Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Odd things happen to laptop [Solved]

Started by Betrayed , Dec 06 2014 01:41 PM

  • This topic is locked This topic is locked

#1
Betrayed
Posted 06 December 2014 - 01:41 PM

Betrayed

    Member

  • Member
  • PipPipPip
  • 119 posts
Lately odd things like new tab randomly opening and some other stuff have been happening. I think I may be infected.
 
OTL.txt Logs: http://privatepaste.com/e5ec1499de
 
Extras.txt: http://privatepaste.com/399e6130bb
 
Hope to get this sorted soon thanks!

OTL logfile created on: 06/12/2014 17:33:22 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Betrayed\Desktop
64bit- An unknown product (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17416)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

5.82 Gb Total Physical Memory | 3.71 Gb Available Physical Memory | 63.77% Memory free
6.76 Gb Paging File | 4.45 Gb Available in Paging File | 65.89% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 465.34 Gb Total Space | 262.66 Gb Free Space | 56.45% Space Free | Partition Type: NTFS

Computer Name: BETRAYED | User Name: Betrayed | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2014/12/06 16:49:20 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Betrayed\Desktop\OTL.exe
PRC - [2014/12/06 16:47:51 | 069,999,448 | ---- | M] (Microsoft Corporation) -- C:\Users\Betrayed\Downloads\NDP452-KB2901907-x86-x64-AllOS-ENU.exe
PRC - [2014/11/27 13:43:10 | 002,370,240 | ---- | M] (Comodo Security Solutions, Inc.) -- C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe
PRC - [2014/11/25 06:39:27 | 000,856,904 | ---- | M] (Google Inc.) -- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
PRC - [2014/11/13 06:58:58 | 035,419,192 | ---- | M] (Dropbox, Inc.) -- C:\Users\Betrayed\AppData\Roaming\Dropbox\bin\Dropbox.exe
PRC - [2014/09/12 09:43:06 | 000,064,704 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2014/07/04 10:18:17 | 001,176,632 | ---- | M] (Spotify Ltd) -- C:\Users\Betrayed\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
PRC - [2014/06/16 10:11:58 | 005,037,888 | ---- | M] (TeamViewer GmbH) -- C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
PRC - [2014/05/22 14:43:40 | 000,210,944 | ---- | M] (Popcorn Time) -- C:\Program Files (x86)\Popcorn Time\PopcornTimeUpdater.exe
PRC - [2014/04/12 06:08:08 | 000,087,696 | ---- | M] (Microsoft Corporation) -- C:\742b1cc9c820255a6762987d98\Setup.exe
PRC - [2014/03/13 16:44:22 | 000,819,984 | ---- | M] (BlueStack Systems, Inc.) -- C:\Program Files (x86)\BlueStacks\HD-Agent.exe
PRC - [2013/11/05 22:05:42 | 000,437,464 | ---- | M] (VMware, Inc.) -- C:\Windows\SysWOW64\vmnat.exe
PRC - [2013/11/05 22:05:16 | 000,358,104 | ---- | M] (VMware, Inc.) -- C:\Windows\SysWOW64\vmnetdhcp.exe
PRC - [2013/11/05 21:23:36 | 000,087,768 | ---- | M] (VMware, Inc.) -- C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe
PRC - [2013/11/05 19:34:10 | 002,237,328 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
PRC - [2013/10/17 21:29:44 | 000,395,120 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\Adobe CEF Helper.exe
PRC - [2013/10/16 18:01:36 | 004,624,240 | ---- | M] () -- C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
PRC - [2013/08/02 11:36:20 | 003,293,288 | ---- | M] (Nota Inc.) -- C:\Program Files (x86)\Gyazo\GyStation.exe
PRC - [2013/06/05 13:18:06 | 001,039,240 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\CEPServiceManager4\CEPServiceManager.exe
PRC - [2013/05/21 04:44:22 | 000,144,368 | R--- | M] (Symantec Corporation) -- C:\Program Files (x86)\Norton Internet Security\Engine\20.5.0.28\ccsvchst.exe
PRC - [2012/10/16 09:39:00 | 000,646,744 | ---- | M] () -- C:\Program Files (x86)\Bamboo Dock\BambooCore.exe
PRC - [2012/10/08 14:15:50 | 000,039,808 | ---- | M] (Wacom Technology) -- C:\Program Files\Tablet\Pen\WacomHost.exe
PRC - [2012/07/30 23:04:06 | 000,533,056 | ---- | M] (NTI Corporation) -- C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe
PRC - [2012/07/27 16:16:32 | 002,415,760 | ---- | M] (Acer Incorporated) -- C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe
PRC - [2012/07/18 00:10:33 | 000,364,416 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
PRC - [2012/07/18 00:10:30 | 000,276,864 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
PRC - [2012/07/18 00:10:16 | 000,165,760 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe
PRC - [2012/07/04 17:57:44 | 000,990,320 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe
PRC - [2012/04/24 13:37:56 | 000,169,752 | ---- | M] (Intel Corporation) -- C:\Program Files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe


========== Modules (No Company Name) ==========

MOD - [2014/12/06 16:24:10 | 000,043,008 | ---- | M] () -- c:\users\betrayed~1\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpx0fngs.dll
MOD - [2014/12/05 23:26:20 | 000,155,136 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\JSON\8fe74181f8f6e6b1724a5a7aed0b64b6\JSON.ni.dll
MOD - [2014/12/05 23:21:17 | 011,926,016 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Web\6074b87793a7906a01317ea8832e7330\System.Web.ni.dll
MOD - [2014/12/05 23:20:25 | 000,978,432 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Configuration\0f06c6152e5384e75e9517c79ed500d4\System.Configuration.ni.dll
MOD - [2014/12/05 23:20:23 | 001,394,176 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\HD-Agent\dd38e482b075c7dead7fb96d8afa2caa\HD-Agent.ni.exe
MOD - [2014/12/04 18:08:57 | 005,467,136 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\49201f5658aca21352debffb85ff41df\System.Xml.ni.dll
MOD - [2014/12/04 18:08:54 | 012,436,480 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\6b1a3043fa76fc0f83502099411d2a10\System.Windows.Forms.ni.dll
MOD - [2014/12/04 18:08:50 | 001,593,344 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Drawing\828956d62d94914af63efc7fb36d1120\System.Drawing.ni.dll
MOD - [2014/12/04 18:08:19 | 007,995,904 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\4976746d2f27ea6b60301a84d6c3e4be\System.ni.dll
MOD - [2014/12/03 20:16:43 | 011,500,032 | ---- | M] () -- C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\5bd3374f05d46ba0563f44d032209f08\mscorlib.ni.dll
MOD - [2014/11/25 06:39:24 | 009,009,480 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.71\pdf.dll
MOD - [2014/11/25 06:39:20 | 001,077,064 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.71\libglesv2.dll
MOD - [2014/11/25 06:39:18 | 000,211,272 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.71\libegl.dll
MOD - [2014/11/25 06:39:17 | 001,677,128 | ---- | M] () -- C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.71\ffmpegsumo.dll
MOD - [2014/11/13 06:49:58 | 003,610,624 | ---- | M] () -- C:\Users\Betrayed\AppData\Roaming\Dropbox\bin\wxmsw28uh_vc.dll
MOD - [2014/06/01 09:08:56 | 000,035,328 | ---- | M] () -- C:\Program Files (x86)\FileZilla FTP Client\fzshellext.dll
MOD - [2014/05/24 16:41:24 | 000,892,416 | ---- | M] () -- C:\Program Files (x86)\FileZilla FTP Client\libstdc++-6.dll
MOD - [2014/05/24 16:41:24 | 000,091,648 | ---- | M] () -- C:\Program Files (x86)\FileZilla FTP Client\libgcc_s_sjlj-1.dll
MOD - [2014/01/03 11:03:39 | 000,096,256 | ---- | M] () -- C:\Program Files (x86)\SplitMediaLabs\XSplit\swresample-0.dll
MOD - [2014/01/03 11:03:38 | 001,425,920 | ---- | M] () -- C:\Program Files (x86)\SplitMediaLabs\XSplit\avformat-54.dll
MOD - [2014/01/03 11:03:38 | 000,188,416 | ---- | M] () -- C:\Program Files (x86)\SplitMediaLabs\XSplit\avutil-52.dll
MOD - [2014/01/03 11:03:17 | 000,336,896 | ---- | M] () -- C:\Program Files (x86)\SplitMediaLabs\XSplit\swscale-2.dll
MOD - [2014/01/03 11:03:16 | 007,816,192 | ---- | M] () -- C:\Program Files (x86)\SplitMediaLabs\XSplit\avcodec-54.dll
MOD - [2013/10/17 16:45:58 | 032,726,528 | ---- | M] () -- C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\libcef.dll
MOD - [2013/10/16 18:01:36 | 004,624,240 | ---- | M] () -- C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
MOD - [2013/08/23 19:01:44 | 025,100,288 | ---- | M] () -- C:\Users\Betrayed\AppData\Roaming\Dropbox\bin\libcef.dll
MOD - [2013/06/05 13:21:18 | 000,071,560 | ---- | M] () -- C:\Program Files (x86)\Common Files\Adobe\CEPServiceManager4\zlib1.dll
MOD - [2012/11/28 14:13:52 | 000,087,952 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2012/11/28 14:13:30 | 001,242,512 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2012/11/22 17:57:06 | 000,056,424 | ---- | M] () -- C:\Windows\SysWOW64\PrxerNsp.dll
MOD - [2012/10/16 09:39:00 | 000,646,744 | ---- | M] () -- C:\Program Files (x86)\Bamboo Dock\BambooCore.exe
MOD - [2012/07/30 23:04:34 | 000,465,384 | ---- | M] () -- C:\Program Files (x86)\NTI\Acer Backup Manager\sqlite3.dll
MOD - [2012/05/30 14:51:08 | 000,699,280 | R--- | M] () -- C:\Program Files (x86)\Norton Internet Security\Engine\20.5.0.28\wincfi39.dll


========== Services (SafeList) ==========

SRV:64bit: - [2014/10/31 04:51:25 | 000,114,688 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV:64bit: - [2014/10/07 01:54:27 | 000,226,304 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\AudioEndpointBuilder.dll -- (AudioEndpointBuilder)
SRV:64bit: - [2014/09/22 03:05:56 | 000,368,632 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\NisSrv.exe -- (WdNisSvc)
SRV:64bit: - [2014/09/22 03:05:56 | 000,023,792 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MsMpEng.exe -- (WinDefend)
SRV:64bit: - [2014/08/16 03:29:38 | 002,899,968 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify)
SRV:64bit: - [2014/08/16 00:58:35 | 000,287,744 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\SystemEventsBrokerServer.dll -- (SystemEventsBroker)
SRV:64bit: - [2014/08/16 00:45:51 | 000,267,776 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\bisrv.dll -- (BrokerInfrastructure)
SRV:64bit: - [2014/07/24 07:28:58 | 001,600,000 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\workfolderssvc.dll -- (workfolderssvc)
SRV:64bit: - [2014/07/02 14:37:00 | 000,005,632 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Identity Foundation\v3.5\c2wtshost.exe -- (c2wts)
SRV:64bit: - [2014/06/05 12:15:06 | 000,037,176 | ---- | M] (The OpenVPN Project) [On_Demand | Stopped] -- C:\Program Files\OpenVPN\bin\openvpnserv.exe -- (OpenVPNService)
SRV:64bit: - [2014/04/30 19:57:14 | 000,087,736 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Microsoft Visual Studio 12.0\Common7\Packages\Debugger\Services\VsEtwService.exe -- (VsEtwService120)
SRV:64bit: - [2014/03/14 06:26:25 | 000,491,520 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\GeofenceMonitorService.dll -- (lfsvc)
SRV:64bit: - [2014/03/08 05:41:25 | 001,306,624 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AppXDeploymentServer.dll -- (AppXSvc)
SRV:64bit: - [2014/03/06 07:02:13 | 000,834,560 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\netlogon.dll -- (Netlogon)
SRV:64bit: - [2014/02/22 15:53:10 | 003,394,384 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\WSService.dll -- (WSService)
SRV:64bit: - [2014/02/22 09:57:16 | 000,710,656 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\lsm.dll -- (LSM)
SRV:64bit: - [2014/02/22 09:26:58 | 000,366,080 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\SysNative\wcmsvc.dll -- (Wcmsvc)
SRV:64bit: - [2014/02/22 09:25:39 | 000,399,872 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\das.dll -- (DeviceAssociationService)
SRV:64bit: - [2014/02/22 09:23:58 | 001,576,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wlidsvc.dll -- (wlidsvc)
SRV:64bit: - [2014/01/17 19:01:08 | 000,187,592 | ---- | M] (Sandboxie Holdings, LLC) [Auto | Running] -- C:\Program Files\Sandboxie\SbieSvc.exe -- (SbieSvc)
SRV:64bit: - [2013/12/10 07:35:18 | 000,530,944 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\AppReadiness.dll -- (AppReadiness)
SRV:64bit: - [2013/08/22 11:32:02 | 000,024,576 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wephostsvc.dll -- (WEPHOSTSVC)
SRV:64bit: - [2013/08/22 11:31:43 | 000,040,448 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\efssvc.dll -- (EFS)
SRV:64bit: - [2013/08/22 11:22:45 | 000,066,048 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\wiarpc.dll -- (WiaRpc)
SRV:64bit: - [2013/08/22 11:21:15 | 000,013,312 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\svsvc.dll -- (svsvc)
SRV:64bit: - [2013/08/22 11:16:57 | 000,118,272 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\fhsvc.dll -- (fhsvc)
SRV:64bit: - [2013/08/22 11:03:41 | 000,052,736 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\WINDOWS\SysNative\rundll32.exe -- (699fd52f)
SRV:64bit: - [2013/08/22 10:25:28 | 000,164,352 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NcaSvc.dll -- (NcaSvc)
SRV:64bit: - [2013/08/22 10:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicvss)
SRV:64bit: - [2013/08/22 10:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmictimesync)
SRV:64bit: - [2013/08/22 10:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicshutdown)
SRV:64bit: - [2013/08/22 10:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicrdv)
SRV:64bit: - [2013/08/22 10:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmickvpexchange)
SRV:64bit: - [2013/08/22 10:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicheartbeat)
SRV:64bit: - [2013/08/22 10:19:28 | 000,517,120 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\icsvc.dll -- (vmicguestinterface)
SRV:64bit: - [2013/08/22 10:02:47 | 000,013,312 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\smphost.dll -- (smphost)
SRV:64bit: - [2013/08/22 09:57:25 | 000,130,560 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\ScDeviceEnum.dll -- (ScDeviceEnum)
SRV:64bit: - [2013/08/22 09:54:59 | 000,059,392 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\keyiso.dll -- (KeyIso)
SRV:64bit: - [2013/08/22 09:50:59 | 000,245,760 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\TimeBrokerServer.dll -- (TimeBroker)
SRV:64bit: - [2013/08/22 09:50:00 | 000,525,312 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\netprofmsvc.dll -- (netprofm)
SRV:64bit: - [2013/08/22 09:45:59 | 000,151,040 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\ncbservice.dll -- (NcbService)
SRV:64bit: - [2013/08/22 09:40:49 | 000,248,832 | ---- | M] (Microsoft Corporation) [On_Demand | Running] -- C:\Windows\SysNative\vaultsvc.dll -- (VaultSvc)
SRV:64bit: - [2013/08/22 09:31:03 | 000,201,728 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\DeviceSetupManager.dll -- (DsmSvc)
SRV:64bit: - [2013/08/22 09:15:54 | 000,073,728 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\NcdAutoSetup.dll -- (NcdAutoSetup)
SRV:64bit: - [2012/11/14 12:45:32 | 000,619,904 | ---- | M] (Wacom Technology, Corp.) [Auto | Running] -- C:\Program Files\Tablet\Pen\WTabletServiceCon.exe -- (WTabletServiceCon)
SRV:64bit: - [2012/07/31 20:20:26 | 000,659,600 | ---- | M] (Acer Incorporated) [On_Demand | Running] -- C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe -- (ePowerSvc)
SRV:64bit: - [2012/07/31 01:16:42 | 000,466,064 | ---- | M] (Acer Incorporated) [On_Demand | Stopped] -- C:\Program Files\Acer\Acer Device Fast-lane\DeviceFastLaneSvc.exe -- (DeviceFastLaneService)
SRV:64bit: - [2012/04/20 13:16:12 | 000,635,104 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Intel\iCLS Client\HeciServer.exe -- (Intel®
SRV - [2014/12/03 19:57:45 | 000,267,440 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2014/11/27 13:43:10 | 002,370,240 | ---- | M] (Comodo Security Solutions, Inc.) [Auto | Running] -- C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe -- (DragonUpdater)
SRV - [2014/09/12 09:43:06 | 000,064,704 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2014/08/16 03:29:38 | 002,899,968 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll -- (PrintNotify)
SRV - [2014/07/12 00:53:24 | 000,542,912 | ---- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2014/06/26 18:37:33 | 000,119,408 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2014/06/16 10:11:58 | 005,037,888 | ---- | M] (TeamViewer GmbH) [Auto | Running] -- C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe -- (TeamViewer9)
SRV - [2014/05/22 14:43:40 | 000,210,944 | ---- | M] (Popcorn Time) [Auto | Running] -- C:\Program Files (x86)\Popcorn Time\PopcornTimeUpdater.exe -- (Popcorn Time Updater)
SRV - [2014/04/03 19:21:48 | 000,315,008 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)
SRV - [2014/03/14 06:10:16 | 000,357,376 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\GeofenceMonitorService.dll -- (lfsvc)
SRV - [2014/03/13 16:45:08 | 000,770,832 | ---- | M] (BlueStack Systems, Inc.) [Auto | Stopped] -- C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe -- (BstHdUpdaterSvc)
SRV - [2014/03/13 16:43:14 | 000,385,808 | ---- | M] (BlueStack Systems, Inc.) [Auto | Stopped] -- C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe -- (BstHdLogRotatorSvc)
SRV - [2014/03/13 16:42:40 | 000,402,192 | ---- | M] (BlueStack Systems, Inc.) [Auto | Stopped] -- C:\Program Files (x86)\BlueStacks\HD-Service.exe -- (BstHdAndroidSvc)
SRV - [2014/02/19 23:18:06 | 000,142,336 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Windows Kits\8.1\App Certification Kit\fussvc.exe -- (fussvc)
SRV - [2014/01/29 19:04:52 | 000,279,024 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe -- (cphs)
SRV - [2014/01/12 13:07:40 | 000,438,272 | ---- | M] (PowerUp Software, LLC) [Auto | Stopped] -- C:\Program Files (x86)\PowerUp Software\Pinnacle Game Profiler\pinnacle_updater.exe -- (PinnacleUpdateSvc)
SRV - [2013/12/16 20:31:34 | 000,443,080 | ---- | M] () [On_Demand | Stopped] -- C:\Windows\SysWOW64\GSService.exe -- (GSService)
SRV - [2013/11/05 22:05:42 | 000,437,464 | ---- | M] (VMware, Inc.) [Auto | Running] -- C:\Windows\SysWOW64\vmnat.exe -- (VMware NAT Service)
SRV - [2013/11/05 22:05:16 | 000,358,104 | ---- | M] (VMware, Inc.) [Auto | Running] -- C:\Windows\SysWOW64\vmnetdhcp.exe -- (VMnetDHCP)
SRV - [2013/11/05 21:23:36 | 000,087,768 | ---- | M] (VMware, Inc.) [Auto | Running] -- C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe -- (VMAuthdService)
SRV - [2013/10/29 11:19:06 | 000,919,768 | ---- | M] (VMware, Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\VMware\USB\vmware-usbarbitrator64.exe -- (VMUSBArbService)
SRV - [2013/08/22 03:55:35 | 000,018,944 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\StorSvc.dll -- (StorSvc)
SRV - [2013/08/22 03:21:36 | 000,119,808 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Windows Kits\8.1\Testing\Runtimes\TAEF\Wex.Services.exe -- (Te.Service)
SRV - [2013/08/22 02:53:34 | 000,011,776 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\smphost.dll -- (smphost)
SRV - [2013/05/21 04:44:22 | 000,144,368 | R--- | M] (Symantec Corporation) [Auto | Running] -- C:\Program Files (x86)\Norton Internet Security\Engine\20.5.0.28\ccSvcHst.exe -- (NIS)
SRV - [2013/04/29 01:56:32 | 000,101,888 | ---- | M] (Freemake) [Auto | Stopped] -- C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe -- (Freemake Improver)
SRV - [2013/03/01 01:48:58 | 000,118,520 | ---- | M] (Riverbed Technology, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\WinPcap\rpcapd.exe -- (rpcapd)
SRV - [2013/01/28 14:47:24 | 000,227,456 | ---- | M] (Qualcomm Atheros Commnucations) [Auto | Running] -- C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\AdminService.exe -- (AtherosSvc)
SRV - [2012/08/27 04:53:32 | 000,655,624 | ---- | M] (Acresso Software Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service)
SRV - [2012/08/27 04:36:57 | 000,093,296 | ---- | M] (Dritek System INC.) [Auto | Running] -- C:\Windows\RfBtnSvc64.exe -- (RfButtonDriverService)
SRV - [2012/07/30 23:04:16 | 000,259,136 | ---- | M] (NTI Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe -- (NTI IScheduleSvc)
SRV - [2012/07/27 16:16:32 | 002,415,760 | ---- | M] (Acer Incorporated) [Auto | Running] -- C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe -- (CCDMonitorService)
SRV - [2012/07/18 00:10:33 | 000,364,416 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2012/07/18 00:10:30 | 000,276,864 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2012/07/18 00:10:16 | 000,165,760 | ---- | M] (Intel Corporation) [Auto | Running] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe -- (jhi_service)
SRV - [2012/04/24 13:37:56 | 000,169,752 | ---- | M] (Intel Corporation) [On_Demand | Running] -- C:\Program Files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe -- (ICCS)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2014/12/01 15:51:16 | 000,045,112 | -H-- | M] (LogMeIn Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\Hamdrv.sys -- (Hamachi)
DRV:64bit: - [2014/10/10 01:58:57 | 000,027,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2014/09/22 03:06:16 | 000,258,368 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WdFilter.sys -- (WdFilter)
DRV:64bit: - [2014/09/22 03:06:16 | 000,114,496 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WdNisDrv.sys -- (WdNisDrv)
DRV:64bit: - [2014/09/22 02:49:43 | 000,035,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WdBoot.sys -- (WdBoot)
DRV:64bit: - [2014/08/15 00:36:55 | 000,146,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\msgpioclx.sys -- (GPIOClx0101)
DRV:64bit: - [2014/07/24 15:28:38 | 000,468,288 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\USBHUB3.SYS -- (USBHUB3)
DRV:64bit: - [2014/07/24 15:28:38 | 000,412,992 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\spaceport.sys -- (spaceport)
DRV:64bit: - [2014/07/24 11:42:22 | 000,126,464 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NdisImPlatform.sys -- (NdisImPlatform)
DRV:64bit: - [2014/05/17 00:42:36 | 000,042,184 | ---- | M] (Anchorfree Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\taphss6.sys -- (taphss6)
DRV:64bit: - [2014/05/01 13:31:39 | 000,055,328 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wpcfltr.sys -- (wpcfltr)
DRV:64bit: - [2014/04/28 05:33:30 | 000,599,240 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btfilter.sys -- (BtFilter)
DRV:64bit: - [2014/03/20 03:41:20 | 000,376,152 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\clfs.sys -- (CLFS)
DRV:64bit: - [2014/03/18 08:18:42 | 000,087,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\xusb22.sys -- (xusb22)
DRV:64bit: - [2014/03/13 12:35:24 | 000,157,016 | ---- | M] (Microsoft Corporation) [File_System | Boot | Running] -- C:\WINDOWS\SysNative\drivers\wof.sys -- (Wof)
DRV:64bit: - [2014/03/08 20:40:16 | 000,136,024 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\wfplwfs.sys -- (WFPLWFS)
DRV:64bit: - [2014/03/06 17:36:44 | 000,090,624 | ---- | M] (Eugene V. Muzychenko) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\vrtaucbl.sys -- (EuMusDesignVirtualAudioCableWdm)
DRV:64bit: - [2014/02/22 16:00:25 | 000,236,888 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdbus.sys -- (sdbus)
DRV:64bit: - [2014/02/22 15:49:51 | 000,325,464 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\USBXHCI.SYS -- (USBXHCI)
DRV:64bit: - [2014/02/22 15:49:49 | 000,189,784 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\UCX01000.SYS -- (UCX01000)
DRV:64bit: - [2014/02/22 15:49:49 | 000,079,192 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\sdstor.sys -- (sdstor)
DRV:64bit: - [2014/02/22 15:44:13 | 000,924,504 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\WINDOWS\SysNative\drivers\refs.sys -- (ReFS)
DRV:64bit: - [2014/02/22 12:14:02 | 000,033,280 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\BasicRender.sys -- (BasicRender)
DRV:64bit: - [2014/01/22 14:57:34 | 000,450,520 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud)
DRV:64bit: - [2014/01/22 14:51:26 | 004,221,440 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2014/01/22 08:52:10 | 000,206,080 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudmdm.sys -- (ssudmdm)
DRV:64bit: - [2014/01/22 08:52:10 | 000,108,800 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ssudbus.sys -- (dg_ssudbus)
DRV:64bit: - [2014/01/17 19:01:06 | 000,202,600 | ---- | M] (Sandboxie Holdings, LLC) [Kernel | On_Demand | Running] -- C:\Program Files\Sandboxie\SbieDrv.sys -- (SbieDrv)
DRV:64bit: - [2013/12/31 17:30:54 | 000,146,776 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SerCx2.sys -- (SerCx2)
DRV:64bit: - [2013/12/31 17:30:54 | 000,086,872 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\pdc.sys -- (pdc)
DRV:64bit: - [2013/12/31 17:30:54 | 000,039,768 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\intelpep.sys -- (intelpep)
DRV:64bit: - [2013/12/26 23:30:20 | 000,038,296 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\intelaud.sys -- (intaud_WaveExtensible)
DRV:64bit: - [2013/12/26 23:30:20 | 000,027,032 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iwdbus.sys -- (iwdbus)
DRV:64bit: - [2013/12/04 18:41:54 | 000,226,304 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\BthLEEnum.sys -- (BthLEEnum)
DRV:64bit: - [2013/11/29 09:31:28 | 000,017,008 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\ampa.sys -- (ampa)
DRV:64bit: - [2013/11/14 12:49:33 | 000,057,176 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\stornvme.sys -- (stornvme)
DRV:64bit: - [2013/11/14 12:43:25 | 000,175,960 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VerifierExt.sys -- (VerifierExt)
DRV:64bit: - [2013/11/14 12:29:09 | 000,037,216 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\terminpt.sys -- (terminpt)
DRV:64bit: - [2013/11/05 22:06:02 | 000,031,448 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\vmnetuserif.sys -- (VMnetuserif)
DRV:64bit: - [2013/11/05 22:05:40 | 000,068,312 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\vmx86.sys -- (vmx86)
DRV:64bit: - [2013/11/05 22:04:52 | 000,045,720 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\vmnetbridge.sys -- (VMnetBridge)
DRV:64bit: - [2013/11/05 22:04:52 | 000,020,120 | ---- | M] (VMware, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\vmnetadapter.sys -- (VMnetAdapter)
DRV:64bit: - [2013/11/05 22:04:50 | 000,034,008 | ---- | M] (VMware, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\VMkbd.sys -- (vmkbd)
DRV:64bit: - [2013/10/29 11:18:50 | 000,053,976 | ---- | M] (VMware, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\hcmon.sys -- (hcmon)
DRV:64bit: - [2013/09/06 13:25:40 | 000,131,856 | ---- | M] (Oracle Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VBoxNetAdp.sys -- (VBoxNetAdp)
DRV:64bit: - [2013/08/22 13:25:40 | 000,043,008 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\condrv.sys -- (condrv)
DRV:64bit: - [2013/08/22 13:25:40 | 000,030,048 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\WINDOWS\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2013/08/22 12:50:19 | 000,057,696 | ---- | M] (Microsoft Corporation) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\dam.sys -- (dam)
DRV:64bit: - [2013/08/22 12:49:54 | 000,079,712 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\acpiex.sys -- (acpiex)
DRV:64bit: - [2013/08/22 12:49:33 | 000,159,584 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tpm.sys -- (TPM)
DRV:64bit: - [2013/08/22 12:43:49 | 000,063,840 | ---- | M] (Marvell Semiconductor, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\mvumis.sys -- (mvumis)
DRV:64bit: - [2013/08/22 12:43:48 | 000,041,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\msgpiowin32.sys -- (msgpiowin32)
DRV:64bit: - [2013/08/22 12:43:45 | 003,357,024 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2013/08/22 12:43:45 | 000,093,536 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2013/08/22 12:43:45 | 000,082,784 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sss.sys -- (LSI_SSS)
DRV:64bit: - [2013/08/22 12:43:45 | 000,064,352 | ---- | M] (Hewlett-Packard Company) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2013/08/22 12:43:44 | 000,081,760 | ---- | M] (LSI Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas3.sys -- (LSI_SAS3)
DRV:64bit: - [2013/08/22 12:43:41 | 000,782,176 | ---- | M] (PMC-Sierra) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\adp80xx.sys -- (ADP80XX)
DRV:64bit: - [2013/08/22 12:43:41 | 000,531,296 | ---- | M] (Broadcom Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2013/08/22 12:43:41 | 000,259,424 | ---- | M] (AMD Technologies Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2013/08/22 12:43:41 | 000,108,896 | ---- | M] (LSI) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\3ware.sys -- (3ware)
DRV:64bit: - [2013/08/22 12:43:41 | 000,079,200 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2013/08/22 12:43:40 | 000,114,016 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\EhStorTcgDrv.sys -- (EhStorTcgDrv)
DRV:64bit: - [2013/08/22 12:43:40 | 000,082,784 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\EhStorClass.sys -- (EhStorClass)
DRV:64bit: - [2013/08/22 12:43:40 | 000,025,952 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2013/08/22 12:43:34 | 000,305,504 | ---- | M] (VIA Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\VSTXRAID.SYS -- (VSTXRAID)
DRV:64bit: - [2013/08/22 12:43:33 | 000,074,080 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\uaspstor.sys -- (UASPStor)
DRV:64bit: - [2013/08/22 12:43:32 | 000,031,072 | ---- | M] (Promise Technology, Inc.) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2013/08/22 12:43:31 | 000,107,872 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\storahci.sys -- (storahci)
DRV:64bit: - [2013/08/22 12:43:31 | 000,072,032 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SpbCx.sys -- (SpbCx)
DRV:64bit: - [2013/08/22 12:43:31 | 000,069,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SerCx.sys -- (SerCx)
DRV:64bit: - [2013/08/22 12:40:24 | 000,040,664 | ---- | M] (The OpenVPN Project) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\tap0901.sys -- (tap0901)
DRV:64bit: - [2013/08/22 12:39:15 | 000,026,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\uefi.sys -- (UEFI)
DRV:64bit: - [2013/08/22 12:37:27 | 000,069,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vpci.sys -- (vpci)
DRV:64bit: - [2013/08/22 12:36:12 | 000,026,976 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WpdUpFltr.sys -- (WpdUpFltr)
DRV:64bit: - [2013/08/22 11:39:54 | 000,076,800 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\ahcache.sys -- (ahcache)
DRV:64bit: - [2013/08/22 11:39:31 | 000,050,688 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\BasicDisplay.sys -- (BasicDisplay)
DRV:64bit: - [2013/08/22 11:39:20 | 000,022,016 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HyperVideo.sys -- (HyperVideo)
DRV:64bit: - [2013/08/22 11:39:06 | 000,009,728 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mshidumdf.sys -- (mshidumdf)
DRV:64bit: - [2013/08/22 11:38:58 | 000,010,752 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\acpitime.sys -- (acpitime)
DRV:64bit: - [2013/08/22 11:38:48 | 000,010,240 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\acpipagr.sys -- (acpipagr)
DRV:64bit: - [2013/08/22 11:38:39 | 000,036,992 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BthAvrcpTg.sys -- (BthAvrcpTg)
DRV:64bit: - [2013/08/22 11:38:26 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\kdnic.sys -- (kdnic)
DRV:64bit: - [2013/08/22 11:38:23 | 000,011,264 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\vmgencounter.sys -- (gencounter)
DRV:64bit: - [2013/08/22 11:38:22 | 000,023,040 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\npsvctrig.sys -- (npsvctrig)
DRV:64bit: - [2013/08/22 11:38:16 | 000,030,720 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\BthhfHid.sys -- (bthhfhid)
DRV:64bit: - [2013/08/22 11:37:49 | 000,013,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hyperkbd.sys -- (hyperkbd)
DRV:64bit: - [2013/08/22 11:37:46 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2013/08/22 11:37:42 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bthhfenum.sys -- (BthHFEnum)
DRV:64bit: - [2013/08/22 11:37:28 | 000,056,320 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2013/08/22 11:37:28 | 000,041,472 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hidi2c.sys -- (hidi2c)
DRV:64bit: - [2013/08/22 11:37:14 | 000,029,696 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc)
DRV:64bit: - [2013/08/22 11:36:43 | 000,087,040 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netvsc63.sys -- (netvsc)
DRV:64bit: - [2013/08/22 11:36:25 | 000,016,384 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NdisVirtualBus.sys -- (NdisVirtualBus)
DRV:64bit: - [2013/08/22 11:36:07 | 000,066,560 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mslldp.sys -- (MsLldp)
DRV:64bit: - [2013/08/22 11:35:42 | 000,103,424 | ---- | M] (Microsoft Corporation) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\Ndu.sys -- (Ndu)
DRV:64bit: - [2013/08/22 08:46:33 | 000,027,136 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fxppm.sys -- (FxPPM)
DRV:64bit: - [2013/08/12 23:25:46 | 000,017,624 | ---- | M] (Windows ® Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bcmfn2.sys -- (bcmfn2)
DRV:64bit: - [2013/08/10 00:39:30 | 000,651,248 | ---- | M] (Intel Corporation) [Kernel | Boot | Stopped] -- C:\Windows\SysNative\drivers\iaStorAV.sys -- (iaStorAV)
DRV:64bit: - [2013/07/30 18:47:35 | 000,024,568 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSSi_GPIO.sys -- (iaLPSSi_GPIO)
DRV:64bit: - [2013/07/25 19:05:39 | 000,099,320 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\iaLPSSi_I2C.sys -- (iaLPSSi_I2C)
DRV:64bit: - [2013/06/23 12:17:50 | 000,177,312 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\SYMEVENT64x86.SYS -- (SymEvent)
DRV:64bit: - [2013/06/18 14:45:14 | 000,425,984 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\k57nd60a.sys -- (k57nd60a)
DRV:64bit: - [2013/06/18 14:45:02 | 003,680,256 | ---- | M] (Qualcomm Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athw8x.sys -- (athr)
DRV:64bit: - [2013/05/23 05:25:28 | 001,139,800 | R--- | M] (Symantec Corporation) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\NISx64\1405000.01C\symefa64.sys -- (SymEFA)
DRV:64bit: - [2013/05/21 05:02:00 | 000,493,656 | R--- | M] (Symantec Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\NISx64\1405000.01C\symds64.sys -- (SymDS)
DRV:64bit: - [2013/05/16 05:02:14 | 000,796,760 | R--- | M] (Symantec Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\NISx64\1405000.01C\srtsp64.sys -- (SRTSP)
DRV:64bit: - [2013/04/25 00:43:56 | 000,433,752 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NISx64\1405000.01C\symnets.sys -- (SymNetS)
DRV:64bit: - [2013/04/16 02:41:14 | 000,169,048 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NISx64\1405000.01C\ccsetx64.sys -- (ccSet_NIS)
DRV:64bit: - [2013/03/05 02:14:07 | 000,023,448 | R--- | M] (Symantec Corporation) [Kernel | Disabled | Stopped] -- C:\Windows\SysNative\drivers\NISx64\1405000.01C\symelam.sys -- (SymELAM)
DRV:64bit: - [2013/03/05 01:40:08 | 000,224,416 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NISx64\1405000.01C\ironx64.sys -- (SymIRON)
DRV:64bit: - [2013/03/05 01:21:35 | 000,036,952 | R--- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\NISx64\1405000.01C\srtspx64.sys -- (SRTSPX)
DRV:64bit: - [2013/03/01 01:49:12 | 000,036,600 | ---- | M] (Riverbed Technology, Inc.) [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\npf.sys -- (NPF)
DRV:64bit: - [2013/01/28 14:23:24 | 000,136,424 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_rcp.sys -- (BTATH_RCP)
DRV:64bit: - [2013/01/28 14:23:24 | 000,077,464 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btath_lwflt.sys -- (BTATH_LWFLT)
DRV:64bit: - [2013/01/28 14:23:22 | 000,179,432 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_hcrp.sys -- (BTATH_HCRP)
DRV:64bit: - [2013/01/28 14:23:20 | 000,089,168 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btath_flt.sys -- (AthBTPort)
DRV:64bit: - [2013/01/28 14:23:18 | 000,346,192 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btath_a2dp.sys -- (BTATH_A2DP)
DRV:64bit: - [2013/01/28 14:23:18 | 000,115,280 | ---- | M] (Qualcomm Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btath_avdt.sys -- (btath_avdt)
DRV:64bit: - [2013/01/03 16:02:55 | 000,328,592 | ---- | M] (ELAN Microelectronics Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ETD.sys -- (ETD)
DRV:64bit: - [2012/10/24 14:17:14 | 000,070,296 | ---- | M] (VMware, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\vsock.sys -- (vsock)
DRV:64bit: - [2012/10/24 14:17:10 | 000,085,104 | ---- | M] (VMware, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\vmci.sys -- (vmci)
DRV:64bit: - [2012/10/12 07:54:54 | 000,015,776 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wacomrouterfilter.sys -- (wacomrouterfilter)
DRV:64bit: - [2012/10/12 07:20:38 | 000,081,312 | ---- | M] (Wacom Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wachidrouter.sys -- (WacHidRouter)
DRV:64bit: - [2012/10/12 07:20:38 | 000,013,728 | ---- | M] (Windows ® Win 7 DDK provider) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hidkmdf.sys -- (hidkmdf)
DRV:64bit: - [2012/08/30 14:22:06 | 000,050,288 | ---- | M] (UB658) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\ElgatoGC658.sys -- (ElgatoGC658Y)
DRV:64bit: - [2012/08/27 04:36:57 | 000,026,736 | ---- | M] (Dritek System Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\aPs2Kb2Hid.sys -- (Ps2Kb2Hid)
DRV:64bit: - [2012/08/21 13:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2012/07/15 10:48:16 | 000,030,720 | ---- | M] (The OpenVPN Project) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tapoas.sys -- (tapoas)
DRV:64bit: - [2012/07/09 12:43:12 | 000,645,952 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStorA.sys -- (iaStorA)
DRV:64bit: - [2012/07/02 22:16:02 | 000,062,784 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:64bit: - [2012/06/19 10:49:42 | 000,070,744 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\bScsiSDa.sys -- (bScsiSDa)
DRV:64bit: - [2012/06/18 15:20:52 | 000,055,384 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\bScsiMSa.sys -- (bScsiMSa)
DRV:64bit: - [2012/06/15 14:47:12 | 000,072,280 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\b57xdbd.sys -- (b57xdbd)
DRV:64bit: - [2012/06/15 14:47:10 | 000,021,080 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\b57xdmp.sys -- (b57xdmp)
DRV:64bit: - [2010/07/09 03:51:38 | 000,017,408 | ---- | M] (NTI Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\UBHelper.sys -- (UBHelper)
DRV:64bit: - [2010/07/01 15:21:50 | 000,038,992 | ---- | M] (Screaming Bee LLC) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ScreamingBAudio64.sys -- (ScreamBAudioSvc)
DRV:64bit: - [2010/04/20 02:35:14 | 000,018,432 | ---- | M] (NTI Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\NTIDrvr.sys -- (NTIDrvr)
DRV:64bit: - [2008/12/26 12:56:04 | 000,021,504 | ---- | M] (Avnex) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\vcsvad.sys -- (VCSVADHWSer)
DRV:64bit: - [2005/06/14 13:01:16 | 000,296,448 | ---- | M] (Aladdin Knowledge Systems Ltd.) [Kernel | Auto | Stopped] -- C:\Windows\SysNative\drivers\hardlock.sys -- (Hardlock)
DRV - [2014/03/13 16:43:02 | 000,121,616 | ---- | M] (BlueStack Systems) [Kernel | Auto | Running] -- C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys -- (BstHdDrv)
DRV - [2014/01/02 11:55:31 | 000,004,096 | ---- | M] () [Kernel | Auto | Stopped] -- C:\Program Files (x86)\Common Files\Avnex\vcs64.sys -- (vcs)
DRV - [2013/11/29 09:31:28 | 000,017,008 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\SysWOW64\ampa.sys -- (ampa)
DRV - [2013/07/02 09:26:31 | 002,098,776 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.4.0.40\Definitions\VirusDefs\20130711.001\ex64.sys -- (NAVEX15)
DRV - [2013/07/02 09:26:31 | 000,138,912 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys -- (EraserUtilRebootDrv)
DRV - [2013/07/02 09:26:31 | 000,126,040 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.4.0.40\Definitions\VirusDefs\20130711.001\eng64.sys -- (NAVENG)
DRV - [2013/06/21 14:07:04 | 000,513,184 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.4.0.40\Definitions\IPSDefs\20130710.001\IDSviA64.sys -- (IDSVia64)
DRV - [2013/05/21 04:41:34 | 001,393,240 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.4.0.40\Definitions\BASHDefs\20130702.001\BHDrvx64.sys -- (BHDrvx64)
DRV - [2013/01/03 18:14:22 | 000,484,512 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys -- (eeCtrl)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {EC025471-03A9-43A1-895E-72F76BF1511B}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE:64bit: - HKLM\..\SearchScopes\{EC025471-03A9-43A1-895E-72F76BF1511B}: "URL" = http://www.bing.com/...E10TR&pc=MAARJS
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope =
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{EC025471-03A9-43A1-895E-72F76BF1511B}: "URL" = http://www.bing.com/...E10TR&pc=MAARJS

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,DefaultNetworkProfile =
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.aol.com/?...gusaolp00000013 [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE11SR
IE - HKCU\..\SearchScopes\{8EEAC88A-079B-4b2c-80C1-7836F79EB40A}: "URL" = http://uk.search.yah...}&fr=chr-comodo
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

========== FireFox ==========

FF - prefs.js..browser.search.defaultengine: "Google"
FF - prefs.js..extensions.enabledAddons: %7B81BF1D23-5F17-408D-AC6B-BD6DF7CAF670%7D:8.8.2
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:30.0
FF - user.js - File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF64_15_0_0_239.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.21.2: C:\WINDOWS\system32\npDeployJava1.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@wacom.com/wtPlugin,version=2.1.0.2: C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF:64bit: - HKLM\Software\MozillaPlugins\adobe.com/AdobeAAMDetect: C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
FF:64bit: - HKLM\Software\MozillaPlugins\adobe.com/AdobeExManDetect: C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\Win64Plugin\npAdobeExManDetectX64.dll (Adobe Systems)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_239.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42: C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=11.25.2: C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=11.25.2: C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@mcafee.com/SAFFPlugin: C:\Program Files (x86)\McAfee\SiteAdvisor\npmcffplg32.dll File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3505.0912: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@wacom.com/wtPlugin,version=2.1.0.2: C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKLM\Software\MozillaPlugins\adobe.com/AdobeAAMDetect: C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll (Adobe Systems)
FF - HKLM\Software\MozillaPlugins\adobe.com/AdobeExManDetect: C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\npAdobeExManDetectX86.dll (Adobe Systems)
FF - HKCU\Software\MozillaPlugins\@acestream.net/acestreamplugin,version=3.0.3: C:\Users\Betrayed\AppData\Roaming\ACEStream\player\npace_plugin.dll (Innovative Digital Technologies)
FF - HKCU\Software\MozillaPlugins\@Skype Limited.com/Facebook Video Calling Plugin: C:\Users\Betrayed\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/GoogleTalkPlugin: C:\Users\Betrayed\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF - HKCU\Software\MozillaPlugins\@talk.google.com/O1DPlugin: C:\Users\Betrayed\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF - HKCU\Software\MozillaPlugins\@tightropeinteractive.com/Plugin: C:\Users\Betrayed\AppData\Local\TNT2\2.0.0.1534\npTNT2.dll File not found
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Betrayed\AppData\Local\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Betrayed\AppData\Local\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0: C:\Users\Betrayed\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF - HKCU\Software\MozillaPlugins\wacom.com/WacomTabletPlugin: C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{4ED1F68A-5463-4931-9384-8FFF5ED91D92}: C:\Program Files (x86)\McAfee\SiteAdvisor
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.4.0.40\IPSFFPlgn\ [2013/06/23 19:27:40 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.4.0.40\coFFPlgn\ [2014/12/06 16:26:36 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 30.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2014/12/06 16:42:30 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 30.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2014/12/04 16:48:32 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\[email protected]: C:\Program Files\McAfee\MSK
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 30.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2014/12/06 16:42:30 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 30.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2014/12/04 16:48:32 | 000,000,000 | ---D | M]

[2013/09/12 19:24:15 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Betrayed\AppData\Roaming\mozilla\Extensions
[2013/01/03 18:40:50 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Betrayed\AppData\Roaming\mozilla\Firefox\extensions
[2013/01/03 18:40:51 | 000,000,000 | ---D | M] (uTorrentControl_v2) -- C:\Users\Betrayed\AppData\Roaming\mozilla\Firefox\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}
[2014/11/16 22:38:15 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Betrayed\AppData\Roaming\mozilla\Firefox\Profiles\2cq6g9ts.default\extensions
[2014/06/10 14:16:52 | 000,000,000 | ---D | M] (iMacros for Firefox) -- C:\Users\Betrayed\AppData\Roaming\mozilla\Firefox\Profiles\2cq6g9ts.default\extensions\{81BF1D23-5F17-408D-AC6B-BD6DF7CAF670}
[2013/10/05 09:38:23 | 000,000,000 | ---D | M] (AOL Messaging Toolbar) -- C:\Users\Betrayed\AppData\Roaming\mozilla\Firefox\Profiles\2cq6g9ts.default\extensions\{c2f863cd-0429-48c7-bb54-db756a951760}
[2014/11/16 22:38:16 | 000,000,000 | ---D | M] (AS Magic Player) -- C:\Users\Betrayed\AppData\Roaming\mozilla\Firefox\Profiles\2cq6g9ts.default\extensions\[email protected]
[2014/01/12 15:11:05 | 000,095,372 | ---- | M] () (No name found) -- C:\Users\Betrayed\AppData\Roaming\mozilla\firefox\profiles\2cq6g9ts.default\extensions\[email protected]
[2014/06/09 14:04:44 | 000,967,387 | ---- | M] () (No name found) -- C:\Users\Betrayed\AppData\Roaming\mozilla\firefox\profiles\2cq6g9ts.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
[2013/10/05 09:38:45 | 000,002,599 | ---- | M] () -- C:\Users\Betrayed\AppData\Roaming\mozilla\firefox\profiles\2cq6g9ts.default\searchplugins\AOL Search.xml
[2014/12/06 16:43:05 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2014/06/26 18:37:34 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

========== Chrome ==========

CHR - default_search_provider: (Enabled)
CHR - default_search_provider: search_url =
CHR - default_search_provider: suggest_url =
CHR - plugin: Widevine Content Decryption Module (Enabled) = C:\Users\Betrayed\AppData\Local\Google\Chrome\User Data\WidevineCDM\1.4.1.377\_platform_specific\win_x86\widevinecdmadapter.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.71\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.71\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.71\pdf.dll
CHR - plugin: QuickTime Plug-in 7.7.4 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7.4 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7.4 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7.4 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7.4 (Enabled) = C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
CHR - plugin: AdobeAAMDetect (Enabled) = C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll
CHR - plugin: AdobeExManDetect (Enabled) = C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\npAdobeExManDetectX86.dll
CHR - plugin: IntelÃÂî Identity Protection Technology (Enabled) = C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll
CHR - plugin: IntelÃÂî Identity Protection Technology (Enabled) = C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll
CHR - plugin: Java Deployment Toolkit 7.0.450.18 (Enabled) = C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll
CHR - plugin: Java™ Platform SE 7 U45 (Enabled) = C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
CHR - plugin: WildTangent Games App V2 Presence Detector (Enabled) = C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\2\NP_wtapp.dll
CHR - plugin: Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Unity Player (Enabled) = C:\Users\Betrayed\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll
CHR - plugin: Facebook Video Calling Plugin (Enabled) = C:\Users\Betrayed\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll
CHR - plugin: Google Update (Enabled) = C:\Users\Betrayed\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll
CHR - plugin: npAPI Plugin (Enabled) = C:\Users\Betrayed\AppData\Local\TNT2\2.0.0.1534\npTNT2.dll
CHR - plugin: npAPI Ghost Plugin (Enabled) = C:\Users\Betrayed\AppData\Local\TNT2\2.0.0.1534\npTNT2ghost.dll
CHR - plugin: Google Talk Plugin (Enabled) = C:\Users\Betrayed\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll
CHR - plugin: Google Talk Plugin Video Accelerator (Enabled) = C:\Users\Betrayed\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll
CHR - plugin: Google Talk Plugin Video Renderer (Enabled) = C:\Users\Betrayed\AppData\Roaming\Mozilla\plugins\npo1d.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll
CHR - Extension: No name found = C:\Users\Betrayed\AppData\Local\Google\Chrome\User Data\Default\Extensions\bejnhdlplbjhffionohbdnpcbobfejcc\2013.4.13.7_0\
CHR - Extension: No name found = C:\Users\Betrayed\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn\0.1.1.5023_0\
CHR - Extension: No name found = C:\Users\Betrayed\AppData\Local\Google\Chrome\User Data\Default\Extensions\cbmbfafhdccfgdgnbkgogehiklmemkoh\4.7.7_0\
CHR - Extension: No name found = C:\Users\Betrayed\AppData\Local\Google\Chrome\User Data\Default\Extensions\cbmbfafhdccfgdgnbkgogehiklmemkoh\4.7.8_0\
CHR - Extension: No name found = C:\Users\Betrayed\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.6_0\
CHR - Extension: No name found = C:\Users\Betrayed\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb\1.8.8_0\
CHR - Extension: No name found = C:\Users\Betrayed\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmedhionkhpnakcndndgjdbohmhepckk\2.20_0\
CHR - Extension: No name found = C:\Users\Betrayed\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmedhionkhpnakcndndgjdbohmhepckk\2.23_0\
CHR - Extension: No name found = C:\Users\Betrayed\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo\3.8.52_0\
CHR - Extension: No name found = C:\Users\Betrayed\AppData\Local\Google\Chrome\User Data\Default\Extensions\gehbfoiecdniogejojbjnchahielljjl\1.0.0_0\
CHR - Extension: No name found = C:\Users\Betrayed\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.10.3_0\
CHR - Extension: No name found = C:\Users\Betrayed\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.14.4_0\
CHR - Extension: No name found = C:\Users\Betrayed\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkojfkhlekighikafcpjkiklfbnlmeio\1.5.610_0\
CHR - Extension: No name found = C:\Users\Betrayed\AppData\Local\Google\Chrome\User Data\Default\Extensions\hbdpomandigafcibbmofojjchbcdagbl\3.9.11_0\
CHR - Extension: No name found = C:\Users\Betrayed\AppData\Local\Google\Chrome\User Data\Default\Extensions\hbdpomandigafcibbmofojjchbcdagbl\3.9.480_0\
CHR - Extension: No name found = C:\Users\Betrayed\AppData\Local\Google\Chrome\User Data\Default\Extensions\hfmkllfplegemejikoabfpjdaoncphip\1.2_0\
CHR - Extension: No name found = C:\Users\Betrayed\AppData\Local\Google\Chrome\User Data\Default\Extensions\mbniclmhobmnbdlbpiphghaielnnpgdp\6.0.12_0\
CHR - Extension: No name found = C:\Users\Betrayed\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfhnkgpdlogbknkhlgdjlejeljbhflim\1.0.3_0\
CHR - Extension: No name found = C:\Users\Betrayed\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\

O1 HOSTS File: ([2014/06/16 18:38:24 | 000,000,768 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O2:64bit: - BHO: (CIESpeechBHO Class) - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\IEPlugIn.dll (Qualcomm Atheros Commnucations)
O2:64bit: - BHO: (no name) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - No CLSID value found.
O2 - BHO: (Microsoft Web Test Recorder 12.0 Helper) - {432dd630-7e03-4c97-9d62-b99f52df4fc2} - C:\Program Files (x86)\Microsoft Visual Studio 12.0\Common7\IDE\PrivateAssemblies\Microsoft.VisualStudio.QualityTools.RecorderBarBHO100.dll (Microsoft Corporation)
O2 - BHO: (Norton Identity Protection) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\20.5.0.28\coieplg.dll (Symantec Corporation)
O2 - BHO: (Norton Vulnerability Protection) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Internet Security\Engine\20.5.0.28\ips\ipsbho.dll (Symantec Corporation)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll (Oracle Corporation)
O3:64bit: - HKLM\..\Toolbar: (no name) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - No CLSID value found.
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\20.5.0.28\coieplg.dll (Symantec Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {61539ECD-CC67-4437-A03C-9AACCBD14326} - No CLSID value found.
O4:64bit: - HKLM..\Run: [AdobeAAMUpdater-1.0] C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe (Adobe Systems Incorporated)
O4:64bit: - HKLM..\Run: [ETDCtrl] C:\Program Files\Elantech\ETDCtrl.exe (ELAN Microelectronics Corp.)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\WINDOWS\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\WINDOWS\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [Persistence] C:\WINDOWS\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [ProxyCap] C:\PROGRA~1\PROXYL~1\ProxyCap\pcapui.exe File not found
O4 - HKLM..\Run: [Adobe Creative Cloud] C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [AdobeCS6ServiceManager] C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [BakupManagerTray] C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe (NTI Corporation)
O4 - HKLM..\Run: [BambooCore] C:\Program Files (x86)\Bamboo Dock\BambooCore.exe ()
O4 - HKLM..\Run: [BlueStacks Agent] C:\Program Files (x86)\BlueStacks\HD-Agent.exe (BlueStack Systems, Inc.)
O4 - HKCU..\Run: [AceStream] C:\Users\Betrayed\AppData\Roaming\ACEStream\engine\ace_engine.exe ()
O4 - HKCU..\Run: [BitTorrent] C:\Users\Betrayed\AppData\Roaming\BitTorrent\BitTorrent.exe (BitTorrent Inc.)
O4 - HKCU..\Run: [CCleaner Monitoring] C:\Program Files\CCleaner\CCleaner64.exe (Piriform Ltd)
O4 - HKCU..\Run: [Facebook Update] C:\Users\Betrayed\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)
O4 - HKCU..\Run: [Gyazo] C:\Program Files (x86)\Gyazo\GyStation.exe (Nota Inc.)
O4 - HKCU..\Run: [LightShot] C:\Users\Betrayed\AppData\Local\Skillbrains\lightshot\Lightshot.exe ()
O4 - HKCU..\Run: [MoodEditor.exe] C:\Program Files (x86)\Pamela RichMood Editor\MoodEditor.exe (Scendix Software-Vertriebsges. mbH)
O4 - HKCU..\Run: [Nonoh] "C:\Program Files (x86)\Nonoh.net\Nonoh\Nonoh.exe" -nosplash -minimized File not found
O4 - HKCU..\Run: [puush] C:\Program Files (x86)\puush\puush.exe File not found
O4 - HKCU..\Run: [SandboxieControl] C:\Program Files\Sandboxie\SbieCtrl.exe (Sandboxie Holdings, LLC)
O4 - HKCU..\Run: [Spotify Web Helper] C:\Users\Betrayed\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe (Spotify Ltd)
O4 - HKCU..\Run: [uTorrent] C:\Users\Betrayed\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc.)
O4 - Startup: C:\Users\Betrayed\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk = C:\Users\Betrayed\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
O4 - Startup: C:\Users\Betrayed\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Rainmeter.lnk = C:\Program Files\Rainmeter\Rainmeter.exe ()
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoRecentDocsNetHood = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoChangeStartMenu = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoControlPanel = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run: BtvStack = "C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe" (Qualcomm Atheros Commnucations)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableCAD = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: VerboseStatus = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableFirstLogonAnimation = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispCPL = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: SynchronousUserGroupPolicy = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisplayLastLogonInfo = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPath = 1
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Main present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoPreviewPane = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: StartMenuLogOff = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoClose = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoTrayContextMenu = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoSetTaskbar = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoViewContextMenu = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: TaskbarNoNotification = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoWinkeys = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoTrayItemsDisplay = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HideClock = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HideSCANetwork = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HideSCAVolume = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: NoDispAppearancePage = 0
O9:64bit: - Extra 'Tools' menuitem : Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\IEPlugIn.dll (Qualcomm Atheros Commnucations)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000001 [] - C:\Windows\SysNative\PrxerNsp.dll ()
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000008 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000001 [] - C:\Windows\SysWOW64\PrxerNsp.dll ()
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} http://dlm.tools.aka...vex-2.2.6.2.cab (DLM Control)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{8EBAA0E9-1424-4547-A686-721AD76AEF29}: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{A10F49CF-5495-47E9-9E07-DCA82E339E8D}: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{B07883F5-6B3E-43FB-BDEA-9F127BC712F2}: DhcpNameServer = 8.8.8.8
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{C3D6A323-A012-454B-AFC2-7EB4A3A29421}: DhcpNameServer = 10.211.254.254 8.8.8.8
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{DC8370D2-539D-4B98-B83B-F7C868E08073}: DhcpNameServer = 8.8.8.8
O18:64bit: - Protocol\Handler\dssrequest - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\sacore - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O18 - Protocol\Handler\dssrequest - No CLSID value found
O18 - Protocol\Handler\sacore - No CLSID value found
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\WINDOWS\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\WINDOWS\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O30 - LSA: Security Packages - (livessp) - File not found
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (ampa)
O34 - HKLM BootExecute: (NT_)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2014/12/06 16:52:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2014/12/06 16:52:09 | 000,098,216 | ---- | C] (Oracle Corporation) -- C:\WINDOWS\SysWow64\WindowsAccessBridge-32.dll
[2014/12/06 16:51:01 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
[2014/12/06 16:49:15 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Betrayed\Desktop\OTL.exe
[2014/12/06 16:48:44 | 000,000,000 | ---D | C] -- C:\742b1cc9c820255a6762987d98
[2014/12/04 17:47:00 | 000,106,976 | ---- | C] (Adobe Systems Incorporated) -- C:\WINDOWS\SysWow64\FlashPlayerCPLApp.cpl
[2014/12/04 17:46:59 | 000,714,208 | ---- | C] (Adobe Systems Incorporated) -- C:\WINDOWS\SysWow64\FlashPlayerApp.exe
[2014/12/04 00:08:06 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Comodo
[2014/12/03 20:30:03 | 016,874,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.UI.Xaml.dll
[2014/12/03 20:30:02 | 012,730,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.UI.Xaml.dll
[2014/12/03 20:29:58 | 002,389,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\d3d10warp.dll
[2014/12/03 20:29:54 | 002,145,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfcore.dll
[2014/12/03 20:29:54 | 002,141,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfcore.dll
[2014/12/03 20:29:52 | 001,600,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\workfolderssvc.dll
[2014/12/03 20:29:51 | 001,231,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Media.dll
[2014/12/03 20:29:50 | 000,889,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Media.dll
[2014/12/03 20:29:49 | 002,574,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WMVDECOD.DLL
[2014/12/03 20:29:49 | 000,707,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfplat.dll
[2014/12/03 20:29:48 | 002,050,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SRH.dll
[2014/12/03 20:29:48 | 001,182,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\printui.dll
[2014/12/03 20:29:48 | 000,882,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfplat.dll
[2014/12/03 20:29:47 | 002,410,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WMVDECOD.DLL
[2014/12/03 20:29:47 | 001,992,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\XpsPrint.dll
[2014/12/03 20:29:47 | 001,287,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mispace.dll
[2014/12/03 20:29:47 | 000,486,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\netcfgx.dll
[2014/12/03 20:29:46 | 001,057,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\printui.dll
[2014/12/03 20:29:46 | 001,029,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mispace.dll
[2014/12/03 20:29:46 | 000,770,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WorkfoldersControl.dll
[2014/12/03 20:29:46 | 000,544,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppxPackaging.dll
[2014/12/03 20:29:46 | 000,391,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\netcfgx.dll
[2014/12/03 20:29:45 | 001,741,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\SRH.dll
[2014/12/03 20:29:45 | 001,018,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\aclui.dll
[2014/12/03 20:29:45 | 000,412,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\spaceport.sys
[2014/12/03 20:29:45 | 000,371,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wlanmsm.dll
[2014/12/03 20:29:45 | 000,360,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfreadwrite.dll
[2014/12/03 20:29:44 | 000,889,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\aclui.dll
[2014/12/03 20:29:44 | 000,645,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SHCore.dll
[2014/12/03 20:29:44 | 000,474,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\AppxPackaging.dll
[2014/12/03 20:29:44 | 000,355,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfreadwrite.dll
[2014/12/03 20:29:43 | 000,439,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Devices.Bluetooth.dll
[2014/12/03 20:29:43 | 000,302,080 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wlanmsm.dll
[2014/12/03 20:29:42 | 002,397,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\storagewmi.dll
[2014/12/03 20:29:42 | 000,180,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mftranscode.dll
[2014/12/03 20:29:41 | 001,660,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winload.efi
[2014/12/03 20:29:41 | 000,621,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\comdlg32.dll
[2014/12/03 20:29:41 | 000,477,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\SHCore.dll
[2014/12/03 20:29:41 | 000,427,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\clusapi.dll
[2014/12/03 20:29:41 | 000,287,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\usbmon.dll
[2014/12/03 20:29:41 | 000,205,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mftranscode.dll
[2014/12/03 20:29:40 | 001,519,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winload.exe
[2014/12/03 20:29:40 | 000,487,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winspool.drv
[2014/12/03 20:29:40 | 000,268,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wisp.dll
[2014/12/03 20:29:39 | 001,488,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winresume.efi
[2014/12/03 20:29:39 | 001,463,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wsecedit.dll
[2014/12/03 20:29:39 | 001,356,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winresume.exe
[2014/12/03 20:29:38 | 000,313,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\clusapi.dll
[2014/12/03 20:29:38 | 000,160,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winmmbase.dll
[2014/12/03 20:29:38 | 000,127,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WiFiDisplay.dll
[2014/12/03 20:29:37 | 001,817,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Display.dll
[2014/12/03 20:29:37 | 001,404,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\storagewmi.dll
[2014/12/03 20:29:37 | 000,576,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SettingSync.dll
[2014/12/03 20:29:37 | 000,505,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\VAN.dll
[2014/12/03 20:29:37 | 000,356,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\conhost.exe
[2014/12/03 20:29:36 | 001,844,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Display.dll
[2014/12/03 20:29:36 | 000,834,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\osk.exe
[2014/12/03 20:29:36 | 000,211,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SndVol.exe
[2014/12/03 20:29:36 | 000,127,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\winmmbase.dll
[2014/12/03 20:29:36 | 000,117,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppxSip.dll
[2014/12/03 20:29:36 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WorkFoldersGPExt.dll
[2014/12/03 20:29:35 | 000,387,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\bcryptprimitives.dll
[2014/12/03 20:29:35 | 000,233,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfps.dll
[2014/12/03 20:29:35 | 000,230,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wlanapi.dll
[2014/12/03 20:29:35 | 000,210,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wisp.dll
[2014/12/03 20:29:34 | 000,721,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\twinapi.dll
[2014/12/03 20:29:34 | 000,595,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Networking.dll
[2014/12/03 20:29:34 | 000,335,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\bcryptprimitives.dll
[2014/12/03 20:29:34 | 000,126,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\NdisImPlatform.sys
[2014/12/03 20:29:34 | 000,125,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dwmapi.dll
[2014/12/03 20:29:34 | 000,123,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winmm.dll
[2014/12/03 20:29:34 | 000,095,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\AppxSip.dll
[2014/12/03 20:29:33 | 001,656,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\GdiPlus.dll
[2014/12/03 20:29:33 | 001,319,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wsecedit.dll
[2014/12/03 20:29:33 | 001,089,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\gpedit.dll
[2014/12/03 20:29:33 | 000,187,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WorkFoldersShell.dll
[2014/12/03 20:29:32 | 001,290,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\XpsPrint.dll
[2014/12/03 20:29:31 | 000,448,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\VAN.dll
[2014/12/03 20:29:31 | 000,180,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\SndVol.exe
[2014/12/03 20:29:30 | 000,321,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\stobject.dll
[2014/12/03 20:29:30 | 000,263,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SystemSettingsAdminFlows.exe
[2014/12/03 20:29:30 | 000,102,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wcmcsp.dll
[2014/12/03 20:29:30 | 000,053,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppxSysprep.dll
[2014/12/03 20:29:29 | 001,048,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\gpedit.dll
[2014/12/03 20:29:29 | 000,878,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ActionCenter.dll
[2014/12/03 20:29:29 | 000,432,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wwanconn.dll
[2014/12/03 20:29:29 | 000,092,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dab.dll
[2014/12/03 20:29:28 | 000,779,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\osk.exe
[2014/12/03 20:29:28 | 000,296,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wlanapi.dll
[2014/12/03 20:29:28 | 000,216,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rsaenh.dll
[2014/12/03 20:29:27 | 000,659,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Devices.Bluetooth.dll
[2014/12/03 20:29:27 | 000,557,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\PrintDialogs.dll
[2014/12/03 20:29:27 | 000,459,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\SettingSync.dll
[2014/12/03 20:29:27 | 000,432,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Networking.dll
[2014/12/03 20:29:27 | 000,018,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wlansvcpal.dll
[2014/12/03 20:29:26 | 000,832,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ActionCenter.dll
[2014/12/03 20:29:26 | 000,207,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\powercfg.cpl
[2014/12/03 20:29:26 | 000,183,808 | ---- | C] (Microsoft Corp.) -- C:\WINDOWS\SysNative\Defrag.exe
[2014/12/03 20:29:26 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\KBDRUM.DLL
[2014/12/03 20:29:26 | 000,008,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\KBDRUM.DLL
[2014/12/03 20:29:25 | 001,351,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\GdiPlus.dll
[2014/12/03 20:29:25 | 000,206,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\powercfg.cpl
[2014/12/03 20:29:25 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\KBDRU1.DLL
[2014/12/03 20:29:25 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\KBDBASH.DLL
[2014/12/03 20:29:25 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\KBDRU.DLL
[2014/12/03 20:29:24 | 000,105,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\BluetoothApis.dll
[2014/12/03 20:29:24 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\KBDYAK.DLL
[2014/12/03 20:29:24 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\KBDYAK.DLL
[2014/12/03 20:29:24 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\KBDRU1.DLL
[2014/12/03 20:29:24 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\KBDBASH.DLL
[2014/12/03 20:29:24 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\KBDRU.DLL
[2014/12/03 20:29:22 | 001,144,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wwanmm.dll
[2014/12/03 20:29:22 | 000,492,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\PrintDialogs.dll
[2014/12/03 20:29:22 | 000,226,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SndVolSSO.dll
[2014/12/03 20:29:22 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\KBDTAT.DLL
[2014/12/03 20:29:22 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\KBDTAT.DLL
[2014/12/03 20:29:21 | 002,100,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SystemSettingsAdminFlowUI.dll
[2014/12/03 20:29:21 | 000,443,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wlansec.dll
[2014/12/03 20:29:21 | 000,079,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\BluetoothApis.dll
[2014/12/03 20:29:20 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\KBDTT102.DLL
[2014/12/03 20:29:20 | 000,007,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\KBDTT102.DLL
[2014/12/03 20:20:59 | 000,590,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rastls.dll
[2014/12/03 20:20:59 | 000,514,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\rastls.dll
[2014/12/03 20:20:50 | 008,757,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.UI.Search.dll
[2014/12/03 20:20:49 | 006,649,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mstscax.dll
[2014/12/03 20:20:49 | 005,777,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mstscax.dll
[2014/12/03 20:20:49 | 004,758,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SyncEngine.dll
[2014/12/03 20:20:48 | 005,902,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.UI.Search.dll
[2014/12/03 20:20:48 | 001,112,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\KernelBase.dll
[2014/12/03 20:20:47 | 001,710,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ntdll.dll
[2014/12/03 20:20:47 | 001,507,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\propsys.dll
[2014/12/03 20:20:46 | 001,106,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SearchFolder.dll
[2014/12/03 20:20:45 | 000,359,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Wldap32.dll
[2014/12/03 20:20:42 | 000,287,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SystemEventsBrokerServer.dll
[2014/12/03 20:20:41 | 000,756,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WSShared.dll
[2014/12/03 20:20:40 | 000,920,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WSShared.dll
[2014/12/03 20:20:40 | 000,717,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SkyDriveTelemetry.dll
[2014/12/03 20:20:38 | 001,120,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SkyDrive.exe
[2014/12/03 20:20:38 | 000,468,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\USBHUB3.SYS
[2014/12/03 20:20:38 | 000,267,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\bisrv.dll
[2014/12/03 20:20:37 | 000,286,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\pcsvDevice.dll
[2014/12/03 20:20:36 | 001,057,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rdvidcrl.dll
[2014/12/03 20:20:36 | 000,855,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\rdvidcrl.dll
[2014/12/03 20:20:36 | 000,290,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ProximityService.dll
[2014/12/03 20:20:36 | 000,286,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SkyDriveShell.dll
[2014/12/03 20:20:36 | 000,265,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\SkyDriveShell.dll
[2014/12/03 20:20:36 | 000,118,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\httpprxm.dll
[2014/12/03 20:20:36 | 000,075,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\adhsvc.dll
[2014/12/03 20:20:35 | 000,249,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.ApplicationModel.Store.TestingFramework.dll
[2014/12/03 20:20:35 | 000,189,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.ApplicationModel.Store.TestingFramework.dll
[2014/12/03 19:57:26 | 004,443,312 | ---- | C] (Adobe Systems Incorporated) -- C:\WINDOWS\SysWow64\FlashPlayerInstaller.exe
[2014/12/01 15:51:16 | 000,045,112 | -H-- | C] (LogMeIn Inc.) -- C:\WINDOWS\SysNative\drivers\Hamdrv.sys
[2014/11/16 22:38:38 | 000,000,000 | -H-D | C] -- C:\_acestream_cache_
[2014/11/16 22:38:34 | 000,000,000 | ---D | C] -- C:\Users\Betrayed\AppData\Roaming\.ACEStream
[2014/11/16 22:38:20 | 000,000,000 | ---D | C] -- C:\Users\Betrayed\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ace Stream Media
[2014/11/16 22:37:30 | 000,000,000 | ---D | C] -- C:\Users\Betrayed\AppData\Roaming\ACEStream
[2014/11/15 23:54:10 | 007,484,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ntoskrnl.exe
[2014/11/15 23:54:04 | 002,714,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SettingsHandlers.dll
[2014/11/15 23:54:03 | 013,424,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\twinui.dll
[2014/11/15 23:54:01 | 001,053,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\localspl.dll
[2014/11/15 23:54:00 | 000,941,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MFMediaEngine.dll
[2014/11/15 23:54:00 | 000,836,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfmp4srcsnk.dll
[2014/11/15 23:53:59 | 000,921,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MrmCoreR.dll
[2014/11/15 23:53:58 | 011,820,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\twinui.dll
[2014/11/15 23:53:57 | 000,799,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MFMediaEngine.dll
[2014/11/15 23:53:57 | 000,670,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfmp4srcsnk.dll
[2014/11/15 23:53:56 | 000,626,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MrmCoreR.dll
[2014/11/15 23:53:56 | 000,474,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\netio.sys
[2014/11/15 23:53:54 | 000,822,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\win32spl.dll
[2014/11/15 23:53:54 | 000,448,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\puiobj.dll
[2014/11/15 23:53:52 | 000,334,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\puiobj.dll
[2014/11/15 23:53:52 | 000,263,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DafPrintProvider.dll
[2014/11/15 23:53:51 | 000,200,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\DafPrintProvider.dll
[2014/11/15 23:53:50 | 000,428,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\FWPKCLNT.SYS
[2014/11/15 23:53:48 | 000,195,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\prnntfy.dll
[2014/11/15 23:53:47 | 000,215,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\prnntfy.dll
[2014/11/15 23:53:47 | 000,187,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\puiapi.dll
[2014/11/15 23:53:47 | 000,162,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\puiapi.dll
[2014/11/15 23:53:46 | 000,545,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\untfs.dll
[2014/11/15 23:53:46 | 000,485,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\untfs.dll
[2014/11/15 23:53:45 | 000,615,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\FXSCOMEX.dll
[2014/11/15 23:53:44 | 000,308,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\compstui.dll
[2014/11/15 23:53:44 | 000,275,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\FXSAPI.dll
[2014/11/15 23:53:44 | 000,239,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\FXSAPI.dll
[2014/11/15 23:53:43 | 000,118,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winbici.dll
[2014/11/15 23:50:29 | 001,519,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\user32.dll
[2014/11/15 23:50:29 | 000,258,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\WdFilter.sys
[2014/11/15 23:50:29 | 000,114,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\WdNisDrv.sys
[2014/11/15 23:50:29 | 000,035,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\WdBoot.sys
[2014/11/15 23:50:29 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winshfhc.dll
[2014/11/15 23:50:29 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\winshfhc.dll
[2014/11/15 23:45:29 | 003,320,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msi.dll
[2014/11/15 23:45:29 | 002,773,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\authui.dll
[2014/11/15 23:45:29 | 002,459,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\authui.dll
[2014/11/15 23:45:21 | 000,428,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msihnd.dll
[2014/11/15 23:45:21 | 000,325,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msihnd.dll
[2014/11/15 23:45:21 | 000,116,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\consent.exe
[2014/11/15 23:44:54 | 000,185,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dpapisrv.dll
[2014/11/15 23:44:54 | 000,104,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ncryptsslp.dll
[2014/11/15 23:44:54 | 000,088,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ncryptsslp.dll
[2014/11/15 23:40:21 | 003,547,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rdpcorets.dll
[2014/11/15 23:40:20 | 001,441,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\lsasrv.dll
[2014/11/15 23:40:20 | 000,736,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\adtschema.dll
[2014/11/15 23:40:20 | 000,736,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\adtschema.dll
[2014/11/15 23:40:20 | 000,445,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\certcli.dll
[2014/11/15 23:40:20 | 000,324,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\certcli.dll
[2014/11/15 23:40:19 | 000,154,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msaudite.dll
[2014/11/15 23:40:19 | 000,154,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msaudite.dll
[2014/11/15 23:40:19 | 000,131,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rdpudd.dll
[2014/11/15 23:40:19 | 000,040,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rfxvmt.dll
[2014/11/15 23:40:19 | 000,027,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\rdpvideominiport.sys
[2014/11/15 23:38:28 | 000,789,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\oleaut32.dll
[2014/11/15 23:38:26 | 000,894,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wuapi.dll
[2014/11/15 23:38:26 | 000,723,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wuapi.dll
[2014/11/15 23:38:26 | 000,025,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wups.dll
[2014/11/15 23:38:25 | 001,714,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wucltux.dll
[2014/11/15 23:38:25 | 000,407,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WUSettingsProvider.dll
[2014/11/15 23:38:25 | 000,140,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wuwebv.dll
[2014/11/15 23:38:25 | 000,124,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wuwebv.dll
[2014/11/15 23:38:25 | 000,095,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wudriver.dll
[2014/11/15 23:38:25 | 000,081,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wudriver.dll
[2014/11/15 23:38:25 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wups.dll
[2014/11/15 23:38:25 | 000,055,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wuauclt.exe
[2014/11/15 23:38:25 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wups2.dll
[2014/11/15 23:38:25 | 000,035,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wuapp.exe
[2014/11/15 23:38:25 | 000,029,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wuapp.exe
[2014/11/15 23:38:25 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wuaext.dll
[2014/11/15 23:37:04 | 006,040,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\jscript9.dll
[2014/11/15 23:36:57 | 002,865,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\actxprxy.dll
[2014/11/15 23:36:57 | 000,814,080 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\jscript9diag.dll
[2014/11/15 23:36:57 | 000,812,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\jscript.dll
[2014/11/15 23:36:57 | 000,800,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msfeeds.dll
[2014/11/15 23:36:57 | 000,661,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\jscript.dll
[2014/11/15 23:36:57 | 000,633,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ieui.dll
[2014/11/15 23:36:56 | 002,124,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\inetcpl.cpl
[2014/11/15 23:36:56 | 002,051,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\inetcpl.cpl
[2014/11/15 23:36:56 | 000,799,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ieapfltr.dll
[2014/11/15 23:36:56 | 000,708,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ieapfltr.dll
[2014/11/15 23:36:56 | 000,620,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\jscript9diag.dll
[2014/11/15 23:36:56 | 000,580,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\vbscript.dll
[2014/11/15 23:36:56 | 000,490,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dxtmsft.dll
[2014/11/15 23:36:56 | 000,478,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ieui.dll
[2014/11/15 23:36:56 | 000,316,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dxtrans.dll
[2014/11/15 23:36:55 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ie4uinit.exe
[2014/11/15 23:36:55 | 000,417,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\html.iec
[2014/11/15 23:36:55 | 000,340,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\html.iec
[2014/11/15 23:36:55 | 000,237,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\url.dll
[2014/11/15 23:36:55 | 000,235,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\url.dll
[2014/11/15 23:36:55 | 000,199,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msrating.dll
[2014/11/15 23:36:55 | 000,168,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msrating.dll
[2014/11/15 23:36:55 | 000,167,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\iexpress.exe
[2014/11/15 23:36:55 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\occache.dll
[2014/11/15 23:36:55 | 000,152,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\iexpress.exe
[2014/11/15 23:36:55 | 000,145,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\iepeers.dll
[2014/11/15 23:36:55 | 000,144,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ieUnatt.exe
[2014/11/15 23:36:55 | 000,143,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wextract.exe
[2014/11/15 23:36:55 | 000,137,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wextract.exe
[2014/11/15 23:36:55 | 000,132,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\IEAdvpack.dll
[2014/11/15 23:36:55 | 000,130,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\occache.dll
[2014/11/15 23:36:55 | 000,128,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\iepeers.dll
[2014/11/15 23:36:55 | 000,115,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ieUnatt.exe
[2014/11/15 23:36:55 | 000,114,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ieetwcollector.exe
[2014/11/15 23:36:55 | 000,112,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\IEAdvpack.dll
[2014/11/15 23:36:55 | 000,111,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\iesysprep.dll
[2014/11/15 23:36:55 | 000,108,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\hlink.dll
[2014/11/15 23:36:55 | 000,107,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\inseng.dll
[2014/11/15 23:36:55 | 000,092,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mshtmled.dll
[2014/11/15 23:36:55 | 000,091,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\inseng.dll
[2014/11/15 23:36:55 | 000,090,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\iesysprep.dll
[2014/11/15 23:36:55 | 000,088,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MshtmlDac.dll
[2014/11/15 23:36:55 | 000,087,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\tdc.ocx
[2014/11/15 23:36:55 | 000,077,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\JavaScriptCollectionAgent.dll
[2014/11/15 23:36:55 | 000,076,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mshtmled.dll
[2014/11/15 23:36:55 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\tdc.ocx
[2014/11/15 23:36:55 | 000,066,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\iesetup.dll
[2014/11/15 23:36:55 | 000,064,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\pngfilt.dll
[2014/11/15 23:36:55 | 000,064,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MshtmlDac.dll
[2014/11/15 23:36:55 | 000,062,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\iesetup.dll
[2014/11/15 23:36:55 | 000,060,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\JavaScriptCollectionAgent.dll
[2014/11/15 23:36:55 | 000,057,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\pngfilt.dll
[2014/11/15 23:36:55 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\imgutil.dll
[2014/11/15 23:36:55 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ieetwproxystub.dll
[2014/11/15 23:36:55 | 000,047,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ieetwproxystub.dll
[2014/11/15 23:36:55 | 000,034,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\iernonce.dll
[2014/11/15 23:36:55 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\licmgr10.dll
[2014/11/15 23:36:55 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\iernonce.dll
[2014/11/15 23:36:55 | 000,027,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\licmgr10.dll
[2014/11/15 23:36:55 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mshta.exe
[2014/11/15 23:36:55 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msfeedssync.exe
[2014/11/15 23:36:55 | 000,011,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msfeedssync.exe
[2014/11/15 23:33:31 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\packager.dll
[2014/11/15 23:33:31 | 000,072,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\packager.dll
[2014/11/15 23:30:34 | 000,500,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AudioSes.dll
[2014/11/15 23:30:34 | 000,482,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AudioEng.dll
[2014/11/15 23:30:34 | 000,394,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AUDIOKSE.dll
[2014/11/15 23:30:34 | 000,344,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\AUDIOKSE.dll
[2014/11/15 23:30:34 | 000,272,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\audiodg.exe
[2014/11/15 23:30:34 | 000,226,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AudioEndpointBuilder.dll
[2014/11/15 23:30:34 | 000,108,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\EncDump.dll

========== Files - Modified Within 30 Days ==========

[2014/12/06 17:29:00 | 000,000,924 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2014/12/06 17:24:00 | 000,000,412 | ---- | M] () -- C:\WINDOWS\tasks\update-sys.job
[2014/12/06 16:57:00 | 000,000,830 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2014/12/06 16:50:32 | 000,098,216 | ---- | M] (Oracle Corporation) -- C:\WINDOWS\SysWow64\WindowsAccessBridge-32.dll
[2014/12/06 16:49:20 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Betrayed\Desktop\OTL.exe
[2014/12/06 16:44:37 | 000,000,020 | ---- | M] () -- C:\WINDOWS\7373F317-67C5-4211-8A4A-86AAC7E77C31.DSI
[2014/12/06 16:42:02 | 000,000,956 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-3815044672-3107833778-2507571291-1001UA.job
[2014/12/06 16:30:51 | 000,960,752 | ---- | M] () -- C:\WINDOWS\SysNative\PerfStringBackup.INI
[2014/12/06 16:30:51 | 000,803,092 | ---- | M] () -- C:\WINDOWS\SysNative\perfh009.dat
[2014/12/06 16:30:51 | 000,166,646 | ---- | M] () -- C:\WINDOWS\SysNative\perfc009.dat
[2014/12/06 16:24:07 | 000,000,920 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2014/12/06 16:23:35 | 000,119,296 | ---- | M] () -- C:\WINDOWS\SysWow64\zlib.dll
[2014/12/06 16:23:06 | 000,000,478 | -H-- | M] () -- C:\WINDOWS\tasks\SK.Enhancer-S-161304646.job
[2014/12/06 16:23:06 | 000,000,404 | -H-- | M] () -- C:\WINDOWS\tasks\MagniPicUpdaterTask{A41D3767-63DC-41A8-A0C1-2205A1A46D08}.job
[2014/12/06 16:22:01 | 268,435,456 | -HS- | M] () -- C:\swapfile.sys
[2014/12/06 16:21:53 | 704,032,767 | -HS- | M] () -- C:\hiberfil.sys
[2014/12/06 01:12:01 | 000,000,976 | ---- | M] () -- C:\WINDOWS\tasks\FacebookUpdateTaskUserS-1-5-21-3815044672-3107833778-2507571291-1001UA.job
[2014/12/05 23:58:00 | 000,000,418 | ---- | M] () -- C:\WINDOWS\tasks\update-S-1-5-21-3815044672-3107833778-2507571291-1001.job
[2014/12/05 22:44:10 | 005,331,728 | ---- | M] () -- C:\WINDOWS\SysNative\FNTCACHE.DAT
[2014/12/04 19:12:00 | 000,000,954 | ---- | M] () -- C:\WINDOWS\tasks\FacebookUpdateTaskUserS-1-5-21-3815044672-3107833778-2507571291-1001Core.job
[2014/12/04 16:54:16 | 000,000,838 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2014/12/04 16:47:08 | 000,001,846 | ---- | M] () -- C:\WINDOWS\Sandboxie.ini
[2014/12/04 00:08:14 | 000,057,096 | ---- | M] (COMODO CA Limited) -- C:\WINDOWS\SysNative\certsentry.dll
[2014/12/04 00:08:14 | 000,048,392 | ---- | M] (COMODO CA Limited) -- C:\WINDOWS\SysWow64\certsentry.dll
[2014/12/03 19:59:10 | 000,000,455 | ---- | M] () -- C:\Users\Betrayed\AppData\Local\UserProducts.xml
[2014/12/03 19:57:26 | 004,443,312 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\SysWow64\FlashPlayerInstaller.exe
[2014/12/01 15:51:16 | 000,045,112 | -H-- | M] (LogMeIn Inc.) -- C:\WINDOWS\SysNative\drivers\Hamdrv.sys
[2014/11/20 20:51:37 | 000,714,208 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\SysWow64\FlashPlayerApp.exe
[2014/11/20 20:51:37 | 000,106,976 | ---- | M] (Adobe Systems Incorporated) -- C:\WINDOWS\SysWow64\FlashPlayerCPLApp.cpl
[2014/11/15 22:18:16 | 000,001,074 | ---- | M] () -- C:\Users\Betrayed\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
[2014/11/15 22:17:43 | 000,000,898 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-3815044672-3107833778-2507571291-1001Core1d00121f6956c9c.job
[2014/11/15 22:17:37 | 000,000,898 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-3815044672-3107833778-2507571291-1001Core1cf8fc34a17564.job

========== Files Created - No Company Name ==========

[2014/12/06 16:44:37 | 000,000,020 | ---- | C] () -- C:\WINDOWS\7373F317-67C5-4211-8A4A-86AAC7E77C31.DSI
[2014/12/04 16:54:15 | 000,000,838 | ---- | C] () -- C:\Users\Public\Desktop\CCleaner.lnk
[2014/11/15 23:54:14 | 000,389,176 | ---- | C] () -- C:\WINDOWS\SysNative\ApnDatabase.xml
[2014/11/15 22:18:15 | 000,001,074 | ---- | C] () -- C:\Users\Betrayed\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
[2014/11/15 22:17:37 | 000,000,898 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-3815044672-3107833778-2507571291-1001Core1d00121f6956c9c.job
[2014/06/11 11:14:28 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2014/05/22 18:03:16 | 000,119,296 | ---- | C] () -- C:\WINDOWS\SysWow64\zlib.dll
[2014/05/22 18:03:16 | 000,057,344 | ---- | C] () -- C:\WINDOWS\SysWow64\ADsSecurity.dll
[2014/05/13 21:09:51 | 000,000,000 | -HS- | C] () -- C:\Users\Betrayed\AppData\Local\LumaEmu
[2014/05/04 14:46:04 | 000,000,854 | ---- | C] () -- C:\WINDOWS\ampa.ini
[2014/05/04 14:35:12 | 001,806,960 | ---- | C] () -- C:\WINDOWS\ampa.exe
[2014/05/04 14:35:12 | 000,017,008 | ---- | C] () -- C:\WINDOWS\SysWow64\ampa.sys
[2014/04/25 11:53:53 | 000,000,258 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2014/04/13 21:03:56 | 000,299,520 | ---- | C] () -- C:\WINDOWS\SysWow64\igdmd32.dll
[2014/04/13 21:03:53 | 000,182,272 | ---- | C] () -- C:\WINDOWS\SysWow64\igdde32.dll
[2014/04/13 21:03:53 | 000,142,848 | ---- | C] () -- C:\WINDOWS\SysWow64\igdail32.dll
[2014/04/10 19:03:35 | 000,002,255 | ---- | C] () -- C:\WINDOWS\SysWow64\WimBootCompress.ini
[2014/04/08 20:13:38 | 000,000,600 | ---- | C] () -- C:\Users\Betrayed\AppData\Roaming\winscp.rnd
[2014/04/08 19:27:45 | 000,000,600 | ---- | C] () -- C:\Users\Betrayed\AppData\Local\PUTTY.RND
[2014/04/08 18:29:29 | 000,056,424 | ---- | C] () -- C:\WINDOWS\SysWow64\PrxerNsp.dll
[2014/03/28 19:43:05 | 000,443,080 | ---- | C] () -- C:\WINDOWS\SysWow64\GSService.exe
[2014/03/18 16:44:53 | 000,103,936 | ---- | C] () -- C:\WINDOWS\SysWow64\OEMLicense.dll
[2014/02/16 16:26:27 | 000,000,115 | ---- | C] () -- C:\ProgramData\Microsoft.SqlServer.Compact.400.32.bc
[2014/02/15 14:33:13 | 000,001,846 | ---- | C] () -- C:\WINDOWS\Sandboxie.ini
[2014/02/13 18:43:31 | 000,000,132 | ---- | C] () -- C:\Users\Betrayed\AppData\Roaming\Adobe GIF Format CC Prefs
[2014/01/12 16:15:23 | 000,000,046 | ---- | C] () -- C:\WINDOWS\wininit.ini
[2014/01/11 11:24:50 | 000,000,017 | ---- | C] () -- C:\Users\Betrayed\AppData\Local\resmon.resmoncfg
[2013/12/31 18:21:26 | 000,000,258 | RHS- | C] () -- C:\Users\Betrayed\ntuser.pol
[2013/12/31 17:38:46 | 000,965,390 | ---- | C] () -- C:\WINDOWS\SysWow64\PerfStringBackup.INI
[2013/09/19 22:04:46 | 000,331,776 | ---- | C] ( ) -- C:\WINDOWS\SysWow64\sbcrreag.dll
[2013/08/22 15:36:43 | 000,215,943 | ---- | C] () -- C:\WINDOWS\SysWow64\dssec.dat
[2013/08/22 15:36:42 | 000,000,741 | ---- | C] () -- C:\WINDOWS\SysWow64\NOISE.DAT
[2013/08/22 14:46:23 | 000,067,584 | --S- | C] () -- C:\WINDOWS\bootstat2.dat
[2013/08/22 07:01:23 | 000,043,131 | ---- | C] () -- C:\WINDOWS\mib.bin
[2013/08/22 03:32:36 | 000,046,080 | ---- | C] () -- C:\WINDOWS\SysWow64\BWContextHandler.dll
[2013/08/21 23:55:20 | 000,364,544 | ---- | C] () -- C:\WINDOWS\SysWow64\msjetoledb40.dll
[2013/08/21 23:52:39 | 000,673,088 | ---- | C] () -- C:\WINDOWS\SysWow64\mlang.dat
[2013/08/15 21:19:23 | 000,167,245 | ---- | C] () -- C:\Users\Betrayed\AppData\Roaming\7223.png
[2013/08/15 21:19:18 | 000,167,245 | ---- | C] () -- C:\Users\Betrayed\AppData\Roaming\34865.png
[2013/08/15 21:16:55 | 001,002,383 | ---- | C] () -- C:\Users\Betrayed\AppData\Roaming\25929.png
[2013/08/15 21:16:39 | 001,002,164 | ---- | C] () -- C:\Users\Betrayed\AppData\Roaming\31317.png
[2013/08/02 22:02:42 | 000,000,132 | ---- | C] () -- C:\Users\Betrayed\AppData\Roaming\Adobe IllExport Filter CC Prefs
[2013/08/01 19:53:25 | 000,000,132 | ---- | C] () -- C:\Users\Betrayed\AppData\Roaming\Adobe PNG Format CC Prefs
[2013/06/01 08:07:43 | 000,052,167 | ---- | C] () -- C:\WINDOWS\RFC4DPluginUninstall.exe
[2013/05/12 13:18:28 | 000,452,096 | ---- | C] () -- C:\WINDOWS\SysWow64\nmap.exe
[2013/05/12 13:18:28 | 000,290,816 | ---- | C] () -- C:\WINDOWS\SysWow64\nmapserv.exe
[2013/05/11 13:27:51 | 000,001,456 | ---- | C] () -- C:\Users\Betrayed\AppData\Local\Adobe Save for Web 13.0 Prefs
[2013/04/04 19:55:45 | 000,000,455 | ---- | C] () -- C:\Users\Betrayed\AppData\Local\UserProducts.xml
[2013/04/03 19:16:53 | 001,693,925 | ---- | C] () -- C:\Users\Betrayed\AppData\Roaming\14565.png
[2013/04/03 19:10:50 | 001,711,085 | ---- | C] () -- C:\Users\Betrayed\AppData\Roaming\32736.png
[2013/03/21 16:45:08 | 000,003,584 | ---- | C] () -- C:\Users\Betrayed\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2013/03/20 15:55:39 | 000,000,132 | ---- | C] () -- C:\Users\Betrayed\AppData\Roaming\Adobe IllExport Filter CS6 Prefs
[2013/03/03 19:34:27 | 000,000,132 | ---- | C] () -- C:\Users\Betrayed\AppData\Roaming\Adobe PNG Format CS6 Prefs
[2013/03/01 01:47:36 | 000,053,299 | ---- | C] () -- C:\WINDOWS\SysWow64\pthreadVC.dll
[2013/02/15 11:43:12 | 000,024,576 | ---- | C] () -- C:\WINDOWS\SysWow64\hdsuinst.exe
[2013/02/15 11:43:11 | 000,164,864 | ---- | C] () -- C:\WINDOWS\SysWow64\UNWISE.EXE
[2012/08/27 04:28:06 | 000,000,000 | -H-- | C] () -- C:\ProgramData\DP45977C.lfl

========== ZeroAccess Check ==========

[2013/12/31 21:26:04 | 000,000,227 | RHS- | M] () -- C:\WINDOWS\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2014/08/31 00:15:33 | 021,197,152 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2014/08/30 22:59:13 | 018,723,112 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2013/08/22 09:49:49 | 000,921,088 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2013/08/22 02:45:10 | 000,691,712 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2013/08/22 09:45:17 | 000,483,840 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== Alternate Data Streams ==========

@Alternate Data Stream - 199 bytes -> C:\Users\Betrayed\SkyDrive:ms-properties
@Alternate Data Stream - 128 bytes -> C:\WINDOWS\SysWow64\zlib.dll: SummaryInformation
@Alternate Data Stream - 128 bytes -> C:\WINDOWS\SysWow64\zlib.dll: DocumentSummaryInformation
@Alternate Data Stream - 12 bytes -> C:\Windows:{DA6227CB-326B-4B4D-9A81-04B61F1538DD}

< End of report >


OTL Extras logfile created on: 06/12/2014 17:33:22 - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Betrayed\Desktop
64bit- An unknown product (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.17416)
Locale: 00000809 | Country: United Kingdom | Language: ENG | Date Format: dd/MM/yyyy

5.82 Gb Total Physical Memory | 3.71 Gb Available Physical Memory | 63.77% Memory free
6.76 Gb Paging File | 4.45 Gb Available in Paging File | 65.89% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 465.34 Gb Total Space | 262.66 Gb Free Space | 56.45% Space Free | Partition Type: NTFS

Computer Name: BETRAYED | User Name: Betrayed | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\WINDOWS\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\WINDOWS\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)

[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\OpenWith.exe "%1" (Microsoft Corporation)
Directory [Bridge] -- C:\Program Files (x86)\Adobe\Adobe Bridge CS6\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\OpenWith.exe "%1" (Microsoft Corporation)
Directory [Bridge] -- C:\Program Files (x86)\Adobe\Adobe Bridge CS6\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = AC 1C AE C5 46 9F CE 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Upgrade]
"UpgradeTime" = [binary data]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"UpdatesDisableNotify" = 0
"NoControlPanel" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Upgrade]
"UpgradeTime" = Reg Error: Unknown registry data type -- File not found

========== System Restore Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows NT\SystemRestore]
"DisableConfig" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows NT\SystemRestore]
"DisableConfig" = 0

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 1
"DisableNotifications" = 0

========== Authorized Applications List ==========


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0205B1DA-0F8E-4100-BDB4-6EE58E2475AC}" = lport=6915 | protocol=6 | dir=in | app=c:\program files (x86)\microsoft visual studio 11.0\common7\ide\devenv.exe |
"{15FD816F-4770-40D0-9AA8-6AA536EB24A6}" = lport=6918 | protocol=6 | dir=in | app=c:\program files (x86)\microsoft visual studio 12.0\common7\ide\devenv.exe |
"{3C17B618-93B6-4126-9CA0-3275031B3657}" = lport=6916 | protocol=6 | dir=in | app=c:\program files (x86)\microsoft visual studio 12.0\common7\ide\devenv.exe |
"{45410156-7F66-43D2-8C46-1812E81B26A4}" = lport=6919 | protocol=6 | dir=in | app=c:\program files (x86)\microsoft visual studio 11.0\common7\ide\devenv.exe |
"{4EEE0CD9-2F17-4C28-B60C-468201BD75A4}" = lport=6918 | protocol=6 | dir=in | app=c:\program files (x86)\microsoft visual studio 11.0\common7\ide\devenv.exe |
"{50C54FEE-3226-494C-94A0-09AF72260F86}" = lport=6920 | protocol=6 | dir=in | app=c:\program files (x86)\microsoft visual studio 12.0\common7\ide\devenv.exe |
"{654F56F1-760D-44AD-8024-46001C916A57}" = lport=5353 | protocol=17 | dir=in | app=c:\program files (x86)\google\chrome\application\chrome.exe |
"{6A3CAF69-79C4-419B-9186-F9A9FCECD995}" = lport=6919 | protocol=6 | dir=in | app=c:\program files (x86)\microsoft visual studio 12.0\common7\ide\devenv.exe |
"{7564C433-B8F7-4270-B873-BED23894D204}" = lport=6915 | protocol=6 | dir=in | app=c:\program files (x86)\microsoft visual studio 12.0\common7\ide\devenv.exe |
"{75CD1590-97EA-49A2-9D42-4520EF1A2059}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{7D9C4B07-8EBC-4223-A807-BB2E6C8C317F}" = lport=3702 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft visual studio 12.0\common7\ide\devenv.exe |
"{84F32052-65AF-495B-A3A2-ACA360B0BFF6}" = lport=6917 | protocol=6 | dir=in | app=c:\program files (x86)\microsoft visual studio 12.0\common7\ide\devenv.exe |
"{A46DA700-1363-4F6F-B289-854881975D93}" = lport=8317 | protocol=6 | dir=in | name=techsmith camtasia studio |
"{AB63F6B9-A846-4A73-9982-54E2465184E8}" = rport=51678 | protocol=6 | dir=out | name=mullvadmaster |
"{D04742C1-5B36-4B05-9C46-E1E092D73A95}" = lport=6920 | protocol=6 | dir=in | app=c:\program files (x86)\microsoft visual studio 11.0\common7\ide\devenv.exe |
"{E26C2B83-5D74-4D5E-9F63-CDC9D1E852C8}" = lport=3702 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft visual studio 11.0\common7\ide\wdexpress.exe |
"{E7B01C15-447F-4680-BBD8-B00F3D29C5E1}" = lport=6916 | protocol=6 | dir=in | app=c:\program files (x86)\microsoft visual studio 11.0\common7\ide\devenv.exe |
"{EC635584-6ED4-43DA-966F-1BD0551C50B2}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |
"{F9F7E08D-3AC0-481B-AD79-65792F7F2CC8}" = lport=6917 | protocol=6 | dir=in | app=c:\program files (x86)\microsoft visual studio 11.0\common7\ide\devenv.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{009C1A55-7FEB-4DD6-AF5B-99CCDD239883}" = dir=out | name=the treasures of montezuma 3 |
"{0178514C-7581-4E43-A458-151585D4A641}" = dir=in | name=microsoft minesweeper |
"{059A11C3-7DD6-48E9-9D32-7AA4AE081E36}" = dir=out | name=acer explorer |
"{06FE2F4F-52C8-424E-8C4C-429530A0932F}" = dir=out | name=@{microsoft.bingweather_3.0.4.249_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingweather/resources/brandedapptitle} |
"{08292C48-DBE0-427D-8BB3-FCD247F21509}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\clear.fi media\dmcdaemon.exe |
"{0C6C4AA4-8B5F-4646-9E4D-52EBE1E8DB5D}" = protocol=6 | dir=in | app=c:\users\Betrayed\appdata\roaming\bittorrent\bittorrent.exe |
"{0CF58353-C2CD-45C8-A694-7BE846BADB86}" = protocol=17 | dir=in | app=c:\program files (x86)\spotify\data\spotifywebhelper.exe |
"{0DCC3736-C4EB-405F-B879-94D326D31F56}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"{144D910D-CD6A-4E53-BA32-FAA6C62BA522}" = dir=out | name=@{microsoft.bingfoodanddrink_3.0.4.212_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingfoodanddrink/resources/apptitlewithbranding} |
"{17DCCA78-2DC7-4855-9328-91E62F31B382}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dead island epidemic\dead island epidemic - launcher.exe |
"{1E563D34-6AE4-4D19-933F-4FE7F56AFE54}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\clear.fi photo\dmcdaemon.exe |
"{1F56E802-A8E9-4D93-9AE6-4C2AFEAE68B4}" = protocol=6 | dir=out | app=c:\program files (x86)\bluetooth suite\bttray.exe |
"{2100D100-D6CB-4E00-8CA9-46358DE7116A}" = dir=in | app=c:\users\Betrayed\appdata\local\torch\plugins\torrent\torchtorrent.exe |
"{210FFEE5-B135-404B-A94A-DB0D075C8A29}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{221C7687-FFDE-4D37-A196-0CE030BCF166}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{251817CF-2095-48A8-8F06-94E7ADB7C161}" = protocol=1 | dir=in | name=mullvadicmp11 |
"{25327B1A-3B9F-45E3-AFA3-D06941754773}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\garrysmod\hl2.exe |
"{273CCCEA-5370-4B45-ADB7-C4EE589C6A5D}" = protocol=6 | dir=in | app=c:\program files (x86)\spotify\data\spotifywebhelper.exe |
"{27D6E5A3-5268-4BC6-B9C3-F98E52D9B244}" = protocol=6 | dir=in | app=c:\users\Betrayed\appdata\roaming\utorrent\utorrent.exe |
"{27E9B3F7-14BB-4B06-85BF-E28ED67223A9}" = dir=out | name=@{microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
"{2AA2F322-06BA-4DBC-A243-5FEDD6F64470}" = dir=out | name=taptiles |
"{2BFB2279-D1AB-4AE7-97B5-536A5AA6400B}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\clear.fi media\windowsupnpmv.exe |
"{2DA674E7-9DFD-429D-9F20-90359824D202}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |
"{2DD24E5B-C690-4E27-8E0C-A2AFB6BAC586}" = protocol=17 | dir=out | name=mullvadopenvpn |
"{30320C68-E67A-480E-A48B-684519629437}" = dir=in | app=c:\program files (x86)\vmware\vmware player\vmware-authd.exe |
"{312D7FFF-1E7F-43DB-8D16-8B8B7E1EADD0}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\clear.fi photo\dmcdaemon.exe |
"{32F7EB09-6E35-4B0E-8084-1CEE6C810D89}" = dir=out | name=@{microsoft.zunemusic_1.1.139.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunemusic/resources/33273} |
"{343CF99B-EC48-47AE-A51B-359DAF041019}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
"{34BCACDB-F983-429B-BA4F-01C8D34ADEE2}" = dir=in | name=taptiles |
"{357EE8B2-E9E0-4DDA-BBDE-28BD5B84B00F}" = dir=out | name=@{microsoft.bingnews_3.0.4.213_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingnews/resources/brandedapptitle} |
"{364497C7-708B-4214-9B86-F8C6385B9684}" = protocol=17 | dir=in | app=c:\users\Betrayed\downloads\crossfire_downloader.exe |
"{370DE5DE-449B-4466-B226-BDF9A1615B0A}" = dir=out | name=@{microsoft.bingtravel_3.0.4.212_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingtravel/resources/brandedapptitle} |
"{3801F185-FBEB-48E1-A0A6-06BCA76FE80A}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version9\teamviewer_service.exe |
"{3A7905FF-766B-40A2-85F9-C8C5D74F0298}" = dir=in | name=@{microsoft.reader_6.2.9200.20523_x64__8wekyb3d8bbwe?ms-resource://microsoft.reader/resources/shortdisplayname} |
"{3C442D18-1F29-427B-9CB3-22E7BAB76E96}" = protocol=17 | dir=in | app=c:\users\Betrayed\appdata\local\ilivid\ilivid.exe |
"{3F44B990-9E55-4905-AC25-52B4BCEA2611}" = dir=out | name=@{microsoft.reader_6.2.9200.20523_x64__8wekyb3d8bbwe?ms-resource://microsoft.reader/resources/shortdisplayname} |
"{41B2D3B0-70EB-4CCC-8C72-C30AFD1A3A83}" = dir=in | app=c:\users\Betrayed\appdata\local\microsoft\skydrive\skydrive.exe |
"{4282FE99-8560-4BC7-9576-5F3ED84E263F}" = dir=in | name=checkpoint.vpn |
"{4310DAE2-8DA6-4F40-B98F-8655984BB752}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\counter-strike source\hl2.exe |
"{45B20D78-75AB-4890-9B80-10398DDBB0F5}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\dead island epidemic\dead island epidemic - launcher.exe |
"{487703F8-7139-4C51-9805-DD663BF610F9}" = dir=out | name=@{microsoft.zunevideo_2.6.408.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunevideo/resources/ids_manifest_video_app_name} |
"{498DA65C-3688-48C9-93F0-E8ACAB16FB84}" = dir=in | name=check point vpn |
"{49C640AC-D4E1-496C-8A98-6FB7A5D755E8}" = dir=in | name=acer explorer |
"{4B400D4D-F923-4B8E-B9CF-822766E6AA53}" = dir=out | name=@{microsoft.binghealthandfitness_3.0.4.240_x64__8wekyb3d8bbwe?ms-resource://microsoft.binghealthandfitness/resources/apptitle} |
"{4CBAF837-4D5C-421D-BD8D-1C4BC8F3963A}" = protocol=6 | dir=in | app=c:\program files (x86)\spotify\spotify.exe |
"{5037252E-DC27-4E96-BC2E-5254EB621CF3}" = dir=out | name=windows_ie_ac_001 |
"{539E1B79-29CD-4377-B1B4-A9C366F2B1A2}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\acer cloud\ccd.exe |
"{548DCF8C-BFF2-4BA4-AA88-FBAF9AC8BCC6}" = dir=in | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} |
"{560448D6-095C-4907-B046-AC7F710701A7}" = dir=in | name=sonicwall.mobileconnect |
"{5A1208A3-94FD-4967-B3EF-34FC001459DF}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{5C523787-5B0A-4BE3-B4FA-E7BC0658C424}" = dir=out | name=sonicwall mobile connect |
"{5CA051DD-978A-4F63-8765-F5F68C701827}" = dir=out | name=ebay |
"{5EB03FDD-8289-477E-86AE-5B00B4A07569}" = protocol=6 | dir=in | app=c:\users\Betrayed\appdata\local\ilivid\ilivid.exe |
"{5EF68C24-F2DB-4ECE-914A-C9CFF2F5AECA}" = dir=out | name=icookbook se |
"{5F4632C0-D5B1-40C3-B0D9-E3A759C81B9E}" = dir=out | name=sonicwall.mobileconnect |
"{60BBBF5E-F09A-4D65-9677-43739365C2B9}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\7 days to die\7daystodie.exe |
"{622F4DB4-5E05-43D2-ABE5-65ECD06C2ECB}" = protocol=6 | dir=in | app=c:\users\Betrayed\appdata\roaming\dropbox\bin\dropbox.exe |
"{69AAA68F-0059-40F2-A7BE-C2152D5CDE69}" = dir=in | app=c:\program files (x86)\vmware\vmware player\vmware-authd.exe |
"{6AB982BB-97AC-4814-BBBB-963FE9C82AD6}" = dir=out | name=shark dash |
"{6B0A6D33-10C1-4E41-A63F-377301DCD03B}" = protocol=17 | dir=in | app=c:\program files (x86)\popcorn time\popcorntimedesktop.exe |
"{6D252092-57AF-443C-A554-D7A6DA1EEC33}" = protocol=17 | dir=in | app=c:\users\Betrayed\appdata\roaming\utorrent\utorrent.exe |
"{6E54747F-8DE8-4A2D-B63E-6F3D17B3EE3D}" = protocol=17 | dir=in | app=c:\users\Betrayed\appdata\roaming\utorrent\utorrent.exe |
"{71464DE0-1535-4003-A38D-D623B1213E55}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |
"{74B75B7F-E75F-48B7-AA3E-5D76438F54FE}" = protocol=17 | dir=in | app=c:\users\Betrayed\appdata\roaming\bittorrent\bittorrent.exe |
"{75A7F388-40CA-468A-BA7D-D5ECA21A7435}" = protocol=6 | dir=in | app=c:\program files (x86)\bluetooth suite\btvstack.exe |
"{7ADE2662-4A84-40FC-847D-B26863DB173D}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version9\teamviewer.exe |
"{7CF0A4CF-AB72-4C2F-AEC1-A5B44542CA60}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |
"{7D0EF553-C251-4C8D-BFCA-8D9EFF33BFA7}" = dir=out | name=social jogger |
"{8014E31E-7A6C-4AFD-8464-72BE05C71689}" = dir=out | name=3d logo quiz |
"{808F1451-4108-46FD-ADBB-F17324B5F0BD}" = dir=out | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} |
"{8189F225-40BF-4858-B621-51A2412C5A2D}" = protocol=6 | dir=in | app=c:\program files (x86)\bluetooth suite\bttray.exe |
"{82AC6978-070F-4D66-9E69-C049DC0D06D6}" = dir=in | name=juniper networks junos pulse |
"{848425CA-0CDD-424E-B651-70C4C2FF8F48}" = dir=in | name=f5 vpn |
"{863630FD-79AB-4CD0-8C99-53C687C0FAB4}" = dir=out | name=@{microsoft.bingsports_3.0.4.244_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingsports/resources/brandedapptitle} |
"{88372ABE-6677-4EFF-AF18-08B0C9AA84B8}" = protocol=17 | dir=in | app=c:\users\Betrayed\appdata\roaming\dropbox\bin\dropbox.exe |
"{8988CDE8-3353-41CE-84D3-A38498165BE2}" = dir=out | name=check point vpn |
"{8FF8C5BA-97E4-4677-B17D-076CDD5AC29C}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\clear.fi photo\windowsupnp.exe |
"{8FFB2406-6913-49F4-8951-A5A24D42F53F}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\clear.fi photo\windowsupnp.exe |
"{92D4EB48-EF5E-4121-81FD-8F4290040FF0}" = dir=in | app=c:\program files (x86)\nti\acer backup manager\ischedulesvc.exe |
"{994D5AD5-22B2-49AA-A2E2-FBFFAF74DD58}" = dir=out | name=@{microsoft.bingsports_1.7.0.26_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingsports/resources/bingsports} |
"{9B54AAD7-5EC9-4428-A223-BFE6D153DCFC}" = dir=out | name=chacha |
"{9B76B6FD-D533-442B-9D9D-BC7495F20E80}" = dir=in | name=newsxpresso |
"{9E3D57FC-7C37-4424-9352-4831E97D029D}" = dir=out | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} |
"{9EC18037-37C1-4491-8785-7BF0316DC3D5}" = dir=out | name=@{microsoft.bingweather_1.7.0.26_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingweather/resources/apptitle} |
"{9FED5255-1E6B-4CCF-810D-0362C5755C5B}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\7 days to die\7daystodie.exe |
"{A05E3FB2-5FD6-4CEA-B53A-B312735D3582}" = dir=out | name=newsxpresso |
"{A30285B3-11EF-4805-B2FB-FC750B1E36D6}" = dir=out | name=@{microsoft.bingtravel_1.7.0.26_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingtravel/resources/apptitle} |
"{A5D2F082-8791-4D1B-9C45-77619C4F1BC9}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\clear.fi media\dmcdaemon.exe |
"{A5F6F076-BA33-42DE-BD7E-2F255F5DCDD5}" = dir=out | name=cut the rope |
"{A6B5C25D-E02B-4A64-A4C3-2622F4ABBF51}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\garrysmod\hl2.exe |
"{A7431070-0C6B-4630-9685-EAABAA769DBF}" = dir=out | name=acer crystal eye |
"{AB28D6C8-AA94-46F4-8F24-384A601CAF6E}" = dir=out | name=f5 vpn |
"{ABBAB893-689A-4F4F-A443-718B9CC47019}" = dir=out | name=netflix |
"{AF3DF519-0CE8-488C-972A-00E14C261D3E}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steamapps\common\payday 2\payday2_win32_release.exe |
"{B07C86A6-9805-4A17-AAE4-5F1EEFEBAF55}" = dir=in | app=c:\users\Betrayed\appdata\local\gcc\controller.exe |
"{B0E6D1C8-C903-4C23-AFCB-035E7641405F}" = protocol=6 | dir=in | app=c:\users\Betrayed\appdata\roaming\utorrent\utorrent.exe |
"{B1CF3669-1F72-466E-BCF2-11FC4883E371}" = dir=out | name=windows_ie_ac_001 |
"{B64A50E2-C6A9-4C91-BDFA-2D7A6144DA0B}" = dir=out | name=@{browserchoice_6.2.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://browserchoice/resources/displayname} |
"{C0CA5A1C-AC8A-48E9-841B-E468513D7A12}" = dir=in | app=c:\users\Betrayed\appdata\local\facebook\video\skype\facebookvideocalling.exe |
"{C22E7C7A-7041-44C9-A2D1-EEB3AE616480}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{C493EAE8-ACF7-4D44-AF9D-38E92861C275}" = dir=in | app=c:\program files (x86)\nti\acer backup manager\backupmanager.exe |
"{C6CEDF69-363D-4338-ACDA-A21A35A68457}" = dir=in | name=@{microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowscommunicationsapps/resources/communicationspackagename} |
"{C9DDBE54-484C-4D59-B668-2C6042DD85B8}" = dir=out | name=@{microsoft.zunemusic_2.6.476.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunemusic/resources/ids_manifest_music_app_name} |
"{C9FBD01F-FBAA-4AE2-A7BD-711420B139A3}" = dir=out | name=kindle |
"{CC7E67FF-6355-4025-83B0-2804D7C01FD1}" = dir=out | name=@{microsoft.bingnews_1.7.0.27_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingnews/resources/news} |
"{D072D69F-BB06-41C6-8939-C75C07F915E7}" = dir=in | app=c:\program files (x86)\nti\acer backup manager\fileexplorer.exe |
"{D0B61C36-C605-4367-9F2C-5A6010874BE6}" = dir=out | name=@{microsoft.windowsreadinglist_6.3.9654.20540_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsreadinglist/resources/apppackagename} |
"{D10FEC10-176C-45E6-B4BB-115EE3F21DEE}" = dir=out | name=skype |
"{D1B6ABB2-2A18-4A59-9EDD-384F0EC71C0C}" = protocol=6 | dir=in | app=c:\program files (x86)\teamviewer\version9\teamviewer_service.exe |
"{D3C613AB-81BE-444C-BAE9-367913295D4B}" = dir=out | name=microsoft minesweeper |
"{D3D4652D-3298-4729-A966-A1078FE9B945}" = dir=out | name=@{microsoft.xboxlivegames_1.1.134.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.xboxlivegames/resources/34150} |
"{D47D9165-2C87-47B6-A68E-406A5A4BBF9D}" = dir=out | name=@{microsoft.xboxlivegames_2.0.139.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.xboxlivegames/resources/34150} |
"{D4F25BE3-CBD1-4600-B8EA-E29B95957DD8}" = dir=out | name=windows_ie_ac_001 |
"{D6980480-941A-4DF6-AB81-3734ECD3D779}" = dir=out | name=junipernetworks.junospulsevpn |
"{D6BE1B1B-C392-40FD-948F-704DE9E78EE6}" = protocol=17 | dir=in | app=c:\program files (x86)\teamviewer\version9\teamviewer.exe |
"{DB59588E-ED90-4C47-A7B5-7929DD0C0BD2}" = dir=out | name=checkpoint.vpn |
"{DD9C43D4-B771-47F8-8E50-409B1ED108AE}" = dir=out | name=@{microsoft.zunevideo_1.1.134.0_x64__8wekyb3d8bbwe?ms-resource://microsoft.zunevideo/resources/33270} |
"{DDA37D8B-7C11-4555-B45D-9DDAD315AA9B}" = dir=in | name=skype |
"{DFB60CB5-E474-4906-AFC5-0DA262E1EEEB}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\counter-strike source\hl2.exe |
"{DFCA144E-40AC-44BA-9962-656E08CD5D6A}" = dir=out | name=@{microsoft.bingmaps_1.5.1.240_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingmaps/resources/appdisplayname} |
"{DFD17912-5BA8-4270-9F65-E36D48FE0191}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{E1494BE4-3BEE-4AC9-A6AE-7EFC698EAF84}" = dir=in | name=sonicwall mobile connect |
"{E162716D-AE47-4837-84D3-C4287E11F2EF}" = protocol=6 | dir=in | app=c:\program files (x86)\acer\acer cloud\ccd.exe |
"{E3385CF2-751A-42EA-BA08-54492FC38AA7}" = protocol=17 | dir=in | app=c:\program files (x86)\steam\steamapps\common\payday 2\payday2_win32_release.exe |
"{E3E7C534-BD0E-478D-AB20-F783EAED8157}" = dir=out | name=fresh paint |
"{E5DFF80C-868A-48BF-8FCB-116614C1FE56}" = protocol=6 | dir=in | app=c:\program files (x86)\popcorn time\popcorntimedesktop.exe |
"{E6DD7189-5A50-46AF-AEB2-3E13C33D6D16}" = dir=out | name=@{microsoft.bingfinance_3.0.4.212_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingfinance/resources/brandedapptitle} |
"{E78AC134-733A-4CA6-8F21-354E21E28DC8}" = protocol=6 | dir=in | app=c:\program files (x86)\popcorn time\popcorntimeupdater.exe |
"{E7985E1D-C36F-4787-80A8-6350D07E9266}" = dir=in | name=@{c:\windows\winstore\resources.pri?ms-resource://winstore/resources/displayname} |
"{EBE073F0-1383-480D-8EAB-DE176A44BF9D}" = protocol=6 | dir=in | app=c:\program files (x86)\steam\steam.exe |
"{EC799E33-72BA-42D7-9127-DEFE68F9799D}" = dir=in | name=junipernetworks.junospulsevpn |
"{EEDB1CE0-6612-4656-BBF1-C166B91CF36F}" = protocol=17 | dir=in | app=c:\program files (x86)\acer\clear.fi media\windowsupnpmv.exe |
"{F290BE1E-9321-4E4A-8C54-D9ECC5702867}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{F2969D37-96D3-4110-9553-655F617E325D}" = dir=out | name=@{microsoft.bingfinance_1.7.0.26_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingfinance/resources/apptitle} |
"{F2ABFFA1-2910-48FB-9ACB-6C0DC0B8AF09}" = dir=in | app=c:\program files (x86)\acer\clear.fi sdk21\video\videoplayer.exe |
"{F3379F12-C578-453B-B4D3-DFEF58836601}" = protocol=17 | dir=in | app=c:\program files (x86)\spotify\spotify.exe |
"{F45EF812-29C0-43A9-AAF6-A8FC8557DF53}" = protocol=6 | dir=in | app=c:\users\Betrayed\downloads\crossfire_downloader.exe |
"{F46E5185-F908-4BF7-B7BC-AFB9240B5F84}" = dir=in | name=@{microsoft.windowsreadinglist_6.3.9654.20540_x64__8wekyb3d8bbwe?ms-resource://microsoft.windowsreadinglist/resources/apppackagename} |
"{F540E0CF-A003-4963-878F-815A986FC7CF}" = protocol=6 | dir=out | app=c:\program files (x86)\bluetooth suite\win7ui.exe |
"{F64300AD-D559-4000-BD45-0997BCC8E70A}" = dir=out | name=f5.vpn.client |
"{F77E5446-4378-4E99-8B7A-7061AAAEA193}" = dir=in | name=f5.vpn.client |
"{FA894DC9-7889-47AC-B978-88723DA8AB22}" = dir=in | name=@{browserchoice_6.2.0.0_neutral_neutral_cw5n1h2txyewy?ms-resource://browserchoice/resources/displayname} |
"{FD014EA2-C9B5-4EFD-B5AB-CA891863CC08}" = dir=out | name=stumbleupon |
"{FDDF7201-2362-4A2F-86BF-294ABF40075F}" = dir=out | name=juniper networks junos pulse |
"{FF50CCCB-597C-4526-B2DD-5EADC245BCA1}" = protocol=17 | dir=in | app=c:\program files (x86)\popcorn time\popcorntimeupdater.exe |
"{FFB07587-B908-44FE-BE46-783A6B4F8F6C}" = dir=out | name=@{microsoft.bingmaps_2.1.3230.2048_x64__8wekyb3d8bbwe?ms-resource://microsoft.bingmaps/resources/appdisplayname} |
"TCP Query User{05097CFB-8D21-4046-B199-733294A51C96}C:\users\Betrayed\desktop\dc\dark-comet v5.3\dark-comet v5.3\darkcomet.exe" = protocol=6 | dir=in | app=c:\users\Betrayed\desktop\dc\dark-comet v5.3\dark-comet v5.3\darkcomet.exe |
"TCP Query User{21535104-675E-49E1-9AAF-143291F831E9}C:\users\Betrayed\desktop\utox.exe" = protocol=6 | dir=in | app=c:\users\Betrayed\desktop\utox.exe |
"TCP Query User{2549FCB5-4C4C-41FA-8AA7-5A127A59FE1A}C:\users\Betrayed\appdata\local\popcorn time\node-webkit\popcorn time.exe" = protocol=6 | dir=in | app=c:\users\Betrayed\appdata\local\popcorn time\node-webkit\popcorn time.exe |
"TCP Query User{332E461E-71C5-430C-97EF-AD942EAC34B8}C:\users\Betrayed\desktop\dark-comet v5.3\dark-comet v5.3\darkcomet.exe" = protocol=6 | dir=in | app=c:\users\Betrayed\desktop\dark-comet v5.3\dark-comet v5.3\darkcomet.exe |
"TCP Query User{3FC60272-266E-4FFE-8520-5CEAF0A2918C}C:\users\Betrayed\desktop\all folders\omni coin\omnicoin-qt.exe" = protocol=6 | dir=in | app=c:\users\Betrayed\desktop\all folders\omni coin\omnicoin-qt.exe |
"TCP Query User{41A923B1-2B19-4FC9-BEB0-F94BD45CB81D}C:\users\Betrayed\desktop\omni coin\omnicoin-qt.exe" = protocol=6 | dir=in | app=c:\users\Betrayed\desktop\omni coin\omnicoin-qt.exe |
"TCP Query User{43CBCEFC-1F42-4C57-A327-F15DC2493E1F}C:\users\Betrayed\appdata\local\temp\rar$exa0.187\utox.exe" = protocol=6 | dir=in | app=c:\users\Betrayed\appdata\local\temp\rar$exa0.187\utox.exe |
"TCP Query User{4CD11008-F756-4B84-B690-8B4C744466B4}C:\users\Betrayed\appdata\roaming\spotify\spotify.exe" = protocol=6 | dir=in | app=c:\users\Betrayed\appdata\roaming\spotify\spotify.exe |
"TCP Query User{5F780BA3-2DA2-4C48-B67F-DF581BD96B11}C:\users\Betrayed\desktop\dayz for locos standalone, thanks to www.dayzmp.tk\dayz_v44.exe" = protocol=6 | dir=in | app=c:\users\Betrayed\desktop\dayz for locos standalone, thanks to www.dayzmp.tk\dayz_v44.exe |
"TCP Query User{5F836F9E-E2AF-40CC-BD4C-BF8E218E53E0}C:\program files\adobe\adobe after effects cs6\support files\afterfx.exe" = protocol=6 | dir=in | app=c:\program files\adobe\adobe after effects cs6\support files\afterfx.exe |
"TCP Query User{9F49B3B0-99AA-499A-BCB8-A834FC4C66D7}C:\users\Betrayed\appdata\local\temp\rar$exa0.783\windows\omnicoin-qt.exe" = protocol=6 | dir=in | app=c:\users\Betrayed\appdata\local\temp\rar$exa0.783\windows\omnicoin-qt.exe |
"TCP Query User{A282BC37-AD4C-4F68-98DB-2FB018B974E4}C:\program files (x86)\net tools\ircserver.exe" = protocol=6 | dir=in | app=c:\program files (x86)\net tools\ircserver.exe |
"TCP Query User{B0482716-1801-4E1E-8271-D4474C90D517}C:\users\Betrayed\desktop\windows\omnicoin-qt.exe" = protocol=6 | dir=in | app=c:\users\Betrayed\desktop\windows\omnicoin-qt.exe |
"TCP Query User{B4584578-BDF1-4B97-9537-8E2F05B5324E}C:\program files\strogino cs portal\garrys mod\hl2.exe" = protocol=6 | dir=in | app=c:\program files\strogino cs portal\garrys mod\hl2.exe |
"TCP Query User{BE563696-FA0D-42A0-BCBF-B7EABC5E4922}C:\users\Betrayed\desktop\rat\dc\dark-comet v5.3\dark-comet v5.3\darkcomet.exe" = protocol=6 | dir=in | app=c:\users\Betrayed\desktop\rat\dc\dark-comet v5.3\dark-comet v5.3\darkcomet.exe |
"TCP Query User{C2305E32-DA90-4BDE-AF4F-49CD56CC4A18}C:\users\Betrayed\appdata\roaming\phrozensoft\dclegacyviewer\dcviewer.exe" = protocol=6 | dir=in | app=c:\users\Betrayed\appdata\roaming\phrozensoft\dclegacyviewer\dcviewer.exe |
"TCP Query User{CCAC513A-370F-4BDE-9C8B-4D31E9BCBE26}C:\users\Betrayed\appdata\roaming\acestream\engine\ace_engine.exe" = protocol=6 | dir=in | app=c:\users\Betrayed\appdata\roaming\acestream\engine\ace_engine.exe |
"TCP Query User{D052A8D7-901F-496A-BFC8-D29B05DD3336}C:\users\Betrayed\desktop\imminent monitor\imminent monitor.exe" = protocol=6 | dir=in | app=c:\users\Betrayed\desktop\imminent monitor\imminent monitor.exe |
"TCP Query User{D34A285D-0E7E-4923-855B-6F102CFDEE09}C:\program files (x86)\nonoh.net\nonoh\nonoh.exe" = protocol=6 | dir=in | app=c:\program files (x86)\nonoh.net\nonoh\nonoh.exe |
"TCP Query User{D673F005-74A0-4FAA-A75C-99F95EE63C0C}C:\program files (x86)\cain\cain.exe" = protocol=6 | dir=in | app=c:\program files (x86)\cain\cain.exe |
"TCP Query User{DC957AE1-4CA2-4014-AE09-DC1903270B4B}C:\program files (x86)\bitcoin\bitcoin-qt.exe" = protocol=6 | dir=in | app=c:\program files (x86)\bitcoin\bitcoin-qt.exe |
"TCP Query User{FE8FE554-5ECF-40F1-8FE1-E30DCC87B171}C:\program files\java\jre7\bin\javaw.exe" = protocol=6 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe |
"UDP Query User{088FBD31-6A18-4812-BB8A-F3AC31EA03A2}C:\users\Betrayed\desktop\windows\omnicoin-qt.exe" = protocol=17 | dir=in | app=c:\users\Betrayed\desktop\windows\omnicoin-qt.exe |
"UDP Query User{12756602-F7AE-4AE6-9C46-3E1928BD35C4}C:\users\Betrayed\desktop\utox.exe" = protocol=17 | dir=in | app=c:\users\Betrayed\desktop\utox.exe |
"UDP Query User{1560299A-D5E8-4986-8F09-329F3E915C1B}C:\program files (x86)\net tools\ircserver.exe" = protocol=17 | dir=in | app=c:\program files (x86)\net tools\ircserver.exe |
"UDP Query User{1F801798-EE85-426A-BF08-6FCB2049641D}C:\users\Betrayed\desktop\rat\dc\dark-comet v5.3\dark-comet v5.3\darkcomet.exe" = protocol=17 | dir=in | app=c:\users\Betrayed\desktop\rat\dc\dark-comet v5.3\dark-comet v5.3\darkcomet.exe |
"UDP Query User{2C9377FA-22BA-4EE1-9BC1-B3D0E5BD7CAF}C:\users\Betrayed\desktop\all folders\omni coin\omnicoin-qt.exe" = protocol=17 | dir=in | app=c:\users\Betrayed\desktop\all folders\omni coin\omnicoin-qt.exe |
"UDP Query User{3522489D-2C2F-4E09-95F6-3E3EEBFCFB58}C:\users\Betrayed\desktop\dark-comet v5.3\dark-comet v5.3\darkcomet.exe" = protocol=17 | dir=in | app=c:\users\Betrayed\desktop\dark-comet v5.3\dark-comet v5.3\darkcomet.exe |
"UDP Query User{493F720C-6AE0-43CD-828F-62F59FC3CB1A}C:\program files\strogino cs portal\garrys mod\hl2.exe" = protocol=17 | dir=in | app=c:\program files\strogino cs portal\garrys mod\hl2.exe |
"UDP Query User{54102D76-F74A-49DF-979F-C376CCF2369F}C:\users\Betrayed\desktop\omni coin\omnicoin-qt.exe" = protocol=17 | dir=in | app=c:\users\Betrayed\desktop\omni coin\omnicoin-qt.exe |
"UDP Query User{58A38F5B-8D92-4059-ADAA-499EC88FE234}C:\program files\java\jre7\bin\javaw.exe" = protocol=17 | dir=in | app=c:\program files\java\jre7\bin\javaw.exe |
"UDP Query User{5C0C975B-EE3A-4520-8A25-68454447E61E}C:\users\Betrayed\appdata\roaming\spotify\spotify.exe" = protocol=17 | dir=in | app=c:\users\Betrayed\appdata\roaming\spotify\spotify.exe |
"UDP Query User{60D31BD8-967D-49F2-B0A4-DA50F1FA0A18}C:\users\Betrayed\appdata\roaming\phrozensoft\dclegacyviewer\dcviewer.exe" = protocol=17 | dir=in | app=c:\users\Betrayed\appdata\roaming\phrozensoft\dclegacyviewer\dcviewer.exe |
"UDP Query User{758FF590-7BE1-4508-A2D6-0D9AC3906D33}C:\program files (x86)\cain\cain.exe" = protocol=17 | dir=in | app=c:\program files (x86)\cain\cain.exe |
"UDP Query User{7E91D029-80D9-4EE3-8CE4-1E382491FD55}C:\users\Betrayed\appdata\local\temp\rar$exa0.783\windows\omnicoin-qt.exe" = protocol=17 | dir=in | app=c:\users\Betrayed\appdata\local\temp\rar$exa0.783\windows\omnicoin-qt.exe |
"UDP Query User{830FABBD-B0CB-42C2-A29A-73B90353C1F4}C:\users\Betrayed\desktop\dayz for locos standalone, thanks to www.dayzmp.tk\dayz_v44.exe" = protocol=17 | dir=in | app=c:\users\Betrayed\desktop\dayz for locos standalone, thanks to www.dayzmp.tk\dayz_v44.exe |
"UDP Query User{872FD011-4DB4-4F3B-8BD7-5F0883F5B964}C:\program files\adobe\adobe after effects cs6\support files\afterfx.exe" = protocol=17 | dir=in | app=c:\program files\adobe\adobe after effects cs6\support files\afterfx.exe |
"UDP Query User{8A4CD02D-5772-4EEC-BB1A-0AAD20F328CE}C:\users\Betrayed\appdata\local\popcorn time\node-webkit\popcorn time.exe" = protocol=17 | dir=in | app=c:\users\Betrayed\appdata\local\popcorn time\node-webkit\popcorn time.exe |
"UDP Query User{91280725-C40F-400A-8EEC-C8AA3FCD59D4}C:\users\Betrayed\appdata\roaming\acestream\engine\ace_engine.exe" = protocol=17 | dir=in | app=c:\users\Betrayed\appdata\roaming\acestream\engine\ace_engine.exe |
"UDP Query User{BA40C4FD-6A6B-4B6F-95E9-1FC773D7C461}C:\users\Betrayed\desktop\dc\dark-comet v5.3\dark-comet v5.3\darkcomet.exe" = protocol=17 | dir=in | app=c:\users\Betrayed\desktop\dc\dark-comet v5.3\dark-comet v5.3\darkcomet.exe |
"UDP Query User{BCE20CB8-67B8-4E47-991B-73DD625E7BA4}C:\users\Betrayed\desktop\imminent monitor\imminent monitor.exe" = protocol=17 | dir=in | app=c:\users\Betrayed\desktop\imminent monitor\imminent monitor.exe |
"UDP Query User{C5594D45-3188-42D9-920D-241C40D15753}C:\program files (x86)\nonoh.net\nonoh\nonoh.exe" = protocol=17 | dir=in | app=c:\program files (x86)\nonoh.net\nonoh\nonoh.exe |
"UDP Query User{C9505846-AF47-4567-9319-3FDDA039B0F5}C:\program files (x86)\bitcoin\bitcoin-qt.exe" = protocol=17 | dir=in | app=c:\program files (x86)\bitcoin\bitcoin-qt.exe |
"UDP Query User{F720FAEB-A870-464E-8639-2256A480A39A}C:\users\Betrayed\appdata\local\temp\rar$exa0.187\utox.exe" = protocol=17 | dir=in | app=c:\users\Betrayed\appdata\local\temp\rar$exa0.187\utox.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{05FF8209-C4F1-4C77-BC28-791653156D20}" = Microsoft System CLR Types for SQL Server 2012 (x64)
"{07F2005A-8CAC-4A4B-83A2-DA98A722CA61}" = Acer Recovery Management
"{0B6BDD27-3097-4FE1-BDE6-1D5EC7399563}" = Visual Studio 2013 Prerequisites
"{16222DF7-8513-491E-91F0-F489AB2D3CB0}" = Visual Studio 2013 Prerequisites - ENU Language Pack
"{1D2CEC61-C3F0-C27E-7280-F9D6B10378BE}" = Windows App Certification Kit Native Components
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{1E4064EE-26B4-341E-9208-72859FCDE1DA}" = Microsoft Visual Studio Team Foundation Server 2013 Storyboarding (x64)
"{230C9C86-26A9-437F-8152-34D5F4C3F680}" = Oracle VM VirtualBox 4.2.18
"{249340F6-5A97-4AE9-B530-AC67F37BBFB9}" = Microsoft Visual Studio 2013 Diagnostic Tools - amd64
"{27EF252D-800C-ED42-9904-459FE0046225}" = Windows Software Development Kit for Windows Store Apps DirectX x64 Remote
"{2EF5D87E-B7BD-458F-8428-E4D0B8B4E65C}" = Apple Mobile Device Support
"{30B7A7A6-D519-3332-BEB3-D105EFC7389A}" = Microsoft Visual Studio 2012 Express Prerequisites x64 - ENU
"{3674F088-9B90-473A-AAC3-20A00D8D810C}" = Microsoft Web Deploy 3.5
"{37B8F9C7-03FB-3253-8781-2517C99D7C00}" = Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030
"{394DC793-F994-3A80-8703-20CBBDD8AD2A}" = Microsoft Team Foundation Server 2013 Update 2 Object Model Language Pack (x64) - ENU
"{3F62D2FD-13C1-49A2-8B5D-47623D9460D7}" = Acer Device Fast-lane
"{43A5C316-9521-49C3-B9B6-FCE5E1005DF0}" = Microsoft SQL Server 2012 Management Objects (x64)
"{43C879A8-3D28-31EF-80CE-191403D0FB04}" = Microsoft Team Foundation Server 2013 Update 2 Object Model (x64)
"{440D2EAD-2871-40FD-A04F-C5DE4AE17EFC}" = Microsoft Visual Studio 2013 IntelliTrace (x64)
"{4701DEDE-1888-49E0-BAE5-857875924CA2}" = Microsoft SQL Server System CLR Types (x64)
"{49055838-1EF5-40BB-89B6-8E3456B3E817}" = Microsoft Visual Studio 2013 Performance Collection Tools - ENU
"{4926C378-8A39-4273-AF6F-726F899F9F74}" = Build Tools - amd64
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{4D2F05BB-228E-4081-B94C-50AD015EE462}" = Magic Bullet Suite 64-bit
"{5247E16E-BCF8-95AB-1653-B3F8FBF8B3F1}" = Windows Software Development Kit DirectX x64 Remote
"{54C5041B-0E91-4E92-8417-AAA12493C790}" = Microsoft SQL Server 2012 Transact-SQL ScriptDom
"{58FED865-4F13-408D-A5BF-996019C4B936}" = Microsoft SQL Server 2012 Command Line Utilities
"{5CBE79CC-5F78-4AC2-AEB0-62F939D869CC}" = Windows Phone 8.1 SDK - x64
"{5DF74EA2-A660-446F-93B3-B19823435C30}" = Build Tools Language Resources - amd64
"{5FB4C443-6BD6-1514-2717-3827D65AE6FB}" = Windows Software Development Kit DirectX x64 Remote
"{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
"{6C026A91-640F-4A23-8B68-05D589CC6F18}" = Microsoft SQL Server 2012 Express LocalDB
"{6D7131D1-87E5-4677-BD6A-08DCF2529076}" = Microsoft Visual Studio 2013 Performance Collection Tools
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{73468C65-BC53-4D88-9246-75A5BB014DA2}" = JavaScript Tooling
"{78909610-D229-459C-A936-25D92283D3FD}" = Microsoft SQL Server Compact 4.0 SP1 x64 ENU
"{7BF61FA9-BDFB-4563-98AD-FCB0DA28CCC7}" = IIS 8.0 Express
"{7E708ADE-6575-11E2-8713-F04DA23A5C58}" = MSVCRT Redists
"{8220EEFE-38CD-377E-8595-13398D740ACE}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
"{8877CE8C-7F87-4962-8BCF-DFAA2980D2CE}" = Microsoft Visual Studio 2012 IntelliTrace Core amd64
"{89A14F99-C744-3C77-BD46-D6841CEE0D7F}" = Microsoft Office 2013 Developer Tools for Microsoft Visual Studio (x64)
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{90140000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2010
"{90140000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2010
"{90140000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010
"{91F52DE4-B789-42B0-9311-A349F10E5479}" = Acer Power Management
"{929FBD26-9020-399B-9A7A-751D61F0B942}" = Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005
"{9495AEB4-AB97-39DE-8C42-806EEF75ECA7}" = Microsoft Visual Studio 2010 Tools for Office Runtime (x64)
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{95150002-1163-0409-1000-0000000FF1CE}" = SharePoint Client Components
"{95160001-1163-0409-1000-0000000FF1CE}" = SharePoint Client Components
"{95176218-0F93-3376-912E-B82DACCEA01B}" = Microsoft Visual C++ 2013 x64 Designtime - 12.0.21005
"{96F4525A-470D-F15C-796E-58D9988C3E5F}" = Windows Software Development Kit for Windows Store Apps DirectX x64 Remote
"{993F6DDC-63F8-4BCD-9B28-D941971A9CAC}" = Windows XP Targeting with C++
"{9f4f4a9b-eec5-4906-92fe-d1f43ccf5c8d}.sdb" = IIS Express Application Compatibility Database for x64
"{A528BDDE-9C9F-11E2-9F0C-F04DA23A5C58}" = MSVCRT Redists
"{A5ABAF5F-B5B6-44B3-B69F-2E13DC60FC9F}" = Workflow Manager Client 1.0
"{A5FF48A6-9056-3C1B-99C4-804BACB34F9D}" = Microsoft Visual Studio Team Foundation Server 2012 Object Model Language Pack - ENU
"{A6BA243E-85A3-4635-A269-32949C98AC7F}" = Microsoft SQL Server 2012 Data-Tier App Framework (x64)
"{A749D8E6-B613-3BE3-8F5F-045C84EBA29B}" = Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005
"{A79F6653-6AF1-4AF2-BC15-F5D6C05E1E6A}" = Workflow Manager Tools 1.0 for Visual Studio
"{A84A4FB1-D703-48DB-89E0-68B6499D2801}" = Qualcomm Atheros Bluetooth Suite (64)
"{AAFF73AD-3432-3575-ABD1-14E48EF2F4CB}" = Microsoft Visual C++ 2012 x64 Debug Runtime - 11.0.60610
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{BEB0F91E-F2EA-48A1-B938-7857ABF2A93D}" = Microsoft SQL Server 2012 Transact-SQL Compiler Service
"{C596D608-3E74-3232-8CA5-DF1DCB9F10DE}" = Microsoft Visual C++ 2013 x64 Debug Runtime - 12.0.21005
"{C8F834F5-46EA-4933-8AA9-F6CD7D29EED0}_is1" = Garrys Mod version 13.07.05
"{C95DA72B-814E-3A55-BA6C-DF0202CAB9F0}" = Microsoft Visual Studio Team Foundation Server 2013 Storyboarding Language Pack (x64) - ENU
"{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}" = Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030
"{D32367AC-8FCA-4DE8-A2C6-037AE14B4001}" = Acer Instant Update Service
"{D411E9C9-CE62-4DBF-9D92-4CB22B750ED5}" = Microsoft SQL Server 2012 Native Client
"{D601CEAD-2E4F-4BBB-85CC-C29A4CE6A3C0}" = iTunes
"{E2B8249D-895C-4685-8C83-00F3B1A13028}" = Microsoft Web Platform Installer 4.0
"{E452E727-86B8-4233-8CC3-41FD817AFAFF}" = VMware Player
"{E9FA781F-3E80-4399-825A-AD3E11C28C77}" = MSVCRT110_amd64
"{EAFB2AD8-D92B-464C-8D97-B9CB94703C4A}" = iCloud
"{EE45F85E-ED91-11E2-9CD7-F04DA23A5C58}" = Vegas Pro 12.0 (64-bit)
"{EF79C448-6946-4D71-8134-03407888C054}" = Shared C Run-time for x64
"{F0A7DF2F-0BE0-470F-B137-D7A19F977189}" = Broadcom Card Reader Driver Installer
"{F17662A3-4569-4A61-ABD4-E51B632D3C4D}" = Microsoft Visual Studio 2013 VsGraphics Helper Dependencies
"{F17E4000-ED91-11E2-B3BD-F04DA23A5C58}" = MSVCRT Redists
"{F39EDD91-931F-340B-8431-082959811D31}" = Microsoft Office 2013 Developer Tools for Microsoft Visual Studio (x64) - ENU Language Pack
"{F4404AFD-2EF3-40C1-8C09-29E5F3B6972B}" = Intel® Trusted Connect Service Client
"{F778BE47-F12E-36E1-8D6F-BD2FEF779F22}" = Microsoft Visual Studio Team Foundation Server 2012 Object Model
"{F99F24BF-0B90-463E-9658-3FD2EFC3C992}" = Microsoft Identity Extensions
"{fdfba1f3-74ae-4255-9c10-a0f552b4610f}.sdb" = IIS Express Application Compatibility Database for x86
"CCleaner" = CCleaner
"Elantech" = ETDWare PS/2-X64 11.6.11.002_WHQL
"MAXONFB05E576" = CINEMA 4D 13.061
"Microsoft Visual Studio 2010 Tools for Office Runtime (x64)" = Microsoft Visual Studio 2010 Tools for Office Runtime (x64)
"OpenVPN" = OpenVPN 2.3.4-I002
"Pen Tablet Driver" = Bamboo
"Sandboxie" = Sandboxie 4.08 (64-bit)
"TAP-Windows" = TAP-Windows 9.9.2
"Virtual Audio Cable 4.12" = Virtual Audio Cable 4.12
"Wacom WebTabletPlugin for Internet Explorer and Netscape" = WebTablet FB Plugin 64 bit
"WinRAR archiver" = WinRAR 4.20 (64-bit)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{001DA4EE-2078-4B45-A80E-B4B2B019B909}" = Microsoft Report Viewer Add-On for Visual Studio 2013
"{02F850ED-FD0E-4ED1-BE0B-54981f5BD3D4}_is1" = AOMEI Partition Assistant Standard Edition 5.5
"{0398BFBC-991B-3275-9463-D2BF91B3C80B}" = Microsoft Help Viewer 2.1
"{0413566B-380F-3960-8F6A-8E8487DE31A3}" = Microsoft Portable Library Multi-Targeting Pack Language Pack - ptb
"{0454BB9A-2A7A-4214-BDFF-937F7A711A44}" = Windows Live Communications Platform
"{047DE480-49E4-3AB9-903A-1238B36F114C}" = Microsoft Portable Library Multi-Targeting Pack Language Pack - fra
"{04DD7AF4-A6D3-4E30-9BB9-3B3670719234}" = Microsoft SQL Server 2012 T-SQL Language Service
"{05E1731A-5DD6-314E-889F-265C006C8EF9}" = Microsoft Visual C++ 2012 Microsoft Foundation Class Libraries
"{0610DFB0-CCEA-6EC0-E3C3-A0160AD7FD98}" = Windows Runtime Intellisense Content - en-us
"{06EEE072-B561-38E5-85D9-485ABCBE8342}" = Visual F# 3.1 SDK
"{070C38AC-05CE-43DF-9A20-141332F6AB2B}" = Microsoft System CLR Types for SQL Server 2012
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{09412B73-6159-40D6-B0B9-C11B30A7531E}" = Microsoft Visual Studio 2012 Preparation
"{0A5B39D2-7ED6-4779-BCC9-37F381139DB3}" = Adobe AIR
"{0B698858-DAB0-4F9E-A10A-125B274EDA06}" = Microsoft Visual C++ x64 Libraries
"{0B6F9FD2-E845-4938-B6EA-F643413F5BBF}" = Microsoft Visual C++ 2012 x86-x64 Compilers
"{0C03A66F-1FF0-45F9-8D67-0D806EBFFBA1}" = Blend for Visual Studio SDK for Silverlight 5
"{0C5C1177-94C5-3EFB-A8BE-3F6AF1AF887F}" = Google Talk Plugin
"{0D7FCBFB-F478-4D32-901C-83F0BF5A3501}" = Microsoft SQL Server Data Tools - enu (12.0.30919.1)
"{0DCE54A9-7256-4132-9D4E-1A64AE35E9B1}_is1" = Xpadder version 5.7
"{11EF223E-CCCB-4BCC-918D-EA4E59FD05EF}" = UltraCompare
"{135183CE-73D6-499D-B7F7-42A05AB63C0C}" = Microsoft Report Viewer Add-On für Visual Studio 2013
"{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}" = Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005
"{1690CE56-2231-4E59-9006-A0876D949EA8}" = Tools for .Net 3.5
"{18164F64-DC06-4578-9160-A5A95F87D3FF}" = Windows Phone 8.1 Tools for Visual Studio 2013
"{189AEA94-DAFB-487A-8CEE-F9D3DDE0A748}" = Microsoft Silverlight 4 SDK
"{19A5926D-66E1-46FC-854D-163AA10A52D3}" = Microsoft .NET Framework 4.5.1 SDK
"{1B5ABBBD-3808-403D-A224-F1ACB0A00EB1}" = Complemento do Microsoft Report Viewer para Visual Studio 2013
"{1B876496-B3A2-4D22-9B12-B608A3FD4B8B}" = Microsoft SQL Server 2012 Data-Tier App Framework
"{1B9BBB23-65CB-3AEE-BFC6-633E7CA299FD}" = Microsoft Visual Studio Team Foundation Server 2012 Team Explorer Language Pack - ENU
"{1BE2AFE6-209E-3862-AE45-DA9D3D21BD65}" = Microsoft Visual Studio Express 2012 for Windows Desktop
"{1C997E1C-5CE9-4AF3-AAA9-DC65E6090827}" = Microsoft Expression Blend SDK for Silverlight 4
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{1FBAE18D-4DE4-47AA-83EC-D1B046F262DC}" = PDF Settings CC
"{201B7C7E-6545-4D34-B8F7-FB2ECAE0597F}" = Microsoft ASP.NET and Web Tools 2013.2 - Visual Studio 2013
"{205A8E25-7ABE-30AB-929E-80A63A7AFBE3}" = Microsoft Portable Library Multi-Targeting Pack
"{2091F234-EB58-4B80-8C96-8EB78C808CF7}" = Facebook Video Calling 3.1.0.521
"{222C5507-AC43-388F-808E-2266EC57E043}" = Microsoft Visual Studio Express 2012 for Windows Desktop - ENU
"{23127FE2-983D-305A-904D-89ED86D36269}" = Microsoft Visual Studio Ultimate 2013
"{23176E97-26CB-C72A-19EB-BFB21AC1D15A}" = Windows Software Development Kit DirectX x86 Remote
"{2386192E-D6DB-4AD2-9564-65586A0AE53E}" = Dotfuscator and Analytics Community Edition
"{23B13DD8-A406-4FEB-8D1C-59C2BBF5661F}" = Microsoft LightSwitch for Visual Studio 2013 v4.5 Tools
"{23F9C27A-E520-4C87-AF99-E5A7D021F24A}" = Visual Studio Extensions for Windows Library for JavaScript
"{24CA683D-8174-4EBF-AD4D-3F2DD7814716}" = Microsoft Exchange Web Services Managed API 2.1
"{26A24AE4-039D-4CA4-87B4-2F83218025F0}" = Java 8 Update 25
"{26D248AB-2690-374C-A763-83CD26CA564D}" = Microsoft Portable Library Multi-Targeting Pack Language Pack - ita
"{28006915-2739-4EBE-B5E8-49B25D32EB33}" = Qualcomm Atheros WLAN and Bluetooth Client Installation Program
"{28C7344F-E894-4CF5-8D05-EDC7ED71796C}" = Behaviors SDK (Windows) for Visual Studio 2013
"{2B22F6A1-5E8E-49D6-B754-84FF69354314}" = Windows Phone 8.1 SDK - x86
"{2C0CC01A-DDBC-3AED-AF18-E741242FD727}" = Microsoft Visual Studio Ultimate 2012 XAML UI Designer enu Resources
"{2C68FCF6-0F04-4ADD-AA39-F8258DEE9FEB}" = Visual Studio Extensions for Windows Library for JavaScript
"{2D7CF073-6583-464A-84D4-F86DE59DCA42}" = MorphVOX Pro
"{2D99B50E-431D-4AA8-85C1-172A6F8BCF09}" = Adobe Photoshop CC
"{2F7DBBE6-8EBC-495C-9041-46A772F4E311}" = Microsoft SQL Server 2012 Management Objects
"{2F8F489A-0476-3129-857B-A553F38B192D}" = Microsoft Visual C++ 2012 Core Libraries
"{30A5B3C9-2084-4063-A32A-628A98DE512B}_is1" = Lightshot-5.1.4.41
"{30BCD3B4-F753-451F-B8F7-86E115A9AE72}" = Надстройка Microsoft Report Viewer для Visual Studio 2013
"{30F2491C-9410-4DB1-BE66-77B360B1F484}" = Microsoft Visual C++ x64-arm Cross Compilers
"{30F99474-EBE3-4134-A02B-F6CD38CFE243}" = Photo Gallery
"{31B12C11-AE4E-479F-8D6D-242DC265368D}" = HitLeap Viewer 2.8
"{35C1D9D6-87C0-46A3-B1B4-EDBCC063221C}" = Prerequisites for SSDT
"{35DA427D-BB23-49B8-9AFD-CFFCFE3B708D}" = clear.fi SDK- Movie 2
"{36B650AB-8FCE-40FC-8763-49FA2EA42713}" = Microsoft Visual C++ 2012 Compilers
"{37464E70-B0B9-9DFF-649A-CBE169BAD657}" = Windows Software Development Kit for Windows Store Apps
"{37E53780-3944-4A6A-842F-727128E8616E}" = Blend for Visual Studio SDK for .NET 4.5
"{388E4B09-3E71-4649-8921-F44A3A2954A7}" = Microsoft Visual Studio 2005 Tools for Office Runtime
"{38FC6E9A-F719-431A-A83D-4C86D5FD6555}" = Microsoft Visual Studio 2012 Shell (Minimum) Resources
"{39D9555C-47A7-38F6-AEB9-9E7CAE1C6AF5}" = VS Update core components
"{3D9CB654-99AD-4301-89C6-0D12A790767C}" = Identity Card
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel® Rapid Storage Technology
"{3EA16E23-14D2-466A-8268-D7CD40DC46B6}" = Open XML SDK 2.5 for Microsoft Office
"{3F29268A-F53A-4387-9F2B-E9368A823178}" = Entity Framework Designer for Visual Studio 2012 - enu
"{3FBFCF2C-392A-4632-9442-14C305B44D5E}" = AzureTools.Notifications
"{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}" = Microsoft ASP.NET MVC 4 Runtime
"{42E10F0D-7227-4710-94FB-7C3AED8CC118}" = Microsoft Visual Studio 2012 IntelliTrace Core x86
"{42F61556-29ED-8122-F39E-6F04EA5FF279}" = Windows Software Development Kit for Windows Store Apps DirectX x86 Remote
"{44AEF1F7-C770-471C-AA62-4145A4F2C517}" = Compon. agg. Microsoft Report Viewer per Visual Studio 2013
"{451526FA-52D1-41F2-B7E2-96343EC95853}" = Windows Azure Tools for LightSwitch HTML Client for Visual Studio 2012
"{46910786-E4AC-41E4-A4A0-C086EA85242D}" = WCF Data Services 5.6.0 Runtime
"{46F044A5-CE8B-4196-984E-5BD6525E361D}" = Apple Application Support
"{4781443E-204D-4D98-8899-18A123C13B1E}" = Microsoft C++ REST SDK for Visual Studio 2013
"{4817D846-700B-474E-A31B-80892B3E92E3}" = Adobe After Effects CS6
"{4869414E-7AEA-4C8E-BE1C-8D40977FD517}" = Adobe Illustrator CS6
"{49039053-F640-497D-AE82-4D83352E1D52}" = Visual Studio 2013용 Microsoft Report Viewer 추가 기능
"{49110532-D289-4BFF-807C-45B782E66A7C}" = Photo Common
"{492498A3-F88C-FE2F-755C-9B1B91724CA5}" = LocalESPC Dev12
"{492FCC0B-45E1-383A-A2CF-9E7F305AC200}" = Microsoft Visual Studio 2013 Team Explorer Language Pack - ENU
"{49BF48CC-ABB6-4795-9B35-B5DE005D8612}" = Pinnacle Game Profiler
"{49D0DBA7-4D22-3EBF-93DD-3569917DD82E}" = Windows Phone 8.0 Tools for Visual Studio 2013 - ENU Language Pack
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4A037836-B224-4890-9631-341F759AD703}" = Memory Profiler
"{4AE57014-05C4-4864-A13D-86517A7E1BA4}" = Microsoft .NET Framework 4.5 SDK
"{4B05FED4-DEDE-4948-BBB4-4AE0B2E1F1A5}" = Visual Studio 2013 的 Microsoft Report Viewer 附加元件
"{4CCBD1F4-CEEC-452A-9CB8-46564B501315}" = Windows Live UX Platform
"{4F2B8233-35EE-4197-8C3B-EACCBF712029}" = Microsoft SQL Server Data Tools - enu (11.1.20828.01)
"{4FEFF0EE-5C22-3D05-B4F3-FD6913C078D4}" = Microsoft SharePoint 2013 Developer Tools for Visual Studio 2012 Nuget Package
"{51499194-6BF8-4D0E-BD27-77D704FA6C5D}" = Microsoft Visual Studio 2013 IntelliTrace (x86)
"{5411060C-8F8C-393D-8D3B-26AF2C92FABB}" = Microsoft Visual Studio 2013 Shell (Minimum)
"{5481F163-B9E5-30A8-8441-4DBBB87D6AA2}" = Microsoft Visual C++ 2013 Microsoft Foundation Class Libraries
"{553C904F-57A2-4113-888E-BA0C3D1C69C0}" = Microsoft VC9 runtime libraries
"{56A47015-095E-48CA-819F-15D0B52C274B}" = Complemento Microsoft Report Viewer para Visual Studio 2013
"{56AD3004-0B49-967F-F682-B05650B61A78}" = Windows Software Development Kit for Windows Store Apps DirectX x86 Remote
"{56E962F0-4FB0-3C67-88DB-9EAA6EEFC493}" = Microsoft .NET Framework 4.5 Multi-Targeting Pack
"{576C5AF1-5298-4770-8AE0-9148AA22E74E}" = Microsoft NuGet - Visual Studio 2012
"{5793BB91-4E91-3C3C-B93F-C2B1EEA35A5F}" = Microsoft Visual Studio Ultimate 2013 - ENU
"{58C8CFA6-BE34-4DFE-91F5-D807F402DFC1}" = Camtasia Studio 8
"{5D31EA24-FD84-3726-A1D7-45A044DB844E}" = Microsoft Visual Studio 2013 XAML UI Designer - ENU
"{5D8DD6A8-C4D7-4554-93F9-F1CC28C72600}" = WCF RIA Services V1.0 SP2
"{607562A3-7BD3-4EDE-BDEA-4F1A8D7E84AA}" = Module Microsoft Report Viewer pour Visual Studio 2013
"{60D5EF2A-4E0C-2C30-38F6-59C26E134F4A}" = Windows Software Development Kit
"{62910715-63E3-0AB0-0B29-99140DE1C15E}" = LocalESPC
"{631471BE-DEAB-454B-A9AC-CE3EB42C28B3}" = Microsoft ASP.NET Web Pages
"{6321F2D4-366B-3AE4-877A-8E539EC3331A}" = Visual F# 3.1 VS
"{635A6AF2-63AF-4C1C-AF57-BDC8AF6D397D}" = UltraEdit
"{63824BC0-B747-43F3-9863-1066D64AD919}" = Photo Gallery
"{64297226-2B81-4588-89BD-76440BC0BCFC}" = Microsoft ASP.NET Web Pages 2 - Visual Studio 2013 - ENU
"{6459F338-FE52-4034-BCA7-74772DA0F24D}" = XSplit Broadcaster
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel® Management Engine Components
"{652B32B3-4C55-3BC9-B493-8FB6DBA21FA9}" = Microsoft Portable Library Multi-Targeting Pack Language Pack - plk
"{65E1FABB-C9B4-3EA9-A915-837C0B03D3DB}" = Microsoft Portable Library Multi-Targeting Pack Language Pack - kor
"{6651A2C9-8389-45AA-A58D-7C38DA75AD97}" = Microsoft Visual Studio 2013 Profiling Tools
"{66F64812-1780-4CFE-9713-1093B8007710}" = Microsoft Visual C++ 2012 Compilers - ENU Resources
"{6781FF9B-E87D-4A03-9373-A55A288B83FA}" = Microsoft SQL Server Data Tools Build Utilities - enu (12.0.30919.1)
"{678800C0-D94E-4513-89CB-478F2B781A0B}" = Microsoft Visual C++ 2013 x86-x64 Compilers
"{68DA3B27-2C18-4366-93B0-6B97F5E9B309}" = Memory Profiler
"{6A0C6700-EA93-372C-8871-DCCF13D160A4}" = Microsoft .NET Framework 4.5.1 Multi-Targeting Pack
"{6A8DB215-7BCD-4377-B015-2E4541A3E7C6}" = Windows Live PIMT Platform
"{6AB13C21-C3EC-46E1-8009-6FD5EBEE515B}" = Microsoft Advertising SDK for Windows 8.1 - ENU
"{6AC81125-8485-463D-9352-3F35A2508C11}" = Microsoft Advertising SDK for Windows Phone 8.1 XAML - ENU
"{6BDD4237-E546-4CBB-91AA-292552B11CCE}" = Elgato Game Capture HD
"{6C06FEE9-C64E-453F-B8A5-D9E9B79ED040}" = Microsoft Visual C++ 2013 32bit Compilers - ENU Resources
"{6CAD2F10-A64E-3DDF-B600-0CFC62F40A4E}" = Microsoft LightSwitch for Visual Studio 2013 CoreRes - ENU
"{6CEA775F-E70A-4D72-A3B4-1EB3A5AD4B5C}" = Windows Live Essentials
"{6D2BBE1D-E600-4695-BA37-0B0E605542CC}" = Office Addin
"{6DAB46E3-D017-3E2B-85D8-F57A230384C0}" = Microsoft Visual Studio Team Foundation Server 2012 Team Explorer
"{6DB8C365-E719-4BA5-9594-10DFC244D3FD}_is1" = Gyazo 1.2
"{6E21414A-F0F4-40D6-9DCD-3F11F6EE7854}_is1" = IQmango Burner 4.5.1
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{72076159-B94A-42AE-A64C-CA3855E9CB28}" = Windows Azure Tools for LightSwitch for Visual Studio 2013 - v2.1
"{73FCC335-A258-328B-80C4-3C7B8EBD9556}" = Microsoft Office Developer Tools for Visual Studio ENU Language Pack
"{747A4BBA-B9D7-4DD5-BC62-5104E2A06066}" = Microsoft ASP.NET and Web Tools 2012.3 - Visual Studio 2012
"{76FA6821-C0E7-38C5-8FD4-93AEB8ADE694}" = Microsoft Office Developer Tools for Visual Studio
"{77E2D875-FD9E-3DEE-9A84-C34FDECB4ECA}" = Microsoft Visual C++ 2012 x86 Debug Runtime - 11.0.60610
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{7993AF75-8149-3664-BAAC-66D18268EE92}" = Microsoft Visual Studio 2013 XAML UI Designer
"{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}" = Skype 6.16
"{7F83A5E9-89C3-48EE-9740-BBC2096BB167}" = Windows Phone 8.1 Tools for Visual Studio 2013 - ENU
"{800F484E-9D69-492D-B656-7BAA32586142}" = Microsoft Visual Studio 2012 Shell (Minimum)
"{820C677A-41B2-48C3-8136-FEE35A052E73}" = Microsoft Visual Studio 2012 Shell (Minimum) Interop Assemblies
"{83499F62-B5EC-4F40-A28C-1297241E4D1D}" = TypeScript Tools for Microsoft Visual Studio 2013
"{834B6E00-F509-40F2-A677-E86261184576}" = Blend for Visual Studio Add-in for Adobe FXG Import
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{84323735-AA6A-4A4D-9E67-B12D9A903962}" = Pixel Bender Toolkit
"{84D88F57-4130-30FE-A0B6-1E04428FE1F6}" = Microsoft Visual C++ 2013 Core Libraries
"{84e72603-1a6a-4c51-81b3-de36aabcc4f8}" = Microsoft Visual Studio Ultimate 2013
"{87E9C967-6BE6-4B3B-B0F6-F102E51D8EAC}" = Windows Azure Shared Components for Microsoft Visual Studio 2013 - v1.1
"{88707808-9420-4D55-8C94-622CF25A8750}" = Microsoft Visual C++ 2012 32bit Compilers - ENU Resources
"{8A642ACD-CE3A-4A23-A8B1-A0F7EB12B214}" = Windows Live SOXE Definitions
"{8A8A0C13-A9B3-45AF-9A4C-4D351E0DFC8A}" = TypeScript Power Tool
"{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}" = NVIDIA PhysX
"{8C1F51D1-47B7-4EE6-8EDD-1646FD78291A}" = Microsoft Visual Studio 2013 Diagnostic Tools - x86
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8E14DDC8-EA60-4E18-B3E3-1937104D5BDA}" = MSVCRT110
"{8E6E8CBB-8E58-493C-943F-4664F5F2FEDB}" = Movie Maker
"{8FB53850-246A-3507-8ADE-0060093FFEA6}" = Visual Studio Tools for the Office system 3.0 Runtime
"{90140000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2010
"{90140000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2010
"{90140000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2010
"{90140000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2010
"{90140000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2010
"{90140000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2010
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2010
"{90140000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2010
"{90140000-003D-0000-0000-0000000FF1CE}" = Microsoft Office Single Image 2010
"{90140000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2010
"{90140000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2010
"{90140000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2010
"{90140000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2010
"{90DFD61B-8224-00C6-3D69-A983B60A394E}" = Bamboo Dock
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{940596e5-652a-4970-8a5a-492e73ed0fbb}" = Windows Phone 8.1 Emulators - ENU
"{943F3FB1-3F9C-4FB7-A4E2-6D53617068C3}" = PreEmptive Analytics Visual Studio Components
"{95185FF8-1102-4C53-AD59-F60229719C1E}" = Windows Azure Mobile Services SDK
"{95716cce-fc71-413f-8ad5-56c2892d4b3a}" = Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610
"{96563105-F726-4865-8C32-416753ECA5F1}" = Microsoft Visual C++ x64-x86 Cross Compilers - ENU Resources
"{96F50F87-0F15-4F93-9FE6-387DD9CFB077}" = Microsoft ASP.NET MVC 4 - Visual Studio 2012 Tools - ENU
"{970C0D49-0A12-3BF3-A9AA-679A91638927}" = Microsoft Portable Library Multi-Targeting Pack Language Pack - csy
"{976C3D92-0DEC-37A6-A870-FF4FC18CD029}" = Microsoft .NET Framework 4.5.1 RC Multi-Targeting Pack for Windows Store Apps
"{979C7495-FB42-484E-92EA-7F2A59DD7718}" = Microsoft ASP.NET MVC 4 - Visual Studio 2013 - ENU
"{984022F2-9BCA-A41D-6A38-1AE658F01415}" = Windows Software Development Kit
"{985EF141-95DD-3934-8F23-7C2C4C61E5F7}" = Microsoft Visual Studio 2013 Shell (Minimum) Resources
"{987AF9AD-BBE5-37EC-A1E9-A0B8A491A7F2}" = Microsoft Portable Library Multi-Targeting Pack Language Pack - trk
"{99FCCA2B-F1FD-E66E-E3B9-AA57FBBF2E66}" = Windows Software Development Kit for Windows Store Apps
"{99FE08AA-78DF-3A2D-8E90-D6F7938298A2}" = Microsoft NuGet - Visual Studio 2013
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9B3A1C97-A361-463E-8817-444F9F88CDFE}" = Microsoft Expression Blend SDK for .NET 4
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9C593464-7F2F-37B3-89F8-7E894E3B09EA}" = Microsoft Visual Studio Professional 2013
"{9DDDF20E-9FD1-4434-A43E-E7889DBC9420}" = Backup Manager v4
"{9ED1634C-4E71-4992-A1BA-7C4BE6EE39E1}" = Blend for Visual Studio 2013 ENU resources
"{A1785BD4-3486-4E7E-8074-E3FC61B8F315}" = Microsoft Visual C++ 2012 x86-x64 Compilers
"{a1909659-0a08-4554-8af1-2175904903a1}" = Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610
"{A1CB8286-CFB3-A985-D799-721A0F2A27F3}" = Windows Software Development Kit DirectX x86 Remote
"{A1D06677-1103-32DE-AA74-6EE44DCF7F81}" = Microsoft Visual C++ 2013 Extended Libraries
"{A223B446-EC3D-3031-828D-5188800AB782}" = Microsoft .NET Framework 4.5.1 RC Multi-Targeting Pack for Windows Store Apps (ENU)
"{A3B8D9FB-CA7D-4487-8CA2-A6A2C8AD1077}" = Microsoft Visual C++ x86 Libraries
"{A47FD1BF-A815-4A76-BE65-53A15BD5D25D}" = Microsoft SQL Server System CLR Types
"{A5AD0B17-F34D-49BE-A157-C8B3D52ACD13}" = AcerCloud
"{A675CE2B-50AA-43B1-8E2B-F60CCDFEDF85}" = Microsoft LightSwitch v4.5 SDK
"{A8229A09-E570-412B-8D18-E78985673E34}" = Microsoft Visual C++ ARM Libraries
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AB127859-6D32-4E23-AA93-537501EC0C9E}" = Microsoft LightSwitch for Visual Studio 2012 v3.0 Core
"{AC76BA86-7AD7-1033-7B44-AB0000000001}" = Adobe Reader XI (11.0.09)
"{AE937DBA-FEFD-3BFE-9860-0591C0F91D61}" = Microsoft Visual Studio 2013 Shell (Minimum) Interop Assemblies
"{AF37176A-78CA-545B-34EF-8B6A21514DD1}" = Adobe Help Manager
"{AFEBDB0A-8A7F-4D50-9EDE-36DB0C52A6F3}" = Microsoft Visual Studio 2013 IntelliTrace Front End
"{B0A82E02-E959-3C46-AB11-D38527BC573E}" = Microsoft Visual Studio Premium 2013
"{B175520C-86A2-35A7-8619-86DC379688B9}" = Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030
"{B1C38F27-D377-8C98-D98D-29B67C0B978D}" = LocalESPCui for en-us Dev12
"{B3C98C29-A2BE-455F-9285-13B745282271}" = Microsoft Visual C++ x64-arm Cross Compilers - ENU Resources
"{B40E950B-300A-41B5-A6C1-2FEBEEA1BEEA}" = Microsoft ASP.NET Web Pages 2 - Visual Studio 2012 Tools - ENU
"{B41F90DB-762F-33BF-A9F8-FA4F6111FBEC}" = Microsoft Portable Library Multi-Targeting Pack Language Pack - esn
"{B503082D-B4CD-32E5-A97C-AB10D2E9111A}" = Microsoft Portable Library Multi-Targeting Pack Language Pack - enu
"{B536762B-1047-4B51-8ECF-46D5686E5416}" = Microsoft ASP.NET Web Pages 2 Runtime
"{B5AD89F2-03D3-4206-8487-018298007DD0}" = clear.fi Photo
"{B6A0A174-33E0-3D42-92EA-547D318CB149}" = Microsoft Visual Studio 2013 Devenv
"{BAE0FA18-FD5F-4734-924C-E4F7EFFCDA0A}" = Microsoft ASP.NET Web Frameworks and Tools - Visual Studio 2013 - ENU
"{BB0D9EE5-F7B1-4986-AF62-DB3BED9A83BC}" = Microsoft Visual C++ x64 Native Compilers - ENU Resources
"{BB543516-F37F-46A4-BED1-C5146A6D9892}" = Build Tools - x86
"{BC102799-5EEB-3079-82C1-BFF7431A9C10}" = Microsoft Portable Library Multi-Targeting Pack Language Pack - cht
"{BCE39B24-8944-4E71-A224-70631A4BBB10}" = Microsoft LightSwitch for Visual Studio 2013 Core
"{BD95A8CD-1D9F-35AD-981A-3E7925026EBB}" = Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030
"{BD9DC17D-C48D-3B1B-944A-D0DE74FC74BC}" = Microsoft Visual C++ 2012 Extended Libraries
"{BE4F3A79-8954-499C-AEF9-E8A3BC235677}" = JavaScript Tooling
"{BF3E2194-F89B-44FB-A801-464BF787599F}" = WCF Data Services Tools for Microsoft Visual Studio 2013
"{C1BE4600-7D15-3D1E-8AA2-B3241DB1D063}" = Microsoft Visual Studio Ultimate 2012 XAML UI Designer Core
"{C1D0E508-ECAF-45AA-A549-1E26B9ECE0FB}" = Microsoft Visual C++ x64-x86 Cross Compilers
"{C23073D8-0F3F-4876-91DE-168A6D0256E3}" = Microsoft Visual Studio 2012 IntelliTrace Front End x86
"{C26C1495-8EBE-3F71-BDA1-7DE2010840D8}" = Microsoft Visual Studio 2013 Devenv Resources
"{C39FA455-9B13-3C5A-98E2-62C0FF3BC3C0}" = Microsoft Portable Library Multi-Targeting Pack Language Pack - deu
"{C424CD5E-EA05-4D3E-B5DA-F9F149E1D3AC}" = Windows Live Installer
"{C4BF6461-F4E4-4A41-BBE2-350766C9420D}" = Microsoft NuGet - Visual Studio Express 2012 for Windows Desktop
"{C611D804-7450-3C3D-943E-C2C96A12911B}" = Windows Phone SDK 8.0 Assemblies
"{C693A804-EF77-4FA5-A173-8043F3F87AF2}" = Microsoft LightSwitch for Visual Studio 2013 v4.5 ToolsRes - ENU
"{C8773FDB-D0DB-BE52-D536-F48F9886B57B}" = Adobe Download Assistant
"{C9B6EFD0-4F01-4BBA-8374-39AD99A3ED72}" = Windows Live Photo Common
"{C9E7751E-88ED-36CF-B610-71A1D262E906}" = Team Explorer for Microsoft Visual Studio 2013
"{CA4FE8B0-298C-4E5D-A486-F33B126D6A0A}" = AcerCloud Docs
"{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}" = Microsoft .NET Framework 4 Multi-Targeting Pack
"{CFF9B1A9-E764-3E0E-99F7-701604123669}" = Microsoft Portable Library Multi-Targeting Pack Language Pack - chs
"{D1C81AC3-2A9A-4838-93DD-D1A92FB33C7E}" = Microsoft LightSwitch for Visual Studio 2012 v3.0 CoreRes - ENU
"{D32EF103-4016-4C15-BCB0-700C0A7A2309}" = Microsoft ASP.NET MVC 3
"{D3517C62-68A5-37CF-92F7-93C029A89681}" = Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (ENU)
"{D3D5C4E8-040F-4C6F-8105-41D43CF94F44}" = NTI Media Maker 9
"{D42681AA-BC16-3C84-949E-45F05D2AA997}" = Microsoft Visual C++ 2013 Core Libraries
"{D4635FB4-434D-4663-A4C8-CFC00FA9D24E}" = Entity Framework 6.1.0 Tools for Visual Studio 2013
"{D4E77BFD-ECA9-40BB-89DC-1367B4139227}" = Microsoft Visual Studio 2013 Preparation
"{D5CC77BE-BC5B-424E-8E45-DF60AFF7BE9C}" = Adobe Pixel Bender Toolkit 2
"{D8DEAAC1-A503-4C97-90F7-EF1E58A3E509}" = Microsoft C++ Azure Mobile SDK for Visual Studio 2013
"{DB5600F1-DE83-46DE-B162-5FC4400EAF5B}" = Microsoft Visual C++ 2013 Compilers
"{DB9620B6-CBBE-433C-A769-5617C40862A8}" = Windows Phone 8.1 SDK - ARM
"{DBD06B28-7B0B-398D-B047-23169EC31239}" = Microsoft Portable Library Multi-Targeting Pack Language Pack - jpn
"{DE0E8FAF-9758-4BFD-A16E-009DB4B8C912}" = Microsoft Visual C++ x64 Native Compilers
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{e0efdce9-a486-4676-8aa5-65bb08cbf34c}" = Microsoft Visual Studio Express 2012 for Windows Desktop - ENU
"{E1FBB3D4-ADB0-4949-B101-855DA061C735}" = Microsoft Silverlight 5 SDK
"{E3739848-5329-48E3-8D28-5BBD6E8BE384}" = CyberLink MediaEspresso 6.5
"{E4C33F5B-1B2F-466E-957E-B274F08151A0}" = Microsoft Web Deploy dbSqlPackage Provider - enu
"{E5CAE8D2-9F9F-3BEA-AA0F-B5B40611C704}" = Microsoft Visual C++ 2013 x86 Debug Runtime - 12.0.21005
"{E66B6040-B567-4DA7-8DA7-AC5AC3CD2E4B}" = Windows Phone 8.1 Tools for Visual Studio Professional 2013
"{E6C7380F-15DD-445E-BA02-B7A180BA0A5A}" = MorphVOX Junior
"{E6F3851E-CEEB-4ECB-A6FA-337C8F662E3D}" = Microsoft Visual C++ 2013 Compilers - ENU Resources
"{E719AF7A-FBD9-45F8-AD4F-EBD1EFD985BB}" = Behaviors SDK (Windows Phone) for Visual Studio 2013
"{E818AE7C-244B-4A50-9C86-C0E4A8B69159}" = Microsoft Visual Studio 2012 Tools for SQL Server Compact 4.0 SP1 ENU
"{E9496860-C86F-4AAD-BAF2-AAE42A02B419}" = Windows Azure Tools for LightSwitch for Visual Studio 2013 - March 2014 Update - v2.2
"{E9674444-9491-3961-873C-017D8912185E}" = Microsoft Visual Studio Professional 2013 - ENU
"{E9AF1707-3F3A-49E2-8345-4F2D629D0876}" = clear.fi Media
"{EA754818-DB87-42B6-9753-E668B9186434}" = 用于 Visual Studio 2013 的 Microsoft 报告查看器加载项
"{EB03EF39-C655-D560-FA95-79182B837D64}" = MagniPic
"{EB6DD27B-191B-49F1-B974-32FE0208EB34}" = Adobe Setup
"{EBA33CAD-E071-48d5-A168-FBA4EEB42E93}" = clear.fi SDK - Video 2
"{EBC890A6-DE7C-44B4-AA03-119B6190D3E1}" = Blend for Visual Studio 2013
"{EBD9DB6D-180B-4C59-9622-B75CC4B32C94}" = Microsoft Advertising Service Extension for Visual Studio
"{ECF8D4B4-FADB-492E-A79A-5BCEA02DB95D}" = boujou 4
"{ED6C77F9-4D7E-447C-9EC0-9A212D075535}" = Movie Maker
"{ED6C8E61-363B-355C-80C7-E676BC781478}" = Microsoft Visual Studio Premium 2013 - ENU
"{EDB07D8D-21FA-4BEB-963C-DAC06CA36423}" = Windows Azure Mobile Services Tools for Visual Studio - v1.1
"{EE26E302-876A-48D9-9058-3129E5B99999}" = Live Updater
"{EE541DCE-3018-4A12-B0A3-7C55D62B3D01}" = Python Tools Redirection Template
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F0CC7067-C42D-41C3-8604-DB88A50306FA}" = Microsoft Report Viewer Add-On for Visual Studio 2013
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel® Processor Graphics
"{F21F0424-B2FF-40BF-A984-9E0D7FB4C97E}" = Windows Live UX Platform Language Pack
"{F361FE04-789E-42F3-BBAB-E7B380AA5E06}" = Windows XP Targeting with C++
"{F395FD4F-40E5-7B56-2BCB-B3CF52B3B52C}" = Windows App Certification Kit x64
"{F3B60BB1-E57D-30A6-9A72-1B8907FAE8BB}" = Microsoft Portable Library Multi-Targeting Pack Language Pack - rus
"{F57F75C9-4DE8-3C3A-AED0-344C353EB945}" = Windows Phone 8.0 Tools for Visual Studio 2013
"{F58FA66E-86F8-4BEA-9E6D-FAE8E0FB86BA}" = Windows Phone 8.1 SDK - Desktop
"{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}" = Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005
"{FAE0523E-08A4-4717-8E8E-6EC6F32CBE88}" = Microsoft SQL Server Data Tools Build Utilities - enu (11.1.20828.01)
"{FCB3772C-B7D0-4933-B1A9-3707EBACC573}" = Intel® SDK for OpenCL - CPU Only Runtime Package
"{FCB384E7-0E3F-431E-A510-2458E1FF21ED}" = Build Tools Language Resources - x86
"{FDEED0E7-C5A0-4293-B2B8-E83E40825F0D}" = Windows Phone 8.1 Tools for Visual Studio Professional 2013 - ENU
"{FE5ABB0E-EDEA-4023-B0FB-9DEA39A98D76}" = BlueStacks Notification Center
"{FE7C0B3D-50B9-4951-BE78-A321CBF86552}" = Windows Live SOXE
"{FEB375AB-6EEC-3929-8FAF-188ED81DD8B5}" = Microsoft Help Viewer 2.0
"{FFC6E93A-B9AD-3F20-9B06-EE20E24AAEAF}" = Microsoft Visual C++ 2012 Core Libraries
"Adobe AIR" = Adobe AIR
"Adobe Creative Cloud" = Adobe Creative Cloud
"Adobe Flash Player Plugin" = Adobe Flash Player 15 Plugin
"Adobe_ca6764a9a650c02bbdf901e3c1d39d4" = Pixel Bender Toolkit
"Any Video Converter_is1" = Any Video Converter 5.0.5
"Audacity_is1" = Audacity 2.0.5
"Bamboo Dock" = Bamboo Dock
"BlueStacks App Player" = BlueStacks App Player
"chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1" = Adobe Help Manager
"com.adobe.downloadassistant.AdobeDownloadAssistant" = Adobe Download Assistant
"Comodo Dragon" = Comodo Dragon
"d4cfeebc-b821-40b7-9f81-d366b1466f03_is1" = Horizon v2.7.6.0
"ESET Online Scanner" = ESET Online Scanner v3
"Freemake Video Converter_is1" = Freemake Video Converter version 4.0.1
"Google Chrome" = Google Chrome
"HASP HL Device Driver" = HASP HL Device Driver
"HMA! Pro VPN" = HMA! Pro VPN 2.6.9
"HxD Hex Editor_is1" = HxD Hex Editor version 1.7.7.0
"InstallShield_{11EF223E-CCCB-4BCC-918D-EA4E59FD05EF}" = UltraCompare
"InstallShield_{4D2F05BB-228E-4081-B94C-50AD015EE462}" = Magic Bullet Suite 64-bit
"InstallShield_{635A6AF2-63AF-4C1C-AF57-BDC8AF6D397D}" = UltraEdit
"InstallShield_{9DDDF20E-9FD1-4434-A43E-E7889DBC9420}" = Acer Backup Manager
"InstallShield_{D3D5C4E8-040F-4C6F-8105-41D43CF94F44}" = NTI Media Maker 9
"InstallShield_{E3739848-5329-48E3-8D28-5BBD6E8BE384}" = CyberLink MediaEspresso 6.5
"Microsoft Help Viewer 2.0" = Microsoft Help Viewer 2.0
"Microsoft Help Viewer 2.1" = Microsoft Help Viewer 2.1
"Microsoft Visual Studio 2005 Tools for Office Runtime" = Microsoft Visual Studio 2005 Tools for Office Runtime
"MoodEditor" = Pamela RME 2.0
"Mozilla Firefox 30.0 (x86 en-US)" = Mozilla Firefox 30.0 (x86 en-US)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"MultiBit 0.5.17" = MultiBit 0.5.17
"MultiBit 0.5.18" = MultiBit 0.5.18
"NetTools_is1" = NetTools 5.0
"NIS" = Norton Internet Security
"Nmap" = Nmap 6.46
"NoIPDUC" = No-IP DUC
"Notepad++" = Notepad++
"Office14.SingleImage" = Microsoft Office Home and Student 2010
"oPryzeLP MC360 Mod Tool" = oPryzeLP MC360 Mod Tool
"Pidgin" = Pidgin
"Popcorn Time_is1" = Popcorn Time
"Prism" = Prism Video File Converter
"Product" = Mullvad
"Proxifier_is1" = Proxifier version 3.21
"PSPad editor_is1" = PSPad editor
"Rainmeter" = Rainmeter
"RealFlowC4D" = RealFlow Plug-in for Cinema4D
"RocketDock_is1" = RocketDock 1.3.5
"Spotify" = Spotify
"Steam" = Steam
"Steam App 218620" = PAYDAY 2
"Steam App 221100" = DayZ
"Steam App 222900" = Dead Island: Epidemic
"Steam App 240" = Counter-Strike: Source
"Steam App 251570" = 7 Days to Die
"Steam App 4000" = Garry's Mod
"TeamViewer 9" = TeamViewer 9
"Twitch Suite" = Twitch Suite
"UltraUXThemePatcher" = UltraUXThemePatcher
"Visual Studio Tools for the Office system 3.0 Runtime" = Visual Studio Tools for the Office system 3.0 Runtime
"VMware_Player" = VMware Player
"VST Bridge_is1" = VST Bridge 1.1
"Wacom WebTabletPlugin for Internet Explorer and Netscape" = WebTablet FB Plugin 32 bit
"wacomid-desktop-launcher.DCFD4B89A63EE70BC162777F06D4B93B6397AEC7.1" = Bamboo Dock
"WinLiveSuite" = Windows Live Essentials
"WinPcapInst" = WinPcap 4.1.3
"winscp3_is1" = WinSCP 5.5.2

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"8a174bae3b17bd9d" = GTCheck
"AceStream" = Ace Stream Media 3.0.3
"Bitcoin" = Bitcoin
"BitTorrent" = BitTorrent
"Dropbox" = Dropbox
"FileZilla Client" = FileZilla Client 3.8.1
"JoinMe" = join.me
"Quickscope Simulator" = Quickscope Simulator
"SkyDriveSetup.exe" = Microsoft SkyDrive
"TeamSpeak 3 Client" = TeamSpeak 3 Client
"uTorrent" = µTorrent

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 04/12/2014 12:47:46 | Computer Name = Betrayed | Source = MsiInstaller | ID = 1024
Description =

Error - 04/12/2014 13:11:37 | Computer Name = Betrayed | Source = Microsoft-Windows-RestartManager | ID = 10007
Description = Application or service 'OpenVPN Access Client' could not be restarted.

Error - 04/12/2014 13:34:19 | Computer Name = Betrayed | Source = Microsoft-Windows-LocationProvider | ID = 2006
Description = There was an error with the Windows Location Provider database

Error - 04/12/2014 13:58:49 | Computer Name = Betrayed | Source = Application Error | ID = 1000
Description = Faulting application name: BtvStack.exe, version: 8.0.0.220, time
stamp: 0x51061e13 Faulting module name: audio.dll, version: 8.0.0.220, time stamp:
0x51061de7 Exception code: 0xc0000005 Fault offset: 0x000000000001aed8 Faulting process
ID: 0x126c Faulting application start time: 0x01d00febdb743416 Faulting application
path: C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe Faulting
module path: C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\Audio\audio.dll
Report
ID: 32514139-7bdf-11e4-81dd-083e8e29d2b2 Faulting package full name: Faulting package-relative
application ID:

Error - 05/12/2014 18:47:33 | Computer Name = Betrayed | Source = Application Error | ID = 1000
Description = Faulting application name: BtvStack.exe, version: 8.0.0.220, time
stamp: 0x51061e13 Faulting module name: audio.dll, version: 8.0.0.220, time stamp:
0x51061de7 Exception code: 0xc0000005 Fault offset: 0x000000000001aed8 Faulting process
ID: 0x8c0 Faulting application start time: 0x01d010dd293522c9 Faulting application
path: C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe Faulting
module path: C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\Audio\audio.dll
Report
ID: b2dd27a2-7cd0-11e4-81de-083e8e29d2b2 Faulting package full name: Faulting package-relative
application ID:

Error - 05/12/2014 18:47:39 | Computer Name = Betrayed | Source = WTabletServiceCon | ID = 1
Description =

Error - 05/12/2014 18:48:37 | Computer Name = Betrayed | Source = Application Hang | ID = 1002
Description = The program Skype.exe version 6.16.66.105 stopped interacting with
Windows and was closed. To see if more information about the problem is available,
check the problem history in the Action Center control panel. Process ID: 824 Start
Time: 01d010dd3344ea30 Termination Time: 4294967295 Application Path: C:\Program
Files (x86)\Skype\Phone\Skype.exe Report Id: d83e1071-7cd0-11e4-81de-083e8e29d2b2

Faulting
package full name: Faulting package-relative application ID:

Error - 06/12/2014 12:24:08 | Computer Name = Betrayed | Source = Application Error | ID = 1000
Description = Faulting application name: BtvStack.exe, version: 8.0.0.220, time
stamp: 0x51061e13 Faulting module name: audio.dll, version: 8.0.0.220, time stamp:
0x51061de7 Exception code: 0xc0000005 Fault offset: 0x000000000001aed8 Faulting process
ID: 0xa88 Faulting application start time: 0x01d01170f6a663f8 Faulting application
path: C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe Faulting
module path: C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\Audio\audio.dll
Report
ID: 4d309931-7d64-11e4-81df-083e8e29d2b2 Faulting package full name: Faulting package-relative
application ID:

Error - 06/12/2014 13:33:00 | Computer Name = Betrayed | Source = Microsoft-Windows-RestartManager | ID = 10006
Description = Application or service 'BlueStacks Agent' could not be shut down.

Error - 06/12/2014 13:33:50 | Computer Name = Betrayed | Source = Microsoft-Windows-RestartManager | ID = 10006
Description = Application or service 'BlueStacks Agent' could not be shut down.

[ System Events ]
Error - 06/12/2014 12:23:45 | Computer Name = Betrayed | Source = Service Control Manager | ID = 7034
Description = The PinnacleUpdate Service service terminated unexpectedly. It has
done this 1 time(s).

Error - 06/12/2014 12:23:54 | Computer Name = Betrayed | Source = DCOM | ID = 10016
Description =

Error - 06/12/2014 12:23:54 | Computer Name = Betrayed | Source = DCOM | ID = 10016
Description =

Error - 06/12/2014 12:23:54 | Computer Name = Betrayed | Source = DCOM | ID = 10016
Description =

Error - 06/12/2014 12:23:54 | Computer Name = Betrayed | Source = DCOM | ID = 10016
Description =

Error - 06/12/2014 12:23:54 | Computer Name = Betrayed | Source = DCOM | ID = 10016
Description =

Error - 06/12/2014 12:23:55 | Computer Name = Betrayed | Source = DCOM | ID = 10016
Description =

Error - 06/12/2014 12:23:55 | Computer Name = Betrayed | Source = DCOM | ID = 10016
Description =

Error - 06/12/2014 12:23:55 | Computer Name = Betrayed | Source = DCOM | ID = 10016
Description =

Error - 06/12/2014 12:23:55 | Computer Name = Betrayed | Source = DCOM | ID = 10016
Description =


< End of report >
  • 0

Advertisements

#2
Betrayed
Posted 07 December 2014 - 09:00 AM

Betrayed

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 119 posts

Would like some help on this ASAP please!


  • 0

#3
BrianDrab
Posted 07 December 2014 - 11:20 AM

BrianDrab

    Trusted Helper

  • Malware Removal
  • 3,591 posts

Hi. My name is Brian, and I would be happy to look into your issue.
 
I am currently in training and my posts will need to be reviewed by an expert, so expect a slight delay between posts.


- General Instructions -

  • Please read all instructions and fixes thoroughly. Read the ENTIRE post BEFORE performing any steps so you understand all that needs to be done.
  • I would advise printing any instructions for easy reference as some of the fixes may require you to boot in Safe mode. Access to these instructions may not be available in Safe Mode.
  • Any fixes provided by myself are for this log file only and should not be used on any other systems.
  • Do not run any other removal software or perform updates other than the ones I provide, as it will complicate the cleaning process.
  • It's very likely that part of our cleanup will include emptying your recycle bin. If you use your recycle bin as an archive and do not wish this to be emptied, please let me know.
  • You have 4 days to reply to each post or the topic will be closed. You will be able to request that the topic be re-opened by sending me a PM (Personal Message) or PM a moderator.
  • Please feel free to ask any questions, especially if you are having problems with my instructions.


- Save ALL Tools to your Desktop-

 

All tools that I have you download should be placed on the desktop unless otherwise stated. If you are familiar with how to save files to the desktop then you can skip this step.
 
Since you are continuing with this step then I assume you are unfamiliar with saving files to your desktop. As a result it's easiest if you configure your browser(s) to download any tools to the desktop by default. Please use the appropriate instructions below depending on the browser you are using.
Chrome.JPGGoogle Chrome - Click the "Customize and control Google Chrome" button in the upper right-corner of the browser.Settings.JPG Choose Settings. at the bottom of the screen click the
"Show advanced settings..." link. Scroll down to find the Downloads section and click the Change... button. Select your desktop and click OK.
Firefox.JPGMozilla Firefox - Click the "Open Menu" button in the upper right-corner of the browser. Settings.JPG Choose Options. In the downloads section, click the Browse button, click on the Desktop folder
and the click the "Select Folder" button. Click OK to get out of the Options menu.
IE.jpgInternet Explorer - Click the Tools menu in the upper right-corner of the browser. Tools.JPG Select View downloads. Select the Options link in the lower left of the window. Click Browse and
select the Desktop and then choose the Select Folder button. Click OK to get out of the download options screen and then click Close to get out of the View Downloads screen.
NOTE: IE8 Does not support changing download locations in this manner. You will need to download the tool(s) to the default folder, usually Downloads, then copy them to the desktop.
 

- Finally Before We Start-

 
Removing malware is a complicated multiple step process, Please stay with me until I have declared your system clean. I strongly recommend you backup your personal files and folders. Although rare, attempting to remove malware can render your machine unbootable or cause data loss. Having backups of your data is your responsibility. Your security programs may give warnings for some of the tools I will ask you to use. Be assured, any links I give are safe.

 

 

 

 

Let's get started. Since you are using Windows 8/8.1 we need to use a different tool to get logs. Please follow the instructions below. Thanks.

 

Step#1 - FRST Scan
 
1. Please download Farbar Recovery Scan Tool and save it to your Desktop.
    Note: You need to run the 64-bit Version so please ensure you download that one.
2. Right click to run as administrator. When the tool opens click Yes to disclaimer.
3. Please ensure you place a check mark in the Addition.txt check box at the bottom of the form before running (if not already).
4. Press Scan button.
5. It will produce a log called FRST.txt in the same directory the tool is run from (which should now be the desktop)
6. Please copy and paste log back here.
7. Another log (Addition.txt - also located in the same directory as FRST64.exe) will be generated Please also paste that along with the FRST.txt into your reply.

 


  • 0

#4
Betrayed
Posted 07 December 2014 - 02:30 PM

Betrayed

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 119 posts

When I scan it after 2 seconds it says: Line 14391 (File "C:\Users\Betrayed\Desktop\FRST64.exe"):

                                                             Error: Variable used without being declared.


  • 0

#5
BrianDrab
Posted 07 December 2014 - 02:44 PM

BrianDrab

    Trusted Helper

  • Malware Removal
  • 3,591 posts

Did you download a new version of FRST64.exe? Just making sure you are not using an old one. Please let me know. Thanks.


  • 1

#6
Betrayed
Posted 07 December 2014 - 02:49 PM

Betrayed

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 119 posts

Yes I downloaded the one you provided.


  • 0

#7
BrianDrab
Posted 07 December 2014 - 03:00 PM

BrianDrab

    Trusted Helper

  • Malware Removal
  • 3,591 posts

Thank you. I'll be back with you shortly.


  • 1

#8
Betrayed
Posted 07 December 2014 - 03:20 PM

Betrayed

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 119 posts

When I turned on my laptop their was 3 files 2 .ini and one .exe that wasn't there before and I didn't put them there they are also transparent. This something to worry about? 


  • 0

#9
BrianDrab
Posted 07 December 2014 - 04:30 PM

BrianDrab

    Trusted Helper

  • Malware Removal
  • 3,591 posts

We'll be able to tell once we can get some logs. The author of the tool has fixed the error you were seeing. Please go ahead and re-download the tool and the issue should be fixed. Thank you.

 

Step#1 - FRST Scan
 
1. Please download Farbar Recovery Scan Tool and save it to your Desktop.
    Note: You need to run the 64-bit Version so please ensure you download that one.
2. Right click to run as administrator. When the tool opens click Yes to disclaimer.
3. Please ensure you place a check mark in the Addition.txt check box at the bottom of the form before running (if not already).
4. Press Scan button.
5. It will produce a log called FRST.txt in the same directory the tool is run from (which should now be the desktop)
6. Please copy and paste log back here.
7. Another log (Addition.txt - also located in the same directory as FRST64.exe) will be generated Please also paste that along with the FRST.txt into your reply.


  • 1

#10
Betrayed
Posted 07 December 2014 - 04:52 PM

Betrayed

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 119 posts

FRST.txt:

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 07-12-2014 02
Ran by Betrayed (administrator) on BETRAYED on 07-12-2014 22:44:35
Running from C:\Users\Betrayed\Desktop
Loaded Profile: Betrayed (Available profiles: Betrayed)
Platform: Windows 8.1 (X64) OS Language: English (United Kingdom)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\SbieSvc.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\WTabletServiceCon.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\AdminService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe
(Comodo Security Solutions, Inc.) C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe
(Freemake) C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe
(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\20.5.0.28\ccsvchst.exe
(Popcorn Time) C:\Program Files (x86)\Popcorn Time\PopcornTimeUpdater.exe
(Dritek System INC.) C:\Windows\RfBtnSvc64.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(VMware, Inc.) C:\Windows\SysWOW64\vmnat.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-Service.exe
(VMware, Inc.) C:\Program Files (x86)\VMware\VMware Player\vmware-authd.exe
(BlueStack Systems) C:\Program Files (x86)\BlueStacks\HD-Network.exe
(BlueStack Systems) C:\Program Files (x86)\BlueStacks\HD-BlockDevice.exe
(BlueStack Systems) C:\Program Files (x86)\BlueStacks\HD-SharedFolder.exe
(VMware, Inc.) C:\Windows\SysWOW64\vmnetdhcp.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\20.5.0.28\ccsvchst.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_TabletUser.exe
(Wacom Technology) C:\Program Files\Tablet\Pen\WacomHost.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_Tablet.exe
(Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_TouchUser.exe
(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe
() C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ActivateDesktop.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe
(Spotify Ltd) C:\Users\Betrayed\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(Nota Inc.) C:\Program Files (x86)\Gyazo\GyStation.exe
(Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\SbieCtrl.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Dropbox, Inc.) C:\Users\Betrayed\AppData\Roaming\Dropbox\bin\Dropbox.exe
(NTI Corporation) C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe
() C:\Program Files\Rainmeter\Rainmeter.exe
() C:\Program Files (x86)\Bamboo Dock\BambooCore.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerTray.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\CEPServiceManager4\CEPServiceManager.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-Agent.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(CyberLink) C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe
() C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\Adobe CEF Helper.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Power Management\ePowerEvent.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
() C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuEmailOutlookAgent.exe
() C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuBrowserIEAgent.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Farbar) C:\Users\Betrayed\Desktop\FRST64 (2).exe
 
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [2873744 2013-01-03] (ELAN Microelectronics Corp.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [472984 2013-09-25] (Adobe Systems Incorporated)
HKLM\...\Run: [ProxyCap] => C:\PROGRA~1\PROXYL~1\ProxyCap\pcapui.exe
HKLM-x32\...\Run: [BakupManagerTray] => C:\Program Files (x86)\NTI\Acer Backup Manager\BackupManagerTray.exe [533056 2012-07-30] (NTI Corporation)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1075296 2013-04-25] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [BambooCore] => C:\Program Files (x86)\Bamboo Dock\BambooCore.exe [646744 2012-10-16] ()
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2237328 2013-11-05] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-11-02] (Apple Inc.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [BlueStacks Agent] => C:\Program Files (x86)\BlueStacks\HD-Agent.exe [819984 2014-03-13] (BlueStack Systems, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [507776 2014-10-07] (Oracle Corporation)
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe [132736 2013-01-28] ( (Qualcomm Atheros Commnucations))
HKLM\...\Policies\Explorer: [NoRecentDocsNetHood] 0
HKLM\...\Policies\Explorer: [NoChangeStartMenu] 0
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-21-3815044672-3107833778-2507571291-1001\...\Run: [MoodEditor.exe] => C:\Program Files (x86)\Pamela RichMood Editor\MoodEditor.exe [1025024 2013-02-10] (Scendix Software-Vertriebsges. mbH)
HKU\S-1-5-21-3815044672-3107833778-2507571291-1001\...\Run: [Google Update] => C:\Users\Betrayed\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2013-01-25] (Google Inc.)
HKU\S-1-5-21-3815044672-3107833778-2507571291-1001\...\Run: [LightShot] => C:\Users\Betrayed\AppData\Local\Skillbrains\lightshot\Lightshot.exe [226560 2014-07-01] ()
HKU\S-1-5-21-3815044672-3107833778-2507571291-1001\...\Run: [Facebook Update] => C:\Users\Betrayed\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2013-06-19] (Facebook Inc.)
HKU\S-1-5-21-3815044672-3107833778-2507571291-1001\...\Run: [Spotify Web Helper] => C:\Users\Betrayed\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1176632 2014-07-04] (Spotify Ltd)
HKU\S-1-5-21-3815044672-3107833778-2507571291-1001\...\Run: [Gyazo] => C:\Program Files (x86)\Gyazo\GyStation.exe [3293288 2013-08-02] (Nota Inc.)
HKU\S-1-5-21-3815044672-3107833778-2507571291-1001\...\Run: [BitTorrent] => C:\Users\Betrayed\AppData\Roaming\BitTorrent\BitTorrent.exe [1138776 2014-01-12] (BitTorrent Inc.)
HKU\S-1-5-21-3815044672-3107833778-2507571291-1001\...\Run: [SandboxieControl] => C:\Program Files\Sandboxie\SbieCtrl.exe [759496 2014-01-17] (Sandboxie Holdings, LLC)
HKU\S-1-5-21-3815044672-3107833778-2507571291-1001\...\Run: [puush] => C:\Program Files (x86)\puush\puush.exe
HKU\S-1-5-21-3815044672-3107833778-2507571291-1001\...\Run: [uTorrent] => C:\Users\Betrayed\AppData\Roaming\uTorrent\uTorrent.exe [1272400 2014-05-15] (BitTorrent Inc.)
HKU\S-1-5-21-3815044672-3107833778-2507571291-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [21440640 2014-05-08] (Skype Technologies S.A.)
HKU\S-1-5-21-3815044672-3107833778-2507571291-1001\...\Run: [Nonoh] => "C:\Program Files (x86)\Nonoh.net\Nonoh\Nonoh.exe" -nosplash -minimized
HKU\S-1-5-21-3815044672-3107833778-2507571291-1001\...\Run: [AceStream] => C:\Users\Betrayed\AppData\Roaming\ACEStream\engine\ace_engine.exe [23984 2014-10-31] ()
HKU\S-1-5-21-3815044672-3107833778-2507571291-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7063832 2014-11-21] (Piriform Ltd)
HKU\S-1-5-21-3815044672-3107833778-2507571291-1001\...\Policies\system: [NoDispAppearancePage] 0
HKU\S-1-5-21-3815044672-3107833778-2507571291-1001\...\Policies\Explorer: [NoPreviewPane] 0
HKU\S-1-5-21-3815044672-3107833778-2507571291-1001\...\Policies\Explorer: [NoTrayContextMenu] 0
HKU\S-1-5-21-3815044672-3107833778-2507571291-1001\...\Policies\Explorer: [NoSetTaskbar] 0
HKU\S-1-5-21-3815044672-3107833778-2507571291-1001\...\Policies\Explorer: [NoFolderOptions] 0
HKU\S-1-5-21-3815044672-3107833778-2507571291-1001\...\Policies\Explorer: [NoViewContextMenu] 0
HKU\S-1-5-21-3815044672-3107833778-2507571291-1001\...\Policies\Explorer: [TaskbarNoNotification] 0
HKU\S-1-5-21-3815044672-3107833778-2507571291-1001\...\Policies\Explorer: [NoWinkeys] 0
HKU\S-1-5-21-3815044672-3107833778-2507571291-1001\...\Policies\Explorer: [NoTrayItemsDisplay] 0
HKU\S-1-5-21-3815044672-3107833778-2507571291-1001\...\Policies\Explorer: [HideClock] 0
HKU\S-1-5-21-3815044672-3107833778-2507571291-1001\...\Policies\Explorer: [HideSCANetwork] 0
HKU\S-1-5-21-3815044672-3107833778-2507571291-1001\...\Policies\Explorer: [HideSCAVolume] 0
Startup: C:\Users\Betrayed\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Betrayed\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\Betrayed\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Rainmeter.lnk
ShortcutTarget: Rainmeter.lnk -> C:\Program Files\Rainmeter\Rainmeter.exe ()
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll ()
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Betrayed\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Betrayed\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Betrayed\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Betrayed\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
BootExecute: ampa
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
HKU\S-1-5-21-3815044672-3107833778-2507571291-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-3815044672-3107833778-2507571291-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://www.aol.com/?...gusaolp00000013
SearchScopes: HKLM-x32 -> DefaultScope value is missing.
SearchScopes: HKU\S-1-5-21-3815044672-3107833778-2507571291-1001 -> {8EEAC88A-079B-4b2c-80C1-7836F79EB40A} URL = http://uk.search.yah...}&fr=chr-comodo
SearchScopes: HKU\S-1-5-21-3815044672-3107833778-2507571291-1001 -> {EC025471-03A9-43A1-895E-72F76BF1511B} URL = 
BHO: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\IEPlugIn.dll (Qualcomm Atheros Commnucations)
BHO: No Name -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} ->  No File
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Microsoft Web Test Recorder 12.0 Helper -> {432dd630-7e03-4c97-9d62-b99f52df4fc2} -> C:\Program Files (x86)\Microsoft Visual Studio 12.0\Common7\IDE\PrivateAssemblies\Microsoft.VisualStudio.QualityTools.RecorderBarBHO100.dll (Microsoft Corporation)
BHO-x32: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Internet Security\Engine\20.5.0.28\coIEPlg.dll (Symantec Corporation)
BHO-x32: Norton Vulnerability Protection -> {6D53EC84-6AAE-4787-AEEE-F4628F01010C} -> C:\Program Files (x86)\Norton Internet Security\Engine\20.5.0.28\IPS\IPSBHO.DLL (Symantec Corporation)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll (Oracle Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - No Name - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} -  No File
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\20.5.0.28\coIEPlg.dll (Symantec Corporation)
Toolbar: HKU\.DEFAULT -> No Name - {61539ECD-CC67-4437-A03C-9AACCBD14326} -  No File
Toolbar: HKU\.DEFAULT -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File
Toolbar: HKU\S-1-5-21-3815044672-3107833778-2507571291-1001 -> No Name - {61539ECD-CC67-4437-A03C-9AACCBD14326} -  No File
DPF: HKLM-x32 {4871A87A-BFDD-4106-8153-FFDE2BAC2967} http://dlm.tools.aka...vex-2.2.6.2.cab
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} -  No File
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} -  No File
Winsock: Catalog5 01 C:\WINDOWS\SysWOW64\PrxerNsp.dll [56424] ()
Winsock: Catalog5-x64 01 %SystemRoot%\system32\PrxerNsp.dll [57448] ()
Hosts: 127.0.0.1 localhost
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
 
FireFox:
========
FF ProfilePath: C:\Users\Betrayed\AppData\Roaming\Mozilla\Firefox\Profiles\2cq6g9ts.default
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_15_0_0_239.dll ()
FF Plugin: @java.com/DTPlugin,version=10.21.2 -> C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin: @wacom.com/wtPlugin,version=2.1.0.2 -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
FF Plugin: adobe.com/AdobeExManDetect -> C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\Win64Plugin\npAdobeExManDetectX64.dll (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_239.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @mcafee.com/SAFFPlugin -> C:\Program Files (x86)\McAfee\SiteAdvisor\npmcffplg32.dll No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3505.0912 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @wacom.com/wtPlugin,version=2.1.0.2 -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll (Adobe Systems)
FF Plugin-x32: adobe.com/AdobeExManDetect -> C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\npAdobeExManDetectX86.dll (Adobe Systems)
FF Plugin HKU\S-1-5-21-3815044672-3107833778-2507571291-1001: @acestream.net/acestreamplugin,version=3.0.3 -> C:\Users\Betrayed\AppData\Roaming\ACEStream\player\npace_plugin.dll (Innovative Digital Technologies)
FF Plugin HKU\S-1-5-21-3815044672-3107833778-2507571291-1001: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\Betrayed\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF Plugin HKU\S-1-5-21-3815044672-3107833778-2507571291-1001: @talk.google.com/GoogleTalkPlugin -> C:\Users\Betrayed\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin HKU\S-1-5-21-3815044672-3107833778-2507571291-1001: @talk.google.com/O1DPlugin -> C:\Users\Betrayed\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF Plugin HKU\S-1-5-21-3815044672-3107833778-2507571291-1001: @tightropeinteractive.com/Plugin -> C:\Users\Betrayed\AppData\Local\TNT2\2.0.0.1534\npTNT2.dll No File
FF Plugin HKU\S-1-5-21-3815044672-3107833778-2507571291-1001: @tools.google.com/Google Update;version=3 -> C:\Users\Betrayed\AppData\Local\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKU\S-1-5-21-3815044672-3107833778-2507571291-1001: @tools.google.com/Google Update;version=9 -> C:\Users\Betrayed\AppData\Local\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKU\S-1-5-21-3815044672-3107833778-2507571291-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Betrayed\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-3815044672-3107833778-2507571291-1001: wacom.com/WacomTabletPlugin -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\Betrayed\AppData\Roaming\mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\Betrayed\AppData\Roaming\mozilla\plugins\npo1d.dll (Google)
FF SearchPlugin: C:\Users\Betrayed\AppData\Roaming\Mozilla\Firefox\Profiles\2cq6g9ts.default\searchplugins\AOL Search.xml
FF Extension: AS Magic Player - C:\Users\Betrayed\AppData\Roaming\Mozilla\Firefox\Profiles\2cq6g9ts.default\Extensions\[email protected] [2014-11-16]
FF Extension: iMacros for Firefox - C:\Users\Betrayed\AppData\Roaming\Mozilla\Firefox\Profiles\2cq6g9ts.default\Extensions\{81BF1D23-5F17-408D-AC6B-BD6DF7CAF670} [2014-06-10]
FF Extension: AOL Messaging Toolbar - C:\Users\Betrayed\AppData\Roaming\Mozilla\Firefox\Profiles\2cq6g9ts.default\Extensions\{c2f863cd-0429-48c7-bb54-db756a951760} [2013-10-05]
FF Extension: PlusWinks - C:\Users\Betrayed\AppData\Roaming\Mozilla\Firefox\Profiles\2cq6g9ts.default\Extensions\[email protected] [2013-12-11]
FF Extension: Adblock Plus - C:\Users\Betrayed\AppData\Roaming\Mozilla\Firefox\Profiles\2cq6g9ts.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-03-04]
FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files (x86)\McAfee\SiteAdvisor
FF HKLM-x32\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.4.0.40\IPSFFPlgn
FF Extension: Norton Vulnerability Protection - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.4.0.40\IPSFFPlgn [2013-06-23]
FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.4.0.40\coFFPlgn
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.4.0.40\coFFPlgn [2014-12-06]
FF HKLM-x32\...\Thunderbird\Extensions: [[email protected]] - C:\Program Files\McAfee\MSK
 
Chrome: 
=======
CHR HomePage: Default -> hxxp://www.google.com/
CHR Profile: C:\Users\Betrayed\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Norton Security Toolbar) - C:\Users\Betrayed\AppData\Local\Google\Chrome\User Data\Default\Extensions\bejnhdlplbjhffionohbdnpcbobfejcc [2014-05-03]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Betrayed\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-09-26]
CHR Extension: (X New Tab Page) - C:\Users\Betrayed\AppData\Local\Google\Chrome\User Data\Default\Extensions\cbmbfafhdccfgdgnbkgogehiklmemkoh [2013-12-10]
CHR Extension: (Adblock Plus) - C:\Users\Betrayed\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2013-11-14]
CHR Extension: (Adblock for Youtube™) - C:\Users\Betrayed\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmedhionkhpnakcndndgjdbohmhepckk [2013-11-18]
CHR Extension: (Tampermonkey) - C:\Users\Betrayed\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2014-04-18]
CHR Extension: (HF Manager) - C:\Users\Betrayed\AppData\Local\Google\Chrome\User Data\Default\Extensions\gehbfoiecdniogejojbjnchahielljjl [2014-06-27]
CHR Extension: (AdBlock) - C:\Users\Betrayed\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2013-11-03]
CHR Extension: (Hola Better Internet) - C:\Users\Betrayed\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkojfkhlekighikafcpjkiklfbnlmeio [2014-09-26]
CHR Extension: (TweetDeck by Twitter) - C:\Users\Betrayed\AppData\Local\Google\Chrome\User Data\Default\Extensions\hbdpomandigafcibbmofojjchbcdagbl [2014-05-17]
CHR Extension: (Lone Tree) - C:\Users\Betrayed\AppData\Local\Google\Chrome\User Data\Default\Extensions\hfmkllfplegemejikoabfpjdaoncphip [2014-03-02]
CHR Extension: (Lightshot (screenshot tool)) - C:\Users\Betrayed\AppData\Local\Google\Chrome\User Data\Default\Extensions\mbniclmhobmnbdlbpiphghaielnnpgdp [2014-02-15]
CHR Extension: (AS Magic Player) - C:\Users\Betrayed\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfhnkgpdlogbknkhlgdjlejeljbhflim [2014-11-16]
CHR Extension: (Google Wallet) - C:\Users\Betrayed\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-21]
CHR HKLM-x32\...\Chrome\Extension: [bejnhdlplbjhffionohbdnpcbobfejcc] - C:\Program Files (x86)\Norton Internet Security\Engine\20.5.0.28\Exts\Chrome.crx [2014-05-02]
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [oknbmiaggcncgeihpofgkabacndiaimp] - C:\Program Files (x86)\RichMediaViewV1\RichMediaViewV1release1176\ch\RichMediaViewV1release1176.crx [Not Found]
 
==================== Services (Whitelisted) =================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 AtherosSvc; C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe [227456 2013-01-28] (Qualcomm Atheros Commnucations)
R2 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [402192 2014-03-13] (BlueStack Systems, Inc.)
R2 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [385808 2014-03-13] (BlueStack Systems, Inc.)
R2 BstHdUpdaterSvc; C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe [770832 2014-03-13] (BlueStack Systems, Inc.)
S3 c2wts; C:\Program Files\Windows Identity Foundation\v3.5\c2wtshost.exe [5632 2014-07-02] (Microsoft Corporation)
R2 CCDMonitorService; C:\Program Files (x86)\Acer\Acer Cloud\CCDMonitorService.exe [2415760 2012-07-27] (Acer Incorporated)
S3 DeviceFastLaneService; C:\Program Files\Acer\Acer Device Fast-lane\DeviceFastLaneSvc.exe [466064 2012-07-31] (Acer Incorporated)
R2 DragonUpdater; C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe [2370240 2014-11-27] (Comodo Security Solutions, Inc.)
R3 ePowerSvc; C:\Program Files\Acer\Acer Power Management\ePowerSvc.exe [659600 2012-07-31] (Acer Incorporated)
R2 Freemake Improver; C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [101888 2013-04-29] (Freemake) [File not signed]
S3 fussvc; C:\Program Files (x86)\Windows Kits\8.1\App Certification Kit\fussvc.exe [142336 2014-02-19] (Microsoft Corporation) [File not signed]
S3 GSService; C:\WINDOWS\SysWOW64\GSService.exe [443080 2013-12-16] ()
R2 IpOverUsbSvc; C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe [22768 2014-04-17] (Microsoft Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [165760 2012-07-18] (Intel Corporation)
R2 NIS; C:\Program Files (x86)\Norton Internet Security\Engine\20.5.0.28\ccSvcHst.exe [144368 2013-05-21] (Symantec Corporation)
S3 NTI IScheduleSvc; C:\Program Files (x86)\NTI\Acer Backup Manager\IScheduleSvc.exe [259136 2012-07-30] (NTI Corporation)
S3 OpenVPNService; C:\Program Files\OpenVPN\bin\openvpnserv.exe [37176 2014-06-05] (The OpenVPN Project)
S2 PinnacleUpdateSvc; C:\Program Files (x86)\PowerUp Software\Pinnacle Game Profiler\pinnacle_updater.exe [438272 2014-01-12] (PowerUp Software, LLC) [File not signed]
R2 Popcorn Time Updater; C:\Program Files (x86)\Popcorn Time\PopcornTimeUpdater.exe [210944 2014-05-22] (Popcorn Time) [File not signed]
R2 RfButtonDriverService; C:\Windows\RfBtnSvc64.exe [93296 2012-08-27] (Dritek System INC.)
S3 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [118520 2013-03-01] (Riverbed Technology, Inc.)
R2 SbieSvc; C:\Program Files\Sandboxie\SbieSvc.exe [187592 2014-01-17] (Sandboxie Holdings, LLC)
S3 Te.Service; C:\Program Files (x86)\Windows Kits\8.1\Testing\Runtimes\TAEF\Wex.Services.exe [119808 2013-08-22] (Microsoft Corporation) [File not signed]
S3 VsEtwService120; C:\Program Files\Microsoft Visual Studio 12.0\Common7\Packages\Debugger\Services\VsEtwService.exe [87736 2014-04-30] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [368632 2014-09-22] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2014-09-22] (Microsoft Corporation)
R2 WTabletServiceCon; C:\Program Files\Tablet\Pen\WTabletServiceCon.exe [619904 2012-11-14] (Wacom Technology, Corp.)
S2 699fd52f; "C:\WINDOWS\system32\rundll32.exe" "c:\progra~3\assist~1\AssistantSvc.dll",service
 
==================== Drivers (Whitelisted) ====================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
S3 ampa; C:\WINDOWS\system32\ampa.sys [17008 2013-11-29] ()
S3 ampa; C:\WINDOWS\SysWOW64\ampa.sys [17008 2013-11-29] ()
R1 BHDrvx64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.4.0.40\Definitions\BASHDefs\20130702.001\BHDrvx64.sys [1393240 2013-05-21] (Symantec Corporation)
R2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [121616 2014-03-13] (BlueStack Systems)
S3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2013-01-28] (Qualcomm Atheros)
R3 BthLEEnum; C:\Windows\System32\drivers\BthLEEnum.sys [226304 2013-12-04] (Microsoft Corporation)
R1 ccSet_NIS; C:\Windows\system32\drivers\NISx64\1405000.01C\ccSetx64.sys [169048 2013-04-16] (Symantec Corporation)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [484512 2013-01-03] (Symantec Corporation)
S3 ElgatoGC658Y; C:\Windows\System32\Drivers\ElgatoGC658.sys [50288 2012-08-30] (UB658)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [138912 2013-07-02] (Symantec Corporation)
S3 Hamachi; C:\Windows\system32\DRIVERS\Hamdrv.sys [45112 2014-12-01] (LogMeIn Inc.)
S2 Hardlock; C:\Windows\system32\drivers\hardlock.sys [296448 2005-06-14] (Aladdin Knowledge Systems Ltd.) [File not signed]
R1 IDSVia64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.4.0.40\Definitions\IPSDefs\20130710.001\IDSvia64.sys [513184 2013-06-21] (Symantec Corporation)
S3 NAVENG; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.4.0.40\Definitions\VirusDefs\20130711.001\ENG64.SYS [126040 2013-07-02] (Symantec Corporation)
S3 NAVEX15; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_20.4.0.40\Definitions\VirusDefs\20130711.001\EX64.SYS [2098776 2013-07-02] (Symantec Corporation)
R2 NPF; C:\Windows\System32\drivers\npf.sys [36600 2013-03-01] (Riverbed Technology, Inc.)
R3 Ps2Kb2Hid; C:\Windows\System32\drivers\aPs2Kb2Hid.sys [26736 2012-08-27] (Dritek System Inc.)
R3 SbieDrv; C:\Program Files\Sandboxie\SbieDrv.sys [202600 2014-01-17] (Sandboxie Holdings, LLC)
R3 SensorsSimulatorDriver; C:\Windows\system32\DRIVERS\WUDFRd.sys [227840 2014-05-31] (Microsoft Corporation)
S3 SRTSP; C:\Windows\System32\Drivers\NISx64\1405000.01C\SRTSP64.SYS [796760 2013-05-16] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\NISx64\1405000.01C\SRTSPX64.SYS [36952 2013-03-05] (Symantec Corporation)
R0 SymDS; C:\Windows\System32\drivers\NISx64\1405000.01C\SYMDS64.SYS [493656 2013-05-21] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\NISx64\1405000.01C\SYMEFA64.SYS [1139800 2013-05-23] (Symantec Corporation)
S4 SymELAM; C:\Windows\system32\drivers\NISx64\1405000.01C\SymELAM.sys [23448 2013-03-05] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [177312 2013-06-23] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\NISx64\1405000.01C\Ironx64.SYS [224416 2013-03-05] (Symantec Corporation)
R1 SymNetS; C:\Windows\System32\Drivers\NISx64\1405000.01C\SYMNETS.SYS [433752 2013-04-25] (Symantec Corporation)
R3 taphss6; C:\Windows\system32\DRIVERS\taphss6.sys [42184 2014-05-17] (Anchorfree Inc.)
S3 tapoas; C:\Windows\system32\DRIVERS\tapoas.sys [30720 2012-07-15] (The OpenVPN Project)
S2 vcs; C:\Program Files (x86)\Common Files\Avnex\vcs64.sys [4096 2014-01-02] () [File not signed]
R3 VCSVADHWSer; C:\Windows\system32\DRIVERS\vcsvad.sys [21504 2008-12-26] (Avnex)
R0 vsock; C:\Windows\System32\drivers\vsock.sys [70296 2012-10-24] (VMware, Inc.)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2014-09-22] (Microsoft Corporation)
S3 xusb22; C:\Windows\System32\drivers\xusb22.sys [87040 2014-03-18] (Microsoft Corporation)
S3 CV2K1; \SystemRoot\system32\DRIVERS\cv2k1.sys [X]
S1 HssDRV6; \SystemRoot\system32\DRIVERS\hssdrv6.sys [X]
S3 MBAMSwissArmy; \??\C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
 
 
==================== One Month Created Files and Folders ========
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2014-12-07 22:43 - 2014-12-07 22:44 - 02119680 _____ (Farbar) C:\Users\Betrayed\Desktop\FRST64 (2).exe
2014-12-07 22:39 - 2014-12-07 22:39 - 00000000 ____D () C:\Users\Betrayed\Documents\Rainmeter
2014-12-07 22:39 - 2014-12-07 22:39 - 00000000 ____D () C:\Users\Betrayed\Documents\Bluetooth Folder
2014-12-07 20:58 - 2014-12-07 21:06 - 02119680 _____ (Farbar) C:\Users\Betrayed\Desktop\FRST64 (1).exe
2014-12-07 19:59 - 2014-12-07 22:44 - 00035943 _____ () C:\Users\Betrayed\Desktop\FRST.txt
2014-12-07 19:58 - 2014-12-07 22:44 - 00000000 ____D () C:\FRST
2014-12-07 19:52 - 2014-12-07 19:57 - 02119680 _____ (Farbar) C:\Users\Betrayed\Desktop\FRST64.exe
2014-12-06 18:04 - 2014-12-06 18:04 - 00000000 ____D () C:\Users\Betrayed\AppData\Roaming\Sublime Text 2
2014-12-06 17:57 - 2014-12-06 17:57 - 00000798 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sublime Text 2.lnk
2014-12-06 17:57 - 2014-12-06 17:57 - 00000000 ____D () C:\Program Files\Sublime Text 2
2014-12-06 17:56 - 2014-12-06 17:56 - 06513608 _____ ( ) C:\Users\Betrayed\Downloads\Sublime Text 2.0.2 x64 Setup.exe
2014-12-06 17:49 - 2014-12-06 19:25 - 00164344 _____ () C:\Users\Betrayed\Desktop\Extras.Txt
2014-12-06 17:48 - 2014-12-06 19:25 - 00251072 _____ () C:\Users\Betrayed\Desktop\OTL.Txt
2014-12-06 17:34 - 2014-04-15 16:35 - 00028352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aspnet_counters.dll
2014-12-06 17:34 - 2014-04-15 16:34 - 00029888 _____ (Microsoft Corporation) C:\WINDOWS\system32\aspnet_counters.dll
2014-12-06 16:52 - 2014-12-06 16:50 - 00098216 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2014-12-06 16:51 - 2014-12-06 16:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-12-06 16:49 - 2014-12-06 16:49 - 00602112 _____ (OldTimer Tools) C:\Users\Betrayed\Desktop\OTL.exe
2014-12-06 16:45 - 2014-12-06 16:47 - 69999448 _____ (Microsoft Corporation) C:\Users\Betrayed\Downloads\NDP452-KB2901907-x86-x64-AllOS-ENU.exe
2014-12-06 16:45 - 2014-12-06 16:45 - 00638888 _____ (Oracle Corporation) C:\Users\Betrayed\Downloads\chromeinstall-8u25.exe
2014-12-06 16:28 - 2014-12-06 16:28 - 00060516 _____ () C:\Users\Betrayed\Downloads\Result.txt
2014-12-06 16:27 - 2014-12-06 16:27 - 00401920 _____ (Farbar) C:\Users\Betrayed\Downloads\MiniToolBox.exe
2014-12-04 17:57 - 2014-12-04 17:57 - 00000195 _____ () C:\WINDOWS\setupact.log
2014-12-04 17:57 - 2014-12-04 17:57 - 00000000 _____ () C:\WINDOWS\setuperr.log
2014-12-04 17:47 - 2014-11-20 20:51 - 00106976 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2014-12-04 17:46 - 2014-11-20 20:51 - 00714208 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2014-12-04 17:45 - 2014-12-06 20:13 - 00006252 _____ () C:\WINDOWS\PFRO.log
2014-12-04 16:54 - 2014-12-04 16:54 - 00000838 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-12-04 16:52 - 2014-12-04 16:53 - 05162080 _____ (Piriform Ltd) C:\Users\Betrayed\Downloads\ccsetup500.exe
2014-12-04 16:50 - 2014-11-09 23:19 - 00991232 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2014-12-04 16:50 - 2014-11-09 23:19 - 00806400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2014-12-04 16:50 - 2014-11-09 23:18 - 00259584 _____ (Microsoft Corporation) C:\WINDOWS\system32\pku2u.dll
2014-12-04 16:50 - 2014-11-09 23:18 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pku2u.dll
2014-12-04 00:08 - 2014-12-04 00:08 - 00000000 ____D () C:\Program Files (x86)\Comodo
2014-12-03 20:30 - 2014-07-24 09:44 - 16874496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2014-12-03 20:30 - 2014-07-24 09:16 - 12730880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2014-12-03 20:29 - 2014-07-24 15:28 - 00419648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbhub.sys
2014-12-03 20:29 - 2014-07-24 15:28 - 00412992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2014-12-03 20:29 - 2014-07-24 15:28 - 00280384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2014-12-03 20:29 - 2014-07-24 15:28 - 00143680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbccgp.sys
2014-12-03 20:29 - 2014-07-24 15:23 - 00125472 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmapi.dll
2014-12-03 20:29 - 2014-07-24 15:20 - 00645592 _____ (Microsoft Corporation) C:\WINDOWS\system32\SHCore.dll
2014-12-03 20:29 - 2014-07-24 15:20 - 00263400 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2014-12-03 20:29 - 2014-07-24 15:16 - 02574208 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVDECOD.DLL
2014-12-03 20:29 - 2014-07-24 15:16 - 00211216 _____ (Microsoft Corporation) C:\WINDOWS\system32\SndVol.exe
2014-12-03 20:29 - 2014-07-24 15:07 - 02009920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2014-12-03 20:29 - 2014-07-24 15:05 - 01660048 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2014-12-03 20:29 - 2014-07-24 15:05 - 01519560 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2014-12-03 20:29 - 2014-07-24 15:05 - 01488008 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2014-12-03 20:29 - 2014-07-24 15:05 - 01356840 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2014-12-03 20:29 - 2014-07-24 15:03 - 02141920 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2014-12-03 20:29 - 2014-07-24 15:03 - 00882136 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2014-12-03 20:29 - 2014-07-24 15:03 - 00360480 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfreadwrite.dll
2014-12-03 20:29 - 2014-07-24 15:03 - 00233888 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2014-12-03 20:29 - 2014-07-24 15:03 - 00205512 _____ (Microsoft Corporation) C:\WINDOWS\system32\mftranscode.dll
2014-12-03 20:29 - 2014-07-24 13:50 - 00098048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmapi.dll
2014-12-03 20:29 - 2014-07-24 13:48 - 02410976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVDECOD.DLL
2014-12-03 20:29 - 2014-07-24 13:48 - 00180208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SndVol.exe
2014-12-03 20:29 - 2014-07-24 13:46 - 00477200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SHCore.dll
2014-12-03 20:29 - 2014-07-24 13:36 - 02145472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2014-12-03 20:29 - 2014-07-24 13:36 - 00707536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2014-12-03 20:29 - 2014-07-24 13:36 - 00355800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfreadwrite.dll
2014-12-03 20:29 - 2014-07-24 13:36 - 00180720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mftranscode.dll
2014-12-03 20:29 - 2014-07-24 11:51 - 00008192 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDRUM.DLL
2014-12-03 20:29 - 2014-07-24 11:51 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDYAK.DLL
2014-12-03 20:29 - 2014-07-24 11:51 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDTT102.DLL
2014-12-03 20:29 - 2014-07-24 11:51 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDTAT.DLL
2014-12-03 20:29 - 2014-07-24 11:51 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDRU1.DLL
2014-12-03 20:29 - 2014-07-24 11:51 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDBASH.DLL
2014-12-03 20:29 - 2014-07-24 11:51 - 00006656 _____ (Microsoft Corporation) C:\WINDOWS\system32\KBDRU.DLL
2014-12-03 20:29 - 2014-07-24 11:46 - 00079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\IPMIDrv.sys
2014-12-03 20:29 - 2014-07-24 11:45 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hdaudbus.sys
2014-12-03 20:29 - 2014-07-24 11:44 - 00674816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2014-12-03 20:29 - 2014-07-24 11:43 - 00412160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys
2014-12-03 20:29 - 2014-07-24 11:42 - 00446976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nwifi.sys
2014-12-03 20:29 - 2014-07-24 11:42 - 00126464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\NdisImPlatform.sys
2014-12-03 20:29 - 2014-07-24 11:41 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthpan.sys
2014-12-03 20:29 - 2014-07-24 11:06 - 00220160 _____ (Microsoft Corporation) C:\WINDOWS\system32\iasnap.dll
2014-12-03 20:29 - 2014-07-24 11:05 - 00287232 _____ (Microsoft Corporation) C:\WINDOWS\system32\usbmon.dll
2014-12-03 20:29 - 2014-07-24 11:05 - 00226816 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebClnt.dll
2014-12-03 20:29 - 2014-07-24 10:52 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDYAK.DLL
2014-12-03 20:29 - 2014-07-24 10:52 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDTT102.DLL
2014-12-03 20:29 - 2014-07-24 10:52 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDTAT.DLL
2014-12-03 20:29 - 2014-07-24 10:51 - 00008192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDRUM.DLL
2014-12-03 20:29 - 2014-07-24 10:51 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDRU1.DLL
2014-12-03 20:29 - 2014-07-24 10:51 - 00007168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDBASH.DLL
2014-12-03 20:29 - 2014-07-24 10:51 - 00006656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KBDRU.DLL
2014-12-03 20:29 - 2014-07-24 10:49 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkFoldersGPExt.dll
2014-12-03 20:29 - 2014-07-24 10:32 - 00207360 _____ (Microsoft Corporation) C:\WINDOWS\system32\powercfg.cpl
2014-12-03 20:29 - 2014-07-24 10:20 - 02050560 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2014-12-03 20:29 - 2014-07-24 10:18 - 01089024 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpedit.dll
2014-12-03 20:29 - 2014-07-24 10:12 - 00878592 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActionCenter.dll
2014-12-03 20:29 - 2014-07-24 10:10 - 01844224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Display.dll
2014-12-03 20:29 - 2014-07-24 10:10 - 00834560 _____ (Microsoft Corporation) C:\WINDOWS\system32\osk.exe
2014-12-03 20:29 - 2014-07-24 10:10 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WebClnt.dll
2014-12-03 20:29 - 2014-07-24 10:10 - 00168960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iasnap.dll
2014-12-03 20:29 - 2014-07-24 10:05 - 00187392 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkFoldersShell.dll
2014-12-03 20:29 - 2014-07-24 09:52 - 00621056 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll
2014-12-03 20:29 - 2014-07-24 09:42 - 00206336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\powercfg.cpl
2014-12-03 20:29 - 2014-07-24 09:40 - 00557056 _____ (Microsoft Corporation) C:\WINDOWS\system32\PrintDialogs.dll
2014-12-03 20:29 - 2014-07-24 09:39 - 00770048 _____ (Microsoft Corporation) C:\WINDOWS\system32\WorkfoldersControl.dll
2014-12-03 20:29 - 2014-07-24 09:33 - 01741824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRH.dll
2014-12-03 20:29 - 2014-07-24 09:32 - 01048064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gpedit.dll
2014-12-03 20:29 - 2014-07-24 09:27 - 00779264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\osk.exe
2014-12-03 20:29 - 2014-07-24 09:25 - 00832512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActionCenter.dll
2014-12-03 20:29 - 2014-07-24 09:24 - 01817088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Display.dll
2014-12-03 20:29 - 2014-07-24 09:21 - 00134144 _____ (Microsoft Corporation) C:\WINDOWS\system32\browser.dll
2014-12-03 20:29 - 2014-07-24 09:18 - 00018432 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvcpal.dll
2014-12-03 20:29 - 2014-07-24 09:14 - 00443904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansec.dll
2014-12-03 20:29 - 2014-07-24 09:12 - 00127488 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiDisplay.dll
2014-12-03 20:29 - 2014-07-24 09:11 - 00356864 _____ (Microsoft Corporation) C:\WINDOWS\system32\conhost.exe
2014-12-03 20:29 - 2014-07-24 09:11 - 00063488 _____ (Microsoft Corporation) C:\WINDOWS\system32\wshbth.dll
2014-12-03 20:29 - 2014-07-24 09:10 - 00540672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll
2014-12-03 20:29 - 2014-07-24 09:04 - 00492032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintDialogs.dll
2014-12-03 20:29 - 2014-07-24 09:04 - 00183808 _____ (Microsoft Corp.) C:\WINDOWS\system32\Defrag.exe
2014-12-03 20:29 - 2014-07-24 09:03 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\system32\srvsvc.dll
2014-12-03 20:29 - 2014-07-24 09:02 - 00220160 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2014-12-03 20:29 - 2014-07-24 08:58 - 00105472 _____ (Microsoft Corporation) C:\WINDOWS\system32\BluetoothApis.dll
2014-12-03 20:29 - 2014-07-24 08:53 - 01261056 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpsvc.dll
2014-12-03 20:29 - 2014-07-24 08:53 - 00449536 _____ (Microsoft Corporation) C:\WINDOWS\system32\defragsvc.dll
2014-12-03 20:29 - 2014-07-24 08:49 - 01287680 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll
2014-12-03 20:29 - 2014-07-24 08:49 - 00296960 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanapi.dll
2014-12-03 20:29 - 2014-07-24 08:48 - 00659968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Bluetooth.dll
2014-12-03 20:29 - 2014-07-24 08:47 - 00102912 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmcsp.dll
2014-12-03 20:29 - 2014-07-24 08:43 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wshbth.dll
2014-12-03 20:29 - 2014-07-24 08:39 - 02397184 _____ (Microsoft Corporation) C:\WINDOWS\system32\storagewmi.dll
2014-12-03 20:29 - 2014-07-24 08:38 - 00371200 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanmsm.dll
2014-12-03 20:29 - 2014-07-24 08:36 - 00079872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BluetoothApis.dll
2014-12-03 20:29 - 2014-07-24 08:32 - 01532416 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2014-12-03 20:29 - 2014-07-24 08:30 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanapi.dll
2014-12-03 20:29 - 2014-07-24 08:29 - 00439296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Bluetooth.dll
2014-12-03 20:29 - 2014-07-24 08:28 - 00595456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.dll
2014-12-03 20:29 - 2014-07-24 08:23 - 01404416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\storagewmi.dll
2014-12-03 20:29 - 2014-07-24 08:22 - 00487936 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2014-12-03 20:29 - 2014-07-24 08:21 - 01231872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2014-12-03 20:29 - 2014-07-24 08:21 - 00302080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanmsm.dll
2014-12-03 20:29 - 2014-07-24 08:18 - 01144320 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanmm.dll
2014-12-03 20:29 - 2014-07-24 08:18 - 00795136 _____ (Microsoft Corporation) C:\WINDOWS\system32\spoolsv.exe
2014-12-03 20:29 - 2014-07-24 08:16 - 00505344 _____ (Microsoft Corporation) C:\WINDOWS\system32\VAN.dll
2014-12-03 20:29 - 2014-07-24 08:16 - 00084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpdbusenum.dll
2014-12-03 20:29 - 2014-07-24 08:15 - 00721408 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.dll
2014-12-03 20:29 - 2014-07-24 08:15 - 00432128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.dll
2014-12-03 20:29 - 2014-07-24 08:13 - 00226304 _____ (Microsoft Corporation) C:\WINDOWS\system32\SndVolSSO.dll
2014-12-03 20:29 - 2014-07-24 08:10 - 00889344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2014-12-03 20:29 - 2014-07-24 08:10 - 00371712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2014-12-03 20:29 - 2014-07-24 08:08 - 00321536 _____ (Microsoft Corporation) C:\WINDOWS\system32\stobject.dll
2014-12-03 20:29 - 2014-07-24 08:05 - 00448000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VAN.dll
2014-12-03 20:29 - 2014-07-24 08:01 - 01992192 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsPrint.dll
2014-12-03 20:29 - 2014-07-24 08:00 - 02100736 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlowUI.dll
2014-12-03 20:29 - 2014-07-24 07:58 - 00432640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanconn.dll
2014-12-03 20:29 - 2014-07-24 07:58 - 00288768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\stobject.dll
2014-12-03 20:29 - 2014-07-24 07:54 - 01290752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsPrint.dll
2014-12-03 20:29 - 2014-07-24 07:50 - 01182208 _____ (Microsoft Corporation) C:\WINDOWS\system32\printui.dll
2014-12-03 20:29 - 2014-07-24 07:47 - 00576512 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSync.dll
2014-12-03 20:29 - 2014-07-24 07:44 - 01057792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\printui.dll
2014-12-03 20:29 - 2014-07-24 07:41 - 00459264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSync.dll
2014-12-03 20:29 - 2014-07-24 07:28 - 01600000 _____ (Microsoft Corporation) C:\WINDOWS\system32\workfolderssvc.dll
2014-12-03 20:29 - 2014-07-24 04:11 - 00513544 _____ () C:\WINDOWS\SysWOW64\locale.nls
2014-12-03 20:29 - 2014-07-24 04:11 - 00513544 _____ () C:\WINDOWS\system32\locale.nls
2014-12-03 20:29 - 2014-07-12 05:55 - 00268288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wisp.dll
2014-12-03 20:29 - 2014-07-12 04:58 - 00210944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wisp.dll
2014-12-03 20:29 - 2014-07-04 12:59 - 00295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ks.sys
2014-12-03 20:29 - 2014-07-04 10:29 - 00117248 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSip.dll
2014-12-03 20:29 - 2014-07-04 10:20 - 01656832 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2014-12-03 20:29 - 2014-07-04 10:06 - 00095232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxSip.dll
2014-12-03 20:29 - 2014-07-04 10:00 - 01351168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2014-12-03 20:29 - 2014-07-04 09:30 - 00544768 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxPackaging.dll
2014-12-03 20:29 - 2014-07-04 09:27 - 00474112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxPackaging.dll
2014-12-03 20:29 - 2014-06-27 06:22 - 00246272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
2014-12-03 20:29 - 2014-06-26 00:32 - 01029632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mispace.dll
2014-12-03 20:29 - 2014-06-26 00:29 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\dab.dll
2014-12-03 20:29 - 2014-06-19 23:37 - 00206848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2014-12-03 20:29 - 2014-06-19 02:13 - 00310080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\volsnap.sys
2014-12-03 20:29 - 2014-06-14 06:03 - 02389504 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll
2014-12-03 20:29 - 2014-06-14 05:46 - 02071552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll
2014-12-03 20:29 - 2014-06-07 12:46 - 00216368 _____ (Microsoft Corporation) C:\WINDOWS\system32\rsaenh.dll
2014-12-03 20:29 - 2014-06-07 10:20 - 00189016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rsaenh.dll
2014-12-03 20:29 - 2014-06-05 14:00 - 01118040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2014-12-03 20:29 - 2014-06-05 10:18 - 01018368 _____ (Microsoft Corporation) C:\WINDOWS\system32\aclui.dll
2014-12-03 20:29 - 2014-06-05 09:42 - 00889856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aclui.dll
2014-12-03 20:29 - 2014-05-31 05:00 - 01463808 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsecedit.dll
2014-12-03 20:29 - 2014-05-31 04:18 - 01319936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsecedit.dll
2014-12-03 20:29 - 2014-05-29 06:23 - 00427008 _____ (Microsoft Corporation) C:\WINDOWS\system32\clusapi.dll
2014-12-03 20:29 - 2014-05-29 05:25 - 00313856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clusapi.dll
2014-12-03 20:29 - 2014-05-26 07:26 - 00053248 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSysprep.dll
2014-12-03 20:29 - 2014-05-10 10:12 - 00387896 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcryptprimitives.dll
2014-12-03 20:29 - 2014-05-10 08:46 - 00335680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll
2014-12-03 20:29 - 2014-05-06 04:41 - 00486744 _____ (Microsoft Corporation) C:\WINDOWS\system32\netcfgx.dll
2014-12-03 20:29 - 2014-05-06 00:55 - 00391000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netcfgx.dll
2014-12-03 20:29 - 2014-03-25 02:27 - 00160600 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmmbase.dll
2014-12-03 20:29 - 2014-03-25 02:27 - 00123920 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmm.dll
2014-12-03 20:29 - 2014-03-25 01:20 - 00128568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmm.dll
2014-12-03 20:29 - 2014-03-25 01:20 - 00127544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmmbase.dll
2014-12-03 20:20 - 2014-09-04 00:12 - 00590336 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastls.dll
2014-12-03 20:20 - 2014-09-04 00:01 - 00514048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastls.dll
2014-12-03 20:20 - 2014-08-16 04:08 - 01507648 _____ (Microsoft Corporation) C:\WINDOWS\system32\propsys.dll
2014-12-03 20:20 - 2014-08-16 04:01 - 01710184 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2014-12-03 20:20 - 2014-08-16 03:58 - 01112512 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2014-12-03 20:20 - 2014-08-16 03:16 - 01205976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\propsys.dll
2014-12-03 20:20 - 2014-08-16 03:03 - 01467384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2014-12-03 20:20 - 2014-08-16 01:31 - 00838144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2014-12-03 20:20 - 2014-08-16 01:04 - 00359424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wldap32.dll
2014-12-03 20:20 - 2014-08-16 00:58 - 00287744 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemEventsBrokerServer.dll
2014-12-03 20:20 - 2014-08-16 00:53 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\httpprxm.dll
2014-12-03 20:20 - 2014-08-16 00:46 - 00290816 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProximityService.dll
2014-12-03 20:20 - 2014-08-16 00:45 - 00267776 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2014-12-03 20:20 - 2014-08-16 00:43 - 00321024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Wldap32.dll
2014-12-03 20:20 - 2014-08-16 00:43 - 00075776 _____ (Microsoft Corporation) C:\WINDOWS\system32\adhsvc.dll
2014-12-03 20:20 - 2014-08-16 00:31 - 00914432 _____ (Microsoft Corporation) C:\WINDOWS\system32\iphlpsvc.dll
2014-12-03 20:20 - 2014-08-16 00:31 - 00286208 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcsvDevice.dll
2014-12-03 20:20 - 2014-08-16 00:29 - 00249344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-12-03 20:20 - 2014-08-16 00:23 - 01106432 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFolder.dll
2014-12-03 20:20 - 2014-08-16 00:22 - 00717824 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveTelemetry.dll
2014-12-03 20:20 - 2014-08-16 00:22 - 00286208 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveShell.dll
2014-12-03 20:20 - 2014-08-16 00:19 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-12-03 20:20 - 2014-08-16 00:18 - 04758528 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncEngine.dll
2014-12-03 20:20 - 2014-08-16 00:17 - 08757760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2014-12-03 20:20 - 2014-08-16 00:14 - 00265216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SkyDriveShell.dll
2014-12-03 20:20 - 2014-08-16 00:13 - 06649344 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2014-12-03 20:20 - 2014-08-16 00:13 - 05902848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Search.dll
2014-12-03 20:20 - 2014-08-16 00:13 - 00840192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFolder.dll
2014-12-03 20:20 - 2014-08-16 00:11 - 00920064 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll
2014-12-03 20:20 - 2014-08-16 00:10 - 01120768 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDrive.exe
2014-12-03 20:20 - 2014-08-16 00:08 - 05777408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2014-12-03 20:20 - 2014-08-16 00:07 - 00756224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSShared.dll
2014-12-03 20:20 - 2014-07-24 15:28 - 00468288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2014-12-03 20:20 - 2014-07-24 11:42 - 01200640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2014-12-03 20:20 - 2014-07-24 11:41 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bridge.sys
2014-12-03 20:20 - 2014-07-24 10:09 - 01057280 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdvidcrl.dll
2014-12-03 20:20 - 2014-07-24 09:27 - 00855552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdvidcrl.dll
2014-12-03 19:57 - 2014-12-03 19:57 - 04443312 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerInstaller.exe
2014-12-01 15:51 - 2014-12-01 15:51 - 00045112 ____H (LogMeIn Inc.) C:\WINDOWS\system32\Drivers\Hamdrv.sys
2014-11-16 22:38 - 2014-12-03 19:56 - 00000000 ____D () C:\Users\Betrayed\AppData\Roaming\.ACEStream
2014-11-16 22:38 - 2014-11-16 22:38 - 00000000 ___HD () C:\_acestream_cache_
2014-11-16 22:38 - 2014-11-16 22:38 - 00000000 ____D () C:\Users\Betrayed\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ace Stream Media
2014-11-16 22:37 - 2014-11-16 22:38 - 00000000 ____D () C:\Users\Betrayed\AppData\Roaming\ACEStream
2014-11-16 22:35 - 2014-11-16 22:37 - 67621992 _____ () C:\Users\Betrayed\Downloads\Ace_Stream_Media_3.0.3.exe
2014-11-15 23:54 - 2014-09-08 03:07 - 02497344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2014-11-15 23:54 - 2014-09-07 22:08 - 00389176 _____ () C:\WINDOWS\system32\ApnDatabase.xml
2014-11-15 23:54 - 2014-09-04 22:21 - 01053184 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2014-11-15 23:54 - 2014-09-04 03:05 - 00836176 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2014-11-15 23:54 - 2014-08-31 00:15 - 21197152 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2014-11-15 23:54 - 2014-08-30 22:59 - 18723112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2014-11-15 23:54 - 2014-08-30 21:04 - 00941568 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2014-11-15 23:54 - 2014-08-28 02:55 - 07484224 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2014-11-15 23:54 - 2014-08-23 05:14 - 13424128 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2014-11-15 23:54 - 2014-08-23 04:50 - 02714112 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers.dll
2014-11-15 23:53 - 2014-09-10 06:25 - 00474432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netio.sys
2014-11-15 23:53 - 2014-09-08 03:07 - 00428864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2014-11-15 23:53 - 2014-09-04 22:30 - 00822272 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2014-11-15 23:53 - 2014-09-04 02:22 - 00670384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2014-11-15 23:53 - 2014-09-04 01:01 - 00448512 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiobj.dll
2014-11-15 23:53 - 2014-09-04 00:32 - 00334336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiobj.dll
2014-11-15 23:53 - 2014-09-04 00:10 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\winbici.dll
2014-11-15 23:53 - 2014-09-03 23:57 - 00921600 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2014-11-15 23:53 - 2014-09-03 23:49 - 00626688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MrmCoreR.dll
2014-11-15 23:53 - 2014-08-31 00:17 - 00148800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBSTOR.SYS
2014-11-15 23:53 - 2014-08-30 22:05 - 00615424 _____ (Microsoft Corporation) C:\WINDOWS\system32\FXSCOMEX.dll
2014-11-15 23:53 - 2014-08-30 21:58 - 00275968 _____ (Microsoft Corporation) C:\WINDOWS\system32\FXSAPI.dll
2014-11-15 23:53 - 2014-08-30 20:53 - 00239104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FXSAPI.dll
2014-11-15 23:53 - 2014-08-30 20:17 - 00799744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2014-11-15 23:53 - 2014-08-28 00:21 - 02480128 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmSvc.dll
2014-11-15 23:53 - 2014-08-28 00:06 - 02030592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmSvc.dll
2014-11-15 23:53 - 2014-08-23 05:04 - 11820544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2014-11-15 23:53 - 2014-08-02 00:51 - 00545792 _____ (Microsoft Corporation) C:\WINDOWS\system32\untfs.dll
2014-11-15 23:53 - 2014-08-02 00:35 - 00485376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\untfs.dll
2014-11-15 23:53 - 2014-07-24 11:22 - 00308736 _____ (Microsoft Corporation) C:\WINDOWS\system32\compstui.dll
2014-11-15 23:53 - 2014-07-24 09:53 - 00215552 _____ (Microsoft Corporation) C:\WINDOWS\system32\prnntfy.dll
2014-11-15 23:53 - 2014-07-24 09:13 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\prnntfy.dll
2014-11-15 23:53 - 2014-07-24 08:20 - 00187392 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiapi.dll
2014-11-15 23:53 - 2014-07-24 08:08 - 00162816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiapi.dll
2014-11-15 23:53 - 2014-07-24 07:49 - 00263680 _____ (Microsoft Corporation) C:\WINDOWS\system32\DafPrintProvider.dll
2014-11-15 23:53 - 2014-07-24 07:43 - 00200192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DafPrintProvider.dll
2014-11-15 23:50 - 2014-09-22 04:38 - 01519488 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2014-11-15 23:50 - 2014-09-22 03:06 - 00258368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdFilter.sys
2014-11-15 23:50 - 2014-09-22 03:06 - 00114496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdNisDrv.sys
2014-11-15 23:50 - 2014-09-22 02:49 - 00035320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdBoot.sys
2014-11-15 23:50 - 2014-09-19 00:16 - 01346048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2014-11-15 23:50 - 2014-09-02 22:08 - 00014336 _____ (Microsoft Corporation) C:\WINDOWS\system32\winshfhc.dll
2014-11-15 23:50 - 2014-09-02 22:08 - 00012800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winshfhc.dll
2014-11-15 23:45 - 2014-10-13 02:33 - 00116032 _____ (Microsoft Corporation) C:\WINDOWS\system32\consent.exe
2014-11-15 23:45 - 2014-10-11 00:58 - 03320320 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2014-11-15 23:45 - 2014-10-11 00:53 - 03607040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2014-11-15 23:45 - 2014-10-08 07:30 - 00110080 _____ (Microsoft Corporation) C:\WINDOWS\system32\appinfo.dll
2014-11-15 23:45 - 2014-10-08 07:09 - 00428032 _____ (Microsoft Corporation) C:\WINDOWS\system32\msihnd.dll
2014-11-15 23:45 - 2014-10-08 06:27 - 00325120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msihnd.dll
2014-11-15 23:45 - 2014-10-08 05:32 - 02773504 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2014-11-15 23:45 - 2014-10-08 05:19 - 02459136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2014-11-15 23:44 - 2014-09-27 07:13 - 00104336 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncryptsslp.dll
2014-11-15 23:44 - 2014-09-27 05:24 - 00088800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncryptsslp.dll
2014-11-15 23:44 - 2014-09-27 03:38 - 00426496 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2014-11-15 23:44 - 2014-09-27 03:30 - 00185856 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpapisrv.dll
2014-11-15 23:44 - 2014-09-27 03:17 - 00357376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2014-11-15 23:40 - 2014-10-10 01:58 - 00177472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2014-11-15 23:40 - 2014-10-10 01:58 - 00027456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdpvideominiport.sys
2014-11-15 23:40 - 2014-10-10 01:44 - 00563976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2014-11-15 23:40 - 2014-10-08 07:37 - 00736768 _____ (Microsoft Corporation) C:\WINDOWS\system32\adtschema.dll
2014-11-15 23:40 - 2014-10-08 07:37 - 00154112 _____ (Microsoft Corporation) C:\WINDOWS\system32\msaudite.dll
2014-11-15 23:40 - 2014-10-08 07:34 - 00131584 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2014-11-15 23:40 - 2014-10-08 07:24 - 00040448 _____ (Microsoft Corporation) C:\WINDOWS\system32\rfxvmt.dll
2014-11-15 23:40 - 2014-10-08 06:56 - 00445440 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll
2014-11-15 23:40 - 2014-10-08 06:51 - 00736768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\adtschema.dll
2014-11-15 23:40 - 2014-10-08 06:51 - 00154112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msaudite.dll
2014-11-15 23:40 - 2014-10-08 06:18 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll
2014-11-15 23:40 - 2014-10-08 06:17 - 01441792 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2014-11-15 23:40 - 2014-10-08 05:23 - 03547648 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2014-11-15 23:38 - 2014-10-31 05:28 - 25110016 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-11-15 23:38 - 2014-10-31 03:42 - 19781632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-11-15 23:38 - 2014-10-18 09:55 - 00055776 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2014-11-15 23:38 - 2014-10-18 08:09 - 00060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2014-11-15 23:38 - 2014-10-18 08:09 - 00051712 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2014-11-15 23:38 - 2014-10-18 07:25 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wups.dll
2014-11-15 23:38 - 2014-10-18 06:50 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaext.dll
2014-11-15 23:38 - 2014-10-18 06:38 - 03557376 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2014-11-15 23:38 - 2014-10-18 06:27 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapp.exe
2014-11-15 23:38 - 2014-10-18 06:26 - 00140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuwebv.dll
2014-11-15 23:38 - 2014-10-18 06:23 - 00407552 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll
2014-11-15 23:38 - 2014-10-18 06:23 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2014-11-15 23:38 - 2014-10-18 06:21 - 00894976 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2014-11-15 23:38 - 2014-10-18 06:20 - 01714176 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll
2014-11-15 23:38 - 2014-10-18 06:14 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuwebv.dll
2014-11-15 23:38 - 2014-10-18 06:14 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapp.exe
2014-11-15 23:38 - 2014-10-18 06:12 - 00081920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2014-11-15 23:38 - 2014-10-18 06:11 - 00723968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2014-11-15 23:38 - 2014-10-17 07:01 - 00789184 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2014-11-15 23:38 - 2014-10-17 06:58 - 00602768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2014-11-15 23:37 - 2014-10-31 04:50 - 06040064 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2014-11-15 23:37 - 2014-10-31 03:59 - 14390272 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2014-11-15 23:37 - 2014-10-31 02:46 - 04298240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2014-11-15 23:37 - 2014-10-31 02:30 - 12819456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2014-11-15 23:36 - 2014-10-31 05:12 - 00143872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wextract.exe
2014-11-15 23:36 - 2014-10-31 05:12 - 00013824 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshta.exe
2014-11-15 23:36 - 2014-10-31 05:10 - 00167424 _____ (Microsoft Corporation) C:\WINDOWS\system32\iexpress.exe
2014-11-15 23:36 - 2014-10-31 05:09 - 00064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\pngfilt.dll
2014-11-15 23:36 - 2014-10-31 05:08 - 00012800 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeedssync.exe
2014-11-15 23:36 - 2014-10-31 05:06 - 00580096 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2014-11-15 23:36 - 2014-10-31 05:06 - 00237568 _____ (Microsoft Corporation) C:\WINDOWS\system32\url.dll
2014-11-15 23:36 - 2014-10-31 05:06 - 00066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll
2014-11-15 23:36 - 2014-10-31 05:06 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwproxystub.dll
2014-11-15 23:36 - 2014-10-31 05:05 - 02884096 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2014-11-15 23:36 - 2014-10-31 05:05 - 00417280 _____ (Microsoft Corporation) C:\WINDOWS\system32\html.iec
2014-11-15 23:36 - 2014-10-31 05:04 - 00088064 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
2014-11-15 23:36 - 2014-10-31 04:57 - 00054784 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2014-11-15 23:36 - 2014-10-31 04:56 - 00034304 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll
2014-11-15 23:36 - 2014-10-31 04:54 - 00132096 _____ (Microsoft Corporation) C:\WINDOWS\system32\IEAdvpack.dll
2014-11-15 23:36 - 2014-10-31 04:53 - 00633856 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieui.dll
2014-11-15 23:36 - 2014-10-31 04:52 - 00108544 _____ (Microsoft Corporation) C:\WINDOWS\system32\hlink.dll
2014-11-15 23:36 - 2014-10-31 04:51 - 00812544 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2014-11-15 23:36 - 2014-10-31 04:51 - 00144384 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieUnatt.exe
2014-11-15 23:36 - 2014-10-31 04:51 - 00114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollector.exe
2014-11-15 23:36 - 2014-10-31 04:50 - 00814080 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2014-11-15 23:36 - 2014-10-31 04:40 - 00033280 _____ (Microsoft Corporation) C:\WINDOWS\system32\licmgr10.dll
2014-11-15 23:36 - 2014-10-31 04:38 - 00490496 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtmsft.dll
2014-11-15 23:36 - 2014-10-31 04:30 - 00077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\JavaScriptCollectionAgent.dll
2014-11-15 23:36 - 2014-10-31 04:29 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesysprep.dll
2014-11-15 23:36 - 2014-10-31 04:29 - 00087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdc.ocx
2014-11-15 23:36 - 2014-10-31 04:28 - 00107520 _____ (Microsoft Corporation) C:\WINDOWS\system32\inseng.dll
2014-11-15 23:36 - 2014-10-31 04:25 - 00199680 _____ (Microsoft Corporation) C:\WINDOWS\system32\msrating.dll
2014-11-15 23:36 - 2014-10-31 04:24 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2014-11-15 23:36 - 2014-10-31 04:24 - 00060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeedsbs.dll
2014-11-15 23:36 - 2014-10-31 04:23 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2014-11-15 23:36 - 2014-10-31 04:21 - 00316928 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2014-11-15 23:36 - 2014-10-31 04:19 - 00152064 _____ (Microsoft Corporation) C:\WINDOWS\system32\occache.dll
2014-11-15 23:36 - 2014-10-31 04:15 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2014-11-15 23:36 - 2014-10-31 04:08 - 00262144 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2014-11-15 23:36 - 2014-10-31 04:06 - 00372736 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2014-11-15 23:36 - 2014-10-31 04:05 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2014-11-15 23:36 - 2014-10-31 04:05 - 00716800 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2014-11-15 23:36 - 2014-10-31 04:03 - 02124288 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2014-11-15 23:36 - 2014-10-31 03:45 - 02365440 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2014-11-15 23:36 - 2014-10-31 03:44 - 02865152 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2014-11-15 23:36 - 2014-10-31 03:42 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\system32\imgutil.dll
2014-11-15 23:36 - 2014-10-31 03:32 - 01550336 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2014-11-15 23:36 - 2014-10-31 03:28 - 00137728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wextract.exe
2014-11-15 23:36 - 2014-10-31 03:28 - 00012800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshta.exe
2014-11-15 23:36 - 2014-10-31 03:27 - 00152064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iexpress.exe
2014-11-15 23:36 - 2014-10-31 03:26 - 00057344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pngfilt.dll
2014-11-15 23:36 - 2014-10-31 03:25 - 00011264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeedssync.exe
2014-11-15 23:36 - 2014-10-31 03:24 - 00501248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2014-11-15 23:36 - 2014-10-31 03:24 - 00235520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\url.dll
2014-11-15 23:36 - 2014-10-31 03:24 - 00062464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesetup.dll
2014-11-15 23:36 - 2014-10-31 03:23 - 00340992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\html.iec
2014-11-15 23:36 - 2014-10-31 03:23 - 00047616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieetwproxystub.dll
2014-11-15 23:36 - 2014-10-31 03:22 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll
2014-11-15 23:36 - 2014-10-31 03:20 - 00799232 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2014-11-15 23:36 - 2014-10-31 03:18 - 02277376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2014-11-15 23:36 - 2014-10-31 03:16 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2014-11-15 23:36 - 2014-10-31 03:15 - 00030720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iernonce.dll
2014-11-15 23:36 - 2014-10-31 03:14 - 00112128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IEAdvpack.dll
2014-11-15 23:36 - 2014-10-31 03:13 - 00478208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieui.dll
2014-11-15 23:36 - 2014-10-31 03:13 - 00099328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hlink.dll
2014-11-15 23:36 - 2014-10-31 03:12 - 00661504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2014-11-15 23:36 - 2014-10-31 03:12 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieUnatt.exe
2014-11-15 23:36 - 2014-10-31 03:11 - 00620032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2014-11-15 23:36 - 2014-10-31 03:03 - 00027136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\licmgr10.dll
2014-11-15 23:36 - 2014-10-31 03:02 - 00418304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtmsft.dll
2014-11-15 23:36 - 2014-10-31 02:57 - 00060416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JavaScriptCollectionAgent.dll
2014-11-15 23:36 - 2014-10-31 02:56 - 00091136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inseng.dll
2014-11-15 23:36 - 2014-10-31 02:56 - 00090624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesysprep.dll
2014-11-15 23:36 - 2014-10-31 02:56 - 00073216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdc.ocx
2014-11-15 23:36 - 2014-10-31 02:53 - 00168960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrating.dll
2014-11-15 23:36 - 2014-10-31 02:53 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeedsbs.dll
2014-11-15 23:36 - 2014-10-31 02:52 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2014-11-15 23:36 - 2014-10-31 02:51 - 00128000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2014-11-15 23:36 - 2014-10-31 02:50 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2014-11-15 23:36 - 2014-10-31 02:48 - 00130048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\occache.dll
2014-11-15 23:36 - 2014-10-31 02:46 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2014-11-15 23:36 - 2014-10-31 02:42 - 00230400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2014-11-15 23:36 - 2014-10-31 02:40 - 00688640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2014-11-15 23:36 - 2014-10-31 02:40 - 00325632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2014-11-15 23:36 - 2014-10-31 02:39 - 02051072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2014-11-15 23:36 - 2014-10-31 02:26 - 01042944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2014-11-15 23:36 - 2014-10-31 02:24 - 00040448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\imgutil.dll
2014-11-15 23:36 - 2014-10-31 02:17 - 01892864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2014-11-15 23:36 - 2014-10-31 02:13 - 01310208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2014-11-15 23:36 - 2014-10-31 02:11 - 00708096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2014-11-15 23:33 - 2014-10-23 05:48 - 00081408 _____ (Microsoft Corporation) C:\WINDOWS\system32\packager.dll
2014-11-15 23:33 - 2014-10-23 05:05 - 00072192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\packager.dll
2014-11-15 23:33 - 2014-08-23 05:18 - 02149376 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2014-11-15 23:33 - 2014-08-23 05:03 - 01346048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2014-11-15 23:32 - 2014-10-07 03:30 - 04182016 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2014-11-15 23:30 - 2014-10-07 06:28 - 00500016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2014-11-15 23:30 - 2014-10-07 06:27 - 00482872 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2014-11-15 23:30 - 2014-10-07 06:27 - 00394120 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2014-11-15 23:30 - 2014-10-07 06:27 - 00272248 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2014-11-15 23:30 - 2014-10-07 06:27 - 00108432 _____ (Microsoft Corporation) C:\WINDOWS\system32\EncDump.dll
2014-11-15 23:30 - 2014-10-07 03:34 - 00370424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2014-11-15 23:30 - 2014-10-07 03:34 - 00344536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AUDIOKSE.dll
2014-11-15 23:30 - 2014-10-07 03:33 - 00424544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2014-11-15 23:30 - 2014-10-07 01:54 - 00226304 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2014-11-15 23:30 - 2014-10-07 01:46 - 00911360 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2014-11-15 22:17 - 2014-11-15 22:17 - 00000898 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3815044672-3107833778-2507571291-1001Core1d00121f6956c9c.job
 
==================== One Month Modified Files and Folders =======
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2014-12-07 22:42 - 2013-02-11 18:06 - 00000956 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3815044672-3107833778-2507571291-1001UA.job
2014-12-07 22:39 - 2014-01-01 15:52 - 00000000 ____D () C:\Users\Betrayed\AppData\Roaming\Skype
2014-12-07 22:39 - 2013-02-22 19:22 - 00000000 ___RD () C:\Users\Betrayed\Dropbox
2014-12-07 22:39 - 2013-02-22 19:19 - 00000000 ____D () C:\Users\Betrayed\AppData\Roaming\Dropbox
2014-12-07 22:38 - 2014-04-16 14:07 - 01363374 _____ () C:\WINDOWS\WindowsUpdate.log
2014-12-07 22:38 - 2014-02-04 21:41 - 00000000 ____D () C:\ProgramData\VMware
2014-12-07 22:38 - 2013-11-27 20:05 - 00000478 ____H () C:\WINDOWS\Tasks\SK.Enhancer-S-161304646.job
2014-12-07 22:38 - 2013-08-10 12:22 - 00000404 ____H () C:\WINDOWS\Tasks\MagniPicUpdaterTask{A41D3767-63DC-41A8-A0C1-2205A1A46D08}.job
2014-12-07 22:38 - 2013-01-03 17:53 - 00000920 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-12-07 22:37 - 2013-08-22 14:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-12-07 22:00 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2014-12-07 21:57 - 2013-03-26 11:20 - 00000830 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2014-12-07 21:29 - 2013-01-03 17:53 - 00000924 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-12-07 21:24 - 2014-07-03 15:03 - 00000412 _____ () C:\WINDOWS\Tasks\update-sys.job
2014-12-07 19:58 - 2013-04-04 19:55 - 00000418 _____ () C:\WINDOWS\Tasks\update-S-1-5-21-3815044672-3107833778-2507571291-1001.job
2014-12-07 19:49 - 2013-01-06 19:13 - 00000000 ____D () C:\Users\Betrayed\AppData\Local\CrashDumps
2014-12-07 19:47 - 2014-05-22 18:03 - 00119296 _____ () C:\WINDOWS\SysWOW64\zlib.dll
2014-12-06 20:32 - 2013-08-22 13:25 - 00262144 ___SH () C:\WINDOWS\system32\config\BBI
2014-12-06 19:36 - 2013-01-03 16:02 - 00000000 ____D () C:\Users\Betrayed\AppData\Local\Adobe
2014-12-06 19:12 - 2013-06-19 18:07 - 00000976 _____ () C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-3815044672-3107833778-2507571291-1001UA.job
2014-12-06 19:12 - 2013-06-19 18:07 - 00000954 _____ () C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-3815044672-3107833778-2507571291-1001Core.job
2014-12-06 18:02 - 2013-01-03 17:42 - 00003600 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3815044672-3107833778-2507571291-1001
2014-12-06 17:53 - 2014-06-15 11:43 - 00000000 ____D () C:\Program Files (x86)\IDM Computer Solutions
2014-12-06 17:53 - 2012-08-03 02:28 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-12-06 17:36 - 2012-07-26 07:59 - 00000000 ____D () C:\WINDOWS\CbsTemp
2014-12-06 16:49 - 2013-10-20 07:17 - 00000000 ____D () C:\ProgramData\Oracle
2014-12-06 16:49 - 2013-03-10 14:48 - 00000000 ____D () C:\Program Files (x86)\Java
2014-12-06 16:43 - 2014-01-01 15:52 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-12-06 16:42 - 2013-01-22 16:43 - 00000000 ____D () C:\Program Files (x86)\QuickTime
2014-12-06 16:39 - 2013-10-05 09:37 - 00000000 ____D () C:\Users\Betrayed\AppData\Local\AOL
2014-12-06 16:37 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2014-12-06 16:30 - 2013-11-14 12:45 - 00960752 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-12-05 22:44 - 2013-08-22 14:44 - 05331728 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2014-12-04 17:41 - 2013-11-14 12:29 - 00000000 ____D () C:\Program Files\Windows Journal
2014-12-04 17:41 - 2013-08-22 15:36 - 00000000 ___RD () C:\WINDOWS\ToastData
2014-12-04 17:41 - 2013-08-22 15:36 - 00000000 ___RD () C:\WINDOWS\ImmersiveControlPanel
2014-12-04 17:41 - 2013-08-22 15:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-12-04 17:41 - 2013-08-22 15:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-12-04 17:41 - 2013-08-22 15:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-12-04 17:41 - 2013-08-22 15:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-12-04 17:41 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\WinStore
2014-12-04 17:41 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\setup
2014-12-04 17:41 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\InputMethod
2014-12-04 17:41 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\SysWOW64\en-GB
2014-12-04 17:41 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\system32\setup
2014-12-04 17:41 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\system32\en-GB
2014-12-04 17:41 - 2013-08-22 15:36 - 00000000 ____D () C:\Program Files\Windows Defender
2014-12-04 17:41 - 2013-08-22 15:36 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
2014-12-04 17:41 - 2013-08-22 13:36 - 00000000 ____D () C:\WINDOWS\system32\oobe
2014-12-04 17:21 - 2013-08-21 18:09 - 00000000 ____D () C:\Program Files (x86)\Cain
2014-12-04 17:21 - 2013-02-16 19:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cain
2014-12-04 17:11 - 2013-07-31 13:08 - 00006197 _____ () C:\Users\Betrayed\ovpntray.log
2014-12-04 16:58 - 2014-07-17 15:24 - 00000000 ___DC () C:\Users\Betrayed\AppData\Local\MigWiz
2014-12-04 16:58 - 2014-01-26 12:43 - 00000000 ____D () C:\WINDOWS\Minidump
2014-12-04 16:58 - 2013-11-13 18:08 - 00000000 ____D () C:\ProgramData\BlueStacksSetup
2014-12-04 16:58 - 2013-04-07 16:47 - 00000000 ____D () C:\Users\Betrayed\AppData\Roaming\TeamViewer
2014-12-04 16:54 - 2013-12-07 15:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2014-12-04 16:54 - 2013-12-07 15:34 - 00000000 ____D () C:\Program Files\CCleaner
2014-12-04 16:48 - 2014-02-16 09:32 - 00002457 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-12-04 16:47 - 2014-02-15 14:33 - 00001846 _____ () C:\WINDOWS\Sandboxie.ini
2014-12-04 16:47 - 2013-12-31 17:41 - 00000000 ____D () C:\Users\Betrayed
2014-12-04 16:46 - 2013-12-31 18:28 - 00000000 ___RD () C:\Users\Betrayed\SkyDrive
2014-12-04 16:39 - 2013-08-22 13:25 - 00262144 ___SH () C:\WINDOWS\system32\config\ELAM
2014-12-04 16:33 - 2012-08-27 04:54 - 00000000 ____D () C:\ProgramData\Norton
2014-12-04 00:14 - 2013-09-13 18:34 - 00000000 ____D () C:\Program Files (x86)\Microsoft ASP.NET
2014-12-04 00:14 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\MediaViewer
2014-12-04 00:14 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\FileManager
2014-12-04 00:14 - 2013-08-22 15:36 - 00000000 ____D () C:\WINDOWS\Camera
2014-12-04 00:14 - 2013-04-25 15:17 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-12-04 00:13 - 2013-07-23 16:28 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-12-04 00:08 - 2014-01-05 15:32 - 00057096 _____ (COMODO CA Limited) C:\WINDOWS\system32\certsentry.dll
2014-12-04 00:08 - 2014-01-05 15:32 - 00048392 _____ (COMODO CA Limited) C:\WINDOWS\SysWOW64\certsentry.dll
2014-12-03 19:59 - 2013-04-04 19:55 - 00000455 _____ () C:\Users\Betrayed\AppData\Local\UserProducts.xml
2014-12-03 19:59 - 2013-04-04 19:55 - 00000000 ____D () C:\Users\Betrayed\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\LightShot
2014-12-03 19:57 - 2013-03-26 11:20 - 00003718 _____ () C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2014-11-16 22:31 - 2014-05-11 12:28 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-11-16 22:24 - 2013-01-03 17:53 - 00003896 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2014-11-16 22:24 - 2013-01-03 17:53 - 00003660 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2014-11-15 23:53 - 2013-01-03 18:40 - 00000000 ____D () C:\Users\Betrayed\AppData\Roaming\Mozilla
2014-11-15 22:18 - 2014-10-19 13:49 - 00000000 ____D () C:\Users\Betrayed\AppData\Local\Popcorn-Time
2014-11-15 22:17 - 2014-06-24 15:43 - 00000898 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3815044672-3107833778-2507571291-1001Core1cf8fc34a17564.job
2014-11-15 22:17 - 2013-02-22 19:20 - 00000000 ____D () C:\Users\Betrayed\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
 
Some content of TEMP:
====================
C:\Users\Betrayed\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpwxdsvb.dll
 
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2014-12-06 20:26
 
==================== End Of Log ============================
 
 
 
 
 
Addition.txt:
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 07-12-2014 02
Ran by Betrayed at 2014-12-07 22:46:16
Running from C:\Users\Betrayed\Desktop
Boot Mode: Normal
==========================================================
 
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Norton Internet Security (Disabled - Out of date) {D87FA2C0-F526-77B1-D6EC-0EDF3936CEDB}
AS: Norton Internet Security (Disabled - Out of date) {631E4324-D31C-783F-EC5C-35AD42B18466}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Norton Internet Security (Disabled) {E04423E5-BF49-76E9-FDB3-A7EAC7E589A0}
 
==================== Installed Programs ======================
 
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
 clear.fi SDK - Video 2 (x32 Version: 2.1.1910 - CyberLink Corp.) Hidden
 clear.fi SDK- Movie 2 (x32 Version: 2.1.1910 - CyberLink Corp.) Hidden
 Tools for .Net 3.5 (x32 Version: 3.11.50727 - Microsoft Corporation) Hidden
µTorrent (HKU\S-1-5-21-3815044672-3107833778-2507571291-1001\...\uTorrent) (Version: 3.4.1.31139 - BitTorrent Inc.)
7 Days to Die (HKLM-x32\...\Steam App 251570) (Version:  - The Fun Pimps)
Ace Stream Media 3.0.3 (HKU\S-1-5-21-3815044672-3107833778-2507571291-1001\...\AceStream) (Version: 3.0.3 - Ace Stream Media)
Acer Backup Manager (HKLM-x32\...\InstallShield_{9DDDF20E-9FD1-4434-A43E-E7889DBC9420}) (Version: 4.0.0.0053 - NTI Corporation)
Acer Device Fast-lane (HKLM\...\{3F62D2FD-13C1-49A2-8B5D-47623D9460D7}) (Version: 1.00.3003 - Acer Incorporated)
Acer Instant Update Service (HKLM\...\{D32367AC-8FCA-4DE8-A2C6-037AE14B4001}) (Version: 1.00.3012 - Acer Incorporated)
Acer Power Management (HKLM\...\{91F52DE4-B789-42B0-9311-A349F10E5479}) (Version: 7.00.3003 - Acer Incorporated)
Acer Recovery Management (HKLM\...\{07F2005A-8CAC-4A4B-83A2-DA98A722CA61}) (Version: 6.00.3006 - Acer Incorporated)
AcerCloud (HKLM-x32\...\{A5AD0B17-F34D-49BE-A157-C8B3D52ACD13}) (Version: 2.01.3112 - Acer Incorporated)
AcerCloud Docs (HKLM-x32\...\{CA4FE8B0-298C-4E5D-A486-F33B126D6A0A}) (Version: 1.00.3103 - Acer Incorporated)
Adobe After Effects CS6 (HKLM-x32\...\{4817D846-700B-474E-A31B-80892B3E92E3}) (Version: 11.0.3 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.8.0.870 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 2.2.1.260 - Adobe Systems Incorporated)
Adobe Download Assistant (HKLM-x32\...\com.adobe.downloadassistant.AdobeDownloadAssistant) (Version: 1.2.3 - Adobe Systems Incorporated)
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.239 - Adobe Systems Incorporated)
Adobe Help Manager (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 4.0.244 - Adobe Systems Incorporated)
Adobe Illustrator CS6 (HKLM-x32\...\{4869414E-7AEA-4C8E-BE1C-8D40977FD517}) (Version: 16.0 - Adobe Systems Incorporated)
Adobe Photoshop CC (HKLM-x32\...\{2D99B50E-431D-4AA8-85C1-172A6F8BCF09}) (Version: 14.0 - Adobe Systems Incorporated)
Adobe Pixel Bender Toolkit 2 (HKLM-x32\...\{D5CC77BE-BC5B-424E-8E45-DF60AFF7BE9C}) (Version: 2.0 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.09) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.09 - Adobe Systems Incorporated)
Any Video Converter 5.0.5 (HKLM-x32\...\Any Video Converter_is1) (Version:  - Any-Video-Converter.com)
AOMEI Partition Assistant Standard Edition 5.5 (HKLM-x32\...\{02F850ED-FD0E-4ED1-BE0B-54981f5BD3D4}_is1) (Version:  - AOMEI Technology Co., Ltd.)
Apple Application Support (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{2EF5D87E-B7BD-458F-8428-E4D0B8B4E65C}) (Version: 7.0.0.117 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Audacity 2.0.5 (HKLM-x32\...\Audacity_is1) (Version: 2.0.5 - Audacity Team)
AzureTools.Notifications (x32 Version: 2.1.10731.1602 - Microsoft Corporation) Hidden
Backup Manager v4 (x32 Version: 4.0.0.0053 - NTI Corporation) Hidden
Bamboo (HKLM\...\Pen Tablet Driver) (Version: 5.3.0-3 - Wacom Technology Corp.)
Bamboo Dock (HKLM-x32\...\Bamboo Dock) (Version: 4.1 - Wacom Co., Ltd.)
Bamboo Dock (x32 Version: 4.1.0 - Wacom Europe GmbH) Hidden
Behaviors SDK (Windows Phone) for Visual Studio 2013 (x32 Version: 12.0.50429.0 - Microsoft Corporation) Hidden
Behaviors SDK (Windows) for Visual Studio 2013 (x32 Version: 12.0.50429.0 - Microsoft Corporation) Hidden
Bitcoin (HKU\S-1-5-21-3815044672-3107833778-2507571291-1001\...\Bitcoin) (Version: 0.8.6 - Bitcoin project)
BitTorrent (HKU\S-1-5-21-3815044672-3107833778-2507571291-1001\...\BitTorrent) (Version: 7.8.2.30445 - BitTorrent Inc.)
Blend for Visual Studio 2013 (x32 Version: 12.0.41002.1 - Microsoft Corporation) Hidden
Blend for Visual Studio 2013 ENU resources (x32 Version: 12.0.41002.1 - Microsoft Corporation) Hidden
Blend for Visual Studio Add-in for Adobe FXG Import (x32 Version: 1.0.40218.0 - Microsoft Corporation) Hidden
Blend for Visual Studio SDK for .NET 4.5 (x32 Version: 3.0.40218.0 - Microsoft Corporation) Hidden
Blend for Visual Studio SDK for Silverlight 5 (x32 Version: 3.0.40218.0 - Microsoft Corporation) Hidden
BlueStacks App Player (HKLM-x32\...\BlueStacks App Player) (Version: 0.8.7.3069 - BlueStack Systems, Inc.)
BlueStacks Notification Center (HKLM-x32\...\{FE5ABB0E-EDEA-4023-B0FB-9DEA39A98D76}) (Version: 0.8.7.3069 - BlueStack Systems, Inc.)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
boujou 4 (HKLM-x32\...\{ECF8D4B4-FADB-492E-A79A-5BCEA02DB95D}) (Version: 4.0.1 - 2d3 Ltd.)
Broadcom Card Reader Driver Installer (HKLM\...\{F0A7DF2F-0BE0-470F-B137-D7A19F977189}) (Version: 15.4.4.2 - Broadcom Corporation)
Build Tools - amd64 (Version: 12.0.30501 - Microsoft Corporation) Hidden
Build Tools - x86 (x32 Version: 12.0.30501 - Microsoft Corporation) Hidden
Build Tools Language Resources - amd64 (Version: 12.0.30501 - Microsoft Corporation) Hidden
Build Tools Language Resources - x86 (x32 Version: 12.0.30501 - Microsoft Corporation) Hidden
Camtasia Studio 8 (HKLM-x32\...\{58C8CFA6-BE34-4DFE-91F5-D807F402DFC1}) (Version: 8.2.0.1416 - TechSmith Corporation)
CCleaner (HKLM\...\CCleaner) (Version: 5.00 - Piriform)
CINEMA 4D 13.061 (HKLM\...\MAXONFB05E576) (Version: 13.061 - MAXON Computer GmbH)
clear.fi Media (HKLM-x32\...\{E9AF1707-3F3A-49E2-8345-4F2D629D0876}) (Version: 2.01.3107 - Acer Incorporated)
clear.fi Photo (HKLM-x32\...\{B5AD89F2-03D3-4206-8487-018298007DD0}) (Version: 2.01.3107 - Acer Incorporated)
Comodo Dragon (HKLM-x32\...\Comodo Dragon) (Version: 36.1.1.21 - Comodo)
Complemento do Microsoft Report Viewer para Visual Studio 2013 (x32 Version: 11.1.3411.3 - Microsoft Corporation) Hidden
Complemento Microsoft Report Viewer para Visual Studio 2013 (x32 Version: 11.1.3411.3 - Microsoft Corporation) Hidden
Compon. agg. Microsoft Report Viewer per Visual Studio 2013 (x32 Version: 11.1.3411.3 - Microsoft Corporation) Hidden
Counter-Strike: Source (HKLM-x32\...\Steam App 240) (Version:  - Valve)
CyberLink MediaEspresso 6.5 (HKLM-x32\...\InstallShield_{E3739848-5329-48E3-8D28-5BBD6E8BE384}) (Version: 6.5.3103_44819 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DayZ (HKLM-x32\...\Steam App 221100) (Version:  - Bohemia Interactive)
Dead Island: Epidemic (HKLM-x32\...\Steam App 222900) (Version:  - Stunlock Studios)
Dotfuscator and Analytics Community Edition (x32 Version: 5.5.4954.46574 - PreEmptive Solutions) Hidden
Dropbox (HKU\S-1-5-21-3815044672-3107833778-2507571291-1001\...\Dropbox) (Version: 2.10.52 - Dropbox, Inc.)
Elgato Game Capture HD (HKLM-x32\...\{6BDD4237-E546-4CBB-91AA-292552B11CCE}) (Version: 1.42.23.538 - Elgato Systems GmbH)
Entity Framework 6.1.0 Tools  for Visual Studio 2013 (HKLM-x32\...\{D4635FB4-434D-4663-A4C8-CFC00FA9D24E}) (Version: 12.0.30228.0 - Microsoft Corporation)
Entity Framework Designer for Visual Studio 2012 - enu (HKLM-x32\...\{3F29268A-F53A-4387-9F2B-E9368A823178}) (Version: 11.1.30729.00 - Microsoft Corporation)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version:  - )
ETDWare PS/2-X64 11.6.11.002_WHQL (HKLM\...\Elantech) (Version: 11.6.11.002 - ELAN Microelectronic Corp.)
Facebook Video Calling 3.1.0.521 (HKLM-x32\...\{2091F234-EB58-4B80-8C96-8EB78C808CF7}) (Version: 3.1.521 - Skype Limited)
FileZilla Client 3.8.1 (HKU\S-1-5-21-3815044672-3107833778-2507571291-1001\...\FileZilla Client) (Version: 3.8.1 - Tim Kosse)
Freemake Video Converter version 4.0.1 (HKLM-x32\...\Freemake Video Converter_is1) (Version: 4.0.1 - Ellora Assets Corporation)
Garry's Mod (HKLM-x32\...\Steam App 4000) (Version:  - Facepunch Studios)
Garrys Mod version 13.07.05 (HKLM\...\{C8F834F5-46EA-4933-8AA9-F6CD7D29EED0}_is1) (Version: 13.07.05 - Strogino CS Portal)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 39.0.2171.71 - Google Inc.)
Google Talk Plugin (HKLM-x32\...\{0C5C1177-94C5-3EFB-A8BE-3F6AF1AF887F}) (Version: 5.38.6.0 - Google)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
GTCheck (HKU\S-1-5-21-3815044672-3107833778-2507571291-1001\...\8a174bae3b17bd9d) (Version: 1.0.0.0 - OfficialReprieved)
Gyazo 1.2 (HKLM-x32\...\{6DB8C365-E719-4BA5-9594-10DFC244D3FD}_is1) (Version:  - Nota Inc. & Toshiyuki Masui)
HASP HL Device Driver (HKLM-x32\...\HASP HL Device Driver) (Version:  - )
HitLeap Viewer 2.8 (HKLM-x32\...\{31B12C11-AE4E-479F-8D6D-242DC265368D}) (Version: 2.8 - HitLeap Ltd.)
HMA! Pro VPN 2.6.9 (HKLM-x32\...\HMA! Pro VPN) (Version: 2.6.9 - )
Horizon v2.7.6.0 (HKLM-x32\...\d4cfeebc-b821-40b7-9f81-d366b1466f03_is1) (Version: 2.7.6.0 - Daring Development Inc.)
HxD Hex Editor version 1.7.7.0 (HKLM-x32\...\HxD Hex Editor_is1) (Version: 1.7.7.0 - Maël Hörz)
iCloud (HKLM\...\{EAFB2AD8-D92B-464C-8D97-B9CB94703C4A}) (Version: 3.0.2.163 - Apple Inc.)
Identity Card (HKLM-x32\...\{3D9CB654-99AD-4301-89C6-0D12A790767C}) (Version: 2.00.3002 - Acer Incorporated)
IIS 8.0 Express (HKLM\...\{7BF61FA9-BDFB-4563-98AD-FCB0DA28CCC7}) (Version: 8.0.1557 - Microsoft Corporation)
IIS Express Application Compatibility Database for x64 (HKLM\...\{9f4f4a9b-eec5-4906-92fe-d1f43ccf5c8d}.sdb) (Version:  - )
IIS Express Application Compatibility Database for x86 (HKLM\...\{fdfba1f3-74ae-4255-9c10-a0f552b4610f}.sdb) (Version:  - )
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3412 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.5.0.1207 - Intel Corporation)
Intel® SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
IQmango Burner 4.5.1 (HKLM-x32\...\{6E21414A-F0F4-40D6-9DCD-3F11F6EE7854}_is1) (Version: 4.5.1 - cyan soft ltd)
iTunes (HKLM\...\{D601CEAD-2E4F-4BBB-85CC-C29A4CE6A3C0}) (Version: 11.1.3.8 - Apple Inc.)
Java 8 Update 25 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218025F0}) (Version: 8.0.250 - Oracle Corporation)
JavaScript Tooling (Version: 11.0.60315 - Microsoft Corporation) Hidden
join.me (HKU\S-1-5-21-3815044672-3107833778-2507571291-1001\...\JoinMe) (Version: 1.14.0.141 - LogMeIn, Inc.)
Lightshot-5.1.4.41 (HKLM-x32\...\{30A5B3C9-2084-4063-A32A-628A98DE512B}_is1) (Version: 5.1.4.41 - Skillbrains)
Live Updater (HKLM-x32\...\{EE26E302-876A-48D9-9058-3129E5B99999}) (Version: 2.00.3002 - Acer Incorporated)
LocalESPC (x32 Version: 8.59.29989 - Microsoft Corporation) Hidden
LocalESPC Dev12 (x32 Version: 8.100.25984 - Microsoft Corporation) Hidden
LocalESPCui for en-us Dev12 (x32 Version: 8.100.25984 - Microsoft) Hidden
Magic Bullet Suite 64-bit (HKLM-x32\...\InstallShield_{4D2F05BB-228E-4081-B94C-50AD015EE462}) (Version: 11.4.2 - Red Giant Software)
Magic Bullet Suite 64-bit (Version: 11.4.2 - Red Giant Software) Hidden
MagniPic (HKLM-x32\...\{EB03EF39-C655-D560-FA95-79182B837D64}) (Version: 2.2.0.1644 - MagniPic) <==== ATTENTION
Memory Profiler (x32 Version: 12.0.30501 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5 Multi-Targeting Pack (HKLM-x32\...\{56E962F0-4FB0-3C67-88DB-9EAA6EEFC493}) (Version: 4.5.50710 - Microsoft Corporation)
Microsoft .NET Framework 4.5 SDK (HKLM-x32\...\{4AE57014-05C4-4864-A13D-86517A7E1BA4}) (Version: 4.5.50710 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (ENU) (HKLM-x32\...\{D3517C62-68A5-37CF-92F7-93C029A89681}) (Version: 4.5.50932 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (HKLM-x32\...\{6A0C6700-EA93-372C-8871-DCCF13D160A4}) (Version: 4.5.50932 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 SDK (HKLM-x32\...\{19A5926D-66E1-46FC-854D-163AA10A52D3}) (Version: 4.5.51641 - Microsoft Corporation)
Microsoft ASP.NET MVC 3 (HKLM-x32\...\{D32EF103-4016-4C15-BCB0-700C0A7A2309}) (Version: 3.0.50813.0 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft ASP.NET Web Pages (HKLM-x32\...\{631471BE-DEAB-454B-A9AC-CE3EB42C28B3}) (Version: 1.0.20105.0 - Microsoft Corporation)
Microsoft Help Viewer 2.0 (HKLM-x32\...\Microsoft Help Viewer 2.0) (Version: 2.0.50727 - Microsoft Corporation)
Microsoft Help Viewer 2.1 (HKLM-x32\...\Microsoft Help Viewer 2.1) (Version: 2.1.21005 - Microsoft Corporation)
Microsoft Office Home and Student 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Silverlight 4 SDK (HKLM-x32\...\{189AEA94-DAFB-487A-8CEE-F9D3DDE0A748}) (Version: 4.0.60310.0 - Microsoft Corporation)
Microsoft Silverlight 5 SDK (HKLM-x32\...\{E1FBB3D4-ADB0-4949-B101-855DA061C735}) (Version: 5.0.61118.0 - Microsoft Corporation)
Microsoft SkyDrive (HKU\S-1-5-21-3815044672-3107833778-2507571291-1001\...\SkyDriveSetup.exe) (Version: 16.4.6013.0910 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server 2012 Command Line Utilities  (HKLM\...\{58FED865-4F13-408D-A5BF-996019C4B936}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Data-Tier App Framework  (HKLM-x32\...\{1B876496-B3A2-4D22-9B12-B608A3FD4B8B}) (Version: 11.1.2902.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Data-Tier App Framework  (x64) (HKLM\...\{A6BA243E-85A3-4635-A269-32949C98AC7F}) (Version: 11.1.2902.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Express LocalDB  (HKLM\...\{6C026A91-640F-4A23-8B68-05D589CC6F18}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Management Objects  (HKLM-x32\...\{2F7DBBE6-8EBC-495C-9041-46A772F4E311}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Management Objects  (x64) (HKLM\...\{43A5C316-9521-49C3-B9B6-FCE5E1005DF0}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Native Client  (HKLM\...\{D411E9C9-CE62-4DBF-9D92-4CB22B750ED5}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Transact-SQL Compiler Service  (HKLM\...\{BEB0F91E-F2EA-48A1-B938-7857ABF2A93D}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Transact-SQL ScriptDom  (HKLM\...\{54C5041B-0E91-4E92-8417-AAA12493C790}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 T-SQL Language Service  (HKLM-x32\...\{04DD7AF4-A6D3-4E30-9BB9-3B3670719234}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 SP1 x64 ENU (HKLM\...\{78909610-D229-459C-A936-25D92283D3FD}) (Version: 4.0.8876.1 - Microsoft Corporation)
Microsoft SQL Server Data Tools - enu (11.1.20828.01) (HKLM-x32\...\{4F2B8233-35EE-4197-8C3B-EACCBF712029}) (Version: 11.1.20828.01 - Microsoft Corporation)
Microsoft SQL Server Data Tools - enu (12.0.30919.1) (HKLM-x32\...\{0D7FCBFB-F478-4D32-901C-83F0BF5A3501}) (Version: 12.0.30919.1 - Microsoft Corporation)
Microsoft SQL Server Data Tools Build Utilities - enu (11.1.20828.01) (HKLM-x32\...\{FAE0523E-08A4-4717-8E8E-6EC6F32CBE88}) (Version: 11.1.20828.01 - Microsoft Corporation)
Microsoft SQL Server Data Tools Build Utilities - enu (12.0.30919.1) (HKLM-x32\...\{6781FF9B-E87D-4A03-9373-A55A288B83FA}) (Version: 12.0.30919.1 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (HKLM-x32\...\{A47FD1BF-A815-4A76-BE65-53A15BD5D25D}) (Version: 10.50.1600.1 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (x64) (HKLM\...\{4701DEDE-1888-49E0-BAE5-857875924CA2}) (Version: 10.50.1600.1 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2012 (HKLM-x32\...\{070C38AC-05CE-43DF-9A20-141332F6AB2B}) (Version: 11.1.3366.16 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2012 (x64) (HKLM\...\{05FF8209-C4F1-4C77-BC28-791653156D20}) (Version: 11.1.3366.16 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual Studio 2005 Tools for Office Runtime (HKLM-x32\...\Microsoft Visual Studio 2005 Tools for Office Runtime) (Version:  - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio Express 2012 for Windows Desktop - ENU (HKLM-x32\...\{e0efdce9-a486-4676-8aa5-65bb08cbf34c}) (Version: 11.0.50727.42 - Microsoft Corporation)
Microsoft Visual Studio Ultimate 2013 (HKLM-x32\...\{84e72603-1a6a-4c51-81b3-de36aabcc4f8}) (Version: 12.0.30501 - Microsoft Corporation)
Microsoft Web Deploy 3.5 (HKLM\...\{3674F088-9B90-473A-AAC3-20A00D8D810C}) (Version: 3.1237.1762 - Microsoft Corporation)
Microsoft Web Deploy dbSqlPackage Provider - enu (HKLM-x32\...\{E4C33F5B-1B2F-466E-957E-B274F08151A0}) (Version: 10.3.20225.0 - Microsoft Corporation)
Microsoft Web Platform Installer 4.0 (HKLM\...\{E2B8249D-895C-4685-8C83-00F3B1A13028}) (Version: 4.0.1622 - Microsoft Corporation)
Module Microsoft Report Viewer pour Visual Studio 2013 (x32 Version: 11.1.3411.3 - Microsoft Corporation) Hidden
MorphVOX Junior (HKLM-x32\...\{E6C7380F-15DD-445E-BA02-B7A180BA0A5A}) (Version: 2.8.1 - Screaming Bee)
MorphVOX Pro (HKLM-x32\...\{2D7CF073-6583-464A-84D4-F86DE59DCA42}) (Version: 4.4.8 - Screaming Bee)
Movie Maker (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Mozilla Firefox 30.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 30.0 (x86 en-US)) (Version: 30.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
MSVCRT Redists (Version: 1.0 - Sony Creative Software Inc.) Hidden
MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden
Mullvad (HKLM-x32\...\Product) (Version:  - )
MultiBit 0.5.17 (HKLM-x32\...\MultiBit 0.5.17) (Version: 0.5.17 - )
MultiBit 0.5.18 (HKLM-x32\...\MultiBit 0.5.18) (Version: 0.5.18 - )
NetTools 5.0 (HKLM-x32\...\NetTools_is1) (Version: 5.0 - Mohammad Ahmadi Bidakhvidi)
Nmap 6.46 (HKLM-x32\...\Nmap) (Version:  - )
No-IP DUC (HKLM-x32\...\NoIPDUC) (Version: 4.0.1 - Vitalwerks Internet Solutions LLC)
Norton Internet Security (HKLM-x32\...\NIS) (Version: 20.5.0.28 - Symantec Corporation)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.5.5 - Notepad++ Team)
NTI Media Maker 9 (HKLM-x32\...\InstallShield_{D3D5C4E8-040F-4C6F-8105-41D43CF94F44}) (Version: 9.0.2.9008 - NTI Corporation)
NTI Media Maker 9 (x32 Version: 9.0.2.9008 - NTI Corporation) Hidden
NVIDIA PhysX (HKLM-x32\...\{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}) (Version: 9.12.1031 - NVIDIA Corporation)
Office Addin (HKLM-x32\...\{6D2BBE1D-E600-4695-BA37-0B0E605542CC}) (Version: 2.01.3102 - Acer)
Open XML SDK 2.5 for Microsoft Office (x32 Version: 2.5.5631 - Microsoft Corporation) Hidden
OpenVPN 2.3.4-I002  (HKLM\...\OpenVPN) (Version: 2.3.4-I002 - )
oPryzeLP MC360 Mod Tool (HKLM-x32\...\oPryzeLP MC360 Mod Tool) (Version:  - )
Oracle VM VirtualBox 4.2.18 (HKLM\...\{230C9C86-26A9-437F-8152-34D5F4C3F680}) (Version: 4.2.18 - Oracle Corporation)
Pamela RME 2.0 (HKLM-x32\...\MoodEditor) (Version: 2.0 - Scendix Software-Vertriebsges. mbH)
PAYDAY 2 (HKLM-x32\...\Steam App 218620) (Version:  - OVERKILL - a Starbreeze Studio.)
PDF Settings CC (x32 Version: 12.0 - Adobe Systems Incorporated) Hidden
Photo Common (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Photo Gallery (x32 Version: 16.4.3505.0912 - Microsoft Corporation) Hidden
Pidgin (HKLM-x32\...\Pidgin) (Version: 2.10.9 - )
Pinnacle Game Profiler (HKLM-x32\...\{49BF48CC-ABB6-4795-9B35-B5DE005D8612}) (Version: 7.6.8 - PowerUp Software)
Pixel Bender Toolkit (HKLM-x32\...\Adobe_ca6764a9a650c02bbdf901e3c1d39d4) (Version: 1.5 - Adobe Systems Incorporated)
Pixel Bender Toolkit (x32 Version: 1.5 - Adobe Systems Incorporated) Hidden
Popcorn Time (HKLM-x32\...\Popcorn Time_is1) (Version: Beta 4.1 - Popcorn Time)
PreEmptive Analytics Visual Studio Components (x32 Version: 1.2.3197.1 - PreEmptive Solutions) Hidden
Prerequisites for SSDT  (HKLM-x32\...\{35C1D9D6-87C0-46A3-B1B4-EDBCC063221C}) (Version: 11.1.3000.0 - Microsoft Corporation)
Prism Video File Converter (HKLM-x32\...\Prism) (Version:  - NCH Software)
Proxifier version 3.21 (HKLM-x32\...\Proxifier_is1) (Version: 3.21 - Initex)
PSPad editor (HKLM-x32\...\PSPad editor_is1) (Version: 4.5.7.2450 - Jan Fiala)
Python Tools Redirection Template (x32 Version: 1.1 - Microsoft Corporation) Hidden
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.0.220 - Qualcomm Atheros Communications)
Qualcomm Atheros WLAN and Bluetooth Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 11.41 - Qualcomm Atheros)
Quickscope Simulator (HKU\S-1-5-21-3815044672-3107833778-2507571291-1001\...\Quickscope Simulator) (Version:  - )
Rainmeter (HKLM-x32\...\Rainmeter) (Version: 3.1 beta r2187 - )
RealFlow Plug-in for Cinema4D (HKLM-x32\...\RealFlowC4D) (Version: 1.0 - Next Limit)
RocketDock 1.3.5 (HKLM-x32\...\RocketDock_is1) (Version:  - Punk Software)
Sandboxie 4.08 (64-bit) (HKLM\...\Sandboxie) (Version: 4.08 - Sandboxie Holdings, LLC)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
SharePoint Client Components (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
SharePoint Client Components (Version: 16.0.2617.1200 - Microsoft Corporation) Hidden
Skype™ 6.16 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.16.105 - Skype Technologies S.A.)
Spotify (HKLM-x32\...\Spotify) (Version: 0.8.4.99.ga249b5f1 - Spotify AB)
Steam (HKLM-x32\...\Steam) (Version:  - Valve Corporation)
Sublime Text 2.0.2 (HKLM\...\Sublime Text 2_is1) (Version:  - )
TAP-Windows 9.9.2 (HKLM\...\TAP-Windows) (Version: 9.9.2 - )
Team Explorer for Microsoft Visual Studio 2013 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
TeamSpeak 3 Client (HKU\S-1-5-21-3815044672-3107833778-2507571291-1001\...\TeamSpeak 3 Client) (Version: 3.0.14 - TeamSpeak Systems GmbH)
TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.29480 - TeamViewer)
Twitch Suite (HKLM-x32\...\Twitch Suite) (Version: 1.0.0.0 - Socialstamp)
TypeScript Power Tool (x32 Version: 1.0.1.0 - Microsoft Corporation) Hidden
TypeScript Tools for Microsoft Visual Studio 2013 (x32 Version: 1.0.1.0 - Microsoft Corporation) Hidden
UltraCompare (HKLM-x32\...\InstallShield_{11EF223E-CCCB-4BCC-918D-EA4E59FD05EF}) (Version: 14.0.1003 - IDM Computer Solutions, Inc.)
UltraCompare (x32 Version: 14.0.1003 - IDM Computer Solutions, Inc.) Hidden
UltraUXThemePatcher (HKLM-x32\...\UltraUXThemePatcher) (Version: 2.2.0.0 - Manuel Hoefs (Zottel))
Update for  (KB2504637) (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}.KB2504637) (Version: 1 - Microsoft Corporation)
Vegas Pro 12.0 (64-bit) (HKLM\...\{EE45F85E-ED91-11E2-9CD7-F04DA23A5C58}) (Version: 12.0.670 - Sony)
Virtual Audio Cable 4.12 (HKLM\...\Virtual Audio Cable 4.12) (Version:  - )
Visual Studio 2012 Update 4 (KB2707250) (HKLM-x32\...\{312d9252-c71c-4c84-b171-f4ad46e22098}) (Version: 11.0.61030 - Microsoft Corporation)
Visual Studio 2013 Update 2 (KB2829760) (HKLM-x32\...\{3c348532-c3bd-4bae-a928-7b555f8c808f}) (Version: 12.0.30501 - Microsoft Corporation)
Visual Studio Tools for the Office system 3.0 Runtime (HKLM-x32\...\Visual Studio Tools for the Office system 3.0 Runtime) (Version:  - Microsoft Corporation)
Visual Studio Tools for the Office system 3.0 Runtime Service Pack 1 (KB949258) (HKLM-x32\...\{8FB53850-246A-3507-8ADE-0060093FFEA6}.KB949258) (Version: 1 - Microsoft Corporation)
VMware Player (HKLM-x32\...\VMware_Player) (Version: 5.0.3 - VMware, Inc)
VMware Player (Version: 5.0.3 - VMware, Inc.) Hidden
VS Update core components (x32 Version: 12.0.30501 - Microsoft Corporation) Hidden
VST Bridge 1.1 (HKLM-x32\...\VST Bridge_is1) (Version:  - )
WCF Data Services 5.6.0 Runtime (x32 Version: 5.6.61587.0 - Microsoft Corporation) Hidden
WCF Data Services Tools for Microsoft Visual Studio 2013 (x32 Version: 5.6.61587.0 - Microsoft Corporation) Hidden
WCF RIA Services V1.0 SP2 (HKLM-x32\...\{5D8DD6A8-C4D7-4554-93F9-F1CC28C72600}) (Version: 4.1.62812.0 - Microsoft Corporation)
WebTablet FB Plugin 32 bit (HKLM-x32\...\Wacom WebTabletPlugin for Internet Explorer and Netscape) (Version: 2.1.0.2 - Wacom Technology Corp.)
WebTablet FB Plugin 64 bit (HKLM\...\Wacom WebTabletPlugin for Internet Explorer and Netscape) (Version: 2.1.0.2 - Wacom Technology Corp.)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3505.0912 - Microsoft Corporation)
Windows Phone 8.1 Emulators - ENU (HKLM-x32\...\{940596e5-652a-4970-8a5a-492e73ed0fbb}) (Version: 12.0.30501.0 - Microsoft Corporation)
WinPcap 4.1.3 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2980 - Riverbed Technology, Inc.)
WinRAR 4.20 (64-bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
WinSCP 5.5.2 (HKLM-x32\...\winscp3_is1) (Version: 5.5.2 - Martin Prikryl)
Workflow Manager Client 1.0 (Version: 2.0.40131.0 - Microsoft Corporation) Hidden
Workflow Manager Tools 1.0 for Visual Studio (Version: 2.0.40326.0 - Microsoft Corporation) Hidden
Xpadder version 5.7 (HKLM-x32\...\{0DCE54A9-7256-4132-9D4E-1A64AE35E9B1}_is1) (Version: 5.7 - Xpadder, Inc.)
XSplit Broadcaster (HKLM-x32\...\{6459F338-FE52-4034-BCA7-74772DA0F24D}) (Version: 1.3.1403.1202 - SplitMediaLabs)
Надстройка Microsoft Report Viewer для Visual Studio 2013 (x32 Version: 11.1.3411.3 - Microsoft Corporation) Hidden
用于 Visual Studio 2013 的 Microsoft 报告查看器加载项 (x32 Version: 11.1.3411.3 - Microsoft Corporation) Hidden
 
==================== Custom CLSID (selected items): ==========================
 
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
 
CustomCLSID: HKU\S-1-5-21-3815044672-3107833778-2507571291-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Betrayed\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3815044672-3107833778-2507571291-1001_Classes\CLSID\{092dfa86-5807-5a94-bf3b-5a53ba9e5308}\InprocServer32 -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
CustomCLSID: HKU\S-1-5-21-3815044672-3107833778-2507571291-1001_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users\Betrayed\AppData\Local\Google\Update\1.3.23.9\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-3815044672-3107833778-2507571291-1001_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\Betrayed\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3815044672-3107833778-2507571291-1001_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\Betrayed\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3815044672-3107833778-2507571291-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Betrayed\AppData\Local\Google\Update\1.3.24.7\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-3815044672-3107833778-2507571291-1001_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\Betrayed\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3815044672-3107833778-2507571291-1001_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Betrayed\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\FileSyncApi64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3815044672-3107833778-2507571291-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Betrayed\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3815044672-3107833778-2507571291-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Betrayed\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3815044672-3107833778-2507571291-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Betrayed\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3815044672-3107833778-2507571291-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Betrayed\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3815044672-3107833778-2507571291-1001_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\Betrayed\AppData\Local\Google\Update\1.3.24.7\psuser_64.dll No File
 
==================== Restore Points  =========================
 
02-08-2014 15:54:26 Windows Update
26-09-2014 15:44:02 Windows Update
05-10-2014 15:12:08 Windows Update
19-10-2014 17:42:08 Windows Update
03-12-2014 19:57:13 Windows Update
06-12-2014 16:40:10 Removed eBay Worldwide
06-12-2014 16:40:41 Removed Java 7 Update 60
 
==================== Hosts content: ==========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2012-07-26 05:26 - 2014-06-16 18:38 - 00000768 ____A C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1 localhost
 
==================== Scheduled Tasks (whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
 
Task: {180DA133-B99C-407E-BE26-0126EC9665E2} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton Internet Security\Engine\20.5.0.28\WSCStub.exe [2014-04-29] (Symantec Corporation)
Task: {1B843814-A41A-4540-8B0D-7AC7C256EA5C} - System32\Tasks\MagniPicUpdaterTask{A41D3767-63DC-41A8-A0C1-2205A1A46D08} => C:\ProgramData\Premium\MagniPic\MagniPic.exe <==== ATTENTION
Task: {1ED5F109-1427-4E02-A3F1-39D0F3464580} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3815044672-3107833778-2507571291-1001UA => C:\Users\Betrayed\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-06-19] (Facebook Inc.)
Task: {233006A2-748D-47F9-95A2-4152382A3934} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {278E4EFD-4AC4-4DD4-9336-63927E1E06C8} - System32\Tasks\Red Giant Link => C:\Program Files (x86)\Red Giant Link\Red Giant Link.exe
Task: {2AC4B6F7-C312-45CC-B9EB-4D353954000F} - System32\Tasks\0 => Iexplore.exe  <==== ATTENTION
Task: {2C528F97-15D8-492B-AD42-ECDF217BAF33} - System32\Tasks\Norton Internet Security\Norton Error Processor => C:\Program Files (x86)\Norton Internet Security\Engine\20.5.0.28\SymErr.exe [2013-06-04] (Symantec Corporation)
Task: {30CB288C-6BF9-42BE-AE51-0CFA6103CBE5} - System32\Tasks\DeviceDetector => C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe [2012-07-04] (CyberLink)
Task: {3B00A1D6-9FBE-4ABB-B7C3-67B974B75E0E} - System32\Tasks\ALUAgent => C:\Program Files (x86)\Acer\Live Updater\liveupdater_agent.exe [2012-06-22] ()
Task: {40BCDA3B-584F-4811-8234-A2BFC86F6FD1} - System32\Tasks\SK.Enhancer-S-161304646 => c:\programdata\quickset\sk.enhancer\SK.Enhancer.exe <==== ATTENTION
Task: {51B174F7-817D-4345-B69F-9A6CD5BEB37A} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2014-10-31] (Microsoft Corporation)
Task: {5357B69A-41C0-43DD-9084-375DD42EABE2} - System32\Tasks\{FF37C7CD-52B5-4871-A836-7FC5B6DFAD52} => Chrome.exe http://ui.skype.com/...#38;page=tsMain
Task: {54498DAB-1531-4665-A7DF-2F4C3AADCBE6} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {56BFCE2F-77F3-4221-B64B-0C666CC2ACC8} - System32\Tasks\Norton Internet Security\Norton Error Analyzer => C:\Program Files (x86)\Norton Internet Security\Engine\20.5.0.28\SymErr.exe [2013-06-04] (Symantec Corporation)
Task: {64C39F44-0A36-49CD-A5E7-373D7F5172C7} - System32\Tasks\AdobeAAMUpdater-1.0-Betrayed-Betrayed => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2013-09-25] (Adobe Systems Incorporated)
Task: {6F56C231-7183-4700-B900-C5E65ABB6F0C} - System32\Tasks\{16017C9C-54C1-4BCF-B777-03BD71880644} => C:\Program Files (x86)\Skype\\Phone\Skype.exe [2014-05-08] (Skype Technologies S.A.)
Task: {75E1AF42-9433-4734-BF59-A44D30C59C16} - System32\Tasks\{98CB6309-34CF-4BC4-8030-F019D496CDC3} => Chrome.exe http://www.skype.com...8;LastError=404
Task: {93D98853-E984-434B-A482-9E107553E480} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3815044672-3107833778-2507571291-1001UA => C:\Users\Betrayed\AppData\Local\Google\Update\GoogleUpdate.exe [2013-01-25] (Google Inc.)
Task: {94EA158F-FA27-41BB-AF2C-9CBF20927675} - System32\Tasks\ALU => C:\Program Files (x86)\Acer\Live Updater\updater.exe [2012-07-13] ()
Task: {9ED32C6B-1544-4B98-9098-99B228E2955E} - System32\Tasks\iuBrowserIEAgent => C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuBrowserIEAgent.exe [2012-07-12] ()
Task: {A3115ACF-E423-4CF7-A287-72AF0D4ED9C8} - System32\Tasks\update-S-1-5-21-3815044672-3107833778-2507571291-1001 => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [2014-03-25] ()
Task: {A3A815B5-1246-4839-8A0A-AFB24376D3AB} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-11-21] (Piriform Ltd)
Task: {A59EC215-70A5-44FD-820E-F99ECC7D97A1} - System32\Tasks\iuEmailOutlookAgent => C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuEmailOutlookAgent.exe [2012-07-12] ()
Task: {A7F00A79-D938-42EE-B373-BCFD95A12160} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-08-09] (Google Inc.)
Task: {AC27E9B5-B4CB-49F2-9092-4654E894A1C8} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-12-03] (Adobe Systems Incorporated)
Task: {AECE9F94-A8CA-44FD-960C-30A481294084} - System32\Tasks\Power Management => C:\Program Files\Acer\Acer Power Management\ePowerTray.exe [2012-07-31] (Acer Incorporated)
Task: {BD6E7768-CFE5-4208-BAD7-62F799E735B1} - System32\Tasks\{12F3371F-E8CA-4367-9BFD-90CC06A3CB00} => Chrome.exe http://ui.skype.com/...?LastError=1603
Task: {CFD79D4D-61BE-4D92-8145-051F72816C87} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-08-09] (Google Inc.)
Task: {E0A3B2F1-3821-4A0B-8CC4-9938F5E01F97} - System32\Tasks\update-sys => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [2014-03-25] ()
Task: {F8BE3F6E-85B8-43F2-9342-0458616AD843} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3815044672-3107833778-2507571291-1001Core => C:\Users\Betrayed\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-06-19] (Facebook Inc.)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-3815044672-3107833778-2507571291-1001Core.job => C:\Users\Betrayed\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\WINDOWS\Tasks\FacebookUpdateTaskUserS-1-5-21-3815044672-3107833778-2507571291-1001UA.job => C:\Users\Betrayed\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3815044672-3107833778-2507571291-1001Core1cf8fc34a17564.job => C:\Users\Betrayed\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3815044672-3107833778-2507571291-1001Core1d00121f6956c9c.job => C:\Users\Betrayed\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3815044672-3107833778-2507571291-1001UA.job => C:\Users\Betrayed\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\MagniPicUpdaterTask{A41D3767-63DC-41A8-A0C1-2205A1A46D08}.job => C:\ProgramData\Premium\MagniPic\MagniPic.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\SK.Enhancer-S-161304646.job => c:\programdata\quickset\sk.enhancer\SK.Enhancer.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\update-S-1-5-21-3815044672-3107833778-2507571291-1001.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe
Task: C:\WINDOWS\Tasks\update-sys.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe
 
==================== Loaded Modules (whitelisted) =============
 
2014-04-08 18:29 - 2012-11-22 17:57 - 00057448 _____ () C:\WINDOWS\system32\PrxerNsp.dll
2013-10-16 18:02 - 2013-10-16 18:02 - 03358064 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll
2012-06-18 15:24 - 2012-06-18 15:24 - 00222720 _____ () C:\Program Files (x86)\Notepad++\NppShell_05.dll
2013-07-25 13:00 - 2012-11-14 12:45 - 01184640 _____ () C:\Program Files\Tablet\Pen\libxml2.dll
2013-01-28 14:45 - 2013-01-28 14:45 - 00011264 _____ () C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\ActivateDesktopDebugger\ActivateDesktopDebugger.dll
2013-01-28 14:42 - 2013-01-28 14:42 - 00084992 _____ () C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\Map\MAP.dll
2013-01-28 14:47 - 2013-01-28 14:47 - 00012928 _____ () C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ActivateDesktop.exe
2013-12-21 00:02 - 2013-12-21 00:02 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2013-11-10 16:51 - 2013-11-10 16:51 - 00036536 _____ () C:\Program Files\Rainmeter\Rainmeter.exe
2013-11-10 16:51 - 2013-11-10 16:51 - 00804536 _____ () C:\Program Files\Rainmeter\Rainmeter.dll
2014-05-01 19:29 - 2014-05-01 19:29 - 00098304 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext_64.dll
2012-10-16 09:39 - 2012-10-16 09:39 - 00646744 _____ () C:\Program Files (x86)\Bamboo Dock\BambooCore.exe
2013-10-16 18:01 - 2013-10-16 18:01 - 04624240 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
2013-01-11 11:08 - 2013-01-11 11:08 - 00039192 _____ () C:\Program Files\CCleaner\branding.dll
2012-07-12 23:01 - 2012-07-12 23:01 - 00025232 _____ () C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuEmailOutlookAgent.exe
2012-07-12 23:01 - 2012-07-12 23:01 - 00044176 _____ () C:\Program Files\Acer\Acer Instant Service\InstantUpdate\iuBrowserIEAgent.exe
2012-11-28 14:13 - 2012-11-28 14:13 - 00087952 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2012-11-28 14:13 - 2012-11-28 14:13 - 01242512 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2013-11-05 22:05 - 2013-11-05 22:05 - 01261272 _____ () C:\Program Files (x86)\VMware\VMware Player\libxml2.dll
2014-05-02 19:08 - 2012-05-30 14:51 - 00699280 ____R () C:\PROGRAM FILES (X86)\NORTON INTERNET SECURITY\ENGINE\20.5.0.28\wincfi39.dll
2014-01-03 11:03 - 2014-01-03 11:03 - 07816192 _____ () C:\Program Files (x86)\SplitMediaLabs\XSplit\avcodec-54.dll
2014-01-03 11:03 - 2014-01-03 11:03 - 01425920 _____ () C:\Program Files (x86)\SplitMediaLabs\XSplit\avformat-54.dll
2014-01-03 11:03 - 2014-01-03 11:03 - 00188416 _____ () C:\Program Files (x86)\SplitMediaLabs\XSplit\avutil-52.dll
2014-01-03 11:03 - 2014-01-03 11:03 - 00336896 _____ () C:\Program Files (x86)\SplitMediaLabs\XSplit\swscale-2.dll
2014-01-03 11:03 - 2014-01-03 11:03 - 00096256 _____ () C:\Program Files (x86)\SplitMediaLabs\XSplit\swresample-0.dll
2014-12-07 22:39 - 2014-12-07 22:39 - 00043008 _____ () c:\Users\Betrayed\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpwxdsvb.dll
2013-08-23 19:01 - 2013-08-23 19:01 - 25100288 _____ () C:\Users\Betrayed\AppData\Roaming\Dropbox\bin\libcef.dll
2012-07-30 23:04 - 2012-07-30 23:04 - 00465384 _____ () C:\Program Files (x86)\NTI\Acer Backup Manager\sqlite3.dll
2013-10-17 16:45 - 2013-10-17 16:45 - 32726528 _____ () C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\libcef.dll
2013-03-13 12:42 - 2013-06-05 13:21 - 00071560 _____ () C:\Program Files (x86)\Common Files\Adobe\CEPServiceManager4\zlib1.dll
2012-08-27 04:29 - 2012-06-25 17:41 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\ACE.dll
2014-06-01 09:08 - 2014-06-01 09:08 - 00035328 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext.dll
2014-05-24 16:41 - 2014-05-24 16:41 - 00091648 _____ () C:\Program Files (x86)\FileZilla FTP Client\libgcc_s_sjlj-1.dll
2014-05-24 16:41 - 2014-05-24 16:41 - 00892416 _____ () C:\Program Files (x86)\FileZilla FTP Client\libstdc++-6.dll
2014-12-03 20:31 - 2014-11-25 06:39 - 01077064 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.71\libglesv2.dll
2014-12-03 20:31 - 2014-11-25 06:39 - 00211272 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.71\libegl.dll
2014-12-03 20:31 - 2014-11-25 06:39 - 09009480 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.71\pdf.dll
2014-12-03 20:31 - 2014-11-25 06:39 - 01677128 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.71\ffmpegsumo.dll
 
==================== Alternate Data Streams (whitelisted) =========
 
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
 
AlternateDataStreams: C:\Windows:{DA6227CB-326B-4B4D-9A81-04B61F1538DD}
AlternateDataStreams: C:\WINDOWS\SysWOW64\zlib.dll:DocumentSummaryInformation
AlternateDataStreams: C:\WINDOWS\SysWOW64\zlib.dll:SummaryInformation
AlternateDataStreams: C:\WINDOWS\SysWOW64\zlib.dll:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d}
AlternateDataStreams: C:\Users\Betrayed\SkyDrive:ms-properties
 
==================== Safe Mode (whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
 
==================== EXE Association (whitelisted) =============
 
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
 
 
==================== MSCONFIG/TASK MANAGER disabled items =========
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-3815044672-3107833778-2507571291-1001\...\StartupApproved\Run: => "MoodEditor.exe"
HKU\S-1-5-21-3815044672-3107833778-2507571291-1001\...\StartupApproved\Run: => "vbc"
HKU\S-1-5-21-3815044672-3107833778-2507571291-1001\...\StartupApproved\Run: => "Viber"
HKU\S-1-5-21-3815044672-3107833778-2507571291-1001\...\StartupApproved\Run: => "se"
 
========================= Accounts: ==========================
 
Administrator (S-1-5-21-3815044672-3107833778-2507571291-500 - Administrator - Disabled)
Betrayed (S-1-5-21-3815044672-3107833778-2507571291-1001 - Administrator - Enabled) => C:\Users\Betrayed
Guest (S-1-5-21-3815044672-3107833778-2507571291-501 - Limited - Enabled)
 
==================== Faulty Device Manager Devices =============
 
Name: Bluetooth Audio Device
Description: Bluetooth Audio Device
Class Guid: {4d36e96c-e325-11ce-bfc1-08002be10318}
Manufacturer: Qualcomm Atheros Communications
Service: BTATH_A2DP
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
 
Name: Virtual Bluetooth Support (Include Audio)
Description: Virtual Bluetooth Support (Include Audio)
Class Guid: {c7c038ad-1f2d-44d4-b2fe-d912be20e6d5}
Manufacturer: Qualcomm Atheros Communications
Service: AthBTPort
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver
 
Name: Bluetooth LWFLT Device
Description: Bluetooth LWFLT Device
Class Guid: {c7c038ad-1f2d-44d4-b2fe-d912be20e6d5}
Manufacturer: Qualcomm Atheros Communications
Service: BTATH_LWFLT
Problem: : This device is not working properly because Windows cannot load the drivers required for this device. (Code 31)
Resolution: Update the driver
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (12/07/2014 07:48:45 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: BtvStack.exe, version: 8.0.0.220, time stamp: 0x51061e13
Faulting module name: audio.dll, version: 8.0.0.220, time stamp: 0x51061de7
Exception code: 0xc0000005
Fault offset: 0x000000000001aed8
Faulting process ID: 0x1290
Faulting application start time: 0xBtvStack.exe0
Faulting application path: BtvStack.exe1
Faulting module path: BtvStack.exe2
Report ID: BtvStack.exe3
Faulting package full name: BtvStack.exe4
Faulting package-relative application ID: BtvStack.exe5
 
Error: (12/06/2014 08:29:01 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Activation context generation failed for "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest1".Error in manifest or policy file "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest2" on line C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest.
Component 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest.
 
Error: (12/06/2014 08:01:26 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: Activation context generation failed for "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest1".Error in manifest or policy file "C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest2" on line C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifest.
Component 2: C:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifest.
 
Error: (12/06/2014 05:33:50 PM) (Source: Microsoft-Windows-RestartManager) (EventID: 10006) (User: BETRAYED)
Description: Application or service 'BlueStacks Agent' could not be shut down.
 
Error: (12/06/2014 05:33:00 PM) (Source: Microsoft-Windows-RestartManager) (EventID: 10006) (User: BETRAYED)
Description: Application or service 'BlueStacks Agent' could not be shut down.
 
Error: (12/06/2014 04:24:08 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: BtvStack.exe, version: 8.0.0.220, time stamp: 0x51061e13
Faulting module name: audio.dll, version: 8.0.0.220, time stamp: 0x51061de7
Exception code: 0xc0000005
Fault offset: 0x000000000001aed8
Faulting process ID: 0xa88
Faulting application start time: 0xBtvStack.exe0
Faulting application path: BtvStack.exe1
Faulting module path: BtvStack.exe2
Report ID: BtvStack.exe3
Faulting package full name: BtvStack.exe4
Faulting package-relative application ID: BtvStack.exe5
 
Error: (12/05/2014 10:48:37 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program Skype.exe version 6.16.66.105 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
 
Process ID: 824
 
Start Time: 01d010dd3344ea30
 
Termination Time: 4294967295
 
Application Path: C:\Program Files (x86)\Skype\Phone\Skype.exe
 
Report Id: d83e1071-7cd0-11e4-81de-083e8e29d2b2
 
Faulting package full name: 
 
Faulting package-relative application ID:
 
Error: (12/05/2014 10:47:39 PM) (Source: WTabletServiceCon) (EventID: 1) (User: )
Description: Prefs: Failed to get user path
 
Error: (12/05/2014 10:47:33 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: BtvStack.exe, version: 8.0.0.220, time stamp: 0x51061e13
Faulting module name: audio.dll, version: 8.0.0.220, time stamp: 0x51061de7
Exception code: 0xc0000005
Fault offset: 0x000000000001aed8
Faulting process ID: 0x8c0
Faulting application start time: 0xBtvStack.exe0
Faulting application path: BtvStack.exe1
Faulting module path: BtvStack.exe2
Report ID: BtvStack.exe3
Faulting package full name: BtvStack.exe4
Faulting package-relative application ID: BtvStack.exe5
 
Error: (12/04/2014 05:58:49 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: BtvStack.exe, version: 8.0.0.220, time stamp: 0x51061e13
Faulting module name: audio.dll, version: 8.0.0.220, time stamp: 0x51061de7
Exception code: 0xc0000005
Fault offset: 0x000000000001aed8
Faulting process ID: 0x126c
Faulting application start time: 0xBtvStack.exe0
Faulting application path: BtvStack.exe1
Faulting module path: BtvStack.exe2
Report ID: BtvStack.exe3
Faulting package full name: BtvStack.exe4
Faulting package-relative application ID: BtvStack.exe5
 
 
System errors:
=============
Error: (12/07/2014 10:38:19 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The PinnacleUpdate Service service terminated unexpectedly. It has done this 1 time(s).
 
Error: (12/07/2014 10:38:13 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The vcs service failed to start due to the following error: 
%%577
 
Error: (12/07/2014 10:38:12 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Hardlock service failed to start due to the following error: 
%%577
 
Error: (12/07/2014 10:38:02 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Assistant service to connect.
 
Error: (12/07/2014 07:47:56 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The PinnacleUpdate Service service terminated unexpectedly. It has done this 1 time(s).
 
Error: (12/07/2014 07:47:49 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The vcs service failed to start due to the following error: 
%%577
 
Error: (12/07/2014 07:47:49 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Hardlock service failed to start due to the following error: 
%%577
 
Error: (12/07/2014 07:47:37 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Assistant service to connect.
 
Error: (12/06/2014 08:15:56 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The PinnacleUpdate Service service terminated unexpectedly. It has done this 1 time(s).
 
Error: (12/06/2014 08:15:43 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The vcs service failed to start due to the following error: 
%%577
 
 
Microsoft Office Sessions:
=========================
Error: (12/07/2014 07:48:45 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: BtvStack.exe8.0.0.22051061e13audio.dll8.0.0.22051061de7c0000005000000000001aed8129001d01256bcc9a569C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exeC:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\Audio\audio.dll0d59845f-7e4a-11e4-81e1-083e8e29d2b2
 
Error: (12/06/2014 08:29:01 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifestC:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifestC:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe
 
Error: (12/06/2014 08:01:26 PM) (Source: SideBySide) (EventID: 78) (User: )
Description: C:\WINDOWS\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1.manifestC:\WINDOWS\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7.manifestC:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe
 
Error: (12/06/2014 05:33:50 PM) (Source: Microsoft-Windows-RestartManager) (EventID: 10006) (User: BETRAYED)
Description: 1C:\Program Files (x86)\BlueStacks\HD-Agent.exeBlueStacks Agent021176020163003A005C00770069006E0064006F00770073005C006D006900630072006F0073006F00660074002E006E00650074005C006600720061006D00650077006F0072006B005C00760034002E0030002E00330030003300310039005C006D00730063006F0072006500650069002E0064006C006C000000
 
Error: (12/06/2014 05:33:00 PM) (Source: Microsoft-Windows-RestartManager) (EventID: 10006) (User: BETRAYED)
Description: 1C:\Program Files (x86)\BlueStacks\HD-Agent.exeBlueStacks Agent021176020163003A005C00770069006E0064006F00770073005C006D006900630072006F0073006F00660074002E006E00650074005C006600720061006D00650077006F0072006B005C00760034002E0030002E00330030003300310039005C006D00730063006F0072006500650069002E0064006C006C000000
 
Error: (12/06/2014 04:24:08 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: BtvStack.exe8.0.0.22051061e13audio.dll8.0.0.22051061de7c0000005000000000001aed8a8801d01170f6a663f8C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exeC:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\Audio\audio.dll4d309931-7d64-11e4-81df-083e8e29d2b2
 
Error: (12/05/2014 10:48:37 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Skype.exe6.16.66.10582401d010dd3344ea304294967295C:\Program Files (x86)\Skype\Phone\Skype.exed83e1071-7cd0-11e4-81de-083e8e29d2b2
 
Error: (12/05/2014 10:47:39 PM) (Source: WTabletServiceCon) (EventID: 1) (User: )
Description: Prefs: Failed to get user path
 
Error: (12/05/2014 10:47:33 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: BtvStack.exe8.0.0.22051061e13audio.dll8.0.0.22051061de7c0000005000000000001aed88c001d010dd293522c9C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exeC:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\Audio\audio.dllb2dd27a2-7cd0-11e4-81de-083e8e29d2b2
 
Error: (12/04/2014 05:58:49 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: BtvStack.exe8.0.0.22051061e13audio.dll8.0.0.22051061de7c0000005000000000001aed8126c01d00febdb743416C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exeC:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\Audio\audio.dll32514139-7bdf-11e4-81dd-083e8e29d2b2
 
 
CodeIntegrity Errors:
===================================
  Date: 2014-12-07 22:38:13.171
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\Common Files\Avnex\vcs64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2014-12-07 22:38:12.381
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\hardlock.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2014-12-07 19:47:49.703
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\Common Files\Avnex\vcs64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2014-12-07 19:47:49.032
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\hardlock.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2014-12-06 20:15:43.084
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\Common Files\Avnex\vcs64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2014-12-06 20:15:36.661
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\hardlock.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2014-12-06 16:23:37.412
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\Common Files\Avnex\vcs64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2014-12-06 16:23:33.191
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\hardlock.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2014-12-05 22:47:02.801
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\Common Files\Avnex\vcs64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2014-12-05 22:46:50.389
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\hardlock.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
 
==================== Memory info =========================== 
 
Processor: Intel® Core™ i5-3210M CPU @ 2.50GHz
Percentage of memory in use: 43%
Total physical RAM: 5959.27 MB
Available physical RAM: 3391.32 MB
Total Pagefile: 6919.27 MB
Available Pagefile: 4183.43 MB
Total Virtual: 131072 MB
Available Virtual: 131071.84 MB
 
==================== Drives ================================
 
Drive c: (Acer) (Fixed) (Total:465.34 GB) (Free:262.41 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 9DF9CCBF)
 
Partition: GPT Partition Type.
 
==================== End Of Log ============================

  • 0

Advertisements

#11
BrianDrab
Posted 08 December 2014 - 10:25 AM

BrianDrab

    Trusted Helper

  • Malware Removal
  • 3,591 posts

Thanks for the logs. Let me know how your machine is after this.

 

Step#1 - Warnings

 

The Dangers of P2P Programs

IMPORTANT: I noticed that you have a P2P (Peer to Peer) file sharing program on your computer. I cannot stress highly enough the danger in using these types of programs. P2P programs are one of the major avenues of infection these days. The files downloaded with these programs are more than likely infected with trojans, malware, rootkits, etc.

You run the risk of getting an infection that can compromise your sensitive data, such as financial records, personal information, etc. That is just the infection aspect of using P2P programs. You also run the risk of possible arrest, fines, or in severe cases, jail time for illegal downloading of copyrighted material.

Here are some information sources about the dangers of P2P programs:

 

FBI - Peer to Peer Scams
USA Today Artticle on P2P Programs
File Sharing Infects 500,000 Computers

 

I very much recommend you uninstall this program from your machine. If not, you will likely be back needing help with your machine again. The risks of infections from content downloaded with P2P programs far outweigh any benefit of using them.

 

It is, of course, your choice as to whether or not you remove the program from your machine. It is my duty though, to point out how dangerous it is to use these programs. However, I must request that you do not use it while we are cleaning your machine.

 

Please uninstall the following Peer-to-Peer program(s): uTorrent, BitTorrent

 

 

CCleaner

I see that you have CCleaner installed. This is indeed a good product but I wanted to caution you on running the registry cleaning functionality of the tool. Please avoid this as it can do more harm than good.

 

 

Step#2 - Uninstalls
 
Please uninstall the following programs one at a time. Instructions for doing so are here.

If any of the programs give you an error during the uninstall, notate it and move on to the next one. Just let me know which ones had issues. If you are asked to reboot, answer No until all the programs have been uninstalled and then you can reboot. All of these programs are either outdated, malware/adware, have a bad reputation or are not recommended. If you absolutely must have one of them I suggest that you wait until you are declared clean before reinstalling.

MagniPic

 

 

 

Step#3 - FRST Fix
 
NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system
1. Download attached file and save it to the Desktop. Attached File  fixlist.txt   2.89KB   181 downloads
Note. It's important that both files, FRST64 and fixlist.txt are in the same location or the fix will not work (in this case...the desktop).
2. Run FRST64 by Right-Clicking on the file and choosing Run as administrator.
3. Press the Fix button just once and wait. If for some reason the tool needs a restart, please make sure you let the system restart normally. After that let the tool complete its run.
4. When finished FRST64 will generate a log on the Desktop (Fixlog.txt). Please post the contents of it in your reply.

 

Step#4 - AdWCleaner
1. Please download AdwCleaner by Xplode onto your desktop.
2. Close all open programs and internet browsers.
3. Right-click on AdwCleaner.exe and select Run as administrator to run the tool.
4. Click on Scan.
5. After the scan is complete click on "Clean"
6. Confirm each time with Ok.
7. Your computer will be rebooted automatically. A text file will open after the restart.
8. Please post the content of that logfile with your next answer.
9. If need be, you can also find the logfile at C:\AdwCleaner\AdwCleaner[S0].txt as well.

 

  

 

Items for your next post

1. FRST Fix Log

2. AdwCleaner log

3. How's your machine


  • 1

#12
Betrayed
Posted 08 December 2014 - 11:03 AM

Betrayed

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 119 posts

FRST Fix log:

 

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 07-12-2014 02
Ran by Betrayed at 2014-12-08 16:37:45 Run:1
Running from C:\Users\Betrayed\Desktop
Loaded Profile: Betrayed (Available profiles: Betrayed)
Boot Mode: Normal
==============================================
 
Content of fixlist:
*****************
Task: {1B843814-A41A-4540-8B0D-7AC7C256EA5C} - System32\Tasks\MagniPicUpdaterTask{A41D3767-63DC-41A8-A0C1-2205A1A46D08} => C:\ProgramData\Premium\MagniPic\MagniPic.exe <==== ATTENTION
Task: {2AC4B6F7-C312-45CC-B9EB-4D353954000F} - System32\Tasks\0 => Iexplore.exe  <==== ATTENTION
Task: {40BCDA3B-584F-4811-8234-A2BFC86F6FD1} - System32\Tasks\SK.Enhancer-S-161304646 => c:\programdata\quickset\sk.enhancer\SK.Enhancer.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\MagniPicUpdaterTask{A41D3767-63DC-41A8-A0C1-2205A1A46D08}.job => C:\ProgramData\Premium\MagniPic\MagniPic.exe <==== ATTENTION
Task: C:\WINDOWS\Tasks\SK.Enhancer-S-161304646.job => c:\programdata\quickset\sk.enhancer\SK.Enhancer.exe <==== ATTENTION
AlternateDataStreams: C:\Windows:{DA6227CB-326B-4B4D-9A81-04B61F1538DD}
AlternateDataStreams: C:\WINDOWS\SysWOW64\zlib.dll:DocumentSummaryInformation
AlternateDataStreams: C:\WINDOWS\SysWOW64\zlib.dll:SummaryInformation
AlternateDataStreams: C:\WINDOWS\SysWOW64\zlib.dll:{4c8cc155-6c1e-11d1-8e41-00c04fb9386d}
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
HKU\S-1-5-21-3815044672-3107833778-2507571291-1001\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
SearchScopes: HKLM-x32 -> DefaultScope value is missing.
SearchScopes: HKU\S-1-5-21-3815044672-3107833778-2507571291-1001 -> {EC025471-03A9-43A1-895E-72F76BF1511B} URL = 
BHO: No Name -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} ->  No File
Toolbar: HKLM - No Name - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} -  No File
Toolbar: HKU\.DEFAULT -> No Name - {61539ECD-CC67-4437-A03C-9AACCBD14326} -  No File
Toolbar: HKU\.DEFAULT -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} -  No File
Toolbar: HKU\S-1-5-21-3815044672-3107833778-2507571291-1001 -> No Name - {61539ECD-CC67-4437-A03C-9AACCBD14326} -  No File
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} -  No File
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} -  No File
FF Plugin-x32: @mcafee.com/SAFFPlugin -> C:\Program Files (x86)\McAfee\SiteAdvisor\npmcffplg32.dll No File
FF Extension: PlusWinks - C:\Users\Betrayed\AppData\Roaming\Mozilla\Firefox\Profiles\2cq6g9ts.default\Extensions\[email protected] [2013-12-11]
CHR Extension: (AS Magic Player) - C:\Users\Betrayed\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfhnkgpdlogbknkhlgdjlejeljbhflim [2014-11-16]
CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files (x86)\McAfee\SiteAdvisor\McChPlg.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [oknbmiaggcncgeihpofgkabacndiaimp] - C:\Program Files (x86)\RichMediaViewV1\RichMediaViewV1release1176\ch\RichMediaViewV1release1176.crx [Not Found]
S2 699fd52f; "C:\WINDOWS\system32\rundll32.exe" "c:\progra~3\assist~1\AssistantSvc.dll",service
c:\progra~3\assist~1\
cmd: BitsAdmin /reset /allusers
EmptyTemp:
*****************
 
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{1B843814-A41A-4540-8B0D-7AC7C256EA5C}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1B843814-A41A-4540-8B0D-7AC7C256EA5C}" => Key deleted successfully.
C:\Windows\System32\Tasks\MagniPicUpdaterTask{A41D3767-63DC-41A8-A0C1-2205A1A46D08} => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\MagniPicUpdaterTask{A41D3767-63DC-41A8-A0C1-2205A1A46D08}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{2AC4B6F7-C312-45CC-B9EB-4D353954000F}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2AC4B6F7-C312-45CC-B9EB-4D353954000F}" => Key deleted successfully.
C:\Windows\System32\Tasks\0 => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\0" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{40BCDA3B-584F-4811-8234-A2BFC86F6FD1}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{40BCDA3B-584F-4811-8234-A2BFC86F6FD1}" => Key deleted successfully.
C:\Windows\System32\Tasks\SK.Enhancer-S-161304646 => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\SK.Enhancer-S-161304646" => Key deleted successfully.
C:\WINDOWS\Tasks\MagniPicUpdaterTask{A41D3767-63DC-41A8-A0C1-2205A1A46D08}.job => Moved successfully.
C:\WINDOWS\Tasks\SK.Enhancer-S-161304646.job => Moved successfully.
C:\Windows => ":{DA6227CB-326B-4B4D-9A81-04B61F1538DD}" ADS removed successfully.
"C:\WINDOWS\SysWOW64\zlib.dll" => ":DocumentSummaryInformation" ADS not found.
"C:\WINDOWS\SysWOW64\zlib.dll" => ":SummaryInformation" ADS not found.
C:\WINDOWS\SysWOW64\zlib.dll => ":{4c8cc155-6c1e-11d1-8e41-00c04fb9386d}" ADS removed successfully.
C:\WINDOWS\system32\GroupPolicy\Machine => Moved successfully.
C:\WINDOWS\system32\GroupPolicy\GPT.ini => Moved successfully.
"HKLM\SOFTWARE\Policies\Google" => Key deleted successfully.
"HKU\S-1-5-21-3815044672-3107833778-2507571291-1001\SOFTWARE\Policies\Microsoft\Internet Explorer" => Key deleted successfully.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.
"HKU\S-1-5-21-3815044672-3107833778-2507571291-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{EC025471-03A9-43A1-895E-72F76BF1511B}" => Key deleted successfully.
"HKCR\CLSID\{EC025471-03A9-43A1-895E-72F76BF1511B}" => Key not found.
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B164E929-A1B6-4A06-B104-2CD0E90A88FF}" => Key deleted successfully.
"HKCR\CLSID\{B164E929-A1B6-4A06-B104-2CD0E90A88FF}" => Key not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} => value deleted successfully.
"HKCR\CLSID\{0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064}" => Key not found.
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{61539ECD-CC67-4437-A03C-9AACCBD14326} => value deleted successfully.
"HKCR\CLSID\{61539ECD-CC67-4437-A03C-9AACCBD14326}" => Key not found.
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} => value deleted successfully.
"HKCR\CLSID\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA}" => Key not found.
HKU\S-1-5-21-3815044672-3107833778-2507571291-1001\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{61539ECD-CC67-4437-A03C-9AACCBD14326} => value deleted successfully.
"HKCR\CLSID\{61539ECD-CC67-4437-A03C-9AACCBD14326}" => Key not found.
"HKCR\PROTOCOLS\Handler\dssrequest" => Key deleted successfully.
"HKCR\CLSID\{5513F07E-936B-4E52-9B00-067394E91CC5}" => Key not found.
"HKCR\PROTOCOLS\Handler\sacore" => Key deleted successfully.
"HKCR\CLSID\{5513F07E-936B-4E52-9B00-067394E91CC5}" => Key not found.
"HKLM\Software\Wow6432Node\MozillaPlugins\@mcafee.com/SAFFPlugin" => Key deleted successfully.
C:\Users\Betrayed\AppData\Roaming\Mozilla\Firefox\Profiles\2cq6g9ts.default\Extensions\[email protected] not found.
C:\Users\Betrayed\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfhnkgpdlogbknkhlgdjlejeljbhflim directory not found.
"HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\fheoggkfdfchfphceeifdbepaooicaho" => Key deleted successfully.
"HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\oknbmiaggcncgeihpofgkabacndiaimp" => Key deleted successfully.
699fd52f => Service deleted successfully.
"c:\progra~3\assist~1" => File/Directory not found.
 
=========  BitsAdmin /reset /allusers =========
 
 
BITSADMIN version 3.0 [ 7.7.9600 ]
BITS administration utility.
© Copyright 2000-2006 Microsoft Corp.
 
BITSAdmin is deprecated and is not guaranteed to be available in future versions of Windows.
Administrative tools for the BITS service are now provided by BITS PowerShell cmdlets.
 
Unable to cancel {C795C609-2CC4-471A-849C-86586C57E45F}.
{01FDD545-C144-4DE7-969E-D64620651480} canceled.
1 out of 2 jobs canceled.
 
========= End of CMD: =========
 
EmptyTemp: => Removed 147.2 MB temporary data.
 
 
The system needed a reboot. 
 
==== End of Fixlog ====
 
 
 
 
AdwCleaner log:

 

# AdwCleaner v4.104 - Report created 08/12/2014 at 16:48:11
# Updated 05/12/2014 by Xplode
# Database : 2014-12-08.1 [Live]
# Operating System : Windows 8.1  (64 bits)
# Username : Betrayed - BETRAYED
# Running from : C:\Users\Betrayed\Desktop\AdwCleaner.exe
# Option : Clean
 
***** [ Services ] *****
 
 
***** [ Files / Folders ] *****
 
Folder Deleted : C:\ProgramData\NCH Software
Folder Deleted : C:\ProgramData\562f624dbb839c65
Folder Deleted : C:\Program Files (x86)\MediaBuzzV1
Folder Deleted : C:\Program Files (x86)\NCH Software
Folder Deleted : C:\WINDOWS\SysWOW64\config\systemprofile\AppData\Roaming\hotspot shield
Folder Deleted : C:\Users\Betrayed\AppData\Roaming\NCH Software
Folder Deleted : C:\Users\Betrayed\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkojfkhlekighikafcpjkiklfbnlmeio
Folder Deleted : C:\Users\Betrayed\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfhnkgpdlogbknkhlgdjlejeljbhflim
Folder Deleted : C:\Users\Betrayed\AppData\Local\Google\Chrome\User Data\Default\Extensions\hfmkllfplegemejikoabfpjdaoncphip
Folder Deleted : C:\Users\Betrayed\AppData\Local\Google\Chrome\User Data\Default\Extensions\bejnhdlplbjhffionohbdnpcbobfejcc
Folder Deleted : C:\Users\Betrayed\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\cmaiofennmphjldldcpphcechfnnohja
File Deleted : C:\Users\Betrayed\AppData\Roaming\Mozilla\Firefox\Profiles\2cq6g9ts.default\Extensions\[email protected]
File Deleted : C:\Users\Betrayed\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\iLivid.lnk
File Deleted : C:\Users\Betrayed\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Torch.lnk
File Deleted : C:\Users\Betrayed\AppData\Roaming\Mozilla\Firefox\Profiles\2cq6g9ts.default\invalidprefs.js
 
***** [ Scheduled Tasks ] *****
 
Task Deleted : update-sys
Task Deleted : update-S-1-5-21-3815044672-3107833778-2507571291-1001
 
***** [ Shortcuts ] *****
 
Shortcut Disinfected : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Elgato\Game Capture HD\Uninstall.lnk
 
***** [ Registry ] *****
 
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\bejnhdlplbjhffionohbdnpcbobfejcc
Key Deleted : HKCU\Software\UpToDown
Key Deleted : HKLM\SOFTWARE\SK.Enhancer
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{30A5B3C9-2084-4063-A32A-628A98DE512B}_is1
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{EB03EF39-C655-D560-FA95-79182B837D64}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\02F47BF73B948514FAACADD8CBBDF37D
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\080D9F5E1E95FEE4794CE438E635239E
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1E264E0A5959A1C46BA9175A878B12EA
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2E6768B6932D112438F047C54D180635
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\351716A953E21214898904032EAE2E81
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\397C771A7BCAC904697C3EC629ED33ED
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\69D6A6B2ED56AF24EA6335EAD6E91CA4
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7FFA128C2B0FF414D805FC5627883401
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\86EDC790504E1834DBC20C9A04328FD2
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\97C3D0F82E712E241A2F969F45E3351C
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\98CC8BF5A4A6E6C4ABF7051DDAB8B058
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9E7F556BF224D804D96A96F0F6344789
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A189D17A469616C4688D23E192996267
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BF4F885EDEE45644EB1E0C99E0162399
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\CE21F3FD57B244142880EF15A165A156
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D15DAF33C220F91468A1D7D57C31ACD7
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D3BA76A44C779424889063D5098ED2D6
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D6D0EB9FDBD90C04D92A7E729058F10D
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E4748F9A4181FCE46A23C13B517B9420
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\A97CEC23332751B47BA4B95BAA50C9D0
 
***** [ Browsers ] *****
 
-\\ Internet Explorer v11.0.9600.17416
 
 
-\\ Mozilla Firefox v30.0 (en-US)
 
 
-\\ Google Chrome v39.0.2171.71
 
[C:\Users\Betrayed\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://uk.ask.com/web?q={searchTerms}
[C:\Users\Betrayed\AppData\Local\Comodo\Dragon\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://search.ask.com/web?o=APN10257&doi=<DOI>&apn_dtid=%5E<MTRACK>%5EYY%5EUS&q={searchTerms}
 
-\\ Comodo Dragon v36.1.1.21
 
[C:\Users\Betrayed\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://uk.ask.com/web?q={searchTerms}
[C:\Users\Betrayed\AppData\Local\Comodo\Dragon\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://search.ask.com/web?o=APN10257&doi=<DOI>&apn_dtid=%5E<MTRACK>%5EYY%5EUS&q={searchTerms}
[C:\Users\Betrayed\AppData\Local\Comodo\Dragon\User Data\Default\preferences] - Deleted [Extension] : cmaiofennmphjldldcpphcechfnnohja
 
*************************
 
AdwCleaner[R0].txt - [6040 octets] - [08/12/2014 16:45:58]
AdwCleaner[S0].txt - [6374 octets] - [08/12/2014 16:48:11]
 
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [6434 octets] ##########

 

 
 
NOTE: There was three files that are transparent on my desktop which are: two desktop.ini and Minecraft Account Cracker.exe. Apart from that it is all going good.

  • 0

#13
BrianDrab
Posted 08 December 2014 - 11:55 AM

BrianDrab

    Trusted Helper

  • Malware Removal
  • 3,591 posts

NOTE: There was three files that are transparent on my desktop which are: two desktop.ini and Minecraft Account Cracker.exe. Apart from that it is all going good. 

 

The desktop.ini files are likely OK and may appear if your folder settings are set to show system files. We'll get to those. As far as the Minecraft file you may go ahead and delete this file. These types of files get spread through Torrents which you have two of.

 

Let's finishing the cleaning and in doing so we'll address those items. Please follow the instructions below. Thanks.

 

Step#1 - JRT
 
Note: Please disable your Antivirus Software before doing Step#1.
1. Download Junkware Removal Tool to your desktop.
2. Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
3, The tool will open and start scanning your system.
4. Please be patient as this can take a while to complete depending on your system's specifications.
5. On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
6. Close the text file and reboot your machine.
7. After your machine is rebooted, please re-enable your antivirus.
8. Post the contents of JRT.txt into your next message.

 

Step#2 - Malwarebytes Scan

  • Download Malwarebytes to your desktop from here.
  • Right-click on the file that is downloaded to your desktop and select Run as administrator.
  • Select the appropriate language and click OK.
  • Click Next.
  • Select "I accept the agreement" and click Next.
  • Click Next
  • Change the install path if desired. Normally you will keep this as is. Click Next.
  • Click Next again.
  • Click Next again.
  • Click Install.
  • Uncheck "Enable free trial of Malwarebytes Anti-Malware Premium".
  • Click Finish
  • If an update is found you will be prompted to download and install. Go ahead.
  • Click the Settings button and then the Detection and Protection tab. Then check the box to Scan for rootkits. as shown below.
  • RootKitCheckBox.JPG
     
  • Click the Scan button at the top of the form and then click Scan Now.
    2.JPG
  • If anything is detected, there will be an Apply Actions button. Please click this.
  • Once the scan completes click the View detailed log link.
    3.JPG
  • Then click the Copy to clipboard button and paste into your next post.
    4.JPG

 

Step#3 - Security Check
 
1. Download Security Check from here or here or here.
2. Save it to your Desktop.
3. Right-click SecurityCheck.exe and select Run as administrator. Follow the onscreen instructions inside of the black box.
4. A Notepad document should open automatically called checkup.txt; please post the contents of that document.
Note: Don't be alarmed if the process runs for 10 to 15 minutes before completing. If it runs for over 30 minutes, just close the program and try running it again.

NOTE: If SecurityCheck aborts and you get the following message: UNSUPPORTED OPERATING SYSTEM! ABORTED! try rebooting the system and then run SecurityCheck again.

 

 

  

 

Items for your next post

1. Junkware log

2. Malwarebytes log

3. Security Check log


  • 1

#14
Betrayed
Posted 08 December 2014 - 02:03 PM

Betrayed

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 119 posts

Junkware log:

 

This popped up at start: http://gyazo.com/7e4...0ad8c8c68ff3eaf

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.4.0 (11.29.2014:1)
OS: Windows 8.1 x64
Ran by Betrayed on 08/12/2014 at 18:37:41.42
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
 
~~~ Services
 
 
 
~~~ Registry Values
 
 
 
~~~ Registry Keys
 
 
 
~~~ Files
 
Successfully deleted: [File] "C:\WINDOWS\wininit.ini"
 
 
 
~~~ Folders
 
Successfully deleted: [Folder] "C:\ProgramData\ammyy"
Successfully deleted: [Folder] "C:\Users\Betrayed\appdata\local\cre"
 
 
 
~~~ Event Viewer Logs were cleared
 
 
 
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 08/12/2014 at 18:40:22.34
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 

 

 

 

 

Malwarebytes log:

 

Malwarebytes Anti-Malware
www.malwarebytes.org
 
Scan Date: 08/12/2014
Scan Time: 18:55:20
Logfile: 
Administrator: Yes
 
Version: 2.00.4.1028
Malware Database: v2014.12.08.07
Rootkit Database: v2014.12.08.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled
 
OS: Windows 8.1
CPU: x64
File System: NTFS
User: Betrayed
 
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 437031
Time Elapsed: 38 min, 41 sec
 
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled
 
Processes: 0
(No malicious items detected)
 
Modules: 0
(No malicious items detected)
 
Registry Keys: 1
PUP.Optional.FindWide.A, HKU\S-1-5-21-3815044672-3107833778-2507571291-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MOZILLAPLUGINS\@tightropeinteractive.com/Plugin, , [9fc6560ad6a6c47248ab0ab504002cd4], 
 
Registry Values: 0
(No malicious items detected)
 
Registry Data: 0
(No malicious items detected)
 
Folders: 0
(No malicious items detected)
 
Files: 1
PSWTool.Cain, C:\Users\Betrayed\Downloads\cain20 (1).exe, , [0065f96754282115c50ed96244bea25e], 
 
Physical Sectors: 0
(No malicious items detected)
 
 
(end)
 
 
 
Security Check log:
 

 Results of screen317's Security Check version 0.99.91  
   x64 (UAC is enabled)  
 Internet Explorer 11  
``````````````Antivirus/Firewall Check:`````````````` 
 Windows Firewall Enabled!  
Windows Defender           
Norton Internet Security   
 WMI entry may not exist for antivirus; attempting automatic update. 
`````````Anti-malware/Other Utilities Check:````````` 
 Visual Studio Extensions for Windows Library for JavaScript 
 Java 8 Update 25  
 Visual Studio Extensions for Windows Library for JavaScript 
 JavaScript Tooling    
 Java version 32-bit out of Date! 
 Adobe Flash Player 15.0.0.239  
 Adobe Reader XI  
 Mozilla Firefox 30.0 Firefox out of Date!  
 Google Chrome 37.0.2062.124 Google Chrome out of date!  
````````Process Check: objlist.exe by Laurent````````  
 Norton ccSvcHst.exe 
 Malwarebytes Anti-Malware mbam.exe  
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C:  % 
````````````````````End of Log`````````````````````` 
 

  • 0

#15
BrianDrab
Posted 08 December 2014 - 03:10 PM

BrianDrab

    Trusted Helper

  • Malware Removal
  • 3,591 posts

Thank you. Things are looking good. You can ignore the error you got initially when running JRT. A few items that should be updated then we should be good. Please follow the instructions below.

 

Step#1 - Malwarebytes (Quarantine)

Let's run a Malwarebytes scan again but this time once it shows everything that is detected, ensure every item is checked and click the Quarantine All button. I'll post the instructions below to make it easier.

  1. Double-click the Malwarebytes shortcut on your desktop to open the program. If an update is found you will be prompted to download and install. Go ahead.
  2. Click the Settings button and then the Detection and Protection tab. Then check the box to Scan for rootkits. as shown below.
  3. RootKitCheckBox.JPG
  4. Click the Scan button at the top of the form and then click Scan Now.
    2.JPG
  5. Once the items are detected please click the Quarantine All button.

 

 

Step#2 - Update Browsers

It's very important to keep your browsers up-to-date as malware can easily exploit flaws in outdated browsers and infect your machine. Please update your Firefox and Chrome browsers to the current versions. Instructions for updated Firefox are here. Instructions for updating Chrome are here.

 

 

Once this is done, if you are satisfied I'll go ahead and post some final cleanup instructions and recommendations. These instructions will include hiding those desktop.ini files as well. Let me know please. Thank you.


  • 1
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP