Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Junkware Files installed [Solved]

Started by pickett , Sep 28 2014 11:59 AM

  • This topic is locked This topic is locked

#1
pickett
Posted 28 September 2014 - 11:59 AM

pickett

    Member

  • Member
  • PipPip
  • 22 posts

I downloaded a program and it installed all kinds of junkware, and corupted my system file.  I was able to get my system to turn back on and boot, but I still beleive there might be some more issues.  The malware had deleted all my restore files and had deleted my hosts file as well as many other files.

 

The time of the software install that caused all this was 9/27/2014 about 5:00pm

 

Currently on my 2nd hard disk it is showing a System Volume Information folder even though I have the DO not show hidden and the hide system protected files checked. Also my main system drive C: is now appears to have more files since the available space has drastily reduced.

 

 

here is a copy of the OLT report:

 

er OTL logfile created on: 9/28/2014 11:47:33 AM - Run 1
OTL by OldTimer - Version 3.2.69.0     Folder = D:\Users\Pickett_Kevin\Desktop
64bit- Ultimate Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17239)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
 
15.90 Gb Total Physical Memory | 13.29 Gb Available Physical Memory | 83.59% Memory free
31.80 Gb Paging File | 28.90 Gb Available in Paging File | 90.89% Paging File free
Paging file location(s): d:\pagefile.sys 0 0 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 111.69 Gb Total Space | 50.96 Gb Free Space | 45.63% Space Free | Partition Type: NTFS
Drive D: | 931.51 Gb Total Space | 693.57 Gb Free Space | 74.46% Space Free | Partition Type: NTFS
Drive F: | 465.76 Gb Total Space | 342.63 Gb Free Space | 73.56% Space Free | Partition Type: NTFS
Drive G: | 465.76 Gb Total Space | 55.21 Gb Free Space | 11.85% Space Free | Partition Type: NTFS
 
Computer Name: ASUS_I7 | User Name: Pickett_Kevin | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - D:\Users\Pickett_Kevin\Desktop\OTL.exe (OldTimer Tools)
PRC - D:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe (TeamViewer GmbH)
PRC - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
PRC - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
PRC - C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe (Malwarebytes Corporation)
PRC - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\acrotray.exe (Adobe Systems Inc.)
PRC - C:\Program Files (x86)\ASUS\AI Suite II\ASUS Mobilink\Simulator\EC Simulator.exe (ASUSTeK Computer Inc.)
PRC - C:\Program Files (x86)\ASUS\AI Suite II\ASUS Mobilink\Simulator\AsShellProcess.exe (ASUSTeK Computer Inc.)
PRC - C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe ()
PRC - C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe (ASUSTeK Computer Inc.)
PRC - C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe ()
PRC - C:\Program Files (x86)\ASUS\AI Suite II\EasyUpdate\EzUpdt.exe ()
PRC - C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe (ASUSTeK Computer Inc.)
PRC - C:\Program Files (x86)\InstallShield Installation Information\{E6931688-DA2B-4E16-8539-3D323D69C677}\AiChargerPlus.exe (ASUSTek Computer Inc.)
PRC - C:\Program Files (x86)\ASUS\AI Suite II\AI Suite II.exe (ASUSTeK Computer Inc.)
PRC - C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe (ASUSTeK Computer Inc.)
PRC - D:\Program Files (x86)\APC\PowerChute Personal Edition\dataserv.exe (Schneider Electric)
PRC - D:\Program Files (x86)\APC\PowerChute Personal Edition\mainserv.exe (Schneider Electric)
PRC - D:\Program Files (x86)\APC\PowerChute Personal Edition\apcsystray.exe (Schneider Electric)
PRC - C:\Program Files (x86)\ASUS\AI Suite II\Sensor\AlertHelper\AlertHelper.exe (ASUSTeK Computer Inc.)
PRC - C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation)
PRC - C:\Program Files (x86)\ASUS\AI Suite II\TurboV EVO\TurboVHelp.exe (ASUSTeK Computer Inc.)
PRC - C:\Program Files (x86)\ASUS\AI Suite II\DIGI+ VRM\VRMHelp.exe (ASUSTeK Computer Inc.)
PRC - C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe (Intel Corporation)
PRC - C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe (Intel Corporation)
PRC - C:\Program Files (x86)\ASUS\AI Suite II\ASUS Mobilink\iPhone Simulator\pnSvc.exe (ASUSTeK Computer Inc.)
PRC - C:\Program Files (x86)\ASUS\AI Suite II\EPU\EPUHelp.exe (ASUSTeK Computer Inc.)
 
 
========== Modules (No Company Name) ==========
 
MOD - D:\Program Files (x86)\Mozilla Firefox\mozjs.dll ()
MOD - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll ()
MOD - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll ()
MOD - C:\Program Files (x86)\ASUS\AI Suite II\TurboV EVO\HookKey32.dll ()
MOD - C:\Program Files (x86)\ASUS\AI Suite II\ASUS Mobilink\Simulator\CpuFreq.dll ()
MOD - C:\Program Files (x86)\ASUS\AI Suite II\ASUS Mobilink\Simulator\aaHMLib.dll ()
MOD - C:\Program Files (x86)\ASUS\AI Suite II\ASUS Mobilink\Simulator\AssistFunc.dll ()
MOD - C:\Program Files (x86)\ASUS\AI Suite II\ASUS Mobilink\Simulator\AsMultiLang.dll ()
MOD - C:\Program Files (x86)\ASUS\AI Suite II\EasyUpdate\EzUpdt.exe ()
MOD - C:\Program Files (x86)\ASUS\AI Suite II\EasyUpdate\EzULIB.dll ()
MOD - C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMLib.dll ()
MOD - C:\Program Files (x86)\ASUS\AI Suite II\EasyUpdate\EasyUpdt.dll ()
MOD - C:\Program Files (x86)\ASUS\AI Suite II\Sensor Graph\SensorGraph.dll ()
MOD - C:\Program Files (x86)\ASUS\AI Suite II\Sensor\Sensor.dll ()
MOD - C:\Program Files (x86)\ASUS\AI Suite II\BarGadget\BarGadget.dll ()
MOD - C:\Program Files (x86)\ASUS\AI Suite II\TabGadget\TabGadget.dll ()
MOD - C:\Program Files (x86)\ASUS\AI Suite II\AI Charger+\AIChargerPlus.dll ()
MOD - C:\Program Files (x86)\ASUS\AI Suite II\Settings\Settings.dll ()
MOD - C:\Program Files (x86)\ASUS\AI Suite II\Splitter\Splitter.dll ()
MOD - C:\Program Files (x86)\ASUS\AI Suite II\AssistFunc.dll ()
MOD - C:\Program Files (x86)\ASUS\AI Suite II\Bluetooth Go!\BluetoothGO.dll ()
MOD - C:\Program Files (x86)\ASUS\AI Suite II\Probe_II\ProbeII.dll ()
MOD - C:\Program Files (x86)\ASUS\AI Suite II\MyLogo\MyLogo.dll ()
MOD - C:\Program Files (x86)\ASUS\AI Suite II\ASUS Mobilink\iPhone Simulator\aaHMLib.dll ()
MOD - C:\Program Files (x86)\ASUS\AI Suite II\ASUS Mobilink\iPhone Simulator\pngio.dll ()
MOD - C:\Program Files (x86)\ASUS\AI Suite II\ASUS Mobilink\iPhone Simulator\ImageHelper.dll ()
MOD - C:\Program Files (x86)\ASUS\AI Suite II\ASUS Mobilink\iPhone Simulator\AsNetlib.dll ()
MOD - C:\Program Files (x86)\ASUS\AI Suite II\pngio.dll ()
MOD - C:\Program Files (x86)\ASUS\AI Suite II\ImageHelper.dll ()
MOD - C:\Program Files (x86)\ASUS\AI Suite II\EasyUpdate\ImageHelper.dll ()
MOD - C:\Program Files (x86)\ASUS\AI Suite II\Sensor\AlertHelper\pngio.dll ()
MOD - C:\Program Files (x86)\ASUS\AI Suite II\TurboV EVO\pngio.dll ()
 
 
========== Services (SafeList) ==========
 
SRV:64bit: - (IEEtwCollectorService) -- C:\Windows\SysNative\IEEtwCollector.exe (Microsoft Corporation)
SRV:64bit: - (Intel® -- C:\Windows\SysNative\IPROSetMonitor.exe (Intel Corporation)
SRV:64bit: - (NisSrv) -- C:\Program Files\Microsoft Security Client\NisSrv.exe (Microsoft Corporation)
SRV:64bit: - (MsMpSvc) -- C:\Program Files\Microsoft Security Client\MsMpEng.exe (Microsoft Corporation)
SRV:64bit: - (VsEtwService120) -- C:\Program Files\Microsoft Visual Studio 12.0\Common7\Packages\Debugger\Services\VsEtwService.exe (Microsoft Corporation)
SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SRV:64bit: - (AMD External Events Utility) -- C:\Windows\SysNative\atiesrxx.exe (AMD)
SRV:64bit: - (rpcapd) -- C:\Program Files\WinPcap\rpcapd.exe (CACE Technologies, Inc.)
SRV:64bit: - (DTSAudioService) -- C:\Program Files\Realtek\Audio\HDA\DTSAudioService64.exe (DTS)
SRV:64bit: - (c2wts) -- C:\Program Files\Windows Identity Foundation\v3.5\c2wtshost.exe (Microsoft Corporation)
SRV:64bit: - (AppMgmt) -- C:\Windows\SysNative\appmgmts.dll (Microsoft Corporation)
SRV:64bit: - (simptcp) -- C:\Windows\SysNative\TCPSVCS.EXE (Microsoft Corporation)
SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (TeamViewer9) -- C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe (TeamViewer GmbH)
SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (BlueIris) -- D:\Program Files (x86)\Blue Iris 3\BlueIrisService.exe ()
SRV - (MBAMService) -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe (Malwarebytes Corporation)
SRV - (MBAMScheduler) -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation)
SRV - (cphs) -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe (Intel Corporation)
SRV - (clr_optimization_v2.0.50727_32) -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe (Microsoft Corporation)
SRV - (FLEXnet Licensing Service) -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe (Flexera Software LLC)
SRV - (LightShow Pro Service) -- D:\Program Files\Minleon\LightShowPro\LightShowProService.exe (Minleon International Ltd.)
SRV - (Garmin Core Update Service) -- C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe (Garmin Ltd or its subsidiaries)
SRV - (clr_optimization_v4.0.30319_32) -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Microsoft Corporation)
SRV - (Te.Service) -- C:\Program Files (x86)\Windows Kits\8.1\Testing\Runtimes\TAEF\Wex.Services.exe (Microsoft Corporation)
SRV - (fussvc) -- C:\Program Files (x86)\Windows Kits\8.1\App Certification Kit\fussvc.exe (Microsoft Corporation)
SRV - (Macromedia Licensing Service) -- C:\Program Files (x86)\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe ()
SRV - (asComSvc) -- C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe ()
SRV - (AsSysCtrlService) -- C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe (ASUSTeK Computer Inc.)
SRV - (RealNetworks Downloader Resolver Service) -- C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe ()
SRV - (asHmComSvc) -- C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe (ASUSTeK Computer Inc.)
SRV - (NAUpdate) -- C:\Program Files (x86)\Nero\Update\NASvc.exe (Nero AG)
SRV - (ICCS) -- C:\Program Files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe (Intel Corporation)
SRV - (APC Data Service) -- D:\Program Files (x86)\APC\PowerChute Personal Edition\dataserv.exe (Schneider Electric)
SRV - (APC UPS Service) -- D:\Program Files (x86)\APC\PowerChute Personal Edition\mainserv.exe (Schneider Electric)
SRV - (IAStorDataMgrSvc) -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation)
SRV - (AtherosSvc) -- C:\Program Files (x86)\Bluetooth Suite\AdminService.exe (Atheros Commnucations)
SRV - (UNS) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe (Intel Corporation)
SRV - (LMS) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe (Intel Corporation)
SRV - (WAS) -- C:\Windows\SysWOW64\inetsrv\iisw3adm.dll (Microsoft Corporation)
SRV - (W3SVC) -- C:\Windows\SysWOW64\inetsrv\iisw3adm.dll (Microsoft Corporation)
SRV - (AppHostSvc) -- C:\Windows\SysWOW64\inetsrv\apphostsvc.dll (Microsoft Corporation)
SRV - (x10nets) -- C:\Program Files (x86)\Common Files\X10\Common\X10nets.exe (X10)
SRV - (SwitchBoard) -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
SRV - (HPSLPSVC) -- D:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL (Hewlett-Packard Co.)
SRV - (simptcp) -- C:\Windows\SysWOW64\TCPSVCS.EXE (Microsoft Corporation)
SRV - (Microsoft Office Groove Audit Service) -- D:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe (Microsoft Corporation)
SRV - (rpcapd) -- C:\Program Files (x86)\WinPcap\rpcapd.exe ()
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - (SMUpdd) -- C:\Program Files\Common Files\Goobzo\GBUpdate\smw.sys File not found
DRV:64bit: - (MBAMSwissArmy) -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys (Malwarebytes Corporation)
DRV:64bit: - (voxaldriver) -- C:\Windows\SysNative\drivers\voxaldriverx64.sys ()
DRV:64bit: - (MBAMWebAccessControl) -- C:\Windows\SysNative\drivers\mwac.sys (Malwarebytes Corporation)
DRV:64bit: - (MBAMProtector) -- C:\Windows\SysNative\drivers\mbam.sys (Malwarebytes Corporation)
DRV:64bit: - (e1cexpress) -- C:\Windows\SysNative\drivers\e1c62x64.sys (Intel Corporation)
DRV:64bit: - (IntcDAud) -- C:\Windows\SysNative\drivers\IntcDAud.sys (Intel® Corporation)
DRV:64bit: - (igfx) -- C:\Windows\SysNative\drivers\igdkmd64.sys (Intel Corporation)
DRV:64bit: - (NisDrv) -- C:\Windows\SysNative\drivers\NisDrvWFP.sys (Microsoft Corporation)
DRV:64bit: - (ScreamBAudioSvc) -- C:\Windows\SysNative\drivers\ScreamingBAudio64.sys (Screaming Bee LLC)
DRV:64bit: - (FTSER2K) -- C:\Windows\SysNative\drivers\ftser2k.sys (FTDI Ltd.)
DRV:64bit: - (Ser2pl) -- C:\Windows\SysNative\drivers\ser2pl64.sys (Prolific Technology Inc.)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (FTDIBUS) -- C:\Windows\SysNative\drivers\ftdibus.sys (FTDI Ltd.)
DRV:64bit: - (ICCWDT) -- C:\Windows\SysNative\drivers\ICCWDT.sys (Intel Corporation)
DRV:64bit: - (teamviewervpn) -- C:\Windows\SysNative\drivers\teamviewervpn.sys (TeamViewer GmbH)
DRV:64bit: - (amdkmdag) -- C:\Windows\SysNative\drivers\atikmdag.sys (Advanced Micro Devices, Inc.)
DRV:64bit: - (amdkmdap) -- C:\Windows\SysNative\drivers\atikmpag.sys (Advanced Micro Devices, Inc.)
DRV:64bit: - (AtiHDAudioService) -- C:\Windows\SysNative\drivers\AtihdW76.sys (Advanced Micro Devices)
DRV:64bit: - (USBAAPL64) -- C:\Windows\SysNative\drivers\usbaapl64.sys (Apple, Inc.)
DRV:64bit: - (DFX11_1) -- C:\Windows\SysNative\drivers\dfx11_1x64.sys (Windows ® Win 7 DDK provider)
DRV:64bit: - (terminpt) -- C:\Windows\SysNative\drivers\terminpt.sys (Microsoft Corporation)
DRV:64bit: - (RdpVideoMiniport) -- C:\Windows\SysNative\drivers\rdpvideominiport.sys (Microsoft Corporation)
DRV:64bit: - (TsUsbGD) -- C:\Windows\SysNative\drivers\TsUsbGD.sys (Microsoft Corporation)
DRV:64bit: - (GEARAspiWDM) -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys (GEAR Software Inc.)
DRV:64bit: - (NPF) -- C:\Windows\SysNative\drivers\npf.sys (CACE Technologies, Inc.)
DRV:64bit: - (Fs_Rec) -- C:\Windows\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (PxHlpa64) -- C:\Windows\SysNative\drivers\PxHlpa64.sys (Rovi Corporation)
DRV:64bit: - (asmtxhci) -- C:\Windows\SysNative\drivers\asmtxhci.sys (ASMedia Technology Inc)
DRV:64bit: - (asmthub3) -- C:\Windows\SysNative\drivers\asmthub3.sys (ASMedia Technology Inc)
DRV:64bit: - (iaStor) -- C:\Windows\SysNative\drivers\iaStor.sys (Intel Corporation)
DRV:64bit: - (BtFilter) -- C:\Windows\SysNative\drivers\btfilter.sys (Atheros)
DRV:64bit: - (BTATH_HCRP) -- C:\Windows\SysNative\drivers\btath_hcrp.sys (Atheros)
DRV:64bit: - (BTATH_RCP) -- C:\Windows\SysNative\drivers\btath_rcp.sys (Atheros)
DRV:64bit: - (BTATH_LWFLT) -- C:\Windows\SysNative\drivers\btath_lwflt.sys (Atheros)
DRV:64bit: - (BTATH_A2DP) -- C:\Windows\SysNative\drivers\btath_a2dp.sys (Atheros)
DRV:64bit: - (ATHDFU) -- C:\Windows\SysNative\drivers\AthDfu.sys (Windows ® Win 7 DDK provider)
DRV:64bit: - (AthBTPort) -- C:\Windows\SysNative\drivers\btath_flt.sys (Atheros)
DRV:64bit: - (BTATH_BUS) -- C:\Windows\SysNative\drivers\btath_bus.sys (Atheros)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (tsusbhub) -- C:\Windows\SysNative\drivers\tsusbhub.sys (Microsoft Corporation)
DRV:64bit: - (Synth3dVsc) -- C:\Windows\SysNative\drivers\Synth3dVsc.sys (Microsoft Corporation)
DRV:64bit: - (dmvsc) -- C:\Windows\SysNative\drivers\dmvsc.sys (Microsoft Corporation)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (AiChargerPlus) -- C:\Windows\SysNative\drivers\AiChargerPlus.sys (ASUSTek Computer Inc.)
DRV:64bit: - (MEIx64) -- C:\Windows\SysNative\drivers\HECIx64.sys (Intel Corporation)
DRV:64bit: - (nm3) -- C:\Windows\SysNative\drivers\nm3.sys (Microsoft Corporation)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology)
DRV:64bit: - (StillCam) -- C:\Windows\SysNative\drivers\serscan.sys (Microsoft Corporation)
DRV:64bit: - (61883) -- C:\Windows\SysNative\drivers\61883.sys (Microsoft Corporation)
DRV:64bit: - (Avc) -- C:\Windows\SysNative\drivers\avc.sys (Microsoft Corporation)
DRV:64bit: - (MSDV) -- C:\Windows\SysNative\drivers\msdv.sys (Microsoft Corporation)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (b57nd60a) -- C:\Windows\SysNative\drivers\b57nd60a.sys (Broadcom Corporation)
DRV:64bit: - (hcw85cir) -- C:\Windows\SysNative\drivers\hcw85cir.sys (Hauppauge Computer Works, Inc.)
DRV:64bit: - (X10Hid) -- C:\Windows\SysNative\drivers\x10hid.sys (X10 Wireless Technology, Inc.)
DRV - (AFS) -- C:\Windows\SysWow64\drivers\AFS.SYS (Oak Technology Inc.)
DRV - (AiChargerPlus) -- C:\Windows\SysWOW64\drivers\AiChargerPlus.sys (ASUSTek Computer Inc.)
DRV - (cpudrv64) -- C:\Program Files (x86)\SystemRequirementsLab\cpudrv64.sys ()
DRV - (WIMMount) -- C:\Windows\SysWOW64\drivers\wimmount.sys (Microsoft Corporation)
DRV - (NPF) -- C:\Windows\SysWOW64\drivers\npf.sys (Politecnico di Torino)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE:64bit: - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-US
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = DB BF 96 AA 9F D2 CF 01  [binary data]
IE - HKCU\..\SearchScopes,DefaultScope = {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE8SRC
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
 
========== FireFox ==========
 
FF - prefs.js..browser.startup.homepage: "yahoo.com"
FF - prefs.js..extensions.enabledAddons: web2pdfextension%40web2pdf.adobedotcom:2.0
FF - prefs.js..extensions.enabledAddons: NoiaScrollbars%40ArisT2_Noia4dev:1.2.1
FF - prefs.js..extensions.enabledAddons: Noia4Options%40ArisT2:2.0.0
FF - prefs.js..extensions.enabledAddons: %7Bfaf13420-5e24-11e0-80e3-0800200c9a66%7D:2.0.0
 
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.40.2: C:\Windows\system32\npDeployJava1.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\adobe.com/AdobeExManDetect: D:\Program Files\AdobeCS6\Adobe Extension Manager CS6\Win64Plugin\npAdobeExManDetectX64.dll (Adobe Systems)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1213153.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: D:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@garmin.com/GpsControl: C:\Program Files (x86)\Garmin GPS Plugin\npGarmin.dll (GARMIN Corp.)
FF - HKLM\Software\MozillaPlugins\@IPCWebComponents: C:\Program Files (x86)\IPCWebComponents\npIPCReg.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.67.2: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.67.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3508.0205: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@Nero.com/KM: C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL (Nero AG)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=16.0.2.32: D:\Program Files (x86)\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprndlchromebrowserrecordext;version=1.3.2: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprndlhtml5videoshim;version=1.3.2: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprndlpepperflashvideoshim;version=1.3.2: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpplugin;version=16.0.2.32: D:\Program Files (x86)\RealPlayer\Netscape6\nprpplugin.dll (RealPlayer)
FF - HKLM\Software\MozillaPlugins\@realnetworks.com/npdlplugin;version=1: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Acrobat: C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKLM\Software\MozillaPlugins\adobe.com/AdobeExManDetect: D:\Program Files\AdobeCS6\Adobe Extension Manager CS6\npAdobeExManDetectX86.dll (Adobe Systems)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{FCE04E1F-9378-4f39-96F6-5689A9159E45}: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext\ [2013/07/30 16:09:27 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2013/07/30 16:09:27 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn [2014/07/16 11:15:26 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 24.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 24.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2014/09/16 16:04:40 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 32.0.3\extensions\\Components: D:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 32.0.3\extensions\\Plugins: D:\Program Files (x86)\Mozilla Firefox\plugins [2014/09/25 14:53:49 | 000,000,000 | ---D | M]
 
[2013/06/15 17:01:11 | 000,000,000 | ---D | M] (No name found) -- D:\Users\Pickett_Kevin\AppData\Roaming\mozilla\Extensions
[2014/09/17 11:28:23 | 000,000,000 | ---D | M] (No name found) -- D:\Users\Pickett_Kevin\AppData\Roaming\mozilla\Firefox\Profiles\axnvanjm.default-1410973686164.backup\extensions
[2014/09/22 18:29:42 | 000,000,000 | ---D | M] (No name found) -- D:\Users\Pickett_Kevin\AppData\Roaming\mozilla\Firefox\Profiles\j9cpfgrv.Kevin\extensions
[2014/09/17 11:48:00 | 000,000,000 | ---D | M] (Garmin Communicator) -- D:\Users\Pickett_Kevin\AppData\Roaming\mozilla\Firefox\Profiles\j9cpfgrv.Kevin\extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E}
[2014/09/17 11:48:00 | 000,000,000 | ---D | M] (DownloadHelper) -- D:\Users\Pickett_Kevin\AppData\Roaming\mozilla\Firefox\Profiles\j9cpfgrv.Kevin\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2014/09/17 11:26:01 | 000,088,730 | R--- | M] () (No name found) -- D:\Users\Pickett_Kevin\AppData\Roaming\mozilla\firefox\profiles\axnvanjm.default-1410973686164.backup\extensions\[email protected]
[2014/09/17 11:26:38 | 000,084,390 | ---- | M] () (No name found) -- D:\Users\Pickett_Kevin\AppData\Roaming\mozilla\firefox\profiles\axnvanjm.default-1410973686164.backup\extensions\NoiaButtons@ArisT2_Noia4dev.xpi
[2014/09/17 11:28:23 | 000,095,335 | ---- | M] () (No name found) -- D:\Users\Pickett_Kevin\AppData\Roaming\mozilla\firefox\profiles\axnvanjm.default-1410973686164.backup\extensions\NoiaScrollbars@ArisT2_Noia4dev.xpi
[2014/09/17 11:26:01 | 001,493,384 | R--- | M] () (No name found) -- D:\Users\Pickett_Kevin\AppData\Roaming\mozilla\firefox\profiles\axnvanjm.default-1410973686164.backup\extensions\{faf13420-5e24-11e0-80e3-0800200c9a66}.xpi
[2014/06/05 14:23:23 | 000,024,427 | ---- | M] () (No name found) -- D:\Users\Pickett_Kevin\AppData\Roaming\mozilla\firefox\profiles\j9cpfgrv.Kevin\extensions\[email protected]
[2013/09/12 14:20:33 | 000,066,667 | ---- | M] () (No name found) -- D:\Users\Pickett_Kevin\AppData\Roaming\mozilla\firefox\profiles\j9cpfgrv.Kevin\extensions\[email protected]
[2014/06/05 14:23:03 | 000,088,730 | R--- | M] () (No name found) -- D:\Users\Pickett_Kevin\AppData\Roaming\mozilla\firefox\profiles\j9cpfgrv.Kevin\extensions\[email protected]
[2014/06/05 14:23:52 | 000,095,335 | ---- | M] () (No name found) -- D:\Users\Pickett_Kevin\AppData\Roaming\mozilla\firefox\profiles\j9cpfgrv.Kevin\extensions\NoiaScrollbars@ArisT2_Noia4dev.xpi
[2014/06/05 14:23:03 | 001,493,384 | R--- | M] () (No name found) -- D:\Users\Pickett_Kevin\AppData\Roaming\mozilla\firefox\profiles\j9cpfgrv.Kevin\extensions\{faf13420-5e24-11e0-80e3-0800200c9a66}.xpi
[2013/09/19 09:46:48 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2013/09/19 09:46:55 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2014/07/16 11:15:26 | 000,000,000 | ---D | M] (Adobe Acrobat - Create PDF) -- C:\PROGRAM FILES (X86)\ADOBE\ACROBAT 11.0\ACROBAT\BROWSER\WCFIREFOXEXTN
File not found (No name found) -- D:\USERS\PICKETT_KEVIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AXNVANJM.DEFAULT-1410973686164\EXTENSIONS\[email protected]
File not found (No name found) -- D:\USERS\PICKETT_KEVIN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\AXNVANJM.DEFAULT-1410973686164\EXTENSIONS\NOIASCROLLBARS@ARIST2_NOIA4DEV.XPI
 
========== Chrome  ==========
 
CHR - default_search_provider:  (Enabled)
CHR - default_search_provider: search_url =
CHR - default_search_provider: suggest_url =
CHR - homepage:
CHR - plugin: Error reading preferences file
CHR - Extension: Google Docs = D:\Users\Pickett_Kevin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.7_0\
CHR - Extension: Google Drive = D:\Users\Pickett_Kevin\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: Google Voice Search Hotword (Beta) = D:\Users\Pickett_Kevin\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn\0.1.1.5023_0\
CHR - Extension: YouTube = D:\Users\Pickett_Kevin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Google Search = D:\Users\Pickett_Kevin\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: Adobe Acrobat - Create PDF = D:\Users\Pickett_Kevin\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj\11.0.6.70_0\
CHR - Extension: RealDownloader = D:\Users\Pickett_Kevin\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji\1.3.2_0\
CHR - Extension: Google Wallet = D:\Users\Pickett_Kevin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\
CHR - Extension: Gmail = D:\Users\Pickett_Kevin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\
 
O1 HOSTS File: ([2014/09/28 11:21:21 | 000,000,027 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O2:64bit: - BHO: (Adobe Acrobat Create PDF Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2:64bit: - BHO: (Adobe Acrobat Create PDF from Selection) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (RealNetworks Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)
O2 - BHO: (Microsoft Web Test Recorder 12.0 Helper) - {432dd630-7e03-4c97-9d62-b99f52df4fc2} - D:\Program Files (x86)\Microsoft Visual Studio 12.0\Common7\IDE\PrivateAssemblies\Microsoft.VisualStudio.QualityTools.RecorderBarBHO100.dll (Microsoft Corporation)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - D:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (CIESpeechBHO Class) - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
O2 - BHO: (Adobe Acrobat Create PDF Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (Adobe Acrobat Create PDF from Selection) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3:64bit: - HKLM\..\Toolbar: (Adobe Acrobat Create PDF Toolbar) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (Adobe Acrobat Create PDF Toolbar) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4:64bit: - HKLM..\Run: [Classic Start Menu] C:\Program Files\Classic Shell\ClassicStartMenu.exe (IvoSoft)
O4:64bit: - HKLM..\Run: [MSC] C:\Program Files\Microsoft Security Client\msseces.exe (Microsoft Corporation)
O4:64bit: - HKLM..\Run: [RtHDVBg_DTS] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Realtek Semiconductor)
O4 - HKLM..\Run: []  File not found
O4 - HKLM..\Run: [Acrobat Assistant 8.0] C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe (Adobe Systems Inc.)
O4 - HKLM..\Run: [AdobeCS6ServiceManager] C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [ASUS AiChargerPlus Execute] C:\Program Files (x86)\InstallShield Installation Information\{E6931688-DA2B-4E16-8539-3D323D69C677}\AiChargerPlus.exe (ASUSTek Computer Inc.)
O4 - HKLM..\Run: [ASUS ShellProcess Execute] C:\Program Files (x86)\ASUS\AI Suite II\ASUS Mobilink\Simulator\AsShellProcess.exe (ASUSTeK Computer Inc.)
O4 - HKLM..\Run: [Display] D:\Program Files (x86)\APC\PowerChute Personal Edition\DataCollectionLauncher.exe (Schneider Electric)
O4 - HKLM..\Run: [StartCCC] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O9:64bit: - Extra 'Tools' menuitem : Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - Reg Error: Value error. File not found
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\Program Files (x86)\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{AFC8591B-E7F1-4BD8-A1DC-865FF0C3EF2C}: NameServer = 10.0.0.1,8.8.8.8
O18:64bit: - Protocol\Handler\belarc - No CLSID value found
O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\belarc {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - C:\Program Files (x86)\Belarc\BelarcAdvisor\System\BAVoilaX.dll (Belarc, Inc.)
O18 - Protocol\Handler\grooveLocalGWS {88FED34C-F0CA-4636-A375-3CB6248B04CD} - D:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - D:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2014/09/28 11:45:55 | 000,602,112 | ---- | C] (OldTimer Tools) -- D:\Users\Pickett_Kevin\Desktop\OTL.exe
[2014/09/28 11:21:22 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2014/09/28 11:06:51 | 000,000,000 | ---D | C] -- C:\Windows\ERUNT
[2014/09/28 10:29:28 | 000,000,000 | ---D | C] -- D:\Users\Pickett_Kevin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RegZooka
[2014/09/27 19:37:45 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\Branding
[2014/09/27 19:17:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\globalUpdate
[2014/09/27 17:02:12 | 000,000,000 | ---D | C] -- D:\Users\Pickett_Kevin\Documents\ProPCCleaner
[2014/09/27 13:16:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Blue Iris ActiveX Control
[2014/09/25 19:18:24 | 000,000,000 | ---D | C] -- D:\Users\Pickett_Kevin\AppData\Local\Moonware_Studios
[2014/09/25 19:17:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Caphyon
[2014/09/25 19:17:46 | 000,000,000 | ---D | C] -- C:\ProgramData\regid.2013-06.com.moonware
[2014/09/25 07:06:37 | 000,000,000 | ---D | C] -- C:\ProgramData\Deskshare
[2014/09/22 18:33:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IPCWebComponents
[2014/09/22 18:33:01 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\IPCWebComponents
[2014/09/22 11:55:05 | 000,000,000 | ---D | C] -- D:\Users\Pickett_Kevin\Desktop\Foscam Utilities
[2014/09/18 14:14:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Screaming Bee
[2014/09/17 11:06:08 | 000,000,000 | -HSD | C] -- D:\Users\Pickett_Kevin\AppData\Local\EmieUserList
[2014/09/17 11:06:08 | 000,000,000 | -HSD | C] -- D:\Users\Pickett_Kevin\AppData\Local\EmieSiteList
[2014/09/17 10:44:48 | 002,050,560 | ---- | C] (xy-VSFilter Team) -- C:\Windows\SysNative\VSFilter.dll.bak
[2014/09/17 10:44:29 | 000,000,000 | ---D | C] -- D:\Users\Pickett_Kevin\AppData\Roaming\Shark007
[2014/09/17 10:44:29 | 000,000,000 | ---D | C] -- C:\ProgramData\Shark007
[2014/09/17 10:44:27 | 003,502,080 | ---- | C] (x264vfw project) -- C:\Windows\SysNative\x264vfw.dll
[2014/09/17 10:44:27 | 000,180,736 | ---- | C] (fccHandler) -- C:\Windows\SysNative\ac3acm.acm
[2014/09/17 10:44:26 | 001,712,512 | ---- | C] (MPC-BE Team) -- C:\Windows\SysNative\VSFilter.dll
[2014/09/17 10:44:26 | 000,361,472 | ---- | C] (fccHandler) -- C:\Windows\SysNative\aacacm.acm
[2014/09/17 10:44:26 | 000,124,909 | ---- | C] (Open Source Software community project) -- C:\Windows\SysNative\pthreadGC2.dll
[2014/09/17 10:44:07 | 000,000,000 | ---D | C] -- D:\Users\Pickett_Kevin\AppData\Roaming\Advanced
[2014/09/17 10:42:39 | 000,000,000 | ---D | C] -- D:\Users\Pickett_Kevin\AppData\Local\Installer
[2014/09/17 10:16:41 | 000,000,000 | ---D | C] -- D:\Users\Pickett_Kevin\Desktop\GOPRO
[2014/09/17 09:59:54 | 000,000,000 | ---D | C] -- D:\Users\Pickett_Kevin\Desktop\VLC
[2014/09/16 16:36:02 | 000,000,000 | ---D | C] -- C:\Program Files\Realtek
[2014/09/16 16:35:45 | 002,162,992 | ---- | C] (Yamaha Corporation) -- C:\Windows\SysNative\YamahaAE.dll
[2014/09/16 16:35:43 | 002,101,848 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\WavesGUILib64.dll
[2014/09/16 16:35:42 | 001,048,824 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\slcnt64.dll
[2014/09/16 16:35:42 | 000,724,728 | ---- | C] (DTS, Inc.) -- C:\Windows\SysNative\sltech64.dll
[2014/09/16 16:35:42 | 000,518,896 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSTSX64.dll
[2014/09/16 16:35:42 | 000,246,008 | ---- | C] (TODO: <Company name>) -- C:\Windows\SysNative\slprp64.dll
[2014/09/16 16:35:42 | 000,211,184 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSTSH64.dll
[2014/09/16 16:35:42 | 000,198,896 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSHP64.dll
[2014/09/16 16:35:42 | 000,155,888 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSWOW64.dll
[2014/09/16 16:35:41 | 000,889,592 | ---- | C] (DTS, Inc.) -- C:\Windows\SysNative\sl3apo64.dll
[2014/09/16 16:35:41 | 000,221,024 | ---- | C] (Synopsys, Inc.) -- C:\Windows\SysNative\SFNHK64.dll
[2014/09/16 16:35:41 | 000,081,248 | ---- | C] (Synopsys, Inc.) -- C:\Windows\SysNative\SFCOM64.dll
[2014/09/16 16:35:41 | 000,078,688 | ---- | C] (Synopsys, Inc.) -- C:\Windows\SysNative\SFAPO64.dll
[2014/09/16 16:35:41 | 000,074,064 | ---- | C] (Virage Logic Corporation / Sonic Focus) -- C:\Windows\SysWow64\SFCOM.dll
[2014/09/16 16:35:40 | 000,375,128 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEP64A.dll
[2014/09/16 16:35:40 | 000,310,104 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RP3DHT64.dll
[2014/09/16 16:35:40 | 000,310,104 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RP3DAA64.dll
[2014/09/16 16:35:40 | 000,204,120 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEED64A.dll
[2014/09/16 16:35:40 | 000,101,208 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEL64A.dll
[2014/09/16 16:35:40 | 000,078,680 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEG64A.dll
[2014/09/16 16:35:39 | 007,164,176 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\R4EEP64A.dll
[2014/09/16 16:35:39 | 000,942,384 | ---- | C] (Nahimic Inc) -- C:\Windows\SysNative\NAHIMICAPOSettingsIPC.dll
[2014/09/16 16:35:39 | 000,434,960 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\R4EED64A.dll
[2014/09/16 16:35:39 | 000,141,584 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\R4EEL64A.dll
[2014/09/16 16:35:39 | 000,124,176 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\R4EEA64A.dll
[2014/09/16 16:35:39 | 000,075,024 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\R4EEG64A.dll
[2014/09/16 16:35:38 | 012,894,808 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxVoiceAPO3064.dll
[2014/09/16 16:35:38 | 005,751,048 | ---- | C] (Nahimic Inc) -- C:\Windows\SysNative\NAHIMICAPOlfx.dll
[2014/09/16 16:35:38 | 003,959,384 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioVnN64.dll
[2014/09/16 16:35:38 | 001,313,904 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxSpeechAPO64.dll
[2014/09/16 16:35:38 | 000,956,504 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxVoiceAPO2064.dll
[2014/09/16 16:35:38 | 000,662,784 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxVolumeSDAPO.dll
[2014/09/16 16:35:37 | 028,343,384 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioVnA64.dll
[2014/09/16 16:35:37 | 014,863,448 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioRealtek64.dll
[2014/09/16 16:35:37 | 002,041,432 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioEQ64.dll
[2014/09/16 16:35:37 | 001,934,424 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioRealtek264.dll
[2014/09/16 16:35:37 | 001,317,976 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioAPO6064.dll
[2014/09/16 16:35:37 | 001,168,472 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioAPO5064.dll
[2014/09/16 16:35:37 | 001,136,728 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioAPO4064.dll
[2014/09/16 16:35:37 | 001,063,512 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioAPOShell64.dll
[2014/09/16 16:35:37 | 000,900,696 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysWow64\MaxxAudioAPOShell.dll
[2014/09/16 16:35:37 | 000,663,296 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioAPO30.dll
[2014/09/16 16:35:37 | 000,318,808 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioAPO20.dll
[2014/09/16 16:35:36 | 002,770,976 | ---- | C] (Fortemedia Corporation) -- C:\Windows\SysNative\FMAPO64.dll
[2014/09/16 16:35:36 | 001,756,264 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSS2SpeakerDLL64.dll
[2014/09/16 16:35:36 | 001,568,360 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSS2HeadphoneDLL64.dll
[2014/09/16 16:35:36 | 000,712,296 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSSymmetryDLL64.dll
[2014/09/16 16:35:36 | 000,693,352 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSVoiceClarityDLL64.dll
[2014/09/16 16:35:36 | 000,603,984 | ---- | C] (Knowles Acoustics ) -- C:\Windows\SysNative\KAAPORT64.dll
[2014/09/16 16:35:36 | 000,501,184 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSU2PLFX64.dll
[2014/09/16 16:35:36 | 000,487,360 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSU2PGFX64.dll
[2014/09/16 16:35:36 | 000,415,680 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSU2PREC64.dll
[2014/09/16 16:35:36 | 000,291,488 | ---- | C] (ICEpower a/s) -- C:\Windows\SysNative\ICEsoundAPO64.dll
[2014/09/16 16:35:35 | 006,218,072 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\DDPP64A.dll
[2014/09/16 16:35:35 | 001,939,800 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\DDPD64A.dll
[2014/09/16 16:35:35 | 001,486,952 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSBoostDLL64.dll
[2014/09/16 16:35:35 | 000,728,680 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSBassEnhancementDLL64.dll
[2014/09/16 16:35:35 | 000,491,112 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSNeoPCDLL64.dll
[2014/09/16 16:35:35 | 000,432,744 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSLimiterDLL64.dll
[2014/09/16 16:35:35 | 000,428,648 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSGainCompensatorDLL64.dll
[2014/09/16 16:35:35 | 000,315,736 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\DDPO64A.dll
[2014/09/16 16:35:35 | 000,261,464 | ---- | C] (Dolby Laboratories) -- C:\Windows\SysNative\DDPA64.dll
[2014/09/16 16:35:35 | 000,242,792 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSLFXAPO64.dll
[2014/09/16 16:35:35 | 000,242,792 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSGFXAPO64.dll
[2014/09/16 16:35:35 | 000,241,768 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSGFXAPONS64.dll
[2014/09/16 16:35:35 | 000,113,576 | ---- | C] (Real Sound Lab SIA) -- C:\Windows\SysNative\CONEQMSAPOGUILibrary.dll
[2014/09/16 16:25:15 | 000,000,000 | ---D | C] -- C:\Program Files\Intel
[2014/09/16 16:16:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\SystemRequirementsLab
[2014/09/14 14:43:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2014/09/14 14:43:46 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
[2014/09/14 14:43:44 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Java
[2014/09/11 12:29:04 | 000,000,000 | ---D | C] -- D:\Users\Pickett_Kevin\AppData\Roaming\JVSG
[2014/09/10 18:06:09 | 000,000,000 | ---D | C] -- D:\Users\Pickett_Kevin\Documents\Security Monitor Pro
[2014/09/10 18:02:40 | 025,784,672 | ---- | C] (DeskShare Inc.                                              ) -- D:\Users\Pickett_Kevin\Desktop\SecurityMonitorPro.exe
[2014/09/01 15:16:09 | 000,000,000 | ---D | C] -- D:\Users\Pickett_Kevin\Speech Software
[2014/08/29 14:54:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DESIGNER
[2014/08/29 13:38:21 | 000,460,800 | ---- | C] (RedfernPlace) -- D:\Users\Pickett_Kevin\Desktop\PathEditor.exe
[1 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2014/09/28 11:45:55 | 000,602,112 | ---- | M] (OldTimer Tools) -- D:\Users\Pickett_Kevin\Desktop\OTL.exe
[2014/09/28 11:41:18 | 000,042,563 | ---- | M] () -- D:\Users\Pickett_Kevin\IP_Log_Data.js
[2014/09/28 11:41:18 | 000,000,908 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2014/09/28 11:41:11 | 000,122,584 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys
[2014/09/28 11:40:58 | 4214,075,390 | -HS- | M] () -- C:\hiberfil.sys
[2014/09/28 11:40:06 | 000,000,028 | ---- | M] () -- D:\Users\Pickett_Kevin\AppData\Roaming\Network Meter_Usage.ini
[2014/09/28 11:39:04 | 001,373,475 | ---- | M] () -- D:\Users\Pickett_Kevin\Desktop\adwcleaner_3.310.exe
[2014/09/28 11:36:00 | 000,000,912 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2014/09/28 11:29:18 | 000,000,881 | ---- | M] () -- D:\Users\Pickett_Kevin\Desktop\Temp File Cleaner.lnk
[2014/09/28 11:21:21 | 000,000,027 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2014/09/28 10:29:29 | 000,000,859 | ---- | M] () -- D:\Users\Pickett_Kevin\Desktop\RegZooka.lnk
[2014/09/27 23:20:25 | 000,001,184 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014/09/27 23:20:25 | 000,001,184 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014/09/27 19:01:04 | 006,273,640 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2014/09/27 17:01:02 | 000,000,418 | ---- | M] () -- D:\Users\Pickett_Kevin\AppData\Roaming\WinInstallFlashLog.ini
[2014/09/18 13:35:46 | 000,034,512 | ---- | M] () -- C:\Windows\SysNative\drivers\voxaldriverx64.sys
[2014/09/16 16:36:11 | 000,000,000 | -H-- | M] () -- C:\ProgramData\DP45977C.lfl
[2014/09/16 16:30:06 | 000,020,754 | ---- | M] () -- C:\Windows\SysNative\results.xml
[2014/09/16 15:22:23 | 000,001,769 | ---- | M] () -- C:\Windows\Language_trs.ini
[2014/09/16 15:10:12 | 004,044,528 | ---- | M] () -- C:\Windows\PE_Rom.dll
[2014/09/14 17:14:45 | 000,221,184 | ---- | M] () -- D:\Users\Pickett_Kevin\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2014/09/14 15:07:08 | 000,001,044 | ---- | M] () -- D:\Users\Pickett_Kevin\Desktop\Dropbox.lnk
[2014/09/13 12:01:36 | 000,008,324 | ---- | M] () -- D:\Users\Pickett_Kevin\Documents\security view.jvsg
[2014/09/13 10:35:08 | 025,784,672 | ---- | M] (DeskShare Inc.                                              ) -- D:\Users\Pickett_Kevin\Desktop\SecurityMonitorPro.exe
[2014/09/01 22:37:52 | 001,712,512 | ---- | M] (MPC-BE Team) -- C:\Windows\SysNative\VSFilter.dll
[2014/08/29 14:53:52 | 000,002,155 | ---- | M] () -- C:\Windows\epplauncher.mif
[2014/08/29 12:41:17 | 000,001,852 | ---- | M] () -- D:\Users\Pickett_Kevin\Desktop\LOR Route Add.lnk
[1 C:\Windows\SysNative\*.tmp files -> C:\Windows\SysNative\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2014/09/28 11:39:04 | 001,373,475 | ---- | C] () -- D:\Users\Pickett_Kevin\Desktop\adwcleaner_3.310.exe
[2014/09/28 10:29:29 | 000,000,859 | ---- | C] () -- D:\Users\Pickett_Kevin\Desktop\RegZooka.lnk
[2014/09/27 19:00:54 | 006,273,640 | ---- | C] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2014/09/27 17:38:51 | 000,001,184 | -H-- | C] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014/09/27 17:38:51 | 000,001,184 | -H-- | C] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014/09/27 17:35:49 | 000,000,028 | ---- | C] () -- D:\Users\Pickett_Kevin\AppData\Roaming\Network Meter_Usage.ini
[2014/09/27 17:01:00 | 000,000,418 | ---- | C] () -- D:\Users\Pickett_Kevin\AppData\Roaming\WinInstallFlashLog.ini
[2014/09/24 15:54:37 | 000,001,646 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Blue Iris 3.lnk
[2014/09/18 13:35:46 | 000,034,512 | ---- | C] () -- C:\Windows\SysNative\drivers\voxaldriverx64.sys
[2014/09/17 10:44:27 | 000,148,992 | ---- | C] ( ) -- C:\Windows\SysNative\lagarith.dll
[2014/09/17 10:44:26 | 002,231,296 | ---- | C] () -- C:\Windows\SysNative\ac3filter.acm.new
[2014/09/17 10:44:26 | 002,231,296 | ---- | C] () -- C:\Windows\SysNative\ac3filter.acm
[2014/09/17 10:44:26 | 000,580,096 | ---- | C] () -- C:\Windows\SysNative\ac3filter.acm.old
[2014/09/17 10:44:26 | 000,206,336 | ---- | C] () -- C:\Windows\SysNative\unrar64.dll
[2014/09/17 10:44:19 | 001,679,360 | ---- | C] () -- C:\Windows\SysWow64\ac3filter.acm.new
[2014/09/16 16:36:11 | 000,000,000 | -H-- | C] () -- C:\ProgramData\DP45977C.lfl
[2014/09/16 16:35:42 | 002,117,424 | ---- | C] () -- C:\Windows\SysNative\SStudio.dll
[2014/09/16 16:35:41 | 005,804,772 | ---- | C] () -- C:\Windows\SysNative\drivers\rtvienna.dat
[2014/09/16 16:35:40 | 001,099,203 | ---- | C] () -- C:\Windows\SysNative\drivers\RTAIODAT.DAT
[2014/09/16 16:35:35 | 000,109,848 | ---- | C] () -- C:\Windows\SysNative\AcpiServiceVnA64.dll
[2014/09/16 16:35:35 | 000,033,592 | ---- | C] () -- C:\Windows\SysNative\audioLibVc.dll
[2014/09/13 11:58:47 | 000,008,324 | ---- | C] () -- D:\Users\Pickett_Kevin\Documents\security view.jvsg
[2014/08/20 15:53:21 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2014/08/20 15:53:21 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2014/08/20 15:53:21 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2014/08/20 15:53:21 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2014/08/20 15:53:21 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2014/08/07 16:10:36 | 000,000,351 | ---- | C] () -- C:\Windows\editor.INI
[2014/08/07 15:56:02 | 000,003,316 | ---- | C] () -- D:\Users\Pickett_Kevin\AppData\Roaming\DosPanel.ini
[2014/07/10 08:53:59 | 000,000,039 | ---- | C] () -- C:\Windows\nap.ini
[2014/05/06 10:35:04 | 000,026,955 | ---- | C] () -- D:\Users\Pickett_Kevin\Chi.jpg
[2014/03/29 11:43:49 | 004,583,074 | ---- | C] () -- D:\Users\Pickett_Kevin\e8319_ME302C_em.pdf
[2014/03/20 08:40:40 | 000,078,848 | ---- | C] () -- C:\Windows\SysWow64\igdde32.dll
[2014/03/19 10:56:23 | 000,001,456 | ---- | C] () -- D:\Users\Pickett_Kevin\AppData\Local\Adobe Save for Web 13.0 Prefs
[2014/02/25 17:56:42 | 000,000,360 | ---- | C] () -- D:\Users\Pickett_Kevin\AppData\Roaming\com.iliumsoft.ewallet.plist
[2014/02/13 12:07:22 | 000,737,484 | ---- | C] () -- D:\Users\Pickett_Kevin\ResEdit-x64.zip
[2014/02/13 12:05:15 | 005,546,433 | ---- | C] () -- D:\Users\Pickett_Kevin\ResourceEditor20110910.zip
[2014/02/12 15:49:02 | 000,036,738 | ---- | C] () -- D:\Users\Pickett_Kevin\Pickett_Lan IPs to Mac.xml
[2014/01/29 17:43:46 | 000,221,184 | ---- | C] () -- D:\Users\Pickett_Kevin\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2014/01/28 18:17:57 | 000,002,353 | ---- | C] () -- D:\Users\Pickett_Kevin\mkvreg.reg
[2014/01/28 11:59:12 | 000,000,104 | ---- | C] () -- C:\ProgramData\Microsoft.SqlServer.Compact.400.64.bc
[2014/01/27 14:52:32 | 000,000,298 | ---- | C] () -- C:\ProgramData\Microsoft.SqlServer.Compact.400.32.bc
[2013/12/06 15:13:08 | 000,042,563 | ---- | C] () -- D:\Users\Pickett_Kevin\IP_Log_Data.js
[2013/12/05 11:32:31 | 000,000,132 | ---- | C] () -- D:\Users\Pickett_Kevin\AppData\Roaming\Adobe PNG Format CS6 Prefs
[2013/11/29 20:51:49 | 000,000,132 | ---- | C] () -- D:\Users\Pickett_Kevin\AppData\Roaming\Adobe BMP Format CS6 Prefs
[2013/10/30 09:48:32 | 000,010,443 | ---- | C] () -- C:\ProgramData\regid.2009-06.com.flexerasoftware_E8544335-72A1-47D2-B281-75B66D03EF81.swidtag
[2013/10/28 12:17:59 | 000,000,232 | ---- | C] () -- C:\ProgramData\Microsoft.SqlServer.Compact.351.64.bc
[2013/10/15 15:50:35 | 000,002,099 | ---- | C] () -- D:\Users\Pickett_Kevin\.xmlcopyeditor
[2013/10/04 18:27:03 | 000,002,376 | -H-- | C] () -- C:\Windows\SysWow64\oeiwsc27.dll
[2013/10/02 13:07:45 | 000,000,600 | ---- | C] () -- D:\Users\Pickett_Kevin\AppData\Roaming\winscp.rnd
[2013/10/02 12:55:54 | 000,000,600 | ---- | C] () -- D:\Users\Pickett_Kevin\AppData\Local\PUTTY.RND
[2013/09/29 16:12:06 | 004,175,360 | ---- | C] () -- C:\Windows\SysWow64\LS3Renderer.dll
[2013/09/06 15:58:58 | 000,007,619 | ---- | C] () -- D:\Users\Pickett_Kevin\AppData\Local\Resmon.ResmonCfg
[2013/07/22 12:23:33 | 000,000,504 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2013/07/18 13:47:47 | 000,000,634 | ---- | C] () -- C:\Program Files (x86)\CsdIIMatrixSign.mdl
[2013/06/27 18:19:59 | 000,149,504 | ---- | C] () -- C:\Windows\unwise32_setup.exe
[2013/06/22 14:33:24 | 000,776,536 | -H-- | C] () -- C:\Windows\SysWow64\mlfcache.dat
[2013/06/17 14:36:18 | 000,127,184 | ---- | C] () -- C:\Windows\Unwise.exe
[2013/06/17 12:46:20 | 000,205,028 | ---- | C] () -- C:\Windows\hpwins26.dat
[2013/06/17 12:46:20 | 000,000,370 | ---- | C] () -- C:\Windows\hpwmdl26.dat
[2013/06/17 10:55:48 | 000,001,271 | ---- | C] () -- D:\Users\Pickett_Kevin\AppData\Roaming\Network Meter_Settings.ini
[2013/06/16 13:51:28 | 000,000,021 | ---- | C] () -- C:\Windows\SurCode.INI
[2013/06/16 11:03:29 | 000,000,162 | ---- | C] () -- C:\Windows\ODBC.INI
[2013/06/15 13:49:59 | 004,044,528 | ---- | C] () -- C:\Windows\PE_Rom.dll
[2013/06/15 13:20:08 | 000,014,464 | ---- | C] () -- C:\Windows\SysWow64\drivers\AsUpIO.sys
[2013/06/15 13:16:31 | 000,015,232 | ---- | C] () -- C:\Windows\SysWow64\drivers\AsIO.sys
[2013/06/15 13:16:31 | 000,011,832 | ---- | C] () -- C:\Windows\SysWow64\drivers\AsInsHelp64.sys
[2013/06/15 13:16:31 | 000,010,216 | ---- | C] () -- C:\Windows\SysWow64\drivers\AsInsHelp32.sys
[2013/06/15 13:16:28 | 000,001,769 | ---- | C] () -- C:\Windows\Language_trs.ini
[2013/06/15 12:45:30 | 000,828,772 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2013/06/15 12:22:11 | 000,000,000 | ---- | C] () -- C:\Windows\ativpsrm.bin
[2013/06/14 10:50:24 | 000,081,920 | ---- | C] () -- C:\Windows\SysWow64\MPMapTrace.dll
[2013/06/14 10:10:42 | 000,364,544 | ---- | C] () -- C:\Windows\SysWow64\mpPathan.dll
[2013/03/28 20:13:14 | 000,798,734 | ---- | C] () -- C:\Windows\SysWow64\amdocl_ld32.exe
[2013/03/28 20:13:12 | 000,995,342 | ---- | C] () -- C:\Windows\SysWow64\amdocl_as32.exe
[2013/03/28 19:38:08 | 000,204,952 | ---- | C] () -- C:\Windows\SysWow64\ativvsvl.dat
[2013/03/28 19:38:08 | 000,157,144 | ---- | C] () -- C:\Windows\SysWow64\ativvsva.dat
[2013/01/16 16:03:42 | 000,019,294 | ---- | C] () -- D:\Users\Pickett_Kevin\Invoice for GE Lights.pdf
[2012/12/14 02:42:30 | 000,963,452 | ---- | C] () -- C:\Windows\SysWow64\igcodeckrng600.bin
[2012/12/14 02:42:28 | 000,272,928 | ---- | C] () -- C:\Windows\SysWow64\igvpkrng600.bin
[2012/11/27 01:18:46 | 000,038,912 | ---- | C] () -- C:\Windows\SysWow64\kdbsdk32.dll
 
========== ZeroAccess Check ==========
 
[2009/07/13 22:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2014/03/24 20:43:12 | 014,175,744 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2014/03/24 20:09:54 | 012,874,240 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 19:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\SysWow64\wbem\fastprox.dll -- [2010/11/20 21:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 19:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
 
========== LOP Check ==========
 
[2013/06/17 15:39:24 | 000,000,000 | ---D | M] -- D:\Users\Pickett_Kevin\AppData\Roaming\addpcs
[2014/09/17 10:44:59 | 000,000,000 | ---D | M] -- D:\Users\Pickett_Kevin\AppData\Roaming\Advanced
[2013/12/20 11:00:09 | 000,000,000 | ---D | M] -- D:\Users\Pickett_Kevin\AppData\Roaming\ArKaos LEDMapper2
[2014/03/27 12:08:33 | 000,000,000 | ---D | M] -- D:\Users\Pickett_Kevin\AppData\Roaming\ArKaos MediaMaster
[2014/08/29 13:16:57 | 000,000,000 | ---D | M] -- D:\Users\Pickett_Kevin\AppData\Roaming\Audacity
[2014/07/10 09:37:28 | 000,000,000 | ---D | M] -- D:\Users\Pickett_Kevin\AppData\Roaming\Audio Visual Devices
[2014/03/25 12:31:56 | 000,000,000 | ---D | M] -- D:\Users\Pickett_Kevin\AppData\Roaming\AxTools
[2013/11/04 15:14:42 | 000,000,000 | ---D | M] -- D:\Users\Pickett_Kevin\AppData\Roaming\CDXReader
[2013/10/22 15:06:26 | 000,000,000 | ---D | M] -- D:\Users\Pickett_Kevin\AppData\Roaming\chc
[2013/06/17 09:25:54 | 000,000,000 | ---D | M] -- D:\Users\Pickett_Kevin\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2014/09/28 11:02:49 | 000,000,000 | ---D | M] -- D:\Users\Pickett_Kevin\AppData\Roaming\ClassicShell
[2013/06/17 09:25:54 | 000,000,000 | ---D | M] -- D:\Users\Pickett_Kevin\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant
[2013/09/29 14:41:42 | 000,000,000 | ---D | M] -- D:\Users\Pickett_Kevin\AppData\Roaming\com.adobe.WidgetBrowser
[2013/08/08 13:05:02 | 000,000,000 | ---D | M] -- D:\Users\Pickett_Kevin\AppData\Roaming\com.comcast.callerid
[2013/08/08 13:03:17 | 000,000,000 | ---D | M] -- D:\Users\Pickett_Kevin\AppData\Roaming\com.comcast.callerid.13A1FA90F0FC9DC009FB0956ADD0F13F8608561B.1
[2013/09/26 16:39:55 | 000,000,000 | ---D | M] -- D:\Users\Pickett_Kevin\AppData\Roaming\Digiarty
[2014/07/30 13:51:22 | 000,000,000 | ---D | M] -- D:\Users\Pickett_Kevin\AppData\Roaming\DLA
[2014/01/29 12:19:42 | 000,000,000 | ---D | M] -- D:\Users\Pickett_Kevin\AppData\Roaming\Doena Soft
[2014/09/14 15:07:17 | 000,000,000 | ---D | M] -- D:\Users\Pickett_Kevin\AppData\Roaming\Dropbox
[2014/03/19 19:56:28 | 000,000,000 | ---D | M] -- D:\Users\Pickett_Kevin\AppData\Roaming\FalconHardwareUtility
[2014/09/14 15:04:52 | 000,000,000 | ---D | M] -- D:\Users\Pickett_Kevin\AppData\Roaming\FileZilla
[2014/01/01 12:39:33 | 000,000,000 | ---D | M] -- D:\Users\Pickett_Kevin\AppData\Roaming\Garmin
[2014/05/11 11:24:39 | 000,000,000 | ---D | M] -- D:\Users\Pickett_Kevin\AppData\Roaming\GoPro
[2013/06/17 09:25:54 | 000,000,000 | ---D | M] -- D:\Users\Pickett_Kevin\AppData\Roaming\Ilium Software
[2014/09/16 13:17:11 | 000,000,000 | ---D | M] -- D:\Users\Pickett_Kevin\AppData\Roaming\Jovian
[2014/09/11 12:29:04 | 000,000,000 | ---D | M] -- D:\Users\Pickett_Kevin\AppData\Roaming\JVSG
[2013/11/04 15:14:43 | 000,000,000 | ---D | M] -- D:\Users\Pickett_Kevin\AppData\Roaming\LavFilters
[2013/11/18 20:32:10 | 000,000,000 | ---D | M] -- D:\Users\Pickett_Kevin\AppData\Roaming\LightFactory
[2014/08/25 16:49:56 | 000,000,000 | ---D | M] -- D:\Users\Pickett_Kevin\AppData\Roaming\LOROC
[2014/03/17 15:43:44 | 000,000,000 | ---D | M] -- D:\Users\Pickett_Kevin\AppData\Roaming\Mael
[2014/07/30 14:37:40 | 000,000,000 | ---D | M] -- D:\Users\Pickett_Kevin\AppData\Roaming\Microchip
[2013/09/17 12:38:43 | 000,000,000 | ---D | M] -- D:\Users\Pickett_Kevin\AppData\Roaming\MOVAVI
[2014/09/27 18:20:40 | 000,000,000 | ---D | M] -- D:\Users\Pickett_Kevin\AppData\Roaming\Notepad++
[2014/03/06 15:01:39 | 000,000,000 | ---D | M] -- D:\Users\Pickett_Kevin\AppData\Roaming\NuGet
[2013/10/05 11:21:02 | 000,000,000 | ---D | M] -- D:\Users\Pickett_Kevin\AppData\Roaming\Oracle
[2013/06/17 09:25:55 | 000,000,000 | ---D | M] -- D:\Users\Pickett_Kevin\AppData\Roaming\PACE Anti-Piracy
[2014/02/09 18:43:34 | 000,000,000 | ---D | M] -- D:\Users\Pickett_Kevin\AppData\Roaming\PowerISO
[2013/10/24 18:11:44 | 000,000,000 | ---D | M] -- D:\Users\Pickett_Kevin\AppData\Roaming\Publish Providers
[2013/10/28 12:43:08 | 000,000,000 | ---D | M] -- D:\Users\Pickett_Kevin\AppData\Roaming\Reasonable Software House Ltd
[2013/09/29 16:10:41 | 000,000,000 | ---D | M] -- D:\Users\Pickett_Kevin\AppData\Roaming\Red Giant Link
[2013/09/29 13:14:50 | 000,000,000 | -H-D | M] -- D:\Users\Pickett_Kevin\AppData\Roaming\RWBYTE
[2014/09/17 10:44:36 | 000,000,000 | ---D | M] -- D:\Users\Pickett_Kevin\AppData\Roaming\Shark007
[2014/08/15 11:43:43 | 000,000,000 | ---D | M] -- D:\Users\Pickett_Kevin\AppData\Roaming\SolidDocuments
[2013/10/29 11:07:26 | 000,000,000 | ---D | M] -- D:\Users\Pickett_Kevin\AppData\Roaming\Sony
[2013/09/17 16:39:41 | 000,000,000 | ---D | M] -- D:\Users\Pickett_Kevin\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
[2013/10/15 15:33:22 | 000,000,000 | ---D | M] -- D:\Users\Pickett_Kevin\AppData\Roaming\Stylus Studio
[2013/07/30 16:21:28 | 000,000,000 | ---D | M] -- D:\Users\Pickett_Kevin\AppData\Roaming\Syncios
[2013/07/18 13:43:56 | 000,000,000 | ---D | M] -- D:\Users\Pickett_Kevin\AppData\Roaming\Tape_Worm
[2014/09/27 17:23:12 | 000,000,000 | ---D | M] -- D:\Users\Pickett_Kevin\AppData\Roaming\TeamViewer
[2014/09/18 15:58:17 | 000,000,000 | ---D | M] -- D:\Users\Pickett_Kevin\AppData\Roaming\uTorrent
[2014/03/27 12:13:53 | 000,000,000 | ---D | M] -- D:\Users\Pickett_Kevin\AppData\Roaming\Video Mapper
[2013/12/19 15:23:15 | 000,000,000 | ---D | M] -- D:\Users\Pickett_Kevin\AppData\Roaming\Vixen
[2013/10/09 15:53:45 | 000,000,000 | ---D | M] -- D:\Users\Pickett_Kevin\AppData\Roaming\Wireshark
[2014/03/19 11:41:32 | 000,000,000 | ---D | M] -- D:\Users\Pickett_Kevin\AppData\Roaming\wyUpdate
[2014/03/19 11:41:07 | 000,000,000 | -HSD | M] -- D:\Users\Pickett_Kevin\AppData\Roaming\wyUpdate AU
 
========== Purity Check ==========
 
 
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 1365 bytes -> C:\ProgramData\Microsoft:samtzRLIBVKz7rdE75K7cU9INCI5
@Alternate Data Stream - 1313 bytes -> C:\ProgramData\Microsoft:5RuzemZJUnDfIYE0mNXI
@Alternate Data Stream - 124 bytes -> C:\ProgramData\TEMP:054203E4
@Alternate Data Stream - 1192 bytes -> C:\ProgramData\Microsoft:aarOOjjTtyI2F13dwmqha
@Alternate Data Stream - 1188 bytes -> C:\ProgramData\Microsoft:klccog60WQXGKv8gv4QzeoD

< End of report >
 

 

 

Thank you

Kevin


Edited by pickett, 28 September 2014 - 12:03 PM.

  • 0

Advertisements

#2
Biscuithd
Posted 02 October 2014 - 09:00 AM

Biscuithd

    Trusted Helper

  • Malware Removal
  • 2,573 posts

Hello,

 

Sorry that it has taken so log for us to respond. Sometimes we get very busy. However, I now have time and desire to help you. :)

 

Thanks for the OTL log. I will review it. Could you also post the Extras.txt file that was produced during the scan? Thanks! :thumbsup:


  • 0

#3
Biscuithd
Posted 02 October 2014 - 09:10 AM

Biscuithd

    Trusted Helper

  • Malware Removal
  • 2,573 posts

Please disregard Post #2.

 

Please download and run FRST as described below. Also, make sure you run it from the Desktop of the Boot Drive please.

 

FRST.gif Scan with Farbar Recovery Scan Tool

Please download Farbar Recovery Scan Tool and save it to your Desktop.


  • Right-click on FRST.gif icon and select RunAsAdmin.jpg Run as Administrator to start the tool.
    (XP users click run after receipt of Windows Security Warning - Open File).
  • When the tool opens click Yes to disclaimer.
  • Make sure that Addition option is checked.
  • Press Scan button and wait.
  • The tool will produce two logfiles on your desktop: FRST.txt and Addition.txt.

Please copy and paste their content into your next reply.

 


  • 0

#4
pickett
Posted 02 October 2014 - 09:39 AM

pickett

    Member

  • Topic Starter
  • Member
  • PipPip
  • 22 posts

Here is the FRST file:

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 28-09-2014 02
Ran by Pickett_Kevin (administrator) on ASUS_I7 on 02-10-2014 09:37:35
Running from D:\_Master Software\_ System Cleaners & Utilities\_Virus, Sys Cleaners, Registry
Loaded Profile: Pickett_Kevin (Available profiles: Pickett_Kevin & Mcx1-ASUS_I7 & Administrator & DefaultAppPool)
Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Schneider Electric) D:\Program Files (x86)\APC\PowerChute Personal Edition\mainserv.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
() C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(DTS) C:\Program Files\Realtek\Audio\HDA\DTSAudioService64.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
() C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
(Microsoft Corporation) C:\Windows\System32\TCPSVCS.EXE
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(Schneider Electric) D:\Program Files (x86)\APC\PowerChute Personal Edition\dataserv.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(IvoSoft) C:\Program Files\Classic Shell\ClassicStartMenu.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\ASUS Mobilink\Simulator\AsShellProcess.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\InstallShield Installation Information\{E6931688-DA2B-4E16-8539-3D323D69C677}\AiChargerPlus.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Apple Inc.) D:\Program Files (x86)\iTunes\iTunesHelper.exe
(Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\acrotray.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Schneider Electric) D:\Program Files (x86)\APC\PowerChute Personal Edition\apcsystray.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\DIGI+ VRM\VRMHelp.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\USB 3.0 Boost\U3BoostSvr64.exe
(Hewlett-Packard Co.) D:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe
(Hewlett-Packard Co.) D:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\ASUS Mobilink\iPhone Simulator\pnSvc.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\ASUS Mobilink\Simulator\EC Simulator.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\TurboV EVO\TurboVHelp.exe
(Hewlett-Packard) D:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\EPU\EPUHelp.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\AI Suite II.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\Sensor\AlertHelper\AlertHelper.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
(TeamViewer GmbH) D:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
(RealNetworks, Inc.) D:\Program Files (x86)\RealPlayer\Update\realsched.exe
(Microsoft Corporation) D:\Program Files (x86)\Microsoft Office\Office12\OUTLOOK.EXE
(Mozilla Corporation) D:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\audiodg.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [1271072 2014-03-11] (Microsoft Corporation)
HKLM\...\Run: [Classic Start Menu] => C:\Program Files\Classic Shell\ClassicStartMenu.exe [161984 2014-01-18] (IvoSoft)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [558496 2014-02-27] (Adobe Systems Incorporated)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7575768 2014-05-14] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_DTS] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1387376 2014-05-13] (Realtek Semiconductor)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642656 2013-03-28] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [ASUS ShellProcess Execute] => C:\Program Files (x86)\ASUS\AI Suite II\ASUS Mobilink\Simulator\AsShellProcess.exe [252544 2013-06-15] (ASUSTeK Computer Inc.)
HKLM-x32\...\Run: [ASUS AiChargerPlus Execute] => C:\Program Files (x86)\InstallShield Installation Information\{E6931688-DA2B-4E16-8539-3D323D69C677}\AiChargerPlus.exe [550272 2012-08-20] (ASUSTek Computer Inc.)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1075296 2013-04-25] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43848 2014-02-12] (Apple Inc.)
HKLM-x32\...\Run: [Display] => D:\Program Files (x86)\APC\PowerChute Personal Edition\DataCollectionLauncher.exe [284024 2012-01-24] (Schneider Electric)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [iTunesHelper] => D:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-05-26] (Apple Inc.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => d:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe [3499896 2014-05-08] (Adobe Systems Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-07-25] (Oracle Corporation)
HKLM-x32\...\Run: [TkBellExe] => D:\Program Files (x86)\RealPlayer\update\realsched.exe [295512 2013-07-30] (RealNetworks, Inc.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\APC UPS Status.lnk
ShortcutTarget: APC UPS Status.lnk -> D:\Program Files (x86)\APC\PowerChute Personal Edition\Display.exe (Schneider Electric)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
ShortcutTarget: HP Digital Imaging Monitor.lnk -> D:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft...=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-US
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xDBBF96AA9FD2CF01
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKCU - DefaultScope {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL =
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO-x32: RealNetworks Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)
BHO-x32: Microsoft Web Test Recorder 12.0 Helper -> {432dd630-7e03-4c97-9d62-b99f52df4fc2} -> D:\Program Files (x86)\Microsoft Visual Studio 12.0\Common7\IDE\PrivateAssemblies\Microsoft.VisualStudio.QualityTools.RecorderBarBHO100.dll (Microsoft Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> D:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Handler: belarc - {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} -  No File
Handler-x32: belarc - {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - d:\Program Files (x86)\Belarc\BelarcAdvisor\System\BAVoilaX.dll (Belarc, Inc.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\..\Interfaces\{AFC8591B-E7F1-4BD8-A1DC-865FF0C3EF2C}: [NameServer] 10.0.0.1,8.8.8.8

FireFox:
========
FF ProfilePath: D:\Users\Pickett_Kevin\AppData\Roaming\Mozilla\Firefox\Profiles\j9cpfgrv.Kevin
FF NewTab: user_pref("browser.newtab.url", "");
FF SelectedSearchEngine: Google
FF Homepage: www.yahoo.com
FF NetworkProxy: "type", 4
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll ()
FF Plugin: @java.com/DTPlugin,version=10.40.2 -> C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> d:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> D:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: adobe.com/AdobeExManDetect -> D:\Program Files\AdobeCS6\Adobe Extension Manager CS6\Win64Plugin\npAdobeExManDetectX64.dll (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1213153.dll (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> D:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @garmin.com/GpsControl -> d:\Program Files (x86)\Garmin GPS Plugin\npGarmin.dll (GARMIN Corp.)
FF Plugin-x32: @IPCWebComponents -> C:\Program Files (x86)\IPCWebComponents\npIPCReg.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> d:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @Nero.com/KM -> C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL (Nero AG)
FF Plugin-x32: @real.com/nppl3260;version=16.0.2.32 -> D:\Program Files (x86)\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlchromebrowserrecordext;version=1.3.2 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlhtml5videoshim;version=1.3.2 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlpepperflashvideoshim;version=1.3.2 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpplugin;version=16.0.2.32 -> D:\Program Files (x86)\RealPlayer\Netscape6\nprpplugin.dll (RealPlayer)
FF Plugin-x32: @realnetworks.com/npdlplugin;version=1 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Acrobat -> d:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: Adobe Reader -> d:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeExManDetect -> D:\Program Files\AdobeCS6\Adobe Extension Manager CS6\npAdobeExManDetectX86.dll (Adobe Systems)
FF user.js: detected! => D:\Users\Pickett_Kevin\AppData\Roaming\Mozilla\Firefox\Profiles\j9cpfgrv.Kevin\user.js
FF Extension: Garmin Communicator - D:\Users\Pickett_Kevin\AppData\Roaming\Mozilla\Firefox\Profiles\j9cpfgrv.Kevin\Extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E} [2014-09-17]
FF Extension: DownloadHelper - D:\Users\Pickett_Kevin\AppData\Roaming\Mozilla\Firefox\Profiles\j9cpfgrv.Kevin\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2014-09-17]
FF Extension: Translate This! - D:\Users\Pickett_Kevin\AppData\Roaming\Mozilla\Firefox\Profiles\j9cpfgrv.Kevin\Extensions\[email protected] [2014-09-17]
FF Extension: MP4 Downloader - D:\Users\Pickett_Kevin\AppData\Roaming\Mozilla\Firefox\Profiles\j9cpfgrv.Kevin\Extensions\[email protected] [2014-09-17]
FF Extension: Noia 4 Theme Manager - D:\Users\Pickett_Kevin\AppData\Roaming\Mozilla\Firefox\Profiles\j9cpfgrv.Kevin\Extensions\[email protected] [2014-09-17]
FF Extension: NewScrollbars (aka NoiaScrollbars) - D:\Users\Pickett_Kevin\AppData\Roaming\Mozilla\Firefox\Profiles\j9cpfgrv.Kevin\Extensions\NoiaScrollbars@ArisT2_Noia4dev.xpi [2014-09-17]
FF Extension: Noia 4 - D:\Users\Pickett_Kevin\AppData\Roaming\Mozilla\Firefox\Profiles\j9cpfgrv.Kevin\Extensions\{faf13420-5e24-11e0-80e3-0800200c9a66}.xpi [2014-09-17]
FF HKLM-x32\...\Firefox\Extensions: [{FCE04E1F-9378-4f39-96F6-5689A9159E45}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2013-07-30]
FF HKLM-x32\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - d:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: Adobe Acrobat - Create PDF - d:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn [2014-09-28]
FF StartMenuInternet: FIREFOX.EXE - D:\Program Files (x86)\Mozilla Firefox\firefox.exe

Chrome:
=======
CHR HomePage: Default ->
CHR StartupUrls: Default -> ""
CHR DefaultSearchKeyword: Default -> 9BF342BFAF231CE73B4EFF7AEDA94B88F5A541B0F1D15F036492426B513E57E0
CHR DefaultSearchURL: Default -> 2141C4DFB03A7F87BEF5040CD6D0449EEBB194BEFE619D588AE834F0A771FF48
CHR Profile: D:\Users\Pickett_Kevin\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - D:\Users\Pickett_Kevin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-02-12]
CHR Extension: (Google Drive) - D:\Users\Pickett_Kevin\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-02-12]
CHR Extension: (Google Voice Search Hotword (Beta)) - D:\Users\Pickett_Kevin\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-09-22]
CHR Extension: (YouTube) - D:\Users\Pickett_Kevin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-02-12]
CHR Extension: (Google Search) - D:\Users\Pickett_Kevin\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-02-12]
CHR Extension: (Adobe Acrobat - Create PDF) - D:\Users\Pickett_Kevin\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2014-02-12]
CHR Extension: (RealDownloader) - D:\Users\Pickett_Kevin\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji [2014-02-12]
CHR Extension: (Google Wallet) - D:\Users\Pickett_Kevin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-02-12]
CHR Extension: (Gmail) - D:\Users\Pickett_Kevin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-02-12]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - d:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCChromeExtn\WCChromeExtn.crx []
CHR HKLM-x32\...\Chrome\Extension: [idhngdhcfkoamngbedgpaokgjbnpdiji] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx [2013-04-16]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 APC Data Service; D:\Program Files (x86)\APC\PowerChute Personal Edition\dataserv.exe [21880 2012-01-24] (Schneider Electric)
R2 APC UPS Service; D:\Program Files (x86)\APC\PowerChute Personal Edition\mainserv.exe [705912 2012-01-24] (Schneider Electric)
R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe [920736 2013-06-15] ()
R2 asHmComSvc; C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe [951936 2012-09-11] (ASUSTeK Computer Inc.)
R2 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe [149120 2013-06-15] (ASUSTeK Computer Inc.)
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [74912 2011-03-13] (Atheros Commnucations) [File not signed]
S3 c2wts; C:\Program Files\Windows Identity Foundation\v3.5\c2wtshost.exe [15768 2010-02-02] (Microsoft Corporation)
R2 DTSAudioService; C:\Program Files\Realtek\Audio\HDA\DTSAudioService64.exe [210024 2011-05-31] (DTS)
S3 fussvc; d:\Program Files (x86)\Windows Kits\8.1\App Certification Kit\fussvc.exe [142336 2013-08-22] (Microsoft Corporation) [File not signed]
S3 Garmin Core Update Service; d:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe [250712 2013-12-13] (Garmin Ltd or its subsidiaries)
R3 hpqcxs08; D:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll [248832 2009-05-21] (Hewlett-Packard Co.) [File not signed]
R2 hpqddsvc; D:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll [133120 2009-05-21] (Hewlett-Packard Co.) [File not signed]
R2 HPSLPSVC; D:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL [1037824 2009-09-08] (Hewlett-Packard Co.) [File not signed]
S3 LightShow Pro Service; D:\Program Files\Minleon\LightShowPro\LightShowProService.exe [711472 2013-12-17] (Minleon International Ltd.)
S3 Macromedia Licensing Service; C:\Program Files (x86)\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe [68096 2013-06-16] () [File not signed]
S2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation)
S3 Microsoft Office Groove Audit Service; D:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [64856 2009-02-26] (Microsoft Corporation)
S3 MozillaMaintenance; d:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [114288 2014-09-25] (Mozilla Foundation)
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2014-03-11] (Microsoft Corporation)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed]
R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [347872 2014-03-11] (Microsoft Corporation)
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed]
R2 RealNetworks Downloader Resolver Service; C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [39056 2013-04-16] ()
R2 simptcp; C:\Windows\SysWOW64\tcpsvcs.exe [9216 2009-07-13] (Microsoft Corporation)
R2 SQLWriter; d:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [130024 2012-10-20] (Microsoft Corporation)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
S3 Te.Service; d:\Program Files (x86)\Windows Kits\8.1\Testing\Runtimes\TAEF\Wex.Services.exe [119808 2013-08-22] (Microsoft Corporation) [File not signed]
R2 TeamViewer9; d:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe [4799760 2014-09-12] (TeamViewer GmbH)
S3 VsEtwService120; C:\Program Files\Microsoft Visual Studio 12.0\Common7\Packages\Debugger\Services\VsEtwService.exe [87728 2013-10-05] (Microsoft Corporation)
S3 W3SVC; C:\Windows\system32\inetsrv\iisw3adm.dll [453120 2010-11-20] (Microsoft Corporation)
S3 WatAdminSvc; C:\Windows\system32\Wat\WatAdminSvc.exe [1255736 2013-06-15] () [File not signed]
S3 x10nets; C:\Program Files (x86)\Common Files\X10\Common\X10nets.exe [20480 2010-11-02] (X10) [File not signed]
S3 rpcapd; "%ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini" [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 61883; C:\Windows\System32\DRIVERS\61883.sys [60288 2009-07-13] (Microsoft Corporation)
S0 AFS; C:\Windows\SysWow64\Drivers\AFS.sys [79052 2013-12-06] (Oak Technology Inc.) [File not signed]
R0 AiChargerPlus; C:\Windows\System32\DRIVERS\AiChargerPlus.sys [14464 2010-11-08] (ASUSTek Computer Inc.)
R0 AiChargerPlus; C:\Windows\SysWOW64\DRIVERS\AiChargerPlus.sys [14848 2012-04-19] (ASUSTek Computer Inc.)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2012-10-12] ()
R1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [14464 2012-10-12] ()
R3 ASUSFILTER; C:\Windows\SysWow64\drivers\ASUSFILTER.sys [46152 2013-06-15] (MCCI Corporation)
S3 cpudrv64; C:\Program Files (x86)\SystemRequirementsLab\cpudrv64.sys [17864 2011-06-02] ()
S3 dfg; C:\Windows\SysWOW64\drivers\dfg.sys [23552 2012-07-02] (defrag Development Team) [File not signed]
S3 DFX11_1; C:\Windows\System32\drivers\dfx11_1x64.sys [28008 2012-12-13] (Windows ® Win 7 DDK provider)
S3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-05-12] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-05-12] (Malwarebytes Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [268512 2014-01-25] (Microsoft Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [133928 2014-03-11] (Microsoft Corporation)
S3 NPF; C:\Windows\System32\drivers\npf.sys [35344 2012-05-03] (CACE Technologies, Inc.)
S3 NPF; C:\Windows\SysWOW64\drivers\npf.sys [30336 2003-04-04] (Politecnico di Torino) [File not signed]
S3 Serial; C:\Windows\system32\drivers\serial.sys [94208 2009-07-13] (Brother Industries Ltd.)
R3 voxaldriver; C:\Windows\System32\DRIVERS\voxaldriverx64.sys [34512 2014-09-18] ()
R3 X10Hid; C:\Windows\System32\Drivers\x10hid.sys [15896 2009-05-13] (X10 Wireless Technology, Inc.)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 SMUpdd; \??\C:\Program Files\Common Files\Goobzo\GBUpdate\smw.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-10-02 09:37 - 2014-10-02 09:37 - 00000000 ____D () C:\FRST
2014-10-01 11:58 - 2014-10-01 11:58 - 00000000 ____D () C:\BlueIris
2014-10-01 11:41 - 2014-10-01 11:41 - 00447784 ____C () D:\Users\Pickett_Kevin\AppData\Local\GDIPFONTCACHEV1.DAT
2014-10-01 11:33 - 2014-10-01 11:33 - 00001754 ____C () D:\Users\Public\Desktop\Blue Iris 3.lnk
2014-10-01 11:33 - 2014-10-01 11:33 - 00001646 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Blue Iris 3.lnk
2014-09-30 19:17 - 2014-10-02 09:36 - 00003010 _____ () C:\Windows\System32\Tasks\ReclaimerUpdateFiles_Pickett_Kevin
2014-09-30 19:17 - 2014-10-02 09:36 - 00000402 _____ () C:\Windows\Tasks\ReclaimerUpdateFiles_Pickett_Kevin.job
2014-09-30 19:17 - 2014-10-01 19:18 - 00003006 _____ () C:\Windows\System32\Tasks\ReclaimerUpdateXML_Pickett_Kevin
2014-09-30 19:17 - 2014-10-01 19:18 - 00000398 _____ () C:\Windows\Tasks\ReclaimerUpdateXML_Pickett_Kevin.job
2014-09-30 19:17 - 2014-09-30 19:17 - 00003642 _____ () C:\Windows\System32\Tasks\RNUpgradeHelperResumePrompt_Pickett_Kevin
2014-09-30 19:17 - 2014-09-30 19:17 - 00002714 _____ () C:\Windows\System32\Tasks\RNUpgradeHelperLogonPrompt_Pickett_Kevin
2014-09-30 19:17 - 2014-09-30 19:17 - 00000408 _____ () C:\Windows\Tasks\RNUpgradeHelperLogonPrompt_Pickett_Kevin.job
2014-09-30 16:19 - 2014-09-30 16:19 - 00000878 ____C () D:\Users\Public\Desktop\VLC media player.lnk
2014-09-30 16:19 - 2014-09-30 16:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2014-09-29 14:40 - 2014-09-29 14:40 - 00000000 ____D () C:\Windows\System32\Tasks\DeskShare
2014-09-29 14:33 - 2014-09-29 14:33 - 00000000 ___DC () D:\Users\Pickett_Kevin\AppData\Local\DeskShare Data
2014-09-29 11:16 - 2014-09-29 11:16 - 00000925 ____C () D:\Users\Pickett_Kevin\Desktop\TeamViewer 9.lnk
2014-09-28 17:02 - 2014-09-28 17:02 - 00000000 ___DC () D:\Users\Pickett_Kevin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RegZooka
2014-09-28 16:24 - 2014-09-28 16:59 - 00000711 ____C () D:\Users\Pickett_Kevin\Application Mover.cfg
2014-09-28 11:06 - 2014-09-28 11:06 - 00000000 ____D () C:\Windows\ERUNT
2014-09-28 11:02 - 2009-06-10 15:00 - 00017463 _____ () C:\Windows\system32\Drivers\etc\services
2014-09-28 11:02 - 2009-06-10 15:00 - 00003683 _____ () C:\Windows\system32\Drivers\etc\lmhosts.sam
2014-09-28 11:02 - 2009-06-10 15:00 - 00001358 _____ () C:\Windows\system32\Drivers\etc\protocol
2014-09-28 11:02 - 2009-06-10 15:00 - 00000407 _____ () C:\Windows\system32\Drivers\etc\networks
2014-09-27 19:37 - 2014-09-27 19:37 - 00000000 ___DC () D:\Users\Public\Branding
2014-09-27 19:37 - 2014-09-27 19:37 - 00000000 ____D () C:\Windows\system32\Branding
2014-09-27 17:40 - 2014-10-01 09:13 - 00006830 _____ () C:\Windows\system32\PerfStringBackup.TMP
2014-09-27 17:38 - 2014-09-29 15:12 - 00013040 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-09-27 17:38 - 2014-09-29 15:12 - 00013040 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-09-27 17:35 - 2014-09-28 14:44 - 00000028 ____C () D:\Users\Pickett_Kevin\AppData\Roaming\Network Meter_Usage.ini
2014-09-27 17:01 - 2014-09-27 17:01 - 00000418 ____C () D:\Users\Pickett_Kevin\AppData\Roaming\WinInstallFlashLog.ini
2014-09-27 13:16 - 2014-09-27 20:04 - 00000000 ____D () C:\Program Files (x86)\Blue Iris ActiveX Control
2014-09-27 11:54 - 2014-09-27 11:54 - 00000263 _____ () C:\Windows\system32\TeamViewer9_Hooks.log
2014-09-26 13:10 - 2014-09-27 20:02 - 00000000 __HDC () D:\Users\Public\IPCamRecord
2014-09-25 07:06 - 2014-09-27 20:04 - 00000000 ____D () C:\ProgramData\Deskshare
2014-09-22 11:55 - 2014-09-29 10:23 - 00000000 ___DC () D:\Users\Pickett_Kevin\Desktop\Foscam Utilities
2014-09-18 13:51 - 2014-10-01 14:55 - 00365781 _____ () C:\Windows\WindowsUpdate.log
2014-09-18 13:35 - 2014-09-18 13:35 - 00034512 _____ () C:\Windows\system32\Drivers\voxaldriverx64.sys
2014-09-17 11:11 - 2014-09-17 11:11 - 01373475 ____C () D:\Users\Pickett_Kevin\Downloads\adwcleaner_3.310.exe
2014-09-17 11:06 - 2014-09-17 11:06 - 00000000 _SHDC () D:\Users\Pickett_Kevin\AppData\Local\EmieUserList
2014-09-17 11:06 - 2014-09-17 11:06 - 00000000 _SHDC () D:\Users\Pickett_Kevin\AppData\Local\EmieSiteList
2014-09-17 10:45 - 2010-11-20 21:25 - 00296448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfds.dll.bak
2014-09-17 10:44 - 2014-09-17 10:44 - 00000000 ___DC () D:\Users\Pickett_Kevin\AppData\Roaming\Shark007
2014-09-17 10:44 - 2014-09-17 10:44 - 00000000 ___DC () D:\Users\Pickett_Kevin\AppData\Roaming\Advanced
2014-09-17 10:44 - 2014-09-17 10:44 - 00000000 ____D () C:\ProgramData\Shark007
2014-09-17 10:44 - 2014-09-01 22:37 - 01712512 _____ (MPC-BE Team) C:\Windows\system32\VSFilter.dll
2014-09-17 10:44 - 2014-07-22 14:51 - 03502080 _____ (x264vfw project) C:\Windows\system32\x264vfw.dll
2014-09-17 10:44 - 2014-06-05 14:00 - 02050560 _____ (xy-VSFilter Team) C:\Windows\system32\VSFilter.dll.bak
2014-09-17 10:44 - 2013-04-06 00:27 - 02231296 _____ () C:\Windows\system32\ac3filter.acm.new
2014-09-17 10:44 - 2013-04-06 00:27 - 02231296 _____ () C:\Windows\system32\ac3filter.acm
2014-09-17 10:44 - 2013-04-06 00:26 - 01679360 _____ () C:\Windows\SysWOW64\ac3filter.acm.new
2014-09-17 10:44 - 2012-07-21 15:55 - 00180736 _____ (fccHandler) C:\Windows\system32\ac3acm.acm
2014-09-17 10:44 - 2012-07-21 15:54 - 00361472 _____ (fccHandler) C:\Windows\system32\aacacm.acm
2014-09-17 10:44 - 2012-07-17 18:21 - 00206336 _____ () C:\Windows\system32\unrar64.dll
2014-09-17 10:44 - 2011-12-07 23:37 - 00148992 _____ ( ) C:\Windows\system32\lagarith.dll
2014-09-17 10:44 - 2009-08-11 21:22 - 00580096 _____ () C:\Windows\system32\ac3filter.acm.old
2014-09-17 10:44 - 2009-01-23 01:51 - 00124909 _____ (Open Source Software community project) C:\Windows\system32\pthreadGC2.dll
2014-09-16 16:36 - 2014-09-16 16:36 - 00000000 ____H () C:\ProgramData\DP45977C.lfl
2014-09-16 16:36 - 2014-09-16 16:36 - 00000000 ____D () C:\Program Files\Realtek
2014-09-16 16:35 - 2014-05-14 18:37 - 03962840 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RTKVHD64.sys
2014-09-16 16:35 - 2014-05-14 16:00 - 01099203 _____ () C:\Windows\system32\Drivers\RTAIODAT.DAT
2014-09-16 16:35 - 2014-05-12 20:11 - 60636160 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoRes64.dat
2014-09-16 16:35 - 2014-05-09 11:17 - 00628952 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtDataProc64.dll
2014-09-16 16:35 - 2014-05-02 11:19 - 00033592 _____ () C:\Windows\system32\audioLibVc.dll
2014-09-16 16:35 - 2014-04-30 11:34 - 00948952 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoInstII64.dll
2014-09-16 16:35 - 2014-04-28 15:48 - 02800344 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RltkAPO64.dll
2014-09-16 16:35 - 2014-04-25 13:51 - 02834648 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtPgEx64.dll
2014-09-16 16:35 - 2014-04-25 13:23 - 01022168 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkApi64.dll
2014-09-16 16:35 - 2014-04-23 17:51 - 02117424 _____ () C:\Windows\system32\SStudio.dll
2014-09-16 16:35 - 2014-04-17 17:42 - 01317976 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO6064.dll
2014-09-16 16:35 - 2014-04-17 17:42 - 01168472 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO5064.dll
2014-09-16 16:35 - 2014-04-17 17:42 - 01136728 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO4064.dll
2014-09-16 16:35 - 2014-04-10 12:20 - 12894808 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVoiceAPO3064.dll
2014-09-16 16:35 - 2014-04-10 12:20 - 01934424 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioRealtek264.dll
2014-09-16 16:35 - 2014-04-10 12:19 - 28343384 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioVnA64.dll
2014-09-16 16:35 - 2014-04-10 12:19 - 14863448 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioRealtek64.dll
2014-09-16 16:35 - 2014-04-10 12:19 - 03959384 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioVnN64.dll
2014-09-16 16:35 - 2014-04-10 12:19 - 02101848 _____ (Waves Audio Ltd.) C:\Windows\system32\WavesGUILib64.dll
2014-09-16 16:35 - 2014-04-10 12:19 - 02041432 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioEQ64.dll
2014-09-16 16:35 - 2014-04-10 12:19 - 01063512 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPOShell64.dll
2014-09-16 16:35 - 2014-04-10 12:19 - 00900696 _____ (Waves Audio Ltd.) C:\Windows\SysWOW64\MaxxAudioAPOShell.dll
2014-09-16 16:35 - 2014-04-09 16:39 - 00942384 _____ (Nahimic Inc) C:\Windows\system32\NAHIMICAPOSettingsIPC.dll
2014-09-16 16:35 - 2014-04-09 16:38 - 05751048 _____ (Nahimic Inc) C:\Windows\system32\NAHIMICAPOlfx.dll
2014-09-16 16:35 - 2014-04-07 16:03 - 06218072 _____ (Dolby Laboratories) C:\Windows\system32\DDPP64A.dll
2014-09-16 16:35 - 2014-04-07 16:03 - 01939800 _____ (Dolby Laboratories) C:\Windows\system32\DDPD64A.dll
2014-09-16 16:35 - 2014-04-07 16:03 - 00315736 _____ (Dolby Laboratories) C:\Windows\system32\DDPO64A.dll
2014-09-16 16:35 - 2014-04-07 16:03 - 00261464 _____ (Dolby Laboratories) C:\Windows\system32\DDPA64.dll
2014-09-16 16:35 - 2014-03-21 14:17 - 00291488 _____ (ICEpower a/s) C:\Windows\system32\ICEsoundAPO64.dll
2014-09-16 16:35 - 2014-03-19 19:19 - 00956504 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVoiceAPO2064.dll
2014-09-16 16:35 - 2014-03-06 16:35 - 01959128 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTSnMg64.cpl
2014-09-16 16:35 - 2014-03-05 05:11 - 01048824 _____ (SRS Labs, Inc.) C:\Windows\system32\slcnt64.dll
2014-09-16 16:35 - 2014-03-05 05:11 - 00889592 _____ (DTS, Inc.) C:\Windows\system32\sl3apo64.dll
2014-09-16 16:35 - 2014-03-05 05:11 - 00724728 _____ (DTS, Inc.) C:\Windows\system32\sltech64.dll
2014-09-16 16:35 - 2014-03-05 05:11 - 00246008 _____ (TODO: <Company name>) C:\Windows\system32\slprp64.dll
2014-09-16 16:35 - 2014-02-27 20:02 - 02162992 _____ (Yamaha Corporation) C:\Windows\system32\YamahaAE.dll
2014-09-16 16:35 - 2014-02-26 15:16 - 02080472 _____ (Realtek Semiconductor Corp.) C:\Windows\RtlExUpd.dll
2014-09-16 16:35 - 2014-02-18 17:04 - 02770976 _____ (Fortemedia Corporation) C:\Windows\system32\FMAPO64.dll
2014-09-16 16:35 - 2014-02-06 11:28 - 05804772 _____ () C:\Windows\system32\Drivers\rtvienna.dat
2014-09-16 16:35 - 2014-01-31 17:27 - 01313904 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxSpeechAPO64.dll
2014-09-16 16:35 - 2014-01-28 11:48 - 01286872 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTCOM64.dll
2014-09-16 16:35 - 2013-10-16 03:43 - 00209096 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAC64.dll
2014-09-16 16:35 - 2013-10-11 12:47 - 00113576 _____ (Real Sound Lab SIA) C:\Windows\system32\CONEQMSAPOGUILibrary.dll
2014-09-16 16:35 - 2013-10-11 11:31 - 00947760 _____ (Sony Corporation) C:\Windows\system32\SFSS_APO.dll
2014-09-16 16:35 - 2013-10-07 00:26 - 00501184 _____ (DTS) C:\Windows\system32\DTSU2PLFX64.dll
2014-09-16 16:35 - 2013-10-07 00:26 - 00487360 _____ (DTS) C:\Windows\system32\DTSU2PGFX64.dll
2014-09-16 16:35 - 2013-10-07 00:26 - 00415680 _____ (DTS) C:\Windows\system32\DTSU2PREC64.dll
2014-09-16 16:35 - 2013-08-14 15:36 - 00662784 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVolumeSDAPO.dll
2014-09-16 16:35 - 2013-08-14 15:35 - 00663296 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO30.dll
2014-09-16 16:35 - 2013-06-25 12:47 - 00871856 _____ (TOSHIBA Corporation) C:\Windows\system32\tossaeapo64.dll
2014-09-16 16:35 - 2013-06-25 12:47 - 00162224 _____ (TOSHIBA Corporation) C:\Windows\system32\toseaeapo64.dll
2014-09-16 16:35 - 2013-06-25 12:46 - 00582056 _____ (TOSHIBA Corporation) C:\Windows\system32\tosasfapo64.dll
2014-09-16 16:35 - 2013-06-21 11:01 - 00109848 _____ () C:\Windows\system32\AcpiServiceVnA64.dll
2014-09-16 16:35 - 2013-04-03 14:13 - 00906800 _____ (Sony Corporation) C:\Windows\system32\MISS_APO.dll
2014-09-16 16:35 - 2012-08-31 19:18 - 07164176 _____ (Dolby Laboratories) C:\Windows\system32\R4EEP64A.dll
2014-09-16 16:35 - 2012-08-31 19:17 - 00434960 _____ (Dolby Laboratories) C:\Windows\system32\R4EED64A.dll
2014-09-16 16:35 - 2012-08-31 19:17 - 00141584 _____ (Dolby Laboratories) C:\Windows\system32\R4EEL64A.dll
2014-09-16 16:35 - 2012-08-31 19:17 - 00124176 _____ (Dolby Laboratories) C:\Windows\system32\R4EEA64A.dll
2014-09-16 16:35 - 2012-08-31 19:17 - 00075024 _____ (Dolby Laboratories) C:\Windows\system32\R4EEG64A.dll
2014-09-16 16:35 - 2012-03-08 11:47 - 00108640 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAR64.dll
2014-09-16 16:35 - 2012-01-30 11:43 - 00836544 _____ (TOSHIBA Corporation) C:\Windows\system32\tadefxapo264.dll
2014-09-16 16:35 - 2012-01-10 10:20 - 00065944 _____ (TOSHIBA CORPORATION.) C:\Windows\system32\tepeqapo64.dll
2014-09-16 16:35 - 2011-12-20 15:32 - 00331880 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtlCPAPI64.dll
2014-09-16 16:35 - 2011-11-22 16:28 - 00014952 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCoLDR64.dll
2014-09-16 16:35 - 2011-09-02 14:21 - 00221024 _____ (Synopsys, Inc.) C:\Windows\system32\SFNHK64.dll
2014-09-16 16:35 - 2011-09-02 14:21 - 00081248 _____ (Synopsys, Inc.) C:\Windows\system32\SFCOM64.dll
2014-09-16 16:35 - 2011-09-02 14:21 - 00078688 _____ (Synopsys, Inc.) C:\Windows\system32\SFAPO64.dll
2014-09-16 16:35 - 2011-08-23 17:00 - 00603984 _____ (Knowles Acoustics ) C:\Windows\system32\KAAPORT64.dll
2014-09-16 16:35 - 2011-05-31 09:42 - 01756264 _____ (DTS) C:\Windows\system32\DTSS2SpeakerDLL64.dll
2014-09-16 16:35 - 2011-05-31 09:42 - 01568360 _____ (DTS) C:\Windows\system32\DTSS2HeadphoneDLL64.dll
2014-09-16 16:35 - 2011-05-31 09:42 - 01486952 _____ (DTS) C:\Windows\system32\DTSBoostDLL64.dll
2014-09-16 16:35 - 2011-05-31 09:42 - 00728680 _____ (DTS) C:\Windows\system32\DTSBassEnhancementDLL64.dll
2014-09-16 16:35 - 2011-05-31 09:42 - 00712296 _____ (DTS) C:\Windows\system32\DTSSymmetryDLL64.dll
2014-09-16 16:35 - 2011-05-31 09:42 - 00693352 _____ (DTS) C:\Windows\system32\DTSVoiceClarityDLL64.dll
2014-09-16 16:35 - 2011-05-31 09:42 - 00491112 _____ (DTS) C:\Windows\system32\DTSNeoPCDLL64.dll
2014-09-16 16:35 - 2011-05-31 09:42 - 00432744 _____ (DTS) C:\Windows\system32\DTSLimiterDLL64.dll
2014-09-16 16:35 - 2011-05-31 09:42 - 00428648 _____ (DTS) C:\Windows\system32\DTSGainCompensatorDLL64.dll
2014-09-16 16:35 - 2011-05-31 09:42 - 00242792 _____ (DTS) C:\Windows\system32\DTSLFXAPO64.dll
2014-09-16 16:35 - 2011-05-31 09:42 - 00242792 _____ (DTS) C:\Windows\system32\DTSGFXAPO64.dll
2014-09-16 16:35 - 2011-05-31 09:42 - 00241768 _____ (DTS) C:\Windows\system32\DTSGFXAPONS64.dll
2014-09-16 16:35 - 2011-03-17 12:17 - 01361336 _____ (TOSHIBA Corporation) C:\Windows\system32\tosade.dll
2014-09-16 16:35 - 2011-03-07 17:11 - 00148416 _____ (TOSHIBA Corporation) C:\Windows\system32\tadefxapo.dll
2014-09-16 16:35 - 2010-11-08 07:31 - 00375128 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEP64A.dll
2014-09-16 16:35 - 2010-11-08 07:31 - 00310104 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DHT64.dll
2014-09-16 16:35 - 2010-11-08 07:31 - 00310104 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DAA64.dll
2014-09-16 16:35 - 2010-11-08 07:31 - 00204120 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEED64A.dll
2014-09-16 16:35 - 2010-11-08 07:31 - 00101208 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEL64A.dll
2014-09-16 16:35 - 2010-11-08 07:31 - 00078680 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEG64A.dll
2014-09-16 16:35 - 2010-11-03 18:30 - 00149608 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCfg64.dll
2014-09-16 16:35 - 2010-09-27 09:34 - 00318808 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO20.dll
2014-09-16 16:35 - 2010-07-22 16:48 - 00074064 _____ (Virage Logic Corporation / Sonic Focus) C:\Windows\SysWOW64\SFCOM.dll
2014-09-16 16:35 - 2009-11-24 09:55 - 00518896 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSX64.dll
2014-09-16 16:35 - 2009-11-24 09:55 - 00211184 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSH64.dll
2014-09-16 16:35 - 2009-11-24 09:55 - 00198896 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSHP64.dll
2014-09-16 16:35 - 2009-11-24 09:55 - 00155888 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSWOW64.dll
2014-09-16 16:25 - 2014-09-16 16:25 - 00000000 ____D () C:\Program Files\Intel
2014-09-16 16:24 - 2014-09-16 16:24 - 00001556 _____ () C:\Windows\system32\WmiConf.txt
2014-09-16 16:23 - 2014-05-02 12:02 - 00495376 _____ (Intel Corporation) C:\Windows\system32\Drivers\e1c62x64.sys
2014-09-16 16:23 - 2013-07-25 03:08 - 00073480 _____ (Intel Corporation) C:\Windows\system32\e1cmsg.dll
2014-09-16 16:23 - 2013-07-11 03:27 - 00089888 _____ (Intel Corporation) C:\Windows\system32\NicInstC.dll
2014-09-16 16:16 - 2014-09-16 16:16 - 00000000 ____D () C:\Program Files (x86)\SystemRequirementsLab
2014-09-14 14:43 - 2014-09-14 14:43 - 00272808 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-09-14 14:43 - 2014-09-14 14:43 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-09-14 14:43 - 2014-09-14 14:43 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-09-14 14:43 - 2014-09-14 14:43 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-09-14 14:43 - 2014-09-14 14:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-09-14 14:43 - 2014-09-14 14:43 - 00000000 ____D () C:\Program Files (x86)\Java
2014-09-13 11:58 - 2014-09-13 12:01 - 00008324 ____C () D:\Users\Pickett_Kevin\Documents\security view.jvsg
2014-09-11 12:29 - 2014-09-11 12:29 - 00000000 ___DC () D:\Users\Pickett_Kevin\AppData\Roaming\JVSG
2014-09-10 19:53 - 2014-09-15 13:13 - 00016401 ____C () D:\Users\Pickett_Kevin\Documents\IP Security Cams.xlsx

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-10-02 09:36 - 2013-09-29 12:57 - 00000912 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-10-02 02:00 - 2014-07-01 15:00 - 00000000 ___DC () D:\Users\Pickett_Kevin\AppData\Local\Adobe
2014-10-01 21:36 - 2013-09-29 12:57 - 00000908 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-10-01 17:21 - 2014-01-26 17:20 - 00000000 ___DC () D:\Users\Pickett_Kevin\AppData\Roaming\Notepad++
2014-10-01 16:37 - 2013-06-17 10:55 - 00001271 ____C () D:\Users\Pickett_Kevin\AppData\Roaming\Network Meter_Settings.ini
2014-10-01 16:11 - 2013-06-17 12:40 - 00000000 ___DC () D:\Users\Pickett_Kevin\AppData\Roaming\uTorrent
2014-10-01 11:33 - 2013-06-15 13:20 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-10-01 11:30 - 2014-02-06 12:27 - 00000000 ___DC () D:\Users\Pickett_Kevin\AppData\Local\CrashDumps
2014-10-01 11:30 - 2013-11-09 21:30 - 00000000 ___DC () D:\Users\Pickett_Kevin\AppData\Roaming\TeamViewer
2014-10-01 11:29 - 2014-02-11 15:56 - 00000000 ___DC () D:\Users\Pickett_Kevin\AppData\Roaming\ClassicShell
2014-09-30 16:28 - 2013-06-17 10:42 - 00000000 ___DC () D:\Users\Pickett_Kevin\AppData\Roaming\vlc
2014-09-30 16:16 - 2014-08-20 14:02 - 00003354 _____ () C:\Windows\System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-2418582845-3554272899-2585186520-1000
2014-09-30 16:16 - 2013-07-30 16:09 - 00003236 _____ () C:\Windows\System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-2418582845-3554272899-2585186520-1000
2014-09-30 16:16 - 2013-07-30 16:08 - 00000000 ____D () C:\ProgramData\Real
2014-09-29 15:12 - 2013-10-04 11:18 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-09-29 15:12 - 2013-10-04 11:18 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-09-29 14:53 - 2014-02-13 12:23 - 00000000 ____D () C:\Program Files (x86)\Microsoft Help Viewer
2014-09-28 17:01 - 2014-05-10 11:45 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-09-28 16:59 - 2013-06-17 12:33 - 00000900 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\WinZip.lnk
2014-09-28 16:59 - 2013-06-17 12:33 - 00000000 ____D () C:\Program Files\WinZip
2014-09-28 16:59 - 2013-06-17 09:25 - 00000000 ___DC () D:\Users\Pickett_Kevin
2014-09-28 16:58 - 2013-06-18 13:28 - 00000960 ____C () D:\Users\Pickett_Kevin\Desktop\Temp File Cleaner.lnk
2014-09-28 16:58 - 2013-06-18 13:28 - 00000877 ____C () D:\Users\Pickett_Kevin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Temp File Cleaner.lnk
2014-09-28 16:56 - 2014-02-13 12:22 - 00000000 ____D () C:\Program Files\Microsoft SQL Server
2014-09-28 16:53 - 2013-06-14 16:49 - 00000765 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk
2014-09-28 16:46 - 2014-02-06 17:52 - 00000925 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 9.lnk
2014-09-28 16:28 - 2013-06-14 16:23 - 00001163 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Belarc Advisor.lnk
2014-09-28 16:25 - 2013-06-15 17:18 - 00000000 ____D () C:\Program Files (x86)\Adobe
2014-09-28 14:45 - 2013-12-06 15:13 - 00042640 ____C () D:\Users\Pickett_Kevin\IP_Log_Data.js
2014-09-28 14:45 - 2009-07-13 23:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-09-28 12:56 - 2009-07-13 21:20 - 00000000 ____D () C:\Windows\rescache
2014-09-28 12:25 - 2009-07-13 23:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-09-28 12:25 - 2009-07-13 23:32 - 00000000 ____D () C:\Program Files\Microsoft Games
2014-09-28 12:22 - 2014-01-01 11:52 - 00000000 ____D () C:\ProgramData\Package Cache
2014-09-28 11:40 - 2013-06-15 17:35 - 00000000 ____D () C:\Windows\Sun
2014-09-28 11:23 - 2014-08-20 15:53 - 00000000 ____D () C:\Qoobox
2014-09-28 11:21 - 2009-07-13 20:34 - 00000215 _____ () C:\Windows\system.ini
2014-09-28 11:20 - 2014-08-20 15:53 - 00000000 ____D () C:\Windows\erdnt
2014-09-28 11:20 - 2009-07-13 20:34 - 23330816 _____ () C:\Windows\system32\config\SYSTEM.bak
2014-09-28 11:20 - 2009-07-13 20:34 - 147587072 _____ () C:\Windows\system32\config\SOFTWARE.bak
2014-09-28 11:20 - 2009-07-13 20:34 - 09961472 _____ () C:\Windows\system32\config\DEFAULT.bak
2014-09-28 11:20 - 2009-07-13 20:34 - 00262144 _____ () C:\Windows\system32\config\SECURITY.bak
2014-09-28 11:20 - 2009-07-13 20:34 - 00262144 _____ () C:\Windows\system32\config\SAM.bak
2014-09-27 20:04 - 2013-06-15 13:19 - 00000000 ____D () C:\Windows\System32\Tasks\ASUS
2014-09-27 20:04 - 2009-07-13 23:09 - 00000000 ____D () C:\Windows\System32\Tasks\WPD
2014-09-27 20:04 - 2009-07-13 21:20 - 00000000 ____D () C:\Windows\AppCompat
2014-09-27 20:04 - 2009-07-13 21:20 - 00000000 ____D () C:\Program Files\Common Files\System
2014-09-27 20:02 - 2014-03-18 16:26 - 00000000 ___DC () D:\Users\DefaultAppPool
2014-09-27 20:02 - 2014-02-12 14:30 - 00000000 ___DC () D:\Users\Pickett_Kevin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-09-27 20:02 - 2013-07-22 12:23 - 00000000 ___DC () D:\Users\Mcx1-ASUS_I7
2014-09-27 20:02 - 2013-06-17 09:23 - 00000000 ___DC () D:\Users\Administrator
2014-09-27 20:00 - 2010-11-20 21:24 - 01008640 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll
2014-09-27 20:00 - 2010-11-20 21:24 - 00833024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll
2014-09-27 20:00 - 2010-11-20 21:24 - 00419840 _____ (Microsoft Corporation) C:\Windows\system32\systemcpl.dll
2014-09-27 20:00 - 2010-11-20 21:24 - 00014848 _____ (Microsoft Corporation) C:\Windows\system32\slwga.dll
2014-09-27 20:00 - 2010-11-20 21:23 - 00013824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\slwga.dll
2014-09-27 19:34 - 2009-07-13 22:45 - 00000000 ____D () C:\Windows\Setup
2014-09-27 17:09 - 2013-06-17 09:25 - 00001285 ____C () D:\Users\Pickett_Kevin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-09-27 17:09 - 2013-06-15 17:00 - 00000816 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-09-25 10:49 - 2014-03-12 10:15 - 00000000 ___DC () D:\Users\Pickett_Kevin\AppData\Local\Apps\2.0
2014-09-25 09:57 - 2013-06-17 13:03 - 00000000 ___DC () D:\Users\Pickett_Kevin\Documents\Network Monitor 3
2014-09-22 00:42 - 2010-11-20 21:27 - 00278152 _____ (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-09-21 12:06 - 2013-07-22 10:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\xLights
2014-09-19 15:07 - 2013-06-18 09:37 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audio Video Tools
2014-09-17 12:16 - 2009-07-13 21:20 - 00000000 ____D () C:\Windows\registration
2014-09-17 11:16 - 2013-06-15 17:20 - 00000000 ____D () C:\Windows\SysWOW64\Adobe
2014-09-17 10:44 - 2013-06-17 12:17 - 00000000 ____D () C:\ProgramData\Advanced
2014-09-17 10:44 - 2009-07-13 22:57 - 00001547 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2014-09-17 10:40 - 2014-01-28 15:26 - 00000000 ____D () C:\ProgramData\Standard
2014-09-16 16:36 - 2013-06-15 13:58 - 00000000 ___HD () C:\Program Files (x86)\Temp
2014-09-16 16:36 - 2013-06-15 13:58 - 00000000 ____D () C:\Windows\SysWOW64\RTCOM
2014-09-16 16:33 - 2013-06-15 13:58 - 00000000 ____D () C:\Program Files (x86)\Realtek
2014-09-16 16:30 - 2013-09-12 15:27 - 00020754 _____ () C:\Windows\system32\results.xml
2014-09-16 16:27 - 2013-09-12 15:27 - 00000000 ____D () C:\ProgramData\Intel
2014-09-16 16:27 - 2013-06-15 13:12 - 00000000 ____D () C:\Program Files (x86)\Intel
2014-09-16 16:09 - 2013-06-16 12:53 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Master Collection CS6
2014-09-16 15:22 - 2013-06-15 13:16 - 00001769 _____ () C:\Windows\Language_trs.ini
2014-09-16 15:10 - 2013-06-15 13:49 - 04044528 _____ () C:\Windows\PE_Rom.dll
2014-09-16 14:49 - 2009-07-13 23:08 - 00032612 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-09-16 13:17 - 2013-06-18 12:00 - 00000000 ___DC () D:\Users\Pickett_Kevin\AppData\Roaming\Jovian
2014-09-14 17:14 - 2014-01-29 17:43 - 00221184 ____C () D:\Users\Pickett_Kevin\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-09-14 17:10 - 2014-01-29 16:53 - 00000000 ___DC () D:\Users\Pickett_Kevin\AppData\Local\Apple Computer
2014-09-14 15:16 - 2013-01-30 17:52 - 00000000 __RDC () D:\Users\Pickett_Kevin\Dropbox
2014-09-14 15:07 - 2013-06-18 11:31 - 00001044 ____C () D:\Users\Pickett_Kevin\Desktop\Dropbox.lnk
2014-09-14 15:07 - 2013-06-18 11:29 - 00000000 ___DC () D:\Users\Pickett_Kevin\AppData\Roaming\Dropbox
2014-09-14 15:04 - 2013-06-24 17:50 - 00000000 ___DC () D:\Users\Pickett_Kevin\AppData\Roaming\FileZilla
2014-09-14 15:00 - 2013-06-17 12:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client
2014-09-14 14:50 - 2014-05-11 11:55 - 00000000 ____D () C:\ProgramData\TEMP
2014-09-14 14:43 - 2013-10-05 11:24 - 00000000 ____D () C:\ProgramData\Oracle
2014-09-10 12:13 - 2013-06-17 14:52 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Light-O-Rama
2014-09-10 12:04 - 2013-06-17 14:52 - 00000000 ____D () C:\ProgramData\Light-O-Rama
2014-09-10 10:50 - 2013-06-16 13:11 - 00000000 ____D () C:\ProgramData\regid.1986-12.com.adobe
2014-09-03 13:53 - 2013-06-17 14:56 - 00000000 ____D () C:\ProgramData\LOROC

Files to move or delete:
====================
D:\Users\Pickett_Kevin\IP_Log_Data.js
D:\Users\Pickett_Kevin\mkvreg.reg


Some content of TEMP:
====================
D:\Users\Pickett_Kevin\AppData\Local\Temp\bi_update.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


testsigning: ==> Check for possible unsigned rootkit driver <===== ATTENTION!


nointegritychecks: ==> Integrity Checks is disabled <===== ATTENTION!


LastRegBack: 2014-09-26 00:59

==================== End Of Log ============================


  • 0

#5
pickett
Posted 02 October 2014 - 09:39 AM

pickett

    Member

  • Topic Starter
  • Member
  • PipPip
  • 22 posts

Here is the Addition Log:

 

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 28-09-2014 02
Ran by Pickett_Kevin at 2014-10-02 09:37:49
Running from D:\_Master Software\_ System Cleaners & Utilities\_Virus, Sys Cleaners, Registry
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Microsoft Security Essentials (Enabled - Up to date) {641105E6-77ED-3F35-A304-765193BCB75F}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Microsoft Security Essentials (Enabled - Up to date) {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

 Tools for .Net 3.5 (x32 Version: 3.11.50727 - Microsoft Corporation) Hidden
µTorrent (HKCU\...\uTorrent) (Version: 3.4.2.34309 - BitTorrent Inc.)
4500_G510gm_Help (x32 Version: 000.0.440.000 - Hewlett-Packard) Hidden
4500G510gm (x32 Version: 000.0.423.000 - Hewlett-Packard) Hidden
4500G510gm_Software_Min (x32 Version: 000.0.423.000 - Hewlett-Packard) Hidden
64 Bit HP CIO Components Installer (Version: 7.2.8 - Hewlett-Packard) Hidden
ActivePerl 5.16.3 Build 1604 (64-bit) (HKLM\...\{A7915697-1675-433D-AD07-759E8550582F}) (Version: 5.16.1604 - ActiveState)
Adobe Acrobat XI Pro (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-000000000006}) (Version: 11.0.07 - Adobe Systems)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 14.0.0.178 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 14.0.0.178 - Adobe Systems Incorporated) Hidden
Adobe Anchor Service CS4 (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Creative Suite 5 Master Collection (HKLM-x32\...\{288DB08D-0708-4A94-B055-55B99E39EB62}) (Version: 5.0 - Adobe Systems Incorporated)
Adobe Creative Suite 6 Master Collection (HKLM-x32\...\{E8AD3069-9EB7-4BA8-8BFE-83F4E69355C0}) (Version: 6 - Adobe Systems Incorporated)
Adobe Director 11.5 (HKLM-x32\...\Adobe_46f17ca4f5daa9524ac09ba8d50e980) (Version: 11.5 - Adobe Systems Incorporated)
Adobe Director 11.5 (x32 Version: 11.5 - Adobe Systems Incorporated) Hidden
Adobe Download Assistant (HKLM-x32\...\com.adobe.downloadassistant.AdobeDownloadAssistant) (Version: 1.2.6 - Adobe Systems Incorporated)
Adobe Download Assistant (x32 Version: 1.2.6 - Adobe Systems Incorporated) Hidden
Adobe Encore CS6 Library (HKLM-x32\...\{07E80932-FFB1-402D-9198-18C58EBAF216}) (Version: 6.0.0 - Adobe Systems Incorporated)
Adobe Flash Player 14 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 14.0.0.145 - Adobe Systems Incorporated)
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.152 - Adobe Systems Incorporated)
Adobe Help Manager (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 4.0.244 - Adobe Systems Incorporated)
Adobe Help Manager (x32 Version: 4.0.244 - Adobe Systems Incorporated) Hidden
Adobe Premiere Pro CS6 Functional Content (HKLM-x32\...\{614020C8-2E16-4E16-A5F0-04DE2AB96097}) (Version: 6.0.0 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.09) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.09 - Adobe Systems Incorporated)
Adobe Setup (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.1.3.153 - Adobe Systems, Inc.)
Adobe Soundbooth CS5 Codecs (HKLM-x32\...\{DE5DE662-2ECB-4D93-967B-221FBCC8A736}) (Version: 3.0 - Adobe Systems Incorporated)
Adobe Soundbooth CS5 Royalty Codecs (HKLM-x32\...\{F319804F-E3A4-4C02-8AEC-CB39A4F6447E}) (Version: 3.0 - Adobe Systems Incorporated)
Adobe Update Manager CS4 (x32 Version: 6.0.0 - Adobe Systems Incorporated) Hidden
Adobe Widget Browser (HKLM-x32\...\com.adobe.WidgetBrowser) (Version: 2.0 Build 348 - Adobe Systems Incorporated.)
Adobe Widget Browser (x32 Version: 2.0.348 - Adobe Systems Incorporated.) Hidden
Adobe® Content Viewer (HKLM-x32\...\com.adobe.dmp.contentviewer) (Version: 3.4.3 - Adobe Systems, Incorporated)
Adobe® Content Viewer (x32 Version: 3.4.3 - Adobe Systems, Incorporated) Hidden
AI Suite II (HKLM-x32\...\{34D3688E-A737-44C5-9E2A-FF73618728E1}) (Version: 2.01.01 - ASUSTeK Computer Inc.)
AMD Accelerated Video Transcoding (Version: 12.10.100.30328 - Advanced Micro Devices, Inc.) Hidden
AMD Catalyst Install Manager (HKLM\...\{C8807716-1F6F-5C43-3C32-7295A45CF060}) (Version: 8.0.911.0 - Advanced Micro Devices, Inc.)
AMD Drag and Drop Transcoding (Version: 2.00.0000 - Advanced Micro Devices, Inc.) Hidden
AMD Media Foundation Decoders (Version: 1.0.80328.2204 - Advanced Micro Devices, Inc.) Hidden
Apple Application Support (HKLM-x32\...\{D9DAD0FF-495A-472B-9F10-BAE430A26682}) (Version: 3.0.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{787136D2-F0F8-4625-AA3F-72D7795AC842}) (Version: 7.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Asmedia ASM104x USB 3.0 Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.14.1.0 - Asmedia Technology)
ASUS PC Diagnostics (HKLM-x32\...\{D709005F-D8DC-42A8-8435-5AE880ECAF82}) (Version: 1.1.5 - ASUSTeK Computer Inc.)
AVS Audio Converter 7 (HKLM-x32\...\AVS Audio Converter_is1) (Version: 7.2.1.528 - Online Media Technologies Ltd.)
AVS Audio Editor 7.1 (HKLM-x32\...\AVS Audio Editor_is1) (Version: 7.2.1.487 - Online Media Technologies Ltd.)
AVS Cover Editor 2.0.1.3 (HKLM-x32\...\AVSCoverEditor2_is1) (Version: 2.0.1.3 - Online Media Technologies Ltd.)
AVS Disc Creator 5 (HKLM-x32\...\AVS Disc Creator_is1) (Version: 5.1.2.525 - Online Media Technologies Ltd.)
AVS DVD Copy 4.1.2.283 (HKLM-x32\...\AVS DVD Copy_is1) (Version: 4.1.2.283 - Online Media Technologies Ltd.)
AVS Image Converter 3.0.2.270 (HKLM-x32\...\AVS Image Converter_is1) (Version: 3.0.2.270 - Online Media Technologies Ltd.)
AVS Media Player 4.2.2.104 (HKLM-x32\...\AVS Media Player_is1) (Version: 4.2.2.104 - Online Media Technologies Ltd.)
AVS Photo Editor (HKLM-x32\...\AVS Photo Editor_is1) (Version: 2.1.2.136 - Online Media Technologies Ltd.)
AVS Registry Cleaner 2.3.1.255 (HKLM-x32\...\AVS Registry Cleaner_is1) (Version: 2.3.1.255 - Online Media Technologies Ltd.)
AVS Ringtone Maker version 1.6 (HKLM-x32\...\AVS Ringtone Maker 1.6_is1) (Version: 1.6.1.140 - Online Media Technologies Ltd.)
AVS Video Converter 8 (HKLM-x32\...\AVS4YOU Video Converter 7_is1) (Version: 8.4.2.541 - Online Media Technologies Ltd.)
AVS Video Editor 6 (HKLM-x32\...\AVS Video Editor_is1) (Version: 6.4.2.241 - Online Media Technologies Ltd.)
AVS Video ReMaker 4.2.2.153 (HKLM-x32\...\AVS Video ReMaker_is1) (Version: 4.2.2.153 - Online Media Technologies Ltd.)
AzureTools.Notifications (x32 Version: 2.1.10731.1602 - Microsoft Corporation) Hidden
Behaviors SDK (XAML) for Visual Studio (x32 Version: 12.0.41002.1 - Microsoft Corporation) Hidden
Belarc Advisor 8.3 (HKLM-x32\...\Belarc Advisor) (Version: 8.3.2.0 - Belarc Inc.)
bl (x32 Version: 1.0.0 - Your Company Name) Hidden
Blend for Visual Studio 2013 (x32 Version: 12.0.41002.1 - Microsoft Corporation) Hidden
Blend for Visual Studio 2013 ENU resources (x32 Version: 12.0.41002.1 - Microsoft Corporation) Hidden
Blend for Visual Studio SDK for .NET 4.5 (x32 Version: 3.0.40218.0 - Microsoft Corporation) Hidden
Blend for Visual Studio SDK for Silverlight 5 (x32 Version: 3.0.40218.0 - Microsoft Corporation) Hidden
Blue Iris 3 (HKLM-x32\...\InstallShield_{5923C82E-6BB6-4186-AF14-3066D1F29323}) (Version: 3.09.03 - Perspective Software)
Blue Iris 3 (x32 Version: 3.09.03 - Perspective Software) Hidden
Blue Iris ActiveX Control (HKLM-x32\...\InstallShield_{7106E079-28CA-4FEC-A083-6577EB674526}) (Version: 3.0.0.9 - Perspective Software)
Blue Iris ActiveX Control (x32 Version: 3.0.0.9 - Perspective Software) Hidden
Bluetooth Win7 Suite (64) (HKLM\...\{230D1595-57DA-4933-8C4E-375797EBB7E1}) (Version: 7.2.0.65 - Atheros Communications)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
BufferChm (x32 Version: 130.0.331.000 - Hewlett-Packard) Hidden
Build Tools - amd64 (Version: 12.0.30110 - Microsoft Corporation) Hidden
Build Tools - x86 (x32 Version: 12.0.30110 - Microsoft Corporation) Hidden
Build Tools Language Resources - amd64 (Version: 12.0.30110 - Microsoft Corporation) Hidden
Build Tools Language Resources - x86 (x32 Version: 12.0.30110 - Microsoft Corporation) Hidden
Bulk Rename Utility 2.7.1.2 (HKLM\...\Bulk Rename Utility_is1) (Version:  - TGRMN Software)
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center (x32 Version: 2013.0328.2218.38225 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2013.0328.2218.38225 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2013.0328.2218.38225 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2013.0328.2218.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Standard (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Traditional (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Czech (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Danish (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Dutch (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help English (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Finnish (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help French (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help German (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Greek (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Hungarian (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Italian (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Japanese (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Korean (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Norwegian (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Polish (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Portuguese (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Russian (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Spanish (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Swedish (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Thai (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Turkish (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
ccc-utility64 (Version: 2013.0328.2218.38225 - Advanced Micro Devices, Inc.) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 4.18 - Piriform)
Classic Shell (HKLM\...\{2368907C-E8F6-4750-A023-254C3E2B5E8D}) (Version: 4.0.4 - IvoSoft)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Destinations (x32 Version: 130.0.0.0 - Hewlett-Packard) Hidden
DeviceDiscovery (x32 Version: 130.0.372.000 - Hewlett-Packard) Hidden
DFX (HKLM-x32\...\DFX) (Version: 11.110.0.0 - Power Technology)
DMX Utilities (HKLM-x32\...\ST6UNST #1) (Version:  - )
DocMgr (x32 Version: 130.0.000.000 - Hewlett-Packard) Hidden
DocProc (x32 Version: 13.0.0.0 - Hewlett-Packard) Hidden
Dos Panel 1.1 (HKLM-x32\...\Dos Panel_is1) (Version: 1.0 - J. Rathlev)
Dotfuscator and Analytics Community Edition (x32 Version: 5.5.4954.46574 - PreEmptive Solutions) Hidden
Dropbox (HKCU\...\Dropbox) (Version: 2.10.28 - Dropbox, Inc.)
DVD Inventory 2.2.0.0 (HKLM-x32\...\DVDInventory_is1) (Version:  - Doena Soft.)
Elevated Installer (x32 Version: 2.3.17.0 - Garmin Ltd or its subsidiaries) Hidden
Entity Framework Tools for Visual Studio 2013 (HKLM-x32\...\{08AEF86A-1956-4846-B906-B01350E96E30}) (Version: 12.0.20912.0 - Microsoft Corporation)
eWallet 7.6.2 for Windows PCs (HKLM-x32\...\Ilium Software eWallet_is1) (Version: 7.6.2 - Ilium Software)
Falcon µSC SSC Programmer (HKLM-x32\...\{D5EF61DC-27CD-436B-9FD5-9E192E78DBED}) (Version: 1.0.12 - FalconChristmas.com)
Falcon Controller Software (HKLM-x32\...\{99D6AD06-7CA1-4A27-A15C-C0256B29E8D1}) (Version: 1.1.0 - Falcon Christmas)
Fax (x32 Version: 130.0.418.000 - Hewlett-Packard) Hidden
FFmpeg v0.6.2 for Audacity (HKLM-x32\...\FFmpeg for Audacity_is1) (Version:  - )
FileZilla Client 3.9.0.5 (HKLM-x32\...\FileZilla Client) (Version: 3.9.0.5 - Tim Kosse)
Free YouTube Downloader 3.5.176 (HKLM-x32\...\{A7E19604-93AF-4611-8C9F-CE509C2B286F}_is1) (Version:  - HOW Inc.)
Garmin City Navigator North America NT 2014.30 Update (HKLM-x32\...\{6D30B301-7D44-4D64-9369-638E0101F922}) (Version: 17.30.0.0 - Garmin Ltd or its subsidiaries)
Garmin Communicator Plugin (HKLM-x32\...\{647BB978-2876-487B-9B0E-FDB73F0EA4A2}) (Version: 4.0.4 - Garmin Ltd or its subsidiaries)
Garmin Communicator Plugin x64 (HKLM\...\{237D687E-9E50-4A30-B810-262764CC491B}) (Version: 4.0.4 - Garmin Ltd or its subsidiaries)
Garmin Express (HKLM-x32\...\{d6f59919-3fd4-48c5-8404-def6f92d8422}) (Version: 2.3.17.0 - Garmin Ltd or its subsidiaries)
Garmin Express (x32 Version: 2.3.17.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin Express Tray (x32 Version: 2.3.17.0 - Garmin Ltd or its subsidiaries) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 37.0.2062.124 - Google Inc.)
Google Drive (HKLM-x32\...\{C6640705-7479-4EE5-BC86-879F05F65E74}) (Version: 1.17.7290.4094 - Google, Inc.)
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
GoPro Studio 2.0.1 (HKLM-x32\...\GoPro Studio) (Version: 2.0.1 - WoodmanLabs Inc. d.b.a. GoPro)
GPBaseService2 (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
Haali Media Splitter (HKLM-x32\...\HaaliMkx) (Version:  - )
HP Document Manager 2.0 (HKLM\...\HP Document Manager) (Version: 2.0 - HP)
HP Imaging Device Functions 13.0 (HKLM\...\HP Imaging Device Functions) (Version: 13.0 - HP)
HP Officejet 4500 G510g-m (HKLM\...\{E5083D57-D93F-404C-A91F-1C50D67C2BEB}) (Version: 13.0 - HP)
HP Solution Center 13.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 13.0 - HP)
HP Update (HKLM-x32\...\{97486FBE-A3FC-4783-8D55-EA37E9D171CC}) (Version: 5.005.000.002 - Hewlett-Packard)
HPDiagnosticAlert (x32 Version: 1.00.0000 - Microsoft) Hidden
HPProductAssistant (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
IIS 8.0 Express (HKLM\...\{7BF61FA9-BDFB-4563-98AD-FCB0DA28CCC7}) (Version: 8.0.1557 - Microsoft Corporation)
IIS Express Application Compatibility Database for x64 (HKLM\...\{9f4f4a9b-eec5-4906-92fe-d1f43ccf5c8d}.sdb) (Version:  - )
IIS Express Application Compatibility Database for x86 (HKLM\...\{fdfba1f3-74ae-4255-9c10-a0f552b4610f}.sdb) (Version:  - )
InstallShield 2013 Limited Edition (HKLM-x32\...\{6781C524-2DA2-4182-908C-8B204E0DD47C}) (Version: 20.00.0000 - Flexera Software LLC)
Intel® Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel® Network Connections 19.3.141.0 (HKLM\...\PROSetDX) (Version: 19.3.141.0 - Intel)
Intel® Network Connections 19.3.141.0 (Version: 19.3.141.0 - Intel) Hidden
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.3517 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.6.2.1001 - Intel Corporation)
Intel® SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
Intel® Watchdog Timer Driver (Intel® WDT) (HKLM-x32\...\{3FD0C489-0F02-481a-A3E1-9754CD396761}) (Version:  - Intel Corporation)
Itibiti RTC (x32 Version: 0.0.1 - Itibiti Inc) Hidden
iTunes (HKLM\...\{5A68A656-979F-4168-8795-E2E368AA4DC2}) (Version: 11.2.2.3 - Apple Inc.)
Java 7 Update 67 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217067FF}) (Version: 7.0.670 - Oracle)
Java Auto Updater (x32 Version: 2.1.67.1 - Oracle, Inc.) Hidden
JavaScript Tooling (Version: 12.0.30110 - Microsoft Corporation) Hidden
JavaScript Tooling (x32 Version: 12.0.30110 - Microsoft Corporation) Hidden
Jovian Color Picker (HKCU\...\Jovian) (Version:  - Ken Nign)
kitchi (HKLM-x32\...\{9C1BEFA5-147E-4F99-9F84-E5FFC790612F}) (Version: 4.5.0 - PW2 Computer Services)
LADSPA_plugins-win-0.4.15 (HKLM-x32\...\LADSPA_plugins-win_is1) (Version:  - Audacity Team)
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version:  - )
LD Calculator Lite 1.02 b1 (HKLM-x32\...\LD Calculator Lite_is1) (Version:  - Paul Pelletier)
Lightjams (HKLM\...\{069058C4-E695-441B-88A6-7091D7E62E74}) (Version: 1.0.248 - LJ)
Light-O-Rama (HKLM-x32\...\{E744BFEA-E027-441E-83A2-36202F661E31}) (Version: 3.11.2 - Light-O-Rama)
LocalESPC Dev12 (x32 Version: 8.100.25984 - Microsoft Corporation) Hidden
LocalESPCui for en-us Dev12 (x32 Version: 8.100.25984 - Microsoft) Hidden
LOR Object Creator (HKLM-x32\...\{FC1E7811-EE3E-4646-9F46-1FAFD6057897}) (Version: 9.8.7 - Shannon (cyberfix))
Macromedia FreeHand MXa (HKLM-x32\...\{939740B5-0064-4779-854A-8C1086181C05}) (Version: 11.0.2 - Macromedia)
Magic Bullet Suite 64-bit (HKLM-x32\...\InstallShield_{4D2F05BB-228E-4081-B94C-50AD015EE462}) (Version: 11.4.2 - Red Giant Software)
Magic Bullet Suite 64-bit (Version: 11.4.2 - Red Giant Software) Hidden
Malwarebytes Anti-Malware version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Microsoft .NET Framework 1.1 (HKLM-x32\...\{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}) (Version: 1.1.4322 - Microsoft)
Microsoft .NET Framework 4 Multi-Targeting Pack (x32 Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5 Multi-Targeting Pack (HKLM-x32\...\{56E962F0-4FB0-3C67-88DB-9EAA6EEFC493}) (Version: 4.5.50710 - Microsoft Corporation)
Microsoft .NET Framework 4.5 SDK (HKLM-x32\...\{4AE57014-05C4-4864-A13D-86517A7E1BA4}) (Version: 4.5.50710 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (ENU) (HKLM-x32\...\{D3517C62-68A5-37CF-92F7-93C029A89681}) (Version: 4.5.50932 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (HKLM-x32\...\{6A0C6700-EA93-372C-8871-DCCF13D160A4}) (Version: 4.5.50932 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 RC Multi-Targeting Pack for Windows Store Apps (ENU) (x32 Version: 4.5.21005 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 RC Multi-Targeting Pack for Windows Store Apps (x32 Version: 4.5.21005 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 SDK (HKLM-x32\...\{19A5926D-66E1-46FC-854D-163AA10A52D3}) (Version: 4.5.51641 - Microsoft Corporation)
Microsoft Advertising SDK for Windows 8.1 - ENU (x32 Version: 8.1.30809.0 - Microsoft Corporation) Hidden
Microsoft Advertising Service Extension for Visual Studio (x32 Version: 12.0.30809.0 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft ASP.NET MVC 3 (HKLM-x32\...\{DCDEC776-BADD-48B9-8F9A-DFF513C3D7FA}) (Version: 3.0.20105.0 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 - Visual Studio 2013 - ENU (x32 Version: 4.1.21001.0 - Microsoft Corporation) Hidden
Microsoft ASP.NET MVC 4 Runtime (x32 Version: 4.0.20716.0 - Microsoft Corporation) Hidden
Microsoft ASP.NET Web Frameworks and Tools - Visual Studio 2013 - ENU (x32 Version: 5.0.11213.0 - Microsoft Corporation) Hidden
Microsoft ASP.NET Web Pages (HKLM-x32\...\{631471BE-DEAB-454B-A9AC-CE3EB42C28B3}) (Version: 1.0.20105.0 - Microsoft Corporation)
Microsoft ASP.NET Web Pages 2 - Visual Studio 2013 - ENU (x32 Version: 4.1.21001.0 - Microsoft Corporation) Hidden
Microsoft ASP.NET Web Pages 2 Runtime (x32 Version: 2.0.20716.0 - Microsoft Corporation) Hidden
Microsoft C++ REST SDK for Visual Studio 2013 (x32 Version: 1.0 - Microsoft Corporation) Hidden
Microsoft Exchange Web Services Managed API 2.1 (HKLM-x32\...\{24CA683D-8174-4EBF-AD4D-3F2DD7814716}) (Version: 15.0.847.30 - Microsoft Corporation)
Microsoft Expression Blend SDK for .NET 4 (x32 Version: 2.0.20525.0 - Microsoft Corporation) Hidden
Microsoft Help Viewer 2.1 (HKLM-x32\...\Microsoft Help Viewer 2.1) (Version: 2.1.21005 - Microsoft Corporation)
Microsoft Help Viewer 2.1 (x32 Version: 2.1.21005 - Microsoft Corporation) Hidden
Microsoft Identity Extensions (Version: 2.0.1459.0 - Microsoft Corporation) Hidden
Microsoft LightSwitch for Visual Studio 2013 Core (x32 Version: 12.0.30225 - Microsoft Corporation) Hidden
Microsoft LightSwitch for Visual Studio 2013 CoreRes - ENU (x32 Version: 12.0.30225 - Microsoft Corporation) Hidden
Microsoft LightSwitch for Visual Studio 2013 v4.5 Tools (x32 Version: 12.0.30225 - Microsoft Corporation) Hidden
Microsoft LightSwitch for Visual Studio 2013 v4.5 ToolsRes - ENU (x32 Version: 12.0.30225 - Microsoft Corporation) Hidden
Microsoft LightSwitch v4.5 SDK (x32 Version: 12.0.30225 - Microsoft Corporation) Hidden
Microsoft Network Monitor 3.4 (HKLM\...\{8C5B5A11-CBF8-451B-B201-77FAB0D0B77D}) (Version: 3.4.2350.0 - Microsoft Corporation)
Microsoft Network Monitor: NetworkMonitor Parsers 3.4 (HKLM\...\{963E5FEB-1367-46B9-851D-A957F1A3747F}) (Version: 3.4.2350.0 - Microsoft Corporation)
Microsoft NuGet - Visual Studio 2013 (x32 Version: 2.7.41101.371 - Microsoft Corporation) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-0030-0000-0000-0000000FF1CE}_ENTERPRISER_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden
Microsoft Office 2013 Developer Tools for Microsoft Visual Studio (x64) - ENU Language Pack (Version: 12.0.30225 - Microsoft Corporation) Hidden
Microsoft Office 2013 Developer Tools for Microsoft Visual Studio (x64) (Version: 12.0.30225 - Microsoft Corporation) Hidden
Microsoft Office Access MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Access Setup Metadata MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Developer Tools for Visual Studio 2013 - March 2014 Update (HKLM-x32\...\{b9a142c4-c707-417c-8025-1ced2b024004}) (Version: 12.0.30225.0 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISER) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Groove MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Groove Setup Metadata MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden
Microsoft Office Publisher MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Visio 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0051-0000-0000-0000000FF1CE}_VISPRO_{CE144BF4-4950-4CDB-A5F7-CCE1888F49CB}) (Version:  - Microsoft)
Microsoft Office Visio 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden
Microsoft Office Visio MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Visio Professional 2007 (HKLM-x32\...\VISPRO) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Visio Professional 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Portable Library Multi-Targeting Pack (x32 Version: 12.0.21005.01 - Microsoft Corporation) Hidden
Microsoft Portable Library Multi-Targeting Pack Language Pack - enu (x32 Version: 12.0.21005.01 - Microsoft Corporation) Hidden
Microsoft Report Viewer Add-On for Visual Studio 2013 (x32 Version: 11.1.3366.16 - Microsoft Corporation) Hidden
Microsoft Security Client (Version: 4.5.0216.0 - Microsoft Corporation) Hidden
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.5.216.0 - Microsoft Corporation)
Microsoft SharePoint 2013 Developer Tools for Visual Studio (x32 Version: 12.0.30225 - Microsoft Corporation) Hidden
Microsoft SharePoint 2013 Developer Tools for Visual Studio 2012 Nuget Package (x32 Version: 12.0.30225 - Microsoft Corporation) Hidden
Microsoft SharePoint 2013 Developer Tools for Visual Studio ENU Language Pack (x32 Version: 12.0.30225 - Microsoft Corporation) Hidden
Microsoft SharePoint 2013 Developer Tools for Visual Studio Finalizer (x32 Version: 12.0.30225 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Silverlight 5 SDK (HKLM-x32\...\{E1FBB3D4-ADB0-4949-B101-855DA061C735}) (Version: 5.0.61118.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Command Line Utilities  (HKLM\...\{58FED865-4F13-408D-A5BF-996019C4B936}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Data-Tier App Framework  (HKLM-x32\...\{1B876496-B3A2-4D22-9B12-B608A3FD4B8B}) (Version: 11.1.2902.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Data-Tier App Framework  (x64) (HKLM\...\{A6BA243E-85A3-4635-A269-32949C98AC7F}) (Version: 11.1.2902.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Express LocalDB  (HKLM\...\{6C026A91-640F-4A23-8B68-05D589CC6F18}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Management Objects  (HKLM-x32\...\{2F7DBBE6-8EBC-495C-9041-46A772F4E311}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Management Objects  (x64) (HKLM\...\{43A5C316-9521-49C3-B9B6-FCE5E1005DF0}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Native Client  (HKLM\...\{D411E9C9-CE62-4DBF-9D92-4CB22B750ED5}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Transact-SQL Compiler Service  (HKLM\...\{BEB0F91E-F2EA-48A1-B938-7857ABF2A93D}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Transact-SQL ScriptDom  (HKLM\...\{54C5041B-0E91-4E92-8417-AAA12493C790}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 T-SQL Language Service  (HKLM-x32\...\{04DD7AF4-A6D3-4E30-9BB9-3B3670719234}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 SP1 x64 ENU (HKLM\...\{78909610-D229-459C-A936-25D92283D3FD}) (Version: 4.0.8876.1 - Microsoft Corporation)
Microsoft SQL Server Data Tools - enu (11.1.20627.00) (HKLM-x32\...\{FA804794-2CCB-4301-954F-2C2894698876}) (Version: 11.1.20627.00 - Microsoft Corporation)
Microsoft SQL Server Data Tools - enu (12.0.30919.1) (HKLM-x32\...\{0D7FCBFB-F478-4D32-901C-83F0BF5A3501}) (Version: 12.0.30919.1 - Microsoft Corporation)
Microsoft SQL Server Data Tools Build Utilities - enu (11.1.20627.00) (HKLM-x32\...\{790E9425-8570-493F-9AE7-81AFC9E46930}) (Version: 11.1.20627.00 - Microsoft Corporation)
Microsoft SQL Server Data Tools Build Utilities - enu (12.0.30919.1) (HKLM-x32\...\{6781FF9B-E87D-4A03-9373-A55A288B83FA}) (Version: 12.0.30919.1 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (HKLM-x32\...\{A47FD1BF-A815-4A76-BE65-53A15BD5D25D}) (Version: 10.50.1600.1 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (x64) (HKLM\...\{4701DEDE-1888-49E0-BAE5-857875924CA2}) (Version: 10.50.1600.1 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2012 (HKLM-x32\...\{070C38AC-05CE-43DF-9A20-141332F6AB2B}) (Version: 11.1.3366.16 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2012 (x64) (HKLM\...\{05FF8209-C4F1-4C77-BC28-791653156D20}) (Version: 11.1.3366.16 - Microsoft Corporation)
Microsoft Team Foundation Server 2013 Object Model (x64) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Team Foundation Server 2013 Object Model Language Pack (x64) - ENU (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual Basic 6 SP6 - KB2708437 Update (x32 Version: 1.0.0.0 - Flexera Software) Hidden
Microsoft Visual C++  ARM Libraries (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++  x64 Libraries (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++  x64 Native Compilers - ENU Resources (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++  x64 Native Compilers (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++  x64-arm Cross Compilers - ENU Resources (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++  x64-arm Cross Compilers (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++  x64-x86 Cross Compilers - ENU Resources (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++  x64-x86 Cross Compilers (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++  x86 Libraries (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.50727 (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (x32 Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.50727 (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (x32 Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013  x64 Designtime - 12.0.21005 (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 32bit Compilers - ENU Resources (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Compilers - ENU Resources (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Compilers (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Core Libraries (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Extended Libraries (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Microsoft Foundation Class Libraries (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005 (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Debug Runtime - 12.0.21005 (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005 (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Debug Runtime - 12.0.21005 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86-x64 Compilers (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual F# 3.1.1 (HKLM-x32\...\{51ba05a7-5d20-41ad-9ec8-6a4005faed87}) (Version: 12.0.30110.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50701 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (Version: 10.0.50706 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2013 Devenv (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2013 Devenv Resources (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2013 IntelliTrace Core amd64 (Version: 12.0.30110 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2013 IntelliTrace Core x86 (x32 Version: 12.0.30110 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2013 IntelliTrace Front End x86 (x32 Version: 12.0.30110 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2013 Performance Collection Tools - ENU (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2013 Performance Collection Tools (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2013 Preparation (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2013 Preparation (x32 Version: 12.0.30110 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2013 Profiling Tools (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2013 SDK - ENU (HKLM-x32\...\{8b2217f8-79ad-4765-bf57-14ce568feb53}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual Studio 2013 SDK - ENU (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2013 SDK Language Pack - ENU (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2013 Shell (Minimum) (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2013 Shell (Minimum) Interop Assemblies (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2013 Shell (Minimum) Resources (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2013 Team Explorer Language Pack - ENU (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2013 VsGraphics Helper Dependencies (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual Studio Premium 2013 - ENU (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual Studio Premium 2013 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual Studio Professional 2013 - ENU (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual Studio Professional 2013 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual Studio Team Foundation Server 2012 Object Model (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual Studio Team Foundation Server 2012 Object Model Language Pack - ENU (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual Studio Team Foundation Server 2013 Storyboarding (x64) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual Studio Team Foundation Server 2013 Storyboarding Language Pack (x64) - ENU (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual Studio Ultimate 2013 - ENU (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual Studio Ultimate 2013 (HKLM-x32\...\{cd09eea6-d0b3-4246-bb80-e047ceadf61f}) (Version: 12.0.21005.13 - Microsoft Corporation)
Microsoft Visual Studio Ultimate 2013 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual Studio Ultimate 2013 XAML UI Designer chs Resources (x32 Version: 12.0.30110 - Microsoft Corporation) Hidden
Microsoft Visual Studio Ultimate 2013 XAML UI Designer cht Resources (x32 Version: 12.0.30110 - Microsoft Corporation) Hidden
Microsoft Visual Studio Ultimate 2013 XAML UI Designer Core (x32 Version: 12.0.30110 - Microsoft Corporation) Hidden
Microsoft Visual Studio Ultimate 2013 XAML UI Designer csy Resources (x32 Version: 12.0.30110 - Microsoft Corporation) Hidden
Microsoft Visual Studio Ultimate 2013 XAML UI Designer deu Resources (x32 Version: 12.0.30110 - Microsoft Corporation) Hidden
Microsoft Visual Studio Ultimate 2013 XAML UI Designer enu Resources (x32 Version: 12.0.30110 - Microsoft Corporation) Hidden
Microsoft Visual Studio Ultimate 2013 XAML UI Designer esn Resources (x32 Version: 12.0.30110 - Microsoft Corporation) Hidden
Microsoft Visual Studio Ultimate 2013 XAML UI Designer ita Resources (x32 Version: 12.0.30110 - Microsoft Corporation) Hidden
Microsoft Visual Studio Ultimate 2013 XAML UI Designer jpn Resources (x32 Version: 12.0.30110 - Microsoft Corporation) Hidden
Microsoft Visual Studio Ultimate 2013 XAML UI Designer kor Resources (x32 Version: 12.0.30110 - Microsoft Corporation) Hidden
Microsoft Visual Studio Ultimate 2013 XAML UI Designer plk Resources (x32 Version: 12.0.30110 - Microsoft Corporation) Hidden
Microsoft Visual Studio Ultimate 2013 XAML UI Designer ptb Resources (x32 Version: 12.0.30110 - Microsoft Corporation) Hidden
Microsoft Visual Studio Ultimate 2013 XAML UI Designer rus Resources (x32 Version: 12.0.30110 - Microsoft Corporation) Hidden
Microsoft Visual Studio Ultimate 2013 XAML UI Designer trk Resources (x32 Version: 12.0.30110 - Microsoft Corporation) Hidden
Microsoft Visual Studio Ultimate 2013 XAML UI Designer fra Resources (x32 Version: 12.0.30110 - Microsoft Corporation) Hidden
Microsoft Web Deploy 3.5 (HKLM\...\{3674F088-9B90-473A-AAC3-20A00D8D810C}) (Version: 3.1237.1762 - Microsoft Corporation)
Microsoft Web Deploy dbSqlPackage Provider - enu (HKLM-x32\...\{E4C33F5B-1B2F-466E-957E-B274F08151A0}) (Version: 10.3.20225.0 - Microsoft Corporation)
Microsoft Web Developer Tools 2013 - Visual Studio 2013 (x32 Version: 2.0.40926.0 - Microsoft Corporation) Hidden
Microsoft Web Platform Installer 4.6 (HKLM\...\{16C7D2AD-20CA-491E-80BC-8607A9AACED9}) (Version: 4.0.40719.0 - Microsoft Corporation)
Microsoft_VC80_ATL_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_CRT_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFC_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFCLOC_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC90_ATL_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_CRT_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFC_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFCLOC_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Minleon LightShow Pro (HKLM\...\Minleon LightShow Pro) (Version: 2.8.5087.34674 - Minleon International Ltd.)
Minleon LightShow Pro (HKLM-x32\...\Minleon LightShow Pro) (Version: 2.5.4875.37645 - Minleon International Ltd.)
Minleon LightShow Pro Scheduler (HKLM\...\Minleon LightShow Pro Scheduler) (Version: 2.8.5099.296 - Minleon International Ltd.)
Movie Maker (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Mozilla Firefox 32.0.3 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 32.0.3 (x86 en-US)) (Version: 32.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
MPLAB Tools v8.92 (HKLM-x32\...\InstallShield_{EFF70ABE-9F88-41B4-A0DF-BE0A803209CF}) (Version: 8.92 - Microchip Technology Inc.)
MPLAB Tools v8.92 (x32 Version: 8.92 - Microchip Technology Inc.) Hidden
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT Redists (Version: 1.0 - Sony Creative Software Inc.) Hidden
MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden
MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden
MSXML 4.0 (x32 Version: 4.20.9818.0 - Microsoft Corporation) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Nero 12 (HKLM-x32\...\{560FC78C-A4B2-461D-9B47-820C1EEF87B8}) (Version: 12.0.02000 - )
Nero 12 (HKLM-x32\...\{E9B9B255-5047-4E57-8360-21CBFF98B8DB}) (Version: 12.5.01400 - Nero AG)
Nero Audio Pack 1 (x32 Version: 11.0.11500.110.0 - Nero AG) Hidden
Nero BackItUp (x32 Version: 12.5.1000 - Nero AG) Hidden
Nero BackItUp Help (CHM) (x32 Version: 12.0.13000 - Nero AG) Hidden
Nero Blu-ray Player (x32 Version: 12.0.20014 - Nero AG) Hidden
Nero Blu-ray Player Help (CHM) (x32 Version: 12.0.9000 - Nero AG) Hidden
Nero Burning ROM (x32 Version: 12.5.5001 - Nero AG) Hidden
Nero Burning ROM Help (CHM) (x32 Version: 12.0.3000 - Nero AG) Hidden
Nero ControlCenter (x32 Version: 11.0.15600 - Nero AG) Hidden
Nero ControlCenter Help (CHM) (x32 Version: 12.0.12000 - Nero AG) Hidden
Nero Core Components (x32 Version: 11.0.20200 - Nero AG) Hidden
Nero Disc Menus Basic (x32 Version: 12.0.11500 - Nero AG) Hidden
Nero Effects Basic (x32 Version: 12.0.11500 - Nero AG) Hidden
Nero Express (x32 Version: 12.5.5002 - Nero AG) Hidden
Nero Express Help (CHM) (x32 Version: 12.0.13000 - Nero AG) Hidden
Nero Kwik Media (x32 Version: 1.18.20100 - Nero AG) Hidden
Nero Kwik Media Help (CHM) (x32 Version: 12.0.12000 - Nero AG) Hidden
Nero Kwik Themes Basic (x32 Version: 12.0.11500 - Nero AG) Hidden
Nero PiP Effects Basic (x32 Version: 12.0.11500 - Nero AG) Hidden
Nero Recode (x32 Version: 12.5.6000 - Nero AG) Hidden
Nero Recode Help (CHM) (x32 Version: 12.0.12000 - Nero AG) Hidden
Nero RescueAgent (x32 Version: 12.0.10002 - Nero AG) Hidden
Nero RescueAgent Help (CHM) (x32 Version: 12.0.7000 - Nero AG) Hidden
Nero SharedVideoCodecs (x32 Version: 1.0.12100.2.0 - Nero AG) Hidden
Nero Update (x32 Version: 11.0.11800.31.0 - Nero AG) Hidden
Nero Video (x32 Version: 12.5.2001 - Nero AG) Hidden
Nero Video Help (CHM) (x32 Version: 12.0.12000 - Nero AG) Hidden
neroxml (x32 Version: 1.0.0 - Nero AG) Hidden
Network64 (Version: 130.0.550.000 - Hewlett-Packard) Hidden
Network64 (Version: 140.0.221.000 - Hewlett-Packard) Hidden
Next Generation Visualisations (HKLM-x32\...\{2E376AD9-5C49-4F7D-A0BA-6A44E8FA5A3B}) (Version: 1.0.0 -  Microsoft)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.6.8 - Notepad++ Team)
OCR Software by I.R.I.S. 13.0 (HKLM\...\HPOCR) (Version: 13.0 - HP)
Open XML SDK 2.0 for Microsoft Office (HKLM-x32\...\{171D8D76-3F05-455A-A8AF-C561C2679905}) (Version: 2.0.5022 - Microsoft Corporation)
Open XML SDK 2.0 Productivity Tool for Microsoft Office (HKLM-x32\...\{DEB1CE7F-5821-4E1C-ADED-744F52052E4A}) (Version: 2.0.5022 - Microsoft Corporation)
Open XML SDK 2.5 for Microsoft Office (x32 Version: 2.5.5631 - Microsoft Corporation) Hidden
OutlookTools 2 (HKLM-x32\...\{E69BB189-4B20-46AE-93CF-59099F05FC3F}) (Version: 2.3.0 - HowTo-Outlook)
PDF Settings CS6 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
ph (x32 Version: 1.0.0 - Your Company Name) Hidden
Photo Gallery (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
PL-2303 USB-to-Serial (HKLM-x32\...\{ECC3713C-08A4-40E3-95F1-7D0704F1CE5E}) (Version: 1.6.1 - Prolific Technology INC)
PowerChute Personal Edition 3.0.2 (HKLM-x32\...\{8ED262EE-FC73-47A9-BB86-D92223246881}) (Version: 3.0.2 - Schneider Electric)
PreEmptive Analytics Visual Studio Components (x32 Version: 1.2.3197.1 - PreEmptive Solutions) Hidden
Prerequisite installer (x32 Version: 12.0.0003 - Nero AG) Hidden
Prerequisites for SSDT  (HKLM-x32\...\{35C1D9D6-87C0-46A3-B1B4-EDBCC063221C}) (Version: 11.1.3000.0 - Microsoft Corporation)
ProntoEdit NG (HKLM-x32\...\ProntoEdit NG) (Version: 3.1.3.0 - Philips)
ProntoEdit NG Setup Support (HKLM-x32\...\{598C4070-36FF-47A4-BF4E-F001F94451B8}) (Version: 3.0.0.0 - Philips)
Python Tools Redirection Template (x32 Version: 1.1 - Microsoft Corporation) Hidden
QuickTime 7 (HKLM-x32\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)
RealDownloader (x32 Version: 1.3.2 - RealNetworks, Inc.) Hidden
RealNetworks - Microsoft Visual C++ 2008 Runtime (x32 Version: 9.0 - RealNetworks, Inc) Hidden
RealNetworks - Microsoft Visual C++ 2010 Runtime (x32 Version: 10.0 - RealNetworks, Inc) Hidden
RealPlayer (HKLM-x32\...\RealPlayer 16.0) (Version: 16.0.2 - RealNetworks)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7246 - Realtek Semiconductor Corp.)
RealUpgrade 1.1 (x32 Version: 1.1.0 - RealNetworks, Inc.) Hidden
RegZooka (HKLM-x32\...\RegZooka) (Version: 3.42 - ZookaWare)
Scan (x32 Version: 13.0.0.0 - Hewlett-Packard) Hidden
Screen AVI CAM 4.0 (HKLM-x32\...\Screen AVI CAM 4.0) (Version:  - SProsoft)
Screen AVI CAM 4.0 (x32 Version: 4.0 - SProsoft) Hidden
SDFormatter (HKLM-x32\...\{179324FF-7B16-4BA8-9836-055CAAEE4F08}) (Version: 4.0.0 - SD Association)
SharePoint Client Components (HKLM\...\{95150002-1163-0409-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation)
SharePoint Client Components (HKLM\...\{95160001-1163-0409-1000-0000000FF1CE}) (Version: 16.0.2617.1200 - Microsoft Corporation)
Shark007 Advanced Codecs (HKLM-x32\...\{8C0CAA7A-3272-4991-A808-2C7559DE3409}) (Version: 4.7.5 - Shark007)
SignBoard (HKLM-x32\...\{92B85279-0D66-4BA1-8B86-7F6ACCF922DA}) (Version: 1.00.0000 - )
SlimDX Runtime .NET 4.0 x64 (January 2012) (HKLM\...\{A2199A06-89C4-4187-AA4A-3A9676FB799D}) (Version: 2.0.13.43 - SlimDX Group)
Smart Pixel System (HKLM-x32\...\{56190BF7-EE8F-4FAF-A953-250A793A131B}) (Version: 1.0.0.0 - Creative Software Designs)
Smart String Utility (HKLM-x32\...\{EEC5A18D-40AD-4ABB-B7A1-0BFF3A8C8F4D}) (Version: 1.0.0 - DLA)
SolutionCenter (x32 Version: 130.0.373.000 - Hewlett-Packard) Hidden
Status (x32 Version: 130.0.373.000 - Hewlett-Packard) Hidden
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Syncios version 2.0.9 (HKLM-x32\...\{068A5D84-8419-4BDE-9689-FE65F412EFBB}_is1) (Version: 2.0.9 - Anvsoft, Inc.)
System Requirements Lab for Intel (HKLM-x32\...\{04C4B49D-45D9-4A28-9ED1-B45CBD99B8C7}) (Version: 4.5.24.0 - Husdawg, LLC)
Team Explorer for Microsoft Visual Studio 2013 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.32494 - TeamViewer)
Temp File Cleaner (HKLM\...\Temp File Cleaner) (Version: 4.3.0 - Addpcs, LLC)
The Print Shop 22 (HKLM-x32\...\{E34351A4-4B10-4DFF-96BC-84C642D9C625}) (Version: 22.00.0000 - Broderbund Software)
Toolbox (x32 Version: 130.0.648.000 - Hewlett-Packard) Hidden
TrayApp (x32 Version: 130.0.376.000 - Hewlett-Packard) Hidden
UltraCompare (HKLM-x32\...\InstallShield_{11EF223E-CCCB-4BCC-918D-EA4E59FD05EF}) (Version: 8.50.1025 - IDM Computer Solutions, Inc.)
UltraCompare (x32 Version: 8.50.1025 - IDM Computer Solutions, Inc.) Hidden
UltraEdit (HKLM-x32\...\InstallShield_{635A6AF2-63AF-4C1C-AF57-BDC8AF6D397D}) (Version: 19.10.1012 - IDM Computer Solutions, Inc.)
UltraEdit (x32 Version: 19.10.1012 - IDM Computer Solutions, Inc.) Hidden
Update for  (KB2504637) (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}.KB2504637) (Version: 1 - Microsoft Corporation)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0051-0000-0000-0000000FF1CE}_VISPRO_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-0030-0000-0000-0000000FF1CE}_ENTERPRISER_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update for Microsoft Office 2007 Help for Common Features (KB963673) (HKLM-x32\...\{90120000-006E-0409-0000-0000000FF1CE}_ENTERPRISER_{AB365889-0395-4FAD-B702-CA5985D53D42}) (Version:  - Microsoft)
Update for Microsoft Office 2007 Help for Common Features (KB963673) (HKLM-x32\...\{90120000-006E-0409-0000-0000000FF1CE}_VISPRO_{AB365889-0395-4FAD-B702-CA5985D53D42}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (HKLM-x32\...\{90120000-0051-0000-0000-0000000FF1CE}_VISPRO_{A024FC7B-77DE-45DE-A058-1C049A17BFB3}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (HKLM-x32\...\{91120000-0030-0000-0000-0000000FF1CE}_ENTERPRISER_{A024FC7B-77DE-45DE-A058-1C049A17BFB3}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISER_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-002A-0000-1000-0000000FF1CE}_VISPRO_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-0051-0000-0000-0000000FF1CE}_VISPRO_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{91120000-0030-0000-0000-0000000FF1CE}_ENTERPRISER_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (HKLM-x32\...\{90120000-0051-0000-0000-0000000FF1CE}_VISPRO_{E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (HKLM-x32\...\{91120000-0030-0000-0000-0000000FF1CE}_ENTERPRISER_{E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}) (Version:  - Microsoft)
Update for Microsoft Office Access 2007 Help (KB963663) (HKLM-x32\...\{90120000-0015-0409-0000-0000000FF1CE}_ENTERPRISER_{6B76A18A-AA1E-42AB-A7AD-6C84BBB43987}) (Version:  - Microsoft)
Update for Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0409-0000-0000000FF1CE}_ENTERPRISER_{199DF7B6-169C-448C-B511-1054101BE9C9}) (Version:  - Microsoft)
Update for Microsoft Office Infopath 2007 Help (KB963662) (HKLM-x32\...\{90120000-0044-0409-0000-0000000FF1CE}_ENTERPRISER_{716B81B8-B13C-41DF-8EAC-7A2F656CAB63}) (Version:  - Microsoft)
Update for Microsoft Office OneNote 2007 Help (KB963670) (HKLM-x32\...\{90120000-00A1-0409-0000-0000000FF1CE}_ENTERPRISER_{2744EF05-38E1-4D5D-B333-E021EDAEA245}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition (HKLM-x32\...\{90120000-001A-0409-0000-0000000FF1CE}_ENTERPRISER_{ED38F8A3-4F61-494E-8BCA-E3AC7760C924}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2863811) 32-Bit Edition (HKLM-x32\...\{91120000-0030-0000-0000-0000000FF1CE}_ENTERPRISER_{53DEC068-4690-4F6B-9946-7D21EF02236B}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 Help (KB963677) (HKLM-x32\...\{90120000-001A-0409-0000-0000000FF1CE}_ENTERPRISER_{0451F231-E3E3-4943-AB9F-58EB96171784}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2883097) 32-Bit Edition (HKLM-x32\...\{91120000-0030-0000-0000-0000000FF1CE}_ENTERPRISER_{B2260BC9-D561-46EE-B33D-739CF760A2A9}) (Version:  - Microsoft)
Update for Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0409-0000-0000000FF1CE}_ENTERPRISER_{397B1D4F-ED7B-4ACA-A637-43B670843876}) (Version:  - Microsoft)
Update for Microsoft Office Publisher 2007 Help (KB963667) (HKLM-x32\...\{90120000-0019-0409-0000-0000000FF1CE}_ENTERPRISER_{2E40DE55-B289-4C8B-8901-5D369B16814F}) (Version:  - Microsoft)
Update for Microsoft Office Script Editor Help (KB963671) (HKLM-x32\...\{90120000-006E-0409-0000-0000000FF1CE}_ENTERPRISER_{CD11C6A2-FFC6-4271-8EAB-79C3582F505C}) (Version:  - Microsoft)
Update for Microsoft Office Script Editor Help (KB963671) (HKLM-x32\...\{90120000-006E-0409-0000-0000000FF1CE}_VISPRO_{CD11C6A2-FFC6-4271-8EAB-79C3582F505C}) (Version:  - Microsoft)
Update for Microsoft Office Visio 2007 Help (KB963666) (HKLM-x32\...\{90120000-0054-0409-0000-0000000FF1CE}_VISPRO_{D2C4ACC9-12F5-4E1C-81A8-5DC878AC6278}) (Version:  - Microsoft)
Update for Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0409-0000-0000000FF1CE}_ENTERPRISER_{80E762AA-C921-4839-9D7D-DB62A72C0726}) (Version:  - Microsoft)
VC User CRT71 RTL X86 --- (x32 Version: 1.0 - Microsoft Corporation) Hidden
VC User MFC71 RTL X86 --- (x32 Version: 1.0 - Microsoft Corporation) Hidden
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
Vegas Pro 12.0 (64-bit) (HKLM\...\{64A98EF1-2680-11E3-A909-F04DA23A5C58}) (Version: 12.0.726 - Sony)
Visual F# 3.1.1 SDK (x32 Version: 12.0.30110 - Microsoft Corporation) Hidden
Visual F# 3.1.1 VS (x32 Version: 12.0.30110 - Microsoft Corporation) Hidden
Visual Studio 2013 Prerequisites - ENU Language Pack (Version: 12.0.21005 - Microsoft Corporation) Hidden
Visual Studio 2013 Prerequisites (Version: 12.0.21005 - Microsoft Corporation) Hidden
Visual Studio 2013 Update 1 (KB2829760) (HKLM-x32\...\{67640e67-6563-4e54-9273-4242ca174290}) (Version: 12.0.30112 - Microsoft Corporation)
Visual Studio Extensions for Windows Library for JavaScript (x32 Version: 1.0.9202.20789 - Microsoft Corporation) Hidden
Visual Studio Extensions for Windows Library for JavaScript (x32 Version: 1.0.9600.16408 - Microsoft Corporation) Hidden
Vixen 3.0.10 (64-bit) (HKLM-x32\...\Vixen) (Version: 3.0.10.45 - Vixen - Lighting Automation)
VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN)
WCF Data Services 5.6.0 Runtime (x32 Version: 5.6.61587.0 - Microsoft Corporation) Hidden
WCF Data Services Tools for Microsoft Visual Studio 2013 (x32 Version: 5.6.61587.0 - Microsoft Corporation) Hidden
WCF RIA Services V1.0 SP2 (HKLM-x32\...\{5D8DD6A8-C4D7-4554-93F9-F1CC28C72600}) (Version: 4.1.62812.0 - Microsoft Corporation)
WebReg (x32 Version: 130.0.132.017 - Hewlett-Packard) Hidden
Welcome App (Start-up experience) (x32 Version: 12.0.15000 - Nero AG) Hidden
Windows App Certification Kit Native Components (Version: 8.100.25984 - Microsoft Corporation) Hidden
Windows App Certification Kit x64 (x32 Version: 8.100.26074 - Microsoft Corporation) Hidden
Windows Azure Mobile Services SDK (x32 Version: 1.0.10815.0 - Microsoft Corporation) Hidden
Windows Azure Mobile Services Tools for Visual Studio 2013 Preview - v1.0 (x32 Version: 1.0.60906.1602 - Microsoft Corporation) Hidden
Windows Azure Shared Components for Microsoft Visual Studio 2013 - v1.0 (x32 Version: 1.0.10829.1601 - Microsoft Corporation) Hidden
Windows Azure Tools for LightSwitch for Visual Studio 2013 - March 2014 Update - v2.2 (x32 Version: 2.2.20221.1601 - Microsoft) Hidden
Windows Azure Tools for LightSwitch for Visual Studio 2013 - v2.1 (x32 Version: 2.1.10909.1601 - Microsoft) Hidden
Windows Live Communications Platform (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3508.0205 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4311.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Media Player Firefox Plugin (HKLM-x32\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
Windows Runtime Intellisense Content - en-us (x32 Version: 8.100.25984 - Microsoft Corporation) Hidden
Windows Software Development Kit (x32 Version: 8.100.25984 - Microsoft Corporation) Hidden
Windows Software Development Kit (x32 Version: 8.59.29989 - Microsoft Corporation) Hidden
Windows Software Development Kit DirectX x64 Remote (Version: 8.100.25984 - Microsoft Corporation) Hidden
Windows Software Development Kit DirectX x64 Remote (Version: 8.59.29989 - Microsoft Corporation) Hidden
Windows Software Development Kit DirectX x86 Remote (x32 Version: 8.100.25984 - Microsoft Corporation) Hidden
Windows Software Development Kit DirectX x86 Remote (x32 Version: 8.59.29989 - Microsoft Corporation) Hidden
Windows Software Development Kit for Windows Store Apps (x32 Version: 8.100.25984 - Microsoft Corporation) Hidden
Windows Software Development Kit for Windows Store Apps DirectX x64 Remote (Version: 8.100.25984 - Microsoft Corporation) Hidden
Windows Software Development Kit for Windows Store Apps DirectX x86 Remote (x32 Version: 8.100.25984 - Microsoft Corporation) Hidden
Windows XP Targeting with C++ (Version: 11.0.51106 - Microsoft Corporation) Hidden
Windows XP Targeting with C++ (x32 Version: 11.0.51106 - Microsoft Corporation) Hidden
WinPcap 3.0 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2001 - Politecnico di Torino)
WinX HD Video Converter Deluxe 4.2.3 (HKLM-x32\...\WinX HD Video Converter Deluxe_is1) (Version:  - Digiarty Software, Inc.)
WinZip 17.5 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C240DB}) (Version: 17.5.10480 - WinZip Computing, S.L. )
WiX Toolset v3.8 Core (x32 Version: 3.8.1128.0 - Outercurve Foundation) Hidden
WiX Toolset v3.8 Managed SDK (x32 Version: 3.8.1128.0 - Outercurve Foundation) Hidden
WiX Toolset v3.8 Native 2013 SDK (x32 Version: 3.8.1128.0 - Outercurve Foundation) Hidden
WiX Toolset v3.8 Visual Studio Integration (x32 Version: 3.8.1128.0 - Outercurve Foundation) Hidden
WiX Toolset v3.8 X64 (Version: 3.8.1128.0 - Outercurve Foundation) Hidden
WiX Toolset v3.8.1128.0 (HKLM-x32\...\{a9ee4e53-3e8c-4c6e-8183-a108d2f12a8e}) (Version: 3.8.1128.0 - Outercurve Foundation)
Workflow Manager Client 1.0 (HKLM\...\{A5ABAF5F-B5B6-44B3-B69F-2E13DC60FC9F}) (Version: 2.0.40131.0 - Microsoft Corporation)
Workflow Manager Tools 1.0 for Visual Studio (HKLM\...\{3F757C38-DEBF-4053-81C2-CF009B58DDE5}) (Version: 2.0.40131.0 - Microsoft Corporation)
X10 Hardware™ (HKLM-x32\...\X10Hardware) (Version:  - )
x64 Components v4.7.5 (HKLM\...\Advanced x64Components_is1) (Version: 4.7.5 - Shark007)
x64Components v2.1.3 (HKLM\...\Standard x64Components_is1) (Version: 2.1.3 - Shark007)
xLights-Nutcracker version 3.4.13 (HKLM-x32\...\xLights-Nutcracker_is1) (Version: 3.4.13 - )
XML Notepad 2007 (HKLM-x32\...\{FC7BACF0-1FFA-4605-B3B4-A66AB382752D}) (Version: 2.3.0.0 - Microsoft Corporation)
Zip Motion Block Video codec (Remove Only) (HKLM-x32\...\ZMBV) (Version:  - DOSBox Team)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-2418582845-3554272899-2585186520-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> D:\Users\Pickett_Kevin\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2418582845-3554272899-2585186520-1000_Classes\CLSID\{25815CC0-43F4-3C75-8C3A-A139D9ADE740}\InprocServer32 -> C:\Windows\system32\mscoree.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2418582845-3554272899-2585186520-1000_Classes\CLSID\{3560575F-7C2D-48AE-AB45-DAD430A95EBE}\InprocServer32 -> d:\Program Files\WinZip\adxloader64.dll ()
CustomCLSID: HKU\S-1-5-21-2418582845-3554272899-2585186520-1000_Classes\CLSID\{b5eedee0-c06e-11cf-8c56-444553540000}\InprocServer32 -> D:\Program Files (x86)\IDM Computer Solutions\UltraEdit\ue64ctmn.dll ()
CustomCLSID: HKU\S-1-5-21-2418582845-3554272899-2585186520-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> D:\Users\Pickett_Kevin\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2418582845-3554272899-2585186520-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> D:\Users\Pickett_Kevin\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2418582845-3554272899-2585186520-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> D:\Users\Pickett_Kevin\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2418582845-3554272899-2585186520-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> D:\Users\Pickett_Kevin\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2418582845-3554272899-2585186520-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> D:\Users\Pickett_Kevin\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2418582845-3554272899-2585186520-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> D:\Users\Pickett_Kevin\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2418582845-3554272899-2585186520-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> D:\Users\Pickett_Kevin\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2418582845-3554272899-2585186520-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> D:\Users\Pickett_Kevin\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)

==================== Restore Points  =========================

29-09-2014 20:50:31 Removed Blue Iris 3
29-09-2014 20:53:24 Removed LYNX DMX DECK
29-09-2014 20:53:55 Removed Microsoft Help Viewer 2.0
29-09-2014 20:54:47 Removed Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
29-09-2014 20:55:07 Removed Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
29-09-2014 20:55:20 Removed Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
29-09-2014 20:55:39 Removed Microsoft Visual C++ 2005 Redistributable (x64)
29-09-2014 22:35:53 Installed iSpy (64 bit)
01-10-2014 15:16:14 Installed H.264 Camera Client
01-10-2014 17:29:09 Removed iSpy (64 bit)
01-10-2014 17:33:35 Installed Blue Iris 3

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2014-09-28 11:02 - 2014-02-11 16:51 - 00002850 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
.


==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {10344EE9-4558-4131-8B3D-30D781DD8BC5} - System32\Tasks\Microsoft\Windows\Windows Activation Technologies\ValidationTask => C:\Windows\system32\Wat\WatAdminSvc.exe [2013-06-15] ()
Task: {2799DD2E-F463-440E-89B8-DBEFD2BD8680} - \ProPCCleaner_Popup No Task File <==== ATTENTION
Task: {4B230B4E-1B6D-4148-AB4B-221732AD9116} - System32\Tasks\ReclaimerUpdateXML_Pickett_Kevin => D:\Users\Pickett_Kevin\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\11.02\agent\rnupgagent.exe [2014-09-30] (RealNetworks, Inc.)
Task: {5A8A7025-2C45-4CE9-8CBC-13899E34A6CA} - \LaunchSignup No Task File <==== ATTENTION
Task: {66C6EBA1-2AFD-4DAD-8E8A-8C7C249EAF55} - System32\Tasks\DeskShare\Security Monitor Pro\SMP_62cc62cf-f8eb-40c7-839f-930b168f34f4 => D:\Program Files (x86)\Deskshare\Security Monitor Pro 5\Security Monitor Pro.exe
Task: {6C706A48-7E40-4633-9138-9B83EAD5ADE9} - \RocketTab No Task File <==== ATTENTION
Task: {70955920-0F53-4B4C-B331-C420778CD8A0} - \YTDownloader No Task File <==== ATTENTION
Task: {7350A6A2-733A-443D-A8A5-6971EA037208} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-09-29] (Google Inc.)
Task: {737AECAB-3BDB-4A44-83D3-3079A1A9F4F1} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-09-29] (Google Inc.)
Task: {7EAD37AE-B2E0-46F5-82B0-A400C09934A1} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-2418582845-3554272899-2585186520-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2013-04-16] (RealNetworks, Inc.)
Task: {8DA59D4D-6820-413E-B696-8356F5347643} - \SMupdate1 No Task File <==== ATTENTION
Task: {9197187D-F839-471C-8A7D-600A4A6A5B01} - System32\Tasks\RNUpgradeHelperResumePrompt_Pickett_Kevin => D:\Users\Pickett_Kevin\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\11.02\agent\rnupgagent.exe [2014-09-30] (RealNetworks, Inc.)
Task: {A1D60D55-A6B8-401B-BC05-2938E02DF2F2} - System32\Tasks\Microsoft\Windows Defender\MP Scheduled Scan => d:\program files\windows defender\MpCmdRun.exe
Task: {A3E25086-CCE8-4409-8593-C24AE2337A4C} - System32\Tasks\AdobeAAMUpdater-1.0-ASUS_I7-Pickett_Kevin => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2014-02-27] (Adobe Systems Incorporated)
Task: {A766EDF9-B488-48F7-B309-DA1C67BD4389} - System32\Tasks\Microsoft\Windows\Media Center\Extender\Update media permissions for Mcx1-ASUS_I7 => C:\Windows\ehome\McxTask.exe [2009-07-13] (Microsoft Corporation)
Task: {ADB2D0BC-D34E-42CA-BC9F-FDCBF6FA9210} - \ProPCCleaner_Start No Task File <==== ATTENTION
Task: {C4E8B14A-4159-4C58-BDAD-281DBBFC97E8} - System32\Tasks\Microsoft\Windows Defender\MpIdleTask => d:\program files\windows defender\MpCmdRun.exe
Task: {CCBA2965-CA24-49E6-9644-D463B5836BAA} - System32\Tasks\CCleanerSkipUAC => D:\Program Files\CCleaner\CCleaner.exe [2014-09-26] (Piriform Ltd)
Task: {D321EDD7-366F-4B52-9928-2BD3CD8AC5A4} - System32\Tasks\Red Giant Link => C:\Program Files (x86)\Red Giant Link\Red Giant Link.exe
Task: {D3F4B605-7458-42A1-BCA5-D1CA0ECFBEA1} - System32\Tasks\RNUpgradeHelperLogonPrompt_Pickett_Kevin => D:\Users\Pickett_Kevin\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\11.02\agent\rnupgagent.exe [2014-09-30] (RealNetworks, Inc.)
Task: {DAF47DE7-34CA-4FA3-A23B-CFECA9981182} - System32\Tasks\ASUS\ASUS AI Suite II Execute => C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe [2012-03-13] (ASUSTeK Computer Inc.)
Task: {DF9BE5B8-CEB4-4676-9BAC-82406088CE09} - System32\Tasks\ASUS\USB 3.0 Boost Service => C:\Program Files (x86)\ASUS\AI Suite II\USB 3.0 Boost\U3BoostSvr.exe [2011-09-09] ()
Task: {E1DEB1EF-B071-4BED-81F3-1ED51473D252} - System32\Tasks\ASUS\Easy Update => C:\Program Files (x86)\ASUS\AI Suite II\EasyUpdate\EzUpdt.exe [2012-10-08] ()
Task: {E5A22BD2-416F-4D42-A2D0-5BFCB13A94F9} - System32\Tasks\ASUS\ASUS Mobilink Execute => C:\Program Files (x86)\ASUS\AI Suite II\ASUS Mobilink\ASUS Mobilink.exe [2010-11-25] (ASUSTeK Computer Inc.)
Task: {EBA791E6-354E-4BC6-9435-549EF71140A5} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-2418582845-3554272899-2585186520-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2013-04-16] (RealNetworks, Inc.)
Task: {F257D46A-E2D3-43AC-91CB-5D6991F0E592} - \RocketTab Update Task No Task File <==== ATTENTION
Task: {F9EB62F8-310F-43A7-97AF-62DFFE4E1FF2} - System32\Tasks\ASUS\ASUS DigiVRM Help => C:\Program Files (x86)\ASUS\AI Suite II\DIGI+ VRM\VRMHelp.exe [2011-04-13] (ASUSTeK Computer Inc.)
Task: {FE1E74CC-4BE3-4E0C-9914-58E07F111FEE} - System32\Tasks\ReclaimerUpdateFiles_Pickett_Kevin => D:\Users\Pickett_Kevin\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\11.02\agent\rnupgagent.exe [2014-09-30] (RealNetworks, Inc.)
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\ReclaimerUpdateFiles_Pickett_Kevin.job => D:\Users\Pickett_Kevin\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\11.02\agent\rnupgagent.exe
Task: C:\Windows\Tasks\ReclaimerUpdateXML_Pickett_Kevin.job => D:\Users\Pickett_Kevin\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\11.02\agent\rnupgagent.exe
Task: C:\Windows\Tasks\RNUpgradeHelperLogonPrompt_Pickett_Kevin.job => D:\Users\Pickett_Kevin\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\11.02\agent\rnupgagent.exe

==================== Loaded Modules (whitelisted) =============

2013-06-15 13:18 - 2013-06-15 13:18 - 00920736 _____ () C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe
2013-04-16 03:07 - 2013-04-16 03:07 - 00039056 _____ () C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
2014-05-01 13:29 - 2014-05-01 13:29 - 00098304 ____C () D:\Program Files (x86)\FileZilla FTP Client\fzshellext_64.dll
2012-12-14 19:20 - 2012-12-14 19:20 - 00111616 ____C () D:\Program Files (x86)\IDM Computer Solutions\UltraEdit\ue64ctmn.dll
2014-05-12 03:49 - 2014-05-12 03:49 - 00222720 ____C () D:\Program Files (x86)\Notepad++\NppShell_06.dll
2014-01-20 14:17 - 2014-01-20 14:17 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-01-20 14:16 - 2014-01-20 14:16 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2013-10-29 11:08 - 2014-09-28 14:45 - 00025600 ____C () C:\Program Files (x86)\ASUS\AXSP\1.00.19\PEbiosinterface32.dll
2013-06-15 13:18 - 2012-10-12 02:58 - 00104448 _____ () C:\Program Files (x86)\ASUS\AXSP\1.00.19\ATKEX.dll
2013-06-15 13:41 - 2010-11-25 15:12 - 00086016 _____ () C:\Program Files (x86)\ASUS\AI Suite II\ASUS Mobilink\iPhone Simulator\AsNetlib.dll
2013-06-15 13:41 - 2010-11-25 15:12 - 00661504 _____ () C:\Program Files (x86)\ASUS\AI Suite II\ASUS Mobilink\iPhone Simulator\aaHMLib.dll
2013-06-15 13:41 - 2010-11-25 15:12 - 00253952 _____ () C:\Program Files (x86)\ASUS\AI Suite II\ASUS Mobilink\iPhone Simulator\pngio.dll
2013-06-15 13:41 - 2010-11-25 15:12 - 00208896 _____ () C:\Program Files (x86)\ASUS\AI Suite II\ASUS Mobilink\iPhone Simulator\ImageHelper.dll
2013-06-15 13:41 - 2013-06-15 13:38 - 00061440 _____ () C:\Program Files (x86)\ASUS\AI Suite II\ASUS Mobilink\Simulator\AsMultiLang.dll
2013-06-15 13:41 - 2013-06-15 13:38 - 00661504 _____ () C:\Program Files (x86)\ASUS\AI Suite II\ASUS Mobilink\Simulator\aaHMLib.dll
2013-06-15 13:41 - 2013-06-15 13:38 - 00703488 _____ () C:\Program Files (x86)\ASUS\AI Suite II\ASUS Mobilink\Simulator\CpuFreq.dll
2013-06-15 13:41 - 2013-06-15 13:38 - 00114688 _____ () C:\Program Files (x86)\ASUS\AI Suite II\ASUS Mobilink\Simulator\AssistFunc.dll
2013-06-15 13:44 - 2013-06-15 13:39 - 00053248 _____ () C:\Program Files (x86)\ASUS\AI Suite II\TurboV EVO\HookKey32.dll
2013-06-15 13:44 - 2009-05-21 10:14 - 00253952 _____ () C:\Program Files (x86)\ASUS\AI Suite II\TurboV EVO\pngio.dll
2013-06-15 13:20 - 2011-07-12 19:14 - 00147456 _____ () C:\Program Files (x86)\ASUS\AI Suite II\AssistFunc.dll
2013-06-15 13:20 - 2010-10-05 08:22 - 00253952 _____ () C:\Program Files (x86)\ASUS\AI Suite II\pngio.dll
2013-06-15 13:48 - 2011-09-26 19:36 - 00869376 _____ () C:\Program Files (x86)\ASUS\AI Suite II\AI Charger+\AIChargerPlus.dll
2013-06-15 13:20 - 2012-03-21 12:07 - 00972288 _____ () C:\Program Files (x86)\ASUS\AI Suite II\BarGadget\BarGadget.dll
2013-06-15 13:42 - 2011-01-19 21:23 - 01655296 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Bluetooth Go!\BluetoothGo.dll
2013-06-15 13:20 - 2012-08-01 10:51 - 01040896 _____ () C:\Program Files (x86)\ASUS\AI Suite II\EasyUpdate\EasyUpdt.dll
2013-06-15 13:43 - 2010-12-01 12:33 - 01244672 _____ () C:\Program Files (x86)\ASUS\AI Suite II\MyLogo\MyLogo.dll
2013-06-15 13:44 - 2011-01-06 10:38 - 01027072 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Probe_II\ProbeII.dll
2013-06-15 13:20 - 2012-05-25 10:33 - 00883712 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Sensor\Sensor.dll
2013-06-15 13:20 - 2012-05-28 21:27 - 01622528 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Sensor Graph\SensorGraph.dll
2013-06-15 13:20 - 2011-09-19 20:18 - 01243136 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Settings\Settings.dll
2013-06-15 13:20 - 2011-07-21 09:06 - 00846848 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Splitter\Splitter.dll
2013-06-15 13:20 - 2011-10-14 20:03 - 00885248 _____ () C:\Program Files (x86)\ASUS\AI Suite II\TabGadget\TabGadget.dll
2013-06-15 13:18 - 2012-09-11 16:52 - 00662016 _____ () C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMLib.dll
2013-06-15 13:20 - 2010-10-05 08:22 - 00208896 _____ () C:\Program Files (x86)\ASUS\AI Suite II\ImageHelper.dll
2013-06-15 13:20 - 2009-08-12 20:15 - 00253952 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Sensor\AlertHelper\pngio.dll
2014-08-29 15:45 - 2014-08-29 15:45 - 00172544 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\d40e3b1d8fdc575e628e688f6b7a998e\IsdiInterop.ni.dll
2013-06-15 13:57 - 2011-08-23 21:37 - 00059904 _____ () C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IsdiInterop.dll
2009-02-26 13:46 - 2009-02-26 13:46 - 00064344 ____C () D:\Program Files (x86)\Microsoft Office\Office12\ADDINS\ColleagueImport.dll
2014-05-08 07:49 - 2014-05-08 07:49 - 03989888 ____C () d:\Program Files (x86)\Adobe\Acrobat 11.0\PDFMaker\Common\AdobePDFMakerX.dll
2011-06-22 11:46 - 2011-06-22 11:46 - 00434016 ____C () D:\Program Files (x86)\Microsoft Office\Office12\ADDINS\UmOutlookAddin.dll
2013-07-10 18:07 - 2013-07-10 18:07 - 00756888 _____ () C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\MSPTLS.DLL
2014-09-25 14:53 - 2014-09-25 14:53 - 03715184 ____C () D:\Program Files (x86)\Mozilla Firefox\mozjs.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\ProgramData\Microsoft:5RuzemZJUnDfIYE0mNXI
AlternateDataStreams: C:\ProgramData\Microsoft:aarOOjjTtyI2F13dwmqha
AlternateDataStreams: C:\ProgramData\Microsoft:klccog60WQXGKv8gv4QzeoD
AlternateDataStreams: C:\ProgramData\Microsoft:samtzRLIBVKz7rdE75K7cU9INCI5
AlternateDataStreams: C:\ProgramData\TEMP:054203E4
AlternateDataStreams: D:\Users\Pickett_Kevin\AppData\Local:PIR8WdUTthUoOkkacK

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^CineForm Status.lnk => C:\Windows\pss\CineForm Status.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Minleon LightShow Pro Scheduler - Auto Update.lnk => C:\Windows\pss\Minleon LightShow Pro Scheduler - Auto Update.lnk.CommonStartup
MSCONFIG\startupreg: Acrobat Assistant 8.0 => "D:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe"
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: AdobeBridge =>
MSCONFIG\startupreg: AthBtTray => "C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe"
MSCONFIG\startupreg: AtherosBtStack => "C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe"
MSCONFIG\startupreg: DFX => d:\Program Files (x86)\DFX\DFX.exe -startup
MSCONFIG\startupreg: GarminExpressTrayApp => "d:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe"
MSCONFIG\startupreg: GrooveMonitor => "D:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
MSCONFIG\startupreg: HP Software Update => D:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
MSCONFIG\startupreg: IAStorIcon => C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
MSCONFIG\startupreg: iTunesHelper => "D:\Program Files (x86)\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: LightShowProHelper => D:\Program Files\Minleon\LightShowPro\LightShowProHelper.exe
MSCONFIG\startupreg: PWRISOVM.EXE => D:\Program Files\PowerISO\PWRISOVM.EXE -startup
MSCONFIG\startupreg: QuickTime Task => "D:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: RtHDVCpl => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
MSCONFIG\startupreg: SwitchBoard => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
MSCONFIG\startupreg: Syncios device service => D:\Program Files (x86)\Syncios\SynciosDeviceService.exe
MSCONFIG\startupreg: TkBellExe => "D:\Program Files (x86)\RealPlayer\update\realsched.exe"  -osboot
MSCONFIG\startupreg: tsiVideo => C:\Windows\SysWOW64\rundll32.exe D:\Users\PICKET~1\AppData\Local\Temp\\mdi164.dll,runme

========================= Accounts: ==========================

Administrator (S-1-5-21-2418582845-3554272899-2585186520-500 - Administrator - Enabled) => D:\Users\Administrator
ASPNET (S-1-5-21-2418582845-3554272899-2585186520-1006 - Limited - Enabled)
Guest (S-1-5-21-2418582845-3554272899-2585186520-501 - Limited - Enabled)
Mcx1-ASUS_I7 (S-1-5-21-2418582845-3554272899-2585186520-1002 - Limited - Enabled) => D:\Users\Mcx1-ASUS_I7
Pickett_Kevin (S-1-5-21-2418582845-3554272899-2585186520-1000 - Administrator - Enabled) => D:\Users\Pickett_Kevin

==================== Faulty Device Manager Devices =============

Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft Teredo Tunneling Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

Name: Officejet 4500 G510g-m
Description: Officejet 4500 G510g-m
Class Guid: {6bdd1fc6-810f-11d0-bec7-08002be2092f}
Manufacturer: HP
Service: StillCam
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Officejet 4500 G510g-m
Description: Officejet 4500 G510g-m
Class Guid: {4d36e971-e325-11ce-bfc1-08002be10318}
Manufacturer: HP
Service:
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Intel® PRO/1000 GT Desktop Adapter
Description: Intel® PRO/1000 GT Desktop Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel
Service: E1G60
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (10/01/2014 11:33:35 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.


Details:
AddWin32ServiceFiles: Unable to back up image of service Nero Update since QueryServiceConfig API failed

System Error:
The system cannot find the file specified.
.


System errors:
=============
Error: (10/01/2014 02:55:46 PM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )
Description: %NT AUTHORITY60 has encountered an error trying to update signatures.

    New Signature Version:

    Previous Signature Version: 1.185.1347.0

    Update Source: %NT AUTHORITY59

    Update Stage: 4.5.0216.00

    Source Path: 4.5.0216.01

    Signature Type: %NT AUTHORITY602

    Update Type: %NT AUTHORITY604

    User: NT AUTHORITY\SYSTEM

    Current Engine Version: %NT AUTHORITY605

    Previous Engine Version: %NT AUTHORITY606

    Error code: %NT AUTHORITY607

    Error description: %NT AUTHORITY608


Microsoft Office Sessions:
=========================

CodeIntegrity Errors:
===================================
  Date: 2014-09-28 11:19:47.578
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2014-09-28 11:19:47.562
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2014-09-28 11:19:47.547
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

  Date: 2014-09-28 11:19:47.531
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.


==================== Memory info ===========================

Processor: Intel® Core™ i7-2600K CPU @ 3.40GHz
Percentage of memory in use: 29%
Total physical RAM: 16281.14 MB
Available physical RAM: 11407.69 MB
Total Pagefile: 32560.46 MB
Available Pagefile: 27743.11 MB
Total Virtual: 8192 MB
Available Virtual: 8191.8 MB

==================== Drives ================================

Drive c: (System) (Fixed) (Total:111.69 GB) (Free:36.94 GB) NTFS
Drive d: (Data) (Fixed) (Total:931.51 GB) (Free:689.57 GB) NTFS
Drive e: (Foscam Blue Iris) (CDROM) (Total:0.05 GB) (Free:0 GB) CDFS
Drive f: (FreeAgent Drive) (Fixed) (Total:465.76 GB) (Free:342.63 GB) NTFS
Drive g: (MultiMedia) (Fixed) (Total:465.76 GB) (Free:53.3 GB) NTFS
Drive h: (Security) (Fixed) (Total:931.51 GB) (Free:931.29 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 111.8 GB) (Disk ID: 1575E454)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=111.7 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 6EB33B5A)
Partition 1: (Active) - (Size=931.5 GB) - (Type=07 NTFS)

========================================================
Disk: 2 (Size: 465.8 GB) (Disk ID: A4B57300)
Partition 1: (Active) - (Size=465.8 GB) - (Type=07 NTFS)

========================================================
Disk: 3 (Size: 465.8 GB) (Disk ID: CF07862C)
Partition 1: (Active) - (Size=465.8 GB) - (Type=07 NTFS)

========================================================
Disk: 4 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: B37CC5E8)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)

==================== End Of Log ============================

 

 

**edited to include full past of log... 1st time didn't select all on notepad.


Edited by pickett, 02 October 2014 - 10:18 AM.

  • 0

#6
Biscuithd
Posted 03 October 2014 - 06:46 AM

Biscuithd

    Trusted Helper

  • Malware Removal
  • 2,573 posts

Hi Kevin,

 

I really need you to run this from C: not D: (note previous instructions) :) . And, from your desktop too :) . If you're concerned about a messy desktop, please don't be. When we've done, I have a program that removes all the tools we've used and removes itself too.

 

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 28-09-2014 02
Ran by Pickett_Kevin (administrator) on ASUS_I7 on 02-10-2014 09:37:35
Running from D:\_Master Software\_ System Cleaners & Utilities\_Virus, Sys Cleaners, Registry
Loaded Profile: Pickett_Kevin (Available profiles: Pickett_Kevin & Mcx1-ASUS_I7 & Administrator & DefaultAppPool)
Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Normal

 

 


  • 0

#7
pickett
Posted 03 October 2014 - 08:37 AM

pickett

    Member

  • Topic Starter
  • Member
  • PipPip
  • 22 posts

My system has an SSD for the system and all my user files are on my D drive.  I put FRST on the root of c: and ran it from there.  If i put it in my desktop it would still be on the D drive.

 

Also I finanally got through to Microsoft and they assisted me it restoring my windows licence.

 

Here are the logs

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 02-10-2014
Ran by Pickett_Kevin (administrator) on ASUS_I7 on 03-10-2014 08:31:11
Running from C:\
Loaded Profile: Pickett_Kevin (Available profiles: Pickett_Kevin & Mcx1-ASUS_I7 & Administrator & DefaultAppPool)
Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(Schneider Electric) D:\Program Files (x86)\APC\PowerChute Personal Edition\mainserv.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
() C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(DTS) C:\Program Files\Realtek\Audio\HDA\DTSAudioService64.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
() C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
(Microsoft Corporation) C:\Windows\System32\TCPSVCS.EXE
(Microsoft Corporation) D:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(TeamViewer GmbH) D:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(Schneider Electric) D:\Program Files (x86)\APC\PowerChute Personal Edition\dataserv.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(IvoSoft) C:\Program Files\Classic Shell\ClassicStartMenu.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Hewlett-Packard Co.) D:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\ASUS Mobilink\Simulator\AsShellProcess.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\InstallShield Installation Information\{E6931688-DA2B-4E16-8539-3D323D69C677}\AiChargerPlus.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Apple Inc.) D:\Program Files (x86)\iTunes\iTunesHelper.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Adobe Systems Inc.) D:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\acrotray.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(RealNetworks, Inc.) D:\Program Files (x86)\RealPlayer\Update\realsched.exe
(Schneider Electric) D:\Program Files (x86)\APC\PowerChute Personal Edition\apcsystray.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe
() C:\Program Files (x86)\ASUS\AI Suite II\EasyUpdate\EzUpdt.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\DIGI+ VRM\VRMHelp.exe
(Hewlett-Packard Co.) D:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe
(Hewlett-Packard Co.) D:\Program Files (x86)\HP\Digital Imaging\bin\hpqbam08.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\USB 3.0 Boost\U3BoostSvr64.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\ASUS Mobilink\iPhone Simulator\pnSvc.exe
(Hewlett-Packard) D:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\ASUS Mobilink\Simulator\EC Simulator.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\TurboV EVO\TurboVHelp.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\EPU\EPUHelp.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\AI Suite II.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\Sensor\AlertHelper\AlertHelper.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Windows\System32\mfpmp.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [1331288 2014-08-22] (Microsoft Corporation)
HKLM\...\Run: [Classic Start Menu] => C:\Program Files\Classic Shell\ClassicStartMenu.exe [161984 2014-01-18] (IvoSoft)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [558496 2014-02-27] (Adobe Systems Incorporated)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7575768 2014-05-14] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_DTS] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1387376 2014-05-13] (Realtek Semiconductor)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642656 2013-03-28] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [ASUS ShellProcess Execute] => C:\Program Files (x86)\ASUS\AI Suite II\ASUS Mobilink\Simulator\AsShellProcess.exe [252544 2013-06-15] (ASUSTeK Computer Inc.)
HKLM-x32\...\Run: [ASUS AiChargerPlus Execute] => C:\Program Files (x86)\InstallShield Installation Information\{E6931688-DA2B-4E16-8539-3D323D69C677}\AiChargerPlus.exe [550272 2012-08-20] (ASUSTek Computer Inc.)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1075296 2013-04-25] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43848 2014-02-12] (Apple Inc.)
HKLM-x32\...\Run: [Display] => D:\Program Files (x86)\APC\PowerChute Personal Edition\DataCollectionLauncher.exe [284024 2012-01-24] (Schneider Electric)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [iTunesHelper] => D:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-05-26] (Apple Inc.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => d:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe [3499896 2014-05-08] (Adobe Systems Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-07-25] (Oracle Corporation)
HKLM-x32\...\Run: [TkBellExe] => D:\Program Files (x86)\RealPlayer\update\realsched.exe [295512 2013-07-30] (RealNetworks, Inc.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\APC UPS Status.lnk
ShortcutTarget: APC UPS Status.lnk -> D:\Program Files (x86)\APC\PowerChute Personal Edition\Display.exe (Schneider Electric)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
ShortcutTarget: HP Digital Imaging Monitor.lnk -> D:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft...=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-US
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xDBBF96AA9FD2CF01
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKCU - DefaultScope {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL =
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO-x32: RealNetworks Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)
BHO-x32: Microsoft Web Test Recorder 12.0 Helper -> {432dd630-7e03-4c97-9d62-b99f52df4fc2} -> D:\Program Files (x86)\Microsoft Visual Studio 12.0\Common7\IDE\PrivateAssemblies\Microsoft.VisualStudio.QualityTools.RecorderBarBHO100.dll (Microsoft Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> D:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Handler: belarc - {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} -  No File
Handler-x32: belarc - {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - d:\Program Files (x86)\Belarc\BelarcAdvisor\System\BAVoilaX.dll (Belarc, Inc.)
Tcpip\..\Interfaces\{AFC8591B-E7F1-4BD8-A1DC-865FF0C3EF2C}: [NameServer] 10.0.0.1,8.8.8.8

FireFox:
========
FF ProfilePath: D:\Users\Pickett_Kevin\AppData\Roaming\Mozilla\Firefox\Profiles\j9cpfgrv.Kevin
FF NewTab: user_pref("browser.newtab.url", "");
FF SelectedSearchEngine: Google
FF Homepage: www.yahoo.com
FF NetworkProxy: "type", 4
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll ()
FF Plugin: @java.com/DTPlugin,version=10.40.2 -> C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> d:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.1.5 -> D:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: adobe.com/AdobeExManDetect -> D:\Program Files\AdobeCS6\Adobe Extension Manager CS6\Win64Plugin\npAdobeExManDetectX64.dll (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1213153.dll (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> D:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @garmin.com/GpsControl -> d:\Program Files (x86)\Garmin GPS Plugin\npGarmin.dll (GARMIN Corp.)
FF Plugin-x32: @IPCWebComponents -> C:\Program Files (x86)\IPCWebComponents\npIPCReg.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> d:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @Nero.com/KM -> C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL (Nero AG)
FF Plugin-x32: @real.com/nppl3260;version=16.0.2.32 -> D:\Program Files (x86)\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlchromebrowserrecordext;version=1.3.2 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlhtml5videoshim;version=1.3.2 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlpepperflashvideoshim;version=1.3.2 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpplugin;version=16.0.2.32 -> D:\Program Files (x86)\RealPlayer\Netscape6\nprpplugin.dll (RealPlayer)
FF Plugin-x32: @realnetworks.com/npdlplugin;version=1 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Acrobat -> d:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: Adobe Reader -> d:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeExManDetect -> D:\Program Files\AdobeCS6\Adobe Extension Manager CS6\npAdobeExManDetectX86.dll (Adobe Systems)
FF user.js: detected! => D:\Users\Pickett_Kevin\AppData\Roaming\Mozilla\Firefox\Profiles\j9cpfgrv.Kevin\user.js
FF Extension: Garmin Communicator - D:\Users\Pickett_Kevin\AppData\Roaming\Mozilla\Firefox\Profiles\j9cpfgrv.Kevin\Extensions\{195A3098-0BD5-4e90-AE22-BA1C540AFD1E} [2014-09-17]
FF Extension: DownloadHelper - D:\Users\Pickett_Kevin\AppData\Roaming\Mozilla\Firefox\Profiles\j9cpfgrv.Kevin\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2014-09-17]
FF Extension: Translate This! - D:\Users\Pickett_Kevin\AppData\Roaming\Mozilla\Firefox\Profiles\j9cpfgrv.Kevin\Extensions\[email protected] [2014-09-17]
FF Extension: MP4 Downloader - D:\Users\Pickett_Kevin\AppData\Roaming\Mozilla\Firefox\Profiles\j9cpfgrv.Kevin\Extensions\[email protected] [2014-09-17]
FF Extension: Noia 4 Theme Manager - D:\Users\Pickett_Kevin\AppData\Roaming\Mozilla\Firefox\Profiles\j9cpfgrv.Kevin\Extensions\[email protected] [2014-09-17]
FF Extension: NewScrollbars (aka NoiaScrollbars) - D:\Users\Pickett_Kevin\AppData\Roaming\Mozilla\Firefox\Profiles\j9cpfgrv.Kevin\Extensions\NoiaScrollbars@ArisT2_Noia4dev.xpi [2014-09-17]
FF Extension: Noia 4 - D:\Users\Pickett_Kevin\AppData\Roaming\Mozilla\Firefox\Profiles\j9cpfgrv.Kevin\Extensions\{faf13420-5e24-11e0-80e3-0800200c9a66}.xpi [2014-09-17]
FF HKLM-x32\...\Firefox\Extensions: [{FCE04E1F-9378-4f39-96F6-5689A9159E45}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2013-07-30]
FF HKLM-x32\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - d:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: Adobe Acrobat - Create PDF - d:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn [2014-09-28]
FF StartMenuInternet: FIREFOX.EXE - D:\Program Files (x86)\Mozilla Firefox\firefox.exe

Chrome:
=======
CHR HomePage: Default ->
CHR StartupUrls: Default -> ""
CHR DefaultSearchKeyword: Default -> 9BF342BFAF231CE73B4EFF7AEDA94B88F5A541B0F1D15F036492426B513E57E0
CHR DefaultSearchURL: Default -> 2141C4DFB03A7F87BEF5040CD6D0449EEBB194BEFE619D588AE834F0A771FF48
CHR Profile: D:\Users\Pickett_Kevin\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - D:\Users\Pickett_Kevin\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-02-12]
CHR Extension: (Google Drive) - D:\Users\Pickett_Kevin\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-02-12]
CHR Extension: (Google Voice Search Hotword (Beta)) - D:\Users\Pickett_Kevin\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-09-22]
CHR Extension: (YouTube) - D:\Users\Pickett_Kevin\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-02-12]
CHR Extension: (Google Search) - D:\Users\Pickett_Kevin\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-02-12]
CHR Extension: (Adobe Acrobat - Create PDF) - D:\Users\Pickett_Kevin\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2014-02-12]
CHR Extension: (RealDownloader) - D:\Users\Pickett_Kevin\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji [2014-02-12]
CHR Extension: (Google Wallet) - D:\Users\Pickett_Kevin\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-02-12]
CHR Extension: (Gmail) - D:\Users\Pickett_Kevin\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-02-12]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - d:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCChromeExtn\WCChromeExtn.crx []
CHR HKLM-x32\...\Chrome\Extension: [idhngdhcfkoamngbedgpaokgjbnpdiji] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx [2013-04-16]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 APC Data Service; D:\Program Files (x86)\APC\PowerChute Personal Edition\dataserv.exe [21880 2012-01-24] (Schneider Electric)
R2 APC UPS Service; D:\Program Files (x86)\APC\PowerChute Personal Edition\mainserv.exe [705912 2012-01-24] (Schneider Electric)
R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe [920736 2013-06-15] ()
R2 asHmComSvc; C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe [951936 2012-09-11] (ASUSTeK Computer Inc.)
R2 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe [149120 2013-06-15] (ASUSTeK Computer Inc.)
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [74912 2011-03-13] (Atheros Commnucations) [File not signed]
S3 c2wts; C:\Program Files\Windows Identity Foundation\v3.5\c2wtshost.exe [15768 2010-02-02] (Microsoft Corporation)
R2 DTSAudioService; C:\Program Files\Realtek\Audio\HDA\DTSAudioService64.exe [210024 2011-05-31] (DTS)
S3 fussvc; d:\Program Files (x86)\Windows Kits\8.1\App Certification Kit\fussvc.exe [142336 2013-08-22] (Microsoft Corporation) [File not signed]
S3 Garmin Core Update Service; d:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe [250712 2013-12-13] (Garmin Ltd or its subsidiaries)
R3 hpqcxs08; D:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll [248832 2009-05-21] (Hewlett-Packard Co.) [File not signed]
R2 hpqddsvc; D:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll [133120 2009-05-21] (Hewlett-Packard Co.) [File not signed]
R2 HPSLPSVC; D:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL [1037824 2009-09-08] (Hewlett-Packard Co.) [File not signed]
S3 LightShow Pro Service; D:\Program Files\Minleon\LightShowPro\LightShowProService.exe [711472 2013-12-17] (Minleon International Ltd.)
S3 Macromedia Licensing Service; C:\Program Files (x86)\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe [68096 2013-06-16] () [File not signed]
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation)
S3 Microsoft Office Groove Audit Service; D:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe [64856 2009-02-26] (Microsoft Corporation)
S3 MozillaMaintenance; d:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [114288 2014-09-25] (Mozilla Foundation)
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [23784 2014-08-22] (Microsoft Corporation)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed]
R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [368624 2014-08-22] (Microsoft Corporation)
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed]
R2 RealNetworks Downloader Resolver Service; C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [39056 2013-04-16] ()
R2 simptcp; C:\Windows\SysWOW64\tcpsvcs.exe [9216 2009-07-13] (Microsoft Corporation)
R2 SQLWriter; d:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [130024 2012-10-20] (Microsoft Corporation)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
S3 Te.Service; d:\Program Files (x86)\Windows Kits\8.1\Testing\Runtimes\TAEF\Wex.Services.exe [119808 2013-08-22] (Microsoft Corporation) [File not signed]
R2 TeamViewer9; d:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe [4799760 2014-09-12] (TeamViewer GmbH)
S3 VsEtwService120; C:\Program Files\Microsoft Visual Studio 12.0\Common7\Packages\Debugger\Services\VsEtwService.exe [87728 2013-10-05] (Microsoft Corporation)
S3 W3SVC; C:\Windows\system32\inetsrv\iisw3adm.dll [453120 2010-11-20] (Microsoft Corporation)
S3 x10nets; C:\Program Files (x86)\Common Files\X10\Common\X10nets.exe [20480 2010-11-02] (X10) [File not signed]
S3 rpcapd; "%ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini" [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 61883; C:\Windows\System32\DRIVERS\61883.sys [60288 2009-07-13] (Microsoft Corporation)
S0 AFS; C:\Windows\SysWow64\Drivers\AFS.sys [79052 2013-12-06] (Oak Technology Inc.) [File not signed]
R0 AiChargerPlus; C:\Windows\System32\DRIVERS\AiChargerPlus.sys [14464 2010-11-08] (ASUSTek Computer Inc.)
R0 AiChargerPlus; C:\Windows\SysWOW64\DRIVERS\AiChargerPlus.sys [14848 2012-04-19] (ASUSTek Computer Inc.)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2012-10-12] ()
R1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [14464 2012-10-12] ()
R3 ASUSFILTER; C:\Windows\SysWow64\drivers\ASUSFILTER.sys [46152 2013-06-15] (MCCI Corporation)
S3 cpudrv64; C:\Program Files (x86)\SystemRequirementsLab\cpudrv64.sys [17864 2011-06-02] ()
S3 dfg; C:\Windows\SysWOW64\drivers\dfg.sys [23552 2012-07-02] (defrag Development Team) [File not signed]
S3 DFX11_1; C:\Windows\System32\drivers\dfx11_1x64.sys [28008 2012-12-13] (Windows ® Win 7 DDK provider)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-05-12] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [122584 2014-10-03] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-05-12] (Malwarebytes Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [269008 2014-07-17] (Microsoft Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [125584 2014-07-17] (Microsoft Corporation)
S3 NPF; C:\Windows\System32\drivers\npf.sys [35344 2012-05-03] (CACE Technologies, Inc.)
S3 NPF; C:\Windows\SysWOW64\drivers\npf.sys [30336 2003-04-04] (Politecnico di Torino) [File not signed]
S3 Serial; C:\Windows\system32\drivers\serial.sys [94208 2009-07-13] (Brother Industries Ltd.)
R3 voxaldriver; C:\Windows\System32\DRIVERS\voxaldriverx64.sys [34512 2014-09-18] ()
R3 X10Hid; C:\Windows\System32\Drivers\x10hid.sys [15896 2009-05-13] (X10 Wireless Technology, Inc.)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 SMUpdd; \??\C:\Program Files\Common Files\Goobzo\GBUpdate\smw.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-10-03 08:31 - 2014-10-03 08:31 - 00027153 _____ () C:\FRST.txt
2014-10-03 08:31 - 2014-10-03 08:31 - 00000000 ____D () C:\FRST-OlderVersion
2014-10-03 08:30 - 2014-10-03 08:31 - 02109440 _____ (Farbar) C:\FRST64.exe
2014-10-02 14:01 - 2014-10-02 14:01 - 00000000 ____D () C:\ProgramData\Office Genuine Advantage
2014-10-02 13:34 - 2014-10-02 13:34 - 00000000 ____D () C:\Program Files (x86)\Microsoft Visual Studio 8
2014-10-02 13:33 - 2014-08-19 12:05 - 00374968 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-10-02 13:33 - 2014-08-19 11:39 - 00327872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-10-02 13:33 - 2014-08-18 17:01 - 23591424 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-10-02 13:33 - 2014-08-18 16:29 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-10-02 13:33 - 2014-08-18 16:29 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-10-02 13:33 - 2014-08-18 16:26 - 17455104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-10-02 13:33 - 2014-08-18 16:20 - 02793984 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-10-02 13:33 - 2014-08-18 16:19 - 05833728 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-10-02 13:33 - 2014-08-18 16:15 - 00547328 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-10-02 13:33 - 2014-08-18 16:15 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-10-02 13:33 - 2014-08-18 16:14 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-10-02 13:33 - 2014-08-18 16:14 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-10-02 13:33 - 2014-08-18 16:08 - 04232704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-10-02 13:33 - 2014-08-18 16:08 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-10-02 13:33 - 2014-08-18 16:08 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-10-02 13:33 - 2014-08-18 16:05 - 00596480 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-10-02 13:33 - 2014-08-18 16:03 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-10-02 13:33 - 2014-08-18 16:03 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-10-02 13:33 - 2014-08-18 16:03 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-10-02 13:33 - 2014-08-18 15:57 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-10-02 13:33 - 2014-08-18 15:56 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-10-02 13:33 - 2014-08-18 15:51 - 00446464 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-10-02 13:33 - 2014-08-18 15:46 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-10-02 13:33 - 2014-08-18 15:45 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-10-02 13:33 - 2014-08-18 15:45 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-10-02 13:33 - 2014-08-18 15:44 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-10-02 13:33 - 2014-08-18 15:44 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-10-02 13:33 - 2014-08-18 15:42 - 02185728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-10-02 13:33 - 2014-08-18 15:40 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-10-02 13:33 - 2014-08-18 15:39 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-10-02 13:33 - 2014-08-18 15:39 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-10-02 13:33 - 2014-08-18 15:39 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-10-02 13:33 - 2014-08-18 15:38 - 00289280 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-10-02 13:33 - 2014-08-18 15:37 - 00440320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-10-02 13:33 - 2014-08-18 15:36 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-10-02 13:33 - 2014-08-18 15:35 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-10-02 13:33 - 2014-08-18 15:27 - 00365056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-10-02 13:33 - 2014-08-18 15:25 - 00727040 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-10-02 13:33 - 2014-08-18 15:25 - 00707072 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-10-02 13:33 - 2014-08-18 15:23 - 02104832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-10-02 13:33 - 2014-08-18 15:23 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-10-02 13:33 - 2014-08-18 15:22 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-10-02 13:33 - 2014-08-18 15:19 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-10-02 13:33 - 2014-08-18 15:17 - 00243200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-10-02 13:33 - 2014-08-18 15:17 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-10-02 13:33 - 2014-08-18 15:16 - 13588480 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-10-02 13:33 - 2014-08-18 15:15 - 11769856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-10-02 13:33 - 2014-08-18 15:15 - 02310656 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-10-02 13:33 - 2014-08-18 15:09 - 00603136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-10-02 13:33 - 2014-08-18 15:08 - 02014208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-10-02 13:33 - 2014-08-18 15:07 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-10-02 13:33 - 2014-08-18 14:55 - 01447424 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-10-02 13:33 - 2014-08-18 14:46 - 01812992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-10-02 13:33 - 2014-08-18 14:38 - 01190400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-10-02 13:33 - 2014-08-18 14:38 - 00775168 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-10-02 13:33 - 2014-08-18 14:36 - 00678400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-10-02 13:26 - 2014-07-06 20:06 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-10-02 13:26 - 2014-07-06 20:06 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-10-02 13:26 - 2014-07-06 19:40 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-10-02 13:26 - 2014-07-06 19:40 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-10-02 13:26 - 2014-07-06 19:39 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-10-02 13:26 - 2013-04-09 17:34 - 01247744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2014-10-02 13:26 - 2013-04-02 16:51 - 01643520 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2014-10-02 12:55 - 2014-10-02 12:55 - 00000000 ____D () C:\Program Files (x86)\KeyFinder
2014-10-02 10:23 - 2014-10-02 13:36 - 00044496 _____ () C:\Windows\setupact.log
2014-10-02 10:23 - 2014-10-02 10:23 - 06273640 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-10-02 10:23 - 2014-10-02 10:23 - 00002710 _____ () C:\Windows\PFRO.log
2014-10-02 10:23 - 2014-10-02 10:23 - 00000000 _____ () C:\Windows\setuperr.log
2014-10-02 10:21 - 2014-02-11 16:51 - 00002850 _____ () C:\Windows\system32\Drivers\etc\hosts - Copy
2014-10-02 09:37 - 2014-10-03 08:31 - 00000000 ____D () C:\FRST
2014-10-01 11:41 - 2014-10-01 11:41 - 00447784 ____C () D:\Users\Pickett_Kevin\AppData\Local\GDIPFONTCACHEV1.DAT
2014-10-01 11:33 - 2014-10-01 11:33 - 00001754 ____C () D:\Users\Public\Desktop\Blue Iris 3.lnk
2014-10-01 11:33 - 2014-10-01 11:33 - 00001646 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Blue Iris 3.lnk
2014-09-30 19:17 - 2014-10-03 07:47 - 00003010 _____ () C:\Windows\System32\Tasks\ReclaimerUpdateFiles_Pickett_Kevin
2014-09-30 19:17 - 2014-10-03 07:47 - 00000402 _____ () C:\Windows\Tasks\ReclaimerUpdateFiles_Pickett_Kevin.job
2014-09-30 19:17 - 2014-10-02 19:19 - 00003006 _____ () C:\Windows\System32\Tasks\ReclaimerUpdateXML_Pickett_Kevin
2014-09-30 19:17 - 2014-10-02 19:19 - 00000398 _____ () C:\Windows\Tasks\ReclaimerUpdateXML_Pickett_Kevin.job
2014-09-30 19:17 - 2014-10-02 13:37 - 00000408 _____ () C:\Windows\Tasks\RNUpgradeHelperLogonPrompt_Pickett_Kevin.job
2014-09-30 19:17 - 2014-09-30 19:17 - 00003642 _____ () C:\Windows\System32\Tasks\RNUpgradeHelperResumePrompt_Pickett_Kevin
2014-09-30 19:17 - 2014-09-30 19:17 - 00002714 _____ () C:\Windows\System32\Tasks\RNUpgradeHelperLogonPrompt_Pickett_Kevin
2014-09-30 16:19 - 2014-09-30 16:19 - 00000878 ____C () D:\Users\Public\Desktop\VLC media player.lnk
2014-09-30 16:19 - 2014-09-30 16:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2014-09-29 14:40 - 2014-09-29 14:40 - 00000000 ____D () C:\Windows\System32\Tasks\DeskShare
2014-09-29 14:33 - 2014-09-29 14:33 - 00000000 ___DC () D:\Users\Pickett_Kevin\AppData\Local\DeskShare Data
2014-09-29 11:16 - 2014-09-29 11:16 - 00000925 ____C () D:\Users\Pickett_Kevin\Desktop\TeamViewer 9.lnk
2014-09-28 17:02 - 2014-09-28 17:02 - 00000000 ___DC () D:\Users\Pickett_Kevin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RegZooka
2014-09-28 16:24 - 2014-09-28 16:59 - 00000711 ____C () D:\Users\Pickett_Kevin\Application Mover.cfg
2014-09-28 11:06 - 2014-09-28 11:06 - 00000000 ____D () C:\Windows\ERUNT
2014-09-28 11:02 - 2009-06-10 15:00 - 00017463 _____ () C:\Windows\system32\Drivers\etc\services
2014-09-28 11:02 - 2009-06-10 15:00 - 00003683 _____ () C:\Windows\system32\Drivers\etc\lmhosts.sam
2014-09-28 11:02 - 2009-06-10 15:00 - 00001358 _____ () C:\Windows\system32\Drivers\etc\protocol
2014-09-28 11:02 - 2009-06-10 15:00 - 00000407 _____ () C:\Windows\system32\Drivers\etc\networks
2014-09-27 19:37 - 2014-09-27 19:37 - 00000000 ___DC () D:\Users\Public\Branding
2014-09-27 19:37 - 2014-09-27 19:37 - 00000000 ____D () C:\Windows\system32\Branding
2014-09-27 17:40 - 2014-10-02 13:41 - 00006830 _____ () C:\Windows\system32\PerfStringBackup.TMP
2014-09-27 17:38 - 2014-10-02 14:19 - 00013040 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-09-27 17:38 - 2014-10-02 14:19 - 00013040 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-09-27 17:35 - 2014-10-02 13:35 - 00000025 ____C () D:\Users\Pickett_Kevin\AppData\Roaming\Network Meter_Usage.ini
2014-09-27 17:01 - 2014-09-27 17:01 - 00000418 ____C () D:\Users\Pickett_Kevin\AppData\Roaming\WinInstallFlashLog.ini
2014-09-27 13:16 - 2014-09-27 20:04 - 00000000 ____D () C:\Program Files (x86)\Blue Iris ActiveX Control
2014-09-27 11:54 - 2014-09-27 11:54 - 00000263 _____ () C:\Windows\system32\TeamViewer9_Hooks.log
2014-09-26 13:10 - 2014-09-27 20:02 - 00000000 __HDC () D:\Users\Public\IPCamRecord
2014-09-25 07:06 - 2014-09-27 20:04 - 00000000 ____D () C:\ProgramData\Deskshare
2014-09-22 11:55 - 2014-09-29 10:23 - 00000000 ___DC () D:\Users\Pickett_Kevin\Desktop\Foscam Utilities
2014-09-18 13:51 - 2014-10-02 13:59 - 00678467 _____ () C:\Windows\WindowsUpdate.log
2014-09-18 13:35 - 2014-09-18 13:35 - 00034512 _____ () C:\Windows\system32\Drivers\voxaldriverx64.sys
2014-09-17 11:11 - 2014-09-17 11:11 - 01373475 ____C () D:\Users\Pickett_Kevin\Downloads\adwcleaner_3.310.exe
2014-09-17 11:06 - 2014-09-17 11:06 - 00000000 _SHDC () D:\Users\Pickett_Kevin\AppData\Local\EmieUserList
2014-09-17 11:06 - 2014-09-17 11:06 - 00000000 _SHDC () D:\Users\Pickett_Kevin\AppData\Local\EmieSiteList
2014-09-17 10:45 - 2010-11-20 21:25 - 00296448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfds.dll.bak
2014-09-17 10:44 - 2014-09-17 10:44 - 00000000 ___DC () D:\Users\Pickett_Kevin\AppData\Roaming\Shark007
2014-09-17 10:44 - 2014-09-17 10:44 - 00000000 ___DC () D:\Users\Pickett_Kevin\AppData\Roaming\Advanced
2014-09-17 10:44 - 2014-09-17 10:44 - 00000000 ____D () C:\ProgramData\Shark007
2014-09-17 10:44 - 2014-09-01 22:37 - 01712512 _____ (MPC-BE Team) C:\Windows\system32\VSFilter.dll
2014-09-17 10:44 - 2014-07-22 14:51 - 03502080 _____ (x264vfw project) C:\Windows\system32\x264vfw.dll
2014-09-17 10:44 - 2014-06-05 14:00 - 02050560 _____ (xy-VSFilter Team) C:\Windows\system32\VSFilter.dll.bak
2014-09-17 10:44 - 2013-04-06 00:27 - 02231296 _____ () C:\Windows\system32\ac3filter.acm.new
2014-09-17 10:44 - 2013-04-06 00:27 - 02231296 _____ () C:\Windows\system32\ac3filter.acm
2014-09-17 10:44 - 2013-04-06 00:26 - 01679360 _____ () C:\Windows\SysWOW64\ac3filter.acm.new
2014-09-17 10:44 - 2012-07-21 15:55 - 00180736 _____ (fccHandler) C:\Windows\system32\ac3acm.acm
2014-09-17 10:44 - 2012-07-21 15:54 - 00361472 _____ (fccHandler) C:\Windows\system32\aacacm.acm
2014-09-17 10:44 - 2012-07-17 18:21 - 00206336 _____ () C:\Windows\system32\unrar64.dll
2014-09-17 10:44 - 2011-12-07 23:37 - 00148992 _____ ( ) C:\Windows\system32\lagarith.dll
2014-09-17 10:44 - 2009-08-11 21:22 - 00580096 _____ () C:\Windows\system32\ac3filter.acm.old
2014-09-17 10:44 - 2009-01-23 01:51 - 00124909 _____ (Open Source Software community project) C:\Windows\system32\pthreadGC2.dll
2014-09-16 16:36 - 2014-09-16 16:36 - 00000000 ____H () C:\ProgramData\DP45977C.lfl
2014-09-16 16:36 - 2014-09-16 16:36 - 00000000 ____D () C:\Program Files\Realtek
2014-09-16 16:35 - 2014-05-14 18:37 - 03962840 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RTKVHD64.sys
2014-09-16 16:35 - 2014-05-14 16:00 - 01099203 _____ () C:\Windows\system32\Drivers\RTAIODAT.DAT
2014-09-16 16:35 - 2014-05-12 20:11 - 60636160 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoRes64.dat
2014-09-16 16:35 - 2014-05-09 11:17 - 00628952 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtDataProc64.dll
2014-09-16 16:35 - 2014-05-02 11:19 - 00033592 _____ () C:\Windows\system32\audioLibVc.dll
2014-09-16 16:35 - 2014-04-30 11:34 - 00948952 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoInstII64.dll
2014-09-16 16:35 - 2014-04-28 15:48 - 02800344 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RltkAPO64.dll
2014-09-16 16:35 - 2014-04-25 13:51 - 02834648 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtPgEx64.dll
2014-09-16 16:35 - 2014-04-25 13:23 - 01022168 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkApi64.dll
2014-09-16 16:35 - 2014-04-23 17:51 - 02117424 _____ () C:\Windows\system32\SStudio.dll
2014-09-16 16:35 - 2014-04-17 17:42 - 01317976 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO6064.dll
2014-09-16 16:35 - 2014-04-17 17:42 - 01168472 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO5064.dll
2014-09-16 16:35 - 2014-04-17 17:42 - 01136728 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO4064.dll
2014-09-16 16:35 - 2014-04-10 12:20 - 12894808 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVoiceAPO3064.dll
2014-09-16 16:35 - 2014-04-10 12:20 - 01934424 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioRealtek264.dll
2014-09-16 16:35 - 2014-04-10 12:19 - 28343384 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioVnA64.dll
2014-09-16 16:35 - 2014-04-10 12:19 - 14863448 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioRealtek64.dll
2014-09-16 16:35 - 2014-04-10 12:19 - 03959384 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioVnN64.dll
2014-09-16 16:35 - 2014-04-10 12:19 - 02101848 _____ (Waves Audio Ltd.) C:\Windows\system32\WavesGUILib64.dll
2014-09-16 16:35 - 2014-04-10 12:19 - 02041432 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioEQ64.dll
2014-09-16 16:35 - 2014-04-10 12:19 - 01063512 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPOShell64.dll
2014-09-16 16:35 - 2014-04-10 12:19 - 00900696 _____ (Waves Audio Ltd.) C:\Windows\SysWOW64\MaxxAudioAPOShell.dll
2014-09-16 16:35 - 2014-04-09 16:39 - 00942384 _____ (Nahimic Inc) C:\Windows\system32\NAHIMICAPOSettingsIPC.dll
2014-09-16 16:35 - 2014-04-09 16:38 - 05751048 _____ (Nahimic Inc) C:\Windows\system32\NAHIMICAPOlfx.dll
2014-09-16 16:35 - 2014-04-07 16:03 - 06218072 _____ (Dolby Laboratories) C:\Windows\system32\DDPP64A.dll
2014-09-16 16:35 - 2014-04-07 16:03 - 01939800 _____ (Dolby Laboratories) C:\Windows\system32\DDPD64A.dll
2014-09-16 16:35 - 2014-04-07 16:03 - 00315736 _____ (Dolby Laboratories) C:\Windows\system32\DDPO64A.dll
2014-09-16 16:35 - 2014-04-07 16:03 - 00261464 _____ (Dolby Laboratories) C:\Windows\system32\DDPA64.dll
2014-09-16 16:35 - 2014-03-21 14:17 - 00291488 _____ (ICEpower a/s) C:\Windows\system32\ICEsoundAPO64.dll
2014-09-16 16:35 - 2014-03-19 19:19 - 00956504 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVoiceAPO2064.dll
2014-09-16 16:35 - 2014-03-06 16:35 - 01959128 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTSnMg64.cpl
2014-09-16 16:35 - 2014-03-05 05:11 - 01048824 _____ (SRS Labs, Inc.) C:\Windows\system32\slcnt64.dll
2014-09-16 16:35 - 2014-03-05 05:11 - 00889592 _____ (DTS, Inc.) C:\Windows\system32\sl3apo64.dll
2014-09-16 16:35 - 2014-03-05 05:11 - 00724728 _____ (DTS, Inc.) C:\Windows\system32\sltech64.dll
2014-09-16 16:35 - 2014-03-05 05:11 - 00246008 _____ (TODO: <Company name>) C:\Windows\system32\slprp64.dll
2014-09-16 16:35 - 2014-02-27 20:02 - 02162992 _____ (Yamaha Corporation) C:\Windows\system32\YamahaAE.dll
2014-09-16 16:35 - 2014-02-26 15:16 - 02080472 _____ (Realtek Semiconductor Corp.) C:\Windows\RtlExUpd.dll
2014-09-16 16:35 - 2014-02-18 17:04 - 02770976 _____ (Fortemedia Corporation) C:\Windows\system32\FMAPO64.dll
2014-09-16 16:35 - 2014-02-06 11:28 - 05804772 _____ () C:\Windows\system32\Drivers\rtvienna.dat
2014-09-16 16:35 - 2014-01-31 17:27 - 01313904 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxSpeechAPO64.dll
2014-09-16 16:35 - 2014-01-28 11:48 - 01286872 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTCOM64.dll
2014-09-16 16:35 - 2013-10-16 03:43 - 00209096 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAC64.dll
2014-09-16 16:35 - 2013-10-11 12:47 - 00113576 _____ (Real Sound Lab SIA) C:\Windows\system32\CONEQMSAPOGUILibrary.dll
2014-09-16 16:35 - 2013-10-11 11:31 - 00947760 _____ (Sony Corporation) C:\Windows\system32\SFSS_APO.dll
2014-09-16 16:35 - 2013-10-07 00:26 - 00501184 _____ (DTS) C:\Windows\system32\DTSU2PLFX64.dll
2014-09-16 16:35 - 2013-10-07 00:26 - 00487360 _____ (DTS) C:\Windows\system32\DTSU2PGFX64.dll
2014-09-16 16:35 - 2013-10-07 00:26 - 00415680 _____ (DTS) C:\Windows\system32\DTSU2PREC64.dll
2014-09-16 16:35 - 2013-08-14 15:36 - 00662784 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVolumeSDAPO.dll
2014-09-16 16:35 - 2013-08-14 15:35 - 00663296 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO30.dll
2014-09-16 16:35 - 2013-06-25 12:47 - 00871856 _____ (TOSHIBA Corporation) C:\Windows\system32\tossaeapo64.dll
2014-09-16 16:35 - 2013-06-25 12:47 - 00162224 _____ (TOSHIBA Corporation) C:\Windows\system32\toseaeapo64.dll
2014-09-16 16:35 - 2013-06-25 12:46 - 00582056 _____ (TOSHIBA Corporation) C:\Windows\system32\tosasfapo64.dll
2014-09-16 16:35 - 2013-06-21 11:01 - 00109848 _____ () C:\Windows\system32\AcpiServiceVnA64.dll
2014-09-16 16:35 - 2013-04-03 14:13 - 00906800 _____ (Sony Corporation) C:\Windows\system32\MISS_APO.dll
2014-09-16 16:35 - 2012-08-31 19:18 - 07164176 _____ (Dolby Laboratories) C:\Windows\system32\R4EEP64A.dll
2014-09-16 16:35 - 2012-08-31 19:17 - 00434960 _____ (Dolby Laboratories) C:\Windows\system32\R4EED64A.dll
2014-09-16 16:35 - 2012-08-31 19:17 - 00141584 _____ (Dolby Laboratories) C:\Windows\system32\R4EEL64A.dll
2014-09-16 16:35 - 2012-08-31 19:17 - 00124176 _____ (Dolby Laboratories) C:\Windows\system32\R4EEA64A.dll
2014-09-16 16:35 - 2012-08-31 19:17 - 00075024 _____ (Dolby Laboratories) C:\Windows\system32\R4EEG64A.dll
2014-09-16 16:35 - 2012-03-08 11:47 - 00108640 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAR64.dll
2014-09-16 16:35 - 2012-01-30 11:43 - 00836544 _____ (TOSHIBA Corporation) C:\Windows\system32\tadefxapo264.dll
2014-09-16 16:35 - 2012-01-10 10:20 - 00065944 _____ (TOSHIBA CORPORATION.) C:\Windows\system32\tepeqapo64.dll
2014-09-16 16:35 - 2011-12-20 15:32 - 00331880 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtlCPAPI64.dll
2014-09-16 16:35 - 2011-11-22 16:28 - 00014952 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCoLDR64.dll
2014-09-16 16:35 - 2011-09-02 14:21 - 00221024 _____ (Synopsys, Inc.) C:\Windows\system32\SFNHK64.dll
2014-09-16 16:35 - 2011-09-02 14:21 - 00081248 _____ (Synopsys, Inc.) C:\Windows\system32\SFCOM64.dll
2014-09-16 16:35 - 2011-09-02 14:21 - 00078688 _____ (Synopsys, Inc.) C:\Windows\system32\SFAPO64.dll
2014-09-16 16:35 - 2011-08-23 17:00 - 00603984 _____ (Knowles Acoustics ) C:\Windows\system32\KAAPORT64.dll
2014-09-16 16:35 - 2011-05-31 09:42 - 01756264 _____ (DTS) C:\Windows\system32\DTSS2SpeakerDLL64.dll
2014-09-16 16:35 - 2011-05-31 09:42 - 01568360 _____ (DTS) C:\Windows\system32\DTSS2HeadphoneDLL64.dll
2014-09-16 16:35 - 2011-05-31 09:42 - 01486952 _____ (DTS) C:\Windows\system32\DTSBoostDLL64.dll
2014-09-16 16:35 - 2011-05-31 09:42 - 00728680 _____ (DTS) C:\Windows\system32\DTSBassEnhancementDLL64.dll
2014-09-16 16:35 - 2011-05-31 09:42 - 00712296 _____ (DTS) C:\Windows\system32\DTSSymmetryDLL64.dll
2014-09-16 16:35 - 2011-05-31 09:42 - 00693352 _____ (DTS) C:\Windows\system32\DTSVoiceClarityDLL64.dll
2014-09-16 16:35 - 2011-05-31 09:42 - 00491112 _____ (DTS) C:\Windows\system32\DTSNeoPCDLL64.dll
2014-09-16 16:35 - 2011-05-31 09:42 - 00432744 _____ (DTS) C:\Windows\system32\DTSLimiterDLL64.dll
2014-09-16 16:35 - 2011-05-31 09:42 - 00428648 _____ (DTS) C:\Windows\system32\DTSGainCompensatorDLL64.dll
2014-09-16 16:35 - 2011-05-31 09:42 - 00242792 _____ (DTS) C:\Windows\system32\DTSLFXAPO64.dll
2014-09-16 16:35 - 2011-05-31 09:42 - 00242792 _____ (DTS) C:\Windows\system32\DTSGFXAPO64.dll
2014-09-16 16:35 - 2011-05-31 09:42 - 00241768 _____ (DTS) C:\Windows\system32\DTSGFXAPONS64.dll
2014-09-16 16:35 - 2011-03-17 12:17 - 01361336 _____ (TOSHIBA Corporation) C:\Windows\system32\tosade.dll
2014-09-16 16:35 - 2011-03-07 17:11 - 00148416 _____ (TOSHIBA Corporation) C:\Windows\system32\tadefxapo.dll
2014-09-16 16:35 - 2010-11-08 07:31 - 00375128 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEP64A.dll
2014-09-16 16:35 - 2010-11-08 07:31 - 00310104 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DHT64.dll
2014-09-16 16:35 - 2010-11-08 07:31 - 00310104 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DAA64.dll
2014-09-16 16:35 - 2010-11-08 07:31 - 00204120 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEED64A.dll
2014-09-16 16:35 - 2010-11-08 07:31 - 00101208 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEL64A.dll
2014-09-16 16:35 - 2010-11-08 07:31 - 00078680 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEG64A.dll
2014-09-16 16:35 - 2010-11-03 18:30 - 00149608 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCfg64.dll
2014-09-16 16:35 - 2010-09-27 09:34 - 00318808 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO20.dll
2014-09-16 16:35 - 2010-07-22 16:48 - 00074064 _____ (Virage Logic Corporation / Sonic Focus) C:\Windows\SysWOW64\SFCOM.dll
2014-09-16 16:35 - 2009-11-24 09:55 - 00518896 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSX64.dll
2014-09-16 16:35 - 2009-11-24 09:55 - 00211184 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSH64.dll
2014-09-16 16:35 - 2009-11-24 09:55 - 00198896 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSHP64.dll
2014-09-16 16:35 - 2009-11-24 09:55 - 00155888 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSWOW64.dll
2014-09-16 16:25 - 2014-09-16 16:25 - 00000000 ____D () C:\Program Files\Intel
2014-09-16 16:24 - 2014-09-16 16:24 - 00001556 _____ () C:\Windows\system32\WmiConf.txt
2014-09-16 16:23 - 2014-05-02 12:02 - 00495376 _____ (Intel Corporation) C:\Windows\system32\Drivers\e1c62x64.sys
2014-09-16 16:23 - 2013-07-25 03:08 - 00073480 _____ (Intel Corporation) C:\Windows\system32\e1cmsg.dll
2014-09-16 16:23 - 2013-07-11 03:27 - 00089888 _____ (Intel Corporation) C:\Windows\system32\NicInstC.dll
2014-09-16 16:16 - 2014-09-16 16:16 - 00000000 ____D () C:\Program Files (x86)\SystemRequirementsLab
2014-09-14 14:43 - 2014-09-14 14:43 - 00272808 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-09-14 14:43 - 2014-09-14 14:43 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-09-14 14:43 - 2014-09-14 14:43 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-09-14 14:43 - 2014-09-14 14:43 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-09-14 14:43 - 2014-09-14 14:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-09-14 14:43 - 2014-09-14 14:43 - 00000000 ____D () C:\Program Files (x86)\Java
2014-09-13 11:58 - 2014-09-13 12:01 - 00008324 ____C () D:\Users\Pickett_Kevin\Documents\security view.jvsg
2014-09-11 12:29 - 2014-09-11 12:29 - 00000000 ___DC () D:\Users\Pickett_Kevin\AppData\Roaming\JVSG
2014-09-10 19:53 - 2014-09-15 13:13 - 00016401 ____C () D:\Users\Pickett_Kevin\Documents\IP Security Cams.xlsx

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-10-03 07:36 - 2013-09-29 12:57 - 00000912 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-10-03 05:51 - 2014-05-10 11:45 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-10-03 02:00 - 2014-07-01 15:00 - 00000000 ___DC () D:\Users\Pickett_Kevin\AppData\Local\Adobe
2014-10-02 21:36 - 2013-09-29 12:57 - 00000908 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-10-02 18:24 - 2009-07-13 21:20 - 00000000 ____D () C:\Windows\rescache
2014-10-02 17:47 - 2014-02-06 12:27 - 00000000 ___DC () D:\Users\Pickett_Kevin\AppData\Local\CrashDumps
2014-10-02 17:40 - 2014-02-11 15:56 - 00000000 ___DC () D:\Users\Pickett_Kevin\AppData\Roaming\ClassicShell
2014-10-02 17:40 - 2013-06-17 10:42 - 00000000 ___DC () D:\Users\Pickett_Kevin\AppData\Roaming\vlc
2014-10-02 13:37 - 2014-08-20 14:02 - 00003354 _____ () C:\Windows\System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-2418582845-3554272899-2585186520-1000
2014-10-02 13:37 - 2013-12-06 15:13 - 00042948 ____C () D:\Users\Pickett_Kevin\IP_Log_Data.js
2014-10-02 13:37 - 2013-07-30 16:09 - 00003236 _____ () C:\Windows\System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-2418582845-3554272899-2585186520-1000
2014-10-02 13:36 - 2009-07-13 23:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-10-02 13:34 - 2013-06-15 17:49 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-10-02 13:32 - 2013-09-05 21:17 - 00000000 ____D () C:\Windows\system32\MRT
2014-10-02 13:32 - 2013-06-14 15:41 - 00002123 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
2014-10-02 13:32 - 2013-06-14 15:41 - 00000000 ____D () C:\Program Files\Microsoft Security Client
2014-10-02 13:32 - 2013-06-14 15:41 - 00000000 ____D () C:\Program Files (x86)\Microsoft Security Client
2014-10-02 13:32 - 2013-06-14 15:35 - 00001945 _____ () C:\Windows\epplauncher.mif
2014-10-02 13:27 - 2013-06-15 12:29 - 101694776 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-10-01 17:21 - 2014-01-26 17:20 - 00000000 ___DC () D:\Users\Pickett_Kevin\AppData\Roaming\Notepad++
2014-10-01 16:37 - 2013-06-17 10:55 - 00001271 ____C () D:\Users\Pickett_Kevin\AppData\Roaming\Network Meter_Settings.ini
2014-10-01 16:11 - 2013-06-17 12:40 - 00000000 ___DC () D:\Users\Pickett_Kevin\AppData\Roaming\uTorrent
2014-10-01 11:33 - 2013-06-15 13:20 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-10-01 11:30 - 2013-11-09 21:30 - 00000000 ___DC () D:\Users\Pickett_Kevin\AppData\Roaming\TeamViewer
2014-09-30 16:16 - 2013-07-30 16:08 - 00000000 ____D () C:\ProgramData\Real
2014-09-29 15:12 - 2013-10-04 11:18 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-09-29 15:12 - 2013-10-04 11:18 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-09-29 14:53 - 2014-02-13 12:23 - 00000000 ____D () C:\Program Files (x86)\Microsoft Help Viewer
2014-09-28 16:59 - 2013-06-17 12:33 - 00000900 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\WinZip.lnk
2014-09-28 16:59 - 2013-06-17 09:25 - 00000000 ___DC () D:\Users\Pickett_Kevin
2014-09-28 16:58 - 2013-06-18 13:28 - 00000960 ____C () D:\Users\Pickett_Kevin\Desktop\Temp File Cleaner.lnk
2014-09-28 16:58 - 2013-06-18 13:28 - 00000877 ____C () D:\Users\Pickett_Kevin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Temp File Cleaner.lnk
2014-09-28 16:53 - 2013-06-14 16:49 - 00000765 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk
2014-09-28 16:46 - 2014-02-06 17:52 - 00000925 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 9.lnk
2014-09-28 16:28 - 2013-06-14 16:23 - 00001163 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Belarc Advisor.lnk
2014-09-28 12:25 - 2009-07-13 23:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-09-28 12:25 - 2009-07-13 23:32 - 00000000 ____D () C:\Program Files\Microsoft Games
2014-09-28 12:22 - 2014-01-01 11:52 - 00000000 ____D () C:\ProgramData\Package Cache
2014-09-28 11:40 - 2013-06-15 17:35 - 00000000 ____D () C:\Windows\Sun
2014-09-28 11:23 - 2014-08-20 15:53 - 00000000 ____D () C:\Qoobox
2014-09-28 11:21 - 2009-07-13 20:34 - 00000215 _____ () C:\Windows\system.ini
2014-09-28 11:20 - 2014-08-20 15:53 - 00000000 ____D () C:\Windows\erdnt
2014-09-28 11:20 - 2009-07-13 20:34 - 23330816 _____ () C:\Windows\system32\config\SYSTEM.bak
2014-09-28 11:20 - 2009-07-13 20:34 - 147587072 _____ () C:\Windows\system32\config\SOFTWARE.bak
2014-09-28 11:20 - 2009-07-13 20:34 - 09961472 _____ () C:\Windows\system32\config\DEFAULT.bak
2014-09-28 11:20 - 2009-07-13 20:34 - 00262144 _____ () C:\Windows\system32\config\SECURITY.bak
2014-09-28 11:20 - 2009-07-13 20:34 - 00262144 _____ () C:\Windows\system32\config\SAM.bak
2014-09-27 20:04 - 2013-06-15 13:19 - 00000000 ____D () C:\Windows\System32\Tasks\ASUS
2014-09-27 20:04 - 2009-07-13 23:09 - 00000000 ____D () C:\Windows\System32\Tasks\WPD
2014-09-27 20:04 - 2009-07-13 21:20 - 00000000 ____D () C:\Windows\AppCompat
2014-09-27 20:04 - 2009-07-13 21:20 - 00000000 ____D () C:\Program Files\Common Files\System
2014-09-27 20:02 - 2014-03-18 16:26 - 00000000 ___DC () D:\Users\DefaultAppPool
2014-09-27 20:02 - 2014-02-12 14:30 - 00000000 ___DC () D:\Users\Pickett_Kevin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-09-27 20:02 - 2013-07-22 12:23 - 00000000 ___DC () D:\Users\Mcx1-ASUS_I7
2014-09-27 20:02 - 2013-06-17 09:23 - 00000000 ___DC () D:\Users\Administrator
2014-09-27 20:00 - 2010-11-20 21:24 - 01008640 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll.old
2014-09-27 20:00 - 2010-11-20 21:24 - 00833024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll.old
2014-09-27 19:34 - 2009-07-13 22:45 - 00000000 ____D () C:\Windows\Setup
2014-09-27 17:09 - 2013-06-17 09:25 - 00001285 ____C () D:\Users\Pickett_Kevin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-09-27 17:09 - 2013-06-15 17:00 - 00000816 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-09-25 10:49 - 2014-03-12 10:15 - 00000000 ___DC () D:\Users\Pickett_Kevin\AppData\Local\Apps\2.0
2014-09-25 09:57 - 2013-06-17 13:03 - 00000000 ___DC () D:\Users\Pickett_Kevin\Documents\Network Monitor 3
2014-09-22 00:42 - 2010-11-20 21:27 - 00278152 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-09-21 12:06 - 2013-07-22 10:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\xLights
2014-09-19 15:07 - 2013-06-18 09:37 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audio Video Tools
2014-09-17 12:16 - 2009-07-13 21:20 - 00000000 ____D () C:\Windows\registration
2014-09-17 11:16 - 2013-06-15 17:20 - 00000000 ____D () C:\Windows\SysWOW64\Adobe
2014-09-17 10:44 - 2013-06-17 12:17 - 00000000 ____D () C:\ProgramData\Advanced
2014-09-17 10:44 - 2009-07-13 22:57 - 00001547 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2014-09-17 10:40 - 2014-01-28 15:26 - 00000000 ____D () C:\ProgramData\Standard
2014-09-16 16:36 - 2013-06-15 13:58 - 00000000 ___HD () C:\Program Files (x86)\Temp
2014-09-16 16:36 - 2013-06-15 13:58 - 00000000 ____D () C:\Windows\SysWOW64\RTCOM
2014-09-16 16:33 - 2013-06-15 13:58 - 00000000 ____D () C:\Program Files (x86)\Realtek
2014-09-16 16:30 - 2013-09-12 15:27 - 00020754 _____ () C:\Windows\system32\results.xml
2014-09-16 16:27 - 2013-09-12 15:27 - 00000000 ____D () C:\ProgramData\Intel
2014-09-16 16:27 - 2013-06-15 13:12 - 00000000 ____D () C:\Program Files (x86)\Intel
2014-09-16 16:09 - 2013-06-16 12:53 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Master Collection CS6
2014-09-16 15:22 - 2013-06-15 13:16 - 00001769 _____ () C:\Windows\Language_trs.ini
2014-09-16 15:10 - 2013-06-15 13:49 - 04044528 _____ () C:\Windows\PE_Rom.dll
2014-09-16 14:49 - 2009-07-13 23:08 - 00032612 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-09-16 13:17 - 2013-06-18 12:00 - 00000000 ___DC () D:\Users\Pickett_Kevin\AppData\Roaming\Jovian
2014-09-14 17:14 - 2014-01-29 17:43 - 00221184 ____C () D:\Users\Pickett_Kevin\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-09-14 17:10 - 2014-01-29 16:53 - 00000000 ___DC () D:\Users\Pickett_Kevin\AppData\Local\Apple Computer
2014-09-14 15:16 - 2013-01-30 17:52 - 00000000 __RDC () D:\Users\Pickett_Kevin\Dropbox
2014-09-14 15:07 - 2013-06-18 11:31 - 00001044 ____C () D:\Users\Pickett_Kevin\Desktop\Dropbox.lnk
2014-09-14 15:07 - 2013-06-18 11:29 - 00000000 ___DC () D:\Users\Pickett_Kevin\AppData\Roaming\Dropbox
2014-09-14 15:04 - 2013-06-24 17:50 - 00000000 ___DC () D:\Users\Pickett_Kevin\AppData\Roaming\FileZilla
2014-09-14 15:00 - 2013-06-17 12:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client
2014-09-14 14:50 - 2014-05-11 11:55 - 00000000 ____D () C:\ProgramData\TEMP
2014-09-14 14:43 - 2013-10-05 11:24 - 00000000 ____D () C:\ProgramData\Oracle
2014-09-10 12:13 - 2013-06-17 14:52 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Light-O-Rama
2014-09-10 12:04 - 2013-06-17 14:52 - 00000000 ____D () C:\ProgramData\Light-O-Rama
2014-09-10 10:50 - 2013-06-16 13:11 - 00000000 ____D () C:\ProgramData\regid.1986-12.com.adobe
2014-09-03 13:53 - 2013-06-17 14:56 - 00000000 ____D () C:\ProgramData\LOROC

Files to move or delete:
====================
D:\Users\Pickett_Kevin\IP_Log_Data.js
D:\Users\Pickett_Kevin\mkvreg.reg


Some content of TEMP:
====================
D:\Users\Pickett_Kevin\AppData\Local\Temp\bi_update.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


testsigning: ==> Check for possible unsigned rootkit driver <===== ATTENTION!


nointegritychecks: ==> Integrity Checks is disabled <===== ATTENTION!


LastRegBack: 2014-09-26 00:59

==================== End Of Log ============================

 

 

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 02-10-2014
Ran by Pickett_Kevin at 2014-10-03 08:31:29
Running from C:\
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Microsoft Security Essentials (Enabled - Up to date) {4F35CFC4-45A3-FC37-EF17-759A02E39AB1}
AS: Microsoft Security Essentials (Enabled - Up to date) {F4542E20-6399-F3B9-D5A7-4EE87964D00C}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

 Tools for .Net 3.5 (x32 Version: 3.11.50727 - Microsoft Corporation) Hidden
µTorrent (HKCU\...\uTorrent) (Version: 3.4.2.34309 - BitTorrent Inc.)
4500_G510gm_Help (x32 Version: 000.0.440.000 - Hewlett-Packard) Hidden
4500G510gm (x32 Version: 000.0.423.000 - Hewlett-Packard) Hidden
4500G510gm_Software_Min (x32 Version: 000.0.423.000 - Hewlett-Packard) Hidden
64 Bit HP CIO Components Installer (Version: 7.2.8 - Hewlett-Packard) Hidden
ActivePerl 5.16.3 Build 1604 (64-bit) (HKLM\...\{A7915697-1675-433D-AD07-759E8550582F}) (Version: 5.16.1604 - ActiveState)
Adobe Acrobat XI Pro (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-000000000006}) (Version: 11.0.07 - Adobe Systems)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 14.0.0.178 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 14.0.0.178 - Adobe Systems Incorporated) Hidden
Adobe Anchor Service CS4 (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Creative Suite 5 Master Collection (HKLM-x32\...\{288DB08D-0708-4A94-B055-55B99E39EB62}) (Version: 5.0 - Adobe Systems Incorporated)
Adobe Creative Suite 6 Master Collection (HKLM-x32\...\{E8AD3069-9EB7-4BA8-8BFE-83F4E69355C0}) (Version: 6 - Adobe Systems Incorporated)
Adobe Director 11.5 (HKLM-x32\...\Adobe_46f17ca4f5daa9524ac09ba8d50e980) (Version: 11.5 - Adobe Systems Incorporated)
Adobe Director 11.5 (x32 Version: 11.5 - Adobe Systems Incorporated) Hidden
Adobe Download Assistant (HKLM-x32\...\com.adobe.downloadassistant.AdobeDownloadAssistant) (Version: 1.2.6 - Adobe Systems Incorporated)
Adobe Download Assistant (x32 Version: 1.2.6 - Adobe Systems Incorporated) Hidden
Adobe Encore CS6 Library (HKLM-x32\...\{07E80932-FFB1-402D-9198-18C58EBAF216}) (Version: 6.0.0 - Adobe Systems Incorporated)
Adobe Flash Player 14 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 14.0.0.145 - Adobe Systems Incorporated)
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.152 - Adobe Systems Incorporated)
Adobe Help Manager (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 4.0.244 - Adobe Systems Incorporated)
Adobe Help Manager (x32 Version: 4.0.244 - Adobe Systems Incorporated) Hidden
Adobe Premiere Pro CS6 Functional Content (HKLM-x32\...\{614020C8-2E16-4E16-A5F0-04DE2AB96097}) (Version: 6.0.0 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.09) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.09 - Adobe Systems Incorporated)
Adobe Setup (x32 Version: 2.0 - Adobe Systems Incorporated) Hidden
Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.1.3.153 - Adobe Systems, Inc.)
Adobe Soundbooth CS5 Codecs (HKLM-x32\...\{DE5DE662-2ECB-4D93-967B-221FBCC8A736}) (Version: 3.0 - Adobe Systems Incorporated)
Adobe Soundbooth CS5 Royalty Codecs (HKLM-x32\...\{F319804F-E3A4-4C02-8AEC-CB39A4F6447E}) (Version: 3.0 - Adobe Systems Incorporated)
Adobe Update Manager CS4 (x32 Version: 6.0.0 - Adobe Systems Incorporated) Hidden
Adobe Widget Browser (HKLM-x32\...\com.adobe.WidgetBrowser) (Version: 2.0 Build 348 - Adobe Systems Incorporated.)
Adobe Widget Browser (x32 Version: 2.0.348 - Adobe Systems Incorporated.) Hidden
Adobe® Content Viewer (HKLM-x32\...\com.adobe.dmp.contentviewer) (Version: 3.4.3 - Adobe Systems, Incorporated)
Adobe® Content Viewer (x32 Version: 3.4.3 - Adobe Systems, Incorporated) Hidden
AI Suite II (HKLM-x32\...\{34D3688E-A737-44C5-9E2A-FF73618728E1}) (Version: 2.01.01 - ASUSTeK Computer Inc.)
AMD Accelerated Video Transcoding (Version: 12.10.100.30328 - Advanced Micro Devices, Inc.) Hidden
AMD Catalyst Install Manager (HKLM\...\{C8807716-1F6F-5C43-3C32-7295A45CF060}) (Version: 8.0.911.0 - Advanced Micro Devices, Inc.)
AMD Drag and Drop Transcoding (Version: 2.00.0000 - Advanced Micro Devices, Inc.) Hidden
AMD Media Foundation Decoders (Version: 1.0.80328.2204 - Advanced Micro Devices, Inc.) Hidden
Apple Application Support (HKLM-x32\...\{D9DAD0FF-495A-472B-9F10-BAE430A26682}) (Version: 3.0.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{787136D2-F0F8-4625-AA3F-72D7795AC842}) (Version: 7.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Asmedia ASM104x USB 3.0 Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.14.1.0 - Asmedia Technology)
ASUS PC Diagnostics (HKLM-x32\...\{D709005F-D8DC-42A8-8435-5AE880ECAF82}) (Version: 1.1.5 - ASUSTeK Computer Inc.)
AVS Audio Converter 7 (HKLM-x32\...\AVS Audio Converter_is1) (Version: 7.2.1.528 - Online Media Technologies Ltd.)
AVS Audio Editor 7.1 (HKLM-x32\...\AVS Audio Editor_is1) (Version: 7.2.1.487 - Online Media Technologies Ltd.)
AVS Cover Editor 2.0.1.3 (HKLM-x32\...\AVSCoverEditor2_is1) (Version: 2.0.1.3 - Online Media Technologies Ltd.)
AVS Disc Creator 5 (HKLM-x32\...\AVS Disc Creator_is1) (Version: 5.1.2.525 - Online Media Technologies Ltd.)
AVS DVD Copy 4.1.2.283 (HKLM-x32\...\AVS DVD Copy_is1) (Version: 4.1.2.283 - Online Media Technologies Ltd.)
AVS Image Converter 3.0.2.270 (HKLM-x32\...\AVS Image Converter_is1) (Version: 3.0.2.270 - Online Media Technologies Ltd.)
AVS Media Player 4.2.2.104 (HKLM-x32\...\AVS Media Player_is1) (Version: 4.2.2.104 - Online Media Technologies Ltd.)
AVS Photo Editor (HKLM-x32\...\AVS Photo Editor_is1) (Version: 2.1.2.136 - Online Media Technologies Ltd.)
AVS Registry Cleaner 2.3.1.255 (HKLM-x32\...\AVS Registry Cleaner_is1) (Version: 2.3.1.255 - Online Media Technologies Ltd.)
AVS Ringtone Maker version 1.6 (HKLM-x32\...\AVS Ringtone Maker 1.6_is1) (Version: 1.6.1.140 - Online Media Technologies Ltd.)
AVS Video Converter 8 (HKLM-x32\...\AVS4YOU Video Converter 7_is1) (Version: 8.4.2.541 - Online Media Technologies Ltd.)
AVS Video Editor 6 (HKLM-x32\...\AVS Video Editor_is1) (Version: 6.4.2.241 - Online Media Technologies Ltd.)
AVS Video ReMaker 4.2.2.153 (HKLM-x32\...\AVS Video ReMaker_is1) (Version: 4.2.2.153 - Online Media Technologies Ltd.)
AzureTools.Notifications (x32 Version: 2.1.10731.1602 - Microsoft Corporation) Hidden
Behaviors SDK (XAML) for Visual Studio (x32 Version: 12.0.41002.1 - Microsoft Corporation) Hidden
Belarc Advisor 8.3 (HKLM-x32\...\Belarc Advisor) (Version: 8.3.2.0 - Belarc Inc.)
bl (x32 Version: 1.0.0 - Your Company Name) Hidden
Blend for Visual Studio 2013 (x32 Version: 12.0.41002.1 - Microsoft Corporation) Hidden
Blend for Visual Studio 2013 ENU resources (x32 Version: 12.0.41002.1 - Microsoft Corporation) Hidden
Blend for Visual Studio SDK for .NET 4.5 (x32 Version: 3.0.40218.0 - Microsoft Corporation) Hidden
Blend for Visual Studio SDK for Silverlight 5 (x32 Version: 3.0.40218.0 - Microsoft Corporation) Hidden
Blue Iris 3 (HKLM-x32\...\InstallShield_{5923C82E-6BB6-4186-AF14-3066D1F29323}) (Version: 3.09.03 - Perspective Software)
Blue Iris 3 (x32 Version: 3.09.03 - Perspective Software) Hidden
Blue Iris ActiveX Control (HKLM-x32\...\InstallShield_{7106E079-28CA-4FEC-A083-6577EB674526}) (Version: 3.0.0.9 - Perspective Software)
Blue Iris ActiveX Control (x32 Version: 3.0.0.9 - Perspective Software) Hidden
Bluetooth Win7 Suite (64) (HKLM\...\{230D1595-57DA-4933-8C4E-375797EBB7E1}) (Version: 7.2.0.65 - Atheros Communications)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
BufferChm (x32 Version: 130.0.331.000 - Hewlett-Packard) Hidden
Build Tools - amd64 (Version: 12.0.30110 - Microsoft Corporation) Hidden
Build Tools - x86 (x32 Version: 12.0.30110 - Microsoft Corporation) Hidden
Build Tools Language Resources - amd64 (Version: 12.0.30110 - Microsoft Corporation) Hidden
Build Tools Language Resources - x86 (x32 Version: 12.0.30110 - Microsoft Corporation) Hidden
Bulk Rename Utility 2.7.1.2 (HKLM\...\Bulk Rename Utility_is1) (Version:  - TGRMN Software)
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center (x32 Version: 2013.0328.2218.38225 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2013.0328.2218.38225 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2013.0328.2218.38225 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2013.0328.2218.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Standard (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Traditional (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Czech (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Danish (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Dutch (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help English (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Finnish (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help French (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help German (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Greek (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Hungarian (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Italian (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Japanese (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Korean (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Norwegian (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Polish (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Portuguese (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Russian (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Spanish (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Swedish (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Thai (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
CCC Help Turkish (x32 Version: 2013.0328.2217.38225 - Advanced Micro Devices, Inc.) Hidden
ccc-utility64 (Version: 2013.0328.2218.38225 - Advanced Micro Devices, Inc.) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 4.18 - Piriform)
Classic Shell (HKLM\...\{2368907C-E8F6-4750-A023-254C3E2B5E8D}) (Version: 4.0.4 - IvoSoft)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Destinations (x32 Version: 130.0.0.0 - Hewlett-Packard) Hidden
DeviceDiscovery (x32 Version: 130.0.372.000 - Hewlett-Packard) Hidden
DFX (HKLM-x32\...\DFX) (Version: 11.110.0.0 - Power Technology)
DMX Utilities (HKLM-x32\...\ST6UNST #1) (Version:  - )
DocMgr (x32 Version: 130.0.000.000 - Hewlett-Packard) Hidden
DocProc (x32 Version: 13.0.0.0 - Hewlett-Packard) Hidden
Dos Panel 1.1 (HKLM-x32\...\Dos Panel_is1) (Version: 1.0 - J. Rathlev)
Dotfuscator and Analytics Community Edition (x32 Version: 5.5.4954.46574 - PreEmptive Solutions) Hidden
Dropbox (HKCU\...\Dropbox) (Version: 2.10.28 - Dropbox, Inc.)
DVD Inventory 2.2.0.0 (HKLM-x32\...\DVDInventory_is1) (Version:  - Doena Soft.)
Elevated Installer (x32 Version: 2.3.17.0 - Garmin Ltd or its subsidiaries) Hidden
Entity Framework Tools for Visual Studio 2013 (HKLM-x32\...\{08AEF86A-1956-4846-B906-B01350E96E30}) (Version: 12.0.20912.0 - Microsoft Corporation)
eWallet 7.6.2 for Windows PCs (HKLM-x32\...\Ilium Software eWallet_is1) (Version: 7.6.2 - Ilium Software)
Falcon µSC SSC Programmer (HKLM-x32\...\{D5EF61DC-27CD-436B-9FD5-9E192E78DBED}) (Version: 1.0.12 - FalconChristmas.com)
Falcon Controller Software (HKLM-x32\...\{99D6AD06-7CA1-4A27-A15C-C0256B29E8D1}) (Version: 1.1.0 - Falcon Christmas)
Fax (x32 Version: 130.0.418.000 - Hewlett-Packard) Hidden
FFmpeg v0.6.2 for Audacity (HKLM-x32\...\FFmpeg for Audacity_is1) (Version:  - )
FileZilla Client 3.9.0.5 (HKLM-x32\...\FileZilla Client) (Version: 3.9.0.5 - Tim Kosse)
Free YouTube Downloader 3.5.176 (HKLM-x32\...\{A7E19604-93AF-4611-8C9F-CE509C2B286F}_is1) (Version:  - HOW Inc.)
Garmin City Navigator North America NT 2014.30 Update (HKLM-x32\...\{6D30B301-7D44-4D64-9369-638E0101F922}) (Version: 17.30.0.0 - Garmin Ltd or its subsidiaries)
Garmin Communicator Plugin (HKLM-x32\...\{647BB978-2876-487B-9B0E-FDB73F0EA4A2}) (Version: 4.0.4 - Garmin Ltd or its subsidiaries)
Garmin Communicator Plugin x64 (HKLM\...\{237D687E-9E50-4A30-B810-262764CC491B}) (Version: 4.0.4 - Garmin Ltd or its subsidiaries)
Garmin Express (HKLM-x32\...\{d6f59919-3fd4-48c5-8404-def6f92d8422}) (Version: 2.3.17.0 - Garmin Ltd or its subsidiaries)
Garmin Express (x32 Version: 2.3.17.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin Express Tray (x32 Version: 2.3.17.0 - Garmin Ltd or its subsidiaries) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 37.0.2062.124 - Google Inc.)
Google Drive (HKLM-x32\...\{C6640705-7479-4EE5-BC86-879F05F65E74}) (Version: 1.17.7290.4094 - Google, Inc.)
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
GoPro Studio 2.0.1 (HKLM-x32\...\GoPro Studio) (Version: 2.0.1 - WoodmanLabs Inc. d.b.a. GoPro)
GPBaseService2 (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
Haali Media Splitter (HKLM-x32\...\HaaliMkx) (Version:  - )
HP Document Manager 2.0 (HKLM\...\HP Document Manager) (Version: 2.0 - HP)
HP Imaging Device Functions 13.0 (HKLM\...\HP Imaging Device Functions) (Version: 13.0 - HP)
HP Officejet 4500 G510g-m (HKLM\...\{E5083D57-D93F-404C-A91F-1C50D67C2BEB}) (Version: 13.0 - HP)
HP Solution Center 13.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 13.0 - HP)
HP Update (HKLM-x32\...\{97486FBE-A3FC-4783-8D55-EA37E9D171CC}) (Version: 5.005.000.002 - Hewlett-Packard)
HPDiagnosticAlert (x32 Version: 1.00.0000 - Microsoft) Hidden
HPProductAssistant (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
IIS 8.0 Express (HKLM\...\{7BF61FA9-BDFB-4563-98AD-FCB0DA28CCC7}) (Version: 8.0.1557 - Microsoft Corporation)
IIS Express Application Compatibility Database for x64 (HKLM\...\{9f4f4a9b-eec5-4906-92fe-d1f43ccf5c8d}.sdb) (Version:  - )
IIS Express Application Compatibility Database for x86 (HKLM\...\{fdfba1f3-74ae-4255-9c10-a0f552b4610f}.sdb) (Version:  - )
InstallShield 2013 Limited Edition (HKLM-x32\...\{6781C524-2DA2-4182-908C-8B204E0DD47C}) (Version: 20.00.0000 - Flexera Software LLC)
Intel® Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel® Network Connections 19.3.141.0 (HKLM\...\PROSetDX) (Version: 19.3.141.0 - Intel)
Intel® Network Connections 19.3.141.0 (Version: 19.3.141.0 - Intel) Hidden
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.3517 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.6.2.1001 - Intel Corporation)
Intel® SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
Intel® Watchdog Timer Driver (Intel® WDT) (HKLM-x32\...\{3FD0C489-0F02-481a-A3E1-9754CD396761}) (Version:  - Intel Corporation)
Itibiti RTC (x32 Version: 0.0.1 - Itibiti Inc) Hidden
iTunes (HKLM\...\{5A68A656-979F-4168-8795-E2E368AA4DC2}) (Version: 11.2.2.3 - Apple Inc.)
Java 7 Update 67 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217067FF}) (Version: 7.0.670 - Oracle)
Java Auto Updater (x32 Version: 2.1.67.1 - Oracle, Inc.) Hidden
JavaScript Tooling (Version: 12.0.30110 - Microsoft Corporation) Hidden
JavaScript Tooling (x32 Version: 12.0.30110 - Microsoft Corporation) Hidden
Jovian Color Picker (HKCU\...\Jovian) (Version:  - Ken Nign)
kitchi (HKLM-x32\...\{9C1BEFA5-147E-4F99-9F84-E5FFC790612F}) (Version: 4.5.0 - PW2 Computer Services)
LADSPA_plugins-win-0.4.15 (HKLM-x32\...\LADSPA_plugins-win_is1) (Version:  - Audacity Team)
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version:  - )
LD Calculator Lite 1.02 b1 (HKLM-x32\...\LD Calculator Lite_is1) (Version:  - Paul Pelletier)
Lightjams (HKLM\...\{069058C4-E695-441B-88A6-7091D7E62E74}) (Version: 1.0.248 - LJ)
Light-O-Rama (HKLM-x32\...\{E744BFEA-E027-441E-83A2-36202F661E31}) (Version: 3.11.2 - Light-O-Rama)
LocalESPC Dev12 (x32 Version: 8.100.25984 - Microsoft Corporation) Hidden
LocalESPCui for en-us Dev12 (x32 Version: 8.100.25984 - Microsoft) Hidden
LOR Object Creator (HKLM-x32\...\{FC1E7811-EE3E-4646-9F46-1FAFD6057897}) (Version: 9.8.7 - Shannon (cyberfix))
Macromedia FreeHand MXa (HKLM-x32\...\{939740B5-0064-4779-854A-8C1086181C05}) (Version: 11.0.2 - Macromedia)
Magic Bullet Suite 64-bit (HKLM-x32\...\InstallShield_{4D2F05BB-228E-4081-B94C-50AD015EE462}) (Version: 11.4.2 - Red Giant Software)
Magic Bullet Suite 64-bit (Version: 11.4.2 - Red Giant Software) Hidden
Malwarebytes Anti-Malware version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Microsoft .NET Framework 1.1 (HKLM-x32\...\{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}) (Version: 1.1.4322 - Microsoft)
Microsoft .NET Framework 4 Multi-Targeting Pack (x32 Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5 Multi-Targeting Pack (HKLM-x32\...\{56E962F0-4FB0-3C67-88DB-9EAA6EEFC493}) (Version: 4.5.50710 - Microsoft Corporation)
Microsoft .NET Framework 4.5 SDK (HKLM-x32\...\{4AE57014-05C4-4864-A13D-86517A7E1BA4}) (Version: 4.5.50710 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (ENU) (HKLM-x32\...\{D3517C62-68A5-37CF-92F7-93C029A89681}) (Version: 4.5.50932 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (HKLM-x32\...\{6A0C6700-EA93-372C-8871-DCCF13D160A4}) (Version: 4.5.50932 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 RC Multi-Targeting Pack for Windows Store Apps (ENU) (x32 Version: 4.5.21005 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 RC Multi-Targeting Pack for Windows Store Apps (x32 Version: 4.5.21005 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 SDK (HKLM-x32\...\{19A5926D-66E1-46FC-854D-163AA10A52D3}) (Version: 4.5.51641 - Microsoft Corporation)
Microsoft Advertising SDK for Windows 8.1 - ENU (x32 Version: 8.1.30809.0 - Microsoft Corporation) Hidden
Microsoft Advertising Service Extension for Visual Studio (x32 Version: 12.0.30809.0 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft ASP.NET MVC 3 (HKLM-x32\...\{DCDEC776-BADD-48B9-8F9A-DFF513C3D7FA}) (Version: 3.0.20105.0 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 - Visual Studio 2013 - ENU (x32 Version: 4.1.21001.0 - Microsoft Corporation) Hidden
Microsoft ASP.NET MVC 4 Runtime (x32 Version: 4.0.20716.0 - Microsoft Corporation) Hidden
Microsoft ASP.NET Web Frameworks and Tools - Visual Studio 2013 - ENU (x32 Version: 5.0.11213.0 - Microsoft Corporation) Hidden
Microsoft ASP.NET Web Pages (HKLM-x32\...\{631471BE-DEAB-454B-A9AC-CE3EB42C28B3}) (Version: 1.0.20105.0 - Microsoft Corporation)
Microsoft ASP.NET Web Pages 2 - Visual Studio 2013 - ENU (x32 Version: 4.1.21001.0 - Microsoft Corporation) Hidden
Microsoft ASP.NET Web Pages 2 Runtime (x32 Version: 2.0.20716.0 - Microsoft Corporation) Hidden
Microsoft C++ REST SDK for Visual Studio 2013 (x32 Version: 1.0 - Microsoft Corporation) Hidden
Microsoft Exchange Web Services Managed API 2.1 (HKLM-x32\...\{24CA683D-8174-4EBF-AD4D-3F2DD7814716}) (Version: 15.0.847.30 - Microsoft Corporation)
Microsoft Expression Blend SDK for .NET 4 (x32 Version: 2.0.20525.0 - Microsoft Corporation) Hidden
Microsoft Help Viewer 2.1 (HKLM-x32\...\Microsoft Help Viewer 2.1) (Version: 2.1.21005 - Microsoft Corporation)
Microsoft Help Viewer 2.1 (x32 Version: 2.1.21005 - Microsoft Corporation) Hidden
Microsoft Identity Extensions (Version: 2.0.1459.0 - Microsoft Corporation) Hidden
Microsoft LightSwitch for Visual Studio 2013 Core (x32 Version: 12.0.30225 - Microsoft Corporation) Hidden
Microsoft LightSwitch for Visual Studio 2013 CoreRes - ENU (x32 Version: 12.0.30225 - Microsoft Corporation) Hidden
Microsoft LightSwitch for Visual Studio 2013 v4.5 Tools (x32 Version: 12.0.30225 - Microsoft Corporation) Hidden
Microsoft LightSwitch for Visual Studio 2013 v4.5 ToolsRes - ENU (x32 Version: 12.0.30225 - Microsoft Corporation) Hidden
Microsoft LightSwitch v4.5 SDK (x32 Version: 12.0.30225 - Microsoft Corporation) Hidden
Microsoft Network Monitor 3.4 (HKLM\...\{8C5B5A11-CBF8-451B-B201-77FAB0D0B77D}) (Version: 3.4.2350.0 - Microsoft Corporation)
Microsoft Network Monitor: NetworkMonitor Parsers 3.4 (HKLM\...\{963E5FEB-1367-46B9-851D-A957F1A3747F}) (Version: 3.4.2350.0 - Microsoft Corporation)
Microsoft NuGet - Visual Studio 2013 (x32 Version: 2.7.41101.371 - Microsoft Corporation) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-0030-0000-0000-0000000FF1CE}_ENTERPRISER_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden
Microsoft Office 2013 Developer Tools for Microsoft Visual Studio (x64) - ENU Language Pack (Version: 12.0.30225 - Microsoft Corporation) Hidden
Microsoft Office 2013 Developer Tools for Microsoft Visual Studio (x64) (Version: 12.0.30225 - Microsoft Corporation) Hidden
Microsoft Office Access MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Access Setup Metadata MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Developer Tools for Visual Studio 2013 - March 2014 Update (HKLM-x32\...\{b9a142c4-c707-417c-8025-1ced2b024004}) (Version: 12.0.30225.0 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISER) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Groove MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Groove Setup Metadata MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden
Microsoft Office Publisher MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Visio 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0051-0000-0000-0000000FF1CE}_VISPRO_{CE144BF4-4950-4CDB-A5F7-CCE1888F49CB}) (Version:  - Microsoft)
Microsoft Office Visio 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden
Microsoft Office Visio MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Visio Professional 2007 (HKLM-x32\...\VISPRO) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Visio Professional 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Portable Library Multi-Targeting Pack (x32 Version: 12.0.21005.01 - Microsoft Corporation) Hidden
Microsoft Portable Library Multi-Targeting Pack Language Pack - enu (x32 Version: 12.0.21005.01 - Microsoft Corporation) Hidden
Microsoft Report Viewer Add-On for Visual Studio 2013 (x32 Version: 11.1.3366.16 - Microsoft Corporation) Hidden
Microsoft Security Client (Version: 4.6.0305.0 - Microsoft Corporation) Hidden
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.6.305.0 - Microsoft Corporation)
Microsoft SharePoint 2013 Developer Tools for Visual Studio (x32 Version: 12.0.30225 - Microsoft Corporation) Hidden
Microsoft SharePoint 2013 Developer Tools for Visual Studio 2012 Nuget Package (x32 Version: 12.0.30225 - Microsoft Corporation) Hidden
Microsoft SharePoint 2013 Developer Tools for Visual Studio ENU Language Pack (x32 Version: 12.0.30225 - Microsoft Corporation) Hidden
Microsoft SharePoint 2013 Developer Tools for Visual Studio Finalizer (x32 Version: 12.0.30225 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Silverlight 5 SDK (HKLM-x32\...\{E1FBB3D4-ADB0-4949-B101-855DA061C735}) (Version: 5.0.61118.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Command Line Utilities  (HKLM\...\{58FED865-4F13-408D-A5BF-996019C4B936}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Data-Tier App Framework  (HKLM-x32\...\{1B876496-B3A2-4D22-9B12-B608A3FD4B8B}) (Version: 11.1.2902.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Data-Tier App Framework  (x64) (HKLM\...\{A6BA243E-85A3-4635-A269-32949C98AC7F}) (Version: 11.1.2902.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Express LocalDB  (HKLM\...\{6C026A91-640F-4A23-8B68-05D589CC6F18}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Management Objects  (HKLM-x32\...\{2F7DBBE6-8EBC-495C-9041-46A772F4E311}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Management Objects  (x64) (HKLM\...\{43A5C316-9521-49C3-B9B6-FCE5E1005DF0}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Native Client  (HKLM\...\{D411E9C9-CE62-4DBF-9D92-4CB22B750ED5}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Transact-SQL Compiler Service  (HKLM\...\{BEB0F91E-F2EA-48A1-B938-7857ABF2A93D}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Transact-SQL ScriptDom  (HKLM\...\{54C5041B-0E91-4E92-8417-AAA12493C790}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 T-SQL Language Service  (HKLM-x32\...\{04DD7AF4-A6D3-4E30-9BB9-3B3670719234}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 SP1 x64 ENU (HKLM\...\{78909610-D229-459C-A936-25D92283D3FD}) (Version: 4.0.8876.1 - Microsoft Corporation)
Microsoft SQL Server Data Tools - enu (11.1.20627.00) (HKLM-x32\...\{FA804794-2CCB-4301-954F-2C2894698876}) (Version: 11.1.20627.00 - Microsoft Corporation)
Microsoft SQL Server Data Tools - enu (12.0.30919.1) (HKLM-x32\...\{0D7FCBFB-F478-4D32-901C-83F0BF5A3501}) (Version: 12.0.30919.1 - Microsoft Corporation)
Microsoft SQL Server Data Tools Build Utilities - enu (11.1.20627.00) (HKLM-x32\...\{790E9425-8570-493F-9AE7-81AFC9E46930}) (Version: 11.1.20627.00 - Microsoft Corporation)
Microsoft SQL Server Data Tools Build Utilities - enu (12.0.30919.1) (HKLM-x32\...\{6781FF9B-E87D-4A03-9373-A55A288B83FA}) (Version: 12.0.30919.1 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (HKLM-x32\...\{A47FD1BF-A815-4A76-BE65-53A15BD5D25D}) (Version: 10.50.1600.1 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (x64) (HKLM\...\{4701DEDE-1888-49E0-BAE5-857875924CA2}) (Version: 10.50.1600.1 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2012 (HKLM-x32\...\{070C38AC-05CE-43DF-9A20-141332F6AB2B}) (Version: 11.1.3366.16 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2012 (x64) (HKLM\...\{05FF8209-C4F1-4C77-BC28-791653156D20}) (Version: 11.1.3366.16 - Microsoft Corporation)
Microsoft Team Foundation Server 2013 Object Model (x64) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Team Foundation Server 2013 Object Model Language Pack (x64) - ENU (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual Basic 6 SP6 - KB2708437 Update (x32 Version: 1.0.0.0 - Flexera Software) Hidden
Microsoft Visual C++  ARM Libraries (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++  x64 Libraries (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++  x64 Native Compilers - ENU Resources (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++  x64 Native Compilers (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++  x64-arm Cross Compilers - ENU Resources (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++  x64-arm Cross Compilers (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++  x64-x86 Cross Compilers - ENU Resources (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++  x64-x86 Cross Compilers (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++  x86 Libraries (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.50727 (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (x32 Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.50727 (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (x32 Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013  x64 Designtime - 12.0.21005 (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 32bit Compilers - ENU Resources (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Compilers - ENU Resources (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Compilers (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Core Libraries (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Extended Libraries (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Microsoft Foundation Class Libraries (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005 (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Debug Runtime - 12.0.21005 (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005 (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Debug Runtime - 12.0.21005 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86-x64 Compilers (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual F# 3.1.1 (HKLM-x32\...\{51ba05a7-5d20-41ad-9ec8-6a4005faed87}) (Version: 12.0.30110.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50701 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (Version: 10.0.50706 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2013 Devenv (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2013 Devenv Resources (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2013 IntelliTrace Core amd64 (Version: 12.0.30110 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2013 IntelliTrace Core x86 (x32 Version: 12.0.30110 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2013 IntelliTrace Front End x86 (x32 Version: 12.0.30110 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2013 Performance Collection Tools - ENU (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2013 Performance Collection Tools (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2013 Preparation (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2013 Preparation (x32 Version: 12.0.30110 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2013 Profiling Tools (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2013 SDK - ENU (HKLM-x32\...\{8b2217f8-79ad-4765-bf57-14ce568feb53}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual Studio 2013 SDK - ENU (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2013 SDK Language Pack - ENU (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2013 Shell (Minimum) (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2013 Shell (Minimum) Interop Assemblies (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2013 Shell (Minimum) Resources (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2013 Team Explorer Language Pack - ENU (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2013 VsGraphics Helper Dependencies (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual Studio Premium 2013 - ENU (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual Studio Premium 2013 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual Studio Professional 2013 - ENU (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual Studio Professional 2013 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual Studio Team Foundation Server 2012 Object Model (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual Studio Team Foundation Server 2012 Object Model Language Pack - ENU (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual Studio Team Foundation Server 2013 Storyboarding (x64) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual Studio Team Foundation Server 2013 Storyboarding Language Pack (x64) - ENU (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual Studio Ultimate 2013 - ENU (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual Studio Ultimate 2013 (HKLM-x32\...\{cd09eea6-d0b3-4246-bb80-e047ceadf61f}) (Version: 12.0.21005.13 - Microsoft Corporation)
Microsoft Visual Studio Ultimate 2013 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual Studio Ultimate 2013 XAML UI Designer chs Resources (x32 Version: 12.0.30110 - Microsoft Corporation) Hidden
Microsoft Visual Studio Ultimate 2013 XAML UI Designer cht Resources (x32 Version: 12.0.30110 - Microsoft Corporation) Hidden
Microsoft Visual Studio Ultimate 2013 XAML UI Designer Core (x32 Version: 12.0.30110 - Microsoft Corporation) Hidden
Microsoft Visual Studio Ultimate 2013 XAML UI Designer csy Resources (x32 Version: 12.0.30110 - Microsoft Corporation) Hidden
Microsoft Visual Studio Ultimate 2013 XAML UI Designer deu Resources (x32 Version: 12.0.30110 - Microsoft Corporation) Hidden
Microsoft Visual Studio Ultimate 2013 XAML UI Designer enu Resources (x32 Version: 12.0.30110 - Microsoft Corporation) Hidden
Microsoft Visual Studio Ultimate 2013 XAML UI Designer esn Resources (x32 Version: 12.0.30110 - Microsoft Corporation) Hidden
Microsoft Visual Studio Ultimate 2013 XAML UI Designer ita Resources (x32 Version: 12.0.30110 - Microsoft Corporation) Hidden
Microsoft Visual Studio Ultimate 2013 XAML UI Designer jpn Resources (x32 Version: 12.0.30110 - Microsoft Corporation) Hidden
Microsoft Visual Studio Ultimate 2013 XAML UI Designer kor Resources (x32 Version: 12.0.30110 - Microsoft Corporation) Hidden
Microsoft Visual Studio Ultimate 2013 XAML UI Designer plk Resources (x32 Version: 12.0.30110 - Microsoft Corporation) Hidden
Microsoft Visual Studio Ultimate 2013 XAML UI Designer ptb Resources (x32 Version: 12.0.30110 - Microsoft Corporation) Hidden
Microsoft Visual Studio Ultimate 2013 XAML UI Designer rus Resources (x32 Version: 12.0.30110 - Microsoft Corporation) Hidden
Microsoft Visual Studio Ultimate 2013 XAML UI Designer trk Resources (x32 Version: 12.0.30110 - Microsoft Corporation) Hidden
Microsoft Visual Studio Ultimate 2013 XAML UI Designer fra Resources (x32 Version: 12.0.30110 - Microsoft Corporation) Hidden
Microsoft Web Deploy 3.5 (HKLM\...\{3674F088-9B90-473A-AAC3-20A00D8D810C}) (Version: 3.1237.1762 - Microsoft Corporation)
Microsoft Web Deploy dbSqlPackage Provider - enu (HKLM-x32\...\{E4C33F5B-1B2F-466E-957E-B274F08151A0}) (Version: 10.3.20225.0 - Microsoft Corporation)
Microsoft Web Developer Tools 2013 - Visual Studio 2013 (x32 Version: 2.0.40926.0 - Microsoft Corporation) Hidden
Microsoft Web Platform Installer 4.6 (HKLM\...\{16C7D2AD-20CA-491E-80BC-8607A9AACED9}) (Version: 4.0.40719.0 - Microsoft Corporation)
Microsoft_VC80_ATL_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_CRT_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFC_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFCLOC_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC90_ATL_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_CRT_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFC_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFCLOC_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Minleon LightShow Pro (HKLM\...\Minleon LightShow Pro) (Version: 2.8.5087.34674 - Minleon International Ltd.)
Minleon LightShow Pro (HKLM-x32\...\Minleon LightShow Pro) (Version: 2.5.4875.37645 - Minleon International Ltd.)
Minleon LightShow Pro Scheduler (HKLM\...\Minleon LightShow Pro Scheduler) (Version: 2.8.5099.296 - Minleon International Ltd.)
Movie Maker (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Mozilla Firefox 32.0.3 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 32.0.3 (x86 en-US)) (Version: 32.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
MPLAB Tools v8.92 (HKLM-x32\...\InstallShield_{EFF70ABE-9F88-41B4-A0DF-BE0A803209CF}) (Version: 8.92 - Microchip Technology Inc.)
MPLAB Tools v8.92 (x32 Version: 8.92 - Microchip Technology Inc.) Hidden
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT Redists (Version: 1.0 - Sony Creative Software Inc.) Hidden
MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden
MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden
MSXML 4.0 (x32 Version: 4.20.9818.0 - Microsoft Corporation) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Nero 12 (HKLM-x32\...\{560FC78C-A4B2-461D-9B47-820C1EEF87B8}) (Version: 12.0.02000 - )
Nero 12 (HKLM-x32\...\{E9B9B255-5047-4E57-8360-21CBFF98B8DB}) (Version: 12.5.01400 - Nero AG)
Nero Audio Pack 1 (x32 Version: 11.0.11500.110.0 - Nero AG) Hidden
Nero BackItUp (x32 Version: 12.5.1000 - Nero AG) Hidden
Nero BackItUp Help (CHM) (x32 Version: 12.0.13000 - Nero AG) Hidden
Nero Blu-ray Player (x32 Version: 12.0.20014 - Nero AG) Hidden
Nero Blu-ray Player Help (CHM) (x32 Version: 12.0.9000 - Nero AG) Hidden
Nero Burning ROM (x32 Version: 12.5.5001 - Nero AG) Hidden
Nero Burning ROM Help (CHM) (x32 Version: 12.0.3000 - Nero AG) Hidden
Nero ControlCenter (x32 Version: 11.0.15600 - Nero AG) Hidden
Nero ControlCenter Help (CHM) (x32 Version: 12.0.12000 - Nero AG) Hidden
Nero Core Components (x32 Version: 11.0.20200 - Nero AG) Hidden
Nero Disc Menus Basic (x32 Version: 12.0.11500 - Nero AG) Hidden
Nero Effects Basic (x32 Version: 12.0.11500 - Nero AG) Hidden
Nero Express (x32 Version: 12.5.5002 - Nero AG) Hidden
Nero Express Help (CHM) (x32 Version: 12.0.13000 - Nero AG) Hidden
Nero Kwik Media (x32 Version: 1.18.20100 - Nero AG) Hidden
Nero Kwik Media Help (CHM) (x32 Version: 12.0.12000 - Nero AG) Hidden
Nero Kwik Themes Basic (x32 Version: 12.0.11500 - Nero AG) Hidden
Nero PiP Effects Basic (x32 Version: 12.0.11500 - Nero AG) Hidden
Nero Recode (x32 Version: 12.5.6000 - Nero AG) Hidden
Nero Recode Help (CHM) (x32 Version: 12.0.12000 - Nero AG) Hidden
Nero RescueAgent (x32 Version: 12.0.10002 - Nero AG) Hidden
Nero RescueAgent Help (CHM) (x32 Version: 12.0.7000 - Nero AG) Hidden
Nero SharedVideoCodecs (x32 Version: 1.0.12100.2.0 - Nero AG) Hidden
Nero Update (x32 Version: 11.0.11800.31.0 - Nero AG) Hidden
Nero Video (x32 Version: 12.5.2001 - Nero AG) Hidden
Nero Video Help (CHM) (x32 Version: 12.0.12000 - Nero AG) Hidden
neroxml (x32 Version: 1.0.0 - Nero AG) Hidden
Network64 (Version: 130.0.550.000 - Hewlett-Packard) Hidden
Network64 (Version: 140.0.221.000 - Hewlett-Packard) Hidden
Next Generation Visualisations (HKLM-x32\...\{2E376AD9-5C49-4F7D-A0BA-6A44E8FA5A3B}) (Version: 1.0.0 -  Microsoft)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.6.8 - Notepad++ Team)
OCR Software by I.R.I.S. 13.0 (HKLM\...\HPOCR) (Version: 13.0 - HP)
Open XML SDK 2.0 for Microsoft Office (HKLM-x32\...\{171D8D76-3F05-455A-A8AF-C561C2679905}) (Version: 2.0.5022 - Microsoft Corporation)
Open XML SDK 2.0 Productivity Tool for Microsoft Office (HKLM-x32\...\{DEB1CE7F-5821-4E1C-ADED-744F52052E4A}) (Version: 2.0.5022 - Microsoft Corporation)
Open XML SDK 2.5 for Microsoft Office (x32 Version: 2.5.5631 - Microsoft Corporation) Hidden
OutlookTools 2 (HKLM-x32\...\{E69BB189-4B20-46AE-93CF-59099F05FC3F}) (Version: 2.3.0 - HowTo-Outlook)
PDF Settings CS6 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
ph (x32 Version: 1.0.0 - Your Company Name) Hidden
Photo Gallery (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
PL-2303 USB-to-Serial (HKLM-x32\...\{ECC3713C-08A4-40E3-95F1-7D0704F1CE5E}) (Version: 1.6.1 - Prolific Technology INC)
PowerChute Personal Edition 3.0.2 (HKLM-x32\...\{8ED262EE-FC73-47A9-BB86-D92223246881}) (Version: 3.0.2 - Schneider Electric)
PreEmptive Analytics Visual Studio Components (x32 Version: 1.2.3197.1 - PreEmptive Solutions) Hidden
Prerequisite installer (x32 Version: 12.0.0003 - Nero AG) Hidden
Prerequisites for SSDT  (HKLM-x32\...\{35C1D9D6-87C0-46A3-B1B4-EDBCC063221C}) (Version: 11.1.3000.0 - Microsoft Corporation)
ProntoEdit NG (HKLM-x32\...\ProntoEdit NG) (Version: 3.1.3.0 - Philips)
ProntoEdit NG Setup Support (HKLM-x32\...\{598C4070-36FF-47A4-BF4E-F001F94451B8}) (Version: 3.0.0.0 - Philips)
Python Tools Redirection Template (x32 Version: 1.1 - Microsoft Corporation) Hidden
QuickTime 7 (HKLM-x32\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)
RealDownloader (x32 Version: 1.3.2 - RealNetworks, Inc.) Hidden
RealNetworks - Microsoft Visual C++ 2008 Runtime (x32 Version: 9.0 - RealNetworks, Inc) Hidden
RealNetworks - Microsoft Visual C++ 2010 Runtime (x32 Version: 10.0 - RealNetworks, Inc) Hidden
RealPlayer (HKLM-x32\...\RealPlayer 16.0) (Version: 16.0.2 - RealNetworks)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7246 - Realtek Semiconductor Corp.)
RealUpgrade 1.1 (x32 Version: 1.1.0 - RealNetworks, Inc.) Hidden
RegZooka (HKLM-x32\...\RegZooka) (Version: 3.42 - ZookaWare)
Scan (x32 Version: 13.0.0.0 - Hewlett-Packard) Hidden
Screen AVI CAM 4.0 (HKLM-x32\...\Screen AVI CAM 4.0) (Version:  - SProsoft)
Screen AVI CAM 4.0 (x32 Version: 4.0 - SProsoft) Hidden
SDFormatter (HKLM-x32\...\{179324FF-7B16-4BA8-9836-055CAAEE4F08}) (Version: 4.0.0 - SD Association)
SharePoint Client Components (HKLM\...\{95150002-1163-0409-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation)
SharePoint Client Components (HKLM\...\{95160001-1163-0409-1000-0000000FF1CE}) (Version: 16.0.2617.1200 - Microsoft Corporation)
Shark007 Advanced Codecs (HKLM-x32\...\{8C0CAA7A-3272-4991-A808-2C7559DE3409}) (Version: 4.7.5 - Shark007)
SignBoard (HKLM-x32\...\{92B85279-0D66-4BA1-8B86-7F6ACCF922DA}) (Version: 1.00.0000 - )
SlimDX Runtime .NET 4.0 x64 (January 2012) (HKLM\...\{A2199A06-89C4-4187-AA4A-3A9676FB799D}) (Version: 2.0.13.43 - SlimDX Group)
Smart Pixel System (HKLM-x32\...\{56190BF7-EE8F-4FAF-A953-250A793A131B}) (Version: 1.0.0.0 - Creative Software Designs)
Smart String Utility (HKLM-x32\...\{EEC5A18D-40AD-4ABB-B7A1-0BFF3A8C8F4D}) (Version: 1.0.0 - DLA)
SolutionCenter (x32 Version: 130.0.373.000 - Hewlett-Packard) Hidden
Status (x32 Version: 130.0.373.000 - Hewlett-Packard) Hidden
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Syncios version 2.0.9 (HKLM-x32\...\{068A5D84-8419-4BDE-9689-FE65F412EFBB}_is1) (Version: 2.0.9 - Anvsoft, Inc.)
System Requirements Lab for Intel (HKLM-x32\...\{04C4B49D-45D9-4A28-9ED1-B45CBD99B8C7}) (Version: 4.5.24.0 - Husdawg, LLC)
Team Explorer for Microsoft Visual Studio 2013 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.32494 - TeamViewer)
Temp File Cleaner (HKLM\...\Temp File Cleaner) (Version: 4.3.0 - Addpcs, LLC)
The Print Shop 22 (HKLM-x32\...\{E34351A4-4B10-4DFF-96BC-84C642D9C625}) (Version: 22.00.0000 - Broderbund Software)
Toolbox (x32 Version: 130.0.648.000 - Hewlett-Packard) Hidden
TrayApp (x32 Version: 130.0.376.000 - Hewlett-Packard) Hidden
UltraCompare (HKLM-x32\...\InstallShield_{11EF223E-CCCB-4BCC-918D-EA4E59FD05EF}) (Version: 8.50.1025 - IDM Computer Solutions, Inc.)
UltraCompare (x32 Version: 8.50.1025 - IDM Computer Solutions, Inc.) Hidden
UltraEdit (HKLM-x32\...\InstallShield_{635A6AF2-63AF-4C1C-AF57-BDC8AF6D397D}) (Version: 19.10.1012 - IDM Computer Solutions, Inc.)
UltraEdit (x32 Version: 19.10.1012 - IDM Computer Solutions, Inc.) Hidden
Update for  (KB2504637) (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}.KB2504637) (Version: 1 - Microsoft Corporation)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0051-0000-0000-0000000FF1CE}_VISPRO_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-0030-0000-0000-0000000FF1CE}_ENTERPRISER_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update for Microsoft Office 2007 Help for Common Features (KB963673) (HKLM-x32\...\{90120000-006E-0409-0000-0000000FF1CE}_ENTERPRISER_{AB365889-0395-4FAD-B702-CA5985D53D42}) (Version:  - Microsoft)
Update for Microsoft Office 2007 Help for Common Features (KB963673) (HKLM-x32\...\{90120000-006E-0409-0000-0000000FF1CE}_VISPRO_{AB365889-0395-4FAD-B702-CA5985D53D42}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (HKLM-x32\...\{90120000-0051-0000-0000-0000000FF1CE}_VISPRO_{A024FC7B-77DE-45DE-A058-1C049A17BFB3}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (HKLM-x32\...\{91120000-0030-0000-0000-0000000FF1CE}_ENTERPRISER_{A024FC7B-77DE-45DE-A058-1C049A17BFB3}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISER_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-002A-0000-1000-0000000FF1CE}_VISPRO_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-0051-0000-0000-0000000FF1CE}_VISPRO_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{91120000-0030-0000-0000-0000000FF1CE}_ENTERPRISER_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (HKLM-x32\...\{90120000-0051-0000-0000-0000000FF1CE}_VISPRO_{E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (HKLM-x32\...\{91120000-0030-0000-0000-0000000FF1CE}_ENTERPRISER_{E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}) (Version:  - Microsoft)
Update for Microsoft Office Access 2007 Help (KB963663) (HKLM-x32\...\{90120000-0015-0409-0000-0000000FF1CE}_ENTERPRISER_{6B76A18A-AA1E-42AB-A7AD-6C84BBB43987}) (Version:  - Microsoft)
Update for Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0409-0000-0000000FF1CE}_ENTERPRISER_{199DF7B6-169C-448C-B511-1054101BE9C9}) (Version:  - Microsoft)
Update for Microsoft Office Infopath 2007 Help (KB963662) (HKLM-x32\...\{90120000-0044-0409-0000-0000000FF1CE}_ENTERPRISER_{716B81B8-B13C-41DF-8EAC-7A2F656CAB63}) (Version:  - Microsoft)
Update for Microsoft Office OneNote 2007 Help (KB963670) (HKLM-x32\...\{90120000-00A1-0409-0000-0000000FF1CE}_ENTERPRISER_{2744EF05-38E1-4D5D-B333-E021EDAEA245}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition (HKLM-x32\...\{90120000-001A-0409-0000-0000000FF1CE}_ENTERPRISER_{ED38F8A3-4F61-494E-8BCA-E3AC7760C924}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2863811) 32-Bit Edition (HKLM-x32\...\{91120000-0030-0000-0000-0000000FF1CE}_ENTERPRISER_{53DEC068-4690-4F6B-9946-7D21EF02236B}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 Help (KB963677) (HKLM-x32\...\{90120000-001A-0409-0000-0000000FF1CE}_ENTERPRISER_{0451F231-E3E3-4943-AB9F-58EB96171784}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2889914) 32-Bit Edition (HKLM-x32\...\{91120000-0030-0000-0000-0000000FF1CE}_ENTERPRISER_{F3F83933-75FC-4B60-84F2-3F8FA63D042E}) (Version:  - Microsoft)
Update for Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0409-0000-0000000FF1CE}_ENTERPRISER_{397B1D4F-ED7B-4ACA-A637-43B670843876}) (Version:  - Microsoft)
Update for Microsoft Office Publisher 2007 Help (KB963667) (HKLM-x32\...\{90120000-0019-0409-0000-0000000FF1CE}_ENTERPRISER_{2E40DE55-B289-4C8B-8901-5D369B16814F}) (Version:  - Microsoft)
Update for Microsoft Office Script Editor Help (KB963671) (HKLM-x32\...\{90120000-006E-0409-0000-0000000FF1CE}_ENTERPRISER_{CD11C6A2-FFC6-4271-8EAB-79C3582F505C}) (Version:  - Microsoft)
Update for Microsoft Office Script Editor Help (KB963671) (HKLM-x32\...\{90120000-006E-0409-0000-0000000FF1CE}_VISPRO_{CD11C6A2-FFC6-4271-8EAB-79C3582F505C}) (Version:  - Microsoft)
Update for Microsoft Office Visio 2007 Help (KB963666) (HKLM-x32\...\{90120000-0054-0409-0000-0000000FF1CE}_VISPRO_{D2C4ACC9-12F5-4E1C-81A8-5DC878AC6278}) (Version:  - Microsoft)
Update for Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0409-0000-0000000FF1CE}_ENTERPRISER_{80E762AA-C921-4839-9D7D-DB62A72C0726}) (Version:  - Microsoft)
VC User CRT71 RTL X86 --- (x32 Version: 1.0 - Microsoft Corporation) Hidden
VC User MFC71 RTL X86 --- (x32 Version: 1.0 - Microsoft Corporation) Hidden
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
Vegas Pro 12.0 (64-bit) (HKLM\...\{64A98EF1-2680-11E3-A909-F04DA23A5C58}) (Version: 12.0.726 - Sony)
Visual F# 3.1.1 SDK (x32 Version: 12.0.30110 - Microsoft Corporation) Hidden
Visual F# 3.1.1 VS (x32 Version: 12.0.30110 - Microsoft Corporation) Hidden
Visual Studio 2013 Prerequisites - ENU Language Pack (Version: 12.0.21005 - Microsoft Corporation) Hidden
Visual Studio 2013 Prerequisites (Version: 12.0.21005 - Microsoft Corporation) Hidden
Visual Studio 2013 Update 1 (KB2829760) (HKLM-x32\...\{67640e67-6563-4e54-9273-4242ca174290}) (Version: 12.0.30112 - Microsoft Corporation)
Visual Studio Extensions for Windows Library for JavaScript (x32 Version: 1.0.9202.20789 - Microsoft Corporation) Hidden
Visual Studio Extensions for Windows Library for JavaScript (x32 Version: 1.0.9600.16408 - Microsoft Corporation) Hidden
Vixen 3.0.10 (64-bit) (HKLM-x32\...\Vixen) (Version: 3.0.10.45 - Vixen - Lighting Automation)
VLC media player (HKLM\...\VLC media player) (Version: 2.1.5 - VideoLAN)
WCF Data Services 5.6.0 Runtime (x32 Version: 5.6.61587.0 - Microsoft Corporation) Hidden
WCF Data Services Tools for Microsoft Visual Studio 2013 (x32 Version: 5.6.61587.0 - Microsoft Corporation) Hidden
WCF RIA Services V1.0 SP2 (HKLM-x32\...\{5D8DD6A8-C4D7-4554-93F9-F1CC28C72600}) (Version: 4.1.62812.0 - Microsoft Corporation)
WebReg (x32 Version: 130.0.132.017 - Hewlett-Packard) Hidden
Welcome App (Start-up experience) (x32 Version: 12.0.15000 - Nero AG) Hidden
Windows App Certification Kit Native Components (Version: 8.100.25984 - Microsoft Corporation) Hidden
Windows App Certification Kit x64 (x32 Version: 8.100.26074 - Microsoft Corporation) Hidden
Windows Azure Mobile Services SDK (x32 Version: 1.0.10815.0 - Microsoft Corporation) Hidden
Windows Azure Mobile Services Tools for Visual Studio 2013 Preview - v1.0 (x32 Version: 1.0.60906.1602 - Microsoft Corporation) Hidden
Windows Azure Shared Components for Microsoft Visual Studio 2013 - v1.0 (x32 Version: 1.0.10829.1601 - Microsoft Corporation) Hidden
Windows Azure Tools for LightSwitch for Visual Studio 2013 - March 2014 Update - v2.2 (x32 Version: 2.2.20221.1601 - Microsoft) Hidden
Windows Azure Tools for LightSwitch for Visual Studio 2013 - v2.1 (x32 Version: 2.1.10909.1601 - Microsoft) Hidden
Windows Live Communications Platform (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3508.0205 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4311.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Media Player Firefox Plugin (HKLM-x32\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
Windows Runtime Intellisense Content - en-us (x32 Version: 8.100.25984 - Microsoft Corporation) Hidden
Windows Software Development Kit (x32 Version: 8.100.25984 - Microsoft Corporation) Hidden
Windows Software Development Kit (x32 Version: 8.59.29989 - Microsoft Corporation) Hidden
Windows Software Development Kit DirectX x64 Remote (Version: 8.100.25984 - Microsoft Corporation) Hidden
Windows Software Development Kit DirectX x64 Remote (Version: 8.59.29989 - Microsoft Corporation) Hidden
Windows Software Development Kit DirectX x86 Remote (x32 Version: 8.100.25984 - Microsoft Corporation) Hidden
Windows Software Development Kit DirectX x86 Remote (x32 Version: 8.59.29989 - Microsoft Corporation) Hidden
Windows Software Development Kit for Windows Store Apps (x32 Version: 8.100.25984 - Microsoft Corporation) Hidden
Windows Software Development Kit for Windows Store Apps DirectX x64 Remote (Version: 8.100.25984 - Microsoft Corporation) Hidden
Windows Software Development Kit for Windows Store Apps DirectX x86 Remote (x32 Version: 8.100.25984 - Microsoft Corporation) Hidden
Windows XP Targeting with C++ (Version: 11.0.51106 - Microsoft Corporation) Hidden
Windows XP Targeting with C++ (x32 Version: 11.0.51106 - Microsoft Corporation) Hidden
WinPcap 3.0 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2001 - Politecnico di Torino)
WinX HD Video Converter Deluxe 4.2.3 (HKLM-x32\...\WinX HD Video Converter Deluxe_is1) (Version:  - Digiarty Software, Inc.)
WinZip 17.5 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C240DB}) (Version: 17.5.10480 - WinZip Computing, S.L. )
WiX Toolset v3.8 Core (x32 Version: 3.8.1128.0 - Outercurve Foundation) Hidden
WiX Toolset v3.8 Managed SDK (x32 Version: 3.8.1128.0 - Outercurve Foundation) Hidden
WiX Toolset v3.8 Native 2013 SDK (x32 Version: 3.8.1128.0 - Outercurve Foundation) Hidden
WiX Toolset v3.8 Visual Studio Integration (x32 Version: 3.8.1128.0 - Outercurve Foundation) Hidden
WiX Toolset v3.8 X64 (Version: 3.8.1128.0 - Outercurve Foundation) Hidden
WiX Toolset v3.8.1128.0 (HKLM-x32\...\{a9ee4e53-3e8c-4c6e-8183-a108d2f12a8e}) (Version: 3.8.1128.0 - Outercurve Foundation)
Workflow Manager Client 1.0 (HKLM\...\{A5ABAF5F-B5B6-44B3-B69F-2E13DC60FC9F}) (Version: 2.0.40131.0 - Microsoft Corporation)
Workflow Manager Tools 1.0 for Visual Studio (HKLM\...\{3F757C38-DEBF-4053-81C2-CF009B58DDE5}) (Version: 2.0.40131.0 - Microsoft Corporation)
X10 Hardware™ (HKLM-x32\...\X10Hardware) (Version:  - )
x64 Components v4.7.5 (HKLM\...\Advanced x64Components_is1) (Version: 4.7.5 - Shark007)
x64Components v2.1.3 (HKLM\...\Standard x64Components_is1) (Version: 2.1.3 - Shark007)
xLights-Nutcracker version 3.4.13 (HKLM-x32\...\xLights-Nutcracker_is1) (Version: 3.4.13 - )
XML Notepad 2007 (HKLM-x32\...\{FC7BACF0-1FFA-4605-B3B4-A66AB382752D}) (Version: 2.3.0.0 - Microsoft Corporation)
Zip Motion Block Video codec (Remove Only) (HKLM-x32\...\ZMBV) (Version:  - DOSBox Team)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-2418582845-3554272899-2585186520-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> D:\Users\Pickett_Kevin\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2418582845-3554272899-2585186520-1000_Classes\CLSID\{25815CC0-43F4-3C75-8C3A-A139D9ADE740}\InprocServer32 -> C:\Windows\system32\mscoree.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2418582845-3554272899-2585186520-1000_Classes\CLSID\{3560575F-7C2D-48AE-AB45-DAD430A95EBE}\InprocServer32 -> d:\Program Files\WinZip\adxloader64.dll ()
CustomCLSID: HKU\S-1-5-21-2418582845-3554272899-2585186520-1000_Classes\CLSID\{b5eedee0-c06e-11cf-8c56-444553540000}\InprocServer32 -> D:\Program Files (x86)\IDM Computer Solutions\UltraEdit\ue64ctmn.dll ()
CustomCLSID: HKU\S-1-5-21-2418582845-3554272899-2585186520-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> D:\Users\Pickett_Kevin\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2418582845-3554272899-2585186520-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> D:\Users\Pickett_Kevin\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2418582845-3554272899-2585186520-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> D:\Users\Pickett_Kevin\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2418582845-3554272899-2585186520-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> D:\Users\Pickett_Kevin\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2418582845-3554272899-2585186520-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> D:\Users\Pickett_Kevin\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2418582845-3554272899-2585186520-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> D:\Users\Pickett_Kevin\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2418582845-3554272899-2585186520-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> D:\Users\Pickett_Kevin\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2418582845-3554272899-2585186520-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> D:\Users\Pickett_Kevin\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)

==================== Restore Points  =========================

29-09-2014 20:50:31 Removed Blue Iris 3
29-09-2014 20:53:24 Removed LYNX DMX DECK
29-09-2014 20:53:55 Removed Microsoft Help Viewer 2.0
29-09-2014 20:54:47 Removed Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
29-09-2014 20:55:07 Removed Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
29-09-2014 20:55:20 Removed Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
29-09-2014 20:55:39 Removed Microsoft Visual C++ 2005 Redistributable (x64)
29-09-2014 22:35:53 Installed iSpy (64 bit)
01-10-2014 15:16:14 Installed H.264 Camera Client
01-10-2014 17:29:09 Removed iSpy (64 bit)
01-10-2014 17:33:35 Installed Blue Iris 3
02-10-2014 19:13:51 Windows Modules Installer
02-10-2014 19:26:41 Windows Update

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2014-09-28 11:02 - 2014-10-02 10:25 - 00000822 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {078A9BFD-5A36-449A-BCB8-D376C1AFA2BC} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-2418582845-3554272899-2585186520-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2013-04-16] (RealNetworks, Inc.)
Task: {2799DD2E-F463-440E-89B8-DBEFD2BD8680} - \ProPCCleaner_Popup No Task File <==== ATTENTION
Task: {4B230B4E-1B6D-4148-AB4B-221732AD9116} - System32\Tasks\ReclaimerUpdateXML_Pickett_Kevin => D:\Users\Pickett_Kevin\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\11.02\agent\rnupgagent.exe [2014-09-30] (RealNetworks, Inc.)
Task: {5A8A7025-2C45-4CE9-8CBC-13899E34A6CA} - \LaunchSignup No Task File <==== ATTENTION
Task: {66C6EBA1-2AFD-4DAD-8E8A-8C7C249EAF55} - System32\Tasks\DeskShare\Security Monitor Pro\SMP_62cc62cf-f8eb-40c7-839f-930b168f34f4 => D:\Program Files (x86)\Deskshare\Security Monitor Pro 5\Security Monitor Pro.exe
Task: {674163D9-7BDD-4B18-A1A7-896D9D5EB3D3} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-2418582845-3554272899-2585186520-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2013-04-16] (RealNetworks, Inc.)
Task: {6C706A48-7E40-4633-9138-9B83EAD5ADE9} - \RocketTab No Task File <==== ATTENTION
Task: {70955920-0F53-4B4C-B331-C420778CD8A0} - \YTDownloader No Task File <==== ATTENTION
Task: {7350A6A2-733A-443D-A8A5-6971EA037208} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-09-29] (Google Inc.)
Task: {737AECAB-3BDB-4A44-83D3-3079A1A9F4F1} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-09-29] (Google Inc.)
Task: {8DA59D4D-6820-413E-B696-8356F5347643} - \SMupdate1 No Task File <==== ATTENTION
Task: {9197187D-F839-471C-8A7D-600A4A6A5B01} - System32\Tasks\RNUpgradeHelperResumePrompt_Pickett_Kevin => D:\Users\Pickett_Kevin\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\11.02\agent\rnupgagent.exe [2014-09-30] (RealNetworks, Inc.)
Task: {A1D60D55-A6B8-401B-BC05-2938E02DF2F2} - System32\Tasks\Microsoft\Windows Defender\MP Scheduled Scan => d:\program files\windows defender\MpCmdRun.exe
Task: {A3E25086-CCE8-4409-8593-C24AE2337A4C} - System32\Tasks\AdobeAAMUpdater-1.0-ASUS_I7-Pickett_Kevin => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2014-02-27] (Adobe Systems Incorporated)
Task: {A766EDF9-B488-48F7-B309-DA1C67BD4389} - System32\Tasks\Microsoft\Windows\Media Center\Extender\Update media permissions for Mcx1-ASUS_I7 => C:\Windows\ehome\McxTask.exe [2009-07-13] (Microsoft Corporation)
Task: {ADB2D0BC-D34E-42CA-BC9F-FDCBF6FA9210} - \ProPCCleaner_Start No Task File <==== ATTENTION
Task: {C4E8B14A-4159-4C58-BDAD-281DBBFC97E8} - System32\Tasks\Microsoft\Windows Defender\MpIdleTask => d:\program files\windows defender\MpCmdRun.exe
Task: {CCBA2965-CA24-49E6-9644-D463B5836BAA} - System32\Tasks\CCleanerSkipUAC => D:\Program Files\CCleaner\CCleaner.exe [2014-09-26] (Piriform Ltd)
Task: {D321EDD7-366F-4B52-9928-2BD3CD8AC5A4} - System32\Tasks\Red Giant Link => C:\Program Files (x86)\Red Giant Link\Red Giant Link.exe
Task: {D3F4B605-7458-42A1-BCA5-D1CA0ECFBEA1} - System32\Tasks\RNUpgradeHelperLogonPrompt_Pickett_Kevin => D:\Users\Pickett_Kevin\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\11.02\agent\rnupgagent.exe [2014-09-30] (RealNetworks, Inc.)
Task: {DAF47DE7-34CA-4FA3-A23B-CFECA9981182} - System32\Tasks\ASUS\ASUS AI Suite II Execute => C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe [2012-03-13] (ASUSTeK Computer Inc.)
Task: {DF9BE5B8-CEB4-4676-9BAC-82406088CE09} - System32\Tasks\ASUS\USB 3.0 Boost Service => C:\Program Files (x86)\ASUS\AI Suite II\USB 3.0 Boost\U3BoostSvr.exe [2011-09-09] ()
Task: {E1DEB1EF-B071-4BED-81F3-1ED51473D252} - System32\Tasks\ASUS\Easy Update => C:\Program Files (x86)\ASUS\AI Suite II\EasyUpdate\EzUpdt.exe [2012-10-08] ()
Task: {E5A22BD2-416F-4D42-A2D0-5BFCB13A94F9} - System32\Tasks\ASUS\ASUS Mobilink Execute => C:\Program Files (x86)\ASUS\AI Suite II\ASUS Mobilink\ASUS Mobilink.exe [2010-11-25] (ASUSTeK Computer Inc.)
Task: {F257D46A-E2D3-43AC-91CB-5D6991F0E592} - \RocketTab Update Task No Task File <==== ATTENTION
Task: {F9EB62F8-310F-43A7-97AF-62DFFE4E1FF2} - System32\Tasks\ASUS\ASUS DigiVRM Help => C:\Program Files (x86)\ASUS\AI Suite II\DIGI+ VRM\VRMHelp.exe [2011-04-13] (ASUSTeK Computer Inc.)
Task: {FE1E74CC-4BE3-4E0C-9914-58E07F111FEE} - System32\Tasks\ReclaimerUpdateFiles_Pickett_Kevin => D:\Users\Pickett_Kevin\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\11.02\agent\rnupgagent.exe [2014-09-30] (RealNetworks, Inc.)
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\ReclaimerUpdateFiles_Pickett_Kevin.job => D:\Users\Pickett_Kevin\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\11.02\agent\rnupgagent.exe
Task: C:\Windows\Tasks\ReclaimerUpdateXML_Pickett_Kevin.job => D:\Users\Pickett_Kevin\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\11.02\agent\rnupgagent.exe
Task: C:\Windows\Tasks\RNUpgradeHelperLogonPrompt_Pickett_Kevin.job => D:\Users\Pickett_Kevin\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\11.02\agent\rnupgagent.exe

==================== Loaded Modules (whitelisted) =============

2013-06-15 13:18 - 2013-06-15 13:18 - 00920736 _____ () C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe
2013-04-16 03:07 - 2013-04-16 03:07 - 00039056 _____ () C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
2014-05-01 13:29 - 2014-05-01 13:29 - 00098304 ____C () D:\Program Files (x86)\FileZilla FTP Client\fzshellext_64.dll
2013-06-15 13:20 - 2012-10-08 17:48 - 01404800 _____ () C:\Program Files (x86)\ASUS\AI Suite II\EasyUpdate\EzUpdt.exe
2014-08-19 14:54 - 2014-09-01 14:00 - 00285184 ____C () d:\Program Files\Shark007\filters\libbluray.dll
2014-09-17 10:44 - 2014-07-21 14:00 - 04374016 ____C () d:\Program Files\Shark007\filters\ffdshow.ax
2014-09-17 10:44 - 2013-04-06 00:27 - 02231296 _____ () C:\Windows\system32\ac3filter.acm
2014-01-20 14:17 - 2014-01-20 14:17 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-01-20 14:16 - 2014-01-20 14:16 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2013-10-29 11:08 - 2014-10-02 13:36 - 00025600 _____ () C:\Program Files (x86)\ASUS\AXSP\1.00.19\PEbiosinterface32.dll
2013-06-15 13:18 - 2012-10-12 02:58 - 00104448 _____ () C:\Program Files (x86)\ASUS\AXSP\1.00.19\ATKEX.dll
2013-06-15 13:20 - 2012-09-19 15:38 - 05012856 _____ () C:\Program Files (x86)\ASUS\AI Suite II\EasyUpdate\EzULIB.dll
2013-06-15 13:20 - 2010-06-21 15:21 - 00208896 _____ () C:\Program Files (x86)\ASUS\AI Suite II\EasyUpdate\ImageHelper.dll
2013-06-15 13:41 - 2010-11-25 15:12 - 00086016 _____ () C:\Program Files (x86)\ASUS\AI Suite II\ASUS Mobilink\iPhone Simulator\AsNetlib.dll
2013-06-15 13:41 - 2010-11-25 15:12 - 00661504 _____ () C:\Program Files (x86)\ASUS\AI Suite II\ASUS Mobilink\iPhone Simulator\aaHMLib.dll
2013-06-15 13:41 - 2010-11-25 15:12 - 00253952 _____ () C:\Program Files (x86)\ASUS\AI Suite II\ASUS Mobilink\iPhone Simulator\pngio.dll
2013-06-15 13:41 - 2010-11-25 15:12 - 00208896 _____ () C:\Program Files (x86)\ASUS\AI Suite II\ASUS Mobilink\iPhone Simulator\ImageHelper.dll
2013-06-15 13:41 - 2013-06-15 13:38 - 00061440 _____ () C:\Program Files (x86)\ASUS\AI Suite II\ASUS Mobilink\Simulator\AsMultiLang.dll
2013-06-15 13:41 - 2013-06-15 13:38 - 00661504 _____ () C:\Program Files (x86)\ASUS\AI Suite II\ASUS Mobilink\Simulator\aaHMLib.dll
2013-06-15 13:41 - 2013-06-15 13:38 - 00703488 _____ () C:\Program Files (x86)\ASUS\AI Suite II\ASUS Mobilink\Simulator\CpuFreq.dll
2013-06-15 13:41 - 2013-06-15 13:38 - 00114688 _____ () C:\Program Files (x86)\ASUS\AI Suite II\ASUS Mobilink\Simulator\AssistFunc.dll
2013-06-15 13:44 - 2013-06-15 13:39 - 00053248 _____ () C:\Program Files (x86)\ASUS\AI Suite II\TurboV EVO\HookKey32.dll
2013-06-15 13:44 - 2009-05-21 10:14 - 00253952 _____ () C:\Program Files (x86)\ASUS\AI Suite II\TurboV EVO\pngio.dll
2013-06-15 13:20 - 2011-07-12 19:14 - 00147456 _____ () C:\Program Files (x86)\ASUS\AI Suite II\AssistFunc.dll
2013-06-15 13:20 - 2010-10-05 08:22 - 00253952 _____ () C:\Program Files (x86)\ASUS\AI Suite II\pngio.dll
2013-06-15 13:48 - 2011-09-26 19:36 - 00869376 _____ () C:\Program Files (x86)\ASUS\AI Suite II\AI Charger+\AIChargerPlus.dll
2013-06-15 13:20 - 2012-03-21 12:07 - 00972288 _____ () C:\Program Files (x86)\ASUS\AI Suite II\BarGadget\BarGadget.dll
2013-06-15 13:42 - 2011-01-19 21:23 - 01655296 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Bluetooth Go!\BluetoothGo.dll
2013-06-15 13:20 - 2012-08-01 10:51 - 01040896 _____ () C:\Program Files (x86)\ASUS\AI Suite II\EasyUpdate\EasyUpdt.dll
2013-06-15 13:43 - 2010-12-01 12:33 - 01244672 _____ () C:\Program Files (x86)\ASUS\AI Suite II\MyLogo\MyLogo.dll
2013-06-15 13:44 - 2011-01-06 10:38 - 01027072 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Probe_II\ProbeII.dll
2013-06-15 13:20 - 2012-05-25 10:33 - 00883712 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Sensor\Sensor.dll
2013-06-15 13:20 - 2012-05-28 21:27 - 01622528 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Sensor Graph\SensorGraph.dll
2013-06-15 13:20 - 2011-09-19 20:18 - 01243136 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Settings\Settings.dll
2013-06-15 13:20 - 2011-07-21 09:06 - 00846848 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Splitter\Splitter.dll
2013-06-15 13:20 - 2011-10-14 20:03 - 00885248 _____ () C:\Program Files (x86)\ASUS\AI Suite II\TabGadget\TabGadget.dll
2013-06-15 13:18 - 2012-09-11 16:52 - 00662016 _____ () C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMLib.dll
2013-06-15 13:20 - 2010-10-05 08:22 - 00208896 _____ () C:\Program Files (x86)\ASUS\AI Suite II\ImageHelper.dll
2013-06-15 13:20 - 2009-08-12 20:15 - 00253952 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Sensor\AlertHelper\pngio.dll
2013-06-15 13:57 - 2011-08-23 21:37 - 00059904 _____ () C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IsdiInterop.dll
2014-09-06 10:44 - 2014-09-06 10:44 - 00035328 ____C () D:\Program Files (x86)\FileZilla FTP Client\fzshellext.dll
2014-05-24 10:41 - 2014-05-24 10:41 - 00091648 ____C () D:\Program Files (x86)\FileZilla FTP Client\libgcc_s_sjlj-1.dll
2014-05-24 10:41 - 2014-05-24 10:41 - 00892416 ____C () D:\Program Files (x86)\FileZilla FTP Client\libstdc++-6.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\ProgramData\Microsoft:5RuzemZJUnDfIYE0mNXI
AlternateDataStreams: C:\ProgramData\Microsoft:aarOOjjTtyI2F13dwmqha
AlternateDataStreams: C:\ProgramData\Microsoft:klccog60WQXGKv8gv4QzeoD
AlternateDataStreams: C:\ProgramData\Microsoft:samtzRLIBVKz7rdE75K7cU9INCI5
AlternateDataStreams: C:\ProgramData\TEMP:054203E4
AlternateDataStreams: D:\Users\Pickett_Kevin\AppData\Local:PIR8WdUTthUoOkkacK

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^CineForm Status.lnk => C:\Windows\pss\CineForm Status.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Minleon LightShow Pro Scheduler - Auto Update.lnk => C:\Windows\pss\Minleon LightShow Pro Scheduler - Auto Update.lnk.CommonStartup
MSCONFIG\startupreg: Acrobat Assistant 8.0 => "D:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe"
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: AdobeBridge =>
MSCONFIG\startupreg: AthBtTray => "C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe"
MSCONFIG\startupreg: AtherosBtStack => "C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe"
MSCONFIG\startupreg: DFX => d:\Program Files (x86)\DFX\DFX.exe -startup
MSCONFIG\startupreg: GarminExpressTrayApp => "d:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe"
MSCONFIG\startupreg: GrooveMonitor => "D:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
MSCONFIG\startupreg: HP Software Update => D:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
MSCONFIG\startupreg: IAStorIcon => C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
MSCONFIG\startupreg: iTunesHelper => "D:\Program Files (x86)\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: LightShowProHelper => D:\Program Files\Minleon\LightShowPro\LightShowProHelper.exe
MSCONFIG\startupreg: PWRISOVM.EXE => D:\Program Files\PowerISO\PWRISOVM.EXE -startup
MSCONFIG\startupreg: QuickTime Task => "D:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: RtHDVCpl => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
MSCONFIG\startupreg: SwitchBoard => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
MSCONFIG\startupreg: Syncios device service => D:\Program Files (x86)\Syncios\SynciosDeviceService.exe
MSCONFIG\startupreg: TkBellExe => "D:\Program Files (x86)\RealPlayer\update\realsched.exe"  -osboot
MSCONFIG\startupreg: tsiVideo => C:\Windows\SysWOW64\rundll32.exe D:\Users\PICKET~1\AppData\Local\Temp\\mdi164.dll,runme

========================= Accounts: ==========================

Administrator (S-1-5-21-2418582845-3554272899-2585186520-500 - Administrator - Enabled) => D:\Users\Administrator
ASPNET (S-1-5-21-2418582845-3554272899-2585186520-1006 - Limited - Enabled)
Guest (S-1-5-21-2418582845-3554272899-2585186520-501 - Limited - Enabled)
Mcx1-ASUS_I7 (S-1-5-21-2418582845-3554272899-2585186520-1002 - Limited - Enabled) => D:\Users\Mcx1-ASUS_I7
Pickett_Kevin (S-1-5-21-2418582845-3554272899-2585186520-1000 - Administrator - Enabled) => D:\Users\Pickett_Kevin

==================== Faulty Device Manager Devices =============

Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft Teredo Tunneling Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

Name: Officejet 4500 G510g-m
Description: Officejet 4500 G510g-m
Class Guid: {6bdd1fc6-810f-11d0-bec7-08002be2092f}
Manufacturer: HP
Service: StillCam
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Officejet 4500 G510g-m
Description: Officejet 4500 G510g-m
Class Guid: {4d36e971-e325-11ce-bfc1-08002be10318}
Manufacturer: HP
Service:
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Intel® PRO/1000 GT Desktop Adapter
Description: Intel® PRO/1000 GT Desktop Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel
Service: E1G60
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (10/03/2014 00:30:18 AM) (Source: SideBySide) (EventID: 9) (User: )
Description: Activation context generation failed for "1".Error in manifest or policy file "2" on line 3.
The manifest file root element must be assembly.

Error: (10/02/2014 05:47:22 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: vlc.exe, version: 2.1.5.0, time stamp: 0x00000000
Faulting module name: ntdll.dll, version: 6.1.7601.18247, time stamp: 0x521eaf24
Exception code: 0xc0000005
Fault offset: 0x0000000000018e5d
Faulting process id: 0x1ddc
Faulting application start time: 0xvlc.exe0
Faulting application path: vlc.exe1
Faulting module path: vlc.exe2
Report Id: vlc.exe3

Error: (10/02/2014 01:41:35 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 009 language ID. The first DWORD in the Data section contains the Win32 error code.

Error: (10/02/2014 01:41:35 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 009 language ID. The first DWORD in the Data section contains the Win32 error code.

Error: (10/02/2014 01:37:57 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (10/02/2014 01:32:54 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: ASUS_I7)
Description: Unable to read the performance counter strings defined for the 009 language ID. The first DWORD in the Data section contains the Win32 error code.

Error: (10/02/2014 01:32:54 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: ASUS_I7)
Description: Unable to read the performance counter strings defined for the 009 language ID. The first DWORD in the Data section contains the Win32 error code.

Error: (10/02/2014 01:32:53 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: ASUS_I7)
Description: Unable to read the performance counter strings defined for the 009 language ID. The first DWORD in the Data section contains the Win32 error code.

Error: (10/02/2014 01:27:42 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 009 language ID. The first DWORD in the Data section contains the Win32 error code.

Error: (10/02/2014 01:27:42 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 009 language ID. The first DWORD in the Data section contains the Win32 error code.


System errors:
=============
Error: (10/02/2014 01:36:15 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
AFS

Error: (10/02/2014 01:36:12 PM) (Source: APPHOSTSVC) (EventID: 9010) (User: )
Description: The Application Host Helper Service encountered an error trying to access the root history directory 'C:\inetpub\history'.  The directory either doesn't exist or the permissions on it don't allow the history service to access it. The config history feature is disabled for now and will be re-enabled after the issue is resolved. To resolve this issue, please ensure that the directory exists and that the Administrators group have read and write access to it.  The data field contains the error number.

Error: (10/02/2014 01:34:37 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Windows Search service failed to start due to the following error:
%%1053

Error: (10/02/2014 01:34:37 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Windows Search service to connect.

Error: (10/02/2014 01:31:34 PM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )
Description: %NT AUTHORITY60 has encountered an error trying to update signatures.

    New Signature Version:

    Previous Signature Version: 1.185.1347.0

    Update Source: %NT AUTHORITY59

    Update Stage: 4.5.0216.00

    Source Path: 4.5.0216.01

    Signature Type: %NT AUTHORITY602

    Update Type: %NT AUTHORITY604

    User: NT AUTHORITY\SYSTEM

    Current Engine Version: %NT AUTHORITY605

    Previous Engine Version: %NT AUTHORITY606

    Error code: %NT AUTHORITY607

    Error description: %NT AUTHORITY608

Error: (10/02/2014 01:31:34 PM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )
Description: %NT AUTHORITY60 has encountered an error trying to update signatures.

    New Signature Version:

    Previous Signature Version: 1.185.1347.0

    Update Source: %NT AUTHORITY59

    Update Stage: 4.5.0216.00

    Source Path: 4.5.0216.01

    Signature Type: %NT AUTHORITY602

    Update Type: %NT AUTHORITY604

    User: NT AUTHORITY\SYSTEM

    Current Engine Version: %NT AUTHORITY605

    Previous Engine Version: %NT AUTHORITY606

    Error code: %NT AUTHORITY607

    Error description: %NT AUTHORITY608

Error: (10/02/2014 01:31:34 PM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )
Description: %NT AUTHORITY60 has encountered an error trying to update signatures.

    New Signature Version:

    Previous Signature Version: 1.185.1347.0

    Update Source: %NT AUTHORITY59

    Update Stage: 4.5.0216.00

    Source Path: 4.5.0216.01

    Signature Type: %NT AUTHORITY602

    Update Type: %NT AUTHORITY604

    User: NT AUTHORITY\SYSTEM

    Current Engine Version: %NT AUTHORITY605

    Previous Engine Version: %NT AUTHORITY606

    Error code: %NT AUTHORITY607

    Error description: %NT AUTHORITY608

Error: (10/02/2014 01:21:17 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
AFS

Error: (10/02/2014 01:21:14 PM) (Source: APPHOSTSVC) (EventID: 9010) (User: )
Description: The Application Host Helper Service encountered an error trying to access the root history directory 'C:\inetpub\history'.  The directory either doesn't exist or the permissions on it don't allow the history service to access it. The config history feature is disabled for now and will be re-enabled after the issue is resolved. To resolve this issue, please ensure that the directory exists and that the Administrators group have read and write access to it.  The data field contains the error number.

Error: (10/02/2014 01:15:38 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
AFS


Microsoft Office Sessions:
=========================

CodeIntegrity Errors:
===================================
  Date: 2014-10-03 08:29:18.866
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\sxs.dll because the set of per-page image hashes could not be found on the system.

  Date: 2014-10-02 17:18:25.851
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\sxs.dll because the set of per-page image hashes could not be found on the system.

  Date: 2014-10-02 17:03:21.260
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\sxs.dll because the set of per-page image hashes could not be found on the system.

  Date: 2014-10-02 16:50:34.357
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\sxs.dll because the set of per-page image hashes could not be found on the system.

  Date: 2014-10-02 16:32:20.338
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\sxs.dll because the set of per-page image hashes could not be found on the system.

  Date: 2014-10-02 16:16:54.278
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\sxs.dll because the set of per-page image hashes could not be found on the system.

  Date: 2014-10-02 14:34:28.341
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\sxs.dll because the set of per-page image hashes could not be found on the system.

  Date: 2014-10-02 14:09:16.583
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\sxs.dll because the set of per-page image hashes could not be found on the system.

  Date: 2014-10-02 14:01:14.142
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\sxs.dll because the set of per-page image hashes could not be found on the system.

  Date: 2014-10-02 13:50:43.407
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\sxs.dll because the set of per-page image hashes could not be found on the system.


==================== Memory info ===========================

Processor: Intel® Core™ i7-2600K CPU @ 3.40GHz
Percentage of memory in use: 20%
Total physical RAM: 16281.14 MB
Available physical RAM: 12933.38 MB
Total Pagefile: 32560.46 MB
Available Pagefile: 28681.88 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB

==================== Drives ================================

Drive c: (System) (Fixed) (Total:111.69 GB) (Free:33.14 GB) NTFS
Drive d: (Data) (Fixed) (Total:931.51 GB) (Free:689.46 GB) NTFS
Drive f: (FreeAgent Drive) (Fixed) (Total:465.76 GB) (Free:342.63 GB) NTFS
Drive g: (MultiMedia) (Fixed) (Total:465.76 GB) (Free:53.3 GB) NTFS
Drive h: (Security) (Fixed) (Total:931.51 GB) (Free:931.29 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 111.8 GB) (Disk ID: 1575E454)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=111.7 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 6EB33B5A)
Partition 1: (Active) - (Size=931.5 GB) - (Type=07 NTFS)

========================================================
Disk: 2 (Size: 465.8 GB) (Disk ID: A4B57300)
Partition 1: (Active) - (Size=465.8 GB) - (Type=07 NTFS)

========================================================
Disk: 3 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: B37CC5E8)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)

========================================================
Disk: 4 (Size: 465.8 GB) (Disk ID: CF07862C)
Partition 1: (Active) - (Size=465.8 GB) - (Type=07 NTFS)

==================== End Of Log ============================


  • 0

#8
Biscuithd
Posted 04 October 2014 - 07:23 AM

Biscuithd

    Trusted Helper

  • Malware Removal
  • 2,573 posts

Hi Kevin

 

Although FRST showed little of consequence, we will remove what it did find. Additionally, I am going to have you run two additional scans, as a precaution, to check for RootKits and Rogues. If nothing turns up, I'll finish the cleaning in the next post and send you on your way. If otherwise, we'll handle accordingly :)

 

I suspect you already know the trouble P2P's cause, as it looks like this isn't your first infection caused by such. However, I will post the waning just in case.

 

warning.gif P2P warning!
 

  • P2P programs, as they are legal itself, are often used to obtain some illegal downloads. Currently it's one of the best ways to get infected. There have been some extreme cases in which passwords, private or financial data was exposed to file sharing network because of bad P2P configuration.

I strongly recommend full uninstallation of any P2P apps. To do so:

  • Press the WindowsKey.png + R on your keyboard at the same time. Type appwiz.cpl and click OK.
  • Search for previously mentioned program(s), right-click the entry and click Uninstall.

FRST.gif Fix with Farbar Recovery Scan Tool



icon_exclaim.gif This fix was created for this user for use on that particular machine. icon_exclaim.gif
icon_exclaim.gif Running it on another one may cause damage and render the system unstable. icon_exclaim.gif

Press the WindowsKey.png + R on your keyboard at the same time. Type Notepad and click OK.

  • Copy the entire content of the codebox below and paste into the Notepad document:
    start

HKLM-x32\...\Run: [] => [X]

C:\Program Files\Common Files\Goobzo\GBUpdate\smw.sys [X]

Handler: belarc - {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} -  No File

end
  • Click File, Save As and type fixlist.txt as the File Name.

Both files, FRST and fixlist.txt have to be in the same location or the fix will not work!


  • Right-click on FRST.gif icon and select RunAsAdmin.jpg Run as Administrator to start the tool.
    (XP users click run after receipt of Windows Security Warning - Open File).
  • Press the Fix button just once and wait.
  • If for some reason the tool needs a restart, please make sure you let the system restart normally. After that let the tool complete its run.
  • When finished FRST will generate a log on the Desktop, called Fixlog.txt.

Please post it to your reply.

 

Scan with aswMBR:

Please download aswMBR to your desktop.

Alternate downloads are here and here.

  • Right-click on aswMBR.exe and select Run as Administrator to launch the application.
  • If a prompt stating: The computer supports "Virtualization Technology" appears >> select Yes
  • When prompted with: The application can use the Avast! Free Antivirus for scanning >> select Yes
  • The Avast! virus definitions database will automatically be downloaded. Be patient this make take some time depending on the speed of your Internet Connection.
  • Once it has downloaded >> ensure the option next to AV scan: >> QuickScan is selected only. It should be by default.
  • Now click on the Scan button to start the scan.
  • On completion of the scan click Save Log, save it to your desktop and post the contents in your next reply
  • Click on Exit.

Note: There will also be a file on your desktop named MBR.dat(or similar) do not delete this for now it is a actual backup of the MBR(master boot record).

Scan with RogueKiller:

Please download RogueKillerX64 from either here or here and to your desktop.

  • Quit all running programs.
  • Right-click on RogueKillerX64 and select Run as Administrator to launch the application.
  • Let the pre-scan complete, then click on Accept option when the disclaimer window appears.

Note: If a browser window is launched/opened, merely close it.

  • Now click on the Scan tab back in the RogueKiller main window.
  • If the program is blocked, do not hesitate to try several times. If it really does not work (it could happen), rename it to winlogon.com
  • Upon completion of the scan click on the Report tab and a notepad file named RKreport_SCN_DDDDDDDD_TTTTTT.txt will open. <-- D & T denote date/time of scan etc.
  • Please post the contents of the RKreport_SCN_DDDDDDDD_TTTTTT.txt in your next reply.

  • 0

#9
pickett
Posted 04 October 2014 - 08:50 AM

pickett

    Member

  • Topic Starter
  • Member
  • PipPip
  • 22 posts

logs to come.


Edited by pickett, 04 October 2014 - 08:53 AM.

  • 0

#10
Biscuithd
Posted 04 October 2014 - 08:53 AM

Biscuithd

    Trusted Helper

  • Malware Removal
  • 2,573 posts
No setting on ask be, just a scan. We'll fix later if needed.

Love adwCleaner and we'll get to that after aswmbr and roguekiller.
  • 0

Advertisements

#11
pickett
Posted 04 October 2014 - 09:04 AM

pickett

    Member

  • Topic Starter
  • Member
  • PipPip
  • 22 posts

Here is the RST fixlog:

 

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 02-10-2014
Ran by Pickett_Kevin at 2014-10-04 08:40:48 Run:1
Running from C:\
Loaded Profile: Pickett_Kevin (Available profiles: Pickett_Kevin & Mcx1-ASUS_I7 & Administrator & DefaultAppPool)
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
start

HKLM-x32\...\Run: [] => [X]

C:\Program Files\Common Files\Goobzo\GBUpdate\smw.sys [X]

Handler: belarc - {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} -  No File

end
*****************

HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ => value deleted successfully.
"C:\Program Files\Common Files\Goobzo\GBUpdate\smw.sys [X]" => File/Directory not found.
"HKCR\PROTOCOLS\Handler\belarc" => Key deleted successfully.
"HKCR\CLSID\{6318E0AB-2E93-11D1-B8ED-00608CC9A71F}" => Key not found.

==== End of Fixlog ====

 

I was running the aswMBR scanner but it appears to have frozen.  It has been stuck on scanning the appdata/low/adobe/shockwave player 12/extras    for the past 5 min.  I will leave the program open until I hear back on what to do.

 

Thanks


  • 0

#12
pickett
Posted 04 October 2014 - 09:18 AM

pickett

    Member

  • Topic Starter
  • Member
  • PipPip
  • 22 posts

all of the programs in the FRST log above with the attention at the end like:  Task: {F257D46A-E2D3-43AC-91CB-5D6991F0E592} - \RocketTab Update Task No Task File <==== ATTENTION  are the junkware that was loaded to the machine when the demo software was loaded.

 

those are the most worrysum to me since I just used the program uninstaller to remove them.

 

It appears that the aswMBR is back to work.  I will send the files when they are done.

 

KP


  • 0

#13
pickett
Posted 04 October 2014 - 09:27 AM

pickett

    Member

  • Topic Starter
  • Member
  • PipPip
  • 22 posts

Here is the aswMBR report:

 

aswMBR version 1.0.1.2041 Copyright© 2014 AVAST Software
Run date: 2014-10-04 08:54:20
-----------------------------
08:54:20.196    OS Version: Windows x64 6.1.7601 Service Pack 1
08:54:20.196    Number of processors: 8 586 0x2A07
08:54:20.196    ComputerName: ASUS_I7  UserName:
08:54:20.446    Initialize success
08:54:20.446    VM: initialized successfully
08:54:20.446    VM: Intel CPU supported
08:54:27.130    VM: supported disk I/O iaStor.sys
08:55:14.120    AVAST engine defs: 14100400
08:55:37.006    Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
08:55:37.006    Disk 0 Vendor: KINGSTON 502A Size: 114473MB BusType: 3
08:55:37.006    Disk 1  \Device\Harddisk1\DR1 -> \Device\Ide\IAAStorageDevice-2
08:55:37.006    Disk 1 Vendor: WDC_WD10 05.0 Size: 953869MB BusType: 3
08:55:37.006    Disk 2  \Device\Harddisk2\DR2 -> \Device\Ide\IAAStorageDevice-3
08:55:37.006    Disk 2 Vendor: ST350083 3.AF Size: 476940MB BusType: 3
08:55:37.021    VM: Disk 0 MBR read successfully
08:55:37.021    Disk 0 MBR scan
08:55:37.037    Disk 0 Windows 7 default MBR code
08:55:37.037    Disk 0 Partition 1 80 (A) 07    HPFS/NTFS NTFS          100 MB offset 2048
08:55:37.037    Disk 0 Boot: NTFS     code=2
08:55:37.052    Disk 0 Partition 2 00     07    HPFS/NTFS NTFS       114371 MB offset 206848
08:55:37.084    Disk 0 scanning C:\Windows\system32\drivers
08:55:40.656    Service scanning
08:55:48.815    Modules scanning
08:55:48.815    Disk 0 trace - called modules:
08:55:48.815    ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys iaStor.sys hal.dll
08:55:48.815    1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa800db5b790]
08:55:48.815    3 CLASSPNP.SYS[fffff88001dae43f] -> nt!IofCallDriver -> [0xfffffa800ca19920]
08:55:48.815    5 ACPI.sys[fffff88000f687a1] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa800d91a050]
08:55:49.033    AVAST engine scan C:\Windows
08:55:50.578    AVAST engine scan C:\Windows\system32
08:57:40.059    AVAST engine scan C:\Windows\system32\drivers
08:57:45.035    AVAST engine scan D:\Users\Pickett_Kevin
09:18:30.310    AVAST engine scan C:\ProgramData
09:19:08.922    Scan finished successfully
09:19:48.624    Disk 0 MBR has been saved successfully to "D:\Users\Pickett_Kevin\Desktop\MBR.dat"
09:19:48.639    The log file has been saved successfully to "D:\Users\Pickett_Kevin\Desktop\aswMBR.txt"

 

 

here is the RogueKiller Report:

 

RogueKiller V9.2.13.0 (x64) [Sep 25 2014] by Adlice Software
mail : http://www.adlice.com/contact/
Feedback : http://forum.adlice.com
Website : http://www.adlice.co...es/roguekiller/
Blog : http://www.adlice.com

Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Started in : Normal mode
User : Pickett_Kevin [Admin rights]
Mode : Scan -- Date : 10/04/2014  09:25:06

¤¤¤ Bad processes : 0 ¤¤¤

¤¤¤ Registry Entries : 79 ¤¤¤
[Hj.Name] (X64) HKEY_USERS\RK_DefaultAppPool_ON_D_7F00\Software\Microsoft\Windows\CurrentVersion\RunOnce | mctadmin : C:\Windows\System32\mctadmin.exe  -> FOUND
[Hj.Name] (X86) HKEY_USERS\RK_DefaultAppPool_ON_D_7F00\Software\Microsoft\Windows\CurrentVersion\RunOnce | mctadmin : C:\Windows\System32\mctadmin.exe  -> FOUND
[Hj.Name] (X64) HKEY_USERS\RK_Default_ON_D_43EB\Software\Microsoft\Windows\CurrentVersion\RunOnce | mctadmin : C:\Windows\System32\mctadmin.exe  -> FOUND
[Hj.Name] (X86) HKEY_USERS\RK_Default_ON_D_43EB\Software\Microsoft\Windows\CurrentVersion\RunOnce | mctadmin : C:\Windows\System32\mctadmin.exe  -> FOUND
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\aswMBR (\??\D:\Users\PICKET~1\AppData\Local\Temp\aswMBR.sys) -> FOUND
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\aswVmm (\??\D:\Users\PICKET~1\AppData\Local\Temp\aswVmm.sys) -> FOUND
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\aswMBR (\??\D:\Users\PICKET~1\AppData\Local\Temp\aswMBR.sys) -> FOUND
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\aswVmm (\??\D:\Users\PICKET~1\AppData\Local\Temp\aswVmm.sys) -> FOUND
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{AFC8591B-E7F1-4BD8-A1DC-865FF0C3EF2C} | NameServer : 10.0.0.1,8.8.8.8  -> FOUND
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters\Interfaces\{AFC8591B-E7F1-4BD8-A1DC-865FF0C3EF2C} | NameServer : 10.0.0.1,8.8.8.8  -> FOUND
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\Tcpip\Parameters\Interfaces\{AFC8591B-E7F1-4BD8-A1DC-865FF0C3EF2C} | NameServer : 10.0.0.1,8.8.8.8  -> FOUND
[PUM.Policies] (X64) HKEY_USERS\S-1-5-21-2418582845-3554272899-2585186520-1000\Software\Microsoft\Windows\CurrentVersion\Policies\System | disableregistrytools : 0  -> FOUND
[PUM.Policies] (X64) HKEY_USERS\S-1-5-21-2418582845-3554272899-2585186520-1000\Software\Microsoft\Windows\CurrentVersion\Policies\System | DisableTaskMgr : 0  -> FOUND
[PUM.Policies] (X86) HKEY_USERS\S-1-5-21-2418582845-3554272899-2585186520-1000\Software\Microsoft\Windows\CurrentVersion\Policies\System | disableregistrytools : 0  -> FOUND
[PUM.Policies] (X86) HKEY_USERS\S-1-5-21-2418582845-3554272899-2585186520-1000\Software\Microsoft\Windows\CurrentVersion\Policies\System | DisableTaskMgr : 0  -> FOUND
[PUM.Policies] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System | DisableRegistryTools : 0  -> FOUND
[PUM.Policies] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System | DisableRegistryTools : 0  -> FOUND
[PUM.Policies] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System | EnableLUA : 0  -> FOUND
[PUM.Policies] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System | EnableLUA : 0  -> FOUND
[PUM.Policies] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System | ConsentPromptBehaviorAdmin : 0  -> FOUND
[PUM.Policies] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System | ConsentPromptBehaviorAdmin : 0  -> FOUND
[PUM.StartMenu] (X64) HKEY_USERS\RK_Administrator_ON_D_16B7\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced | Start_ShowMyDocs : 0  -> FOUND
[PUM.StartMenu] (X64) HKEY_USERS\RK_Administrator_ON_D_16B7\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced | Start_ShowMyGames : 2  -> FOUND
[PUM.StartMenu] (X64) HKEY_USERS\RK_Administrator_ON_D_16B7\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced | Start_ShowHelp : 0  -> FOUND
[PUM.StartMenu] (X64) HKEY_USERS\RK_Administrator_ON_D_16B7\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced | Start_ShowUser : 0  -> FOUND
[PUM.StartMenu] (X64) HKEY_USERS\RK_Administrator_ON_D_16B7\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced | Start_ShowMyPics : 0  -> FOUND
[PUM.StartMenu] (X64) HKEY_USERS\RK_Administrator_ON_D_16B7\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced | Start_TrackProgs : 0  -> FOUND
[PUM.StartMenu] (X64) HKEY_USERS\RK_Administrator_ON_D_16B7\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced | Start_ShowMyMusic : 0  -> FOUND
[PUM.StartMenu] (X86) HKEY_USERS\RK_Administrator_ON_D_16B7\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced | Start_ShowMyDocs : 0  -> FOUND
[PUM.StartMenu] (X86) HKEY_USERS\RK_Administrator_ON_D_16B7\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced | Start_ShowMyGames : 2  -> FOUND
[PUM.StartMenu] (X86) HKEY_USERS\RK_Administrator_ON_D_16B7\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced | Start_ShowHelp : 0  -> FOUND
[PUM.StartMenu] (X86) HKEY_USERS\RK_Administrator_ON_D_16B7\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced | Start_ShowUser : 0  -> FOUND
[PUM.StartMenu] (X86) HKEY_USERS\RK_Administrator_ON_D_16B7\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced | Start_ShowMyPics : 0  -> FOUND
[PUM.StartMenu] (X86) HKEY_USERS\RK_Administrator_ON_D_16B7\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced | Start_TrackProgs : 0  -> FOUND
[PUM.StartMenu] (X86) HKEY_USERS\RK_Administrator_ON_D_16B7\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced | Start_ShowMyMusic : 0  -> FOUND
[PUM.StartMenu] (X64) HKEY_USERS\RK_Mcx1-ASUS_I7_ON_D_3B98\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced | Start_ShowMyDocs : 0  -> FOUND
[PUM.StartMenu] (X64) HKEY_USERS\RK_Mcx1-ASUS_I7_ON_D_3B98\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced | Start_ShowMyGames : 2  -> FOUND
[PUM.StartMenu] (X64) HKEY_USERS\RK_Mcx1-ASUS_I7_ON_D_3B98\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced | Start_ShowHelp : 0  -> FOUND
[PUM.StartMenu] (X64) HKEY_USERS\RK_Mcx1-ASUS_I7_ON_D_3B98\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced | Start_ShowUser : 0  -> FOUND
[PUM.StartMenu] (X64) HKEY_USERS\RK_Mcx1-ASUS_I7_ON_D_3B98\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced | Start_ShowMyPics : 0  -> FOUND
[PUM.StartMenu] (X64) HKEY_USERS\RK_Mcx1-ASUS_I7_ON_D_3B98\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced | Start_TrackProgs : 0  -> FOUND
[PUM.StartMenu] (X64) HKEY_USERS\RK_Mcx1-ASUS_I7_ON_D_3B98\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced | Start_ShowMyMusic : 0  -> FOUND
[PUM.StartMenu] (X86) HKEY_USERS\RK_Mcx1-ASUS_I7_ON_D_3B98\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced | Start_ShowMyDocs : 0  -> FOUND
[PUM.StartMenu] (X86) HKEY_USERS\RK_Mcx1-ASUS_I7_ON_D_3B98\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced | Start_ShowMyGames : 2  -> FOUND
[PUM.StartMenu] (X86) HKEY_USERS\RK_Mcx1-ASUS_I7_ON_D_3B98\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced | Start_ShowHelp : 0  -> FOUND
[PUM.StartMenu] (X86) HKEY_USERS\RK_Mcx1-ASUS_I7_ON_D_3B98\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced | Start_ShowUser : 0  -> FOUND
[PUM.StartMenu] (X86) HKEY_USERS\RK_Mcx1-ASUS_I7_ON_D_3B98\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced | Start_ShowMyPics : 0  -> FOUND
[PUM.StartMenu] (X86) HKEY_USERS\RK_Mcx1-ASUS_I7_ON_D_3B98\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced | Start_TrackProgs : 0  -> FOUND
[PUM.StartMenu] (X86) HKEY_USERS\RK_Mcx1-ASUS_I7_ON_D_3B98\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced | Start_ShowMyMusic : 0  -> FOUND
[PUM.StartMenu] (X64) HKEY_USERS\S-1-5-21-2418582845-3554272899-2585186520-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced | Start_ShowMyDocs : 0  -> FOUND
[PUM.StartMenu] (X64) HKEY_USERS\S-1-5-21-2418582845-3554272899-2585186520-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced | Start_ShowMyGames : 2  -> FOUND
[PUM.StartMenu] (X64) HKEY_USERS\S-1-5-21-2418582845-3554272899-2585186520-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced | Start_ShowHelp : 0  -> FOUND
[PUM.StartMenu] (X64) HKEY_USERS\S-1-5-21-2418582845-3554272899-2585186520-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced | Start_ShowUser : 0  -> FOUND
[PUM.StartMenu] (X64) HKEY_USERS\S-1-5-21-2418582845-3554272899-2585186520-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced | Start_ShowMyPics : 0  -> FOUND
[PUM.StartMenu] (X64) HKEY_USERS\S-1-5-21-2418582845-3554272899-2585186520-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced | Start_TrackProgs : 0  -> FOUND
[PUM.StartMenu] (X64) HKEY_USERS\S-1-5-21-2418582845-3554272899-2585186520-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced | Start_ShowMyMusic : 0  -> FOUND
[PUM.StartMenu] (X86) HKEY_USERS\S-1-5-21-2418582845-3554272899-2585186520-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced | Start_ShowMyDocs : 0  -> FOUND
[PUM.StartMenu] (X86) HKEY_USERS\S-1-5-21-2418582845-3554272899-2585186520-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced | Start_ShowMyGames : 2  -> FOUND
[PUM.StartMenu] (X86) HKEY_USERS\S-1-5-21-2418582845-3554272899-2585186520-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced | Start_ShowHelp : 0  -> FOUND
[PUM.StartMenu] (X86) HKEY_USERS\S-1-5-21-2418582845-3554272899-2585186520-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced | Start_ShowUser : 0  -> FOUND
[PUM.StartMenu] (X86) HKEY_USERS\S-1-5-21-2418582845-3554272899-2585186520-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced | Start_ShowMyPics : 0  -> FOUND
[PUM.StartMenu] (X86) HKEY_USERS\S-1-5-21-2418582845-3554272899-2585186520-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced | Start_TrackProgs : 0  -> FOUND
[PUM.StartMenu] (X86) HKEY_USERS\S-1-5-21-2418582845-3554272899-2585186520-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced | Start_ShowMyMusic : 0  -> FOUND
[PUM.DesktopIcons] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1  -> FOUND
[PUM.DesktopIcons] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1  -> FOUND
[PUM.DesktopIcons] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1  -> FOUND
[PUM.DesktopIcons] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1  -> FOUND
[PUM.HomePage] (X64) HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main | Start Page : -> FOUND
[PUM.HomePage] (X86) HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main | Start Page : -> FOUND
[PUM.HomePage] (X64) HKEY_USERS\RK_Mcx1-ASUS_I7_ON_D_3B98\Software\Microsoft\Internet Explorer\Main | Start Page : -> FOUND
[PUM.HomePage] (X86) HKEY_USERS\RK_Mcx1-ASUS_I7_ON_D_3B98\Software\Microsoft\Internet Explorer\Main | Start Page : -> FOUND
[PUM.HomePage] (X64) HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Main | Start Page : -> FOUND
[PUM.HomePage] (X86) HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Main | Start Page : -> FOUND
[PUM.SearchPage] (X64) HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main | Search Page : -> FOUND
[PUM.SearchPage] (X86) HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main | Search Page : -> FOUND
[PUM.SearchPage] (X64) HKEY_USERS\S-1-5-21-2418582845-3554272899-2585186520-1000\Software\Microsoft\Internet Explorer\Main | Search Page : -> FOUND
[PUM.SearchPage] (X86) HKEY_USERS\S-1-5-21-2418582845-3554272899-2585186520-1000\Software\Microsoft\Internet Explorer\Main | Search Page : -> FOUND
[PUM.SearchPage] (X64) HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Main | Search Page : -> FOUND
[PUM.SearchPage] (X86) HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Main | Search Page : -> FOUND

¤¤¤ Scheduled tasks : 0 ¤¤¤

¤¤¤ Files : 0 ¤¤¤

¤¤¤ HOSTS File : 1 ¤¤¤
[C:\Windows\System32\drivers\etc\hosts] 127.0.0.1       localhost

¤¤¤ Antirootkit : 0 (Driver: LOADED) ¤¤¤

¤¤¤ Web browsers : 2 ¤¤¤
[PUM.Proxy][FIREFX:Config] j9cpfgrv.Kevin : user_pref("network.proxy.type", 4); -> FOUND
[PUM.HomePage][FIREFX:Config] j9cpfgrv.Kevin : user_pref("browser.startup.homepage", "www.yahoo.com"); -> FOUND

¤¤¤ MBR Check : ¤¤¤
+++++ PhysicalDrive0: KINGSTON SH103S3120G +++++
--- User ---
[MBR] c8dc8ac9e353bd314e09da80fc93391e
[BSP] 4b3ae01f1b7c2ca7687b52e04b50feb1 : Windows Vista/7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 100 MB
1 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 206848 | Size: 114371 MB
User = LL1 ... OK
User = LL2 ... OK

+++++ PhysicalDrive1: WDC WD1002FAEX-00Z3A0 +++++
--- User ---
[MBR] fe6338075878a27d5f081070e9a32f0f
[BSP] b10a1b3abfe072fd6f3ea47cbb2ce75c : Windows Vista/7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 953867 MB
User = LL1 ... OK
User = LL2 ... OK

+++++ PhysicalDrive2: ST3500830AS +++++
--- User ---
[MBR] 0e51bd2c042ea364cddd4c4958238ad3
[BSP] 5cab7fac78b6fe5301595cea6da44b25 : Empty MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 63 | Size: 476937 MB
User = LL1 ... OK
User = LL2 ... OK

+++++ PhysicalDrive3: ASMT 2115 USB Device +++++
--- User ---
[MBR] b1068a5a01fe8f13c5963531346cdf3b
[BSP] a0d10d2241b42b6168baac8414efc1c5 : Windows Vista/7/8 MBR Code
Partition table:
0 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 953867 MB
User = LL1 ... OK
Error reading LL2 MBR! ([32] The request is not supported. )

+++++ PhysicalDrive4: Maxtor OneTouch USB Device +++++
--- User ---
[MBR] 865d0fcfaacb6d6f653e0c799069a27c
[BSP] 80a3b5947a97fa5521de61c9311a95c5 : Legit.Unknown MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 476937 MB
User = LL1 ... OK
Error reading LL2 MBR! ([32] The request is not supported. )
 


  • 0

#14
Biscuithd
Posted 05 October 2014 - 07:31 AM

Biscuithd

    Trusted Helper

  • Malware Removal
  • 2,573 posts

  Task: {F257D46A-E2D3-43AC-91CB-5D6991F0E592} - \RocketTab Update Task No Task File <==== ATTENTION  . those are the most worrysum to me

 

 

They are worrisome to me as well! :)  However, if you look closely at the line, where it says No Task File, what that means is, the Registry still has a Pointer (an Entry) to the file, however, the file is no longer there (No Task File). In other words, no possibility of damage.

 

That said, I absolutely will remove the Registry entry too, but I leave it in when I suspect a Rogue or RK in case the reference helps the tool in it's discovery. That might be unnecessary, but doesn't hurt to do and once I know everything is fine, then I go back and remove it.

 

On with the cleaning :)

 

FRST.gif Fix with Farbar Recovery Scan Tool
 

icon_exclaim.gif This fix was created for this user for use on that particular machine. icon_exclaim.gif
icon_exclaim.gif Running it on another one may cause damage and render the system unstable. icon_exclaim.gif

Press the WindowsKey.png + R on your keyboard at the same time. Type Notepad and click OK.

  • Copy the entire content of the codebox below and paste into the Notepad document:
    start

Task: {2799DD2E-F463-440E-89B8-DBEFD2BD8680} - \ProPCCleaner_Popup No Task File <==== ATTENTION

Task: {5A8A7025-2C45-4CE9-8CBC-13899E34A6CA} - \LaunchSignup No Task File <==== ATTENTION

Task: {6C706A48-7E40-4633-9138-9B83EAD5ADE9} - \RocketTab No Task File <==== ATTENTION

Task: {70955920-0F53-4B4C-B331-C420778CD8A0} - \YTDownloader No Task File <==== ATTENTION

Task: {8DA59D4D-6820-413E-B696-8356F5347643} - \SMupdate1 No Task File <==== ATTENTION

Task: {ADB2D0BC-D34E-42CA-BC9F-FDCBF6FA9210} - \ProPCCleaner_Start No Task File <==== ATTENTION

Task: {F257D46A-E2D3-43AC-91CB-5D6991F0E592} - \RocketTab Update Task No Task File <==== ATTENTION

end
  • Click File, Save As and type fixlist.txt as the File Name.

Both files, FRST and fixlist.txt have to be in the same location or the fix will not work!


  • Right-click on FRST.gif icon and select RunAsAdmin.jpg Run as Administrator to start the tool.
    (XP users click run after receipt of Windows Security Warning - Open File).
  • Press the Fix button just once and wait.
  • If for some reason the tool needs a restart, please make sure you let the system restart normally. After that let the tool complete its run.
  • When finished FRST will generate a log on the Desktop, called Fixlog.txt.

Please post it to your reply.

 

 

adwcleaner_new.png Scan with AdwCleaner
 
Please download AdwCleaner by Xplode and save the file to your desktop.
 
  • Right-click on adwcleaner_new.png icon and select RunAsAdmin.jpg Run as Administrator to start the tool.
  • Follow the prompts and click Scan.
  • Upon completion, click Report. A log (AdwCleaner[R*].txt) will open.
 
Please include the contents of that file in your reply.
 
JRTbythisisu.png Fix with Junkware Removal Tool
 
Please download JRT by Thisisu and save the file to your desktop.
Temporary disable your AntiVirus and AntiSpyware protection - instructions here.
 
  • Right-click on JRTbythisisu.png icon and select RunAsAdmin.jpg Run as Administrator to start the tool.
  • Follow the prompts and let this process run uninterrupted.
  • This scan can take a while, depending on your System specs.
  • Upon completion, a log (JRT.txt) will open on your desktop.
 
Please include the contents of that file in your reply.
 
Do not forget to re-enable your previously switched off protection software!
Please also manually reboot your machine after this procedure.
 
51a612a8b27e2-Zoek.png Scan with ZOEK

Please download ZOEK by Smeenk and save it to your desktop (preferred version is the *.exe one)
Temporary disable your AntiVirus and AntiSpyware protection - instructions here.

  • Right-click on 51a612a8b27e2-Zoek.png icon and select RunAsAdmin.jpg Run as Administrator to start the tool.
  • Wait patiently until the main console will appear, it may take a minute or two.
  • In the main box please paste in the following script:
    createsrpoint;

process;

services-list;

systemspecs;

startupall;

skipfix-iedefaults;

firefoxlook;

chromelook;

filesrcm;

installedprogs;
  • Make sure that Scan All Users option is checked.
  • Push Run Script and wait patiently. The scan may take a couple of minutes.
  • When the scan completes, a zoek-results logfile should open in notepad.
  • If a reboot is needed, it will be opened after it. You may also find it at your main drive (usually C:\ drive)

Post its content into your next reply.

  • 0

#15
pickett
Posted 05 October 2014 - 11:07 AM

pickett

    Member

  • Topic Starter
  • Member
  • PipPip
  • 22 posts

Here is the result of the fixlist log.

 

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 02-10-2014
Ran by Pickett_Kevin at 2014-10-05 10:56:45 Run:2
Running from C:\
Loaded Profile: Pickett_Kevin (Available profiles: Pickett_Kevin & Mcx1-ASUS_I7 & Administrator & DefaultAppPool)
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
start

Task: {2799DD2E-F463-440E-89B8-DBEFD2BD8680} - \ProPCCleaner_Popup No Task File <==== ATTENTION

Task: {5A8A7025-2C45-4CE9-8CBC-13899E34A6CA} - \LaunchSignup No Task File <==== ATTENTION

Task: {6C706A48-7E40-4633-9138-9B83EAD5ADE9} - \RocketTab No Task File <==== ATTENTION

Task: {70955920-0F53-4B4C-B331-C420778CD8A0} - \YTDownloader No Task File <==== ATTENTION

Task: {8DA59D4D-6820-413E-B696-8356F5347643} - \SMupdate1 No Task File <==== ATTENTION

Task: {ADB2D0BC-D34E-42CA-BC9F-FDCBF6FA9210} - \ProPCCleaner_Start No Task File <==== ATTENTION

Task: {F257D46A-E2D3-43AC-91CB-5D6991F0E592} - \RocketTab Update Task No Task File <==== ATTENTION

end
*****************

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{2799DD2E-F463-440E-89B8-DBEFD2BD8680}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2799DD2E-F463-440E-89B8-DBEFD2BD8680}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ProPCCleaner_Popup" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{5A8A7025-2C45-4CE9-8CBC-13899E34A6CA}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5A8A7025-2C45-4CE9-8CBC-13899E34A6CA}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\LaunchSignup" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{6C706A48-7E40-4633-9138-9B83EAD5ADE9}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6C706A48-7E40-4633-9138-9B83EAD5ADE9}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\RocketTab" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{70955920-0F53-4B4C-B331-C420778CD8A0}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{70955920-0F53-4B4C-B331-C420778CD8A0}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\YTDownloader" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{8DA59D4D-6820-413E-B696-8356F5347643}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8DA59D4D-6820-413E-B696-8356F5347643}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\SMupdate1" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{ADB2D0BC-D34E-42CA-BC9F-FDCBF6FA9210}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{ADB2D0BC-D34E-42CA-BC9F-FDCBF6FA9210}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ProPCCleaner_Start" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{F257D46A-E2D3-43AC-91CB-5D6991F0E592}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F257D46A-E2D3-43AC-91CB-5D6991F0E592}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\RocketTab Update Task" => Key deleted successfully.

==== End of Fixlog ====

 

When I run adwcleaner it gets so far and than gives me an error I have tried it bothe from the root of C:/  and on the desktop which is actually on the D drive.

 

It get to analyzing browers... and than gives an autoit error Line 497.....  Error: variable must be of type "Object.

 

I do see an item listed in the services table  called Search Module UpdateD  Service name: SMUpdd.

 

I didn't run any of the other scans utill I hear from you... I didn't want to screw things up, if they had to be done the order you posted.

 

I had ran AdwCleaner prior to contacting Geekstogo and it ran ok.. but it was a previous version.

 

KP


  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP