\Windows\System32\DRIVERS\nusb3xhc.sys 5D54DBB12BBFE07CC283FD39F2CD6D63
C:\Windows\System32\DRIVERS\nvlddmkm.sys 9B93CC9C70EDE60A9C486E7719DB9E8D
C:\Windows\System32\DRIVERS\nvpciflt.sys F76296368BB813E0C6996501A3271C7C
C:\Windows\system32\drivers\nvraid.sys 0A92CB65770442ED0DC44834632F66AD
C:\Windows\system32\drivers\nvstor.sys DAB0E87525C10052BF65F06152F37E4A
C:\Windows\system32\drivers\nv_agp.sys ==> MD5 is legit
C:\Windows\system32\drivers\ohci1394.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\parport.sys ==> MD5 is legit
C:\Windows\System32\drivers\partmgr.sys E9766131EEADE40A27DC27D2D68FBA9C
C:\Windows\System32\drivers\pci.sys ==> MD5 is legit
C:\Windows\System32\drivers\pciide.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\pcmcia.sys ==> MD5 is legit
C:\Windows\System32\drivers\pcw.sys ==> MD5 is legit
C:\Windows\System32\drivers\peauth.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\pneteth.sys 8AC5649C9070674D4607301C180AB10B
C:\Windows\System32\DRIVERS\point64.sys 4F0878FD62D5F7444C5F1C4C66D9D293
C:\Windows\System32\DRIVERS\raspptp.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\processr.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\pacer.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\ql2300.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\ql40xx.sys ==> MD5 is legit
C:\Windows\system32\drivers\qwavedrv.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rasacd.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\AgileVpn.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rasl2tp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\raspppoe.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rassstp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rdbss.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\rdpbus.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\RDPCDD.sys ==> MD5 is legit
C:\Windows\System32\drivers\rdpencdd.sys ==> MD5 is legit
C:\Windows\System32\drivers\rdprefmp.sys ==> MD5 is legit
C:\Windows\System32\drivers\rdpvideominiport.sys 313F68E1A3E6345A4F47A36B07062F34
C:\Windows\System32\Drivers\RDPWD.sys E61608AA35E98999AF9AAEEEA6114B0A
C:\Windows\System32\drivers\rdyboost.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rspndr.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\S3XXx64.sys A49CDA75F8E41F769D19E2669BD62B37
C:\Windows\system32\drivers\sbp2port.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\scfilter.sys ==> MD5 is legit
C:\Windows\System32\Drivers\secdrv.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\serenum.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\serial.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\sermouse.sys ==> MD5 is legit
C:\Windows\system32\drivers\sffdisk.sys ==> MD5 is legit
C:\Windows\system32\drivers\sffp_mmc.sys ==> MD5 is legit
C:\Windows\system32\drivers\sffp_sd.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\sfloppy.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\SiSG664.sys 1BC348CF6BAA90EC8E533EF6E6A69933
C:\Windows\system32\DRIVERS\SiSRaid2.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\sisraid4.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\smb.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\snp2uvc.sys 2114518E55B380A3ACC28B2C27FD499A
C:\Windows\System32\Drivers\spldr.sys ==> MD5 is legit
C:\Windows\System32\Drivers\sptd.sys D41D8CD98F00B204E9800998ECF8427E
C:\Windows\System32\DRIVERS\srv.sys 441FBA48BFF01FDB9D5969EBC1838F0B
C:\Windows\System32\DRIVERS\srv2.sys B4ADEBBF5E3677CCE9651E0F01F7CC28
C:\Windows\System32\DRIVERS\srvnet.sys 27E461F0BE5BFF5FC737328F749538C3
C:\Windows\system32\DRIVERS\stexstor.sys ==> MD5 is legit
C:\Windows\system32\drivers\swenum.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\tap0901.sys F9BE29D5E097F03F81D3CD12B794CB66
C:\Windows\System32\drivers\tcpip.sys 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E
C:\Windows\System32\DRIVERS\tcpip.sys 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E
C:\Windows\System32\drivers\tcpipreg.sys 1B16D0BD9841794A6E0CDE0CEF744ABC
C:\Windows\System32\drivers\tdpipe.sys ==> MD5 is legit
C:\Windows\System32\drivers\tdtcp.sys 51C5ECEB1CDEE2468A1748BE550CFBC8
C:\Windows\System32\DRIVERS\tdx.sys ==> MD5 is legit
C:\Windows\system32\drivers\termdd.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\tssecsrv.sys 4CE278FC9671BA81A138D70823FCAA09
C:\Windows\System32\drivers\tsusbflt.sys E9981ECE8D894CEF7038FD1D040EB426
C:\Windows\System32\DRIVERS\tunnel.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\uagp35.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\udfs.sys ==> MD5 is legit
C:\Windows\system32\drivers\uliagpkx.sys ==> MD5 is legit
C:\Windows\system32\drivers\umbus.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\umpass.sys ==> MD5 is legit
C:\Windows\system32\drivers\usbaudio.sys B0435098C81D04CAFFF80DDB746CD3A2
C:\Windows\System32\DRIVERS\usbccgp.sys DCA68B0943D6FA415F0C56C92158A83A
C:\Windows\system32\drivers\usbcir.sys 80B0F7D5CCF86CEB5D402EAAF61FEC31
C:\Windows\system32\drivers\usbehci.sys 18A85013A3E0F7E1755365D287443965
C:\Windows\System32\DRIVERS\usbhub.sys 8D1196CFBB223621F2C67D45710F25BA
C:\Windows\system32\drivers\usbohci.sys 765A92D428A8DB88B960DA5A8D6089DC
C:\Windows\System32\DRIVERS\usbprint.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\usbscan.sys 9661DA76B4531B2DA272ECCE25A8AF24
C:\Windows\System32\DRIVERS\USBSTOR.SYS FED648B01349A3C8395A5169DB5FB7D6
C:\Windows\system32\drivers\usbuhci.sys DD253AFC3BC6CBA412342DE60C3647F3
C:\Windows\System32\Drivers\usbvideo.sys 1F775DA4CF1A3A1834207E975A72E9D7
C:\Windows\System32\drivers\vdrvroot.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vgapnp.sys ==> MD5 is legit
C:\Windows\System32\drivers\vga.sys ==> MD5 is legit
C:\Windows\system32\drivers\vhdmp.sys ==> MD5 is legit
C:\Windows\system32\drivers\viaide.sys ==> MD5 is legit
C:\Windows\System32\drivers\volmgr.sys ==> MD5 is legit
C:\Windows\System32\drivers\volmgrx.sys ==> MD5 is legit
C:\Windows\System32\drivers\volsnap.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\vsmraid.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vwifibus.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vwififlt.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vwifimp.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\wacompen.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\wanarp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\wanarp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\wcmvcam64.sys 3A2D452C40162823B79867040B46D4A8
C:\Windows\system32\DRIVERS\wd.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\wdcsam64.sys ==> MD5 is legit
C:\Windows\System32\drivers\Wdf01000.sys E2C933EDBC389386EBE6D2BA953F43D8
C:\Windows\System32\DRIVERS\WDKMD.sys FE31110E39A0B11ABAE1BA43A2DC94F9
C:\Windows\System32\DRIVERS\wfplwf.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\wimfltr.sys 52DED146E4797E6CCF94799E8E22BB2A
C:\Windows\System32\drivers\wimmount.sys ==> MD5 is legit
C:\Windows\SysWOW64\drivers\wimmount.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\WinUsb.sys FE88B288356E7B47B74B13372ADD906D
C:\Windows\system32\drivers\wmiacpi.sys ==> MD5 is legit
C:\Windows\system32\drivers\ws2ifsl.sys ==> MD5 is legit
C:\Windows\System32\drivers\WudfPf.sys AB886378EEB55C6C75B4F2D14B6C869F
C:\Windows\System32\DRIVERS\WUDFRd.sys DDA4CAF29D8C0A297F886BFE561E6659
C:\Windows\System32\DRIVERS\xusb21.sys 9176C0822FAA649E45121875BE32F5D2
 
==================== NetSvcs (Whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
 
 
==================== One Month Created Files and Folders ========
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2014-08-01 14:59 - 2014-08-01 14:59 - 00000996 _____ () C:\Users\Brian\Desktop\JRT.txt
2014-08-01 14:54 - 2014-08-01 14:54 - 00000000 ____D () C:\Windows\ERUNT
2014-08-01 14:53 - 2014-08-01 14:53 - 00019703 _____ () C:\Users\Brian\Desktop\AdwCleaner[S0].txt
2014-08-01 14:52 - 2014-08-01 14:52 - 01016261 _____ (Thisisu) C:\Users\Brian\Desktop\JRT.exe
2014-08-01 14:46 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll
2014-08-01 14:45 - 2014-08-01 14:47 - 00000000 ____D () C:\AdwCleaner
2014-08-01 14:44 - 2014-08-01 14:44 - 01361309 _____ () C:\Users\Brian\Desktop\adwcleaner_3.302.exe
2014-08-01 14:35 - 2014-08-01 14:35 - 00001188 _____ () C:\Users\Brian\Desktop\Live PC Help.lnk
2014-08-01 13:26 - 2014-08-01 15:01 - 00041101 _____ () C:\Users\Brian\Desktop\FRST.txt
2014-08-01 13:25 - 2014-08-01 15:01 - 00000000 ____D () C:\FRST
2014-08-01 12:50 - 2014-08-01 12:50 - 02094080 _____ (Farbar) C:\Users\Brian\Desktop\FRST64.exe
2014-07-31 18:51 - 2014-01-08 21:22 - 05694464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2014-07-31 18:51 - 2014-01-03 17:44 - 06574592 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2014-07-31 18:42 - 2014-05-14 11:23 - 02477536 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2014-07-31 18:42 - 2014-05-14 11:23 - 00058336 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2014-07-31 18:42 - 2014-05-14 11:23 - 00044512 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2014-07-31 18:42 - 2014-05-14 11:21 - 02620928 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2014-07-31 18:41 - 2014-05-14 11:23 - 00700384 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2014-07-31 18:41 - 2014-05-14 11:23 - 00581600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2014-07-31 18:41 - 2014-05-14 11:23 - 00038880 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2014-07-31 18:41 - 2014-05-14 11:23 - 00036320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2014-07-31 18:41 - 2014-05-14 11:20 - 00097792 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2014-07-31 18:41 - 2014-05-14 11:17 - 00092672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2014-07-31 18:41 - 2014-05-14 09:23 - 00198600 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2014-07-31 18:41 - 2014-05-14 09:23 - 00179656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2014-07-31 18:41 - 2014-05-14 09:20 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2014-07-31 18:41 - 2014-05-14 09:17 - 00033792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2014-07-30 23:39 - 2014-08-01 13:24 - 00160938 _____ () C:\Users\Brian\Desktop\OTL.Txt
2014-07-30 23:22 - 2014-07-30 23:22 - 00006434 _____ () C:\Users\Brian\Desktop\07302014_231035.log
2014-07-30 23:18 - 2014-07-30 23:18 - 04181856 _____ (Kaspersky Lab ZAO) C:\Users\Brian\Desktop\tdsskiller.exe
2014-07-30 23:17 - 2014-07-30 23:22 - 00002290 _____ () C:\Users\Brian\Desktop\GooredFix.txt
2014-07-30 23:17 - 2014-07-30 23:17 - 00071398 _____ (jpshortstuff) C:\Users\Brian\Desktop\GooredFix.exe
2014-07-30 23:17 - 2014-07-30 23:17 - 00000000 ____D () C:\Users\Brian\Desktop\GooredFix Backups
2014-07-30 23:10 - 2014-07-30 23:10 - 00000000 ____D () C:\_OTM
2014-07-30 23:09 - 2014-07-30 23:09 - 00522240 _____ (OldTimer Tools) C:\Users\Brian\Desktop\OTM.exe
2014-07-30 23:06 - 2014-07-30 23:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ERUNT
2014-07-30 23:06 - 2014-07-30 23:06 - 00000000 ____D () C:\Program Files (x86)\ERUNT
2014-07-30 23:05 - 2014-07-30 23:05 - 00791393 _____ (Lars Hederer ) C:\Users\Brian\Downloads\erunt-setup.exe
2014-07-30 19:15 - 2014-07-30 19:15 - 01237208 _____ () C:\Users\Brian\Downloads\Setup (6).exe
2014-07-30 19:15 - 2014-07-30 19:15 - 01237208 _____ () C:\Users\Brian\Downloads\Setup (5).exe
2014-07-30 19:08 - 2014-07-30 19:08 - 00000000 ____D () C:\Windows\SysWOW64\NV
2014-07-30 19:08 - 2014-07-30 19:08 - 00000000 ____D () C:\Windows\system32\NV
2014-07-30 19:01 - 2013-10-01 21:22 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\TsUsbFlt.sys
2014-07-30 19:01 - 2013-10-01 21:11 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyControl.exe
2014-07-30 19:01 - 2013-10-01 21:08 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2014-07-30 19:01 - 2013-10-01 20:48 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\MsRdpWebAccess.dll
2014-07-30 19:01 - 2013-10-01 20:48 - 00018944 _____ (Microsoft Corporation) C:\Windows\system32\wksprtPS.dll
2014-07-30 19:01 - 2013-10-01 20:29 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2014-07-30 19:01 - 2013-10-01 20:10 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbGDCoInstaller.dll
2014-07-30 19:01 - 2013-10-01 19:15 - 01057280 _____ (Microsoft Corporation) C:\Windows\system32\rdvidcrl.dll
2014-07-30 19:01 - 2013-10-01 19:14 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MsRdpWebAccess.dll
2014-07-30 19:01 - 2013-10-01 19:14 - 00017920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wksprtPS.dll
2014-07-30 19:01 - 2013-10-01 19:08 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2014-07-30 19:01 - 2013-10-01 19:01 - 00420864 _____ (Microsoft Corporation) C:\Windows\system32\wksprt.exe
2014-07-30 19:01 - 2013-10-01 18:58 - 00053248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2014-07-30 19:01 - 2013-10-01 18:31 - 01147392 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
2014-07-30 19:01 - 2013-10-01 18:08 - 00855552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdvidcrl.dll
2014-07-30 19:01 - 2013-10-01 17:34 - 01068544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe
2014-07-30 18:42 - 2013-09-24 21:23 - 01030144 _____ (Microsoft Corporation) C:\Windows\system32\TSWorkspace.dll
2014-07-30 18:42 - 2013-09-24 20:57 - 00792576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSWorkspace.dll
2014-07-30 18:41 - 2014-07-30 18:41 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Brian\Downloads\revosetup.exe
2014-07-30 18:41 - 2014-07-30 18:41 - 00001270 _____ () C:\Users\Brian\Desktop\Revo Uninstaller.lnk
2014-07-30 18:12 - 2014-07-30 18:12 - 00000000 ____D () C:\Users\Brian\AppData\Local\Packages
2014-07-30 18:12 - 2014-07-30 18:12 - 00000000 ____D () C:\ProgramData\dealstear
2014-07-30 17:43 - 2014-07-30 17:43 - 00602112 _____ (OldTimer Tools) C:\Users\Brian\Desktop\OTL.exe
2014-07-11 17:45 - 2014-07-11 17:45 - 00270592 _____ () C:\Users\Brian\Downloads\Setup (4).exe
2014-07-11 17:38 - 2014-06-05 09:45 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-07-11 17:38 - 2014-06-05 09:26 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-07-11 17:38 - 2014-06-05 09:25 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-07-11 17:37 - 2001-09-13 02:15 - 00090112 ____N (Sony Corporation) C:\Windows\snymsico.dll
2014-07-11 17:36 - 2014-07-11 17:36 - 00003124 _____ () C:\Windows\System32\Tasks\{B5FA72D1-E74B-4CA5-967F-2315E8718358}
2014-07-11 17:35 - 2014-07-11 17:35 - 01767968 _____ (Sony Corporation ) C:\Users\Brian\Downloads\PA_DRIVER (2).EXE
2014-07-11 17:34 - 2014-07-11 17:34 - 00000000 ____D () C:\Program Files (x86)\Sony
2014-07-11 17:34 - 2003-11-10 12:31 - 00036232 ____N (Sony Corporation) C:\Windows\SysWOW64\Drivers\NETMD033.sys
2014-07-11 17:34 - 2003-04-01 18:55 - 00035319 ____N (Sony Corporation) C:\Windows\SysWOW64\Drivers\NETMD031.sys
2014-07-11 17:34 - 2002-08-08 15:51 - 00038951 ____N (Sony Corporation) C:\Windows\SysWOW64\Drivers\NETMDUSB.sys
2014-07-11 17:32 - 2014-07-11 17:32 - 01767968 _____ (Sony Corporation ) C:\Users\Brian\Downloads\PA_DRIVER (1).EXE
2014-07-11 17:32 - 2014-07-11 17:32 - 01210528 _____ () C:\Users\Brian\Downloads\Setup (3).exe
2014-07-11 17:31 - 2014-07-11 17:32 - 01767968 _____ (Sony Corporation ) C:\Users\Brian\Downloads\PA_DRIVER.EXE
2014-07-10 18:02 - 2014-06-29 21:09 - 00519168 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-07-10 18:02 - 2014-06-29 21:04 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-07-10 18:01 - 2014-06-20 15:14 - 00266424 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-07-10 18:01 - 2014-06-20 14:39 - 00240824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-07-10 18:01 - 2014-06-18 20:39 - 23464448 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-07-10 18:01 - 2014-06-18 20:06 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-07-10 18:01 - 2014-06-18 20:06 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-07-10 18:01 - 2014-06-18 19:48 - 02768384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-07-10 18:01 - 2014-06-18 19:42 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-07-10 18:01 - 2014-06-18 19:42 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-07-10 18:01 - 2014-06-18 19:41 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-07-10 18:01 - 2014-06-18 19:41 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-07-10 18:01 - 2014-06-18 19:32 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-07-10 18:01 - 2014-06-18 19:31 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-07-10 18:01 - 2014-06-18 19:26 - 00598016 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-07-10 18:01 - 2014-06-18 19:24 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-07-10 18:01 - 2014-06-18 19:24 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-07-10 18:01 - 2014-06-18 19:23 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-07-10 18:01 - 2014-06-18 19:16 - 17276416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-07-10 18:01 - 2014-06-18 19:14 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-07-10 18:01 - 2014-06-18 19:09 - 00452608 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-07-10 18:01 - 2014-06-18 18:59 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-07-10 18:01 - 2014-06-18 18:56 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-07-10 18:01 - 2014-06-18 18:53 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-07-10 18:01 - 2014-06-18 18:51 - 05721088 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-07-10 18:01 - 2014-06-18 18:50 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-07-10 18:01 - 2014-06-18 18:48 - 00292864 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-07-10 18:01 - 2014-06-18 18:39 - 00608768 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-07-10 18:01 - 2014-06-18 18:38 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-07-10 18:01 - 2014-06-18 18:37 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-07-10 18:01 - 2014-06-18 18:36 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-07-10 18:01 - 2014-06-18 18:35 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-07-10 18:01 - 2014-06-18 18:33 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-07-10 18:01 - 2014-06-18 18:32 - 02179072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-07-10 18:01 - 2014-06-18 18:28 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-07-10 18:01 - 2014-06-18 18:28 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-07-10 18:01 - 2014-06-18 18:27 - 02040832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-07-10 18:01 - 2014-06-18 18:27 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-07-10 18:01 - 2014-06-18 18:25 - 00442368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-07-10 18:01 - 2014-06-18 18:23 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-07-10 18:01 - 2014-06-18 18:22 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-07-10 18:01 - 2014-06-18 18:12 - 00367616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-07-10 18:01 - 2014-06-18 18:06 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-07-10 18:01 - 2014-06-18 18:01 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-07-10 18:01 - 2014-06-18 17:59 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-07-10 18:01 - 2014-06-18 17:58 - 02266112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-07-10 18:01 - 2014-06-18 17:58 - 00239616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-07-10 18:01 - 2014-06-18 17:52 - 04254720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-07-10 18:01 - 2014-06-18 17:51 - 13527040 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-07-10 18:01 - 2014-06-18 17:49 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-07-10 18:01 - 2014-06-18 17:46 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-07-10 18:01 - 2014-06-18 17:45 - 01964544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-07-10 18:01 - 2014-06-18 17:35 - 11742208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-07-10 18:01 - 2014-06-18 17:34 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-07-10 18:01 - 2014-06-18 17:15 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-07-10 18:01 - 2014-06-18 17:13 - 01791488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-07-10 18:01 - 2014-06-18 17:09 - 01139200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-07-10 18:01 - 2014-06-18 17:07 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-07-10 18:01 - 2014-06-17 21:18 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe
2014-07-10 18:01 - 2014-06-17 20:51 - 00646144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\osk.exe
2014-07-10 18:01 - 2014-06-17 20:10 - 03157504 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-07-10 18:01 - 2014-05-30 01:45 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2014-07-10 17:33 - 2014-07-10 17:40 - 00000000 ____D () C:\Users\Brian\AppData\Local\1118
2014-07-10 17:32 - 2014-07-30 18:13 - 00000000 ____D () C:\ProgramData\4a607f86f23577d7
2014-07-10 17:32 - 2014-07-10 17:32 - 00000000 ____D () C:\Users\UpdatusUser\AppData\Local\Google
2014-07-10 17:32 - 2014-07-10 17:32 - 00000000 ____D () C:\Users\UpdatusUser\AppData\Local\Comodo
2014-07-10 17:32 - 2014-07-10 17:32 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Google
2014-07-10 17:32 - 2014-07-10 17:32 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Comodo
2014-07-10 17:32 - 2014-07-10 17:32 - 00000000 ____D () C:\Users\HomeGroupUser$
2014-07-10 17:32 - 2014-07-10 17:32 - 00000000 ____D () C:\Users\Guest\AppData\Local\Google
2014-07-10 17:32 - 2014-07-10 17:32 - 00000000 ____D () C:\Users\Guest\AppData\Local\Comodo
2014-07-10 17:32 - 2014-07-10 17:32 - 00000000 ____D () C:\Users\Guest
2014-07-10 17:32 - 2014-07-10 17:32 - 00000000 ____D () C:\Users\Brian\AppData\Local\Comodo
2014-07-10 17:32 - 2014-07-10 17:32 - 00000000 ____D () C:\Users\ASPNET\AppData\Local\Google
2014-07-10 17:32 - 2014-07-10 17:32 - 00000000 ____D () C:\Users\ASPNET\AppData\Local\Comodo
2014-07-10 17:32 - 2014-07-10 17:32 - 00000000 ____D () C:\Users\ASPNET
2014-07-10 17:32 - 2014-07-10 17:32 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Google
2014-07-10 17:32 - 2014-07-10 17:32 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Comodo
2014-07-10 17:32 - 2014-07-10 17:32 - 00000000 ____D () C:\Users\Administrator
2014-07-10 17:09 - 2014-07-09 17:51 - 00135168 _____ () C:\Users\Brian\AppData\Local\ChromeHitoryDB
2014-07-10 17:05 - 2014-07-10 17:05 - 01410208 _____ () C:\Users\Brian\Downloads\Setup (2).exe
2014-07-10 17:05 - 2014-07-10 17:05 - 00247160 _____ (System Applet ) C:\Users\Brian\Downloads\Java_Updater_Setup.exe
2014-07-10 17:00 - 2014-07-10 17:03 - 00000000 ____D () C:\Users\Brian\AppData\Roaming\rightbackup
2014-07-10 16:59 - 2014-08-01 14:49 - 00002298 _____ () C:\Windows\setupact.log
2014-07-10 16:59 - 2014-08-01 14:48 - 00009590 _____ () C:\Windows\PFRO.log
2014-07-10 16:59 - 2014-07-10 16:59 - 00000000 _____ () C:\Windows\setuperr.log
2014-07-09 17:44 - 2014-07-09 17:44 - 00002289 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\WinZip.lnk
2014-07-09 17:44 - 2014-07-09 17:44 - 00002283 _____ () C:\Users\Public\Desktop\WinZip.lnk
2014-07-09 17:44 - 2014-07-09 17:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZip
2014-07-09 17:43 - 2014-07-11 17:26 - 00000000 ____D () C:\ProgramData\WinZip
2014-07-09 17:43 - 2014-07-09 17:43 - 00000000 ____D () C:\Users\Brian\AppData\Local\WinZip
2014-07-09 17:43 - 2014-07-09 17:43 - 00000000 ____D () C:\Program Files\WinZip
2014-07-09 17:40 - 2014-08-01 14:24 - 00000000 ____D () C:\Program Files (x86)\SmartSaver+ 10
2014-07-09 17:40 - 2014-07-09 17:40 - 00000958 _____ () C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore1cf9bc6d9e5a9a1.job
2014-07-09 17:39 - 2014-07-09 17:39 - 00001236 _____ () C:\Users\Public\Desktop\Media Downloader.lnk
2014-07-09 17:39 - 2014-07-09 17:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Downloader
2014-07-09 17:39 - 2014-07-09 17:39 - 00000000 ____D () C:\Program Files (x86)\Media Downloader
2014-07-09 17:39 - 2014-06-06 05:10 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-07-09 17:39 - 2014-06-06 04:44 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2014-07-09 17:38 - 2014-07-09 17:38 - 00270592 _____ () C:\Users\Brian\Downloads\Setup (1).exe
2014-07-09 17:38 - 2014-05-30 03:08 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-07-09 17:38 - 2014-05-30 03:08 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-07-09 17:38 - 2014-05-30 03:08 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-07-09 17:38 - 2014-05-30 03:08 - 00307200 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2014-07-09 17:38 - 2014-05-30 03:08 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-07-09 17:38 - 2014-05-30 03:08 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-07-09 17:38 - 2014-05-30 03:08 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-07-09 17:38 - 2014-05-30 02:52 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-07-09 17:38 - 2014-05-30 02:52 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2014-07-09 17:38 - 2014-05-30 02:52 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-07-09 17:38 - 2014-05-30 02:52 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2014-07-09 17:38 - 2014-05-30 02:52 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2014-07-09 17:38 - 2014-05-30 02:52 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-07-09 17:38 - 2014-05-30 02:52 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-07-09 17:37 - 2014-07-09 17:37 - 00270592 _____ () C:\Users\Brian\Downloads\Setup.exe
2014-07-08 17:11 - 2014-07-08 17:11 - 00002371 _____ () C:\Users\Brian\Desktop\Google Chrome.lnk
2014-07-08 17:11 - 2014-07-08 17:11 - 00000000 ____D () C:\Users\Brian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-07-04 04:43 - 2014-07-04 04:43 - 00016026 _____ () C:\Windows\SysWOW64\hs_err_pid36308.log
2014-07-02 21:30 - 2014-07-02 21:30 - 00895120 _____ (Google Inc.) C:\Users\Brian\Desktop\ChromeSetup.exe
2014-07-02 19:04 - 2014-07-02 21:19 - 00000000 ____D () C:\Program Files (x86)\JavaLive! Manager
2014-07-02 19:04 - 2014-07-02 19:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JavaLive! Manager
2014-07-02 16:54 - 2014-07-02 16:53 - 00256968 _____ () C:\Users\Brian\Desktop\DriverFinder_Setup.exe
 
==================== One Month Modified Files and Folders =======
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2014-08-01 15:01 - 2014-08-01 13:26 - 00041101 _____ () C:\Users\Brian\Desktop\FRST.txt
2014-08-01 15:01 - 2014-08-01 13:25 - 00000000 ____D () C:\FRST
2014-08-01 14:59 - 2014-08-01 14:59 - 00000996 _____ () C:\Users\Brian\Desktop\JRT.txt
2014-08-01 14:57 - 2009-07-13 23:45 - 00009920 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-08-01 14:57 - 2009-07-13 23:45 - 00009920 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-08-01 14:55 - 2010-08-27 02:40 - 00000908 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2382725470-2412313811-1806556634-1001UA.job
2014-08-01 14:54 - 2014-08-01 14:54 - 00000000 ____D () C:\Windows\ERUNT
2014-08-01 14:54 - 2010-08-12 12:49 - 01283034 _____ () C:\Windows\WindowsUpdate.log
2014-08-01 14:53 - 2014-08-01 14:53 - 00019703 _____ () C:\Users\Brian\Desktop\AdwCleaner[S0].txt
2014-08-01 14:52 - 2014-08-01 14:52 - 01016261 _____ (Thisisu) C:\Users\Brian\Desktop\JRT.exe
2014-08-01 14:52 - 2014-06-29 07:08 - 00000000 ____D () C:\Users\Brian\AppData\Local\MovieMaster
2014-08-01 14:49 - 2014-07-10 16:59 - 00002298 _____ () C:\Windows\setupact.log
2014-08-01 14:49 - 2009-07-14 00:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-08-01 14:48 - 2014-07-10 16:59 - 00009590 _____ () C:\Windows\PFRO.log
2014-08-01 14:48 - 2010-08-12 13:27 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-08-01 14:47 - 2014-08-01 14:45 - 00000000 ____D () C:\AdwCleaner
2014-08-01 14:44 - 2014-08-01 14:44 - 01361309 _____ () C:\Users\Brian\Desktop\adwcleaner_3.302.exe
2014-08-01 14:39 - 2014-06-22 04:34 - 00000000 ____D () C:\Program Files (x86)\HQPro-1.9
2014-08-01 14:38 - 2012-04-16 08:32 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-08-01 14:35 - 2014-08-01 14:35 - 00001188 _____ () C:\Users\Brian\Desktop\Live PC Help.lnk
2014-08-01 14:32 - 2010-08-25 23:40 - 00000000 ____D () C:\Program Files (x86)\Java
2014-08-01 14:26 - 2010-08-25 23:46 - 00000000 ____D () C:\Program Files (x86)\Pando Networks
2014-08-01 14:24 - 2014-07-09 17:40 - 00000000 ____D () C:\Program Files (x86)\SmartSaver+ 10
2014-08-01 14:06 - 2010-08-12 13:03 - 00000000 ____D () C:\ProgramData\Temp
2014-08-01 13:24 - 2014-07-30 23:39 - 00160938 _____ () C:\Users\Brian\Desktop\OTL.Txt
2014-08-01 12:50 - 2014-08-01 12:50 - 02094080 _____ (Farbar) C:\Users\Brian\Desktop\FRST64.exe
2014-08-01 12:39 - 2011-07-06 20:02 - 00000928 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2382725470-2412313811-1806556634-1001UA.job
2014-07-31 09:04 - 2011-07-06 20:02 - 00000906 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2382725470-2412313811-1806556634-1001Core.job
2014-07-30 23:22 - 2014-07-30 23:22 - 00006434 _____ () C:\Users\Brian\Desktop\07302014_231035.log
2014-07-30 23:22 - 2014-07-30 23:17 - 00002290 _____ () C:\Users\Brian\Desktop\GooredFix.txt
2014-07-30 23:18 - 2014-07-30 23:18 - 04181856 _____ (Kaspersky Lab ZAO) C:\Users\Brian\Desktop\tdsskiller.exe
2014-07-30 23:17 - 2014-07-30 23:17 - 00071398 _____ (jpshortstuff) C:\Users\Brian\Desktop\GooredFix.exe
2014-07-30 23:17 - 2014-07-30 23:17 - 00000000 ____D () C:\Users\Brian\Desktop\GooredFix Backups
2014-07-30 23:14 - 2010-08-25 22:14 - 00000000 ____D () C:\Windows\ERDNT
2014-07-30 23:10 - 2014-07-30 23:10 - 00000000 ____D () C:\_OTM
2014-07-30 23:09 - 2014-07-30 23:09 - 00522240 _____ (OldTimer Tools) C:\Users\Brian\Desktop\OTM.exe
2014-07-30 23:06 - 2014-07-30 23:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ERUNT
2014-07-30 23:06 - 2014-07-30 23:06 - 00000000 ____D () C:\Program Files (x86)\ERUNT
2014-07-30 23:05 - 2014-07-30 23:05 - 00791393 _____ (Lars Hederer ) C:\Users\Brian\Downloads\erunt-setup.exe
2014-07-30 19:15 - 2014-07-30 19:15 - 01237208 _____ () C:\Users\Brian\Downloads\Setup (6).exe
2014-07-30 19:15 - 2014-07-30 19:15 - 01237208 _____ () C:\Users\Brian\Downloads\Setup (5).exe
2014-07-30 19:11 - 2010-08-12 13:35 - 00001742 _____ () C:\Windows\system32\ServiceFilter.ini
2014-07-30 19:08 - 2014-07-30 19:08 - 00000000 ____D () C:\Windows\SysWOW64\NV
2014-07-30 19:08 - 2014-07-30 19:08 - 00000000 ____D () C:\Windows\system32\NV
2014-07-30 19:05 - 2011-12-24 20:04 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-07-30 19:05 - 2011-12-24 20:04 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-07-30 18:59 - 2014-06-22 04:35 - 00000000 ____D () C:\temp
2014-07-30 18:57 - 2010-08-12 13:25 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2014-07-30 18:51 - 2010-08-12 13:25 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2014-07-30 18:47 - 2011-12-24 20:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2014-07-30 18:41 - 2014-07-30 18:41 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Brian\Downloads\revosetup.exe
2014-07-30 18:41 - 2014-07-30 18:41 - 00001270 _____ () C:\Users\Brian\Desktop\Revo Uninstaller.lnk
2014-07-30 18:41 - 2011-08-03 09:33 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-07-30 18:13 - 2014-07-10 17:32 - 00000000 ____D () C:\ProgramData\4a607f86f23577d7
2014-07-30 18:12 - 2014-07-30 18:12 - 00000000 ____D () C:\Users\Brian\AppData\Local\Packages
2014-07-30 18:12 - 2014-07-30 18:12 - 00000000 ____D () C:\ProgramData\dealstear
2014-07-30 17:43 - 2014-07-30 17:43 - 00602112 _____ (OldTimer Tools) C:\Users\Brian\Desktop\OTL.exe
2014-07-30 17:34 - 2009-07-14 00:13 - 00800938 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-07-11 17:45 - 2014-07-11 17:45 - 00270592 _____ () C:\Users\Brian\Downloads\Setup (4).exe
2014-07-11 17:36 - 2014-07-11 17:36 - 00003124 _____ () C:\Windows\System32\Tasks\{B5FA72D1-E74B-4CA5-967F-2315E8718358}
2014-07-11 17:35 - 2014-07-11 17:35 - 01767968 _____ (Sony Corporation ) C:\Users\Brian\Downloads\PA_DRIVER (2).EXE
2014-07-11 17:34 - 2014-07-11 17:34 - 00000000 ____D () C:\Program Files (x86)\Sony
2014-07-11 17:34 - 2010-08-12 13:03 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-07-11 17:32 - 2014-07-11 17:32 - 01767968 _____ (Sony Corporation ) C:\Users\Brian\Downloads\PA_DRIVER (1).EXE
2014-07-11 17:32 - 2014-07-11 17:32 - 01210528 _____ () C:\Users\Brian\Downloads\Setup (3).exe
2014-07-11 17:32 - 2014-07-11 17:31 - 01767968 _____ (Sony Corporation ) C:\Users\Brian\Downloads\PA_DRIVER.EXE
2014-07-11 17:26 - 2014-07-09 17:43 - 00000000 ____D () C:\ProgramData\WinZip
2014-07-11 17:24 - 2009-07-13 23:45 - 07969920 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-07-11 17:18 - 2014-06-09 13:39 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-07-11 17:18 - 2009-07-14 02:45 - 00000000 ____D () C:\Program Files\Windows Journal
2014-07-11 17:18 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\SysWOW64\Dism
2014-07-11 17:18 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\system32\Dism
2014-07-10 21:57 - 2010-08-25 23:28 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-07-10 21:55 - 2013-07-13 14:41 - 00000000 ____D () C:\Windows\system32\MRT
2014-07-10 21:53 - 2010-08-29 00:11 - 96441528 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-07-10 21:34 - 2010-08-12 13:35 - 00003189 _____ () C:\Windows\system32\AutoRunFilter.ini
2014-07-10 21:33 - 2010-08-26 10:04 - 00000000 ____D () C:\Users\Brian
2014-07-10 18:42 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\rescache
2014-07-10 17:40 - 2014-07-10 17:33 - 00000000 ____D () C:\Users\Brian\AppData\Local\1118
2014-07-10 17:40 - 2011-11-09 23:22 - 00000000 ____D () C:\Users\Brian\AppData\Local\Akamai
2014-07-10 17:40 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\registration
2014-07-10 17:40 - 2009-07-13 22:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared
2014-07-10 17:39 - 2010-08-25 21:51 - 00000000 ____D () C:\Users\Brian\AppData\Local\Google
2014-07-10 17:32 - 2014-07-10 17:32 - 00000000 ____D () C:\Users\UpdatusUser\AppData\Local\Google
2014-07-10 17:32 - 2014-07-10 17:32 - 00000000 ____D () C:\Users\UpdatusUser\AppData\Local\Comodo
2014-07-10 17:32 - 2014-07-10 17:32 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Google
2014-07-10 17:32 - 2014-07-10 17:32 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Comodo
2014-07-10 17:32 - 2014-07-10 17:32 - 00000000 ____D () C:\Users\HomeGroupUser$
2014-07-10 17:32 - 2014-07-10 17:32 - 00000000 ____D () C:\Users\Guest\AppData\Local\Google
2014-07-10 17:32 - 2014-07-10 17:32 - 00000000 ____D () C:\Users\Guest\AppData\Local\Comodo
2014-07-10 17:32 - 2014-07-10 17:32 - 00000000 ____D () C:\Users\Guest
2014-07-10 17:32 - 2014-07-10 17:32 - 00000000 ____D () C:\Users\Brian\AppData\Local\Comodo
2014-07-10 17:32 - 2014-07-10 17:32 - 00000000 ____D () C:\Users\ASPNET\AppData\Local\Google
2014-07-10 17:32 - 2014-07-10 17:32 - 00000000 ____D () C:\Users\ASPNET\AppData\Local\Comodo
2014-07-10 17:32 - 2014-07-10 17:32 - 00000000 ____D () C:\Users\ASPNET
2014-07-10 17:32 - 2014-07-10 17:32 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Google
2014-07-10 17:32 - 2014-07-10 17:32 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Comodo
2014-07-10 17:32 - 2014-07-10 17:32 - 00000000 ____D () C:\Users\Administrator
2014-07-10 17:05 - 2014-07-10 17:05 - 01410208 _____ () C:\Users\Brian\Downloads\Setup (2).exe
2014-07-10 17:05 - 2014-07-10 17:05 - 00247160 _____ (System Applet ) C:\Users\Brian\Downloads\Java_Updater_Setup.exe
2014-07-10 17:03 - 2014-07-10 17:00 - 00000000 ____D () C:\Users\Brian\AppData\Roaming\rightbackup
2014-07-10 16:59 - 2014-07-10 16:59 - 00000000 _____ () C:\Windows\setuperr.log
2014-07-09 17:51 - 2014-07-10 17:09 - 00135168 _____ () C:\Users\Brian\AppData\Local\ChromeHitoryDB
2014-07-09 17:44 - 2014-07-09 17:44 - 00002289 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\WinZip.lnk
2014-07-09 17:44 - 2014-07-09 17:44 - 00002283 _____ () C:\Users\Public\Desktop\WinZip.lnk
2014-07-09 17:44 - 2014-07-09 17:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZip
2014-07-09 17:43 - 2014-07-09 17:43 - 00000000 ____D () C:\Users\Brian\AppData\Local\WinZip
2014-07-09 17:43 - 2014-07-09 17:43 - 00000000 ____D () C:\Program Files\WinZip
2014-07-09 17:41 - 2011-07-26 08:36 - 00000000 ____D () C:\Program Files (x86)\Google
2014-07-09 17:40 - 2014-07-09 17:40 - 00000958 _____ () C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore1cf9bc6d9e5a9a1.job
2014-07-09 17:39 - 2014-07-09 17:39 - 00001236 _____ () C:\Users\Public\Desktop\Media Downloader.lnk
2014-07-09 17:39 - 2014-07-09 17:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Downloader
2014-07-09 17:39 - 2014-07-09 17:39 - 00000000 ____D () C:\Program Files (x86)\Media Downloader
2014-07-09 17:38 - 2014-07-09 17:38 - 00270592 _____ () C:\Users\Brian\Downloads\Setup (1).exe
2014-07-09 17:37 - 2014-07-09 17:37 - 00270592 _____ () C:\Users\Brian\Downloads\Setup.exe
2014-07-09 17:29 - 2012-04-16 08:31 - 00699056 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-07-09 17:29 - 2011-05-13 11:26 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-07-09 17:28 - 2014-06-08 18:58 - 11204096 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2014-07-08 17:11 - 2014-07-08 17:11 - 00002371 _____ () C:\Users\Brian\Desktop\Google Chrome.lnk
2014-07-08 17:11 - 2014-07-08 17:11 - 00000000 ____D () C:\Users\Brian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-07-08 17:03 - 2011-10-06 11:32 - 00000000 ____D () C:\Users\Brian\AppData\Roaming\Media Player Classic
2014-07-04 04:43 - 2014-07-04 04:43 - 00016026 _____ () C:\Windows\SysWOW64\hs_err_pid36308.log
2014-07-02 21:30 - 2014-07-02 21:30 - 00895120 _____ (Google Inc.) C:\Users\Brian\Desktop\ChromeSetup.exe
2014-07-02 21:19 - 2014-07-02 19:04 - 00000000 ____D () C:\Program Files (x86)\JavaLive! Manager
2014-07-02 19:04 - 2014-07-02 19:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\JavaLive! Manager
2014-07-02 16:53 - 2014-07-02 16:54 - 00256968 _____ () C:\Users\Brian\Desktop\DriverFinder_Setup.exe
2014-07-02 16:40 - 2009-07-14 00:09 - 00000000 ____D () C:\Windows\System32\Tasks\WPD
2014-07-02 16:34 - 2009-07-13 23:57 - 00001547 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
 
Some content of TEMP:
====================
C:\Users\Brian\AppData\Local\Temp\cabex.dll
C:\Users\Brian\AppData\Local\Temp\Quarantine.exe
C:\Users\Brian\AppData\Local\Temp\System.Data.SQLite.dll
C:\Users\Brian\AppData\Local\Temp\System.Data.SQLite33147.dll
C:\Users\Brian\AppData\Local\Temp\System.Data.SQLite53008.dll
C:\Users\Brian\AppData\Local\Temp\VARemove.exe
 
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 
==================== BCD ================================
 
Windows Boot Manager
--------------------
identifier              {bootmgr}
device                  boot
description             Windows Boot Manager
locale                  en-US
inherit                 {globalsettings}
default                 {current}
resumeobject            {8cb2d9b0-7c05-11de-842e-b4611d44fefa}
displayorder            {current}
toolsdisplayorder       {memdiag}
timeout                 30
 
Windows Boot Loader
-------------------
identifier              {572bcd56-ffa7-11d9-aae0-0007e994107d}
device                  ramdisk=[\Device\HarddiskVolume1]\winre.wim,{ad6c7bc8-fa0f-11da-8ddf-0013200354d8}
path                    \windows\system32\boot\winload.exe
description             Windows Recovery Environment
osdevice                ramdisk=[\Device\HarddiskVolume1]\winre.wim,{ad6c7bc8-fa0f-11da-8ddf-0013200354d8}
systemroot              \windows
nx                      OptIn
detecthal               Yes
winpe                   Yes
 
Windows Boot Loader
-------------------
identifier              {current}
device                  boot
path                    \Windows\system32\winload.exe
description             Windows 7
locale                  en-US
loadoptions             ENABLE_INTEGRITY_CHECKS
inherit                 {bootloadersettings}
recoverysequence        {8cb2d9b4-7c05-11de-842e-b4611d44fefa}
recoveryenabled         Yes
testsigning             No
osdevice                boot
systemroot              \Windows
resumeobject            {8cb2d9b0-7c05-11de-842e-b4611d44fefa}
nx                      OptIn
 
Windows Boot Loader
-------------------
identifier              {8cb2d9b4-7c05-11de-842e-b4611d44fefa}
device                  ramdisk=[C:]\Recovery\8cb2d9b4-7c05-11de-842e-b4611d44fefa\Winre.wim,{8cb2d9b5-7c05-11de-842e-b4611d44fefa}
path                    \windows\system32\winload.exe
description             Windows Recovery Environment
inherit                 {bootloadersettings}
osdevice                ramdisk=[C:]\Recovery\8cb2d9b4-7c05-11de-842e-b4611d44fefa\Winre.wim,{8cb2d9b5-7c05-11de-842e-b4611d44fefa}
systemroot              \windows
nx                      OptIn
winpe                   Yes
 
Resume from Hibernate
---------------------
identifier              {8cb2d9b0-7c05-11de-842e-b4611d44fefa}
device                  boot
path                    \Windows\system32\winresume.exe
description             Windows Resume Application
locale                  en-US
inherit                 {resumeloadersettings}
filedevice              partition=C:
filepath                \hiberfil.sys
debugoptionenabled      No
 
Windows Memory Tester
---------------------
identifier              {memdiag}
device                  partition=C:
path                    \boot\memtest.exe
description             Windows Memory Diagnostic
locale                  en-US
inherit                 {globalsettings}
badmemoryaccess         Yes
 
EMS Settings
------------
identifier              {emssettings}
bootems                 Yes
 
Debugger Settings
-----------------
identifier              {dbgsettings}
debugtype               Serial
debugport               1
baudrate                115200
 
RAM Defects
-----------
identifier              {badmemory}
 
Global Settings
---------------
identifier              {globalsettings}
inherit                 {dbgsettings}
                        {emssettings}
                        {badmemory}
 
Boot Loader Settings
--------------------
identifier              {bootloadersettings}
inherit                 {globalsettings}
                        {hypervisorsettings}
 
Hypervisor Settings
-------------------
identifier              {hypervisorsettings}
hypervisordebugtype     Serial
hypervisordebugport     1
hypervisorbaudrate      115200
 
Resume Loader Settings
----------------------
identifier              {resumeloadersettings}
inherit                 {globalsettings}
 
Device options
--------------
identifier              {8cb2d9b5-7c05-11de-842e-b4611d44fefa}
description             Ramdisk Options
ramdisksdidevice        partition=C:
ramdisksdipath          \Recovery\8cb2d9b4-7c05-11de-842e-b4611d44fefa\boot.sdi
 
Device options
--------------
identifier              {ad6c7bc8-fa0f-11da-8ddf-0013200354d8}
description             Ramdisk Device Options
ramdisksdidevice        partition=\Device\HarddiskVolume1
ramdisksdipath          \boot.sdi
 
 
 
LastRegBack: 2014-07-10 18:35
 
==================== End Of Log ============================
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 31-07-2014 02
Ran by Brian at 2014-08-01 15:02:34
Running from C:\Users\Brian\Desktop
Boot Mode: Normal
==========================================================
 
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Microsoft Security Essentials (Enabled - Up to date) {641105E6-77ED-3F35-A304-765193BCB75F}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Microsoft Security Essentials (Enabled - Up to date) {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
 
==================== Installed Programs ======================
 
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
1 Media Player version 2.2.0 (HKLM-x32\...\{6C566E3B-CBFB-4A3C-A8B6-88EA54DE7CA8}_is1) (Version: 2.2.0 - OneFloorApp Ltd.)
Acrobat.com (HKLM-x32\...\{287ECFA4-719A-2143-A09B-D6A12DE54E40}) (Version: 1.6.65 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.9.0.1380 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 3.9.0.1380 - Adobe Systems Incorporated) Hidden
Adobe Community Help (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.4.980 - Adobe Systems Incorporated.)
Adobe Community Help (x32 Version: 3.4.980 - Adobe Systems Incorporated.) Hidden
Adobe Content Viewer (HKLM-x32\...\com.adobe.dmp.contentviewer) (Version: 1.4.0 - Adobe Systems Incorporated)
Adobe Content Viewer (x32 Version: 1.4.0 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 14 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 14.0.0.145 - Adobe Systems Incorporated)
Adobe Flash Player 14 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 14.0.0.145 - Adobe Systems Incorporated)
Adobe Media Player (HKLM-x32\...\com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.8 - Adobe Systems Incorporated)
Adobe Media Player (x32 Version: 1.8 - Adobe Systems Incorporated) Hidden
Adobe Photoshop Lightroom 3.6 64-bit (HKLM\...\{D4F66BBA-D79E-4F11-9B06-70C3D75A2958}) (Version: 3.6.1 - Adobe)
Adobe Reader X (10.1.10) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AA1000000001}) (Version: 10.1.10 - Adobe Systems Incorporated)
Adobe Shockwave Player 11.6 (HKLM-x32\...\Adobe Shockwave Player) (Version: 11.6.3.633 - Adobe Systems, Inc.)
Adobe Widget Browser (HKLM-x32\...\com.adobe.WidgetBrowser.E7BED6E5DDA59983786DD72EBFA46B1598278E07.1) (Version: 2.0 Build 230 - Adobe Systems Incorporated.)
Adobe Widget Browser (x32 Version: 2.0.230 - Adobe Systems Incorporated.) Hidden
Akamai NetSession Interface (HKCU\...\Akamai) (Version:  - Akamai Technologies, Inc)
Apple Application Support (HKLM-x32\...\{D9DAD0FF-495A-472B-9F10-BAE430A26682}) (Version: 3.0.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{787136D2-F0F8-4625-AA3F-72D7795AC842}) (Version: 7.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Application Mover (x64) (HKLM\...\Application Mover (x64 Shareware)_is1) (Version: 4.1 - Funduc Software Inc.)
ARIA Engine v1.0.9.8 (HKLM\...\ARIA Engine_is1) (Version: v1.0.9.8 - Plogue Art et Technologie, Inc)
Aspell 0.6 Dictionary (Language: en) (HKLM-x32\...\Aspell6-Dictionary-en) (Version:  - )
Aspell Data (HKLM-x32\...\Aspell) (Version:  - )
ASUS AI Recovery (HKLM-x32\...\{06585B02-F20D-4AB2-9A64-86EF2AE0F8F0}) (Version: 1.0.10 - ASUS)
ASUS Power4Gear Hybrid (HKLM\...\{91EFE3A1-585E-4F66-B5F6-F118F56C4C47}) (Version: 1.1.35 - ASUS)
Atheros Communications Inc.® AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 1.0.0.29 - Atheros Communications Inc.)
ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0003 - ASUS)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Build Tools - amd64 (Version: 12.0.21005 - Microsoft Corporation) Hidden
Build Tools - x86 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Build Tools Language Resources - amd64 (Version: 12.0.21005 - Microsoft Corporation) Hidden
Build Tools Language Resources - x86 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 4.09 - Piriform)
Cisco WebEx Meetings (HKCU\...\ActiveTouchMeetingClient) (Version:  - Cisco WebEx LLC)
Compatibility Pack for the 2007 Office system (HKLM-x32\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
CutePDF Writer 3.0 (HKLM\...\CutePDF Writer Installation) (Version:  - )
CyberLink LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.1908 - CyberLink Corp.)
CyberLink LabelPrint (x32 Version: 2.5.1908 - CyberLink Corp.) Hidden
CyberLink Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.1.3602c - CyberLink Corp.)
CyberLink Power2Go (x32 Version: 6.1.3602c - CyberLink Corp.) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
dealstear (HKLM-x32\...\{5E03DFA7-51FC-7C12-CEE5-4D75FBB01E8F}) (Version:  - dEaalstER)
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{5C78021E-3C8E-4EDF-97EA-E9B8D808FD6D}) (Version:  - Microsoft)
Entity Framework Tools for Visual Studio 2013 (HKLM-x32\...\{08AEF86A-1956-4846-B906-B01350E96E30}) (Version: 12.0.20912.0 - Microsoft Corporation)
ERUNT 1.1j (HKLM-x32\...\ERUNT_is1) (Version:  - Lars Hederer)
ETDWare PS/2-x64 7.0.5.11_WHQL (HKLM\...\Elantech) (Version: 7.0.5.11 - ELAN Microelectronics Corp.)
Facebook Video Calling 2.0.0.447 (HKLM-x32\...\{8DF41A9F-FE13-43E8-A003-5F9B55A011EE}) (Version: 2.0.447 - Skype Limited)
Fast Boot (HKLM\...\{13F4A7F3-EABC-4261-AF6B-1317777F0755}) (Version: 1.0.5 - ASUS)
Free YouTube to MP3 Converter version 3.12.2.430 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.2.430 - DVDVideoSoft Ltd.)
Garritan ARIA Player v1.02 (HKLM\...\__ARIA_1012___is1) (Version: v1.0.2.1 - Garritan)
Garritan Instruments for Finale (HKLM\...\__ARIA_1013___is1) (Version: v1.0.2.2 - Garritan)
Google Chrome (HKCU\...\Google Chrome) (Version: 35.0.1916.153 - Google Inc.)
Google Talk Plugin (HKLM-x32\...\{C1E3DFE7-4EAD-3E9E-A826-E06055BA5921}) (Version: 5.4.2.18903 - Google)
HTC BMP USB Driver (HKLM-x32\...\{31A559C1-9E4D-423B-9DD3-34A6C5398752}) (Version: 1.0.5375 - HTC)
HTC Driver Installer (HKLM-x32\...\{6D6664A9-3342-4948-9B7E-034EFE366F0F}) (Version: 3.0.0.005 - HTC Corporation)
inSSIDer 2.0 (HKLM\...\{57019733-78E6-43DE-8E6D-55349F0FDE6F}) (Version: 2.0.7 - MetaGeek)
Intel PROSet Wireless (Version:  - ) Hidden
Intel® Graphics Media Accelerator Driver (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2104 - Intel Corporation)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 6.0.0.1179 - Intel Corporation)
Intel® PROSet/Wireless WiFi Software (HKLM\...\{1A8BA6CE-822D-4888-89E2-ACBF4308F271}) (Version: 13.02.0000 - Intel Corporation)
Intel® Wireless Display (HKLM\...\{C298FF86-AB23-4B58-AC53-A23383C07B3A}) (Version: 1.2.20.0 - Intel Corporation)
iTunes (HKLM\...\{5A68A656-979F-4168-8795-E2E368AA4DC2}) (Version: 11.2.2.3 - Apple Inc.)
Java 7 Update 45 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417045FF}) (Version: 7.0.450 - Oracle)
Java 7 Update 60 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.600 - Oracle)
Java Auto Updater (x32 Version: 2.1.60.19 - Oracle, Inc.) Hidden
Java™ 6 Update 29 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86416029FF}) (Version: 6.0.290 - Oracle)
Java™ SE Development Kit 6 Update 23 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0160230}) (Version: 1.6.0.230 - Oracle)
Java™ SE Development Kit 6 Update 26 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0160260}) (Version: 1.6.0.260 - Oracle)
Java™ SE Development Kit 6 Update 29 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0160290}) (Version: 1.6.0.290 - Oracle)
Java™ SE Development Kit 7 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0170000}) (Version: 1.7.0.0 - Oracle)
Java™ SE Development Kit 7 Update 1 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0170010}) (Version: 1.7.0.10 - Oracle)
Junk Mail filter update (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
K-Lite Codec Pack 5.3.0 (64-bit) (HKLM\...\KLiteCodecPack64_is1) (Version: 5.3.0 - )
K-Lite Mega Codec Pack 7.8.0 (HKLM-x32\...\KLiteCodecPack_is1) (Version: 7.8.0 - )
Link Shell Extension (HKLM\...\HardlinkShellExt) (Version: 3.7.5.1 - Hermann Schinagl)
Logitech Unifying Software 2.00 (HKLM\...\Logitech Unifying) (Version: 2.00.43 - Logitech)
Media Downloader version 1.5 (HKLM-x32\...\Media Downloader_is1) (Version: 1.5 - Media Downloader)
Microsoft .NET Framework 1.1 (HKLM-x32\...\Microsoft .NET Framework 1.1  (1033)) (Version:  - )
Microsoft .NET Framework 1.1 (x32 Version: 1.1.4322 - Microsoft) Hidden
Microsoft .NET Framework 4 Multi-Targeting Pack (x32 Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5 Multi-Targeting Pack (HKLM-x32\...\{56E962F0-4FB0-3C67-88DB-9EAA6EEFC493}) (Version: 4.5.50710 - Microsoft Corporation)
Microsoft .NET Framework 4.5 SDK (HKLM-x32\...\{4AE57014-05C4-4864-A13D-86517A7E1BA4}) (Version: 4.5.50710 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (ENU) (HKLM-x32\...\{D3517C62-68A5-37CF-92F7-93C029A89681}) (Version: 4.5.50932 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (HKLM-x32\...\{6A0C6700-EA93-372C-8871-DCCF13D160A4}) (Version: 4.5.50932 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 SDK (HKLM-x32\...\{19A5926D-66E1-46FC-854D-163AA10A52D3}) (Version: 4.5.51641 - Microsoft Corporation)
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft C++ REST SDK for Visual Studio 2013 (x32 Version: 1.0 - Microsoft Corporation) Hidden
Microsoft Chart Controls for Microsoft .NET Framework 3.5 (KB2500170) (HKLM-x32\...\{41785C66-90F2-40CE-8CB5-1C94BFC97280}) (Version: 3.5.30730.0 - Microsoft Corporation)
Microsoft Help Viewer 2.1 (HKLM-x32\...\Microsoft Help Viewer 2.1) (Version: 2.1.21005 - Microsoft Corporation)
Microsoft Help Viewer 2.1 (x32 Version: 2.1.21005 - Microsoft Corporation) Hidden
Microsoft IntelliPoint 8.2 (HKLM\...\Microsoft IntelliPoint 8.2) (Version: 8.20.468.0 - Microsoft Corporation)
Microsoft IntelliPoint 8.2 (Version: 8.20.468.0 - Microsoft Corporation) Hidden
Microsoft NuGet - Visual Studio Express 2013 for Windows Desktop (x32 Version: 2.7.40911.287 - Microsoft Corporation) Hidden
Microsoft Office Access MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Access Setup Metadata MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Groove MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook Connector (HKLM-x32\...\{95140000-007A-0409-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation)
Microsoft Office Outlook MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Outlook Social Connector Provider for Windows Live Messenger 32-bit (HKLM-x32\...\{95140000-007D-0409-0000-0000000FF1CE}) (Version: 14.0.5120.5000 - Microsoft Corporation)
Microsoft Search Enhancement Pack (x32 Version: 3.0.133.0 - Microsoft Corporation) Hidden
Microsoft Security Client (Version: 4.5.0216.0 - Microsoft Corporation) Hidden
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.5.216.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SkyDrive (HKCU\...\SkyDriveSetup.exe) (Version: 16.4.6013.0910 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server 2012 Command Line Utilities  (HKLM\...\{58FED865-4F13-408D-A5BF-996019C4B936}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Data-Tier App Framework  (HKLM-x32\...\{1B876496-B3A2-4D22-9B12-B608A3FD4B8B}) (Version: 11.1.2902.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Data-Tier App Framework  (x64) (HKLM\...\{A6BA243E-85A3-4635-A269-32949C98AC7F}) (Version: 11.1.2902.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Express LocalDB  (HKLM\...\{6C026A91-640F-4A23-8B68-05D589CC6F18}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Management Objects  (HKLM-x32\...\{2F7DBBE6-8EBC-495C-9041-46A772F4E311}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Management Objects  (x64) (HKLM\...\{43A5C316-9521-49C3-B9B6-FCE5E1005DF0}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Native Client  (HKLM\...\{D411E9C9-CE62-4DBF-9D92-4CB22B750ED5}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Transact-SQL ScriptDom  (HKLM\...\{54C5041B-0E91-4E92-8417-AAA12493C790}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 T-SQL Language Service  (HKLM-x32\...\{04DD7AF4-A6D3-4E30-9BB9-3B3670719234}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 SP1 x64 ENU (HKLM\...\{78909610-D229-459C-A936-25D92283D3FD}) (Version: 4.0.8876.1 - Microsoft Corporation)
Microsoft SQL Server Data Tools - enu (12.0.30919.1) (HKLM-x32\...\{0D7FCBFB-F478-4D32-901C-83F0BF5A3501}) (Version: 12.0.30919.1 - Microsoft Corporation)
Microsoft SQL Server Data Tools Build Utilities - enu (12.0.30919.1) (HKLM-x32\...\{6781FF9B-E87D-4A03-9373-A55A288B83FA}) (Version: 12.0.30919.1 - Microsoft Corporation)
Microsoft Streets & Trips 2006 with GPS Locator (HKLM-x32\...\{83ED1E80-A1B7-4226-BCF1-AC4A88151A6B}) (Version: 13.00.09.0200 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2012 (HKLM-x32\...\{070C38AC-05CE-43DF-9A20-141332F6AB2B}) (Version: 11.1.3366.16 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2012 (x64) (HKLM\...\{05FF8209-C4F1-4C77-BC28-791653156D20}) (Version: 11.1.3366.16 - Microsoft Corporation)
Microsoft Team Foundation Server 2013 Object Model (x64) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Team Foundation Server 2013 Object Model Language Pack (x64) - ENU (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++  x64 Libraries (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++  x86 Libraries (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175 (HKLM\...\{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}) (Version: 8.0.51011 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148 (HKLM\...\{EE936C7A-EA40-31D5-9B65-8E3E089C3828}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (HKLM-x32\...\{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (HKLM\...\{8338783A-0968-3B85-AFC7-BAAE0A63DC50}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM-x32\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 32bit Compilers - ENU Resources (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Core Libraries (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005 (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Debug Runtime - 12.0.21005 (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005 (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Debug Runtime - 12.0.21005 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86-x64 Compilers (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2013 Express Prerequisites x64 - ENU (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2013 Preparation (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2013 Shell (Minimum) (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2013 Shell (Minimum) Interop Assemblies (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2013 Shell (Minimum) Resources (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2013 Team Explorer Language Pack - ENU (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual Studio Express 2013 for Windows Desktop - ENU (HKLM-x32\...\{bec3d87e-1d6d-4b15-8383-29068c86b888}) (Version: 12.0.21005.13 - Microsoft Corporation)
Microsoft Visual Studio Express 2013 for Windows Desktop - ENU (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual Studio Express 2013 for Windows Desktop (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual Studio Ultimate 2013 XAML UI Designer Core (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual Studio Ultimate 2013 XAML UI Designer enu Resources (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
Microsoft_VC80_ATL_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_ATL_x86_x64 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_CRT_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_CRT_x86_x64 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFC_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFC_x86_x64 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFCLOC_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFCLOC_x86_x64 (Version: 80.50727.4053 - Adobe) Hidden
Microsoft_VC90_ATL_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_ATL_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_CRT_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_CRT_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFC_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFC_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFCLOC_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFCLOC_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
Movie Maker (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Movie Master (HKLM-x32\...\MovieMaster) (Version: 2.7.18 - Green Fire Software)
Mozilla Firefox 9.0.1 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 9.0.1 (x86 en-US)) (Version: 9.0.1 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden
MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB973685) (HKLM-x32\...\{859DFA95-E4A6-48CD-B88E-A3E483E89B44}) (Version: 4.30.2107.0 - Microsoft Corporation)
MyFonts Order M2450391 (HKLM-x32\...\{C33F5967-E096-61D7-DE35-62032378A679}) (Version: 1.0 - MyFonts.com, Inc.)
NEC Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{D7BF9739-8A68-4335-BBEE-37752AD9E86B}) (Version: 1.0.19.0 - NEC Electronics Corporation)
NEC Electronics USB 3.0 Host Controller Driver (x32 Version: 1.0.19.0 - NEC Electronics Corporation) Hidden
NVIDIA 3D Vision Driver 327.02 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 327.02 - NVIDIA Corporation)
NVIDIA Control Panel 327.02 (Version: 327.02 - NVIDIA Corporation) Hidden
NVIDIA Display Control Panel (HKLM\...\NVIDIA Display Control Panel) (Version: 6.14.12.5737 - NVIDIA Corporation)
NVIDIA Graphics Driver 327.02 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 327.02 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.133.889 - NVIDIA Corporation) Hidden
NVIDIA Optimus 1.10.8 (Version: 1.10.8 - NVIDIA Corporation) Hidden
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.13.2702 - NVIDIA Corporation) Hidden
NVIDIA Update 1.10.8 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.10.8 - NVIDIA Corporation)
NVIDIA Update Components (Version: 1.10.8 - NVIDIA Corporation) Hidden
NVIDIA Updatus (x32 Version: 1.0.3 - NVIDIA Corporation) Hidden
Photo Gallery (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Prerequisites for SSDT  (HKLM-x32\...\{35C1D9D6-87C0-46A3-B1B4-EDBCC063221C}) (Version: 11.1.3000.0 - Microsoft Corporation)
QuickTime (HKLM-x32\...\{B67BAFBA-4C9F-48FA-9496-933E3B255044}) (Version: 7.74.80.86 - Apple Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6077 - Realtek Semiconductor Corp.)
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.4.6.0 - SAMSUNG Electronics Co., Ltd.)
Seagate File Recovery for Windows 2.0 (HKLM-x32\...\Seagate File Recovery for WindowsNSIS) (Version: 2.0.7631 - Seagate)
Search module (HKLM-x32\...\Search module) (Version:  - Search Module)
SeaTools for Windows (HKLM-x32\...\{98613C99-1399-416C-A07C-1EE1C585D872}) (Version: 1.2.0.5 - Seagate Technology)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (x32 Version:  - Microsoft) Hidden
SRS Premium Sound Control Panel (HKLM\...\{E5CF6B9C-3ABE-43C9-9413-AD5FFC98F049}) (Version: 1.8.50.0 - SRS Labs, Inc.)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
System Requirements Lab (HKLM-x32\...\SystemRequirementsLab) (Version:  - )
System Requirements Lab CYRI (HKLM-x32\...\{943A8D28-80D6-41DC-AE94-81FEB42041BF}) (Version: 4.5.1.0 - Husdawg, LLC)
Team Explorer for Microsoft Visual Studio 2013 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version:  - TeamSpeak Systems GmbH)
Update for  (KB2504637) (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}.KB2504637) (Version: 1 - Microsoft Corporation)
Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{B4A38370-2ADB-46B0-A1B0-0C4A2F7DCA31}) (Version:  - Microsoft)
Update for Microsoft Excel 2010 (KB2837600) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{4ACD847E-547D-493F-9A86-F73EAE1B5174}) (Version:  - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2878281) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{302A8FE3-EBF5-486C-A431-16A1CD914443}) (Version:  - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2878281) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUS_{302A8FE3-EBF5-486C-A431-16A1CD914443}) (Version:  - Microsoft)
Update for Microsoft InfoPath 2010 (KB2817369) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{4EEA3D3E-989C-4DF4-AB0A-3042C0C12AA3}) (Version:  - Microsoft)
Update for Microsoft InfoPath 2010 (KB2817396) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{39767ECA-1731-45DB-AB5B-6BF40E151D66}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2494150) (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{3FCFD88F-4D13-4F38-8625-ABABEA7F61EA}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{DADF7E25-FFA4-4D02-BE84-1DAE62C18516}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUS_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{287A1E92-9E41-4BC1-8920-B3D0E9220800}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{9D69691D-823D-4C3E-9B12-563A3F520366}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUS_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{35698CB7-AAA2-4577-B505-DBFF504AEF23}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{5AA578BB-759C-40FD-9661-A737C0884541}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2825635) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{F1A20C69-9FE5-40FD-9CD5-84EABC2EF64A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2825640) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{BA610006-2C39-4419-9834-CF61AB24810A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2837581) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{334FB202-28D7-4BA4-8BC9-4FE4AB233EA0}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2837606) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{B0D672F7-883E-4279-8E75-D97A5445AB46}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2878252) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{B0DB9F71-E0F7-4FE6-8925-35B860CAC0C4}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2881028) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0409-0000-0000000FF1CE}_Office14.PROPLUS_{C0BDC1DE-C35E-422B-8CBD-C1D555468720}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2881028) 32-Bit Edition (HKLM-x32\...\{90140000-001F-040C-0000-0000000FF1CE}_Office14.PROPLUS_{089DBFD7-8211-43B2-AAAE-5BDD8C23E3A8}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2881028) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0C0A-0000-0000000FF1CE}_Office14.PROPLUS_{794A0574-4E2F-4D58-B2A0-D7460ACDC85C}) (Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUS_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version:  - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{2AB483F1-C86E-427A-83B4-23889B03512D}) (Version:  - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM-x32\...\{90140000-001A-0409-0000-0000000FF1CE}_Office14.PROPLUS_{DCE104A1-1875-4469-A83D-A5BFA6C4640F}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{2BA40F82-F3A4-441C-BF1A-ED4C42FF4872}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition (HKLM-x32\...\{90140000-0018-0409-0000-0000000FF1CE}_Office14.PROPLUS_{334AA0A1-2BB1-4D74-B66A-2B2C4D9C2C87}) (Version:  - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{F9F5A080-AF38-4966-9A6B-C43DCA465035}) (Version:  - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUS_{F9F5A080-AF38-4966-9A6B-C43DCA465035}) (Version:  - Microsoft)
Update for Microsoft Visio 2010 (KB2880526) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{7B29D8B8-6A87-496C-A65E-B935E740448A}) (Version:  - Microsoft)
Update for Microsoft Visio Viewer 2010 (KB2837587) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{38CF30E4-3348-4BD1-A859-B630C355A56F}) (Version:  - Microsoft)
Update for Microsoft Word 2010 (KB2880529) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{B9B89E01-5B6B-4F73-BC34-B2C0D8ACB4CD}) (Version:  - Microsoft)
USB2.0 UVC 2M WebCam (HKLM\...\USB2.0 UVC 2M WebCam) (Version: 5.8.54000.206 - Sonix)
Ventrilo Client for Windows x64 (HKLM\...\{EEB3F6BB-318D-4CE5-989F-8191FCBFB578}) (Version: 3.0.8.0 - Flagship Industries, Inc.)
Windows Live Communications Platform (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3508.0205 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Family Safety (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Family Safety (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4311.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Messenger (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Sync (HKLM-x32\...\{B10914FD-8812-47A4-85A1-50FCDE7F1F33}) (Version: 14.0.8117.416 - Microsoft Corporation)
Windows Live UX Platform (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Software Development Kit (x32 Version: 8.100.25984 - Microsoft Corporation) Hidden
Windows Software Development Kit (x32 Version: 8.59.29989 - Microsoft Corporation) Hidden
Windows Software Development Kit DirectX x64 Remote (Version: 8.100.25984 - Microsoft Corporation) Hidden
Windows Software Development Kit DirectX x64 Remote (Version: 8.59.29989 - Microsoft Corporation) Hidden
Windows Software Development Kit DirectX x86 Remote (x32 Version: 8.100.25984 - Microsoft Corporation) Hidden
Windows Software Development Kit DirectX x86 Remote (x32 Version: 8.59.29989 - Microsoft Corporation) Hidden
Windows Software Development Kit for Windows Store Apps (x32 Version: 8.100.25984 - Microsoft Corporation) Hidden
Windows Software Development Kit for Windows Store Apps DirectX x64 Remote (Version: 8.100.25984 - Microsoft Corporation) Hidden
Windows Software Development Kit for Windows Store Apps DirectX x86 Remote (x32 Version: 8.100.25984 - Microsoft Corporation) Hidden
Windows XP Targeting with C++ (x32 Version: 11.0.51106 - Microsoft Corporation) Hidden
WinRAR archiver (HKLM\...\WinRAR archiver) (Version:  - )
WinZip 18.0 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C240DF}) (Version: 18.0.10661 - WinZip Computing, S.L. )
 
==================== Custom CLSID (selected items): ==========================
 
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
 
CustomCLSID: HKU\S-1-5-21-2382725470-2412313811-1806556634-1001_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\Brian\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-2382725470-2412313811-1806556634-1001_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\Brian\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2382725470-2412313811-1806556634-1001_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\Brian\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2382725470-2412313811-1806556634-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Brian\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-2382725470-2412313811-1806556634-1001_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\Brian\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2382725470-2412313811-1806556634-1001_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Brian\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\FileSyncApi64.dll (Microsoft Corporation)
 
==================== Restore Points  =========================
 
30-07-2014 22:58:01 Windows Update
30-07-2014 23:42:47 Windows Update
30-07-2014 23:42:47 Revo Uninstaller's restore point - Advanced System Protector
31-07-2014 04:11:28 OTM Restore Point
31-07-2014 23:40:55 Windows Update
01-08-2014 00:02:01 Windows Update
01-08-2014 19:01:51 Revo Uninstaller's restore point - YouTube Video Downloader 3
01-08-2014 19:04:42 Revo Uninstaller's restore point - YouTube Accelerator
01-08-2014 19:12:35 Revo Uninstaller's restore point - ViewPassword
01-08-2014 19:17:36 Revo Uninstaller's restore point - Software Updater version 1.9.4
01-08-2014 19:18:51 Revo Uninstaller's restore point - SmartSaver+ 10
01-08-2014 19:23:08 Revo Uninstaller's restore point - SmartSaver+ 10
01-08-2014 19:24:14 Revo Uninstaller's restore point - PastaQuotes
01-08-2014 19:25:39 Revo Uninstaller's restore point - Pando Media Booster
01-08-2014 19:27:06 Revo Uninstaller's restore point - Mysearchdial
01-08-2014 19:28:51 Revo Uninstaller's restore point - LPT System Updater Service
01-08-2014 19:30:07 Revo Uninstaller's restore point - Java™ 6 Update 29
01-08-2014 19:30:20 Removed Java™ 6 Update 29
01-08-2014 19:33:00 Revo Uninstaller's restore point - Fast And Safe
01-08-2014 19:34:10 Revo Uninstaller's restore point - BrowserSafeguard with RocketTab
01-08-2014 19:35:17 Revo Uninstaller's restore point - Advanced System Protector
01-08-2014 19:36:35 Revo Uninstaller's restore point - Right Backup
01-08-2014 19:37:48 Revo Uninstaller's restore point - HQPro-1.9
 
==================== Hosts content: ==========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2010-08-26 10:32 - 2014-07-30 23:10 - 00000098 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1       localhost
::1       localhost
 
==================== Scheduled Tasks (whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
 
Task: {0071D28C-BC20-44F4-9F98-A8091A8A20FB} - System32\Tasks\ASUS P4G => C:\Program Files\P4G\BatteryLife.exe [2010-04-08] (ATK)
Task: {1D123A21-1C27-41F4-AA0D-9B32FADFD670} - System32\Tasks\pcreg => C:\Program Files\pcmax\service.exe [2014-05-29] ()
Task: {24A0FE85-2147-4E02-9FCC-149079387F67} - System32\Tasks\P4G Sidebar => C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-20] (Microsoft Corporation)
Task: {2702479C-5089-496B-B116-BE09256E4C4B} - System32\Tasks\PastaQuotes => C:\Program Files (x86)\pastaleads\ScheduledTask.exe
Task: {32FCAC19-1AE4-4AC5-8181-CBC4A3606EBB} - System32\Tasks\Microsoft_Hardware_Launch_IPoint_exe => C:\Program Files\Microsoft IntelliPoint\IPoint.exe [2011-08-01] (Microsoft Corporation)
Task: {422201BC-2C8B-47C7-9A88-95F443F57E5E} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-2382725470-2412313811-1806556634-1001UA => C:\Users\Brian\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-08-16] (Facebook Inc.)
Task: {42820F2A-8FFC-4842-9A31-793541A84C44} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-07-09] (Adobe Systems Incorporated)
Task: {577C81F6-9B62-4F37-A6D6-FE454080D637} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {5C6B59D3-E62C-48D2-AADF-46222097034C} - System32\Tasks\UNELEVATE_23352 => C:\Program Files (x86)\ShopperPro\JSDriver\1.37.1.189\jsdrv.exe <==== ATTENTION
Task: {7210C382-EA7B-4E4B-B895-7BC17107F588} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-12-17] (Piriform Ltd)
Task: {79EFE631-3033-4B79-AA04-D08CCDEEC4F8} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-2382725470-2412313811-1806556634-1001Core => C:\Users\Brian\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-08-16] (Facebook Inc.)
Task: {7F94157B-CD45-465C-9084-E4099E483EB1} - System32\Tasks\Launch HTC Sync Loader => C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe
Task: {BD1EDFF7-4636-4C6B-8C57-FB1F142D2123} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2382725470-2412313811-1806556634-1001UA => C:\Users\Brian\AppData\Local\Google\Update\GoogleUpdate.exe [2010-08-12] (Google Inc.)
Task: {F61CD649-F644-4ACF-81CE-6F5201717F63} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2382725470-2412313811-1806556634-1001Core => C:\Users\Brian\AppData\Local\Google\Update\GoogleUpdate.exe [2010-08-12] (Google Inc.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2382725470-2412313811-1806556634-1001Core.job => C:\Users\Brian\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2382725470-2412313811-1806556634-1001UA.job => C:\Users\Brian\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore1cf9bc6d9e5a9a1.job => C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe <==== ATTENTION
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2382725470-2412313811-1806556634-1001Core.job => C:\Users\Brian\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2382725470-2412313811-1806556634-1001UA.job => C:\Users\Brian\AppData\Local\Google\Update\GoogleUpdate.exe
 
==================== Loaded Modules (whitelisted) =============
 
2012-10-12 18:21 - 2013-08-29 17:43 - 00097568 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2010-03-05 11:21 - 2010-03-05 11:21 - 01501696 _____ () C:\Program Files\Common Files\Intel\WirelessCommon\Libeay32.dll
2010-10-17 21:45 - 2012-03-11 14:56 - 00086608 _____ () C:\Windows\System32\cpwmon64.dll
2010-01-11 12:27 - 2010-01-11 12:27 - 00017920 _____ () C:\Program Files\P4G\DevMng.dll
2010-02-03 19:14 - 2010-02-03 19:14 - 00033792 _____ () C:\Program Files\P4G\OvrClk.dll
2010-08-25 23:37 - 2010-08-25 23:34 - 00008192 _____ () C:\Windows\SysWOW64\srvany.exe
2010-08-25 23:37 - 2010-08-25 23:34 - 00151552 _____ () C:\Windows\KMService.exe
2010-09-16 14:06 - 2010-09-16 14:06 - 00080896 _____ () C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
2014-06-13 00:55 - 2014-06-13 00:55 - 00233472 _____ () C:\Program Files\pcmax\pcmax.exe
2011-08-31 19:13 - 2011-08-31 19:13 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2013-09-05 01:17 - 2013-09-05 01:17 - 04300456 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2010-10-20 16:23 - 2010-10-20 16:23 - 08801632 _____ () C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll
2004-09-30 13:15 - 2004-09-30 13:15 - 00192000 _____ () C:\Program Files\LinkShellExtension\RockallDLL.dll
2010-08-25 22:36 - 2010-03-15 11:28 - 00166400 _____ () D:\Program Files\WinRAR\rarext.dll
2014-04-23 16:05 - 2014-04-23 16:05 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-04-23 16:04 - 2014-04-23 16:04 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2009-11-02 16:20 - 2009-11-02 16:20 - 00619816 _____ () C:\Program Files (x86)\CyberLink\Power2Go\CLMediaLibrary.dll
2009-11-02 16:23 - 2009-11-02 16:23 - 00013096 _____ () C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvcPS.dll
2014-08-01 14:50 - 2014-08-01 14:50 - 01177456 _____ () C:\ProgramData\XRtVYg\dat\LUGCcoCs.dll
2004-09-30 12:09 - 2004-09-30 12:09 - 00155648 _____ () C:\Program Files\LinkShellExtension\32\RockallDLL.dll
2014-06-14 13:46 - 2014-06-05 08:58 - 00716616 _____ () C:\Users\Brian\AppData\Local\Google\Chrome\Application\35.0.1916.153\libglesv2.dll
2014-06-14 13:46 - 2014-06-05 08:58 - 00126280 _____ () C:\Users\Brian\AppData\Local\Google\Chrome\Application\35.0.1916.153\libegl.dll
2014-06-14 13:47 - 2014-06-05 08:58 - 04217672 _____ () C:\Users\Brian\AppData\Local\Google\Chrome\Application\35.0.1916.153\pdf.dll
2014-06-14 13:47 - 2014-06-05 08:58 - 00414536 _____ () C:\Users\Brian\AppData\Local\Google\Chrome\Application\35.0.1916.153\ppGoogleNaClPluginChrome.dll
2014-06-14 13:46 - 2014-06-05 08:58 - 01732424 _____ () C:\Users\Brian\AppData\Local\Google\Chrome\Application\35.0.1916.153\ffmpegsumo.dll
2014-06-14 13:47 - 2014-06-05 08:58 - 14612296 _____ () C:\Users\Brian\AppData\Local\Google\Chrome\Application\35.0.1916.153\PepperFlash\pepflashplayer.dll
 
==================== Alternate Data Streams (whitelisted) =========
 
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
 
AlternateDataStreams: C:\ProgramData\Microsoft:c7wMWfpDZco0CueOuX3NgczI
AlternateDataStreams: C:\ProgramData\Microsoft:oE5zZeoZTDVj6Nuj4gytnH0
AlternateDataStreams: C:\ProgramData\Temp:56E2E879
AlternateDataStreams: C:\ProgramData\Temp:5C321E34
AlternateDataStreams: C:\Users\Brian\Cookies:4eQ7kx4rxCf1FI3I4wR
AlternateDataStreams: C:\Users\Brian\AppData\Local\Temp:6AoWPJmFJPkxRQPMwNY
 
==================== Safe Mode (whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
 
==================== EXE Association (whitelisted) =============
 
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
 
 
==================== MSCONFIG/TASK MANAGER disabled items =========
 
(Currently there is no automatic fix for this section.)
 
MSCONFIG\startupfolder: C:^Users^Brian^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk => C:\Windows\pss\Dropbox.lnk.Startup
MSCONFIG\startupfolder: C:^Users^Brian^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^ERUNT AutoBackup.lnk => C:\Windows\pss\ERUNT AutoBackup.lnk.Startup
MSCONFIG\startupfolder: C:^Users^Brian^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^JaxUploader.lnk => C:\Windows\pss\JaxUploader.lnk.Startup
MSCONFIG\startupfolder: C:^Users^Brian^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^PdaNet Desktop.lnk => C:\Windows\pss\PdaNet Desktop.lnk.Startup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: Adobe Reader Speed Launcher => "D:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: ASUS Screen Saver Protector => C:\Windows\AsScrPro.exe
MSCONFIG\startupreg: ASUS WebStorage => C:\Program Files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSService.exe
MSCONFIG\startupreg: CLMLServer => "C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe"
MSCONFIG\startupreg: doubleTwist => C:\Program Files (x86)\doubleTwist 2.0\DoubleTwist.DeviceHelper.exe
MSCONFIG\startupreg: ETDWare => %ProgramFiles%\Elantech\ETDCtrl.exe
MSCONFIG\startupreg: FileHippo.com => "D:\Program Files (x86)\FileHippo.com\UpdateChecker.exe" /background
MSCONFIG\startupreg: HTC Sync Loader => "C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe" -startup
MSCONFIG\startupreg: IntelWireless => "C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe" /tf Intel Wireless Tray
MSCONFIG\startupreg: iTunesHelper => "D:\Program Files (x86)\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: RtHDVCpl => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
MSCONFIG\startupreg: Steam => "D:\Program Files (x86)\Steam\Steam.exe" -silent
MSCONFIG\startupreg: WinampAgent => "D:\Program Files (x86)\Winamp\winampa.exe"
 
==================== Faulty Device Manager Devices =============
 
Name: iPodDrv
Description: iPodDrv
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: iPodDrv
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
 
 
==================== Event log errors: =========================
 
Application errors:
==================
 
System errors:
=============
 
Microsoft Office Sessions:
=========================
 
CodeIntegrity Errors:
===================================
  Date: 2014-06-09 13:38:33.392
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\shell32.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-06-09 13:37:39.349
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\shell32.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-06-09 13:37:09.461
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\shell32.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-06-09 13:37:08.417
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\shell32.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-06-09 13:36:45.436
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\shell32.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-06-09 13:36:42.432
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\shell32.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-06-09 13:36:38.118
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\shell32.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-06-09 13:36:36.399
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\shell32.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-06-09 13:36:28.793
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\shell32.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-06-09 13:36:21.806
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\shell32.dll because the set of per-page image hashes could not be found on the system.
 
 
==================== Memory info =========================== 
 
Percentage of memory in use: 46%
Total physical RAM: 3893.16 MB
Available physical RAM: 2081.33 MB
Total Pagefile: 7784.49 MB
Available Pagefile: 5449.55 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB
 
==================== Drives ================================
 
Drive c: (OS) (Fixed) (Total:116.44 GB) (Free:50.76 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (DATA) (Fixed) (Total:329.79 GB) (Free:314.16 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: E0C5913D)
Partition 1: (Not Active) - (Size=20 GB) - (Type=1C)
Partition 2: (Active) - (Size=116 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=330 GB) - (Type=OF Extended)
 
==================== End Of Log ============================

  • 0

#6
Valinorum

Valinorum

    GeekU Guardian Bot

  • GeekU Moderator
  • 2,915 posts

Okay, it's already running much smoother but I still notice some ads popup or new tabs open when I click input boxes or just scroll through this website.

We will try to address them now.

I see that you have the following restore point:


[color=navy]31-07-2014 04:11:28 OTM Restore Point[/color]
Why did you create restore point with OTM?

Please uninstall 1 Media Player version 2.2.0.


 
  • Step #5 Fix with FRST
    Make sure that you still have FRST.exe on your Desktop. If you do not have it, download the suitable version from here to your Desktop.
    • Open Notepad.exe. Do not use any other text editor software;
    • Copy and Paste the contents inside the code-box to your Notepad --
      Start
      AlternateDataStreams: C:\ProgramData\Temp:56E2E879
      AlternateDataStreams: C:\ProgramData\Temp:5C321E34
      AlternateDataStreams: C:\Users\Brian\Cookies:4eQ7kx4rxCf1FI3I4wR
      AlternateDataStreams: C:\Users\Brian\AppData\Local\Temp:6AoWPJmFJPkxRQPMwNY
      C:\Program Files\pcmax
      Task: C:\Windows\Tasks\globalUpdateUpdateTaskMachineCore1cf9bc6d9e5a9a1.job => C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe <==== ATTENTION
      C:\Program Files (x86)\globalUpdate
      Task: {5C6B59D3-E62C-48D2-AADF-46222097034C} - System32\Tasks\UNELEVATE_23352 => C:\Program Files (x86)\ShopperPro\JSDriver\1.37.1.189\jsdrv.exe <==== ATTENTION
      C:\Program Files (x86)\ShopperPro\
      2014-07-09 17:38 - 2014-07-09 17:38 - 00270592 _____ () C:\Users\Brian\Downloads\Setup (1).exe
      2014-07-09 17:37 - 2014-07-09 17:37 - 00270592 _____ () C:\Users\Brian\Downloads\Setup.exe
      2014-07-11 17:32 - 2014-07-11 17:32 - 01210528 _____ () C:\Users\Brian\Downloads\Setup (3).exe
      2014-07-11 17:45 - 2014-07-11 17:45 - 00270592 _____ () C:\Users\Brian\Downloads\Setup (4).exe
      2014-07-30 19:15 - 2014-07-30 19:15 - 01237208 _____ () C:\Users\Brian\Downloads\Setup (6).exe
      2014-07-30 19:15 - 2014-07-30 19:15 - 01237208 _____ () C:\Users\Brian\Downloads\Setup (5).exe
      2014-08-01 14:26 - 2010-08-25 23:46 - 00000000 ____D () C:\Program Files (x86)\Pando Networks
      2014-07-09 17:37 - 2014-07-09 17:37 - 00270592 _____ () C:\Users\Brian\Downloads\Setup.exe
      File: C:\ProgramData\XRtVYg\SycvOme.exe
      File: C:\ProgramData\dealstear\ZX7.dll
      Folder: C:\_OTM
      CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
      CHR Extension: (cosstminn) - C:\Users\Brian\AppData\Local\Google\Chrome\User Data\Default\Extensions\nbhgdhnjbodilabcjbogfnppbopbdgob [2014-07-10]
      CHR Extension: (Search) - C:\Users\Brian\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-07-08]
      HKU\S-1-5-21-2382725470-2412313811-1806556634-1001\...\Winlogon: [Shell] C:\Windows\explorer.exe [2871808 2011-02-25] (Microsoft Corporation) <==== ATTENTION 
      CMD: DEL %TEMP%\*.* /F /S /Q
      CMD: RD /S /Q %TEMP%
      CMD: ipconfig /flushdns
      Reboot:
      End
    • Click on File > Save as...
      • Inside the File Name box type fixlist.txt;
      • From the Save as type drop down list, choose All Files
    • Save the file to your Desktop;
    • Re-run FRST.exe and click Fix;
      • Note: If FRST advises there is a new updated version to be downloaded, do so/allow this.
    • After the completion, a log will be produced;
    • Copy and Paste the contents of the log in your next reply.
 
  • Step #6 Upload File(s) to Virus-Total
    I want you to upload the following suspicious file(s) to an online virus-scanner to scan.
    • Please go to www.virustotal.com
    • Click on Choose File
    • Go to C:\ProgramData\XRtVYg\SycvOme.exe
    • Click on Open;
    • Click on Scan it;
    • Copy and Paste the link of the result page in your reply;
    Follow the procedure for the following file(s) too:
    C:\ProgramData\dealstear\ZX7.dll
 

Please reset Firefox by perusing this and Google Chrome by perusing this.

 
  • Required Log(s):
    • FRST Fix Log
    • Virustoltal Link
Regards,
Valinorum
  • 0

#7
Bmache

Bmache

    Member

  • Topic Starter
  • Member
  • PipPip
  • 11 posts

That restore point was created when I followed the instructions for fixing google redirects before I posted here.

 

I noticed when I went to FIrefox that it said my Java version was out of date and it looked fake so I didn't click the link, then a website popped up saying tech support for java or something. There are still new tabs opening up to surveys or ads on Chrome. Also while I type in this input box it will pause for a moment every few seconds or so then type everything all at once.

 

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 31-07-2014 02
Ran by Brian at 2014-08-02 15:06:33 Run:1
Running from C:\Users\Brian\Desktop
Boot Mode: Normal
==============================================
 
Content of fixlist:
*****************
Start
AlternateDataStreams: C:\ProgramData\Temp:56E2E879
AlternateDataStreams: C:\ProgramData\Temp:5C321E34
AlternateDataStreams: C:\Users\Brian\Cookies:4eQ7kx4rxCf1FI3I4wR
AlternateDataStreams: C:\Users\Brian\AppData\Local\Temp:6AoWPJmFJPkxRQPMwNY
C:\Program Files\pcmax
Task: C:\WINDOWS\Tasks\globalUpdateUpdateTaskMachineCore1cf9bc6d9e5a9a1.job => C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe <==== ATTENTION
C:\Program Files (x86)\globalUpdate
Task: {5C6B59D3-E62C-48D2-AADF-46222097034C} - System32\Tasks\UNELEVATE_23352 => C:\Program Files (x86)\ShopperPro\JSDriver\1.37.1.189\jsdrv.exe <==== ATTENTION
C:\Program Files (x86)\ShopperPro\
2014-07-09 17:38 - 2014-07-09 17:38 - 00270592 _____ () C:\Users\Brian\Downloads\Setup (1).exe
2014-07-09 17:37 - 2014-07-09 17:37 - 00270592 _____ () C:\Users\Brian\Downloads\Setup.exe
2014-07-11 17:32 - 2014-07-11 17:32 - 01210528 _____ () C:\Users\Brian\Downloads\Setup (3).exe
2014-07-11 17:45 - 2014-07-11 17:45 - 00270592 _____ () C:\Users\Brian\Downloads\Setup (4).exe
2014-07-30 19:15 - 2014-07-30 19:15 - 01237208 _____ () C:\Users\Brian\Downloads\Setup (6).exe
2014-07-30 19:15 - 2014-07-30 19:15 - 01237208 _____ () C:\Users\Brian\Downloads\Setup (5).exe
2014-08-01 14:26 - 2010-08-25 23:46 - 00000000 ____D () C:\Program Files (x86)\Pando Networks
2014-07-09 17:37 - 2014-07-09 17:37 - 00270592 _____ () C:\Users\Brian\Downloads\Setup.exe
File: C:\ProgramData\XRtVYg\SycvOme.exe
File: C:\ProgramData\dealstear\ZX7.dll
Folder: C:\_OTM
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
CHR Extension: (cosstminn) - C:\Users\Brian\AppData\Local\Google\Chrome\User Data\Default\Extensions\nbhgdhnjbodilabcjbogfnppbopbdgob [2014-07-10]
CHR Extension: (Search) - C:\Users\Brian\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-07-08]
HKU\S-1-5-21-2382725470-2412313811-1806556634-1001\...\Winlogon: [Shell] C:\Windows\explorer.exe [2871808 2011-02-25] (Microsoft Corporation) <==== ATTENTION 
CMD: DEL %TEMP%\*.* /F /S /Q
CMD: RD /S /Q %TEMP%
CMD: ipconfig /flushdns
Reboot:
End
*****************
 
C:\ProgramData\Temp => ":56E2E879" ADS removed successfully.
C:\ProgramData\Temp => ":5C321E34" ADS removed successfully.
"C:\Users\Brian\Cookies" => ":4eQ7kx4rxCf1FI3I4wR" ADS not found.
C:\Users\Brian\AppData\Local\Temp => ":6AoWPJmFJPkxRQPMwNY" ADS removed successfully.
C:\Program Files\pcmax => Moved successfully.
C:\WINDOWS\Tasks\globalUpdateUpdateTaskMachineCore1cf9bc6d9e5a9a1.job => Moved successfully.
"C:\Program Files (x86)\globalUpdate" => File/Directory not found.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{5C6B59D3-E62C-48D2-AADF-46222097034C}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5C6B59D3-E62C-48D2-AADF-46222097034C}" => Key deleted successfully.
C:\Windows\System32\Tasks\UNELEVATE_23352 => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\UNELEVATE_23352" => Key deleted successfully.
"C:\Program Files (x86)\ShopperPro" => File/Directory not found.
C:\Users\Brian\Downloads\Setup (1).exe => Moved successfully.
C:\Users\Brian\Downloads\Setup.exe => Moved successfully.
C:\Users\Brian\Downloads\Setup (3).exe => Moved successfully.
C:\Users\Brian\Downloads\Setup (4).exe => Moved successfully.
C:\Users\Brian\Downloads\Setup (6).exe => Moved successfully.
C:\Users\Brian\Downloads\Setup (5).exe => Moved successfully.
C:\Program Files (x86)\Pando Networks => Moved successfully.
"C:\Users\Brian\Downloads\Setup.exe" => File/Directory not found.
 
========================= File: C:\ProgramData\XRtVYg\SycvOme.exe ========================
 
MD5: 6524A7C172AF982DAD9F2C8DFC3D49B4
Creation and modification date: 2014-06-29 07:01 - 2014-06-29 07:01
Size: 2298224
Attributes: ----A
Company Name: Green Fire Software
Internal Name: MovieMasterService.exe
Original Name: MovieMasterService.exe
Product Name: Movie Master Service
Description: Movie Master Service
File Version: 1.0.0.0
Product Version: 1.0.0.0
Copyright: Copyright © Green Fire Software 2014
 
====== End Of File: ======
 
 
========================= File: C:\ProgramData\dealstear\ZX7.dll ========================
 
MD5: 6BDD2B931E45FA910C821A3BEB07928C
Creation and modification date: 2014-07-30 18:12 - 2014-07-30 18:12
Size: 0371200
Attributes: ----A
Company Name: 
Internal Name: 
Original Name: 
Product Name: 
Description: 
File Version: 
Product Version: 
Copyright: 
 
====== End Of File: ======
 
 
========================= Folder: C:\_OTM ========================
 
2014-07-30 23:10 - 2014-07-30 23:11 - 0000000 ____D () C:\_OTM\MovedFiles
2014-07-30 23:11 - 2014-07-30 23:14 - 0006434 _____ () C:\_OTM\MovedFiles\07302014_231035.log
2014-07-30 23:11 - 2014-07-30 23:11 - 0000002 _____ () C:\_OTM\MovedFiles\07302014_231035.res
2014-07-30 23:10 - 2014-07-30 23:14 - 0000000 ____D () C:\_OTM\MovedFiles\07302014_231035
2014-07-30 23:14 - 2014-07-30 23:14 - 0000000 ____D () C:\_OTM\MovedFiles\07302014_231035\C_Users
2014-07-30 23:14 - 2014-07-30 23:14 - 0000000 ____D () C:\_OTM\MovedFiles\07302014_231035\C_Users\Brian
2014-07-30 23:14 - 2014-07-30 23:14 - 0000000 ____D () C:\_OTM\MovedFiles\07302014_231035\C_Users\Brian\AppData
2014-07-30 23:14 - 2014-07-30 23:14 - 0000000 ____D () C:\_OTM\MovedFiles\07302014_231035\C_Users\Brian\AppData\Local
2014-07-30 23:14 - 2014-07-30 23:14 - 0000000 ____D () C:\_OTM\MovedFiles\07302014_231035\C_Users\Brian\AppData\Local\Microsoft
2014-07-30 23:14 - 2014-07-30 23:14 - 0000000 ____D () C:\_OTM\MovedFiles\07302014_231035\C_Users\Brian\AppData\Local\Microsoft\Windows
2014-07-30 23:14 - 2014-08-01 11:51 - 0000000 ____D () C:\_OTM\MovedFiles\07302014_231035\C_Users\Brian\AppData\Local\Microsoft\Windows\Temporary Internet Files
2013-03-14 10:49 - 2013-03-14 10:49 - 0000128 _____ () C:\_OTM\MovedFiles\07302014_231035\C_Users\Brian\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat
2014-07-30 23:14 - 2014-07-30 23:14 - 0000000 ____D () C:\_OTM\MovedFiles\07302014_231035\C_Users\Brian\AppData\Local\Temp
2010-08-25 21:13 - 2010-08-25 21:13 - 0000000 _____ () C:\_OTM\MovedFiles\07302014_231035\C_Users\Brian\AppData\Local\Temp\FXSAPIDebugLogFile.txt
2014-07-30 23:10 - 2014-07-30 23:14 - 0000000 ____D () C:\_OTM\MovedFiles\07302014_231035\C_Windows
2014-07-30 23:14 - 2014-07-30 23:14 - 0000000 ____D () C:\_OTM\MovedFiles\07302014_231035\C_Windows\SysNative
2014-07-30 23:14 - 2014-07-30 23:14 - 0000000 ____D () C:\_OTM\MovedFiles\07302014_231035\C_Windows\SysNative\config
2014-07-30 23:14 - 2014-07-30 23:14 - 0000000 ____D () C:\_OTM\MovedFiles\07302014_231035\C_Windows\SysNative\config\systemprofile
2014-07-30 23:14 - 2014-07-30 23:14 - 0000000 ____D () C:\_OTM\MovedFiles\07302014_231035\C_Windows\SysNative\config\systemprofile\AppData
2014-07-30 23:14 - 2014-07-30 23:14 - 0000000 ____D () C:\_OTM\MovedFiles\07302014_231035\C_Windows\SysNative\config\systemprofile\AppData\Local
2014-07-30 23:14 - 2014-07-30 23:14 - 0000000 ____D () C:\_OTM\MovedFiles\07302014_231035\C_Windows\SysNative\config\systemprofile\AppData\Local\Microsoft
2014-07-30 23:14 - 2014-07-30 23:14 - 0000000 ____D () C:\_OTM\MovedFiles\07302014_231035\C_Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows
2014-07-30 23:14 - 2014-07-30 23:14 - 0000000 ____D () C:\_OTM\MovedFiles\07302014_231035\C_Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files
2013-03-14 12:44 - 2013-03-14 12:44 - 0000128 _____ () C:\_OTM\MovedFiles\07302014_231035\C_Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat
2014-07-30 23:10 - 2014-07-30 23:10 - 0000000 ____D () C:\_OTM\MovedFiles\07302014_231035\C_Windows\System32
2014-07-30 23:10 - 2014-07-30 23:10 - 0000000 ____D () C:\_OTM\MovedFiles\07302014_231035\C_Windows\System32\drivers
2014-07-30 23:10 - 2014-07-30 23:10 - 0000000 ____D () C:\_OTM\MovedFiles\07302014_231035\C_Windows\System32\drivers\etc
2010-08-26 10:32 - 2011-12-24 06:24 - 0006345 _____ () C:\_OTM\MovedFiles\07302014_231035\C_Windows\System32\drivers\etc\hosts
2014-07-30 23:14 - 2014-07-30 23:14 - 0000000 ____D () C:\_OTM\MovedFiles\07302014_231035\C_Windows\SysWow64
2014-07-30 23:14 - 2014-07-30 23:14 - 0000000 ____D () C:\_OTM\MovedFiles\07302014_231035\C_Windows\SysWow64\config
2014-07-30 23:14 - 2014-07-30 23:14 - 0000000 ____D () C:\_OTM\MovedFiles\07302014_231035\C_Windows\SysWow64\config\systemprofile
2014-07-30 23:14 - 2014-07-30 23:14 - 0000000 ____D () C:\_OTM\MovedFiles\07302014_231035\C_Windows\SysWow64\config\systemprofile\AppData
2014-07-30 23:14 - 2014-07-30 23:14 - 0000000 ____D () C:\_OTM\MovedFiles\07302014_231035\C_Windows\SysWow64\config\systemprofile\AppData\Local
2014-07-30 23:14 - 2014-07-30 23:14 - 0000000 ____D () C:\_OTM\MovedFiles\07302014_231035\C_Windows\SysWow64\config\systemprofile\AppData\Local\Microsoft
2014-07-30 23:14 - 2014-07-30 23:14 - 0000000 ____D () C:\_OTM\MovedFiles\07302014_231035\C_Windows\SysWow64\config\systemprofile\AppData\Local\Microsoft\Windows
2014-07-30 23:14 - 2014-08-01 11:51 - 0000000 ____D () C:\_OTM\MovedFiles\07302014_231035\C_Windows\SysWow64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files
2013-06-11 22:38 - 2013-06-11 22:38 - 0000128 _____ () C:\_OTM\MovedFiles\07302014_231035\C_Windows\SysWow64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\counters.dat
2014-07-30 23:14 - 2014-07-30 23:14 - 0000000 ____D () C:\_OTM\MovedFiles\07302014_231035\C_Windows\temp
2014-07-30 23:04 - 2014-07-30 23:04 - 0524288 ____T () C:\_OTM\MovedFiles\07302014_231035\C_Windows\temp\TMP000000592DEAE22DA7BD8C2D
 
====== End of Folder: ======
 
"HKLM\SOFTWARE\Policies\Google" => Key deleted successfully.
C:\Users\Brian\AppData\Local\Google\Chrome\User Data\Default\Extensions\nbhgdhnjbodilabcjbogfnppbopbdgob => Moved successfully.
C:\Users\Brian\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf => Moved successfully.
HKU\S-1-5-21-2382725470-2412313811-1806556634-1001\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\\Shell => value deleted successfully.
 
=========  DEL %TEMP%\*.* /F /S /Q =========
 
Deleted file - C:\Users\Brian\AppData\Local\Temp\38D3540D.TMP
Deleted file - C:\Users\Brian\AppData\Local\Temp\AdobeARM.log
Deleted file - C:\Users\Brian\AppData\Local\Temp\AdwCleaner.jpg
Deleted file - C:\Users\Brian\AppData\Local\Temp\AUCHECK_PARSER.txt
Deleted file - C:\Users\Brian\AppData\Local\Temp\B5D2.tmp
Deleted file - C:\Users\Brian\AppData\Local\Temp\Brian.bmp
Deleted file - C:\Users\Brian\AppData\Local\Temp\cabex.dll
Deleted file - C:\Users\Brian\AppData\Local\Temp\Cleaning.ico
Deleted file - C:\Users\Brian\AppData\Local\Temp\Donate.ico
Deleted file - C:\Users\Brian\AppData\Local\Temp\EULA.txt
C:\Users\Brian\AppData\Local\Temp\FXSAPIDebugLogFile.txt
The process cannot access the file because it is being used by another process.
Deleted file - C:\Users\Brian\AppData\Local\Temp\GLB3D21.tmp
Deleted file - C:\Users\Brian\AppData\Local\Temp\GLC3D5F.tmp
Deleted file - C:\Users\Brian\AppData\Local\Temp\GLM3D7F.tmp
Deleted file - C:\Users\Brian\AppData\Local\Temp\JAUReg.log
Deleted file - C:\Users\Brian\AppData\Local\Temp\JavaDeployReg.log
Deleted file - C:\Users\Brian\AppData\Local\Temp\java_install_reg.log
Deleted file - C:\Users\Brian\AppData\Local\Temp\JRT.txt
Deleted file - C:\Users\Brian\AppData\Local\Temp\jusched.log
Deleted file - C:\Users\Brian\AppData\Local\Temp\PMBUninst.log
Deleted file - C:\Users\Brian\AppData\Local\Temp\Quarantine.exe
Deleted file - C:\Users\Brian\AppData\Local\Temp\Report.ico
Deleted file - C:\Users\Brian\AppData\Local\Temp\Scan.ico
Deleted file - C:\Users\Brian\AppData\Local\Temp\System.Data.SQLite.dll
Deleted file - C:\Users\Brian\AppData\Local\Temp\System.Data.SQLite33147.dll
Deleted file - C:\Users\Brian\AppData\Local\Temp\System.Data.SQLite53008.dll
Deleted file - C:\Users\Brian\AppData\Local\Temp\ttt
Deleted file - C:\Users\Brian\AppData\Local\Temp\Uninstall.ico
Deleted file - C:\Users\Brian\AppData\Local\Temp\VARemove.exe
Deleted file - C:\Users\Brian\AppData\Local\Temp\_iu14D2N.tmp
Deleted file - C:\Users\Brian\AppData\Local\Temp\jrt\APPID_clsid.dat
Deleted file - C:\Users\Brian\AppData\Local\Temp\jrt\APPID_files.dat
Deleted file - C:\Users\Brian\AppData\Local\Temp\jrt\appinit64_null.reg
Deleted file - C:\Users\Brian\AppData\Local\Temp\jrt\appinit_null.reg
Deleted file - C:\Users\Brian\AppData\Local\Temp\jrt\APPPATHS.dat
Deleted file - C:\Users\Brian\AppData\Local\Temp\jrt\APPROVEDEXTENSIONS_clsid.dat
Deleted file - C:\Users\Brian\AppData\Local\Temp\jrt\ask.bat
Deleted file - C:\Users\Brian\AppData\Local\Temp\jrt\askCLSID.dat
Deleted file - C:\Users\Brian\AppData\Local\Temp\jrt\askregkey_x64.dat
Deleted file - C:\Users\Brian\AppData\Local\Temp\jrt\askregkey_x86.dat
Deleted file - C:\Users\Brian\AppData\Local\Temp\jrt\askregvalue_x64.dat
Deleted file - C:\Users\Brian\AppData\Local\Temp\jrt\askregvalue_x86.dat
Deleted file - C:\Users\Brian\AppData\Local\Temp\jrt\askservices.dat
Deleted file - C:\Users\Brian\AppData\Local\Temp\jrt\badAPPINIT.dat
Deleted file - C:\Users\Brian\AppData\Local\Temp\jrt\badFOLDERS.cfg
Deleted file - C:\Users\Brian\AppData\Local\Temp\jrt\badFOLDERScom.cfg
Deleted file - C:\Users\Brian\AppData\Local\Temp\jrt\badFOLDERSstart.cfg
Deleted file - C:\Users\Brian\AppData\Local\Temp\jrt\badLNK.cfg
Deleted file - C:\Users\Brian\AppData\Local\Temp\jrt\badvalues.cfg
Deleted file - C:\Users\Brian\AppData\Local\Temp\jrt\BHO_clsid.dat
Deleted file - C:\Users\Brian\AppData\Local\Temp\jrt\BHO_name.dat
Deleted file - C:\Users\Brian\AppData\Local\Temp\jrt\browsermngr_keys.cfg
Deleted file - C:\Users\Brian\AppData\Local\Temp\jrt\browsermngr_values.cfg
Deleted file - C:\Users\Brian\AppData\Local\Temp\jrt\CHOICE.DAT
Deleted file - C:\Users\Brian\AppData\Local\Temp\jrt\chrome.bat
Deleted file - C:\Users\Brian\AppData\Local\Temp\jrt\CHRregkey_x64.cfg
Deleted file - C:\Users\Brian\AppData\Local\Temp\jrt\CHRregkey_x86.cfg
Deleted file - C:\Users\Brian\AppData\Local\Temp\jrt\CHR_extensions.cfg
Deleted file - C:\Users\Brian\AppData\Local\Temp\jrt\CHR_open_x64.reg
Deleted file - C:\Users\Brian\AppData\Local\Temp\jrt\CHR_open_x86.reg
Deleted file - C:\Users\Brian\AppData\Local\Temp\jrt\clean_shortcut.vbs
Deleted file - C:\Users\Brian\AppData\Local\Temp\jrt\CLSID_clsid.dat
Deleted file - C:\Users\Brian\AppData\Local\Temp\jrt\currentmd5.txt
Deleted file - C:\Users\Brian\AppData\Local\Temp\jrt\CUT.DAT
Deleted file - C:\Users\Brian\AppData\Local\Temp\jrt\datamngr_del.reg
Deleted file - C:\Users\Brian\AppData\Local\Temp\jrt\defaultscope.cfg
Deleted file - C:\Users\Brian\AppData\Local\Temp\jrt\delfolders.bat
Deleted file - C:\Users\Brian\AppData\Local\Temp\jrt\delorphans.bat
Deleted file - C:\Users\Brian\AppData\Local\Temp\jrt\ELEVATIONPOLICY_clsid.dat
Deleted file - C:\Users\Brian\AppData\Local\Temp\jrt\ev_clear.bat
Deleted file - C:\Users\Brian\AppData\Local\Temp\jrt\EXT.dat
Deleted file - C:\Users\Brian\AppData\Local\Temp\jrt\FFbrowsermngr.dat
Deleted file - C:\Users\Brian\AppData\Local\Temp\jrt\FFextensions.dat
Deleted file - C:\Users\Brian\AppData\Local\Temp\jrt\FFpluginREG.dat
Deleted file - C:\Users\Brian\AppData\Local\Temp\jrt\FFplugins.dat
Deleted file - C:\Users\Brian\AppData\Local\Temp\jrt\FFprefs.dat
Deleted file - C:\Users\Brian\AppData\Local\Temp\jrt\FFregkey_x64.dat
Deleted file - C:\Users\Brian\AppData\Local\Temp\jrt\FFregkey_x86.dat
Deleted file - C:\Users\Brian\AppData\Local\Temp\jrt\FFwhtlist.cfg
Deleted file - C:\Users\Brian\AppData\Local\Temp\jrt\FFXML.dat
Deleted file - C:\Users\Brian\AppData\Local\Temp\jrt\FFXPI.dat
Deleted file - C:\Users\Brian\AppData\Local\Temp\jrt\FF_open_x64.reg
Deleted file - C:\Users\Brian\AppData\Local\Temp\jrt\FF_open_x86.reg
Deleted file - C:\Users\Brian\AppData\Local\Temp\jrt\firefox.bat
Deleted file - C:\Users\Brian\AppData\Local\Temp\jrt\FWCLSID.dat
Deleted file - C:\Users\Brian\AppData\Local\Temp\jrt\FWPolicy.bat
Deleted file - C:\Users\Brian\AppData\Local\Temp\jrt\get.bat
Deleted file - C:\Users\Brian\AppData\Local\Temp\jrt\IEwhtlst.cfg
Deleted file - C:\Users\Brian\AppData\Local\Temp\jrt\iexplore.bat
Deleted file - C:\Users\Brian\AppData\Local\Temp\jrt\IE_open_x64.reg
Deleted file - C:\Users\Brian\AppData\Local\Temp\jrt\IE_open_x86.reg
Deleted file - C:\Users\Brian\AppData\Local\Temp\jrt\IFEO.dat
Deleted file - C:\Users\Brian\AppData\Local\Temp\jrt\INTERFACE_clsid.dat
Deleted file - C:\Users\Brian\AppData\Local\Temp\jrt\JRT.bat
Deleted file - C:\Users\Brian\AppData\Local\Temp\jrt\medfos.bat
Deleted file - C:\Users\Brian\AppData\Local\Temp\jrt\MENUEXT.dat
Deleted file - C:\Users\Brian\AppData\Local\Temp\jrt\misc.bat
Deleted file - C:\Users\Brian\AppData\Local\Temp\jrt\modules.bat
Deleted file - C:\Users\Brian\AppData\Local\Temp\jrt\modules.dat
Deleted file - C:\Users\Brian\AppData\Local\Temp\jrt\moduleservices.dat
Deleted file - C:\Users\Brian\AppData\Local\Temp\jrt\newmd5.txt
Deleted file - C:\Users\Brian\AppData\Local\Temp\jrt\NIRCMD.DAT
Deleted file - C:\Users\Brian\AppData\Local\Temp\jrt\NOTIFY.dat
Deleted file - C:\Users\Brian\AppData\Local\Temp\jrt\PREAPPROVED_clsid.dat
Deleted file - C:\Users\Brian\AppData\Local\Temp\jrt\prelim.bat
Deleted file - C:\Users\Brian\AppData\Local\Temp\jrt\PRODUCTS.dat
Deleted file - C:\Users\Brian\AppData\Local\Temp\jrt\REGhcr.cfg
Deleted file - C:\Users\Brian\AppData\Local\Temp\jrt\REGhkcu_and_hklm_allow.cfg
Deleted file - C:\Users\Brian\AppData\Local\Temp\jrt\REGhkcu_and_hklm_software.cfg
Deleted file - C:\Users\Brian\AppData\Local\Temp\jrt\REGhkcu_software_appdatalow.cfg
Deleted file - C:\Users\Brian\AppData\Local\Temp\jrt\REGhkcu_software_microsoft.cfg
Deleted file - C:\Users\Brian\AppData\Local\Temp\jrt\REGhklm_software_classes.cfg
Deleted file - C:\Users\Brian\AppData\Local\Temp\jrt\REGISTRYUSERSID.cfg
Deleted file - C:\Users\Brian\AppData\Local\Temp\jrt\runvalues.bat
Deleted file - C:\Users\Brian\AppData\Local\Temp\jrt\runvalues_x64.cfg
Deleted file - C:\Users\Brian\AppData\Local\Temp\jrt\runvalues_x86.cfg
Deleted file - C:\Users\Brian\AppData\Local\Temp\jrt\S1518COMPONENTS.dat
Deleted file - C:\Users\Brian\AppData\Local\Temp\jrt\searchlnk.bat
Deleted file - C:\Users\Brian\AppData\Local\Temp\jrt\SED.DAT
Deleted file - C:\Users\Brian\AppData\Local\Temp\jrt\sednewline.txt
Deleted file - C:\Users\Brian\AppData\Local\Temp\jrt\services.dat
Deleted file - C:\Users\Brian\AppData\Local\Temp\jrt\serviceseventlog.cfg
Deleted file - C:\Users\Brian\AppData\Local\Temp\jrt\SETTINGS_clsid.dat
Deleted file - C:\Users\Brian\AppData\Local\Temp\jrt\SHORTCUT.DAT
Deleted file - C:\Users\Brian\AppData\Local\Temp\jrt\STATS_clsid.dat
Deleted file - C:\Users\Brian\AppData\Local\Temp\jrt\TDL4.bat
Deleted file - C:\Users\Brian\AppData\Local\Temp\jrt\TRACING.dat
Deleted file - C:\Users\Brian\AppData\Local\Temp\jrt\TYPELIB_clsid.dat
Deleted file - C:\Users\Brian\AppData\Local\Temp\jrt\UNINSTALL.dat
Deleted file - C:\Users\Brian\AppData\Local\Temp\jrt\UpgradeCodes.dat
Deleted file - C:\Users\Brian\AppData\Local\Temp\jrt\WGET.DAT
Deleted file - C:\Users\Brian\AppData\Local\Temp\jrt\WOW6432NODE.dat
Deleted file - C:\Users\Brian\AppData\Local\Temp\jrt\erunt\ERDNT.E_E
Deleted file - C:\Users\Brian\AppData\Local\Temp\jrt\erunt\ERDNTDOS.LOC
Deleted file - C:\Users\Brian\AppData\Local\Temp\jrt\erunt\ERDNTWIN.LOC
Deleted file - C:\Users\Brian\AppData\Local\Temp\jrt\erunt\ERUNT.EXE
Deleted file - C:\Users\Brian\AppData\Local\Temp\jrt\erunt\ERUNT.EXE.manifest
Deleted file - C:\Users\Brian\AppData\Local\Temp\jrt\erunt\ERUNT.LOC
Deleted file - C:\Users\Brian\AppData\Local\Temp\jrt\erunt\README.TXT
Deleted file - C:\Users\Brian\AppData\Local\Temp\jrt\temp\null.txt
Deleted file - C:\Users\Brian\AppData\Local\Temp\lBypegby2h\index.html
Deleted file - C:\Users\Brian\AppData\Local\Temp\mXstjNvuaI\index.html
Deleted file - C:\Users\Brian\AppData\Local\Temp\xuoyU9F35x\index.html
 
========= End of CMD: =========
 
 
=========  RD /S /Q %TEMP% =========
 
C:\Users\Brian\AppData\Local\Temp\etilqs_rTeAWdDu1dk8jjt - The process cannot access the file because it is being used by another process.
C:\Users\Brian\AppData\Local\Temp\FXSAPIDebugLogFile.txt - The process cannot access the file because it is being used by another process.
 
========= End of CMD: =========
 
 
=========  ipconfig /flushdns =========
 
 
Windows IP Configuration
 
Successfully flushed the DNS Resolver Cache.
 
========= End of CMD: =========
 
 
 
The system needed a reboot. 
 
==== End of Fixlog ====
 

  • 0

#8
Bmache

Bmache

    Member

  • Topic Starter
  • Member
  • PipPip
  • 11 posts

I uninstalled a couple of things and it seems to be better now:

 

Search Module

Media Downloader

Dealstear

 

and a couple of others but I can't remember. The typing is definitely solved and I can now search these forums when before I couldn't.


  • 0

#9
Valinorum

Valinorum

    GeekU Guardian Bot

  • GeekU Moderator
  • 2,915 posts
Great. What are the current issues?

 
  • Step #7 Scan with Malwarebytes' Anti-Malware
    • Download Malwarebytes' Anti-Malware from the suitable link below --
    • Double-click mbam-setup.exe to install the application.
    • Before clicking Finish perform the following actions --
      • Un-check the box beside Enable free trial of Malwarebytes Anti-Malware Premium.
      • Check the box beside Launch Malwarebytes Anti-Malware
    • Once the program has loaded, The MBAM dashboard will appear with an alert to update - click the green button Update Now;
    • Click on Setting--
      • Navigate to the tab Detection and Protection and check all the boxes under Detection Options
    • From the Dashboard click on Scan Now;
    • If threats are detected click on Apply actions. If the program asks to reboot your PC, let it do so;
    • On completion of the scan click on View Detailed Log after that click on Export Button, select Text File and save the log to your Desktop;
    • Copy and Paste the contents of the log in your next reply.
 
  • Step #8 ESET Online Scanner
    Disable your security programs which includes but not limited to anti-virus, anti-malware, anti-spyware et cetera. Peruse this for additional information.
    • Download esetsmartinstaller_enu.exe by clicking here.
    • Right-click on the program and choose Run as administrator.
    • Accept their terms and condition and proceed.
    • Install Add-On/Active X if prompted.
    • From the Computer Scan Setting check the following box --
      • Enable detection for potentially unwanted programs
    • Click on Advanced Setting --
      • Uncheck the box beside Remove Found Threats;
      • Check the box beside Scan archives
      • Check the box beside Scan for potentially unsafe applications
      • Check the box beside Enable Anti-Stealth Technology
    • Click on Start and wait for the virus signature database to update.
    • The online scan will begin automatically and can take several hours.
      • Note: Do not touch either the Mouse or keyboard during the scan. Otherwise it may stall.
    • After the Scan finishes --
      • If no threats were found:
        • Put a checkmark in Uninstall application on close.
        • Close the program and report that nothing was found
      • If threats were found:
        • Open the file located in C:\Program Files\ESET\ESET Online Scanner\log.txt (32-bit) or C:\Program Files (x86)\ESET\ESET Online Scanner\log.txt (64-bit).
        • Copy and Paste contents of the log file in your next reply.
    Note: Enable your security programs afterwards.
 
  • Required Log(s):
    • Malwarebytes' Anti-Malware Log
    • ESET Scan Log
Regards,
Valinorum
  • 0

#10
Bmache

Bmache

    Member

  • Topic Starter
  • Member
  • PipPip
  • 11 posts

Okay, so I have some bad news.

 

I did tell my friend not to do anything with the computer, but last night he installed something and it apparently installed a bunch of other stuff on the computer. I tried my best to uninstall them but they were installing other things when I uninstalled them and the "Search Protect" icon in the taskbar won't disappear even though I uninstalled Search Protect. Here is the list of the things he installed:

 

Browsers apps
Search Protect
FreeSoft TOday 025.189
PC Speed Up
Severe Weather Alerts
Mezaa
Remote Desktop Access
WindowsMangerProtect20.0.0.502
istart123 
Youtube Downloader HD v. 2.9.9.14
 
I uninstalled all of them and there don't seem to be any ads in the browser and the typing is going smoothly. No new tab popups or anything. What happened was the home page was replace with istart123.com and it says Quick Start. I tried resetting the browser to default but it comes back.
 
Also, I didn't go on with your instructions because when I try to update Malwarebytes the program crashed and the window pops up saying the program has stopped working.
 
I'm really sorry about him installing the new programs. I specifically told him not to install anything new until I was done fixing the computer and to ask me before installing anything in the future. He just didn't listen. What should I do now?

  • 0

Advertisements


#11
Valinorum

Valinorum

    GeekU Guardian Bot

  • GeekU Moderator
  • 2,915 posts
I ask for your forberance while I discuss your situation with my teacher here. I will be back shortly. Thank you.
  • 0

#12
Bmache

Bmache

    Member

  • Topic Starter
  • Member
  • PipPip
  • 11 posts

Okay, no problem. I talked to him again and he said he won't install anything until I'm done. He thought I was already finished with the computer.


  • 0

#13
Valinorum

Valinorum

    GeekU Guardian Bot

  • GeekU Moderator
  • 2,915 posts
Please perform Step 1 from here and provide myself the logs. I want to see the new changes in the system.
  • 0

#14
Bmache

Bmache

    Member

  • Topic Starter
  • Member
  • PipPip
  • 11 posts
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 31-07-2014 02
Ran by Brian (administrator) on CHARLIE on 06-08-2014 15:55:29
Running from C:\Users\Brian\Desktop
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Normal
 
The only official download link for FRST:
Download link from any site other than Bleeping Computer is unpermitted or outdated.
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(ASUSTeK Computer Inc.) C:\Windows\System32\FBAgent.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(Cherished Technololgy LIMITED) C:\ProgramData\IePluginServices\PluginService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(ATK) C:\Program Files\P4G\BatteryLife.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
() C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
() C:\Program Files (x86)\SupTab\HpUI.exe
(Intel® Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(ELAN Microelectronic Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(Microsoft Corporation) C:\Program Files\Microsoft IntelliPoint\ipoint.exe
() C:\Program Files (x86)\SupTab\Loader32.exe
() C:\Program Files (x86)\SupTab\Loader64.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(ELAN Microelectronic Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Akamai Technologies, Inc.) C:\Users\Brian\AppData\Local\Akamai\netsession_win.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
(NEC Electronics Corporation) C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\HP Software Update\hpwuSchd2.exe
(Akamai Technologies, Inc.) C:\Users\Brian\AppData\Local\Akamai\netsession_win.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(ASUS) C:\Windows\AsScrPro.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(SRS Labs, Inc.) C:\Program Files\SRS Labs\SRS Premium Sound Control Panel\SRSPremiumPanel_64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
(Google Inc.) C:\Users\Brian\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Brian\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Brian\AppData\Local\Google\Chrome\Application\chrome.exe
 
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [499608 2011-03-30] (Adobe Systems Incorporated)
HKLM\...\Run: [ETDWare] => C:\Program Files\Elantech\ETDCtrl.exe [649608 2010-04-13] (ELAN Microelectronic Corp.)
HKLM\...\Run: [IntelliPoint] => C:\Program Files\Microsoft IntelliPoint\ipoint.exe [2417032 2011-08-01] (Microsoft Corporation)
HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [1271072 2014-03-11] (Microsoft Corporation)
HKLM\...\Run: [pcreg] => C:\Program Files\pcmax\service.exe
HKLM-x32\...\Run: [UpdateLBPShortCut] => C:\Program Files (x86)\CyberLink\LabelPrint\MUITransfer\MUIStartMenu.exe [222504 2009-05-20] (CyberLink Corp.)
HKLM-x32\...\Run: [UpdateP2GoShortCut] => C:\Program Files (x86)\CyberLink\Power2Go\MUITransfer\MUIStartMenu.exe [222504 2009-05-20] (CyberLink Corp.)
HKLM-x32\...\Run: [ATKOSD2] => C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [7350912 2010-02-04] (ASUS)
HKLM-x32\...\Run: [ATKMEDIA] => C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe [170624 2010-01-05] (ASUS)
HKLM-x32\...\Run: [HControlUser] => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe [105016 2009-06-19] (ASUS)
HKLM-x32\...\Run: [NUSB3MON] => C:\Program Files (x86)\NEC Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [106496 2010-01-22] (NEC Electronics Corporation)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [QuickTime Task] => D:\Program Files (x86)\QuickTime\QTTask.exe [421888 2013-05-01] (Apple Inc.)
HKLM-x32\...\Run: [pcreg] => C:\Program Files\pcmax\service.exe
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-05-26] (Apple Inc.)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [49152 2007-03-11] (Hewlett-Packard Co.)
HKLM-x32\...\Run: [fst_us_189] => [X]
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\ScCertProp: wlnotify.dll [X]
HKLM\...\Policies\Explorer: [HideSCAHealth] 1
HKU\S-1-5-21-2382725470-2412313811-1806556634-1001\...\Run: [Google Update] => C:\Users\Brian\AppData\Local\Google\Update\GoogleUpdate.exe [135664 2010-08-12] (Google Inc.)
HKU\S-1-5-21-2382725470-2412313811-1806556634-1001\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-2382725470-2412313811-1806556634-1001\...\Run: [Facebook Update] => C:\Users\Brian\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2012-08-16] (Facebook Inc.)
HKU\S-1-5-21-2382725470-2412313811-1806556634-1001\...\Run: [Akamai NetSession Interface] => C:\Users\Brian\AppData\Local\Akamai\netsession_win.exe [4672920 2014-04-17] (Akamai Technologies, Inc.)
HKU\S-1-5-21-2382725470-2412313811-1806556634-1001\...\Run: [pcreg] => C:\Program Files\pcmax\service.exe
HKU\S-1-5-21-2382725470-2412313811-1806556634-1001\...\Policies\Explorer: [HideSCAHealth] 1
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SRS Premium Sound.lnk
ShortcutTarget: SRS Premium Sound.lnk -> C:\Windows\Installer\{E5CF6B9C-3ABE-43C9-9413-AD5FFC98F049}\NewShortcut5_21C7B668029A47458B27645FE6E4A715.exe (Acresso Software Inc.)
Startup: C:\Users\Brian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk
ShortcutTarget: ERUNT AutoBackup.lnk -> C:\Program Files (x86)\ERUNT\AUTOBACK.EXE ()
ShellIconOverlayIdentifiers:  SkyDrive1 -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\Brian\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll (Microsoft Corporation)
ShellIconOverlayIdentifiers:  SkyDrive2 -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\Brian\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll (Microsoft Corporation)
ShellIconOverlayIdentifiers:  SkyDrive3 -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\Brian\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll (Microsoft Corporation)
ShellIconOverlayIdentifiers: GDriveSharedOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} =>  No File
ShellIconOverlayIdentifiers-x32:  SkyDrive1 -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => C:\Users\Brian\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\SkyDriveShell.dll (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32:  SkyDrive2 -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => C:\Users\Brian\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\SkyDriveShell.dll (Microsoft Corporation)
ShellIconOverlayIdentifiers-x32:  SkyDrive3 -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => C:\Users\Brian\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\SkyDriveShell.dll (Microsoft Corporation)
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.trovi.com...BF5F03359&SSPV=
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.istart123...q={searchTerms}
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.istart123...045XXXX6VE8N045
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.istart123...q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.istart123...045XXXX6VE8N045
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.istart123...045XXXX6VE8N045
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.istart123...q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.istart123...045XXXX6VE8N045
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.istart123...045XXXX6VE8N045
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://www.istart123...q={searchTerms}
StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe http://www.istart123...045XXXX6VE8N045
SearchScopes: HKLM-x32 - {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = http://www.google.co...ng}&rlz=1I7ASUT
SearchScopes: HKCU - DefaultScope {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = http://www.trovi.com...rchTerms}&SSPV=
SearchScopes: HKCU - {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = http://www.trovi.com...rchTerms}&SSPV=
SearchScopes: HKCU - {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = 
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = 
SearchScopes: HKCU - {80c554b9-c7f8-4a21-9471-06d606da78a2} URL = http://www.bing.com/...=MSSEDF&pc=MSSE
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: No Name -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} ->  No File
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: IETabPage Class -> {3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C} -> C:\Program Files (x86)\SupTab\SupTab.dll (Thinknice Co. Limited)
BHO-x32: Search Helper -> {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} -> C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKCU - No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} -  No File
Toolbar: HKCU - No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} -  No File
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{7C78E3E7-25E5-4AEF-8CAD-132B4AF319A9}: [NameServer]0.0.0.0
 
FireFox:
========
FF ProfilePath: C:\Users\Brian\AppData\Roaming\Mozilla\Firefox\Profiles\h18wwixl.default-1407010755378
FF NewTab: hxxp://www.trovi.com/?gd=&ctid=CT3320691&octid=EB_ORIGINAL_CTID&ISID=M2BF44B80-DD96-47A9-B2BE-2A71AD5F9F25&SearchSource=69&CUI=&SSPV=&Lay=1&UM=6&UP=SP25EE475D-AA9D-453D-A096-385BF5F03359
FF DefaultSearchEngine: Trovi search
FF SelectedSearchEngine: Trovi search
FF Homepage: hxxp://www.trovi.com/?gd=&ctid=CT3320691&octid=EB_ORIGINAL_CTID&ISID=M2BF44B80-DD96-47A9-B2BE-2A71AD5F9F25&SearchSource=55&CUI=&UM=6&UP=SP25EE475D-AA9D-453D-A096-385BF5F03359&SSPV=
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_145.dll ()
FF Plugin: @java.com/DTPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~4\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @canon.com/MycameraPlugin - D:\Program Files (x86)\Canon\ZoomBrowser EX\Program\NPCIG.dll No File
FF Plugin-x32: @java.com/DTPlugin,version=10.60.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin - C:\Program Files (x86)\Java\jre7\bin\new_plugin\npjp2.dll No File
FF Plugin-x32: @java.com/JavaPlugin,version=10.60.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=8 - D:\Program Files (x86)\Google\Update\1.2.183.13\npGoogleOneClick8.dll No File
FF Plugin-x32: Adobe Reader - D:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin - C:\Users\Brian\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF Plugin HKCU: @talk.google.com/GoogleTalkPlugin - C:\Users\Brian\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin HKCU: @talk.google.com/O1DPlugin - C:\Users\Brian\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\Brian\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\Brian\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\Brian\AppData\Roaming\mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\Brian\AppData\Roaming\mozilla\plugins\npo1d.dll (Google)
FF SearchPlugin: C:\Users\Brian\AppData\Roaming\Mozilla\Firefox\Profiles\h18wwixl.default-1407010755378\searchplugins\trovi-search.xml
FF Extension: Fast Start - C:\Users\Brian\AppData\Roaming\Mozilla\Firefox\Profiles\h18wwixl.default-1407010755378\Extensions\[email protected] [2014-08-03]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2012-02-27]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Users\Brian\AppData\Roaming\Mozilla\Firefox\Profiles\h18wwixl.default-1407010755378\extensions\[email protected]
FF StartMenuInternet: FIREFOX.EXE - D:\Program Files (x86)\Mozilla Firefox\firefox.exe http://www.istart123...045XXXX6VE8N045
 
Chrome: 
=======
CHR HomePage: hxxp://www.trovi.com/?gd=&ctid=CT3320691&octid=EB_ORIGINAL_CTID&ISID=M2BF44B80-DD96-47A9-B2BE-2A71AD5F9F25&SearchSource=55&CUI=&UM=6&UP=SP25EE475D-AA9D-453D-A096-385BF5F03359&SSPV=
CHR StartupUrls: "hxxp://www.trovi.com/?gd=&ctid=CT3320691&octid=EB_ORIGINAL_CTID&ISID=M2BF44B80-DD96-47A9-B2BE-2A71AD5F9F25&SearchSource=55&CUI=&UM=6&UP=SP25EE475D-AA9D-453D-A096-385BF5F03359&SSPV="
CHR Extension: (Google Docs) - C:\Users\Brian\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-07-08]
CHR Extension: (Google Drive) - C:\Users\Brian\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-07-08]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Brian\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-07-08]
CHR Extension: (YouTube) - C:\Users\Brian\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-07-08]
CHR Extension: (Google Wallet) - C:\Users\Brian\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-07-08]
CHR Extension: (Gmail) - C:\Users\Brian\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-07-08]
CHR Extension: (Extutil) - C:\Users\Brian\AppData\Local\Temp\D7ADFCCA-EE7E-442C-9999-C4D14FEF360B [2014-08-03]
CHR Extension: (Managera) - C:\Users\Brian\AppData\Local\Temp\38fdaae5-8e0e-493c-88ec-e05c3be06e42 [2014-08-03]
CHR HKCU\...\Chrome\Extension: [apdfllckaahabafndbhieahigkjlhalf] - C:\Users\Brian\AppData\Local\Google\Drive\apdfllckaahabafndbhieahigkjlhalf_live.crx [2014-08-03]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx [2014-08-03]
 
==================== Services (Whitelisted) =================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R3 hpqcxs08; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll [217088 2007-06-04] (Hewlett-Packard Co.) [File not signed]
R2 hpqddsvc; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll [131072 2007-06-04] (Hewlett-Packard Co.) [File not signed]
R2 IePluginServices; C:\ProgramData\IePluginServices\PluginService.exe [694784 2014-08-03] (Cherished Technololgy LIMITED) [File not signed]
S2 KMService; C:\Windows\SysWOW64\srvany.exe [8192 2010-08-25] () [File not signed]
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2014-03-11] (Microsoft Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [340240 2010-03-05] ()
S2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [69632 2006-11-08] (Hewlett-Packard) [File not signed]
R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [347872 2014-03-11] (Microsoft Corporation)
R2 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [80896 2010-09-16] () [File not signed]
S2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [88064 2006-11-08] (Hewlett-Packard) [File not signed]
R2 Themes; C:\Windows\system32\themeservice.dll [44544 2010-08-27] (Microsoft Corporation) [File not signed]
S3 VsEtwService120; C:\Program Files (x86)\Microsoft Visual Studio 12.0\Common7\Packages\Debugger\Services\VsEtwService.exe [87728 2013-10-05] (Microsoft Corporation)
S2 pcmaxservice; C:\Program Files\pcmax\pcmax.exe [X]
 
==================== Drivers (Whitelisted) ====================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R3 GEARAspiWDM; C:\Windows\SysWOW64\DRIVERS\GEARAspiWDM.sys [15664 2011-02-15] (GEAR Software Inc.)
R3 kbfiltr; C:\Windows\System32\DRIVERS\kbfiltr.sys [15416 2009-07-20] ( )
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [122584 2014-08-03] (Malwarebytes Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [268512 2014-01-25] (Microsoft Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [133928 2014-03-11] (Microsoft Corporation)
S3 S3XXx64; C:\Windows\System32\DRIVERS\S3XXx64.sys [73984 2013-06-05] (Identive)
R3 SNP2UVC; C:\Windows\System32\DRIVERS\snp2uvc.sys [1800192 2009-08-20] ()
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [828912 2010-08-25] () [File not signed]
S2 WCMVCAM; C:\Windows\System32\DRIVERS\wcmvcam64.sys [1071032 2011-06-23] (Windows ® Win 7 DDK provider)
S3 AmUStor; system32\drivers\AmUStor.SYS [X]
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
S2 iPodDrv; \??\C:\Windows\system32\drivers\iPodDrv.sys [X]
S3 MotioninJoyUSBFilter; system32\DRIVERS\MijUfilt.sys [X]
U3 tmlwf; 
U3 tmwfp; 
 
========================== Drivers MD5 =======================
 
C:\Windows\system32\drivers\1394ohci.sys ==> MD5 is legit
C:\Windows\System32\drivers\ACPI.sys ==> MD5 is legit
C:\Windows\system32\drivers\acpipmi.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\adp94xx.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\adpahci.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\adpu320.sys ==> MD5 is legit
C:\Windows\system32\drivers\afd.sys FA886682CFC5D36718D3E436AACF10B9
C:\Windows\system32\drivers\agp440.sys ==> MD5 is legit
C:\Windows\system32\drivers\aliide.sys ==> MD5 is legit
C:\Windows\system32\drivers\amdide.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\amdk8.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\amdppm.sys ==> MD5 is legit
C:\Windows\system32\drivers\amdsata.sys D4121AE6D0C0E7E13AA221AA57EF2D49
C:\Windows\system32\DRIVERS\amdsbs.sys ==> MD5 is legit
C:\Windows\System32\drivers\amdxata.sys 540DAF1CEA6094886D72126FD7C33048
C:\Windows\system32\drivers\appid.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\arc.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\arcsas.sys ==> MD5 is legit
C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys 4C016FD76ED5C05E84CA8CAB77993961
C:\Windows\System32\DRIVERS\asyncmac.sys ==> MD5 is legit
C:\Windows\System32\drivers\atapi.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\athrx.sys E857EEE6B92AAA473EBB3465ADD8F7E7
C:\Windows\system32\DRIVERS\bxvbda.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\b57nd60a.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Beep.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\blbdrive.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\bowser.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\BrFiltLo.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\BrFiltUp.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Brserid.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BrSerWdm.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BrUsbMdm.sys ==> MD5 is legit
C:\Windows\System32\Drivers\BrUsbSer.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\bthmodem.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\cdfs.sys ==> MD5 is legit
C:\Windows\system32\drivers\cdrom.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\circlass.sys ==> MD5 is legit
C:\Windows\System32\CLFS.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\CmBatt.sys ==> MD5 is legit
C:\Windows\system32\drivers\cmdide.sys ==> MD5 is legit
C:\Windows\System32\Drivers\cng.sys EBF28856F69CF094A902F884CF989706
C:\Windows\System32\DRIVERS\compbatt.sys ==> MD5 is legit
C:\Windows\system32\drivers\CompositeBus.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\crcdisk.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\dc3d.sys 7AF9DAC504FBD047CBC3E64AE52C92BF
C:\Windows\System32\Drivers\dfsc.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ssudbus.sys 955FFE2B1D74A9E0E3E0E558E6A17F3B
C:\Windows\System32\drivers\discache.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\disk.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\Dot4.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\Dot4Prt.sys E9F5969233C5D89F3C35E3A66A52A361
C:\Windows\System32\DRIVERS\dot4usb.sys ==> MD5 is legit
C:\Windows\system32\drivers\drmkaud.sys ==> MD5 is legit
C:\Windows\System32\drivers\dxgkrnl.sys 88612F1CE3BF42256913BF6E61C70D52
C:\Windows\system32\DRIVERS\evbda.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\elxstor.sys ==> MD5 is legit
C:\Windows\system32\drivers\errdev.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ETD.sys 0975BF32399A24117E317B5BF1D5D0AA
C:\Windows\System32\Drivers\exfat.sys ==> MD5 is legit
C:\Windows\System32\Drivers\fastfat.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\fdc.sys ==> MD5 is legit
C:\Windows\System32\drivers\fileinfo.sys ==> MD5 is legit
C:\Windows\System32\drivers\filetrace.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\flpydisk.sys ==> MD5 is legit
C:\Windows\System32\drivers\fltmgr.sys ==> MD5 is legit
C:\Windows\System32\drivers\FsDepends.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\fssfltr.sys C2E475625F2C6F7DCDE4E920523A0573
C:\Windows\System32\Drivers\Fs_Rec.sys 6BD9295CC032DD3077C671FCCF579A7B
C:\Windows\System32\DRIVERS\fvevol.sys 8F6322049018354F45F05A2FD2D4E5E0
C:\Windows\system32\DRIVERS\gagp30kx.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\GEARAspiWDM.sys 8E98D21EE06192492A5671A6144D092F
C:\Windows\SysWOW64\DRIVERS\GEARAspiWDM.sys 4AC51459805264AFFD5F6FDFB9D9235F
C:\Windows\system32\drivers\hcw85cir.sys ==> MD5 is legit
C:\Windows\system32\drivers\HdAudio.sys 975761C778E33CD22498059B91E7373A
C:\Windows\system32\drivers\HDAudBus.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\HECIx64.sys B6AC71AAA2B10848F57FC49D55A651AF
C:\Windows\system32\DRIVERS\HidBatt.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\hidbth.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\hidir.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\hidusb.sys ==> MD5 is legit
C:\Windows\system32\drivers\HpSAMD.sys ==> MD5 is legit
C:\Windows\System32\Drivers\ANDROIDUSB.sys F47CEC45FB85791D4AB237563AD0FA8F
C:\Windows\System32\DRIVERS\htcnprot.sys B8B1B284362E1D8135112573395D5DA5
C:\Windows\System32\drivers\HTTP.sys ==> MD5 is legit
C:\Windows\System32\drivers\hwpolicy.sys ==> MD5 is legit
C:\Windows\system32\drivers\i8042prt.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\iaStor.sys 42E00996DFC13C46366689C0EA8ABC5E
C:\Windows\system32\drivers\iaStorV.sys AAAF44DB3BD0B9D1FB6969B23ECC8366
C:\Windows\System32\DRIVERS\igdkmd64.sys F4F91789C7C7A159CE8215C1F69F2A85
C:\Windows\system32\DRIVERS\iirsp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\Impcd.sys DD587A55390ED2295BCE6D36AD567DA9
C:\Windows\System32\drivers\RTKVHD64.sys 163F94EBF8F8A98616A6B804AF08D736
C:\Windows\System32\DRIVERS\IntcDAud.sys 58CF58DEE26C909BD6F977B61D246295
C:\Windows\system32\drivers\intelide.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\intelppm.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ipfltdrv.sys ==> MD5 is legit
C:\Windows\system32\drivers\IPMIDrv.sys ==> MD5 is legit
C:\Windows\System32\drivers\ipnat.sys ==> MD5 is legit
C:\Windows\System32\drivers\irenum.sys ==> MD5 is legit
C:\Windows\system32\drivers\isapnp.sys ==> MD5 is legit
C:\Windows\system32\drivers\msiscsi.sys 96BB922A0981BC7432C8CF52B5410FE6
C:\Windows\System32\DRIVERS\ivusb.sys BD5BF20EC242E003A2F570B8754A56D1
C:\Windows\System32\DRIVERS\kbdclass.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\kbdhid.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\kbfiltr.sys E63EF8C3271D014F14E2469CE75FECB4
C:\Windows\System32\Drivers\ksecdd.sys 353009DEDF918B2A51414F330CF72DEC
C:\Windows\System32\Drivers\ksecpkg.sys 1C2D8E18AA8FD50CD04C15CC27F7F5AB
C:\Windows\system32\drivers\ksthunk.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\L1C62x64.sys 9DDC68B87A9B837736A2B193EE14A4A5
C:\Windows\System32\DRIVERS\lltdio.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\lsi_fc.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\lsi_sas.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\lsi_sas2.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\lsi_scsi.sys ==> MD5 is legit
C:\Windows\system32\drivers\luafv.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ManyCam_x64.sys D33E2B74CF8B3A652BF0A9FBD068E87A
C:\Windows\system32\drivers\MBAMSwissArmy.sys 8A50D5304E6AE48664CF5838EC32F647
C:\Windows\system32\DRIVERS\megasas.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\MegaSR.sys ==> MD5 is legit
C:\Windows\System32\drivers\modem.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\monitor.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\MijXfilt.sys C030F9E822A057C1A7A9BB4EA3E8877E
C:\Windows\System32\DRIVERS\mouclass.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\mouhid.sys ==> MD5 is legit
C:\Windows\System32\drivers\mountmgr.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\MpFilter.sys 9EB89625A82AC961F25E7C865947BF9A
C:\Windows\system32\drivers\mpio.sys ==> MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys ==> MD5 is legit
C:\Windows\system32\drivers\mrxdav.sys 1A4F75E63C9FB84B85DFFC6B63FD5404
C:\Windows\System32\DRIVERS\mrxsmb.sys A5D9106A73DC88564C825D317CAC68AC
C:\Windows\System32\DRIVERS\mrxsmb10.sys D711B3C1D5F42C0C2415687BE09FC163
C:\Windows\System32\DRIVERS\mrxsmb20.sys 9423E9D355C8D303E76B8CFBD8A5C30C
C:\Windows\System32\drivers\msahci.sys ==> MD5 is legit
C:\Windows\system32\drivers\msdsm.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Msfs.sys ==> MD5 is legit
C:\Windows\System32\drivers\mshidkmdf.sys ==> MD5 is legit
C:\Windows\System32\drivers\msisadrv.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSKSSRV.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSPCLOCK.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSPQM.sys ==> MD5 is legit
C:\Windows\System32\Drivers\MsRPC.sys ==> MD5 is legit
C:\Windows\system32\drivers\mssmbios.sys ==> MD5 is legit
C:\Windows\System32\drivers\MSTEE.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\MTConfig.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ATK64AMD.sys 032D35C996F21D19A205A7C8F0B76F3C
C:\Windows\System32\Drivers\mup.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\nwifi.sys ==> MD5 is legit
C:\Windows\System32\drivers\ndis.sys 760E38053BF56E501D562B70AD796B88
C:\Windows\System32\DRIVERS\ndiscap.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndistapi.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndisuio.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\ndiswan.sys ==> MD5 is legit
C:\Windows\System32\Drivers\NDProxy.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\netbios.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\netbt.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\NETw5s64.sys 24F64343F14A119308456E1CA7507B26
C:\Windows\system32\DRIVERS\nfrd960.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\NisDrvWFP.sys C3E0696C3B42F694C5822776AA6FFFDF
C:\Windows\System32\Drivers\Npfs.sys ==> MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys ==> MD5 is legit
C:\Windows\System32\Drivers\Ntfs.sys 1A29A59A4C5BA6F8C85062A613B7E2B2
C:\Windows\System32\Drivers\Null.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\nusb3hub.sys 8EBCB9165EE7F1571842F4D9D624A74C
C:\Windows\System32\DRIVERS\nusb3xhc.sys 5D54DBB12BBFE07CC283FD39F2CD6D63
C:\Windows\System32\DRIVERS\nvlddmkm.sys 9B93CC9C70EDE60A9C486E7719DB9E8D
C:\Windows\System32\DRIVERS\nvpciflt.sys F76296368BB813E0C6996501A3271C7C
C:\Windows\system32\drivers\nvraid.sys 0A92CB65770442ED0DC44834632F66AD
C:\Windows\system32\drivers\nvstor.sys DAB0E87525C10052BF65F06152F37E4A
C:\Windows\system32\drivers\nv_agp.sys ==> MD5 is legit
C:\Windows\system32\drivers\ohci1394.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\parport.sys ==> MD5 is legit
C:\Windows\System32\drivers\partmgr.sys E9766131EEADE40A27DC27D2D68FBA9C
C:\Windows\System32\drivers\pci.sys ==> MD5 is legit
C:\Windows\System32\drivers\pciide.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\pcmcia.sys ==> MD5 is legit
C:\Windows\System32\drivers\pcw.sys ==> MD5 is legit
C:\Windows\System32\drivers\peauth.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\pneteth.sys 8AC5649C9070674D4607301C180AB10B
C:\Windows\System32\DRIVERS\point64.sys 4F0878FD62D5F7444C5F1C4C66D9D293
C:\Windows\System32\DRIVERS\raspptp.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\processr.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\pacer.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\ql2300.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\ql40xx.sys ==> MD5 is legit
C:\Windows\system32\drivers\qwavedrv.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rasacd.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\AgileVpn.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rasl2tp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\raspppoe.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rassstp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rdbss.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\rdpbus.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\RDPCDD.sys ==> MD5 is legit
C:\Windows\System32\drivers\rdpencdd.sys ==> MD5 is legit
C:\Windows\System32\drivers\rdprefmp.sys ==> MD5 is legit
C:\Windows\System32\drivers\rdpvideominiport.sys 313F68E1A3E6345A4F47A36B07062F34
C:\Windows\System32\Drivers\RDPWD.sys E61608AA35E98999AF9AAEEEA6114B0A
C:\Windows\System32\drivers\rdyboost.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\rspndr.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\S3XXx64.sys A49CDA75F8E41F769D19E2669BD62B37
C:\Windows\system32\drivers\sbp2port.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\scfilter.sys ==> MD5 is legit
C:\Windows\System32\Drivers\secdrv.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\serenum.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\serial.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\sermouse.sys ==> MD5 is legit
C:\Windows\system32\drivers\sffdisk.sys ==> MD5 is legit
C:\Windows\system32\drivers\sffp_mmc.sys ==> MD5 is legit
C:\Windows\system32\drivers\sffp_sd.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\sfloppy.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\SiSG664.sys 1BC348CF6BAA90EC8E533EF6E6A69933
C:\Windows\system32\DRIVERS\SiSRaid2.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\sisraid4.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\smb.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\snp2uvc.sys 2114518E55B380A3ACC28B2C27FD499A
C:\Windows\System32\Drivers\spldr.sys ==> MD5 is legit
C:\Windows\System32\Drivers\sptd.sys D41D8CD98F00B204E9800998ECF8427E
C:\Windows\System32\DRIVERS\srv.sys 441FBA48BFF01FDB9D5969EBC1838F0B
C:\Windows\System32\DRIVERS\srv2.sys B4ADEBBF5E3677CCE9651E0F01F7CC28
C:\Windows\System32\DRIVERS\srvnet.sys 27E461F0BE5BFF5FC737328F749538C3
C:\Windows\system32\DRIVERS\stexstor.sys ==> MD5 is legit
C:\Windows\system32\drivers\swenum.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\tap0901.sys F9BE29D5E097F03F81D3CD12B794CB66
C:\Windows\System32\drivers\tcpip.sys 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E
C:\Windows\System32\DRIVERS\tcpip.sys 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E
C:\Windows\System32\drivers\tcpipreg.sys 1B16D0BD9841794A6E0CDE0CEF744ABC
C:\Windows\System32\drivers\tdpipe.sys ==> MD5 is legit
C:\Windows\System32\drivers\tdtcp.sys 51C5ECEB1CDEE2468A1748BE550CFBC8
C:\Windows\System32\DRIVERS\tdx.sys ==> MD5 is legit
C:\Windows\system32\drivers\termdd.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\tssecsrv.sys 4CE278FC9671BA81A138D70823FCAA09
C:\Windows\System32\drivers\tsusbflt.sys E9981ECE8D894CEF7038FD1D040EB426
C:\Windows\System32\DRIVERS\tunnel.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\uagp35.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\udfs.sys ==> MD5 is legit
C:\Windows\system32\drivers\uliagpkx.sys ==> MD5 is legit
C:\Windows\system32\drivers\umbus.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\umpass.sys ==> MD5 is legit
C:\Windows\system32\drivers\usbaudio.sys B0435098C81D04CAFFF80DDB746CD3A2
C:\Windows\System32\DRIVERS\usbccgp.sys DCA68B0943D6FA415F0C56C92158A83A
C:\Windows\system32\drivers\usbcir.sys 80B0F7D5CCF86CEB5D402EAAF61FEC31
C:\Windows\system32\drivers\usbehci.sys 18A85013A3E0F7E1755365D287443965
C:\Windows\System32\DRIVERS\usbhub.sys 8D1196CFBB223621F2C67D45710F25BA
C:\Windows\system32\drivers\usbohci.sys 765A92D428A8DB88B960DA5A8D6089DC
C:\Windows\System32\DRIVERS\usbprint.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\usbscan.sys 9661DA76B4531B2DA272ECCE25A8AF24
C:\Windows\System32\DRIVERS\USBSTOR.SYS FED648B01349A3C8395A5169DB5FB7D6
C:\Windows\system32\drivers\usbuhci.sys DD253AFC3BC6CBA412342DE60C3647F3
C:\Windows\System32\Drivers\usbvideo.sys 1F775DA4CF1A3A1834207E975A72E9D7
C:\Windows\System32\drivers\vdrvroot.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vgapnp.sys ==> MD5 is legit
C:\Windows\System32\drivers\vga.sys ==> MD5 is legit
C:\Windows\system32\drivers\vhdmp.sys ==> MD5 is legit
C:\Windows\system32\drivers\viaide.sys ==> MD5 is legit
C:\Windows\System32\drivers\volmgr.sys ==> MD5 is legit
C:\Windows\System32\drivers\volmgrx.sys ==> MD5 is legit
C:\Windows\System32\drivers\volsnap.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\vsmraid.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vwifibus.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vwififlt.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\vwifimp.sys ==> MD5 is legit
C:\Windows\system32\DRIVERS\wacompen.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\wanarp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\wanarp.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\wcmvcam64.sys 3A2D452C40162823B79867040B46D4A8
C:\Windows\system32\DRIVERS\wd.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\wdcsam64.sys ==> MD5 is legit
C:\Windows\System32\drivers\Wdf01000.sys E2C933EDBC389386EBE6D2BA953F43D8
C:\Windows\System32\DRIVERS\WDKMD.sys FE31110E39A0B11ABAE1BA43A2DC94F9
C:\Windows\System32\DRIVERS\wfplwf.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\wimfltr.sys 52DED146E4797E6CCF94799E8E22BB2A
C:\Windows\System32\drivers\wimmount.sys ==> MD5 is legit
C:\Windows\SysWOW64\drivers\wimmount.sys ==> MD5 is legit
C:\Windows\System32\DRIVERS\WinUsb.sys FE88B288356E7B47B74B13372ADD906D
C:\Windows\system32\drivers\wmiacpi.sys ==> MD5 is legit
C:\Windows\system32\drivers\ws2ifsl.sys ==> MD5 is legit
C:\Windows\System32\drivers\WudfPf.sys AB886378EEB55C6C75B4F2D14B6C869F
C:\Windows\System32\DRIVERS\WUDFRd.sys DDA4CAF29D8C0A297F886BFE561E6659
C:\Windows\System32\DRIVERS\xusb21.sys 9176C0822FAA649E45121875BE32F5D2
 
==================== NetSvcs (Whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
 
 
==================== One Month Created Files and Folders ========
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2014-08-03 16:56 - 2014-08-03 17:01 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-08-03 16:56 - 2014-08-03 16:56 - 00001108 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-08-03 16:56 - 2014-08-03 16:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-08-03 16:55 - 2014-08-03 16:55 - 17292208 _____ (Malwarebytes Corporation ) C:\Users\Brian\Downloads\mbam-setup.exe
2014-08-03 16:55 - 2014-08-03 16:55 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-08-03 16:55 - 2014-05-12 07:35 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-08-03 16:55 - 2014-05-12 07:35 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-08-03 16:55 - 2014-05-12 07:35 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-08-03 16:54 - 2014-08-03 16:55 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Brian\Downloads\mbam-setup-2.0.2.1012.exe
2014-08-03 16:51 - 2014-08-03 16:51 - 00000198 _____ () C:\Users\Brian\Desktop\shitheinstalled.txt
2014-08-03 16:44 - 2014-08-03 16:44 - 00000000 ____D () C:\Users\Brian\AppData\Local\Weather_Notifications,_LL
2014-08-03 16:35 - 2014-08-03 16:39 - 00000000 ____D () C:\Program Files (x86)\PC Speed Up
2014-08-03 16:35 - 2014-08-03 16:35 - 00000000 ____D () C:\Program Files (x86)\predm
2014-08-03 13:53 - 2014-08-03 13:53 - 00000000 ____D () C:\ProgramData\IePluginServices
2014-08-03 13:53 - 2014-08-03 13:53 - 00000000 ____D () C:\Program Files (x86)\SupTab
2014-08-03 13:52 - 2014-08-03 16:52 - 00000000 ____D () C:\Users\Brian\AppData\Local\SevereWeatherAlerts
2014-08-03 13:52 - 2014-08-03 16:30 - 00000000 ____D () C:\Program Files (x86)\globalUpdate
2014-08-03 13:52 - 2014-08-03 13:52 - 00000000 ____D () C:\Users\Brian\AppData\Local\globalUpdate
2014-08-03 13:51 - 2014-08-03 13:51 - 01232040 _____ () C:\Users\Brian\Downloads\youtube_downloader_plus.exe
2014-08-03 13:30 - 2014-08-03 13:48 - 00000000 ____D () C:\Users\Brian\AppData\Roaming\Youtube Downloader HD
2014-08-03 13:30 - 2014-07-23 17:32 - 00464104 _____ (MZA) C:\Windows\system32\MZA64.dll
2014-08-03 13:29 - 2014-08-03 13:29 - 00000000 ____D () C:\Users\Brian\AppData\Roaming\OpenCandy
2014-08-03 13:28 - 2014-08-03 13:28 - 09663552 _____ (YoutubeDownloaderHD.com ) C:\Users\Brian\Downloads\youtube_downloader_hd_setup.exe
2014-08-03 13:24 - 2014-08-03 13:25 - 29527272 _____ (DVDVideoSoft Ltd. ) C:\Users\Brian\Downloads\FreeYouTubeToMP3Converter.exe
2014-08-02 21:39 - 2014-08-02 21:39 - 00000000 ____D () C:\ProgramData\WEBREG
2014-08-02 21:32 - 2014-08-02 21:32 - 00002157 _____ () C:\Users\Public\Desktop\HP Photosmart Essential 2.01.lnk
2014-08-02 21:31 - 2014-08-02 21:31 - 00001983 _____ () C:\Users\Public\Desktop\Shop for HP Supplies.lnk
2014-08-02 21:31 - 2014-08-02 21:31 - 00000000 ____D () C:\ProgramData\HPSSUPPLY
2014-08-02 21:30 - 2014-08-02 21:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
2014-08-02 21:30 - 2014-08-02 21:30 - 00001289 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\HP Solution Center.lnk
2014-08-02 21:30 - 2014-08-02 21:30 - 00001283 _____ () C:\Users\Public\Desktop\HP Solution Center.lnk
2014-08-02 21:30 - 2014-08-02 21:30 - 00000000 ____D () C:\ProgramData\HP Product Assistant
2014-08-02 21:29 - 2014-08-02 21:29 - 00000000 ____D () C:\Program Files (x86)\Hewlett-Packard
2014-08-02 21:28 - 2007-03-30 10:09 - 00355416 _____ (Hewlett-Packard) C:\Windows\system32\hpzids40.dll
2014-08-02 21:28 - 2007-03-28 14:02 - 00134144 _____ (Hewlett-Packard Company) C:\Windows\system32\hpzll5ha.dll
2014-08-02 21:28 - 2007-03-28 14:01 - 00233472 _____ (Hewlett Packard Corporation) C:\Windows\SysWOW64\hpzc35ha.dll
2014-08-02 21:28 - 2007-03-17 11:11 - 00861184 _____ (Hewlett-Packard) C:\Windows\system32\hpowiax3.dll
2014-08-02 21:28 - 2007-03-17 11:11 - 00729600 _____ (Hewlett-Packard Co.) C:\Windows\system32\hpotscl3.dll
2014-08-02 21:28 - 2007-03-17 11:11 - 00497664 _____ (Hewlett-Packard Co.) C:\Windows\system32\hpovst10.dll
2014-08-02 21:28 - 2007-03-07 23:20 - 00540672 _____ (Hewlett-Packard) C:\Windows\system32\hppldcoi.dll
2014-08-02 21:28 - 2006-11-30 11:14 - 00671816 _____ (HP) C:\Windows\SysWOW64\hpcdmc32.dll
2014-08-02 21:27 - 2014-08-02 21:31 - 00000000 ____D () C:\Program Files (x86)\HP
2014-08-02 21:27 - 2014-08-02 21:28 - 00013336 _____ () C:\Windows\DPINST.LOG
2014-08-02 21:26 - 2014-08-02 21:40 - 00141205 _____ () C:\Windows\hpoins14.dat
2014-08-02 15:33 - 2014-08-02 15:33 - 00000000 ____D () C:\Program Files (x86)\dealstear
2014-08-02 15:31 - 2014-08-02 15:31 - 00003102 _____ () C:\Windows\System32\Tasks\{1551B306-F08E-4ABE-B628-038ECF88AACA}
2014-08-02 15:19 - 2014-08-02 15:19 - 00000000 ____D () C:\Users\Brian\Desktop\Old Firefox Data
2014-08-02 15:18 - 2014-08-03 13:52 - 00001006 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-08-02 15:18 - 2014-08-02 15:18 - 00000000 ____D () C:\ProgramData\Mozilla
2014-08-02 15:18 - 2014-08-02 15:18 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-08-02 15:16 - 2014-08-02 15:16 - 00244120 _____ () C:\Users\Brian\Downloads\Firefox Setup Stub 31.0.exe
2014-08-01 15:03 - 2014-08-01 15:03 - 00064890 _____ () C:\Users\Brian\Desktop\Shortcut.txt
2014-08-01 15:02 - 2014-08-01 15:03 - 00055839 _____ () C:\Users\Brian\Desktop\Addition.txt
2014-08-01 14:59 - 2014-08-01 14:59 - 00000996 _____ () C:\Users\Brian\Desktop\JRT.txt
2014-08-01 14:54 - 2014-08-01 14:54 - 00000000 ____D () C:\Windows\ERUNT
2014-08-01 14:53 - 2014-08-01 14:53 - 00019703 _____ () C:\Users\Brian\Desktop\AdwCleaner[S0].txt
2014-08-01 14:52 - 2014-08-01 14:52 - 01016261 _____ (Thisisu) C:\Users\Brian\Desktop\JRT.exe
2014-08-01 14:46 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll
2014-08-01 14:45 - 2014-08-01 14:47 - 00000000 ____D () C:\AdwCleaner
2014-08-01 14:44 - 2014-08-01 14:44 - 01361309 _____ () C:\Users\Brian\Desktop\adwcleaner_3.302.exe
2014-08-01 13:26 - 2014-08-06 15:56 - 00043850 _____ () C:\Users\Brian\Desktop\FRST.txt
2014-08-01 13:25 - 2014-08-06 15:55 - 00000000 ____D () C:\FRST
2014-08-01 12:50 - 2014-08-01 12:50 - 02094080 _____ (Farbar) C:\Users\Brian\Desktop\FRST64.exe
2014-07-31 18:51 - 2014-01-08 21:22 - 05694464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2014-07-31 18:51 - 2014-01-03 17:44 - 06574592 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2014-07-31 18:42 - 2014-05-14 11:23 - 02477536 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2014-07-31 18:42 - 2014-05-14 11:23 - 00058336 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2014-07-31 18:42 - 2014-05-14 11:23 - 00044512 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2014-07-31 18:42 - 2014-05-14 11:21 - 02620928 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2014-07-31 18:41 - 2014-05-14 11:23 - 00700384 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2014-07-31 18:41 - 2014-05-14 11:23 - 00581600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2014-07-31 18:41 - 2014-05-14 11:23 - 00038880 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2014-07-31 18:41 - 2014-05-14 11:23 - 00036320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2014-07-31 18:41 - 2014-05-14 11:20 - 00097792 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2014-07-31 18:41 - 2014-05-14 11:17 - 00092672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2014-07-31 18:41 - 2014-05-14 09:23 - 00198600 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2014-07-31 18:41 - 2014-05-14 09:23 - 00179656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2014-07-31 18:41 - 2014-05-14 09:20 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2014-07-31 18:41 - 2014-05-14 09:17 - 00033792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2014-07-30 23:39 - 2014-08-01 13:24 - 00160938 _____ () C:\Users\Brian\Desktop\OTL.Txt
2014-07-30 23:22 - 2014-07-30 23:22 - 00006434 _____ () C:\Users\Brian\Desktop\07302014_231035.log
2014-07-30 23:18 - 2014-07-30 23:18 - 04181856 _____ (Kaspersky Lab ZAO) C:\Users\Brian\Desktop\tdsskiller.exe
2014-07-30 23:17 - 2014-07-30 23:22 - 00002290 _____ () C:\Users\Brian\Desktop\GooredFix.txt
2014-07-30 23:17 - 2014-07-30 23:17 - 00071398 _____ (jpshortstuff) C:\Users\Brian\Desktop\GooredFix.exe
2014-07-30 23:17 - 2014-07-30 23:17 - 00000000 ____D () C:\Users\Brian\Desktop\GooredFix Backups
2014-07-30 23:10 - 2014-07-30 23:10 - 00000000 ____D () C:\_OTM
2014-07-30 23:09 - 2014-07-30 23:09 - 00522240 _____ (OldTimer Tools) C:\Users\Brian\Desktop\OTM.exe
2014-07-30 23:06 - 2014-07-30 23:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ERUNT
2014-07-30 23:06 - 2014-07-30 23:06 - 00000000 ____D () C:\Program Files (x86)\ERUNT
2014-07-30 23:05 - 2014-07-30 23:05 - 00791393 _____ (Lars Hederer ) C:\Users\Brian\Downloads\erunt-setup.exe
2014-07-30 19:08 - 2014-07-30 19:08 - 00000000 ____D () C:\Windows\SysWOW64\NV
2014-07-30 19:08 - 2014-07-30 19:08 - 00000000 ____D () C:\Windows\system32\NV
2014-07-30 19:01 - 2013-10-01 21:22 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\TsUsbFlt.sys
2014-07-30 19:01 - 2013-10-01 21:11 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyControl.exe
2014-07-30 19:01 - 2013-10-01 21:08 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2014-07-30 19:01 - 2013-10-01 20:48 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\MsRdpWebAccess.dll
2014-07-30 19:01 - 2013-10-01 20:48 - 00018944 _____ (Microsoft Corporation) C:\Windows\system32\wksprtPS.dll
2014-07-30 19:01 - 2013-10-01 20:29 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2014-07-30 19:01 - 2013-10-01 20:10 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbGDCoInstaller.dll
2014-07-30 19:01 - 2013-10-01 19:15 - 01057280 _____ (Microsoft Corporation) C:\Windows\system32\rdvidcrl.dll
2014-07-30 19:01 - 2013-10-01 19:14 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MsRdpWebAccess.dll
2014-07-30 19:01 - 2013-10-01 19:14 - 00017920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wksprtPS.dll
2014-07-30 19:01 - 2013-10-01 19:08 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2014-07-30 19:01 - 2013-10-01 19:01 - 00420864 _____ (Microsoft Corporation) C:\Windows\system32\wksprt.exe
2014-07-30 19:01 - 2013-10-01 18:58 - 00053248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2014-07-30 19:01 - 2013-10-01 18:31 - 01147392 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
2014-07-30 19:01 - 2013-10-01 18:08 - 00855552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdvidcrl.dll
2014-07-30 19:01 - 2013-10-01 17:34 - 01068544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe
2014-07-30 18:42 - 2013-09-24 21:23 - 01030144 _____ (Microsoft Corporation) C:\Windows\system32\TSWorkspace.dll
2014-07-30 18:42 - 2013-09-24 20:57 - 00792576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSWorkspace.dll
2014-07-30 18:41 - 2014-07-30 18:41 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Brian\Downloads\revosetup.exe
2014-07-30 18:41 - 2014-07-30 18:41 - 00001270 _____ () C:\Users\Brian\Desktop\Revo Uninstaller.lnk
2014-07-30 18:12 - 2014-07-30 18:12 - 00000000 ____D () C:\Users\Brian\AppData\Local\Packages
2014-07-30 17:43 - 2014-07-30 17:43 - 00602112 _____ (OldTimer Tools) C:\Users\Brian\Desktop\OTL.exe
2014-07-11 17:38 - 2014-06-05 09:45 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-07-11 17:38 - 2014-06-05 09:26 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-07-11 17:38 - 2014-06-05 09:25 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-07-11 17:37 - 2001-09-13 02:15 - 00090112 ____N (Sony Corporation) C:\Windows\snymsico.dll
2014-07-11 17:36 - 2014-07-11 17:36 - 00003124 _____ () C:\Windows\System32\Tasks\{B5FA72D1-E74B-4CA5-967F-2315E8718358}
2014-07-11 17:35 - 2014-07-11 17:35 - 01767968 _____ (Sony Corporation ) C:\Users\Brian\Downloads\PA_DRIVER (2).EXE
2014-07-11 17:34 - 2014-07-11 17:34 - 00000000 ____D () C:\Program Files (x86)\Sony
2014-07-11 17:34 - 2003-11-10 12:31 - 00036232 ____N (Sony Corporation) C:\Windows\SysWOW64\Drivers\NETMD033.sys
2014-07-11 17:34 - 2003-04-01 18:55 - 00035319 ____N (Sony Corporation) C:\Windows\SysWOW64\Drivers\NETMD031.sys
2014-07-11 17:34 - 2002-08-08 15:51 - 00038951 ____N (Sony Corporation) C:\Windows\SysWOW64\Drivers\NETMDUSB.sys
2014-07-11 17:32 - 2014-07-11 17:32 - 01767968 _____ (Sony Corporation ) C:\Users\Brian\Downloads\PA_DRIVER (1).EXE
2014-07-11 17:31 - 2014-07-11 17:32 - 01767968 _____ (Sony Corporation ) C:\Users\Brian\Downloads\PA_DRIVER.EXE
2014-07-10 18:02 - 2014-06-29 21:09 - 00519168 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-07-10 18:02 - 2014-06-29 21:04 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-07-10 18:01 - 2014-06-20 15:14 - 00266424 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-07-10 18:01 - 2014-06-20 14:39 - 00240824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-07-10 18:01 - 2014-06-18 20:39 - 23464448 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-07-10 18:01 - 2014-06-18 20:06 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-07-10 18:01 - 2014-06-18 20:06 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-07-10 18:01 - 2014-06-18 19:48 - 02768384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-07-10 18:01 - 2014-06-18 19:42 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-07-10 18:01 - 2014-06-18 19:42 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-07-10 18:01 - 2014-06-18 19:41 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-07-10 18:01 - 2014-06-18 19:41 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-07-10 18:01 - 2014-06-18 19:32 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-07-10 18:01 - 2014-06-18 19:31 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-07-10 18:01 - 2014-06-18 19:26 - 00598016 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-07-10 18:01 - 2014-06-18 19:24 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-07-10 18:01 - 2014-06-18 19:24 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-07-10 18:01 - 2014-06-18 19:23 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-07-10 18:01 - 2014-06-18 19:16 - 17276416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-07-10 18:01 - 2014-06-18 19:14 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-07-10 18:01 - 2014-06-18 19:09 - 00452608 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-07-10 18:01 - 2014-06-18 18:59 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-07-10 18:01 - 2014-06-18 18:56 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-07-10 18:01 - 2014-06-18 18:53 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-07-10 18:01 - 2014-06-18 18:51 - 05721088 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-07-10 18:01 - 2014-06-18 18:50 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-07-10 18:01 - 2014-06-18 18:48 - 00292864 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-07-10 18:01 - 2014-06-18 18:39 - 00608768 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-07-10 18:01 - 2014-06-18 18:38 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-07-10 18:01 - 2014-06-18 18:37 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-07-10 18:01 - 2014-06-18 18:36 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-07-10 18:01 - 2014-06-18 18:35 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-07-10 18:01 - 2014-06-18 18:33 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-07-10 18:01 - 2014-06-18 18:32 - 02179072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-07-10 18:01 - 2014-06-18 18:28 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-07-10 18:01 - 2014-06-18 18:28 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-07-10 18:01 - 2014-06-18 18:27 - 02040832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-07-10 18:01 - 2014-06-18 18:27 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-07-10 18:01 - 2014-06-18 18:25 - 00442368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-07-10 18:01 - 2014-06-18 18:23 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-07-10 18:01 - 2014-06-18 18:22 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-07-10 18:01 - 2014-06-18 18:12 - 00367616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-07-10 18:01 - 2014-06-18 18:06 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-07-10 18:01 - 2014-06-18 18:01 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-07-10 18:01 - 2014-06-18 17:59 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-07-10 18:01 - 2014-06-18 17:58 - 02266112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-07-10 18:01 - 2014-06-18 17:58 - 00239616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-07-10 18:01 - 2014-06-18 17:52 - 04254720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-07-10 18:01 - 2014-06-18 17:51 - 13527040 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-07-10 18:01 - 2014-06-18 17:49 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-07-10 18:01 - 2014-06-18 17:46 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-07-10 18:01 - 2014-06-18 17:45 - 01964544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-07-10 18:01 - 2014-06-18 17:35 - 11742208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-07-10 18:01 - 2014-06-18 17:34 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-07-10 18:01 - 2014-06-18 17:15 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-07-10 18:01 - 2014-06-18 17:13 - 01791488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-07-10 18:01 - 2014-06-18 17:09 - 01139200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-07-10 18:01 - 2014-06-18 17:07 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-07-10 18:01 - 2014-06-17 21:18 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe
2014-07-10 18:01 - 2014-06-17 20:51 - 00646144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\osk.exe
2014-07-10 18:01 - 2014-06-17 20:10 - 03157504 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-07-10 18:01 - 2014-05-30 01:45 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2014-07-10 17:33 - 2014-07-10 17:40 - 00000000 ____D () C:\Users\Brian\AppData\Local\1118
2014-07-10 17:32 - 2014-08-02 15:33 - 00000000 ____D () C:\ProgramData\4a607f86f23577d7
2014-07-10 17:32 - 2014-07-10 17:32 - 00000000 ____D () C:\Users\UpdatusUser\AppData\Local\Google
2014-07-10 17:32 - 2014-07-10 17:32 - 00000000 ____D () C:\Users\UpdatusUser\AppData\Local\Comodo
2014-07-10 17:32 - 2014-07-10 17:32 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Google
2014-07-10 17:32 - 2014-07-10 17:32 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Comodo
2014-07-10 17:32 - 2014-07-10 17:32 - 00000000 ____D () C:\Users\HomeGroupUser$
2014-07-10 17:32 - 2014-07-10 17:32 - 00000000 ____D () C:\Users\Guest\AppData\Local\Google
2014-07-10 17:32 - 2014-07-10 17:32 - 00000000 ____D () C:\Users\Guest\AppData\Local\Comodo
2014-07-10 17:32 - 2014-07-10 17:32 - 00000000 ____D () C:\Users\Guest
2014-07-10 17:32 - 2014-07-10 17:32 - 00000000 ____D () C:\Users\Brian\AppData\Local\Comodo
2014-07-10 17:32 - 2014-07-10 17:32 - 00000000 ____D () C:\Users\ASPNET\AppData\Local\Google
2014-07-10 17:32 - 2014-07-10 17:32 - 00000000 ____D () C:\Users\ASPNET\AppData\Local\Comodo
2014-07-10 17:32 - 2014-07-10 17:32 - 00000000 ____D () C:\Users\ASPNET
2014-07-10 17:32 - 2014-07-10 17:32 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Google
2014-07-10 17:32 - 2014-07-10 17:32 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Comodo
2014-07-10 17:32 - 2014-07-10 17:32 - 00000000 ____D () C:\Users\Administrator
2014-07-10 17:09 - 2014-07-09 17:51 - 00135168 _____ () C:\Users\Brian\AppData\Local\ChromeHitoryDB
2014-07-10 17:05 - 2014-07-10 17:05 - 01410208 _____ () C:\Users\Brian\Downloads\Setup (2).exe
2014-07-10 17:05 - 2014-07-10 17:05 - 00247160 _____ (System Applet ) C:\Users\Brian\Downloads\Java_Updater_Setup.exe
2014-07-10 17:00 - 2014-07-10 17:03 - 00000000 ____D () C:\Users\Brian\AppData\Roaming\rightbackup
2014-07-10 16:59 - 2014-08-03 16:52 - 00032136 _____ () C:\Windows\PFRO.log
2014-07-10 16:59 - 2014-08-03 16:52 - 00002578 _____ () C:\Windows\setupact.log
2014-07-10 16:59 - 2014-07-10 16:59 - 00000000 _____ () C:\Windows\setuperr.log
2014-07-09 17:44 - 2014-07-09 17:44 - 00002289 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\WinZip.lnk
2014-07-09 17:44 - 2014-07-09 17:44 - 00002283 _____ () C:\Users\Public\Desktop\WinZip.lnk
2014-07-09 17:44 - 2014-07-09 17:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZip
2014-07-09 17:43 - 2014-07-11 17:26 - 00000000 ____D () C:\ProgramData\WinZip
2014-07-09 17:43 - 2014-07-09 17:43 - 00000000 ____D () C:\Users\Brian\AppData\Local\WinZip
2014-07-09 17:43 - 2014-07-09 17:43 - 00000000 ____D () C:\Program Files\WinZip
2014-07-09 17:40 - 2014-08-01 14:24 - 00000000 ____D () C:\Program Files (x86)\SmartSaver+ 10
2014-07-09 17:39 - 2014-06-06 05:10 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-07-09 17:39 - 2014-06-06 04:44 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2014-07-09 17:38 - 2014-05-30 03:08 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-07-09 17:38 - 2014-05-30 03:08 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-07-09 17:38 - 2014-05-30 03:08 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-07-09 17:38 - 2014-05-30 03:08 - 00307200 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2014-07-09 17:38 - 2014-05-30 03:08 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-07-09 17:38 - 2014-05-30 03:08 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-07-09 17:38 - 2014-05-30 03:08 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-07-09 17:38 - 2014-05-30 02:52 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-07-09 17:38 - 2014-05-30 02:52 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2014-07-09 17:38 - 2014-05-30 02:52 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-07-09 17:38 - 2014-05-30 02:52 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2014-07-09 17:38 - 2014-05-30 02:52 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2014-07-09 17:38 - 2014-05-30 02:52 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-07-09 17:38 - 2014-05-30 02:52 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-07-08 17:11 - 2014-08-03 16:49 - 00002371 _____ () C:\Users\Brian\Desktop\Google Chrome.lnk
2014-07-08 17:11 - 2014-07-08 17:11 - 00000000 ____D () C:\Users\Brian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
 
==================== One Month Modified Files and Folders =======
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2014-08-06 15:56 - 2014-08-01 13:26 - 00043850 _____ () C:\Users\Brian\Desktop\FRST.txt
2014-08-06 15:55 - 2014-08-01 13:25 - 00000000 ____D () C:\FRST
2014-08-06 15:55 - 2010-08-27 02:40 - 00000908 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2382725470-2412313811-1806556634-1001UA.job
2014-08-06 15:52 - 2012-04-16 08:32 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-08-06 15:52 - 2011-07-06 20:02 - 00000928 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2382725470-2412313811-1806556634-1001UA.job
2014-08-06 15:52 - 2010-08-12 12:49 - 01509971 _____ () C:\Windows\WindowsUpdate.log
2014-08-03 17:01 - 2014-08-03 16:56 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-08-03 17:00 - 2009-07-13 23:45 - 00009920 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-08-03 17:00 - 2009-07-13 23:45 - 00009920 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-08-03 16:56 - 2014-08-03 16:56 - 00001108 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-08-03 16:56 - 2014-08-03 16:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-08-03 16:55 - 2014-08-03 16:55 - 17292208 _____ (Malwarebytes Corporation ) C:\Users\Brian\Downloads\mbam-setup.exe
2014-08-03 16:55 - 2014-08-03 16:55 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-08-03 16:55 - 2014-08-03 16:54 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Brian\Downloads\mbam-setup-2.0.2.1012.exe
2014-08-03 16:52 - 2014-08-03 13:52 - 00000000 ____D () C:\Users\Brian\AppData\Local\SevereWeatherAlerts
2014-08-03 16:52 - 2014-07-10 16:59 - 00032136 _____ () C:\Windows\PFRO.log
2014-08-03 16:52 - 2014-07-10 16:59 - 00002578 _____ () C:\Windows\setupact.log
2014-08-03 16:52 - 2010-08-12 13:27 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-08-03 16:52 - 2009-07-14 00:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-08-03 16:51 - 2014-08-03 16:51 - 00000198 _____ () C:\Users\Brian\Desktop\shitheinstalled.txt
2014-08-03 16:49 - 2014-07-08 17:11 - 00002371 _____ () C:\Users\Brian\Desktop\Google Chrome.lnk
2014-08-03 16:44 - 2014-08-03 16:44 - 00000000 ____D () C:\Users\Brian\AppData\Local\Weather_Notifications,_LL
2014-08-03 16:39 - 2014-08-03 16:35 - 00000000 ____D () C:\Program Files (x86)\PC Speed Up
2014-08-03 16:36 - 2013-10-04 00:44 - 00000000 ____D () C:\Program Files\LinkShellExtension
2014-08-03 16:35 - 2014-08-03 16:35 - 00000000 ____D () C:\Program Files (x86)\predm
2014-08-03 16:30 - 2014-08-03 13:52 - 00000000 ____D () C:\Program Files (x86)\globalUpdate
2014-08-03 14:02 - 2010-08-12 13:35 - 00003399 _____ () C:\Windows\system32\AutoRunFilter.ini
2014-08-03 14:02 - 2010-08-12 13:35 - 00001798 _____ () C:\Windows\system32\ServiceFilter.ini
2014-08-03 13:53 - 2014-08-03 13:53 - 00000000 ____D () C:\ProgramData\IePluginServices
2014-08-03 13:53 - 2014-08-03 13:53 - 00000000 ____D () C:\Program Files (x86)\SupTab
2014-08-03 13:52 - 2014-08-03 13:52 - 00000000 ____D () C:\Users\Brian\AppData\Local\globalUpdate
2014-08-03 13:52 - 2014-08-02 15:18 - 00001006 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-08-03 13:52 - 2011-12-28 23:08 - 00001006 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-08-03 13:52 - 2011-07-26 08:36 - 00000000 ____D () C:\Program Files (x86)\Google
2014-08-03 13:52 - 2010-08-25 21:11 - 00001609 _____ () C:\Users\Brian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-08-03 13:51 - 2014-08-03 13:51 - 01232040 _____ () C:\Users\Brian\Downloads\youtube_downloader_plus.exe
2014-08-03 13:48 - 2014-08-03 13:30 - 00000000 ____D () C:\Users\Brian\AppData\Roaming\Youtube Downloader HD
2014-08-03 13:47 - 2014-06-14 18:00 - 00000000 ____D () C:\Users\Brian\Desktop\VIDEO DOWNLOAD
2014-08-03 13:29 - 2014-08-03 13:29 - 00000000 ____D () C:\Users\Brian\AppData\Roaming\OpenCandy
2014-08-03 13:28 - 2014-08-03 13:28 - 09663552 _____ (YoutubeDownloaderHD.com ) C:\Users\Brian\Downloads\youtube_downloader_hd_setup.exe
2014-08-03 13:27 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\rescache
2014-08-03 13:25 - 2014-08-03 13:24 - 29527272 _____ (DVDVideoSoft Ltd. ) C:\Users\Brian\Downloads\FreeYouTubeToMP3Converter.exe
2014-08-02 21:40 - 2014-08-02 21:26 - 00141205 _____ () C:\Windows\hpoins14.dat
2014-08-02 21:39 - 2014-08-02 21:39 - 00000000 ____D () C:\ProgramData\WEBREG
2014-08-02 21:39 - 2014-08-02 21:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
2014-08-02 21:39 - 2014-06-14 21:53 - 00002320 _____ () C:\ProgramData\hpzinstall.log
2014-08-02 21:39 - 2014-06-14 21:53 - 00000000 ____D () C:\ProgramData\HP
2014-08-02 21:38 - 2009-07-13 21:34 - 00000513 _____ () C:\Windows\win.ini
2014-08-02 21:32 - 2014-08-02 21:32 - 00002157 _____ () C:\Users\Public\Desktop\HP Photosmart Essential 2.01.lnk
2014-08-02 21:31 - 2014-08-02 21:31 - 00001983 _____ () C:\Users\Public\Desktop\Shop for HP Supplies.lnk
2014-08-02 21:31 - 2014-08-02 21:31 - 00000000 ____D () C:\ProgramData\HPSSUPPLY
2014-08-02 21:31 - 2014-08-02 21:27 - 00000000 ____D () C:\Program Files (x86)\HP
2014-08-02 21:30 - 2014-08-02 21:30 - 00001289 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\HP Solution Center.lnk
2014-08-02 21:30 - 2014-08-02 21:30 - 00001283 _____ () C:\Users\Public\Desktop\HP Solution Center.lnk
2014-08-02 21:30 - 2014-08-02 21:30 - 00000000 ____D () C:\ProgramData\HP Product Assistant
2014-08-02 21:29 - 2014-08-02 21:29 - 00000000 ____D () C:\Program Files (x86)\Hewlett-Packard
2014-08-02 21:28 - 2014-08-02 21:27 - 00013336 _____ () C:\Windows\DPINST.LOG
2014-08-02 15:43 - 2014-06-22 04:46 - 00000000 ____D () C:\Program Files\Common Files\Goobzo
2014-08-02 15:35 - 2012-01-09 22:44 - 00000000 ____D () C:\Users\Brian\AppData\Roaming\SystemRequirementsLab
2014-08-02 15:33 - 2014-08-02 15:33 - 00000000 ____D () C:\Program Files (x86)\dealstear
2014-08-02 15:33 - 2014-07-10 17:32 - 00000000 ____D () C:\ProgramData\4a607f86f23577d7
2014-08-02 15:31 - 2014-08-02 15:31 - 00003102 _____ () C:\Windows\System32\Tasks\{1551B306-F08E-4ABE-B628-038ECF88AACA}
2014-08-02 15:19 - 2014-08-02 15:19 - 00000000 ____D () C:\Users\Brian\Desktop\Old Firefox Data
2014-08-02 15:18 - 2014-08-02 15:18 - 00000000 ____D () C:\ProgramData\Mozilla
2014-08-02 15:18 - 2014-08-02 15:18 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-08-02 15:18 - 2011-05-30 13:54 - 00000000 ____D () C:\Users\Brian\AppData\Local\Mozilla
2014-08-02 15:16 - 2014-08-02 15:16 - 00244120 _____ () C:\Users\Brian\Downloads\Firefox Setup Stub 31.0.exe
2014-08-01 15:03 - 2014-08-01 15:03 - 00064890 _____ () C:\Users\Brian\Desktop\Shortcut.txt
2014-08-01 15:03 - 2014-08-01 15:02 - 00055839 _____ () C:\Users\Brian\Desktop\Addition.txt
2014-08-01 14:59 - 2014-08-01 14:59 - 00000996 _____ () C:\Users\Brian\Desktop\JRT.txt
2014-08-01 14:54 - 2014-08-01 14:54 - 00000000 ____D () C:\Windows\ERUNT
2014-08-01 14:53 - 2014-08-01 14:53 - 00019703 _____ () C:\Users\Brian\Desktop\AdwCleaner[S0].txt
2014-08-01 14:52 - 2014-08-01 14:52 - 01016261 _____ (Thisisu) C:\Users\Brian\Desktop\JRT.exe
2014-08-01 14:47 - 2014-08-01 14:45 - 00000000 ____D () C:\AdwCleaner
2014-08-01 14:44 - 2014-08-01 14:44 - 01361309 _____ () C:\Users\Brian\Desktop\adwcleaner_3.302.exe
2014-08-01 14:39 - 2014-06-22 04:34 - 00000000 ____D () C:\Program Files (x86)\HQPro-1.9
2014-08-01 14:32 - 2010-08-25 23:40 - 00000000 ____D () C:\Program Files (x86)\Java
2014-08-01 14:24 - 2014-07-09 17:40 - 00000000 ____D () C:\Program Files (x86)\SmartSaver+ 10
2014-08-01 14:06 - 2010-08-12 13:03 - 00000000 ____D () C:\ProgramData\Temp
2014-08-01 13:24 - 2014-07-30 23:39 - 00160938 _____ () C:\Users\Brian\Desktop\OTL.Txt
2014-08-01 12:50 - 2014-08-01 12:50 - 02094080 _____ (Farbar) C:\Users\Brian\Desktop\FRST64.exe
2014-07-31 09:04 - 2011-07-06 20:02 - 00000906 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2382725470-2412313811-1806556634-1001Core.job
2014-07-30 23:22 - 2014-07-30 23:22 - 00006434 _____ () C:\Users\Brian\Desktop\07302014_231035.log
2014-07-30 23:22 - 2014-07-30 23:17 - 00002290 _____ () C:\Users\Brian\Desktop\GooredFix.txt
2014-07-30 23:18 - 2014-07-30 23:18 - 04181856 _____ (Kaspersky Lab ZAO) C:\Users\Brian\Desktop\tdsskiller.exe
2014-07-30 23:17 - 2014-07-30 23:17 - 00071398 _____ (jpshortstuff) C:\Users\Brian\Desktop\GooredFix.exe
2014-07-30 23:17 - 2014-07-30 23:17 - 00000000 ____D () C:\Users\Brian\Desktop\GooredFix Backups
2014-07-30 23:14 - 2010-08-25 22:14 - 00000000 ____D () C:\Windows\ERDNT
2014-07-30 23:10 - 2014-07-30 23:10 - 00000000 ____D () C:\_OTM
2014-07-30 23:09 - 2014-07-30 23:09 - 00522240 _____ (OldTimer Tools) C:\Users\Brian\Desktop\OTM.exe
2014-07-30 23:06 - 2014-07-30 23:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ERUNT
2014-07-30 23:06 - 2014-07-30 23:06 - 00000000 ____D () C:\Program Files (x86)\ERUNT
2014-07-30 23:05 - 2014-07-30 23:05 - 00791393 _____ (Lars Hederer ) C:\Users\Brian\Downloads\erunt-setup.exe
2014-07-30 19:08 - 2014-07-30 19:08 - 00000000 ____D () C:\Windows\SysWOW64\NV
2014-07-30 19:08 - 2014-07-30 19:08 - 00000000 ____D () C:\Windows\system32\NV
2014-07-30 19:05 - 2011-12-24 20:04 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-07-30 19:05 - 2011-12-24 20:04 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-07-30 18:59 - 2014-06-22 04:35 - 00000000 ____D () C:\temp
2014-07-30 18:57 - 2010-08-12 13:25 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2014-07-30 18:51 - 2010-08-12 13:25 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2014-07-30 18:47 - 2011-12-24 20:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2014-07-30 18:41 - 2014-07-30 18:41 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Brian\Downloads\revosetup.exe
2014-07-30 18:41 - 2014-07-30 18:41 - 00001270 _____ () C:\Users\Brian\Desktop\Revo Uninstaller.lnk
2014-07-30 18:41 - 2011-08-03 09:33 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group
2014-07-30 18:12 - 2014-07-30 18:12 - 00000000 ____D () C:\Users\Brian\AppData\Local\Packages
2014-07-30 17:43 - 2014-07-30 17:43 - 00602112 _____ (OldTimer Tools) C:\Users\Brian\Desktop\OTL.exe
2014-07-30 17:34 - 2009-07-14 00:13 - 00800938 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-07-23 17:32 - 2014-08-03 13:30 - 00464104 _____ (MZA) C:\Windows\system32\MZA64.dll
2014-07-11 17:36 - 2014-07-11 17:36 - 00003124 _____ () C:\Windows\System32\Tasks\{B5FA72D1-E74B-4CA5-967F-2315E8718358}
2014-07-11 17:35 - 2014-07-11 17:35 - 01767968 _____ (Sony Corporation ) C:\Users\Brian\Downloads\PA_DRIVER (2).EXE
2014-07-11 17:34 - 2014-07-11 17:34 - 00000000 ____D () C:\Program Files (x86)\Sony
2014-07-11 17:34 - 2010-08-12 13:03 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-07-11 17:32 - 2014-07-11 17:32 - 01767968 _____ (Sony Corporation ) C:\Users\Brian\Downloads\PA_DRIVER (1).EXE
2014-07-11 17:32 - 2014-07-11 17:31 - 01767968 _____ (Sony Corporation ) C:\Users\Brian\Downloads\PA_DRIVER.EXE
2014-07-11 17:26 - 2014-07-09 17:43 - 00000000 ____D () C:\ProgramData\WinZip
2014-07-11 17:24 - 2009-07-13 23:45 - 07969920 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-07-11 17:18 - 2014-06-09 13:39 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-07-11 17:18 - 2009-07-14 02:45 - 00000000 ____D () C:\Program Files\Windows Journal
2014-07-11 17:18 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\SysWOW64\Dism
2014-07-11 17:18 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\system32\Dism
2014-07-10 21:57 - 2010-08-25 23:28 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-07-10 21:55 - 2013-07-13 14:41 - 00000000 ____D () C:\Windows\system32\MRT
2014-07-10 21:53 - 2010-08-29 00:11 - 96441528 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-07-10 21:33 - 2010-08-26 10:04 - 00000000 ____D () C:\Users\Brian
2014-07-10 17:40 - 2014-07-10 17:33 - 00000000 ____D () C:\Users\Brian\AppData\Local\1118
2014-07-10 17:40 - 2011-11-09 23:22 - 00000000 ____D () C:\Users\Brian\AppData\Local\Akamai
2014-07-10 17:40 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\registration
2014-07-10 17:40 - 2009-07-13 22:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared
2014-07-10 17:39 - 2010-08-25 21:51 - 00000000 ____D () C:\Users\Brian\AppData\Local\Google
2014-07-10 17:32 - 2014-07-10 17:32 - 00000000 ____D () C:\Users\UpdatusUser\AppData\Local\Google
2014-07-10 17:32 - 2014-07-10 17:32 - 00000000 ____D () C:\Users\UpdatusUser\AppData\Local\Comodo
2014-07-10 17:32 - 2014-07-10 17:32 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Google
2014-07-10 17:32 - 2014-07-10 17:32 - 00000000 ____D () C:\Users\HomeGroupUser$\AppData\Local\Comodo
2014-07-10 17:32 - 2014-07-10 17:32 - 00000000 ____D () C:\Users\HomeGroupUser$
2014-07-10 17:32 - 2014-07-10 17:32 - 00000000 ____D () C:\Users\Guest\AppData\Local\Google
2014-07-10 17:32 - 2014-07-10 17:32 - 00000000 ____D () C:\Users\Guest\AppData\Local\Comodo
2014-07-10 17:32 - 2014-07-10 17:32 - 00000000 ____D () C:\Users\Guest
2014-07-10 17:32 - 2014-07-10 17:32 - 00000000 ____D () C:\Users\Brian\AppData\Local\Comodo
2014-07-10 17:32 - 2014-07-10 17:32 - 00000000 ____D () C:\Users\ASPNET\AppData\Local\Google
2014-07-10 17:32 - 2014-07-10 17:32 - 00000000 ____D () C:\Users\ASPNET\AppData\Local\Comodo
2014-07-10 17:32 - 2014-07-10 17:32 - 00000000 ____D () C:\Users\ASPNET
2014-07-10 17:32 - 2014-07-10 17:32 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Google
2014-07-10 17:32 - 2014-07-10 17:32 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Comodo
2014-07-10 17:32 - 2014-07-10 17:32 - 00000000 ____D () C:\Users\Administrator
2014-07-10 17:05 - 2014-07-10 17:05 - 01410208 _____ () C:\Users\Brian\Downloads\Setup (2).exe
2014-07-10 17:05 - 2014-07-10 17:05 - 00247160 _____ (System Applet ) C:\Users\Brian\Downloads\Java_Updater_Setup.exe
2014-07-10 17:03 - 2014-07-10 17:00 - 00000000 ____D () C:\Users\Brian\AppData\Roaming\rightbackup
2014-07-10 16:59 - 2014-07-10 16:59 - 00000000 _____ () C:\Windows\setuperr.log
2014-07-09 17:51 - 2014-07-10 17:09 - 00135168 _____ () C:\Users\Brian\AppData\Local\ChromeHitoryDB
2014-07-09 17:44 - 2014-07-09 17:44 - 00002289 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\WinZip.lnk
2014-07-09 17:44 - 2014-07-09 17:44 - 00002283 _____ () C:\Users\Public\Desktop\WinZip.lnk
2014-07-09 17:44 - 2014-07-09 17:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZip
2014-07-09 17:43 - 2014-07-09 17:43 - 00000000 ____D () C:\Users\Brian\AppData\Local\WinZip
2014-07-09 17:43 - 2014-07-09 17:43 - 00000000 ____D () C:\Program Files\WinZip
2014-07-09 17:29 - 2012-04-16 08:31 - 00699056 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-07-09 17:29 - 2011-05-13 11:26 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-07-09 17:28 - 2014-06-08 18:58 - 11204096 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerInstaller.exe
2014-07-08 17:11 - 2014-07-08 17:11 - 00000000 ____D () C:\Users\Brian\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-07-08 17:03 - 2011-10-06 11:32 - 00000000 ____D () C:\Users\Brian\AppData\Roaming\Media Player Classic
 
Some content of TEMP:
====================
C:\Users\Brian\AppData\Local\Temp\ms.exe
C:\Users\Brian\AppData\Local\Temp\nsc8F29.exe
C:\Users\Brian\AppData\Local\Temp\nsdF6A1.exe
C:\Users\Brian\AppData\Local\Temp\nsm43D2.exe
C:\Users\Brian\AppData\Local\Temp\nsr87E7.exe
C:\Users\Brian\AppData\Local\Temp\nsw3964.exe
C:\Users\Brian\AppData\Local\Temp\nsw3E93.exe
C:\Users\Brian\AppData\Local\Temp\nsw9570.exe
C:\Users\Brian\AppData\Local\Temp\SpOrder.dll
C:\Users\Brian\AppData\Local\Temp\tu17p84.exe
 
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 
==================== BCD ================================
 
Windows Boot Manager
--------------------
identifier              {bootmgr}
device                  boot
description             Windows Boot Manager
locale                  en-US
inherit                 {globalsettings}
default                 {current}
resumeobject            {8cb2d9b0-7c05-11de-842e-b4611d44fefa}
displayorder            {current}
toolsdisplayorder       {memdiag}
timeout                 30
 
Windows Boot Loader
-------------------
identifier              {572bcd56-ffa7-11d9-aae0-0007e994107d}
device                  ramdisk=[\Device\HarddiskVolume1]\winre.wim,{ad6c7bc8-fa0f-11da-8ddf-0013200354d8}
path                    \windows\system32\boot\winload.exe
description             Windows Recovery Environment
osdevice                ramdisk=[\Device\HarddiskVolume1]\winre.wim,{ad6c7bc8-fa0f-11da-8ddf-0013200354d8}
systemroot              \windows
nx                      OptIn
detecthal               Yes
winpe                   Yes
 
Windows Boot Loader
-------------------
identifier              {current}
device                  boot
path                    \Windows\system32\winload.exe
description             Windows 7
locale                  en-US
loadoptions             ENABLE_INTEGRITY_CHECKS
inherit                 {bootloadersettings}
recoverysequence        {8cb2d9b4-7c05-11de-842e-b4611d44fefa}
recoveryenabled         Yes
testsigning             No
osdevice                boot
systemroot              \Windows
resumeobject            {8cb2d9b0-7c05-11de-842e-b4611d44fefa}
nx                      OptIn
 
Windows Boot Loader
-------------------
identifier              {8cb2d9b4-7c05-11de-842e-b4611d44fefa}
device                  ramdisk=[C:]\Recovery\8cb2d9b4-7c05-11de-842e-b4611d44fefa\Winre.wim,{8cb2d9b5-7c05-11de-842e-b4611d44fefa}
path                    \windows\system32\winload.exe
description             Windows Recovery Environment
inherit                 {bootloadersettings}
osdevice                ramdisk=[C:]\Recovery\8cb2d9b4-7c05-11de-842e-b4611d44fefa\Winre.wim,{8cb2d9b5-7c05-11de-842e-b4611d44fefa}
systemroot              \windows
nx                      OptIn
winpe                   Yes
 
Resume from Hibernate
---------------------
identifier              {8cb2d9b0-7c05-11de-842e-b4611d44fefa}
device                  boot
path                    \Windows\system32\winresume.exe
description             Windows Resume Application
locale                  en-US
inherit                 {resumeloadersettings}
filedevice              partition=C:
filepath                \hiberfil.sys
debugoptionenabled      No
 
Windows Memory Tester
---------------------
identifier              {memdiag}
device                  partition=C:
path                    \boot\memtest.exe
description             Windows Memory Diagnostic
locale                  en-US
inherit                 {globalsettings}
badmemoryaccess         Yes
 
EMS Settings
------------
identifier              {emssettings}
bootems                 Yes
 
Debugger Settings
-----------------
identifier              {dbgsettings}
debugtype               Serial
debugport               1
baudrate                115200
 
RAM Defects
-----------
identifier              {badmemory}
 
Global Settings
---------------
identifier              {globalsettings}
inherit                 {dbgsettings}
                        {emssettings}
                        {badmemory}
 
Boot Loader Settings
--------------------
identifier              {bootloadersettings}
inherit                 {globalsettings}
                        {hypervisorsettings}
 
Hypervisor Settings
-------------------
identifier              {hypervisorsettings}
hypervisordebugtype     Serial
hypervisordebugport     1
hypervisorbaudrate      115200
 
Resume Loader Settings
----------------------
identifier              {resumeloadersettings}
inherit                 {globalsettings}
 
Device options
--------------
identifier              {8cb2d9b5-7c05-11de-842e-b4611d44fefa}
description             Ramdisk Options
ramdisksdidevice        partition=C:
ramdisksdipath          \Recovery\8cb2d9b4-7c05-11de-842e-b4611d44fefa\boot.sdi
 
Device options
--------------
identifier              {ad6c7bc8-fa0f-11da-8ddf-0013200354d8}
description             Ramdisk Device Options
ramdisksdidevice        partition=\Device\HarddiskVolume1
ramdisksdipath          \boot.sdi
 
 
 
LastRegBack: 2014-08-03 13:23
 
==================== End Of Log ============================
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 31-07-2014 02
Ran by Brian at 2014-08-06 15:57:31
Running from C:\Users\Brian\Desktop
Boot Mode: Normal
==========================================================
 
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Microsoft Security Essentials (Enabled - Up to date) {641105E6-77ED-3F35-A304-765193BCB75F}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Microsoft Security Essentials (Enabled - Up to date) {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
 
==================== Installed Programs ======================
 
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
64 Bit HP CIO Components Installer (Version: 1.0.0 - Hewlett-Packard) Hidden
Acrobat.com (HKLM-x32\...\{287ECFA4-719A-2143-A09B-D6A12DE54E40}) (Version: 1.6.65 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.9.0.1380 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 3.9.0.1380 - Adobe Systems Incorporated) Hidden
Adobe Community Help (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.4.980 - Adobe Systems Incorporated.)
Adobe Community Help (x32 Version: 3.4.980 - Adobe Systems Incorporated.) Hidden
Adobe Content Viewer (HKLM-x32\...\com.adobe.dmp.contentviewer) (Version: 1.4.0 - Adobe Systems Incorporated)
Adobe Content Viewer (x32 Version: 1.4.0 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 14 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 14.0.0.145 - Adobe Systems Incorporated)
Adobe Flash Player 14 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 14.0.0.145 - Adobe Systems Incorporated)
Adobe Media Player (HKLM-x32\...\com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.8 - Adobe Systems Incorporated)
Adobe Media Player (x32 Version: 1.8 - Adobe Systems Incorporated) Hidden
Adobe Photoshop Lightroom 3.6 64-bit (HKLM\...\{D4F66BBA-D79E-4F11-9B06-70C3D75A2958}) (Version: 3.6.1 - Adobe)
Adobe Reader X (10.1.10) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AA1000000001}) (Version: 10.1.10 - Adobe Systems Incorporated)
Adobe Shockwave Player 11.6 (HKLM-x32\...\Adobe Shockwave Player) (Version: 11.6.3.633 - Adobe Systems, Inc.)
Adobe Widget Browser (HKLM-x32\...\com.adobe.WidgetBrowser.E7BED6E5DDA59983786DD72EBFA46B1598278E07.1) (Version: 2.0 Build 230 - Adobe Systems Incorporated.)
Adobe Widget Browser (x32 Version: 2.0.230 - Adobe Systems Incorporated.) Hidden
AIO_Scan (x32 Version: 90.0.222.000 - Hewlett-Packard) Hidden
Akamai NetSession Interface (HKCU\...\Akamai) (Version:  - Akamai Technologies, Inc)
Apple Application Support (HKLM-x32\...\{D9DAD0FF-495A-472B-9F10-BAE430A26682}) (Version: 3.0.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{787136D2-F0F8-4625-AA3F-72D7795AC842}) (Version: 7.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Application Mover (x64) (HKLM\...\Application Mover (x64 Shareware)_is1) (Version: 4.1 - Funduc Software Inc.)
ARIA Engine v1.0.9.8 (HKLM\...\ARIA Engine_is1) (Version: v1.0.9.8 - Plogue Art et Technologie, Inc)
Aspell 0.6 Dictionary (Language: en) (HKLM-x32\...\Aspell6-Dictionary-en) (Version:  - )
Aspell Data (HKLM-x32\...\Aspell) (Version:  - )
ASUS AI Recovery (HKLM-x32\...\{06585B02-F20D-4AB2-9A64-86EF2AE0F8F0}) (Version: 1.0.10 - ASUS)
ASUS Power4Gear Hybrid (HKLM\...\{91EFE3A1-585E-4F66-B5F6-F118F56C4C47}) (Version: 1.1.35 - ASUS)
Atheros Communications Inc.® AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 1.0.0.29 - Atheros Communications Inc.)
ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0003 - ASUS)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
BufferChm (x32 Version: 90.0.146.000 - Hewlett-Packard) Hidden
Build Tools - amd64 (Version: 12.0.21005 - Microsoft Corporation) Hidden
Build Tools - x86 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Build Tools Language Resources - amd64 (Version: 12.0.21005 - Microsoft Corporation) Hidden
Build Tools Language Resources - x86 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 4.09 - Piriform)
Cisco WebEx Meetings (HKCU\...\ActiveTouchMeetingClient) (Version:  - Cisco WebEx LLC)
Compatibility Pack for the 2007 Office system (HKLM-x32\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Copy (x32 Version: 90.0.146.000 - Hewlett-Packard) Hidden
CustomerResearchQFolder (x32 Version: 1.00.0000 - Hewlett-Packard) Hidden
CutePDF Writer 3.0 (HKLM\...\CutePDF Writer Installation) (Version:  - )
CyberLink LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.1908 - CyberLink Corp.)
CyberLink LabelPrint (x32 Version: 2.5.1908 - CyberLink Corp.) Hidden
CyberLink Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.1.3602c - CyberLink Corp.)
CyberLink Power2Go (x32 Version: 6.1.3602c - CyberLink Corp.) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{5C78021E-3C8E-4EDF-97EA-E9B8D808FD6D}) (Version:  - Microsoft)
Destination Component (x32 Version: 090.000.091.086 - Hewlett-Packard) Hidden
DeviceDiscovery (x32 Version: 90.0.205.000 - Hewlett-Packard) Hidden
DeviceManagementQFolder (x32 Version: 1.00.0000 - Hewlett-Packard) Hidden
DJ_AIO_ProductContext (x32 Version: 90.0.236.000 - Hewlett-Packard) Hidden
DJ_AIO_Software (x32 Version: 90.0.222.000 - Hewlett-Packard) Hidden
DJ_AIO_Software_min (x32 Version: 90.0.222.000 - Hewlett-Packard) Hidden
Entity Framework Tools for Visual Studio 2013 (HKLM-x32\...\{08AEF86A-1956-4846-B906-B01350E96E30}) (Version: 12.0.20912.0 - Microsoft Corporation)
ERUNT 1.1j (HKLM-x32\...\ERUNT_is1) (Version:  - Lars Hederer)
eSupportQFolder (x32 Version: 1.00.0000 - Hewlett-Packard) Hidden
ETDWare PS/2-x64 7.0.5.11_WHQL (HKLM\...\Elantech) (Version: 7.0.5.11 - ELAN Microelectronics Corp.)
F4100 (x32 Version: 90.0.222.000 - Hewlett-Packard) Hidden
F4100_doccd (x32 Version: 90.0.222.000 - Hewlett-Packard) Hidden
F4100_Help (x32 Version: 90.0.222.000 - Hewlett-Packard) Hidden
Facebook Video Calling 2.0.0.447 (HKLM-x32\...\{8DF41A9F-FE13-43E8-A003-5F9B55A011EE}) (Version: 2.0.447 - Skype Limited)
Fast Boot (HKLM\...\{13F4A7F3-EABC-4261-AF6B-1317777F0755}) (Version: 1.0.5 - ASUS)
Free YouTube to MP3 Converter version 3.12.2.430 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.12.2.430 - DVDVideoSoft Ltd.)
Garritan ARIA Player v1.02 (HKLM\...\__ARIA_1012___is1) (Version: v1.0.2.1 - Garritan)
Garritan Instruments for Finale (HKLM\...\__ARIA_1013___is1) (Version: v1.0.2.2 - Garritan)
Google Chrome (HKCU\...\Google Chrome) (Version: 36.0.1985.125 - Google Inc.)
Google Talk Plugin (HKLM-x32\...\{C1E3DFE7-4EAD-3E9E-A826-E06055BA5921}) (Version: 5.4.2.18903 - Google)
HP Customer Participation Program 9.0 (HKLM\...\HPExtendedCapabilities) (Version: 9.0 - HP)
HP Deskjet All-In-One Software 9.0 (HKLM\...\{FA8A44D7-3E8A-4034-9C4F-088FA6B72BC4}) (Version: 9.0 - HP)
HP Imaging Device Functions 9.0 (HKLM\...\HP Imaging Device Functions) (Version: 9.0 - HP)
HP Photosmart Essential 2.01 (HKLM\...\HP Photosmart Essential) (Version: 2.01 - HP)
HP Photosmart Essential2.01 (x32 Version: 1.01.0000 - Hewlett-Packard) Hidden
HP Solution Center 9.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 9.0 - HP)
HP Update (HKLM-x32\...\{AB40272D-92AB-4F30-B36B-22EDE16F8FE5}) (Version: 4.000.006.003 - Hewlett-Packard)
HPProductAssistant (x32 Version: 90.0.146.000 - Hewlett-Packard) Hidden
HPSSupply (HKLM-x32\...\{487B0B9B-DCD4-440D-89A0-A6EDE1A545A3}) (Version: 2.2.0.0000 - Hewlett Packard Development Company L.P.)
HTC BMP USB Driver (HKLM-x32\...\{31A559C1-9E4D-423B-9DD3-34A6C5398752}) (Version: 1.0.5375 - HTC)
HTC Driver Installer (HKLM-x32\...\{6D6664A9-3342-4948-9B7E-034EFE366F0F}) (Version: 3.0.0.005 - HTC Corporation)
inSSIDer 2.0 (HKLM\...\{57019733-78E6-43DE-8E6D-55349F0FDE6F}) (Version: 2.0.7 - MetaGeek)
Intel PROSet Wireless (Version:  - ) Hidden
Intel® Graphics Media Accelerator Driver (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2104 - Intel Corporation)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 6.0.0.1179 - Intel Corporation)
Intel® PROSet/Wireless WiFi Software (HKLM\...\{1A8BA6CE-822D-4888-89E2-ACBF4308F271}) (Version: 13.02.0000 - Intel Corporation)
Intel® Wireless Display (HKLM\...\{C298FF86-AB23-4B58-AC53-A23383C07B3A}) (Version: 1.2.20.0 - Intel Corporation)
iTunes (HKLM\...\{5A68A656-979F-4168-8795-E2E368AA4DC2}) (Version: 11.2.2.3 - Apple Inc.)
Java 7 Update 45 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417045FF}) (Version: 7.0.450 - Oracle)
Java 7 Update 60 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.600 - Oracle)
Java Auto Updater (x32 Version: 2.1.60.19 - Oracle, Inc.) Hidden
Java™ 6 Update 29 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86416029FF}) (Version: 6.0.290 - Oracle)
Java™ SE Development Kit 6 Update 23 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0160230}) (Version: 1.6.0.230 - Oracle)
Java™ SE Development Kit 6 Update 26 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0160260}) (Version: 1.6.0.260 - Oracle)
Java™ SE Development Kit 6 Update 29 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0160290}) (Version: 1.6.0.290 - Oracle)
Java™ SE Development Kit 7 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0170000}) (Version: 1.7.0.0 - Oracle)
Java™ SE Development Kit 7 Update 1 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0170010}) (Version: 1.7.0.10 - Oracle)
Junk Mail filter update (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
K-Lite Codec Pack 5.3.0 (64-bit) (HKLM\...\KLiteCodecPack64_is1) (Version: 5.3.0 - )
K-Lite Mega Codec Pack 7.8.0 (HKLM-x32\...\KLiteCodecPack_is1) (Version: 7.8.0 - )
Logitech Unifying Software 2.00 (HKLM\...\Logitech Unifying) (Version: 2.00.43 - Logitech)
Malwarebytes Anti-Malware version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
MarketResearch (x32 Version: 90.0.146.000 - Hewlett-Packard) Hidden
Microsoft .NET Framework 1.1 (HKLM-x32\...\Microsoft .NET Framework 1.1  (1033)) (Version:  - )
Microsoft .NET Framework 1.1 (x32 Version: 1.1.4322 - Microsoft) Hidden
Microsoft .NET Framework 4 Multi-Targeting Pack (x32 Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5 Multi-Targeting Pack (HKLM-x32\...\{56E962F0-4FB0-3C67-88DB-9EAA6EEFC493}) (Version: 4.5.50710 - Microsoft Corporation)
Microsoft .NET Framework 4.5 SDK (HKLM-x32\...\{4AE57014-05C4-4864-A13D-86517A7E1BA4}) (Version: 4.5.50710 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (ENU) (HKLM-x32\...\{D3517C62-68A5-37CF-92F7-93C029A89681}) (Version: 4.5.50932 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (HKLM-x32\...\{6A0C6700-EA93-372C-8871-DCCF13D160A4}) (Version: 4.5.50932 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 SDK (HKLM-x32\...\{19A5926D-66E1-46FC-854D-163AA10A52D3}) (Version: 4.5.51641 - Microsoft Corporation)
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft C++ REST SDK for Visual Studio 2013 (x32 Version: 1.0 - Microsoft Corporation) Hidden
Microsoft Chart Controls for Microsoft .NET Framework 3.5 (KB2500170) (HKLM-x32\...\{41785C66-90F2-40CE-8CB5-1C94BFC97280}) (Version: 3.5.30730.0 - Microsoft Corporation)
Microsoft Help Viewer 2.1 (HKLM-x32\...\Microsoft Help Viewer 2.1) (Version: 2.1.21005 - Microsoft Corporation)
Microsoft Help Viewer 2.1 (x32 Version: 2.1.21005 - Microsoft Corporation) Hidden
Microsoft IntelliPoint 8.2 (HKLM\...\Microsoft IntelliPoint 8.2) (Version: 8.20.468.0 - Microsoft Corporation)
Microsoft IntelliPoint 8.2 (Version: 8.20.468.0 - Microsoft Corporation) Hidden
Microsoft NuGet - Visual Studio Express 2013 for Windows Desktop (x32 Version: 2.7.40911.287 - Microsoft Corporation) Hidden
Microsoft Office Access MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Access Setup Metadata MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Groove MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook Connector (HKLM-x32\...\{95140000-007A-0409-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation)
Microsoft Office Outlook MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Outlook Social Connector Provider for Windows Live Messenger 32-bit (HKLM-x32\...\{95140000-007D-0409-0000-0000000FF1CE}) (Version: 14.0.5120.5000 - Microsoft Corporation)
Microsoft Search Enhancement Pack (x32 Version: 3.0.133.0 - Microsoft Corporation) Hidden
Microsoft Security Client (Version: 4.5.0216.0 - Microsoft Corporation) Hidden
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.5.216.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SkyDrive (HKCU\...\SkyDriveSetup.exe) (Version: 16.4.6013.0910 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server 2012 Command Line Utilities  (HKLM\...\{58FED865-4F13-408D-A5BF-996019C4B936}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Data-Tier App Framework  (HKLM-x32\...\{1B876496-B3A2-4D22-9B12-B608A3FD4B8B}) (Version: 11.1.2902.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Data-Tier App Framework  (x64) (HKLM\...\{A6BA243E-85A3-4635-A269-32949C98AC7F}) (Version: 11.1.2902.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Express LocalDB  (HKLM\...\{6C026A91-640F-4A23-8B68-05D589CC6F18}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Management Objects  (HKLM-x32\...\{2F7DBBE6-8EBC-495C-9041-46A772F4E311}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Management Objects  (x64) (HKLM\...\{43A5C316-9521-49C3-B9B6-FCE5E1005DF0}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Native Client  (HKLM\...\{D411E9C9-CE62-4DBF-9D92-4CB22B750ED5}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Transact-SQL ScriptDom  (HKLM\...\{54C5041B-0E91-4E92-8417-AAA12493C790}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 T-SQL Language Service  (HKLM-x32\...\{04DD7AF4-A6D3-4E30-9BB9-3B3670719234}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 SP1 x64 ENU (HKLM\...\{78909610-D229-459C-A936-25D92283D3FD}) (Version: 4.0.8876.1 - Microsoft Corporation)
Microsoft SQL Server Data Tools - enu (12.0.30919.1) (HKLM-x32\...\{0D7FCBFB-F478-4D32-901C-83F0BF5A3501}) (Version: 12.0.30919.1 - Microsoft Corporation)
Microsoft SQL Server Data Tools Build Utilities - enu (12.0.30919.1) (HKLM-x32\...\{6781FF9B-E87D-4A03-9373-A55A288B83FA}) (Version: 12.0.30919.1 - Microsoft Corporation)
Microsoft Streets & Trips 2006 with GPS Locator (HKLM-x32\...\{83ED1E80-A1B7-4226-BCF1-AC4A88151A6B}) (Version: 13.00.09.0200 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2012 (HKLM-x32\...\{070C38AC-05CE-43DF-9A20-141332F6AB2B}) (Version: 11.1.3366.16 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2012 (x64) (HKLM\...\{05FF8209-C4F1-4C77-BC28-791653156D20}) (Version: 11.1.3366.16 - Microsoft Corporation)
Microsoft Team Foundation Server 2013 Object Model (x64) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Team Foundation Server 2013 Object Model Language Pack (x64) - ENU (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++  x64 Libraries (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++  x86 Libraries (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175 (HKLM\...\{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}) (Version: 8.0.51011 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x64 9.0.30729.4148 (HKLM\...\{EE936C7A-EA40-31D5-9B65-8E3E089C3828}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (HKLM-x32\...\{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (HKLM\...\{8338783A-0968-3B85-AFC7-BAAE0A63DC50}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM-x32\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 32bit Compilers - ENU Resources (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Core Libraries (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005 (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Debug Runtime - 12.0.21005 (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005 (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Debug Runtime - 12.0.21005 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86-x64 Compilers (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2013 Express Prerequisites x64 - ENU (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2013 Preparation (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2013 Shell (Minimum) (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2013 Shell (Minimum) Interop Assemblies (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2013 Shell (Minimum) Resources (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2013 Team Explorer Language Pack - ENU (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual Studio Express 2013 for Windows Desktop - ENU (HKLM-x32\...\{bec3d87e-1d6d-4b15-8383-29068c86b888}) (Version: 12.0.21005.13 - Microsoft Corporation)
Microsoft Visual Studio Express 2013 for Windows Desktop - ENU (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual Studio Express 2013 for Windows Desktop (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual Studio Ultimate 2013 XAML UI Designer Core (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual Studio Ultimate 2013 XAML UI Designer enu Resources (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
Microsoft_VC80_ATL_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_ATL_x86_x64 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_CRT_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_CRT_x86_x64 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFC_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFC_x86_x64 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFCLOC_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFCLOC_x86_x64 (Version: 80.50727.4053 - Adobe) Hidden
Microsoft_VC90_ATL_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_ATL_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_CRT_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_CRT_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFC_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFC_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFCLOC_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFCLOC_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
Movie Maker (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Mozilla Firefox 31.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 31.0 (x86 en-US)) (Version: 31.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 31.0 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden
MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB973685) (HKLM-x32\...\{859DFA95-E4A6-48CD-B88E-A3E483E89B44}) (Version: 4.30.2107.0 - Microsoft Corporation)
MyFonts Order M2450391 (HKLM-x32\...\{C33F5967-E096-61D7-DE35-62032378A679}) (Version: 1.0 - MyFonts.com, Inc.)
NEC Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{D7BF9739-8A68-4335-BBEE-37752AD9E86B}) (Version: 1.0.19.0 - NEC Electronics Corporation)
NEC Electronics USB 3.0 Host Controller Driver (x32 Version: 1.0.19.0 - NEC Electronics Corporation) Hidden
NVIDIA 3D Vision Driver 327.02 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 327.02 - NVIDIA Corporation)
NVIDIA Control Panel 327.02 (Version: 327.02 - NVIDIA Corporation) Hidden
NVIDIA Display Control Panel (HKLM\...\NVIDIA Display Control Panel) (Version: 6.14.12.5737 - NVIDIA Corporation)
NVIDIA Graphics Driver 327.02 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 327.02 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.133.889 - NVIDIA Corporation) Hidden
NVIDIA Optimus 1.10.8 (Version: 1.10.8 - NVIDIA Corporation) Hidden
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.13.2702 - NVIDIA Corporation) Hidden
NVIDIA Update 1.10.8 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 1.10.8 - NVIDIA Corporation)
NVIDIA Update Components (Version: 1.10.8 - NVIDIA Corporation) Hidden
NVIDIA Updatus (x32 Version: 1.0.3 - NVIDIA Corporation) Hidden
Photo Gallery (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Prerequisites for SSDT  (HKLM-x32\...\{35C1D9D6-87C0-46A3-B1B4-EDBCC063221C}) (Version: 11.1.3000.0 - Microsoft Corporation)
PSSWCORE (x32 Version: 2.01.0000 - Hewlett-Packard) Hidden
QuickTime (HKLM-x32\...\{B67BAFBA-4C9F-48FA-9496-933E3B255044}) (Version: 7.74.80.86 - Apple Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6077 - Realtek Semiconductor Corp.)
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.4.6.0 - SAMSUNG Electronics Co., Ltd.)
Scan (x32 Version: 9.0.0.0 - Hewlett-Packard) Hidden
Seagate File Recovery for Windows 2.0 (HKLM-x32\...\Seagate File Recovery for WindowsNSIS) (Version: 2.0.7631 - Seagate)
SeaTools for Windows (HKLM-x32\...\{98613C99-1399-416C-A07C-1EE1C585D872}) (Version: 1.2.0.5 - Seagate Technology)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (x32 Version:  - Microsoft) Hidden
SolutionCenter (x32 Version: 90.0.146.000 - Hewlett-Packard) Hidden
SRS Premium Sound Control Panel (HKLM\...\{E5CF6B9C-3ABE-43C9-9413-AD5FFC98F049}) (Version: 1.8.50.0 - SRS Labs, Inc.)
Status (x32 Version: 90.0.146.000 - Hewlett-Packard) Hidden
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
System Requirements Lab CYRI (HKLM-x32\...\{943A8D28-80D6-41DC-AE94-81FEB42041BF}) (Version: 4.5.1.0 - Husdawg, LLC)
Team Explorer for Microsoft Visual Studio 2013 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version:  - TeamSpeak Systems GmbH)
Toolbox (x32 Version: 90.0.146.000 - Hewlett-Packard) Hidden
TrayApp (x32 Version: 90.0.146.000 - Hewlett-Packard) Hidden
UnloadSupport (x32 Version: 9.0.0 - Hewlett-Packard) Hidden
Update for  (KB2504637) (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}.KB2504637) (Version: 1 - Microsoft Corporation)
Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{B4A38370-2ADB-46B0-A1B0-0C4A2F7DCA31}) (Version:  - Microsoft)
Update for Microsoft Excel 2010 (KB2837600) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{4ACD847E-547D-493F-9A86-F73EAE1B5174}) (Version:  - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2878281) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{302A8FE3-EBF5-486C-A431-16A1CD914443}) (Version:  - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2878281) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUS_{302A8FE3-EBF5-486C-A431-16A1CD914443}) (Version:  - Microsoft)
Update for Microsoft InfoPath 2010 (KB2817369) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{4EEA3D3E-989C-4DF4-AB0A-3042C0C12AA3}) (Version:  - Microsoft)
Update for Microsoft InfoPath 2010 (KB2817396) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{39767ECA-1731-45DB-AB5B-6BF40E151D66}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2494150) (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{3FCFD88F-4D13-4F38-8625-ABABEA7F61EA}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{DADF7E25-FFA4-4D02-BE84-1DAE62C18516}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUS_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{287A1E92-9E41-4BC1-8920-B3D0E9220800}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{9D69691D-823D-4C3E-9B12-563A3F520366}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUS_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{35698CB7-AAA2-4577-B505-DBFF504AEF23}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{5AA578BB-759C-40FD-9661-A737C0884541}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2825635) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{F1A20C69-9FE5-40FD-9CD5-84EABC2EF64A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2825640) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{BA610006-2C39-4419-9834-CF61AB24810A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2837581) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{334FB202-28D7-4BA4-8BC9-4FE4AB233EA0}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2837606) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{B0D672F7-883E-4279-8E75-D97A5445AB46}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2878252) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{B0DB9F71-E0F7-4FE6-8925-35B860CAC0C4}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2881028) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0409-0000-0000000FF1CE}_Office14.PROPLUS_{C0BDC1DE-C35E-422B-8CBD-C1D555468720}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2881028) 32-Bit Edition (HKLM-x32\...\{90140000-001F-040C-0000-0000000FF1CE}_Office14.PROPLUS_{089DBFD7-8211-43B2-AAAE-5BDD8C23E3A8}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2881028) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0C0A-0000-0000000FF1CE}_Office14.PROPLUS_{794A0574-4E2F-4D58-B2A0-D7460ACDC85C}) (Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUS_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version:  - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{2AB483F1-C86E-427A-83B4-23889B03512D}) (Version:  - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM-x32\...\{90140000-001A-0409-0000-0000000FF1CE}_Office14.PROPLUS_{DCE104A1-1875-4469-A83D-A5BFA6C4640F}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{2BA40F82-F3A4-441C-BF1A-ED4C42FF4872}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition (HKLM-x32\...\{90140000-0018-0409-0000-0000000FF1CE}_Office14.PROPLUS_{334AA0A1-2BB1-4D74-B66A-2B2C4D9C2C87}) (Version:  - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{F9F5A080-AF38-4966-9A6B-C43DCA465035}) (Version:  - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUS_{F9F5A080-AF38-4966-9A6B-C43DCA465035}) (Version:  - Microsoft)
Update for Microsoft Visio 2010 (KB2880526) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{7B29D8B8-6A87-496C-A65E-B935E740448A}) (Version:  - Microsoft)
Update for Microsoft Visio Viewer 2010 (KB2837587) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{38CF30E4-3348-4BD1-A859-B630C355A56F}) (Version:  - Microsoft)
Update for Microsoft Word 2010 (KB2880529) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{B9B89E01-5B6B-4F73-BC34-B2C0D8ACB4CD}) (Version:  - Microsoft)
USB2.0 UVC 2M WebCam (HKLM\...\USB2.0 UVC 2M WebCam) (Version: 5.8.54000.206 - Sonix)
Ventrilo Client for Windows x64 (HKLM\...\{EEB3F6BB-318D-4CE5-989F-8191FCBFB578}) (Version: 3.0.8.0 - Flagship Industries, Inc.)
VideoToolkit01 (x32 Version: 90.0.146.000 - Hewlett-Packard) Hidden
WebReg (x32 Version: 90.0.146.000 - Hewlett-Packard) Hidden
Windows Live Communications Platform (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3508.0205 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Family Safety (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Family Safety (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4311.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Messenger (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Sync (HKLM-x32\...\{B10914FD-8812-47A4-85A1-50FCDE7F1F33}) (Version: 14.0.8117.416 - Microsoft Corporation)
Windows Live UX Platform (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Software Development Kit (x32 Version: 8.100.25984 - Microsoft Corporation) Hidden
Windows Software Development Kit (x32 Version: 8.59.29989 - Microsoft Corporation) Hidden
Windows Software Development Kit DirectX x64 Remote (Version: 8.100.25984 - Microsoft Corporation) Hidden
Windows Software Development Kit DirectX x64 Remote (Version: 8.59.29989 - Microsoft Corporation) Hidden
Windows Software Development Kit DirectX x86 Remote (x32 Version: 8.100.25984 - Microsoft Corporation) Hidden
Windows Software Development Kit DirectX x86 Remote (x32 Version: 8.59.29989 - Microsoft Corporation) Hidden
Windows Software Development Kit for Windows Store Apps (x32 Version: 8.100.25984 - Microsoft Corporation) Hidden
Windows Software Development Kit for Windows Store Apps DirectX x64 Remote (Version: 8.100.25984 - Microsoft Corporation) Hidden
Windows Software Development Kit for Windows Store Apps DirectX x86 Remote (x32 Version: 8.100.25984 - Microsoft Corporation) Hidden
Windows XP Targeting with C++ (x32 Version: 11.0.51106 - Microsoft Corporation) Hidden
WinRAR archiver (HKLM\...\WinRAR archiver) (Version:  - )
WinZip 18.0 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C240DF}) (Version: 18.0.10661 - WinZip Computing, S.L. )
 
==================== Custom CLSID (selected items): ==========================
 
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
 
CustomCLSID: HKU\S-1-5-21-2382725470-2412313811-1806556634-1001_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\Brian\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-2382725470-2412313811-1806556634-1001_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\Brian\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2382725470-2412313811-1806556634-1001_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\Brian\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2382725470-2412313811-1806556634-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Brian\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-2382725470-2412313811-1806556634-1001_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\Brian\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2382725470-2412313811-1806556634-1001_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Brian\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\FileSyncApi64.dll (Microsoft Corporation)
 
==================== Restore Points  =========================
 
01-08-2014 19:27:06 Revo Uninstaller's restore point - Mysearchdial
01-08-2014 19:28:51 Revo Uninstaller's restore point - LPT System Updater Service
01-08-2014 19:30:07 Revo Uninstaller's restore point - Java™ 6 Update 29
01-08-2014 19:30:20 Removed Java™ 6 Update 29
01-08-2014 19:33:00 Revo Uninstaller's restore point - Fast And Safe
01-08-2014 19:34:10 Revo Uninstaller's restore point - BrowserSafeguard with RocketTab
01-08-2014 19:35:17 Revo Uninstaller's restore point - Advanced System Protector
01-08-2014 19:36:35 Revo Uninstaller's restore point - Right Backup
01-08-2014 19:37:48 Revo Uninstaller's restore point - HQPro-1.9
02-08-2014 20:02:53 Revo Uninstaller's restore point - 1 Media Player version 2.2.0
02-08-2014 20:29:56 Revo Uninstaller's restore point - Movie Master
02-08-2014 20:33:22 Revo Uninstaller's restore point - dealstear
02-08-2014 20:34:54 Revo Uninstaller's restore point - System Requirements Lab
02-08-2014 20:36:09 Revo Uninstaller's restore point - Media Downloader version 1.5
02-08-2014 20:38:51 Revo Uninstaller's restore point - Search module
02-08-2014 20:40:43 Revo Uninstaller's restore point - Search module
03-08-2014 21:25:54 Revo Uninstaller's restore point - Browsers Apps
03-08-2014 21:31:39 Revo Uninstaller's restore point - Search Protect
03-08-2014 21:33:48 Revo Uninstaller's restore point - FreeSoftToday 025.189
03-08-2014 21:41:04 Revo Uninstaller's restore point - Severe Weather Alerts
03-08-2014 21:43:35 Revo Uninstaller's restore point - Mezaa
03-08-2014 21:44:40 Revo Uninstaller's restore point - Remote Desktop Access (VuuPC)
03-08-2014 21:45:51 Revo Uninstaller's restore point - WindowsMangerProtect20.0.0.502
03-08-2014 21:47:04 Revo Uninstaller's restore point - Youtube Downloader HD v. 2.9.9.14
03-08-2014 21:47:57 Revo Uninstaller's restore point - istart123 uninstall
 
==================== Hosts content: ==========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2010-08-26 10:32 - 2014-07-30 23:10 - 00000098 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1       localhost
::1       localhost
 
==================== Scheduled Tasks (whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
 
Task: {0071D28C-BC20-44F4-9F98-A8091A8A20FB} - System32\Tasks\ASUS P4G => C:\Program Files\P4G\BatteryLife.exe [2010-04-08] (ATK)
Task: {1D123A21-1C27-41F4-AA0D-9B32FADFD670} - System32\Tasks\pcreg => C:\Program Files\pcmax\service.exe
Task: {24A0FE85-2147-4E02-9FCC-149079387F67} - System32\Tasks\P4G Sidebar => C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-20] (Microsoft Corporation)
Task: {2702479C-5089-496B-B116-BE09256E4C4B} - System32\Tasks\PastaQuotes => C:\Program Files (x86)\pastaleads\ScheduledTask.exe
Task: {32FCAC19-1AE4-4AC5-8181-CBC4A3606EBB} - System32\Tasks\Microsoft_Hardware_Launch_IPoint_exe => C:\Program Files\Microsoft IntelliPoint\IPoint.exe [2011-08-01] (Microsoft Corporation)
Task: {422201BC-2C8B-47C7-9A88-95F443F57E5E} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-2382725470-2412313811-1806556634-1001UA => C:\Users\Brian\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-08-16] (Facebook Inc.)
Task: {42820F2A-8FFC-4842-9A31-793541A84C44} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-07-09] (Adobe Systems Incorporated)
Task: {577C81F6-9B62-4F37-A6D6-FE454080D637} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {7210C382-EA7B-4E4B-B895-7BC17107F588} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-12-17] (Piriform Ltd)
Task: {79EFE631-3033-4B79-AA04-D08CCDEEC4F8} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-2382725470-2412313811-1806556634-1001Core => C:\Users\Brian\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-08-16] (Facebook Inc.)
Task: {7F94157B-CD45-465C-9084-E4099E483EB1} - System32\Tasks\Launch HTC Sync Loader => C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe
Task: {BD1EDFF7-4636-4C6B-8C57-FB1F142D2123} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2382725470-2412313811-1806556634-1001UA => C:\Users\Brian\AppData\Local\Google\Update\GoogleUpdate.exe [2010-08-12] (Google Inc.)
Task: {F61CD649-F644-4ACF-81CE-6F5201717F63} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2382725470-2412313811-1806556634-1001Core => C:\Users\Brian\AppData\Local\Google\Update\GoogleUpdate.exe [2010-08-12] (Google Inc.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2382725470-2412313811-1806556634-1001Core.job => C:\Users\Brian\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-2382725470-2412313811-1806556634-1001UA.job => C:\Users\Brian\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2382725470-2412313811-1806556634-1001Core.job => C:\Users\Brian\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2382725470-2412313811-1806556634-1001UA.job => C:\Users\Brian\AppData\Local\Google\Update\GoogleUpdate.exe
 
==================== Loaded Modules (whitelisted) =============
 
2010-03-05 11:21 - 2010-03-05 11:21 - 01501696 _____ () C:\Program Files\Common Files\Intel\WirelessCommon\Libeay32.dll
2012-10-12 18:21 - 2013-08-29 17:43 - 00097568 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2010-10-17 21:45 - 2012-03-11 14:56 - 00086608 _____ () C:\Windows\System32\cpwmon64.dll
2014-07-28 18:17 - 2014-08-03 13:53 - 00098816 _____ () C:\Program Files (x86)\SupTab\WindowsSupportDll64.dll
2010-01-11 12:27 - 2010-01-11 12:27 - 00017920 _____ () C:\Program Files\P4G\DevMng.dll
2010-02-03 19:14 - 2010-02-03 19:14 - 00033792 _____ () C:\Program Files\P4G\OvrClk.dll
2013-09-05 01:17 - 2013-09-05 01:17 - 04300456 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2010-10-20 16:23 - 2010-10-20 16:23 - 08801632 _____ () C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll
2010-08-25 22:36 - 2010-03-15 11:28 - 00166400 _____ () D:\Program Files\WinRAR\rarext.dll
2010-09-16 14:06 - 2010-09-16 14:06 - 00080896 _____ () C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
2014-07-28 18:17 - 2014-08-03 13:53 - 00724480 _____ () C:\Program Files (x86)\SupTab\HpUI.exe
2014-07-16 11:16 - 2014-07-16 11:16 - 00064000 _____ () C:\Program Files (x86)\SupTab\Loader32.exe
2014-07-16 10:55 - 2014-07-16 10:55 - 00073216 _____ () C:\Program Files (x86)\SupTab\Loader64.exe
2011-08-31 19:13 - 2011-08-31 19:13 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2014-04-23 16:05 - 2014-04-23 16:05 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-04-23 16:04 - 2014-04-23 16:04 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2014-07-28 18:17 - 2014-08-03 13:53 - 00086016 _____ () C:\Program Files (x86)\SupTab\WindowsSupportDll32.dll
2009-11-02 16:20 - 2009-11-02 16:20 - 00619816 _____ () C:\Program Files (x86)\CyberLink\Power2Go\CLMediaLibrary.dll
2009-11-02 16:23 - 2009-11-02 16:23 - 00013096 _____ () C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvcPS.dll
2014-08-02 20:55 - 2014-07-15 04:24 - 00718664 _____ () C:\Users\Brian\AppData\Local\Google\Chrome\Application\36.0.1985.125\libglesv2.dll
2014-08-02 20:55 - 2014-07-15 04:24 - 00126280 _____ () C:\Users\Brian\AppData\Local\Google\Chrome\Application\36.0.1985.125\libegl.dll
2014-08-02 20:55 - 2014-07-15 04:24 - 08537928 _____ () C:\Users\Brian\AppData\Local\Google\Chrome\Application\36.0.1985.125\pdf.dll
2014-08-02 20:55 - 2014-07-15 04:24 - 00353096 _____ () C:\Users\Brian\AppData\Local\Google\Chrome\Application\36.0.1985.125\ppGoogleNaClPluginChrome.dll
2014-08-02 20:55 - 2014-07-15 04:24 - 01732936 _____ () C:\Users\Brian\AppData\Local\Google\Chrome\Application\36.0.1985.125\ffmpegsumo.dll
 
==================== Alternate Data Streams (whitelisted) =========
 
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
 
AlternateDataStreams: C:\ProgramData\Microsoft:c7wMWfpDZco0CueOuX3NgczI
AlternateDataStreams: C:\ProgramData\Microsoft:oE5zZeoZTDVj6Nuj4gytnH0
AlternateDataStreams: C:\Users\Brian\Cookies:4eQ7kx4rxCf1FI3I4wR
 
==================== Safe Mode (whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MZA => ""="service"
 
==================== EXE Association (whitelisted) =============
 
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
 
 
==================== MSCONFIG/TASK MANAGER disabled items =========
 
(Currently there is no automatic fix for this section.)
 
MSCONFIG\startupfolder: C:^Users^Brian^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk => C:\Windows\pss\Dropbox.lnk.Startup
MSCONFIG\startupfolder: C:^Users^Brian^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^ERUNT AutoBackup.lnk => C:\Windows\pss\ERUNT AutoBackup.lnk.Startup
MSCONFIG\startupfolder: C:^Users^Brian^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^JaxUploader.lnk => C:\Windows\pss\JaxUploader.lnk.Startup
MSCONFIG\startupfolder: C:^Users^Brian^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^PdaNet Desktop.lnk => C:\Windows\pss\PdaNet Desktop.lnk.Startup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: Adobe Reader Speed Launcher => "D:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: ASUS Screen Saver Protector => C:\Windows\AsScrPro.exe
MSCONFIG\startupreg: ASUS WebStorage => C:\Program Files (x86)\ASUS\ASUS WebStorage\SERVICE\AsusWSService.exe
MSCONFIG\startupreg: CLMLServer => "C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe"
MSCONFIG\startupreg: doubleTwist => C:\Program Files (x86)\doubleTwist 2.0\DoubleTwist.DeviceHelper.exe
MSCONFIG\startupreg: ETDWare => %ProgramFiles%\Elantech\ETDCtrl.exe
MSCONFIG\startupreg: FileHippo.com => "D:\Program Files (x86)\FileHippo.com\UpdateChecker.exe" /background
MSCONFIG\startupreg: HTC Sync Loader => "C:\Program Files (x86)\HTC\HTC Sync 3.0\htcUPCTLoader.exe" -startup
MSCONFIG\startupreg: IntelWireless => "C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe" /tf Intel Wireless Tray
MSCONFIG\startupreg: iTunesHelper => "D:\Program Files (x86)\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: RtHDVCpl => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
MSCONFIG\startupreg: Steam => "D:\Program Files (x86)\Steam\Steam.exe" -silent
MSCONFIG\startupreg: WinampAgent => "D:\Program Files (x86)\Winamp\winampa.exe"
 
==================== Faulty Device Manager Devices =============
 
Name: iPodDrv
Description: iPodDrv
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: iPodDrv
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (08/03/2014 05:01:25 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: mbam.exe, version: 1.0.0.532, time stamp: 0x53518532
Faulting module name: MSVCR100.dll, version: 10.0.40219.325, time stamp: 0x4df2be1e
Exception code: 0x40000015
Fault offset: 0x0008d6fd
Faulting process id: 0x774
Faulting application start time: 0xmbam.exe0
Faulting application path: mbam.exe1
Faulting module path: mbam.exe2
Report Id: mbam.exe3
 
Error: (08/03/2014 04:56:56 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: mbam.exe, version: 1.0.0.532, time stamp: 0x53518532
Faulting module name: MSVCR100.dll, version: 10.0.40219.325, time stamp: 0x4df2be1e
Exception code: 0x40000015
Fault offset: 0x0008d6fd
Faulting process id: 0xdc8
Faulting application start time: 0xmbam.exe0
Faulting application path: mbam.exe1
Faulting module path: mbam.exe2
Report Id: mbam.exe3
 
Error: (08/03/2014 04:56:35 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: mbam.exe, version: 1.0.0.532, time stamp: 0x53518532
Faulting module name: MSVCR100.dll, version: 10.0.40219.325, time stamp: 0x4df2be1e
Exception code: 0x40000015
Fault offset: 0x0008d6fd
Faulting process id: 0xae4
Faulting application start time: 0xmbam.exe0
Faulting application path: mbam.exe1
Faulting module path: mbam.exe2
Report Id: mbam.exe3
 
Error: (08/03/2014 04:56:26 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: mbam.exe, version: 1.0.0.532, time stamp: 0x53518532
Faulting module name: MSVCR100.dll, version: 10.0.40219.325, time stamp: 0x4df2be1e
Exception code: 0x40000015
Fault offset: 0x0008d6fd
Faulting process id: 0xe50
Faulting application start time: 0xmbam.exe0
Faulting application path: mbam.exe1
Faulting module path: mbam.exe2
Report Id: mbam.exe3
 
Error: (08/03/2014 04:56:11 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: mbam.exe, version: 1.0.0.532, time stamp: 0x53518532
Faulting module name: MSVCR100.dll, version: 10.0.40219.325, time stamp: 0x4df2be1e
Exception code: 0x40000015
Fault offset: 0x0008d6fd
Faulting process id: 0x450
Faulting application start time: 0xmbam.exe0
Faulting application path: mbam.exe1
Faulting module path: mbam.exe2
Report Id: mbam.exe3
 
Error: (08/03/2014 04:43:49 PM) (Source: PlsvcV2) (EventID: 99) (User: )
Description: on service stopRetrieving the COM class factory for component with CLSID {6EEBC7FF-67DA-4B90-9251-C2C5696E4B48} failed due to the following error: 80070424 The specified service does not exist as an installed service. (Exception from HRESULT: 0x80070424).
 
Error: (08/03/2014 04:38:04 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program sllauncher.exe version 5.1.30514.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
 
Process ID: 1e1c
 
Start Time: 01cfaf63157063f7
 
Termination Time: 5
 
Application Path: C:\Program Files (x86)\Microsoft Silverlight\sllauncher.exe
 
Report Id: 6e2bdc64-1b56-11e4-8d28-20cf303479aa
 
Error: (08/03/2014 01:52:59 PM) (Source: WindowsMangerProtect) (EventID: 102) (User: )
Description: WindowsMangerProtect
 
Error: (08/03/2014 01:52:49 PM) (Source: MsiInstaller) (EventID: 11309) (User: CHARLIE)
Description: Product: Google Update Helper -- Error 1309. Error reading from file: C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\Google\Update\RequiredFile.txt.  System error 3.  Verify that the file exists and that you can access it.
 
Error: (08/03/2014 01:52:29 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: plugin-container.exe, version: 31.0.0.5310, time stamp: 0x53c75e91
Faulting module name: mozalloc.dll, version: 31.0.0.5310, time stamp: 0x53c72e91
Exception code: 0x80000003
Fault offset: 0x0000141b
Faulting process id: 0x1b00
Faulting application start time: 0xplugin-container.exe0
Faulting application path: plugin-container.exe1
Faulting module path: plugin-container.exe2
Report Id: plugin-container.exe3
 
 
System errors:
=============
Error: (08/06/2014 03:52:40 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The HomeGroup Provider service depends on the Function Discovery Resource Publication service which failed to start because of the following error: 
%%-2147467259
 
Error: (08/06/2014 03:52:40 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Function Discovery Resource Publication service terminated with the following error: 
%%-2147467259
 
Error: (08/03/2014 04:55:14 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The NVIDIA Update Service Daemon service failed to start due to the following error: 
%%1069
 
Error: (08/03/2014 04:55:14 PM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: The nvUpdatusService service was unable to log on as .\UpdatusUser with the currently configured password due to the following error: 
%%1330
 
To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC).
 
Error: (08/03/2014 04:54:04 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The HomeGroup Provider service depends on the Function Discovery Resource Publication service which failed to start because of the following error: 
%%-2147467259
 
Error: (08/03/2014 04:54:04 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Function Discovery Resource Publication service terminated with the following error: 
%%-2147467259
 
Error: (08/03/2014 04:53:02 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The WebcamMax, WDM Video Capture service failed to start due to the following error: 
%%1058
 
Error: (08/03/2014 04:52:58 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The pcmaxservice Service service failed to start due to the following error: 
%%2
 
Error: (08/03/2014 04:52:52 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The iPodDrv service failed to start due to the following error: 
%%2
 
Error: (08/03/2014 04:52:52 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Function Discovery Resource Publication service terminated with the following error: 
%%-2147467259
 
 
Microsoft Office Sessions:
=========================
Error: (08/03/2014 05:01:25 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: mbam.exe1.0.0.53253518532MSVCR100.dll10.0.40219.3254df2be1e400000150008d6fd77401cfaf66768bef01C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exeC:\Program Files (x86)\Malwarebytes Anti-Malware\MSVCR100.dllb5f50d1d-1b59-11e4-a508-20cf303479aa
 
Error: (08/03/2014 04:56:56 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: mbam.exe1.0.0.53253518532MSVCR100.dll10.0.40219.3254df2be1e400000150008d6fddc801cfaf65d5ef6296C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exeC:\Program Files (x86)\Malwarebytes Anti-Malware\MSVCR100.dll15440e05-1b59-11e4-a508-20cf303479aa
 
Error: (08/03/2014 04:56:35 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: mbam.exe1.0.0.53253518532MSVCR100.dll10.0.40219.3254df2be1e400000150008d6fdae401cfaf65c9cf1cb2C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exeC:\Program Files (x86)\Malwarebytes Anti-Malware\MSVCR100.dll09132612-1b59-11e4-a508-20cf303479aa
 
Error: (08/03/2014 04:56:26 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: mbam.exe1.0.0.53253518532MSVCR100.dll10.0.40219.3254df2be1e400000150008d6fde5001cfaf65c12cc005C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exeC:\Program Files (x86)\Malwarebytes Anti-Malware\MSVCR100.dll03ac2a62-1b59-11e4-a508-20cf303479aa
 
Error: (08/03/2014 04:56:11 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: mbam.exe1.0.0.53253518532MSVCR100.dll10.0.40219.3254df2be1e400000150008d6fd45001cfaf65b98fc93bC:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exeC:\Program Files (x86)\Malwarebytes Anti-Malware\MSVCR100.dllfa659c0d-1b58-11e4-a508-20cf303479aa
 
Error: (08/03/2014 04:43:49 PM) (Source: PlsvcV2) (EventID: 99) (User: )
Description: on service stopRetrieving the COM class factory for component with CLSID {6EEBC7FF-67DA-4B90-9251-C2C5696E4B48} failed due to the following error: 80070424 The specified service does not exist as an installed service. (Exception from HRESULT: 0x80070424).
 
Error: (08/03/2014 04:38:04 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: sllauncher.exe5.1.30514.01e1c01cfaf63157063f75C:\Program Files (x86)\Microsoft Silverlight\sllauncher.exe6e2bdc64-1b56-11e4-8d28-20cf303479aa
 
Error: (08/03/2014 01:52:59 PM) (Source: WindowsMangerProtect) (EventID: 102) (User: )
Description: WindowsMangerProtect
 
Error: (08/03/2014 01:52:49 PM) (Source: MsiInstaller) (EventID: 11309) (User: CHARLIE)
Description: Product: Google Update Helper -- Error 1309. Error reading from file: C:\Program Files (x86)\globalUpdate\Update\1.3.25.0\Google\Update\RequiredFile.txt.  System error 3.  Verify that the file exists and that you can access it.(NULL)(NULL)(NULL)(NULL)(NULL)
 
Error: (08/03/2014 01:52:29 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: plugin-container.exe31.0.0.531053c75e91mozalloc.dll31.0.0.531053c72e91800000030000141b1b0001cfaf4b8417959fD:\Program Files (x86)\Mozilla Firefox\plugin-container.exeD:\Program Files (x86)\Mozilla Firefox\mozalloc.dll5120e491-1b3f-11e4-9d0b-20cf303479aa
 
 
CodeIntegrity Errors:
===================================
  Date: 2014-06-09 13:38:33.392
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\shell32.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-06-09 13:37:39.349
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\shell32.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-06-09 13:37:09.461
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\shell32.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-06-09 13:37:08.417
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\shell32.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-06-09 13:36:45.436
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\shell32.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-06-09 13:36:42.432
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\shell32.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-06-09 13:36:38.118
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\shell32.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-06-09 13:36:36.399
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\shell32.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-06-09 13:36:28.793
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\shell32.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-06-09 13:36:21.806
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\shell32.dll because the set of per-page image hashes could not be found on the system.
 
 
==================== Memory info =========================== 
 
Percentage of memory in use: 40%
Total physical RAM: 3893.16 MB
Available physical RAM: 2313.36 MB
Total Pagefile: 7784.49 MB
Available Pagefile: 5650.11 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB
 
==================== Drives ================================
 
Drive c: (OS) (Fixed) (Total:116.44 GB) (Free:49.52 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (DATA) (Fixed) (Total:329.79 GB) (Free:314.12 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: E0C5913D)
Partition 1: (Not Active) - (Size=20 GB) - (Type=1C)
Partition 2: (Active) - (Size=116 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=330 GB) - (Type=OF Extended)
 
==================== End Of Log ============================

  • 0

#15
Valinorum

Valinorum

    GeekU Guardian Bot

  • GeekU Moderator
  • 2,915 posts
Hi, sorry for the delay. Canyou re-do Step 3 and 4 from here and post the logs. After than provide me a fresh FRST log.
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP