Hi I am having problems with a Firefox redirect malware that is attempting to send me to a forged website, "www.readytwos.com". Simalure to what the person in this post was having, firefox redirect/"Reported Web Forgery"
. This is a first for me on coming across a malware/virus that infects Firefox. What surprises me is that it got through three anti-virus tools that I use. (One active and two for maintenance scans twice aweek.) So after readying throught the other thread. I went and d/l'd the Farbar Recovery Scan Tool mentioned there. I have run it and recieved the two logs, they are listed below. any help on removing this malware/virus is greatly appreciated.
Before, you mention it. Yes, I do know that Firefox is setup for a proxy. This was done by myself for access on certain networks. And that I am aware of the low drive space. (Too much installed, but still not all that I need, and HD not large enough for what I need.)
FRST.txt is provided below:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 27-12-2014
Ran by The WABBIT (administrator) on WABBITSCOMPUTER on 27-12-2014 12:29:47
Running from C:\Users\The WABBIT\Desktop
Loaded Profile: The WABBIT (Available profiles: The WABBIT)
Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 8
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(O&O Software GmbH) C:\Program Files\OO Software\DriveLED\DriveLED.exe
() C:\Program Files (x86)\ibVPN\ibVPN.service.exe
(Nero AG) C:\Program Files (x86)\Motorola Media Link\Lite\NServiceEntry.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
(Logitech, Inc.) C:\Program Files\Logitech\SetPointP\SetPoint.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(CyberLink) C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Disc Soft Ltd) C:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe
(Disc Soft Ltd) C:\Program Files (x86)\DAEMON Tools Pro\DTShellHlp.exe
(BitTorrent Inc.) C:\uTorrent\utorrent.exe
(Akamai Technologies, Inc.) C:\Users\The WABBIT\AppData\Local\Akamai\netsession_win.exe
(Logitech, Inc.) C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.exe
(Akamai Technologies, Inc.) C:\Users\The WABBIT\AppData\Local\Akamai\netsession_win.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
(Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\acrotray.exe
(http://tortoisesvn.net) C:\Program Files\TortoiseSVN\bin\TSVNCache.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(Motorola Mobility LLC) C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Motorola) C:\Program Files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe
(Motorola Mobility LLC) C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperAgent.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(http://tortoisesvn.net) C:\Program Files\TortoiseSVN\bin\TSVNCache.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Health Check\HPHC_Service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Realtek Semiconductor Corp.) C:\Program Files\Realtek\RtVOsd\RtVOsdService.exe
(Realtek Semiconductor Corp.) C:\Program Files\Realtek\RtVOsd\RtVOsd.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Windows\System32\taskmgr.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Don HO [email protected]) C:\Program Files (x86)\Notepad++\notepad++.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [EvtMgr6] => C:\Program Files\Logitech\SetPointP\SetPoint.exe [3100440 2014-05-19] (Logitech, Inc.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2837288 2011-10-14] (Synaptics Incorporated)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [558496 2014-02-27] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [284696 2010-04-13] (Intel Corporation)
HKLM-x32\...\Run: [HP Quick Launch] => C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe [577408 2012-02-15] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe [3499896 2014-05-08] (Adobe Systems Inc.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
HKU\S-1-5-21-3004508294-471313756-1794315825-1000\...\Run: [Vidalia] => "C:\Program Files (x86)\Vidalia Bridge Bundle\Vidalia\vidalia.exe"
HKU\S-1-5-21-3004508294-471313756-1794315825-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [6482200 2014-09-26] (Piriform Ltd)
HKU\S-1-5-21-3004508294-471313756-1794315825-1000\...\Run: [DAEMON Tools Pro Agent] => C:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe [3129560 2014-02-24] (Disc Soft Ltd)
HKU\S-1-5-21-3004508294-471313756-1794315825-1000\...\Run: [uTorrent] => C:\uTorrent\utorrent.exe [3562832 2014-09-10] (BitTorrent Inc.)
HKU\S-1-5-21-3004508294-471313756-1794315825-1000\...\Run: [Akamai NetSession Interface] => C:\Users\The WABBIT\AppData\Local\Akamai\netsession_win.exe [4673432 2014-10-29] (Akamai Technologies, Inc.)
HKU\S-1-5-21-3004508294-471313756-1794315825-1000\...\MountPoints2: {0e686678-848b-11e4-8650-9ed87e179942} - F:\autorun.exe
HKU\S-1-5-21-3004508294-471313756-1794315825-1000\...\MountPoints2: {15d3a5be-6902-11e4-9f63-82faa1dae64f} - E:\Windows\AutoRun.exe {D2D77DC2-8299-11D1-8949-444553540000} 5.2088.1.A01B06 PID_0083 {01D42BF0-ED08-463f-8A28-99EB6FEE962B}
HKU\S-1-5-21-3004508294-471313756-1794315825-1000\...\MountPoints2: {49de773a-8272-11e4-9861-ac8112001b7c} - E:\Windows\AutoRun.exe {D2D77DC2-8299-11D1-8949-444553540000} 5.2088.1.A01B06 PID_0083 {01D42BF0-ED08-463f-8A28-99EB6FEE962B}
HKU\S-1-5-21-3004508294-471313756-1794315825-1000\...\MountPoints2: {fe8d0920-76ae-11e4-b095-f5ec430e490f} - E:\HTC_Sync_Manager_PC.exe
HKU\S-1-5-21-3004508294-471313756-1794315825-1000\...\Winlogon: [Shell] C:\Windows\expstart.exe [925184 2014-12-03] () <==== ATTENTION
ShellIconOverlayIdentifiers: [1TortoiseNormal] -> {C5994560-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)
ShellIconOverlayIdentifiers: [2TortoiseModified] -> {C5994561-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)
ShellIconOverlayIdentifiers: [3TortoiseConflict] -> {C5994562-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)
ShellIconOverlayIdentifiers: [4TortoiseLocked] -> {C5994563-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)
ShellIconOverlayIdentifiers: [5TortoiseReadOnly] -> {C5994564-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)
ShellIconOverlayIdentifiers: [6TortoiseDeleted] -> {C5994565-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)
ShellIconOverlayIdentifiers: [7TortoiseAdded] -> {C5994566-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)
ShellIconOverlayIdentifiers: [8TortoiseIgnored] -> {C5994567-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)
ShellIconOverlayIdentifiers: [9TortoiseUnversioned] -> {C5994568-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [1TortoiseNormal] -> {C5994560-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [2TortoiseModified] -> {C5994561-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [3TortoiseConflict] -> {C5994562-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [4TortoiseLocked] -> {C5994563-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [5TortoiseReadOnly] -> {C5994564-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [6TortoiseDeleted] -> {C5994565-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [7TortoiseAdded] -> {C5994566-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [8TortoiseIgnored] -> {C5994567-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: [9TortoiseUnversioned] -> {C5994568-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM -> {758B870D-DF78-4A6A-9955-DEDDCACF94DC} URL = http://www.google.co...age={startPage}
SearchScopes: HKU\.DEFAULT -> {758B870D-DF78-4A6A-9955-DEDDCACF94DC} URL = http://www.google.co...age={startPage}
SearchScopes: HKU\S-1-5-21-3004508294-471313756-1794315825-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.google.co...age={startPage}
SearchScopes: HKU\S-1-5-21-3004508294-471313756-1794315825-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.google.co...age={startPage}
SearchScopes: HKU\S-1-5-21-3004508294-471313756-1794315825-1000 -> {758B870D-DF78-4A6A-9955-DEDDCACF94DC} URL = http://www.google.co...age={startPage}
SearchScopes: HKU\S-1-5-21-3004508294-471313756-1794315825-1000 -> {AFBCB7E0-F91A-4951-9F31-58FEE57A25C4} URL = http://nortonsafe.se...ct=sb&qsrc=2869
BHO: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_25\bin\ssv.dll (Oracle Corporation)
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll (Logitech, Inc.)
BHO: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_25\bin\jp2ssv.dll (Oracle Corporation)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO-x32: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll (Logitech, Inc.)
BHO-x32: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKU\S-1-5-21-3004508294-471313756-1794315825-1000 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
Toolbar: HKU\S-1-5-21-3004508294-471313756-1794315825-1000 -> Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll (Adobe Systems Incorporated)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 10.140.243.57 10.140.243.55
FireFox:
========
FF ProfilePath: C:\Users\The WABBIT\AppData\Roaming\Mozilla\Firefox\Profiles\3olbuafe.default
FF SelectedSearchEngine: Google
FF Homepage: about:home
FF NetworkProxy: "socks", "127.0.0.1"
FF NetworkProxy: "socks_port", 9050
FF NetworkProxy: "socks_remote_dns", true
FF NetworkProxy: "type", 0
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_189.dll ()
FF Plugin: @java.com/DTPlugin,version=11.25.2 -> C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_189.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1213153.dll (Adobe Systems, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll (Adobe Systems)
FF Plugin HKU\S-1-5-21-3004508294-471313756-1794315825-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\The WABBIT\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF user.js: detected! => C:\Users\The WABBIT\AppData\Roaming\Mozilla\Firefox\Profiles\3olbuafe.default\user.js
FF SearchPlugin: C:\Users\The WABBIT\AppData\Roaming\Mozilla\Firefox\Profiles\3olbuafe.default\searchplugins\safesearch.xml
FF Extension: YoutubeAdBlocke - C:\Users\The WABBIT\AppData\Roaming\Mozilla\Firefox\Profiles\3olbuafe.default\Extensions\[email protected] [2014-10-14]
FF Extension: Flash Video Downloader - YouTube HD Download [4K] - C:\Users\The WABBIT\AppData\Roaming\Mozilla\Firefox\Profiles\3olbuafe.default\Extensions\[email protected] [2014-12-24]
FF Extension: FoxyProxy Standard - C:\Users\The WABBIT\AppData\Roaming\Mozilla\Firefox\Profiles\3olbuafe.default\Extensions\[email protected] [2014-10-11]
FF Extension: YouTube Unblocker - C:\Users\The WABBIT\AppData\Roaming\Mozilla\Firefox\Profiles\3olbuafe.default\Extensions\[email protected] [2014-11-04]
FF Extension: Adblock Plus Pop-up Addon - C:\Users\The WABBIT\AppData\Roaming\Mozilla\Firefox\Profiles\3olbuafe.default\Extensions\[email protected] [2014-10-11]
FF Extension: Element Hiding Helper for Adblock Plus - C:\Users\The WABBIT\AppData\Roaming\Mozilla\Firefox\Profiles\3olbuafe.default\Extensions\[email protected] [2014-10-11]
FF Extension: MEGA - C:\Users\The WABBIT\AppData\Roaming\Mozilla\Firefox\Profiles\3olbuafe.default\Extensions\[email protected] [2014-10-11]
FF Extension: YouTube Center - C:\Users\The WABBIT\AppData\Roaming\Mozilla\Firefox\Profiles\3olbuafe.default\Extensions\[email protected] [2014-10-11]
FF Extension: {3de1f0d5-4b0f-41c4-9671-6b6df5d7cfd0} - C:\Users\The WABBIT\AppData\Roaming\Mozilla\Firefox\Profiles\3olbuafe.default\Extensions\{3de1f0d5-4b0f-41c4-9671-6b6df5d7cfd0}.xpi [2014-11-13]
FF Extension: Adblock Plus - C:\Users\The WABBIT\AppData\Roaming\Mozilla\Firefox\Profiles\3olbuafe.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-10-11]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} [2014-10-25]
FF HKLM\...\Firefox\Extensions: [{121C6AF3-6778-4360-AFDB-57BD4E3E4343}] - C:\Program Files\Playzy\Firefox
FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt
FF Extension: Logitech SetPoint - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2014-10-19]
FF HKLM-x32\...\Firefox\Extensions: [{121C6AF3-6778-4360-AFDB-57BD4E3E4343}] - C:\Program Files\Playzy\Firefox
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: Adobe Acrobat - Create PDF - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCFirefoxExtn [2014-12-23]
Chrome:
=======
CHR dev: Chrome dev build detected! <======= ATTENTION
CHR Profile: C:\Users\The WABBIT\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (HTML Coupon) - C:\Users\The WABBIT\AppData\Local\Google\Chrome\User Data\Default\Extensions\acgimceffoceigocablmjdpebeodphgc [2014-10-14]
CHR Extension: (GoSave) - C:\Users\The WABBIT\AppData\Local\Google\Chrome\User Data\Default\Extensions\heijamdgdffahhfmgibpphebmhekbhih [2014-10-14]
CHR Extension: (SafeNSearch) - C:\Users\The WABBIT\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkomdmnobcnfknncnajbdbecjaoobchb [2014-10-13]
CHR Extension: (GoSave) - C:\Users\The WABBIT\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfaeehiddheakbpeklgkbglmajcdpbpn [2014-10-14]
CHR Extension: (Google Wallet) - C:\Users\The WABBIT\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-10-13]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Browser\WCChromeExtn\WCChromeExtn.crx [2014-05-08]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
S2 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [409304 2014-10-07] (BlueStack Systems, Inc.)
S2 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [388824 2014-10-07] (BlueStack Systems, Inc.)
S2 BstHdUpdaterSvc; C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe [782040 2014-10-07] (BlueStack Systems, Inc.)
R2 HP Health Check Service; C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe [121344 2010-06-30] (Hewlett-Packard Company) [File not signed]
S2 IBG_gds_db; C:\Program Files (x86)\Embarcadero\Studio\15.0\InterBaseXE3\bin\ibguard.exe [636744 2014-05-14] (Embarcadero Technologies, Inc.)
S3 IBS_gds_db; C:\Program Files (x86)\Embarcadero\Studio\15.0\InterBaseXE3\bin\ibserver.exe [5489992 2014-05-14] (Embarcadero Technologies, Inc.)
R2 LightScribeService; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [73728 2011-03-04] (Hewlett-Packard Company) [File not signed]
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2014-11-21] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [969016 2014-11-21] (Malwarebytes Corporation)
R2 Motorola Device Manager; C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotoHelperService.exe [137528 2013-11-15] (Motorola Mobility LLC)
S3 OpenVPNService; C:\Program Files\OpenVPN\bin\openvpnserv.exe [38200 2014-12-01] (The OpenVPN Project)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [1903472 2014-12-26] (Electronic Arts)
R2 PST Service; C:\Program Files (x86)\Motorola\MotForwardDaemon\ForwardDaemon.exe [65657 2011-09-02] (Motorola) [File not signed]
R2 RtVOsdService; C:\Program Files\Realtek\RtVOsd\RtVOsdService.exe [315392 2010-06-17] (Realtek Semiconductor Corp.) [File not signed]
R2 Themes; C:\Windows\system32\themeservice.dll [44544 2014-11-26] (Microsoft Corporation) [File not signed]
S4 aspnet_state; %SystemRoot%\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [X]
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
S3 Andbus; C:\Windows\System32\DRIVERS\lgandbus64.sys [19456 2010-12-07] (LG Electronics Inc.)
S3 AndDiag; C:\Windows\System32\DRIVERS\lganddiag64.sys [27648 2010-12-07] (LG Electronics Inc.)
S3 AndGps; C:\Windows\System32\DRIVERS\lgandgps64.sys [27136 2010-12-07] (LG Electronics Inc.)
S3 ANDModem; C:\Windows\System32\DRIVERS\lgandmodem64.sys [34304 2010-12-07] (LG Electronics Inc.)
S3 androidusb; C:\Windows\System32\Drivers\lgandadb.sys [31744 2010-08-02] (Google Inc)
R2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [122072 2014-10-07] (BlueStack Systems)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2014-10-23] (Disc Soft Ltd)
U5 FontCache3.0.0.0; C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [42856 2010-11-20] (Microsoft Corporation)
S3 massfilter_hs; C:\Windows\system32\drivers\massfilter_hs.sys [20232 2012-06-20] (HandSet Incorporated)
R1 mbamchameleon; C:\Windows\system32\drivers\mbamchameleon.sys [93400 2014-11-21] (Malwarebytes Corporation)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-11-21] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [129752 2014-12-27] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-11-21] (Malwarebytes Corporation)
R0 oodrvled; C:\Windows\System32\DRIVERS\oodrvled.sys [30800 2011-03-02] (O&O Software GmbH)
S3 pwdrvio; C:\Windows\system32\pwdrvio.sys [19152 2013-09-30] ()
S3 pwdspio; C:\Windows\system32\pwdspio.sys [12504 2013-09-30] ()
S3 RSUSBSTOR; C:\Windows\SysWOW64\Drivers\RtsUStor.sys [225280 2009-09-23] (Realtek Semiconductor Corp.)
S3 Serial; C:\Windows\system32\drivers\serial.sys [94208 2009-07-13] (Brother Industries Ltd.)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [386680 2014-10-23] (Duplex Secure Ltd.)
U5 UnlockerDriver5; C:\Program Files\Unlocker\UnlockerDriver5.sys [12352 2010-07-01] ()
S3 usbbus; C:\Windows\System32\DRIVERS\lgx64bus.sys [17920 2011-02-14] (LG Electronics Inc.)
S3 UsbDiag; C:\Windows\System32\DRIVERS\lgx64diag.sys [28160 2011-02-14] (LG Electronics Inc.)
S3 USBModem; C:\Windows\System32\DRIVERS\lgx64modem.sys [34816 2011-02-14] (LG Electronics Inc.)
R2 {B154377D-700F-42cc-9474-23858FBDF4BD}; C:\Program Files (x86)\CyberLink\PowerDVD9\000.fcl [146928 2010-02-10] (CyberLink Corp.)
U3 a5ltlhb6; C:\Windows\System32\Drivers\a5ltlhb6.sys [0 ] (Advanced Micro Devices)
S3 cpuz136; \??\C:\Windows\TEMP\cpuz136\cpuz136_x64.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-12-27 12:29 - 2014-12-27 12:31 - 00026613 _____ () C:\Users\The WABBIT\Desktop\FRST.txt
2014-12-27 12:29 - 2014-12-27 12:30 - 00000000 ____D () C:\FRST
2014-12-27 12:28 - 2014-12-27 12:28 - 02122752 _____ (Farbar) C:\Users\The WABBIT\Desktop\FRST64.exe
2014-12-27 11:32 - 2014-12-27 11:32 - 00002468 _____ () C:\Users\Public\Desktop\Character and Starship Creator.lnk
2014-12-27 09:18 - 2014-12-27 09:18 - 00003886 _____ () C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2014-12-26 14:08 - 2014-12-27 09:30 - 00000000 ____D () C:\Program Files (x86)\Net-7
2014-12-26 14:08 - 2014-12-26 14:08 - 00001089 _____ () C:\Users\The WABBIT\Desktop\LaunchNet7.lnk
2014-12-26 14:05 - 2014-12-26 14:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EA GAMES
2014-12-26 14:03 - 2014-12-26 14:03 - 00000000 ____D () C:\Program Files (x86)\EA GAMES
2014-12-23 18:31 - 2014-12-23 18:31 - 00001461 _____ () C:\Users\Public\Desktop\Adobe Application Manager.lnk
2014-12-23 18:18 - 2014-12-23 18:31 - 00002453 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat XI Pro.lnk
2014-12-23 18:18 - 2014-12-23 18:31 - 00002225 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe FormsCentral.lnk
2014-12-23 18:18 - 2014-12-23 18:31 - 00002064 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat Distiller XI.lnk
2014-12-23 18:18 - 2014-12-23 18:18 - 00002155 _____ () C:\Users\Public\Desktop\Adobe FormsCentral.lnk
2014-12-23 18:18 - 2014-12-23 18:18 - 00002041 _____ () C:\Users\Public\Desktop\Adobe Acrobat XI Pro.lnk
2014-12-23 13:12 - 2014-12-23 15:05 - 00092176 _____ () C:\s57c
2014-12-23 10:13 - 2014-12-23 16:04 - 673633506 _____ () C:\Users\The WABBIT\Downloads\Today, Younger Sister Gave Me a Kindness English Version RE121332.rar
2014-12-22 10:35 - 2014-12-22 10:36 - 00000000 ____D () C:\Users\The WABBIT\AppData\Local\Akamai
2014-12-22 10:35 - 2014-12-22 10:35 - 00000000 ____D () C:\AeriaGames
2014-12-22 10:34 - 2014-12-22 10:34 - 00483352 _____ (Aeria Games & Entertainment) C:\Users\The WABBIT\Downloads\edeneternal_us_downloader.exe
2014-12-20 12:46 - 2014-12-20 12:58 - 00001187 _____ () C:\Windows\PWCMDLST.BAK
2014-12-20 10:30 - 2014-12-20 10:31 - 00000622 _____ () C:\Users\The WABBIT\Desktop\TakeOwnership.zip
2014-12-18 11:03 - 2014-12-18 11:03 - 03435140 _____ () C:\Users\The WABBIT\Downloads\WinAIO Maker Professional v1.3.zip
2014-12-17 21:06 - 2014-12-17 22:30 - 00000000 ____D () C:\Users\The WABBIT\Desktop\Steve's Girls Wallpaper
2014-12-15 21:43 - 2014-12-15 21:43 - 00000000 ____D () C:\Users\The WABBIT\AppData\Roaming\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
2014-12-15 19:41 - 2014-12-15 21:50 - 00000000 ____D () C:\Program Files (x86)\APE for Windows
2014-12-15 19:41 - 2014-12-15 21:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\APE for Windows
2014-12-15 16:10 - 2014-12-15 16:10 - 00042132 _____ () C:\Windows\XF2000.INI
2014-12-15 16:00 - 2014-12-15 21:46 - 00000000 ____D () C:\ProgramData\WinZip
2014-12-15 14:18 - 2014-12-15 16:25 - 00000532 _____ () C:\Windows\ATList.ini
2014-12-15 13:45 - 2014-12-17 15:31 - 00000000 ____D () C:\Program Files (x86)\Atari800WinPLus
2014-12-15 13:45 - 2014-12-15 13:45 - 00001086 _____ () C:\Users\Public\Desktop\Atari800Win PLus 4.1.lnk
2014-12-15 13:45 - 2014-12-15 13:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Atari800Win PLus
2014-12-15 12:48 - 2014-12-23 21:43 - 00000000 ____D () C:\Users\The WABBIT\Downloads\ATARI
2014-12-15 12:06 - 2014-12-15 12:07 - 00000000 ____D () C:\Program Files (x86)\PDF Password Remover
2014-12-15 12:06 - 2014-12-15 12:06 - 00001156 _____ () C:\Users\Public\Desktop\PDF Password Remover.lnk
2014-12-15 12:06 - 2014-12-15 12:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PDF Password Remover
2014-12-15 11:22 - 2014-12-15 11:23 - 00000000 ____D () C:\Users\The WABBIT\Documents\Ahead PDF Password Remover
2014-12-15 11:21 - 2014-12-15 11:21 - 01863739 _____ (AheadPDF ) C:\Users\The WABBIT\Downloads\aheadpdf-password-remover.exe
2014-12-15 11:21 - 2014-12-15 11:21 - 00000000 ____D () C:\ProgramData\AheadPDF
2014-12-14 14:16 - 2014-12-14 14:17 - 37151015 _____ ( ) C:\Users\The WABBIT\Downloads\K-Lite_Codec_Pack_1090_Mega.exe
2014-12-14 13:57 - 2014-12-14 13:57 - 00000000 ____D () C:\Program Files (x86)\Origin Games
2014-12-14 13:56 - 2014-12-14 14:19 - 00000000 ____D () C:\Users\The WABBIT\AppData\Roaming\Origin
2014-12-14 13:56 - 2014-12-14 14:09 - 00000000 ____D () C:\Users\The WABBIT\AppData\Local\Origin
2014-12-14 13:53 - 2014-12-26 13:56 - 00000000 ____D () C:\ProgramData\Origin
2014-12-14 13:53 - 2014-12-26 13:47 - 00000000 ____D () C:\Program Files (x86)\Origin
2014-12-14 13:53 - 2014-12-14 13:53 - 00000994 _____ () C:\Users\Public\Desktop\Origin.lnk
2014-12-14 13:53 - 2014-12-14 13:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin
2014-12-14 13:53 - 2014-12-14 13:53 - 00000000 ____D () C:\ProgramData\Electronic Arts
2014-12-14 13:50 - 2014-12-14 13:50 - 17103000 _____ (Electronic Arts, Inc.) C:\Users\The WABBIT\Downloads\OriginThinSetup.exe
2014-12-14 13:26 - 2014-12-14 17:57 - 00000000 ____D () C:\Users\The WABBIT\Desktop\temp
2014-12-13 20:00 - 2014-12-05 07:22 - 12205577 _____ () C:\Users\The WABBIT\Desktop\VLC 0.9.10_9998.apk
2014-12-13 16:00 - 2014-12-13 16:00 - 01359558 _____ () C:\Users\The WABBIT\Downloads\mounts2sd-4.6.2_aroma.zip
2014-12-13 11:05 - 2014-12-13 11:05 - 01054385 _____ () C:\Users\The WABBIT\Downloads\Mounts2SD_MTD_1.1.0.zip
2014-12-13 11:02 - 2014-12-13 11:02 - 01060488 _____ () C:\Users\The WABBIT\Downloads\Mounts2SD_MTD_1.2.0.zip
2014-12-13 11:02 - 2014-12-13 11:02 - 01057393 _____ () C:\Users\The WABBIT\Downloads\Mounts2SD_MTD_1.1.3-2.zip
2014-12-13 11:02 - 2014-12-13 11:02 - 00914080 _____ () C:\Users\The WABBIT\Downloads\Mounts2SD-1.1.3-2.apk
2014-12-13 11:01 - 2014-12-13 11:01 - 00962938 _____ () C:\Users\The WABBIT\Downloads\Mounts2SD-2.0.1.apk
2014-12-13 11:00 - 2014-12-13 11:00 - 01099014 _____ () C:\Users\The WABBIT\Downloads\Mounts2SD_MTD_2.1.0.zip
2014-12-13 10:49 - 2014-12-13 10:49 - 01101172 _____ () C:\Users\The WABBIT\Downloads\Mounts2SD_MTD_2.2.0.zip
2014-12-13 10:48 - 2014-12-13 10:48 - 01071998 _____ () C:\Users\The WABBIT\Downloads\Mounts2SD_Ext4_2.2.0.zip
2014-12-12 20:17 - 2014-12-12 20:17 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_WinUsb_01009.Wdf
2014-12-12 20:16 - 2014-12-12 20:16 - 00000000 ____D () C:\Program Files\Handset_USB_Driver
2014-12-12 20:16 - 2012-09-04 13:49 - 00162816 _____ (HS Coporation) C:\Windows\system32\Drivers\ghsnet.sys
2014-12-12 20:16 - 2012-09-04 13:42 - 00123520 _____ (HS Coporation) C:\Windows\system32\Drivers\ghsser.sys
2014-12-12 20:16 - 2012-07-18 13:58 - 00132104 _____ (ZTE Incorporated) C:\Windows\system32\Drivers\zghsser.sys
2014-12-12 20:16 - 2012-06-20 11:51 - 00171272 _____ (ZTE Incorporated) C:\Windows\system32\Drivers\zghsnet.sys
2014-12-12 20:16 - 2012-06-20 11:51 - 00020232 _____ (HandSet Incorporated) C:\Windows\system32\Drivers\massfilter_hs.sys
2014-12-12 20:16 - 2012-06-04 11:55 - 01002728 _____ (Microsoft Corporation) C:\Windows\system32\WinUSBCoInstaller2.dll
2014-12-12 20:16 - 2011-10-26 15:31 - 00067608 _____ (Google, inc) C:\Windows\AdbWinUsbApi.dll
2014-12-12 20:16 - 2011-08-15 16:43 - 00584584 _____ () C:\Windows\adb.exe
2014-12-12 20:16 - 2011-08-15 16:43 - 00102936 _____ (Google, inc) C:\Windows\AdbWinApi.dll
2014-12-11 11:11 - 2014-12-11 11:38 - 00000000 ____D () C:\Temp Archives
2014-12-11 10:50 - 2014-12-22 11:40 - 00000000 ____D () C:\Users\The WABBIT\Documents\ATARI
2014-12-10 06:56 - 2014-12-10 06:56 - 00000000 ____D () C:\Users\The WABBIT\AppData\Roaming\dvdcss
2014-12-10 06:26 - 2014-12-10 06:26 - 00000000 ____D () C:\Users\The WABBIT\Documents\CyberLink
2014-12-06 19:30 - 2014-12-06 19:34 - 00180064 _____ () C:\dir_search.txt
2014-12-06 11:34 - 2014-12-06 11:34 - 00001808 _____ () C:\Users\The WABBIT\Desktop\Tor.lnk
2014-12-06 11:34 - 2014-12-06 11:34 - 00000000 ____D () C:\Users\The WABBIT\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Tor
2014-12-06 11:34 - 2014-12-06 11:34 - 00000000 ____D () C:\Program Files (x86)\Tor
2014-12-06 11:30 - 2014-12-06 11:30 - 01883596 _____ () C:\Users\The WABBIT\Downloads\tor-0.2.4.23-win32.exe
2014-12-06 11:28 - 2014-12-06 11:30 - 34305058 _____ () C:\Users\The WABBIT\Downloads\torbrowser-install-4.0.2_en-US.exe
2014-12-05 16:05 - 2014-12-18 11:23 - 00000000 ____D () C:\Users\The WABBIT\Documents\Web Pages
2014-12-05 11:11 - 2014-12-05 11:11 - 00278320 _____ () C:\Windows\Minidump\120514-85894-01.dmp
2014-12-04 19:46 - 2014-12-27 10:08 - 00015598 _____ () C:\Windows\setupact.log
2014-12-04 19:46 - 2014-12-20 12:50 - 00744086 _____ () C:\Windows\PFRO.log
2014-12-04 19:46 - 2014-12-04 19:46 - 00000000 _____ () C:\Windows\setuperr.log
2014-12-04 15:20 - 2014-12-04 15:20 - 00001251 _____ () C:\Users\The WABBIT\Desktop\DNSBench.ini
2014-12-03 16:17 - 2014-12-03 16:18 - 04718592 _____ (Inquisitor ) C:\Users\The WABBIT\Downloads\Artificial Girl 3 HF Patch1.0-1.exe
2014-12-03 16:17 - 2014-12-03 16:17 - 00000000 _____ () C:\Users\The WABBIT\Downloads\Artificial Girl 3 HF Patch1.0.exe
2014-12-03 15:36 - 2014-12-03 15:36 - 00167296 _____ (Gibson Research Corp.) C:\Users\The WABBIT\Desktop\DNSBench.exe
2014-12-03 14:58 - 2014-12-03 14:58 - 00001085 _____ () C:\Users\Public\Desktop\Exact Audio Copy.lnk
2014-12-03 14:58 - 2014-12-03 14:58 - 00000000 ____D () C:\Users\The WABBIT\AppData\Roaming\EAC
2014-12-03 14:58 - 2014-12-03 14:58 - 00000000 ____D () C:\Users\The WABBIT\AppData\Roaming\AccurateRip
2014-12-03 14:58 - 2014-12-03 14:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Exact Audio Copy
2014-12-03 14:58 - 2014-12-03 14:58 - 00000000 ____D () C:\Program Files (x86)\Exact Audio Copy
2014-12-03 14:57 - 2014-12-03 14:57 - 04422611 _____ () C:\Users\The WABBIT\Downloads\eac-1.0beta3.exe
2014-12-03 14:56 - 2014-12-03 14:56 - 00001099 _____ () C:\Users\The WABBIT\Desktop\FairStars CD Ripper.lnk
2014-12-03 14:56 - 2014-12-03 14:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FairStars CD Ripper
2014-12-03 14:56 - 2014-12-03 14:56 - 00000000 ____D () C:\Program Files (x86)\FairStars CD Ripper
2014-12-03 14:49 - 2014-12-03 14:49 - 03347947 _____ (FairStars Soft ) C:\Users\The WABBIT\Downloads\fscdripper_setup.exe
2014-12-02 11:40 - 2014-12-02 11:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TAP-Windows
2014-12-02 11:39 - 2014-12-02 11:39 - 01798416 _____ () C:\Users\The WABBIT\Downloads\openvpn-install-2.3.6-I601-x86_64.exe
2014-12-01 19:45 - 2014-12-01 19:45 - 00000000 ____D () C:\Users\The WABBIT\AppData\Local\Net7
2014-12-01 19:10 - 2014-12-26 14:13 - 00000000 ____D () C:\Users\The WABBIT\AppData\Local\LaunchNet7
2014-12-01 19:06 - 2014-12-26 14:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Net-7 Entertainment
2014-12-01 07:42 - 2014-12-01 07:46 - 00000000 ____D () C:\Users\The WABBIT\Downloads\Utilities
2014-12-01 07:41 - 2014-12-01 07:41 - 00000000 ____D () C:\Users\The WABBIT\Downloads\O&O Software
2014-12-01 07:40 - 2014-12-01 07:47 - 00000000 ____D () C:\Users\The WABBIT\Downloads\Games
2014-12-01 07:34 - 2014-12-01 07:34 - 00000000 ____D () C:\Users\The WABBIT\Downloads\VPN Folder
2014-12-01 07:27 - 2014-12-01 07:45 - 00000000 ____D () C:\Users\The WABBIT\Downloads\Windows
2014-11-29 21:07 - 2014-11-29 22:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TMS Unicode Component Pack
2014-11-29 21:07 - 2014-09-11 12:44 - 00416768 _____ () C:\Windows\SysWOW64\TMSUnicodeDXE7.bpl
2014-11-29 21:07 - 2014-09-11 12:44 - 00178176 _____ () C:\Windows\SysWOW64\TMSUnicodeDEDXE7.bpl
2014-11-29 21:07 - 2014-05-16 14:20 - 00415744 _____ () C:\Windows\SysWOW64\TMSUnicodeDXE6.bpl
2014-11-29 21:07 - 2014-05-16 14:20 - 00174592 _____ () C:\Windows\SysWOW64\TMSUnicodeDEDXE6.bpl
2014-11-29 21:07 - 2013-09-23 15:00 - 00414720 _____ () C:\Windows\SysWOW64\TMSUnicodeDXE5.bpl
2014-11-29 21:07 - 2013-09-23 15:00 - 00174080 _____ () C:\Windows\SysWOW64\TMSUnicodeDEDXE5.bpl
2014-11-29 21:07 - 2013-05-10 16:37 - 00650752 _____ () C:\Windows\SysWOW64\TMSUnicodeDXE4.bpl
2014-11-29 21:07 - 2013-05-10 16:37 - 00649728 _____ () C:\Windows\SysWOW64\TMSUnicodeDXE3.bpl
2014-11-29 21:07 - 2013-05-10 16:37 - 00410112 _____ () C:\Windows\SysWOW64\TMSUnicodeDEDXE4.bpl
2014-11-29 21:07 - 2013-05-10 16:37 - 00409600 _____ () C:\Windows\SysWOW64\TMSUnicodeDEDXE3.bpl
2014-11-29 21:07 - 2011-09-29 08:52 - 00647680 _____ () C:\Windows\SysWOW64\TMSUnicodeDXE2.bpl
2014-11-29 21:07 - 2011-09-29 08:52 - 00409600 _____ () C:\Windows\SysWOW64\TMSUnicodeDEDXE2.bpl
2014-11-29 21:07 - 2010-09-21 16:14 - 00324096 _____ () C:\Windows\SysWOW64\TMSUnicodeD2011.bpl
2014-11-29 21:07 - 2010-09-21 16:14 - 00098816 _____ () C:\Windows\SysWOW64\TMSUnicodeDED2011.bpl
2014-11-29 20:18 - 2014-11-29 22:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TMS Smooth Controls Pack Trial Version
2014-11-29 20:18 - 2014-11-14 14:51 - 04113920 _____ () C:\Windows\SysWOW64\TMSSmoothControlsPackPkgdXE7.bpl
2014-11-29 20:18 - 2014-11-14 14:51 - 00216064 _____ () C:\Windows\SysWOW64\TMSSmoothControlsPackPkgDEdXE7.bpl
2014-11-29 15:05 - 2014-11-29 15:05 - 00000000 ____D () C:\ionworx
2014-11-29 12:56 - 2014-09-07 06:00 - 02281416 _____ (Raize Software, Inc.) C:\Windows\SysWOW64\RaizeComponentsTrialVcl210.bpl
2014-11-29 12:56 - 2014-09-07 06:00 - 00485832 _____ (Raize Software, Inc.) C:\Windows\SysWOW64\RaizeComponentsTrialVclDb210.bpl
2014-11-29 12:30 - 2014-11-29 22:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TMS TAdvMemo RS XE7
2014-11-29 12:30 - 2014-10-21 10:13 - 00809984 _____ () C:\Windows\SysWOW64\advmemopkgdXE7.bpl
2014-11-29 11:49 - 2014-11-29 12:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TMS Scripter for RAD Studio XE7
2014-11-29 11:43 - 2014-11-29 22:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TMS Instrumentation Workshop RSXE7
2014-11-29 11:42 - 2014-11-29 23:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TMS Async 32
2014-11-29 11:42 - 2014-11-29 20:18 - 00000000 ____D () C:\Users\Public\Documents\tmssoftware
2014-11-29 11:42 - 2014-09-08 10:08 - 00296448 _____ () C:\Windows\SysWOW64\vacommpkgdXE7.bpl
2014-11-29 11:42 - 2014-05-16 09:53 - 00295936 _____ () C:\Windows\SysWOW64\vacommpkgdXE6.bpl
2014-11-29 11:42 - 2014-01-24 18:45 - 00295424 _____ () C:\Windows\SysWOW64\vacommpkgdXE5.bpl
2014-11-29 11:42 - 2013-06-14 10:00 - 00526336 _____ () C:\Windows\SysWOW64\vacommpkgdXE4.bpl
2014-11-29 11:42 - 2013-06-14 10:00 - 00526336 _____ () C:\Windows\SysWOW64\vacommpkgdXE3.bpl
2014-11-29 11:42 - 2011-09-04 10:49 - 00227840 _____ () C:\Windows\SysWOW64\vacommpkgdXE2.bpl
2014-11-29 11:42 - 2011-04-26 15:39 - 00210432 _____ () C:\Windows\SysWOW64\vacommpkgd2011.bpl
2014-11-29 11:42 - 2010-03-01 15:23 - 00209920 _____ () C:\Windows\SysWOW64\vacommpkgd2010.bpl
2014-11-28 18:30 - 2014-11-28 18:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TMS Component Pack v6.4
2014-11-28 17:01 - 2011-03-31 05:00 - 01711616 _____ (Raize Software, Inc.) C:\Windows\SysWOW64\RaizeComponentsVcl70.bpl
2014-11-28 17:01 - 2011-03-31 05:00 - 00358400 _____ (Raize Software, Inc.) C:\Windows\SysWOW64\RaizeComponentsVclDb70.bpl
2014-11-28 12:53 - 2014-11-28 12:53 - 00000228 _____ () C:\Windows\SysWOW64\debug.log
2014-11-28 12:26 - 2014-11-28 12:26 - 00000409 _____ () C:\Users\Public\Desktop\HP USB Disk Storage Format Tool.lnk
2014-11-28 12:26 - 2014-11-28 12:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hewlett-Packard Company
2014-11-28 12:26 - 2014-11-28 12:26 - 00000000 ____D () C:\DriveKey
2014-11-28 10:54 - 2014-11-28 13:35 - 00000000 ____D () C:\Users\The WABBIT\Desktop\Dell Inspiron mini 10 (1011) bios
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-12-27 12:31 - 2014-10-15 11:26 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-12-27 12:31 - 2014-10-14 14:09 - 00000370 _____ () C:\Windows\Tasks\CIMT_S-1-5-21-3004508294-471313756-1794315825-1000.job
2014-12-27 12:30 - 2009-07-13 20:20 - 00000000 ____D () C:\Windows\tracing
2014-12-27 12:29 - 2014-09-10 00:24 - 00000000 ____D () C:\uTorrent
2014-12-27 11:32 - 2014-10-11 12:15 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-12-27 10:55 - 2014-10-14 14:09 - 00001360 _____ () C:\Windows\Tasks\JFZSHPA.job
2014-12-27 10:35 - 2014-10-12 15:23 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-12-27 10:25 - 2009-07-13 21:45 - 00029776 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-12-27 10:25 - 2009-07-13 21:45 - 00029776 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-12-27 10:19 - 2014-10-23 16:18 - 01111064 _____ () C:\Windows\WindowsUpdate.log
2014-12-27 10:13 - 2014-11-13 16:10 - 00000000 ____D () C:\ProgramData\Embarcadero
2014-12-27 10:12 - 2014-10-12 12:27 - 00000000 ____D () C:\Temp
2014-12-27 10:10 - 2014-11-13 06:25 - 00000000 ____D () C:\Users\The WABBIT\AppData\Local\TSVNCache
2014-12-27 10:10 - 2014-10-25 10:29 - 00065536 _____ () C:\Windows\system32\Ikeext.etl
2014-12-27 10:08 - 2009-07-13 22:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-12-27 09:25 - 2014-10-13 10:45 - 00000000 ____D () C:\Users\The WABBIT\AppData\Local\Adobe
2014-12-27 09:21 - 2014-10-11 12:52 - 00003974 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{940999AF-74B1-4518-8618-A7C21D8233BA}
2014-12-26 20:34 - 2014-10-13 16:59 - 00000000 ____D () C:\Users\The WABBIT\AppData\Roaming\vlc
2014-12-26 18:39 - 2014-10-23 16:25 - 116502528 _____ () C:\Users\The WABBIT\AppData\Local\SageThumbs.db3
2014-12-26 15:03 - 2014-10-13 10:57 - 00000000 ____D () C:\Program Files (x86)\JDownloader v2.0
2014-12-26 14:55 - 2014-11-20 06:24 - 00000000 ____D () C:\Users\The WABBIT\AppData\Roaming\tor
2014-12-26 13:55 - 2014-09-08 22:20 - 00000000 ____D () C:\finished torrents
2014-12-26 13:34 - 2014-09-08 22:19 - 00000000 ____D () C:\torrent files
2014-12-26 13:19 - 2014-10-24 10:52 - 00705798 _____ () C:\Windows\system32\perfh007.dat
2014-12-26 13:19 - 2014-10-24 10:52 - 00152816 _____ () C:\Windows\system32\perfc007.dat
2014-12-26 13:19 - 2014-10-24 10:00 - 00420430 _____ () C:\Windows\system32\perfh011.dat
2014-12-26 13:19 - 2014-10-24 10:00 - 00125296 _____ () C:\Windows\system32\perfc011.dat
2014-12-26 13:19 - 2009-07-13 22:13 - 02158300 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-12-26 12:55 - 2014-10-14 13:53 - 00000680 __RSH () C:\ProgramData\ntuser.pol
2014-12-26 01:21 - 2014-10-15 12:56 - 00000000 ____D () C:\Users\The WABBIT\AppData\Local\CrashDumps
2014-12-24 12:14 - 2014-10-16 11:06 - 00000000 ____D () C:\Users\The WABBIT\Downloads\Hentai Games
2014-12-24 06:15 - 2009-07-13 21:45 - 00317784 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-12-23 18:31 - 2014-10-30 16:30 - 00001473 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Application Manager.lnk
2014-12-23 18:22 - 2014-10-13 17:35 - 00000000 ____D () C:\ProgramData\regid.1986-12.com.adobe
2014-12-23 18:19 - 2014-10-23 16:24 - 00077264 _____ () C:\Users\The WABBIT\AppData\Local\GDIPFONTCACHEV1.DAT
2014-12-23 18:16 - 2014-10-13 10:42 - 00000000 ____D () C:\ProgramData\Adobe
2014-12-23 18:15 - 2014-10-13 10:42 - 00000000 ____D () C:\Program Files (x86)\Adobe
2014-12-23 17:49 - 2014-10-12 12:40 - 00000000 ___DC () C:\illusion
2014-12-21 14:23 - 2010-11-20 20:24 - 00605552 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2014-12-21 14:23 - 2010-11-20 20:24 - 00518672 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2014-12-20 12:27 - 2014-10-11 12:44 - 00000000 ____D () C:\Program Files (x86)\MiniTool Partition Wizard Professional Edition 8.1.1
2014-12-18 06:18 - 2009-07-13 20:20 - 00000000 ____D () C:\Windows\Resources
2014-12-15 21:56 - 2014-09-17 16:10 - 00001744 _____ () C:\Users\The WABBIT\Desktop\AA Illusion Wizzard v5.2.lnk
2014-12-15 21:41 - 2014-10-13 13:09 - 00000000 ____D () C:\Users\The WABBIT\AppData\Roaming\FileZilla
2014-12-15 10:54 - 2014-11-22 12:53 - 00000000 ____D () C:\Users\The WABBIT\Documents\RPG
2014-12-15 10:45 - 2014-10-15 11:20 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-12-14 17:53 - 2014-10-15 10:35 - 00000000 ____D () C:\ProgramData\Norton
2014-12-14 14:38 - 2014-10-12 12:25 - 00000000 ____D () C:\Program Files (x86)\K-Lite Codec Pack
2014-12-14 14:37 - 2014-11-26 07:53 - 00001216 _____ () C:\Users\Public\Desktop\Media Player Classic.lnk
2014-12-14 14:37 - 2014-10-12 12:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack
2014-12-14 09:38 - 2014-11-23 14:12 - 00000000 ____D () C:\Users\The WABBIT\Desktop\LG Optimus S LS670
2014-12-14 07:05 - 2014-11-13 22:18 - 00062766 _____ () C:\Users\The WABBIT\sanct.log
2014-12-13 16:00 - 2014-11-01 22:30 - 00000000 ____D () C:\Users\The WABBIT\Downloads\Delphi Programming
2014-12-12 20:16 - 2014-10-17 13:56 - 00000000 ____D () C:\Users\The WABBIT\.android
2014-12-12 11:00 - 2014-10-12 12:25 - 00127488 _____ () C:\Windows\system32\ff_vfw.dll
2014-12-12 11:00 - 2014-10-12 12:25 - 00112640 _____ () C:\Windows\SysWOW64\ff_vfw.dll
2014-12-11 10:25 - 2014-11-03 11:25 - 00000000 ____D () C:\Program Files (x86)\BlueStacks
2014-12-10 20:58 - 2014-11-22 12:58 - 00000000 ____D () C:\Users\The WABBIT\AppData\Local\QuickPar
2014-12-10 09:01 - 2014-10-12 15:46 - 00000000 ___DC () C:\Games
2014-12-10 06:26 - 2014-10-13 11:10 - 00000000 ____D () C:\Users\The WABBIT\AppData\Roaming\CyberLink
2014-12-10 06:26 - 2014-10-13 11:10 - 00000000 ____D () C:\Users\The WABBIT\AppData\Local\Cyberlink
2014-12-10 06:26 - 2014-10-13 10:47 - 00000000 ____D () C:\ProgramData\CyberLink
2014-12-09 17:07 - 2014-11-21 20:15 - 00000000 ____D () C:\Users\The WABBIT\Documents\Attachments
2014-12-07 22:54 - 2014-11-15 22:25 - 00000000 ____D () C:\Users\The WABBIT\AppData\Local\Game Dev Tycoon
2014-12-05 11:29 - 2014-10-13 11:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ILLUSION
2014-12-05 11:11 - 2014-11-14 22:27 - 00000000 ____D () C:\Windows\Minidump
2014-12-04 19:53 - 2014-10-12 15:23 - 00001117 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-12-04 19:53 - 2014-10-12 15:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-12-04 19:53 - 2014-10-12 15:23 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-12-04 15:56 - 2014-11-26 07:53 - 00729088 _____ () C:\Windows\system32\xvidcore.dll
2014-12-04 15:55 - 2014-11-26 07:53 - 00655872 _____ () C:\Windows\SysWOW64\xvidcore.dll
2014-12-04 10:11 - 2014-10-12 15:25 - 00000000 ____D () C:\Program Files (x86)\ibVPN
2014-12-03 23:11 - 2014-10-24 12:43 - 00925184 _____ () C:\Windows\expstart.exe
2014-12-03 15:33 - 2009-07-13 20:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-12-03 06:59 - 2009-07-13 20:20 - 00000000 ____D () C:\Windows\rescache
2014-12-02 11:42 - 2014-10-24 16:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OpenVPN
2014-12-02 11:41 - 2014-10-24 16:25 - 00000923 _____ () C:\Users\Public\Desktop\OpenVPN GUI.lnk
2014-12-02 07:10 - 2014-10-12 12:25 - 00260184 _____ () C:\Windows\system32\unrar64.dll
2014-12-02 07:10 - 2014-10-12 12:25 - 00218712 _____ () C:\Windows\SysWOW64\unrar.dll
2014-12-01 07:52 - 2014-10-13 11:41 - 00001908 _____ () C:\Windows\diagwrn.xml
2014-12-01 07:52 - 2014-10-13 11:41 - 00001908 _____ () C:\Windows\diagerr.xml
2014-12-01 06:53 - 2014-11-01 15:06 - 00000000 ____D () C:\Users\The WABBIT\Documents\Delphi Programming
2014-11-30 19:12 - 2014-11-21 11:39 - 00000000 ____D () C:\ProgramData\r2 Studios
2014-11-29 12:56 - 2014-11-14 10:30 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-11-28 18:30 - 2014-11-05 17:18 - 00000000 ____D () C:\Users\The WABBIT\AppData\Roaming\tmssoftware
2014-11-28 17:01 - 2014-11-14 21:58 - 00000000 ____D () C:\Program Files (x86)\Raize
2014-11-28 12:53 - 2014-10-13 10:46 - 00000000 ____D () C:\Users\The WABBIT\AppData\Roaming\Adobe
2014-11-28 10:52 - 2014-09-30 18:27 - 00000000 ___RD () C:\Users\The WABBIT\Desktop\Utilities
2014-11-28 10:51 - 2009-07-13 20:20 - 00000000 ___HD () C:\Windows\system32\GroupPolicy
2014-11-28 10:51 - 2009-07-13 20:20 - 00000000 ____D () C:\Windows\SysWOW64\GroupPolicy
Files to move or delete:
====================
C:\Users\The WABBIT\IP_Log_Data.js
Some content of TEMP:
====================
C:\Users\The WABBIT\AppData\Local\Temp\bassmod.dll
C:\Users\The WABBIT\AppData\Local\Temp\proxy_vole6585885410329891226.dll
C:\Users\The WABBIT\AppData\Local\Temp\_is8FA1.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-11-30 21:51
==================== End Of Log ============================
Addition.txt is provided here:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 27-12-2014
Ran by The WABBIT at 2014-12-27 12:31:52
Running from C:\Users\The WABBIT\Desktop
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
4shared Desktop (HKLM-x32\...\4shared Desktop) (Version: 4.0.13.26740 - 4shared)
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Acrobat.com (HKLM-x32\...\{287ECFA4-719A-2143-A09B-D6A12DE54E40}) (Version: 1.6.65 - Adobe Systems Incorporated)
ActiveCheck component for HP Active Support Library (x32 Version: 3.0.0.3 - Hewlett-Packard) Hidden
Adobe Acrobat XI Pro (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-000000000006}) (Version: 11.0.07 - Adobe Systems)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 1.5.0.7220 - Adobe Systems Inc.)
Adobe Dreamweaver CC 2014 (HKLM-x32\...\{766255CE-D156-11E3-8DBC-A136EB52ACCF}) (Version: 14.0.0 - Adobe Systems Incorporated)
Adobe Flash Player 15 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 15.0.0.167 - Adobe Systems Incorporated)
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.189 - Adobe Systems Incorporated)
Adobe Illustrator CC 2014 (HKLM-x32\...\{2B4B4082-8043-4646-8334-B0A29E641211}) (Version: 18.0 - Adobe Systems Incorporated)
Adobe Photoshop CC 2014 (HKLM-x32\...\{D7A4F897-B20A-42D0-862D-CB5F6DB7391D}) (Version: 15.2 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.10) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
Adobe Shockwave Player 11.5 (HKLM-x32\...\{9ECF7817-DB11-4FBA-9DF1-296A578D513A}) (Version: 11.5.7.609 - Adobe Systems, Inc)
Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.1.3.153 - Adobe Systems, Inc.)
Advanced Renamer (HKLM-x32\...\Advanced Renamer_is1) (Version: 3.64 - Hulubulu Software)
Akamai NetSession Interface (HKU\S-1-5-21-3004508294-471313756-1794315825-1000\...\Akamai) (Version: - Akamai Technologies, Inc)
Android SDK Tools (HKLM-x32\...\Android SDK Tools) (Version: 1.16 - Google Inc.)
Atari800Win PLus 4.1 (HKLM-x32\...\Atari800Win PLus) (Version: 4.1 - Marcin Lewandowski)
AutoHotkey 1.0.47.05 (HKLM-x32\...\AutoHotkey) (Version: 1.0.47.05 - Chris Mallett)
BlueStacks App Player (HKLM-x32\...\BlueStacks App Player) (Version: 0.9.4.4078 - BlueStack Systems, Inc.)
BlueStacks Notification Center (HKLM-x32\...\{152E0B21-19D5-4772-9EF8-8E76074B0C0A}) (Version: 0.9.4.4078 - BlueStack Systems, Inc.)
Borland Delphi 7 (HKLM-x32\...\{72263053-50D1-4598-9502-51ED64E54C51}) (Version: 7.1.1 - Borland Software Corporation)
Borland Delphi for .NET Preview (HKLM-x32\...\{16813628-8432-4A95-A425-A11CA9134C82}) (Version: 1.00.0000 - Borland Software Corporation)
Borland Remote Debugger Server (HKU\S-1-5-21-3004508294-471313756-1794315825-1000\...\BorlandRemoteDebug) (Version: - )
Broadcom 802.11 Wireless LAN Adapter (HKLM\...\Broadcom 802.11 Wireless LAN Adapter) (Version: 5.60.350.6 - Broadcom Corporation)
Bulk Rename Utility 2.7.1.3 (HKLM\...\Bulk Rename Utility_is1) (Version: - TGRMN Software)
Castles and Castles 2 - Siege and Conquest (HKLM-x32\...\GOGPACKCASTLES12_is1) (Version: 2.0.0.5 - GOG.com)
CCleaner (HKLM\...\CCleaner) (Version: 4.18 - Piriform)
Character and Starship Creator (HKLM-x32\...\InstallShield_{17FF7B21-A872-429C-9331-5883ACD12EE8}) (Version: 1.04.0000 - Westwood Studios)
Character and Starship Creator (x32 Version: 1.04.0000 - Westwood Studios) Hidden
CinemaNow Media Manager (HKLM-x32\...\{6C122441-1861-4CD7-B1C5-A163A6984E12}) (Version: 1.9.1.105 - CinemaNow, Inc.)
CodeSite Express 5 (HKLM-x32\...\CodeSite Express 5_is1) (Version: 5.1.6 - Raize Software, Inc.)
CollabNet Subversion Client 1.7.5 (HKLM-x32\...\CollabNet Subversion Client) (Version: 1.7.5 - CollabNet)
Consumer Input Update Helper (x32 Version: 1.3.25.149 - Compete Inc.) Hidden
CyberLink DVD Suite (HKLM-x32\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 7.0.3003 - CyberLink Corp.)
CyberLink PowerDVD 9 (HKLM-x32\...\InstallShield_{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}) (Version: 9.0.1.4217 - CyberLink Corp.)
CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 3.5.1.4305 - CyberLink Corp.)
DAEMON Tools Pro (HKLM-x32\...\DAEMON Tools Pro) (Version: 5.5.0.0388 - Disc Soft Ltd)
Earth & Beyond (HKLM-x32\...\InstallShield_{F788D81C-F5EC-4CBE-B1D6-C98E2B8EC7E9}) (Version: 1.00.0000 - Westwood Studios)
Earth & Beyond (x32 Version: 1.00.0000 - Westwood Studios) Hidden
Earth & Beyond Emulator (HKLM-x32\...\EnBEMU) (Version: 1.0 - Net-7 Entertainment)
EasyBCD 2.2 (HKLM-x32\...\EasyBCD) (Version: 2.2 - NeoSmart Technologies)
Embarcadero Delphi and C++Builder XE7 Help System (HKLM-x32\...\Embarcadero Delphi and C++Builder XE7 Help System) (Version: 15.0 - Embarcadero Technologies, Inc.)
Embarcadero Delphi and C++Builder XE7 Help System (x32 Version: 15.0 - Embarcadero Technologies, Inc.) Hidden
Embarcadero InterBase XE3 [instance = gds_db] (HKLM-x32\...\Embarcadero InterBase XE3 [instance = gds_db]) (Version: Embarcadero InterBase XE3 - Embarcadero Technologies, Inc.)
Embarcadero RAD Studio XE7 (HKLM-x32\...\Embarcadero RAD Studio XE7) (Version: 15.0 - Embarcadero Technologies, Inc.)
Embarcadero RAD Studio XE7 (x32 Version: 15.0 - Embarcadero Technologies, Inc.) Hidden
Eroge! Sex and Games Make Sexy Games version 1.0 (HKLM-x32\...\{3773B78E-D59E-4346-BEFF-3B136665631D}_is1) (Version: 1.0 - MangaGamer)
ESU for Microsoft Windows 7 (HKLM-x32\...\{3877C901-7B90-4727-A639-B6ED2DD59D43}) (Version: 1.0.0 - Hewlett-Packard)
Exact Audio Copy 1.0beta3 (HKLM-x32\...\Exact Audio Copy) (Version: 1.0beta3 - Andre Wiethoff)
Extended Asian Language font pack for Adobe Reader XI (HKLM-x32\...\{AC76BA86-7AD7-2530-0000-A00000000049}) (Version: 11.0.09 - Adobe Systems Incorporated)
FairStars CD Ripper 1.80 (HKLM-x32\...\FairStars CD Ripper_is1) (Version: - FairStars Soft)
FastReport 5 Embarcadero edition (HKLM-x32\...\{95C1A9DC-EA30-498e-9531-C7C0F889FB92}) (Version: Embarcadero Edition - FastReports)
FileZilla Client 3.9.0.6 (HKLM-x32\...\FileZilla Client) (Version: 3.9.0.6 - Tim Kosse)
Forté Agent (HKLM-x32\...\Forte Agent) (Version: 5.00 - Forté Internet Software, Inc.)
Game Dev Tycoon version 1.5.11 (HKLM-x32\...\{5BBB8682-1335-410F-A79F-8E5611A54BD0}_is1) (Version: 1.5.11 - Greenheart Games Pty. Ltd.)
Gasper Vladi HsDxD By Irsyada (HKLM-x32\...\{d93fc7b1-6736-4f1b-a8a9-1b4ef3b47cf8}_is1) (Version: - k-rlitos.com)
Handset USB Driver (HKLM\...\{D2D77DC2-8299-11D1-8949-444553540000}_is1) (Version: 5.2088.1.A01B06 - )
HelpNDoc 4.6.2.573 Personal Edition (HKLM-x32\...\HelpNDoc_is1) (Version: 4.6.2.573 Personal Edition - IBE Software)
HF pAppLoc version 1.1.1 (HKLM-x32\...\{9143B17E-BBDE-4EA7-A4E3-20D384D9C8A5}_is1) (Version: 1.1.1 - Inquisitor)
HighSchool DxD By Bazzh (HKLM-x32\...\{aab73e8a-492a-4931-bfc0-51a672118489}_is1) (Version: - k-rlitos.com)
HP Documentation (HKLM-x32\...\{69ABD67D-5C2E-4724-B519-695DEF3EC23B}) (Version: 1.1.0.0 - Hewlett-Packard)
HP MediaSmart CinemaNow 2.0 (HKLM-x32\...\{9008D736-35CA-40DB-A2BE-5F32D954E5AA}) (Version: 2.0 - Hewlett-Packard)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.3611 - HP Photo Creations Powered by RocketLife)
HP Power Manager (HKLM-x32\...\{4B156358-CE9C-4E9F-8CAD-79AE86A68C60}) (Version: 1.0.3 - Hewlett-Packard Company)
HP Quick Launch (HKLM-x32\...\{00A42832-B21A-4296-B5F4-D296D0BC4A3E}) (Version: 2.6.3 - Hewlett-Packard Company)
HP Software Framework (HKLM-x32\...\{28FE073B-1230-4BF6-830C-7434FD0C0069}) (Version: 4.1.13.1 - Hewlett-Packard Company)
HP Support Assistant (HKLM-x32\...\{FC17E0A7-EAA9-4902-92F8-C83B9FD02246}) (Version: 5.0.14.2 - Hewlett-Packard Company)
HP USB Disk Storage Format Tool (HKLM-x32\...\{0E0DF90C-D0BA-4C89-9262-AD78D1A3DE51}) (Version: - )
HPAsset component for HP Active Support Library (x32 Version: 3.0.0.3 - Hewlett-Packard) Hidden
HTML Help Workshop (HKLM-x32\...\HTML Help Workshop) (Version: - )
ibVPN (HKLM-x32\...\ibVPN) (Version: 1.7.0.0 - ibVPN) <==== ATTENTION!
Image Resizer for Windows (64 bit) (Version: 3.0.4802.35565 - Brice Lambson) Hidden
Image Resizer for Windows (HKLM-x32\...\{69d72156-6582-4556-8637-06f40aa7f85b}) (Version: 3.0.4802.35565 - Brice Lambson)
Independence War Deluxe (HKLM-x32\...\Independence War Deluxe_is1) (Version: - GOG.com)
InstallShield 2010 SP1 (HKLM-x32\...\{9CE57049-ECC4-4B93-9DCD-74B117592637}) (Version: 16.01.0000 - Acresso Software Inc.)
InstallShield CAB File Viewer 14.0 (HKLM-x32\...\InstallShield CAB File Viewer 14.0) (Version: - )
InstallShield Express Borland Limited Edition (HKLM-x32\...\InstallShield_{D3F9677A-9505-4DFF-BC9F-03C81E698FCC}) (Version: 3.54.155 - InstallShield Software Corp.)
InstallShield Express Borland Limited Edition (x32 Version: 3.54.155 - InstallShield Software Corp.) Hidden
Intel® Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel® Graphics Media Accelerator Driver (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2189 - Intel Corporation)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 6.0.0.1179 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 9.6.2.1001 - Intel Corporation)
Java 2 Runtime Environment Standard Edition v1.2.2 (HKLM-x32\...\JRE 1.2) (Version: - )
Java 7 Update 25 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417025FF}) (Version: 7.0.250 - Oracle)
Java 8 Update 25 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418025F0}) (Version: 8.0.250 - Oracle Corporation)
Java 8 Update 25 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218025F0}) (Version: 8.0.250 - Oracle Corporation)
Java SE Development Kit 7 Update 25 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0170250}) (Version: 1.7.0.250 - Oracle)
Java SE Development Kit 8 Update 20 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180200}) (Version: 8.0.200.26 - Oracle Corporation)
Java 6 Update 20 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86416020FF}) (Version: 6.0.200 - Sun Microsystems, Inc.)
Java 6 Update 20 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216020FF}) (Version: 6.0.200 - Sun Microsystems, Inc.)
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
K-Lite Mega Codec Pack 10.9.0 (HKLM-x32\...\KLiteCodecPack_is1) (Version: 10.9.0 - )
LG United Mobile Driver (HKLM-x32\...\{2A3A4BD6-6CE0-4E2A-80D2-1D0FF6ACBFBA}) (Version: 3.6.0.0 - LG Electronics)
LightScribe System Software (HKLM-x32\...\{E0E55FC1-C53D-4F8D-B14B-B59C312747C8}) (Version: 1.18.22.2 - LightScribe)
Logitech SetPoint 6.65 (HKLM\...\sp6) (Version: 6.65.62 - Logitech)
Malwarebytes Anti-Malware version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
Microsoft .NET Framework 1.1 (HKLM-x32\...\{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}) (Version: - )
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51078 - Microsoft Corporation)
Microsoft Document Explorer 2008 (HKLM-x32\...\Microsoft Document Explorer 2008) (Version: - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual J# 2.0 Redistributable Package (HKLM-x32\...\Microsoft Visual J# 2.0 Redistributable Package) (Version: - Microsoft Corporation)
Microsoft Windows Application Compatibility Database (HKLM\...\{deb7008b-681e-4a4a-8aae-cc833e8216ce}.sdb) (Version: - )
MiniTool Partition Wizard Professional Edition 8.1.1 (HKLM-x32\...\{2991A446-D356-44EC-930A-42E8B02A67C0}_is1) (Version: - MiniTool Solution Ltd.)
ModelMaker 6.20 (HKLM-x32\...\ModelMaker 6.20) (Version: - )
Motorola Device Manager (HKLM-x32\...\{28DB8373-C1BB-444F-A427-A55585A12ED7}) (Version: 2.4.5 - Motorola Mobility)
Motorola Device Software Update (x32 Version: 13.09.3001 - Motorola Mobility) Hidden
MOTOROLA MEDIA LINK (HKLM-x32\...\{378397D6-FD32-4092-A854-6A75CB7EDA46}) (Version: 1.5.4090.2 - Motorola)
Motorola Mobile Drivers Installation 6.3.0 (HKLM\...\{759E6A2F-1F01-45EF-A0C4-22F1B56CB975}) (Version: 6.3.0 - Motorola Mobility LLC)
Mozilla Firefox 32.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 32.0 (x86 en-US)) (Version: 32.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 32.0 - Mozilla)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
Nakido (HKLM-x32\...\Nakido) (Version: - Nakido.com)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.6.9 - Notepad++ Team)
O&O DriveLED Professional (HKLM\...\{4788CFB6-7C58-49CC-AB1C-D0E4ACE8A03B}) (Version: 4.2.157 - O&O Software GmbH)
OpenVPN 2.3.6-I601 (HKLM\...\OpenVPN) (Version: 2.3.6-I601 - )
Origin (HKLM-x32\...\Origin) (Version: 9.5.2.2829 - Electronic Arts, Inc.)
Overwolf.Setup.VC100CRTx64.Dist (HKLM\...\{EC9D5554-6852-4A55-81BB-AC02C7A8CFED}) (Version: 1.0.0 - Overwolf)
Overwolf.Setup.VC100CRTx86.Dist (x32 Version: 1.0.0 - Overwolf) Hidden
PDF Password Remover (HKLM-x32\...\{7F4CFF03-15E4-45BD-BFA3-5323A8EAE2F1}_is1) (Version: - PDF Password Remover, Inc.)
PhotoNow! (HKLM-x32\...\InstallShield_{D36DD326-7280-11D8-97C8-000129760CBE}) (Version: 1.1.6904 - CyberLink Corp.)
PhotoNow! (x32 Version: 1.1.6904 - CyberLink Corp.) Hidden
piaip AppLocale (HKLM-x32\...\{394BE3D9-7F57-4638-A8D1-1D88671913B7}) (Version: 1.0.0 - MS)
QuickPar 0.9 (HKLM-x32\...\QuickPar) (Version: 0.9 - Peter B. Clements)
Raize Components 5.5.1 (HKLM-x32\...\Raize Components 5.5.1) (Version: 5.0 - Raize Software, Inc.)
Raize Components 6.1.10 ** TRIAL EDITION ** (HKLM-x32\...\Raize Components 6.1.10 ** TRIAL EDITION **) (Version: 6.0 - Raize Software, Inc.)
RapidSVN-0.12.0 (HKLM-x32\...\RapidSVN-0.12.0_is1) (Version: - )
RAR Password Unlocker 4.2.0.0 (HKLM-x32\...\{B789FA51-6A71-408F-92DE-EDE4A517B8F9}_is1) (Version: - Password Unlocker Studio)
Realtek Ethernet Controller Driver For Windows 7 (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.21.531.2010 - Realtek)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7600.30105 - Realtek Semiconductor Corp.)
Resource Hacker Version 3.6.0 (HKLM-x32\...\ResourceHacker_is1) (Version: - )
Rias Gremory by andrea_37 (HKLM-x32\...\{06a5cae8-2dcd-47ae-b231-dc8c471f7bfb}_is1) (Version: - k-rlitos.com)
Rias Gremory By Ozzy (HKLM-x32\...\{f66a0713-3073-4813-804a-090be6b7fcec}_is1) (Version: - k-rlitos.com)
RPG Maker VX (HKLM-x32\...\RPG Maker VX_is1) (Version: 1.02 - Enterbrain)
RPG Maker VX RTP (HKLM-x32\...\RPG Maker VX RTP_is1) (Version: 1.02 - Enterbrain)
RT 7 Lite (64-Bit) (HKU\S-1-5-21-3004508294-471313756-1794315825-1000\...\RT 7 Lite x64) (Version: 1.7.0 - Rockers Team)
RT 7 Lite x64 (Version: 1.7.0 - Rockers Team) Hidden
RtVOsd (HKLM\...\{F3D7AC17-1FF4-41A8-BB18-3FC39C65AEB9}) (Version: 1.0.3 - Realtek Semiconductor Corp.)
SageThumbs 2.0.0.20 (HKLM\...\SageThumbs) (Version: 2.0.0.20 - Cherubic Software)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.3.29.0 - Synaptics Incorporated)
TAP-Windows 9.21.1 (HKLM\...\TAP-Windows) (Version: 9.21.1 - )
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
TeraCopy 2.3 (HKLM\...\TeraCopy_is1) (Version: - Code Sector)
TMS Async 32 for RAD Studio XE7 v1.9.1.0 (HKLM-x32\...\TMS Async 32 for RAD Studio XE7_is1) (Version: 1.9.1.0 - tmssoftware.com)
TMS Component Pack 6.4.0.0 (HKLM-x32\...\TMS Component Pack for Delphi and C++ Builder_is1) (Version: - )
TMS Instrumentation Workshop for RAD Studio XE7 v2.0.0.0 (HKLM-x32\...\TMS Instrumentation Workshop for RAD Studio XE7_is1) (Version: 2.0 - tmssoftware.com)
TMS Scripter Studio Pro v1.1 for Delphi 7 (HKLM-x32\...\TMS Scripter Studio Pro for Delphi 7_is1) (Version: - )
TMS Scripter Studio Pro v2.2 for Rad Studio XE (HKLM-x32\...\TMS Scripter Studio Pro for Rad Studio XE_is1) (Version: 2.2.0.0 - tmssoftware.com)
TMS Scripter v6.4 for RAD Studio XE7 (HKLM-x32\...\TMS Scripter RAD Studio XE7_is1) (Version: 6.4.0.0 - tmssoftware.com)
TMS Smooth Controls Pack for RAD Studio XE7 Trial Version v5.0 (HKLM-x32\...\TMS Smooth Controls Pack for RAD Studio XE7 Trial Version_is1) (Version: 5.0 - tmssoftware.com)
TMS TAdvMemo for RAD Studio XE7 v3.1.10.1 (HKLM-x32\...\TMS TAdvMemo for RAD Studio XE7_is1) (Version: 3.1.10.1 - tmssoftware.com)
TMS Unicode Component Pack for RAD Studio XE7 v2.1.0.0 (HKLM-x32\...\TMS Unicode Component Pack for RAD Studio XE7_is1) (Version: 2.1.0.0 - tmssoftware.com)
TortoiseSVN 1.8.8.25755 (64 bit) (HKLM\...\{7DAA9D5A-ED99-40D2-AA9D-386722FE105A}) (Version: 1.8.25755 - TortoiseSVN)
Unity Web Player (HKU\S-1-5-21-3004508294-471313756-1794315825-1000\...\UnityWebPlayer) (Version: 4.5.4f1 - Unity Technologies ApS)
Unlocker 1.9.2 (HKLM\...\Unlocker) (Version: 1.9.2 - Cedrick Collomb)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.1.5 - VideoLAN)
Whirling Dervishes NameSpace Extension Library (HKLM-x32\...\Whirling Dervishes NameSpace Extension Library) (Version: 2.0 - Whirling Dervishes)
WinCHM Pro 4.41 (HKLM-x32\...\WinCHM Pro 4.41 - Help authoring software_is1) (Version: - Softany Software, Inc.)
Windows 7 Boot Skin - Anime System (HKLM-x32\...\Windows 7 Boot Skin) (Version: - Coder for Life - Skin Author: The WABBIT)
Windows Automated Installation Kit (HKLM\...\{31E8F586-4EF7-4500-844D-BA8756474FF1}) (Version: 2.0.0.0 - Microsoft Corporation)
WinRAR 4.20 (64-bit) (HKLM\...\WinRAR) (Version: 4.20 - © 2013 Alexander Roshal)
ZTE Handset USB Driver (HKLM\...\{01D42BF0-ED08-463f-8A28-99EB6FEE962B}) (Version: - ZTE Corporation)
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
CustomCLSID: HKU\S-1-5-21-3004508294-471313756-1794315825-1000_Classes\CLSID\{083f5ae0-2b0a-11dd-bd0b-0800200c9a66}\InprocServer32 -> C:\Windows\system32\mscoree.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3004508294-471313756-1794315825-1000_Classes\CLSID\{5b55a44a-d008-49aa-9234-86fb7709bc0a}\InprocServer32 -> C:\Windows\system32\mscoree.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3004508294-471313756-1794315825-1000_Classes\CLSID\{89BB4535-5AE9-43a0-89C5-19B4697E5C5E}\InprocServer32 -> C:\Windows\system32\mscoree.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3004508294-471313756-1794315825-1000_Classes\CLSID\{97D17A04-4438-4C8E-BAC7-BC21B8B9E999}\InprocServer32 -> C:\Windows\system32\mscoree.dll (Microsoft Corporation)
==================== Restore Points =========================
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-13 19:34 - 2014-12-11 10:24 - 00001128 ____A C:\Windows\system32\Drivers\etc\hosts
154.53.224.146 mega.co.nz
141.0.174.37 www.xvideos.com
141.0.172.252 static.xvideos.com
69.16.175.10 content.xvideos.com
208.111.157.136 porn.im.8e04ce00.1174844.x.xvideos.com
69.164.19.158 porn.im.8e04ce00.6169134.x.xvideos.com
208.111.170.225 porn.im.8e04ce00.8621524.x.xvideos.com
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {015A7A90-8222-4436-AF30-EE93B919B54E} - System32\Tasks\JFZSHPA => C:\Users\The WABBIT\AppData\Roaming\JFZSHPA.exe <==== ATTENTION
Task: {16C368BD-F00E-4BAD-BCBD-FCD5664EB22C} - System32\Tasks\MirageAgent => C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe [2011-07-06] (CyberLink)
Task: {1949EA8D-E1C7-4207-A565-1B37EA3FE8F2} - System32\Tasks\klcp_update => C:\Program Files (x86)\K-Lite Codec Pack\Tools\CodecTweakTool.exe [2014-12-12] ()
Task: {2EDC9A52-92AB-49B0-81E2-00D6DCAA290B} - System32\Tasks\Motorola Device Manager Initial Update => C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotorolaDeviceManagerUpdate.exe [2013-10-31] ()
Task: {4F3279A0-67CD-42D2-B3F4-EA8ACEF269A3} - System32\Tasks\AdobeAAMUpdater-1.0-WABBITsComputer-The WABBIT => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2014-02-27] (Adobe Systems Incorporated)
Task: {7F93A1E7-CD5E-498D-BC06-04638E54185B} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
Task: {82E19A87-D94C-4DDA-9515-0C94E453B3FE} - System32\Tasks\ibVPN-Service => C:\Program Files (x86)\ibVPN\ibVPN.service.exe [2014-05-27] ()
Task: {89337621-85BA-4B0F-A953-AC5EF62D0147} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-09-26] (Piriform Ltd)
Task: {8C3C604E-DB8A-45F5-A468-55CF86FE66F9} - System32\Tasks\Motorola Device Manager Engine => C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotorolaDeviceManagerUpdate.exe [2013-10-31] ()
Task: {8E0AB98D-AE51-43E6-A55B-D006C45545C3} - System32\Tasks\OODriveLEDAutoStart => C:\Program Files\OO Software\DriveLED\DriveLED.exe [2011-03-02] (O&O Software GmbH)
Task: {8E785B96-0B89-4202-BF60-54F01F14C45C} - System32\Tasks\Motorola Device Manager Update => C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\MotorolaDeviceManagerUpdate.exe [2013-10-31] ()
Task: {9F0F8B33-8B2F-4F97-8098-415D473FB056} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-10-15] (Adobe Systems Incorporated)
Task: {C4E8B14A-4159-4C58-BDAD-281DBBFC97E8} - System32\Tasks\Microsoft\Windows Defender\MpIdleTask => d:\program files\windows defender\MpCmdRun.exe
Task: {F82F4DAA-4084-4BAE-8C35-469A77FB0F7F} - System32\Tasks\CIMT_S-1-5-21-3004508294-471313756-1794315825-1000 => C:\Program Files (x86)\Consumer Input\Monitoring\dca-monitoring.exe
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\CIMT_S-1-5-21-3004508294-471313756-1794315825-1000.job => C:\Program Files (x86)\Consumer Input\Monitoring\dca-monitoring.exe
Task: C:\Windows\Tasks\JFZSHPA.job => C:\Users\The WABBIT\AppData\Roaming\JFZSHPA.exe <==== ATTENTION
==================== Loaded Modules (whitelisted) =============
2014-05-27 03:22 - 2014-05-27 03:22 - 00030792 _____ () C:\Program Files (x86)\ibVPN\ibVPN.service.exe
2014-08-10 16:10 - 2014-08-10 16:10 - 00076032 _____ () C:\Program Files\TortoiseSVN\bin\TortoiseStub.dll
2014-08-10 16:10 - 2014-08-10 16:10 - 00088832 _____ () C:\Program Files\TortoiseSVN\bin\libsasl.dll
2014-05-01 12:29 - 2014-05-01 12:29 - 00098304 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext_64.dll
2010-07-14 21:44 - 2010-07-14 21:44 - 00020032 _____ () C:\Program Files\Unlocker\UnlockerCOM.dll
2014-10-11 12:59 - 2012-01-20 13:55 - 00678400 _____ () C:\Program Files\TeraCopy\TeraCopyExt64.dll
2014-05-12 02:49 - 2014-05-12 02:49 - 00222720 _____ () C:\Program Files (x86)\Notepad++\NppShell_06.dll
2014-11-21 11:04 - 2014-11-21 11:04 - 00006144 _____ () C:\Users\The WABBIT\AppData\Local\Temp\rad1B8A5.tmp\bin\Gadget.Interop.dll
2014-12-27 10:09 - 2014-11-21 11:04 - 01351168 _____ () C:\Users\The WABBIT\AppData\Local\Temp\rad6B929.tmp\bin\x64\sharpwrapi_x64.dll
2014-11-14 12:41 - 2014-11-14 12:41 - 00012520 _____ () C:\Users\The WABBIT\AppData\Local\Microsoft\Windows Sidebar\Gadgets\All_CPU_Meter_V4.7.3.gadget\CoreTempReader.dll
2014-11-14 12:41 - 2014-11-14 12:41 - 00015080 _____ () C:\Users\The WABBIT\AppData\Local\Microsoft\Windows Sidebar\Gadgets\All_CPU_Meter_V4.7.3.gadget\GetCoreTempInfoNET.dll
2014-11-14 12:41 - 2014-11-14 12:41 - 00014056 _____ () C:\Users\The WABBIT\AppData\Local\Microsoft\Windows Sidebar\Gadgets\All_CPU_Meter_V4.7.3.gadget\SystemInfo.dll
2011-09-19 14:57 - 2011-09-19 14:57 - 00128336 _____ () C:\Program Files (x86)\Motorola Media Link\Lite\liveupdatetactics.dll
2011-09-19 14:57 - 2011-09-19 14:57 - 00023872 _____ () C:\Program Files (x86)\Motorola Media Link\Lite\DbAccess.dll
2011-09-19 14:59 - 2011-09-19 14:59 - 00465632 _____ () C:\Program Files (x86)\Motorola Media Link\Lite\sqlite3.dll
2011-09-19 14:57 - 2011-09-19 14:57 - 00045368 _____ () C:\Program Files (x86)\Motorola Media Link\Lite\NAdvLog.dll
2011-09-19 14:57 - 2011-09-19 14:57 - 00034128 _____ () C:\Program Files (x86)\Motorola Media Link\Lite\NFileCacheDBAccess.dll
2014-10-11 15:53 - 2014-10-11 15:53 - 00003132 _____ () C:\Program Files (x86)\DAEMON Tools Pro\MSIMG32.dll
2013-10-31 08:05 - 2013-10-31 08:05 - 00172032 _____ () C:\Program Files (x86)\Motorola Mobility\Motorola Device Manager\css_core.dll
2014-08-10 15:40 - 2014-08-10 15:40 - 00065792 _____ () C:\Program Files\TortoiseSVN\bin\TortoiseStub32.dll
2014-08-10 15:40 - 2014-08-10 15:40 - 00071936 _____ () C:\Program Files\TortoiseSVN\bin\libsasl32.dll
2014-11-03 13:31 - 2014-11-03 13:31 - 00170496 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\dbd5f674b0b90832ff18e72d00aa9980\IsdiInterop.ni.dll
2014-10-11 12:20 - 2010-04-13 08:52 - 00058880 _____ () C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IsdiInterop.dll
2014-10-11 12:33 - 2014-09-25 09:47 - 03715184 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2011-07-18 14:07 - 2011-07-18 14:07 - 00014336 _____ () C:\Program Files (x86)\Notepad++\plugins\NppExport.dll
2014-01-06 16:42 - 2014-01-06 16:42 - 01611264 _____ () C:\Program Files (x86)\Notepad++\plugins\NppFTP.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
AlternateDataStreams: C:\ProgramData\desktop.ini:d5f36fd32cd26dfb56e050c73be696f2
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== EXE Association (whitelisted) =============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
==================== MSCONFIG/TASK MANAGER disabled items =========
(Currently there is no automatic fix for this section.)
MSCONFIG\startupreg: BlueStacks Agent => C:\Program Files (x86)\BlueStacks\HD-Agent.exe
MSCONFIG\startupreg: LightScribe Control Panel => C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
========================= Accounts: ==========================
Administrator (S-1-5-21-3004508294-471313756-1794315825-500 - Administrator - Disabled)
ASPNET (S-1-5-21-3004508294-471313756-1794315825-1002 - Limited - Enabled)
Guest (S-1-5-21-3004508294-471313756-1794315825-501 - Limited - Disabled)
The WABBIT (S-1-5-21-3004508294-471313756-1794315825-1000 - Administrator - Enabled) => C:\Users\The WABBIT
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (12/27/2014 10:13:00 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (12/27/2014 09:47:10 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (12/27/2014 09:16:30 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (12/27/2014 09:15:53 AM) (Source: IBG_gds_db) (EventID: 212) (User: )
Description: The registry information is missing.
Please run the InterBase Configuration Utilitsystemprofile
Error: (12/26/2014 06:38:16 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program utorrent.exe version 3.4.2.33023 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
Process ID: 978
Start Time: 01d02175283f2c3c
Termination Time: 0
Application Path: C:\uTorrent\utorrent.exe
Report Id:
Error: (12/26/2014 06:34:01 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (12/26/2014 01:52:09 PM) (Source: MsiInstaller) (EventID: 11601) (User: WABBITsComputer)
Description: Product: Earth & Beyond -- Disk full: Out of disk space -- Volume: 'C:'; required space: 1,457,833 KB; available space: 958,732 KB. Free some disk space and retry.
Error: (12/26/2014 01:21:52 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Atari800Win.exe, version: 4.0.0.0, time stamp: 0x4312f0dd
Faulting module name: Atari800Win.exe, version: 4.0.0.0, time stamp: 0x4312f0dd
Exception code: 0xc0000005
Fault offset: 0x00079700
Faulting process id: 0xc20
Faulting application start time: 0xAtari800Win.exe0
Faulting application path: Atari800Win.exe1
Faulting module path: Atari800Win.exe2
Report Id: Atari800Win.exe3
Error: (12/26/2014 01:21:29 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Atari800Win.exe, version: 4.0.0.0, time stamp: 0x4312f0dd
Faulting module name: Atari800Win.exe, version: 4.0.0.0, time stamp: 0x4312f0dd
Exception code: 0xc0000005
Fault offset: 0x00079700
Faulting process id: 0x1064
Faulting application start time: 0xAtari800Win.exe0
Faulting application path: Atari800Win.exe1
Faulting module path: Atari800Win.exe2
Report Id: Atari800Win.exe3
Error: (12/26/2014 01:05:07 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: Atari800Win.exe, version: 4.0.0.0, time stamp: 0x4312f0dd
Faulting module name: Atari800Win.exe, version: 4.0.0.0, time stamp: 0x4312f0dd
Exception code: 0xc0000005
Fault offset: 0x00079700
Faulting process id: 0x1228
Faulting application start time: 0xAtari800Win.exe0
Faulting application path: Atari800Win.exe1
Faulting module path: Atari800Win.exe2
Report Id: Atari800Win.exe3
System errors:
=============
Error: (12/27/2014 11:36:50 AM) (Source: volsnap) (EventID: 36) (User: )
Description: The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit.
Error: (12/27/2014 10:28:09 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The CinemaNow Service service terminated unexpectedly. It has done this 1 time(s).
Error: (12/27/2014 10:28:02 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The BlueStacks Updater Service service terminated unexpectedly. It has done this 1 time(s).
Error: (12/27/2014 10:27:59 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The BlueStacks Log Rotator Service service terminated unexpectedly. It has done this 1 time(s).
Error: (12/27/2014 10:13:36 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The InterBase XE3 Guardian gds_db service terminated unexpectedly. It has done this 1 time(s).
Error: (12/27/2014 10:13:36 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the InterBase XE3 Server gds_db service to connect.
Error: (12/27/2014 10:11:58 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The MBAMScheduler service failed to start due to the following error:
%%1053
Error: (12/27/2014 10:11:58 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the MBAMScheduler service to connect.
Error: (12/27/2014 10:10:06 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the HPWMISVC service.
Error: (12/27/2014 09:49:23 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The InterBase XE3 Guardian gds_db service terminated unexpectedly. It has done this 1 time(s).
Microsoft Office Sessions:
=========================
Error: (12/27/2014 10:13:00 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (12/27/2014 09:47:10 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (12/27/2014 09:16:30 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (12/27/2014 09:15:53 AM) (Source: IBG_gds_db) (EventID: 212) (User: )
Description: The registry information is missing.
Please run the InterBase Configuration Utilitsystemprofile
Error: (12/26/2014 06:38:16 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: utorrent.exe3.4.2.3302397801d02175283f2c3c0C:\uTorrent\utorrent.exe
Error: (12/26/2014 06:34:01 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
Error: (12/26/2014 01:52:09 PM) (Source: MsiInstaller) (EventID: 11601) (User: WABBITsComputer)
Description: Product: Earth & Beyond -- Disk full: Out of disk space -- Volume: 'C:'; required space: 1,457,833 KB; available space: 958,732 KB. Free some disk space and retry.(NULL)(NULL)(NULL)(NULL)(NULL)
Error: (12/26/2014 01:21:52 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Atari800Win.exe4.0.0.04312f0ddAtari800Win.exe4.0.0.04312f0ddc000000500079700c2001d020e4f76fe04cC:\Users\The WABBIT\Downloads\ATARI\Emulators\Atari800Win PLus 4.0\Atari800Win\Atari800Win.exeC:\Users\The WABBIT\Downloads\ATARI\Emulators\Atari800Win PLus 4.0\Atari800Win\Atari800Win.exe3e6c581d-8cd8-11e4-b16e-ad8d1226d3c0
Error: (12/26/2014 01:21:29 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Atari800Win.exe4.0.0.04312f0ddAtari800Win.exe4.0.0.04312f0ddc000000500079700106401d020e2fffc0252C:\Users\The WABBIT\Downloads\ATARI\Emulators\Atari800Win PLus 4.0\Atari800Win\Atari800Win.exeC:\Users\The WABBIT\Downloads\ATARI\Emulators\Atari800Win PLus 4.0\Atari800Win\Atari800Win.exe30ed1955-8cd8-11e4-b16e-ad8d1226d3c0
Error: (12/26/2014 01:05:07 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Atari800Win.exe4.0.0.04312f0ddAtari800Win.exe4.0.0.04312f0ddc000000500079700122801d020e2978cc6baC:\Users\The WABBIT\Downloads\ATARI\Emulators\Atari800Win PLus 4.0\Atari800Win\Atari800Win.exeC:\Users\The WABBIT\Downloads\ATARI\Emulators\Atari800Win PLus 4.0\Atari800Win\Atari800Win.exee79c11ee-8cd5-11e4-b16e-ad8d1226d3c0
CodeIntegrity Errors:
===================================
Date: 2014-12-15 19:47:15.385
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\PROGRA~2\APEFOR~1\apexp.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2014-12-15 19:47:15.363
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\PROGRA~2\APEFOR~1\apexp.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2014-12-15 19:43:11.119
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\PROGRA~2\APEFOR~1\apexp.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2014-12-15 19:43:11.094
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\PROGRA~2\APEFOR~1\apexp.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
==================== Memory info ===========================
Processor: Intel® Core i3 CPU M 370 @ 2.40GHz
Percentage of memory in use: 77%
Total physical RAM: 3893.86 MB
Available physical RAM: 858.25 MB
Total Pagefile: 7785.92 MB
Available Pagefile: 5225.02 MB
Total Virtual: 8192 MB
Available Virtual: 8191.81 MB
==================== Drives ================================
Drive c: (My Anime System) (Fixed) (Total:248.63 GB) (Free:8.8 GB) NTFS
Drive d: (Windows 7) (Fixed) (Total:34.56 GB) (Free:2.85 GB) NTFS
Drive o: (MULTIBOOT) (Removable) (Total:14.9 GB) (Free:0.96 GB) FAT32
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298.1 GB) (Disk ID: 1D505CB8)
Partition 1: (Active) - (Size=199 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=34.6 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=263.2 GB) - (Type=OF Extended)
Partition 4: (Not Active) - (Size=103 MB) - (Type=1C)
========================================================
Disk: 2 (Size: 14.9 GB) (Disk ID: 00000000)
Partition: GPT Partition Type.
==================== End Of Log ============================