Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

RegSvr32 error The module ""C:\...\Idrrsoft\rbj

Started by kzion , Nov 21 2014 10:41 PM

  • This topic is locked This topic is locked

#1
kzion
Posted 21 November 2014 - 10:41 PM

kzion

    Member

  • Member
  • PipPip
  • 14 posts

Hello and good day,

I have a error message right up from start up..its

RegSvr32 error
The module "C:\...\Idrrsoft\rbjgaqpwc....." failed to load

 

And Eset sends me a warning that "iconscachehelper.dll" (sathurbot.A troyan Variant) has been detected and quarentained.

 

This happens everytime the laptop boots up
 

 

Already tried cleaning it with Eset smart security 6, malwarebyts anti-malware and adw cleaner

 

Adw cleaner found some idam or idom folders, and cleaned it.

I'll leave the OTL.txt here, thanks in advance.


 

OTL logfile created on: 11/21/2014 10:27:01 PM - Run 2
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Kzion\Desktop
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
 
7.98 Gb Total Physical Memory | 4.98 Gb Available Physical Memory | 62.39% Memory free
15.96 Gb Paging File | 12.31 Gb Available in Paging File | 77.10% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 686.22 Gb Total Space | 249.71 Gb Free Space | 36.39% Space Free | Partition Type: NTFS
 
Computer Name: DEZINA | User Name: Kzion | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - [2014/11/21 21:14:31 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Kzion\Desktop\OTL.exe
PRC - [2014/09/16 20:15:08 | 002,460,488 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
PRC - [2014/09/16 20:14:57 | 001,795,912 | ---- | M] (NVIDIA Corporation) -- C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
PRC - [2014/09/04 04:50:02 | 000,064,704 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2013/03/04 09:24:22 | 001,341,664 | ---- | M] (ESET) -- C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
PRC - [2012/01/20 14:23:00 | 000,054,432 | ---- | M] (Sony Corporation) -- C:\Program Files\Sony\VAIO Care\VCService.exe
PRC - [2011/07/07 16:44:12 | 000,183,432 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe
PRC - [2011/07/07 16:44:12 | 000,066,696 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Sony\VAIO Control Center\VESMgr.exe
PRC - [2011/06/24 14:34:09 | 002,656,536 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
PRC - [2011/06/24 14:33:54 | 000,326,424 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
PRC - [2011/03/31 06:55:40 | 000,034,816 | ---- | M] (3d-io GmbH) -- C:\Program Files (x86)\3d-io plugins\licensing_v2\ActiveLockServerV2.exe
PRC - [2011/03/15 15:44:30 | 000,428,384 | ---- | M] (Sony Corporation) -- C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe
PRC - [2011/02/24 01:10:24 | 000,212,944 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe
PRC - [2011/01/12 19:00:42 | 000,013,336 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
 
 
========== Modules (No Company Name) ==========
 
MOD - [2014/11/14 15:15:24 | 014,910,280 | ---- | M] () -- C:\Users\Kzion\AppData\Local\Google\Chrome\Application\39.0.2171.65\PepperFlash\pepflashplayer.dll
MOD - [2014/11/14 15:15:23 | 009,009,480 | ---- | M] () -- C:\Users\Kzion\AppData\Local\Google\Chrome\Application\39.0.2171.65\pdf.dll
MOD - [2014/11/14 15:15:19 | 001,077,064 | ---- | M] () -- C:\Users\Kzion\AppData\Local\Google\Chrome\Application\39.0.2171.65\libglesv2.dll
MOD - [2014/11/14 15:15:17 | 000,211,272 | ---- | M] () -- C:\Users\Kzion\AppData\Local\Google\Chrome\Application\39.0.2171.65\libegl.dll
MOD - [2014/11/14 15:15:16 | 001,677,128 | ---- | M] () -- C:\Users\Kzion\AppData\Local\Google\Chrome\Application\39.0.2171.65\ffmpegsumo.dll
MOD - [2010/01/21 01:34:10 | 008,793,952 | ---- | M] () -- C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveIntlResource.dll
MOD - [2010/01/09 20:18:18 | 004,254,560 | ---- | M] () -- C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
 
 
========== Services (SafeList) ==========
 
SRV:64bit: - [2014/11/19 13:41:59 | 004,374,072 | ---- | M] (SoftEther VPN Project at University of Tsukuba, Japan.) [Auto | Running] -- C:\Program Files\SoftEther VPN Client\vpnclient_x64.exe -- (SEVPNCLIENT)
SRV:64bit: - [2014/09/16 20:14:56 | 001,148,744 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe -- (GfExperienceService)
SRV:64bit: - [2014/09/16 20:14:52 | 019,439,944 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe -- (NvStreamSvc)
SRV:64bit: - [2014/08/08 16:17:21 | 001,432,400 | ---- | M] (Flexera Software, Inc.) [On_Demand | Stopped] -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe -- (FLEXnet Licensing Service 64)
SRV:64bit: - [2014/07/16 02:24:28 | 000,043,320 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Windows\SysNative\uxtuneup.dll -- (UxTuneUp)
SRV:64bit: - [2013/06/05 20:09:52 | 000,598,808 | ---- | M] (Wacom Technology, Corp.) [Disabled | Stopped] -- C:\Program Files\Tablet\Wacom\WTabletServicePro.exe -- (WTabletServicePro)
SRV:64bit: - [2013/03/04 09:24:22 | 001,341,664 | ---- | M] (ESET) [Auto | Running] -- C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe -- (ekrn)
SRV:64bit: - [2012/01/20 14:23:00 | 000,054,432 | ---- | M] (Sony Corporation) [On_Demand | Running] -- C:\Program Files\Sony\VAIO Care\VCService.exe -- (VCService)
SRV:64bit: - [2012/01/13 09:41:36 | 001,256,040 | ---- | M] (Sony Corporation) [On_Demand | Running] -- C:\Program Files\Sony\VAIO Update Common\VUAgent.exe -- (VUAgent)
SRV:64bit: - [2011/11/30 17:49:50 | 000,260,768 | ---- | M] (Sony Corporation) [Disabled | Stopped] -- C:\Program Files\Sony\VAIO Care\VCPerfService.exe -- (SampleCollector)
SRV:64bit: - [2011/07/15 17:43:38 | 000,969,352 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files\Sony\VAIO Smart Network\VSNService.exe -- (VSNService)
SRV:64bit: - [2011/06/14 11:31:06 | 000,498,688 | ---- | M] (Red Bend Ltd.) [Disabled | Stopped] -- C:\Program Files\Intel\WiMAX\Bin\DMAgent.exe -- (DMAgent)
SRV:64bit: - [2011/06/14 11:26:20 | 000,986,112 | ---- | M] (Intel® Corporation) [Disabled | Stopped] -- C:\Program Files\Intel\WiMAX\Bin\AppSrv.exe -- (WiMAXAppSrv)
SRV:64bit: - [2011/06/01 13:38:30 | 001,517,328 | ---- | M] (Intel® Corporation) [Disabled | Stopped] -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe -- (EvtEng)
SRV:64bit: - [2011/06/01 13:23:40 | 000,340,240 | ---- | M] () [Disabled | Stopped] -- C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe -- (MyWiFiDHCPDNS)
SRV:64bit: - [2011/06/01 13:19:58 | 000,844,560 | ---- | M] (Intel® Corporation) [Disabled | Stopped] -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe -- (RegSrvc)
SRV:64bit: - [2011/05/31 17:51:20 | 000,552,584 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files\Sony\VAIO Power Management\SPMService.exe -- (VAIO Power Management)
SRV:64bit: - [2011/05/19 20:15:44 | 000,549,616 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\VCM Intelligent Analyzing Manager\VcmIAlzMgr.exe -- (VcmIAlzMgr)
SRV:64bit: - [2011/05/12 17:01:46 | 000,970,016 | ---- | M] (Broadcom Corporation.) [Disabled | Stopped] -- C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe -- (btwdins)
SRV:64bit: - [2011/02/18 23:15:06 | 000,099,104 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\VcmXml\VcmXmlIfHelper64.exe -- (VcmXmlIfHelper)
SRV:64bit: - [2011/02/18 23:02:08 | 000,385,336 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Sony\VCM Intelligent Network Service Manager\VcmINSMgr.exe -- (VcmINSMgr)
SRV:64bit: - [2011/01/20 13:27:18 | 000,286,936 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Sony Shared\VAIO Entertainment Platform\SPF\SpfService64.exe -- (SpfService)
SRV:64bit: - [2010/10/21 09:38:38 | 005,790,064 | ---- | M] (Wacom Technology, Corp.) [Disabled | Stopped] -- C:\Program Files\Tablet\Pen\Pen_Tablet.exe -- (TabletServicePen)
SRV:64bit: - [2010/10/21 09:38:38 | 000,487,280 | ---- | M] (Wacom Technology, Corp.) [Disabled | Stopped] -- C:\Program Files\Tablet\Pen\Pen_TouchService.exe -- (TouchServicePen)
SRV:64bit: - [2010/09/22 19:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV:64bit: - [2009/07/13 19:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2014/11/12 14:46:08 | 000,409,800 | ---- | M] (NVIDIA Corporation) [Disabled | Stopped] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2014/11/11 20:24:29 | 000,267,440 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2014/10/01 11:09:30 | 000,968,504 | ---- | M] (Malwarebytes Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe -- (MBAMService)
SRV - [2014/10/01 11:09:28 | 001,871,160 | ---- | M] (Malwarebytes Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe -- (MBAMScheduler)
SRV - [2014/09/16 20:14:57 | 001,795,912 | ---- | M] (NVIDIA Corporation) [Auto | Running] -- C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe -- (NvNetworkService)
SRV - [2014/09/04 04:50:02 | 000,064,704 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2014/07/16 02:24:32 | 002,145,080 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe -- (TuneUp.UtilitiesSvc)
SRV - [2014/07/16 02:24:26 | 000,036,152 | ---- | M] (TuneUp Software) [Auto | Running] -- C:\Windows\SysWOW64\uxtuneup.dll -- (UxTuneUp)
SRV - [2014/06/23 10:43:02 | 002,524,496 | ---- | M] (LogMeIn Inc.) [Disabled | Stopped] -- C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe -- (Hamachi2Svc)
SRV - [2014/06/17 08:53:00 | 003,482,368 | ---- | M] (INCA Internet Co., Ltd.) [On_Demand | Stopped] -- C:\Windows\SysWOW64\GameMon.des -- (npggsvc)
SRV - [2014/04/15 15:07:54 | 000,377,616 | ---- | M] (LogMeIn, Inc.) [Disabled | Stopped] -- C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe -- (LMIGuardianSvc)
SRV - [2014/03/13 17:45:08 | 000,770,832 | ---- | M] (BlueStack Systems, Inc.) [Disabled | Stopped] -- C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe -- (BstHdUpdaterSvc)
SRV - [2014/03/13 17:43:14 | 000,385,808 | ---- | M] (BlueStack Systems, Inc.) [Disabled | Stopped] -- C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe -- (BstHdLogRotatorSvc)
SRV - [2014/03/13 17:42:40 | 000,402,192 | ---- | M] (BlueStack Systems, Inc.) [Disabled | Stopped] -- C:\Program Files (x86)\BlueStacks\HD-Service.exe -- (BstHdAndroidSvc)
SRV - [2013/08/29 12:01:52 | 000,651,720 | ---- | M] (Macrovision Europe Ltd.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2013/07/02 22:06:06 | 000,061,440 | ---- | M] (Digital Delivery Networks, Inc.) [Disabled | Stopped] -- C:\Program Files (x86)\DDNi\Oasis2Service\Oasis2Service.exe -- (Oasis2Service)
SRV - [2012/11/01 08:59:50 | 000,186,512 | ---- | M] (Paltiosoft Inc.) [Disabled | Stopped] -- C:\Program Files (x86)\SoftDenchi\UCManSvc.exe -- (UCManSvc)
SRV - [2012/02/03 15:05:49 | 000,008,192 | ---- | M] () [Auto | Stopped] -- C:\Windows\SysWOW64\srvany.exe -- (KMService)
SRV - [2011/07/07 16:44:12 | 000,066,696 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files (x86)\Sony\VAIO Control Center\VESMgr.exe -- (VAIO Event Service)
SRV - [2011/06/24 14:34:09 | 002,656,536 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2011/06/24 14:33:54 | 000,326,424 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2011/04/13 06:58:14 | 000,084,088 | ---- | M] (Symantec Corporation) [Disabled | Stopped] -- C:\Program Files (x86)\Symantec\VIP Access Client\VIPAppService.exe -- (VIPAppService)
SRV - [2011/03/31 06:55:40 | 000,034,816 | ---- | M] (3d-io GmbH) [Auto | Running] -- C:\Program Files (x86)\3d-io plugins\licensing_v2\ActiveLockServerV2.exe -- (3d-io License Server v2.0)
SRV - [2011/03/15 15:44:30 | 000,428,384 | ---- | M] (Sony Corporation) [Auto | Running] -- C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe -- (PMBDeviceInfoProvider)
SRV - [2011/02/24 01:10:24 | 000,212,944 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe -- (jhi_service)
SRV - [2011/02/21 13:55:08 | 000,113,824 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHCImp.exe -- (SOHCImp)
SRV - [2011/02/21 13:55:08 | 000,067,232 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Sony Shared\SOHLib\SOHDs.exe -- (SOHDs)
SRV - [2011/01/20 13:16:26 | 000,887,000 | ---- | M] (Sony Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe -- (VCFw)
SRV - [2011/01/12 19:00:42 | 000,013,336 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc)
SRV - [2010/05/20 17:15:00 | 000,110,736 | R--- | M] (InterVideo) [Disabled | Stopped] -- C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe -- (IviRegMgr)
SRV - [2010/03/18 15:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2010/03/18 12:19:26 | 000,113,152 | ---- | M] (ArcSoft Inc.) [Disabled | Stopped] -- C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe -- (ACDaemon)
SRV - [2010/03/11 15:06:06 | 000,193,824 | ---- | M] (Protexis Inc.) [Disabled | Stopped] -- C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe -- (PSI_SVC_2)
SRV - [2010/02/19 12:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2009/06/10 15:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - [2014/11/19 13:48:24 | 000,028,768 | ---- | M] (SoftEther VPN Project at University of Tsukuba, Japan.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Neo_0087.sys -- (Neo_VPN)
DRV:64bit: - [2014/10/01 11:11:26 | 000,063,704 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mwac.sys -- (MBAMWebAccessControl)
DRV:64bit: - [2014/10/01 11:11:12 | 000,025,816 | ---- | M] (Malwarebytes Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mbam.sys -- (MBAMProtector)
DRV:64bit: - [2014/09/16 22:51:20 | 000,197,408 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:64bit: - [2014/09/16 20:14:52 | 000,019,272 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys -- (NvStreamKms)
DRV:64bit: - [2014/09/04 13:14:38 | 000,038,048 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nvvad64v.sys -- (nvvad_WaveExtensible)
DRV:64bit: - [2014/09/02 00:30:52 | 000,032,512 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hitmanpro37.sys -- (hitmanpro37)
DRV:64bit: - [2014/05/03 18:31:15 | 000,254,528 | ---- | M] (DT Soft Ltd) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\dtsoftbus01.sys -- (dtsoftbus01)
DRV:64bit: - [2013/04/30 11:18:10 | 000,085,304 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wachidrouter.sys -- (WacHidRouter)
DRV:64bit: - [2013/04/30 11:18:10 | 000,014,136 | ---- | M] (Windows ® Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hidkmdf.sys -- (hidkmdf)
DRV:64bit: - [2013/03/08 15:56:21 | 000,121,416 | ---- | M] (MotioninJoy) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\MijXfilt.sys -- (MotioninJoyXFilter)
DRV:64bit: - [2013/02/14 12:21:06 | 000,058,416 | ---- | M] (ESET) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\epfwwfp.sys -- (epfwwfp)
DRV:64bit: - [2013/02/14 12:21:04 | 000,213,416 | ---- | M] (ESET) [File_System | System | Running] -- C:\Windows\SysNative\drivers\eamonm.sys -- (eamonm)
DRV:64bit: - [2013/01/10 09:25:22 | 000,190,232 | ---- | M] (ESET) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\epfw.sys -- (epfw)
DRV:64bit: - [2013/01/10 09:25:22 | 000,059,440 | ---- | M] (ESET) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\EpfwLWF.sys -- (EpfwLWF)
DRV:64bit: - [2013/01/10 09:25:20 | 000,150,616 | ---- | M] (ESET) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ehdrv.sys -- (ehdrv)
DRV:64bit: - [2012/12/20 16:20:06 | 000,015,344 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\wacomrouterfilter.sys -- (wacomrouterfilter)
DRV:64bit: - [2012/12/13 13:50:36 | 000,054,784 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2012/08/21 13:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2012/01/17 09:40:10 | 000,052,832 | ---- | M] (http://libusb-win32.sourceforge.net) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\libusb0.sys -- (libusb0)
DRV:64bit: - [2011/08/02 17:38:44 | 000,022,528 | ---- | M] (Apple Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netaapl64.sys -- (Netaapl)
DRV:64bit: - [2011/07/28 02:38:42 | 000,439,320 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2011/06/24 14:33:53 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:64bit: - [2011/06/23 15:51:41 | 000,098,816 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\risdsnxc64.sys -- (risdsnpe)
DRV:64bit: - [2011/06/23 15:44:52 | 000,102,400 | ---- | M] (REDC) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\rimssne64.sys -- (rimspci)
DRV:64bit: - [2011/06/23 15:26:45 | 000,471,144 | ---- | M] (Realtek                                            ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)
DRV:64bit: - [2011/06/22 14:06:30 | 001,404,464 | ---- | M] (Synaptics Incorporated) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SynTP.sys -- (SynTP)
DRV:64bit: - [2011/06/21 18:16:16 | 000,021,544 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwrchid.sys -- (btwrchid)
DRV:64bit: - [2011/06/21 18:16:11 | 000,164,392 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwavdt.sys -- (btwavdt)
DRV:64bit: - [2011/06/21 18:16:11 | 000,150,568 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwaudio.sys -- (btwaudio)
DRV:64bit: - [2011/06/21 18:16:10 | 000,437,288 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwampfl.sys -- (BTWAMPFL)
DRV:64bit: - [2011/06/21 18:13:25 | 000,039,976 | ---- | M] (Broadcom Corporation.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btwl2cap.sys -- (btwl2cap)
DRV:64bit: - [2011/05/19 14:25:10 | 000,182,272 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\bpmp.sys -- (bpmp)
DRV:64bit: - [2011/05/19 14:25:04 | 000,083,968 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\bpusb.sys -- (bpusb)
DRV:64bit: - [2011/05/19 14:25:00 | 000,084,480 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\bpenum.sys -- (bpenum)
DRV:64bit: - [2011/05/01 15:33:06 | 008,593,920 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NETwNs64.sys -- (NETwNs64)
DRV:64bit: - [2011/03/11 00:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 00:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2010/12/10 14:50:36 | 000,181,248 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3xhc.sys -- (nusb3xhc)
DRV:64bit: - [2010/12/10 14:50:36 | 000,080,384 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\nusb3hub.sys -- (nusb3hub)
DRV:64bit: - [2010/11/20 21:24:33 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/11/20 21:23:47 | 000,109,056 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2010/11/20 21:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/20 21:23:47 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2010/10/05 13:26:02 | 000,012,848 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\wacommousefilter.sys -- (wacommousefilter)
DRV:64bit: - [2010/10/05 13:26:00 | 000,016,168 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\wacomvhid.sys -- (wacomvhid)
DRV:64bit: - [2010/08/19 19:24:34 | 000,074,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\xusb21.sys -- (xusb21)
DRV:64bit: - [2010/04/26 14:20:29 | 000,012,032 | ---- | M] (Sony Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SFEP.sys -- (SFEP)
DRV:64bit: - [2009/07/26 20:54:30 | 000,090,544 | ---- | M] (PowerISO Computing, Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\scdemu.sys -- (SCDEmu)
DRV:64bit: - [2009/07/13 19:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 19:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 19:47:48 | 000,023,104 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2009/07/13 19:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/06/19 20:09:57 | 001,394,688 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:64bit: - [2009/06/10 14:35:02 | 000,281,088 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\e1y60x64.sys -- (e1yexpress)
DRV:64bit: - [2009/06/10 14:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 14:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 14:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 14:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2009/03/18 16:35:42 | 000,033,856 | -H-- | M] (LogMeIn, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\hamachi.sys -- (hamachi)
DRV:64bit: - [2007/04/17 12:51:50 | 000,014,112 | ---- | M] (InterVideo) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\regi.sys -- (regi)
DRV - [2014/06/20 11:54:48 | 000,064,064 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files (x86)\Cheat Engine 6.4\dbk64.sys -- (CEDRIVER60)
DRV - [2014/05/27 13:03:38 | 000,014,112 | ---- | M] (TuneUp Software) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesDriver64.sys -- (TuneUpUtilitiesDrv)
DRV - [2014/03/13 17:43:02 | 000,121,616 | ---- | M] (BlueStack Systems) [Kernel | Auto | Running] -- C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys -- (BstHdDrv)
DRV - [2009/07/13 19:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
DRV - [2005/03/09 20:50:16 | 000,033,792 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\libusb0.sys -- (libusb0)
 
 
========== Standard Registry (All) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=69157
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL =  [binary data]
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\system32\blank.htm
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft....k/?LinkId=69157
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL =  [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = Preserve
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://prodigy.msn.c...opt=0&ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-US
IE - HKCU\..\URLSearchHook: {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\Windows\SysWOW64\ieframe.dll (Microsoft Corporation)
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = <-loopback>
 
 
========== FireFox ==========
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_223.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@bestbuy.com/npBestBuyPcAppDetector,version=1.0: C:\ProgramData\Best Buy pc app\npBestBuyPcAppDetector.dll (Best Buy)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.60.2: C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.60.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@wacom.com/wtPlugin,version=2.1.0.3: C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF:64bit: - HKLM\Software\MozillaPlugins\adobe.com/AdobeAAMDetect: C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll (Adobe Systems)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_223.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@bestbuy.com/npBestBuyPcAppDetector,version=1.0: C:\ProgramData\Best Buy pc app\npBestBuyPcAppDetector.dll (Best Buy)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.71.2: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.71.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MIF5BA~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MIF5BA~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@pandonetworks.com/PandoWebPlugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll File not found
FF - HKLM\Software\MozillaPlugins\@raidcall.en/RCplugin: C:\Users\Kzion\AppData\Roaming\raidcall\plugins\nprcplugin.dll (Raidcall)
FF - HKLM\Software\MozillaPlugins\@SonyCreativeSoftware.com/Media Go,version=1.0: C:\Program Files (x86)\Sony\Media Go\npmediago.dll (Sony Network Entertainment International LLC)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.3: C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@wacom.com/wacom-plugin,version=1.1.0.5: C:\Program Files (x86)\TabletPlugins\npwacom.dll (Wacom, Inc.)
FF - HKLM\Software\MozillaPlugins\@wacom.com/wtPlugin,version=2.1.0.3: C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF - HKLM\Software\MozillaPlugins\Adobe Acrobat: C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKLM\Software\MozillaPlugins\adobe.com/AdobeAAMDetect: C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll (Adobe Systems)
FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\Kzion\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Kzion\AppData\Local\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Kzion\AppData\Local\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\Kzion\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF - HKCU\Software\MozillaPlugins\wacom.com/WacomTabletPlugin: C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
 
64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\[email protected]: C:\PROGRAM FILES\ESET\ESET SMART SECURITY\MOZILLA THUNDERBIRD [2013/03/28 19:55:30 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\Symantec\VIP Access Client\ [2011/10/10 22:54:16 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn [2014/11/03 15:57:01 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\[email protected]: C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird [2013/03/28 19:55:30 | 000,000,000 | ---D | M]
 
[2012/12/07 17:48:38 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions
[2012/10/23 11:31:14 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA}
 
========== Chrome  ==========
 
CHR - default_search_provider:  (Enabled)
CHR - default_search_provider: search_url = 
CHR - default_search_provider: suggest_url = 
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Kzion\AppData\Local\Google\Chrome\Application\39.0.2171.65\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Kzion\AppData\Local\Google\Chrome\Application\39.0.2171.65\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Kzion\AppData\Local\Google\Chrome\Application\39.0.2171.65\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_265.dll
CHR - plugin: Adobe Acrobat (Enabled) = C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll
CHR - plugin: Java Deployment Toolkit 6.0.260.3 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java™ Platform SE 6 U26 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin7.dll
CHR - plugin: RealPlayer™ G2 LiveConnect-Enabled Plug-In (32-bit)  (Enabled) = C:\Program Files (x86)\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll
CHR - plugin: RealPlayer Version Plugin (Enabled) = C:\Program Files (x86)\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll
CHR - plugin: NVIDIA 3D Vision (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
CHR - plugin: NVIDIA 3D VISION (Enabled) = C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
CHR - plugin: Media Go Detector (Enabled) = C:\Program Files (x86)\Sony\Media Go\npmediago.dll
CHR - plugin: Windows Live™ Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Best Buy pc app Detector (Enabled) = C:\ProgramData\Best Buy pc app\npBestBuyPcAppDetector.dll
CHR - plugin: Google Update (Enabled) = C:\Users\Kzion\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\4.1.10111.0\npctrl.dll
CHR - Extension: No name found = C:\Users\Kzion\AppData\Local\Google\Chrome\User Data\Default\Extensions\afjaicccalbbickikgdegaihmajaidpd\27_0\
CHR - Extension: No name found = C:\Users\Kzion\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn\0.1.1.5023_0\
CHR - Extension: No name found = C:\Users\Kzion\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: No name found = C:\Users\Kzion\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.7_0\
CHR - Extension: No name found = C:\Users\Kzion\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: No name found = C:\Users\Kzion\AppData\Local\Google\Chrome\User Data\Default\Extensions\febdkhimnahpmjpbidcofjdpjjggojhj\1.55_0\
CHR - Extension: No name found = C:\Users\Kzion\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\
CHR - Extension: No name found = C:\Users\Kzion\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\
 
O1 HOSTS File: ([2014/11/21 14:47:55 | 000,001,497 | RHS- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1       localhost
O1 - Hosts: ::1             localhost
O1 - Hosts: 212.83.161.214 www.google-analytics.com.
O1 - Hosts: 212.83.161.214 google-analytics.com.
O1 - Hosts: 212.83.161.214 connect.facebook.net.
O1 - Hosts: 85.17.81.55 www.google-analytics.com.
O1 - Hosts: 85.17.81.55 google-analytics.com.
O1 - Hosts: 85.17.81.55 connect.facebook.net.
O1 - Hosts: 146.0.75.28 www.google-analytics.com.
O1 - Hosts: 146.0.75.28 google-analytics.com.
O1 - Hosts: 146.0.75.28 connect.facebook.net.
O2:64bit: - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2:64bit: - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2:64bit: - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O2:64bit: - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2:64bit: - BHO: (Symantec VIP Access Add-On) - {C63CD127-A1CB-4D49-A4F7-D6F88A917BE6} - C:\Program Files (x86)\Symantec\VIP Access Client\64bit\VIPAddOnForIE64.dll (Symantec Corporation)
O2:64bit: - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (Groove GFS Browser Helper) - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Windows Live ID Sign-in Helper) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
O2 - BHO: (Adobe PDF Conversion Toolbar Helper) - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (Symantec VIP Access Add-On) - {C63CD127-A1CB-4D49-A4F7-D6F88A917BE6} - C:\Program Files (x86)\Symantec\VIP Access Client\VIPAddOnForIE.dll (Symantec Corporation)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (Microsoft Web Test Recorder 10.0 Helper) - {DDA57003-0068-4ed2-9D32-4D1EC707D94D} - C:\Program Files (x86)\Microsoft Visual Studio 10.0\Common7\IDE\PrivateAssemblies\Microsoft.VisualStudio.QualityTools.RecorderBarBHO100.dll (Microsoft Corporation)
O2 - BHO: (SmartSelect Class) - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (Adobe PDF) - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4:64bit: - HKLM..\Run: [egui] C:\Program Files\ESET\ESET Smart Security\egui.exe (ESET)
O4:64bit: - HKLM..\Run: [IntelPAN] C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe (Intel® Corporation)
O4:64bit: - HKLM..\Run: [NvBackend] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (NVIDIA Corporation)
O4:64bit: - HKLM..\Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Synaptics Incorporated)
O4 - HKLM..\Run: []  File not found
O4 - HKLM..\Run: [Acrobat Assistant 8.0] C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe (Adobe Systems Inc.)
O4 - HKLM..\Run: [BCSSync] C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe (Microsoft Corporation)
O4 - HKCU..\Run: [Idrrsoft] C:\Windows\SysWow64\regsvr32.exe (Microsoft Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: ForceActiveDesktopOn = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableUIADesktopToggle = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ValidateAdminCodeSignatures = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption = 
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext = 
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: scforceoption = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: FilterAdministratorToken = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_TEXT = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_BITMAP = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_OEMTEXT = 7
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIB = 8
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_PALETTE = 9
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_UNICODETEXT = 13
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\UIPI\Clipboard\ExceptionFormats: CF_DIBV5 = 17
O9:64bit: - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9:64bit: - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9:64bit: - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra Button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra Button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll (Microsoft Corporation)
O9 - Extra Button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll (Microsoft Corporation)
O9 - Extra Button: @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)
O9 - Extra 'Tools' menuitem : @C:\Program Files (x86)\Evernote\Evernote\Resource.dll,-101 - {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 333 W Evelyn Ave. Mountain View, CA 94041)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000001 [] - C:\Windows\SysNative\nlaapi.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000002 [] - C:\Windows\SysNative\NapiNSP.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000003 [] - C:\Windows\SysNative\pnrpnsp.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000004 [] - C:\Windows\SysNative\pnrpnsp.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000005 [] - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000006 [] - C:\Windows\SysNative\winrnr.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Windows\SysNative\wshbth.dll (Microsoft Corporation)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000009 [] - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000010 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000001 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000002 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000003 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000004 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000005 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000006 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000007 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000008 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000009 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000010 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10:64bit: - Protocol_Catalog9\Catalog_Entries64\000000000011 - C:\Windows\SysNative\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\Windows\SysWOW64\nlaapi.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000002 [] - C:\Windows\SysWOW64\NapiNSP.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000003 [] - C:\Windows\SysWOW64\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Windows\SysWOW64\pnrpnsp.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000005 [] - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000006 [] - C:\Windows\SysWOW64\winrnr.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Windows\SysWOW64\wshbth.dll (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000009 [] - C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL (Microsoft Corp.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000010 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000006 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000007 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000008 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000009 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000010 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000011 - C:\Windows\SysWOW64\mswsock.dll (Microsoft Corporation)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} http://messenger.zon...kr.cab56986.cab (Checkers Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 10.71.2)
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} http://messenger.zon...nt.cab56907.cab (MessengerStatsClient Class)
O16 - DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_22)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 10.71.2)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{13FC45AC-C586-464D-BC69-16B813C0C8AF}: NameServer = 8.8.8.8,8.8.8.8
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{797D3F7B-0668-446D-A899-D3E4CF1232B9}: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{797D3F7B-0668-446D-A899-D3E4CF1232B9}: NameServer = 8.8.8.8,8.8.8.8
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{AF11626F-8F0A-4E4B-B3A9-EA1B307B9C9D}: NameServer = 8.8.8.8,8.8.8.8
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{AF1173D5-51B5-4CE2-A68D-8419C83BB6E8}: DhcpNameServer = 10.233.18.4 10.233.19.4
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{AF1173D5-51B5-4CE2-A68D-8419C83BB6E8}: NameServer = 8.8.8.8,8.8.8.8
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{BA80F345-61D0-4D1D-B1B2-F0CBC3610559}: NameServer = 8.8.8.8,8.8.8.8
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C28CA559-ED37-4BBC-B3E6-8BB6E9B02072}: NameServer = 8.8.8.8,8.8.8.8
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{EA2E840E-E171-4A02-868D-EAF327B41214}: NameServer = 8.8.8.8,8.8.8.8
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{EAD8D63E-6ED2-49BF-9BC4-6EA4E00BFD50}: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{EAD8D63E-6ED2-49BF-9BC4-6EA4E00BFD50}: NameServer = 8.8.8.8,8.8.8.8
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{FF7556A8-9A07-4477-9AF7-8FD2D7404E4F}: NameServer = 8.8.8.8,8.8.8.8
O18:64bit: - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\SysNative\MSVidCtl.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysNative\itss.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\SysNative\inetcomm.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysNative\urlmon.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysNative\itss.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\skype4com - No CLSID value found
O18:64bit: - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\SysNative\MSVidCtl.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysNative\mshtml.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\about {3050F406-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\cdl {3dd53d40-7b8b-11D0-b013-00aa0059ce02} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\dvd {12D51199-0DB5-46FE-A120-47A3D7D937CC} - C:\Windows\SysWOW64\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\file {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ftp {79eac9e3-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\http {79eac9e2-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\https {79eac9e5-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysWOW64\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\javascript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\local {79eac9e7-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\mailto {3050f3DA-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\mhtml {05300401-BCBC-11d0-85E3-00C04FD85AB4} - C:\Windows\SysWOW64\inetcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\mk {79eac9e6-baf9-11ce-8c82-00aa004ba90b} - C:\Windows\SysWOW64\urlmon.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files (x86)\Common Files\microsoft shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\ms-its {9D148291-B9C8-11D0-A4CC-0000F80149F6} - C:\Windows\SysWOW64\itss.dll (Microsoft Corporation)
O18 - Protocol\Handler\res {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
O18 - Protocol\Handler\tv {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} - C:\Windows\SysWOW64\MSVidCtl.dll (Microsoft Corporation)
O18 - Protocol\Handler\vbscript {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} - C:\Windows\SysWOW64\mshtml.dll (Microsoft Corporation)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files (x86)\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O18 - Protocol\Handler\wlpg {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysNative\mscoree.dll (Microsoft Corporation)
O18:64bit: - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation)
O18 - Protocol\Filter\application/octet-stream {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWow64\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-complus {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWow64\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\application/x-msdownload {1E66F26B-79EE-11D2-8710-00C04F79ED0D} - C:\Windows\SysWow64\mscoree.dll (Microsoft Corporation)
O18 - Protocol\Filter\text/xml {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\MSOXMLMF.DLL (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysWow64\SystemPropertiesPerformance.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O27:64bit: - HKLM IFEO\Acrobat.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe (TuneUp Software)
O27:64bit: - HKLM IFEO\acrodist.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe (TuneUp Software)
O27:64bit: - HKLM IFEO\AcroRd32.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe (TuneUp Software)
O27:64bit: - HKLM IFEO\adobe air application installer.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe (TuneUp Software)
O27:64bit: - HKLM IFEO\bttray.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe (TuneUp Software)
O27:64bit: - HKLM IFEO\consumer_cpl.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe (TuneUp Software)
O27:64bit: - HKLM IFEO\excel.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe (TuneUp Software)
O27:64bit: - HKLM IFEO\formdesigner.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe (TuneUp Software)
O27:64bit: - HKLM IFEO\groove.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe (TuneUp Software)
O27:64bit: - HKLM IFEO\hamachi-2-ui.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe (TuneUp Software)
O27:64bit: - HKLM IFEO\hd-apkhandler.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe (TuneUp Software)
O27:64bit: - HKLM IFEO\hd-runapp.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe (TuneUp Software)
O27:64bit: - HKLM IFEO\hd-startlauncher.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe (TuneUp Software)
O27:64bit: - HKLM IFEO\imfrmwrk.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe (TuneUp Software)
O27:64bit: - HKLM IFEO\infopath.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe (TuneUp Software)
O27:64bit: - HKLM IFEO\lcdsettings.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe (TuneUp Software)
O27:64bit: - HKLM IFEO\msaccess.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe (TuneUp Software)
O27:64bit: - HKLM IFEO\msoxmled.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe (TuneUp Software)
O27:64bit: - HKLM IFEO\mspub.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe (TuneUp Software)
O27:64bit: - HKLM IFEO\mstore.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe (TuneUp Software)
O27:64bit: - HKLM IFEO\nvstlink.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe (TuneUp Software)
O27:64bit: - HKLM IFEO\nvstview.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe (TuneUp Software)
O27:64bit: - HKLM IFEO\ois.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe (TuneUp Software)
O27:64bit: - HKLM IFEO\onenote.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe (TuneUp Software)
O27:64bit: - HKLM IFEO\outlook.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe (TuneUp Software)
O27:64bit: - HKLM IFEO\panui.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe (TuneUp Software)
O27:64bit: - HKLM IFEO\powerpnt.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe (TuneUp Software)
O27:64bit: - HKLM IFEO\prefutil.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe (TuneUp Software)
O27:64bit: - HKLM IFEO\professional_cpl.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe (TuneUp Software)
O27:64bit: - HKLM IFEO\sdmeter.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe (TuneUp Software)
O27:64bit: - HKLM IFEO\utility.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe (TuneUp Software)
O27:64bit: - HKLM IFEO\uwebcam.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe (TuneUp Software)
O27:64bit: - HKLM IFEO\vaio messenger.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe (TuneUp Software)
O27:64bit: - HKLM IFEO\vaioshell.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe (TuneUp Software)
O27:64bit: - HKLM IFEO\vipuimanager.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe (TuneUp Software)
O27:64bit: - HKLM IFEO\wacomdesktopcenter.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe (TuneUp Software)
O27:64bit: - HKLM IFEO\windvd.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe (TuneUp Software)
O27:64bit: - HKLM IFEO\Winword.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\Acrobat.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\acrodist.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\AcroRd32.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\adobe air application installer.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\bttray.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\consumer_cpl.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\excel.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\formdesigner.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\groove.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\hamachi-2-ui.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\hd-apkhandler.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\hd-runapp.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\hd-startlauncher.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\imfrmwrk.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\infopath.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\lcdsettings.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\msaccess.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\msoxmled.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\mspub.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\mstore.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\nvstlink.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\nvstview.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\ois.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\onenote.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\outlook.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\panui.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\powerpnt.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\prefutil.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\professional_cpl.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\sdmeter.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\utility.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\uwebcam.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\vaio messenger.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\vaioshell.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\vipuimanager.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\wacomdesktopcenter.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\windvd.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe (TuneUp Software)
O27 - HKLM IFEO\Winword.exe: Debugger - C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe (TuneUp Software)
O28:64bit: - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O28 - HKLM ShellExecuteHooks: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
O29:64bit: - HKLM SecurityProviders - (credssp.dll) - C:\Windows\SysWow64\credssp.dll (Microsoft Corporation)
O29:64bit: - HKLM SecurityProviders - (UkcablagVijs.dll) -  File not found
O29 - HKLM SecurityProviders - (credssp.dll) - C:\Windows\SysWow64\credssp.dll (Microsoft Corporation)
O29 - HKLM SecurityProviders - (UkcablagVijs.dll) -  File not found
O30:64bit: - LSA: Authentication Packages - (msv1_0) - C:\Windows\SysNative\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Authentication Packages - (msv1_0) - C:\Windows\SysWow64\msv1_0.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (kerberos) - C:\Windows\SysNative\kerberos.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (msv1_0) - C:\Windows\SysNative\msv1_0.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (schannel) - C:\Windows\SysNative\schannel.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (wdigest) - C:\Windows\SysNative\wdigest.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (tspkg) - C:\Windows\SysNative\tspkg.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (pku2u) - C:\Windows\SysNative\pku2u.dll (Microsoft Corporation)
O30:64bit: - LSA: Security Packages - (livessp) - C:\Windows\SysNative\livessp.dll (Microsoft Corp.)
O30 - LSA: Security Packages - (kerberos) - C:\Windows\SysWow64\kerberos.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (msv1_0) - C:\Windows\SysWow64\msv1_0.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (schannel) - C:\Windows\SysWow64\schannel.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (wdigest) - C:\Windows\SysWow64\wdigest.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (tspkg) - C:\Windows\SysWow64\tspkg.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (pku2u) - C:\Windows\SysWow64\pku2u.dll (Microsoft Corporation)
O30 - LSA: Security Packages - (livessp) - C:\Windows\SysWow64\livessp.dll (Microsoft Corp.)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2012/02/03 17:06:08 | 000,000,000 | ---D | M] - C:\Autodesk -- [ NTFS ]
O33 - MountPoints2\D\Shell - "" = AutoRun
O33 - MountPoints2\D\Shell\AutoRun\command - "" = D:\setup\setup.exe
O33 - MountPoints2\F\Shell - "" = AutoRun
O33 - MountPoints2\F\Shell\AutoRun\command - "" = F:\setup.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
========== Files/Folders - Created Within 30 Days ==========
 
[2014/11/21 21:36:20 | 000,000,000 | ---D | C] -- C:\Users\Kzion\AppData\Local\MFAData
[2014/11/21 21:36:20 | 000,000,000 | ---D | C] -- C:\ProgramData\MFAData
[2014/11/21 21:36:20 | 000,000,000 | ---D | C] -- C:\Users\Kzion\AppData\Local\Avg2015
[2014/11/21 21:14:59 | 000,129,752 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys
[2014/11/21 21:14:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
[2014/11/21 21:14:44 | 000,093,400 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbamchameleon.sys
[2014/11/21 21:14:44 | 000,063,704 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mwac.sys
[2014/11/21 21:14:44 | 000,025,816 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys
[2014/11/21 21:14:43 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes Anti-Malware
[2014/11/21 21:14:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2014/11/21 21:14:25 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Kzion\Desktop\OTL.exe
[2014/11/21 21:01:45 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2014/11/21 14:53:15 | 000,000,000 | ---D | C] -- C:\Users\Kzion\AppData\Local\Updmedia
[2014/11/21 14:35:00 | 000,615,624 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvStreaming.exe
[2014/11/21 14:32:30 | 031,893,136 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvoglv64.dll
[2014/11/21 14:32:30 | 024,557,712 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvoglv32.dll
[2014/11/21 14:32:30 | 018,514,616 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvwgf2um.dll
[2014/11/21 14:32:30 | 014,032,984 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvopencl.dll
[2014/11/21 14:32:30 | 013,944,952 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuda.dll
[2014/11/21 14:32:30 | 011,397,744 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvopencl.dll
[2014/11/21 14:32:30 | 011,336,432 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuda.dll
[2014/11/21 14:32:30 | 004,292,416 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvid.dll
[2014/11/21 14:32:30 | 004,011,208 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvid.dll
[2014/11/21 14:32:30 | 001,876,296 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispco6434475.dll
[2014/11/21 14:32:30 | 001,540,424 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispgenco6434475.dll
[2014/11/21 14:32:30 | 000,964,928 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\NvIFR64.dll
[2014/11/21 14:32:30 | 000,935,240 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\NvFBC64.dll
[2014/11/21 14:32:30 | 000,923,792 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\NvIFR.dll
[2014/11/21 14:32:30 | 000,900,928 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\NvFBC.dll
[2014/11/21 14:32:29 | 020,922,512 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcompiler.dll
[2014/11/21 14:32:29 | 017,259,664 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcompiler.dll
[2014/11/19 13:48:24 | 000,028,768 | ---- | C] (SoftEther VPN Project at University of Tsukuba, Japan.) -- C:\Windows\SysNative\drivers\Neo_0087.sys
[2014/11/19 13:42:11 | 000,135,736 | ---- | C] (SoftEther VPN Project at University of Tsukuba, Japan.) -- C:\Windows\SysNative\vpncmd.exe
[2014/11/19 13:42:07 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SoftEther VPN Client
[2014/11/19 13:41:59 | 000,000,000 | ---D | C] -- C:\Program Files\SoftEther VPN Client
[2014/11/13 17:55:52 | 000,000,000 | ---D | C] -- C:\Users\Kzion\AppData\Local\assembly
[2014/11/12 15:55:32 | 000,000,000 | ---D | C] -- C:\Users\Kzion\Desktop\pso2 hack Open Beta Package 2.0.3
[2014/11/11 14:31:36 | 001,876,296 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispco6434465.dll
[2014/11/11 14:31:36 | 001,539,272 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispgenco6434465.dll
[2014/11/06 10:52:33 | 001,876,296 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispco6434460.dll
[2014/11/06 10:52:33 | 001,539,272 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispgenco6434460.dll
[2014/11/05 16:09:27 | 000,000,000 | ---D | C] -- C:\Users\Kzion\Desktop\ru
[2014/11/05 16:09:27 | 000,000,000 | ---D | C] -- C:\Users\Kzion\Desktop\fr
[2014/11/05 16:09:27 | 000,000,000 | ---D | C] -- C:\Users\Kzion\Desktop\de
[2014/10/31 16:42:45 | 000,043,320 | ---- | C] (TuneUp Software) -- C:\Windows\SysNative\uxtuneup.dll
[2014/10/31 16:42:45 | 000,036,152 | ---- | C] (TuneUp Software) -- C:\Windows\SysWow64\uxtuneup.dll
[2014/10/24 13:33:16 | 001,876,296 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispco6434448.dll
[2014/10/24 13:33:16 | 001,539,272 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispgenco6434448.dll
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files - Modified Within 30 Days ==========
 
[2014/11/21 22:24:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2014/11/21 22:16:18 | 000,000,908 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-66031012-3778517164-1124876193-1000UA1cf28755582ffc3.job
[2014/11/21 21:16:30 | 000,020,928 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014/11/21 21:16:30 | 000,020,928 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014/11/21 21:15:17 | 000,129,752 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\MBAMSwissArmy.sys
[2014/11/21 21:14:31 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Kzion\Desktop\OTL.exe
[2014/11/21 21:07:20 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014/11/21 20:17:51 | 005,301,144 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2014/11/21 15:44:46 | 000,001,518 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Application Manager.lnk
[2014/11/21 14:47:55 | 000,001,497 | RHS- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2014/11/21 14:34:33 | 000,729,432 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2014/11/21 14:34:33 | 000,147,358 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2014/11/21 14:34:32 | 000,876,686 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2014/11/20 17:45:31 | 083,603,140 | ---- | M] () -- C:\Users\Kzion\Desktop\LargeFiles.rar
[2014/11/20 17:43:50 | 002,980,922 | ---- | M] () -- C:\Users\Kzion\Desktop\ENPatch.rar
[2014/11/20 13:16:00 | 000,000,856 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-66031012-3778517164-1124876193-1000Core1ce78f73cc06761.job
[2014/11/19 13:48:24 | 000,028,768 | ---- | M] (SoftEther VPN Project at University of Tsukuba, Japan.) -- C:\Windows\SysNative\drivers\Neo_0087.sys
[2014/11/19 13:42:11 | 000,135,736 | ---- | M] (SoftEther VPN Project at University of Tsukuba, Japan.) -- C:\Windows\SysNative\vpncmd.exe
[2014/11/19 13:42:07 | 000,001,933 | ---- | M] () -- C:\Users\Public\Desktop\SoftEther VPN Client Manager.lnk
[2014/11/19 12:04:13 | 000,031,582 | ---- | M] () -- C:\Users\Kzion\Desktop\LanguagePack.rar
[2014/11/18 17:32:54 | 002,709,504 | ---- | M] (Arks-Layer) -- C:\Users\Kzion\Desktop\PSO2 Tweaker.exe
[2014/11/13 19:37:22 | 000,831,129 | ---- | M] () -- C:\Users\Kzion\Desktop\Formal profile picture.jpg
[2014/11/13 19:35:35 | 001,976,398 | ---- | M] () -- C:\Users\Kzion\Desktop\DSC01000.JPG
[2014/11/13 19:35:30 | 002,004,556 | ---- | M] () -- C:\Users\Kzion\Desktop\DSC00999.JPG
[2014/11/13 19:35:29 | 002,031,861 | ---- | M] () -- C:\Users\Kzion\Desktop\DSC00998.JPG
[2014/11/13 19:35:27 | 001,917,330 | ---- | M] () -- C:\Users\Kzion\Desktop\DSC01002.JPG
[2014/11/13 19:35:25 | 001,990,489 | ---- | M] () -- C:\Users\Kzion\Desktop\DSC01001.JPG
[2014/11/13 14:57:19 | 000,032,791 | ---- | M] () -- C:\Users\Kzion\Desktop\10273486_10152430895861932_5142155580548348965_n.jpg
[2014/11/12 19:52:13 | 000,009,623 | ---- | M] () -- C:\Users\Kzion\Desktop\bootao2.jpg
[2014/11/12 19:19:11 | 000,136,862 | ---- | M] () -- C:\Users\Kzion\Desktop\bootao.jpg
[2014/11/12 18:24:44 | 000,190,993 | ---- | M] () -- C:\Users\Kzion\Desktop\61nBJSvCPGL._UL1500_.jpg
[2014/11/12 18:20:36 | 031,893,136 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvoglv64.dll
[2014/11/12 18:20:36 | 024,557,712 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvoglv32.dll
[2014/11/12 18:20:36 | 020,986,592 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvwgf2umx.dll
[2014/11/12 18:20:36 | 020,922,512 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcompiler.dll
[2014/11/12 18:20:36 | 019,966,344 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvd3dumx.dll
[2014/11/12 18:20:36 | 018,514,616 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvwgf2um.dll
[2014/11/12 18:20:36 | 017,259,664 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcompiler.dll
[2014/11/12 18:20:36 | 016,884,632 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvd3dum.dll
[2014/11/12 18:20:36 | 014,032,984 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvopencl.dll
[2014/11/12 18:20:36 | 013,944,952 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuda.dll
[2014/11/12 18:20:36 | 011,397,744 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvopencl.dll
[2014/11/12 18:20:36 | 011,336,432 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuda.dll
[2014/11/12 18:20:36 | 004,292,416 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvid.dll
[2014/11/12 18:20:36 | 004,011,208 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvid.dll
[2014/11/12 18:20:36 | 003,262,784 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvapi64.dll
[2014/11/12 18:20:36 | 002,874,456 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvapi.dll
[2014/11/12 18:20:36 | 001,876,296 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispco6434475.dll
[2014/11/12 18:20:36 | 001,540,424 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispgenco6434475.dll
[2014/11/12 18:20:36 | 000,964,928 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\NvIFR64.dll
[2014/11/12 18:20:36 | 000,935,240 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\NvFBC64.dll
[2014/11/12 18:20:36 | 000,923,792 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\NvIFR.dll
[2014/11/12 18:20:36 | 000,900,928 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\NvFBC.dll
[2014/11/12 18:20:36 | 000,027,094 | ---- | M] () -- C:\Windows\SysNative\nvinfo.pb
[2014/11/12 15:56:45 | 006,897,352 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcpl.dll
[2014/11/12 15:56:45 | 003,534,152 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvsvc64.dll
[2014/11/12 15:56:42 | 002,559,808 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvsvcr.dll
[2014/11/12 15:56:42 | 000,386,368 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvmctray.dll
[2014/11/12 15:56:42 | 000,062,608 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvshext.dll
[2014/11/12 14:46:11 | 000,615,624 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvStreaming.exe
[2014/11/11 20:24:29 | 000,701,104 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2014/11/11 20:24:29 | 000,071,344 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2014/11/11 11:53:55 | 016,774,401 | ---- | M] () -- C:\Users\Kzion\Desktop\lulustaffps2.psd
[2014/11/11 11:53:21 | 002,707,080 | ---- | M] () -- C:\Users\Kzion\Desktop\lulustaffps2.png
[2014/11/11 11:53:10 | 000,000,132 | ---- | M] () -- C:\Users\Kzion\AppData\Roaming\Adobe PNG Format CS5 Prefs
[2014/11/11 04:29:54 | 004,100,776 | ---- | M] () -- C:\Windows\SysNative\nvcoproc.bin
[2014/11/10 17:47:58 | 000,791,614 | ---- | M] () -- C:\Users\Kzion\Desktop\lulustaffbase.png
[2014/11/10 17:45:51 | 000,813,470 | ---- | M] () -- C:\Users\Kzion\Desktop\lulustaffps.jpg
[2014/11/08 13:02:12 | 000,198,321 | ---- | M] () -- C:\Users\Kzion\Desktop\lulustaffbase.jpg
[2014/11/07 17:38:08 | 001,467,003 | ---- | M] () -- C:\Users\Kzion\Desktop\lulustaff2.png
[2014/11/07 17:37:56 | 000,067,995 | ---- | M] () -- C:\Users\Kzion\Desktop\lulustaff.jpg
[2014/11/04 00:37:05 | 000,108,407 | ---- | M] () -- C:\Users\Kzion\Desktop\luluhat5.jpg
[2014/11/04 00:37:00 | 000,209,923 | ---- | M] () -- C:\Users\Kzion\Desktop\luluhat4.jpg
[2014/11/04 00:36:53 | 000,212,595 | ---- | M] () -- C:\Users\Kzion\Desktop\luluhat3.jpg
[2014/11/04 00:36:48 | 000,471,076 | ---- | M] () -- C:\Users\Kzion\Desktop\luluhat2.jpg
[2014/11/04 00:36:44 | 000,367,064 | ---- | M] () -- C:\Users\Kzion\Desktop\luluhat.jpg
[2014/11/03 18:04:30 | 001,876,296 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispco6434465.dll
[2014/11/03 18:04:30 | 001,539,272 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispgenco6434465.dll
[2014/11/03 15:57:05 | 000,002,026 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Acrobat X Pro.lnk
[2014/11/03 15:47:29 | 005,477,814 | ---- | M] () -- C:\Users\Kzion\Desktop\Montanya Azul Fir Lights Tree2.bmp
[2014/11/03 15:37:20 | 000,293,403 | ---- | M] () -- C:\Users\Kzion\Desktop\shielda.jpg
[2014/11/03 15:24:15 | 000,046,914 | ---- | M] () -- C:\Users\Kzion\Desktop\Lake Light Clouds Sun 4.jpg
[2014/11/03 15:22:24 | 006,912,054 | ---- | M] () -- C:\Users\Kzion\Desktop\Montanya Azul Fir Lights Tree.bmp
[2014/11/03 15:21:42 | 000,387,161 | ---- | M] () -- C:\Users\Kzion\Desktop\icephoto11.jpg
[2014/11/03 15:21:21 | 000,044,054 | ---- | M] () -- C:\Users\Kzion\Desktop\fridge.jpeg
[2014/11/03 15:21:11 | 001,080,054 | ---- | M] () -- C:\Users\Kzion\Desktop\icebergs blue.bmp
[2014/11/03 15:21:02 | 000,041,663 | ---- | M] () -- C:\Users\Kzion\Desktop\Test1.jpg
[2014/11/03 15:21:01 | 000,032,286 | ---- | M] () -- C:\Users\Kzion\Desktop\Test2.jpg
[2014/11/03 15:08:07 | 000,087,520 | ---- | M] () -- C:\Users\Kzion\Desktop\poro_lol.jpeg
[2014/11/03 14:49:28 | 000,022,117 | ---- | M] () -- C:\Users\Kzion\Desktop\Dagger.jpg
[2014/11/03 14:46:06 | 000,031,979 | ---- | M] () -- C:\Users\Kzion\Desktop\finn.JPG
[2014/11/03 14:04:34 | 137,980,590 | ---- | M] () -- C:\Users\Kzion\Desktop\Jake3.rar
[2014/11/02 16:04:02 | 001,435,281 | ---- | M] () -- C:\Users\Kzion\Desktop\Untitled-1.psd
[2014/11/02 15:59:47 | 000,412,850 | ---- | M] () -- C:\Users\Kzion\Desktop\Y esto si es photoshop.jpg
[2014/10/29 22:53:26 | 001,876,296 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispco6434460.dll
[2014/10/29 22:53:26 | 001,539,272 | ---- | M] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispgenco6434460.dll
[2014/10/29 21:24:11 | 000,377,443 | ---- | M] () -- C:\Users\Kzion\Desktop\KittenTearsBrown-2.jpg
[2014/10/27 16:19:54 | 000,125,736 | ---- | M] () -- C:\Users\Kzion\Desktop\Finn_V2.mb
[2014/10/27 15:43:15 | 000,103,716 | ---- | M] () -- C:\Users\Kzion\Desktop\Finn_V1.mb
[2014/10/24 16:40:43 | 000,229,836 | ---- | M] () -- C:\Users\Kzion\Desktop\half_cony_V1.mb
[2014/10/24 14:53:14 | 000,211,820 | ---- | M] () -- C:\Users\Kzion\Desktop\headless_cony_V1.mb
[2014/10/24 14:17:20 | 000,190,164 | ---- | M] () -- C:\Users\Kzion\Desktop\armless_cony_V1.mb
[2014/10/24 13:22:02 | 000,159,563 | ---- | M] () -- C:\Users\Kzion\Desktop\Cony.obj
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]
 
========== Files Created - No Company Name ==========
 
[2014/11/21 20:13:55 | 005,301,144 | ---- | C] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2014/11/21 16:01:07 | 000,001,222 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe After Effects CC 2014.lnk
[2014/11/19 13:42:07 | 000,001,933 | ---- | C] () -- C:\Users\Public\Desktop\SoftEther VPN Client Manager.lnk
[2014/11/13 19:37:22 | 000,831,129 | ---- | C] () -- C:\Users\Kzion\Desktop\Formal profile picture.jpg
[2014/11/13 19:35:16 | 002,031,861 | ---- | C] () -- C:\Users\Kzion\Desktop\DSC00998.JPG
[2014/11/13 19:35:16 | 002,004,556 | ---- | C] () -- C:\Users\Kzion\Desktop\DSC00999.JPG
[2014/11/13 19:35:16 | 001,990,489 | ---- | C] () -- C:\Users\Kzion\Desktop\DSC01001.JPG
[2014/11/13 19:35:16 | 001,976,398 | ---- | C] () -- C:\Users\Kzion\Desktop\DSC01000.JPG
[2014/11/13 19:35:16 | 001,917,330 | ---- | C] () -- C:\Users\Kzion\Desktop\DSC01002.JPG
[2014/11/13 14:57:19 | 000,032,791 | ---- | C] () -- C:\Users\Kzion\Desktop\10273486_10152430895861932_5142155580548348965_n.jpg
[2014/11/12 19:52:13 | 000,009,623 | ---- | C] () -- C:\Users\Kzion\Desktop\bootao2.jpg
[2014/11/12 19:19:09 | 000,136,862 | ---- | C] () -- C:\Users\Kzion\Desktop\bootao.jpg
[2014/11/12 18:24:43 | 000,190,993 | ---- | C] () -- C:\Users\Kzion\Desktop\61nBJSvCPGL._UL1500_.jpg
[2014/11/11 11:53:10 | 002,707,080 | ---- | C] () -- C:\Users\Kzion\Desktop\lulustaffps2.png
[2014/11/11 11:51:16 | 016,774,401 | ---- | C] () -- C:\Users\Kzion\Desktop\lulustaffps2.psd
[2014/11/10 17:47:53 | 000,791,614 | ---- | C] () -- C:\Users\Kzion\Desktop\lulustaffbase.png
[2014/11/10 17:45:49 | 000,813,470 | ---- | C] () -- C:\Users\Kzion\Desktop\lulustaffps.jpg
[2014/11/07 17:59:35 | 000,198,321 | ---- | C] () -- C:\Users\Kzion\Desktop\lulustaffbase.jpg
[2014/11/07 17:38:08 | 001,467,003 | ---- | C] () -- C:\Users\Kzion\Desktop\lulustaff2.png
[2014/11/07 17:37:56 | 000,067,995 | ---- | C] () -- C:\Users\Kzion\Desktop\lulustaff.jpg
[2014/11/05 16:09:26 | 000,031,582 | ---- | C] () -- C:\Users\Kzion\Desktop\LanguagePack.rar
[2014/11/04 00:37:05 | 000,108,407 | ---- | C] () -- C:\Users\Kzion\Desktop\luluhat5.jpg
[2014/11/04 00:37:00 | 000,209,923 | ---- | C] () -- C:\Users\Kzion\Desktop\luluhat4.jpg
[2014/11/04 00:36:53 | 000,212,595 | ---- | C] () -- C:\Users\Kzion\Desktop\luluhat3.jpg
[2014/11/04 00:36:48 | 000,471,076 | ---- | C] () -- C:\Users\Kzion\Desktop\luluhat2.jpg
[2014/11/04 00:36:42 | 000,367,064 | ---- | C] () -- C:\Users\Kzion\Desktop\luluhat.jpg
[2014/11/03 15:57:05 | 000,002,026 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Acrobat X Pro.lnk
[2014/11/03 15:47:29 | 005,477,814 | ---- | C] () -- C:\Users\Kzion\Desktop\Montanya Azul Fir Lights Tree2.bmp
[2014/11/03 15:40:12 | 000,293,403 | ---- | C] () -- C:\Users\Kzion\Desktop\shielda.jpg
[2014/11/03 15:24:15 | 000,046,914 | ---- | C] () -- C:\Users\Kzion\Desktop\Lake Light Clouds Sun 4.jpg
[2014/11/03 15:22:13 | 006,912,054 | ---- | C] () -- C:\Users\Kzion\Desktop\Montanya Azul Fir Lights Tree.bmp
[2014/11/03 15:21:42 | 000,387,161 | ---- | C] () -- C:\Users\Kzion\Desktop\icephoto11.jpg
[2014/11/03 15:21:21 | 000,044,054 | ---- | C] () -- C:\Users\Kzion\Desktop\fridge.jpeg
[2014/11/03 15:21:10 | 001,080,054 | ---- | C] () -- C:\Users\Kzion\Desktop\icebergs blue.bmp
[2014/11/03 15:21:02 | 000,041,663 | ---- | C] () -- C:\Users\Kzion\Desktop\Test1.jpg
[2014/11/03 15:21:01 | 000,032,286 | ---- | C] () -- C:\Users\Kzion\Desktop\Test2.jpg
[2014/11/03 15:08:07 | 000,087,520 | ---- | C] () -- C:\Users\Kzion\Desktop\poro_lol.jpeg
[2014/11/03 14:55:12 | 000,738,499 | ---- | C] () -- C:\Users\Kzion\Desktop\Circus stage.png
[2014/11/03 14:55:12 | 000,056,885 | ---- | C] () -- C:\Users\Kzion\Desktop\shield.JPG
[2014/11/03 14:55:12 | 000,039,625 | ---- | C] () -- C:\Users\Kzion\Desktop\bat.JPG
[2014/11/03 14:55:12 | 000,031,979 | ---- | C] () -- C:\Users\Kzion\Desktop\finn.JPG
[2014/11/03 14:55:12 | 000,022,117 | ---- | C] () -- C:\Users\Kzion\Desktop\Dagger.jpg
[2014/11/03 14:07:30 | 137,980,590 | ---- | C] () -- C:\Users\Kzion\Desktop\Jake3.rar
[2014/11/02 16:04:00 | 001,435,281 | ---- | C] () -- C:\Users\Kzion\Desktop\Untitled-1.psd
[2014/11/02 15:59:45 | 000,412,850 | ---- | C] () -- C:\Users\Kzion\Desktop\Y esto si es photoshop.jpg
[2014/10/29 21:24:10 | 000,377,443 | ---- | C] () -- C:\Users\Kzion\Desktop\KittenTearsBrown-2.jpg
[2014/10/27 16:19:54 | 000,125,736 | ---- | C] () -- C:\Users\Kzion\Desktop\Finn_V2.mb
[2014/10/27 15:43:15 | 000,103,716 | ---- | C] () -- C:\Users\Kzion\Desktop\Finn_V1.mb
[2014/10/24 15:03:58 | 000,229,836 | ---- | C] () -- C:\Users\Kzion\Desktop\half_cony_V1.mb
[2014/10/24 14:34:28 | 000,211,820 | ---- | C] () -- C:\Users\Kzion\Desktop\headless_cony_V1.mb
[2014/10/24 14:17:20 | 000,190,164 | ---- | C] () -- C:\Users\Kzion\Desktop\armless_cony_V1.mb
[2014/10/24 13:34:51 | 000,159,563 | ---- | C] () -- C:\Users\Kzion\Desktop\Cony.obj
[2014/08/30 14:35:14 | 000,216,064 | ---- | C] ( ) -- C:\Windows\SysWow64\lagarith.dll
[2014/08/30 14:35:13 | 000,650,752 | ---- | C] () -- C:\Windows\SysWow64\xvidcore.dll
[2014/08/30 14:35:13 | 000,243,200 | ---- | C] () -- C:\Windows\SysWow64\xvidvfw.dll
[2014/08/30 14:35:09 | 000,112,640 | ---- | C] () -- C:\Windows\SysWow64\ff_vfw.dll
[2014/08/30 14:23:05 | 000,000,021 | ---- | C] () -- C:\Windows\SurCode.INI
[2014/07/02 14:46:12 | 000,758,272 | ---- | C] () -- C:\Windows\SysWow64\RGSS104E.dll
[2014/07/02 14:46:11 | 000,778,752 | ---- | C] () -- C:\Windows\SysWow64\RGSS102E.dll
[2014/07/02 14:46:11 | 000,761,856 | ---- | C] () -- C:\Windows\SysWow64\RGSS104J.dll
[2014/07/02 14:46:11 | 000,685,056 | ---- | C] () -- C:\Windows\SysWow64\RGSS103J.dll
[2014/07/02 14:46:10 | 000,781,312 | ---- | C] () -- C:\Windows\SysWow64\RGSS102J.dll
[2014/07/02 14:46:10 | 000,771,584 | ---- | C] () -- C:\Windows\SysWow64\RGSS100J.dll
[2014/06/15 00:32:17 | 000,074,703 | ---- | C] () -- C:\Windows\SysWow64\mfc45.dll
[2014/06/13 15:20:48 | 000,000,952 | -HS- | C] () -- C:\ProgramData\KGyGaAvL.sys
[2013/03/31 14:26:42 | 000,007,609 | ---- | C] () -- C:\Users\Kzion\AppData\Local\Resmon.ResmonCfg
[2012/06/09 16:15:53 | 000,000,132 | ---- | C] () -- C:\Users\Kzion\AppData\Roaming\Adobe PNG Format CS5 Prefs
[2012/06/07 21:52:25 | 000,000,132 | ---- | C] () -- C:\Users\Kzion\AppData\Roaming\Adobe Targa Format CS5 Prefs
[2012/04/27 15:45:14 | 000,000,188 | ---- | C] () -- C:\Users\Kzion\.packettracer
[2012/04/23 18:03:22 | 000,005,632 | ---- | C] () -- C:\Users\Kzion\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
 
========== ZeroAccess Check ==========
 
[2009/07/13 22:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2010/11/20 21:23:55 | 014,174,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2010/11/20 21:24:02 | 012,872,192 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 19:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 21:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 19:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
 
========== Files - Unicode (All) ==========
[2014/07/19 21:37:18 | 000,000,000 | ---D | M](C:\Users\Kzion\Desktop\Emblem of THE UNLIMITED - L?ST RESOLUTION) -- C:\Users\Kzion\Desktop\Emblem of THE UNLIMITED - LΛST RESOLUTION
[2013/01/29 16:10:23 | 000,000,000 | ---D | C](C:\Users\Kzion\Desktop\Emblem of THE UNLIMITED - L?ST RESOLUTION) -- C:\Users\Kzion\Desktop\Emblem of THE UNLIMITED - LΛST RESOLUTION
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 138 bytes -> C:\ProgramData\TEMP:A1EDB939
@Alternate Data Stream - 1220 bytes -> C:\ProgramData\Microsoft:2Lo95gJcLI6rFUwit5dMEtK
@Alternate Data Stream - 1164 bytes -> C:\ProgramData\Microsoft:NkyoFWQtn7BVCIoqXwzjV9tEzZdLQ
@Alternate Data Stream - 1133 bytes -> C:\Program Files\Common Files\System:IPQnb5oyypymfFpsOioq
@Alternate Data Stream - 1086 bytes -> C:\Users\Kzion\AppData\Local\YzXIrLpW:0swHpK3HztevRtKpKG3qFON5EQYj
 
< End of report >

Edited by kzion, 21 November 2014 - 11:00 PM.

  • 0

Advertisements

#2
Biscuithd
Posted 25 November 2014 - 07:02 AM

Biscuithd

    Trusted Helper

  • Malware Removal
  • 2,573 posts

Sorry that it's taken so long for us to respond. Sometimes we get very busy! Do you still require assistance?


  • 0

#3
kzion
Posted 25 November 2014 - 05:56 PM

kzion

    Member

  • Topic Starter
  • Member
  • PipPip
  • 14 posts

Yes, in fact, another error has appeared,
'C:\ProgramData\Microsoft\Secure\Icons\temp\tmp9147.exe'  windows cannot access specified path or file.
You may not have the appropiate permissions to access the item

I think its still part from the iconcachehelper.dll

Thank you for your response and time.


Edited by kzion, 25 November 2014 - 05:57 PM.

  • 0

#4
Biscuithd
Posted 26 November 2014 - 08:13 AM

Biscuithd

    Trusted Helper

  • Malware Removal
  • 2,573 posts

Let's have a look with a different tool :)

 

FRST.gif Scan with Farbar Recovery Scan Tool

Please download Farbar Recovery Scan Tool and save it to your Desktop.

  • Right-click on FRST.gif icon and select RunAsAdmin.jpg Run as Administrator to start the tool.
    (XP users click run after receipt of Windows Security Warning - Open File).
  • When the tool opens click Yes to disclaimer.
  • Make sure that Addition option is checked.
  • Press Scan button and wait.
  • The tool will produce two logfiles on your desktop: FRST.txt and Addition.txt.

Please copy and paste their content into your next reply.


  • 0

#5
kzion
Posted 26 November 2014 - 08:48 PM

kzion

    Member

  • Topic Starter
  • Member
  • PipPip
  • 14 posts

Here is the FRST.txt
 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 26-11-2014 01
Ran by Kzion (administrator) on DEZINA on 26-11-2014 17:40:06
Running from C:\Users\Kzion\Desktop
Loaded Profile: Kzion (Available profiles: Kzion)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 9
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\wisptis.exe
(3d-io GmbH) C:\Program Files (x86)\3d-io plugins\licensing_v2\ActiveLockServerV2.exe
(Microsoft Corporation) C:\Windows\System32\wisptis.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\egui.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe
(SoftEther VPN Project at University of Tsukuba, Japan.) C:\Program Files\SoftEther VPN Client\vpnclient_x64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgr.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesApp64.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCSystemTray.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCService.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCAgent.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Microsoft Corporation) C:\Windows\System32\vds.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Power Management\SPMService.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Smart Network\VSNService.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Smart Network\VSNClient.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update Common\VUAgent.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCAdmin.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
(Google Inc.) C:\Users\Kzion\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Kzion\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Kzion\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Kzion\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Kzion\AppData\Local\Google\Chrome\Application\chrome.exe
 
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11895400 2011-07-20] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2226280 2011-07-20] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2531624 2011-06-22] (Synaptics Incorporated)
HKLM\...\Run: [IntelPAN] => C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe [1935120 2011-06-01] (Intel® Corporation)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Smart Security\egui.exe [6330568 2013-03-04] (ESET)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2460488 2014-09-16] (NVIDIA Corporation)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [558496 2014-02-27] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [91520 2010-01-21] (Microsoft Corporation)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe [840592 2014-09-04] (Adobe Systems Inc.)
HKU\S-1-5-21-66031012-3778517164-1124876193-1000\...\Run: [Idrrsoft] => regsvr32.exe C:\Users\Kzion\AppData\Local\Idrrsoft\rbjgaqpwc.dll <===== ATTENTION
HKU\S-1-5-21-66031012-3778517164-1124876193-1000\...\MountPoints2: D - D:\setup\setup.exe
HKU\S-1-5-21-66031012-3778517164-1124876193-1000\...\MountPoints2: F - F:\setup.exe
IFEO: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
IFEO\Acrobat.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
IFEO\acrodist.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
IFEO\AcroRd32.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
IFEO\adobe air application installer.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
IFEO\bttray.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
IFEO\consumer_cpl.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
IFEO\excel.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
IFEO\formdesigner.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
IFEO\groove.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
IFEO\hamachi-2-ui.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
IFEO\hd-apkhandler.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
IFEO\hd-runapp.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
IFEO\hd-startlauncher.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
IFEO\imfrmwrk.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
IFEO\infopath.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
IFEO\lcdsettings.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
IFEO\msaccess.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
IFEO\msoxmled.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
IFEO\mspub.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
IFEO\mstore.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
IFEO\nvstlink.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
IFEO\nvstview.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
IFEO\ois.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
IFEO\onenote.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
IFEO\outlook.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
IFEO\panui.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
IFEO\powerpnt.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
IFEO\prefutil.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
IFEO\professional_cpl.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
IFEO\sdmeter.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
IFEO\utility.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
IFEO\uwebcam.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
IFEO\vaio messenger.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
IFEO\vaioshell.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
IFEO\vipuimanager.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
IFEO\wacomdesktopcenter.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
IFEO\windvd.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
IFEO\Winword.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
SecurityProviders: credssp.dll, UkcablagVijs.dll
Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Best Buy pc app.lnk
ShortcutTarget: Best Buy pc app.lnk -> C:\ProgramData\Best Buy pc app\ClickOnceSetup.exe (Microsoft)
Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Best Buy pc app.lnk
ShortcutTarget: Best Buy pc app.lnk -> C:\ProgramData\Best Buy pc app\ClickOnceSetup.exe (Microsoft)
ShellIconOverlayIdentifiers: [1SecureIconsProvider] -> {FC9D8189-520A-4417-AED7-9EAC810C6FBA} => C:\ProgramData\Microsoft\Secure\Icons\SecureIconsProvider.dll ()
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
HKU\S-1-5-21-66031012-3778517164-1124876193-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://prodigy.msn.c...opt=0&ocid=iehp
HKU\S-1-5-21-66031012-3778517164-1124876193-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-US
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKU\S-1-5-21-66031012-3778517164-1124876193-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Symantec VIP Access Add-On -> {C63CD127-A1CB-4D49-A4F7-D6F88A917BE6} -> C:\Program Files (x86)\Symantec\VIP Access Client\64bit\VIPAddOnForIE64.dll (Symantec Corporation)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Adobe PDF Conversion Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Symantec VIP Access Add-On -> {C63CD127-A1CB-4D49-A4F7-D6F88A917BE6} -> C:\Program Files (x86)\Symantec\VIP Access Client\VIPAddOnForIE.dll (Symantec Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Microsoft Web Test Recorder 10.0 Helper -> {DDA57003-0068-4ed2-9D32-4D1EC707D94D} -> C:\Program Files (x86)\Microsoft Visual Studio 10.0\Common7\IDE\PrivateAssemblies\Microsoft.VisualStudio.QualityTools.RecorderBarBHO100.dll (Microsoft Corporation)
BHO-x32: SmartSelect Class -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
DPF: HKLM-x32 {20A60F0D-9AFA-4515-A0FD-83BD84642501} http://messenger.zon...kr.cab56986.cab
DPF: HKLM-x32 {C3F79A2B-B9B4-4A66-B012-3EE46475B072} http://messenger.zon...nt.cab56907.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{13FC45AC-C586-464D-BC69-16B813C0C8AF}: [NameServer] 8.8.8.8,8.8.8.8
Tcpip\..\Interfaces\{797D3F7B-0668-446D-A899-D3E4CF1232B9}: [NameServer] 8.8.8.8,8.8.8.8
Tcpip\..\Interfaces\{AF11626F-8F0A-4E4B-B3A9-EA1B307B9C9D}: [NameServer] 8.8.8.8,8.8.8.8
Tcpip\..\Interfaces\{AF1173D5-51B5-4CE2-A68D-8419C83BB6E8}: [NameServer] 8.8.8.8,8.8.8.8
Tcpip\..\Interfaces\{BA80F345-61D0-4D1D-B1B2-F0CBC3610559}: [NameServer] 8.8.8.8,8.8.8.8
Tcpip\..\Interfaces\{C28CA559-ED37-4BBC-B3E6-8BB6E9B02072}: [NameServer] 8.8.8.8,8.8.8.8
Tcpip\..\Interfaces\{EA2E840E-E171-4A02-868D-EAF327B41214}: [NameServer] 8.8.8.8,8.8.8.8
Tcpip\..\Interfaces\{EAD8D63E-6ED2-49BF-9BC4-6EA4E00BFD50}: [NameServer] 8.8.8.8,8.8.8.8
Tcpip\..\Interfaces\{FF7556A8-9A07-4477-9AF7-8FD2D7404E4F}: [NameServer] 8.8.8.8,8.8.8.8
 
FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_239.dll ()
FF Plugin: @bestbuy.com/npBestBuyPcAppDetector,version=1.0 -> C:\ProgramData\Best Buy pc app\npBestBuyPcAppDetector.dll (Best Buy)
FF Plugin: @java.com/DTPlugin,version=10.60.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.60.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @wacom.com/wtPlugin,version=2.1.0.3 -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_239.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @bestbuy.com/npBestBuyPcAppDetector,version=1.0 -> C:\ProgramData\Best Buy pc app\npBestBuyPcAppDetector.dll (Best Buy)
FF Plugin-x32: @java.com/DTPlugin,version=10.71.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.71.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MIF5BA~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MIF5BA~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin-x32: @raidcall.en/RCplugin -> C:\Users\Kzion\AppData\Roaming\raidcall\plugins\nprcplugin.dll (Raidcall)
FF Plugin-x32: @SonyCreativeSoftware.com/Media Go,version=1.0 -> C:\Program Files (x86)\Sony\Media Go\npmediago.dll (Sony Network Entertainment International LLC)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @wacom.com/wacom-plugin,version=1.1.0.5 -> C:\Program Files (x86)\TabletPlugins\npwacom.dll (Wacom, Inc.)
FF Plugin-x32: @wacom.com/wtPlugin,version=2.1.0.3 -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll (Adobe Systems)
FF Plugin HKU\S-1-5-21-66031012-3778517164-1124876193-1000: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\Kzion\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF Plugin HKU\S-1-5-21-66031012-3778517164-1124876193-1000: @tools.google.com/Google Update;version=3 -> C:\Users\Kzion\AppData\Local\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKU\S-1-5-21-66031012-3778517164-1124876193-1000: @tools.google.com/Google Update;version=9 -> C:\Users\Kzion\AppData\Local\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKU\S-1-5-21-66031012-3778517164-1124876193-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Kzion\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-66031012-3778517164-1124876193-1000: wacom.com/WacomTabletPlugin -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} [2012-10-23]
FF HKLM\...\Thunderbird\Extensions: [[email protected]] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird
FF Extension: ESET Smart Security Extension - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird [2013-03-28]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Symantec\VIP Access Client
FF Extension: Symantec VIP Access Add-On - C:\Program Files (x86)\Symantec\VIP Access Client [2011-10-10]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: Adobe Acrobat - Create PDF - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn [2012-05-15]
FF HKLM-x32\...\Thunderbird\Extensions: [[email protected]] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird
 
Chrome: 
=======
CHR HomePage: Default -> 
CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}{google:searchVersion}{google:sessionToken}{google:prefetchQuery}sugkey={google:suggestAPIKeyParameter}
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Users\Kzion\AppData\Local\Google\Chrome\Application\39.0.2171.71\ppGoogleNaClPluginChrome.dll No File
CHR Plugin: (Chrome PDF Viewer) - C:\Users\Kzion\AppData\Local\Google\Chrome\Application\39.0.2171.71\pdf.dll ()
CHR Plugin: (Shockwave Flash) - C:\Users\Kzion\AppData\Local\Google\Chrome\Application\39.0.2171.71\gcswf32.dll No File
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_265.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Java Deployment Toolkit 6.0.260.3) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll No File
CHR Plugin: (Java™ Platform SE 6 U26) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll No File
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin6.dll No File
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin7.dll No File
CHR Plugin: (RealPlayer™ G2 LiveConnect-Enabled Plug-In (32-bit) ) - C:\Program Files (x86)\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll No File
CHR Plugin: (RealPlayer Version Plugin) - C:\Program Files (x86)\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll No File
CHR Plugin: (NVIDIA 3D Vision) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
CHR Plugin: (NVIDIA 3D VISION) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
CHR Plugin: (Media Go Detector) - C:\Program Files (x86)\Sony\Media Go\npmediago.dll (Sony Network Entertainment International LLC)
CHR Plugin: (Windows Live Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (iTunes Application Detector) - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Plugin: (Best Buy pc app Detector) - C:\ProgramData\Best Buy pc app\npBestBuyPcAppDetector.dll (Best Buy)
CHR Plugin: (Google Update) - C:\Users\Kzion\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll No File
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\4.1.10111.0\npctrl.dll No File
CHR Profile: C:\Users\Kzion\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (I'm a Gentleman) - C:\Users\Kzion\AppData\Local\Google\Chrome\User Data\Default\Extensions\afjaicccalbbickikgdegaihmajaidpd [2012-09-15]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Kzion\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-05-22]
CHR Extension: (YouTube) - C:\Users\Kzion\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-07-18]
CHR Extension: (Adblock Plus) - C:\Users\Kzion\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2012-07-19]
CHR Extension: (Google Search) - C:\Users\Kzion\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-07-18]
CHR Extension: (PSO2 Extension) - C:\Users\Kzion\AppData\Local\Google\Chrome\User Data\Default\Extensions\febdkhimnahpmjpbidcofjdpjjggojhj [2014-10-12]
CHR Extension: (Google Wallet) - C:\Users\Kzion\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-21]
CHR Extension: (Gmail) - C:\Users\Kzion\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-07-18]
CHR StartMenuInternet: Google Chrome - C:\Users\Kzion\AppData\Local\Google\Chrome\Application\chrome.exe
 
==================== Services (Whitelisted) =================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 3d-io License Server v2.0; C:\Program Files (x86)\3d-io plugins\licensing_v2\ActiveLockServerV2.exe [34816 2011-03-31] (3d-io GmbH) [File not signed]
S4 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
S4 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [402192 2014-03-13] (BlueStack Systems, Inc.)
S4 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [385808 2014-03-13] (BlueStack Systems, Inc.)
S4 BstHdUpdaterSvc; C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe [770832 2014-03-13] (BlueStack Systems, Inc.)
S4 DMAgent; C:\Program Files\Intel\WiMAX\Bin\DMAgent.exe [498688 2011-06-14] (Red Bend Ltd.) [File not signed]
R2 ekrn; C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe [1341664 2013-03-04] (ESET)
S3 FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [651720 2013-08-29] (Macrovision Europe Ltd.) [File not signed]
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1148744 2014-09-16] (NVIDIA Corporation)
S2 KMService; C:\Windows\SysWOW64\srvany.exe [8192 2012-02-03] () [File not signed]
S4 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [377616 2014-04-15] (LogMeIn, Inc.)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2014-10-01] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [968504 2014-10-01] (Malwarebytes Corporation)
R2 MSSQL$SQLEXPRESS; C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [57617752 2009-03-30] (Microsoft Corporation)
S4 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [340240 2011-06-01] ()
S3 npggsvc; C:\Windows\SysWOW64\GameMon.des [3482368 2014-06-17] (INCA Internet Co., Ltd.)
S2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1795912 2014-09-16] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [19439944 2014-09-16] (NVIDIA Corporation)
S4 Oasis2Service; C:\Program Files (x86)\DDNi\Oasis2Service\Oasis2Service.exe [61440 2013-07-02] (Digital Delivery Networks, Inc.) [File not signed]
S4 SampleCollector; C:\Program Files\Sony\VAIO Care\VCPerfService.exe [260768 2011-11-30] (Sony Corporation)
R2 SEVPNCLIENT; C:\Program Files\SoftEther VPN Client\vpnclient_x64.exe [4374072 2014-11-19] (SoftEther VPN Project at University of Tsukuba, Japan.)
S4 SQLAgent$SQLEXPRESS; C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [427880 2009-03-30] (Microsoft Corporation)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe [2145080 2014-07-16] (TuneUp Software)
S4 UCManSvc; C:\Program Files (x86)\SoftDenchi\UCManSvc.exe [186512 2012-11-01] (Paltiosoft Inc.) [File not signed]
S3 VCFw; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [887000 2011-01-20] (Sony Corporation)
S4 VIPAppService; C:\Program Files (x86)\Symantec\VIP Access Client\VIPAppService.exe [84088 2011-04-13] (Symantec Corporation)
S4 WiMAXAppSrv; C:\Program Files\Intel\WiMAX\Bin\AppSrv.exe [986112 2011-06-14] (Intel® Corporation) [File not signed]
S4 WTabletServicePro; C:\Program Files\Tablet\Wacom\WTabletServicePro.exe [598808 2013-06-05] (Wacom Technology, Corp.)
 
==================== Drivers (Whitelisted) ====================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [121616 2014-03-13] (BlueStack Systems)
S3 CEDRIVER60; C:\Program Files (x86)\Cheat Engine 6.4\dbk64.sys [64064 2014-06-20] ()
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [254528 2014-05-03] (DT Soft Ltd)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [213416 2013-02-14] (ESET)
R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [150616 2013-01-10] (ESET)
R2 epfw; C:\Windows\System32\DRIVERS\epfw.sys [190232 2013-01-10] (ESET)
R1 EpfwLWF; C:\Windows\System32\DRIVERS\EpfwLWF.sys [59440 2013-01-10] (ESET)
R0 epfwwfp; C:\Windows\System32\DRIVERS\epfwwfp.sys [58416 2013-02-14] (ESET)
S3 hitmanpro37; C:\Windows\system32\drivers\hitmanpro37.sys [32512 2014-09-02] ()
S3 libusb0; C:\Windows\System32\drivers\libusb0.sys [52832 2012-01-17] (http://libusb-win32.sourceforge.net)
S3 libusb0; C:\Windows\SysWOW64\drivers\libusb0.sys [33792 2005-03-09] () [File not signed]
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-10-01] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [129752 2014-11-26] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-10-01] (Malwarebytes Corporation)
R3 Neo_VPN; C:\Windows\System32\DRIVERS\Neo_0087.sys [28768 2014-11-19] (SoftEther VPN Project at University of Tsukuba, Japan.)
S3 Netaapl; C:\Windows\System32\DRIVERS\netaapl64.sys [22528 2011-08-02] (Apple Inc.) [File not signed]
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19272 2014-09-16] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [38048 2014-09-04] (NVIDIA Corporation)
R2 risdsnpe; C:\Windows\system32\drivers\risdsnxc64.sys [98816 2011-06-23] (REDC)
S3 Serial; C:\Windows\system32\drivers\serial.sys [94208 2009-07-13] (Brother Industries Ltd.)
R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesDriver64.sys [14112 2014-05-27] (TuneUp Software)
S3 BprotectEx; \??\C:\Windows\System32\drivers\BprotectEx.sys [X]
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
S3 hxsyol; \??\C:\AeriaGames\AuraKingdom\avital\hxsy64.sys [X]
S3 PCFApiUtil; \??\C:\Program Files (x86)\Baidu Security\PC Faster\4.0.0.0\PCFApiUtil64.sys [X]
S3 X6va017; \??\C:\Windows\SysWOW64\Drivers\X6va017 [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
 
 
==================== One Month Created Files and Folders ========
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2014-11-26 17:40 - 2014-11-26 17:40 - 00033644 _____ () C:\Users\Kzion\Desktop\FRST.txt
2014-11-26 17:39 - 2014-11-26 17:40 - 00000000 ____D () C:\FRST
2014-11-26 17:39 - 2014-11-26 17:39 - 02117632 _____ (Farbar) C:\Users\Kzion\Desktop\FRST64.exe
2014-11-25 21:43 - 2011-07-19 22:20 - 00229939 _____ () C:\Users\Kzion\Desktop\2636_splinewrapsnaketrial.c4d
2014-11-25 18:48 - 2014-11-25 18:48 - 00029225 _____ () C:\Users\Kzion\Desktop\tubo obj.obj
2014-11-25 18:48 - 2014-11-25 18:48 - 00000097 _____ () C:\Users\Kzion\Desktop\tubo obj.mtl
2014-11-24 22:08 - 2001-07-04 15:43 - 00021614 _____ () C:\Users\Kzion\Desktop\followspline.c4d
2014-11-24 19:19 - 2014-11-25 19:15 - 00226918 _____ () C:\Users\Kzion\Desktop\GIL_PREVIEW.c4d
2014-11-24 18:21 - 2014-11-24 18:26 - 00030914 _____ () C:\Users\Kzion\Desktop\cilinder.obj
2014-11-24 18:21 - 2014-11-24 18:26 - 00000097 _____ () C:\Users\Kzion\Desktop\cilinder.mtl
2014-11-21 22:23 - 2014-11-21 23:10 - 00172920 _____ () C:\Users\Kzion\Desktop\OTL.Txt
2014-11-21 22:16 - 2014-11-21 22:16 - 00000180 _____ () C:\Users\Kzion\Desktop\iuam.txt
2014-11-21 21:46 - 2014-11-21 21:46 - 00101290 _____ () C:\Users\Kzion\Desktop\Extras.Txt
2014-11-21 21:36 - 2014-11-21 21:37 - 00000000 ____D () C:\ProgramData\MFAData
2014-11-21 21:36 - 2014-11-21 21:36 - 00000000 ____D () C:\Users\Kzion\AppData\Local\MFAData
2014-11-21 21:36 - 2014-11-21 21:36 - 00000000 ____D () C:\Users\Kzion\AppData\Local\Avg2015
2014-11-21 21:14 - 2014-11-26 17:33 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-11-21 21:14 - 2014-11-21 21:14 - 00602112 _____ (OldTimer Tools) C:\Users\Kzion\Desktop\OTL.exe
2014-11-21 21:14 - 2014-11-21 21:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-11-21 21:14 - 2014-11-21 21:14 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-11-21 21:14 - 2014-11-21 21:14 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-11-21 21:14 - 2014-10-01 11:11 - 00093400 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-11-21 21:14 - 2014-10-01 11:11 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-11-21 21:14 - 2014-10-01 11:11 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-11-21 21:07 - 2014-11-21 22:53 - 00002758 _____ () C:\Windows\PFRO.log
2014-11-21 21:01 - 2014-11-21 21:06 - 00000000 ____D () C:\AdwCleaner
2014-11-21 21:00 - 2014-11-21 21:00 - 02140160 _____ () C:\Users\Kzion\Desktop\adwcleaner_4.101.exe
2014-11-21 20:14 - 2014-11-26 17:32 - 00002464 _____ () C:\Windows\setupact.log
2014-11-21 20:14 - 2014-11-21 20:14 - 00000000 _____ () C:\Windows\setuperr.log
2014-11-21 20:13 - 2014-11-21 20:17 - 05301144 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-11-21 17:06 - 2014-11-21 17:06 - 00224152 _____ () C:\Users\Kzion\AppData\Local\GDIPFONTCACHEV1.DAT
2014-11-21 16:01 - 2014-11-21 16:01 - 00001222 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe After Effects CC 2014.lnk
2014-11-21 14:53 - 2014-11-21 18:31 - 00000000 ____D () C:\Users\Kzion\AppData\Local\Updmedia
2014-11-21 14:47 - 2014-11-21 14:47 - 00000761 _____ () C:\Windows\system32\Drivers\etc\hosts.txt
2014-11-21 14:35 - 2014-11-12 14:46 - 00615624 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2014-11-21 14:32 - 2014-11-12 18:20 - 31893136 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2014-11-21 14:32 - 2014-11-12 18:20 - 24557712 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2014-11-21 14:32 - 2014-11-12 18:20 - 20922512 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2014-11-21 14:32 - 2014-11-12 18:20 - 18514616 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2014-11-21 14:32 - 2014-11-12 18:20 - 17259664 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2014-11-21 14:32 - 2014-11-12 18:20 - 14032984 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2014-11-21 14:32 - 2014-11-12 18:20 - 13944952 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2014-11-21 14:32 - 2014-11-12 18:20 - 13213512 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2014-11-21 14:32 - 2014-11-12 18:20 - 11397744 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2014-11-21 14:32 - 2014-11-12 18:20 - 11336432 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2014-11-21 14:32 - 2014-11-12 18:20 - 04292416 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2014-11-21 14:32 - 2014-11-12 18:20 - 04011208 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2014-11-21 14:32 - 2014-11-12 18:20 - 01876296 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6434475.dll
2014-11-21 14:32 - 2014-11-12 18:20 - 01540424 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6434475.dll
2014-11-21 14:32 - 2014-11-12 18:20 - 00964928 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2014-11-21 14:32 - 2014-11-12 18:20 - 00935240 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2014-11-21 14:32 - 2014-11-12 18:20 - 00923792 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2014-11-21 14:32 - 2014-11-12 18:20 - 00900928 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2014-11-19 13:48 - 2014-11-19 13:48 - 00028768 _____ (SoftEther VPN Project at University of Tsukuba, Japan.) C:\Windows\system32\Drivers\Neo_0087.sys
2014-11-19 13:42 - 2014-11-19 13:42 - 00135736 _____ (SoftEther VPN Project at University of Tsukuba, Japan.) C:\Windows\system32\vpncmd.exe
2014-11-19 13:42 - 2014-11-19 13:42 - 00001939 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\SoftEther VPN Client Manager.lnk
2014-11-19 13:42 - 2014-11-19 13:42 - 00001933 _____ () C:\Users\Public\Desktop\SoftEther VPN Client Manager.lnk
2014-11-19 13:42 - 2014-11-19 13:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SoftEther VPN Client
2014-11-19 13:41 - 2014-11-26 17:33 - 00000000 ____D () C:\Program Files\SoftEther VPN Client
2014-11-13 17:51 - 2014-11-13 19:45 - 00051487 _____ () C:\Users\Kzion\Desktop\Copy of TPNSC Enterprise SURVEY format for candidates (2) Armin Garcia.xlsx
2014-11-13 17:51 - 2014-11-13 19:44 - 00085738 _____ () C:\Users\Kzion\Desktop\Copy of TPNSC Enterprise RESUME format for candidates Armin Garcia.xlsx
2014-11-13 12:34 - 2014-11-19 02:47 - 00003696 _____ () C:\Windows\System32\Tasks\Adobe online update program
2014-11-12 15:55 - 2014-11-22 02:44 - 00000000 ____D () C:\Users\Kzion\Desktop\pso2 hack Open Beta Package 2.0.3
2014-11-11 14:31 - 2014-11-03 18:04 - 01876296 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6434465.dll
2014-11-11 14:31 - 2014-11-03 18:04 - 01539272 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6434465.dll
2014-11-11 11:51 - 2014-11-11 11:53 - 16774401 _____ () C:\Users\Kzion\Desktop\lulustaffps2.psd
2014-11-06 10:52 - 2014-10-29 22:53 - 01876296 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6434460.dll
2014-11-06 10:52 - 2014-10-29 22:53 - 01539272 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6434460.dll
2014-11-05 16:09 - 2014-11-19 12:04 - 00031582 _____ () C:\Users\Kzion\Desktop\LanguagePack.rar
2014-11-05 16:09 - 2013-12-02 15:53 - 00000000 ____D () C:\Users\Kzion\Desktop\ru
2014-11-05 16:09 - 2013-12-02 15:53 - 00000000 ____D () C:\Users\Kzion\Desktop\fr
2014-11-05 16:09 - 2013-12-02 15:53 - 00000000 ____D () C:\Users\Kzion\Desktop\de
2014-11-03 15:57 - 2014-11-03 15:57 - 00002026 _____ () C:\Users\Public\Desktop\Adobe Acrobat X Pro.lnk
2014-11-03 15:47 - 2014-11-03 15:47 - 05477814 _____ () C:\Users\Kzion\Desktop\Montanya Azul Fir Lights Tree2.bmp
2014-11-03 15:22 - 2014-11-03 15:22 - 06912054 _____ () C:\Users\Kzion\Desktop\Montanya Azul Fir Lights Tree.bmp
2014-11-03 15:21 - 2014-11-03 15:21 - 01080054 _____ () C:\Users\Kzion\Desktop\icebergs blue.bmp
2014-11-03 15:21 - 2014-11-03 15:21 - 00044054 _____ () C:\Users\Kzion\Desktop\fridge.jpeg
2014-11-03 15:08 - 2014-11-03 15:08 - 00087520 _____ () C:\Users\Kzion\Desktop\poro_lol.jpeg
2014-11-03 14:07 - 2014-11-03 14:04 - 137980590 _____ () C:\Users\Kzion\Desktop\Jake3.rar
2014-11-02 16:04 - 2014-11-02 16:04 - 01435281 _____ () C:\Users\Kzion\Desktop\Untitled-1.psd
2014-10-31 16:42 - 2014-07-16 02:24 - 00043320 _____ (TuneUp Software) C:\Windows\system32\uxtuneup.dll
2014-10-31 16:42 - 2014-07-16 02:24 - 00036152 _____ (TuneUp Software) C:\Windows\SysWOW64\uxtuneup.dll
2014-10-27 16:19 - 2014-10-27 16:19 - 00125736 _____ () C:\Users\Kzion\Desktop\Finn_V2.mb
2014-10-27 15:43 - 2014-10-27 15:43 - 00103716 _____ () C:\Users\Kzion\Desktop\Finn_V1.mb
 
==================== One Month Modified Files and Folders =======
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2014-11-26 17:40 - 2009-07-13 22:45 - 00020928 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-11-26 17:40 - 2009-07-13 22:45 - 00020928 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-11-26 17:36 - 2011-11-15 12:30 - 01570348 _____ () C:\Windows\WindowsUpdate.log
2014-11-26 17:30 - 2009-07-13 23:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-11-26 00:16 - 2014-02-12 22:37 - 00000908 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-66031012-3778517164-1124876193-1000UA1cf28755582ffc3.job
2014-11-25 23:24 - 2012-03-30 10:29 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-11-25 21:59 - 2012-01-27 19:47 - 00000000 ____D () C:\Users\Kzion\AppData\Roaming\Skype
2014-11-25 20:24 - 2012-03-30 10:29 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-11-25 20:24 - 2012-03-30 10:29 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-11-25 20:24 - 2011-10-10 22:53 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-11-25 17:55 - 2012-01-22 22:24 - 00000000 ____D () C:\Users\Kzion\AppData\Local\Adobe
2014-11-23 13:49 - 2014-10-12 00:32 - 02980922 _____ () C:\Users\Kzion\Desktop\ENPatch.rar
2014-11-23 13:16 - 2014-10-10 19:16 - 02704896 _____ (Arks-Layer) C:\Users\Kzion\Desktop\PSO2 Tweaker.exe
2014-11-23 13:16 - 2013-07-04 14:44 - 00000856 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-66031012-3778517164-1124876193-1000Core1ce78f73cc06761.job
2014-11-21 23:20 - 2012-01-21 17:31 - 00000000 ____D () C:\Windows\System32\Tasks\Games
2014-11-21 22:17 - 2012-01-30 22:20 - 00000000 ____D () C:\Users\Kzion\AppData\Roaming\Azureus
2014-11-21 22:17 - 2012-01-30 22:17 - 00000000 ____D () C:\Program Files (x86)\Vuze
2014-11-21 20:45 - 2012-01-21 17:05 - 00000000 ____D () C:\Users\Kzion
2014-11-21 20:44 - 2009-07-13 20:34 - 26214400 _____ () C:\Windows\system32\config\SYSTEM_tureg_old
2014-11-21 20:44 - 2009-07-13 20:34 - 111149056 _____ () C:\Windows\system32\config\SOFTWARE_tureg_old
2014-11-21 20:44 - 2009-07-13 20:34 - 00262144 _____ () C:\Windows\system32\config\SECURITY_tureg_old
2014-11-21 20:40 - 2009-07-13 20:34 - 44040192 _____ () C:\Windows\system32\config\COMPONENTS_tureg_old
2014-11-21 20:40 - 2009-07-13 20:34 - 04456448 _____ () C:\Windows\system32\config\DEFAULT_tureg_old
2014-11-21 20:40 - 2009-07-13 20:34 - 00262144 _____ () C:\Windows\system32\config\SAM_tureg_old
2014-11-21 16:04 - 2012-01-22 17:27 - 00000000 ____D () C:\Users\Kzion\AppData\Roaming\Adobe
2014-11-21 16:03 - 2013-09-24 09:58 - 00000000 ____D () C:\Users\Kzion\AppData\Roaming\NVIDIA
2014-11-21 16:01 - 2012-05-15 19:56 - 00000000 ____D () C:\ProgramData\regid.1986-12.com.adobe
2014-11-21 15:54 - 2012-05-15 17:54 - 00000000 ____D () C:\Program Files\Common Files\Adobe
2014-11-21 15:53 - 2014-09-01 13:10 - 00000000 ____D () C:\ProgramData\Package Cache
2014-11-21 15:46 - 2012-05-15 17:54 - 00000000 ____D () C:\Program Files\Adobe
2014-11-21 15:44 - 2014-09-06 01:08 - 00001530 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Application Manager.lnk
2014-11-21 15:44 - 2014-09-06 01:08 - 00001518 _____ () C:\Users\Public\Desktop\Adobe Application Manager.lnk
2014-11-21 14:35 - 2011-10-10 22:08 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-11-21 14:35 - 2011-10-10 22:08 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2014-11-21 14:34 - 2009-07-13 23:13 - 00876686 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-11-20 17:45 - 2014-10-12 00:34 - 83603140 _____ () C:\Users\Kzion\Desktop\LargeFiles.rar
2014-11-19 13:41 - 2014-10-10 23:23 - 00000000 ____D () C:\PHANTASYSTARONLINE2
2014-11-19 02:42 - 2012-10-06 11:02 - 00000000 ____D () C:\Windows\Minidump
2014-11-19 02:42 - 2012-01-22 21:01 - 00000000 ____D () C:\Users\Kzion\AppData\Local\CrashDumps
2014-11-19 02:41 - 2014-09-07 17:59 - 00000000 ____D () C:\Users\Kzion\Desktop\Saint Seiya
2014-11-19 02:37 - 2012-10-11 10:25 - 00000000 ____D () C:\Users\Kzion\Documents\PCSX2
2014-11-19 02:28 - 2011-10-10 23:49 - 00000000 ____D () C:\Program Files (x86)\Windows Live
2014-11-13 19:50 - 2014-05-18 05:05 - 08316928 ___SH () C:\Users\Kzion\Desktop\Thumbs.db
2014-11-13 17:55 - 2012-01-21 17:07 - 00000000 ____D () C:\Users\Kzion\AppData\Local\Deployment
2014-11-13 13:11 - 2014-02-12 22:37 - 00003882 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-66031012-3778517164-1124876193-1000UA1cf28755582ffc3
2014-11-13 13:11 - 2013-07-04 14:44 - 00003486 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-66031012-3778517164-1124876193-1000Core1ce78f73cc06761
2014-11-12 18:20 - 2014-03-22 00:08 - 16884632 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2014-11-12 18:20 - 2014-03-22 00:08 - 00027094 _____ () C:\Windows\system32\nvinfo.pb
2014-11-12 18:20 - 2011-10-10 22:07 - 20986592 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2014-11-12 18:20 - 2011-10-10 22:07 - 19966344 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2014-11-12 18:20 - 2011-10-10 22:07 - 03262784 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2014-11-12 18:20 - 2011-10-10 22:07 - 02874456 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2014-11-12 15:56 - 2011-06-16 23:49 - 06897352 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2014-11-12 15:56 - 2011-06-16 23:49 - 03534152 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2014-11-12 15:56 - 2011-06-16 23:49 - 02559808 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2014-11-12 15:56 - 2011-06-16 23:49 - 00934032 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2014-11-12 15:56 - 2011-06-16 23:49 - 00386368 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2014-11-12 15:56 - 2011-06-16 23:49 - 00062608 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2014-11-11 11:53 - 2012-06-09 16:15 - 00000132 _____ () C:\Users\Kzion\AppData\Roaming\Adobe PNG Format CS5 Prefs
2014-11-11 04:29 - 2014-06-14 23:31 - 04100776 _____ () C:\Windows\system32\nvcoproc.bin
2014-11-06 13:23 - 2012-01-22 17:32 - 00000000 ____D () C:\Users\Kzion\Desktop\Twilight Endogenesis
2014-11-03 15:57 - 2012-05-15 17:59 - 00002465 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat Distiller X.lnk
2014-11-03 15:57 - 2012-05-15 17:59 - 00002453 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat X Pro.lnk
2014-11-03 15:57 - 2012-05-15 17:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe LiveCycle ES2
2014-11-03 15:52 - 2012-11-19 22:49 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-10-31 17:41 - 2012-03-10 10:27 - 00003378 _____ () C:\Windows\System32\Tasks\VAIO® Messenger (Kzion)
2014-10-31 17:41 - 2011-10-10 22:45 - 00003684 _____ () C:\Windows\System32\Tasks\VAIO® Messenger (Administrator)
2014-10-31 17:40 - 2012-03-09 23:19 - 00003318 _____ () C:\Windows\System32\Tasks\DDNi Startup
2014-10-31 17:19 - 2011-02-10 16:48 - 00000000 ____D () C:\Windows\Panther
2014-10-31 16:42 - 2014-06-25 17:08 - 00000000 ____D () C:\Program Files (x86)\TuneUp Utilities 2014
2014-10-29 12:47 - 2009-07-13 23:08 - 00032566 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-10-27 21:43 - 2014-10-13 14:40 - 00000000 ____D () C:\Users\Kzion\Desktop\ipas
2014-10-27 21:43 - 2013-03-13 01:12 - 00000000 ____D () C:\Users\Kzion\AppData\Roaming\iFunbox_UserCache
 
Some content of TEMP:
====================
C:\Users\Kzion\AppData\Local\Temp\nvStInst.exe
 
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2014-11-25 20:08
 
==================== End Of Log ============================
 

  • 0

#6
kzion
Posted 26 November 2014 - 08:49 PM

kzion

    Member

  • Topic Starter
  • Member
  • PipPip
  • 14 posts

And the Addition.txt
 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 26-11-2014 01
Ran by Kzion at 2014-11-26 17:41:12
Running from C:\Users\Kzion\Desktop
Boot Mode: Normal
==========================================================
 
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: ESET Smart Security 6.0 (Enabled - Up to date) {77DEAFED-8149-104B-25A1-21771CA47CD1}
AS: ESET Smart Security 6.0 (Enabled - Up to date) {CCBF4E09-A773-1FC5-1F11-1A056723366C}
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Firewall personal de ESET (Enabled) {4FE52EC8-CB26-1113-0EFE-8842E2773BAA}
 
==================== Installed Programs ======================
 
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
7-Zip 9.20 (HKLM-x32\...\7-Zip) (Version:  - )
ACID Music Studio 8.0 (x32 Version: 8.0.178 - Sony) Hidden
Adobe Acrobat X Pro - English, Français, Deutsch (HKLM-x32\...\{AC76BA86-1033-F400-7760-000000000005}) (Version: 10.1.12 - Adobe Systems)
Adobe After Effects CC 2014 (HKLM-x32\...\{2B22C750-5C3B-4738-B621-BA786AC7A494}) (Version: 13.0.1 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 2.5.1.17730 - Adobe Systems Inc.)
Adobe Community Help (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.4.980 - Adobe Systems Incorporated.)
Adobe Creative Suite 5.5 Master Collection (HKLM-x32\...\{D57FC112-312E-4D70-860F-2DB8FB6858F0}) (Version: 5.5 - Adobe Systems Incorporated)
Adobe Flash Player 15 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 15.0.0.239 - Adobe Systems Incorporated)
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.239 - Adobe Systems Incorporated)
Adobe Reader X (10.1.12) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.1.12 - Adobe Systems Incorporated)
Adobe Story (HKLM-x32\...\com.adobe.AdobeStory.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.0.571 - Adobe Systems Incorporated)
AdvancedSkeleton (HKLM-x32\...\AdvancedSkeleton) (Version: 3.700 - AnimationStudios)
Akamai NetSession Interface (HKU\S-1-5-21-66031012-3778517164-1124876193-1000\...\Akamai) (Version:  - Akamai Technologies, Inc)
Apple Application Support (HKLM-x32\...\{78002155-F025-4070-85B3-7C0453561701}) (Version: 3.0.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{6AF2AC2A-3532-43FD-9F4D-BDC9C0D724C7}) (Version: 7.1.2.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Application Manager for VAIO (HKLM-x32\...\Application Manager for VAIO) (Version:  - )
ArcSoft WebCam Companion 4 (HKLM-x32\...\{B77DE05C-7C84-4011-B93F-A29D0D2840F4}) (Version: 4.0.21.485 - ArcSoft)
Autodesk Backburner 2013.0.0 (HKLM-x32\...\{3D347E6D-5A03-4342-B5BA-6A771885F379}) (Version: 2013.0.0 - Autodesk, Inc.)
Autodesk DirectConnect 2013 64-bit (HKLM\...\Autodesk DirectConnect 2013 64-bit) (Version: 7.0.28.0 - Autodesk)
Autodesk DirectConnect 2013 64-bit (Version: 7.0.28.0 - Autodesk) Hidden
Autodesk FBX Plug-in 2013.1 - Maya 2013 64-bit (HKLM\...\Autodesk FBX Plug-in 2013.1 - Maya 2013 64-bit) (Version:  - Autodesk)
Autodesk MatchMover 2013 64-bit (HKLM\...\{5B77A046-DAD6-4F19-A8B9-4E5B3EAD2C24}) (Version: 14.00.0000 - Autodesk)
Autodesk Maya 2013 64-bit (HKLM\...\Autodesk Maya 2013 64-bit) (Version: 15.0.0.0 - Autodesk)
Autodesk Maya 2013 64-bit (Version: 15.0.0.0 - Autodesk) Hidden
Bamboo (HKLM\...\Pen Tablet Driver) (Version: 5.2.4-6 - Wacom Technology Corp.)
Best Buy pc app (Version: 3.2.0.0 - Best Buy) Hidden
Best Buy pc app (x32 Version: 3.2.0.0 - Best Buy) Hidden
BlueStacks App Player (HKLM-x32\...\BlueStacks App Player) (Version: 0.8.7.3069 - BlueStack Systems, Inc.)
BlueStacks Notification Center (HKLM-x32\...\{FE5ABB0E-EDEA-4023-B0FB-9DEA39A98D76}) (Version: 0.8.7.3069 - BlueStack Systems, Inc.)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Boob Wars: Big Breasts vs Flat Chests (HKLM-x32\...\BoobWars) (Version: English 1.0 - Mangagamer)
Broadcom InConcert Maestro (HKLM\...\{57DD35E9-D9BB-4089-BB05-EF933C586CB3}) (Version: 1.0.1.2300 - Broadcom Corporation)
Camtasia Studio 7 (HKLM-x32\...\{49471DB8-7F3C-42DB-89C2-AC50FA0C5290}) (Version: 7.1.0 - TechSmith Corporation)
CDisplay 1.8 (HKLM-x32\...\CDisplay_is1) (Version:  - dvd8n)
Cheat Engine 6.4 (HKLM-x32\...\Cheat Engine 6.4_is1) (Version:  - Cheat Engine)
Child of Light (HKLM-x32\...\Q2hpbGRvZkxpZ2h0_is1) (Version: 1 - )
CINEMA 4D 15.064 (HKLM\...\MAXON12664043) (Version: 15.064 - MAXON Computer GmbH)
Composite 2013 64-bit (HKLM\...\{2F808931-D235-4FC7-90CD-F8A890C97B2F}) (Version: 8.0.0 - Autodesk)
Contrôle ActiveX Windows Live Mesh pour connexions à distance (HKLM-x32\...\{55D003F4-9599-44BF-BA9E-95D060730DD3}) (Version: 15.4.5722.2 - Microsoft Corporation)
Corel WinDVD (HKLM-x32\...\{5C1F18D2-F6B7-4242-B803-B5A78648185D}) (Version: 10.0.6.108 - Corel Inc.)
Crystal Reports for Visual Studio (x32 Version: 12.51.0.240 - SAP) Hidden
Curse (HKLM-x32\...\{DEE70742-F4E9-44CA-B2B9-EE95DCF37295}) (Version: 6.0.0.0 - Curse)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dolby Home Theater v4 (HKLM-x32\...\{B26438B4-BF51-49C3-9567-7F14A5E40CB9}) (Version: 7.2.7000.6 - Dolby Laboratories Inc)
Dotfuscator Software Services - Community Edition (HKLM-x32\...\{41B31ABE-5A6E-498A-8F28-3BA3B8779A41}) (Version: 5.0.2300.0 - PreEmptive Solutions)
Effects Suite 64-bit (HKLM-x32\...\InstallShield_{A9462025-681A-44C7-9F6F-70C96320F4C2}) (Version: 11.0.0 - Red Giant Software)
Effects Suite 64-bit (Version: 11.0.0 - Red Giant Software) Hidden
ESET Smart Security (HKLM\...\{3514BAF5-F886-4244-82BD-93FDBA7EEFF6}) (Version: 6.0.314.2 - ESET, spol s r. o.)
Evernote v. 4.4 (HKLM-x32\...\{F761359C-9CED-45AE-9A51-9D6605CD55C4}) (Version: 4.4.0.4848 - Evernote Corp.)
Facebook Video Calling 2.0.0.447 (HKLM-x32\...\{8DF41A9F-FE13-43E8-A003-5F9B55A011EE}) (Version: 2.0.447 - Skype Limited)
Fate/hollow ataraxia (HKLM-x32\...\{99B8F648-71F4-43E6-8AF0-78941E7707BB}) (Version: 1.00 - TYPE-MOON)
Galerie de photos Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Google Chrome (HKU\S-1-5-21-66031012-3778517164-1124876193-1000\...\Google Chrome) (Version: 39.0.2171.71 - Google Inc.)
GraphicsGale FreeEdition version 1.93.21 (HKLM-x32\...\GraphicsGale FreeEdition_is1) (Version:  - HUMANBALANCE Co.,Ltd.)
iExplorer 2.2.1.3 (HKLM-x32\...\{7FD8B0C1-CDDA-4B4D-A577-B2E3570EA3A3}_is1) (Version:  - Macroplant, LLC)
iFunbox (v2.8.2414.748), iFunbox DevTeam (HKLM-x32\...\iFunbox_is1) (Version: v2.8.2414.748 - )
ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.8.0 - LIGHTNING UK!)
Intel PROSet Wireless (x32 Version:  - ) Hidden
Intel® Identity Protection Technology 1.1.2.0 (HKLM-x32\...\{C01A86F5-56E7-101F-9BC9-E3F1025EB779}) (Version: 1.1.2.0 - Intel Corporation)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel® PROSet/Wireless WiFi Software (HKLM\...\{3C41721F-AF0F-4086-AA1C-4C7F29076228}) (Version: 14.01.1000 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.1.2.1004 - Intel Corporation)
Intel® PROSet/Wireless WiMAX Software (HKLM\...\{5C1DA3D9-F590-4317-A4FB-274F658E504B}) (Version: 6.05.0000 - Intel Corporation)
iTunes (HKLM\...\{77DE5105-D05E-448C-96CB-7FA381903753}) (Version: 11.3.1.2 - Apple Inc.)
Java 7 Update 60 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F06417060FF}) (Version: 7.0.600 - Oracle)
Java 7 Update 71 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217071FF}) (Version: 7.0.710 - Oracle)
Java™ 6 Update 22 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216022F0}) (Version: 6.0.220 - Oracle)
Java™ 6 Update 26 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86416026FF}) (Version: 6.0.260 - Oracle)
JDownloader 0.9 (HKLM-x32\...\5513-1208-7298-9440) (Version: 0.9 - AppWork GmbH)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Keyboard Shortcuts (x32 Version: 1.0.7.07110 - Sony Corporation) Hidden
K-Lite Mega Codec Pack 10.6.5 (HKLM-x32\...\KLiteCodecPack_is1) (Version: 10.6.5 - )
League of Legends (HKLM-x32\...\League of Legends 3.0.0) (Version: 3.0.0 - Riot Games)
League of Legends (x32 Version: 3.0.0 - Riot Games) Hidden
LibUSB-Win32-1.2.6.0 (HKLM\...\LibUSB-Win32_is1) (Version: 1.2.6.0 - LibUSB-Win32)
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.214 - LogMeIn, Inc.)
LogMeIn Hamachi (x32 Version: 2.2.0.214 - LogMeIn, Inc.) Hidden
Malwarebytes Anti-Malware version 2.0.3.1025 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.3.1025 - Malwarebytes Corporation)
Maya 2011 Bonus Tools (64-bit) (HKLM\...\{54F2BC30-2EA0-4B64-A200-7FCE8A580401}) (Version: 2011.00.0000 - Autodesk)
Media Gallery (Version: 1.5.0.17250 - Your Company Name) Hidden
Media Go (x32 Version: 1.7.254 - Sony) Hidden
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Multi-Targeting Pack (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft ASP.NET MVC 2 - Visual Studio 2010 Tools (HKLM-x32\...\{40416836-56CC-4C0E-A6AF-5C34BADCE483}) (Version: 2.0.50217.0 - Microsoft Corporation)
Microsoft ASP.NET MVC 2 (HKLM-x32\...\{1803A630-3C38-4D2B-9B9A-0CB37243539C}) (Version: 2.0.50217.0 - Microsoft Corporation)
Microsoft Help Viewer 1.0 (HKLM\...\Microsoft Help Viewer 1.0) (Version: 1.0.30319 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.4734.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Silverlight 3 SDK (HKLM-x32\...\{2012098D-EEE9-4769-8DD3-B038050854D4}) (Version: 3.0.40818.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server 2008 (64-bit) (HKLM\...\Microsoft SQL Server 10 Release) (Version:  - Microsoft Corporation)
Microsoft SQL Server 2008 Browser (HKLM-x32\...\{C688457E-03FD-4941-923B-A27F4D42A7DD}) (Version: 10.1.2531.0 - Microsoft Corporation)
Microsoft SQL Server 2008 Native Client (HKLM\...\{BBDE8A3D-64A2-43A6-95F3-C27B87DF7AC1}) (Version: 10.1.2531.0 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Data-Tier Application Framework (HKLM-x32\...\{0DDCEC37-369C-484B-B16D-B4413FD42FB9}) (Version: 10.50.1447.4 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Data-Tier Application Project (HKLM-x32\...\{E5AE9031-79A5-4627-9641-BEFA82819B08}) (Version: 10.50.1447.4 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Management Objects (HKLM-x32\...\{4E968D9C-21A7-4915-B698-F7AEB913541D}) (Version: 10.50.1447.4 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Management Objects (x64) (HKLM\...\{DA67488A-2689-4F10-B90F-D2F6977509D6}) (Version: 10.50.1447.4 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Transact-SQL Language Service (HKLM-x32\...\{78C3657E-742C-40B1-9F53-E5A921D40F17}) (Version: 10.50.1447.4 - Microsoft Corporation)
Microsoft SQL Server 2008 Setup Support Files  (HKLM\...\{B40EE88B-400A-4266-A17B-E3DE64E94431}) (Version: 10.1.2731.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 ENU (HKLM-x32\...\{3A9FC03D-C685-4831-94CF-4EDFD3749497}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 x64 ENU (HKLM\...\{D4AD39AD-091E-4D33-BB2B-59F6FCB8ADC3}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Database Publishing Wizard 1.4 (HKLM-x32\...\{ACE28263-76A4-4BF5-B6F4-8BD719595969}) (Version: 10.1.2512.8 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (HKLM-x32\...\{2A2F3AE8-246A-4252-BB26-1BEB45627074}) (Version: 10.50.1447.4 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (x64) (HKLM\...\{4A8CE6D7-4D52-43B9-970B-03FC75FAD667}) (Version: 10.50.1447.4 - Microsoft Corporation)
Microsoft SQL Server VSS Writer (HKLM\...\{0826F9E4-787E-481D-83E0-BC6A57B056D5}) (Version: 10.1.2531.0 - Microsoft Corporation)
Microsoft Sync Framework Runtime v1.0 SP1 (x64) (HKLM\...\{8438EC02-B8A9-462D-AC72-1B521349C001}) (Version: 1.0.3010.0 - Microsoft Corporation)
Microsoft Sync Framework SDK v1.0 SP1 (HKLM-x32\...\{0E3DFC64-CC49-4BE2-8C9C-58EF129675DB}) (Version: 1.0.3010.0 - Microsoft Corporation)
Microsoft Sync Framework Services v1.0 SP1 (x64) (HKLM\...\{034106B5-54B7-467F-B477-5B7DBB492624}) (Version: 1.0.3010.0 - Microsoft Corporation)
Microsoft Sync Services for ADO.NET v2.0 SP1 (x64) (HKLM\...\{1D1CEEF8-3741-45BD-8E77-963E1DEBDDD3}) (Version: 2.0.3010.0 - Microsoft Corporation)
Microsoft Team Foundation Server 2010 Object Model - ENU (HKLM\...\Microsoft Team Foundation Server 2010 Object Model - ENU) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Designtime - 10.0.30319 (HKLM\...\{F5079164-1DB9-3BDA-853B-F78AF67CE071}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Runtime - 10.0.30319 (HKLM\...\{94D70749-4281-39AC-AD90-B56A0E0A402E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Runtime - 10.0.30319 (HKLM-x32\...\{6A86554B-8928-30E4-A53C-D7337689134D}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual F# 2.0 Runtime (HKLM-x32\...\{729A3000-BC8A-3B74-BA5D-5068FE12D70C}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools (HKLM-x32\...\{14DD7530-CCD2-3798-B37D-3839ED6A441C}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual Studio 2010 IntelliTrace Collection (x64) (HKLM\...\{88BAE373-00F4-3E33-828F-96E89E5E0CB9}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual Studio 2010 Ultimate - ENU (HKLM-x32\...\Microsoft Visual Studio 2010 Ultimate - ENU) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual Studio Macro Tools (HKLM-x32\...\Microsoft Visual Studio Macro Tools) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
MotioninJoy Gamepad tool 0.7.0000 (HKLM\...\{330DAC67-5B62-452A-A0E4-6B4A5923940F}_is1) (Version: 0.7.0000 - www.motioninjoy.com)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB973685) (HKLM-x32\...\{859DFA95-E4A6-48CD-B88E-A3E483E89B44}) (Version: 4.30.2107.0 - Microsoft Corporation)
NVIDIA 3D Vision Driver 344.75 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 344.75 - NVIDIA Corporation)
NVIDIA 3D Vision Video Player (HKLM-x32\...\{123F0CCE-21AA-401D-A335-3EDF9C13AA52}) (Version: 1.6.9 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.1.2 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1.2 - NVIDIA Corporation)
NVIDIA Graphics Driver 344.75 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 344.75 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.32.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.32.1 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.14.0702 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.14.0702 - NVIDIA Corporation)
Oasis2Service (HKLM-x32\...\{E50FC5DB-7CBD-407D-A46E-0C13E45BC386}) (Version: 1.0.4 - DDNi)
OOBE (x32 Version: 11.3.1.7 - Sony Corporation) Hidden
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
PACAPLUS (HKU\S-1-5-21-66031012-3778517164-1124876193-1000\...\2607aec6904c6c40) (Version: 5.0.2.18 - PacoProject)
PCSX2 - Playstation 2 Emulator (HKLM-x32\...\pcsx2-r5350) (Version:  - )
PDF Settings CS5 (x32 Version: 10.0 - Adobe Systems Incorporated) Hidden
Phantasy Star Online 2: EPISODE 3 (HKLM-x32\...\{38CA1868-3A03-4B5D-93A1-FD6F61D6723A}_is1) (Version:  - SEGA)
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
PlayStation®Network Downloader (x32 Version: 2.05.00710 - Sony Computer Entertainment Inc.) Hidden
PlayStation®Store (x32 Version: 4.1.8.11883 - Sony Computer Entertainment Inc.) Hidden
PMB (x32 Version: 5.6.01.03300 - Sony Corporation) Hidden
PMB VAIO Edition Plug-in (Version: 1.5.10.05300 - Sony Corporation) Hidden
PMB VAIO Edition Plug-in (x32 Version: 1.6.00.06010 - Sony Corporation) Hidden
PowerISO (HKLM-x32\...\PowerISO) (Version:  - )
Quick Web Access (x32 Version: 1.4.6.10 - Sony Corporation) Hidden
QuickTime 7 (HKLM-x32\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)
RaidCall (HKLM-x32\...\RaidCall) (Version: 7.3.4-1.0.12786.82 - raidcall.com)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6400 - Realtek Semiconductor Corp.)
Remote Keyboard (x32 Version: 1.1.1.07060 - Sony Corporation) Hidden
Remote Play with PlayStation 3 (x32 Version: 1.1.0.15072 - Sony Corporation) Hidden
Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.0.32.0 - Renesas Electronics Corporation)
Renesas Electronics USB 3.0 Host Controller Driver (x32 Version: 2.0.32.0 - Renesas Electronics Corporation) Hidden
RGSS-RTP Standard (HKLM-x32\...\RGSS-RTP Standard_is1) (Version: 1.04 - Enterbrain)
sdrt(5.0, 64bit) (HKLM\...\{63A3DBCF-FB40-4398-9AE5-94EE6206CE12}) (Version: 5.0.3.0 - Paltiosoft Inc.)
Service Pack 1 for SQL Server 2008 (KB968369) (64-bit) (HKLM\...\KB968369) (Version: 10.1.2531.0 - Microsoft Corporation)
SHIELD Streaming (Version: 3.1.200 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 16.13.42 - NVIDIA Corporation) Hidden
Shovel Knight (HKLM-x32\...\1207664823_is1) (Version: 2.3.0.9 - GOG.com)
Skype™ 6.21 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 6.21.104 - Skype Technologies S.A.)
SoftEther VPN Client (HKLM\...\softether_sevpnclient) (Version: 4.12.9514 - SoftEther VPN Project)
Sony Corporation (Version: 1.0.0 - Default Company Name) Hidden
Sound Forge Audio Studio 10.0 (x32 Version: 10.0.153 - Sony) Hidden
Sql Server Customer Experience Improvement Program (Version: 10.1.2531.0 - Microsoft Corporation) Hidden
SSLx64 (Version: 1.0.0 - Sony Corporation ) Hidden
SSLx86 (x32 Version: 1.0.0 - Sony Corporation ) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.2.6.0 - Synaptics Incorporated)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.11 - TeamSpeak Systems GmbH)
Toon Boom Animate Pro 2 (HKLM-x32\...\{46ADAC53-F1D2-41B4-B57C-DF43C70904FB}) (Version: 7.9.1 - Toon Boom Animation)
TuneUp Utilities 2014 (en-US) (x32 Version: 14.0.1000.340 - TuneUp Software) Hidden
TuneUp Utilities 2014 (HKLM-x32\...\TuneUp Utilities) (Version: 14.0.1000.340 - TuneUp Software)
TuneUp Utilities 2014 (x32 Version: 14.0.1000.340 - TuneUp Software) Hidden
Ultimate Boob Wars!! ~Big Breasts vs Flat Chests~ (HKLM-x32\...\Ultimate Boob Wars!! ~Big Breasts vs Flat Chests~_is1) (Version: 1.0 - Mangagamer)
Unfold3D Magic Edition (HKLM-x32\...\{28F42D42-11A2-4A29-99D7-FABC1F80AFA1}) (Version: 4.0.0 - Polygonal Design)
Unity Web Player (HKU\S-1-5-21-66031012-3778517164-1124876193-1000\...\UnityWebPlayer) (Version:  - Unity Technologies ApS)
Unwrella_Maya 2.13 (HKLM-x32\...\Unwrella_Maya) (Version: 2.13 - 3d-io GmbH)
V3DPX86 (x32 Version: 1.0.0 - Sony Corporation ) Hidden
VAIO - Media Gallery (x32 Version: 1.5.0.18100 - Sony Corporation) Hidden
VAIO - PMB VAIO Edition Guide (x32 Version: 1.6.00.06030 - Sony Corporation) Hidden
VAIO - PMB VAIO Edition Plug-in (x32 Version: 1.6.01.06110 - Sony Corporation) Hidden
VAIO - Remote Keyboard (x32 Version: 1.1.0.07060 - Sony Corporation) Hidden
VAIO - Remote Play with PlayStation®3 (x32 Version: 1.1.0.15072 - Sony Corporation) Hidden
VAIO 3D Portal (x32 Version: 1.1.0.06232 - Sony Corporation) Hidden
VAIO Care (HKLM\...\{471F7C0A-CA3A-4F4C-8346-DE36AD5E23D1}) (Version: 7.3.0.14170 - Sony Corporation)
VAIO Control Center (x32 Version: 5.0.0.07070 - Sony Corporation) Hidden
VAIO Data Restore Tool (x32 Version: 1.7.0.05270 - Sony Corporation) Hidden
VAIO Easy Connect (x32 Version: 1.0.0.03050 - Sony Corporation) Hidden
VAIO Gate (x32 Version: 2.4.0.06210 - Sony Corporation) Hidden
VAIO Gate Default (x32 Version: 2.5.0.07080 - Sony Corporation) Hidden
VAIO Help and Support (HKLM-x32\...\{BD04DEBE-923A-4157-993E-2C727C5FFB5C}) (Version: 15.00.0719 - Sony Corporation)
VAIO Improvement (x32 Version: 1.1.0.06030 - Sony Corporation) Hidden
VAIO Manual (x32 Version: 1.4.0.05310 - Sony Corporation) Hidden
VAIO Sample Contents (x32 Version: 1.4.0.09010 - Sony Corporation) Hidden
VAIO Satisfaction Survey. (x32 Version: 3.0 - Sony Electronics Inc.) Hidden
VAIO Smart Network (x32 Version: 3.7.0.07150 - Sony Corporation) Hidden
VAIO Transfer Support (x32 Version: 1.4.0.14230 - Sony Corporation) Hidden
VAIO Update (x32 Version: 5.5.0.06290 - Sony Corporation) Hidden
VAIO Update Merge Module x64 (Version: 5.5.06290 - Sony Corporation) Hidden
VCCx64 (Version: 1.0.0 - Sony Corporation) Hidden
VCCx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
Vegas Movie Studio HD Platinum 10.0 (x32 Version: 10.0.179 - Sony) Hidden
VHD (x32 Version: 1.0.0 - Sony Corporation) Hidden
VIPAccess (HKLM-x32\...\{E8D46836-CD55-453C-A107-A59EC51CB8DC}) (Version: 2.0.1.91 - VeriSign)
Visual Studio 2010 Prerequisites - English (HKLM\...\{662014D2-0450-37ED-ABAE-157C88127BEB}) (Version: 10.0.30319 - Microsoft Corporation)
Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 ENU (HKLM-x32\...\{112C23F2-C036-4D40-BED4-0CB47BF5555C}) (Version: 4.0.8080.0 - Microsoft Corporation)
VIx64 (Version: 1.0.0 - Sony Corporation) Hidden
VIx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
VLC media player 2.1.3 (HKLM-x32\...\VLC media player) (Version: 2.1.3 - VideoLAN)
VPMx64 (Version: 1.0.0 - Sony Corporation ) Hidden
VSNx64 (Version: 1.0.0 - Sony Corporation) Hidden
VSNx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
Vue 10 xStream 64bit (HKLM-x32\...\Vue 10 xStream 64bit) (Version: 10 - e-on software)
Vue 10 xStream plugins 64bit (HKLM-x32\...\Vue 10 xStream plugins 64bit) (Version: 10 - e-on software)
VWSTx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
Wacom Tablet (HKLM\...\Wacom Tablet Driver) (Version: 6.3.6-3 - Wacom Technology Corp.)
Web Deployment Tool (HKLM\...\{0F37D969-1260-419E-B308-EF7D29ABDE20}) (Version: 1.1.0618 - Microsoft Corporation)
WebTablet FB Plugin 32 bit (HKLM-x32\...\Wacom WebTabletPlugin for Internet Explorer and Netscape) (Version: 2.1.0.3 - Wacom Technology Corp.)
WebTablet FB Plugin 64 bit (HKLM\...\Wacom WebTabletPlugin for Internet Explorer and Netscape) (Version: 2.1.0.3 - Wacom Technology Corp.)
WebTablet IE Plugin (HKLM-x32\...\Wacom WebTabletPlugin for IE) (Version: 1.1.0.7 - Wacom Technology Corp.)
WebTablet Netscape Plugin (HKLM-x32\...\Wacom WebTabletPlugin for Netscape) (Version: 1.1.0.5 - Wacom Technology Corp.)
WIDCOMM Bluetooth Software (HKLM\...\{C6C9D5F7-630C-4125-8C4E-94AF77C1896E}) (Version: 6.4.0.2300 - Broadcom Corporation)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
WinDS PRO 2013.6.0 (HKLM\...\{4237FF56-4BD0-481E-BD44-C1A8DDA9C753}_is1) (Version: 2013.6.0.0 - WinDS PRO Central)
WinDS PRO Apps 1.4 (HKLM\...\{92C4C953-5CE1-4DC3-97D5-BBD1A63EF706}_is1) (Version: 1.4.0.0 - WinDS PRO)
WinRAR 4.10 (64-bit) (HKLM\...\WinRAR archiver) (Version: 4.10.0 - win.rar GmbH)
Yume Nikki 0.10 English (HKU\S-1-5-21-66031012-3778517164-1124876193-1000\...\Yume Nikki 0.10 English) (Version:  - )
Yumina the Ethereal (HKLM-x32\...\Yumina) (Version: English 1.0 - JAST Densetsu)
ZBrush 4R6 (HKLM-x32\...\ZBrush 4R6 4R6) (Version: 4R6 - Pixologic)
 
==================== Custom CLSID (selected items): ==========================
 
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
 
CustomCLSID: HKU\S-1-5-21-66031012-3778517164-1124876193-1000_Classes\CLSID\{092dfa86-5807-5a94-bf3b-5a53ba9e5308}\InprocServer32 -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
CustomCLSID: HKU\S-1-5-21-66031012-3778517164-1124876193-1000_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users\Kzion\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-66031012-3778517164-1124876193-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Kzion\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll (Google Inc.)
 
==================== Restore Points  =========================
 
22-11-2014 18:00:59 Scheduled Checkpoint
 
==================== Hosts content: ==========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2009-07-13 20:34 - 2014-11-21 14:47 - 00001497 _RASH C:\Windows\system32\Drivers\etc\hosts
127.0.0.1       localhost
212.83.161.214 www.google-analytics.com.
212.83.161.214 google-analytics.com.
212.83.161.214 connect.facebook.net.
85.17.81.55 www.google-analytics.com.
85.17.81.55 google-analytics.com.
85.17.81.55 connect.facebook.net.
146.0.75.28 www.google-analytics.com.
146.0.75.28 google-analytics.com.
146.0.75.28 connect.facebook.net.
 
 
==================== Scheduled Tasks (whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
 
Task: {0704224F-8FDF-48E0-915E-5AA3A4BFFB03} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-66031012-3778517164-1124876193-1000UA => C:\Users\Kzion\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-12-05] (Facebook Inc.)
Task: {0AA99135-82D9-4E40-A015-D4526D8D5475} - System32\Tasks\Adobe online update program => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-08-21] (Adobe Systems Incorporated)
Task: {0D6D586B-8544-409E-8AAC-5CECDBF98447} - System32\Tasks\Sony Corporation\VAIO Control Center\Level4Month => C:\Program Files (x86)\Sony\VAIO Control Center\WBCBatteryCare.exe [2011-07-07] (Sony Corporation)
Task: {13D386CA-0ADE-41F6-86E3-E46E24C4E6AD} - System32\Tasks\VAIO® Messenger (Administrator) => C:\Program Files (x86)\DDNi\Oasis\VAIO Messenger.exe [2013-07-03] (Digital Delivery Networks, Inc.)
Task: {2534E2ED-5F03-4F94-9B0B-2A234FAE3454} - System32\Tasks\AdobeAAMUpdater-1.0-Dezina-Kzion => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2014-02-27] (Adobe Systems Incorporated)
Task: {2703FC5B-5D41-4177-8F0D-A0F7853ADF2A} - System32\Tasks\Sony Corporation\VAIO Improvement\VAIOImprovementUploader => C:\Program Files\Sony\VAIO Improvement\viuploader.exe [2011-06-03] (Sony Corporation)
Task: {2D5ACBCA-0E33-44CF-9BD6-8E56E3814E7B} - System32\Tasks\Sony Corporation\VAIO Care\CRMReminder => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2012-01-31] (Sony Corporation)
Task: {334617CA-FCC2-4C6E-87F2-C9BE377BF6E6} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {3BFAC050-E0F6-47E2-947B-C4C8813166C4} - System32\Tasks\Microsoft\Windows\TabletPC\InputPersonalization => C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe [2009-07-13] (Microsoft Corporation)
Task: {411B7367-6CB9-471F-BD9D-6B5FD14D8660} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-66031012-3778517164-1124876193-1000Core => C:\Users\Kzion\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-12-05] (Facebook Inc.)
Task: {4E717573-C763-4F2D-9495-83E49017CFA9} - System32\Tasks\DDNi Startup => C:\Program Files (x86)\DDNi\Oasis\DDNiStartup.exe [2013-07-03] (Digital Delivery Networks, Inc.)
Task: {542A0724-B4F0-4E4A-B5D7-3F85D4A8BB18} - System32\Tasks\Sony Corporation\VAIO Power Management\VPM Unlock => C:\Program Files\Sony\VAIO Power Management\SPMgr.exe [2011-05-31] (Sony Corporation)
Task: {5D98AEA7-B545-42C7-A7BC-BDCE145567BF} - System32\Tasks\Sony Corporation\VAIO Gate\VAIO Gate => C:\Program Files\Sony\VAIO Gate\VAIO Gate.exe [2011-06-21] (Sony Corporation)
Task: {5E5560CA-4385-48B3-AD7D-70A81C37254F} - System32\Tasks\Sony Corporation\VAIO Power Management\VPM Session Change => C:\Program Files\Sony\VAIO Power Management\SPMgr.exe [2011-05-31] (Sony Corporation)
Task: {61CA69D9-01AB-4630-822C-781C3B16069B} - System32\Tasks\Sony Corporation\VAIO Care\VCMetrics => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2012-01-31] (Sony Corporation)
Task: {690B7123-FC0A-4276-82C8-4703AC33FA61} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-66031012-3778517164-1124876193-1000Core1ce78f73cc06761 => C:\Users\Kzion\AppData\Local\Google\Update\GoogleUpdate.exe [2012-07-18] (Google Inc.)
Task: {6DB84009-1573-4AB5-9279-F5FD7622B9A7} - System32\Tasks\Sony Corporation\VAIO Power Management\VPM Logon Start => C:\Program Files\Sony\VAIO Power Management\SPMgr.exe [2011-05-31] (Sony Corporation)
Task: {8CFF26FD-DBBF-44E5-9AB4-532946EAF03C} - System32\Tasks\Sony Corporation\VAIO Gate\StartExecuteProxy => C:\Program Files\Sony\VAIO Gate\ExecutionProxy.exe [2011-06-21] (Sony Corporation)
Task: {91C833E6-B943-47BB-9ACF-F9865CC3E9A4} - System32\Tasks\VAIO® Messenger (Kzion) => C:\Program Files (x86)\DDNi\Oasis\VAIO Messenger.exe [2013-07-03] (Digital Delivery Networks, Inc.)
Task: {93E8DE50-7EE0-41F4-BCE9-DCE640BCCE05} - System32\Tasks\Sony Corporation\VAIO Care\VCCheckIolo => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2012-01-31] (Sony Corporation)
Task: {9FE6C9E9-9377-47F8-A6FB-1640F1A41D62} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-11-25] (Adobe Systems Incorporated)
Task: {A0991056-913A-476F-B00E-90B392E244A0} - System32\Tasks\Sony Corporation\VAIO Control Center\Level4Daily => C:\Program Files (x86)\Sony\VAIO Control Center\WBCBatteryCare.exe [2011-07-07] (Sony Corporation)
Task: {AA414B98-4CD1-4828-9AB7-3B3AF9F0E954} - System32\Tasks\Games\UpdateCheck_S-1-5-21-66031012-3778517164-1124876193-1000
Task: {B27B92E3-D1AC-44D0-A8F6-BF8D4E178D40} - System32\Tasks\Sony\Keyboard Shortcuts => C:\Program Files (x86)\Sony\Keyboard Shortcuts\KeyboardShortcuts.exe [2011-07-18] ()
Task: {B3B10196-935D-4CD6-9392-DB060D08CDBF} - System32\Tasks\Sony Corporation\VAIO Care\AutoCheckMessage => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2012-01-31] (Sony Corporation)
Task: {B4336FD8-4D2E-4915-814D-986AEEA4546C} - System32\Tasks\Sony Corporation\VAIO Care\VAIO Care => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2012-01-31] (Sony Corporation)
Task: {BDC36772-9C6B-45DD-8349-76C93847C61E} - System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013 => C:\Program Files (x86)\TuneUp Utilities 2014\OneClick.exe [2014-07-16] (TuneUp Software)
Task: {CA569766-136F-4207-8B2B-6E4D36E1D19C} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2014-09-26] (Oracle Corporation)
Task: {DF430AB5-77DC-4697-9AC5-85C9303416DD} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-66031012-3778517164-1124876193-1000UA1cf28755582ffc3 => C:\Users\Kzion\AppData\Local\Google\Update\GoogleUpdate.exe [2012-07-18] (Google Inc.)
Task: {E61B0B2E-2682-4519-B39E-7040F1B26F50} - System32\Tasks\Google Updater and Installer => C:\Users\Kzion\AppData\Local\Google\Update\GoogleUpdate.exe [2012-07-18] (Google Inc.)
Task: {EF16C7DA-A0E8-4DED-A447-B4C24C622E7D} - System32\Tasks\Sony Corporation\VAIO Care\VCOneClick => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2012-01-31] (Sony Corporation)
Task: {F01B53FD-319A-45AA-AD31-7ED9E57D7E88} - System32\Tasks\Sony Corporation\VAIO Smart Network\VSN Logon Start => C:\Program Files\Sony\VAIO Smart Network\VSNClient
Task: {F66C15C2-B430-4DC7-9778-971702DDBBAB} - System32\Tasks\Sony Corporation\VAIO Care\VAU => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2012-01-31] (Sony Corporation)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-66031012-3778517164-1124876193-1000Core.job => C:\Users\Kzion\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-66031012-3778517164-1124876193-1000UA.job => C:\Users\Kzion\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-66031012-3778517164-1124876193-1000Core1ce78f73cc06761.job => C:\Users\Kzion\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-66031012-3778517164-1124876193-1000UA1cf28755582ffc3.job => C:\Users\Kzion\AppData\Local\Google\Update\GoogleUpdate.exe
 
==================== Loaded Modules (whitelisted) =============
 
2011-05-31 18:32 - 2011-05-31 18:32 - 01501696 _____ () C:\Program Files\Common Files\Intel\WirelessCommon\Libeay32.dll
2013-09-22 23:43 - 2014-11-12 15:56 - 00118080 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2014-11-21 14:47 - 2014-11-21 14:47 - 03507200 _____ () C:\ProgramData\Microsoft\Secure\Icons\SecureIconsProvider.dll
2010-01-09 20:17 - 2010-01-09 20:17 - 04254560 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2010-01-21 01:40 - 2010-01-21 01:40 - 08794464 _____ () C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll
2012-01-22 18:00 - 2012-01-09 19:44 - 00193536 _____ () C:\Program Files\WinRAR\rarext.dll
2014-07-16 02:24 - 2014-07-16 02:24 - 00699704 _____ () C:\Program Files (x86)\TuneUp Utilities 2014\avgrepliba.dll
2011-11-30 17:49 - 2011-11-30 17:49 - 00321024 _____ () C:\Program Files\Sony\VAIO Care\CRM\ManagedVAIORecoveryMedia.dll
2011-11-30 17:49 - 2011-11-30 17:49 - 00179712 _____ () C:\Program Files\Sony\VAIO Care\CRM\VAIORecovery.dll
2011-11-30 17:49 - 2011-11-30 17:49 - 00054784 _____ () C:\Program Files\Sony\VAIO Care\CRM\Logging.dll
2011-11-30 17:49 - 2011-11-30 17:49 - 00061440 _____ () C:\Program Files\Sony\VAIO Care\CRM\VAIOCommon.dll
2011-11-30 17:49 - 2011-11-30 17:49 - 00192000 _____ () C:\Program Files\Sony\VAIO Care\CRM\OsServices.dll
2011-11-30 17:49 - 2011-11-30 17:49 - 00037376 _____ () C:\Program Files\Sony\VAIO Care\CRM\PluginFactory.dll
2011-11-30 17:49 - 2011-11-30 17:49 - 02229760 _____ () C:\Program Files\Sony\VAIO Care\CRM\RecoveryPartitionManager.dll
2011-11-30 17:49 - 2011-11-30 17:49 - 00035840 _____ () C:\Program Files\Sony\VAIO Care\CRM\XMLTools.dll
2011-11-30 17:49 - 2011-11-30 17:49 - 00055296 _____ () C:\Program Files\Sony\VAIO Care\CRM\VAIOInstallAppsDrivers.dll
2011-11-30 17:49 - 2011-11-30 17:49 - 00137728 _____ () C:\Program Files\Sony\VAIO Care\CRM\InstallDB.dll
2011-11-30 17:49 - 2011-11-30 17:49 - 00134144 _____ () C:\Program Files\Sony\VAIO Care\CRM\InstallationTools.dll
2011-11-30 17:49 - 2011-11-30 17:49 - 00024064 _____ () C:\Program Files\Sony\VAIO Care\CRM\VAIOUtility.dll
2011-11-30 17:49 - 2011-11-30 17:49 - 00276992 _____ () C:\Program Files\Sony\VAIO Care\READ\RecoveryPartitionManagerREAD.dll
2011-03-31 06:55 - 2011-03-31 06:55 - 00530432 _____ () C:\Program Files (x86)\3d-io plugins\licensing_v2\ActiveLock3_5Net_3dio.dll
2014-07-31 11:16 - 2014-07-31 11:16 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-07-31 11:16 - 2014-07-31 11:16 - 01044776 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2010-01-09 20:18 - 2010-01-09 20:18 - 04254560 _____ () C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2010-01-21 01:34 - 2010-01-21 01:34 - 08793952 _____ () C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveIntlResource.dll
2011-10-10 22:48 - 2011-07-07 16:44 - 00013824 _____ () C:\Program Files (x86)\Sony\VAIO Control Center\VESBasePS.dll
2012-01-23 15:03 - 2012-01-23 15:03 - 00169472 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\93496da63bd0bfd3de0d0ecab1925114\IsdiInterop.ni.dll
2011-10-10 21:57 - 2011-01-12 18:56 - 00058880 _____ () C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IsdiInterop.dll
2014-11-25 18:18 - 2014-11-25 00:39 - 01077064 _____ () C:\Users\Kzion\AppData\Local\Google\Chrome\Application\39.0.2171.71\libglesv2.dll
2014-11-25 18:18 - 2014-11-25 00:39 - 00211272 _____ () C:\Users\Kzion\AppData\Local\Google\Chrome\Application\39.0.2171.71\libegl.dll
2014-11-25 18:18 - 2014-11-25 00:39 - 09009480 _____ () C:\Users\Kzion\AppData\Local\Google\Chrome\Application\39.0.2171.71\pdf.dll
2014-11-25 18:18 - 2014-11-25 00:39 - 01677128 _____ () C:\Users\Kzion\AppData\Local\Google\Chrome\Application\39.0.2171.71\ffmpegsumo.dll
 
==================== Alternate Data Streams (whitelisted) =========
 
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
 
AlternateDataStreams: C:\Program Files\Common Files\System:IPQnb5oyypymfFpsOioq
AlternateDataStreams: C:\ProgramData\Microsoft:2Lo95gJcLI6rFUwit5dMEtK
AlternateDataStreams: C:\ProgramData\Microsoft:NkyoFWQtn7BVCIoqXwzjV9tEzZdLQ
AlternateDataStreams: C:\ProgramData\TEMP:A1EDB939
AlternateDataStreams: C:\Users\Kzion\AppData\Local\YzXIrLpW:0swHpK3HztevRtKpKG3qFON5EQYj
 
==================== Safe Mode (whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"
 
==================== EXE Association (whitelisted) =============
 
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
 
 
==================== MSCONFIG/TASK MANAGER disabled items =========
 
(Currently there is no automatic fix for this section.)
 
MSCONFIG\startupfolder: C:^Users^Kzion^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.3.lnk => C:\Windows\pss\OpenOffice.org 3.3.lnk.Startup
MSCONFIG\startupfolder: C:^Users^Kzion^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Start Freenet.lnk => C:\Windows\pss\Start Freenet.lnk.Startup
MSCONFIG\startupreg: Acrobat Assistant 8.0 => "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe"
MSCONFIG\startupreg: Adobe Acrobat Speed Launcher => "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe"
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: Adobe Reader Speed Launcher => "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: AdobeCS5.5ServiceManager => "C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" -launchedbylogin
MSCONFIG\startupreg: Akamai NetSession Interface => "C:\Users\Kzion\AppData\Local\Akamai\netsession_win.exe"                                                                                                                                                                                                                 
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: Best Buy pc app => C:\Users\Kzion\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Best Buy\Best Buy pc app.appref-ms
MSCONFIG\startupreg: BlueStacks Agent => C:\Program Files (x86)\BlueStacks\HD-Agent.exe
MSCONFIG\startupreg: Dolby Home Theater v4 => "C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe" -autostart
MSCONFIG\startupreg: Facebook Update => "C:\Users\Kzion\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
MSCONFIG\startupreg: facemoods => "C:\Program Files (x86)\facemoods.com\facemoods\1.4.17.11\facemoodssrv.exe" /md I
MSCONFIG\startupreg: Google Update => "C:\Users\Kzion\AppData\Local\Google\Update\GoogleUpdate.exe" /c
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: LogMeIn Hamachi Ui => "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
MSCONFIG\startupreg: MessengerPlusForSkypeService => "C:\Program Files (x86)\Yuna Software\Messenger Plus! for Skype\MsgPlusForSkypeService.exe"
MSCONFIG\startupreg: msnmsgr => "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
MSCONFIG\startupreg: NvBackend => "C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
MSCONFIG\startupreg: ShadowPlay => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
MSCONFIG\startupreg: Steam => "C:\Program Files (x86)\Steam\Steam.exe" -silent
 
========================= Accounts: ==========================
 
Administrator (S-1-5-21-66031012-3778517164-1124876193-500 - Administrator - Disabled)
Guest (S-1-5-21-66031012-3778517164-1124876193-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-66031012-3778517164-1124876193-1002 - Limited - Enabled)
Kzion (S-1-5-21-66031012-3778517164-1124876193-1000 - Administrator - Enabled) => C:\Users\Kzion
 
==================== Faulty Device Manager Devices =============
 
Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft Teredo Tunneling Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (11/26/2014 05:33:06 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (11/25/2014 08:11:47 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"1".
Dependent Assembly Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.
 
Error: (11/25/2014 05:46:44 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (11/24/2014 05:40:47 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (11/24/2014 01:13:58 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"1".
Dependent Assembly Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.
 
Error: (11/23/2014 07:55:15 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (11/23/2014 00:42:32 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (11/23/2014 01:04:52 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (11/22/2014 11:36:39 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (11/22/2014 04:47:53 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
 
System errors:
=============
Error: (11/26/2014 05:32:43 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the NVIDIA Network Service service to connect.
 
Error: (11/21/2014 08:38:38 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Dnscache service.
 
Error: (11/21/2014 08:38:08 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Dnscache service.
 
Error: (11/21/2014 07:34:32 PM) (Source: volsnap) (EventID: 36) (User: )
Description: The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit.
 
Error: (11/21/2014 04:34:18 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: The Intel® Management and Security Application User Notification Service service hung on starting.
 
Error: (11/21/2014 03:06:01 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Windows Media Player Network Sharing Service service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 30000 milliseconds: Restart the service.
 
Error: (11/21/2014 02:59:07 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: The Intel® Management and Security Application User Notification Service service hung on starting.
 
Error: (11/19/2014 00:43:43 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Windows Update service failed to start due to the following error: 
%%1053
 
Error: (11/19/2014 00:43:43 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the wuauserv service.
 
Error: (11/19/2014 00:43:43 PM) (Source: DCOM) (EventID: 10005) (User: )
Description: 1053wuauserv{E60687F7-01A1-40AA-86AC-DB1CBF673334}
 
 
Microsoft Office Sessions:
=========================
Error: (11/26/2014 05:33:06 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (11/25/2014 08:11:47 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"C:\Program Files\Autodesk\Composite 2013\python\lib\distutils\command\wininst-8_d.exe
 
Error: (11/25/2014 05:46:44 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (11/24/2014 05:40:47 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (11/24/2014 01:13:58 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"C:\Program Files\Autodesk\Composite 2013\python\lib\distutils\command\wininst-8_d.exe
 
Error: (11/23/2014 07:55:15 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (11/23/2014 00:42:32 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (11/23/2014 01:04:52 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (11/22/2014 11:36:39 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (11/22/2014 04:47:53 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
 
CodeIntegrity Errors:
===================================
  Date: 2014-06-13 16:21:06.538
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\cryptnet.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-06-13 16:21:06.496
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\cryptnet.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-06-13 16:21:06.371
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\cryptnet.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-06-13 16:21:06.331
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\cryptnet.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-06-13 16:21:06.213
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\cryptnet.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-06-13 16:21:06.076
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\cryptnet.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-06-13 16:21:05.975
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\cryptnet.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-06-13 16:21:05.554
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\cryptnet.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-06-13 16:21:05.192
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\cryptnet.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-06-13 16:21:05.131
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\cryptnet.dll because the set of per-page image hashes could not be found on the system.
 
 
==================== Memory info =========================== 
 
Processor: Intel® Core™ i7-2670QM CPU @ 2.20GHz
Percentage of memory in use: 34%
Total physical RAM: 8173.22 MB
Available physical RAM: 5370.45 MB
Total Pagefile: 16344.63 MB
Available Pagefile: 12990.67 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:686.22 GB) (Free:305.72 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 698.6 GB) (Disk ID: C7F0A2E6)
Partition 1: (Not Active) - (Size=12.3 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=686.2 GB) - (Type=07 NTFS)
 
==================== End Of Log ============================

  • 0

#7
Biscuithd
Posted 01 December 2014 - 09:21 AM

Biscuithd

    Trusted Helper

  • Malware Removal
  • 2,573 posts

FRST.gif Fix with Farbar Recovery Scan Tool



icon_exclaim.gif This fix was created for this user for use on that particular machine. icon_exclaim.gif
icon_exclaim.gif Running it on another one may cause damage and render the system unstable. icon_exclaim.gif

Press the WindowsKey.png + R on your keyboard at the same time. Type Notepad and click OK.

  • Copy the entire content of the codebox below and paste into the Notepad document:
    start

HKLM-x32\...\Run: [] => [X]

HKU\S-1-5-21-66031012-3778517164-1124876193-1000\...\Run: [Idrrsoft] => regsvr32.exe C:\Users\Kzion\AppData\Local\Idrrsoft\rbjgaqpwc.dll <===== ATTENTION

C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe

ShellIconOverlayIdentifiers: [1SecureIconsProvider] -> {FC9D8189-520A-4417-AED7-9EAC810C6FBA} => C:\ProgramData\Microsoft\Secure\Icons\SecureIconsProvider.dll ()

CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

SearchScopes: HKU\S-1-5-21-66031012-3778517164-1124876193-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =

DPF: HKLM-x32 {20A60F0D-9AFA-4515-A0FD-83BD84642501} http://messenger.zon...kr.cab56986.cab

DPF: HKLM-x32 {C3F79A2B-B9B4-4A66-B012-3EE46475B072} http://messenger.zon...nt.cab56907.cab

Tcpip\Parameters: [DhcpNameServer] 192.168.1.254

Tcpip\..\Interfaces\{13FC45AC-C586-464D-BC69-16B813C0C8AF}: [NameServer] 8.8.8.8,8.8.8.8

Tcpip\..\Interfaces\{797D3F7B-0668-446D-A899-D3E4CF1232B9}: [NameServer] 8.8.8.8,8.8.8.8

Tcpip\..\Interfaces\{AF11626F-8F0A-4E4B-B3A9-EA1B307B9C9D}: [NameServer] 8.8.8.8,8.8.8.8

Tcpip\..\Interfaces\{AF1173D5-51B5-4CE2-A68D-8419C83BB6E8}: [NameServer] 8.8.8.8,8.8.8.8

Tcpip\..\Interfaces\{BA80F345-61D0-4D1D-B1B2-F0CBC3610559}: [NameServer] 8.8.8.8,8.8.8.8

Tcpip\..\Interfaces\{C28CA559-ED37-4BBC-B3E6-8BB6E9B02072}: [NameServer] 8.8.8.8,8.8.8.8

Tcpip\..\Interfaces\{EA2E840E-E171-4A02-868D-EAF327B41214}: [NameServer] 8.8.8.8,8.8.8.8

Tcpip\..\Interfaces\{EAD8D63E-6ED2-49BF-9BC4-6EA4E00BFD50}: [NameServer] 8.8.8.8,8.8.8.8

Tcpip\..\Interfaces\{FF7556A8-9A07-4477-9AF7-8FD2D7404E4F}: [NameServer] 8.8.8.8,8.8.8.8

FF Plugin: @microsoft.com/GENUINE -> disabled No File

R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesDriver64.sys [14112 2014-05-27] (TuneUp Software)

S3 BprotectEx; \??\C:\Windows\System32\drivers\BprotectEx.sys [X]

S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]

S3 PCFApiUtil; \??\C:\Program Files (x86)\Baidu Security\PC Faster\4.0.0.0\PCFApiUtil64.sys [X]

S3 X6va017; \??\C:\Windows\SysWOW64\Drivers\X6va017 [X]

C:\Windows\System32\drivers\BprotectEx.sys

C:\Windows\system32\drivers\EagleX64.sys

C:\Program Files (x86)\Baidu Security\PC Faster\4.0.0.0\PCFApiUtil64.sy

C:\Windows\SysWOW64\Drivers\X6va017

C:\Windows\SysWOW64\spoolsv.exe

C:\Windows\SysWOW64\sppsvc.exe

C:\Windows\SysWOW64\lsass.exe

CMD: ipconfig /flushdns

CMD: netsh winsock reset all

CMD: netsh int ipv4 reset

CMD: netsh int ipv6 reset

CMD: bitsadmin /reset /allusers

Hosts:

end
  • Click File, Save As and type fixlist.txt as the File Name.

Both files, FRST and fixlist.txt have to be in the same location or the fix will not work!


  • Right-click on FRST.gif icon and select RunAsAdmin.jpg Run as Administrator to start the tool.
    (XP users click run after receipt of Windows Security Warning - Open File).
  • Press the Fix button just once and wait.
  • If for some reason the tool needs a restart, please make sure you let the system restart normally. After that let the tool complete its run.
  • When finished FRST will generate a log on the Desktop, called Fixlog.txt.

Please post it to your reply.

 

Let me know how the machine is working after the fix and then post a fresh FRST scan.

 


  • 0

#8
kzion
Posted 01 December 2014 - 09:50 PM

kzion

    Member

  • Topic Starter
  • Member
  • PipPip
  • 14 posts

Wow it's a lot better, the idrrsoft error and the iconscachehelper went away, or at least the error/message didn't pop up.

But now, The module 'C:\users\kzion\appdata\loc..\BthCommonEula.dll' failed to load.
Make sure the binary is stored at the specific path or debug it to check for problems with the binary or dependant .dll files.
The specified module could not be found.

And here is the Fixlog.txt

 

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 01-12-2014
Ran by Kzion at 2014-12-01 21:36:00 Run:1
Running from C:\Users\Kzion\Desktop
Loaded Profile: Kzion (Available profiles: Kzion)
Boot Mode: Normal
==============================================
 
Content of fixlist:
*****************
start
 
HKLM-x32\...\Run: [] => [X]
 
HKU\S-1-5-21-66031012-3778517164-1124876193-1000\...\Run: [Idrrsoft] => regsvr32.exe C:\Users\Kzion\AppData\Local\Idrrsoft\rbjgaqpwc.dll <===== ATTENTION
 
C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe
 
ShellIconOverlayIdentifiers: [1SecureIconsProvider] -> {FC9D8189-520A-4417-AED7-9EAC810C6FBA} => C:\ProgramData\Microsoft\Secure\Icons\SecureIconsProvider.dll ()
 
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
 
SearchScopes: HKU\S-1-5-21-66031012-3778517164-1124876193-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
 
DPF: HKLM-x32 {20A60F0D-9AFA-4515-A0FD-83BD84642501} http://messenger.zon...kr.cab56986.cab
 
DPF: HKLM-x32 {C3F79A2B-B9B4-4A66-B012-3EE46475B072} http://messenger.zon...nt.cab56907.cab
 
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
 
Tcpip\..\Interfaces\{13FC45AC-C586-464D-BC69-16B813C0C8AF}: [NameServer] 8.8.8.8,8.8.8.8
 
Tcpip\..\Interfaces\{797D3F7B-0668-446D-A899-D3E4CF1232B9}: [NameServer] 8.8.8.8,8.8.8.8
 
Tcpip\..\Interfaces\{AF11626F-8F0A-4E4B-B3A9-EA1B307B9C9D}: [NameServer] 8.8.8.8,8.8.8.8
 
Tcpip\..\Interfaces\{AF1173D5-51B5-4CE2-A68D-8419C83BB6E8}: [NameServer] 8.8.8.8,8.8.8.8
 
Tcpip\..\Interfaces\{BA80F345-61D0-4D1D-B1B2-F0CBC3610559}: [NameServer] 8.8.8.8,8.8.8.8
 
Tcpip\..\Interfaces\{C28CA559-ED37-4BBC-B3E6-8BB6E9B02072}: [NameServer] 8.8.8.8,8.8.8.8
 
Tcpip\..\Interfaces\{EA2E840E-E171-4A02-868D-EAF327B41214}: [NameServer] 8.8.8.8,8.8.8.8
 
Tcpip\..\Interfaces\{EAD8D63E-6ED2-49BF-9BC4-6EA4E00BFD50}: [NameServer] 8.8.8.8,8.8.8.8
 
Tcpip\..\Interfaces\{FF7556A8-9A07-4477-9AF7-8FD2D7404E4F}: [NameServer] 8.8.8.8,8.8.8.8
 
FF Plugin: @microsoft.com/GENUINE -> disabled No File
 
R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesDriver64.sys [14112 2014-05-27] (TuneUp Software)
 
S3 BprotectEx; \??\C:\Windows\System32\drivers\BprotectEx.sys [X]
 
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
 
S3 PCFApiUtil; \??\C:\Program Files (x86)\Baidu Security\PC Faster\4.0.0.0\PCFApiUtil64.sys [X]
 
S3 X6va017; \??\C:\Windows\SysWOW64\Drivers\X6va017 [X]
 
C:\Windows\System32\drivers\BprotectEx.sys
 
C:\Windows\system32\drivers\EagleX64.sys
 
C:\Program Files (x86)\Baidu Security\PC Faster\4.0.0.0\PCFApiUtil64.sy
 
C:\Windows\SysWOW64\Drivers\X6va017
 
C:\Windows\SysWOW64\spoolsv.exe
 
C:\Windows\SysWOW64\sppsvc.exe
 
C:\Windows\SysWOW64\lsass.exe
 
CMD: ipconfig /flushdns
 
CMD: netsh winsock reset all
 
CMD: netsh int ipv4 reset
 
CMD: netsh int ipv6 reset
 
CMD: bitsadmin /reset /allusers
 
Hosts:
 
end
*****************
 
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ => value deleted successfully.
HKU\S-1-5-21-66031012-3778517164-1124876193-1000\Software\Microsoft\Windows\CurrentVersion\Run\\Idrrsoft => value deleted successfully.
C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe => Moved successfully.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\1SecureIconsProvider" => Key deleted successfully.
"HKCR\CLSID\{FC9D8189-520A-4417-AED7-9EAC810C6FBA}" => Key deleted successfully.
"HKLM\SOFTWARE\Policies\Google" => Key deleted successfully.
HKU\S-1-5-21-66031012-3778517164-1124876193-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value deleted successfully.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Code Store Database\Distribution Units\{20A60F0D-9AFA-4515-A0FD-83BD84642501}" => Key deleted successfully.
"HKCR\Wow6432Node\CLSID\{20A60F0D-9AFA-4515-A0FD-83BD84642501}" => Key deleted successfully.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Code Store Database\Distribution Units\{C3F79A2B-B9B4-4A66-B012-3EE46475B072}" => Key deleted successfully.
"HKCR\Wow6432Node\CLSID\{C3F79A2B-B9B4-4A66-B012-3EE46475B072}" => Key deleted successfully.
HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\\DhcpNameServer => Value not found.
HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{13FC45AC-C586-464D-BC69-16B813C0C8AF}\\NameServer => value deleted successfully.
HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{797D3F7B-0668-446D-A899-D3E4CF1232B9}\\NameServer => value deleted successfully.
HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{AF11626F-8F0A-4E4B-B3A9-EA1B307B9C9D}\\NameServer => value deleted successfully.
HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{AF1173D5-51B5-4CE2-A68D-8419C83BB6E8}\\NameServer => value deleted successfully.
HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{BA80F345-61D0-4D1D-B1B2-F0CBC3610559}\\NameServer => value deleted successfully.
HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{C28CA559-ED37-4BBC-B3E6-8BB6E9B02072}\\NameServer => value deleted successfully.
HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{EA2E840E-E171-4A02-868D-EAF327B41214}\\NameServer => value deleted successfully.
HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{EAD8D63E-6ED2-49BF-9BC4-6EA4E00BFD50}\\NameServer => value deleted successfully.
HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{FF7556A8-9A07-4477-9AF7-8FD2D7404E4F}\\NameServer => value deleted successfully.
"HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE" => Key deleted successfully.
TuneUpUtilitiesDrv => Service stopped successfully.
TuneUpUtilitiesDrv => Service deleted successfully.
BprotectEx => Service deleted successfully.
EagleX64 => Service deleted successfully.
PCFApiUtil => Service deleted successfully.
X6va017 => Service deleted successfully.
"C:\Windows\System32\drivers\BprotectEx.sys" => File/Directory not found.
"C:\Windows\system32\drivers\EagleX64.sys" => File/Directory not found.
"C:\Program Files (x86)\Baidu Security\PC Faster\4.0.0.0\PCFApiUtil64.sy" => File/Directory not found.
"C:\Windows\SysWOW64\Drivers\X6va017" => File/Directory not found.
"C:\Windows\SysWOW64\spoolsv.exe" => File/Directory not found.
"C:\Windows\SysWOW64\sppsvc.exe" => File/Directory not found.
"C:\Windows\SysWOW64\lsass.exe" => File/Directory not found.
 
=========  ipconfig /flushdns =========
 
 
Windows IP Configuration
 
Successfully flushed the DNS Resolver Cache.
 
========= End of CMD: =========
 
 
=========  netsh winsock reset all =========
 
 
Sucessfully reset the Winsock Catalog.
You must restart the computer in order to complete the reset.
 
 
========= End of CMD: =========
 
 
=========  netsh int ipv4 reset =========
 
Reseting Global, OK!
Reseting Interface, OK!
Reseting Unicast Address, OK!
Reseting Route, OK!
Reseting Subinterface, OK!
Restart the computer to complete this action.
 
 
========= End of CMD: =========
 
 
=========  netsh int ipv6 reset =========
 
Reseting Interface, OK!
Reseting Unicast Address, OK!
Reseting Route, OK!
Reseting Subinterface, OK!
Restart the computer to complete this action.
 
 
========= End of CMD: =========
 
 
=========  bitsadmin /reset /allusers =========
 
 
BITSADMIN version 3.0 [ 7.5.7601 ]
BITS administration utility.
© Copyright 2000-2006 Microsoft Corp.
 
BITSAdmin is deprecated and is not guaranteed to be available in future versions of Windows.
Administrative tools for the BITS service are now provided by BITS PowerShell cmdlets.
 
Unable to cancel {922B894A-CF15-4380-9115-832B9E230AB5}.
0 out of 1 jobs canceled.
 
========= End of CMD: =========
 
C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.
 
==== End of Fixlog ====

  • 0

#9
kzion
Posted 01 December 2014 - 09:54 PM

kzion

    Member

  • Topic Starter
  • Member
  • PipPip
  • 14 posts

This is the new FRST.txt
 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 01-12-2014
Ran by Kzion (administrator) on DEZINA on 01-12-2014 21:50:29
Running from C:\Users\Kzion\Desktop
Loaded Profile: Kzion (Available profiles: Kzion)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 9
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\wisptis.exe
(3d-io GmbH) C:\Program Files (x86)\3d-io plugins\licensing_v2\ActiveLockServerV2.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Microsoft Corporation) C:\Windows\System32\wisptis.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\egui.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Microsoft Corporation) C:\Windows\SysWOW64\regsvr32.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Sony Corporation) C:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe
(SoftEther VPN Project at University of Tsukuba, Japan.) C:\Program Files\SoftEther VPN Client\vpnclient_x64.exe
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgr.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Control Center\VESMgrSub.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(TuneUp Software) C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesApp64.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Google Inc.) C:\Users\Kzion\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Kzion\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Kzion\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Kzion\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Kzion\AppData\Local\Google\Chrome\Application\chrome.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Power Management\SPMService.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Smart Network\VSNService.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Smart Network\VSNClient.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCSystemTray.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCService.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCAgent.exe
(Microsoft Corporation) C:\Windows\System32\vds.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update Common\VUAgent.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Care\VCAdmin.exe
(Curse, Inc) C:\Users\Kzion\AppData\Roaming\Curse Client\Bin\Curse.exe
 
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11895400 2011-07-20] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2226280 2011-07-20] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2531624 2011-06-22] (Synaptics Incorporated)
HKLM\...\Run: [IntelPAN] => C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe [1935120 2011-06-01] (Intel® Corporation)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Smart Security\egui.exe [6330568 2013-03-04] (ESET)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2460488 2014-09-16] (NVIDIA Corporation)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [558496 2014-02-27] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [91520 2010-01-21] (Microsoft Corporation)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe [840592 2014-09-04] (Adobe Systems Inc.)
HKU\S-1-5-21-66031012-3778517164-1124876193-1000\...\Run: [Achlworks] => C:\Windows\SysWOW64\regsvr32.exe C:\Users\Kzion\AppData\Local\Updmedia\BthCommonEula.dll
HKU\S-1-5-21-66031012-3778517164-1124876193-1000\...\MountPoints2: D - D:\setup\setup.exe
HKU\S-1-5-21-66031012-3778517164-1124876193-1000\...\MountPoints2: F - F:\setup.exe
IFEO: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
IFEO\Acrobat.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
IFEO\acrodist.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
IFEO\AcroRd32.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
IFEO\adobe air application installer.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
IFEO\bttray.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
IFEO\consumer_cpl.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
IFEO\excel.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
IFEO\formdesigner.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
IFEO\groove.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
IFEO\hamachi-2-ui.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
IFEO\hd-apkhandler.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
IFEO\hd-runapp.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
IFEO\hd-startlauncher.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
IFEO\imfrmwrk.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
IFEO\infopath.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
IFEO\lcdsettings.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
IFEO\msaccess.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
IFEO\msoxmled.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
IFEO\mspub.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
IFEO\mstore.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
IFEO\nvstlink.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
IFEO\nvstview.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
IFEO\ois.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
IFEO\onenote.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
IFEO\outlook.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
IFEO\panui.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
IFEO\powerpnt.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
IFEO\prefutil.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
IFEO\professional_cpl.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
IFEO\sdmeter.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
IFEO\utility.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
IFEO\uwebcam.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
IFEO\vaio messenger.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
IFEO\vaioshell.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
IFEO\vipuimanager.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
IFEO\wacomdesktopcenter.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
IFEO\windvd.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
IFEO\Winword.exe: [Debugger] "C:\Program Files (x86)\TuneUp Utilities 2014\TUAutoReactivator64.exe"
SecurityProviders: credssp.dll, UkcablagVijs.dll
Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Best Buy pc app.lnk
ShortcutTarget: Best Buy pc app.lnk -> C:\ProgramData\Best Buy pc app\ClickOnceSetup.exe (Microsoft)
Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Best Buy pc app.lnk
ShortcutTarget: Best Buy pc app.lnk -> C:\ProgramData\Best Buy pc app\ClickOnceSetup.exe (Microsoft)
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
HKU\S-1-5-21-66031012-3778517164-1124876193-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://prodigy.msn.c...opt=0&ocid=iehp
HKU\S-1-5-21-66031012-3778517164-1124876193-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-US
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Symantec VIP Access Add-On -> {C63CD127-A1CB-4D49-A4F7-D6F88A917BE6} -> C:\Program Files (x86)\Symantec\VIP Access Client\64bit\VIPAddOnForIE64.dll (Symantec Corporation)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Adobe PDF Conversion Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Symantec VIP Access Add-On -> {C63CD127-A1CB-4D49-A4F7-D6F88A917BE6} -> C:\Program Files (x86)\Symantec\VIP Access Client\VIPAddOnForIE.dll (Symantec Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Microsoft Web Test Recorder 10.0 Helper -> {DDA57003-0068-4ed2-9D32-4D1EC707D94D} -> C:\Program Files (x86)\Microsoft Visual Studio 10.0\Common7\IDE\PrivateAssemblies\Microsoft.VisualStudio.QualityTools.RecorderBarBHO100.dll (Microsoft Corporation)
BHO-x32: SmartSelect Class -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
 
FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_239.dll ()
FF Plugin: @bestbuy.com/npBestBuyPcAppDetector,version=1.0 -> C:\ProgramData\Best Buy pc app\npBestBuyPcAppDetector.dll (Best Buy)
FF Plugin: @java.com/DTPlugin,version=10.60.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.60.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @wacom.com/wtPlugin,version=2.1.0.3 -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_239.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @bestbuy.com/npBestBuyPcAppDetector,version=1.0 -> C:\ProgramData\Best Buy pc app\npBestBuyPcAppDetector.dll (Best Buy)
FF Plugin-x32: @java.com/DTPlugin,version=10.71.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.71.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MIF5BA~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MIF5BA~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin-x32: @raidcall.en/RCplugin -> C:\Users\Kzion\AppData\Roaming\raidcall\plugins\nprcplugin.dll (Raidcall)
FF Plugin-x32: @SonyCreativeSoftware.com/Media Go,version=1.0 -> C:\Program Files (x86)\Sony\Media Go\npmediago.dll (Sony Network Entertainment International LLC)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @wacom.com/wacom-plugin,version=1.1.0.5 -> C:\Program Files (x86)\TabletPlugins\npwacom.dll (Wacom, Inc.)
FF Plugin-x32: @wacom.com/wtPlugin,version=2.1.0.3 -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll (Adobe Systems)
FF Plugin HKU\S-1-5-21-66031012-3778517164-1124876193-1000: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\Kzion\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF Plugin HKU\S-1-5-21-66031012-3778517164-1124876193-1000: @tools.google.com/Google Update;version=3 -> C:\Users\Kzion\AppData\Local\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKU\S-1-5-21-66031012-3778517164-1124876193-1000: @tools.google.com/Google Update;version=9 -> C:\Users\Kzion\AppData\Local\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKU\S-1-5-21-66031012-3778517164-1124876193-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Kzion\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-66031012-3778517164-1124876193-1000: wacom.com/WacomTabletPlugin -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} [2012-10-23]
FF HKLM\...\Thunderbird\Extensions: [[email protected]] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird
FF Extension: ESET Smart Security Extension - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird [2013-03-28]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Symantec\VIP Access Client
FF Extension: Symantec VIP Access Add-On - C:\Program Files (x86)\Symantec\VIP Access Client [2011-10-10]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: Adobe Acrobat - Create PDF - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn [2012-05-15]
FF HKLM-x32\...\Thunderbird\Extensions: [[email protected]] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird
 
Chrome: 
=======
CHR HomePage: Default -> 
CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}{google:searchVersion}{google:sessionToken}{google:prefetchQuery}sugkey={google:suggestAPIKeyParameter}
CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Users\Kzion\AppData\Local\Google\Chrome\Application\39.0.2171.71\ppGoogleNaClPluginChrome.dll No File
CHR Plugin: (Chrome PDF Viewer) - C:\Users\Kzion\AppData\Local\Google\Chrome\Application\39.0.2171.71\pdf.dll ()
CHR Plugin: (Shockwave Flash) - C:\Users\Kzion\AppData\Local\Google\Chrome\Application\39.0.2171.71\gcswf32.dll No File
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_265.dll No File
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Java Deployment Toolkit 6.0.260.3) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll No File
CHR Plugin: (Java™ Platform SE 6 U26) - C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll No File
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin6.dll No File
CHR Plugin: (QuickTime Plug-in 7.7.1) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin7.dll No File
CHR Plugin: (RealPlayer™ G2 LiveConnect-Enabled Plug-In (32-bit) ) - C:\Program Files (x86)\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll No File
CHR Plugin: (RealPlayer Version Plugin) - C:\Program Files (x86)\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll No File
CHR Plugin: (NVIDIA 3D Vision) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
CHR Plugin: (NVIDIA 3D VISION) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
CHR Plugin: (Media Go Detector) - C:\Program Files (x86)\Sony\Media Go\npmediago.dll (Sony Network Entertainment International LLC)
CHR Plugin: (Windows Live Photo Gallery) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (iTunes Application Detector) - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Plugin: (Best Buy pc app Detector) - C:\ProgramData\Best Buy pc app\npBestBuyPcAppDetector.dll (Best Buy)
CHR Plugin: (Google Update) - C:\Users\Kzion\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll No File
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\4.1.10111.0\npctrl.dll No File
CHR Profile: C:\Users\Kzion\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (I'm a Gentleman) - C:\Users\Kzion\AppData\Local\Google\Chrome\User Data\Default\Extensions\afjaicccalbbickikgdegaihmajaidpd [2012-09-15]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Kzion\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-05-22]
CHR Extension: (YouTube) - C:\Users\Kzion\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-07-18]
CHR Extension: (Adblock Plus) - C:\Users\Kzion\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2012-07-19]
CHR Extension: (Google Search) - C:\Users\Kzion\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-07-18]
CHR Extension: (PSO2 Extension) - C:\Users\Kzion\AppData\Local\Google\Chrome\User Data\Default\Extensions\febdkhimnahpmjpbidcofjdpjjggojhj [2014-10-12]
CHR Extension: (Google Wallet) - C:\Users\Kzion\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-21]
CHR Extension: (Gmail) - C:\Users\Kzion\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-07-18]
CHR StartMenuInternet: Google Chrome - C:\Users\Kzion\AppData\Local\Google\Chrome\Application\chrome.exe
 
==================== Services (Whitelisted) =================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 3d-io License Server v2.0; C:\Program Files (x86)\3d-io plugins\licensing_v2\ActiveLockServerV2.exe [34816 2011-03-31] (3d-io GmbH) [File not signed]
S4 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
S4 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [402192 2014-03-13] (BlueStack Systems, Inc.)
S4 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [385808 2014-03-13] (BlueStack Systems, Inc.)
S4 BstHdUpdaterSvc; C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe [770832 2014-03-13] (BlueStack Systems, Inc.)
S4 DMAgent; C:\Program Files\Intel\WiMAX\Bin\DMAgent.exe [498688 2011-06-14] (Red Bend Ltd.) [File not signed]
R2 ekrn; C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe [1341664 2013-03-04] (ESET)
S3 FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [651720 2013-08-29] (Macrovision Europe Ltd.) [File not signed]
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1148744 2014-09-16] (NVIDIA Corporation)
S2 KMService; C:\Windows\SysWOW64\srvany.exe [8192 2012-02-03] () [File not signed]
S4 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [377616 2014-04-15] (LogMeIn, Inc.)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2014-10-01] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [968504 2014-10-01] (Malwarebytes Corporation)
R2 MSSQL$SQLEXPRESS; C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [57617752 2009-03-30] (Microsoft Corporation)
S4 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [340240 2011-06-01] ()
S3 npggsvc; C:\Windows\SysWOW64\GameMon.des [3482368 2014-06-17] (INCA Internet Co., Ltd.)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1795912 2014-09-16] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [19439944 2014-09-16] (NVIDIA Corporation)
S4 Oasis2Service; C:\Program Files (x86)\DDNi\Oasis2Service\Oasis2Service.exe [61440 2013-07-02] (Digital Delivery Networks, Inc.) [File not signed]
S4 SampleCollector; C:\Program Files\Sony\VAIO Care\VCPerfService.exe [260768 2011-11-30] (Sony Corporation)
R2 SEVPNCLIENT; C:\Program Files\SoftEther VPN Client\vpnclient_x64.exe [4374072 2014-11-19] (SoftEther VPN Project at University of Tsukuba, Japan.)
S4 SQLAgent$SQLEXPRESS; C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [427880 2009-03-30] (Microsoft Corporation)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesService64.exe [2145080 2014-07-16] (TuneUp Software)
S4 UCManSvc; C:\Program Files (x86)\SoftDenchi\UCManSvc.exe [186512 2012-11-01] (Paltiosoft Inc.) [File not signed]
S3 VCFw; C:\Program Files (x86)\Common Files\Sony Shared\VAIO Content Folder Watcher\VCFw.exe [887000 2011-01-20] (Sony Corporation)
S4 VIPAppService; C:\Program Files (x86)\Symantec\VIP Access Client\VIPAppService.exe [84088 2011-04-13] (Symantec Corporation)
S4 WiMAXAppSrv; C:\Program Files\Intel\WiMAX\Bin\AppSrv.exe [986112 2011-06-14] (Intel® Corporation) [File not signed]
S4 WTabletServicePro; C:\Program Files\Tablet\Wacom\WTabletServicePro.exe [598808 2013-06-05] (Wacom Technology, Corp.)
 
==================== Drivers (Whitelisted) ====================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [121616 2014-03-13] (BlueStack Systems)
S3 CEDRIVER60; C:\Program Files (x86)\Cheat Engine 6.4\dbk64.sys [64064 2014-06-20] ()
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [254528 2014-05-03] (DT Soft Ltd)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [213416 2013-02-14] (ESET)
R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [150616 2013-01-10] (ESET)
R2 epfw; C:\Windows\System32\DRIVERS\epfw.sys [190232 2013-01-10] (ESET)
R1 EpfwLWF; C:\Windows\System32\DRIVERS\EpfwLWF.sys [59440 2013-01-10] (ESET)
R0 epfwwfp; C:\Windows\System32\DRIVERS\epfwwfp.sys [58416 2013-02-14] (ESET)
S3 hitmanpro37; C:\Windows\system32\drivers\hitmanpro37.sys [32512 2014-09-02] ()
S3 libusb0; C:\Windows\System32\drivers\libusb0.sys [52832 2012-01-17] (http://libusb-win32.sourceforge.net)
S3 libusb0; C:\Windows\SysWOW64\drivers\libusb0.sys [33792 2005-03-09] () [File not signed]
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-10-01] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [129752 2014-12-01] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-10-01] (Malwarebytes Corporation)
R3 Neo_VPN; C:\Windows\System32\DRIVERS\Neo_0087.sys [28768 2014-11-19] (SoftEther VPN Project at University of Tsukuba, Japan.)
S3 Netaapl; C:\Windows\System32\DRIVERS\netaapl64.sys [22528 2011-08-02] (Apple Inc.) [File not signed]
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19272 2014-09-16] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [38048 2014-09-04] (NVIDIA Corporation)
R2 risdsnpe; C:\Windows\system32\drivers\risdsnxc64.sys [98816 2011-06-23] (REDC)
S3 Serial; C:\Windows\system32\drivers\serial.sys [94208 2009-07-13] (Brother Industries Ltd.)
R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\TuneUp Utilities 2014\TuneUpUtilitiesDriver64.sys [14112 2014-05-27] (TuneUp Software)
S3 hxsyol; \??\C:\AeriaGames\AuraKingdom\avital\hxsy64.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
 
 
==================== One Month Created Files and Folders ========
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2014-12-01 21:50 - 2014-12-01 21:51 - 00032012 _____ () C:\Users\Kzion\Desktop\FRST.txt
2014-12-01 21:35 - 2014-12-01 21:35 - 00000000 ____D () C:\Users\Kzion\Desktop\FRST-OlderVersion
2014-11-27 19:14 - 2014-11-27 19:14 - 00000000 ____D () C:\Users\Kzion\AppData\Local\Idrrsoft
2014-11-26 17:41 - 2014-11-26 17:42 - 00056976 _____ () C:\Users\Kzion\Desktop\Additionold.txt
2014-11-26 17:40 - 2014-11-26 17:42 - 00051577 _____ () C:\Users\Kzion\Desktop\FRSTold.txt
2014-11-26 17:39 - 2014-12-01 21:50 - 00000000 ____D () C:\FRST
2014-11-26 17:39 - 2014-12-01 21:35 - 02117120 _____ (Farbar) C:\Users\Kzion\Desktop\FRST64.exe
2014-11-25 21:43 - 2011-07-19 22:20 - 00229939 _____ () C:\Users\Kzion\Desktop\2636_splinewrapsnaketrial.c4d
2014-11-25 18:48 - 2014-11-25 18:48 - 00029225 _____ () C:\Users\Kzion\Desktop\tubo obj.obj
2014-11-25 18:48 - 2014-11-25 18:48 - 00000097 _____ () C:\Users\Kzion\Desktop\tubo obj.mtl
2014-11-24 22:08 - 2001-07-04 15:43 - 00021614 _____ () C:\Users\Kzion\Desktop\followspline.c4d
2014-11-24 19:19 - 2014-11-25 19:15 - 00226918 _____ () C:\Users\Kzion\Desktop\GIL_PREVIEW.c4d
2014-11-24 18:21 - 2014-11-24 18:26 - 00030914 _____ () C:\Users\Kzion\Desktop\cilinder.obj
2014-11-24 18:21 - 2014-11-24 18:26 - 00000097 _____ () C:\Users\Kzion\Desktop\cilinder.mtl
2014-11-21 22:23 - 2014-11-21 23:10 - 00172920 _____ () C:\Users\Kzion\Desktop\OTL.Txt
2014-11-21 22:16 - 2014-11-21 22:16 - 00000180 _____ () C:\Users\Kzion\Desktop\iuam.txt
2014-11-21 21:46 - 2014-11-21 21:46 - 00101290 _____ () C:\Users\Kzion\Desktop\Extras.Txt
2014-11-21 21:36 - 2014-11-21 21:37 - 00000000 ____D () C:\ProgramData\MFAData
2014-11-21 21:36 - 2014-11-21 21:36 - 00000000 ____D () C:\Users\Kzion\AppData\Local\MFAData
2014-11-21 21:36 - 2014-11-21 21:36 - 00000000 ____D () C:\Users\Kzion\AppData\Local\Avg2015
2014-11-21 21:14 - 2014-12-01 21:40 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-11-21 21:14 - 2014-11-21 21:14 - 00602112 _____ (OldTimer Tools) C:\Users\Kzion\Desktop\OTL.exe
2014-11-21 21:14 - 2014-11-21 21:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-11-21 21:14 - 2014-11-21 21:14 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-11-21 21:14 - 2014-11-21 21:14 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-11-21 21:14 - 2014-10-01 11:11 - 00093400 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-11-21 21:14 - 2014-10-01 11:11 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-11-21 21:14 - 2014-10-01 11:11 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-11-21 21:07 - 2014-11-21 22:53 - 00002758 _____ () C:\Windows\PFRO.log
2014-11-21 21:01 - 2014-11-21 21:06 - 00000000 ____D () C:\AdwCleaner
2014-11-21 21:00 - 2014-11-21 21:00 - 02140160 _____ () C:\Users\Kzion\Desktop\adwcleaner_4.101.exe
2014-11-21 20:14 - 2014-12-01 21:47 - 00004648 _____ () C:\Windows\setupact.log
2014-11-21 20:14 - 2014-11-21 20:14 - 00000000 _____ () C:\Windows\setuperr.log
2014-11-21 20:13 - 2014-11-21 20:17 - 05301144 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-11-21 17:06 - 2014-11-21 17:06 - 00224152 _____ () C:\Users\Kzion\AppData\Local\GDIPFONTCACHEV1.DAT
2014-11-21 16:01 - 2014-11-21 16:01 - 00001222 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe After Effects CC 2014.lnk
2014-11-21 14:53 - 2014-11-28 18:05 - 00000000 ____D () C:\Users\Kzion\AppData\Local\Updmedia
2014-11-21 14:47 - 2014-11-21 14:47 - 00000761 _____ () C:\Windows\system32\Drivers\etc\hosts.txt
2014-11-21 14:35 - 2014-11-12 14:46 - 00615624 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2014-11-21 14:32 - 2014-11-12 18:20 - 31893136 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2014-11-21 14:32 - 2014-11-12 18:20 - 24557712 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2014-11-21 14:32 - 2014-11-12 18:20 - 20922512 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2014-11-21 14:32 - 2014-11-12 18:20 - 18514616 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2014-11-21 14:32 - 2014-11-12 18:20 - 17259664 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2014-11-21 14:32 - 2014-11-12 18:20 - 14032984 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2014-11-21 14:32 - 2014-11-12 18:20 - 13944952 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2014-11-21 14:32 - 2014-11-12 18:20 - 13213512 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2014-11-21 14:32 - 2014-11-12 18:20 - 11397744 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2014-11-21 14:32 - 2014-11-12 18:20 - 11336432 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2014-11-21 14:32 - 2014-11-12 18:20 - 04292416 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2014-11-21 14:32 - 2014-11-12 18:20 - 04011208 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2014-11-21 14:32 - 2014-11-12 18:20 - 01876296 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6434475.dll
2014-11-21 14:32 - 2014-11-12 18:20 - 01540424 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6434475.dll
2014-11-21 14:32 - 2014-11-12 18:20 - 00964928 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2014-11-21 14:32 - 2014-11-12 18:20 - 00935240 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2014-11-21 14:32 - 2014-11-12 18:20 - 00923792 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2014-11-21 14:32 - 2014-11-12 18:20 - 00900928 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2014-11-19 13:48 - 2014-11-19 13:48 - 00028768 _____ (SoftEther VPN Project at University of Tsukuba, Japan.) C:\Windows\system32\Drivers\Neo_0087.sys
2014-11-19 13:42 - 2014-11-19 13:42 - 00135736 _____ (SoftEther VPN Project at University of Tsukuba, Japan.) C:\Windows\system32\vpncmd.exe
2014-11-19 13:42 - 2014-11-19 13:42 - 00001939 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\SoftEther VPN Client Manager.lnk
2014-11-19 13:42 - 2014-11-19 13:42 - 00001933 _____ () C:\Users\Public\Desktop\SoftEther VPN Client Manager.lnk
2014-11-19 13:42 - 2014-11-19 13:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SoftEther VPN Client
2014-11-19 13:41 - 2014-12-01 21:40 - 00000000 ____D () C:\Program Files\SoftEther VPN Client
2014-11-13 17:51 - 2014-11-13 19:45 - 00051487 _____ () C:\Users\Kzion\Desktop\Copy of TPNSC Enterprise SURVEY format for candidates (2) Armin Garcia.xlsx
2014-11-13 17:51 - 2014-11-13 19:44 - 00085738 _____ () C:\Users\Kzion\Desktop\Copy of TPNSC Enterprise RESUME format for candidates Armin Garcia.xlsx
2014-11-13 12:34 - 2014-11-19 02:47 - 00003696 _____ () C:\Windows\System32\Tasks\Adobe online update program
2014-11-12 15:55 - 2014-11-27 20:55 - 00000000 ____D () C:\Users\Kzion\Desktop\pso2 hack Open Beta Package 2.0.3
2014-11-11 14:31 - 2014-11-03 18:04 - 01876296 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6434465.dll
2014-11-11 14:31 - 2014-11-03 18:04 - 01539272 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6434465.dll
2014-11-11 11:51 - 2014-11-11 11:53 - 16774401 _____ () C:\Users\Kzion\Desktop\lulustaffps2.psd
2014-11-06 10:52 - 2014-10-29 22:53 - 01876296 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6434460.dll
2014-11-06 10:52 - 2014-10-29 22:53 - 01539272 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6434460.dll
2014-11-05 16:09 - 2014-11-19 12:04 - 00031582 _____ () C:\Users\Kzion\Desktop\LanguagePack.rar
2014-11-05 16:09 - 2013-12-02 15:53 - 00000000 ____D () C:\Users\Kzion\Desktop\ru
2014-11-05 16:09 - 2013-12-02 15:53 - 00000000 ____D () C:\Users\Kzion\Desktop\fr
2014-11-05 16:09 - 2013-12-02 15:53 - 00000000 ____D () C:\Users\Kzion\Desktop\de
2014-11-03 15:57 - 2014-11-03 15:57 - 00002026 _____ () C:\Users\Public\Desktop\Adobe Acrobat X Pro.lnk
2014-11-03 15:47 - 2014-11-03 15:47 - 05477814 _____ () C:\Users\Kzion\Desktop\Montanya Azul Fir Lights Tree2.bmp
2014-11-03 15:22 - 2014-11-03 15:22 - 06912054 _____ () C:\Users\Kzion\Desktop\Montanya Azul Fir Lights Tree.bmp
2014-11-03 15:21 - 2014-11-03 15:21 - 01080054 _____ () C:\Users\Kzion\Desktop\icebergs blue.bmp
2014-11-03 15:21 - 2014-11-03 15:21 - 00044054 _____ () C:\Users\Kzion\Desktop\fridge.jpeg
2014-11-03 15:08 - 2014-11-03 15:08 - 00087520 _____ () C:\Users\Kzion\Desktop\poro_lol.jpeg
2014-11-03 14:07 - 2014-11-03 14:04 - 137980590 _____ () C:\Users\Kzion\Desktop\Jake3.rar
2014-11-02 16:04 - 2014-11-02 16:04 - 01435281 _____ () C:\Users\Kzion\Desktop\Untitled-1.psd
 
==================== One Month Modified Files and Folders =======
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2014-12-01 21:46 - 2009-07-13 22:45 - 00020928 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-12-01 21:46 - 2009-07-13 22:45 - 00020928 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-12-01 21:43 - 2014-07-21 19:24 - 00000000 ____D () C:\Users\Kzion\Desktop\goblin
2014-12-01 21:39 - 2009-07-13 23:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-12-01 21:38 - 2011-11-15 12:30 - 01972288 _____ () C:\Windows\WindowsUpdate.log
2014-12-01 21:36 - 2014-06-25 17:08 - 00000000 ____D () C:\Program Files (x86)\TuneUp Utilities 2014
2014-12-01 02:16 - 2014-02-12 22:37 - 00000908 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-66031012-3778517164-1124876193-1000UA1cf28755582ffc3.job
2014-12-01 02:00 - 2012-01-22 22:24 - 00000000 ____D () C:\Users\Kzion\AppData\Local\Adobe
2014-12-01 01:24 - 2012-03-30 10:29 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-11-30 15:40 - 2014-10-12 00:32 - 05434859 _____ () C:\Users\Kzion\Desktop\ENPatch.rar
2014-11-30 13:16 - 2013-07-04 14:44 - 00000856 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-66031012-3778517164-1124876193-1000Core1ce78f73cc06761.job
2014-11-28 18:46 - 2012-01-27 19:47 - 00000000 ____D () C:\Users\Kzion\AppData\Roaming\Skype
2014-11-27 21:38 - 2014-10-13 14:40 - 00000000 ____D () C:\Users\Kzion\Desktop\ipas
2014-11-27 21:36 - 2013-03-13 01:12 - 00000000 ____D () C:\Users\Kzion\AppData\Roaming\iFunbox_UserCache
2014-11-25 20:24 - 2012-03-30 10:29 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-11-25 20:24 - 2012-03-30 10:29 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-11-25 20:24 - 2011-10-10 22:53 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-11-23 13:16 - 2014-10-10 19:16 - 02704896 _____ (Arks-Layer) C:\Users\Kzion\Desktop\PSO2 Tweaker.exe
2014-11-21 23:20 - 2012-01-21 17:31 - 00000000 ____D () C:\Windows\System32\Tasks\Games
2014-11-21 22:17 - 2012-01-30 22:20 - 00000000 ____D () C:\Users\Kzion\AppData\Roaming\Azureus
2014-11-21 22:17 - 2012-01-30 22:17 - 00000000 ____D () C:\Program Files (x86)\Vuze
2014-11-21 20:45 - 2012-01-21 17:05 - 00000000 ____D () C:\Users\Kzion
2014-11-21 20:44 - 2009-07-13 20:34 - 26214400 _____ () C:\Windows\system32\config\SYSTEM_tureg_old
2014-11-21 20:44 - 2009-07-13 20:34 - 111149056 _____ () C:\Windows\system32\config\SOFTWARE_tureg_old
2014-11-21 20:44 - 2009-07-13 20:34 - 00262144 _____ () C:\Windows\system32\config\SECURITY_tureg_old
2014-11-21 20:40 - 2009-07-13 20:34 - 44040192 _____ () C:\Windows\system32\config\COMPONENTS_tureg_old
2014-11-21 20:40 - 2009-07-13 20:34 - 04456448 _____ () C:\Windows\system32\config\DEFAULT_tureg_old
2014-11-21 20:40 - 2009-07-13 20:34 - 00262144 _____ () C:\Windows\system32\config\SAM_tureg_old
2014-11-21 16:04 - 2012-01-22 17:27 - 00000000 ____D () C:\Users\Kzion\AppData\Roaming\Adobe
2014-11-21 16:03 - 2013-09-24 09:58 - 00000000 ____D () C:\Users\Kzion\AppData\Roaming\NVIDIA
2014-11-21 16:01 - 2012-05-15 19:56 - 00000000 ____D () C:\ProgramData\regid.1986-12.com.adobe
2014-11-21 15:54 - 2012-05-15 17:54 - 00000000 ____D () C:\Program Files\Common Files\Adobe
2014-11-21 15:53 - 2014-09-01 13:10 - 00000000 ____D () C:\ProgramData\Package Cache
2014-11-21 15:46 - 2012-05-15 17:54 - 00000000 ____D () C:\Program Files\Adobe
2014-11-21 15:44 - 2014-09-06 01:08 - 00001530 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Application Manager.lnk
2014-11-21 15:44 - 2014-09-06 01:08 - 00001518 _____ () C:\Users\Public\Desktop\Adobe Application Manager.lnk
2014-11-21 14:35 - 2011-10-10 22:08 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-11-21 14:35 - 2011-10-10 22:08 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2014-11-21 14:34 - 2009-07-13 23:13 - 00876686 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-11-20 17:45 - 2014-10-12 00:34 - 83603140 _____ () C:\Users\Kzion\Desktop\LargeFiles.rar
2014-11-19 13:41 - 2014-10-10 23:23 - 00000000 ____D () C:\PHANTASYSTARONLINE2
2014-11-19 02:42 - 2012-10-06 11:02 - 00000000 ____D () C:\Windows\Minidump
2014-11-19 02:42 - 2012-01-22 21:01 - 00000000 ____D () C:\Users\Kzion\AppData\Local\CrashDumps
2014-11-19 02:41 - 2014-09-07 17:59 - 00000000 ____D () C:\Users\Kzion\Desktop\Saint Seiya
2014-11-19 02:37 - 2012-10-11 10:25 - 00000000 ____D () C:\Users\Kzion\Documents\PCSX2
2014-11-19 02:28 - 2011-10-10 23:49 - 00000000 ____D () C:\Program Files (x86)\Windows Live
2014-11-13 19:50 - 2014-05-18 05:05 - 08316928 ___SH () C:\Users\Kzion\Desktop\Thumbs.db
2014-11-13 17:55 - 2012-01-21 17:07 - 00000000 ____D () C:\Users\Kzion\AppData\Local\Deployment
2014-11-13 13:11 - 2014-02-12 22:37 - 00003882 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-66031012-3778517164-1124876193-1000UA1cf28755582ffc3
2014-11-13 13:11 - 2013-07-04 14:44 - 00003486 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-66031012-3778517164-1124876193-1000Core1ce78f73cc06761
2014-11-12 18:20 - 2014-03-22 00:08 - 16884632 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2014-11-12 18:20 - 2014-03-22 00:08 - 00027094 _____ () C:\Windows\system32\nvinfo.pb
2014-11-12 18:20 - 2011-10-10 22:07 - 20986592 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2014-11-12 18:20 - 2011-10-10 22:07 - 19966344 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2014-11-12 18:20 - 2011-10-10 22:07 - 03262784 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2014-11-12 18:20 - 2011-10-10 22:07 - 02874456 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2014-11-12 15:56 - 2011-06-16 23:49 - 06897352 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2014-11-12 15:56 - 2011-06-16 23:49 - 03534152 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2014-11-12 15:56 - 2011-06-16 23:49 - 02559808 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2014-11-12 15:56 - 2011-06-16 23:49 - 00934032 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2014-11-12 15:56 - 2011-06-16 23:49 - 00386368 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2014-11-12 15:56 - 2011-06-16 23:49 - 00062608 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2014-11-11 11:53 - 2012-06-09 16:15 - 00000132 _____ () C:\Users\Kzion\AppData\Roaming\Adobe PNG Format CS5 Prefs
2014-11-11 04:29 - 2014-06-14 23:31 - 04100776 _____ () C:\Windows\system32\nvcoproc.bin
2014-11-06 13:23 - 2012-01-22 17:32 - 00000000 ____D () C:\Users\Kzion\Desktop\Twilight Endogenesis
2014-11-03 15:57 - 2012-05-15 17:59 - 00002465 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat Distiller X.lnk
2014-11-03 15:57 - 2012-05-15 17:59 - 00002453 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat X Pro.lnk
2014-11-03 15:57 - 2012-05-15 17:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe LiveCycle ES2
2014-11-03 15:52 - 2012-11-19 22:49 - 00000000 ____D () C:\ProgramData\Microsoft Help
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2014-11-25 20:08
 
==================== End Of Log ============================

  • 0

#10
kzion
Posted 01 December 2014 - 09:55 PM

kzion

    Member

  • Topic Starter
  • Member
  • PipPip
  • 14 posts

I dont know if you want a new Addition.txt, but here is anyways.
 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 01-12-2014
Ran by Kzion at 2014-12-01 21:51:39
Running from C:\Users\Kzion\Desktop
Boot Mode: Normal
==========================================================
 
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: ESET Smart Security 6.0 (Enabled - Up to date) {77DEAFED-8149-104B-25A1-21771CA47CD1}
AS: ESET Smart Security 6.0 (Enabled - Up to date) {CCBF4E09-A773-1FC5-1F11-1A056723366C}
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Firewall personal de ESET (Enabled) {4FE52EC8-CB26-1113-0EFE-8842E2773BAA}
 
==================== Installed Programs ======================
 
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
7-Zip 9.20 (HKLM-x32\...\7-Zip) (Version:  - )
ACID Music Studio 8.0 (x32 Version: 8.0.178 - Sony) Hidden
Adobe Acrobat X Pro - English, Français, Deutsch (HKLM-x32\...\{AC76BA86-1033-F400-7760-000000000005}) (Version: 10.1.12 - Adobe Systems)
Adobe After Effects CC 2014 (HKLM-x32\...\{2B22C750-5C3B-4738-B621-BA786AC7A494}) (Version: 13.0.1 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 2.5.1.17730 - Adobe Systems Inc.)
Adobe Community Help (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.4.980 - Adobe Systems Incorporated.)
Adobe Creative Suite 5.5 Master Collection (HKLM-x32\...\{D57FC112-312E-4D70-860F-2DB8FB6858F0}) (Version: 5.5 - Adobe Systems Incorporated)
Adobe Flash Player 15 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 15.0.0.239 - Adobe Systems Incorporated)
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.239 - Adobe Systems Incorporated)
Adobe Reader X (10.1.12) MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.1.12 - Adobe Systems Incorporated)
Adobe Story (HKLM-x32\...\com.adobe.AdobeStory.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.0.571 - Adobe Systems Incorporated)
AdvancedSkeleton (HKLM-x32\...\AdvancedSkeleton) (Version: 3.700 - AnimationStudios)
Akamai NetSession Interface (HKU\S-1-5-21-66031012-3778517164-1124876193-1000\...\Akamai) (Version:  - Akamai Technologies, Inc)
Apple Application Support (HKLM-x32\...\{78002155-F025-4070-85B3-7C0453561701}) (Version: 3.0.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{6AF2AC2A-3532-43FD-9F4D-BDC9C0D724C7}) (Version: 7.1.2.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Application Manager for VAIO (HKLM-x32\...\Application Manager for VAIO) (Version:  - )
ArcSoft WebCam Companion 4 (HKLM-x32\...\{B77DE05C-7C84-4011-B93F-A29D0D2840F4}) (Version: 4.0.21.485 - ArcSoft)
Autodesk Backburner 2013.0.0 (HKLM-x32\...\{3D347E6D-5A03-4342-B5BA-6A771885F379}) (Version: 2013.0.0 - Autodesk, Inc.)
Autodesk DirectConnect 2013 64-bit (HKLM\...\Autodesk DirectConnect 2013 64-bit) (Version: 7.0.28.0 - Autodesk)
Autodesk DirectConnect 2013 64-bit (Version: 7.0.28.0 - Autodesk) Hidden
Autodesk FBX Plug-in 2013.1 - Maya 2013 64-bit (HKLM\...\Autodesk FBX Plug-in 2013.1 - Maya 2013 64-bit) (Version:  - Autodesk)
Autodesk MatchMover 2013 64-bit (HKLM\...\{5B77A046-DAD6-4F19-A8B9-4E5B3EAD2C24}) (Version: 14.00.0000 - Autodesk)
Autodesk Maya 2013 64-bit (HKLM\...\Autodesk Maya 2013 64-bit) (Version: 15.0.0.0 - Autodesk)
Autodesk Maya 2013 64-bit (Version: 15.0.0.0 - Autodesk) Hidden
Bamboo (HKLM\...\Pen Tablet Driver) (Version: 5.2.4-6 - Wacom Technology Corp.)
Best Buy pc app (Version: 3.2.0.0 - Best Buy) Hidden
Best Buy pc app (x32 Version: 3.2.0.0 - Best Buy) Hidden
BlueStacks App Player (HKLM-x32\...\BlueStacks App Player) (Version: 0.8.7.3069 - BlueStack Systems, Inc.)
BlueStacks Notification Center (HKLM-x32\...\{FE5ABB0E-EDEA-4023-B0FB-9DEA39A98D76}) (Version: 0.8.7.3069 - BlueStack Systems, Inc.)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Boob Wars: Big Breasts vs Flat Chests (HKLM-x32\...\BoobWars) (Version: English 1.0 - Mangagamer)
Broadcom InConcert Maestro (HKLM\...\{57DD35E9-D9BB-4089-BB05-EF933C586CB3}) (Version: 1.0.1.2300 - Broadcom Corporation)
Camtasia Studio 7 (HKLM-x32\...\{49471DB8-7F3C-42DB-89C2-AC50FA0C5290}) (Version: 7.1.0 - TechSmith Corporation)
CDisplay 1.8 (HKLM-x32\...\CDisplay_is1) (Version:  - dvd8n)
Cheat Engine 6.4 (HKLM-x32\...\Cheat Engine 6.4_is1) (Version:  - Cheat Engine)
Child of Light (HKLM-x32\...\Q2hpbGRvZkxpZ2h0_is1) (Version: 1 - )
CINEMA 4D 15.064 (HKLM\...\MAXON12664043) (Version: 15.064 - MAXON Computer GmbH)
Composite 2013 64-bit (HKLM\...\{2F808931-D235-4FC7-90CD-F8A890C97B2F}) (Version: 8.0.0 - Autodesk)
Contrôle ActiveX Windows Live Mesh pour connexions à distance (HKLM-x32\...\{55D003F4-9599-44BF-BA9E-95D060730DD3}) (Version: 15.4.5722.2 - Microsoft Corporation)
Corel WinDVD (HKLM-x32\...\{5C1F18D2-F6B7-4242-B803-B5A78648185D}) (Version: 10.0.6.108 - Corel Inc.)
Crystal Reports for Visual Studio (x32 Version: 12.51.0.240 - SAP) Hidden
Curse (HKLM-x32\...\{DEE70742-F4E9-44CA-B2B9-EE95DCF37295}) (Version: 6.0.0.0 - Curse)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Dolby Home Theater v4 (HKLM-x32\...\{B26438B4-BF51-49C3-9567-7F14A5E40CB9}) (Version: 7.2.7000.6 - Dolby Laboratories Inc)
Dotfuscator Software Services - Community Edition (HKLM-x32\...\{41B31ABE-5A6E-498A-8F28-3BA3B8779A41}) (Version: 5.0.2300.0 - PreEmptive Solutions)
Effects Suite 64-bit (HKLM-x32\...\InstallShield_{A9462025-681A-44C7-9F6F-70C96320F4C2}) (Version: 11.0.0 - Red Giant Software)
Effects Suite 64-bit (Version: 11.0.0 - Red Giant Software) Hidden
ESET Smart Security (HKLM\...\{3514BAF5-F886-4244-82BD-93FDBA7EEFF6}) (Version: 6.0.314.2 - ESET, spol s r. o.)
Evernote v. 4.4 (HKLM-x32\...\{F761359C-9CED-45AE-9A51-9D6605CD55C4}) (Version: 4.4.0.4848 - Evernote Corp.)
Facebook Video Calling 2.0.0.447 (HKLM-x32\...\{8DF41A9F-FE13-43E8-A003-5F9B55A011EE}) (Version: 2.0.447 - Skype Limited)
Fate/hollow ataraxia (HKLM-x32\...\{99B8F648-71F4-43E6-8AF0-78941E7707BB}) (Version: 1.00 - TYPE-MOON)
Galerie de photos Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Google Chrome (HKU\S-1-5-21-66031012-3778517164-1124876193-1000\...\Google Chrome) (Version: 39.0.2171.71 - Google Inc.)
GraphicsGale FreeEdition version 1.93.21 (HKLM-x32\...\GraphicsGale FreeEdition_is1) (Version:  - HUMANBALANCE Co.,Ltd.)
iExplorer 2.2.1.3 (HKLM-x32\...\{7FD8B0C1-CDDA-4B4D-A577-B2E3570EA3A3}_is1) (Version:  - Macroplant, LLC)
iFunbox (v2.8.2414.748), iFunbox DevTeam (HKLM-x32\...\iFunbox_is1) (Version: v2.8.2414.748 - )
ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.8.0 - LIGHTNING UK!)
Intel PROSet Wireless (x32 Version:  - ) Hidden
Intel® Identity Protection Technology 1.1.2.0 (HKLM-x32\...\{C01A86F5-56E7-101F-9BC9-E3F1025EB779}) (Version: 1.1.2.0 - Intel Corporation)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel® PROSet/Wireless WiFi Software (HKLM\...\{3C41721F-AF0F-4086-AA1C-4C7F29076228}) (Version: 14.01.1000 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.1.2.1004 - Intel Corporation)
Intel® PROSet/Wireless WiMAX Software (HKLM\...\{5C1DA3D9-F590-4317-A4FB-274F658E504B}) (Version: 6.05.0000 - Intel Corporation)
iTunes (HKLM\...\{77DE5105-D05E-448C-96CB-7FA381903753}) (Version: 11.3.1.2 - Apple Inc.)
Java 7 Update 60 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F06417060FF}) (Version: 7.0.600 - Oracle)
Java 7 Update 71 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217071FF}) (Version: 7.0.710 - Oracle)
Java™ 6 Update 22 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216022F0}) (Version: 6.0.220 - Oracle)
Java™ 6 Update 26 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86416026FF}) (Version: 6.0.260 - Oracle)
JDownloader 0.9 (HKLM-x32\...\5513-1208-7298-9440) (Version: 0.9 - AppWork GmbH)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Keyboard Shortcuts (x32 Version: 1.0.7.07110 - Sony Corporation) Hidden
K-Lite Mega Codec Pack 10.6.5 (HKLM-x32\...\KLiteCodecPack_is1) (Version: 10.6.5 - )
League of Legends (HKLM-x32\...\League of Legends 3.0.0) (Version: 3.0.0 - Riot Games)
League of Legends (x32 Version: 3.0.0 - Riot Games) Hidden
LibUSB-Win32-1.2.6.0 (HKLM\...\LibUSB-Win32_is1) (Version: 1.2.6.0 - LibUSB-Win32)
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.214 - LogMeIn, Inc.)
LogMeIn Hamachi (x32 Version: 2.2.0.214 - LogMeIn, Inc.) Hidden
Malwarebytes Anti-Malware version 2.0.3.1025 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.3.1025 - Malwarebytes Corporation)
Maya 2011 Bonus Tools (64-bit) (HKLM\...\{54F2BC30-2EA0-4B64-A200-7FCE8A580401}) (Version: 2011.00.0000 - Autodesk)
Media Gallery (Version: 1.5.0.17250 - Your Company Name) Hidden
Media Go (x32 Version: 1.7.254 - Sony) Hidden
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Multi-Targeting Pack (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft ASP.NET MVC 2 - Visual Studio 2010 Tools (HKLM-x32\...\{40416836-56CC-4C0E-A6AF-5C34BADCE483}) (Version: 2.0.50217.0 - Microsoft Corporation)
Microsoft ASP.NET MVC 2 (HKLM-x32\...\{1803A630-3C38-4D2B-9B9A-0CB37243539C}) (Version: 2.0.50217.0 - Microsoft Corporation)
Microsoft Help Viewer 1.0 (HKLM\...\Microsoft Help Viewer 1.0) (Version: 1.0.30319 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.4734.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Silverlight 3 SDK (HKLM-x32\...\{2012098D-EEE9-4769-8DD3-B038050854D4}) (Version: 3.0.40818.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server 2008 (64-bit) (HKLM\...\Microsoft SQL Server 10 Release) (Version:  - Microsoft Corporation)
Microsoft SQL Server 2008 Browser (HKLM-x32\...\{C688457E-03FD-4941-923B-A27F4D42A7DD}) (Version: 10.1.2531.0 - Microsoft Corporation)
Microsoft SQL Server 2008 Native Client (HKLM\...\{BBDE8A3D-64A2-43A6-95F3-C27B87DF7AC1}) (Version: 10.1.2531.0 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Data-Tier Application Framework (HKLM-x32\...\{0DDCEC37-369C-484B-B16D-B4413FD42FB9}) (Version: 10.50.1447.4 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Data-Tier Application Project (HKLM-x32\...\{E5AE9031-79A5-4627-9641-BEFA82819B08}) (Version: 10.50.1447.4 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Management Objects (HKLM-x32\...\{4E968D9C-21A7-4915-B698-F7AEB913541D}) (Version: 10.50.1447.4 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Management Objects (x64) (HKLM\...\{DA67488A-2689-4F10-B90F-D2F6977509D6}) (Version: 10.50.1447.4 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Transact-SQL Language Service (HKLM-x32\...\{78C3657E-742C-40B1-9F53-E5A921D40F17}) (Version: 10.50.1447.4 - Microsoft Corporation)
Microsoft SQL Server 2008 Setup Support Files  (HKLM\...\{B40EE88B-400A-4266-A17B-E3DE64E94431}) (Version: 10.1.2731.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 ENU (HKLM-x32\...\{3A9FC03D-C685-4831-94CF-4EDFD3749497}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 x64 ENU (HKLM\...\{D4AD39AD-091E-4D33-BB2B-59F6FCB8ADC3}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Database Publishing Wizard 1.4 (HKLM-x32\...\{ACE28263-76A4-4BF5-B6F4-8BD719595969}) (Version: 10.1.2512.8 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (HKLM-x32\...\{2A2F3AE8-246A-4252-BB26-1BEB45627074}) (Version: 10.50.1447.4 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (x64) (HKLM\...\{4A8CE6D7-4D52-43B9-970B-03FC75FAD667}) (Version: 10.50.1447.4 - Microsoft Corporation)
Microsoft SQL Server VSS Writer (HKLM\...\{0826F9E4-787E-481D-83E0-BC6A57B056D5}) (Version: 10.1.2531.0 - Microsoft Corporation)
Microsoft Sync Framework Runtime v1.0 SP1 (x64) (HKLM\...\{8438EC02-B8A9-462D-AC72-1B521349C001}) (Version: 1.0.3010.0 - Microsoft Corporation)
Microsoft Sync Framework SDK v1.0 SP1 (HKLM-x32\...\{0E3DFC64-CC49-4BE2-8C9C-58EF129675DB}) (Version: 1.0.3010.0 - Microsoft Corporation)
Microsoft Sync Framework Services v1.0 SP1 (x64) (HKLM\...\{034106B5-54B7-467F-B477-5B7DBB492624}) (Version: 1.0.3010.0 - Microsoft Corporation)
Microsoft Sync Services for ADO.NET v2.0 SP1 (x64) (HKLM\...\{1D1CEEF8-3741-45BD-8E77-963E1DEBDDD3}) (Version: 2.0.3010.0 - Microsoft Corporation)
Microsoft Team Foundation Server 2010 Object Model - ENU (HKLM\...\Microsoft Team Foundation Server 2010 Object Model - ENU) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Designtime - 10.0.30319 (HKLM\...\{F5079164-1DB9-3BDA-853B-F78AF67CE071}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Runtime - 10.0.30319 (HKLM\...\{94D70749-4281-39AC-AD90-B56A0E0A402E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Runtime - 10.0.30319 (HKLM-x32\...\{6A86554B-8928-30E4-A53C-D7337689134D}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual F# 2.0 Runtime (HKLM-x32\...\{729A3000-BC8A-3B74-BA5D-5068FE12D70C}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools (HKLM-x32\...\{14DD7530-CCD2-3798-B37D-3839ED6A441C}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual Studio 2010 IntelliTrace Collection (x64) (HKLM\...\{88BAE373-00F4-3E33-828F-96E89E5E0CB9}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual Studio 2010 Ultimate - ENU (HKLM-x32\...\Microsoft Visual Studio 2010 Ultimate - ENU) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual Studio Macro Tools (HKLM-x32\...\Microsoft Visual Studio Macro Tools) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
MotioninJoy Gamepad tool 0.7.0000 (HKLM\...\{330DAC67-5B62-452A-A0E4-6B4A5923940F}_is1) (Version: 0.7.0000 - www.motioninjoy.com)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB973685) (HKLM-x32\...\{859DFA95-E4A6-48CD-B88E-A3E483E89B44}) (Version: 4.30.2107.0 - Microsoft Corporation)
NVIDIA 3D Vision Driver 344.75 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 344.75 - NVIDIA Corporation)
NVIDIA 3D Vision Video Player (HKLM-x32\...\{123F0CCE-21AA-401D-A335-3EDF9C13AA52}) (Version: 1.6.9 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.1.2 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1.2 - NVIDIA Corporation)
NVIDIA Graphics Driver 344.75 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 344.75 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.32.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.32.1 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.14.0702 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.14.0702 - NVIDIA Corporation)
Oasis2Service (HKLM-x32\...\{E50FC5DB-7CBD-407D-A46E-0C13E45BC386}) (Version: 1.0.4 - DDNi)
OOBE (x32 Version: 11.3.1.7 - Sony Corporation) Hidden
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
PACAPLUS (HKU\S-1-5-21-66031012-3778517164-1124876193-1000\...\2607aec6904c6c40) (Version: 5.0.2.18 - PacoProject)
PCSX2 - Playstation 2 Emulator (HKLM-x32\...\pcsx2-r5350) (Version:  - )
PDF Settings CS5 (x32 Version: 10.0 - Adobe Systems Incorporated) Hidden
Phantasy Star Online 2: EPISODE 3 (HKLM-x32\...\{38CA1868-3A03-4B5D-93A1-FD6F61D6723A}_is1) (Version:  - SEGA)
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
PlayStation®Network Downloader (x32 Version: 2.05.00710 - Sony Computer Entertainment Inc.) Hidden
PlayStation®Store (x32 Version: 4.1.8.11883 - Sony Computer Entertainment Inc.) Hidden
PMB (x32 Version: 5.6.01.03300 - Sony Corporation) Hidden
PMB VAIO Edition Plug-in (Version: 1.5.10.05300 - Sony Corporation) Hidden
PMB VAIO Edition Plug-in (x32 Version: 1.6.00.06010 - Sony Corporation) Hidden
PowerISO (HKLM-x32\...\PowerISO) (Version:  - )
Quick Web Access (x32 Version: 1.4.6.10 - Sony Corporation) Hidden
QuickTime 7 (HKLM-x32\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)
RaidCall (HKLM-x32\...\RaidCall) (Version: 7.3.4-1.0.12786.82 - raidcall.com)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6400 - Realtek Semiconductor Corp.)
Remote Keyboard (x32 Version: 1.1.1.07060 - Sony Corporation) Hidden
Remote Play with PlayStation 3 (x32 Version: 1.1.0.15072 - Sony Corporation) Hidden
Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.0.32.0 - Renesas Electronics Corporation)
Renesas Electronics USB 3.0 Host Controller Driver (x32 Version: 2.0.32.0 - Renesas Electronics Corporation) Hidden
RGSS-RTP Standard (HKLM-x32\...\RGSS-RTP Standard_is1) (Version: 1.04 - Enterbrain)
sdrt(5.0, 64bit) (HKLM\...\{63A3DBCF-FB40-4398-9AE5-94EE6206CE12}) (Version: 5.0.3.0 - Paltiosoft Inc.)
Service Pack 1 for SQL Server 2008 (KB968369) (64-bit) (HKLM\...\KB968369) (Version: 10.1.2531.0 - Microsoft Corporation)
SHIELD Streaming (Version: 3.1.200 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 16.13.42 - NVIDIA Corporation) Hidden
Shovel Knight (HKLM-x32\...\1207664823_is1) (Version: 2.3.0.9 - GOG.com)
Skype™ 6.21 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 6.21.104 - Skype Technologies S.A.)
SoftEther VPN Client (HKLM\...\softether_sevpnclient) (Version: 4.12.9514 - SoftEther VPN Project)
Sony Corporation (Version: 1.0.0 - Default Company Name) Hidden
Sound Forge Audio Studio 10.0 (x32 Version: 10.0.153 - Sony) Hidden
Sql Server Customer Experience Improvement Program (Version: 10.1.2531.0 - Microsoft Corporation) Hidden
SSLx64 (Version: 1.0.0 - Sony Corporation ) Hidden
SSLx86 (x32 Version: 1.0.0 - Sony Corporation ) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.2.6.0 - Synaptics Incorporated)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.11 - TeamSpeak Systems GmbH)
Toon Boom Animate Pro 2 (HKLM-x32\...\{46ADAC53-F1D2-41B4-B57C-DF43C70904FB}) (Version: 7.9.1 - Toon Boom Animation)
TuneUp Utilities 2014 (en-US) (x32 Version: 14.0.1000.340 - TuneUp Software) Hidden
TuneUp Utilities 2014 (HKLM-x32\...\TuneUp Utilities) (Version: 14.0.1000.340 - TuneUp Software)
TuneUp Utilities 2014 (x32 Version: 14.0.1000.340 - TuneUp Software) Hidden
Ultimate Boob Wars!! ~Big Breasts vs Flat Chests~ (HKLM-x32\...\Ultimate Boob Wars!! ~Big Breasts vs Flat Chests~_is1) (Version: 1.0 - Mangagamer)
Unfold3D Magic Edition (HKLM-x32\...\{28F42D42-11A2-4A29-99D7-FABC1F80AFA1}) (Version: 4.0.0 - Polygonal Design)
Unity Web Player (HKU\S-1-5-21-66031012-3778517164-1124876193-1000\...\UnityWebPlayer) (Version:  - Unity Technologies ApS)
Unwrella_Maya 2.13 (HKLM-x32\...\Unwrella_Maya) (Version: 2.13 - 3d-io GmbH)
V3DPX86 (x32 Version: 1.0.0 - Sony Corporation ) Hidden
VAIO - Media Gallery (x32 Version: 1.5.0.18100 - Sony Corporation) Hidden
VAIO - PMB VAIO Edition Guide (x32 Version: 1.6.00.06030 - Sony Corporation) Hidden
VAIO - PMB VAIO Edition Plug-in (x32 Version: 1.6.01.06110 - Sony Corporation) Hidden
VAIO - Remote Keyboard (x32 Version: 1.1.0.07060 - Sony Corporation) Hidden
VAIO - Remote Play with PlayStation®3 (x32 Version: 1.1.0.15072 - Sony Corporation) Hidden
VAIO 3D Portal (x32 Version: 1.1.0.06232 - Sony Corporation) Hidden
VAIO Care (HKLM\...\{471F7C0A-CA3A-4F4C-8346-DE36AD5E23D1}) (Version: 7.3.0.14170 - Sony Corporation)
VAIO Control Center (x32 Version: 5.0.0.07070 - Sony Corporation) Hidden
VAIO Data Restore Tool (x32 Version: 1.7.0.05270 - Sony Corporation) Hidden
VAIO Easy Connect (x32 Version: 1.0.0.03050 - Sony Corporation) Hidden
VAIO Gate (x32 Version: 2.4.0.06210 - Sony Corporation) Hidden
VAIO Gate Default (x32 Version: 2.5.0.07080 - Sony Corporation) Hidden
VAIO Help and Support (HKLM-x32\...\{BD04DEBE-923A-4157-993E-2C727C5FFB5C}) (Version: 15.00.0719 - Sony Corporation)
VAIO Improvement (x32 Version: 1.1.0.06030 - Sony Corporation) Hidden
VAIO Manual (x32 Version: 1.4.0.05310 - Sony Corporation) Hidden
VAIO Sample Contents (x32 Version: 1.4.0.09010 - Sony Corporation) Hidden
VAIO Satisfaction Survey. (x32 Version: 3.0 - Sony Electronics Inc.) Hidden
VAIO Smart Network (x32 Version: 3.7.0.07150 - Sony Corporation) Hidden
VAIO Transfer Support (x32 Version: 1.4.0.14230 - Sony Corporation) Hidden
VAIO Update (x32 Version: 5.5.0.06290 - Sony Corporation) Hidden
VAIO Update Merge Module x64 (Version: 5.5.06290 - Sony Corporation) Hidden
VCCx64 (Version: 1.0.0 - Sony Corporation) Hidden
VCCx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
Vegas Movie Studio HD Platinum 10.0 (x32 Version: 10.0.179 - Sony) Hidden
VHD (x32 Version: 1.0.0 - Sony Corporation) Hidden
VIPAccess (HKLM-x32\...\{E8D46836-CD55-453C-A107-A59EC51CB8DC}) (Version: 2.0.1.91 - VeriSign)
Visual Studio 2010 Prerequisites - English (HKLM\...\{662014D2-0450-37ED-ABAE-157C88127BEB}) (Version: 10.0.30319 - Microsoft Corporation)
Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 ENU (HKLM-x32\...\{112C23F2-C036-4D40-BED4-0CB47BF5555C}) (Version: 4.0.8080.0 - Microsoft Corporation)
VIx64 (Version: 1.0.0 - Sony Corporation) Hidden
VIx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
VLC media player 2.1.3 (HKLM-x32\...\VLC media player) (Version: 2.1.3 - VideoLAN)
VPMx64 (Version: 1.0.0 - Sony Corporation ) Hidden
VSNx64 (Version: 1.0.0 - Sony Corporation) Hidden
VSNx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
Vue 10 xStream 64bit (HKLM-x32\...\Vue 10 xStream 64bit) (Version: 10 - e-on software)
Vue 10 xStream plugins 64bit (HKLM-x32\...\Vue 10 xStream plugins 64bit) (Version: 10 - e-on software)
VWSTx86 (x32 Version: 1.0.0 - Sony Corporation) Hidden
Wacom Tablet (HKLM\...\Wacom Tablet Driver) (Version: 6.3.6-3 - Wacom Technology Corp.)
Web Deployment Tool (HKLM\...\{0F37D969-1260-419E-B308-EF7D29ABDE20}) (Version: 1.1.0618 - Microsoft Corporation)
WebTablet FB Plugin 32 bit (HKLM-x32\...\Wacom WebTabletPlugin for Internet Explorer and Netscape) (Version: 2.1.0.3 - Wacom Technology Corp.)
WebTablet FB Plugin 64 bit (HKLM\...\Wacom WebTabletPlugin for Internet Explorer and Netscape) (Version: 2.1.0.3 - Wacom Technology Corp.)
WebTablet IE Plugin (HKLM-x32\...\Wacom WebTabletPlugin for IE) (Version: 1.1.0.7 - Wacom Technology Corp.)
WebTablet Netscape Plugin (HKLM-x32\...\Wacom WebTabletPlugin for Netscape) (Version: 1.1.0.5 - Wacom Technology Corp.)
WIDCOMM Bluetooth Software (HKLM\...\{C6C9D5F7-630C-4125-8C4E-94AF77C1896E}) (Version: 6.4.0.2300 - Broadcom Corporation)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
WinDS PRO 2013.6.0 (HKLM\...\{4237FF56-4BD0-481E-BD44-C1A8DDA9C753}_is1) (Version: 2013.6.0.0 - WinDS PRO Central)
WinDS PRO Apps 1.4 (HKLM\...\{92C4C953-5CE1-4DC3-97D5-BBD1A63EF706}_is1) (Version: 1.4.0.0 - WinDS PRO)
WinRAR 4.10 (64-bit) (HKLM\...\WinRAR archiver) (Version: 4.10.0 - win.rar GmbH)
Yume Nikki 0.10 English (HKU\S-1-5-21-66031012-3778517164-1124876193-1000\...\Yume Nikki 0.10 English) (Version:  - )
Yumina the Ethereal (HKLM-x32\...\Yumina) (Version: English 1.0 - JAST Densetsu)
ZBrush 4R6 (HKLM-x32\...\ZBrush 4R6 4R6) (Version: 4R6 - Pixologic)
 
==================== Custom CLSID (selected items): ==========================
 
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
 
CustomCLSID: HKU\S-1-5-21-66031012-3778517164-1124876193-1000_Classes\CLSID\{092dfa86-5807-5a94-bf3b-5a53ba9e5308}\InprocServer32 -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
CustomCLSID: HKU\S-1-5-21-66031012-3778517164-1124876193-1000_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users\Kzion\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-66031012-3778517164-1124876193-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Kzion\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll (Google Inc.)
 
==================== Restore Points  =========================
 
22-11-2014 18:00:59 Scheduled Checkpoint
29-11-2014 22:58:54 Scheduled Checkpoint
 
==================== Hosts content: ==========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2009-07-13 20:34 - 2014-12-01 21:36 - 00000035 ____A C:\Windows\system32\Drivers\etc\hosts
 
==================== Scheduled Tasks (whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
 
Task: {0704224F-8FDF-48E0-915E-5AA3A4BFFB03} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-66031012-3778517164-1124876193-1000UA => C:\Users\Kzion\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-12-05] (Facebook Inc.)
Task: {0AA99135-82D9-4E40-A015-D4526D8D5475} - System32\Tasks\Adobe online update program => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-08-21] (Adobe Systems Incorporated)
Task: {0D6D586B-8544-409E-8AAC-5CECDBF98447} - System32\Tasks\Sony Corporation\VAIO Control Center\Level4Month => C:\Program Files (x86)\Sony\VAIO Control Center\WBCBatteryCare.exe [2011-07-07] (Sony Corporation)
Task: {13D386CA-0ADE-41F6-86E3-E46E24C4E6AD} - System32\Tasks\VAIO® Messenger (Administrator) => C:\Program Files (x86)\DDNi\Oasis\VAIO Messenger.exe [2013-07-03] (Digital Delivery Networks, Inc.)
Task: {2534E2ED-5F03-4F94-9B0B-2A234FAE3454} - System32\Tasks\AdobeAAMUpdater-1.0-Dezina-Kzion => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2014-02-27] (Adobe Systems Incorporated)
Task: {2703FC5B-5D41-4177-8F0D-A0F7853ADF2A} - System32\Tasks\Sony Corporation\VAIO Improvement\VAIOImprovementUploader => C:\Program Files\Sony\VAIO Improvement\viuploader.exe [2011-06-03] (Sony Corporation)
Task: {2D5ACBCA-0E33-44CF-9BD6-8E56E3814E7B} - System32\Tasks\Sony Corporation\VAIO Care\CRMReminder => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2012-01-31] (Sony Corporation)
Task: {334617CA-FCC2-4C6E-87F2-C9BE377BF6E6} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {3BFAC050-E0F6-47E2-947B-C4C8813166C4} - System32\Tasks\Microsoft\Windows\TabletPC\InputPersonalization => C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe [2009-07-13] (Microsoft Corporation)
Task: {411B7367-6CB9-471F-BD9D-6B5FD14D8660} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-66031012-3778517164-1124876193-1000Core => C:\Users\Kzion\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-12-05] (Facebook Inc.)
Task: {4E717573-C763-4F2D-9495-83E49017CFA9} - System32\Tasks\DDNi Startup => C:\Program Files (x86)\DDNi\Oasis\DDNiStartup.exe [2013-07-03] (Digital Delivery Networks, Inc.)
Task: {542A0724-B4F0-4E4A-B5D7-3F85D4A8BB18} - System32\Tasks\Sony Corporation\VAIO Power Management\VPM Unlock => C:\Program Files\Sony\VAIO Power Management\SPMgr.exe [2011-05-31] (Sony Corporation)
Task: {5D98AEA7-B545-42C7-A7BC-BDCE145567BF} - System32\Tasks\Sony Corporation\VAIO Gate\VAIO Gate => C:\Program Files\Sony\VAIO Gate\VAIO Gate.exe [2011-06-21] (Sony Corporation)
Task: {5E5560CA-4385-48B3-AD7D-70A81C37254F} - System32\Tasks\Sony Corporation\VAIO Power Management\VPM Session Change => C:\Program Files\Sony\VAIO Power Management\SPMgr.exe [2011-05-31] (Sony Corporation)
Task: {61CA69D9-01AB-4630-822C-781C3B16069B} - System32\Tasks\Sony Corporation\VAIO Care\VCMetrics => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2012-01-31] (Sony Corporation)
Task: {690B7123-FC0A-4276-82C8-4703AC33FA61} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-66031012-3778517164-1124876193-1000Core1ce78f73cc06761 => C:\Users\Kzion\AppData\Local\Google\Update\GoogleUpdate.exe [2012-07-18] (Google Inc.)
Task: {6DB84009-1573-4AB5-9279-F5FD7622B9A7} - System32\Tasks\Sony Corporation\VAIO Power Management\VPM Logon Start => C:\Program Files\Sony\VAIO Power Management\SPMgr.exe [2011-05-31] (Sony Corporation)
Task: {8CFF26FD-DBBF-44E5-9AB4-532946EAF03C} - System32\Tasks\Sony Corporation\VAIO Gate\StartExecuteProxy => C:\Program Files\Sony\VAIO Gate\ExecutionProxy.exe [2011-06-21] (Sony Corporation)
Task: {91C833E6-B943-47BB-9ACF-F9865CC3E9A4} - System32\Tasks\VAIO® Messenger (Kzion) => C:\Program Files (x86)\DDNi\Oasis\VAIO Messenger.exe [2013-07-03] (Digital Delivery Networks, Inc.)
Task: {93E8DE50-7EE0-41F4-BCE9-DCE640BCCE05} - System32\Tasks\Sony Corporation\VAIO Care\VCCheckIolo => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2012-01-31] (Sony Corporation)
Task: {9FE6C9E9-9377-47F8-A6FB-1640F1A41D62} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-11-25] (Adobe Systems Incorporated)
Task: {A0991056-913A-476F-B00E-90B392E244A0} - System32\Tasks\Sony Corporation\VAIO Control Center\Level4Daily => C:\Program Files (x86)\Sony\VAIO Control Center\WBCBatteryCare.exe [2011-07-07] (Sony Corporation)
Task: {AA414B98-4CD1-4828-9AB7-3B3AF9F0E954} - System32\Tasks\Games\UpdateCheck_S-1-5-21-66031012-3778517164-1124876193-1000
Task: {B27B92E3-D1AC-44D0-A8F6-BF8D4E178D40} - System32\Tasks\Sony\Keyboard Shortcuts => C:\Program Files (x86)\Sony\Keyboard Shortcuts\KeyboardShortcuts.exe [2011-07-18] ()
Task: {B3B10196-935D-4CD6-9392-DB060D08CDBF} - System32\Tasks\Sony Corporation\VAIO Care\AutoCheckMessage => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2012-01-31] (Sony Corporation)
Task: {B4336FD8-4D2E-4915-814D-986AEEA4546C} - System32\Tasks\Sony Corporation\VAIO Care\VAIO Care => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2012-01-31] (Sony Corporation)
Task: {BDC36772-9C6B-45DD-8349-76C93847C61E} - System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013 => C:\Program Files (x86)\TuneUp Utilities 2014\OneClick.exe [2014-07-16] (TuneUp Software)
Task: {CA569766-136F-4207-8B2B-6E4D36E1D19C} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2014-09-26] (Oracle Corporation)
Task: {DF430AB5-77DC-4697-9AC5-85C9303416DD} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-66031012-3778517164-1124876193-1000UA1cf28755582ffc3 => C:\Users\Kzion\AppData\Local\Google\Update\GoogleUpdate.exe [2012-07-18] (Google Inc.)
Task: {E61B0B2E-2682-4519-B39E-7040F1B26F50} - System32\Tasks\Google Updater and Installer => C:\Users\Kzion\AppData\Local\Google\Update\GoogleUpdate.exe [2012-07-18] (Google Inc.)
Task: {EF16C7DA-A0E8-4DED-A447-B4C24C622E7D} - System32\Tasks\Sony Corporation\VAIO Care\VCOneClick => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2012-01-31] (Sony Corporation)
Task: {F01B53FD-319A-45AA-AD31-7ED9E57D7E88} - System32\Tasks\Sony Corporation\VAIO Smart Network\VSN Logon Start => C:\Program Files\Sony\VAIO Smart Network\VSNClient
Task: {F66C15C2-B430-4DC7-9778-971702DDBBAB} - System32\Tasks\Sony Corporation\VAIO Care\VAU => C:\Program Files\Sony\VAIO Care\VCSystemTray.exe [2012-01-31] (Sony Corporation)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-66031012-3778517164-1124876193-1000Core.job => C:\Users\Kzion\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-66031012-3778517164-1124876193-1000UA.job => C:\Users\Kzion\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-66031012-3778517164-1124876193-1000Core1ce78f73cc06761.job => C:\Users\Kzion\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-66031012-3778517164-1124876193-1000UA1cf28755582ffc3.job => C:\Users\Kzion\AppData\Local\Google\Update\GoogleUpdate.exe
 
==================== Loaded Modules (whitelisted) =============
 
2011-05-31 18:32 - 2011-05-31 18:32 - 01501696 _____ () C:\Program Files\Common Files\Intel\WirelessCommon\Libeay32.dll
2013-09-22 23:43 - 2014-11-12 15:56 - 00118080 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2010-01-09 20:17 - 2010-01-09 20:17 - 04254560 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2010-01-21 01:40 - 2010-01-21 01:40 - 08794464 _____ () C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll
2012-01-22 18:00 - 2012-01-09 19:44 - 00193536 _____ () C:\Program Files\WinRAR\rarext.dll
2014-07-16 02:24 - 2014-07-16 02:24 - 00699704 _____ () C:\Program Files (x86)\TuneUp Utilities 2014\avgrepliba.dll
2011-11-30 17:49 - 2011-11-30 17:49 - 00321024 _____ () C:\Program Files\Sony\VAIO Care\CRM\ManagedVAIORecoveryMedia.dll
2011-11-30 17:49 - 2011-11-30 17:49 - 00179712 _____ () C:\Program Files\Sony\VAIO Care\CRM\VAIORecovery.dll
2011-11-30 17:49 - 2011-11-30 17:49 - 00054784 _____ () C:\Program Files\Sony\VAIO Care\CRM\Logging.dll
2011-11-30 17:49 - 2011-11-30 17:49 - 00061440 _____ () C:\Program Files\Sony\VAIO Care\CRM\VAIOCommon.dll
2011-11-30 17:49 - 2011-11-30 17:49 - 00192000 _____ () C:\Program Files\Sony\VAIO Care\CRM\OsServices.dll
2011-11-30 17:49 - 2011-11-30 17:49 - 00037376 _____ () C:\Program Files\Sony\VAIO Care\CRM\PluginFactory.dll
2011-11-30 17:49 - 2011-11-30 17:49 - 02229760 _____ () C:\Program Files\Sony\VAIO Care\CRM\RecoveryPartitionManager.dll
2011-11-30 17:49 - 2011-11-30 17:49 - 00035840 _____ () C:\Program Files\Sony\VAIO Care\CRM\XMLTools.dll
2011-11-30 17:49 - 2011-11-30 17:49 - 00055296 _____ () C:\Program Files\Sony\VAIO Care\CRM\VAIOInstallAppsDrivers.dll
2011-11-30 17:49 - 2011-11-30 17:49 - 00137728 _____ () C:\Program Files\Sony\VAIO Care\CRM\InstallDB.dll
2011-11-30 17:49 - 2011-11-30 17:49 - 00134144 _____ () C:\Program Files\Sony\VAIO Care\CRM\InstallationTools.dll
2011-11-30 17:49 - 2011-11-30 17:49 - 00024064 _____ () C:\Program Files\Sony\VAIO Care\CRM\VAIOUtility.dll
2011-11-30 17:49 - 2011-11-30 17:49 - 00276992 _____ () C:\Program Files\Sony\VAIO Care\READ\RecoveryPartitionManagerREAD.dll
2011-03-31 06:55 - 2011-03-31 06:55 - 00530432 _____ () C:\Program Files (x86)\3d-io plugins\licensing_v2\ActiveLock3_5Net_3dio.dll
2014-07-31 11:16 - 2014-07-31 11:16 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-07-31 11:16 - 2014-07-31 11:16 - 01044776 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2010-01-09 20:18 - 2010-01-09 20:18 - 04254560 _____ () C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2010-01-21 01:34 - 2010-01-21 01:34 - 08793952 _____ () C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveIntlResource.dll
2011-10-10 22:48 - 2011-07-07 16:44 - 00013824 _____ () C:\Program Files (x86)\Sony\VAIO Control Center\VESBasePS.dll
2014-11-25 18:18 - 2014-11-25 00:39 - 01077064 _____ () C:\Users\Kzion\AppData\Local\Google\Chrome\Application\39.0.2171.71\libglesv2.dll
2014-11-25 18:18 - 2014-11-25 00:39 - 00211272 _____ () C:\Users\Kzion\AppData\Local\Google\Chrome\Application\39.0.2171.71\libegl.dll
2014-11-25 18:18 - 2014-11-25 00:39 - 09009480 _____ () C:\Users\Kzion\AppData\Local\Google\Chrome\Application\39.0.2171.71\pdf.dll
2014-11-25 18:18 - 2014-11-25 00:39 - 01677128 _____ () C:\Users\Kzion\AppData\Local\Google\Chrome\Application\39.0.2171.71\ffmpegsumo.dll
2012-01-23 15:03 - 2012-01-23 15:03 - 00169472 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\93496da63bd0bfd3de0d0ecab1925114\IsdiInterop.ni.dll
2011-10-10 21:57 - 2011-01-12 18:56 - 00058880 _____ () C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IsdiInterop.dll
2013-12-13 07:12 - 2013-12-13 07:12 - 00307712 _____ () C:\Users\Kzion\AppData\Roaming\Curse Client\Bin\opus.dll
2014-03-10 12:55 - 2014-05-22 22:01 - 00437248 _____ () C:\Users\Kzion\AppData\Roaming\Curse Client\Bin\WebRTC_CSharpWrapper.dll
 
==================== Alternate Data Streams (whitelisted) =========
 
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
 
AlternateDataStreams: C:\Program Files\Common Files\System:IPQnb5oyypymfFpsOioq
AlternateDataStreams: C:\ProgramData\Microsoft:2Lo95gJcLI6rFUwit5dMEtK
AlternateDataStreams: C:\ProgramData\Microsoft:NkyoFWQtn7BVCIoqXwzjV9tEzZdLQ
AlternateDataStreams: C:\ProgramData\TEMP:A1EDB939
AlternateDataStreams: C:\Users\Kzion\AppData\Local\YzXIrLpW:0swHpK3HztevRtKpKG3qFON5EQYj
 
==================== Safe Mode (whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"
 
==================== EXE Association (whitelisted) =============
 
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
 
 
==================== MSCONFIG/TASK MANAGER disabled items =========
 
(Currently there is no automatic fix for this section.)
 
MSCONFIG\startupfolder: C:^Users^Kzion^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.3.lnk => C:\Windows\pss\OpenOffice.org 3.3.lnk.Startup
MSCONFIG\startupfolder: C:^Users^Kzion^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Start Freenet.lnk => C:\Windows\pss\Start Freenet.lnk.Startup
MSCONFIG\startupreg: Acrobat Assistant 8.0 => "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe"
MSCONFIG\startupreg: Adobe Acrobat Speed Launcher => "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe"
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: Adobe Reader Speed Launcher => "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: AdobeCS5.5ServiceManager => "C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" -launchedbylogin
MSCONFIG\startupreg: Akamai NetSession Interface => "C:\Users\Kzion\AppData\Local\Akamai\netsession_win.exe"                                                                                                                                                                                                                 
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: Best Buy pc app => C:\Users\Kzion\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Best Buy\Best Buy pc app.appref-ms
MSCONFIG\startupreg: BlueStacks Agent => C:\Program Files (x86)\BlueStacks\HD-Agent.exe
MSCONFIG\startupreg: Dolby Home Theater v4 => "C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe" -autostart
MSCONFIG\startupreg: Facebook Update => "C:\Users\Kzion\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
MSCONFIG\startupreg: facemoods => "C:\Program Files (x86)\facemoods.com\facemoods\1.4.17.11\facemoodssrv.exe" /md I
MSCONFIG\startupreg: Google Update => "C:\Users\Kzion\AppData\Local\Google\Update\GoogleUpdate.exe" /c
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: LogMeIn Hamachi Ui => "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
MSCONFIG\startupreg: MessengerPlusForSkypeService => "C:\Program Files (x86)\Yuna Software\Messenger Plus! for Skype\MsgPlusForSkypeService.exe"
MSCONFIG\startupreg: msnmsgr => "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
MSCONFIG\startupreg: NvBackend => "C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
MSCONFIG\startupreg: ShadowPlay => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
MSCONFIG\startupreg: Steam => "C:\Program Files (x86)\Steam\Steam.exe" -silent
 
========================= Accounts: ==========================
 
Administrator (S-1-5-21-66031012-3778517164-1124876193-500 - Administrator - Disabled)
Guest (S-1-5-21-66031012-3778517164-1124876193-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-66031012-3778517164-1124876193-1002 - Limited - Enabled)
Kzion (S-1-5-21-66031012-3778517164-1124876193-1000 - Administrator - Enabled) => C:\Users\Kzion
 
==================== Faulty Device Manager Devices =============
 
Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft Teredo Tunneling Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (12/01/2014 09:40:53 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (12/01/2014 09:31:21 PM) (Source: SecurityCenter) (EventID: 3) (User: )
Description: The Windows Security Center Service was unable to establish event queries with WMI to monitor third party AntiVirus, AntiSpyware and Firewall.
 
Error: (12/01/2014 09:28:33 PM) (Source: WinMgmt) (EventID: 28) (User: )
Description: 0x80070020
 
Error: (11/30/2014 08:03:58 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"1".
Dependent Assembly Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.
 
Error: (11/30/2014 06:17:13 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (11/30/2014 00:39:46 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (11/29/2014 10:32:49 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (11/29/2014 04:54:57 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"1".
Dependent Assembly Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.
 
Error: (11/29/2014 03:09:24 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (11/29/2014 00:33:40 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
 
System errors:
=============
Error: (12/01/2014 09:28:55 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Windows Live ID Sign-in Assistant service failed to start due to the following error: 
%%1053
 
Error: (12/01/2014 09:28:55 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Windows Live ID Sign-in Assistant service to connect.
 
Error: (11/29/2014 11:57:17 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the NVIDIA Network Service service to connect.
 
Error: (11/27/2014 11:21:05 PM) (Source: WMPNetworkSvc) (EventID: 14332) (User: )
Description: WMPNetworkSvc0x80004005
 
Error: (11/26/2014 05:32:43 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the NVIDIA Network Service service to connect.
 
Error: (11/21/2014 08:38:38 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Dnscache service.
 
Error: (11/21/2014 08:38:08 PM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Dnscache service.
 
Error: (11/21/2014 07:34:32 PM) (Source: volsnap) (EventID: 36) (User: )
Description: The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit.
 
Error: (11/21/2014 04:34:18 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: The Intel® Management and Security Application User Notification Service service hung on starting.
 
Error: (11/21/2014 03:06:01 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Windows Media Player Network Sharing Service service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 30000 milliseconds: Restart the service.
 
 
Microsoft Office Sessions:
=========================
Error: (12/01/2014 09:40:53 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (12/01/2014 09:31:21 PM) (Source: SecurityCenter) (EventID: 3) (User: )
Description: 
 
Error: (12/01/2014 09:28:33 PM) (Source: WinMgmt) (EventID: 28) (User: )
Description: 0x80070020
 
Error: (11/30/2014 08:03:58 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"C:\Program Files\Autodesk\Composite 2013\python\lib\distutils\command\wininst-8_d.exe
 
Error: (11/30/2014 06:17:13 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (11/30/2014 00:39:46 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (11/29/2014 10:32:49 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (11/29/2014 04:54:57 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"C:\Program Files\Autodesk\Composite 2013\python\lib\distutils\command\wininst-8_d.exe
 
Error: (11/29/2014 03:09:24 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (11/29/2014 00:33:40 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
 
CodeIntegrity Errors:
===================================
  Date: 2014-06-13 16:21:06.538
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\cryptnet.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-06-13 16:21:06.496
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\cryptnet.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-06-13 16:21:06.371
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\cryptnet.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-06-13 16:21:06.331
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\cryptnet.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-06-13 16:21:06.213
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\cryptnet.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-06-13 16:21:06.076
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\cryptnet.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-06-13 16:21:05.975
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\cryptnet.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-06-13 16:21:05.554
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\cryptnet.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-06-13 16:21:05.192
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\cryptnet.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-06-13 16:21:05.131
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\cryptnet.dll because the set of per-page image hashes could not be found on the system.
 
 
==================== Memory info =========================== 
 
Processor: Intel® Core™ i7-2670QM CPU @ 2.20GHz
Percentage of memory in use: 36%
Total physical RAM: 8173.22 MB
Available physical RAM: 5160.82 MB
Total Pagefile: 16344.63 MB
Available Pagefile: 12671.11 MB
Total Virtual: 8192 MB
Available Virtual: 8191.85 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:686.22 GB) (Free:302.9 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 698.6 GB) (Disk ID: C7F0A2E6)
Partition 1: (Not Active) - (Size=12.3 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=686.2 GB) - (Type=07 NTFS)
 
==================== End Of Log ============================

Thank you for your time

  • 0

Advertisements

#11
Biscuithd
Posted 02 December 2014 - 01:14 PM

Biscuithd

    Trusted Helper

  • Malware Removal
  • 2,573 posts

Wow it's a lot better, the idrrsoft error and the iconscachehelper went away, or at least the error/message didn't pop up.

Great!! :)

But now, The module 'C:\users\kzion\appdata\loc..\BthCommonEula.dll' failed to load.
Make sure the binary is stored at the specific path or debug it to check for problems with the binary or dependant .dll files.
The specified module could not be found.

Yup, I see it. The next FRST fix should take care of it.

 

FRST.gif Fix with Farbar Recovery Scan Tool


 

icon_exclaim.gif This fix was created for this user for use on that particular machine. icon_exclaim.gif
icon_exclaim.gif Running it on another one may cause damage and render the system unstable. icon_exclaim.gif

Press the WindowsKey.png + R on your keyboard at the same time. Type Notepad and click OK.

Copy the entire content of the codebox below and paste into the Notepad document:
 

HKU\S-1-5-21-66031012-3778517164-1124876193-1000\...\Run: [Achlworks] => C:\Windows\SysWOW64\regsvr32.exe C:\Users\Kzion\AppData\Local\Updmedia\BthCommonEula.dll
C:\Users\Kzion\AppData\Local\Updmedia\BthCommonEula.dll
C:\Windows\SysWOW64\regsvr32.exe

 

  • Click File, Save As and type fixlist.txt as the File Name.

Both files, FRST and fixlist.txt have to be in the same location or the fix will not work!

 

  • Right-click on FRST.gif icon and select RunAsAdmin.jpg Run as Administrator to start the tool.
    (XP users click run after receipt of Windows Security Warning - Open File).
  • Press the Fix button just once and wait.
  • If for some reason the tool needs a restart, please make sure you let the system restart normally. After that let the tool complete its run.
  • When finished FRST will generate a log on the Desktop, called Fixlog.txt.

Please post it to your reply.

 

Let's see if this doesn't clean up the last of it. Give the machine a test after you run the fix. Then let me know how it goes. I have other things to clean on the computer, but I want to makes sure we get all of these top level infections first :thumbsup:


  • 0

#12
kzion
Posted 02 December 2014 - 07:58 PM

kzion

    Member

  • Topic Starter
  • Member
  • PipPip
  • 14 posts

Good news, the error from Bthcommoneula.dll is gone, also i felt the boot up a bit faster after the fix.

And here is the fixlog.txt

 

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 01-12-2014
Ran by Kzion at 2014-12-02 19:36:11 Run:2
Running from C:\Users\Kzion\Desktop
Loaded Profiles: Kzion &  (Available profiles: Kzion)
Boot Mode: Normal
==============================================
 
Content of fixlist:
*****************
HKU\S-1-5-21-66031012-3778517164-1124876193-1000\...\Run: [Achlworks] => C:\Windows\SysWOW64\regsvr32.exe C:\Users\Kzion\AppData\Local\Updmedia\BthCommonEula.dll
C:\Users\Kzion\AppData\Local\Updmedia\BthCommonEula.dll
C:\Windows\SysWOW64\regsvr32.exe
*****************
 
HKU\S-1-5-21-66031012-3778517164-1124876193-1000\Software\Microsoft\Windows\CurrentVersion\Run\\Achlworks => value deleted successfully.
"C:\Users\Kzion\AppData\Local\Updmedia\BthCommonEula.dll" => File/Directory not found.
Could not move "C:\Windows\SysWOW64\regsvr32.exe" => Scheduled to move on reboot.
 
=> Result of Scheduled Files to move (Boot Mode: Normal) (Date&Time: 2014-12-02 19:37:39)<=
 
C:\Windows\SysWOW64\regsvr32.exe => Is moved successfully.
 
==== End of Fixlog ====

Thank you for your fast responses

  • 0

#13
Biscuithd
Posted 03 December 2014 - 08:24 AM

Biscuithd

    Trusted Helper

  • Malware Removal
  • 2,573 posts

This looks like very good news to me :)

 

Althought you've run adwCleaner recently, let's do it again in light of the malware being removed. I'll give the full instructions, but you don't have to re-download unless you want to.

 

adwcleaner_new.png Scan with AdwCleaner
 
Please download AdwCleaner by Xplode and save the file to your desktop.
 
  • Right-click on adwcleaner_new.png icon and select RunAsAdmin.jpg Run as Administrator to start the tool.
  • Follow the prompts and click Scan.
  • Upon completion, click Report. A log (AdwCleaner[R*].txt) will open.
    •  
    Please include the contents of that file in your reply.
     

    JRTbythisisu.png Fix with Junkware Removal Tool
     
    Please download JRT by Thisisu and save the file to your desktop.
    Temporary disable your AntiVirus and AntiSpyware protection - instructions here.
     
    • Right-click on JRTbythisisu.png icon and select RunAsAdmin.jpg Run as Administrator to start the tool.
  • Follow the prompts and let this process run uninterrupted.
  • This scan can take a while, depending on your System specs.
  • Upon completion, a log (JRT.txt) will open on your desktop.
    •  
    Please include the contents of that file in your reply.
     
    Do not forget to re-enable your previously switched off protection software!
    Please also manually reboot your machine after this procedure.

     

     







    We'll search for some remnants that might be hiding.
     
    Please download Malwarebytes Anti-Malware and save it to your desktop.
    • Install the progam and select update
     
  • Once it has updated select Settings > Detection and Protection >Tick Scan for rootkits

    • MBAMsettings.JPG

     
  • Go back to the Dashboard and select Scan Now

    • MBAMScan.JPG

     
  • If threats are detected, click the Apply Actions button, MBAM will ask for a reboot

    • MBAMReboot.JPG

     
  • On completion of the scan (or after the reboot) select View Detailed Log
    • Select Export > Select text file and save to the desktop.

    MBAMLog.JPG

     
     
    Please post that log for my review.

     

     

    Last, after all the scans and cleanings are done, take some time to work with the machine (if necessary) and let me know how it is working and any concerns you may have.


    • 0

    #14
    kzion
    Posted 03 December 2014 - 07:03 PM

    kzion

      Member

    • Topic Starter
    • Member
    • PipPip
    • 14 posts

    Looks like JRT made a lot or at least deleted empty folders?

    Starting with AdwCleaner[R2].txt

     

    # AdwCleaner v4.103 - Report created 03/12/2014 at 17:56:27
    # Updated 01/12/2014 by Xplode
    # Database : 2014-12-01.1 [Local]
    # Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
    # Username : Kzion - DEZINA
    # Running from : C:\Users\Kzion\Desktop\adwcleaner_4.103.exe
    # Option : Scan
     
    ***** [ Services ] *****
     
     
    ***** [ Files / Folders ] *****
     
    Folder Found : C:\AI_RecycleBin
    Folder Found : C:\Windows\SysWOW64\AI_RecycleBin
     
    ***** [ Scheduled Tasks ] *****
     
     
    ***** [ Shortcuts ] *****
     
     
    ***** [ Registry ] *****
     
     
    ***** [ Browsers ] *****
     
    -\\ Internet Explorer v9.0.8112.16421
     
     
    -\\ Google Chrome v
     
     
    *************************
     
    AdwCleaner[R1].txt - [981 octets] - [21/11/2014 21:01:50]
    AdwCleaner[R2].txt - [740 octets] - [03/12/2014 17:56:27]
    AdwCleaner[S1].txt - [1047 octets] - [21/11/2014 21:06:08]
     
    ########## EOF - C:\AdwCleaner\AdwCleaner[R2].txt - [859 octets] ##########
     
     
     
     
     
     
     
     
    Next is JRT.txt

    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    Junkware Removal Tool (JRT) by Thisisu
    Version: 6.4.0 (11.29.2014:1)
    OS: Windows 7 Home Premium x64
    Ran by Kzion on Wed 12/03/2014 at 18:02:07.35
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
     
     
     
     
    ~~~ Services
     
     
     
    ~~~ Registry Values
     
    Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\\Start Page
    Successfully repaired: [Registry Value] HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main\\Start Page
    Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Main\\Start Page
    Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-19\Software\Microsoft\Internet Explorer\Main\\Start Page
    Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-20\Software\Microsoft\Internet Explorer\Main\\Start Page
    Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-21-66031012-3778517164-1124876193-1000\Software\Microsoft\Internet Explorer\Main\\Start Page
     
     
     
    ~~~ Registry Keys
     
     
     
    ~~~ Files
     
     
     
    ~~~ Folders
     
    Successfully deleted: [Folder] "C:\ProgramData\baidu security"
    Successfully deleted: [Folder] "C:\ProgramData\best buy pc app"
    Successfully deleted: [Folder] "C:\Users\Kzion\AppData\Roaming\baidu security"
    Successfully deleted: [Folder] "C:\Program Files (x86)\baidu security"
    Successfully deleted: [Folder] "C:\ai_recyclebin"
    Successfully deleted: [Folder] "C:\Windows\syswow64\ai_recyclebin"
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{0071DD4A-A75F-44D9-B056-ABC1CFB555F7}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{0081FE6C-6700-47DC-9F9B-00A461AD90C5}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{01336463-535E-4183-BDB1-BA9AD4FF0BD4}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{016F12EF-4914-419D-B230-647B2D387658}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{018AD13E-ED09-40AD-92F1-5C9F606BF893}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{018DE067-4771-4E89-BA0C-73502547D0BA}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{018FDB41-9DD1-48D3-B7CA-CD6F553A9D8E}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{01B5A0D2-8EFE-4014-84D5-5904B1DF7D2A}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{023F2E64-9393-4656-9F37-79D5FB95C53A}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{02703025-6557-4D56-A3E3-869B5F4920B7}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{02B6E1E1-48B2-4BC7-94E9-C78F966C4209}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{02FED2B4-C597-49F7-9A02-6E6F58503B99}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{0320EA12-CBB9-4BED-83B8-5A04CC6B411C}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{03771D54-203C-40D2-80D8-796A39CDBF5A}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{0421E146-86BD-497C-81CE-6210F37E6C5D}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{0537955B-DC59-4F60-8060-D42AA7192AE6}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{057BCCEF-AA53-4D58-83A6-0261E7D27CE0}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{05B5D76F-3E92-489A-ABB3-80E1876FFD17}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{05F883AC-F701-4842-BA78-272B4C132266}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{06682972-39F4-47A3-9033-0C072583C057}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{06D619DE-9218-431C-A262-9AB386281CCD}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{06EEF9B7-60D4-430B-812C-812B17FF76B3}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{07724210-0DDC-46ED-ABF6-83306336CB32}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{07BA09D3-D47F-47D5-BFE4-3C1FAEB3BCD8}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{07BFB58A-7A16-49A7-8928-00F4A97B275F}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{07FA08F2-6998-4955-A6EF-6DD6370F56C3}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{0831A401-AFC1-459E-930C-66AE3BE5C801}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{0834F9A8-75AE-4222-8DAA-FA5CA988A042}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{084CB538-4E2C-4A02-AC6F-00002957CD63}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{0883CDE2-8C37-4D72-8D39-C94D70404FC4}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{0942F8FB-B249-4B2C-8285-75BE3F6F5320}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{0947F45F-97BA-4699-8275-C4239BF4499C}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{0972B61E-4090-4F3D-A978-E5C2E563372C}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{09782766-4E51-4558-B239-A64B3A8EC258}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{09B8602A-92EC-4962-BBD8-06C853B63DFC}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{09CA07EF-BE9F-4B90-901D-1640E5E99AB2}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{09CD7B2B-4EE7-4609-9295-B87E19906F5D}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{09FEEBA1-BF53-432B-BBF8-7E4CD25775C7}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{0A2718E1-670A-4F2D-9C96-968A64D175A3}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{0A7222C1-A9B3-478A-AA94-D39D6190735C}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{0A78568C-BA10-4791-86DF-2725FB4ABA3D}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{0AFE944C-AA14-4E5E-9D84-90D3DDE40D0F}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{0B059E73-AFEB-426C-9657-F9A6B60AC0C3}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{0B546447-4744-4CFC-8F26-BC16C4AB6E01}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{0C104A2B-D323-4B3F-9737-952A47C2C8FB}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{0C5AE492-7370-4106-8067-A4C8AAFFE1C8}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{0C70BEAD-4F06-4CCC-B32C-0FD49B6EAD32}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{0C8AF001-BDB3-4B04-A344-02B3471B9C0F}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{0C9B6A11-B62C-4DFE-B5F9-37FE5957108D}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{0CFAA422-6839-4BC7-96D3-7F22AED9C5FF}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{0CFF17F6-9288-4C69-A7AC-ECB64382F709}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{0D0E490B-A936-4224-8DB5-B958D03B25F5}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{0D5C47BE-563A-44F7-BF17-68EE13651AE2}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{0D71C2AE-3A95-4302-A3B5-9C1F9BE6BA00}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{0E15E28C-36C7-4D59-9416-D8857D7EC3C3}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{0E160671-6A15-43D7-9903-85702CBBADB0}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{0E33CCD0-88EF-4139-B445-5830B7EEFFFC}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{0E98D867-C3EF-401C-8C1E-63CCFE911BE0}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{0EC11C95-4621-4A9B-8A6B-B140D28E35E4}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{0F253CD4-10D1-459E-86AB-12CA37E07BD4}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{0F39D065-A396-4671-A415-419FA6A8CEC2}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{10025C01-A8E2-4FCA-A410-5AE3DA37501F}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{1034BD54-9398-4BAC-8289-E641EA39F474}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{10BA2AA4-115D-4E97-80F0-7559E672587F}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{10BFBA54-3CE7-431B-8EB4-9E55DCE7C98F}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{10E4E350-D57A-4E13-8EA0-1E14CE62E2BD}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{1131D56E-F7F7-4F71-B73C-9A2E21F3D7F5}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{11551799-B2BE-481F-A04B-372D0ED8DC1E}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{11911130-4740-4D26-96E8-3F810059B684}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{11CB3C5C-3F16-4927-B7B9-EC3285E149D4}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{11E572F7-B895-477A-9521-78C6C4ACA75F}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{11EA443C-0DE8-4726-852B-1C003285F5B4}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{1245DCA9-E8B2-4883-BCDE-5226779BE710}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{1302D568-307B-4043-BA64-37F9C5DD01AC}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{131990A5-CB65-4FEB-B210-15A156B07447}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{1330BAC7-6523-4B52-A2A2-31F5DAB1E12D}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{13475781-7589-4234-8691-ABD2A48F57B0}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{135332E4-F29F-4402-8333-235CAAD5B4F9}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{13DAAA91-4D8B-4D0C-A94D-9DAD3514FDF9}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{1436E300-3AC1-4DCD-A4F1-EECD8A4CF155}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{1527EFFB-47DC-43F2-BA18-5CE5887F270A}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{158D4873-8D8E-4699-B528-9F41D604F234}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{16089D28-9E1C-471F-B4F1-DD53A45C184E}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{16F48659-1BBD-49FF-82F5-E2E8A58B19F4}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{17EB77D3-0A64-4FB9-9288-211EFA10A2A8}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{18108333-CC38-4AC7-BB33-5DE0EACF5986}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{18A1F030-AF84-4DFE-B359-43068A42813F}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{18AB8534-9C34-46D4-880C-04F2E249573E}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{195F93A9-C1B0-4E48-9BCC-BD6BE26777D6}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{1969BC22-1615-4B36-A5A4-03480C0ECE88}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{19E09905-DCA8-486C-AB7C-CA3B7F9672B7}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{1A775DC5-1E66-4D52-89E5-25D7538C4C62}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{1A8E2093-B93C-45D4-9BCA-F487DD836183}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{1ADAF184-95FF-489E-A865-5C2512CAB1AF}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{1B8D9612-8F71-40C3-947E-5EFE68D5AC48}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{1BAAE31E-771E-44C5-8F06-4BE80FF36F9C}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{1BE781EF-E4BB-432E-B2D3-B418D8862A0B}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{1BEE5604-06BE-4FAA-BCEA-96BC7F679A29}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{1C1840B4-1109-49FF-AAD5-877E1F0CB1A7}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{1C1C399A-8291-4592-8673-2AED438C0F73}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{1C43B972-37F8-4912-BCBD-93408544C126}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{1C9A25A8-3DE3-4518-A26A-DC89984D95F3}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{1D3D9B1B-E61F-4868-9291-3CFB24342E57}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{1DA02E93-E232-4479-8DE1-1477FF04C31D}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{1DD52C73-AF51-43E7-B2E6-97BA73AC72B0}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{1DE530B7-8623-4E21-B8B1-0F0521775FD5}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{1E00AD0A-4EE8-42B3-83CB-66A940CCEBF6}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{1E01AEE8-AB4E-4F77-BBFC-5D9087D1D37E}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{1E1D1ADB-54A9-47CE-8C8F-9EE0FDCDF1D9}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{1E537987-2931-4CCD-9EEA-354332FC860B}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{1EC07205-7DE6-4212-AF5A-A72EF4A1506E}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{1EF7414F-6C53-433D-A71E-1DEC845927B4}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{1F319C27-1FAD-4C3A-87EC-D809E00F13C8}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{1F8CB392-3BBD-43C9-97EF-EC3D9C97BFEB}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{1F8D1065-17F0-4148-AC2C-60221C52A62F}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{1F93F2C4-AB09-4123-816F-945E558238E0}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{1FC59F5B-FAC0-41E8-83E6-465921C07130}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{203F67C7-FF89-4393-B42E-1CC78BBB1946}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{2065F0ED-57F9-46C4-89F8-DDD0CEAC2FDF}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{208B865E-AB11-4E24-876D-2F564EF28B3E}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{20E2FAC2-0790-4F7E-9440-D97E5A530A72}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{20FCD128-27F7-4A3D-BB7B-E441979DD48A}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{215F69D4-31D2-4020-BD32-F19C60DBF104}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{21616CFC-7D04-4C99-AF3D-F3B7CAECE5C7}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{22CDC236-E6E6-4558-85A9-364640D11CA2}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{22D4C260-4BF1-4C5B-B9B8-76B4789276E8}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{23BBD15F-771E-4454-BD2F-73DE1E998EA4}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{248648AB-D8A7-45FD-B4D6-3F71BDD43BDD}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{24900AB8-13FC-4D97-A788-DE58E31546CD}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{258B81A1-361B-45A7-AC00-558470B95C21}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{26378A9E-CAC5-4CC6-94AF-FF672C25BD3F}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{2690F212-E3BE-489C-AD7F-F3D4EB150AC2}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{27056982-C824-4288-92BC-2AD1FF0A5DEF}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{27816B31-A6C1-4D20-83CC-3E591D2602F3}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{27927E9A-189B-499E-8113-082CD3B9E894}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{2807E737-A02C-4789-922E-7D022A1B1FCD}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{287DEBF5-1461-49A5-BA7D-83570DD3DFF3}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{28CF2AD6-3039-4416-89F2-4D56155584B0}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{2924E554-3430-4B1B-B1CF-B13680680912}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{2933C260-D5B5-472E-90DE-4CA6AE6A7C75}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{2987FF87-6696-40C1-9975-1A3B21E4B23B}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{299819A8-2A2F-4022-B3B4-F36BF060C628}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{29A689A3-FB5C-4BF3-B157-0AF76FD267EF}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{29D3CEFE-AEF9-4936-BE90-E6BF82797575}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{2A3C40B4-DF55-47DC-8C4B-DCEAF74444C4}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{2A89D725-C36C-4194-997D-EE0BDDFCFBF5}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{2A8B4C02-B6B4-4248-8127-D7B2BAC02501}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{2B045CF9-1B01-4B62-8BEF-804B9360CBC3}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{2B19F6C8-696B-44A7-82E5-4E600292FC1B}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{2B3CD780-37B6-40B6-9A80-49A08EA8E4D2}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{2B785F02-B362-4AA2-B79D-52C279B714EE}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{2B96FD7D-33FB-45EE-B142-4AB7197C92A4}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{2BBE9CF5-F8C2-48BA-827E-4F3A85DF0514}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{2C246FC5-3FE2-4292-844A-900E5F431A64}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{2CB7574E-C108-4EB0-8044-AEEF1DD0C74D}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{2CD25A7A-73AF-49A7-BF30-A4F293C23C49}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{2CEAF239-A289-46EE-8301-969671B578F8}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{2D02E081-C8FB-42AD-944B-D7CBDC2CBE3F}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{2D17CF4C-185C-40ED-92D5-F5AC8DEB84B6}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{2E1DFF35-321A-42C5-9226-A4AD5F087448}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{2E60FE1F-91B5-4943-9894-1AA661BF53A8}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{2E6E1167-399D-467D-AB94-94819035C828}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{2EC1D9AE-90A8-4D5A-8648-7787C70E7CB7}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{2EFFAF93-8E5B-46C3-A0F8-822E6E6937AE}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{2FA2DFC1-B308-40AA-8A0B-6BF00CC05146}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{30744FBE-1133-4BB8-87F4-93857D5C3F1D}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{3152778D-1A5C-4823-A9E0-70C4458EE4EB}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{31AEAF34-2AF0-4996-B2B1-49FBE5925861}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{32C23F50-B5C1-4392-B0F0-462719184647}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{32C785E9-4C06-4D30-905E-A2FF98CB6D75}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{32F21465-1D88-400E-AE36-7B4A9062C813}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{32F459D5-9E5C-42F0-8B0B-21EA090A0295}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{33122127-E400-4C2B-A4C3-3C2597B2D363}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{333B01BB-B094-4FF1-9EB2-0D1F2F80CA86}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{33A4F05F-7D6E-4BD4-A742-0CF69C5BD29B}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{33BF2FBA-062B-462A-9BA8-C8D7F0B8084C}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{33FA8D75-31B1-488C-ABF2-1212119EC69C}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{34113621-C270-43E7-9612-93AD9F9948B7}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{34411853-CF76-4DB7-9B65-9BC6B0899591}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{34A17BA5-E38E-4568-98DB-B5E5CBA20A2E}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{34FD36A2-2CF0-42CC-9388-53D68FC9638C}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{352E8806-B374-49DD-871F-7298C1D5DD71}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{3640C8F0-8394-4FD3-8855-07AC7E89790E}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{36941390-583B-4BE9-AB4E-7A399C948E1F}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{36992E11-A168-4D52-B152-071D1D6395B7}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{369ED5BF-FE3F-48F2-BA6F-393B5AD6E995}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{371140CE-D037-4D4C-9F83-33EEF691B034}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{37171991-2CF0-4802-A4C3-AE6A9BDA0C3D}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{3728E548-12C5-4DBD-AA47-2EC0AC3FBA28}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{37639650-E1A9-4D99-A4C9-043FCD4ABEE4}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{37D99A5F-9A94-4BAE-9DE4-674850ACFAED}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{38F11761-0467-4C36-89FF-4CC049DB8189}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{392C4CF2-F374-4D59-92F7-BCF538FC1CBD}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{39758C73-2F21-4612-9931-0BBAF2A5AC1F}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{397AD2A8-73C7-4848-8A36-64A5A7900166}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{3AFB8855-CAF5-4C06-9658-C3891D31BB8F}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{3B340D11-FA70-4444-B80A-1CDF5AAAA6B8}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{3B7775A1-AF93-49B7-821E-F58EB9F6510F}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{3BC1FDB7-A624-4774-91BE-1F03A09C97F7}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{3C187435-A260-4E8C-A2D3-ECE1C55F1743}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{3C398D88-9629-4082-8DFE-323D245B572C}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{3C476B57-BBE7-49A1-BE8A-B492105BC153}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{3C611D8C-E21E-4C57-B23A-E400E9509E40}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{3CE59695-C865-4A15-8EB0-D0DB96B06DBE}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{3D12775B-6396-4D57-91E4-B540EA876ADC}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{3D313AE1-DB89-497B-9D3C-1DB604BE1C09}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{3DCD4F97-3B3A-46DE-88B7-1FF1D4A634ED}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{3DE6F89B-E0DE-4C2B-BE13-C53D5F492BC0}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{3DEED945-E78C-4365-8D60-2DD8BF978BCC}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{3E493BBD-8D35-4CA8-B157-A46CBC49DCDB}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{3EB4512A-FA47-4A99-87D4-FED17E379CC8}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{3FFEEC25-F14F-4435-AE63-BD0401AAC989}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{401BCC7A-0A6D-4207-A130-119C647B5588}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{403D55D2-067F-4B58-8739-1176A50FC8FE}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{40BFE80D-7485-4255-9B42-CC671A071634}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{411D24F0-33B8-4744-AC53-BE5704F993E3}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{411D6499-E37B-44C7-8AE6-35128708BF8F}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{414F5EC9-DC0F-4880-9304-54840C2DFDBC}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{41B485E6-6953-4C36-BE21-DD5085C5B175}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{41FAFE76-522F-4E9C-BD96-A0C505E7E370}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{420C7C04-933D-4EB5-83F4-E6A6A4ED8DC6}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{423561D0-72F3-4584-BD0D-D8413FE190A3}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{423796A3-189E-4AE4-B26F-C36FAFDB8284}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{424B496A-10A5-42F5-9690-1C84AC69B4B0}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{42542B8D-DE88-4568-AE4F-34F4215096A5}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{4284D6AF-E1E9-47B5-ACEF-3951C9AD46B6}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{431A3C6A-1584-4678-8335-9DFDE51F2AC5}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{446A8170-0ABC-44DF-91CC-F16879CE0E98}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{448F1B17-4A84-4E4F-AF3F-12B75C3AB5B8}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{44BA1A54-457C-4F45-9DDF-461806D8FFC9}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{44EE7293-EDC9-4CB5-9169-64CBA4EB3FB4}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{4572904C-43DB-44F4-B18A-11D29FCB3A1F}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{457C8B9C-9407-47F0-8A35-79383FE00944}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{45892773-1ECD-4C38-BC19-180CD96CA7D3}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{458B47D5-BAED-4F8B-B8EF-C0E26DD0B721}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{45BDD2CE-1BFF-4684-A6A7-B0FA30AC54CE}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{45E35075-76B8-47B6-9E35-09EE9F13DE3B}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{4603F8C8-4DC2-486C-8BE0-79629F273A60}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{4641EFC9-A1EF-4B65-AF96-06C9428F95BB}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{4702640C-9948-4246-B3E5-B0643E4089B0}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{470FBBA0-6FDD-45A4-B052-DA0B3254A813}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{4803888B-BB4E-4461-A3C9-006AD4FB004F}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{48E45F21-4A69-4F95-8DE2-0E726A67E882}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{491024B2-97C0-450F-90FE-9244D51A49C8}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{49733708-25E6-4579-B797-9E04AA593A5F}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{498475C6-1855-4474-8F60-EB6052301B50}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{4996A537-403F-426D-BF29-4A8BC01EDB03}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{4A7FBD4A-E6FC-4CB5-8E8C-2D87B407CD6D}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{4AAC4A00-3A8F-4299-BCDA-E808866667D8}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{4AF4E461-CA84-4B25-8D43-F60B0849440B}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{4B09650B-4814-40C8-B09D-C5B1EA8E5868}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{4B516CE2-EAB8-4E0F-8521-D0DC0672A20C}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{4BE22077-1DDB-4D96-A578-E362C546159A}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{4C089BAA-B3C0-4D02-B0C6-27605BE3005B}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{4C39F915-0EB5-43D9-9545-D08238B1007B}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{4C3D4E7C-E3D1-4218-A3C2-19E08FF3C701}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{4C5EA6E1-D185-4928-A23B-9114564BA353}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{4D01D863-09CA-476B-B84C-CDA91BE7B24F}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{4D5A5097-8DB0-4F07-975E-8D206A2B3448}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{4EC34F1E-6DD5-4A54-B914-BA23E6594A73}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{4EDD04D5-8E69-4A75-AE56-FCF65CB708C4}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{4EE30797-BA46-4584-8CC1-65BD6E764753}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{4FD6EB27-CC12-4C45-BBF2-E7927C4D0219}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{50283EE4-06C2-49C2-89D7-2883C2DDE71B}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{5074E1D2-8953-4CFF-8D4C-4776FDE952A0}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{51EE6F65-5C0D-421F-9968-7C7C1D795D8B}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{520CACC4-52E5-4600-BDD7-6903F482B414}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{52D89A61-6BB0-4AAE-AF99-26E2AC48F0D4}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{52E07E39-9DC9-44BF-ABCD-95E9F48D1C75}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{52EB0C08-90FE-43A2-800A-9476A38615BD}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{53628304-3BDF-4980-B0C5-9DED05DB70C2}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{53BFAAD1-12A2-48CC-9222-203CCA157CE5}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{5422F933-A018-47C1-B4DA-133A3DE2FCBF}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{54903F55-2303-429D-9163-DDDFBDB021CC}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{54F105DA-784C-4525-8098-966EC0DA8140}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{54F9F7CC-CAFE-4523-8B99-158D1EB8A185}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{558F8935-014E-41F6-B063-20DD1E05082F}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{55B5E62C-9B07-45CC-8F7F-C748CF150233}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{55E1A1F5-AFCD-49F8-9C12-24B01F6A1357}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{5680C206-EE61-4E87-90B0-75844C823FB5}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{56BA7972-ED3A-47E8-992D-0CDAC1FAA3A3}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{56FB78F8-09AC-4C6D-871C-F8BB50E44D10}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{573A5707-936A-4B5E-959D-877FDCB0484E}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{578FEB77-42B1-4AF4-A55F-AFBEB74EBD4F}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{5790AD5A-B27F-483D-A0F0-A03DBE327DE7}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{57BB9BFD-D746-4801-AA58-AF6B1B2A85E5}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{57DC1732-A750-405C-9F16-29E8EFD207C5}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{58250D74-3C65-406F-93C2-DD70B1F21D55}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{5842BB7F-37BF-4E42-9433-7ED193BF5869}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{586EF8CB-F47F-467D-9FAF-544AD83A1103}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{5955D7EB-7223-43F8-80C9-E85A852C79E7}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{5966C517-DC09-4630-B1B5-95495154BBCE}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{59873435-A435-41D6-9B2C-27A5BF448991}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{598C7570-8753-4D0A-8D06-FA8D78121580}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{59BBAD42-366D-45B3-A4B4-29A2A5D1635A}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{5A26B1D3-16FE-4AAF-9F58-E46C1996147C}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{5A4199B7-D83E-49A1-8F43-AB1A99CF0BF3}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{5A99C568-24C5-4751-AF0F-9C58A5C88535}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{5AFEB9C5-42EF-48B0-8526-090BA94EC151}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{5B531A0A-DF97-4C36-A61C-8D7D0BAC083E}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{5B7582F0-95EF-49A5-B25F-7A4FDDEA4124}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{5B7E5A52-E6CE-40D6-8D9F-3768EE58DF41}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{5BAFB4DE-25D4-4F0A-B37F-D703758815D1}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{5C04CCAC-D236-4081-9C25-709146C456F0}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{5C336FA8-934B-4A23-987B-1D004E8CCC74}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{5C5FDC4C-F821-427B-ADC2-3E3EA560698E}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{5C695F51-EFD2-478F-A998-47FB2AD90241}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{5DAF46D0-FF57-47AA-8FFF-9D4B9251566E}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{5E2E576D-8D63-4CB3-A422-9110E100AA76}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{5E303B0B-E9FC-45C4-B37D-8F8AEE992B2A}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{5E31AFF6-3BBC-4ACD-A0BB-61742761A71F}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{5E424783-944F-4933-AF2A-A3AC0AB5617B}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{5E78CC75-30C9-40A9-8E9B-ECF9C8D68194}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{5E7D4331-BE75-451C-964B-A78B2924A51A}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{5E823827-44CF-4EF2-A852-DFEC07BF70B8}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{5E8D5C0D-39C8-469D-A4CA-51F99BEC28DA}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{5EC11CF4-A967-4C32-B907-A6F5019D1376}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{5F148C96-2B5A-436B-A5F7-B49332D1DF2D}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{5F20B87B-8C94-48B0-BBBB-3F760FF4986C}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{5F572C29-8FDE-4672-AD95-3337FE84208B}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{5FA65FE5-7647-4153-B3F8-B27F6B0CAF08}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{5FC130CA-CD19-4750-9EC8-A5341C19177B}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{5FD3F43A-B136-410F-82C0-C0AC8E7B394A}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{5FF71256-E30B-41C5-BFA5-401EBF665D78}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{602ADBAD-6C3D-44C6-8421-D677839E51CA}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{60391B09-A037-4595-BB17-E4C0B46C70CB}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{6084077E-D7A4-443F-A68D-BA8EF7ABDF13}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{608FBE52-E992-4F12-B3F0-10665DD09D8B}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{60910CC9-D72F-4445-B1C8-20AA7F18291B}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{60E3672B-66B0-4D05-92F5-B082358295E4}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{60EBC5B6-BC80-4B79-989B-C664CBFC7A90}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{611A7835-356C-47F6-96DB-2D60F40ED6C3}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{61361E7E-6726-4DA8-BE83-93638D6477FE}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{61A135B4-2B29-4EAC-9B37-965DBAFE05DB}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{61D85AF7-196F-4038-B7C0-8729BCFAA279}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{62144206-C54A-4127-913E-89185FC9CB8B}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{624235A1-3548-4399-A48D-CC691D658FFC}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{624B58D6-C5F8-4512-B71D-2715A63B3AA2}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{630150EE-0F24-4D4E-98AA-BECF85BF49AC}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{63154A50-2635-418D-98AA-709569847C38}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{634D867F-87F2-4EB2-9EF9-A492779A6FC4}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{637B9A46-032A-4205-BA45-9397718090C7}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{63A5D12E-B74B-409E-BD34-5D370A02C9B5}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{63BF421E-DAFC-4A8D-9F63-DD8E1295814F}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{63E1DAC6-01FB-4759-B3A7-4EEDDA3BA93B}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{6425C95B-E3D1-441C-BFD8-FB74DD1A6EEF}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{6476C891-BFC8-4880-8A2C-0583B8268AE6}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{64AA4B9D-7E54-4B8E-952E-A215D2CAA39A}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{64F6CA17-D330-4D67-913D-2523CD28295B}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{64FEC8A2-0637-4B51-A351-1A3937190A53}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{6516AB98-10D7-48D1-B447-D67EF72AA93F}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{65BC4FF3-E80B-44CE-9035-55FF86D07877}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{6665DBA6-1596-4FB4-9539-64710DB36E85}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{669B3D8A-058A-479F-AB3A-9726EFCF0B7C}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{66C0DDEB-D508-49D3-AC51-38314605DFCA}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{66D84893-4C22-4849-85A9-91F01B821115}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{6723D846-C23C-42EA-82E9-15DEDDBEC794}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{673958D2-F099-483B-BA8A-AAF0672FCC07}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{673A5A1E-3162-4364-AC23-016E3F2430CA}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{679130CC-FF94-4F2C-9370-A38DCEB66E1A}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{67A8040C-D4F2-487B-80AF-924C208C57C9}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{67B6752C-208D-41AB-AB90-0134838C5CCE}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{682D0153-40FC-48DC-8690-AABA1C108D9F}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{6830867C-706C-4E89-A85C-BAFFAE0B86C1}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{68BE697C-1281-4BCF-B109-30BBBEDA4F3D}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{68C340E0-412B-40ED-B3E5-7CDDFB90FF64}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{68E5AAE0-ACBB-4D92-86F9-970EE6E84F9A}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{69010AED-2ED5-447C-8AB7-5DF5452E8074}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{6919B8CE-9488-4CDA-B21E-F1411AFB9A7F}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{691A7FF2-7BE3-4606-8B60-42F47AE11BD6}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{692264F6-2703-4EF0-A258-E688DF923DE3}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{69CC81CE-AB80-42B8-B332-73EDB1BF195F}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{6A228756-1281-4923-9233-EDF9630BA36E}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{6A9AD84E-55BF-406D-9D15-A6F39A05F38C}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{6AAF825D-4C96-41E8-B5DC-93FA439FA8E7}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{6B141554-F760-4F7C-838A-B63965697A5B}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{6B5A51D0-D30C-4283-8AA4-7ED9967320D2}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{6BC0C297-7265-4CB0-9896-A83509ECB2AC}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{6C0300D9-AEBB-48CA-92E9-05AC0BEF3C68}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{6C1C3F75-0616-402C-A8D6-9850DEFC528F}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{6C3D2BDA-FEAA-47C1-9CDD-10759CB031F9}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{6C48244F-0CDB-4395-B77D-06E80BD83BE3}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{6CBC615E-CF6B-4E5D-A3C9-0AC8060A17BB}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{6D2EDDBC-63C8-4DE6-9DF3-7AD2C2B1BF13}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{6D3E8AB0-8C3A-4EB5-B86D-A37E1EDA82E2}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{6E348168-B77D-4747-92CE-79E582E4D42F}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{6E4EC81F-13F4-4B6E-B3E9-F14D1768ED6F}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{6EAAE80F-ED26-46DA-B6DE-3430A8594F05}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{6F6FC6F9-E685-42D7-A111-432F228940C2}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{6FE739AD-33DB-44AD-B61C-510CD1419853}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{70288357-2E57-4AC2-AA6B-80099574A698}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{704CF065-E611-4D3F-81B5-CC87AD89EBEA}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{708AA2EF-5114-4043-8F21-A2A1853BF365}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{70D32D0C-616E-4DB5-AC08-86E9429235C4}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{70DABD11-9ED1-4CAB-BB41-E610EA24AC28}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{70E8ADD2-9994-4822-8031-2C0F2458DE44}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{7166B743-75AA-43BC-AC6A-E387D9A268C0}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{7185B3A4-7352-4633-9606-623654673C78}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{71F4E5B7-F334-479C-B633-CB04B986F9DB}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{7246C880-2967-42EB-B8EA-A6AEB7A782BD}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{72AA3042-56B4-4999-A397-04AB2F341446}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{730EB4C6-5342-4321-BE48-50A647BD911F}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{73685476-A60E-4188-8F12-3BB0316D62B8}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{739CF172-99C8-453A-8716-45097EBCE4C0}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{73BB5E8E-79DC-4FA7-9577-9B8653B91592}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{73D223DE-3F37-4FF2-B237-DDC6FCF720B6}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{73E71DA3-B658-4D94-BD65-35CB738D6E1A}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{7415E6E5-A778-4A5E-B2BD-88FEE2884134}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{745A793A-2D1D-4B0C-8ED4-89D768AB1E2C}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{74B54159-2B0E-4B5B-813B-85683DC42E0E}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{74B96C46-1CDC-4969-8E0A-0F3CFA75B8D4}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{74C8CDBC-806F-4D10-83CB-DD4842E74976}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{74CABCA6-31BD-4C60-9DC6-A998BFB791ED}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{74FDE6F1-5091-4816-A754-28D2B87376AD}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{7547D0DC-2495-4AC4-A170-F4FCEBB29FC8}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{7595A69B-A5E5-4150-8D28-937EA059A3D9}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{765367A8-273D-4653-9A09-76C5EAF66201}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{76B02145-F984-43F6-B099-B50AB4BCEA7D}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{76C93D37-10EC-4624-A058-1634F53268B1}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{76FECE5F-E626-46A9-92E4-FEC232EA7758}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{771A18E6-8901-489A-A88F-38819EB91CA1}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{772F865F-AA0A-4175-B635-EFD94190E174}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{778F5E10-7E50-4E91-AA8B-B956B148206F}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{77A5F893-2E95-4780-BADE-7981AC1549D3}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{77D373AA-9827-440B-AFBA-4129A40D2440}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{781DE751-955A-4560-B126-D9ECED4EA2B4}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{787F1B34-8BFC-4517-993A-BB2055A0C8E1}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{78BD6967-AE07-4B73-A01E-94A714B5EB2D}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{794847D0-9D16-4A72-8CD7-66D39A7F8B1D}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{7982ABD5-F34D-4F38-86E3-507FEC61E7BD}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{79B40D42-668A-4FA7-B0DC-EA4B003AFD02}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{79B42619-52D3-4AE3-8D03-1F4252FE678F}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{7A583D39-B282-4AC8-892B-3EFC7A9982FC}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{7B4F5EEA-C789-4065-91E4-BCF357820E87}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{7B894FEC-6327-42B8-BF18-74EB8B958019}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{7BE6BFD9-3FE7-445A-A9E1-223D1799E270}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{7BEE535E-5CE2-4CBC-8ADD-7F9C17954BB2}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{7C1D8230-C669-4F8D-B82C-F3F53969DED8}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{7C2D602C-6A67-424C-B909-D1A9B2D267C6}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{7C7FE435-8253-46E3-BC0F-2EDF0EC048DC}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{7C90BD49-7D6A-4106-9781-59FB33ED4DA7}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{7D283D0C-BAB1-4109-8BE6-F29D40666947}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{7D2E3B30-49B8-48D4-88B9-769C62476E38}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{7D81A890-C05C-4F3E-AF37-AED0AB6F2090}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{7DE48140-979D-4E5D-9AAF-DFA7699097B1}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{7E361BE9-78C4-4689-8A56-219C5B8BED95}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{7EB220F7-DC4A-4D57-BA33-1B426F20C880}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{7EE89798-312F-4210-8960-C83D349D8526}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{7EF0FC51-3171-47B2-847C-C6DF3598784B}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{7F28DE75-7DA4-49DE-AACA-EC82749428B0}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{7F9F84B6-EEA3-45B9-8C64-C4463E0FCD47}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{7FB0C2D4-F586-4707-83E4-8B5FF8577808}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{7FCD7233-55B4-48BB-90CD-BC91207AF7C0}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{7FED34D4-F991-4096-A977-C948C4C69723}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{801D5C95-CC7E-4FF9-A0E1-6D77011389FA}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{8050A5B0-3BF8-4CD8-87C9-6F1C26D843E7}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{8068882B-5E6E-498E-AFE5-7F0CA1DB06DA}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{80CFF229-9A1F-46B6-A17D-FE1A4CCE8284}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{819D44B4-86D0-477D-9912-A3B2A8D7ED33}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{81A656D2-F068-415F-AB4E-BEC7FF080602}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{820B6399-7E8F-405E-8FE5-35E6297E5FDD}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{823AFF26-D805-486A-BE84-1D482583AB8F}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{82769433-041D-4582-B849-B2D7395398CF}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{829A3727-8DF1-4F94-8BD1-D74F52101CF4}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{82A690A2-FA02-44F3-9F36-AE03D61FF782}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{82C02049-3234-41E9-838B-03A50BD307D0}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{8327A161-0645-4144-ADE2-D3D050764FCE}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{834E7B75-131F-4C3B-ACA8-6FAAC7C70F6A}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{83600572-DC9E-4D70-886F-7BB1C90807A5}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{83B540DB-8EA7-4CDC-BF8B-69ABD282F1E4}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{83CAC221-492F-4543-9E68-BDB57EBE120B}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{841E9244-007A-406D-97A5-421D8DCEB006}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{843DD420-4B75-470E-8F21-87AC9D86061A}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{84FE6ADC-B48E-4FBE-9DCF-65194F4FF83A}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{850DB4A0-929B-4183-9A42-226E97D0E54A}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{850EBBF8-EF14-4A42-BBC4-97C1D78DFE98}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{851C445D-C2B6-485D-B9F8-7B938FFB4D32}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{85220798-5D55-45DF-ACB2-981FD0B4CDCF}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{8532FA68-6126-46C3-83BB-82E628212859}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{862D6391-069A-45E5-A81B-8035C15E8791}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{8636DF2F-7C5E-4EA0-8075-CED1C5E2170F}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{86C7F462-B343-4147-8831-7295C4181C18}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{86CF2EA2-DD77-4171-877D-DD4615257FD1}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{87491479-9AB5-4C0F-93A1-1FA307F662C6}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{87DD4288-BDAA-4E96-9E15-99CB0980155D}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{87EE0331-3E1F-4C97-8372-346FBA919AC1}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{882AB0B2-17AE-43CD-8942-84BD2CE60ED6}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{8878DC02-3B8D-491A-8D64-58AEF537E26D}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{895421D7-7391-4446-9B69-9F82F289F738}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{89549A9D-EDE6-475B-8ED7-9B30414BCC00}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{895776D5-6A86-410C-B584-4E48B239EE0C}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{895A0167-EA4E-49E7-B611-C63AC1C3DEEF}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{89C73389-88D4-4B8F-B6A2-FB13BC75BD95}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{89E552BC-A2CA-4AE7-B30D-CF69FD48435D}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{89FCAB31-3747-4A44-83A9-F5ABD46451ED}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{8A775546-061E-4149-A7CE-E196EC6456B2}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{8AD83036-4C4F-4082-935A-A3E553091F15}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{8AFB8C2B-C09B-4F68-BA0A-38886CBD9AB7}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{8B0CACA0-B943-42D5-9680-1E088E33A0F0}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{8B8C8B42-7502-4C07-962E-E0B0C8F1EEC7}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{8C03FE31-7570-4111-BD68-78FAD2DDEAC7}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{8C1F363C-4209-43D1-9671-5C927A628214}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{8C5C01B1-39DC-4B6C-BE13-DC499F7C16DC}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{8CEBCE59-254F-4304-BBCB-67D314BC3867}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{8D41FCA8-02BC-46E6-8635-2D39603A45FF}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{8E102AD0-1299-4D11-A591-6E8D3BD9F399}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{8E9F6EE7-5AFC-4731-998B-3F0C0A03FA13}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{91073EB5-4225-4CF3-981B-8B226EB8387B}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{91EE7663-EDD1-4AE5-ADCB-8D7A504A7E2E}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{920064F4-BB17-498B-B9FE-0E43292B50CF}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{92016717-E47A-49A0-9661-7F558297A1C0}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{92774000-F121-4CAC-9A65-B64976F1933F}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{9300E0D9-7B41-4E34-B57A-2306950633FE}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{9349DDAD-B23F-4CC2-AA29-E35530FE3A9C}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{93B2BEE1-5CD4-46A2-8396-9C953598DD3F}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{945811C0-1971-4E5B-990A-82476F2156C5}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{95823C5C-859B-40B6-9F96-02D5313A5783}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{95B15C43-9CDE-4545-A80D-1E9238BA4458}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{95B7117F-E72F-4ADC-B575-25EDC91F5E3C}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{95E169A5-72D6-4599-8EE8-6BD76482E07B}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{961C3218-4714-42FE-977C-BD9B00FFF7A5}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{962546BA-1343-4E0F-9BE5-E2EF4E8D0B45}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{9637DF8B-27F3-4690-99A5-A3F3D8536898}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{968606BB-00B5-4B53-BAA3-B3F619880511}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{969850C9-E136-463E-BED9-002C59DF9950}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{97691D91-ED04-48C0-8319-36D82F4D275D}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{9793980B-CB28-411B-A529-DC663C407644}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{97B2D4CA-A136-4D53-A9EF-E73C6BBA63A3}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{97DACA83-B2A5-4A03-BAAA-024CF1855D39}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{97FAAC4D-8268-4189-9C17-A583BE9DC556}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{9978EA3A-7B19-4EB6-AB18-FDC988C74DA3}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{99A0F6E7-ECEB-417C-8884-059553278C67}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{99B67ED9-3657-416D-9F54-779167A44F84}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{99B6A55A-C84A-4F6D-9E3B-EE71F478EC54}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{99E77B6E-459A-4CE9-9799-125D93C8A82E}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{99FFC4CF-5403-4526-B7B8-05BF4712C337}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{9A08B6E5-BE40-439A-88A0-0CECA77678C7}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{9A44623A-86C7-4DB0-8D52-0A1425F630DB}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{9A7E8570-CD95-4EF7-8211-2628A84CD2B6}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{9A9A5C31-5C76-4E1E-9D81-695BD08A2D2C}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{9B5FB559-A869-4F54-90B5-192D1C2F3344}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{9B86EBC4-C0F1-4EC6-A2A3-5EAC68011A4A}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{9B902D40-B63D-40D4-B096-188290FF1578}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{9BE0BE63-C717-4729-BAA9-BA9E9BB9F7E3}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{9BFD1124-CE6B-486E-9F93-6D51905C71DA}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{9C16148D-0883-46B7-9141-EDFB0D35A7B5}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{9C36BE56-E4D0-49F4-8CED-DD0E36C20BD8}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{9C83BD0D-50C1-4F14-A2AF-F05430AED6BA}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{9C89D5A2-FAC2-4DCD-8FB1-C32C873E26A7}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{9C99C4BC-0182-481C-BD68-2C62BED4A4A1}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{9C9ACEAD-E94B-4EA6-8CC7-7D349A82C184}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{9CD3092E-6315-44FC-93A1-524ECFBBB255}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{9D5211FB-C36E-43A7-88D6-A40E9719E65F}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{9DF6EC0C-4AD0-4553-B516-2144C51E4826}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{9E2E909E-7B82-4E9F-8C5A-B70D8E87F84E}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{9E365891-3686-42FE-BB60-FBCAA587FF85}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{9E435865-A1B1-4AC5-BD8D-ED9C2DC2E825}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{9E61B392-3AB9-4A85-A5A5-E8D51DFB7FE3}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{9E6BFC82-2B06-4996-891A-97CB698EBCD1}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{9EC11ACC-FA8A-4A30-9E15-40B6EAA7236B}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{9EC6B898-A4C3-41DC-BDD3-5ED1F731995B}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{9ED6A654-DA78-4077-A02C-8DEB77626C5C}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{9F12CF93-7A29-4B21-A057-40BE84230C68}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{9FBAF947-607F-4902-B337-521425A7B21F}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{9FEBF014-705F-4215-80D9-E62E2C037A29}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{A01D51C9-7A8B-410D-83E5-BB21C88C8C73}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{A06557F6-28EF-4E19-B42C-279B643DB27A}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{A0B54B5D-A00F-42F7-9C75-275B058D4C5D}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{A0F10B83-3C53-478B-AA25-2D0BF77FBAB6}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{A1044909-75DD-4C7F-8842-67B3165E5A74}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{A12C1D4F-0C28-4144-98CE-8A89B45D237C}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{A1935A37-BE3F-4AB7-BA8D-F917C010AE9D}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{A216DE79-8C88-4D6A-B2FC-32E60441F021}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{A236DA3E-098B-40A6-85C9-099663D9A0B4}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{A280988C-CA53-4C25-8AAC-D9CA16972B01}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{A30D16F8-3E66-42FC-A3BF-1C6D3A76A3F3}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{A3686C80-99F9-4337-8571-55C0E81DF95D}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{A36D2CB9-CB9A-4F4F-998D-962722E5805C}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{A3B7239C-8BE3-451A-AC4A-28821E465252}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{A3B86FDC-92E8-486D-9F8A-8C7D6A37943C}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{A4457FE7-E2DB-4559-96F8-6A55361BB4E4}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{A473A498-A2E8-494E-A009-75143F03DFE0}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{A4A12305-C0CF-4426-BD1E-B9B6A694B35D}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{A56D911B-2340-4169-960E-E3FD16C340AE}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{A584F1B1-84A7-4A88-A7D3-92DBDD24E838}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{A59352BF-A5DD-4415-8D07-6CE0F7016A54}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{A5C4A2A7-618B-4D32-84A0-DB5B73EB0E7B}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{A5D9AF75-DD7F-4505-8DD5-CE286B3983B6}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{A6550824-46BD-4AB9-B83E-EB4179F154C0}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{A677CF8C-C9E5-46A6-AB33-997463B33F48}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{A6A24B2B-3C45-4E34-B164-13E7A26E484E}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{A6E398A2-C96B-4D8D-8927-C7D54101E3A2}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{A6E69F25-8E5B-4F57-BD8C-607B08BBD073}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{A7637743-E726-44BE-974E-AB4E3BDFA6BE}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{A7834066-39BA-4A34-9483-86DB2AF123A3}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{A8144F5C-2FF2-4FA9-93E3-DEDDA65DBE11}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{A82DCFD0-03C0-4E0C-BD1B-BCCE36BBB241}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{A84CEC99-D3EC-4A80-89B8-36AB6542B45D}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{A87BC1BF-1E0B-4A18-A536-100C0BBD4D08}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{A88B8D0B-4447-497C-8CBD-DEB95808C9EE}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{A9841BA2-68DB-4C3A-8B15-75D29293AE5E}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{A9AB33AB-6F08-492E-9173-78DEDA65CFA5}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{A9C2E418-E9D2-4EEB-BECE-AA085847DA74}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{A9D387D6-2C0B-446E-8139-2CCD17792CD8}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{A9EBBE47-2C11-41A0-A165-70F68B12E772}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{AA2C3FA4-073B-46D4-9AC4-0BBD0240B1E3}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{AA2DDE77-CF0B-4DF7-AFD6-58D655A4AEA2}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{AA6852B2-5CCD-4026-AA6B-77BE57D36882}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{AAC4C3EF-0254-4466-913A-F50654FAA905}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{AB09F677-4BFC-4135-9ABD-EA5B4437EBAF}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{AB878CB2-4590-4827-A054-26EC9EE30C0C}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{ABDDA99B-18FA-428E-A2EB-3CD356A61B77}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{ABFA1944-A9CC-4BCB-AC21-C4FDB752ED26}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{AC8102CF-9308-4CDD-9D28-E4C81D0D02F8}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{AC97D00D-6017-4DF1-954A-F8110BB92A9E}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{AC996F9F-5A0B-464C-AFE0-34FC412D7438}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{AC9EC8BD-4C51-404D-8FB7-6DB16636992B}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{AD05345D-781A-40B2-A99D-14F696482761}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{AD16CB27-D83F-4A77-BCE2-A7E43A615592}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{AD335381-D6E5-4315-B12C-3BC26C5985E2}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{AD7D144B-BD0E-4ED4-97F8-B5E0F054B329}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{ADC81D80-92DD-4C19-B7DE-B8FC7749678E}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{AE301BB6-845A-4456-AC4B-2B4279A39333}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{AE4E2CB5-B70C-49D9-9220-4D26A9D94576}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{AF7409FB-0B0A-498D-B81A-D929A2EB1635}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{AFAE2881-122C-46CA-AEC3-71421094D06F}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{AFC18FFB-CB05-4CA3-97D6-A8FD31D1F1B9}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{B01D5124-D6EE-4853-A4AE-AA4E566CF1EB}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{B054016B-4DF9-48FE-86C4-0949853C7F8D}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{B090690F-98FA-4ED5-8882-A242104A1E20}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{B096820E-79D3-44AC-986B-9D78362471DC}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{B097FB67-74CB-4727-823A-102F161E56BA}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{B0C3934C-2EBD-42AB-AA81-F560D15EA2B4}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{B1489184-1A30-443C-9E60-F4EC0A5F4AD6}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{B18E5974-1ACB-4EF7-9D94-002760772B1B}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{B18F72F2-4110-45AB-BF73-607B4BAC4932}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{B2EB775C-D176-45CE-8C7E-62DA8418E35B}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{B2EDF37A-4D46-4082-826A-232E5684F47E}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{B3025DD0-C217-49B7-B7FB-2AFC03839A91}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{B3A8DB3E-D07A-4A0E-ABFB-060C43BB7C94}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{B3C93204-2AD1-41A5-83C9-D15CDAF9BE4B}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{B3EAA7CA-46B3-496A-BC55-2A549B4B898D}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{B42A4C09-A437-4F34-91CC-FCFD68C6C4A1}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{B42B730C-0EEE-41BC-94EE-9D7B545CD32C}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{B45A3D1F-EB76-4DB7-B691-C71C23F21B48}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{B48E4E48-8EB0-4738-A9BF-14D4B92148CA}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{B4C1CCF4-33D0-4AE3-802D-B39755D857B1}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{B4E8C3C4-00CD-4A5A-84C6-E8DB86D90DD6}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{B54335E9-02DA-45FC-B80B-94A32856F390}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{B59DDAE8-4C56-4097-A46F-869D84197861}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{B5A029B9-ECA3-476C-8F60-D41B6E232342}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{B6759C45-572E-44BA-8C64-DCA131EB8217}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{B6820D2F-0940-4F83-819C-BC1AD6A73863}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{B683E723-F188-41B4-892A-97F3F5CDE406}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{B6A9533B-289A-44E2-8526-BEF12A03D6BC}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{B71E3DA0-D742-431E-AACD-AD1F9FE577CD}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{B74272EA-3035-4FD9-8B29-5A321A0A3DE8}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{B74D432A-4AC0-431F-8C9A-6FA2327DD05F}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{B77058E3-7912-42A8-BA9B-689B7FEA8B49}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{B8C7CCC8-02DB-4DD7-B5D9-E08076246836}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{B90AD11C-4E04-4AC5-B596-DEC8C49E2B91}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{B9C4193D-4BA6-43DD-92F6-24852A82B1E9}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{BA72A17A-4871-47AA-9EDB-9C43451B9297}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{BA8910A6-AF4A-4521-9101-0A3FE31FAF52}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{BA9C26F4-37ED-449B-B795-58EF28BD6137}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{BB0A54DC-1F7C-44AC-9FAC-72D1FB5412AC}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{BB3A73A3-B412-46C2-9398-18235A6A7794}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{BBE034D1-92F3-47B4-8278-D872D0C64B16}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{BC09EA87-B024-4D8B-8F81-BB5536BBB3B8}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{BC11638D-CBD3-4D52-87C3-3CA64572267C}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{BC79413B-5A54-4C18-AA51-2DAC6595DD36}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{BCA3CD6E-A8D6-4FA5-A556-81B547B6FD55}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{BCB34CD1-663A-4606-9BC8-315880F1B99E}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{BD8F7B22-E871-4D09-A431-06A4B35FA544}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{BDC0F38F-406E-4690-B1EE-FFEB047128F7}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{BE313807-D3D0-419A-A4E6-CFB838CDC44B}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{BE3D22BE-CCD8-4FA8-AD8F-E633C1E13D82}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{BE3FFEFA-7A30-4EC8-9E72-C9CC488C8A07}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{BE854E9B-2E74-48DD-92A5-8230958716D7}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{BF6F5842-830D-491F-87CA-518302C6C25E}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{BFF79E40-1756-4225-9C26-C92CFF072606}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{C038921E-D66B-4C32-B281-CE71320229C6}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{C0703479-1D32-4480-8EA4-35FE4DCFA81F}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{C09B2D3A-3EEF-4674-BE06-C1F71BBEA323}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{C0F5E49F-15FA-406E-AD70-8127B6EB3B0B}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{C171B2C5-D20E-404E-9D88-BDA6229267AC}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{C1A40DE4-E969-4DCF-948C-E077AA27C803}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{C1F48499-C256-495C-9120-09D758B56812}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{C220A234-DEAF-4D51-B5FD-672EADB9B9FD}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{C26BB7E6-F9D5-44DE-8603-BD59B37C3816}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{C29857E9-0B54-4FC9-AC10-5E13B464107A}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{C2BC4909-47C0-40FA-947B-D4630534261E}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{C316D037-302E-4085-88D4-E906C285163B}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{C36FF8D8-C3EE-4757-867E-28D63B450879}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{C38ABA21-CC0C-49F6-BDB0-71B02F69A9CC}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{C4167929-9861-465C-A00B-A0DD573F626B}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{C43BD4CC-AE57-4D86-A077-2E940E8EB1CE}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{C491F73A-B772-4936-899F-2128D99711CD}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{C4A1E5F2-83BF-4C4D-AA14-DB6CFE90C0C0}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{C4E76520-187D-4A33-A4C4-47B9FF129D28}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{C4FE05D8-7075-43A9-9041-1859338BB8E4}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{C520F849-67C2-4464-B328-2F146BCE72C0}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{C5728189-1C7B-4C08-839B-4A2DDD2F2CFF}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{C5C00FDC-9701-4242-B3F8-308B21E7E9CA}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{C670660F-4269-4862-9E91-45A05DF58BEF}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{C6B7BA82-7187-408D-9645-132DAD05F8BC}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{C6E7E023-C20A-474E-B896-8E9C585FEBB3}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{C70620CA-CCA8-4132-860B-E77D0C75E3A9}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{C80135B6-83D5-452B-AC14-E8A8882500D7}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{C8A57DDC-A67C-4EC9-B8A0-AE295D62B88E}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{C9F35BCB-9F37-4A8F-AF2A-53A94106EFA6}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{C9F909D8-71E8-4517-9BDD-C2AF3A1AA8B6}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{CA30F442-2368-48CD-BB5F-F21D16B88944}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{CB47437E-D03A-4184-B44E-452B966C93F8}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{CB49A381-B441-4F2F-99B1-A96B6E389446}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{CB61EC77-E05A-4100-8F97-FD5BAFAE1B27}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{CBCCD926-0FA4-4F3B-82FA-2A7C9A14649D}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{CC9AB670-4C5C-4132-8B6C-F1D257181244}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{CD62D22F-F330-4203-A4AE-1DC84432F673}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{CDC89CA5-E4F7-4E9F-B268-24D3FC889A86}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{CE3BE61B-3FB1-4474-9B2B-DADCC4AD4081}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{CE9DEDD1-3742-4084-ACC9-0F11E7687987}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{CEFC825B-9BDC-49CC-B4B6-22BC01C48C13}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{CF2188FE-60F3-4F61-A087-DBEE46A3F94E}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{CF5F487A-E516-4DE7-ACE8-78D266F1D688}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{CFA1131E-5A84-4734-AFC5-4DD30A408128}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{CFAE128D-F59B-4E8A-8582-E279B8A648F3}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{D05F465D-D19F-419D-A34F-362245BE264C}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{D09388CC-3D3E-4C61-A75D-1784B1C198E1}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{D097304E-AF3D-4F90-9AE3-C8063DE992BC}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{D10ACA95-BB7D-4D68-9CD5-E95B62BA280D}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{D16FC771-6CEE-4339-80BB-8BF1CDF3CD14}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{D174073C-E3DE-44CC-A425-BD8427CC71B2}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{D1941E12-D14F-47F2-9591-C3575D49FE54}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{D1C0B96F-AA9B-476E-873B-B667034E0DBC}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{D2A30916-EF1E-4282-A885-2A49CE6989A3}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{D2CF8DCC-AD0B-458E-8C07-0DF9D7231DE8}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{D36385A5-1743-47A7-A45B-5F1EAF5404AE}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{D3D96D8F-CAE1-47BD-9FD7-BBD3D68FDFE9}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{D3FD8D53-4467-4B08-9C83-EBE20462E55E}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{D41BE456-6E58-49AE-A97A-F180B035B736}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{D48C7A2D-38C7-4E90-8568-17E2114DD433}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{D4A5B20B-5883-42D8-A82E-BC73938293E0}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{D4F91892-930C-49DD-9EE7-B2397714106A}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{D4FCC205-0F43-4E0B-B602-23C9C548B801}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{D5012F9E-1D40-49F6-955E-6F11746888AC}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{D55FDFD5-C0D6-445C-A9D0-0189DDF5BB80}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{D6194890-87DD-436F-90D9-842962BDCED7}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{D6960936-8957-4723-A587-0AE4D27361B9}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{D6BE8455-455C-4BAF-B545-80E366D3A496}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{D727770D-BDB0-4FF0-BA9B-DE6C82952684}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{D7641DF5-782A-4E96-9658-FAC917EEA749}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{D893E5E0-0E56-4EC8-87A7-733E5C537AB3}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{D89B9E1B-D3BE-495A-B1C3-0E91C484F2F0}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{D9EEC722-E1FF-4B0F-A250-D07F0B414093}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{DA432C96-A9E1-4C58-98B1-A6044D883F12}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{DA61F194-14FC-4AB7-AFCA-DCDC2CF3A593}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{DB450019-6499-4FDB-B64A-373E50B0F2DF}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{DB8E84B3-A3DE-4D54-82FC-581E15A63B6B}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{DC781D78-011A-432B-B5CD-4E3A80857390}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{DD59F2C4-7A95-43C8-8D06-9BFF568335F5}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{DD5AB264-284F-4841-A2D5-E958BEF59416}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{DDA9DCF6-74C7-4A5F-B072-40D6AE8BC214}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{DDD85F9A-D27F-4E3D-B54B-463532570E01}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{DE0E3DE8-17BF-47B2-AD3D-41E1EF7E316F}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{DE1E8E2B-C005-45CD-A8B2-09B732E1781F}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{DEB58E6B-46D2-4187-8E4F-61E25AB0A490}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{DED1988D-C4A2-45F4-8B1C-DA2DAE10E2CD}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{DEE85FC2-1BE0-4ADF-97BF-5DD71A327704}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{DF87BE44-3B30-4693-BB38-BA9AE254DF1E}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{DFABE4A0-D074-47E3-A56C-9414B05EFB12}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{DFD923A8-499E-4EC9-A6DF-748E651A5E7B}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{E040E1B2-0923-49EE-A544-9A3E53DFB1AF}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{E108B70E-970D-4C29-A15B-95C7D7C8B619}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{E16C1E9B-13E8-4E12-AD4B-1A631A7DBA51}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{E19CFF30-F110-46D8-BCF0-CA43A5D77F12}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{E1FF2A63-E3B6-4B5F-A2F3-75B8105EE16A}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{E205A6E4-9514-4413-9345-479D2ABFF4F3}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{E20F9659-602E-4917-8566-F335861ECAD0}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{E23884A7-7A16-43E6-9540-4D69D859E006}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{E2AEF2E7-E28B-4778-AE3B-EF1B3948A163}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{E3784399-052D-4069-9EC6-7DDFADF662CE}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{E39007A0-F1A0-4D26-8B8B-61D2B10B1E7D}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{E3914AF6-57B0-4639-967D-865B013A27BE}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{E3A6FDF5-3398-4811-9D98-CBD8DDCCA324}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{E47C1C00-66EA-4FBE-AD63-0104AE25270E}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{E487A438-FA95-493E-B393-FC6944663514}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{E4CDDD72-7213-4BBA-BD99-20071B8AACB3}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{E608EA4F-B6FB-460F-AB2F-A5FF7066280F}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{E61F74D6-1C25-4AD8-A4FA-6D89FA728AB3}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{E6539EB4-9C91-4CEE-8ACD-78AFE48DFB5E}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{E69764D0-6501-47FE-9984-54445239CCA5}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{E6D979CD-8172-491E-9C75-A2879CCF842B}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{E70C14E0-9A52-4301-A4D6-F343E862E64F}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{E70ED93B-FE4F-43B5-BE7C-02F01B289C85}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{E786BFA5-1DFC-4E9C-AD1F-AB1CEC054060}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{E7EE46FF-8B51-4EC3-A84F-D9E89644D1E0}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{E7FEC711-00F6-47D7-9516-C0FA52667F1E}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{E81CCFEA-E390-4252-8852-C770A03D5097}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{E82C8A6B-A82A-4C8F-A61E-4D3BDB782545}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{E83CD59E-0252-4861-9655-114301D9C877}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{E8B8DE97-5EFB-4C87-BB9E-84249EBD68FF}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{E9400ACD-C4D5-4FF6-90BB-9487410A3A8A}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{E94A9723-F678-4A13-8015-68037F615C1B}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{EA417BE9-9A84-478A-B4C6-B393FA929BA7}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{EA47C9DC-B017-4A14-BE1C-3BB4782ADF20}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{EAEDE492-9BAC-405C-B63A-3DAE0094AFB7}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{EB20672F-D9E3-48F1-860F-CCAD4302C456}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{EB8290DA-C7CB-49C1-B55D-1319BD131C3F}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{EC13CA8F-9F5D-4AB3-89F2-1CDE557F4B82}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{EC74FEA1-F7EE-4EDB-A748-94E951E78960}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{ED224175-13ED-4411-9B09-2B1C733DECAA}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{EDC181DD-E5D0-439B-A4CD-F9CEF530ECD0}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{EE466AAC-9A68-4F17-A96D-8D385AA210ED}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{EE71AA88-3CCA-4A82-9801-0F77E6609C94}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{EEBDA12D-26C1-4E70-AC47-A2CBFE56632F}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{EFAB6444-423C-4AEA-ABDD-6C22BF7EC84D}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{F0019EB4-01BF-4B50-B08E-15AD318588D7}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{F09F66C2-3FCE-4E41-BC6D-B01EEF835510}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{F11E7270-9124-4AB4-82B4-F0AF152D73B3}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{F1413953-462A-4053-8EA5-73FB55227236}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{F1CACA1D-99DD-4704-A67A-3963446CAAE8}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{F26AEC49-5D51-4F82-9B89-8FA42E9CD3EB}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{F293EFF4-EA73-465D-AB28-23449974C550}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{F2D9226F-BD67-41F3-867B-E8DAB511E48F}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{F3985D55-68E6-426A-9993-2823BC5B82BD}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{F4265125-3274-4F8A-A82B-83AC7D632FDF}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{F42D9204-C1CA-4A7A-896B-8D0B8DC3A283}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{F46D23FE-DA6D-4751-9DED-9BF37F835370}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{F4C50B6E-6C8C-4A13-B403-05F642D91D57}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{F5231955-40EE-4815-93F8-F52B7C4D6F8A}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{F524E9A4-9717-417F-AFD9-C03C42D1B022}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{F5A77ABE-2837-4C21-9F1E-61E8758FDB13}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{F62EFE56-08FB-43A8-9F0C-EBB505AF2844}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{F65B0DA2-1CF4-463B-8F3D-140418E49836}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{F6C0BC08-AF8E-45C2-95B3-0970E083BAA6}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{F719D03F-12AE-4F8F-9528-DCC26B1313F7}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{F71FFFC5-AB40-48AE-96BE-22CB664C5CD2}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{F72260C0-C036-4BD3-8B49-1C4F5EF24713}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{F72DF455-7EB3-4D3E-9F91-DE3811147E88}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{F74840A0-0DE7-4E60-9FD4-EA8BD980CC4B}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{F75A0613-148A-4483-B944-BFA0ADBBB980}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{F7F08C8D-B496-4E20-839A-5593CCA279E9}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{F8332793-DDCF-4B60-A676-E4C5A1779F34}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{F84329DB-E2E1-4D87-887E-A5B8FFE12A96}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{F861152F-056D-4C4D-99F2-65F289FF56D0}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{F9764536-89EA-4E8D-9381-AACC6ABFB942}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{F9F72828-55A2-45D8-8BF1-04EC05E46847}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{F9FD1A25-3913-4D45-ABA6-B85541020F85}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{FA6BB18B-1BEE-4F27-90D5-90E3C3E50911}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{FA827D7F-E4E9-4262-8D1E-46A4F0BE50BE}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{FAA18CDF-C7B4-4833-B1AC-AB41D6424B05}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{FAEFB9A6-DFC2-4098-A449-D8DFA592E190}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{FB13D01B-B8E1-44FD-89EA-A54DB6E86327}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{FB21C038-1A2F-4FC1-A1C9-65AFF47C48C0}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{FB2473C2-5E61-4B67-8CF1-787A0602DED6}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{FB46F2B1-862F-4FF9-AB87-C50585EEC143}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{FBD25172-F7E5-4C4D-8508-F203BFCDA624}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{FBEBFEA5-F14C-4885-AA51-A08B932DCCC7}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{FC1766DC-0E0F-4DC6-B2C7-C29CA1D61FF2}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{FC2D0429-8D2E-4D7D-9B13-1F0C2697D3C6}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{FC4FCF7F-C4D2-481D-9297-E71030B4051D}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{FCC6D9DB-E90E-4944-A29A-01B9451A1E49}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{FCD5F71D-B7E3-4770-A735-823E59898694}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{FD19F50E-1972-4722-9951-D81F1A61AD12}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{FD3E9D4E-04D0-4E68-AD97-4F3726667594}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{FDBB0DAF-265A-4D70-87E9-82DDB301D785}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{FDE8D99B-E658-49A0-9424-236B4DF9E298}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{FF3593F7-3250-466F-8AF1-DD4A615E1A51}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{FF909840-3146-4698-BBE3-98DE491083AC}
    Successfully deleted: [Empty Folder] C:\Users\Kzion\appdata\local\{FFCD8D88-0513-4768-BCC9-AA1D758367A6}
     
     
     
    ~~~ Event Viewer Logs were cleared
     
     
     
     
     
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    Scan was completed on Wed 12/03/2014 at 18:05:33.54
    End of JRT log
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
     
     
     
     
     
    Finally the Malwarebytes Anti-Malware Scan


    Malwarebytes Anti-Malware
    www.malwarebytes.org
     
    Scan Date: 12/3/2014
    Scan Time: 6:13:46 PM
    Logfile: Mwb Anti-Malware.txt
    Administrator: Yes
     
    Version: 2.00.4.1028
    Malware Database: v2014.12.03.13
    Rootkit Database: v2014.12.03.01
    License: Trial
    Malware Protection: Enabled
    Malicious Website Protection: Enabled
    Self-protection: Disabled
     
    OS: Windows 7 Service Pack 1
    CPU: x64
    File System: NTFS
    User: Kzion
     
    Scan Type: Threat Scan
    Result: Completed
    Objects Scanned: 402609
    Time Elapsed: 28 min, 46 sec
     
    Memory: Enabled
    Startup: Enabled
    Filesystem: Enabled
    Archives: Enabled
    Rootkits: Enabled
    Heuristics: Enabled
    PUP: Enabled
    PUM: Enabled
     
    Processes: 0
    (No malicious items detected)
     
    Modules: 0
    (No malicious items detected)
     
    Registry Keys: 0
    (No malicious items detected)
     
    Registry Values: 0
    (No malicious items detected)
     
    Registry Data: 0
    (No malicious items detected)
     
    Folders: 0
    (No malicious items detected)
     
    Files: 0
    (No malicious items detected)
     
    Physical Sectors: 0
    (No malicious items detected)
     
     
    (end)



    The boot up feels faster, and the machine feels a bit more responsive without the error pop ups, i think its better overall.
    Are more virus shown in the logs?
    I'll await for further instructions

    Thank you.

    • 0

    #15
    Biscuithd
    Posted 04 December 2014 - 06:29 AM

    Biscuithd

      Trusted Helper

    • Malware Removal
    • 2,573 posts

    Hi, :)

     

     

    Are more virus shown in the logs?

     

    What you are seeing in the adwCleaner, JRT and MBAM logs are "mostly", what we call remnents. It's not the whole virus, so, it can't infect and plague the machine. But, by being there the computer is burdened by them and they slow progress. Tools like adwCleaner and JRT are constantly collecting information on this low level junk and ads and can assess and remove it much faster than I can. So, I manually assess the machine looking for the major infections an remedy those and then call in the mop up folks.

     

     

    The boot up feels faster, and the machine feels a bit more responsive without the error pop ups, i think its better overall.

     

    This is a very positive sign and exactly what I was looking for! :)

     

    Ok, next step.

     

    ESETOnline.png Scan with ESET Online Scanner

    This step can only be done using Internet Explorer, Google Chrome or Mozilla Firefox.
    Temporary disable your AntiVirus and AntiSpyware protection - instructions here.
    Please visit ESET Online Scanner website.
    Click there Run ESET Online Scanner.

    If using Internet Explorer:
    • Accept the Terms of Use and click Start.
    • Allow the running of add-on.
    If using Mozilla Firefox or Google Chrome:
    • Download esetsmartinstaller_enu.exe that you'll be given link to.
    • Double click esetsmartinstaller_enu.exe.
    • Allow the Terms of Use and click Start.
    To perform the scan:
    • Make sure that Remove found threats is checked.
    • Scan archives is checked.
    • In Advanced Settings: Scan for potentially unwanted applications, Scan for potentially unsafe applications and Enable Anti-Stealth technology are checked.
    • Click Start
    • The program will begin to download it's virus database. The speed may vary depending on your Internet connection.
    • When completed, the program will begin to scan. This may take several hours. Please, be patient.
    • Do not do anything on your machine as it may interrupt the scan.
    • When the scan is done, click Finish.
    • A logfile will be created at C:\Program Files (x86)\ESET\ESET Online Scanner. Open it using Notepad.
    Please include this logfile in your next reply.

    Don't forget to re-enable previously switched-off protection software!

     

    Once this completes, post the log and then give the machine a good work out to see if everything is working as it should be :thumbsup:


    • 0
    Back to Virus, Spyware, Malware Removal · Next Unread Topic →




    Similar Topics

    0 user(s) are reading this topic

    0 members, 0 guests, 0 anonymous users

    1. Geeks to Go Community
    2. Security
    3. Virus, Spyware, Malware Removal

    As Featured On:

    Microsoft Yahoo BBC MSN PC Magazine Washington Post HP