Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

may be infected, advice please


  • This topic is locked This topic is locked

#1
cer0

cer0

    New Member

  • Member
  • Pip
  • 6 posts
Logfile of Trend Micro HijackThis v2.0.5
Scan saved at 12:03:10 PM, on 10/1/2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.16518)

FIREFOX: 32.0.3 (x86 en-US)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\DAEMON Tools Pro\DTShellHlp.exe
C:\Windows\system32\taskeng.exe
c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
C:\Program Files\VideoLAN\VLC\vlc.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Opera\21.0.1432.67\opera.exe
C:\Program Files\Opera\21.0.1432.67\opera_crashreporter.exe
C:\Program Files\Opera\21.0.1432.67\opera.exe
C:\Program Files\Opera\21.0.1432.67\opera.exe
C:\Program Files\Opera\21.0.1432.67\opera.exe
C:\Program Files\Opera\21.0.1432.67\opera.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_15_0_0_152.exe
C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_15_0_0_152.exe
C:\Users\nots0\Downloads\HijackThis.exe
C:\Program Files\Opera\21.0.1432.67\opera.exe
C:\Program Files\Opera\21.0.1432.67\opera.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 
O2 - BHO: ExplorerWnd Helper - {10921475-03CE-4E04-90CE-E2E7EF20C814} - (no file)
O2 - BHO: Drop Pad Web Backup - {25DA541F-6ACF-4052-A8AA-1D58284729C7} - mscoree.dll (file missing)
O2 - BHO: Lync Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office15\OCHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~1\MICROS~3\Office15\URLREDIR.DLL
O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\PROGRA~1\MICROS~3\Office15\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
O4 - HKLM\..\Run: [MSC] "c:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
O4 - HKLM\..\Run: [AdobeAAMUpdater-1.0] "C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
O4 - HKLM\..\Run: [AdobeCEPServiceManager] "C:\Program Files\Common Files\Adobe\CEPServiceManager4\CEPServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [DAEMON Tools Pro Agent] "C:\Program Files\DAEMON Tools Pro\DTAgent.exe" -autorun
O4 - Startup: CurseClientStartup.ccip
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~1\MICROS~3\Office15\ONBttnIE.dll/105
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office15\ONBttnIE.dll
O9 - Extra button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office15\OCHelper.dll
O9 - Extra 'Tools' menuitem: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office15\OCHelper.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: *.clonewarsadventures.com
O15 - Trusted Zone: *.freerealms.com
O15 - Trusted Zone: *.soe.com
O15 - Trusted Zone: *.sony.com
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: @comres.dll,-947 (COMSysApp) - Unknown owner - C:\Windows\system32\dllhost.exe
O23 - Service: Folder Size (FolderSize) - Brio - C:\Program Files\FolderSize\FolderSizeSvc.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: PP Assistant Service - Unknown owner - C:\Program Files\PP??2.0\adevicehelpersvr.exe (file missing)
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe

--
End of file - 7226 bytes
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 30-09-2014
Ran by nots0 (administrator) on NOTS0-PC on 01-10-2014 11:20:15
Running from C:\Users\nots0\Downloads
Loaded Profile: nots0 (Available profiles: nots0)
Platform: Microsoft Windows 7 Ultimate  Service Pack 1 (X86) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Brio) C:\Program Files\FolderSize\FolderSizeSvc.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe
() C:\Program Files\PP助手2.0\adevicehelpersvr.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbam.exe
(广州铁人网络科技有限公司) C:\Program Files\PP助手2.0\adevicehelpermon.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(DT Soft Ltd) C:\Program Files\DAEMON Tools Pro\DTShellHlp.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(VideoLAN) C:\Program Files\VideoLAN\VLC\vlc.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Opera Software) C:\Program Files\Opera\21.0.1432.67\opera.exe
() C:\Program Files\Opera\21.0.1432.67\opera_crashreporter.exe
(Opera Software) C:\Program Files\Opera\21.0.1432.67\opera.exe
(Opera Software) C:\Program Files\Opera\21.0.1432.67\opera.exe
(Opera Software) C:\Program Files\Opera\21.0.1432.67\opera.exe
(Opera Software) C:\Program Files\Opera\21.0.1432.67\opera.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\plugin-container.exe
(Adobe Systems, Inc.) C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_15_0_0_152.exe
(Adobe Systems, Inc.) C:\Windows\System32\Macromed\Flash\FlashPlayerPlugin_15_0_0_152.exe
() C:\Users\nots0\Downloads\RogueKiller.exe
(Symantec Corporation) C:\Users\nots0\Downloads\FixWelch.exe
(Opera Software) C:\Program Files\Opera\21.0.1432.67\opera.exe
(Trend Micro Inc.) C:\Users\nots0\Downloads\HijackThis.exe
(Microsoft Corporation) C:\Windows\regedit.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [951576 2014-03-11] (Microsoft Corporation)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [472992 2013-03-21] (Adobe Systems Incorporated)
HKLM\...\Run: [AdobeCEPServiceManager] => C:\Program Files\Common Files\Adobe\CEPServiceManager4\CEPServiceManager.exe [1039248 2013-03-13] (Adobe Systems Incorporated)
HKLM\...\Run: [APSDaemon] => C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [43848 2014-02-12] (Apple Inc.)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [152392 2014-02-21] (Apple Inc.)
HKLM\...\Run: [] => [X]
HKU\S-1-5-21-2709076479-299211639-3247174901-1000\...\Run: [DAEMON Tools Pro Agent] => C:\Program Files\DAEMON Tools Pro\DTAgent.exe [3108480 2012-10-23] (DT Soft Ltd)
Startup: C:\Users\nots0\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CurseClientStartup.ccip ()
ShellIconOverlayIdentifiers: [ SkyDrivePro1 (ErrorConflict)] -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrivePro2 (SyncInProgress)] -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrivePro3 (InSync)] -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers: [EnhancedStorageShell] -> {D9144DCD-E998-4ECA-AB6A-DCD83CCBA16D} => C:\Windows\system32\EhStorShell.dll (Microsoft Corporation)
ShellIconOverlayIdentifiers: [Offline Files] -> {4E77131D-3629-431c-9818-C5679DC83E81} => C:\Windows\System32\cscui.dll (Microsoft Corporation)
ShellIconOverlayIdentifiers: [SharingPrivate] -> {08244EE6-92F0-47f2-9FC9-929BAA2E7235} => C:\Windows\system32\ntshrui.dll (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xF2D628CCF41CCE01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
SearchScopes: HKLM - DefaultScope {17C35237-2C6F-452E-B85E-66267434CAB2} URL = 
SearchScopes: HKLM - {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3281675&CUI=UN40636566492054128
SearchScopes: HKCU - DefaultScope {1BD93CF8-CB61-4E9C-BF3C-395BAB0FDB65} URL = http://search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=937811&p={searchTerms}
SearchScopes: HKCU - {1BD93CF8-CB61-4E9C-BF3C-395BAB0FDB65} URL = http://search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=937811&p={searchTerms}
BHO: No Name -> {10921475-03CE-4E04-90CE-E2E7EF20C814} ->  No File
BHO: Drop Pad Web Backup -> {25DA541F-6ACF-4052-A8AA-1D58284729C7} -> C:\Windows\system32\mscoree.dll (Microsoft Corporation)
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL (Microsoft Corporation)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Winsock: Catalog5 09 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 75.75.75.75 75.75.76.76

FireFox:
========
FF ProfilePath: C:\Users\nots0\AppData\Roaming\Mozilla\Firefox\Profiles\tz0ans2l.default
FF Homepage: hxxp://www.google.com
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin: @java.com/DTPlugin,version=10.51.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.51.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~3\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @nvidia.com/3DVision -> C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin: @nvidia.com/3DVisionStreaming -> C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.1.0 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll (Adobe Systems)
FF Plugin HKCU: ubisoft.com/uplaypc -> C:\Program Files\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll (Ubisoft)
FF user.js: detected! => C:\Users\nots0\AppData\Roaming\Mozilla\Firefox\Profiles\tz0ans2l.default\user.js
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npMeetingJoinPluginOC.dll (Microsoft Corporation)
FF SearchPlugin: C:\Users\nots0\AppData\Roaming\Mozilla\Firefox\Profiles\tz0ans2l.default\searchplugins\google-ssl.xml
FF SearchPlugin: C:\Users\nots0\AppData\Roaming\Mozilla\Firefox\Profiles\tz0ans2l.default\searchplugins\yahoo_ff.xml
FF Extension: Ant Video Downloader - C:\Users\nots0\AppData\Roaming\Mozilla\Firefox\Profiles\tz0ans2l.default\Extensions\[email protected] [2014-08-02]
FF Extension: Flash Video Downloader - YouTube Full HD Download - C:\Users\nots0\AppData\Roaming\Mozilla\Firefox\Profiles\tz0ans2l.default\Extensions\[email protected] [2014-07-31]
FF Extension: DoNotTrackMe: Online Privacy Protection - C:\Users\nots0\AppData\Roaming\Mozilla\Firefox\Profiles\tz0ans2l.default\Extensions\[email protected] [2014-07-10]
FF Extension: LastPass - C:\Users\nots0\AppData\Roaming\Mozilla\Firefox\Profiles\tz0ans2l.default\Extensions\[email protected] [2014-08-22]
FF Extension: Flash and Video Download - C:\Users\nots0\AppData\Roaming\Mozilla\Firefox\Profiles\tz0ans2l.default\Extensions\{bee6eb20-01e0-ebd1-da83-080329fb9a3a} [2014-09-20]
FF Extension: Custom New Tab - C:\Users\nots0\AppData\Roaming\Mozilla\Firefox\Profiles\tz0ans2l.default\Extensions\[email protected] [2014-04-05]
FF Extension: ImageBlock - C:\Users\nots0\AppData\Roaming\Mozilla\Firefox\Profiles\tz0ans2l.default\Extensions\[email protected] [2013-09-28]
FF Extension: InstantFox - C:\Users\nots0\AppData\Roaming\Mozilla\Firefox\Profiles\tz0ans2l.default\Extensions\[email protected] [2013-03-09]
FF Extension: YouTube to MP3 - C:\Users\nots0\AppData\Roaming\Mozilla\Firefox\Profiles\tz0ans2l.default\Extensions\[email protected] [2014-01-27]
FF Extension: Gmail S/MIME - C:\Users\nots0\AppData\Roaming\Mozilla\Firefox\Profiles\tz0ans2l.default\Extensions\{4c197c8f-a50f-4b49-a2d2-ed922c95612f}.xpi [2013-03-12]
FF Extension: Encrypted Communication - C:\Users\nots0\AppData\Roaming\Mozilla\Firefox\Profiles\tz0ans2l.default\Extensions\{52a7f893-d228-412e-9b28-bc61491462f6}.xpi [2013-03-12]
FF Extension: Quick Translator - C:\Users\nots0\AppData\Roaming\Mozilla\Firefox\Profiles\tz0ans2l.default\Extensions\{5C655500-E712-41e7-9349-CE462F844B19}.xpi [2013-12-08]
FF Extension: Downloads Window - C:\Users\nots0\AppData\Roaming\Mozilla\Firefox\Profiles\tz0ans2l.default\Extensions\{a7213cf2-fa1e-4373-88ff-255d0abd3020}.xpi [2014-01-27]
FF Extension: Adblock Plus - C:\Users\nots0\AppData\Roaming\Mozilla\Firefox\Profiles\tz0ans2l.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-04-25]
FF Extension: Google Privacy - C:\Users\nots0\AppData\Roaming\Mozilla\Firefox\Profiles\tz0ans2l.default\Extensions\{ea61041c-1e22-4400-99a0-aea461e69d04}.xpi [2013-03-12]

Chrome: 
=======
CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter}
CHR CustomProfile: C:\Users\nots0\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\nots0\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-04-17]
CHR Extension: (Google Drive) - C:\Users\nots0\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-04-17]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\nots0\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-07-11]
CHR Extension: (YouTube) - C:\Users\nots0\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-04-17]
CHR Extension: (Google Search) - C:\Users\nots0\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-04-17]
CHR Extension: (Google Wallet) - C:\Users\nots0\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-04-17]
CHR Extension: (Gmail) - C:\Users\nots0\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-04-17]

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 FolderSize; C:\Program Files\FolderSize\FolderSizeSvc.exe [114688 2013-02-13] (Brio) [File not signed]
S4 LiveUpdateSvc; C:\Program Files\IObit\LiveUpdate\LiveUpdate.exe [2151200 2013-12-03] (IObit)
R2 MBAMScheduler; C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation)
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [22216 2014-03-11] (Microsoft Corporation)
R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [279776 2014-03-11] (Microsoft Corporation)
R2 PP Assistant Service; C:\Program Files\PP助手2.0\adevicehelpersvr.exe [118496 2014-08-14] () [File not signed]
R2 Themes; C:\Windows\system32\themeservice.dll [37376 2014-01-27] (Microsoft Corporation) [File not signed]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R1 AsIO; C:\Windows\System32\drivers\AsIO.sys [11296 2009-08-04] ()
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [242240 2013-03-09] (DT Soft Ltd)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [23256 2014-05-12] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [110296 2014-10-01] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [51928 2014-05-12] (Malwarebytes Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [231960 2014-01-25] (Microsoft Corporation)
R1 MpKsld5c8bc61; c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{3AC102B6-99F5-4BDC-878F-6A6946893CD0}\MpKsld5c8bc61.sys [39464 2014-10-01] (Microsoft Corporation)
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [13216 2009-07-16] ()
S3 taphss; C:\Windows\System32\DRIVERS\taphss.sys [33512 2012-07-24] (AnchorFree Inc)
S3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [37064 2013-04-24] (Anchorfree Inc.)
U3 TrueSight; C:\Windows\System32\drivers\TrueSight.sys [34808 2014-10-01] ()
R3 VIAHdAudAddService; C:\Windows\System32\drivers\viahduaa.sys [1150880 2013-03-09] (VIA Technologies, Inc.)
R1 WinFLAdrv; C:\Windows\System32\WinFLAdrv.sys [29184 2013-03-10] ()
S1 AntiLog32; \??\C:\Windows\system32\drivers\AntiLog32.sys [X]
S3 catchme; \??\C:\Users\nots0\AppData\Local\Temp\catchme.sys [X]
S3 keycrypt; system32\DRIVERS\KeyCrypt32.sys [X]
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Whitelisted) ===================


(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-10-01 11:20 - 2014-10-01 11:21 - 00017767 _____ () C:\Users\nots0\Downloads\FRST.txt
2014-10-01 11:19 - 2014-10-01 11:20 - 00000000 ____D () C:\FRST
2014-10-01 11:19 - 2014-10-01 11:19 - 01100288 _____ (Farbar) C:\Users\nots0\Downloads\FRST.exe
2014-10-01 11:07 - 2014-10-01 11:07 - 00007180 _____ () C:\Users\nots0\Downloads\hijackthis.log
2014-10-01 11:01 - 2014-10-01 11:01 - 00388608 _____ (Trend Micro Inc.) C:\Users\nots0\Downloads\HijackThis.exe
2014-10-01 10:45 - 2014-10-01 10:45 - 00000000 _____ () C:\Users\nots0\Downloads\FixWelch.log
2014-10-01 10:44 - 2014-10-01 10:44 - 00175256 _____ (Symantec Corporation) C:\Users\nots0\Downloads\FixWelch.exe
2014-10-01 10:38 - 2014-10-01 10:38 - 00034808 _____ () C:\Windows\system32\Drivers\TrueSight.sys
2014-10-01 10:38 - 2014-10-01 10:38 - 00000000 ____D () C:\ProgramData\RogueKiller
2014-10-01 10:37 - 2014-10-01 10:42 - 183376808 _____ (BeyondTrust, Inc.) C:\Users\nots0\Downloads\RetinaNetworkCommunity_EN.exe
2014-10-01 10:31 - 2014-10-01 10:31 - 04893784 _____ () C:\Users\nots0\Downloads\RogueKiller.exe
2014-10-01 08:48 - 2014-10-01 13:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2014
2014-10-01 08:48 - 2014-10-01 13:53 - 00000000 ____D () C:\Program Files\TuneUp Utilities 2014
2014-10-01 08:48 - 2014-10-01 08:48 - 00000000 ____D () C:\Users\nots0\AppData\Local\TuneUp Software
2014-10-01 08:29 - 2014-10-01 08:29 - 00000000 ____D () C:\ProgramData\Martau
2014-10-01 08:28 - 2014-10-01 13:53 - 00000000 ____D () C:\Program Files\Total Uninstall 6
2014-10-01 08:16 - 2014-10-01 08:16 - 00347816 _____ (Microsoft Corporation) C:\Users\nots0\Downloads\MicrosoftFixit.ProgramInstallUninstall.MATSKB.Run(1).exe
2014-09-28 06:54 - 2014-09-28 06:54 - 00001571 _____ () C:\Users\Public\Desktop\sine mora.lnk
2014-09-28 06:53 - 2014-09-28 06:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kalypso Media
2014-09-27 21:55 - 2014-09-27 21:55 - 00000000 ____D () C:\ProgramData\RELOADED
2014-09-27 20:52 - 2014-09-27 20:52 - 00001853 _____ () C:\Users\Public\Desktop\mark of the ninja.lnk
2014-09-27 20:52 - 2014-09-27 20:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Studios
2014-09-27 20:47 - 2014-09-27 20:47 - 00000587 _____ () C:\Users\Public\Desktop\torchlight 2.lnk
2014-09-27 20:35 - 2014-09-27 20:35 - 00001104 _____ () C:\Users\nots0\Desktop\dust an elysian tail.lnk
2014-09-27 16:45 - 2014-09-27 16:45 - 00000703 _____ () C:\Users\nots0\Desktop\metal slug.lnk
2014-09-27 16:44 - 2014-09-27 16:44 - 00000000 ____D () C:\Users\nots0\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SNK PLAYMORE
2014-09-27 14:16 - 2014-09-27 14:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PP助手2.0
2014-09-27 14:16 - 2014-09-27 14:16 - 00000000 ____D () C:\Program Files\PP助手2.0
2014-09-27 14:15 - 2014-09-27 14:15 - 19521328 _____ (广州铁人网络科技有限公司) C:\Users\nots0\Downloads\ppsetup(1).exe
2014-09-27 14:05 - 2014-09-27 14:05 - 21933992 _____ () C:\Users\nots0\Downloads\Tongbu_Setup_2.19.2_zsgw.exe
2014-09-27 10:48 - 2014-09-27 10:48 - 00000000 ____D () C:\ProgramData\FaceOnBody2
2014-09-27 10:43 - 2014-09-27 10:45 - 00000000 ____D () C:\Program Files\FaceOnBody2
2014-09-27 10:43 - 2014-09-27 10:43 - 00000000 ____D () C:\Users\nots0\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FaceOnBody2
2014-09-27 10:43 - 2014-09-27 10:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FaceOnBody2
2014-09-26 23:21 - 2014-09-26 23:21 - 00402696 _____ () C:\Users\nots0\Downloads\setup(1).exe
2014-09-25 20:32 - 2014-10-01 13:53 - 00000000 ____D () C:\Users\nots0\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SaveSense
2014-09-25 20:32 - 2014-09-25 20:34 - 00000000 ____D () C:\Program Files\SaveSense
2014-09-25 20:30 - 2014-09-25 20:30 - 00699016 _____ (CNET Download.com) C:\Users\nots0\Downloads\cbsidlm-cbsi213-Always_On_Top-SEO-10674027.exe
2014-09-24 21:02 - 2014-09-27 16:46 - 00000895 _____ () C:\Users\nots0\Desktop\btd 5.lnk
2014-09-24 21:01 - 2014-09-24 21:01 - 00000000 ____D () C:\Users\nots0\AppData\Roaming\com.ninjakiwi.BloonsTD5Deluxe
2014-09-24 21:00 - 2014-09-24 21:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bloons TD 5 Deluxe
2014-09-04 14:26 - 2014-09-04 14:26 - 00000663 _____ () C:\Users\nots0\Desktop\left 4 dead 2.lnk
2014-09-04 11:31 - 2014-09-04 11:31 - 00000008 _____ () C:\Users\nots0\Desktop\toysrus.txt

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-10-01 13:53 - 2014-03-22 11:57 - 00000000 ____D () C:\NVIDIA
2014-10-01 13:53 - 2013-03-10 00:49 - 00000000 ____D () C:\Program Files\Microsoft Baseline Security Analyzer 2
2014-10-01 13:53 - 2013-03-09 18:31 - 00000000 ____D () C:\Users\nots0\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Curse
2014-10-01 13:53 - 2013-03-09 14:36 - 00000000 ____D () C:\Users\nots0\AppData\Roaming\uTorrent
2014-10-01 13:53 - 2009-07-13 22:37 - 00000000 ____D () C:\Windows\system32\wfp
2014-10-01 13:53 - 2009-07-13 22:37 - 00000000 ____D () C:\Windows\registration
2014-10-01 13:53 - 2009-07-13 22:37 - 00000000 ____D () C:\Windows\AppCompat
2014-10-01 13:52 - 2013-12-19 17:35 - 00000000 ____D () C:\ProgramData\Apple Computer
2014-10-01 13:52 - 2013-12-19 17:34 - 00000000 ____D () C:\Users\nots0\AppData\Local\Apple
2014-10-01 13:52 - 2013-12-19 17:34 - 00000000 ____D () C:\ProgramData\Apple
2014-10-01 11:01 - 2014-03-18 09:57 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-10-01 10:48 - 2014-04-17 19:33 - 00000884 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-10-01 10:43 - 2009-07-14 00:34 - 00010016 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-10-01 10:43 - 2009-07-14 00:34 - 00010016 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-10-01 10:05 - 2013-03-09 14:27 - 01566723 _____ () C:\Windows\WindowsUpdate.log
2014-10-01 09:58 - 2014-07-06 06:33 - 00110296 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-10-01 09:58 - 2014-04-17 19:33 - 00000880 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-10-01 09:58 - 2013-03-09 14:28 - 00000000 ____D () C:\Users\nots0
2014-10-01 09:55 - 2014-04-08 09:25 - 00009234 _____ () C:\Windows\setupact.log
2014-10-01 09:55 - 2013-03-09 14:40 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-10-01 09:55 - 2009-07-14 00:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-10-01 08:57 - 2014-01-26 08:10 - 00000000 __SHD () C:\ProgramData\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C}
2014-10-01 08:49 - 2013-03-09 18:27 - 00000000 ____D () C:\Users\nots0\AppData\Local\Deployment
2014-09-30 10:17 - 2014-04-06 19:10 - 00000000 ____D () C:\Users\nots0\AppData\Local\Battle.net
2014-09-30 08:29 - 2014-04-08 09:24 - 00019192 _____ () C:\Windows\PFRO.log
2014-09-30 08:29 - 2013-05-06 00:36 - 00000000 ____D () C:\Windows\pss
2014-09-30 08:29 - 2013-04-11 21:54 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2014-09-29 08:04 - 2013-07-12 13:37 - 00000000 ____D () C:\Users\nots0\My Books
2014-09-28 17:36 - 2014-07-30 04:12 - 00000000 ____D () C:\Users\nots0\AppData\Local\CrashDumps
2014-09-28 17:36 - 2014-04-29 17:41 - 00000000 ____D () C:\Users\nots0\Documents\ihelper
2014-09-28 09:05 - 2013-03-14 15:57 - 00000000 ____D () C:\Users\nots0\AppData\Roaming\mIRC
2014-09-28 06:55 - 2013-06-29 14:41 - 00000000 ___RD () C:\Users\nots0\Desktop\incoming
2014-09-28 06:50 - 2013-05-22 12:52 - 00000000 ____D () C:\Games
2014-09-27 22:55 - 2013-03-10 09:04 - 00000000 ____D () C:\Users\nots0\AppData\Roaming\vlc
2014-09-27 21:55 - 2013-06-19 16:28 - 00000000 ____D () C:\Users\nots0\Documents\My Games
2014-09-27 20:56 - 2013-09-14 20:48 - 00000000 ____D () C:\Users\nots0\AppData\Local\SKIDROW
2014-09-27 16:37 - 2013-03-09 22:11 - 00000000 ____D () C:\Users\nots0\AppData\Roaming\DAEMON Tools Pro
2014-09-27 14:08 - 2014-08-26 17:52 - 00000000 ____D () C:\Users\nots0\Documents\Tongbu
2014-09-27 10:50 - 2014-03-31 14:08 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-09-24 11:01 - 2013-03-09 14:44 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2014-09-24 11:01 - 2013-03-09 14:44 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2014-09-19 21:36 - 2014-08-08 15:28 - 00000000 ____D () C:\Users\nots0\AppData\Roaming\.minecraft
2014-09-12 15:09 - 2014-04-06 19:09 - 00000000 ____D () C:\Program Files\Battle.net
2014-09-04 18:10 - 2013-03-09 14:34 - 00782578 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-09-01 13:41 - 2014-04-06 19:22 - 00000000 ____D () C:\Program Files\Diablo III
2014-09-01 13:41 - 2013-03-09 17:36 - 00000000 ____D () C:\Program Files\Common Files\Blizzard Entertainment

Files to move or delete:
====================
C:\ProgramData\win_mpwd_sys.dat


Some content of TEMP:
====================
C:\Users\nots0\AppData\Local\Temp\GLF53D9.tmp.dll
C:\Users\nots0\AppData\Local\Temp\SkypeSetup.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-09-27 04:21

=============
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 30-09-2014
Ran by nots0 at 2014-10-01 11:21:34
Running from C:\Users\nots0\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Microsoft Security Essentials (Enabled - Up to date) {641105E6-77ED-3F35-A304-765193BCB75F}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Microsoft Security Essentials (Enabled - Up to date) {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKCU\...\uTorrent) (Version: 3.4.2.32354 - BitTorrent Inc.)
Adobe AIR (HKLM\...\Adobe AIR) (Version: 3.1.0.4880 - Adobe Systems Incorporated)
Adobe AIR (Version: 3.1.0.4880 - Adobe Systems Incorporated) Hidden
Adobe Dreamweaver CC (HKLM\...\{00E094E1-A852-11E2-803D-ACEA632352B4}) (Version: 13 - Adobe Systems Incorporated)
Adobe Fireworks CS6 (HKLM\...\{CA7C485C-7A89-11E1-B2C8-CD54B377BC52}) (Version: 12.0.0 - Adobe Systems Incorporated)
Adobe Flash Player 15 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 15.0.0.167 - Adobe Systems Incorporated)
Adobe Flash Player 15 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 15.0.0.152 - Adobe Systems Incorporated)
Adobe Photoshop CC (HKLM\...\{2D99B50E-431D-4AA8-85C1-172A6F8BCF09}) (Version: 14.0 - Adobe Systems Incorporated)
Adobe Update Management Tool (HKLM\...\{534A7A1A-7102-4AF6-23EA-7CD279C7B625}_is1) (Version: 6.2 - PainteR)
Adobe Widget Browser (HKLM\...\com.adobe.WidgetBrowser) (Version: 2.0 Build 348 - Adobe Systems Incorporated.)
Adobe Widget Browser (Version: 2.0.348 - Adobe Systems Incorporated.) Hidden
Angry Birds Star Wars II 1.0.4 (HKLM\...\Angry Birds Star Wars II 1.0.4) (Version: 1.0.4 - Cat-A-Cat)
Apple Application Support (HKLM\...\{AAC5D43E-816D-4C2D-8E51-55FFF35BE301}) (Version: 3.0.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{18D47FA1-0440-48D3-A7E0-DA09537FF471}) (Version: 7.1.1.3 - Apple Inc.)
Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
AV Voice Changer Software DIAMOND 7.0 (HKLM\...\AV Voice Changer Software DIAMOND 7.0) (Version: 7.0.29 - Avnex Ltd.)
Battle.net (HKLM\...\Battle.net) (Version:  - Blizzard Entertainment)
Bejeweled 3 (HKLM\...\Bejeweled 3) (Version:  - )
Better File Rename 5.44 (HKLM\...\Better File Rename_is1) (Version:  - publicspace.net)
Bloons TD 5 Deluxe version 1.21 (HKLM\...\Bloons TD 5 Deluxe_is1) (Version: 1.21 - )
Bonjour (HKLM\...\{79155F2B-9895-49D7-8612-D92580E0DE5B}) (Version: 3.0.0.10 - Apple Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 4.13 - Piriform)
Curse Client (HKCU\...\101a9f93b8f0bb6f) (Version: 5.1.1.810 - Curse)
D3DX10 (Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Pro (HKLM\...\DAEMON Tools Pro) (Version: 5.2.0.0348 - DT Soft Ltd)
Definition Update for Microsoft Office 2013 (KB2760587) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{9D8D67FD-8FAB-4B98-A121-4CFA10380058}) (Version:  - Microsoft)
Diablo III (HKLM\...\Diablo III) (Version:  - Blizzard Entertainment)
Dust: An Elysian Tail (HKLM\...\Dust: An Elysian Tail_is1) (Version:  - Microsoft Studios)
Folder Size (HKLM\...\{FC8D21C8-7B29-4104-ADB0-FEE9CA1C7922}) (Version: 2.6 - Brio)
Foxit Advanced PDF Editor 3 (HKLM\...\B521582C-6BE3-491D-BCC8-FFB8301298E9_is1) (Version: 3.0.5.0 - Foxit Corporation)
Ghostbuster (HKCU\...\585841693e8401e3) (Version: 1.0.0.0 - Ghostbuster)
Google Chrome (HKLM\...\Google Chrome) (Version: 37.0.2062.124 - Google Inc.)
Google Update Helper (Version: 1.3.23.9 - Google Inc.) Hidden
ImgBurn (HKLM\...\ImgBurn) (Version: 2.5.7.0 - LIGHTNING UK!)
iTunes (HKLM\...\{2F21564D-DE05-4C6D-B21E-08B9D313FAB3}) (Version: 11.1.5.5 - Apple Inc.)
Java 7 Update 51 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.510 - Oracle)
Java Auto Updater (Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
MakeTorrent v2.1 (HKLM\...\MakeTorrent 2) (Version:  - )
Malwarebytes Anti-Malware version 2.0.2.1012 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Mark of the Ninja Special Edition (HKLM\...\Mark of the Ninja Special Edition_is1) (Version:  - )
Metal Slug Complete PC 1.0 (HKLM\...\Metal Slug Complete PC) (Version: 1.0 - SNK PLAYMORE)
Microsoft .NET Framework 4.5 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50709 - Microsoft Corporation)
Microsoft .NET Framework 4.5 (Version: 4.5.50709 - Microsoft Corporation) Hidden
Microsoft Access MUI (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Access Setup Metadata MUI (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6012.5000 - Microsoft Corporation) Hidden
Microsoft Baseline Security Analyzer 2.2 (HKLM\...\{13CD417D-F1F1-4AC4-945D-FDDEB884756F}) (Version: 2.2.2170 - Microsoft Corporation)
Microsoft DCF MUI (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Excel MUI (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Games for Windows - LIVE Redistributable (HKLM\...\{8FB1B528-E260-451E-9B55-E9152F94B80B}) (Version: 3.2.3.0 - Microsoft Corporation)
Microsoft Groove MUI (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft InfoPath MUI (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Lync MUI (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Mouse and Keyboard Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.2.173.0 - Microsoft Corporation)
Microsoft Mouse and Keyboard Center (Version: 2.2.173.0 - Microsoft Corporation) Hidden
Microsoft Office OSM MUI (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office OSM UX MUI (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2013 - English (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2013 - Español (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft OneNote MUI (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Outlook MUI (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft PowerPoint MUI (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Publisher MUI (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Report Viewer Redistributable 2005 (HKLM\...\Microsoft Report Viewer Redistributable 2005) (Version:  - Microsoft Corporation)
Microsoft Report Viewer Redistributable 2005 (Version: 8.0.56405 - Microsoft Corporation) Hidden
Microsoft Security Client (Version: 4.5.0216.0 - Microsoft Corporation) Hidden
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.5.216.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Word MUI (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Minecraft1.7.2 (HKLM\...\Minecraft1.7.2) (Version:  - )
Movie Maker (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Mozilla Firefox 32.0.3 (x86 en-US) (HKLM\...\Mozilla Firefox 32.0.3 (x86 en-US)) (Version: 32.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 30.0 - Mozilla)
MSVCRT (Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (Version: 16.4.1108.0727 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
NVIDIA 3D Vision Driver 335.23 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 335.23 - NVIDIA Corporation)
NVIDIA Control Panel 335.23 (Version: 335.23 - NVIDIA Corporation) Hidden
NVIDIA Graphics Driver 335.23 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 335.23 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.147.1067 - NVIDIA Corporation) Hidden
NVIDIA Stereoscopic 3D Driver (Version: 7.17.13.3523 - NVIDIA Corporation) Hidden
Opera Stable 21.0.1432.67 (HKLM\...\Opera 21.0.1432.67) (Version: 21.0.1432.67 - Opera Software ASA)
Outils de vérification linguistique 2013 de Microsoft Office - Français (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
PDF Settings CC (Version: 12.0 - Adobe Systems Incorporated) Hidden
Photo Gallery (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Pidgin (HKLM\...\Pidgin) (Version: 2.10.9 - )
pidgin-otr 4.0.0-1 (HKLM\...\pidgin-otr) (Version: 4.0.0-1 - Cypherpunks CA)
Platform (Version: 1.34 - VIA Technologies, Inc.) Hidden
PP助手2.0 (HKLM\...\PP助手2.0 Win版) (Version: 2.2.1.4268 - 广州铁人网络科技有限公司)
Project64 1.6 (HKLM\...\{9559F7CA-5E34-4237-A2D9-D856464AD727}) (Version: 1.6 - Project64)
QuickPar 0.9 (HKLM\...\QuickPar) (Version: 0.9 - Peter B. Clements)
Rainmeter (HKLM\...\Rainmeter) (Version: 3.1 beta r2255 - )
Service Pack 1 for Microsoft Office 2013 (KB2850036) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{7F6C4883-A18C-459A-82C1-A2F9403F2DA6}) (Version:  - Microsoft)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 32-Bit Edition (Version:  - Microsoft) Hidden
Sesame Street - Learn, Play & Grow (HKLM\...\{33785AE7-2203-4D93-B6B3-35B7CC3C4906}) (Version: 1.0.2.2 - Nova Development)
Shovel Knight (HKLM\...\1207664823_is1) (Version: 2.3.0.9 - GOG.com)
Sine Mora (HKLM\...\Sine Mora_is1) (Version:  - )
Skype™ 6.14 (HKLM\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.14.104 - Skype Technologies S.A.)
SpongeBob SquarePants Typing version 1.0 (HKLM\...\{C57EA3D6-3B9F-4369-8231-53990AE74510}_is1) (Version: 1.0 - Encore Software)
Subway Surfers 1.0 (HKLM\...\Subway Surfers 1.0) (Version: 1.0 - Cat-A-Cat)
Tag&Rename 3.6.6 (HKLM\...\Tag&Rename_is1) (Version: 3.6.6 - Softpointer Inc)
TopMost (HKLM\...\{EC11C41E-536B-4B39-BB35-812728C0218E}) (Version: 1.0.0 - Alon Kadury)
Torchlight II (c) Runic Games version 1 (HKLM\...\Torchlight II (c) Runic Games_is1) (Version: 1 - )
TuneUp Utilities Language Pack (en-US) (Version: 13.0.2013.194 - TuneUp Software) Hidden
Ulead GIF Animator 5 (HKLM\...\{8AF3E926-ED59-11D4-A44B-0000E86D2305}) (Version:  - )
Update for Microsoft Excel 2013 (KB2752087) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{90060D4D-6BB2-4B29-B804-3C23563EEA6B}) (Version:  - Microsoft)
Update for Microsoft Excel 2013 (KB2752087) 32-Bit Edition (HKLM\...\{90150000-0016-0409-0000-0000000FF1CE}_Office15.PROPLUS_{90060D4D-6BB2-4B29-B804-3C23563EEA6B}) (Version:  - Microsoft)
Update for Microsoft Excel 2013 (KB2752087) 32-Bit Edition (HKLM\...\{90150000-0018-0409-0000-0000000FF1CE}_Office15.PROPLUS_{90060D4D-6BB2-4B29-B804-3C23563EEA6B}) (Version:  - Microsoft)
Update for Microsoft Excel 2013 (KB2752087) 32-Bit Edition (HKLM\...\{90150000-001B-0409-0000-0000000FF1CE}_Office15.PROPLUS_{90060D4D-6BB2-4B29-B804-3C23563EEA6B}) (Version:  - Microsoft)
Update for Microsoft Lync 2013 (KB2817678) 32-Bit Edition (HKLM\...\{90150000-012B-0409-0000-0000000FF1CE}_Office15.PROPLUS_{AC57CF13-C24E-4C00-969F-5394DAE589C5}) (Version:  - Microsoft)
Update for Microsoft Lync 2013 (KB2863908) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{6764E50D-D076-41BC-B069-08DD488AE88B}) (Version:  - Microsoft)
Update for Microsoft Lync 2013 (KB2863908) 32-Bit Edition (HKLM\...\{90150000-012B-0409-0000-0000000FF1CE}_Office15.PROPLUS_{E9F5EDF4-654C-40A3-8181-D558AD8EFFE6}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2760344) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{A7610F07-E844-4444-8E1D-D5BC8AD0B4C5}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2760544) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{45B7D395-EB9B-414F-9E46-5849B42326E2}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2768012) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{66421820-D3CA-450A-898C-78D7E40108E6}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2817636) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{2D355F71-076A-42AD-8747-6132105441F4}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2817636) 32-Bit Edition (HKLM\...\{90150000-006E-0409-0000-0000000FF1CE}_Office15.PROPLUS_{2D355F71-076A-42AD-8747-6132105441F4}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2825631) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{E458713D-E208-4098-A155-EA1152F9B301}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2825631) 32-Bit Edition (HKLM\...\{90150000-006E-0409-0000-0000000FF1CE}_Office15.PROPLUS_{E458713D-E208-4098-A155-EA1152F9B301}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2827272) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{5A645CF3-3C40-4172-BCEB-19E3FC855266}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2827272) 32-Bit Edition (HKLM\...\{90150000-0016-0409-0000-0000000FF1CE}_Office15.PROPLUS_{5A645CF3-3C40-4172-BCEB-19E3FC855266}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2827272) 32-Bit Edition (HKLM\...\{90150000-0090-0409-0000-0000000FF1CE}_Office15.PROPLUS_{5A645CF3-3C40-4172-BCEB-19E3FC855266}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2863825) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{96754DD8-5AF9-4CF8-A5A9-19770CD9AFBC}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2863843) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{AD7045B8-1D75-4B4C-8120-12F045D206C7}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2863844) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{8AEAF88E-A488-4C1E-B10D-F00143BA650F}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2863860) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{4E47A3B9-D863-4CE7-9488-847F2981361B}) (Version:  - Microsoft)
Update for Microsoft OneDrive for Business (KB2863864) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{48D4C003-065C-460C-A864-BB18A159F3D6}) (Version:  - Microsoft)
Update for Microsoft OneDrive for Business (KB2863864) 32-Bit Edition (HKLM\...\{90150000-00BA-0409-0000-0000000FF1CE}_Office15.PROPLUS_{48D4C003-065C-460C-A864-BB18A159F3D6}) (Version:  - Microsoft)
Update for Microsoft OneNote 2013 (KB2817628) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{DF36A224-4C72-4FF4-9961-CD4873DDAE6C}) (Version:  - Microsoft)
Update for Microsoft OneNote 2013 (KB2817628) 32-Bit Edition (HKLM\...\{90150000-00A1-0409-0000-0000000FF1CE}_Office15.PROPLUS_{DF36A224-4C72-4FF4-9961-CD4873DDAE6C}) (Version:  - Microsoft)
Update for Microsoft Outlook 2013 (KB2863911) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{6022B459-32A4-4318-A9A4-815C0BCEF977}) (Version:  - Microsoft)
Update for Microsoft Outlook 2013 (KB2863911) 32-Bit Edition (HKLM\...\{90150000-001A-0409-0000-0000000FF1CE}_Office15.PROPLUS_{84AA6F34-E9B5-46EC-BFE6-AFB45509AF40}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2013 (KB2837627) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{CA8215E2-4E68-4BCA-BBEB-D4ED8140F037}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2013 (KB2837627) 32-Bit Edition (HKLM\...\{90150000-0018-0409-0000-0000000FF1CE}_Office15.PROPLUS_{CA8215E2-4E68-4BCA-BBEB-D4ED8140F037}) (Version:  - Microsoft)
Update for Microsoft Visio Viewer 2013 (KB2817301) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{25C61889-2E44-4BE1-9E96-9364BFDCF501}) (Version:  - Microsoft)
Update for Microsoft Visio Viewer 2013 (KB2817301) 32-Bit Edition (HKLM\...\{90150000-006E-0409-0000-0000000FF1CE}_Office15.PROPLUS_{25C61889-2E44-4BE1-9E96-9364BFDCF501}) (Version:  - Microsoft)
Update for Microsoft Word 2013 (KB2863909) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{FF3BD143-BA46-4948-A71F-5B07AA1706BB}) (Version:  - Microsoft)
Uplay (HKLM\...\Uplay) (Version: 2.0 - Ubisoft)
Ventrilo Client (HKLM\...\{789289CA-F73A-4A16-A331-54D498CE069F}) (Version: 3.0.8 - Flagship Industries, Inc.)
VIA Platform Device Manager (HKLM\...\InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.34 - VIA Technologies, Inc.)
VirtualDUB Pack (HKLM\...\VirtualDUB Pack) (Version:  - )
VLC media player 2.1.0 (HKLM\...\VLC media player) (Version: 2.1.0 - VideoLAN)
VSO ConvertXToDVD (HKLM\...\{CE1F93C0-4353-4C9D-84DA-AB4E7C63ED32}_is1) (Version: 5.0.0.74 - VSO Software)
Winamp (HKLM\...\Winamp) (Version: 5.666  - Nullsoft, Inc)
Window Hide Tool 2.0 (HKLM\...\Window Hide Tool_is1) (Version:  - FOMINE SOFTWARE)
Windows 7 USB/DVD Download Tool (HKLM\...\{3577E42B-3347-4EB8-BFDA-D36E8ED3C519}) (Version: 1.0.24.0 - Microsoft Corporation)
Windows Live Communications Platform (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM\...\WinLiveSuite) (Version: 16.4.3505.0912 - Microsoft Corporation)
Windows Live Essentials (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4311.0 - Microsoft Corporation) Hidden
Windows Live Installer (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Photo Common (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live SOXE (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live UX Platform (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Mobile Device Updater Component (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
WinRAR 4.20 (32-bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
World of Warcraft (HKLM\...\World of Warcraft) (Version:  - Blizzard Entertainment)
World of Warcraft Public Test (HKLM\...\World of Warcraft Public Test) (Version:  - Blizzard Entertainment)
Xilisoft iPhone Ringtone Maker (HKLM\...\Xilisoft iPhone Ringtone Maker) (Version: 3.0.6.20120613 - Xilisoft)
Xvid Video Codec (HKLM\...\Xvid Video Codec 1.3.2) (Version: 1.3.2 - Xvid Team)
YTD Toolbar v9.0 (HKLM\...\{9D47532D-59B3-4E15-8069-2E3FC4DA3E92}) (Version: 9.0 - Spigot, Inc.) <==== ATTENTION
YTD Video Downloader 4.8 (HKLM\...\{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}) (Version: 4.8 - GreenTree Applications SRL)
Zune (HKLM\...\Zune) (Version: 04.08.2345.00 - Microsoft Corporation)
Zune (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (CHS) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (CHT) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (CSY) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (DAN) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (DEU) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (ELL) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (ESP) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (FIN) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (FRA) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (HUN) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (IND) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (ITA) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (JPN) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (KOR) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (MSL) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (NLD) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (NOR) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (PLK) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (PTB) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (PTG) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (RUS) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (SVE) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-2709076479-299211639-3247174901-1000_Classes\CLSID\{006a54e5-f216-42b7-aab2-d8fc515c9cec}\InprocServer32 -> C:\Windows\system32\dfshim.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2709076479-299211639-3247174901-1000_Classes\CLSID\{03bb1944-9f5c-4a4b-944e-13d04065dd89}\InprocServer32 -> C:\Windows\system32\dfshim.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2709076479-299211639-3247174901-1000_Classes\CLSID\{04a5907b-4487-41c1-aab6-2b151d7e0445}\InprocServer32 -> C:\Windows\system32\dfshim.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2709076479-299211639-3247174901-1000_Classes\CLSID\{083f5ae0-2b0a-11dd-bd0b-0800200c9a66}\InprocServer32 -> C:\Windows\system32\mscoree.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2709076479-299211639-3247174901-1000_Classes\CLSID\{0a7197a2-c054-4489-b3d9-14a4d7899ac2}\InprocServer32 -> C:\Windows\system32\dfshim.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2709076479-299211639-3247174901-1000_Classes\CLSID\{0c03a24f-e0ae-49d6-bd33-3b0f1b76abd1}\InprocServer32 -> C:\Windows\system32\dfshim.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2709076479-299211639-3247174901-1000_Classes\CLSID\{0e3dd277-8f99-4c79-98a9-daab888bbded}\InprocServer32 -> C:\Windows\system32\dfshim.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2709076479-299211639-3247174901-1000_Classes\CLSID\{10417cbf-0903-413f-941d-bdbb8e733bbc}\InprocServer32 -> C:\Windows\system32\dfshim.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2709076479-299211639-3247174901-1000_Classes\CLSID\{11ee3f03-d4fb-4464-be4e-2714141969cc}\InprocServer32 -> C:\Windows\system32\dfshim.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2709076479-299211639-3247174901-1000_Classes\CLSID\{1c492e6a-2803-5ed7-83e1-1b1d4d41eb39}\InprocServer32 -> C:\Program Files\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll (Ubisoft)
CustomCLSID: HKU\S-1-5-21-2709076479-299211639-3247174901-1000_Classes\CLSID\{1d092695-9610-4a8e-b14f-25036476e9e5}\InprocServer32 -> C:\Windows\system32\dfshim.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2709076479-299211639-3247174901-1000_Classes\CLSID\{2be61b4e-1566-4c71-a117-99c9c85ef2a0}\InprocServer32 -> C:\Windows\system32\dfshim.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2709076479-299211639-3247174901-1000_Classes\CLSID\{2fbe8a6b-18b8-45d3-9bcb-3e5f4397c665}\InprocServer32 -> C:\Windows\system32\dfshim.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2709076479-299211639-3247174901-1000_Classes\CLSID\{33a402f9-889f-403f-9862-7e5d363338d4}\InprocServer32 -> C:\Windows\system32\dfshim.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2709076479-299211639-3247174901-1000_Classes\CLSID\{3ed7ba09-6333-4714-9f34-7fbb3270d1db}\InprocServer32 -> C:\Windows\system32\dfshim.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2709076479-299211639-3247174901-1000_Classes\CLSID\{4445060a-61df-42fa-8aa3-307ab0e2bec7}\InprocServer32 -> C:\Windows\system32\dfshim.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2709076479-299211639-3247174901-1000_Classes\CLSID\{47314919-e76d-4f59-a72e-5dc3e205b2df}\InprocServer32 -> C:\Windows\system32\dfshim.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2709076479-299211639-3247174901-1000_Classes\CLSID\{47ffaf2b-3914-46bb-94e0-4eab7c4ebd69}\InprocServer32 -> C:\Windows\system32\dfshim.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2709076479-299211639-3247174901-1000_Classes\CLSID\{4bd74af1-49cd-4054-bfa5-91d0aa412839}\InprocServer32 -> C:\Windows\system32\dfshim.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2709076479-299211639-3247174901-1000_Classes\CLSID\{4d798a3d-a8c1-47d4-8c61-8c3fe23e88c2}\InprocServer32 -> C:\Windows\system32\dfshim.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2709076479-299211639-3247174901-1000_Classes\CLSID\{4dd31cec-6235-4649-9f6c-dc31fb660923}\InprocServer32 -> C:\Windows\system32\dfshim.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2709076479-299211639-3247174901-1000_Classes\CLSID\{4e5077a9-ca06-41af-8394-254edddfb102}\InprocServer32 -> C:\Windows\system32\dfshim.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2709076479-299211639-3247174901-1000_Classes\CLSID\{515068f1-a99b-4ac1-9a66-d0165b1142c5}\InprocServer32 -> C:\Windows\system32\dfshim.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2709076479-299211639-3247174901-1000_Classes\CLSID\{51fc9280-d9ab-480b-8a0c-eb0b8438022f}\InprocServer32 -> C:\Windows\system32\dfshim.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2709076479-299211639-3247174901-1000_Classes\CLSID\{5aaaac67-2535-4c7a-9060-9e4123e49be1}\InprocServer32 -> C:\Windows\system32\dfshim.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2709076479-299211639-3247174901-1000_Classes\CLSID\{5b01473f-97a7-40f0-b281-9083010c6712}\InprocServer32 -> C:\Windows\system32\dfshim.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2709076479-299211639-3247174901-1000_Classes\CLSID\{5b67ef2a-4cfe-4831-bf6f-d86008fadabe}\InprocServer32 -> C:\Windows\system32\dfshim.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2709076479-299211639-3247174901-1000_Classes\CLSID\{67458a4a-7d25-4fbc-b691-5ceabf367772}\InprocServer32 -> C:\Windows\system32\dfshim.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2709076479-299211639-3247174901-1000_Classes\CLSID\{676909ec-0ada-4a01-9ae3-59aae818ba45}\InprocServer32 -> C:\Windows\system32\dfshim.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2709076479-299211639-3247174901-1000_Classes\CLSID\{6c580f86-eba0-4870-b65d-79eaa516583e}\InprocServer32 -> C:\Windows\system32\dfshim.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2709076479-299211639-3247174901-1000_Classes\CLSID\{71f0a88e-7519-471b-bd4f-6154fcbdd8f7}\InprocServer32 -> C:\Windows\system32\dfshim.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2709076479-299211639-3247174901-1000_Classes\CLSID\{723645cd-d184-4af1-b76c-fdfd891acc30}\InprocServer32 -> C:\Windows\system32\dfshim.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2709076479-299211639-3247174901-1000_Classes\CLSID\{778c029c-ca67-4139-a713-03f2be36542d}\InprocServer32 -> C:\Windows\system32\dfshim.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2709076479-299211639-3247174901-1000_Classes\CLSID\{78ba11d6-a818-4806-8cc5-6744097d6348}\InprocServer32 -> C:\Windows\system32\dfshim.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2709076479-299211639-3247174901-1000_Classes\CLSID\{7bb2769a-9ab5-40d0-afb4-c5de7349dfd4}\InprocServer32 -> C:\Windows\system32\dfshim.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2709076479-299211639-3247174901-1000_Classes\CLSID\{7e8785f2-08a9-4c29-989c-bce037d2ed15}\InprocServer32 -> C:\Windows\system32\dfshim.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2709076479-299211639-3247174901-1000_Classes\CLSID\{7eed2dd2-6d0c-4fd2-a26d-7f2b00ed7113}\InprocServer32 -> C:\Windows\system32\dfshim.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2709076479-299211639-3247174901-1000_Classes\CLSID\{7f5df0b5-1189-47c2-9bff-dd630da51e3e}\InprocServer32 -> C:\Windows\system32\dfshim.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2709076479-299211639-3247174901-1000_Classes\CLSID\{8d64261b-2d59-4e29-b18f-28e7e3b9e8cb}\InprocServer32 -> C:\Windows\system32\dfshim.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2709076479-299211639-3247174901-1000_Classes\CLSID\{8e7bd6af-b76e-40c4-a83e-b250ee23d24c}\InprocServer32 -> C:\Windows\system32\dfshim.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2709076479-299211639-3247174901-1000_Classes\CLSID\{9c2bfcf0-77c5-4a55-a276-2055e28a3a44}\InprocServer32 -> C:\Windows\system32\dfshim.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2709076479-299211639-3247174901-1000_Classes\CLSID\{a6e89bf4-d816-4b96-9c6f-deee4934db93}\InprocServer32 -> C:\Windows\system32\dfshim.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2709076479-299211639-3247174901-1000_Classes\CLSID\{b602a86c-da71-43e4-afb9-06949ad636d5}\InprocServer32 -> C:\Windows\system32\dfshim.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2709076479-299211639-3247174901-1000_Classes\CLSID\{b6b6718f-6599-42ab-b6ab-d49e9bdb499c}\InprocServer32 -> C:\Windows\system32\dfshim.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2709076479-299211639-3247174901-1000_Classes\CLSID\{b7379dd7-40b6-4a39-92c5-0d435e0e9954}\InprocServer32 -> C:\Windows\system32\dfshim.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2709076479-299211639-3247174901-1000_Classes\CLSID\{c6e50c7e-4ae2-4265-946c-bcc05ba7b17d}\InprocServer32 -> C:\Windows\system32\dfshim.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2709076479-299211639-3247174901-1000_Classes\CLSID\{cb454c5c-4681-46d2-a50d-c56a9cbe7927}\InprocServer32 -> C:\Windows\system32\dfshim.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2709076479-299211639-3247174901-1000_Classes\CLSID\{cdc7dd1a-89f8-4d4a-b828-48ba76d650dc}\InprocServer32 -> C:\Windows\system32\dfshim.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2709076479-299211639-3247174901-1000_Classes\CLSID\{e32cca19-be55-42c8-9fdd-7a1f5303c802}\InprocServer32 -> C:\Windows\system32\dfshim.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2709076479-299211639-3247174901-1000_Classes\CLSID\{e7652ce6-d2b1-4397-ab10-003ea39478bd}\InprocServer32 -> C:\Windows\system32\dfshim.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2709076479-299211639-3247174901-1000_Classes\CLSID\{f325ce13-5a39-4d46-9acb-1400813405ef}\InprocServer32 -> C:\Windows\system32\dfshim.dll (Microsoft Corporation)

==================== Restore Points  =========================

01-10-2014 11:10:46 Scheduled Checkpoint
01-10-2014 12:46:56 Installed TuneUp Utilities 2014
01-10-2014 12:56:11 Uninstalled with Total Uninstall "My Web Backups"
01-10-2014 13:08:19 Uninstalled with Total Uninstall "Microsoft Baseline Security Analyzer 2.2"
01-10-2014 13:09:36 Uninstalled with Total Uninstall "Microsoft Baseline Security Analyzer 2.2"

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-03-15 15:03 - 2014-02-25 16:31 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1       localhost

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {0C343FF1-74A7-4274-B269-20B6B7EF1784} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2014-01-23] (Microsoft Corporation)
Task: {1E6848C7-1221-46B8-8AE5-CA3B389494C5} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2013-05-13] (Microsoft Corporation)
Task: {2AF1FCE4-D637-4B73-8CB0-FE4091A2B03A} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2013-05-13] (Microsoft)
Task: {423A45D9-6F1D-43A2-9CEC-9FC1BD0889F4} - System32\Tasks\{ED73FD79-A505-4641-8AE9-D1CA9064280F} => Firefox.exe http://ui.skype.com/ui/0/6.14.0.104/en/go/help.faq.installer?LastError=1601
Task: {43788222-0CA6-4714-921A-5BFA2D994FDF} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-09-24] (Adobe Systems Incorporated)
Task: {47855562-A8E8-433E-B112-2AEA161694F4} - System32\Tasks\Java Update Scheduler => C:\Program Files\Common Files\Java\Java Update\jusched.exe [2013-07-02] (Oracle Corporation)
Task: {505AE972-9AD0-491F-BCF3-FDF03BBCD6A6} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2013-05-13] (Microsoft Corporation)
Task: {532414CF-EE5D-44FA-AF39-74857BE48C37} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {6F7C0640-20C2-473B-B0B5-37D5178F18D0} - System32\Tasks\{C52B7ADB-1D46-4852-ACD8-82FD7A505E4C} => Firefox.exe http://ui.skype.com/ui/0/6.3.0.107/en/go/help.faq.installer?source=lightinstaller&amp;LastError=1601
Task: {8CC16C9F-C0E2-4837-A00A-9570202E65C5} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2013-05-13] (Microsoft Corporation)
Task: {B5635BDE-0D64-48AD-A7C3-3F13FBB30EE8} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2013-05-13] (Microsoft Corporation)
Task: {C6B80DC8-9E88-4379-B804-A8899718823E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-04-17] (Google Inc.)
Task: {C9F91AB3-C24A-4BEF-A4E9-309306A02B79} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-04-17] (Google Inc.)
Task: {D988972E-4207-4315-8666-E7BD8FA642AB} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-04-17] (Piriform Ltd)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2013-03-09 14:40 - 2014-03-04 08:34 - 00109000 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax.dll
2014-01-20 14:17 - 2014-01-20 14:17 - 00073544 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2014-01-20 14:16 - 2014-01-20 14:16 - 01044808 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2014-08-14 01:52 - 2014-08-14 01:52 - 00118496 _____ () C:\Program Files\PP助手2.0\adevicehelpersvr.exe
2014-08-14 01:52 - 2014-08-14 01:52 - 00166624 _____ () C:\Program Files\PP助手2.0\monconfigapi.dll
2014-03-12 20:07 - 2014-03-12 20:07 - 08884904 _____ () C:\Program Files\Microsoft Office\Office15\1033\GrooveIntlResource.dll
2014-08-14 01:52 - 2014-08-14 01:52 - 00282336 _____ () C:\Program Files\PP助手2.0\pppclogger.dll
2014-08-14 01:52 - 2014-08-14 01:52 - 00376032 _____ () C:\Program Files\PP助手2.0\DevHelper.dll
2014-08-14 01:52 - 2014-08-14 01:52 - 00329440 _____ () C:\Program Files\PP助手2.0\DriverTools.dll
2013-03-09 22:18 - 2013-03-09 22:04 - 00107520 _____ () C:\Program Files\DAEMON Tools Pro\BRD.dll
2013-09-22 19:18 - 2013-09-22 19:18 - 00113664 _____ () C:\Program Files\VideoLAN\VLC\libvlc.dll
2013-09-22 19:19 - 2013-09-22 19:19 - 02341888 _____ () C:\Program Files\VideoLAN\VLC\libvlccore.dll
2013-09-22 19:18 - 2013-09-22 19:18 - 00246784 _____ () C:\Program Files\VideoLAN\VLC\plugins\access\libdshow_plugin.dll
2013-09-22 19:19 - 2013-09-22 19:19 - 00047616 _____ () C:\Program Files\VideoLAN\VLC\plugins\audio_output\libdirectsound_plugin.dll
2013-09-22 19:19 - 2013-09-22 19:19 - 00050688 _____ () C:\Program Files\VideoLAN\VLC\plugins\audio_output\libwaveout_plugin.dll
2013-09-22 19:19 - 2013-09-22 19:19 - 11749376 _____ () C:\Program Files\VideoLAN\VLC\plugins\gui\libqt4_plugin.dll
2013-09-22 19:18 - 2013-09-22 19:18 - 01283584 _____ () C:\Program Files\VideoLAN\VLC\plugins\misc\libxml_plugin.dll
2013-09-22 19:18 - 2013-09-22 19:18 - 00079360 _____ () C:\Program Files\VideoLAN\VLC\plugins\video_output\libdirectdraw_plugin.dll
2013-09-22 19:18 - 2013-09-22 19:18 - 02029568 _____ () C:\Program Files\VideoLAN\VLC\plugins\access\liblibbluray_plugin.dll
2013-09-22 19:18 - 2013-09-22 19:18 - 00100352 _____ () C:\Program Files\VideoLAN\VLC\plugins\access\libaccess_bd_plugin.dll
2013-09-22 19:18 - 2013-09-22 19:18 - 00258560 _____ () C:\Program Files\VideoLAN\VLC\plugins\access\libdvdnav_plugin.dll
2013-09-22 19:18 - 2013-09-22 19:18 - 00076288 _____ () C:\Program Files\VideoLAN\VLC\plugins\access\libaccess_vdr_plugin.dll
2013-09-22 19:18 - 2013-09-22 19:18 - 00046592 _____ () C:\Program Files\VideoLAN\VLC\plugins\access\libfilesystem_plugin.dll
2013-09-22 19:18 - 2013-09-22 19:18 - 00061440 _____ () C:\Program Files\VideoLAN\VLC\plugins\stream_filter\libsmooth_plugin.dll
2013-09-22 19:18 - 2013-09-22 19:18 - 00465920 _____ () C:\Program Files\VideoLAN\VLC\plugins\stream_filter\libhttplive_plugin.dll
2013-09-22 19:18 - 2013-09-22 19:18 - 00719872 _____ () C:\Program Files\VideoLAN\VLC\plugins\stream_filter\libdash_plugin.dll
2013-09-22 19:18 - 2013-09-22 19:18 - 00114688 _____ () C:\Program Files\VideoLAN\VLC\plugins\access\libzip_plugin.dll
2013-09-22 19:18 - 2013-09-22 19:18 - 00039936 _____ () C:\Program Files\VideoLAN\VLC\plugins\access\libstream_filter_rar_plugin.dll
2013-09-22 19:18 - 2013-09-22 19:18 - 00136704 _____ () C:\Program Files\VideoLAN\VLC\plugins\demux\libplaylist_plugin.dll
2013-09-22 19:18 - 2013-09-22 19:18 - 01409536 _____ () C:\Program Files\VideoLAN\VLC\plugins\meta_engine\libtaglib_plugin.dll
2013-09-22 19:18 - 2013-09-22 19:18 - 00300032 _____ () C:\Program Files\VideoLAN\VLC\plugins\lua\liblua_plugin.dll
2013-09-22 19:18 - 2013-09-22 19:18 - 00056320 _____ () C:\Program Files\VideoLAN\VLC\plugins\control\libhotkeys_plugin.dll
2013-09-22 19:18 - 2013-09-22 19:18 - 00038912 _____ () C:\Program Files\VideoLAN\VLC\plugins\control\libglobalhotkeys_plugin.dll
2013-09-22 19:18 - 2013-09-22 19:18 - 00378368 _____ () C:\Program Files\VideoLAN\VLC\plugins\services_discovery\libupnp_plugin.dll
2013-09-22 19:18 - 2013-09-22 19:18 - 00118272 _____ () C:\Program Files\VideoLAN\VLC\plugins\services_discovery\libsap_plugin.dll
2013-09-22 19:18 - 2013-09-22 19:18 - 00043520 _____ () C:\Program Files\VideoLAN\VLC\plugins\services_discovery\libpodcast_plugin.dll
2013-09-22 19:18 - 2013-09-22 19:18 - 00039936 _____ () C:\Program Files\VideoLAN\VLC\plugins\services_discovery\libmediadirs_plugin.dll
2013-09-22 19:18 - 2013-09-22 19:18 - 00037376 _____ () C:\Program Files\VideoLAN\VLC\plugins\services_discovery\libwindrive_plugin.dll
2013-09-22 19:18 - 2013-09-22 19:18 - 00192000 _____ () C:\Program Files\VideoLAN\VLC\plugins\demux\libmp4_plugin.dll
2013-09-22 19:18 - 2013-09-22 19:18 - 00091136 _____ () C:\Program Files\VideoLAN\VLC\plugins\demux\libavi_plugin.dll
2013-09-22 19:19 - 2013-09-22 19:19 - 00292864 _____ () C:\Program Files\VideoLAN\VLC\plugins\codec\libpng_plugin.dll
2013-09-22 19:19 - 2013-09-22 19:19 - 00040448 _____ () C:\Program Files\VideoLAN\VLC\plugins\codec\libcdg_plugin.dll
2013-09-22 19:18 - 2013-09-22 19:18 - 01297920 _____ () C:\Program Files\VideoLAN\VLC\plugins\codec\libschroedinger_plugin.dll
2013-09-22 19:19 - 2013-09-22 19:19 - 00041472 _____ () C:\Program Files\VideoLAN\VLC\plugins\codec\libdts_plugin.dll
2013-09-22 19:19 - 2013-09-22 19:19 - 00350720 _____ () C:\Program Files\VideoLAN\VLC\plugins\codec\libtheora_plugin.dll
2013-09-22 19:18 - 2013-09-22 19:18 - 00359424 _____ () C:\Program Files\VideoLAN\VLC\plugins\codec\libfaad_plugin.dll
2013-09-22 19:18 - 2013-09-22 19:18 - 00209408 _____ () C:\Program Files\VideoLAN\VLC\plugins\codec\libflac_plugin.dll
2013-09-22 19:19 - 2013-09-22 19:19 - 00049152 _____ () C:\Program Files\VideoLAN\VLC\plugins\codec\libg711_plugin.dll
2013-09-22 19:19 - 2013-09-22 19:19 - 00037888 _____ () C:\Program Files\VideoLAN\VLC\plugins\codec\libaes3_plugin.dll
2013-09-22 19:19 - 2013-09-22 19:19 - 01381376 _____ () C:\Program Files\VideoLAN\VLC\plugins\codec\liblibass_plugin.dll
2013-09-22 19:18 - 2013-09-22 19:18 - 00144896 _____ () C:\Program Files\VideoLAN\VLC\plugins\codec\libspeex_plugin.dll
2013-09-22 19:18 - 2013-09-22 19:18 - 00044032 _____ () C:\Program Files\VideoLAN\VLC\plugins\codec\liblpcm_plugin.dll
2013-09-22 19:18 - 2013-09-22 19:18 - 01723904 _____ () C:\Program Files\VideoLAN\VLC\plugins\codec\libvorbis_plugin.dll
2013-09-22 19:19 - 2013-09-22 19:19 - 00041472 _____ () C:\Program Files\VideoLAN\VLC\plugins\codec\libmpeg_audio_plugin.dll
2013-09-22 19:18 - 2013-09-22 19:18 - 00048640 _____ () C:\Program Files\VideoLAN\VLC\plugins\codec\libaraw_plugin.dll
2013-09-22 19:19 - 2013-09-22 19:19 - 00311296 _____ () C:\Program Files\VideoLAN\VLC\plugins\codec\libopus_plugin.dll
2013-09-22 19:19 - 2013-09-22 19:19 - 00040448 _____ () C:\Program Files\VideoLAN\VLC\plugins\codec\liba52_plugin.dll
2013-09-22 19:18 - 2013-09-22 19:18 - 00042496 _____ () C:\Program Files\VideoLAN\VLC\plugins\codec\libspudec_plugin.dll
2013-09-22 19:18 - 2013-09-22 19:18 - 09987584 _____ () C:\Program Files\VideoLAN\VLC\plugins\codec\libavcodec_plugin.dll
2013-09-22 19:18 - 2013-09-22 19:18 - 00731648 _____ () C:\Program Files\VideoLAN\VLC\plugins\text_renderer\libfreetype_plugin.dll
2013-09-22 19:18 - 2013-09-22 19:18 - 00034816 _____ () C:\Program Files\VideoLAN\VLC\plugins\audio_mixer\libfloat_mixer_plugin.dll
2013-09-22 19:18 - 2013-09-22 19:18 - 00040960 _____ () C:\Program Files\VideoLAN\VLC\plugins\audio_filter\libscaletempo_plugin.dll
2013-09-22 19:18 - 2013-09-22 19:18 - 00130560 _____ () C:\Program Files\VideoLAN\VLC\plugins\audio_filter\libmpgatofixed32_plugin.dll
2013-09-22 19:18 - 2013-09-22 19:18 - 00183808 _____ () C:\Program Files\VideoLAN\VLC\plugins\audio_filter\libdtstofloat32_plugin.dll
2013-09-22 19:18 - 2013-09-22 19:18 - 00073728 _____ () C:\Program Files\VideoLAN\VLC\plugins\audio_filter\liba52tofloat32_plugin.dll
2013-09-22 19:18 - 2013-09-22 19:18 - 00052224 _____ () C:\Program Files\VideoLAN\VLC\plugins\sse2\libi420_yuy2_sse2_plugin.dll
2013-09-22 19:18 - 2013-09-22 19:18 - 01518592 _____ () C:\Program Files\VideoLAN\VLC\plugins\audio_filter\libsamplerate_plugin.dll
2013-09-22 19:18 - 2013-09-22 19:18 - 00044032 _____ () C:\Program Files\VideoLAN\VLC\plugins\mmx\libi420_yuy2_mmx_plugin.dll
2013-09-22 19:18 - 2013-09-22 19:18 - 00541184 _____ () C:\Program Files\VideoLAN\VLC\plugins\video_filter\libswscale_plugin.dll
2013-09-22 19:18 - 2013-09-22 19:18 - 00040960 _____ () C:\Program Files\VideoLAN\VLC\plugins\audio_filter\libsimple_channel_mixer_plugin.dll
2013-09-22 19:18 - 2013-09-22 19:18 - 00035328 _____ () C:\Program Files\VideoLAN\VLC\plugins\audio_filter\liba52tospdif_plugin.dll
2013-09-22 19:18 - 2013-09-22 19:18 - 00037376 _____ () C:\Program Files\VideoLAN\VLC\plugins\audio_filter\libdtstospdif_plugin.dll
2013-09-22 19:18 - 2013-09-22 19:18 - 00137728 _____ () C:\Program Files\VideoLAN\VLC\plugins\sse2\libi420_rgb_sse2_plugin.dll
2013-09-22 19:18 - 2013-09-22 19:18 - 00036352 _____ () C:\Program Files\VideoLAN\VLC\plugins\audio_filter\libdolby_surround_decoder_plugin.dll
2013-09-22 19:18 - 2013-09-22 19:18 - 00051712 _____ () C:\Program Files\VideoLAN\VLC\plugins\sse2\libi422_yuy2_sse2_plugin.dll
2013-09-22 19:18 - 2013-09-22 19:18 - 00036352 _____ () C:\Program Files\VideoLAN\VLC\plugins\audio_filter\libugly_resampler_plugin.dll
2013-09-22 19:18 - 2013-09-22 19:18 - 00043008 _____ () C:\Program Files\VideoLAN\VLC\plugins\mmx\libi422_yuy2_mmx_plugin.dll
2013-09-22 19:18 - 2013-09-22 19:18 - 00076800 _____ () C:\Program Files\VideoLAN\VLC\plugins\mmx\libi420_rgb_mmx_plugin.dll
2013-09-22 19:18 - 2013-09-22 19:18 - 00036864 _____ () C:\Program Files\VideoLAN\VLC\plugins\audio_filter\libtrivial_channel_mixer_plugin.dll
2013-09-22 19:18 - 2013-09-22 19:18 - 00038912 _____ () C:\Program Files\VideoLAN\VLC\plugins\video_chroma\libyuy2_i422_plugin.dll
2013-09-22 19:18 - 2013-09-22 19:18 - 00046080 _____ () C:\Program Files\VideoLAN\VLC\plugins\audio_filter\libaudio_format_plugin.dll
2013-09-22 19:18 - 2013-09-22 19:18 - 00037376 _____ () C:\Program Files\VideoLAN\VLC\plugins\video_chroma\libgrey_yuv_plugin.dll
2013-09-22 19:18 - 2013-09-22 19:18 - 00055808 _____ () C:\Program Files\VideoLAN\VLC\plugins\video_chroma\libi420_rgb_plugin.dll
2013-09-22 19:18 - 2013-09-22 19:18 - 00041984 _____ () C:\Program Files\VideoLAN\VLC\plugins\video_chroma\libi420_yuy2_plugin.dll
2013-09-22 19:18 - 2013-09-22 19:18 - 00043008 _____ () C:\Program Files\VideoLAN\VLC\plugins\video_chroma\libyuy2_i420_plugin.dll
2013-09-22 19:18 - 2013-09-22 19:18 - 00040448 _____ () C:\Program Files\VideoLAN\VLC\plugins\video_chroma\libi422_yuy2_plugin.dll
2013-09-22 19:18 - 2013-09-22 19:18 - 00037376 _____ () C:\Program Files\VideoLAN\VLC\plugins\video_chroma\libi422_i420_plugin.dll
2013-09-22 19:18 - 2013-09-22 19:18 - 00036864 _____ () C:\Program Files\VideoLAN\VLC\plugins\video_filter\libscale_plugin.dll
2013-09-22 19:18 - 2013-09-22 19:18 - 00035840 _____ () C:\Program Files\VideoLAN\VLC\plugins\video_filter\libyuvp_plugin.dll
2013-09-22 19:18 - 2013-09-22 19:18 - 00079872 _____ () C:\Program Files\VideoLAN\VLC\plugins\video_output\libdirect3d_plugin.dll
2014-03-31 14:08 - 2014-09-27 10:50 - 03715184 _____ () C:\Program Files\Mozilla Firefox\mozjs.dll
2014-08-19 02:02 - 2014-08-19 02:02 - 01020928 _____ () C:\Users\nots0\AppData\Roaming\Mozilla\Firefox\Profiles\tz0ans2l.default\extensions\[email protected]\platform\WINNT_x86-msvc\components\lpxpcom.dll
2014-05-24 16:06 - 2014-05-12 01:51 - 01397880 _____ () C:\Program Files\Opera\21.0.1432.67\opera_crashreporter.exe
2014-05-24 16:06 - 2014-05-12 01:51 - 00877688 _____ () C:\Program Files\Opera\21.0.1432.67\libglesv2.dll
2014-05-24 16:06 - 2014-05-12 01:51 - 00135800 _____ () C:\Program Files\Opera\21.0.1432.67\libegl.dll
2014-05-24 16:06 - 2014-05-12 01:51 - 00957048 _____ () C:\Program Files\Opera\21.0.1432.67\ffmpegsumo.dll
2014-09-10 23:01 - 2014-09-10 23:01 - 16825520 _____ () C:\Windows\system32\Macromed\Flash\NPSWF32_15_0_0_152.dll
2014-10-01 10:31 - 2014-10-01 10:31 - 04893784 _____ () C:\Users\nots0\Downloads\RogueKiller.exe

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\ProgramData\TEMP:9A870F8B
AlternateDataStreams: C:\ProgramData\TEMP:D1B5B4F1

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinFLAdrv.sys => ""="Driver"

==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

MSCONFIG\Services: AxInstSV => 3
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^StrongVaultApp.exe.lnk => C:\Windows\pss\StrongVaultApp.exe.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Who Is On My Wifi.lnk => C:\Windows\pss\Who Is On My Wifi.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^nots0^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^CurseClientStartup.ccip => C:\Windows\pss\CurseClientStartup.ccipStartup
MSCONFIG\startupfolder: C:^Users^nots0^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Rainmeter.lnk => C:\Windows\pss\Rainmeter.lnkStartup
MSCONFIG\startupfolder: C:^Users^nots0^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Send to OneNote.lnk => C:\Windows\pss\Send to OneNote.lnkStartup
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: AdobeCS6ServiceManager => "C:\Program Files\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
MSCONFIG\startupreg: HDAudDeck => C:\Program Files\VIA\VIAudioi\VDeck\VDeck.exe -r
MSCONFIG\startupreg: Skype => "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: Zune Launcher => "C:\Program Files\Zune\ZuneLauncher.exe"

========================= Accounts: ==========================

Administrator (S-1-5-21-2709076479-299211639-3247174901-500 - Administrator - Disabled)
Guest (S-1-5-21-2709076479-299211639-3247174901-501 - Limited - Disabled)
nots0 (S-1-5-21-2709076479-299211639-3247174901-1000 - Administrator - Enabled) => C:\Users\nots0

==================== Faulty Device Manager Devices =============

Name: WAN Miniport (PPPOE)
Description: WAN Miniport (PPPOE)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: RasPppoe
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: WAN Miniport (PPTP)
Description: WAN Miniport (PPTP)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: PptpMiniport
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: WAN Miniport (SSTP)
Description: WAN Miniport (SSTP)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: RasSstp
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Microsoft ISATAP Adapter
Description: Microsoft ISATAP Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Microsoft ISATAP Adapter #2
Description: Microsoft ISATAP Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Microsoft ISATAP Adapter #3
Description: Microsoft ISATAP Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: siCk
Description: Zune
Class Guid: {eec5ad98-8080-425f-922a-dabf3de3f69a}
Manufacturer: Microsoft
Service: WUDFRd
Problem: : Windows has stopped this device because it has reported problems. (Code 43)
Resolution: One of the drivers controlling the device notified the operating system that the device failed in some manner. For more information about how to diagnose the problem, see the hardware documentation. 

Name: WAN Miniport (IKEv2)
Description: WAN Miniport (IKEv2)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: RasAgileVpn
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: WAN Miniport (L2TP)
Description: WAN Miniport (L2TP)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: Rasl2tp
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: WAN Miniport (Network Monitor)
Description: WAN Miniport (Network Monitor)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: NdisWan
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: WAN Miniport (IP)
Description: WAN Miniport (IP)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: NdisWan
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: WAN Miniport (IPv6)
Description: WAN Miniport (IPv6)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: NdisWan
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (10/01/2014 09:12:45 AM) (Source: ESENT) (EventID: 104) (User: )
Description: Windows (3708) Windows: The database engine stopped the instance (0) with error (-1090).

Error: (10/01/2014 09:12:13 AM) (Source: ESENT) (EventID: 471) (User: )
Description: Windows (3708) Windows: Unable to rollback operation #406168 on database C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Windows.edb. Error: -510. All future database updates will be rejected.

Error: (10/01/2014 09:12:13 AM) (Source: ESENT) (EventID: 492) (User: )
Description: Windows (3708) Windows: The logfile sequence in "C:\ProgramData\Microsoft\Search\Data\Applications\Windows\" has been halted due to a fatal error.  No further updates are possible for the databases that use this logfile sequence.  Please correct the problem and restart or restore from backup.

Error: (10/01/2014 09:12:13 AM) (Source: ESENT) (EventID: 413) (User: )
Description: Windows (3708) Windows: Unable to create a new logfile because the database cannot write to the log drive. The drive may be read-only, out of disk space, misconfigured, or corrupted. Error -1023.

Error: (10/01/2014 09:12:13 AM) (Source: ESENT) (EventID: 486) (User: )
Description: Windows (3708) Windows: An attempt to move the file "C:\ProgramData\Microsoft\Search\Data\Applications\Windows\MSS.log" to "C:\ProgramData\Microsoft\Search\Data\Applications\Windows\MSS008D0.log" failed with system error 3 (0x00000003): "The system cannot find the path specified. ".  The move file operation will fail with error -1023 (0xfffffc01).

Error: (10/01/2014 09:12:13 AM) (Source: ESENT) (EventID: 439) (User: )
Description: Windows (3708) Windows: Unable to write a shadowed header for file C:\ProgramData\Microsoft\Search\Data\Applications\Windows\MSS.chk. Error -1023.

Error: (10/01/2014 09:12:06 AM) (Source: ESENT) (EventID: 439) (User: )
Description: Windows (3708) Windows: Unable to write a shadowed header for file C:\ProgramData\Microsoft\Search\Data\Applications\Windows\MSS.chk. Error -1023.

Error: (10/01/2014 07:29:28 AM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: )
Description: Subscription licensing service failed: -2147023838

Error: (09/30/2014 01:54:03 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 11185

Error: (09/30/2014 01:54:03 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 11185


System errors:
=============
Error: (10/01/2014 10:05:29 AM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )
Description: %NT AUTHORITY60 has encountered an error trying to update signatures.

	New Signature Version: 

	Previous Signature Version: 1.185.1458.0

	Update Source: %NT AUTHORITY59

	Update Stage: 4.5.0216.00

	Source Path: 4.5.0216.01

	Signature Type: %NT AUTHORITY602

	Update Type: %NT AUTHORITY604

	User: NT AUTHORITY\SYSTEM

	Current Engine Version: %NT AUTHORITY605

	Previous Engine Version: %NT AUTHORITY606

	Error code: %NT AUTHORITY607

	Error description: %NT AUTHORITY608

Error: (10/01/2014 09:58:33 AM) (Source: DCOM) (EventID: 10000) (User: )
Description: C:\Windows\system32\DllHost.exe /Processid:{AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}5{AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}

Error: (10/01/2014 09:58:29 AM) (Source: DCOM) (EventID: 10001) (User: )
Description: C:\Windows\system32\DllHost.exe /Processid:{F9717507-6651-4EDB-BFF7-AE615179BCCF}5{C39EE728-D419-4BD4-A3EF-EDA059DBD935}

Error: (10/01/2014 09:55:20 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Internet Connection Sharing (ICS) service depends on the Remote Access Connection Manager service which failed to start because of the following error: 
%%1058

Error: (10/01/2014 09:13:17 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The PP Assistant Service service terminated unexpectedly.  It has done this 1 time(s).

Error: (10/01/2014 09:13:15 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Windows Search service failed to start due to the following error: 
%%2

Error: (10/01/2014 08:31:06 AM) (Source: DCOM) (EventID: 10000) (User: )
Description: C:\Windows\system32\DllHost.exe /Processid:{AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}5{AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}

Error: (10/01/2014 08:29:54 AM) (Source: DCOM) (EventID: 10001) (User: )
Description: C:\Windows\system32\DllHost.exe /Processid:{F9717507-6651-4EDB-BFF7-AE615179BCCF}5{C39EE728-D419-4BD4-A3EF-EDA059DBD935}

Error: (09/30/2014 11:16:25 PM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )
Description: %NT AUTHORITY60 has encountered an error trying to update signatures.

	New Signature Version: 

	Previous Signature Version: 1.185.1458.0

	Update Source: %NT AUTHORITY59

	Update Stage: 4.5.0216.00

	Source Path: 4.5.0216.01

	Signature Type: %NT AUTHORITY602

	Update Type: %NT AUTHORITY604

	User: NT AUTHORITY\SYSTEM

	Current Engine Version: %NT AUTHORITY605

	Previous Engine Version: %NT AUTHORITY606

	Error code: %NT AUTHORITY607

	Error description: %NT AUTHORITY608

Error: (09/30/2014 01:26:08 PM) (Source: DCOM) (EventID: 10000) (User: )
Description: C:\Windows\system32\DllHost.exe /Processid:{16D99191-6280-4B33-A2F5-04805A0FC582}5{BB46F03E-7CD2-489F-8F95-BB950F395FDB}


Microsoft Office Sessions:
=========================
Error: (10/01/2014 09:12:45 AM) (Source: ESENT) (EventID: 104) (User: )
Description: Windows3708Windows: 0-1090

Error: (10/01/2014 09:12:13 AM) (Source: ESENT) (EventID: 471) (User: )
Description: Windows3708Windows: 406168C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Windows.edb-510

Error: (10/01/2014 09:12:13 AM) (Source: ESENT) (EventID: 492) (User: )
Description: Windows3708Windows: C:\ProgramData\Microsoft\Search\Data\Applications\Windows\

Error: (10/01/2014 09:12:13 AM) (Source: ESENT) (EventID: 413) (User: )
Description: Windows3708Windows: -1023

Error: (10/01/2014 09:12:13 AM) (Source: ESENT) (EventID: 486) (User: )
Description: Windows3708Windows: C:\ProgramData\Microsoft\Search\Data\Applications\Windows\MSS.logC:\ProgramData\Microsoft\Search\Data\Applications\Windows\MSS008D0.log-1023 (0xfffffc01)3 (0x00000003)The system cannot find the path specified.

Error: (10/01/2014 09:12:13 AM) (Source: ESENT) (EventID: 439) (User: )
Description: Windows3708Windows: C:\ProgramData\Microsoft\Search\Data\Applications\Windows\MSS.chk-1023

Error: (10/01/2014 09:12:06 AM) (Source: ESENT) (EventID: 439) (User: )
Description: Windows3708Windows: C:\ProgramData\Microsoft\Search\Data\Applications\Windows\MSS.chk-1023

Error: (10/01/2014 07:29:28 AM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: )
Description: Subscription licensing service failed: -2147023838

Error: (09/30/2014 01:54:03 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 11185

Error: (09/30/2014 01:54:03 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 11185


==================== Memory info =========================== 

Processor: AMD Phenom(tm) II X4 955 Processor
Percentage of memory in use: 91%
Total physical RAM: 3327.18 MB
Available physical RAM: 268.19 MB
Total Pagefile: 6652.65 MB
Available Pagefile: 4001.74 MB
Total Virtual: 2047.88 MB
Available Virtual: 1874.88 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:931.41 GB) (Free:499.86 GB) NTFS
Drive d: (Repair disc Windows 7 32-bit) (CDROM) (Total:0.14 GB) (Free:0 GB) UDF

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: A32E54E3)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=931.4 GB) - (Type=07 NTFS)

==================== End Of Log ============================



Starting Nmap 6.47 ( http://nmap.org ) at 2014-10-01 12:26 Eastern Daylight Time

NSE: Loaded 118 scripts for scanning.

NSE: Script Pre-scanning.

Initiating Parallel DNS resolution of 1 host. at 12:26

Completed Parallel DNS resolution of 1 host. at 12:26, 0.03s elapsed

Skipping SYN Stealth Scan against 10.0.0.2 because Windows does not support scanning your own machine (localhost) this way.

Initiating Service scan at 12:26

Skipping OS Scan against 10.0.0.2 because it doesn't work against your own machine (localhost)

NSE: Script scanning 10.0.0.2.

Initiating NSE at 12:26

Completed NSE at 12:26, 0.00s elapsed

Nmap scan report for 10.0.0.2

Host is up.

PORT      STATE   SERVICE              VERSION

1/tcp     unknown tcpmux

3/tcp     unknown compressnet

4/tcp     unknown unknown

6/tcp     unknown unknown

7/tcp     unknown echo

9/tcp     unknown discard

13/tcp    unknown daytime

17/tcp    unknown qotd

19/tcp    unknown chargen

20/tcp    unknown ftp-data

21/tcp    unknown ftp

22/tcp    unknown ssh

23/tcp    unknown telnet

24/tcp    unknown priv-mail

25/tcp    unknown smtp

26/tcp    unknown rsftp

30/tcp    unknown unknown

32/tcp    unknown unknown

33/tcp    unknown dsp

37/tcp    unknown time

42/tcp    unknown nameserver

43/tcp    unknown whois

49/tcp    unknown tacacs

53/tcp    unknown domain

70/tcp    unknown gopher

79/tcp    unknown finger

80/tcp    unknown http

81/tcp    unknown hosts2-ns

82/tcp    unknown xfer

83/tcp    unknown mit-ml-dev

84/tcp    unknown ctf

85/tcp    unknown mit-ml-dev

88/tcp    unknown kerberos-sec

89/tcp    unknown su-mit-tg

90/tcp    unknown dnsix

99/tcp    unknown metagram

100/tcp   unknown newacct

106/tcp   unknown pop3pw

109/tcp   unknown pop2

110/tcp   unknown pop3

111/tcp   unknown rpcbind

113/tcp   unknown ident

119/tcp   unknown nntp

125/tcp   unknown locus-map

135/tcp   unknown msrpc

139/tcp   unknown netbios-ssn

143/tcp   unknown imap

144/tcp   unknown news

146/tcp   unknown iso-tp0

161/tcp   unknown snmp

163/tcp   unknown cmip-man

179/tcp   unknown bgp

199/tcp   unknown smux

211/tcp   unknown 914c-g

212/tcp   unknown anet

222/tcp   unknown rsh-spx

254/tcp   unknown unknown

255/tcp   unknown unknown

256/tcp   unknown fw1-secureremote

259/tcp   unknown esro-gen

264/tcp   unknown bgmp

280/tcp   unknown http-mgmt

301/tcp   unknown unknown

306/tcp   unknown unknown

311/tcp   unknown asip-webadmin

340/tcp   unknown unknown

366/tcp   unknown odmr

389/tcp   unknown ldap

406/tcp   unknown imsp

407/tcp   unknown timbuktu

416/tcp   unknown silverplatter

417/tcp   unknown onmux

425/tcp   unknown icad-el

427/tcp   unknown svrloc

443/tcp   unknown https

444/tcp   unknown snpp

445/tcp   unknown microsoft-ds

458/tcp   unknown appleqtc

464/tcp   unknown kpasswd5

465/tcp   unknown smtps

481/tcp   unknown dvs

497/tcp   unknown retrospect

500/tcp   unknown isakmp

512/tcp   unknown exec

513/tcp   unknown login

514/tcp   unknown shell

515/tcp   unknown printer

524/tcp   unknown ncp

541/tcp   unknown uucp-rlogin

543/tcp   unknown klogin

544/tcp   unknown kshell

545/tcp   unknown ekshell

548/tcp   unknown afp

554/tcp   unknown rtsp

555/tcp   unknown dsf

563/tcp   unknown snews

587/tcp   unknown submission

593/tcp   unknown http-rpc-epmap

616/tcp   unknown sco-sysmgr

617/tcp   unknown sco-dtmgr

625/tcp   unknown apple-xsrvr-admin

631/tcp   unknown ipp

636/tcp   unknown ldapssl

646/tcp   unknown ldp

648/tcp   unknown rrp

666/tcp   unknown doom

667/tcp   unknown disclose

668/tcp   unknown mecomm

683/tcp   unknown corba-iiop

687/tcp   unknown asipregistry

691/tcp   unknown resvc

700/tcp   unknown epp

705/tcp   unknown agentx

711/tcp   unknown cisco-tdp

714/tcp   unknown iris-xpcs

720/tcp   unknown unknown

722/tcp   unknown unknown

726/tcp   unknown unknown

749/tcp   unknown kerberos-adm

765/tcp   unknown webster

777/tcp   unknown multiling-http

783/tcp   unknown spamassassin

787/tcp   unknown qsc

800/tcp   unknown mdbs_daemon

801/tcp   unknown device

808/tcp   unknown ccproxy-http

843/tcp   unknown unknown

873/tcp   unknown rsync

880/tcp   unknown unknown

888/tcp   unknown accessbuilder

898/tcp   unknown sun-manageconsole

900/tcp   unknown omginitialrefs

901/tcp   unknown samba-swat

902/tcp   unknown iss-realsecure

903/tcp   unknown iss-console-mgr

911/tcp   unknown xact-backup

912/tcp   unknown apex-mesh

981/tcp   unknown unknown

987/tcp   unknown unknown

990/tcp   unknown ftps

992/tcp   unknown telnets

993/tcp   unknown imaps

995/tcp   unknown pop3s

999/tcp   unknown garcon

1000/tcp  unknown cadlock

1001/tcp  unknown unknown

1002/tcp  unknown windows-icfw

1007/tcp  unknown unknown

1009/tcp  unknown unknown

1010/tcp  unknown surf

1011/tcp  unknown unknown

1021/tcp  unknown exp1

1022/tcp  unknown exp2

1023/tcp  unknown netvenuechat

1024/tcp  unknown kdm

1025/tcp  unknown NFS-or-IIS

1026/tcp  unknown LSA-or-nterm

1027/tcp  unknown IIS

1028/tcp  unknown unknown

1029/tcp  unknown ms-lsa

1030/tcp  unknown iad1

1031/tcp  unknown iad2

1032/tcp  unknown iad3

1033/tcp  unknown netinfo

1034/tcp  unknown zincite-a

1035/tcp  unknown multidropper

1036/tcp  unknown nsstp

1037/tcp  unknown ams

1038/tcp  unknown mtqp

1039/tcp  unknown sbl

1040/tcp  unknown netsaint

1041/tcp  unknown danf-ak2

1042/tcp  unknown afrog

1043/tcp  unknown boinc

1044/tcp  unknown dcutility

1045/tcp  unknown fpitp

1046/tcp  unknown wfremotertm

1047/tcp  unknown neod1

1048/tcp  unknown neod2

1049/tcp  unknown td-postman

1050/tcp  unknown java-or-OTGfileshare

1051/tcp  unknown optima-vnet

1052/tcp  unknown ddt

1053/tcp  unknown remote-as

1054/tcp  unknown brvread

1055/tcp  unknown ansyslmd

1056/tcp  unknown vfo

1057/tcp  unknown startron

1058/tcp  unknown nim

1059/tcp  unknown nimreg

1060/tcp  unknown polestar

1061/tcp  unknown kiosk

1062/tcp  unknown veracity

1063/tcp  unknown kyoceranetdev

1064/tcp  unknown jstel

1065/tcp  unknown syscomlan

1066/tcp  unknown fpo-fns

1067/tcp  unknown instl_boots

1068/tcp  unknown instl_bootc

1069/tcp  unknown cognex-insight

1070/tcp  unknown gmrupdateserv

1071/tcp  unknown bsquare-voip

1072/tcp  unknown cardax

1073/tcp  unknown bridgecontrol

1074/tcp  unknown warmspotMgmt

1075/tcp  unknown rdrmshc

1076/tcp  unknown sns_credit

1077/tcp  unknown imgames

1078/tcp  unknown avocent-proxy

1079/tcp  unknown asprovatalk

1080/tcp  unknown socks

1081/tcp  unknown pvuniwien

1082/tcp  unknown amt-esd-prot

1083/tcp  unknown ansoft-lm-1

1084/tcp  unknown ansoft-lm-2

1085/tcp  unknown webobjects

1086/tcp  unknown cplscrambler-lg

1087/tcp  unknown cplscrambler-in

1088/tcp  unknown cplscrambler-al

1089/tcp  unknown ff-annunc

1090/tcp  unknown ff-fms

1091/tcp  unknown ff-sm

1092/tcp  unknown obrpd

1093/tcp  unknown proofd

1094/tcp  unknown rootd

1095/tcp  unknown nicelink

1096/tcp  unknown cnrprotocol

1097/tcp  unknown sunclustermgr

1098/tcp  unknown rmiactivation

1099/tcp  unknown rmiregistry

1100/tcp  unknown mctp

1102/tcp  unknown adobeserver-1

1104/tcp  unknown xrl

1105/tcp  unknown ftranhc

1106/tcp  unknown isoipsigport-1

1107/tcp  unknown isoipsigport-2

1108/tcp  unknown ratio-adp

1110/tcp  unknown nfsd-status

1111/tcp  unknown lmsocialserver

1112/tcp  unknown msql

1113/tcp  unknown ltp-deepspace

1114/tcp  unknown mini-sql

1117/tcp  unknown ardus-mtrns

1119/tcp  unknown bnetgame

1121/tcp  unknown rmpp

1122/tcp  unknown availant-mgr

1123/tcp  unknown murray

1124/tcp  unknown hpvmmcontrol

1126/tcp  unknown hpvmmdata

1130/tcp  unknown casp

1131/tcp  unknown caspssl

1132/tcp  unknown kvm-via-ip

1137/tcp  unknown trim

1138/tcp  unknown encrypted_admin

1141/tcp  unknown mxomss

1145/tcp  unknown x9-icue

1147/tcp  unknown capioverlan

1148/tcp  unknown elfiq-repl

1149/tcp  unknown bvtsonar

1151/tcp  unknown unizensus

1152/tcp  unknown winpoplanmess

1154/tcp  unknown resacommunity

1163/tcp  unknown sddp

1164/tcp  unknown qsm-proxy

1165/tcp  unknown qsm-gui

1166/tcp  unknown qsm-remote

1169/tcp  unknown tripwire

1174/tcp  unknown fnet-remote-ui

1175/tcp  unknown dossier

1183/tcp  unknown llsurfup-http

1185/tcp  unknown catchpole

1186/tcp  unknown mysql-cluster

1187/tcp  unknown alias

1192/tcp  unknown caids-sensor

1198/tcp  unknown cajo-discovery

1199/tcp  unknown dmidi

1201/tcp  unknown nucleus-sand

1213/tcp  unknown mpc-lifenet

1216/tcp  unknown etebac5

1217/tcp  unknown hpss-ndapi

1218/tcp  unknown aeroflight-ads

1233/tcp  unknown univ-appserver

1234/tcp  unknown hotline

1236/tcp  unknown bvcontrol

1244/tcp  unknown isbconference1

1247/tcp  unknown visionpyramid

1248/tcp  unknown hermes

1259/tcp  unknown opennl-voice

1271/tcp  unknown excw

1272/tcp  unknown cspmlockmgr

1277/tcp  unknown miva-mqs

1287/tcp  unknown routematch

1296/tcp  unknown dproxy

1300/tcp  unknown h323hostcallsc

1301/tcp  unknown ci3-software-1

1309/tcp  unknown jtag-server

1310/tcp  unknown husky

1311/tcp  unknown rxmon

1322/tcp  unknown novation

1328/tcp  unknown ewall

1334/tcp  unknown writesrv

1352/tcp  unknown lotusnotes

1417/tcp  unknown timbuktu-srv1

1433/tcp  unknown ms-sql-s

1434/tcp  unknown ms-sql-m

1443/tcp  unknown ies-lm

1455/tcp  unknown esl-lm

1461/tcp  unknown ibm_wrless_lan

1494/tcp  unknown citrix-ica

1500/tcp  unknown vlsi-lm

1501/tcp  unknown sas-3

1503/tcp  unknown imtc-mcs

1521/tcp  unknown oracle

1524/tcp  unknown ingreslock

1533/tcp  unknown virtual-places

1556/tcp  unknown veritas_pbx

1580/tcp  unknown tn-tl-r1

1583/tcp  unknown simbaexpress

1594/tcp  unknown sixtrak

1600/tcp  unknown issd

1641/tcp  unknown invision

1658/tcp  unknown sixnetudr

1666/tcp  unknown netview-aix-6

1687/tcp  unknown nsjtp-ctrl

1688/tcp  unknown nsjtp-data

1700/tcp  unknown mps-raft

1717/tcp  unknown fj-hdnet

1718/tcp  unknown h323gatedisc

1719/tcp  unknown h323gatestat

1720/tcp  unknown H.323/Q.931

1721/tcp  unknown caicci

1723/tcp  unknown pptp

1755/tcp  unknown wms

1761/tcp  unknown landesk-rc

1782/tcp  unknown hp-hcip

1783/tcp  unknown unknown

1801/tcp  unknown msmq

1805/tcp  unknown enl-name

1812/tcp  unknown radius

1839/tcp  unknown netopia-vo1

1840/tcp  unknown netopia-vo2

1862/tcp  unknown mysql-cm-agent

1863/tcp  unknown msnp

1864/tcp  unknown paradym-31

1875/tcp  unknown westell-stats

1900/tcp  unknown upnp

1914/tcp  unknown elm-momentum

1935/tcp  unknown rtmp

1947/tcp  unknown sentinelsrm

1971/tcp  unknown netop-school

1972/tcp  unknown intersys-cache

1974/tcp  unknown drp

1984/tcp  unknown bigbrother

1998/tcp  unknown x25-svc-port

1999/tcp  unknown tcp-id-port

2000/tcp  unknown cisco-sccp

2001/tcp  unknown dc

2002/tcp  unknown globe

2003/tcp  unknown finger

2004/tcp  unknown mailbox

2005/tcp  unknown deslogin

2006/tcp  unknown invokator

2007/tcp  unknown dectalk

2008/tcp  unknown conf

2009/tcp  unknown news

2010/tcp  unknown search

2013/tcp  unknown raid-am

2020/tcp  unknown xinupageserver

2021/tcp  unknown servexec

2022/tcp  unknown down

2030/tcp  unknown device2

2033/tcp  unknown glogger

2034/tcp  unknown scoremgr

2035/tcp  unknown imsldoc

2038/tcp  unknown objectmanager

2040/tcp  unknown lam

2041/tcp  unknown interbase

2042/tcp  unknown isis

2043/tcp  unknown isis-bcast

2045/tcp  unknown cdfunc

2046/tcp  unknown sdfunc

2047/tcp  unknown dls

2048/tcp  unknown dls-monitor

2049/tcp  unknown nfs

2065/tcp  unknown dlsrpn

2068/tcp  unknown advocentkvm

2099/tcp  unknown h2250-annex-g

2100/tcp  unknown amiganetfs

2103/tcp  unknown zephyr-clt

2105/tcp  unknown eklogin

2106/tcp  unknown ekshell

2107/tcp  unknown msmq-mgmt

2111/tcp  unknown kx

2119/tcp  unknown gsigatekeeper

2121/tcp  unknown ccproxy-ftp

2126/tcp  unknown pktcable-cops

2135/tcp  unknown gris

2144/tcp  unknown lv-ffx

2160/tcp  unknown apc-2160

2161/tcp  unknown apc-agent

2170/tcp  unknown eyetv

2179/tcp  unknown vmrdp

2190/tcp  unknown tivoconnect

2191/tcp  unknown tvbus

2196/tcp  unknown unknown

2200/tcp  unknown ici

2222/tcp  unknown EtherNet/IP-1

2251/tcp  unknown dif-port

2260/tcp  unknown apc-2260

2288/tcp  unknown netml

2301/tcp  unknown compaqdiag

2323/tcp  unknown 3d-nfsd

2366/tcp  unknown qip-login

2381/tcp  unknown compaq-https

2382/tcp  unknown ms-olap3

2383/tcp  unknown ms-olap4

2393/tcp  unknown ms-olap1

2394/tcp  unknown ms-olap2

2399/tcp  unknown fmpro-fdal

2401/tcp  unknown cvspserver

2492/tcp  unknown groove

2500/tcp  unknown rtsserv

2522/tcp  unknown windb

2525/tcp  unknown ms-v-worlds

2557/tcp  unknown nicetec-mgmt

2601/tcp  unknown zebra

2602/tcp  unknown ripd

2604/tcp  unknown ospfd

2605/tcp  unknown bgpd

2607/tcp  unknown connection

2608/tcp  unknown wag-service

2638/tcp  unknown sybase

2701/tcp  unknown sms-rcinfo

2702/tcp  unknown sms-xfer

2710/tcp  unknown sso-service

2717/tcp  unknown pn-requester

2718/tcp  unknown pn-requester2

2725/tcp  unknown msolap-ptp2

2800/tcp  unknown acc-raid

2809/tcp  unknown corbaloc

2811/tcp  unknown gsiftp

2869/tcp  unknown icslap

2875/tcp  unknown dxmessagebase2

2909/tcp  unknown funk-dialout

2910/tcp  unknown tdaccess

2920/tcp  unknown roboeda

2967/tcp  unknown symantec-av

2968/tcp  unknown enpp

2998/tcp  unknown iss-realsec

3000/tcp  unknown ppp

3001/tcp  unknown nessus

3003/tcp  unknown cgms

3005/tcp  unknown deslogin

3006/tcp  unknown deslogind

3007/tcp  unknown lotusmtap

3011/tcp  unknown trusted-web

3013/tcp  unknown gilatskysurfer

3017/tcp  unknown event_listener

3030/tcp  unknown arepa-cas

3031/tcp  unknown eppc

3052/tcp  unknown powerchute

3071/tcp  unknown csd-mgmt-port

3077/tcp  unknown orbix-loc-ssl

3128/tcp  unknown squid-http

3168/tcp  unknown poweronnud

3211/tcp  unknown avsecuremgmt

3221/tcp  unknown xnm-clear-text

3260/tcp  unknown iscsi

3261/tcp  unknown winshadow

3268/tcp  unknown globalcatLDAP

3269/tcp  unknown globalcatLDAPssl

3283/tcp  unknown netassistant

3300/tcp  unknown unknown

3301/tcp  unknown unknown

3306/tcp  unknown mysql

3322/tcp  unknown active-net

3323/tcp  unknown active-net

3324/tcp  unknown active-net

3325/tcp  unknown active-net

3333/tcp  unknown dec-notes

3351/tcp  unknown btrieve

3367/tcp  unknown satvid-datalnk

3369/tcp  unknown satvid-datalnk

3370/tcp  unknown satvid-datalnk

3371/tcp  unknown satvid-datalnk

3372/tcp  unknown msdtc

3389/tcp  unknown ms-wbt-server

3390/tcp  unknown dsc

3404/tcp  unknown unknown

3476/tcp  unknown nppmp

3493/tcp  unknown nut

3517/tcp  unknown 802-11-iapp

3527/tcp  unknown beserver-msg-q

3546/tcp  unknown unknown

3551/tcp  unknown apcupsd

3580/tcp  unknown nati-svrloc

3659/tcp  unknown apple-sasl

3689/tcp  unknown rendezvous

3690/tcp  unknown svn

3703/tcp  unknown adobeserver-3

3737/tcp  unknown xpanel

3766/tcp  unknown unknown

3784/tcp  unknown bfd-control

3800/tcp  unknown pwgpsi

3801/tcp  unknown ibm-mgr

3809/tcp  unknown apocd

3814/tcp  unknown neto-dcs

3826/tcp  unknown wormux

3827/tcp  unknown netmpi

3828/tcp  unknown neteh

3851/tcp  unknown spectraport

3869/tcp  unknown ovsam-mgmt

3871/tcp  unknown avocent-adsap

3878/tcp  unknown fotogcad

3880/tcp  unknown igrs

3889/tcp  unknown dandv-tester

3905/tcp  unknown mupdate

3914/tcp  unknown listcrt-port-2

3918/tcp  unknown pktcablemmcops

3920/tcp  unknown exasoftport1

3945/tcp  unknown emcads

3971/tcp  unknown lanrevserver

3986/tcp  unknown mapper-ws_ethd

3995/tcp  unknown iss-mgmt-ssl

3998/tcp  unknown dnx

4000/tcp  unknown remoteanything

4001/tcp  unknown newoak

4002/tcp  unknown mlchat-proxy

4003/tcp  unknown pxc-splr-ft

4004/tcp  unknown pxc-roid

4005/tcp  unknown pxc-pin

4006/tcp  unknown pxc-spvr

4045/tcp  unknown lockd

4111/tcp  unknown xgrid

4125/tcp  unknown rww

4126/tcp  unknown ddrepl

4129/tcp  unknown nuauth

4224/tcp  unknown xtell

4242/tcp  unknown vrml-multi-use

4279/tcp  unknown vrml-multi-use

4321/tcp  unknown rwhois

4343/tcp  unknown unicall

4443/tcp  unknown pharos

4444/tcp  unknown krb524

4445/tcp  unknown upnotifyp

4446/tcp  unknown n1-fwp

4449/tcp  unknown privatewire

4550/tcp  unknown gds-adppiw-db

4567/tcp  unknown tram

4662/tcp  unknown edonkey

4848/tcp  unknown appserv-http

4899/tcp  unknown radmin

4900/tcp  unknown hfcs

4998/tcp  unknown maybe-veritas

5000/tcp  unknown upnp

5001/tcp  unknown commplex-link

5002/tcp  unknown rfe

5003/tcp  unknown filemaker

5004/tcp  unknown avt-profile-1

5009/tcp  unknown airport-admin

5030/tcp  unknown surfpass

5033/tcp  unknown unknown

5050/tcp  unknown mmcc

5051/tcp  unknown ida-agent

5054/tcp  unknown rlm-admin

5060/tcp  unknown sip

5061/tcp  unknown sip-tls

5080/tcp  unknown onscreen

5087/tcp  unknown unknown

5100/tcp  unknown admd

5101/tcp  unknown admdog

5102/tcp  unknown admeng

5120/tcp  unknown unknown

5190/tcp  unknown aol

5200/tcp  unknown targus-getdata

5214/tcp  unknown unknown

5221/tcp  unknown 3exmp

5222/tcp  unknown xmpp-client

5225/tcp  unknown hp-server

5226/tcp  unknown hp-status

5269/tcp  unknown xmpp-server

5280/tcp  unknown xmpp-bosh

5298/tcp  unknown presence

5357/tcp  unknown wsdapi

5405/tcp  unknown pcduo

5414/tcp  unknown statusd

5431/tcp  unknown park-agent

5432/tcp  unknown postgresql

5440/tcp  unknown unknown

5500/tcp  unknown hotline

5510/tcp  unknown secureidprop

5544/tcp  unknown unknown

5550/tcp  unknown sdadmind

5555/tcp  unknown freeciv

5560/tcp  unknown isqlplus

5566/tcp  unknown westec-connect

5631/tcp  unknown pcanywheredata

5633/tcp  unknown beorl

5666/tcp  unknown nrpe

5678/tcp  unknown rrac

5679/tcp  unknown activesync

5718/tcp  unknown dpm

5730/tcp  unknown unieng

5800/tcp  unknown vnc-http

5801/tcp  unknown vnc-http-1

5802/tcp  unknown vnc-http-2

5810/tcp  unknown unknown

5811/tcp  unknown unknown

5815/tcp  unknown unknown

5822/tcp  unknown unknown

5825/tcp  unknown unknown

5850/tcp  unknown unknown

5859/tcp  unknown wherehoo

5862/tcp  unknown unknown

5877/tcp  unknown unknown

5900/tcp  unknown vnc

5901/tcp  unknown vnc-1

5902/tcp  unknown vnc-2

5903/tcp  unknown vnc-3

5904/tcp  unknown unknown

5906/tcp  unknown unknown

5907/tcp  unknown unknown

5910/tcp  unknown cm

5911/tcp  unknown cpdlc

5915/tcp  unknown unknown

5922/tcp  unknown unknown

5925/tcp  unknown unknown

5950/tcp  unknown unknown

5952/tcp  unknown unknown

5959/tcp  unknown unknown

5960/tcp  unknown unknown

5961/tcp  unknown unknown

5962/tcp  unknown unknown

5963/tcp  unknown indy

5987/tcp  unknown wbem-rmi

5988/tcp  unknown wbem-http

5989/tcp  unknown wbem-https

5998/tcp  unknown ncd-diag

5999/tcp  unknown ncd-conf

6000/tcp  unknown X11

6001/tcp  unknown X11:1

6002/tcp  unknown X11:2

6003/tcp  unknown X11:3

6004/tcp  unknown X11:4

6005/tcp  unknown X11:5

6006/tcp  unknown X11:6

6007/tcp  unknown X11:7

6009/tcp  unknown X11:9

6025/tcp  unknown x11

6059/tcp  unknown X11:59

6100/tcp  unknown synchronet-db

6101/tcp  unknown backupexec

6106/tcp  unknown isdninfo

6112/tcp  unknown dtspc

6123/tcp  unknown backup-express

6129/tcp  unknown unknown

6156/tcp  unknown unknown

6346/tcp  unknown gnutella

6389/tcp  unknown clariion-evr01

6502/tcp  unknown netop-rc

6510/tcp  unknown mcer-port

6543/tcp  unknown mythtv

6547/tcp  unknown powerchuteplus

6565/tcp  unknown unknown

6566/tcp  unknown sane-port

6567/tcp  unknown esp

6580/tcp  unknown parsec-master

6646/tcp  unknown unknown

6666/tcp  unknown irc

6667/tcp  unknown irc

6668/tcp  unknown irc

6669/tcp  unknown irc

6689/tcp  unknown tsa

6692/tcp  unknown unknown

6699/tcp  unknown napster

6779/tcp  unknown unknown

6788/tcp  unknown smc-http

6789/tcp  unknown ibm-db2-admin

6792/tcp  unknown unknown

6839/tcp  unknown unknown

6881/tcp  unknown bittorrent-tracker

6901/tcp  unknown jetstream

6969/tcp  unknown acmsoda

7000/tcp  unknown afs3-fileserver

7001/tcp  unknown afs3-callback

7002/tcp  unknown afs3-prserver

7004/tcp  unknown afs3-kaserver

7007/tcp  unknown afs3-bos

7019/tcp  unknown unknown

7025/tcp  unknown vmsvc-2

7070/tcp  unknown realserver

7100/tcp  unknown font-service

7103/tcp  unknown unknown

7106/tcp  unknown unknown

7200/tcp  unknown fodms

7201/tcp  unknown dlip

7402/tcp  unknown rtps-dd-mt

7435/tcp  unknown unknown

7443/tcp  unknown oracleas-https

7496/tcp  unknown unknown

7512/tcp  unknown unknown

7625/tcp  unknown unknown

7627/tcp  unknown soap-http

7676/tcp  unknown imqbrokerd

7741/tcp  unknown scriptview

7777/tcp  unknown cbt

7778/tcp  unknown interwise

7800/tcp  unknown asr

7911/tcp  unknown unknown

7920/tcp  unknown unknown

7921/tcp  unknown unknown

7937/tcp  unknown nsrexecd

7938/tcp  unknown lgtomapper

7999/tcp  unknown irdmi2

8000/tcp  unknown http-alt

8001/tcp  unknown vcom-tunnel

8002/tcp  unknown teradataordbms

8007/tcp  unknown ajp12

8008/tcp  unknown http

8009/tcp  unknown ajp13

8010/tcp  unknown xmpp

8011/tcp  unknown unknown

8021/tcp  unknown ftp-proxy

8022/tcp  unknown oa-system

8031/tcp  unknown unknown

8042/tcp  unknown fs-agent

8045/tcp  unknown unknown

8080/tcp  unknown http-proxy

8081/tcp  unknown blackice-icecap

8082/tcp  unknown blackice-alerts

8083/tcp  unknown us-srv

8084/tcp  unknown unknown

8085/tcp  unknown unknown

8086/tcp  unknown d-s-n

8087/tcp  unknown simplifymedia

8088/tcp  unknown radan-http

8089/tcp  unknown unknown

8090/tcp  unknown unknown

8093/tcp  unknown unknown

8099/tcp  unknown unknown

8100/tcp  unknown xprint-server

8180/tcp  unknown unknown

8181/tcp  unknown unknown

8192/tcp  unknown sophos

8193/tcp  unknown sophos

8194/tcp  unknown sophos

8200/tcp  unknown trivnet1

8222/tcp  unknown unknown

8254/tcp  unknown unknown

8290/tcp  unknown unknown

8291/tcp  unknown unknown

8292/tcp  unknown blp3

8300/tcp  unknown tmi

8333/tcp  unknown unknown

8383/tcp  unknown m2mservices

8400/tcp  unknown cvd

8402/tcp  unknown abarsd

8443/tcp  unknown https-alt

8500/tcp  unknown fmtp

8600/tcp  unknown asterix

8649/tcp  unknown unknown

8651/tcp  unknown unknown

8652/tcp  unknown unknown

8654/tcp  unknown unknown

8701/tcp  unknown unknown

8800/tcp  unknown sunwebadmin

8873/tcp  unknown dxspider

8888/tcp  unknown sun-answerbook

8899/tcp  unknown ospf-lite

8994/tcp  unknown unknown

9000/tcp  unknown cslistener

9001/tcp  unknown tor-orport

9002/tcp  unknown dynamid

9003/tcp  unknown unknown

9009/tcp  unknown pichat

9010/tcp  unknown sdr

9011/tcp  unknown unknown

9040/tcp  unknown tor-trans

9050/tcp  unknown tor-socks

9071/tcp  unknown unknown

9080/tcp  unknown glrpc

9081/tcp  unknown unknown

9090/tcp  unknown zeus-admin

9091/tcp  unknown xmltec-xmlmail

9099/tcp  unknown unknown

9100/tcp  unknown jetdirect

9101/tcp  unknown jetdirect

9102/tcp  unknown jetdirect

9103/tcp  unknown jetdirect

9110/tcp  unknown unknown

9111/tcp  unknown DragonIDSConsole

9200/tcp  unknown wap-wsp

9207/tcp  unknown wap-vcal-s

9220/tcp  unknown unknown

9290/tcp  unknown unknown

9415/tcp  unknown unknown

9418/tcp  unknown git

9485/tcp  unknown unknown

9500/tcp  unknown ismserver

9502/tcp  unknown unknown

9503/tcp  unknown unknown

9535/tcp  unknown man

9575/tcp  unknown unknown

9593/tcp  unknown cba8

9594/tcp  unknown msgsys

9595/tcp  unknown pds

9618/tcp  unknown condor

9666/tcp  unknown unknown

9876/tcp  unknown sd

9877/tcp  unknown unknown

9878/tcp  unknown unknown

9898/tcp  unknown monkeycom

9900/tcp  unknown iua

9917/tcp  unknown unknown

9929/tcp  unknown nping-echo

9943/tcp  unknown unknown

9944/tcp  unknown unknown

9968/tcp  unknown unknown

9998/tcp  unknown distinct32

9999/tcp  unknown abyss

10000/tcp unknown snet-sensor-mgmt

10001/tcp unknown scp-config

10002/tcp unknown documentum

10003/tcp unknown documentum_s

10004/tcp unknown emcrmirccd

10009/tcp unknown swdtp-sv

10010/tcp unknown rxapi

10012/tcp unknown unknown

10024/tcp unknown unknown

10025/tcp unknown unknown

10082/tcp unknown amandaidx

10180/tcp unknown unknown

10215/tcp unknown unknown

10243/tcp unknown unknown

10566/tcp unknown unknown

10616/tcp unknown unknown

10617/tcp unknown unknown

10621/tcp unknown unknown

10626/tcp unknown unknown

10628/tcp unknown unknown

10629/tcp unknown unknown

10778/tcp unknown unknown

11110/tcp unknown unknown

11111/tcp unknown vce

11967/tcp unknown sysinfo-sp

12000/tcp unknown cce4x

12174/tcp unknown unknown

12265/tcp unknown unknown

12345/tcp unknown netbus

13456/tcp unknown unknown

13722/tcp unknown netbackup

13782/tcp unknown netbackup

13783/tcp unknown netbackup

14000/tcp unknown scotty-ft

14238/tcp unknown unknown

14441/tcp unknown unknown

14442/tcp unknown unknown

15000/tcp unknown hydap

15002/tcp unknown unknown

15003/tcp unknown unknown

15004/tcp unknown unknown

15660/tcp unknown bex-xr

15742/tcp unknown unknown

16000/tcp unknown fmsas

16001/tcp unknown fmsascon

16012/tcp unknown unknown

16016/tcp unknown unknown

16018/tcp unknown unknown

16080/tcp unknown osxwebadmin

16113/tcp unknown unknown

16992/tcp unknown amt-soap-http

16993/tcp unknown amt-soap-https

17877/tcp unknown unknown

17988/tcp unknown unknown

18040/tcp unknown unknown

18101/tcp unknown unknown

18988/tcp unknown unknown

19101/tcp unknown unknown

19283/tcp unknown keysrvr

19315/tcp unknown keyshadow

19350/tcp unknown unknown

19780/tcp unknown unknown

19801/tcp unknown unknown

19842/tcp unknown unknown

20000/tcp unknown dnp

20005/tcp unknown btx

20031/tcp unknown unknown

20221/tcp unknown unknown

20222/tcp unknown ipulse-ics

20828/tcp unknown unknown

21571/tcp unknown unknown

22939/tcp unknown unknown

23502/tcp unknown unknown

24444/tcp unknown unknown

24800/tcp unknown unknown

25734/tcp unknown unknown

25735/tcp unknown unknown

26214/tcp unknown unknown

27000/tcp unknown flexlm0

27352/tcp unknown unknown

27353/tcp unknown unknown

27355/tcp unknown unknown

27356/tcp unknown unknown

27715/tcp unknown unknown

28201/tcp unknown unknown

30000/tcp unknown unknown

30718/tcp unknown unknown

30951/tcp unknown unknown

31038/tcp unknown unknown

31337/tcp unknown Elite

32768/tcp unknown filenet-tms

32769/tcp unknown filenet-rpc

32770/tcp unknown sometimes-rpc3

32771/tcp unknown sometimes-rpc5

32772/tcp unknown sometimes-rpc7

32773/tcp unknown sometimes-rpc9

32774/tcp unknown sometimes-rpc11

32775/tcp unknown sometimes-rpc13

32776/tcp unknown sometimes-rpc15

32777/tcp unknown sometimes-rpc17

32778/tcp unknown sometimes-rpc19

32779/tcp unknown sometimes-rpc21

32780/tcp unknown sometimes-rpc23

32781/tcp unknown unknown

32782/tcp unknown unknown

32783/tcp unknown unknown

32784/tcp unknown unknown

32785/tcp unknown unknown

33354/tcp unknown unknown

33899/tcp unknown unknown

34571/tcp unknown unknown

34572/tcp unknown unknown

34573/tcp unknown unknown

35500/tcp unknown unknown

38292/tcp unknown landesk-cba

40193/tcp unknown unknown

40911/tcp unknown unknown

41511/tcp unknown unknown

42510/tcp unknown caerpc

44176/tcp unknown unknown

44442/tcp unknown coldfusion-auth

44443/tcp unknown coldfusion-auth

44501/tcp unknown unknown

45100/tcp unknown unknown

48080/tcp unknown unknown

49152/tcp unknown unknown

49153/tcp unknown unknown

49154/tcp unknown unknown

49155/tcp unknown unknown

49156/tcp unknown unknown

49157/tcp unknown unknown

49158/tcp unknown unknown

49159/tcp unknown unknown

49160/tcp unknown unknown

49161/tcp unknown unknown

49163/tcp unknown unknown

49165/tcp unknown unknown

49167/tcp unknown unknown

49175/tcp unknown unknown

49176/tcp unknown unknown

49400/tcp unknown compaqdiag

49999/tcp unknown unknown

50000/tcp unknown ibm-db2

50001/tcp unknown unknown

50002/tcp unknown iiimsf

50003/tcp unknown unknown

50006/tcp unknown unknown

50300/tcp unknown unknown

50389/tcp unknown unknown

50500/tcp unknown unknown

50636/tcp unknown unknown

50800/tcp unknown unknown

51103/tcp unknown unknown

51493/tcp unknown unknown

52673/tcp unknown unknown

52822/tcp unknown unknown

52848/tcp unknown unknown

52869/tcp unknown unknown

54045/tcp unknown unknown

54328/tcp unknown unknown

55055/tcp unknown unknown

55056/tcp unknown unknown

55555/tcp unknown unknown

55600/tcp unknown unknown

56737/tcp unknown unknown

56738/tcp unknown unknown

57294/tcp unknown unknown

57797/tcp unknown unknown

58080/tcp unknown unknown

60020/tcp unknown unknown

60443/tcp unknown unknown

61532/tcp unknown unknown

61900/tcp unknown unknown

62078/tcp unknown iphone-sync

63331/tcp unknown unknown

64623/tcp unknown unknown

64680/tcp unknown unknown

65000/tcp unknown unknown

65129/tcp unknown unknown

65389/tcp unknown unknown



NSE: Script Post-scanning.

Read data files from: C:\Program Files\Nmap

OS and Service detection performed. Please report any incorrect results at http://nmap.org/submit/ .

Nmap done: 1 IP address (1 host up) scanned in 2.26 seconds

           Raw packets sent: 0 (0B) | Rcvd: 0 (0B)


RogueKiller V9.2.13.0 [Sep 25 2014] by Adlice Software
mail : http://www.adlice.com/contact/
Feedback : http://forum.adlice.com
Website : http://www.adlice.com/softwares/roguekiller/
Blog : http://www.adlice.com

Operating System : Windows 7 (6.1.7601 Service Pack 1) 32 bits version
Started in : Normal mode
User : nots0 [Admin rights]
Mode : Scan -- Date : 10/01/2014  12:55:45

¤¤¤ Bad processes : 1 ¤¤¤
[Suspicious.Path] explorer.exe -- C:\Users\nots0\AppData\Local\Strongvault Online Backup\CtxMenu.dll[7] -> UNLOADED

¤¤¤ Registry Entries : 11 ¤¤¤
[Suspicious.Path] HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\catchme (\??\C:\Users\nots0\AppData\Local\Temp\catchme.sys) -> FOUND
[Suspicious.Path] HKEY_LOCAL_MACHINE\System\ControlSet001\Services\catchme (\??\C:\Users\nots0\AppData\Local\Temp\catchme.sys) -> FOUND
[Suspicious.Path] HKEY_LOCAL_MACHINE\System\ControlSet002\Services\catchme (\??\C:\Users\nots0\AppData\Local\Temp\catchme.sys) -> FOUND
[PUM.Policies] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System | DisableRegistryTools : 0  -> FOUND
[PUM.DesktopIcons] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1  -> FOUND
[PUM.HomePage] HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main | Start Page : http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome  -> FOUND
[PUM.HomePage] HKEY_USERS\S-1-5-21-2709076479-299211639-3247174901-1000\Software\Microsoft\Internet Explorer\Main | Start Page : www.google.com  -> FOUND
[PUM.HomePage] HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Main | Start Page : http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome  -> FOUND
[PUM.SearchPage] HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main | Search Page : http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch  -> FOUND
[PUM.SearchPage] HKEY_USERS\S-1-5-21-2709076479-299211639-3247174901-1000\Software\Microsoft\Internet Explorer\Main | Search Page : http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch  -> FOUND
[PUM.SearchPage] HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Main | Search Page : http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch  -> FOUND

¤¤¤ Scheduled tasks : 0 ¤¤¤

¤¤¤ Files : 0 ¤¤¤

¤¤¤ HOSTS File : 1 ¤¤¤
[C:\Windows\System32\drivers\etc\hosts] 127.0.0.1       localhost

¤¤¤ Antirootkit : 1 (Driver: LOADED) ¤¤¤
[Filter(Kernel.Filter)] \Driver\atapi @ Unknown : \Driver\cdrom @ \Device\CdRom0 (\SystemRoot\system32\DRIVERS\dtsoftbus01.sys)

¤¤¤ Web browsers : 1 ¤¤¤
[PUP][FIREFX:Addon] tz0ans2l.default : Ant Video Downloader [[email protected]] -> FOUND

¤¤¤ MBR Check : ¤¤¤
+++++ PhysicalDrive0: Hitachi HDS721010CLA330 ATA Device +++++
--- User ---
[MBR] cd04d84b0efc3232cd296b55375e2169
[BSP] cbdfd08a3689b3b5026ddf27e2652060 : Windows Vista/7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 100 MB
1 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 206848 | Size: 953767 MB
User = LL1 ... OK
User = LL2 ... OK


============================================
RKreport_SCN_10012014_105502.log
======= End Of Log ============================

  • 0

Advertisements


#2
Biscuithd

Biscuithd

    Trusted Helper

  • Malware Removal
  • 2,573 posts

Very sorry that it has taken so long to respond to your request.

Occasionally we get very, very busy and that is the case now.

However, I do have time and desire.

Do you still need help or have you resolved your issue?

If you still need help, can you describe, briefly, what disconcerting behavior you are experiencing with the computer.


  • 0

#3
cer0

cer0

    New Member

  • Topic Starter
  • Member
  • Pip
  • 6 posts

Got hacked into a while back, and believe that my machine may still be infected. Was hoping someone could help by the logs.


  • 0

#4
Biscuithd

Biscuithd

    Trusted Helper

  • Malware Removal
  • 2,573 posts

I agree, your machine is heavily infected! I will do my best to help you clean it, but it will likely take some time.

 

While we I am helping you clean the machine, please stop using P2P (uTorrent) as this is the likely source of your infections.

 

warning.gif Critical warning - there's a Backdoor present!
 
Unfortunately your machine seems to be heavy compromised by a Backdoor Trojan. This type of infection allows hackers to remotely control your computer, steal critical system information and download and execute files. My advices for this moment:
  •  
  • Disconnect this machine from the internet.
  • Change your online passwords from a well-known clean computer (not this one!).
  • It would be also wise to inform financial institutions about your situation - see here.
Many experts believe that the best action should be reformat and reinstall, but I think that we can still be able to clean this one and return it to its normal funcionality (with no security guarantee afterwards, as this is a very severe type of infection).
  • If you plan to rather reinstall your system, let me know if I could provide any help during that procedure.
  • If you wish to omit the reinstallation, just please proceed with the next steps directed.
I believe that we can kill this nasty bad guy :thumbsup:
 
warning.gif P2P warning!

  •  

P2P programs, as they are legal itself, are often used to obtain some illegal downloads. Currently it's one of the best ways to get infected. There have been some extreme cases in which passwords, private or financial data was exposed to file sharing network because of bad P2P configuration.

I strongly recommend full uninstallation of any P2P apps. To do so:
  • Press the WindowsKey.png + R on your keyboard at the same time. Type appwiz.cpl and click OK.
  • Search for previously mentioned program(s), right-click the entry and click Uninstall.

This is optional, but please consider this. In case of leaving it installed, please refrain from using it while we're cleaning your machine.
 
FRST.gif Fix with Farbar Recovery Scan Tool

icon_exclaim.gif This fix was created for this user for use on that particular machine. icon_exclaim.gif
icon_exclaim.gif Running it on another one may cause damage and render the system unstable. icon_exclaim.gif

Press the WindowsKey.png + R on your keyboard at the same time. Type Notepad and click OK.
  • Copy the entire content of the codebox below and paste into the Notepad document:
    start
    
    (广州铁人网络科技有限公司) C:\Program Files\PP助手2.0\adevicehelpermon.exe
    
    HKLM\...\Run: [] => [X]
    
    SearchScopes: HKLM - {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3281675&CUI=UN40636566492054128
    
    BHO: No Name -> {10921475-03CE-4E04-90CE-E2E7EF20C814} ->  No File
    
    S4 LiveUpdateSvc; C:\Program Files\IObit\LiveUpdate\LiveUpdate.exe [2151200 2013-12-03] (IObit)
    
    R2 PP Assistant Service; C:\Program Files\PP助手2.0\adevicehelpersvr.exe [118496 2014-08-14] () [File not signed]
    
    R2 Themes; C:\Windows\system32\themeservice.dll [37376 2014-01-27] (Microsoft Corporation) [File not signed]
    
    2014-09-27 14:16 - 2014-09-27 14:16 - 00000000 ____D () C:\Program Files\PP助手2.0
    
    2014-09-27 14:15 - 2014-09-27 14:15 - 19521328 _____ (广州铁人网络科技有限公司) C:\Users\nots0\Downloads\ppsetup(1).exe
    
    2014-08-14 01:52 - 2014-08-14 01:52 - 00118496 _____ () C:\Program Files\PP助手2.0\adevicehelpersvr.exe
    
    2014-08-14 01:52 - 2014-08-14 01:52 - 00166624 _____ () C:\Program Files\PP助手2.0\monconfigapi.dll
    
    2014-08-14 01:52 - 2014-08-14 01:52 - 00282336 _____ () C:\Program Files\PP助手2.0\pppclogger.dll
    
    2014-08-14 01:52 - 2014-08-14 01:52 - 00376032 _____ () C:\Program Files\PP助手2.0\DevHelper.dll
    
    2014-08-14 01:52 - 2014-08-14 01:52 - 00329440 _____ () C:\Program Files\PP助手2.0\DriverTools.dll
    
    C:\Program Files\PP助手2.0
    
    emptytemp:
    
    end
  • Click File, Save As and type fixlist.txt as the File Name.
Both files, FRST and fixlist.txt have to be in the same location or the fix will not work!
  • Right-click on FRST.gif icon and select RunAsAdmin.jpg Run as Administrator to start the tool.
    (XP users click run after receipt of Windows Security Warning - Open File).
  • Press the Fix button just once and wait.
  • If for some reason the tool needs a restart, please make sure you let the system restart normally. After that let the tool complete its run.
  • When finished FRST will generate a log on the Desktop, called Fixlog.txt.
Please post it to your reply.
 
51a5bf3d99e8a-ComboFixlogo16.png Scan with ComboFix

This is a very powerful tool that should be used only if advised by Malware Analyst.
Do not run ComboFix on your own!


Referring to this instruction, please download ComboFix by sUBs and save it to your desktop.
Temporary disable your AntiVirus and AntiSpyware protection - instructions here.

  • Right-click on 51a5bf3d99e8a-ComboFixlogo16.png icon and select RunAsAdmin.jpg Run as Administrator to start the tool.
  • Accept the disclaimer and agree if prompted to install Recovery Console.
  • Do not take any actions while ComboFix goes through your System - it may cause it to stall!
  • This scan may take some time!
  • When finished - it will display a logfile (located also on your main drive, usually C:\ComboFix.txt).

Include that log in your next reply.
icon_idea.gif If you'll encounter any issues with internet connection after running ComboFix, please visit this link.
icon_idea.gif If an error about operation on the key marked for deletion will appear after running the tool, please reboot your machine.
 

51a612a8b27e2-Zoek.png Scan with ZOEK

Please download ZOEK by Smeenk and save it to your desktop (preferred version is the *.exe one)
Temporary disable your AntiVirus and AntiSpyware protection - instructions here.
 

  • Right-click on 51a612a8b27e2-Zoek.png icon and select RunAsAdmin.jpg Run as Administrator to start the tool.
  • Wait patiently until the main console will appear, it may take a minute or two.
  • In the main box please paste in the following script:
    createsrpoint;
    
    process;
    
    services-list;
    
    systemspecs;
    
    startupall;
    
    skipfix-iedefaults;
    
    firefoxlook;
    
    chromelook;
    
    filesrcm;
    
    installedprogs;
  • Make sure that Scan All Users option is checked.
  • Push Run Script and wait patiently. The scan may take a couple of minutes.
  • When the scan completes, a zoek-results logfile should open in notepad.
  • If a reboot is needed, it will be opened after it. You may also find it at your main drive (usually C:\ drive)

Post its content into your next reply.

 

 

To review, please post back the FRST Fix log, the Combo Fix log and the Zoek Log.

 


  • 0

#5
cer0

cer0

    New Member

  • Topic Starter
  • Member
  • Pip
  • 6 posts

 

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 08-10-2014 01
Ran by nots0 (administrator) on NOTS0-PC on 10-10-2014 16:13:05
Running from C:\Users\nots0\Downloads
Loaded Profile: nots0 (Available profiles: nots0)
Platform: Microsoft Windows 7 Ultimate  Service Pack 1 (X86) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Brio) C:\Program Files\FolderSize\FolderSizeSvc.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe
(TuneUp Software) C:\Program Files\TuneUp Utilities 2014\TuneUpUtilitiesService32.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbam.exe
(TuneUp Software) C:\Program Files\TuneUp Utilities 2014\TuneUpUtilitiesApp32.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(DT Soft Ltd) C:\Program Files\DAEMON Tools Pro\DTShellHlp.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Blizzard Entertainment) C:\Program Files\World of Warcraft\Wow.exe
(Blizzard Entertainment) C:\Program Files\World of Warcraft\Utils\WowBrowserProxy.exe
(Microsoft Corporation) C:\Windows\System32\taskmgr.exe
() C:\Users\nots0\Downloads\RogueKiller.exe
(Foxit Corporation) C:\Program Files\Foxit Software\Foxit Advanced PDF Editor\Foxit Advanced PDF Editor.exe
(VideoLAN) C:\Program Files\VideoLAN\VLC\vlc.exe
(Softpointer Inc) C:\Program Files\TagRename\TagRename.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Opera Software) C:\Program Files\Opera\21.0.1432.67\opera.exe
() C:\Program Files\Opera\21.0.1432.67\opera_crashreporter.exe
(Opera Software) C:\Program Files\Opera\21.0.1432.67\opera.exe
(Opera Software) C:\Program Files\Opera\21.0.1432.67\opera.exe
(Opera Software) C:\Program Files\Opera\21.0.1432.67\opera.exe
(Opera Software) C:\Program Files\Opera\21.0.1432.67\opera.exe
(Opera Software) C:\Program Files\Opera\21.0.1432.67\opera.exe
(Opera Software) C:\Program Files\Opera\21.0.1432.67\opera.exe
(Opera Software) C:\Program Files\Opera\21.0.1432.67\opera.exe
(Opera Software) C:\Program Files\Opera\21.0.1432.67\opera.exe
(Opera Software) C:\Program Files\Opera\21.0.1432.67\opera.exe
(Opera Software) C:\Program Files\Opera\21.0.1432.67\opera.exe
(Opera Software) C:\Program Files\Opera\21.0.1432.67\opera.exe
(Opera Software) C:\Program Files\Opera\21.0.1432.67\opera.exe
(Opera Software) C:\Program Files\Opera\21.0.1432.67\opera.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Opera Software) C:\Program Files\Opera\21.0.1432.67\opera.exe
(Opera Software) C:\Program Files\Opera\21.0.1432.67\opera.exe
(Opera Software) C:\Program Files\Opera\21.0.1432.67\opera.exe
(Wokhan) C:\Users\nots0\Desktop\incoming\WFN_1.9.0\Notifier.exe
(Microsoft Corporation) C:\Windows\System32\prevhost.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [951576 2014-03-11] (Microsoft Corporation)
HKLM\...\Run: [Malwarebytes Anti-Exploit] => C:\Program Files\Malwarebytes Anti-Exploit\mbae.exe [443216 2014-08-26] (Malwarebytes Corporation)
HKLM\...\RunOnce: [Malwarebytes Anti-Malware (cleanup)] => C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\mbamdor.exe [54072 2014-05-12] (Malwarebytes Corporation)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft...=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xF2D628CCF41CCE01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
SearchScopes: HKLM - DefaultScope {17C35237-2C6F-452E-B85E-66267434CAB2} URL =
SearchScopes: HKLM - {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = http://search.condui...636566492054128
BHO: Drop Pad Web Backup -> {25DA541F-6ACF-4052-A8AA-1D58284729C7} -> C:\Windows\system32\mscoree.dll (Microsoft Corporation)
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL (Microsoft Corporation)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} -  No File
Winsock: Catalog5 09 C:\Program Files\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 75.75.75.75 75.75.76.76

FireFox:
========
FF ProfilePath: C:\Users\nots0\AppData\Roaming\Mozilla\Firefox\Profiles\tz0ans2l.default
FF Homepage: hxxp://www.google.com
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin: @java.com/DTPlugin,version=10.51.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.51.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~3\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin: @nvidia.com/3DVision -> C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin: @nvidia.com/3DVisionStreaming -> C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.1.0 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll (Adobe Systems)
FF Plugin HKCU: ubisoft.com/uplaypc -> C:\Program Files\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll (Ubisoft)
FF user.js: detected! => C:\Users\nots0\AppData\Roaming\Mozilla\Firefox\Profiles\tz0ans2l.default\user.js
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npMeetingJoinPluginOC.dll (Microsoft Corporation)
FF SearchPlugin: C:\Users\nots0\AppData\Roaming\Mozilla\Firefox\Profiles\tz0ans2l.default\searchplugins\google-ssl.xml
FF SearchPlugin: C:\Users\nots0\AppData\Roaming\Mozilla\Firefox\Profiles\tz0ans2l.default\searchplugins\yahoo_ff.xml
FF Extension: Ant Video Downloader - C:\Users\nots0\AppData\Roaming\Mozilla\Firefox\Profiles\tz0ans2l.default\Extensions\[email protected] [2014-08-02]
FF Extension: Flash Video Downloader - YouTube Full HD Download - C:\Users\nots0\AppData\Roaming\Mozilla\Firefox\Profiles\tz0ans2l.default\Extensions\[email protected] [2014-07-31]
FF Extension: DoNotTrackMe: Online Privacy Protection - C:\Users\nots0\AppData\Roaming\Mozilla\Firefox\Profiles\tz0ans2l.default\Extensions\[email protected] [2014-07-10]
FF Extension: LastPass - C:\Users\nots0\AppData\Roaming\Mozilla\Firefox\Profiles\tz0ans2l.default\Extensions\[email protected] [2014-08-22]
FF Extension: Flash and Video Download - C:\Users\nots0\AppData\Roaming\Mozilla\Firefox\Profiles\tz0ans2l.default\Extensions\{bee6eb20-01e0-ebd1-da83-080329fb9a3a} [2014-09-20]
FF Extension: Custom New Tab - C:\Users\nots0\AppData\Roaming\Mozilla\Firefox\Profiles\tz0ans2l.default\Extensions\[email protected] [2014-04-05]
FF Extension: ImageBlock - C:\Users\nots0\AppData\Roaming\Mozilla\Firefox\Profiles\tz0ans2l.default\Extensions\[email protected] [2013-09-28]
FF Extension: InstantFox - C:\Users\nots0\AppData\Roaming\Mozilla\Firefox\Profiles\tz0ans2l.default\Extensions\[email protected] [2013-03-09]
FF Extension: YouTube to MP3 - C:\Users\nots0\AppData\Roaming\Mozilla\Firefox\Profiles\tz0ans2l.default\Extensions\[email protected] [2014-01-27]
FF Extension: Gmail S/MIME - C:\Users\nots0\AppData\Roaming\Mozilla\Firefox\Profiles\tz0ans2l.default\Extensions\{4c197c8f-a50f-4b49-a2d2-ed922c95612f}.xpi [2013-03-12]
FF Extension: Encrypted Communication - C:\Users\nots0\AppData\Roaming\Mozilla\Firefox\Profiles\tz0ans2l.default\Extensions\{52a7f893-d228-412e-9b28-bc61491462f6}.xpi [2013-03-12]
FF Extension: Quick Translator - C:\Users\nots0\AppData\Roaming\Mozilla\Firefox\Profiles\tz0ans2l.default\Extensions\{5C655500-E712-41e7-9349-CE462F844B19}.xpi [2013-12-08]
FF Extension: Downloads Window - C:\Users\nots0\AppData\Roaming\Mozilla\Firefox\Profiles\tz0ans2l.default\Extensions\{a7213cf2-fa1e-4373-88ff-255d0abd3020}.xpi [2014-01-27]
FF Extension: Adblock Plus - C:\Users\nots0\AppData\Roaming\Mozilla\Firefox\Profiles\tz0ans2l.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-04-25]
FF Extension: Google Privacy - C:\Users\nots0\AppData\Roaming\Mozilla\Firefox\Profiles\tz0ans2l.default\Extensions\{ea61041c-1e22-4400-99a0-aea461e69d04}.xpi [2013-03-12]

Chrome:
=======
CHR Profile: C:\Users\nots0\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\nots0\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-04-17]
CHR Extension: (Google Drive) - C:\Users\nots0\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-04-17]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\nots0\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-07-11]
CHR Extension: (YouTube) - C:\Users\nots0\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-04-17]
CHR Extension: (Google Search) - C:\Users\nots0\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-04-17]
CHR Extension: (Google Wallet) - C:\Users\nots0\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-04-17]
CHR Extension: (Gmail) - C:\Users\nots0\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-04-17]

========================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 FolderSize; C:\Program Files\FolderSize\FolderSizeSvc.exe [114688 2013-02-13] (Brio) [File not signed]
S4 LiveUpdateSvc; C:\Program Files\IObit\LiveUpdate\LiveUpdate.exe [2151200 2013-12-03] (IObit)
S2 MbaeSvc; C:\Program Files\Malwarebytes Anti-Exploit\mbae-svc.exe [441144 2014-08-29] (Malwarebytes Corporation)
R2 MBAMScheduler; C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation)
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [22216 2014-03-11] (Microsoft Corporation)
R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [279776 2014-03-11] (Microsoft Corporation)
S2 PP Assistant Service; C:\Program Files\PP助手2.0\adevicehelpersvr.exe [118496 2014-08-14] () [File not signed]
R2 Themes; C:\Windows\system32\themeservice.dll [37376 2014-01-27] (Microsoft Corporation) [File not signed]
R2 TuneUp.UtilitiesSvc; C:\Program Files\TuneUp Utilities 2014\TuneUpUtilitiesService32.exe [1774904 2014-04-15] (TuneUp Software)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R1 AsIO; C:\Windows\System32\drivers\AsIO.sys [11296 2009-08-04] ()
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [242240 2013-03-09] (DT Soft Ltd)
R1 ESProtectionDriver; C:\Program Files\Malwarebytes Anti-Exploit\mbae.sys [47896 2014-08-30] ()
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [23256 2014-05-12] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [110296 2014-10-09] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [51928 2014-05-12] (Malwarebytes Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [231960 2014-01-25] (Microsoft Corporation)
R1 MpKslb997da32; c:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{5FDE2106-6FDB-4928-85C8-2A67ADDCEAC1}\MpKslb997da32.sys [39464 2014-10-09] (Microsoft Corporation)
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [13216 2009-07-16] ()
U0 naexe; C:\Windows\System32\drivers\qxuljc.sys [52440 2014-10-03] (Malwarebytes Corporation)
S3 rkhdrv40; C:\Windows\system32\Drivers\rkhdrv40.sys [24448 2014-10-03] () [File not signed]
S3 taphss; C:\Windows\System32\DRIVERS\taphss.sys [33512 2012-07-24] (AnchorFree Inc)
S3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [37064 2013-04-24] (Anchorfree Inc.)
U3 TrueSight; C:\Windows\System32\drivers\TrueSight.sys [34808 2014-10-09] ()
R3 TuneUpUtilitiesDrv; C:\Program Files\TuneUp Utilities 2014\TuneUpUtilitiesDriver32.sys [12320 2014-03-26] (TuneUp Software)
R3 VIAHdAudAddService; C:\Windows\System32\drivers\viahduaa.sys [1150880 2013-03-09] (VIA Technologies, Inc.)
R1 WinFLAdrv; C:\Windows\System32\WinFLAdrv.sys [29184 2013-03-10] ()
S1 AntiLog32; \??\C:\Windows\system32\drivers\AntiLog32.sys [X]
S3 catchme; \??\C:\Users\nots0\AppData\Local\Temp\catchme.sys [X]
S3 keycrypt; system32\DRIVERS\KeyCrypt32.sys [X]
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
U3 mbr; \??\C:\Users\nots0\AppData\Local\Temp\mbr.sys [X]

==================== NetSvcs (Whitelisted) ===================


(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-10-10 16:13 - 2014-10-10 16:13 - 00016459 _____ () C:\Users\nots0\Downloads\FRST.txt
2014-10-10 15:16 - 2014-10-10 16:12 - 01101312 _____ (Farbar) C:\Users\nots0\Downloads\FRST.exe
2014-10-10 14:39 - 2014-10-10 14:39 - 00114704 _____ () C:\Users\nots0\AppData\Local\GDIPFONTCACHEV1.DAT
2014-10-10 14:38 - 2014-10-10 16:13 - 00000000 ____D () C:\3590F75ABA9E485486C100C1A9D4FF06ZZZ..Z.....ZZZZZ
2014-10-10 13:20 - 2014-10-10 13:20 - 00000000 ____D () C:\Users\nots0\AppData\Roaming\Aspell
2014-10-09 23:25 - 2014-10-09 23:30 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Exploit
2014-10-09 23:25 - 2014-10-09 23:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Exploit
2014-10-09 23:25 - 2014-10-09 23:25 - 00000000 ____D () C:\ProgramData\Malwarebytes Anti-Exploit
2014-10-09 15:30 - 2014-10-09 15:47 - 00000000 ____D () C:\Users\nots0\Documents\iTools
2014-10-09 15:29 - 2014-10-09 15:29 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTools
2014-10-09 15:28 - 2014-10-09 15:29 - 04039920 _____ () C:\Users\nots0\Downloads\iToolsSetup_1.8.4.0.exe
2014-10-09 11:32 - 2010-05-07 01:48 - 00077824 _____ (Auto Debug System) C:\Users\nots0\Downloads\KillProcess.exe
2014-10-09 11:25 - 2014-10-09 11:25 - 00029281 _____ () C:\Users\nots0\Downloads\processkill(1).zip
2014-10-09 11:23 - 2014-10-09 11:23 - 00029281 _____ () C:\Users\nots0\Downloads\processkill.zip
2014-10-09 01:09 - 2014-10-09 01:09 - 00029696 _____ (Gibson Research Corp.) C:\Users\nots0\Downloads\dcombob.exe
2014-10-09 00:54 - 2014-10-09 00:54 - 01121208 _____ () C:\Users\nots0\Downloads\ProcessMonitor.zip
2014-10-09 00:42 - 2014-10-09 00:42 - 00000000 ____D () C:\Users\nots0\AppData\Local\Wokhan
2014-10-09 00:38 - 2014-10-09 00:38 - 00162566 _____ () C:\Users\nots0\Downloads\WFN_1.9.0.zip
2014-10-09 00:30 - 2014-10-09 00:52 - 39067648 _____ () C:\Users\nots0\Downloads\Metrik-Universal_Language-NHS262DD-WEB-2014-JUSTiFY.rar.part
2014-10-08 18:00 - 2014-10-08 18:00 - 00000000 ____D () C:\Users\nots0\AppData\Roaming\TradeSkillMaster
2014-10-08 17:56 - 2014-10-08 17:56 - 00000000 ____D () C:\Users\nots0\Desktop\TSMApplication
2014-10-08 17:55 - 2014-10-08 17:55 - 07668591 _____ () C:\Users\nots0\Downloads\TSMApplication.zip
2014-10-03 08:48 - 2014-10-03 08:48 - 00052440 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\qxuljc.sys
2014-10-03 04:30 - 2014-10-03 04:30 - 00024448 _____ () C:\Windows\system32\Drivers\rkhdrv40.sys
2014-10-03 04:30 - 2014-10-03 04:30 - 00000000 ____D () C:\Users\nots0\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Rootkit Unhooker
2014-10-02 23:21 - 2014-10-02 23:21 - 14349744 _____ (Malwarebytes Corp.) C:\Users\nots0\Downloads\mbar-1.07.0.1012.exe
2014-10-02 22:56 - 2014-10-02 22:56 - 00158300 _____ () C:\Users\nots0\Downloads\RkU37300505.zip
2014-10-02 22:54 - 2014-10-02 22:54 - 00050477 _____ () C:\Users\nots0\Downloads\Defogger.exe
2014-10-02 22:54 - 2014-10-02 22:54 - 00000552 _____ () C:\Users\nots0\Downloads\defogger_disable.log
2014-10-02 22:54 - 2014-10-02 22:54 - 00000166 _____ () C:\Users\nots0\defogger_reenable
2014-10-02 21:46 - 2014-10-02 22:05 - 00000000 ____D () C:\Users\nots0\AppData\Roaming\FreeFixer
2014-10-02 21:46 - 2014-10-02 21:54 - 00000000 ____D () C:\Users\nots0\AppData\Local\FreeFixer
2014-10-02 21:40 - 2014-10-09 15:32 - 00000000 ____D () C:\Program Files\FreeFixer
2014-10-02 21:40 - 2014-10-02 21:40 - 02666167 _____ (Kephyr) C:\Users\nots0\Downloads\freefixersetup.exe
2014-10-02 21:10 - 2014-10-02 21:11 - 111461616 _____ (Microsoft Corporation) C:\Users\nots0\Downloads\mpam-fe.exe
2014-10-02 21:03 - 2014-10-09 18:57 - 00023891 _____ () C:\Users\nots0\Desktop\attach.txt
2014-10-02 21:03 - 2014-10-09 18:57 - 00013165 _____ () C:\Users\nots0\Desktop\dds.txt
2014-10-02 21:00 - 2014-10-02 21:00 - 00688992 ____R (Swearware) C:\Users\nots0\Downloads\dds(1).scr
2014-10-02 20:59 - 2014-10-02 21:00 - 00688992 _____ (Swearware) C:\Users\nots0\Downloads\dds.scr
2014-10-02 05:48 - 2014-10-02 05:48 - 00006789 _____ () C:\Users\nots0\Downloads\hijackthis2.log
2014-10-02 04:14 - 2014-10-02 04:14 - 00380416 _____ () C:\Users\nots0\Downloads\i7tjqdjp.exe
2014-10-02 04:07 - 2014-10-02 04:07 - 00000000 ____D () C:\Users\nots0\AppData\Roaming\FixZeroAccess
2014-10-02 04:06 - 2014-10-02 04:07 - 01805736 _____ (Symantec Corporation) C:\Users\nots0\Downloads\FixZeroAccess.exe
2014-10-02 00:09 - 2014-10-02 00:10 - 00068690 _____ () C:\Users\nots0\Downloads\Result.txt
2014-10-02 00:08 - 2014-10-02 00:08 - 00401920 _____ (Farbar) C:\Users\nots0\Downloads\MiniToolBox.exe
2014-10-01 15:06 - 2014-10-01 15:06 - 00002141 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2014.lnk
2014-10-01 15:06 - 2014-04-15 15:59 - 00036664 _____ (TuneUp Software) C:\Windows\system32\TURegOpt.exe
2014-10-01 15:06 - 2014-04-15 15:59 - 00025400 _____ (TuneUp Software) C:\Windows\system32\authuitu.dll
2014-10-01 15:00 - 2014-10-01 15:00 - 00001004 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Total Uninstall 6.lnk
2014-10-01 14:16 - 2014-10-01 14:19 - 00000000 ___SD () C:\ComboFix
2014-10-01 14:13 - 2014-10-01 14:13 - 05582345 ____R (Swearware) C:\Users\nots0\Downloads\ComboFix.exe
2014-10-01 13:06 - 2014-10-01 13:06 - 00000218 _____ () C:\Users\nots0\AppData\Local\recently-used.xbel
2014-10-01 12:16 - 2014-10-01 13:06 - 00000000 ____D () C:\Users\nots0\.zenmap
2014-10-01 12:16 - 2014-10-01 12:16 - 00000000 ____D () C:\Users\nots0\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Nmap
2014-10-01 12:14 - 2014-10-01 12:16 - 00000000 ____D () C:\Program Files\Nmap
2014-10-01 12:13 - 2014-10-01 12:13 - 27111830 _____ (Insecure.org) C:\Users\nots0\Downloads\nmap-6.47-setup.exe
2014-10-01 11:21 - 2014-10-01 11:22 - 00065144 _____ () C:\Users\nots0\Downloads\Addition.txt
2014-10-01 11:19 - 2014-10-10 16:13 - 00000000 ____D () C:\FRST
2014-10-01 11:07 - 2014-10-01 12:03 - 00007227 _____ () C:\Users\nots0\Downloads\hijackthis.log
2014-10-01 11:01 - 2014-10-01 11:01 - 00388608 _____ (Trend Micro Inc.) C:\Users\nots0\Downloads\HijackThis.exe
2014-10-01 10:45 - 2014-10-01 12:27 - 00000055 _____ () C:\Users\nots0\Downloads\FixWelch.log
2014-10-01 10:44 - 2014-10-01 10:44 - 00175256 _____ (Symantec Corporation) C:\Users\nots0\Downloads\FixWelch.exe
2014-10-01 10:38 - 2014-10-09 23:01 - 00034808 _____ () C:\Windows\system32\Drivers\TrueSight.sys
2014-10-01 10:38 - 2014-10-01 10:38 - 00000000 ____D () C:\ProgramData\RogueKiller
2014-10-01 10:37 - 2014-10-01 10:42 - 183376808 _____ (BeyondTrust, Inc.) C:\Users\nots0\Downloads\RetinaNetworkCommunity_EN.exe
2014-10-01 10:31 - 2014-10-01 10:31 - 04893784 _____ () C:\Users\nots0\Downloads\RogueKiller.exe
2014-10-01 08:48 - 2014-10-01 15:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TuneUp Utilities 2014
2014-10-01 08:48 - 2014-10-01 15:06 - 00000000 ____D () C:\Program Files\TuneUp Utilities 2014
2014-10-01 08:48 - 2014-10-01 08:48 - 00000000 ____D () C:\Users\nots0\AppData\Local\TuneUp Software
2014-10-01 08:29 - 2014-10-01 08:29 - 00000000 ____D () C:\ProgramData\Martau
2014-10-01 08:28 - 2014-10-01 15:00 - 00000000 ____D () C:\Program Files\Total Uninstall 6
2014-10-01 08:16 - 2014-10-01 08:16 - 00347816 _____ (Microsoft Corporation) C:\Users\nots0\Downloads\MicrosoftFixit.ProgramInstallUninstall.MATSKB.Run(1).exe
2014-09-28 06:54 - 2014-09-28 06:54 - 00001571 _____ () C:\Users\Public\Desktop\sine mora.lnk
2014-09-28 06:53 - 2014-09-28 06:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kalypso Media
2014-09-27 21:55 - 2014-09-27 21:55 - 00000000 ____D () C:\ProgramData\RELOADED
2014-09-27 20:52 - 2014-09-27 20:52 - 00001853 _____ () C:\Users\Public\Desktop\mark of the ninja.lnk
2014-09-27 20:52 - 2014-09-27 20:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Studios
2014-09-27 20:47 - 2014-09-27 20:47 - 00000587 _____ () C:\Users\Public\Desktop\torchlight 2.lnk
2014-09-27 20:35 - 2014-09-27 20:35 - 00001104 _____ () C:\Users\nots0\Desktop\dust an elysian tail.lnk
2014-09-27 16:45 - 2014-09-27 16:45 - 00000703 _____ () C:\Users\nots0\Desktop\metal slug.lnk
2014-09-27 16:44 - 2014-09-27 16:44 - 00000000 ____D () C:\Users\nots0\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SNK PLAYMORE
2014-09-27 14:16 - 2014-09-27 14:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PP助手2.0
2014-09-27 14:16 - 2014-09-27 14:16 - 00000000 ____D () C:\Program Files\PP助手2.0
2014-09-27 14:15 - 2014-09-27 14:15 - 19521328 _____ (广州铁人网络科技有限公司) C:\Users\nots0\Downloads\ppsetup(1).exe
2014-09-27 14:05 - 2014-09-27 14:05 - 21933992 _____ () C:\Users\nots0\Downloads\Tongbu_Setup_2.19.2_zsgw.exe
2014-09-27 10:48 - 2014-09-27 10:48 - 00000000 ____D () C:\ProgramData\FaceOnBody2
2014-09-27 10:43 - 2014-09-27 10:45 - 00000000 ____D () C:\Program Files\FaceOnBody2
2014-09-27 10:43 - 2014-09-27 10:43 - 00000000 ____D () C:\Users\nots0\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FaceOnBody2
2014-09-27 10:43 - 2014-09-27 10:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FaceOnBody2
2014-09-26 23:21 - 2014-09-26 23:21 - 00402696 _____ () C:\Users\nots0\Downloads\setup(1).exe
2014-09-25 20:30 - 2014-09-25 20:30 - 00699016 _____ (CNET Download.com) C:\Users\nots0\Downloads\cbsidlm-cbsi213-Always_On_Top-SEO-10674027.exe
2014-09-24 21:02 - 2014-09-27 16:46 - 00000895 _____ () C:\Users\nots0\Desktop\btd 5.lnk
2014-09-24 21:01 - 2014-09-24 21:01 - 00000000 ____D () C:\Users\nots0\AppData\Roaming\com.ninjakiwi.BloonsTD5Deluxe
2014-09-24 21:00 - 2014-09-24 21:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bloons TD 5 Deluxe

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-10-10 16:12 - 2014-03-18 09:57 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-10-10 14:02 - 2013-11-26 19:38 - 00000000 ____D () C:\Users\nots0\AppData\Roaming\Vso
2014-10-10 14:02 - 2013-11-26 19:38 - 00000000 ____D () C:\ProgramData\VSO
2014-10-10 14:02 - 2013-03-09 22:11 - 00000000 ____D () C:\Users\nots0\AppData\Roaming\DAEMON Tools Pro
2014-10-10 14:02 - 2013-03-09 14:36 - 00000000 ____D () C:\Users\nots0\AppData\Roaming\uTorrent
2014-10-10 14:00 - 2014-07-30 04:12 - 00000000 ____D () C:\Users\nots0\AppData\Local\CrashDumps
2014-10-10 13:17 - 2013-03-10 09:04 - 00000000 ____D () C:\Users\nots0\AppData\Roaming\vlc
2014-10-09 23:22 - 2013-07-12 13:37 - 00000000 ____D () C:\Users\nots0\My Books
2014-10-09 23:20 - 2013-06-29 14:41 - 00000000 ___RD () C:\Users\nots0\Desktop\incoming
2014-10-09 23:06 - 2014-07-06 06:33 - 00110296 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-10-09 20:46 - 2013-03-09 18:27 - 00000000 ____D () C:\Users\nots0\AppData\Local\Deployment
2014-10-09 20:39 - 2014-03-18 09:36 - 00000000 ____D () C:\Program Files\Bonjour
2014-10-09 15:45 - 2014-04-29 17:41 - 00000000 ____D () C:\Users\nots0\Documents\ihelper
2014-10-09 15:38 - 2013-05-08 19:49 - 00000000 ____D () C:\Windows\Minidump
2014-10-09 15:34 - 2014-06-27 10:23 - 00000000 ____D () C:\Program Files\Pidgin
2014-10-07 12:44 - 2013-03-09 14:28 - 00000000 ____D () C:\Users\nots0
2014-10-02 23:59 - 2013-03-23 22:14 - 00000000 ____D () C:\Program Files\World of Warcraft Public Test
2014-10-02 23:57 - 2014-04-06 19:10 - 00000000 ____D () C:\Users\nots0\AppData\Local\Battle.net
2014-10-02 23:57 - 2014-04-06 19:09 - 00000000 ____D () C:\Program Files\Battle.net
2014-10-02 23:33 - 2009-07-14 00:34 - 00010016 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-10-02 23:33 - 2009-07-14 00:34 - 00010016 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-10-02 23:28 - 2013-03-09 14:40 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-10-02 23:28 - 2009-07-14 00:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-10-02 21:26 - 2014-03-13 12:00 - 00000000 ____D () C:\Program Files\Common Files\Skype
2014-10-01 15:15 - 2014-01-26 08:10 - 00000000 __SHD () C:\ProgramData\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C}
2014-10-01 14:55 - 2013-05-06 00:36 - 00000000 ____D () C:\Windows\pss
2014-10-01 14:16 - 2014-02-25 16:18 - 00000000 ____D () C:\Qoobox
2014-10-01 13:53 - 2013-03-10 00:49 - 00000000 ____D () C:\Program Files\Microsoft Baseline Security Analyzer 2
2014-10-01 13:53 - 2009-07-13 22:37 - 00000000 ____D () C:\Windows\system32\wfp
2014-10-01 13:53 - 2009-07-13 22:37 - 00000000 ____D () C:\Windows\registration
2014-10-01 13:53 - 2009-07-13 22:37 - 00000000 ____D () C:\Windows\AppCompat
2014-10-01 13:52 - 2013-12-19 17:35 - 00000000 ____D () C:\ProgramData\Apple Computer
2014-10-01 13:52 - 2013-12-19 17:34 - 00000000 ____D () C:\Users\nots0\AppData\Local\Apple
2014-10-01 13:52 - 2013-12-19 17:34 - 00000000 ____D () C:\ProgramData\Apple
2014-09-30 08:29 - 2013-04-11 21:54 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2014-09-28 09:05 - 2013-03-14 15:57 - 00000000 ____D () C:\Users\nots0\AppData\Roaming\mIRC
2014-09-28 06:50 - 2013-05-22 12:52 - 00000000 ____D () C:\Games
2014-09-27 21:55 - 2013-06-19 16:28 - 00000000 ____D () C:\Users\nots0\Documents\My Games
2014-09-27 20:56 - 2013-09-14 20:48 - 00000000 ____D () C:\Users\nots0\AppData\Local\SKIDROW
2014-09-27 14:08 - 2014-08-26 17:52 - 00000000 ____D () C:\Users\nots0\Documents\Tongbu
2014-09-27 10:50 - 2014-03-31 14:08 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-09-24 11:01 - 2013-03-09 14:44 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2014-09-24 11:01 - 2013-03-09 14:44 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2014-09-19 21:36 - 2014-08-08 15:28 - 00000000 ____D () C:\Users\nots0\AppData\Roaming\.minecraft
2014-09-15 09:06 - 2013-03-09 14:47 - 00231568 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe

Files to move or delete:
====================
C:\ProgramData\win_mpwd_sys.dat


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-10-06 13:32

==================== End Of Log ============================

 

 

 

ComboFix 14-10-04.01 - nots0 10/10/2014  16:50:53.2.4 - x86
Microsoft Windows 7 Ultimate   6.1.7601.1.1252.1.1033.18.3327.893 [GMT -4:00]
Running from: c:\users\nots0\Downloads\ComboFix.exe
AV: Microsoft Security Essentials *Enabled/Updated* {641105E6-77ED-3F35-A304-765193BCB75F}
SP: Microsoft Security Essentials *Enabled/Updated* {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((((((   Other Deletions   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\nots0\AppData\Roaming\inst.exe
.
.
(((((((((((((((((((((((((   Files Created from 2014-09-10 to 2014-10-10  )))))))))))))))))))))))))))))))
.
.
2014-10-10 20:56 . 2014-10-10 20:56    --------    d-----w-    c:\users\Public\AppData\Local\temp
2014-10-10 20:56 . 2014-10-10 20:56    --------    d-----w-    c:\users\Default\AppData\Local\temp
2014-10-10 20:32 . 2014-10-10 20:32    --------    d-----w-    C:\zoek_backup
2014-10-10 17:20 . 2014-10-10 17:20    --------    d-----w-    c:\users\nots0\AppData\Roaming\Aspell
2014-10-10 03:25 . 2014-10-10 03:25    --------    d-----w-    c:\programdata\Malwarebytes Anti-Exploit
2014-10-10 03:25 . 2014-10-10 03:30    --------    d-----w-    c:\program files\Malwarebytes Anti-Exploit
2014-10-09 04:57 . 2014-10-09 04:57    39464    ----a-w-    c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{5FDE2106-6FDB-4928-85C8-2A67ADDCEAC1}\MpKslb997da32.sys
2014-10-09 04:42 . 2014-10-09 04:42    --------    d-----w-    c:\users\nots0\AppData\Local\Wokhan
2014-10-08 22:00 . 2014-10-08 22:00    --------    d-----w-    c:\users\nots0\AppData\Roaming\TradeSkillMaster
2014-10-08 19:02 . 2014-09-09 01:24    8806800    ----a-w-    c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{5FDE2106-6FDB-4928-85C8-2A67ADDCEAC1}\mpengine.dll
2014-10-03 12:48 . 2014-10-03 12:48    52440    ----a-w-    c:\windows\system32\drivers\qxuljc.sys
2014-10-03 08:30 . 2014-10-03 08:30    24448    ----a-w-    c:\windows\system32\drivers\rkhdrv40.sys
2014-10-03 01:46 . 2014-10-03 02:05    --------    d-----w-    c:\users\nots0\AppData\Roaming\FreeFixer
2014-10-03 01:46 . 2014-10-03 01:54    --------    d-----w-    c:\users\nots0\AppData\Local\FreeFixer
2014-10-03 01:40 . 2014-10-09 19:32    --------    d-----w-    c:\program files\FreeFixer
2014-10-03 01:11 . 2014-09-09 01:24    8806800    ----a-w-    c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\Backup\mpengine.dll
2014-10-02 14:56 . 2014-09-10 20:30    908840    ------w-    c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\{4F06367A-22C0-4217-84CA-63040D217644}\gapaengine.dll
2014-10-02 08:07 . 2014-10-02 08:07    --------    d-----w-    c:\users\nots0\AppData\Roaming\FixZeroAccess
2014-10-01 19:06 . 2014-04-15 19:59    36664    ----a-w-    c:\windows\system32\TURegOpt.exe
2014-10-01 19:06 . 2014-04-15 19:59    25400    ----a-w-    c:\windows\system32\authuitu.dll
2014-10-01 16:16 . 2014-10-01 17:06    --------    d-----w-    c:\users\nots0\.zenmap
2014-10-01 16:14 . 2014-10-01 16:16    --------    d-----w-    c:\program files\Nmap
2014-10-01 15:19 . 2014-10-10 20:14    --------    d-----w-    C:\FRST
2014-10-01 14:38 . 2014-10-10 03:01    34808    ----a-w-    c:\windows\system32\drivers\TrueSight.sys
2014-10-01 14:38 . 2014-10-01 14:38    --------    d-----w-    c:\programdata\RogueKiller
2014-10-01 12:48 . 2014-10-01 12:48    --------    d-----w-    c:\users\nots0\AppData\Local\TuneUp Software
2014-10-01 12:48 . 2014-10-01 19:06    --------    d-----w-    c:\program files\TuneUp Utilities 2014
2014-10-01 12:29 . 2014-10-01 12:29    --------    d-----w-    c:\programdata\Martau
2014-10-01 12:28 . 2014-10-01 19:00    --------    d-----w-    c:\program files\Total Uninstall 6
2014-09-28 01:55 . 2014-09-28 01:55    --------    d-----w-    c:\programdata\RELOADED
2014-09-27 18:16 . 2014-09-27 18:16    --------    d-----w-.0    c:\progra~1\PP2~1.0
2014-09-27 14:48 . 2014-09-27 14:48    --------    d-----w-    c:\programdata\FaceOnBody2
2014-09-27 14:43 . 2014-09-27 14:45    --------    d-----w-    c:\program files\FaceOnBody2
2014-09-25 01:01 . 2014-09-25 01:01    --------    d-----w-    c:\users\nots0\AppData\Roaming\com.ninjakiwi.BloonsTD5Deluxe
2014-09-19 02:28 . 2014-09-19 02:28    3231696    ----a-w-    c:\program files\Mozilla Firefox\d3dcompiler_46.dll
.
.
.
((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-10-10 03:06 . 2014-07-06 10:33    110296    ----a-w-    c:\windows\system32\drivers\MBAMSwissArmy.sys
2014-10-03 12:48 . 2014-10-03 12:48    1242    ----a-w-    c:\windows\Fonts\drufs
2014-09-24 15:01 . 2013-03-09 18:44    701104    ----a-w-    c:\windows\system32\FlashPlayerApp.exe
2014-09-24 15:01 . 2013-03-09 18:44    71344    ----a-w-    c:\windows\system32\FlashPlayerCPLApp.cpl
2014-09-15 13:06 . 2013-03-09 18:47    231568    ------w-    c:\windows\system32\MpSigStub.exe
2014-09-10 20:30 . 2013-07-17 20:08    908840    ------w-    c:\programdata\Microsoft\Microsoft Antimalware\Definition Updates\NISBackup\gapaengine.dll
.
.
(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\~\Browser Helper Objects\{25DA541F-6ACF-4052-A8AA-1D58284729C7}]
2010-11-05 01:58    297808    ----a-w-    c:\windows\System32\mscoree.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro1 (ErrorConflict)]
@="{8BA85C75-763B-4103-94EB-9470F12FE0F7}"
[HKEY_CLASSES_ROOT\CLSID\{8BA85C75-763B-4103-94EB-9470F12FE0F7}]
2014-03-13 00:07    1728216    ----a-w-    c:\progra~1\MICROS~3\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro2 (SyncInProgress)]
@="{CD55129A-B1A1-438E-A425-CEBC7DC684EE}"
[HKEY_CLASSES_ROOT\CLSID\{CD55129A-B1A1-438E-A425-CEBC7DC684EE}]
2014-03-13 00:07    1728216    ----a-w-    c:\progra~1\MICROS~3\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro3 (InSync)]
@="{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}"
[HKEY_CLASSES_ROOT\CLSID\{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}]
2014-03-13 00:07    1728216    ----a-w-    c:\progra~1\MICROS~3\Office15\GROOVEEX.DLL
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MSC"="c:\program files\Microsoft Security Client\msseces.exe" [2014-03-11 951576]
"Malwarebytes Anti-Exploit"="c:\program files\Malwarebytes Anti-Exploit\mbae.exe" [2014-08-26 443216]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"Malwarebytes Anti-Malware (cleanup)"="c:\programdata\Malwarebytes\Malwarebytes Anti-Malware\mbamdor.exe" [2014-05-12 54072]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinFLAdrv.sys]
@="Driver"
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^StrongVaultApp.exe.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\StrongVaultApp.exe.lnk
backup=c:\windows\pss\StrongVaultApp.exe.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Who Is On My Wifi.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\Who Is On My Wifi.lnk
backup=c:\windows\pss\Who Is On My Wifi.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKLM\~\startupfolder\C:^Users^nots0^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^CurseClientStartup.ccip]
path=c:\users\nots0\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CurseClientStartup.ccip
backup=c:\windows\pss\CurseClientStartup.ccip.Startup
backupExtension=.Startup
.
[HKLM\~\startupfolder\C:^Users^nots0^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Rainmeter.lnk]
backup=c:\windows\pss\Rainmeter.lnkStartup
path=c:\users\nots0\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Rainmeter.lnk
backupExtension=Startup
.
[HKLM\~\startupfolder\C:^Users^nots0^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Send to OneNote.lnk]
path=c:\users\nots0\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Send to OneNote.lnk
backup=c:\windows\pss\Send to OneNote.lnkStartup
backupExtension=Startup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeAAMUpdater-1.0]
2013-03-21 10:10    472992    ------w-    c:\program files\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCEPServiceManager]
2013-03-13 18:39    1039248    ----a-w-    c:\program files\Common Files\Adobe\CEPServiceManager4\CEPServiceManager.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AdobeCS6ServiceManager]
2012-03-09 20:26    1073312    ----a-w-    c:\program files\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon]
2014-02-13 00:57    43848    ----a-w-    c:\program files\Common Files\Apple\Apple Application Support\APSDaemon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HDAudDeck]
2013-03-09 21:05    1683360    ----a-w-    c:\program files\VIA\VIAudioi\VDeck\VDeck.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper]
2014-02-21 07:54    152392    ----a-w-    c:\program files\iTunes\iTunesHelper.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skype]
2014-02-10 21:46    20922016    ----a-r-    c:\program files\Skype\Phone\Skype.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched]
2013-07-02 14:16    254336    ----a-w-    c:\program files\Common Files\Java\Java Update\jusched.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Zune Launcher]
2011-08-05 16:29    159456    ----a-w-    c:\program files\Zune\ZuneLauncher.exe
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"DAEMON Tools Pro Agent"="c:\program files\DAEMON Tools Pro\DTAgent.exe" -autorun
"Lync"="c:\program files\Microsoft Office\Office15\lync.exe" /fromrunkey
"FLBackup"=c:\program files\NewSoftware's\Folder Lock\FLComServCtrl.exe
"WinFLTray"=c:\windows\system32\WinFLTray.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe"
"iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe"
.
R1 AntiLog32;AntiLog32;c:\windows\system32\drivers\AntiLog32.sys [x]
R3 keycrypt;keycrypt;c:\windows\system32\DRIVERS\KeyCrypt32.sys [x]
R4 FLService;FLService;c:\windows\system32\WinFLService.exe [2013-03-10 92360]
R4 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe [2014-02-06 108032]
R4 LiveUpdateSvc;LiveUpdate;c:\program files\IObit\LiveUpdate\LiveUpdate.exe [2013-12-03 2151200]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2013-03-10 242240]
S2 MBAMScheduler;MBAMScheduler;c:\program files\Malwarebytes Anti-Malware\mbamscheduler.exe [2014-05-12 1809720]
S2 MBAMService;MBAMService;c:\program files\Malwarebytes Anti-Malware\mbamservice.exe [2014-05-12 860472]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2014-05-12 23256]
S3 MBAMWebAccessControl;MBAMWebAccessControl;c:\windows\system32\drivers\mwac.sys [2014-05-12 51928]
.
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - ESPROTECTIONDRIVER
*NewlyCreated* - MBAMSWISSARMY
*NewlyCreated* - MPKSLB997DA32
*NewlyCreated* - MPKSLDF1E2F25
*NewlyCreated* - PROCMON23
*NewlyCreated* - TRUESIGHT
*NewlyCreated* - WANARPV6
*Deregistered* - MpKsldf1e2f25
*Deregistered* - PROCMON23
*Deregistered* - TrueSight
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-09-24 23:48    1096520    ----a-w-    c:\program files\Google\Chrome\Application\37.0.2062.124\Installer\chrmstp.exe
.
Contents of the 'Scheduled Tasks' folder
.
2014-10-10 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-03-09 15:01]
.
.
------- Supplementary Scan -------
.
uStart Page = www.google.com
mStart Page = hxxp://www.google.com
uInternet Settings,ProxyOverride = *.local
Trusted Zone: clonewarsadventures.com
Trusted Zone: freerealms.com
Trusted Zone: soe.com
Trusted Zone: sony.com
TCP: DhcpNameServer = 75.75.75.75 75.75.76.76
Filter: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - c:\program files\Common Files\microsoft shared\OFFICE15\MSOXMLMF.DLL
FF - ProfilePath - c:\users\nots0\AppData\Roaming\Mozilla\Firefox\Profiles\tz0ans2l.default\
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com
FF - prefs.js: network.proxy.type - 0
FF - ExtSQL: 2014-09-25 20:32; {2fab2e94-d6f9-42de-8839-3510cef6424b}; c:\users\nots0\AppData\Roaming\Mozilla\Firefox\Profiles\tz0ans2l.default\extensions\{2fab2e94-d6f9-42de-8839-3510cef6424b}
FF - user.js: network.http.max-persistent-connections-per-server - 4
FF - user.js: nglayout.initialpaint.delay - 600
FF - user.js: content.notify.interval - 600000
FF - user.js: content.max.tokenizing.time - 1800000
FF - user.js: content.switch.threshold - 600000
FF - user.js: yahoo.ytff.general.dontshowhpoffer - true
.
- - - - ORPHANS REMOVED - - - -
.
AddRemove-PP??2.0 Win? - c:\program files\PP??2.0\uninst.exe
AddRemove-uTorrent - c:\users\nots0\AppData\Roaming\uTorrent\uTorrent.exe
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2014-10-10  16:58:11
ComboFix-quarantined-files.txt  2014-10-10 20:58
ComboFix2.txt  2014-02-25 20:39
.
Pre-Run: 530,911,756,288 bytes free
Post-Run: 530,864,111,616 bytes free
.
- - End Of File - - 27DA99B8C67B2325466969D6C9541E4F
A36C5E4F47E84449FF07ED3517B43A31
 


  • 0

#6
cer0

cer0

    New Member

  • Topic Starter
  • Member
  • Pip
  • 6 posts

 

MiniToolBox by Farbar  Version: 21-07-2014
Ran by nots0 (administrator) on 11-10-2014 at 05:30:58
Running from "C:\Users\nots0\Downloads"
Microsoft Windows 7 Ultimate  Service Pack 1 (X86)
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================

"network.proxy.type", 0

"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================

127.0.0.1    localhost

========================= IP Configuration: ================================

Realtek PCIe GBE Family Controller = Local Area Connection (Connected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# End of IPv4 configuration



Windows IP Configuration

   Host Name . . . . . . . . . . . . : nots0-PC
   Primary Dns Suffix  . . . . . . . :
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No
   DNS Suffix Search List. . . . . . : hsd1.md.comcast.net.

Ethernet adapter Local Area Connection:

   Connection-specific DNS Suffix  . : hsd1.md.comcast.net.
   Description . . . . . . . . . . . : Realtek PCIe GBE Family Controller
   Physical Address. . . . . . . . . : E0-CB-4E-C5-D8-1B
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   IPv4 Address. . . . . . . . . . . : 10.0.0.2(Preferred)
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : Saturday, October 11, 2014 5:24:54 AM
   Lease Expires . . . . . . . . . . : Saturday, October 18, 2014 5:24:54 AM
   Default Gateway . . . . . . . . . : 10.0.0.1
   DHCP Server . . . . . . . . . . . : 10.0.0.1
   DNS Servers . . . . . . . . . . . : 75.75.75.75
                                       75.75.76.76
   NetBIOS over Tcpip. . . . . . . . : Disabled

Tunnel adapter Teredo Tunneling Pseudo-Interface:

   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
   IPv6 Address. . . . . . . . . . . : 2001:0:5ef5:79fd:10d7:2097:f5ff:fffd(Preferred)
   Link-local IPv6 Address . . . . . : fe80::10d7:2097:f5ff:fffd%18(Preferred)
   Default Gateway . . . . . . . . . : ::
   NetBIOS over Tcpip. . . . . . . . : Disabled

Tunnel adapter Reusable ISATAP Interface {4A5E795B-79F4-4F71-A823-FB2AAD295783}:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : hsd1.md.comcast.net.
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter #6
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
DNS request timed out.
    timeout was 2 seconds.
Server:  UnKnown
Address:  75.75.75.75

DNS request timed out.
    timeout was 2 seconds.
DNS request timed out.
    timeout was 2 seconds.
DNS request timed out.
    timeout was 2 seconds.
DNS request timed out.
    timeout was 2 seconds.

Pinging google.com [74.125.228.5] with 32 bytes of data:
General failure.
General failure.

Ping statistics for 74.125.228.5:
    Packets: Sent = 2, Received = 0, Lost = 2 (100% loss),
DNS request timed out.
    timeout was 2 seconds.
Server:  UnKnown
Address:  75.75.75.75

DNS request timed out.
    timeout was 2 seconds.
DNS request timed out.
    timeout was 2 seconds.
DNS request timed out.
    timeout was 2 seconds.
DNS request timed out.
    timeout was 2 seconds.

Pinging yahoo.com [98.139.183.24] with 32 bytes of data:
Request timed out.
General failure.

Ping statistics for 98.139.183.24:
    Packets: Sent = 2, Received = 0, Lost = 2 (100% loss),

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
 10...e0 cb 4e c5 d8 1b ......Realtek PCIe GBE Family Controller
  1...........................Software Loopback Interface 1
 18...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
 17...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #6
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0         10.0.0.1         10.0.0.2     10
         10.0.0.0    255.255.255.0         On-link          10.0.0.2    266
         10.0.0.2  255.255.255.255         On-link          10.0.0.2    266
       10.0.0.255  255.255.255.255         On-link          10.0.0.2    266
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link          10.0.0.2    266
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
  255.255.255.255  255.255.255.255         On-link          10.0.0.2    266
===========================================================================
Persistent Routes:
  None

IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
 18     58 ::/0                     On-link
  1    306 ::1/128                  On-link
 18     58 2001::/32                On-link
 18    306 2001:0:5ef5:79fd:10d7:2097:f5ff:fffd/128
                                    On-link
 18    306 fe80::/64                On-link
 18    306 fe80::10d7:2097:f5ff:fffd/128
                                    On-link
  1    306 ff00::/8                 On-link
 18    306 ff00::/8                 On-link
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\system32\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\system32\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\system32\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\system32\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog5 06 C:\Windows\system32\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 07 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145648] (Microsoft Corp.)
Catalog5 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145648] (Microsoft Corp.)
Catalog5 09 C:\Program Files\Bonjour\mdnsNSP.dll [] ()
Catalog9 01 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 02 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 03 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 04 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 05 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 06 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 07 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 08 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 09 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 10 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 11 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 12 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 13 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 14 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 15 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 16 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 17 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 18 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 19 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 20 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 21 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 22 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 23 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 24 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 25 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 26 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 27 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 28 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (10/10/2014 10:07:28 PM) (Source: PerfNet) (User: )
Description:

Error: (10/10/2014 10:07:28 PM) (Source: PerfNet) (User: )
Description:

Error: (10/10/2014 10:00:43 PM) (Source: PerfNet) (User: )
Description:

Error: (10/10/2014 10:00:43 PM) (Source: PerfNet) (User: )
Description:

Error: (10/10/2014 06:49:12 PM) (Source: PerfNet) (User: )
Description:

Error: (10/10/2014 06:49:12 PM) (Source: PerfNet) (User: )
Description:

Error: (10/10/2014 04:44:30 PM) (Source: PerfNet) (User: )
Description:

Error: (10/10/2014 04:44:30 PM) (Source: PerfNet) (User: )
Description:

Error: (10/10/2014 04:43:20 PM) (Source: Application Error) (User: )
Description: Faulting application name: Foxit Advanced PDF Editor.exe, version: 3.0.5.0, time stamp: 0x510f8a3b
Faulting module name: ntdll.dll, version: 6.1.7601.18247, time stamp: 0x521ea91c
Exception code: 0xc0000005
Fault offset: 0x0003224d
Faulting process id: 0x4de8
Faulting application start time: 0xFoxit Advanced PDF Editor.exe0
Faulting application path: Foxit Advanced PDF Editor.exe1
Faulting module path: Foxit Advanced PDF Editor.exe2
Report Id: Foxit Advanced PDF Editor.exe3

Error: (10/10/2014 04:38:30 PM) (Source: PerfNet) (User: )
Description:


System errors:
=============
Error: (10/11/2014 05:30:38 AM) (Source: DCOM) (User: )
Description: C:\Windows\system32\DllHost.exe /Processid:{F9717507-6651-4EDB-BFF7-AE615179BCCF}5{C39EE728-D419-4BD4-A3EF-EDA059DBD935}

Error: (10/11/2014 05:26:23 AM) (Source: DCOM) (User: )
Description: C:\Windows\system32\DllHost.exe /Processid:{AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}5{AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}

Error: (10/11/2014 05:25:15 AM) (Source: Service Control Manager) (User: )
Description: The Internet Connection Sharing (ICS) service depends on the Remote Access Connection Manager service which failed to start because of the following error:
%%1058

Error: (10/11/2014 00:13:42 AM) (Source: Microsoft Antimalware) (User: )
Description: %NT AUTHORITY60 has encountered an error trying to update signatures.

    New Signature Version:

    Previous Signature Version: 1.185.2649.0

    Update Source: %NT AUTHORITY59

    Update Stage: 4.5.0216.00

    Source Path: 4.5.0216.01

    Signature Type: %NT AUTHORITY602

    Update Type: %NT AUTHORITY604

    User: NT AUTHORITY\SYSTEM

    Current Engine Version: %NT AUTHORITY605

    Previous Engine Version: %NT AUTHORITY606

    Error code: %NT AUTHORITY607

    Error description: %NT AUTHORITY608

Error: (10/11/2014 00:00:53 AM) (Source: Microsoft Antimalware) (User: )
Description: %NT AUTHORITY60 has encountered an error trying to update signatures.

    New Signature Version:

    Previous Signature Version: 1.185.2649.0

    Update Source: %NT AUTHORITY59

    Update Stage: 4.5.0216.00

    Source Path: 4.5.0216.01

    Signature Type: %NT AUTHORITY602

    Update Type: %NT AUTHORITY604

    User: NT AUTHORITY\SYSTEM

    Current Engine Version: %NT AUTHORITY605

    Previous Engine Version: %NT AUTHORITY606

    Error code: %NT AUTHORITY607

    Error description: %NT AUTHORITY608

Error: (10/10/2014 04:57:00 PM) (Source: Service Control Manager) (User: )
Description: The PEVSystemStart service is marked as an interactive service.  However, the system is configured to not allow interactive services.  This service may not function properly.

Error: (10/10/2014 04:54:36 PM) (Source: Service Control Manager) (User: )
Description: The PEVSystemStart service is marked as an interactive service.  However, the system is configured to not allow interactive services.  This service may not function properly.

Error: (10/10/2014 04:50:43 PM) (Source: Service Control Manager) (User: )
Description: The PEVSystemStart service is marked as an interactive service.  However, the system is configured to not allow interactive services.  This service may not function properly.

Error: (10/10/2014 04:21:13 PM) (Source: Microsoft Antimalware) (User: )
Description: %NT AUTHORITY60 has encountered an error trying to update signatures.

    New Signature Version:

    Previous Signature Version: 1.185.2649.0

    Update Source: %NT AUTHORITY59

    Update Stage: 4.5.0216.00

    Source Path: 4.5.0216.01

    Signature Type: %NT AUTHORITY602

    Update Type: %NT AUTHORITY604

    User: NT AUTHORITY\SYSTEM

    Current Engine Version: %NT AUTHORITY605

    Previous Engine Version: %NT AUTHORITY606

    Error code: %NT AUTHORITY607

    Error description: %NT AUTHORITY608

Error: (10/10/2014 01:21:33 PM) (Source: DCOM) (User: )
Description: C:\Windows\system32\DllHost.exe /Processid:{F9717507-6651-4EDB-BFF7-AE615179BCCF}5{C39EE728-D419-4BD4-A3EF-EDA059DBD935}


Microsoft Office Sessions:
=========================
Error: (10/10/2014 10:07:28 PM) (Source: PerfNet)(User: )
Description:

Error: (10/10/2014 10:07:28 PM) (Source: PerfNet)(User: )
Description:

Error: (10/10/2014 10:00:43 PM) (Source: PerfNet)(User: )
Description:

Error: (10/10/2014 10:00:43 PM) (Source: PerfNet)(User: )
Description:

Error: (10/10/2014 06:49:12 PM) (Source: PerfNet)(User: )
Description:

Error: (10/10/2014 06:49:12 PM) (Source: PerfNet)(User: )
Description:

Error: (10/10/2014 04:44:30 PM) (Source: PerfNet)(User: )
Description:

Error: (10/10/2014 04:44:30 PM) (Source: PerfNet)(User: )
Description:

Error: (10/10/2014 04:43:20 PM) (Source: Application Error)(User: )
Description: Foxit Advanced PDF Editor.exe3.0.5.0510f8a3bntdll.dll6.1.7601.18247521ea91cc00000050003224d4de801cfe4398bd212c2C:\Program Files\Foxit Software\Foxit Advanced PDF Editor\Foxit Advanced PDF Editor.exeC:\Windows\SYSTEM32\ntdll.dll119e8dcf-50be-11e4-99fe-e0cb4ec5d81b

Error: (10/10/2014 04:38:30 PM) (Source: PerfNet)(User: )
Description:



=========================== Installed Programs ============================
Adobe AIR (HKLM\...\Adobe AIR) (Version: 3.1.0.4880 - Adobe Systems Incorporated)
Adobe AIR (Version: 3.1.0.4880 - Adobe Systems Incorporated) Hidden
Adobe Dreamweaver CC (HKLM\...\{00E094E1-A852-11E2-803D-ACEA632352B4}) (Version: 13 - Adobe Systems Incorporated)
Adobe Fireworks CS6 (HKLM\...\{CA7C485C-7A89-11E1-B2C8-CD54B377BC52}) (Version: 12.0.0 - Adobe Systems Incorporated)
Adobe Flash Player 15 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 15.0.0.167 - Adobe Systems Incorporated)
Adobe Flash Player 15 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 15.0.0.152 - Adobe Systems Incorporated)
Adobe Photoshop CC (HKLM\...\{2D99B50E-431D-4AA8-85C1-172A6F8BCF09}) (Version: 14.0 - Adobe Systems Incorporated)
Adobe Update Management Tool (HKLM\...\{534A7A1A-7102-4AF6-23EA-7CD279C7B625}_is1) (Version: 6.2 - PainteR)
Adobe Widget Browser (HKLM\...\com.adobe.WidgetBrowser) (Version: 2.0 Build 348 - Adobe Systems Incorporated.)
Adobe Widget Browser (Version: 2.0.348 - Adobe Systems Incorporated.) Hidden
Angry Birds Star Wars II 1.0.4 (HKLM\...\Angry Birds Star Wars II 1.0.4) (Version: 1.0.4 - Cat-A-Cat)
Apple Application Support (HKLM\...\{AAC5D43E-816D-4C2D-8E51-55FFF35BE301}) (Version: 3.0.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{18D47FA1-0440-48D3-A7E0-DA09537FF471}) (Version: 7.1.1.3 - Apple Inc.)
Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Battle.net (HKLM\...\Battle.net) (Version:  - Blizzard Entertainment)
Better File Rename 5.44 (HKLM\...\Better File Rename_is1) (Version:  - publicspace.net)
Bloons TD 5 Deluxe version 1.21 (HKLM\...\Bloons TD 5 Deluxe_is1) (Version: 1.21 - )
CCleaner (HKLM\...\CCleaner) (Version: 4.13 - Piriform)
D3DX10 (Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Pro (HKLM\...\DAEMON Tools Pro) (Version: 5.2.0.0348 - DT Soft Ltd)
Definition Update for Microsoft Office 2013 (KB2760587) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{9D8D67FD-8FAB-4B98-A121-4CFA10380058}) (Version:  - Microsoft)
Diablo III (HKLM\...\Diablo III) (Version:  - Blizzard Entertainment)
Dust: An Elysian Tail (HKLM\...\Dust: An Elysian Tail_is1) (Version:  - Microsoft Studios)
ERUNT 1.1j (HKLM\...\ERUNT_is1) (Version:  - Lars Hederer)
Folder Size (HKLM\...\{FC8D21C8-7B29-4104-ADB0-FEE9CA1C7922}) (Version: 2.6 - Brio)
Foxit Advanced PDF Editor 3 (HKLM\...\B521582C-6BE3-491D-BCC8-FFB8301298E9_is1) (Version: 3.0.5.0 - Foxit Corporation)
Ghostbuster (HKCU\...\585841693e8401e3) (Version: 1.0.0.0 - Ghostbuster)
Google Chrome (HKLM\...\Google Chrome) (Version: 37.0.2062.124 - Google Inc.)
Google Update Helper (Version: 1.3.23.9 - Google Inc.) Hidden
ImgBurn (HKLM\...\ImgBurn) (Version: 2.5.7.0 - LIGHTNING UK!)
iTunes (HKLM\...\{2F21564D-DE05-4C6D-B21E-08B9D313FAB3}) (Version: 11.1.5.5 - Apple Inc.)
Java 7 Update 51 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.510 - Oracle)
Java Auto Updater (Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
MakeTorrent v2.1 (HKLM\...\MakeTorrent 2) (Version:  - )
Malwarebytes Anti-Exploit version 1.04.1.1012 (HKLM\...\Malwarebytes Anti-Exploit_is1) (Version: 1.04.1.1012 - Malwarebytes)
Malwarebytes Anti-Malware version 2.0.2.1012 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Mark of the Ninja Special Edition (HKLM\...\Mark of the Ninja Special Edition_is1) (Version:  - )
Metal Slug Complete PC 1.0 (HKLM\...\Metal Slug Complete PC) (Version: 1.0 - SNK PLAYMORE)
Microsoft .NET Framework 4.5 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50709 - Microsoft Corporation)
Microsoft .NET Framework 4.5 (Version: 4.5.50709 - Microsoft Corporation) Hidden
Microsoft Access MUI (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Access Setup Metadata MUI (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6012.5000 - Microsoft Corporation) Hidden
Microsoft Baseline Security Analyzer 2.2 (HKLM\...\{13CD417D-F1F1-4AC4-945D-FDDEB884756F}) (Version: 2.2.2170 - Microsoft Corporation)
Microsoft DCF MUI (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Excel MUI (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Games for Windows - LIVE Redistributable (HKLM\...\{8FB1B528-E260-451E-9B55-E9152F94B80B}) (Version: 3.2.3.0 - Microsoft Corporation)
Microsoft Groove MUI (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft InfoPath MUI (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Lync MUI (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Mouse and Keyboard Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.2.173.0 - Microsoft Corporation)
Microsoft Mouse and Keyboard Center (Version: 2.2.173.0 - Microsoft Corporation) Hidden
Microsoft Office OSM MUI (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office OSM UX MUI (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2013 - English (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2013 - Español (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft OneNote MUI (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Outlook MUI (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft PowerPoint MUI (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Publisher MUI (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Report Viewer Redistributable 2005 (HKLM\...\Microsoft Report Viewer Redistributable 2005) (Version:  - Microsoft Corporation)
Microsoft Report Viewer Redistributable 2005 (Version: 8.0.56405 - Microsoft Corporation) Hidden
Microsoft Security Client (Version: 4.5.0216.0 - Microsoft Corporation) Hidden
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.5.216.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Word MUI (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Minecraft1.7.2 (HKLM\...\Minecraft1.7.2) (Version:  - )
Movie Maker (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Mozilla Firefox 32.0.3 (x86 en-US) (HKLM\...\Mozilla Firefox 32.0.3 (x86 en-US)) (Version: 32.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 30.0 - Mozilla)
MSVCRT (Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (Version: 16.4.1108.0727 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Nmap 6.47 (HKLM\...\Nmap) (Version:  - )
NVIDIA 3D Vision Driver 335.23 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 335.23 - NVIDIA Corporation)
NVIDIA Control Panel 335.23 (Version: 335.23 - NVIDIA Corporation) Hidden
NVIDIA Graphics Driver 335.23 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 335.23 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.147.1067 - NVIDIA Corporation) Hidden
NVIDIA Stereoscopic 3D Driver (Version: 7.17.13.3523 - NVIDIA Corporation) Hidden
Opera Stable 21.0.1432.67 (HKLM\...\Opera 21.0.1432.67) (Version: 21.0.1432.67 - Opera Software ASA)
Outils de vérification linguistique 2013 de Microsoft Office - Français (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
PDF Settings CC (Version: 12.0 - Adobe Systems Incorporated) Hidden
Photo Gallery (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Platform (Version: 1.34 - VIA Technologies, Inc.) Hidden
PP??2.0 (HKLM\...\PP??2.0 Win?) (Version: 2.2.1.4268 - ????????????)
Project64 1.6 (HKLM\...\{9559F7CA-5E34-4237-A2D9-D856464AD727}) (Version: 1.6 - Project64)
QuickPar 0.9 (HKLM\...\QuickPar) (Version: 0.9 - Peter B. Clements)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{7F6C4883-A18C-459A-82C1-A2F9403F2DA6}) (Version:  - Microsoft)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 32-Bit Edition (Version:  - Microsoft) Hidden
Sesame Street - Learn, Play & Grow (HKLM\...\{33785AE7-2203-4D93-B6B3-35B7CC3C4906}) (Version: 1.0.2.2 - Nova Development)
Shovel Knight (HKLM\...\1207664823_is1) (Version: 2.3.0.9 - GOG.com)
Sine Mora (HKLM\...\Sine Mora_is1) (Version:  - )
Skype™ 6.14 (HKLM\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.14.104 - Skype Technologies S.A.)
SpongeBob SquarePants Typing version 1.0 (HKLM\...\{C57EA3D6-3B9F-4369-8231-53990AE74510}_is1) (Version: 1.0 - Encore Software)
Subway Surfers 1.0 (HKLM\...\Subway Surfers 1.0) (Version: 1.0 - Cat-A-Cat)
Tag&Rename 3.6.6 (HKLM\...\Tag&Rename_is1) (Version: 3.6.6 - Softpointer Inc)
TopMost (HKLM\...\{EC11C41E-536B-4B39-BB35-812728C0218E}) (Version: 1.0.0 - Alon Kadury)
Torchlight II © Runic Games version 1 (HKLM\...\Torchlight II © Runic Games_is1) (Version: 1 - )
Total Uninstall 6.2.1 (HKLM\...\Total Uninstall 6_is1) (Version: 6.2.1 - Gavrila Martau)
TuneUp Utilities 2014 (en-US) (Version: 14.0.1000.296 - TuneUp Software) Hidden
TuneUp Utilities 2014 (HKLM\...\TuneUp Utilities) (Version: 14.0.1000.296 - TuneUp Software)
TuneUp Utilities 2014 (Version: 14.0.1000.296 - TuneUp Software) Hidden
TuneUp Utilities Language Pack (en-US) (Version: 13.0.2013.194 - TuneUp Software) Hidden
Update for Microsoft Excel 2013 (KB2752087) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{90060D4D-6BB2-4B29-B804-3C23563EEA6B}) (Version:  - Microsoft)
Update for Microsoft Excel 2013 (KB2752087) 32-Bit Edition (HKLM\...\{90150000-0016-0409-0000-0000000FF1CE}_Office15.PROPLUS_{90060D4D-6BB2-4B29-B804-3C23563EEA6B}) (Version:  - Microsoft)
Update for Microsoft Excel 2013 (KB2752087) 32-Bit Edition (HKLM\...\{90150000-0018-0409-0000-0000000FF1CE}_Office15.PROPLUS_{90060D4D-6BB2-4B29-B804-3C23563EEA6B}) (Version:  - Microsoft)
Update for Microsoft Excel 2013 (KB2752087) 32-Bit Edition (HKLM\...\{90150000-001B-0409-0000-0000000FF1CE}_Office15.PROPLUS_{90060D4D-6BB2-4B29-B804-3C23563EEA6B}) (Version:  - Microsoft)
Update for Microsoft Lync 2013 (KB2817678) 32-Bit Edition (HKLM\...\{90150000-012B-0409-0000-0000000FF1CE}_Office15.PROPLUS_{AC57CF13-C24E-4C00-969F-5394DAE589C5}) (Version:  - Microsoft)
Update for Microsoft Lync 2013 (KB2863908) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{6764E50D-D076-41BC-B069-08DD488AE88B}) (Version:  - Microsoft)
Update for Microsoft Lync 2013 (KB2863908) 32-Bit Edition (HKLM\...\{90150000-012B-0409-0000-0000000FF1CE}_Office15.PROPLUS_{E9F5EDF4-654C-40A3-8181-D558AD8EFFE6}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2760344) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{A7610F07-E844-4444-8E1D-D5BC8AD0B4C5}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2760544) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{45B7D395-EB9B-414F-9E46-5849B42326E2}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2768012) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{66421820-D3CA-450A-898C-78D7E40108E6}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2817636) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{2D355F71-076A-42AD-8747-6132105441F4}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2817636) 32-Bit Edition (HKLM\...\{90150000-006E-0409-0000-0000000FF1CE}_Office15.PROPLUS_{2D355F71-076A-42AD-8747-6132105441F4}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2825631) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{E458713D-E208-4098-A155-EA1152F9B301}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2825631) 32-Bit Edition (HKLM\...\{90150000-006E-0409-0000-0000000FF1CE}_Office15.PROPLUS_{E458713D-E208-4098-A155-EA1152F9B301}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2827272) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{5A645CF3-3C40-4172-BCEB-19E3FC855266}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2827272) 32-Bit Edition (HKLM\...\{90150000-0016-0409-0000-0000000FF1CE}_Office15.PROPLUS_{5A645CF3-3C40-4172-BCEB-19E3FC855266}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2827272) 32-Bit Edition (HKLM\...\{90150000-0090-0409-0000-0000000FF1CE}_Office15.PROPLUS_{5A645CF3-3C40-4172-BCEB-19E3FC855266}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2863825) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{96754DD8-5AF9-4CF8-A5A9-19770CD9AFBC}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2863843) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{AD7045B8-1D75-4B4C-8120-12F045D206C7}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2863844) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{8AEAF88E-A488-4C1E-B10D-F00143BA650F}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2863860) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{4E47A3B9-D863-4CE7-9488-847F2981361B}) (Version:  - Microsoft)
Update for Microsoft OneDrive for Business (KB2863864) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{48D4C003-065C-460C-A864-BB18A159F3D6}) (Version:  - Microsoft)
Update for Microsoft OneDrive for Business (KB2863864) 32-Bit Edition (HKLM\...\{90150000-00BA-0409-0000-0000000FF1CE}_Office15.PROPLUS_{48D4C003-065C-460C-A864-BB18A159F3D6}) (Version:  - Microsoft)
Update for Microsoft OneNote 2013 (KB2817628) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{DF36A224-4C72-4FF4-9961-CD4873DDAE6C}) (Version:  - Microsoft)
Update for Microsoft OneNote 2013 (KB2817628) 32-Bit Edition (HKLM\...\{90150000-00A1-0409-0000-0000000FF1CE}_Office15.PROPLUS_{DF36A224-4C72-4FF4-9961-CD4873DDAE6C}) (Version:  - Microsoft)
Update for Microsoft Outlook 2013 (KB2863911) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{6022B459-32A4-4318-A9A4-815C0BCEF977}) (Version:  - Microsoft)
Update for Microsoft Outlook 2013 (KB2863911) 32-Bit Edition (HKLM\...\{90150000-001A-0409-0000-0000000FF1CE}_Office15.PROPLUS_{84AA6F34-E9B5-46EC-BFE6-AFB45509AF40}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2013 (KB2837627) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{CA8215E2-4E68-4BCA-BBEB-D4ED8140F037}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2013 (KB2837627) 32-Bit Edition (HKLM\...\{90150000-0018-0409-0000-0000000FF1CE}_Office15.PROPLUS_{CA8215E2-4E68-4BCA-BBEB-D4ED8140F037}) (Version:  - Microsoft)
Update for Microsoft Visio Viewer 2013 (KB2817301) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{25C61889-2E44-4BE1-9E96-9364BFDCF501}) (Version:  - Microsoft)
Update for Microsoft Visio Viewer 2013 (KB2817301) 32-Bit Edition (HKLM\...\{90150000-006E-0409-0000-0000000FF1CE}_Office15.PROPLUS_{25C61889-2E44-4BE1-9E96-9364BFDCF501}) (Version:  - Microsoft)
Update for Microsoft Word 2013 (KB2863909) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{FF3BD143-BA46-4948-A71F-5B07AA1706BB}) (Version:  - Microsoft)
Uplay (HKLM\...\Uplay) (Version: 2.0 - Ubisoft)
Ventrilo Client (HKLM\...\{789289CA-F73A-4A16-A331-54D498CE069F}) (Version: 3.0.8 - Flagship Industries, Inc.)
VIA Platform Device Manager (HKLM\...\InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.34 - VIA Technologies, Inc.)
VirtualDUB Pack (HKLM\...\VirtualDUB Pack) (Version:  - )
VLC media player 2.1.0 (HKLM\...\VLC media player) (Version: 2.1.0 - VideoLAN)
VSO ConvertXToDVD (HKLM\...\{CE1F93C0-4353-4C9D-84DA-AB4E7C63ED32}_is1) (Version: 5.0.0.74 - VSO Software)
Winamp (HKLM\...\Winamp) (Version: 5.666  - Nullsoft, Inc)
Window Hide Tool 2.0 (HKLM\...\Window Hide Tool_is1) (Version:  - FOMINE SOFTWARE)
Windows 7 USB/DVD Download Tool (HKLM\...\{3577E42B-3347-4EB8-BFDA-D36E8ED3C519}) (Version: 1.0.24.0 - Microsoft Corporation)
Windows Live Communications Platform (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4311.0 - Microsoft Corporation) Hidden
Windows Live Installer (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Photo Common (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live SOXE (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live UX Platform (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Mobile Device Updater Component (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
WinRAR 4.20 (32-bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
World of Warcraft (HKLM\...\World of Warcraft) (Version:  - Blizzard Entertainment)
World of Warcraft Public Test (HKLM\...\World of Warcraft Public Test) (Version:  - Blizzard Entertainment)
Xilisoft iPhone Ringtone Maker (HKLM\...\Xilisoft iPhone Ringtone Maker) (Version: 3.0.6.20120613 - Xilisoft)
Xvid Video Codec (HKLM\...\Xvid Video Codec 1.3.2) (Version: 1.3.2 - Xvid Team)
YTD Toolbar v9.0 (HKLM\...\{9D47532D-59B3-4E15-8069-2E3FC4DA3E92}) (Version: 9.0 - Spigot, Inc.)
YTD Video Downloader 4.8 (HKLM\...\{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}) (Version: 4.8 - GreenTree Applications SRL)
Zune (HKLM\...\Zune) (Version: 04.08.2345.00 - Microsoft Corporation)
Zune (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (CHS) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (CHT) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (CSY) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (DAN) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (DEU) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (ELL) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (ESP) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (FIN) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (FRA) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (HUN) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (IND) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (ITA) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (JPN) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (KOR) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (MSL) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (NLD) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (NOR) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (PLK) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (PTB) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (PTG) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (RUS) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (SVE) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden

========================= Devices: ================================

Name: NETBT
Description: NETBT
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: NetBT

Name: User Mode Driver Frameworks Platform Driver
Description: User Mode Driver Frameworks Platform Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: WudfPf

Name: Offline Files Driver
Description: Offline Files Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: CSC

Name: ATA Channel 1
Description: IDE Channel
Class Guid: {4d36e96a-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard IDE ATA/ATAPI controllers)
Service: atapi

Name: Programmable interrupt controller
Description: Programmable interrupt controller
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service:

Name: Generic volume shadow copy
Description: Generic volume shadow copy
Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
Manufacturer: Microsoft
Service:

Name: Generic volume shadow copy
Description: Generic volume shadow copy
Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
Manufacturer: Microsoft
Service:

Name: ATI I/O Communications Processor SMBus Controller
Description: ATI I/O Communications Processor SMBus Controller
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: ATI
Service:

Name: Microsoft Network Inspection System
Description: Microsoft Network Inspection System
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: NisDrv

Name: Standard OpenHCD USB Host Controller
Description: Standard OpenHCD USB Host Controller
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: (Standard USB Host Controller)
Service: usbohci

Name: Generic volume shadow copy
Description: Generic volume shadow copy
Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
Manufacturer: Microsoft
Service:

Name: PCI standard host CPU bridge
Description: PCI standard host CPU bridge
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service:

Name: Microsoft System Management BIOS Driver
Description: Microsoft System Management BIOS Driver
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service: mssmbios

Name: MBAMWebAccessControl
Description: MBAMWebAccessControl
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: MBAMWebAccessControl

Name: VIA High Definition Audio
Description: VIA High Definition Audio
Class Guid: {4d36e96c-e325-11ce-bfc1-08002be10318}
Manufacturer: VIA Technologies, Inc.
Service: VIAHdAudAddService

Name: System timer
Description: System timer
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service:

Name: Disk Virtual Machine Bus Acceleration Filter Driver
Description: Disk Virtual Machine Bus Acceleration Filter Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: storflt

Name: ATA Channel 0
Description: IDE Channel
Class Guid: {4d36e96a-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard IDE ATA/ATAPI controllers)
Service: atapi

Name: WAN Miniport (IKEv2)
Description: WAN Miniport (IKEv2)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: RasAgileVpn
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: System Attribute Cache
Description: System Attribute Cache
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: discache

Name: Generic volume shadow copy
Description: Generic volume shadow copy
Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
Manufacturer: Microsoft
Service:

Name: High precision event timer
Description: High precision event timer
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service:

Name: TCP/IP Protocol Driver
Description: TCP/IP Protocol Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: Tcpip

Name: ATA Channel 1
Description: IDE Channel
Class Guid: {4d36e96a-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard IDE ATA/ATAPI controllers)
Service: atapi

Name: NSI proxy service driver.
Description: NSI proxy service driver.
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: nsiproxy

Name: LDDM Graphics Subsystem
Description: LDDM Graphics Subsystem
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: DXGKrnl

Name: WAN Miniport (L2TP)
Description: WAN Miniport (L2TP)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: Rasl2tp
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Standard Dual Channel PCI IDE Controller
Description: Standard Dual Channel PCI IDE Controller
Class Guid: {4d36e96a-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard IDE ATA/ATAPI controllers)
Service: pciide

Name: Standard Dual Channel PCI IDE Controller
Description: Standard Dual Channel PCI IDE Controller
Class Guid: {4d36e96a-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard IDE ATA/ATAPI controllers)
Service: pciide

Name: Direct memory access controller
Description: Direct memory access controller
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service:

Name: TCP/IP Registry Compatibility
Description: TCP/IP Registry Compatibility
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: tcpipreg

Name: PCI standard host CPU bridge
Description: PCI standard host CPU bridge
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service:

Name: Mount Point Manager
Description: Mount Point Manager
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: mountmgr

Name: Microsoft Hardware USB Mouse
Description: Microsoft Hardware USB Mouse
Class Guid: {745a17a0-74d3-11d0-b6fe-00a0c90f57da}
Manufacturer: Microsoft
Service: HidUsb

Name: Generic volume shadow copy
Description: Generic volume shadow copy
Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
Manufacturer: Microsoft
Service:

Name: Microsoft ISATAP Adapter
Description: Microsoft ISATAP Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Malwarebytes Anti-Exploit
Description: Malwarebytes Anti-Exploit
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: ESProtectionDriver

Name: WAN Miniport (Network Monitor)
Description: WAN Miniport (Network Monitor)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: NdisWan
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Standard PS/2 Keyboard
Description: Standard PS/2 Keyboard
Class Guid: {4d36e96b-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard keyboards)
Service: i8042prt

Name: NetIO Legacy TDI Support Driver
Description: NetIO Legacy TDI Support Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: tdx

Name: ATK0110 ACPI UTILITY
Description: ATK0110 ACPI UTILITY
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: ATK
Service: MTsensor

Name: Null
Description: Null
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: Null

Name: Microsoft ISATAP Adapter #2
Description: Microsoft ISATAP Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: WAN Miniport (IP)
Description: WAN Miniport (IP)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: NdisWan
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Communications Port (COM1)
Description: Communications Port
Class Guid: {4d36e978-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard port types)
Service: Serial

Name: Microsoft ISATAP Adapter #3
Description: Microsoft ISATAP Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: AMD Phenom™ II X4 955 Processor
Description: AMD Processor
Class Guid: {50127dc3-0f36-415e-a6cc-4cb3be910b65}
Manufacturer: Advanced Micro Devices
Service: AmdPPM

Name: Performance Counters for Windows Driver
Description: Performance Counters for Windows Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: pcw

Name: MpKslb997da32
Description: MpKslb997da32
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: MpKslb997da32

Name: Standard Enhanced PCI to USB Host Controller
Description: Standard Enhanced PCI to USB Host Controller
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: (Standard USB Host Controller)
Service: usbehci

Name: PCI standard ISA bridge
Description: PCI standard ISA bridge
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service: msisadrv

Name: PCI standard host CPU bridge
Description: PCI standard host CPU bridge
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service:

Name: System speaker
Description: System speaker
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service:

Name: WAN Miniport (IPv6)
Description: WAN Miniport (IPv6)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: NdisWan
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Microsoft ISATAP Adapter #4
Description: Microsoft ISATAP Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: TuneUpUtilitiesDrv
Description: TuneUpUtilitiesDrv
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: TuneUpUtilitiesDrv

Name: PEAUTH
Description: PEAUTH
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: PEAUTH

Name: Microsoft ISATAP Adapter #5
Description: Microsoft ISATAP Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: PCI bus
Description: PCI bus
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service: pci

Name: WAN Miniport (PPPOE)
Description: WAN Miniport (PPPOE)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: RasPppoe
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Microsoft ISATAP Adapter #6
Description: Microsoft ISATAP Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel

Name: System CMOS/real time clock
Description: System CMOS/real time clock
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service:

Name: Standard Enhanced PCI to USB Host Controller
Description: Standard Enhanced PCI to USB Host Controller
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: (Standard USB Host Controller)
Service: usbehci

Name: PCI standard host CPU bridge
Description: PCI standard host CPU bridge
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service:

Name: Windows Firewall Authorization Driver
Description: Windows Firewall Authorization Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: mpsdrv

Name: PCI standard host CPU bridge
Description: PCI standard host CPU bridge
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service:

Name: WAN Miniport (PPTP)
Description: WAN Miniport (PPTP)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: PptpMiniport
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft Teredo Tunneling Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel

Name: AMD Phenom™ II X4 955 Processor
Description: AMD Processor
Class Guid: {50127dc3-0f36-415e-a6cc-4cb3be910b65}
Manufacturer: Advanced Micro Devices
Service: AmdPPM

Name: VgaSave
Description: VgaSave
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: VgaSave

Name: Microsoft USB Basic Optical Mouse (Mouse and Keyboard Center)
Description: Microsoft USB Basic Optical Mouse (Mouse and Keyboard Center)
Class Guid: {4d36e96f-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: mouhid

Name: System board
Description: System board
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service:

Name: ACPI x86-based PC
Description: ACPI x86-based PC
Class Guid: {4d36e966-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard computers)
Service: \Driver\ACPI_HAL

Name: HL-DT-ST DVD-RAM GH22NP20 ATA Device
Description: CD-ROM Drive
Class Guid: {4d36e965-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard CD-ROM drives)
Service: cdrom

Name: WAN Miniport (SSTP)
Description: WAN Miniport (SSTP)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: RasSstp
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Bitlocker Drive Encryption Filter Driver
Description: Bitlocker Drive Encryption Filter Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: fvevol

Name: Motherboard resources
Description: Motherboard resources
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service:

Name: QoS Packet Scheduler
Description: QoS Packet Scheduler
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: Psched

Name: Virtual Machine Bus
Description: Virtual Machine Bus
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: vmbus

Name: File as Volume Driver
Description: File as Volume Driver
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: blbdrive

Name: Motherboard resources
Description: Motherboard resources
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service:

Name: Terminal Server Keyboard Driver
Description: Terminal Server Keyboard Driver
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service: TermDD

Name: Standard OpenHCD USB Host Controller
Description: Standard OpenHCD USB Host Controller
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: (Standard USB Host Controller)
Service: usbohci

Name: HTTP
Description: HTTP
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: HTTP

Name: PCI standard PCI-to-PCI bridge
Description: PCI standard PCI-to-PCI bridge
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service: pci

Name: NVIDIA GeForce 9800 GT  
Description: NVIDIA GeForce 9800 GT  
Class Guid: {4d36e968-e325-11ce-bfc1-08002be10318}
Manufacturer: NVIDIA
Service: nvlddmkm

Name: Dynamic Volume Manager
Description: Dynamic Volume Manager
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: volmgrx

Name: Composite Bus Enumerator
Description: Composite Bus Enumerator
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: CompositeBus

Name: Motherboard resources
Description: Motherboard resources
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service:

Name: USB Root Hub
Description: USB Root Hub
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: (Standard USB Host Controller)
Service: usbhub

Name: Terminal Server Mouse Driver
Description: Terminal Server Mouse Driver
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service: TermDD

Name: Hardware Policy Driver
Description: Hardware Policy Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: hwpolicy

Name: Motherboard resources
Description: Motherboard resources
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service:

Name: RDPCDD
Description: RDPCDD
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: RDPCDD

Name: AMD Phenom™ II X4 955 Processor
Description: AMD Processor
Class Guid: {50127dc3-0f36-415e-a6cc-4cb3be910b65}
Manufacturer: Advanced Micro Devices
Service: AmdPPM

Name: Generic volume shadow copy
Description: Generic volume shadow copy
Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
Manufacturer: Microsoft
Service:

Name: Storage volumes
Description: Storage volumes
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: volsnap

Name: Ancillary Function Driver for Winsock
Description: Ancillary Function Driver for Winsock
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: AFD

Name: Plug and Play Software Device Enumerator
Description: Plug and Play Software Device Enumerator
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service: swenum

Name: USB Root Hub
Description: USB Root Hub
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: (Standard USB Host Controller)
Service: usbhub

Name: Hitachi HDS721010CLA330 ATA Device
Description: Disk drive
Class Guid: {4d36e967-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard disk drives)
Service: disk

Name: Numeric data processor
Description: Numeric data processor
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service:

Name: KSecDD
Description: KSecDD
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: KSecDD

Name: Generic volume
Description: Generic volume
Class Guid: {71a27cdd-812a-11d0-bec7-08002be2092f}
Manufacturer: Microsoft
Service: volsnap

Name: DAEMON Tools Virtual Bus
Description: DAEMON Tools Virtual Bus
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: DT Soft Ltd
Service: dtsoftbus01

Name: RDP Encoder Mirror Driver
Description: RDP Encoder Mirror Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: RDPENCDD

Name: AsIO
Description: AsIO
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: AsIO

Name: Standard OpenHCD USB Host Controller
Description: Standard OpenHCD USB Host Controller
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: (Standard USB Host Controller)
Service: usbohci

Name: Remote Access IPv6 ARP Driver
Description: Remote Access IPv6 ARP Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: Wanarpv6

Name: PCI standard PCI-to-PCI bridge
Description: PCI standard PCI-to-PCI bridge
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service: pci

Name: USB Root Hub
Description: USB Root Hub
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: (Standard USB Host Controller)
Service: usbhub

Name: Realtek PCIe GBE Family Controller
Description: Realtek PCIe GBE Family Controller
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Realtek
Service: RTL8167

Name: ACPI Power Button
Description: ACPI Power Button
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service:

Name: UMBus Root Bus Enumerator
Description: UMBus Root Bus Enumerator
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: umbus

Name: KSecPkg
Description: KSecPkg
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: KSecPkg

Name: Microsoft Windows Management Interface for ACPI
Description: Microsoft Windows Management Interface for ACPI
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: WmiAcpi

Name: USB Root Hub
Description: USB Root Hub
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: (Standard USB Host Controller)
Service: usbhub

Name: Microsoft Virtual Drive Enumerator Driver
Description: Microsoft Virtual Drive Enumerator Driver
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service: vdrvroot

Name: msisadrv
Description: msisadrv
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: msisadrv

Name: Link-Layer Topology Discovery Mapper I/O Driver
Description: Link-Layer Topology Discovery Mapper I/O Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: lltdio

Name: Microsoft ACPI-Compliant System
Description: Microsoft ACPI-Compliant System
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: ACPI

Name: Link-Layer Topology Discovery Responder
Description: Link-Layer Topology Discovery Responder
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: rspndr

Name: Volume Manager
Description: Volume Manager
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service: volmgr

Name: AMD Phenom™ II X4 955 Processor
Description: AMD Processor
Class Guid: {50127dc3-0f36-415e-a6cc-4cb3be910b65}
Manufacturer: Advanced Micro Devices
Service: AmdPPM

Name: WFP Lightweight Filter
Description: WFP Lightweight Filter
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: WfpLwf

Name: USB Root Hub
Description: USB Root Hub
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: (Standard USB Host Controller)
Service: usbhub

Name: High Definition Audio Controller
Description: High Definition Audio Controller
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: HDAudBus

Name: Standard OpenHCD USB Host Controller
Description: Standard OpenHCD USB Host Controller
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: (Standard USB Host Controller)
Service: usbohci

Name: Generic volume
Description: Generic volume
Class Guid: {71a27cdd-812a-11d0-bec7-08002be2092f}
Manufacturer: Microsoft
Service: volsnap

Name: Acer X233H
Description: Acer X233H
Class Guid: {4d36e96e-e325-11ce-bfc1-08002be10318}
Manufacturer: Acer Inc.
Service: monitor

Name: Generic volume shadow copy
Description: Generic volume shadow copy
Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
Manufacturer: Microsoft
Service:

Name: Security Driver
Description: Security Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: secdrv

Name: NDIS System Driver
Description: NDIS System Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: NDIS

Name: USB Root Hub
Description: USB Root Hub
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: (Standard USB Host Controller)
Service: usbhub

Name: Security Processor Loader Driver
Description: Security Processor Loader Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: spldr

Name: NDProxy
Description: NDProxy
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: NDProxy

Name: USB Root Hub
Description: USB Root Hub
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: (Standard USB Host Controller)
Service: usbhub

Name: Generic volume shadow copy
Description: Generic volume shadow copy
Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
Manufacturer: Microsoft
Service:

Name: Common Log (CLFS)
Description: Common Log (CLFS)
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: CLFS

Name: ATI I/O Communications Processor PCI Bus Controller
Description: ATI I/O Communications Processor PCI Bus Controller
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: ATI
Service: pci

Name: Standard OpenHCD USB Host Controller
Description: Standard OpenHCD USB Host Controller
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: (Standard USB Host Controller)
Service: usbohci

Name: PCI standard host CPU bridge
Description: PCI standard host CPU bridge
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service:

Name: ATA Channel 0
Description: IDE Channel
Class Guid: {4d36e96a-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard IDE ATA/ATAPI controllers)
Service: atapi

Name: ACPI Fixed Feature Button
Description: ACPI Fixed Feature Button
Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard system devices)
Service:

Name: Generic volume shadow copy
Description: Generic volume shadow copy
Class Guid: {533c5b84-ec70-11d2-9505-00c04f79deaf}
Manufacturer: Microsoft
Service:

Name: Winsock IFS Driver
Description: Winsock IFS Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: ws2ifsl

Name: CNG
Description: CNG
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: CNG

Name: DTSOFT Virtual CdRom Device
Description: CD-ROM Drive
Class Guid: {4d36e965-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard CD-ROM drives)
Service: cdrom


========================= Memory info: ===================================

Percentage of memory in use: 30%
Total physical RAM: 3327.18 MB
Available physical RAM: 2319.85 MB
Total Pagefile: 6652.65 MB
Available Pagefile: 5536.98 MB
Total Virtual: 2047.88 MB
Available Virtual: 1939.41 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:931.41 GB) (Free:499.25 GB) NTFS
2 Drive d: (Repair disc Windows 7 32-bit) (CDROM) (Total:0.14 GB) (Free:0 GB) UDF

========================= Users: ========================================

User accounts for \\

Administrator            Guest                    nots0                    

========================= Minidump Files ==================================

No minidump file found

========================= Restore Points ==================================

09-10-2014 08:02:39 Scheduled Checkpoint
09-10-2014 19:35:46 Windows Live Essentials
09-10-2014 19:39:41 Uninstalled with Total Uninstall "My Web Backups"
09-10-2014 19:43:28 Uninstalled with Total Uninstall "Windows Live Essentials"
09-10-2014 19:44:09 Windows Live Essentials
09-10-2014 19:56:41 Uninstalled with Total Uninstall "Strongvault Online Backup"
10-10-2014 00:34:12 Uninstalled with Total Uninstall "Strongvault Online Backup"
10-10-2014 00:38:25 Uninstalled with Total Uninstall "Bonjour"
10-10-2014 00:45:33 Uninstalled with Total Uninstall "Curse Client"
10-10-2014 20:35:28 zoek.exe restore point

**** End of log ****
 


  • 0

#7
cer0

cer0

    New Member

  • Topic Starter
  • Member
  • Pip
  • 6 posts

 

Additional scan result of Farbar Recovery Scan Tool (x86) Version: 08-10-2014 01
Ran by nots0 at 2014-10-10 16:14:08
Running from C:\Users\nots0\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Microsoft Security Essentials (Enabled - Up to date) {641105E6-77ED-3F35-A304-765193BCB75F}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Microsoft Security Essentials (Enabled - Up to date) {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKCU\...\uTorrent) (Version: 3.4.2.32354 - BitTorrent Inc.)
Adobe AIR (HKLM\...\Adobe AIR) (Version: 3.1.0.4880 - Adobe Systems Incorporated)
Adobe AIR (Version: 3.1.0.4880 - Adobe Systems Incorporated) Hidden
Adobe Dreamweaver CC (HKLM\...\{00E094E1-A852-11E2-803D-ACEA632352B4}) (Version: 13 - Adobe Systems Incorporated)
Adobe Fireworks CS6 (HKLM\...\{CA7C485C-7A89-11E1-B2C8-CD54B377BC52}) (Version: 12.0.0 - Adobe Systems Incorporated)
Adobe Flash Player 15 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 15.0.0.167 - Adobe Systems Incorporated)
Adobe Flash Player 15 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 15.0.0.152 - Adobe Systems Incorporated)
Adobe Photoshop CC (HKLM\...\{2D99B50E-431D-4AA8-85C1-172A6F8BCF09}) (Version: 14.0 - Adobe Systems Incorporated)
Adobe Update Management Tool (HKLM\...\{534A7A1A-7102-4AF6-23EA-7CD279C7B625}_is1) (Version: 6.2 - PainteR)
Adobe Widget Browser (HKLM\...\com.adobe.WidgetBrowser) (Version: 2.0 Build 348 - Adobe Systems Incorporated.)
Adobe Widget Browser (Version: 2.0.348 - Adobe Systems Incorporated.) Hidden
Angry Birds Star Wars II 1.0.4 (HKLM\...\Angry Birds Star Wars II 1.0.4) (Version: 1.0.4 - Cat-A-Cat)
Apple Application Support (HKLM\...\{AAC5D43E-816D-4C2D-8E51-55FFF35BE301}) (Version: 3.0.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{18D47FA1-0440-48D3-A7E0-DA09537FF471}) (Version: 7.1.1.3 - Apple Inc.)
Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Battle.net (HKLM\...\Battle.net) (Version:  - Blizzard Entertainment)
Better File Rename 5.44 (HKLM\...\Better File Rename_is1) (Version:  - publicspace.net)
Bloons TD 5 Deluxe version 1.21 (HKLM\...\Bloons TD 5 Deluxe_is1) (Version: 1.21 - )
CCleaner (HKLM\...\CCleaner) (Version: 4.13 - Piriform)
D3DX10 (Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Pro (HKLM\...\DAEMON Tools Pro) (Version: 5.2.0.0348 - DT Soft Ltd)
Definition Update for Microsoft Office 2013 (KB2760587) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{9D8D67FD-8FAB-4B98-A121-4CFA10380058}) (Version:  - Microsoft)
Diablo III (HKLM\...\Diablo III) (Version:  - Blizzard Entertainment)
Dust: An Elysian Tail (HKLM\...\Dust: An Elysian Tail_is1) (Version:  - Microsoft Studios)
Folder Size (HKLM\...\{FC8D21C8-7B29-4104-ADB0-FEE9CA1C7922}) (Version: 2.6 - Brio)
Foxit Advanced PDF Editor 3 (HKLM\...\B521582C-6BE3-491D-BCC8-FFB8301298E9_is1) (Version: 3.0.5.0 - Foxit Corporation)
Ghostbuster (HKCU\...\585841693e8401e3) (Version: 1.0.0.0 - Ghostbuster)
Google Chrome (HKLM\...\Google Chrome) (Version: 37.0.2062.124 - Google Inc.)
Google Update Helper (Version: 1.3.23.9 - Google Inc.) Hidden
ImgBurn (HKLM\...\ImgBurn) (Version: 2.5.7.0 - LIGHTNING UK!)
iTunes (HKLM\...\{2F21564D-DE05-4C6D-B21E-08B9D313FAB3}) (Version: 11.1.5.5 - Apple Inc.)
Java 7 Update 51 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.510 - Oracle)
Java Auto Updater (Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
MakeTorrent v2.1 (HKLM\...\MakeTorrent 2) (Version:  - )
Malwarebytes Anti-Exploit version 1.04.1.1012 (HKLM\...\Malwarebytes Anti-Exploit_is1) (Version: 1.04.1.1012 - Malwarebytes)
Malwarebytes Anti-Malware version 2.0.2.1012 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Mark of the Ninja Special Edition (HKLM\...\Mark of the Ninja Special Edition_is1) (Version:  - )
Metal Slug Complete PC 1.0 (HKLM\...\Metal Slug Complete PC) (Version: 1.0 - SNK PLAYMORE)
Microsoft .NET Framework 4.5 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50709 - Microsoft Corporation)
Microsoft .NET Framework 4.5 (Version: 4.5.50709 - Microsoft Corporation) Hidden
Microsoft Access MUI (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Access Setup Metadata MUI (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6012.5000 - Microsoft Corporation) Hidden
Microsoft Baseline Security Analyzer 2.2 (HKLM\...\{13CD417D-F1F1-4AC4-945D-FDDEB884756F}) (Version: 2.2.2170 - Microsoft Corporation)
Microsoft DCF MUI (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Excel MUI (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Games for Windows - LIVE Redistributable (HKLM\...\{8FB1B528-E260-451E-9B55-E9152F94B80B}) (Version: 3.2.3.0 - Microsoft Corporation)
Microsoft Groove MUI (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft InfoPath MUI (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Lync MUI (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Mouse and Keyboard Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.2.173.0 - Microsoft Corporation)
Microsoft Mouse and Keyboard Center (Version: 2.2.173.0 - Microsoft Corporation) Hidden
Microsoft Office OSM MUI (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office OSM UX MUI (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2013 - English (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2013 - Español (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft OneNote MUI (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Outlook MUI (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft PowerPoint MUI (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Publisher MUI (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Microsoft Report Viewer Redistributable 2005 (HKLM\...\Microsoft Report Viewer Redistributable 2005) (Version:  - Microsoft Corporation)
Microsoft Report Viewer Redistributable 2005 (Version: 8.0.56405 - Microsoft Corporation) Hidden
Microsoft Security Client (Version: 4.5.0216.0 - Microsoft Corporation) Hidden
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.5.216.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Word MUI (English) 2013 (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Minecraft1.7.2 (HKLM\...\Minecraft1.7.2) (Version:  - )
Movie Maker (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Mozilla Firefox 32.0.3 (x86 en-US) (HKLM\...\Mozilla Firefox 32.0.3 (x86 en-US)) (Version: 32.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 30.0 - Mozilla)
MSVCRT (Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (Version: 16.4.1108.0727 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Nmap 6.47 (HKLM\...\Nmap) (Version:  - )
NVIDIA 3D Vision Driver 335.23 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 335.23 - NVIDIA Corporation)
NVIDIA Control Panel 335.23 (Version: 335.23 - NVIDIA Corporation) Hidden
NVIDIA Graphics Driver 335.23 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 335.23 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.147.1067 - NVIDIA Corporation) Hidden
NVIDIA Stereoscopic 3D Driver (Version: 7.17.13.3523 - NVIDIA Corporation) Hidden
Opera Stable 21.0.1432.67 (HKLM\...\Opera 21.0.1432.67) (Version: 21.0.1432.67 - Opera Software ASA)
Outils de vérification linguistique 2013 de Microsoft Office - Français (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
PDF Settings CC (Version: 12.0 - Adobe Systems Incorporated) Hidden
Photo Gallery (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Platform (Version: 1.34 - VIA Technologies, Inc.) Hidden
PP助手2.0 (HKLM\...\PP助手2.0 Win版) (Version: 2.2.1.4268 - 广州铁人网络科技有限公司)
Project64 1.6 (HKLM\...\{9559F7CA-5E34-4237-A2D9-D856464AD727}) (Version: 1.6 - Project64)
QuickPar 0.9 (HKLM\...\QuickPar) (Version: 0.9 - Peter B. Clements)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{7F6C4883-A18C-459A-82C1-A2F9403F2DA6}) (Version:  - Microsoft)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 32-Bit Edition (Version:  - Microsoft) Hidden
Sesame Street - Learn, Play & Grow (HKLM\...\{33785AE7-2203-4D93-B6B3-35B7CC3C4906}) (Version: 1.0.2.2 - Nova Development)
Shovel Knight (HKLM\...\1207664823_is1) (Version: 2.3.0.9 - GOG.com)
Sine Mora (HKLM\...\Sine Mora_is1) (Version:  - )
Skype™ 6.14 (HKLM\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.14.104 - Skype Technologies S.A.)
SpongeBob SquarePants Typing version 1.0 (HKLM\...\{C57EA3D6-3B9F-4369-8231-53990AE74510}_is1) (Version: 1.0 - Encore Software)
Subway Surfers 1.0 (HKLM\...\Subway Surfers 1.0) (Version: 1.0 - Cat-A-Cat)
Tag&Rename 3.6.6 (HKLM\...\Tag&Rename_is1) (Version: 3.6.6 - Softpointer Inc)
TopMost (HKLM\...\{EC11C41E-536B-4B39-BB35-812728C0218E}) (Version: 1.0.0 - Alon Kadury)
Torchlight II © Runic Games version 1 (HKLM\...\Torchlight II © Runic Games_is1) (Version: 1 - )
Total Uninstall 6.2.1 (HKLM\...\Total Uninstall 6_is1) (Version: 6.2.1 - Gavrila Martau)
TuneUp Utilities 2014 (en-US) (Version: 14.0.1000.296 - TuneUp Software) Hidden
TuneUp Utilities 2014 (HKLM\...\TuneUp Utilities) (Version: 14.0.1000.296 - TuneUp Software)
TuneUp Utilities 2014 (Version: 14.0.1000.296 - TuneUp Software) Hidden
TuneUp Utilities Language Pack (en-US) (Version: 13.0.2013.194 - TuneUp Software) Hidden
Update for Microsoft Excel 2013 (KB2752087) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{90060D4D-6BB2-4B29-B804-3C23563EEA6B}) (Version:  - Microsoft)
Update for Microsoft Excel 2013 (KB2752087) 32-Bit Edition (HKLM\...\{90150000-0016-0409-0000-0000000FF1CE}_Office15.PROPLUS_{90060D4D-6BB2-4B29-B804-3C23563EEA6B}) (Version:  - Microsoft)
Update for Microsoft Excel 2013 (KB2752087) 32-Bit Edition (HKLM\...\{90150000-0018-0409-0000-0000000FF1CE}_Office15.PROPLUS_{90060D4D-6BB2-4B29-B804-3C23563EEA6B}) (Version:  - Microsoft)
Update for Microsoft Excel 2013 (KB2752087) 32-Bit Edition (HKLM\...\{90150000-001B-0409-0000-0000000FF1CE}_Office15.PROPLUS_{90060D4D-6BB2-4B29-B804-3C23563EEA6B}) (Version:  - Microsoft)
Update for Microsoft Lync 2013 (KB2817678) 32-Bit Edition (HKLM\...\{90150000-012B-0409-0000-0000000FF1CE}_Office15.PROPLUS_{AC57CF13-C24E-4C00-969F-5394DAE589C5}) (Version:  - Microsoft)
Update for Microsoft Lync 2013 (KB2863908) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{6764E50D-D076-41BC-B069-08DD488AE88B}) (Version:  - Microsoft)
Update for Microsoft Lync 2013 (KB2863908) 32-Bit Edition (HKLM\...\{90150000-012B-0409-0000-0000000FF1CE}_Office15.PROPLUS_{E9F5EDF4-654C-40A3-8181-D558AD8EFFE6}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2760344) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{A7610F07-E844-4444-8E1D-D5BC8AD0B4C5}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2760544) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{45B7D395-EB9B-414F-9E46-5849B42326E2}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2768012) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{66421820-D3CA-450A-898C-78D7E40108E6}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2817636) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{2D355F71-076A-42AD-8747-6132105441F4}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2817636) 32-Bit Edition (HKLM\...\{90150000-006E-0409-0000-0000000FF1CE}_Office15.PROPLUS_{2D355F71-076A-42AD-8747-6132105441F4}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2825631) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{E458713D-E208-4098-A155-EA1152F9B301}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2825631) 32-Bit Edition (HKLM\...\{90150000-006E-0409-0000-0000000FF1CE}_Office15.PROPLUS_{E458713D-E208-4098-A155-EA1152F9B301}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2827272) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{5A645CF3-3C40-4172-BCEB-19E3FC855266}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2827272) 32-Bit Edition (HKLM\...\{90150000-0016-0409-0000-0000000FF1CE}_Office15.PROPLUS_{5A645CF3-3C40-4172-BCEB-19E3FC855266}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2827272) 32-Bit Edition (HKLM\...\{90150000-0090-0409-0000-0000000FF1CE}_Office15.PROPLUS_{5A645CF3-3C40-4172-BCEB-19E3FC855266}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2863825) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{96754DD8-5AF9-4CF8-A5A9-19770CD9AFBC}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2863843) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{AD7045B8-1D75-4B4C-8120-12F045D206C7}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2863844) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{8AEAF88E-A488-4C1E-B10D-F00143BA650F}) (Version:  - Microsoft)
Update for Microsoft Office 2013 (KB2863860) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{4E47A3B9-D863-4CE7-9488-847F2981361B}) (Version:  - Microsoft)
Update for Microsoft OneDrive for Business (KB2863864) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{48D4C003-065C-460C-A864-BB18A159F3D6}) (Version:  - Microsoft)
Update for Microsoft OneDrive for Business (KB2863864) 32-Bit Edition (HKLM\...\{90150000-00BA-0409-0000-0000000FF1CE}_Office15.PROPLUS_{48D4C003-065C-460C-A864-BB18A159F3D6}) (Version:  - Microsoft)
Update for Microsoft OneNote 2013 (KB2817628) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{DF36A224-4C72-4FF4-9961-CD4873DDAE6C}) (Version:  - Microsoft)
Update for Microsoft OneNote 2013 (KB2817628) 32-Bit Edition (HKLM\...\{90150000-00A1-0409-0000-0000000FF1CE}_Office15.PROPLUS_{DF36A224-4C72-4FF4-9961-CD4873DDAE6C}) (Version:  - Microsoft)
Update for Microsoft Outlook 2013 (KB2863911) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{6022B459-32A4-4318-A9A4-815C0BCEF977}) (Version:  - Microsoft)
Update for Microsoft Outlook 2013 (KB2863911) 32-Bit Edition (HKLM\...\{90150000-001A-0409-0000-0000000FF1CE}_Office15.PROPLUS_{84AA6F34-E9B5-46EC-BFE6-AFB45509AF40}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2013 (KB2837627) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{CA8215E2-4E68-4BCA-BBEB-D4ED8140F037}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2013 (KB2837627) 32-Bit Edition (HKLM\...\{90150000-0018-0409-0000-0000000FF1CE}_Office15.PROPLUS_{CA8215E2-4E68-4BCA-BBEB-D4ED8140F037}) (Version:  - Microsoft)
Update for Microsoft Visio Viewer 2013 (KB2817301) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{25C61889-2E44-4BE1-9E96-9364BFDCF501}) (Version:  - Microsoft)
Update for Microsoft Visio Viewer 2013 (KB2817301) 32-Bit Edition (HKLM\...\{90150000-006E-0409-0000-0000000FF1CE}_Office15.PROPLUS_{25C61889-2E44-4BE1-9E96-9364BFDCF501}) (Version:  - Microsoft)
Update for Microsoft Word 2013 (KB2863909) 32-Bit Edition (HKLM\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{FF3BD143-BA46-4948-A71F-5B07AA1706BB}) (Version:  - Microsoft)
Uplay (HKLM\...\Uplay) (Version: 2.0 - Ubisoft)
Ventrilo Client (HKLM\...\{789289CA-F73A-4A16-A331-54D498CE069F}) (Version: 3.0.8 - Flagship Industries, Inc.)
VIA Platform Device Manager (HKLM\...\InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.34 - VIA Technologies, Inc.)
VirtualDUB Pack (HKLM\...\VirtualDUB Pack) (Version:  - )
VLC media player 2.1.0 (HKLM\...\VLC media player) (Version: 2.1.0 - VideoLAN)
VSO ConvertXToDVD (HKLM\...\{CE1F93C0-4353-4C9D-84DA-AB4E7C63ED32}_is1) (Version: 5.0.0.74 - VSO Software)
Winamp (HKLM\...\Winamp) (Version: 5.666  - Nullsoft, Inc)
Window Hide Tool 2.0 (HKLM\...\Window Hide Tool_is1) (Version:  - FOMINE SOFTWARE)
Windows 7 USB/DVD Download Tool (HKLM\...\{3577E42B-3347-4EB8-BFDA-D36E8ED3C519}) (Version: 1.0.24.0 - Microsoft Corporation)
Windows Live Communications Platform (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4311.0 - Microsoft Corporation) Hidden
Windows Live Installer (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live Photo Common (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live SOXE (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live UX Platform (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Windows Mobile Device Updater Component (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
WinRAR 4.20 (32-bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
World of Warcraft (HKLM\...\World of Warcraft) (Version:  - Blizzard Entertainment)
World of Warcraft Public Test (HKLM\...\World of Warcraft Public Test) (Version:  - Blizzard Entertainment)
Xilisoft iPhone Ringtone Maker (HKLM\...\Xilisoft iPhone Ringtone Maker) (Version: 3.0.6.20120613 - Xilisoft)
Xvid Video Codec (HKLM\...\Xvid Video Codec 1.3.2) (Version: 1.3.2 - Xvid Team)
YTD Toolbar v9.0 (HKLM\...\{9D47532D-59B3-4E15-8069-2E3FC4DA3E92}) (Version: 9.0 - Spigot, Inc.) <==== ATTENTION
YTD Video Downloader 4.8 (HKLM\...\{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}) (Version: 4.8 - GreenTree Applications SRL)
Zune (HKLM\...\Zune) (Version: 04.08.2345.00 - Microsoft Corporation)
Zune (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (CHS) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (CHT) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (CSY) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (DAN) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (DEU) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (ELL) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (ESP) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (FIN) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (FRA) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (HUN) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (IND) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (ITA) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (JPN) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (KOR) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (MSL) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (NLD) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (NOR) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (PLK) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (PTB) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (PTG) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (RUS) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden
Zune Language Pack (SVE) (Version: 04.08.2345.00 - Microsoft Corporation) Hidden

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-2709076479-299211639-3247174901-1000_Classes\CLSID\{006a54e5-f216-42b7-aab2-d8fc515c9cec}\InprocServer32 -> C:\Windows\system32\dfshim.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2709076479-299211639-3247174901-1000_Classes\CLSID\{03bb1944-9f5c-4a4b-944e-13d04065dd89}\InprocServer32 -> C:\Windows\system32\dfshim.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2709076479-299211639-3247174901-1000_Classes\CLSID\{04a5907b-4487-41c1-aab6-2b151d7e0445}\InprocServer32 -> C:\Windows\system32\dfshim.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2709076479-299211639-3247174901-1000_Classes\CLSID\{083f5ae0-2b0a-11dd-bd0b-0800200c9a66}\InprocServer32 -> C:\Windows\system32\mscoree.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2709076479-299211639-3247174901-1000_Classes\CLSID\{0a7197a2-c054-4489-b3d9-14a4d7899ac2}\InprocServer32 -> C:\Windows\system32\dfshim.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2709076479-299211639-3247174901-1000_Classes\CLSID\{0c03a24f-e0ae-49d6-bd33-3b0f1b76abd1}\InprocServer32 -> C:\Windows\system32\dfshim.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2709076479-299211639-3247174901-1000_Classes\CLSID\{0e3dd277-8f99-4c79-98a9-daab888bbded}\InprocServer32 -> C:\Windows\system32\dfshim.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2709076479-299211639-3247174901-1000_Classes\CLSID\{10417cbf-0903-413f-941d-bdbb8e733bbc}\InprocServer32 -> C:\Windows\system32\dfshim.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2709076479-299211639-3247174901-1000_Classes\CLSID\{11ee3f03-d4fb-4464-be4e-2714141969cc}\InprocServer32 -> C:\Windows\system32\dfshim.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2709076479-299211639-3247174901-1000_Classes\CLSID\{1c492e6a-2803-5ed7-83e1-1b1d4d41eb39}\InprocServer32 -> C:\Program Files\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll (Ubisoft)
CustomCLSID: HKU\S-1-5-21-2709076479-299211639-3247174901-1000_Classes\CLSID\{1d092695-9610-4a8e-b14f-25036476e9e5}\InprocServer32 -> C:\Windows\system32\dfshim.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2709076479-299211639-3247174901-1000_Classes\CLSID\{2be61b4e-1566-4c71-a117-99c9c85ef2a0}\InprocServer32 -> C:\Windows\system32\dfshim.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2709076479-299211639-3247174901-1000_Classes\CLSID\{2fbe8a6b-18b8-45d3-9bcb-3e5f4397c665}\InprocServer32 -> C:\Windows\system32\dfshim.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2709076479-299211639-3247174901-1000_Classes\CLSID\{33a402f9-889f-403f-9862-7e5d363338d4}\InprocServer32 -> C:\Windows\system32\dfshim.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2709076479-299211639-3247174901-1000_Classes\CLSID\{3ed7ba09-6333-4714-9f34-7fbb3270d1db}\InprocServer32 -> C:\Windows\system32\dfshim.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2709076479-299211639-3247174901-1000_Classes\CLSID\{4445060a-61df-42fa-8aa3-307ab0e2bec7}\InprocServer32 -> C:\Windows\system32\dfshim.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2709076479-299211639-3247174901-1000_Classes\CLSID\{47314919-e76d-4f59-a72e-5dc3e205b2df}\InprocServer32 -> C:\Windows\system32\dfshim.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2709076479-299211639-3247174901-1000_Classes\CLSID\{47ffaf2b-3914-46bb-94e0-4eab7c4ebd69}\InprocServer32 -> C:\Windows\system32\dfshim.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2709076479-299211639-3247174901-1000_Classes\CLSID\{4bd74af1-49cd-4054-bfa5-91d0aa412839}\InprocServer32 -> C:\Windows\system32\dfshim.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2709076479-299211639-3247174901-1000_Classes\CLSID\{4d798a3d-a8c1-47d4-8c61-8c3fe23e88c2}\InprocServer32 -> C:\Windows\system32\dfshim.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2709076479-299211639-3247174901-1000_Classes\CLSID\{4dd31cec-6235-4649-9f6c-dc31fb660923}\InprocServer32 -> C:\Windows\system32\dfshim.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2709076479-299211639-3247174901-1000_Classes\CLSID\{4e5077a9-ca06-41af-8394-254edddfb102}\InprocServer32 -> C:\Windows\system32\dfshim.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2709076479-299211639-3247174901-1000_Classes\CLSID\{515068f1-a99b-4ac1-9a66-d0165b1142c5}\InprocServer32 -> C:\Windows\system32\dfshim.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2709076479-299211639-3247174901-1000_Classes\CLSID\{51fc9280-d9ab-480b-8a0c-eb0b8438022f}\InprocServer32 -> C:\Windows\system32\dfshim.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2709076479-299211639-3247174901-1000_Classes\CLSID\{5aaaac67-2535-4c7a-9060-9e4123e49be1}\InprocServer32 -> C:\Windows\system32\dfshim.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2709076479-299211639-3247174901-1000_Classes\CLSID\{5b01473f-97a7-40f0-b281-9083010c6712}\InprocServer32 -> C:\Windows\system32\dfshim.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2709076479-299211639-3247174901-1000_Classes\CLSID\{5b67ef2a-4cfe-4831-bf6f-d86008fadabe}\InprocServer32 -> C:\Windows\system32\dfshim.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2709076479-299211639-3247174901-1000_Classes\CLSID\{67458a4a-7d25-4fbc-b691-5ceabf367772}\InprocServer32 -> C:\Windows\system32\dfshim.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2709076479-299211639-3247174901-1000_Classes\CLSID\{676909ec-0ada-4a01-9ae3-59aae818ba45}\InprocServer32 -> C:\Windows\system32\dfshim.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2709076479-299211639-3247174901-1000_Classes\CLSID\{6c580f86-eba0-4870-b65d-79eaa516583e}\InprocServer32 -> C:\Windows\system32\dfshim.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2709076479-299211639-3247174901-1000_Classes\CLSID\{71f0a88e-7519-471b-bd4f-6154fcbdd8f7}\InprocServer32 -> C:\Windows\system32\dfshim.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2709076479-299211639-3247174901-1000_Classes\CLSID\{723645cd-d184-4af1-b76c-fdfd891acc30}\InprocServer32 -> C:\Windows\system32\dfshim.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2709076479-299211639-3247174901-1000_Classes\CLSID\{778c029c-ca67-4139-a713-03f2be36542d}\InprocServer32 -> C:\Windows\system32\dfshim.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2709076479-299211639-3247174901-1000_Classes\CLSID\{78ba11d6-a818-4806-8cc5-6744097d6348}\InprocServer32 -> C:\Windows\system32\dfshim.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2709076479-299211639-3247174901-1000_Classes\CLSID\{7bb2769a-9ab5-40d0-afb4-c5de7349dfd4}\InprocServer32 -> C:\Windows\system32\dfshim.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2709076479-299211639-3247174901-1000_Classes\CLSID\{7e8785f2-08a9-4c29-989c-bce037d2ed15}\InprocServer32 -> C:\Windows\system32\dfshim.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2709076479-299211639-3247174901-1000_Classes\CLSID\{7eed2dd2-6d0c-4fd2-a26d-7f2b00ed7113}\InprocServer32 -> C:\Windows\system32\dfshim.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2709076479-299211639-3247174901-1000_Classes\CLSID\{7f5df0b5-1189-47c2-9bff-dd630da51e3e}\InprocServer32 -> C:\Windows\system32\dfshim.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2709076479-299211639-3247174901-1000_Classes\CLSID\{8d64261b-2d59-4e29-b18f-28e7e3b9e8cb}\InprocServer32 -> C:\Windows\system32\dfshim.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2709076479-299211639-3247174901-1000_Classes\CLSID\{8e7bd6af-b76e-40c4-a83e-b250ee23d24c}\InprocServer32 -> C:\Windows\system32\dfshim.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2709076479-299211639-3247174901-1000_Classes\CLSID\{9c2bfcf0-77c5-4a55-a276-2055e28a3a44}\InprocServer32 -> C:\Windows\system32\dfshim.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2709076479-299211639-3247174901-1000_Classes\CLSID\{a6e89bf4-d816-4b96-9c6f-deee4934db93}\InprocServer32 -> C:\Windows\system32\dfshim.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2709076479-299211639-3247174901-1000_Classes\CLSID\{b602a86c-da71-43e4-afb9-06949ad636d5}\InprocServer32 -> C:\Windows\system32\dfshim.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2709076479-299211639-3247174901-1000_Classes\CLSID\{b6b6718f-6599-42ab-b6ab-d49e9bdb499c}\InprocServer32 -> C:\Windows\system32\dfshim.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2709076479-299211639-3247174901-1000_Classes\CLSID\{b7379dd7-40b6-4a39-92c5-0d435e0e9954}\InprocServer32 -> C:\Windows\system32\dfshim.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2709076479-299211639-3247174901-1000_Classes\CLSID\{c6e50c7e-4ae2-4265-946c-bcc05ba7b17d}\InprocServer32 -> C:\Windows\system32\dfshim.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2709076479-299211639-3247174901-1000_Classes\CLSID\{cb454c5c-4681-46d2-a50d-c56a9cbe7927}\InprocServer32 -> C:\Windows\system32\dfshim.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2709076479-299211639-3247174901-1000_Classes\CLSID\{cdc7dd1a-89f8-4d4a-b828-48ba76d650dc}\InprocServer32 -> C:\Windows\system32\dfshim.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2709076479-299211639-3247174901-1000_Classes\CLSID\{e32cca19-be55-42c8-9fdd-7a1f5303c802}\InprocServer32 -> C:\Windows\system32\dfshim.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2709076479-299211639-3247174901-1000_Classes\CLSID\{e7652ce6-d2b1-4397-ab10-003ea39478bd}\InprocServer32 -> C:\Windows\system32\dfshim.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2709076479-299211639-3247174901-1000_Classes\CLSID\{f325ce13-5a39-4d46-9acb-1400813405ef}\InprocServer32 -> C:\Windows\system32\dfshim.dll (Microsoft Corporation)

==================== Restore Points  =========================

09-10-2014 08:02:39 Scheduled Checkpoint
09-10-2014 19:35:46 Windows Live Essentials
09-10-2014 19:39:41 Uninstalled with Total Uninstall "My Web Backups"
09-10-2014 19:43:28 Uninstalled with Total Uninstall "Windows Live Essentials"
09-10-2014 19:44:09 Windows Live Essentials
09-10-2014 19:56:41 Uninstalled with Total Uninstall "Strongvault Online Backup"
10-10-2014 00:34:12 Uninstalled with Total Uninstall "Strongvault Online Backup"
10-10-2014 00:38:25 Uninstalled with Total Uninstall "Bonjour"
10-10-2014 00:45:33 Uninstalled with Total Uninstall "Curse Client"

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-03-15 15:03 - 2014-02-25 16:31 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1       localhost

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {0C343FF1-74A7-4274-B269-20B6B7EF1784} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2014-01-23] (Microsoft Corporation)
Task: {1E6848C7-1221-46B8-8AE5-CA3B389494C5} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2013-05-13] (Microsoft Corporation)
Task: {2AF1FCE4-D637-4B73-8CB0-FE4091A2B03A} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2013-05-13] (Microsoft)
Task: {423A45D9-6F1D-43A2-9CEC-9FC1BD0889F4} - System32\Tasks\{ED73FD79-A505-4641-8AE9-D1CA9064280F} => Firefox.exe http://ui.skype.com/...?LastError=1601
Task: {43788222-0CA6-4714-921A-5BFA2D994FDF} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-09-24] (Adobe Systems Incorporated)
Task: {505AE972-9AD0-491F-BCF3-FDF03BBCD6A6} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2013-05-13] (Microsoft Corporation)
Task: {532414CF-EE5D-44FA-AF39-74857BE48C37} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {6D14683B-6D4A-409B-8A1E-A11317011E99} - System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013 => C:\Program Files\TuneUp Utilities 2014\OneClick.exe [2014-04-15] (TuneUp Software)
Task: {8AC82898-BF91-4159-82BE-99DC9B297096} - System32\Tasks\WindowsFirewallNotifierTask => C:\Users\nots0\Desktop\incoming\WFN_1.9.0\Notifier.exe [2014-03-23] (Wokhan)
Task: {8CC16C9F-C0E2-4837-A00A-9570202E65C5} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2013-05-13] (Microsoft Corporation)
Task: {B5635BDE-0D64-48AD-A7C3-3F13FBB30EE8} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2013-05-13] (Microsoft Corporation)
Task: {D988972E-4207-4315-8666-E7BD8FA642AB} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-04-17] (Piriform Ltd)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Loaded Modules (whitelisted) =============

2013-03-09 14:40 - 2014-03-04 08:34 - 00109000 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax.dll
2014-04-15 15:59 - 2014-04-15 15:59 - 00568120 _____ () C:\Program Files\TuneUp Utilities 2014\avgreplibx.dll
2014-03-12 20:07 - 2014-03-12 20:07 - 08884904 _____ () C:\Program Files\Microsoft Office\Office15\1033\GrooveIntlResource.dll
2013-03-09 22:18 - 2013-03-09 22:04 - 00107520 _____ () C:\Program Files\DAEMON Tools Pro\BRD.dll
2013-05-21 09:12 - 2014-06-19 14:11 - 23950848 _____ () C:\Program Files\World of Warcraft\Utils\libcef.dll
2014-10-01 10:31 - 2014-10-01 10:31 - 04893784 _____ () C:\Users\nots0\Downloads\RogueKiller.exe
2014-01-26 06:10 - 2012-12-07 09:04 - 00515616 _____ () C:\Program Files\Foxit Software\Foxit Advanced PDF Editor\aspell.dll
2013-09-22 19:18 - 2013-09-22 19:18 - 00113664 _____ () C:\Program Files\VideoLAN\VLC\libvlc.dll
2013-09-22 19:19 - 2013-09-22 19:19 - 02341888 _____ () C:\Program Files\VideoLAN\VLC\libvlccore.dll
2013-09-22 19:18 - 2013-09-22 19:18 - 00246784 _____ () C:\Program Files\VideoLAN\VLC\plugins\access\libdshow_plugin.dll
2013-09-22 19:19 - 2013-09-22 19:19 - 00047616 _____ () C:\Program Files\VideoLAN\VLC\plugins\audio_output\libdirectsound_plugin.dll
2013-09-22 19:19 - 2013-09-22 19:19 - 00050688 _____ () C:\Program Files\VideoLAN\VLC\plugins\audio_output\libwaveout_plugin.dll
2013-09-22 19:19 - 2013-09-22 19:19 - 11749376 _____ () C:\Program Files\VideoLAN\VLC\plugins\gui\libqt4_plugin.dll
2013-09-22 19:18 - 2013-09-22 19:18 - 01283584 _____ () C:\Program Files\VideoLAN\VLC\plugins\misc\libxml_plugin.dll
2013-09-22 19:18 - 2013-09-22 19:18 - 00079360 _____ () C:\Program Files\VideoLAN\VLC\plugins\video_output\libdirectdraw_plugin.dll
2013-09-22 19:18 - 2013-09-22 19:18 - 02029568 _____ () C:\Program Files\VideoLAN\VLC\plugins\access\liblibbluray_plugin.dll
2013-09-22 19:18 - 2013-09-22 19:18 - 00100352 _____ () C:\Program Files\VideoLAN\VLC\plugins\access\libaccess_bd_plugin.dll
2013-09-22 19:18 - 2013-09-22 19:18 - 00258560 _____ () C:\Program Files\VideoLAN\VLC\plugins\access\libdvdnav_plugin.dll
2013-09-22 19:18 - 2013-09-22 19:18 - 00076288 _____ () C:\Program Files\VideoLAN\VLC\plugins\access\libaccess_vdr_plugin.dll
2013-09-22 19:18 - 2013-09-22 19:18 - 00046592 _____ () C:\Program Files\VideoLAN\VLC\plugins\access\libfilesystem_plugin.dll
2013-09-22 19:18 - 2013-09-22 19:18 - 00061440 _____ () C:\Program Files\VideoLAN\VLC\plugins\stream_filter\libsmooth_plugin.dll
2013-09-22 19:18 - 2013-09-22 19:18 - 00465920 _____ () C:\Program Files\VideoLAN\VLC\plugins\stream_filter\libhttplive_plugin.dll
2013-09-22 19:18 - 2013-09-22 19:18 - 00719872 _____ () C:\Program Files\VideoLAN\VLC\plugins\stream_filter\libdash_plugin.dll
2013-09-22 19:18 - 2013-09-22 19:18 - 00114688 _____ () C:\Program Files\VideoLAN\VLC\plugins\access\libzip_plugin.dll
2013-09-22 19:18 - 2013-09-22 19:18 - 00039936 _____ () C:\Program Files\VideoLAN\VLC\plugins\access\libstream_filter_rar_plugin.dll
2013-09-22 19:18 - 2013-09-22 19:18 - 00136704 _____ () C:\Program Files\VideoLAN\VLC\plugins\demux\libplaylist_plugin.dll
2013-09-22 19:18 - 2013-09-22 19:18 - 01409536 _____ () C:\Program Files\VideoLAN\VLC\plugins\meta_engine\libtaglib_plugin.dll
2013-09-22 19:18 - 2013-09-22 19:18 - 00300032 _____ () C:\Program Files\VideoLAN\VLC\plugins\lua\liblua_plugin.dll
2013-09-22 19:18 - 2013-09-22 19:18 - 00056320 _____ () C:\Program Files\VideoLAN\VLC\plugins\control\libhotkeys_plugin.dll
2013-09-22 19:18 - 2013-09-22 19:18 - 00038912 _____ () C:\Program Files\VideoLAN\VLC\plugins\control\libglobalhotkeys_plugin.dll
2013-09-22 19:18 - 2013-09-22 19:18 - 00378368 _____ () C:\Program Files\VideoLAN\VLC\plugins\services_discovery\libupnp_plugin.dll
2013-09-22 19:18 - 2013-09-22 19:18 - 00118272 _____ () C:\Program Files\VideoLAN\VLC\plugins\services_discovery\libsap_plugin.dll
2013-09-22 19:18 - 2013-09-22 19:18 - 00043520 _____ () C:\Program Files\VideoLAN\VLC\plugins\services_discovery\libpodcast_plugin.dll
2013-09-22 19:18 - 2013-09-22 19:18 - 00039936 _____ () C:\Program Files\VideoLAN\VLC\plugins\services_discovery\libmediadirs_plugin.dll
2013-09-22 19:18 - 2013-09-22 19:18 - 00037376 _____ () C:\Program Files\VideoLAN\VLC\plugins\services_discovery\libwindrive_plugin.dll
2013-09-22 19:18 - 2013-09-22 19:18 - 00048128 _____ () C:\Program Files\VideoLAN\VLC\plugins\demux\libes_plugin.dll
2013-09-22 19:19 - 2013-09-22 19:19 - 00350720 _____ () C:\Program Files\VideoLAN\VLC\plugins\codec\libtheora_plugin.dll
2013-09-22 19:18 - 2013-09-22 19:18 - 00038912 _____ () C:\Program Files\VideoLAN\VLC\plugins\codec\librawvideo_plugin.dll
2013-09-22 19:18 - 2013-09-22 19:18 - 00144896 _____ () C:\Program Files\VideoLAN\VLC\plugins\codec\libspeex_plugin.dll
2013-09-22 19:18 - 2013-09-22 19:18 - 01723904 _____ () C:\Program Files\VideoLAN\VLC\plugins\codec\libvorbis_plugin.dll
2013-09-22 19:19 - 2013-09-22 19:19 - 00037888 _____ () C:\Program Files\VideoLAN\VLC\plugins\codec\libaes3_plugin.dll
2013-09-22 19:18 - 2013-09-22 19:18 - 00044032 _____ () C:\Program Files\VideoLAN\VLC\plugins\codec\liblpcm_plugin.dll
2013-09-22 19:19 - 2013-09-22 19:19 - 00044032 _____ () C:\Program Files\VideoLAN\VLC\plugins\packetizer\libpacketizer_flac_plugin.dll
2013-09-22 19:19 - 2013-09-22 19:19 - 00049152 _____ () C:\Program Files\VideoLAN\VLC\plugins\packetizer\libpacketizer_dirac_plugin.dll
2013-09-22 19:19 - 2013-09-22 19:19 - 00043008 _____ () C:\Program Files\VideoLAN\VLC\plugins\packetizer\libpacketizer_mlp_plugin.dll
2013-09-22 19:19 - 2013-09-22 19:19 - 00066048 _____ () C:\Program Files\VideoLAN\VLC\plugins\packetizer\libpacketizer_mpeg4audio_plugin.dll
2013-09-22 19:19 - 2013-09-22 19:19 - 00057856 _____ () C:\Program Files\VideoLAN\VLC\plugins\packetizer\libpacketizer_vc1_plugin.dll
2013-09-22 19:18 - 2013-09-22 19:18 - 00039424 _____ () C:\Program Files\VideoLAN\VLC\plugins\codec\libsvcdsub_plugin.dll
2013-09-22 19:18 - 2013-09-22 19:18 - 00042496 _____ () C:\Program Files\VideoLAN\VLC\plugins\codec\libspudec_plugin.dll
2013-09-22 19:19 - 2013-09-22 19:19 - 00049664 _____ () C:\Program Files\VideoLAN\VLC\plugins\packetizer\libpacketizer_mpeg4video_plugin.dll
2013-09-22 19:19 - 2013-09-22 19:19 - 00047104 _____ () C:\Program Files\VideoLAN\VLC\plugins\packetizer\libpacketizer_mpegvideo_plugin.dll
2013-09-22 19:19 - 2013-09-22 19:19 - 00041472 _____ () C:\Program Files\VideoLAN\VLC\plugins\codec\libcvdsub_plugin.dll
2013-09-22 19:19 - 2013-09-22 19:19 - 00085504 _____ () C:\Program Files\VideoLAN\VLC\plugins\packetizer\libpacketizer_h264_plugin.dll
2013-09-22 19:19 - 2013-09-22 19:19 - 00041472 _____ () C:\Program Files\VideoLAN\VLC\plugins\codec\libmpeg_audio_plugin.dll
2013-09-22 19:18 - 2013-09-22 19:18 - 00192000 _____ () C:\Program Files\VideoLAN\VLC\plugins\demux\libmp4_plugin.dll
2013-09-22 19:18 - 2013-09-22 19:18 - 00091136 _____ () C:\Program Files\VideoLAN\VLC\plugins\demux\libavi_plugin.dll
2013-09-22 19:18 - 2013-09-22 19:18 - 00068096 _____ () C:\Program Files\VideoLAN\VLC\plugins\demux\libasf_plugin.dll
2013-09-22 19:18 - 2013-09-22 19:18 - 00077824 _____ () C:\Program Files\VideoLAN\VLC\plugins\demux\libflacsys_plugin.dll
2013-09-22 19:19 - 2013-09-22 19:19 - 00292864 _____ () C:\Program Files\VideoLAN\VLC\plugins\codec\libpng_plugin.dll
2013-09-22 19:19 - 2013-09-22 19:19 - 00040448 _____ () C:\Program Files\VideoLAN\VLC\plugins\codec\libcdg_plugin.dll
2013-09-22 19:18 - 2013-09-22 19:18 - 01297920 _____ () C:\Program Files\VideoLAN\VLC\plugins\codec\libschroedinger_plugin.dll
2013-09-22 19:19 - 2013-09-22 19:19 - 00041472 _____ () C:\Program Files\VideoLAN\VLC\plugins\codec\libdts_plugin.dll
2013-09-22 19:18 - 2013-09-22 19:18 - 00359424 _____ () C:\Program Files\VideoLAN\VLC\plugins\codec\libfaad_plugin.dll
2013-09-22 19:18 - 2013-09-22 19:18 - 00209408 _____ () C:\Program Files\VideoLAN\VLC\plugins\codec\libflac_plugin.dll
2013-09-22 19:19 - 2013-09-22 19:19 - 00049152 _____ () C:\Program Files\VideoLAN\VLC\plugins\codec\libg711_plugin.dll
2013-09-22 19:19 - 2013-09-22 19:19 - 01381376 _____ () C:\Program Files\VideoLAN\VLC\plugins\codec\liblibass_plugin.dll
2013-09-22 19:18 - 2013-09-22 19:18 - 00034816 _____ () C:\Program Files\VideoLAN\VLC\plugins\audio_mixer\libfloat_mixer_plugin.dll
2013-09-22 19:18 - 2013-09-22 19:18 - 00040960 _____ () C:\Program Files\VideoLAN\VLC\plugins\audio_filter\libscaletempo_plugin.dll
2013-09-22 19:18 - 2013-09-22 19:18 - 00130560 _____ () C:\Program Files\VideoLAN\VLC\plugins\audio_filter\libmpgatofixed32_plugin.dll
2013-09-22 19:18 - 2013-09-22 19:18 - 00183808 _____ () C:\Program Files\VideoLAN\VLC\plugins\audio_filter\libdtstofloat32_plugin.dll
2013-09-22 19:18 - 2013-09-22 19:18 - 00073728 _____ () C:\Program Files\VideoLAN\VLC\plugins\audio_filter\liba52tofloat32_plugin.dll
2013-09-22 19:18 - 2013-09-22 19:18 - 01518592 _____ () C:\Program Files\VideoLAN\VLC\plugins\audio_filter\libsamplerate_plugin.dll
2013-09-22 19:18 - 2013-09-22 19:18 - 00040960 _____ () C:\Program Files\VideoLAN\VLC\plugins\audio_filter\libsimple_channel_mixer_plugin.dll
2013-09-22 19:18 - 2013-09-22 19:18 - 00035328 _____ () C:\Program Files\VideoLAN\VLC\plugins\audio_filter\liba52tospdif_plugin.dll
2013-09-22 19:18 - 2013-09-22 19:18 - 00037376 _____ () C:\Program Files\VideoLAN\VLC\plugins\audio_filter\libdtstospdif_plugin.dll
2013-09-22 19:18 - 2013-09-22 19:18 - 00036352 _____ () C:\Program Files\VideoLAN\VLC\plugins\audio_filter\libdolby_surround_decoder_plugin.dll
2013-09-22 19:18 - 2013-09-22 19:18 - 00036352 _____ () C:\Program Files\VideoLAN\VLC\plugins\audio_filter\libugly_resampler_plugin.dll
2013-09-22 19:18 - 2013-09-22 19:18 - 00036864 _____ () C:\Program Files\VideoLAN\VLC\plugins\audio_filter\libtrivial_channel_mixer_plugin.dll
2013-09-22 19:18 - 2013-09-22 19:18 - 00046080 _____ () C:\Program Files\VideoLAN\VLC\plugins\audio_filter\libaudio_format_plugin.dll
2013-09-22 19:18 - 2013-09-22 19:18 - 00051712 _____ () C:\Program Files\VideoLAN\VLC\plugins\audio_filter\libequalizer_plugin.dll
2013-09-22 19:18 - 2013-09-22 19:18 - 00046080 _____ () C:\Program Files\VideoLAN\VLC\plugins\audio_filter\libcompressor_plugin.dll
2013-09-22 19:18 - 2013-09-22 19:18 - 00116736 _____ () C:\Program Files\VideoLAN\VLC\plugins\audio_filter\libspatializer_plugin.dll
2014-07-06 06:40 - 2014-07-06 06:34 - 00020288 _____ () C:\Program Files\CCleaner\branding.dll
2014-05-24 16:06 - 2014-05-12 01:51 - 01397880 _____ () C:\Program Files\Opera\21.0.1432.67\opera_crashreporter.exe
2014-05-24 16:06 - 2014-05-12 01:51 - 00877688 _____ () C:\Program Files\Opera\21.0.1432.67\libglesv2.dll
2014-05-24 16:06 - 2014-05-12 01:51 - 00135800 _____ () C:\Program Files\Opera\21.0.1432.67\libegl.dll
2014-05-24 16:06 - 2014-05-12 01:51 - 00957048 _____ () C:\Program Files\Opera\21.0.1432.67\ffmpegsumo.dll
2014-09-10 23:01 - 2014-09-10 23:01 - 16825520 _____ () C:\Windows\system32\Macromed\Flash\NPSWF32_15_0_0_152.dll
2014-03-31 14:08 - 2014-09-27 10:50 - 03715184 _____ () C:\Program Files\Mozilla Firefox\mozjs.dll
2014-08-19 02:02 - 2014-08-19 02:02 - 01020928 _____ () C:\Users\nots0\AppData\Roaming\Mozilla\Firefox\Profiles\tz0ans2l.default\extensions\[email protected]\platform\WINNT_x86-msvc\components\lpxpcom.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\3590F75ABA9E485486C100C1A9D4FF06ZZZ..Z.....ZZZZZ:1
AlternateDataStreams: C:\ProgramData\TEMP:9A870F8B
AlternateDataStreams: C:\ProgramData\TEMP:D1B5B4F1

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinFLAdrv.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PEVSystemStart => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\procexp90.Sys => ""="Driver"

==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

MSCONFIG\Services: AxInstSV => 3
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^StrongVaultApp.exe.lnk => C:\Windows\pss\StrongVaultApp.exe.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Who Is On My Wifi.lnk => C:\Windows\pss\Who Is On My Wifi.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^nots0^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^CurseClientStartup.ccip => C:\Windows\pss\CurseClientStartup.ccip.Startup
MSCONFIG\startupfolder: C:^Users^nots0^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Rainmeter.lnk => C:\Windows\pss\Rainmeter.lnkStartup
MSCONFIG\startupfolder: C:^Users^nots0^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Send to OneNote.lnk => C:\Windows\pss\Send to OneNote.lnkStartup
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: AdobeCEPServiceManager => "C:\Program Files\Common Files\Adobe\CEPServiceManager4\CEPServiceManager.exe" -launchedbylogin
MSCONFIG\startupreg: AdobeCS6ServiceManager => "C:\Program Files\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
MSCONFIG\startupreg: APSDaemon => "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: HDAudDeck => C:\Program Files\VIA\VIAudioi\VDeck\VDeck.exe -r
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: Skype => "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: Zune Launcher => "C:\Program Files\Zune\ZuneLauncher.exe"

========================= Accounts: ==========================

Administrator (S-1-5-21-2709076479-299211639-3247174901-500 - Administrator - Disabled)
Guest (S-1-5-21-2709076479-299211639-3247174901-501 - Limited - Disabled)
nots0 (S-1-5-21-2709076479-299211639-3247174901-1000 - Administrator - Enabled) => C:\Users\nots0

==================== Faulty Device Manager Devices =============

Name: WAN Miniport (L2TP)
Description: WAN Miniport (L2TP)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: Rasl2tp
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: WAN Miniport (Network Monitor)
Description: WAN Miniport (Network Monitor)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: NdisWan
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: WAN Miniport (IP)
Description: WAN Miniport (IP)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: NdisWan
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: WAN Miniport (IPv6)
Description: WAN Miniport (IPv6)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: NdisWan
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Microsoft ISATAP Adapter
Description: Microsoft ISATAP Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Microsoft ISATAP Adapter #2
Description: Microsoft ISATAP Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: WAN Miniport (PPPOE)
Description: WAN Miniport (PPPOE)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: RasPppoe
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Microsoft ISATAP Adapter #3
Description: Microsoft ISATAP Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: WAN Miniport (PPTP)
Description: WAN Miniport (PPTP)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: PptpMiniport
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Microsoft ISATAP Adapter #4
Description: Microsoft ISATAP Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Microsoft ISATAP Adapter #5
Description: Microsoft ISATAP Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: WAN Miniport (SSTP)
Description: WAN Miniport (SSTP)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: RasSstp
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: WAN Miniport (IKEv2)
Description: WAN Miniport (IKEv2)
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: RasAgileVpn
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (10/10/2014 01:14:55 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: vlc.exe, version: 2.1.0.0, time stamp: 0x523f7ac4
Faulting module name: vlc.exe, version: 2.1.0.0, time stamp: 0x523f7ac4
Exception code: 0xc0000005
Fault offset: 0x00001a5b
Faulting process id: 0x1b10
Faulting application start time: 0xvlc.exe0
Faulting application path: vlc.exe1
Faulting module path: vlc.exe2
Report Id: vlc.exe3

Error: (10/10/2014 04:00:31 AM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: )
Description: Subscription licensing service failed: -2147023838

Error: (10/09/2014 08:45:36 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.


Details:
AddLegacyDriverFiles: Unable to back up image of binary MpKsle9760d37.

System Error:
The system cannot find the file specified.
.

Error: (10/09/2014 08:38:29 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.


Details:
AddLegacyDriverFiles: Unable to back up image of binary MpKsle9760d37.

System Error:
The system cannot find the file specified.
.

Error: (10/09/2014 08:34:21 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.


Details:
AddLegacyDriverFiles: Unable to back up image of binary MpKsle9760d37.

System Error:
The system cannot find the file specified.
.

Error: (10/09/2014 03:56:41 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.


Details:
AddLegacyDriverFiles: Unable to back up image of binary MpKsle9760d37.

System Error:
The system cannot find the file specified.
.

Error: (10/09/2014 03:44:09 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.


Details:
AddLegacyDriverFiles: Unable to back up image of binary MpKsle9760d37.

System Error:
The system cannot find the file specified.
.

Error: (10/09/2014 03:43:32 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.


Details:
AddLegacyDriverFiles: Unable to back up image of binary MpKsle9760d37.

System Error:
The system cannot find the file specified.
.

Error: (10/09/2014 03:39:41 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.


Details:
AddLegacyDriverFiles: Unable to back up image of binary MpKsle9760d37.

System Error:
The system cannot find the file specified.
.

Error: (10/09/2014 03:35:53 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.


Details:
AddLegacyDriverFiles: Unable to back up image of binary MpKsle9760d37.

System Error:
The system cannot find the file specified.
.


System errors:
=============
Error: (10/10/2014 01:21:33 PM) (Source: DCOM) (EventID: 10001) (User: )
Description: C:\Windows\system32\DllHost.exe /Processid:{F9717507-6651-4EDB-BFF7-AE615179BCCF}5{C39EE728-D419-4BD4-A3EF-EDA059DBD935}

Error: (10/09/2014 11:38:45 PM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )
Description: %NT AUTHORITY60 has encountered an error trying to update signatures.

    New Signature Version:

    Previous Signature Version: 1.185.2649.0

    Update Source: %NT AUTHORITY59

    Update Stage: 4.5.0216.00

    Source Path: 4.5.0216.01

    Signature Type: %NT AUTHORITY602

    Update Type: %NT AUTHORITY604

    User: NT AUTHORITY\SYSTEM

    Current Engine Version: %NT AUTHORITY605

    Previous Engine Version: %NT AUTHORITY606

    Error code: %NT AUTHORITY607

    Error description: %NT AUTHORITY608

Error: (10/09/2014 11:26:04 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Malwarebytes Anti-Exploit Service service terminated unexpectedly.  It has done this 1 time(s).

Error: (10/09/2014 11:17:32 PM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )
Description: %NT AUTHORITY60 has encountered an error trying to update signatures.

    New Signature Version:

    Previous Signature Version: 1.185.2649.0

    Update Source: %NT AUTHORITY59

    Update Stage: 4.5.0216.00

    Source Path: 4.5.0216.01

    Signature Type: %NT AUTHORITY602

    Update Type: %NT AUTHORITY604

    User: NT AUTHORITY\SYSTEM

    Current Engine Version: %NT AUTHORITY605

    Previous Engine Version: %NT AUTHORITY606

    Error code: %NT AUTHORITY607

    Error description: %NT AUTHORITY608

Error: (10/09/2014 06:56:29 PM) (Source: DCOM) (EventID: 10000) (User: )
Description: C:\Windows\system32\DllHost.exe /Processid:{AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}5{AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}

Error: (10/09/2014 03:48:15 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Apple Mobile Device service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 60000 milliseconds: Restart the service.

Error: (10/09/2014 03:21:55 PM) (Source: DCOM) (EventID: 10000) (User: )
Description: C:\Windows\system32\DllHost.exe /Processid:{30D49246-D217-465F-B00B-AC9DDD652EB7}5{30D49246-D217-465F-B00B-AC9DDD652EB7}

Error: (10/09/2014 03:18:32 PM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )
Description: %NT AUTHORITY60 has encountered an error trying to update signatures.

    New Signature Version:

    Previous Signature Version: 1.185.2649.0

    Update Source: %NT AUTHORITY59

    Update Stage: 4.5.0216.00

    Source Path: 4.5.0216.01

    Signature Type: %NT AUTHORITY602

    Update Type: %NT AUTHORITY604

    User: NT AUTHORITY\SYSTEM

    Current Engine Version: %NT AUTHORITY605

    Previous Engine Version: %NT AUTHORITY606

    Error code: %NT AUTHORITY607

    Error description: %NT AUTHORITY608

Error: (10/09/2014 03:17:14 PM) (Source: Microsoft Antimalware) (EventID: 2001) (User: )
Description: %NT AUTHORITY60 has encountered an error trying to update signatures.

    New Signature Version:

    Previous Signature Version: 1.185.2649.0

    Update Source: %NT AUTHORITY59

    Update Stage: 4.5.0216.00

    Source Path: 4.5.0216.01

    Signature Type: %NT AUTHORITY602

    Update Type: %NT AUTHORITY604

    User: NT AUTHORITY\SYSTEM

    Current Engine Version: %NT AUTHORITY605

    Previous Engine Version: %NT AUTHORITY606

    Error code: %NT AUTHORITY607

    Error description: %NT AUTHORITY608

Error: (10/09/2014 03:13:41 PM) (Source: DCOM) (EventID: 10000) (User: )
Description: C:\Windows\system32\DllHost.exe /Processid:{3EB3C877-1F16-487C-9050-104DBCD66683}5{0358B920-0AC7-461F-98F4-58E32CD89148}


Microsoft Office Sessions:
=========================
Error: (10/10/2014 01:14:55 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: vlc.exe2.1.0.0523f7ac4vlc.exe2.1.0.0523f7ac4c000000500001a5b1b1001cfe24fb533e494C:\Program Files\VideoLAN\VLC\vlc.exeC:\Program Files\VideoLAN\VLC\vlc.exef225760d-50a0-11e4-99fe-e0cb4ec5d81b

Error: (10/10/2014 04:00:31 AM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: )
Description: Subscription licensing service failed: -2147023838

Error: (10/09/2014 08:45:36 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description:
Details:
AddLegacyDriverFiles: Unable to back up image of binary MpKsle9760d37.

System Error:
The system cannot find the file specified.

Error: (10/09/2014 08:38:29 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description:
Details:
AddLegacyDriverFiles: Unable to back up image of binary MpKsle9760d37.

System Error:
The system cannot find the file specified.

Error: (10/09/2014 08:34:21 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description:
Details:
AddLegacyDriverFiles: Unable to back up image of binary MpKsle9760d37.

System Error:
The system cannot find the file specified.

Error: (10/09/2014 03:56:41 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description:
Details:
AddLegacyDriverFiles: Unable to back up image of binary MpKsle9760d37.

System Error:
The system cannot find the file specified.

Error: (10/09/2014 03:44:09 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description:
Details:
AddLegacyDriverFiles: Unable to back up image of binary MpKsle9760d37.

System Error:
The system cannot find the file specified.

Error: (10/09/2014 03:43:32 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description:
Details:
AddLegacyDriverFiles: Unable to back up image of binary MpKsle9760d37.

System Error:
The system cannot find the file specified.

Error: (10/09/2014 03:39:41 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description:
Details:
AddLegacyDriverFiles: Unable to back up image of binary MpKsle9760d37.

System Error:
The system cannot find the file specified.

Error: (10/09/2014 03:35:53 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description:
Details:
AddLegacyDriverFiles: Unable to back up image of binary MpKsle9760d37.

System Error:
The system cannot find the file specified.


==================== Memory info ===========================

Processor: AMD Phenom™ II X4 955 Processor
Percentage of memory in use: 74%
Total physical RAM: 3327.18 MB
Available physical RAM: 841.04 MB
Total Pagefile: 13221.01 MB
Available Pagefile: 8290.37 MB
Total Virtual: 2047.88 MB
Available Virtual: 1894.27 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:931.41 GB) (Free:495.99 GB) NTFS
Drive d: (Repair disc Windows 7 32-bit) (CDROM) (Total:0.14 GB) (Free:0 GB) UDF

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: A32E54E3)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=931.4 GB) - (Type=07 NTFS)

==================== End Of Log ============================


  • 0

#8
cer0

cer0

    New Member

  • Topic Starter
  • Member
  • Pip
  • 6 posts

 

CKScanner 2.4 - Additional Security Risks - These are not necessarily bad
c:\games\#emulators\nintendo nes (fceux)\#roms\crackout (u) (prototype).zip
c:\games\#emulators\sega genesis (fusion364)\#roms\crack down (ue) [!].zip
c:\games\mark of the ninja special edition\data-pc\fx\explosion_firecracker.fx
c:\games\mark of the ninja special edition\data-pc\fx\sparks_firecracker_trail.fx
scanner sequence 3.ZZ.11.GNAAW0
 ----- EOF ----- 

 

 

  • 0

#9
Biscuithd

Biscuithd

    Trusted Helper

  • Malware Removal
  • 2,573 posts

Hello,

At first I struggled to understand why you did not run my fix and post the results. Yet, you did post results for other scans. Upon researching, I found that you have topics at MBAM, MajorGeeks, BC and here.

 

This very unethical as you now wasting the time of 4 Helper! I am closing this topic and notifying the other Helpers.


  • 1






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP