Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

serious infection... [Closed]


  • This topic is locked This topic is locked

#1
saturday

saturday

    New Member

  • Member
  • Pip
  • 7 posts

Not sure what it is. It changes browser home pages to http://www.mystartsearch.com/ andadds various malware programs(some labeled in Russian). It also turned off my system restore. There is a "Search Protect " icon that keeps reappearing on my taskbar. I tried to remove it with Malwarebytes, Trojan remover, and a couple rootkit tools. I was running an administrator account when it happened.

 

I acquired it by downloading dubious software.

 

Thanks for all help.

 

 

 

 

 

FIRST:

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:02-08-2015 01
Ran by PoisonFrog (administrator) on POISONFROG-PC (02-08-2015 17:09:18)
Running from C:\Users\PoisonFrog\Desktop
Loaded Profiles: PoisonFrog & UpdatusUser (Available Profiles: PoisonFrog & UpdatusUser)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 10 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(DTools LIMITED) C:\ProgramData\WWinManProW\ProtectWindowsManager.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Nalpeiron Ltd.) C:\Windows\SysWOW64\ASTSRV.EXE
(New Softwares.net) C:\Windows\SysWOW64\WinFLService.exe
(www.hideallip.com) C:\Program Files (x86)\Hide ALL IP\LauncherService.exe
(XTab system) C:\Program Files (x86)\MiuiTab\ProtectService.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
() C:\Program Files\Autodesk\3ds Max 2012\mentalimages\satellite\raysat_3dsmax2012_64server.exe
() C:\Program Files\Autodesk\3ds Max 2014\NVIDIA\Satellite\raysat_3dsmax2014_64server.exe
(Copyright © Microsoft 2015) C:\Program Files (x86)\Microsoft.NET\v2.0.507279\msnetcore.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe
(Nalpeiron Ltd.) C:\Windows\System32\nlsInterface.exe
(Nalpeiron Ltd.) C:\Windows\SysWOW64\nlssrv32.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Program Files\Prio\prio_svc.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(SearchProtect) C:\Program Files (x86)\MiuiTab\CmdShell.exe
(XTab system) C:\Program Files (x86)\MiuiTab\HPNotify.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(IObit) C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMonitor.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
(DT Soft Ltd) C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(PeerBlock, LLC) C:\Program Files\PeerBlock\peerblock.exe
( New Softwares.net) C:\Windows\SysWOW64\WinFLTray.exe
(New Softwares.net) C:\Program Files (x86)\NewSoftware's\Folder Lock\FLComServCtrl.exe
( New Softwares.net) C:\Program Files (x86)\NewSoftware's\Folder Lock\FLComServ.exe
(www.hideallip.com) C:\Program Files (x86)\Hide ALL IP\HideAllIP.exe
() C:\Program Files\ACD Systems\ACDSee Pro\8.0\ACDSeeCommanderPro8.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
() C:\Program Files (x86)\Hide ALL IP\networktunnelx64helper.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [Nvtmru] => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe [1028384 2013-10-17] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [348624 2012-05-02] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [TrojanScanner] => C:\Program Files (x86)\Trojan Remover\Trjscan.exe [1911712 2015-05-14] (Simply Super Software)
HKU\S-1-5-21-1916205949-4121176766-1257420277-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [4910912 2011-08-02] (DT Soft Ltd)
HKU\S-1-5-21-1916205949-4121176766-1257420277-1000\...\Run: [PeerBlock] => C:\Program Files\PeerBlock\peerblock.exe [2646128 2010-11-06] (PeerBlock, LLC)
HKU\S-1-5-21-1916205949-4121176766-1257420277-1000\...\Run: [Google Update] => C:\Users\PoisonFrog\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2014-05-29] (Google Inc.)
HKU\S-1-5-21-1916205949-4121176766-1257420277-1000\...\Run: [WinFLTray] => C:\Windows\SysWow64\WinFLTray.exe [322360 2014-11-02] ( New Softwares.net)
HKU\S-1-5-21-1916205949-4121176766-1257420277-1000\...\Run: [FLBackup] => C:\Program Files (x86)\NewSoftware's\Folder Lock\FLComServCtrl.exe [275768 2014-11-02] (New Softwares.net)
HKU\S-1-5-21-1916205949-4121176766-1257420277-1000\...\Run: [Hide ALL IP] => C:\Program Files (x86)\Hide ALL IP\HideAllIP.exe [3920240 2015-07-15] (www.hideallip.com)
HKU\S-1-5-21-1916205949-4121176766-1257420277-1000\...\Run: [ACDSeeCommanderPro8] => C:\Program Files\ACD Systems\ACDSee Pro\8.0\ACDSeeCommanderPro8.exe [2136072 2014-09-19] ()
BootExecute: autocheck autochk * sdnclean64.exe
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.mystartse...AZA634371143711
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.mystartse...AZA634371143711
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.mystartse...q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://www.mystartse...q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.mystartse...AZA634371143711
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.mystartse...AZA634371143711
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.mystartse...q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.mystartse...q={searchTerms}
HKU\S-1-5-21-1916205949-4121176766-1257420277-1000\Software\Microsoft\Internet Explorer\Main,Start Page =http://www.mystartse...AZA634371143711
HKU\S-1-5-21-1916205949-4121176766-1257420277-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
HKU\S-1-5-21-1916205949-4121176766-1257420277-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =http://www.mystartse...AZA634371143711
SearchScopes: HKLM -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = 
SearchScopes: HKU\S-1-5-21-1916205949-4121176766-1257420277-1000 -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = 
SearchScopes: HKU\S-1-5-21-1916205949-4121176766-1257420277-1000 -> {7CA9FFE4-88D7-4C84-AF7D-403B2126F105} URL =http://search.condui...6482524996&UM=2
SearchScopes: HKU\S-1-5-21-1916205949-4121176766-1257420277-1000 -> {FFEBBF0A-C22C-4172-89FF-45215A135AC7} URL =http://go.mail.ru/se...fr=ieverfix_dse
BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer64.dll [2015-08-01] (IObit)
BHO: QuickShare WidgetEngine -> {31ad400d-1b06-4e33-a59a-90c2c140cba0} -> C:\Windows\system32\mscoree.dll [2010-11-04] (Microsoft Corporation)
BHO: shopperz02082015 -> {d8139727-0c0e-430a-a25b-d1fa4e9d4a75} ->  No File
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-09-23] (Adobe Systems Incorporated)
BHO-x32: BitComet Helper -> {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} -> C:\Program Files (x86)\BitComet\tools\BitCometBHO_1.4.12.6.dll [2010-12-06] (BitComet)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\ssv.dll [2012-07-05] (Oracle Corporation)
BHO-x32: Adobe PDF Conversion Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2010-10-25] (Adobe Systems Incorporated)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\jp2ssv.dll [2012-07-05] (Oracle Corporation)
BHO-x32: SmartSelect Class -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2010-10-25] (Adobe Systems Incorporated)
Toolbar: HKLM - QuickShare Widget - {ae07101b-46d4-4a98-af68-0333ea26e113} - C:\Windows\system32\mscoree.dll [2010-11-04] (Microsoft Corporation)
Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2010-10-25] (Adobe Systems Incorporated)
Toolbar: HKU\S-1-5-21-1916205949-4121176766-1257420277-1000 -> No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} -  No File
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{394EAC42-3DDF-410C-9E48-F7AE2B6130FF}: [NameServer] 52.18.92.32,8.8.8.8
Tcpip\..\Interfaces\{394EAC42-3DDF-410C-9E48-F7AE2B6130FF}: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{846ee342-7039-11de-9d20-806e6f6e6963}: [NameServer] 52.18.92.32,8.8.8.8
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
 
FireFox:
========
FF ProfilePath: C:\Users\PoisonFrog\AppData\Roaming\Mozilla\Firefox\Profiles\sjzsar8w.default
FF NewTab: hxxp://www.mystartsearch.com/newtab/?type=nt&ts=1438551350&z=437373a23c2e2a07eb7c4bcgcz0c5bew1w1gdo1bet&from=cmi&uid=WDCXWD20EARX-00PASB0_WD-WMAZA634371143711
FF DefaultSearchEngine: istartsurf
FF DefaultSearchEngine.US: istartsurf
FF SelectedSearchEngine: istartsurf
FF Homepage: hxxp://www.mystartsearch.com/?type=hp&ts=1438551350&z=437373a23c2e2a07eb7c4bcgcz0c5bew1w1gdo1bet&from=cmi&uid=WDCXWD20EARX-00PASB0_WD-WMAZA634371143711
FF Keyword.URL: hxxp://go.mail.ru/search?fr=ntg&q=
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_77.dll [2014-03-12] ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll [2014-02-13] ( Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll No File
FF Plugin: adobe.com/AdobeExManDetect -> C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\Win64Plugin\npAdobeExManDetectX64.dll [2013-01-23] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_77.dll [2014-03-12] ()
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2013-04-02] (Google, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=10.5.1 -> C:\Windows\SysWOW64\npdeployJava1.dll [2012-07-05] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin -> C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll [2012-07-05] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.25.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2013-06-28] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll [2014-02-13] ( Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2013-03-14] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2013-03-14] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-23] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-23] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-05-08] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll No File
FF Plugin-x32: adobe.com/AdobeExManDetect -> C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\npAdobeExManDetectX86.dll [2013-01-23] (Adobe Systems)
FF Plugin HKU\S-1-5-21-1916205949-4121176766-1257420277-1000: @talk.google.com/GoogleTalkPlugin -> C:\Users\PoisonFrog\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll [2015-04-17] (Google)
FF Plugin HKU\S-1-5-21-1916205949-4121176766-1257420277-1000: @talk.google.com/O1DPlugin -> C:\Users\PoisonFrog\AppData\Roaming\Mozilla\plugins\npo1d.dll [2015-04-17] (Google)
FF Plugin HKU\S-1-5-21-1916205949-4121176766-1257420277-1000: @tools.google.com/Google Update;version=3 -> C:\Users\PoisonFrog\AppData\Local\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-23] (Google Inc.)
FF Plugin HKU\S-1-5-21-1916205949-4121176766-1257420277-1000: @tools.google.com/Google Update;version=9 -> C:\Users\PoisonFrog\AppData\Local\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-23] (Google Inc.)
FF Plugin HKU\S-1-5-21-1916205949-4121176766-1257420277-1000: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll No File
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npBitCometAgent.dll [2010-08-24] (BitComet)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2010-10-25] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\PoisonFrog\AppData\Roaming\mozilla\plugins\npgoogletalk.dll [2015-04-17] (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\PoisonFrog\AppData\Roaming\mozilla\plugins\npo1d.dll [2015-04-17] (Google)
FF SearchPlugin: C:\Users\PoisonFrog\AppData\Roaming\Mozilla\Firefox\Profiles\sjzsar8w.default\searchplugins\duckduckgo.xml [2014-03-24]
FF SearchPlugin: C:\Users\PoisonFrog\AppData\Roaming\Mozilla\Firefox\Profiles\sjzsar8w.default\searchplugins\istartsurf.xml [2015-08-02]
FF SearchPlugin: C:\Users\PoisonFrog\AppData\Roaming\Mozilla\Firefox\Profiles\sjzsar8w.default\searchplugins\mailru.xml [2015-08-02]
FF SearchPlugin: C:\Users\PoisonFrog\AppData\Roaming\Mozilla\Firefox\Profiles\sjzsar8w.default\searchplugins\mystartsearch.xml [2015-08-02]
FF SearchPlugin: C:\Users\PoisonFrog\AppData\Roaming\Mozilla\Firefox\Profiles\sjzsar8w.default\searchplugins\oursurfing.xml [2015-08-02]
FF Extension: Default SearchProtected  - C:\Users\PoisonFrog\AppData\Roaming\Mozilla\Firefox\Profiles\sjzsar8w.default\Extensions\[email protected] [2015-08-02]
FF Extension: deskCut - C:\Users\PoisonFrog\AppData\Roaming\Mozilla\Firefox\Profiles\sjzsar8w.default\Extensions\[email protected] [2015-08-02]
FF Extension: SpeedFox - C:\Users\PoisonFrog\AppData\Roaming\Mozilla\Firefox\Profiles\sjzsar8w.default\Extensions\[email protected] [2015-08-02]
FF Extension: Default Full Zoom Level - C:\Users\PoisonFrog\AppData\Roaming\Mozilla\Firefox\Profiles\sjzsar8w.default\Extensions\{D9A7CBEC-DE1A-444f-A092-844461596C4D} [2015-07-25]
FF Extension: Adblock Plus Pop-up Addon - C:\Users\PoisonFrog\AppData\Roaming\Mozilla\Firefox\Profiles\sjzsar8w.default\Extensions\[email protected] [2014-03-24]
FF Extension: MEGA - C:\Users\PoisonFrog\AppData\Roaming\Mozilla\Firefox\Profiles\sjzsar8w.default\Extensions\[email protected] [2015-07-26]
FF Extension: NoScript - C:\Users\PoisonFrog\AppData\Roaming\Mozilla\Firefox\Profiles\sjzsar8w.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2014-03-24]
FF Extension: Adblock Plus - C:\Users\PoisonFrog\AppData\Roaming\Mozilla\Firefox\Profiles\sjzsar8w.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-03-24]
FF Extension: QuickJava - C:\Users\PoisonFrog\AppData\Roaming\Mozilla\Firefox\Profiles\sjzsar8w.default\Extensions\{E6C1199F-E687-42da-8C24-E7770CC3AE66}.xpi [2014-03-24]
FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0045-ABCDEFFEDCBA} [2015-07-24]
FF HKLM\...\Firefox\Extensions: [{d8139727-0c0e-430a-a25b-d1fa4e9d4a75}] - C:\Program Files\shopperz02082015\Firefox
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: Adobe Acrobat - Create PDF - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn [2014-07-28]
StartMenuInternet: FIREFOX.EXE - firefox.exe
 
Chrome: 
=======
CHR Profile: C:\Users\PoisonFrog\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Duolingo on the Web) - C:\Users\PoisonFrog\AppData\Local\Google\Chrome\User Data\Default\Extensions\aiahmijlpehemcpleichkcokhegllfjl [2014-01-17]
CHR Extension: (Google Docs) - C:\Users\PoisonFrog\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-03-24]
CHR Extension: (Google Drive) - C:\Users\PoisonFrog\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-03-24]
CHR Extension: (TV) - C:\Users\PoisonFrog\AppData\Local\Google\Chrome\User Data\Default\Extensions\beobeededemalmllhkmnkinmfembdimh [2013-11-17]
CHR Extension: (YouTube) - C:\Users\PoisonFrog\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-03-24]
CHR Extension: (Adblock Plus) - C:\Users\PoisonFrog\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2013-09-25]
CHR Extension: (TrafficLight) - C:\Users\PoisonFrog\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfnpidifppmenkapgihekkeednfoenal [2014-03-10]
CHR Extension: (Hide My [bleep]! Web Proxy) - C:\Users\PoisonFrog\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmgnmcnlncejehjlnhaglpnoolgbflbd [2014-03-16]
CHR Extension: (Google Search) - C:\Users\PoisonFrog\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-03-24]
CHR Extension: (Tampermonkey) - C:\Users\PoisonFrog\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2014-03-09]
CHR Extension: (Quick Javascript Switcher) - C:\Users\PoisonFrog\AppData\Local\Google\Chrome\User Data\Default\Extensions\geddoclleiomckbhadiaipdggiiccfje [2014-03-18]
CHR Extension: (AdBlock) - C:\Users\PoisonFrog\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2013-12-21]
CHR Extension: (Tabs to the front!) - C:\Users\PoisonFrog\AppData\Local\Google\Chrome\User Data\Default\Extensions\hjaooagfdhdhmbfchnkhggjmacjlacla [2013-11-17]
CHR Extension: (Adblock for Pirate Bay) - C:\Users\PoisonFrog\AppData\Local\Google\Chrome\User Data\Default\Extensions\imkpamgpfalmdaikobnkefcmmkpgljjd [2014-03-10]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\PoisonFrog\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-07-23]
CHR Extension: (Switch To New Tab) - C:\Users\PoisonFrog\AppData\Local\Google\Chrome\User Data\Default\Extensions\lfpdoeknpnclenhlmblmenpafkbcgdbg [2013-09-25]
CHR Extension: (HTTP Switchboard) - C:\Users\PoisonFrog\AppData\Local\Google\Chrome\User Data\Default\Extensions\mghdpehejfekicfjcdbfofhcmnjhgaag [2014-03-18]
CHR Extension: (Chrome Web Store Payments) - C:\Users\PoisonFrog\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-22]
CHR Extension: (Checker Plus for Gmail™) - C:\Users\PoisonFrog\AppData\Local\Google\Chrome\User Data\Default\Extensions\oeopbcgkkoapgobdbedcemjljbihmemj [2014-05-08]
CHR Extension: (Bitdefender QuickScan) - C:\Users\PoisonFrog\AppData\Local\Google\Chrome\User Data\Default\Extensions\pdnkcidphdcakpkheohlhocaicfamjie [2014-01-23]
CHR Extension: (Gmail) - C:\Users\PoisonFrog\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-03-24]
CHR HKU\S-1-5-21-1916205949-4121176766-1257420277-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [blklojfklgnogjaijkibhfjepakiocng] - C:\Users\PoisonFrog\AppData\Local\CRE\blklojfklgnogjaijkibhfjepakiocng.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [blklojfklgnogjaijkibhfjepakiocng] - C:\Users\PoisonFrog\AppData\Local\CRE\blklojfklgnogjaijkibhfjepakiocng.crx [Not Found]
StartMenuInternet: Google Chrome - Chrome.exe
 
Opera: 
=======
OPR Extension: (shucream0808) - C:\Users\PoisonFrog\AppData\Roaming\Opera Software\Opera Stable\Extensions\afefffbbjobefahecmgjlanoemlipbkj [2014-02-11]
OPR Extension: (adblockforopera) - C:\Users\PoisonFrog\AppData\Roaming\Opera Software\Opera Stable\Extensions\aobdicepooefnbaeokijohmhjlleamfj [2014-02-11]
OPR Extension: (Joel Spadin) - C:\Users\PoisonFrog\AppData\Roaming\Opera Software\Opera Stable\Extensions\gbekmpnpfkkijbodegokaigmhedbbkmg [2014-02-11]
OPR Extension: (Adblock Plus) - C:\Users\PoisonFrog\AppData\Roaming\Opera Software\Opera Stable\Extensions\oidhhegpmlfpoeialbgcdocjalghfpkp [2014-02-11]
 
==================== Services (Whitelisted) ========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [86224 2012-05-02] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [110032 2012-05-02] (Avira Operations GmbH & Co. KG)
R2 ASTCC; C:\Windows\SysWOW64\astsrv.exe [57344 2008-05-19] (Nalpeiron Ltd.) [File not signed]
S4 BITCOMET_HELPER_SERVICE; C:\Program Files (x86)\BitComet\tools\BitCometService.exe [1296728 2010-12-28] (www.BitComet.com)
R2 FLService; C:\Windows\SysWow64\WinFLService.exe [92984 2014-11-02] (New Softwares.net)
R2 HideIPLaucherService; C:\Program Files (x86)\Hide ALL IP\LauncherService.exe [489328 2014-01-24] (www.hideallip.com)
R2 IHProtect Service; C:\Program Files (x86)\MiuiTab\ProtectService.exe [125112 2015-07-29] (XTab system)
S2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2909472 2015-08-01] (IObit)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
R2 mi-raysat_3dsmax2012_64; C:\Program Files\Autodesk\3ds Max 2012\mentalimages\satellite\raysat_3dsmax2012_64server.exe [86016 2011-02-22] () [File not signed]
R2 mi-raysat_3dsmax2014_64; C:\Program Files\Autodesk\3ds Max 2014\NVIDIA\Satellite\raysat_3dsmax2014_64server.exe [86016 2011-09-14] () [File not signed]
R2 msdotnetserv_v2050729; C:\Program Files (x86)\Microsoft.NET\v2.0.507279\msnetcore.exe [3003880 2015-07-05] (Copyright © Microsoft 2015)
R2 MSSQL$SQLEXPRESS; C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [57617752 2009-03-30] (Microsoft Corporation)
R2 nlsInterface; C:\Windows\system32\nlsInterface.exe [72192 2009-04-03] (Nalpeiron Ltd.) [File not signed]
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [15122208 2013-10-17] (NVIDIA Corporation)
R2 prio_svc; C:\Program Files\Prio\prio_svc.exe [12656 2012-11-08] ()
S4 SQLAgent$SQLEXPRESS; C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [427880 2009-03-30] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 WindowsMangerProtect; C:\ProgramData\WWinManProW\ProtectWindowsManager.exe [708264 2015-08-02] (DTools LIMITED) <==== ATTENTION
S2 bizurihe; C:\Program Files (x86)\4C4C4544-1438534069-5710-8054-B1C04F334D31\knsu3983.tmpfs [X]
S4 SwitchBoard; "C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [X]
 
===================== Drivers (Whitelisted) ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R3 Apowersoft_AudioDevice; C:\Windows\System32\drivers\Apowersoft_AudioDevice.sys [31968 2012-10-08] (Wondershare)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [98848 2012-04-25] (Avira GmbH)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [132832 2012-04-27] (Avira GmbH)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [27760 2012-05-02] (Avira GmbH)
R1 bsdriver; C:\Windows\system32\drivers\bsdriver.sys [34712 2015-08-02] ()
S3 Cardex; C:\Windows\SysWOW64\drivers\TBPANELX64.SYS [15648 2007-03-16] (Windows ® Server 2003 DDK provider)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [270912 2012-06-15] (DT Soft Ltd)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R2 NEWDRIVER; C:\Windows\SysWow64\WinVDEdrv6.sys [197648 2014-11-02] ()
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [39200 2013-09-27] (NVIDIA Corporation)
R3 pbfilter; C:\Program Files\PeerBlock\pbfilter.sys [24176 2010-11-06] ()
S2 TBPanel; No ImagePath
U5 UnlockerDriver5; C:\Program Files\Unlocker\UnlockerDriver5.sys [12352 2010-07-01] ()
R1 WinFLAdrv; C:\Windows\SysWow64\WinFLAdrv.sys [36384 2014-11-02] ()
R2 WinVDEDrv; C:\Windows\SysWow64\WinVDEdrv.sys [225680 2014-11-02] (NewSoftwares.net, Inc.)
S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2015-08-02 17:09 - 2015-08-02 17:09 - 00029001 _____ C:\Users\PoisonFrog\Desktop\FRST.txt
2015-08-02 17:08 - 2015-08-02 17:09 - 00000000 ____D C:\FRST
2015-08-02 17:05 - 2015-08-02 17:05 - 02169856 _____ (Farbar) C:\Users\PoisonFrog\Desktop\FRST64.exe
2015-08-02 16:44 - 2015-08-02 16:44 - 00000832 _____ C:\Users\PoisonFrog\Desktop\AnyProtect.lnk
2015-08-02 16:44 - 2015-08-02 16:44 - 00000000 ____D C:\Users\PoisonFrog\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AnyProtect PC Backup
2015-08-02 16:37 - 2015-08-02 16:47 - 00000000 ____D C:\Program Files (x86)\AnyProtectEx
2015-08-02 16:37 - 2015-08-02 16:37 - 00613255 _____ (CMI Limited) C:\Users\PoisonFrog\AppData\Local\nsr664C.tmp
2015-08-02 16:37 - 2015-08-02 16:37 - 00000000 __SHD C:\Users\PoisonFrog\AppData\Roaming\AnyProtectEx
2015-08-02 16:36 - 2015-08-02 16:41 - 00000000 ____D C:\Program Files (x86)\MiuiTab
2015-08-02 16:36 - 2015-08-02 16:39 - 00000000 ____D C:\ProgramData\{cb7977c2-e178-66ab-cb79-977c2e17df0b}
2015-08-02 16:36 - 2015-08-02 16:37 - 00000000 ____D C:\ProgramData\WWinManProW
2015-08-02 16:36 - 2015-08-02 16:36 - 00000000 ____D C:\ProgramData\IHProtectUpDate
2015-08-02 16:03 - 2015-08-02 16:03 - 00000000 ____D C:\Users\PoisonFrog\AppData\Roaming\Simply Super Software
2015-08-02 15:54 - 2015-08-02 15:54 - 00000000 ____D C:\Program Files (x86)\Exploremedia
2015-08-02 15:49 - 2015-07-31 02:53 - 00303104 __RSH C:\Windows\SysWOW64\TR2468mfc40V.dll
2015-08-02 15:46 - 2015-08-02 15:46 - 00001113 _____ C:\Users\Public\Desktop\Trojan Remover.lnk
2015-08-02 15:46 - 2015-08-02 15:46 - 00000000 ____D C:\Users\PoisonFrog\Documents\Simply Super Software
2015-08-02 15:46 - 2015-08-02 15:46 - 00000000 ____D C:\ProgramData\Simply Super Software
2015-08-02 15:46 - 2015-08-02 15:46 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Trojan Remover
2015-08-02 15:46 - 2015-08-02 15:46 - 00000000 ____D C:\ProgramData\Licenses
2015-08-02 15:46 - 2015-08-02 15:46 - 00000000 ____D C:\Program Files (x86)\Trojan Remover
2015-08-02 15:42 - 2015-08-02 15:42 - 00613255 _____ (CMI Limited) C:\Users\PoisonFrog\AppData\Local\nspBE70.tmp
2015-08-02 15:42 - 2015-08-02 15:42 - 00003532 _____ C:\Windows\System32\Tasks\SushiLeads
2015-08-02 15:39 - 2015-08-02 15:39 - 00003340 _____ C:\Windows\System32\Tasks\One System Care Run Delay
2015-08-02 15:39 - 2015-08-02 15:39 - 00003274 _____ C:\Windows\System32\Tasks\One System Care Monitor
2015-08-02 15:37 - 2015-08-02 16:43 - 00002924 _____ C:\Windows\System32\Tasks\Uninstaller_SkipUac_PoisonFrog
2015-08-02 15:36 - 2015-08-02 15:36 - 00000000 ____D C:\ProgramData\MSNetCore
2015-08-02 15:35 - 2015-08-02 15:36 - 00000000 ____D C:\ProgramData\HWinManProH
2015-08-02 15:03 - 2015-08-02 15:03 - 00034712 _____ () C:\Windows\system32\Drivers\bsdriver.sys
2015-08-02 14:59 - 2015-08-02 15:58 - 00000000 ____D C:\Program Files\shopperz02082015
2015-08-02 14:59 - 2015-08-02 14:59 - 00003648 _____ C:\Windows\System32\Tasks\Ehcks
2015-08-02 14:59 - 2015-06-18 12:08 - 00061336 _____ (Cherimoya Ltd) C:\Windows\system32\Drivers\cherimoya.sys
2015-08-02 14:58 - 2015-08-02 16:54 - 00000352 ____H C:\Windows\Tasks\OUUBGIBUTOERQGRE.job
2015-08-02 14:58 - 2015-08-02 16:53 - 00000340 _____ C:\Windows\Tasks\OMYQNNDMU1.job
2015-08-02 14:58 - 2015-08-02 14:58 - 00003396 _____ C:\Windows\System32\Tasks\OUUBGIBUTOERQGRE
2015-08-02 14:58 - 2015-08-02 14:58 - 00002862 _____ C:\Windows\System32\Tasks\OMYQNNDMU1
2015-08-02 14:58 - 2015-08-02 14:58 - 00000000 ____D C:\ProgramData\Service1291
2015-08-02 14:58 - 2015-08-02 14:58 - 00000000 ____D C:\ProgramData\28341ff220e0446c9fff27c4493d622e
2015-08-02 14:36 - 2015-08-02 16:51 - 00000638 _____ C:\Users\PoisonFrog\Desktop\New Text Document.txt
2015-08-02 13:42 - 2015-08-02 15:01 - 00000000 ____D C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2015-08-02 13:41 - 2015-08-02 13:41 - 00107736 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-08-02 13:39 - 2015-08-02 13:38 - 16502728 _____ (Malwarebytes Corp.) C:\Users\PoisonFrog\Desktop\mbar-1.09.1.1004.exe
2015-08-02 13:25 - 2015-08-02 15:58 - 00000000 ____D C:\ProgramData\lWinManProl
2015-08-02 13:24 - 2015-08-02 13:24 - 00004180 _____ C:\Windows\System32\Tasks\WordSurfer Auto Updater 1.10.0.19 Pending Update
2015-08-02 13:24 - 2015-08-02 13:24 - 00004170 _____ C:\Windows\System32\Tasks\WordSurfer Auto Updater 1.10.0.19 Core
2015-08-02 12:26 - 2015-08-02 12:26 - 00000000 ____D C:\ProgramData\3WinManPro3
2015-08-02 12:21 - 2015-08-02 12:21 - 00000000 ____D C:\ProgramData\ZWinManProZ
2015-08-02 12:09 - 2015-08-02 12:09 - 00000000 ____D C:\Users\PoisonFrog\AppData\Local\MailRu
2015-08-02 12:01 - 2015-08-02 12:01 - 00000000 ____D C:\ProgramData\iWinManProi
2015-08-02 11:48 - 2015-08-02 12:50 - 00000000 ____D C:\Program Files (x86)\MaxDrivrUpdater_v71.1245
2015-08-02 11:48 - 2015-07-31 15:09 - 00007983 _____ C:\Windows\system32\Drivers\etc\hp.bak
2015-08-02 11:47 - 2015-08-02 12:52 - 00000000 ____D C:\Program Files (x86)\4C4C4544-1438534069-5710-8054-B1C04F334D31
2015-08-02 11:45 - 2015-08-02 12:52 - 00000000 ____D C:\ProgramData\9WinManPro9
2015-08-02 11:45 - 2015-08-02 11:45 - 00000000 _____ C:\Windows\prleth.sys
2015-08-02 11:45 - 2015-08-02 11:45 - 00000000 _____ C:\Windows\hgfs.sys
2015-08-02 10:17 - 2015-08-02 10:17 - 00000000 ____D C:\Users\PoisonFrog\Documents\Downloads Utorrent
2015-08-02 08:45 - 2015-08-02 08:45 - 00001324 _____ C:\Users\Public\Desktop\Video Download Capture.lnk
2015-08-02 08:45 - 2015-08-02 08:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apowersoft
2015-08-02 08:45 - 2013-02-07 22:44 - 00584952 ____H (Bytescout) C:\Windows\system32\BytescoutScreenCapturing.dll
2015-08-02 08:45 - 2013-02-07 22:44 - 00372984 ____H (Bytescout) C:\Windows\system32\BytescoutScreenCapturingFilter.dll
2015-08-02 08:45 - 2013-02-07 22:44 - 00261880 ____H (Bytescout) C:\Windows\SysWOW64\BytescoutScreenCapturingFilter.dll
2015-08-02 08:45 - 2013-02-07 22:44 - 00231672 ____H (Bytescout) C:\Windows\system32\BytescoutVideoMixerFilter.dll
2015-08-02 08:45 - 2013-02-07 22:44 - 00175864 ____H (Bytescout) C:\Windows\SysWOW64\BytescoutVideoMixerFilter.dll
2015-08-02 08:44 - 2015-08-02 08:44 - 00000000 ____D C:\Program Files (x86)\Apowersoft
2015-08-02 08:44 - 2013-02-07 22:44 - 00429816 ____H (Bytescout) C:\Windows\SysWOW64\BytescoutScreenCapturing.dll
2015-08-02 08:28 - 2015-08-02 08:49 - 00000000 ____D C:\Users\PoisonFrog\Desktop\Apowersoft.Video.Download.Capture.v4.3.0.Incl.KeyMaker-DVT
2015-08-01 20:24 - 2015-08-01 20:24 - 00001037 _____ C:\Users\Public\Desktop\Hide ALL IP.lnk
2015-08-01 20:24 - 2015-08-01 20:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hide ALL IP
2015-08-01 20:24 - 2015-08-01 20:24 - 00000000 ____D C:\Program Files (x86)\Hide ALL IP
2015-08-01 07:21 - 2015-08-01 07:21 - 00000000 ____D C:\Users\PoisonFrog\AppData\Roaming\ProductData
2015-08-01 07:20 - 2015-08-01 07:21 - 00000000 ____D C:\ProgramData\IObit
2015-08-01 07:20 - 2015-08-01 07:20 - 00001256 _____ C:\Users\PoisonFrog\AppData\Roaming\Microsoft\Windows\Start Menu\Uninstall Programs.lnk
2015-08-01 07:20 - 2015-08-01 07:20 - 00001232 _____ C:\Users\Public\Desktop\IObit Uninstaller.lnk
2015-08-01 07:19 - 2015-08-01 07:20 - 00000000 ____D C:\Users\PoisonFrog\AppData\Roaming\IObit
2015-08-01 07:19 - 2015-08-01 07:20 - 00000000 ____D C:\ProgramData\ProductData
2015-08-01 07:19 - 2015-08-01 07:20 - 00000000 ____D C:\Program Files (x86)\IObit
2015-07-31 15:09 - 2014-04-09 20:50 - 00271536 ____H (Bytescout) C:\Windows\SysWOW64\ApowersoftScreenCapturingFilter.dll
2015-07-31 02:53 - 2015-07-31 02:53 - 00303104 _____ C:\Windows\SysWOW64\mfc40V.dll.vir
2015-07-30 23:24 - 2015-07-30 23:24 - 00002211 _____ C:\Users\Public\Desktop\ACDSee Pro 8 (64-bit).lnk
2015-07-30 10:37 - 2015-07-30 10:38 - 00000013 _____ C:\Users\PoisonFrog\Desktop\MY IP.txt
2015-07-30 07:18 - 2015-07-28 11:32 - 00437104 _____ (Network Tunnel Lab) C:\Windows\SysWOW64\networkdlllsp.dll
2015-07-29 22:36 - 2015-07-29 22:36 - 00000781 _____ C:\Users\PoisonFrog\Desktop\GAME+OF+THRONES+SEASON-5-30-50.mp4 - Shortcut.lnk
2015-07-27 12:52 - 2015-08-02 16:35 - 00001619 _____ C:\Users\PoisonFrog\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Start Tor Browser.lnk
2015-07-27 12:52 - 2015-07-27 12:52 - 00000000 ____D C:\Program Files (x86)\Tor 4.5.3
2015-07-26 16:35 - 2015-07-26 16:35 - 00004638 _____ C:\Users\PoisonFrog\AppData\Roaming\988ab255
2015-07-26 16:35 - 2015-07-26 16:35 - 00004638 _____ C:\Users\PoisonFrog\AppData\Roaming\984771ab
2015-07-26 16:34 - 2015-07-26 16:34 - 00004638 _____ C:\Users\PoisonFrog\AppData\Roaming\e6f34143
2015-07-26 16:34 - 2015-07-26 16:34 - 00004638 _____ C:\Users\PoisonFrog\AppData\Roaming\e6776013
2015-07-26 16:29 - 2015-07-26 16:29 - 00004638 _____ C:\Users\PoisonFrog\AppData\Roaming\ea854756
2015-07-26 16:29 - 2015-07-26 16:29 - 00004638 _____ C:\Users\PoisonFrog\AppData\Roaming\ea0efa17
2015-07-26 16:29 - 2015-07-26 16:29 - 00004638 _____ C:\Users\PoisonFrog\AppData\Roaming\c9ca571b
2015-07-26 16:29 - 2015-07-26 16:29 - 00004638 _____ C:\Users\PoisonFrog\AppData\Roaming\c989d4dc
2015-07-26 16:28 - 2015-07-26 16:28 - 00004638 _____ C:\Users\PoisonFrog\AppData\Roaming\f49f694b
2015-07-26 16:28 - 2015-07-26 16:28 - 00004638 _____ C:\Users\PoisonFrog\AppData\Roaming\f44db395
2015-07-26 16:28 - 2015-07-26 16:28 - 00004638 _____ C:\Users\PoisonFrog\AppData\Roaming\f3ebad67
2015-07-26 16:28 - 2015-07-26 16:28 - 00004638 _____ C:\Users\PoisonFrog\AppData\Roaming\f20d1bbe
2015-07-26 16:28 - 2015-07-26 16:28 - 00004638 _____ C:\Users\PoisonFrog\AppData\Roaming\ef0ba48d
2015-07-26 16:28 - 2015-07-26 16:28 - 00004638 _____ C:\Users\PoisonFrog\AppData\Roaming\eeab4259
2015-07-26 16:28 - 2015-07-26 16:28 - 00004638 _____ C:\Users\PoisonFrog\AppData\Roaming\292d9ded
2015-07-26 16:28 - 2015-07-26 16:28 - 00004638 _____ C:\Users\PoisonFrog\AppData\Roaming\28dda41f
2015-07-26 16:28 - 2015-07-26 16:28 - 00004638 _____ C:\Users\PoisonFrog\AppData\Roaming\285bd7b4
2015-07-26 16:28 - 2015-07-26 16:28 - 00004638 _____ C:\Users\PoisonFrog\AppData\Roaming\28163463
2015-07-26 16:28 - 2015-07-26 16:28 - 00004638 _____ C:\Users\PoisonFrog\AppData\Roaming\27cb9bb0
2015-07-26 16:28 - 2015-07-26 16:28 - 00004638 _____ C:\Users\PoisonFrog\AppData\Roaming\21757e44
2015-07-26 16:28 - 2015-07-26 16:28 - 00004638 _____ C:\Users\PoisonFrog\AppData\Roaming\212cae9d
2015-07-26 16:28 - 2015-07-26 16:28 - 00004638 _____ C:\Users\PoisonFrog\AppData\Roaming\1ec0b757
2015-07-26 16:28 - 2015-07-26 16:28 - 00004638 _____ C:\Users\PoisonFrog\AppData\Roaming\1e403f05
2015-07-26 06:11 - 2015-07-26 06:11 - 00000850 _____ C:\Users\PoisonFrog\Desktop\AT&T - Shortcut.lnk
2015-07-24 19:48 - 2015-07-24 19:48 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-07-23 22:48 - 2015-07-23 22:54 - 00000000 ____D C:\Users\PoisonFrog\Downloads\The Rolling Stones - Studio Album Discography 1964-2005 [FLAC]
2015-07-21 20:10 - 2015-07-21 20:10 - 00001438 _____ C:\Users\PoisonFrog\Desktop\Beautiful Brunette Teen Girl Great Anal.avi - Shortcut.lnk
2015-07-19 19:49 - 2015-07-19 19:49 - 00001613 _____ C:\Users\PoisonFrog\Desktop\2-00 The Hunger Games 2012 - Shortcut.lnk
2015-07-17 20:02 - 2015-07-17 20:02 - 00000884 _____ C:\Users\PoisonFrog\Desktop\01 - Shortcut.lnk
2015-07-04 17:26 - 2015-07-04 17:43 - 00000000 ____D C:\Users\PoisonFrog\Desktop\MP3-001
2015-07-04 16:20 - 2015-07-06 19:20 - 00000156 _____ C:\Users\PoisonFrog\Desktop\MUSIC.txt
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2015-08-02 17:09 - 2012-06-15 20:34 - 00000000 ____D C:\Program Files\PeerBlock
2015-08-02 17:03 - 2009-07-13 23:45 - 00014240 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-08-02 17:03 - 2009-07-13 23:45 - 00014240 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-08-02 16:59 - 2012-06-15 18:35 - 01066431 _____ C:\Windows\WindowsUpdate.log
2015-08-02 16:58 - 2009-07-14 00:13 - 00872406 _____ C:\Windows\system32\PerfStringBackup.INI
2015-08-02 16:57 - 2013-04-17 23:06 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-08-02 16:54 - 2013-03-24 08:40 - 00000894 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-08-02 16:54 - 2012-07-05 10:42 - 00000000 ____D C:\ProgramData\TEMP
2015-08-02 16:53 - 2013-10-23 15:24 - 00580158 _____ C:\Windows\PFRO.log
2015-08-02 16:53 - 2013-10-23 15:24 - 00068360 _____ C:\Windows\setupact.log
2015-08-02 16:53 - 2012-06-15 16:50 - 00000000 ____D C:\ProgramData\NVIDIA
2015-08-02 16:53 - 2009-07-14 00:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-08-02 16:52 - 2014-03-22 10:22 - 00000000 ____D C:\Users\PoisonFrog\AppData\Roaming\uTorrent
2015-08-02 16:35 - 2014-03-24 21:38 - 00001467 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-08-02 16:35 - 2012-06-15 16:40 - 00001751 _____ C:\Users\PoisonFrog\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-08-02 16:33 - 2014-05-29 01:20 - 00000928 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1916205949-4121176766-1257420277-1000UA.job
2015-08-02 16:33 - 2013-03-24 08:40 - 00000898 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-08-02 15:00 - 2014-02-13 08:54 - 00000000 ____D C:\Users\PoisonFrog\AppData\Local\CrashDumps
2015-08-02 14:26 - 2013-09-23 09:13 - 00000000 ____D C:\Windows\DB847E94446B49E0AC5DC5627EC8B0C0.TMP
2015-08-02 12:50 - 2012-07-26 18:57 - 00000000 ____D C:\Program Files (x86)\The Elder Scrolls V Skyrim
2015-08-02 12:09 - 2009-07-13 22:20 - 00000000 ___HD C:\Windows\system32\GroupPolicy
2015-08-02 12:09 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\SysWOW64\GroupPolicy
2015-08-02 11:48 - 2013-09-23 06:02 - 00000008 _____ C:\END
2015-08-02 11:16 - 2012-06-15 21:18 - 00003966 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{6BF32A0A-2F47-479A-84C8-76603CD31F51}
2015-08-02 08:51 - 2014-03-19 13:46 - 00000000 ____D C:\Users\PoisonFrog\Documents\Video Download Capture
2015-08-01 23:11 - 2013-05-07 21:24 - 00000132 _____ C:\Users\PoisonFrog\AppData\Roaming\Adobe PNG Format CS5 Prefs
2015-08-01 18:32 - 2014-05-29 01:20 - 00000876 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1916205949-4121176766-1257420277-1000Core.job
2015-08-01 10:58 - 2012-06-15 19:42 - 00000000 ____D C:\Users\PoisonFrog\AppData\Roaming\BitComet
2015-08-01 09:56 - 2012-06-15 18:22 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ACD Systems
2015-08-01 09:56 - 2012-06-15 18:22 - 00000000 ____D C:\ProgramData\ACD Systems
2015-07-31 22:10 - 2015-05-25 10:32 - 00000011 _____ C:\Users\PoisonFrog\Desktop\Life Points.txt
2015-07-31 15:10 - 2014-03-19 13:36 - 00000000 ____D C:\Users\PoisonFrog\AppData\Roaming\Apowersoft
2015-07-31 03:25 - 2013-04-17 23:06 - 00003768 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-07-31 03:25 - 2012-08-22 19:33 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-07-31 03:25 - 2012-06-15 17:36 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-07-30 23:26 - 2012-06-15 18:25 - 00000000 ____D C:\Users\PoisonFrog\AppData\Local\ACD Systems
2015-07-30 23:25 - 2014-01-28 13:27 - 00031836 _____ C:\Windows\DirectX.log
2015-07-30 23:24 - 2013-03-12 14:11 - 00000000 ____D C:\Program Files\Common Files\ACD Systems
2015-07-30 23:22 - 2012-06-15 18:20 - 00000000 ____D C:\Users\PoisonFrog\AppData\Local\Downloaded Installations
2015-07-30 20:32 - 2013-03-24 08:40 - 00000000 ____D C:\Users\PoisonFrog\AppData\Local\Google
2015-07-29 04:39 - 2014-02-21 12:10 - 00000000 ____D C:\Users\PoisonFrog\Documents\Adobe
2015-07-28 16:14 - 2012-06-15 17:39 - 00000000 ____D C:\Users\PoisonFrog\Desktop\Dox
2015-07-25 12:01 - 2009-07-13 22:20 - 00000000 ____D C:\Windows\system32\NDF
2015-07-25 07:18 - 2014-03-24 21:38 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-07-23 18:36 - 2012-06-15 17:25 - 00000000 ____D C:\Users\PoisonFrog\AppData\Roaming\Mozilla
2015-07-23 18:35 - 2014-05-30 19:43 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2015-07-23 18:28 - 2014-05-29 01:20 - 00003912 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1916205949-4121176766-1257420277-1000UA
2015-07-23 18:28 - 2014-05-29 01:20 - 00003516 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1916205949-4121176766-1257420277-1000Core
2015-07-23 18:28 - 2013-03-24 08:40 - 00003894 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-07-23 18:28 - 2013-03-24 08:40 - 00003642 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-07-23 17:43 - 2009-07-13 22:20 - 00000000 __RHD C:\Users\Public\Libraries
2015-07-19 19:19 - 2012-06-15 17:50 - 00000000 ____D C:\Users\PoisonFrog\AppData\Roaming\Adobe
2015-07-05 06:13 - 2013-10-16 00:31 - 657211850 _____ C:\Windows\MEMORY.DMP
2015-07-05 06:13 - 2013-06-25 15:26 - 00000000 ____D C:\Windows\Minidump
 
==================== Files in the root of some directories =======
 
2013-12-28 11:34 - 2013-12-28 11:34 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\1021575e
2013-09-23 11:34 - 2013-09-23 11:34 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\10598ad7
2012-07-05 11:54 - 2012-07-05 11:54 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\106959b8
2013-09-23 11:34 - 2013-09-23 11:34 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\10ab2a85
2013-12-28 11:34 - 2013-12-28 11:34 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\10db5220
2013-09-23 11:34 - 2013-09-23 11:34 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\1107c9e6
2013-12-28 11:34 - 2013-12-28 11:34 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\113e5d83
2013-09-23 11:34 - 2013-09-23 11:34 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\11671faf
2012-07-05 11:54 - 2012-07-05 11:54 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\11c9fd38
2013-09-22 06:25 - 2013-09-22 06:25 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\1249ccef
2013-09-23 11:34 - 2013-09-23 11:34 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\125dd2a0
2012-07-05 11:54 - 2012-07-05 11:54 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\125ff1d7
2014-01-10 07:39 - 2014-01-10 07:39 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\126e61a5
2012-06-24 09:52 - 2012-06-24 09:52 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\12801d9
2013-12-29 14:55 - 2013-12-29 14:55 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\12b2cf3d
2013-09-23 11:34 - 2013-09-23 11:34 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\12b6e5c3
2014-01-10 07:39 - 2014-01-10 07:39 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\12c28234
2014-01-10 08:58 - 2014-01-10 08:58 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\12f4b605
2012-07-05 11:54 - 2012-07-05 11:54 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\12fb5949
2013-12-29 14:55 - 2013-12-29 14:55 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\13044e94
2013-09-22 06:25 - 2013-09-22 06:25 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\13107429
2014-01-10 08:58 - 2014-01-10 08:58 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\133ed445
2013-12-29 14:55 - 2013-12-29 14:55 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\13511233
2012-07-05 11:54 - 2012-07-05 11:54 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\136b9566
2013-12-29 14:55 - 2013-12-29 14:55 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\1394480e
2013-12-29 14:55 - 2013-12-29 14:55 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\13d7e1bd
2013-12-29 14:55 - 2013-12-29 14:55 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\1421fb59
2014-01-10 08:58 - 2014-01-10 08:58 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\14373377
2013-08-11 06:54 - 2013-08-11 06:54 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\14adfc76
2012-06-23 19:13 - 2012-06-23 19:13 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\14cb3c3
2013-08-11 06:54 - 2013-08-11 06:54 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\153f4f42
2014-03-23 07:20 - 2014-03-23 07:20 - 0004634 _____ () C:\Users\PoisonFrog\AppData\Roaming\15699026
2013-08-11 06:54 - 2013-08-11 06:54 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\15924129
2012-06-23 19:13 - 2012-06-23 19:13 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\15b9a1
2014-03-23 07:20 - 2014-03-23 07:20 - 0004634 _____ () C:\Users\PoisonFrog\AppData\Roaming\15c851b3
2012-06-24 09:52 - 2012-06-24 09:52 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\1751ccc
2014-01-30 16:48 - 2014-01-30 16:48 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\175d22dd
2014-01-10 08:58 - 2014-01-10 08:58 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\179db759
2014-01-10 22:28 - 2014-01-10 22:28 - 0004634 _____ () C:\Users\PoisonFrog\AppData\Roaming\179ea311
2014-01-10 22:28 - 2014-01-10 22:28 - 0004634 _____ () C:\Users\PoisonFrog\AppData\Roaming\1833c7ea
2012-06-23 19:13 - 2012-06-23 19:13 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\18e5ed0
2013-08-10 08:32 - 2013-08-10 08:32 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\19d124ec
2013-08-10 08:32 - 2013-08-10 08:32 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\1a22becd
2014-01-30 16:48 - 2014-01-30 16:48 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\1a3b42ca
2014-01-30 16:48 - 2014-01-30 16:48 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\1be19245
2013-08-10 08:32 - 2013-08-10 08:32 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\1c2e206e
2013-12-28 11:34 - 2013-12-28 11:34 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\1ceebc9
2013-08-10 08:32 - 2013-08-10 08:32 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\1d439449
2014-01-30 16:48 - 2014-01-30 16:48 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\1e30e525
2015-07-26 16:28 - 2015-07-26 16:28 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\1e403f05
2015-07-26 16:28 - 2015-07-26 16:28 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\1ec0b757
2014-01-01 10:29 - 2014-01-01 10:29 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\1fcd88cd
2012-06-24 09:42 - 2012-06-24 09:42 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\20470955
2012-06-24 09:52 - 2012-06-24 09:52 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\2063735
2012-06-24 09:42 - 2012-06-24 09:42 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\20ac5db0
2015-07-26 16:28 - 2015-07-26 16:28 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\212cae9d
2015-07-26 16:28 - 2015-07-26 16:28 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\21757e44
2013-08-10 08:32 - 2013-08-10 08:32 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\218818d1
2014-01-01 10:29 - 2014-01-01 10:29 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\21a3bf47
2013-08-10 08:32 - 2013-08-10 08:32 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\21e9a471
2014-01-01 10:29 - 2014-01-01 10:29 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\2223bd6d
2013-09-22 06:19 - 2013-09-22 06:19 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\226cae4
2014-01-01 10:29 - 2014-01-01 10:29 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\227fb7da
2014-01-01 10:29 - 2014-01-01 10:29 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\22d3383f
2014-01-01 10:29 - 2014-01-01 10:29 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\231a593a
2014-01-30 16:48 - 2014-01-30 16:48 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\23bdb639
2014-01-10 22:27 - 2014-01-10 22:27 - 0004634 _____ () C:\Users\PoisonFrog\AppData\Roaming\23db8300
2014-01-30 16:48 - 2014-01-30 16:48 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\24172bf8
2014-01-10 22:27 - 2014-01-10 22:27 - 0004634 _____ () C:\Users\PoisonFrog\AppData\Roaming\2441317b
2014-01-30 16:48 - 2014-01-30 16:48 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\2473e883
2015-07-26 16:28 - 2015-07-26 16:28 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\27cb9bb0
2015-07-26 16:28 - 2015-07-26 16:28 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\28163463
2014-01-30 16:48 - 2014-01-30 16:48 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\28375fb0
2015-07-26 16:28 - 2015-07-26 16:28 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\285bd7b4
2014-01-30 16:48 - 2014-01-30 16:48 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\28a48fbd
2015-07-26 16:28 - 2015-07-26 16:28 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\28dda41f
2012-06-24 09:52 - 2012-06-24 09:52 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\28fd75c
2015-07-26 16:28 - 2015-07-26 16:28 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\292d9ded
2012-06-24 09:41 - 2012-06-24 09:41 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\29cd894b
2012-06-24 09:41 - 2012-06-24 09:41 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\2a1e8fe2
2014-01-10 22:27 - 2014-01-10 22:27 - 0004634 _____ () C:\Users\PoisonFrog\AppData\Roaming\2a4ed8f4
2012-06-24 09:41 - 2012-06-24 09:41 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\2a730d0c
2014-01-10 22:27 - 2014-01-10 22:27 - 0004634 _____ () C:\Users\PoisonFrog\AppData\Roaming\2aacba7d
2012-06-24 09:41 - 2012-06-24 09:41 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\2ac3f1c8
2013-12-28 11:41 - 2013-12-28 11:41 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\2ad9df3
2012-06-24 09:41 - 2012-06-24 09:41 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\2b0da3aa
2012-06-24 09:41 - 2012-06-24 09:41 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\2b56f8ff
2014-01-10 22:27 - 2014-01-10 22:27 - 0004634 _____ () C:\Users\PoisonFrog\AppData\Roaming\2d16c912
2014-01-10 22:27 - 2014-01-10 22:27 - 0004634 _____ () C:\Users\PoisonFrog\AppData\Roaming\2d65e1ce
2012-06-24 09:41 - 2012-06-24 09:41 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\2f8415d4
2013-12-28 11:18 - 2013-12-28 11:18 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\2fb36106
2012-06-24 09:41 - 2012-06-24 09:41 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\2fcfeafc
2013-12-28 11:18 - 2013-12-28 11:18 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\301d612f
2012-07-05 11:54 - 2012-07-05 11:54 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\315d31f2
2013-12-28 11:41 - 2013-12-28 11:41 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\3175714
2012-06-24 09:41 - 2012-06-24 09:41 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\3177a648
2012-07-05 11:54 - 2012-07-05 11:54 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\31db4515
2012-06-24 09:41 - 2012-06-24 09:41 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\320f06df
2013-12-29 14:55 - 2013-12-29 14:55 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\32ba5da8
2013-12-29 14:55 - 2013-12-29 14:55 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\33463e32
2012-06-24 09:41 - 2012-06-24 09:41 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\33566b18
2013-12-29 14:57 - 2013-12-29 14:57 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\339c81b0
2012-06-24 09:41 - 2012-06-24 09:41 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\340cdaec
2012-06-24 09:41 - 2012-06-24 09:41 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\34582e76
2012-06-24 09:41 - 2012-06-24 09:41 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\34e264e8
2013-12-29 14:57 - 2013-12-29 14:57 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\34fa48de
2012-06-24 09:41 - 2012-06-24 09:41 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\3535f3b5
2012-07-05 11:54 - 2012-07-05 11:54 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\35384f3d
2013-08-10 08:32 - 2013-08-10 08:32 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\35833210
2013-12-29 14:55 - 2013-12-29 14:55 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\35a9af4e
2013-12-29 14:55 - 2013-12-29 14:55 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\36138b4a
2013-08-10 08:32 - 2013-08-10 08:32 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\3634fd08
2012-07-05 11:54 - 2012-07-05 11:54 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\374ecbb2
2013-08-10 08:32 - 2013-08-10 08:32 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\37615e94
2013-12-29 14:55 - 2013-12-29 14:55 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\37f29131
2014-01-01 10:29 - 2014-01-01 10:29 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\380380a0
2013-12-29 14:55 - 2013-12-29 14:55 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\38472d26
2013-12-29 14:55 - 2013-12-29 14:55 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\388b149d
2014-01-01 10:29 - 2014-01-01 10:29 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\3892bb35
2013-08-10 08:32 - 2013-08-10 08:32 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\389984c5
2013-12-29 14:55 - 2013-12-29 14:55 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\391ff11c
2013-12-29 14:55 - 2013-12-29 14:55 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\39752334
2012-06-24 09:48 - 2012-06-24 09:48 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\3a32e83c
2014-01-01 10:29 - 2014-01-01 10:29 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\3a340e00
2013-08-11 06:58 - 2013-08-11 06:58 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\3a4a54c3
2012-07-05 11:54 - 2012-07-05 11:54 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\3a5d3c27
2014-01-01 10:29 - 2014-01-01 10:29 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\3a92de1b
2013-08-11 06:58 - 2013-08-11 06:58 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\3aa080b6
2012-07-05 11:54 - 2012-07-05 11:54 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\3ab20584
2012-06-24 09:48 - 2012-06-24 09:48 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\3af949f9
2012-07-05 11:54 - 2012-07-05 11:54 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\3b03108a
2012-07-05 11:54 - 2012-07-05 11:54 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\3b9c105d
2012-07-05 11:54 - 2012-07-05 11:54 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\3c030778
2013-08-10 08:32 - 2013-08-10 08:32 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\3c88dc76
2014-01-01 10:29 - 2014-01-01 10:29 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\3f2bdb30
2014-01-01 10:29 - 2014-01-01 10:29 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\3f7ca9de
2014-01-01 10:29 - 2014-01-01 10:29 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\3fc23bbe
2014-01-01 10:29 - 2014-01-01 10:29 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\40790d2f
2014-01-01 10:29 - 2014-01-01 10:29 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\40dd693a
2013-12-28 11:18 - 2013-12-28 11:18 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\42642b9e
2013-12-29 14:57 - 2013-12-29 14:57 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\42d1f2c1
2013-08-11 06:54 - 2013-08-11 06:54 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\431b5ce
2013-12-29 14:57 - 2013-12-29 14:57 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\43209998
2013-09-23 11:34 - 2013-09-23 11:34 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\43dc8551
2013-12-28 14:50 - 2013-12-28 14:50 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\440b0110
2013-09-23 11:34 - 2013-09-23 11:34 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\44352d3e
2013-12-28 14:50 - 2013-12-28 14:50 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\448b30e0
2013-12-28 11:18 - 2013-12-28 11:18 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\44a33e8b
2013-09-23 11:34 - 2013-09-23 11:34 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\45e4704c
2012-06-23 19:12 - 2012-06-23 19:12 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\473abb90
2012-06-23 19:12 - 2012-06-23 19:12 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\47872dd1
2012-06-23 19:12 - 2012-06-23 19:12 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\47d327f1
2013-12-28 11:20 - 2013-12-28 11:20 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\47dac57c
2013-08-11 06:54 - 2013-08-11 06:54 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\480cc6e
2012-06-23 19:12 - 2012-06-23 19:12 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\48164361
2013-12-28 11:20 - 2013-12-28 11:20 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\483d11db
2012-06-23 19:12 - 2012-06-23 19:12 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\487a0f7f
2012-06-23 19:11 - 2012-06-23 19:11 - 0004634 _____ () C:\Users\PoisonFrog\AppData\Roaming\48affe5
2012-06-23 19:12 - 2012-06-23 19:12 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\48e519a6
2013-09-23 11:34 - 2013-09-23 11:34 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\4975d4f2
2013-12-28 11:19 - 2013-12-28 11:19 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\4a566dde
2013-09-23 11:34 - 2013-09-23 11:34 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\4aef3edd
2013-12-28 11:19 - 2013-12-28 11:19 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\4af5f65f
2013-09-23 11:34 - 2013-09-23 11:34 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\4b487755
2013-09-23 11:34 - 2013-09-23 11:34 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\4bb973b7
2013-09-23 11:34 - 2013-09-23 11:34 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\4c635599
2013-09-23 11:34 - 2013-09-23 11:34 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\4cbd94af
2012-06-23 19:12 - 2012-06-23 19:12 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\4d1ec7c0
2012-06-23 19:12 - 2012-06-23 19:12 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\4d6bce9c
2012-06-23 19:11 - 2012-06-23 19:11 - 0004634 _____ () C:\Users\PoisonFrog\AppData\Roaming\4e19bda
2012-06-24 09:52 - 2012-06-24 09:52 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\4eedab2
2012-06-23 19:12 - 2012-06-23 19:12 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\505d7ded
2012-06-23 19:12 - 2012-06-23 19:12 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\50b4faf4
2012-06-23 19:12 - 2012-06-23 19:12 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\51d5e6df
2012-06-23 19:12 - 2012-06-23 19:12 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\5228413b
2012-06-23 19:12 - 2012-06-23 19:12 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\52699b87
2012-06-23 19:12 - 2012-06-23 19:12 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\52ee9c88
2012-06-23 19:12 - 2012-06-23 19:12 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\534f2aed
2013-12-28 11:22 - 2013-12-28 11:22 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\53ba015d
2013-12-28 11:22 - 2013-12-28 11:22 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\54122f79
2013-11-02 04:10 - 2013-11-02 04:10 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\56fcf824
2014-01-10 22:27 - 2014-01-10 22:27 - 0004634 _____ () C:\Users\PoisonFrog\AppData\Roaming\572590f8
2013-11-02 04:10 - 2013-11-02 04:10 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\575697b2
2014-01-10 22:27 - 2014-01-10 22:27 - 0004634 _____ () C:\Users\PoisonFrog\AppData\Roaming\578bb50b
2014-01-10 22:27 - 2014-01-10 22:27 - 0004634 _____ () C:\Users\PoisonFrog\AppData\Roaming\593c5641
2012-06-23 19:13 - 2012-06-23 19:13 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\59bafd0
2014-03-23 07:21 - 2014-03-23 07:21 - 0004634 _____ () C:\Users\PoisonFrog\AppData\Roaming\5aa6f556
2014-03-23 07:21 - 2014-03-23 07:21 - 0004634 _____ () C:\Users\PoisonFrog\AppData\Roaming\5b236c5c
2013-09-22 06:19 - 2013-09-22 06:19 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\5b245f5
2013-08-11 06:54 - 2013-08-11 06:54 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\5dce883
2013-12-28 14:50 - 2013-12-28 14:50 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\5e4089e7
2012-06-23 19:13 - 2012-06-23 19:13 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\5e8ea75
2013-12-28 14:50 - 2013-12-28 14:50 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\5eeea956
2013-08-14 14:06 - 2013-08-14 14:06 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\5f99e3c2
2014-01-10 22:27 - 2014-01-10 22:27 - 0004634 _____ () C:\Users\PoisonFrog\AppData\Roaming\5fcd006c
2012-07-05 11:54 - 2012-07-05 11:54 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\5fd19947
2013-08-14 14:06 - 2013-08-14 14:06 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\5fe93d69
2014-01-10 22:27 - 2014-01-10 22:27 - 0004634 _____ () C:\Users\PoisonFrog\AppData\Roaming\6023064c
2012-07-05 11:54 - 2012-07-05 11:54 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\6037c6d9
2014-01-10 22:27 - 2014-01-10 22:27 - 0004634 _____ () C:\Users\PoisonFrog\AppData\Roaming\606e4b44
2014-01-10 22:27 - 2014-01-10 22:27 - 0004634 _____ () C:\Users\PoisonFrog\AppData\Roaming\60ed3499
2014-01-10 22:27 - 2014-01-10 22:27 - 0004634 _____ () C:\Users\PoisonFrog\AppData\Roaming\614917d2
2012-06-23 19:13 - 2012-06-23 19:13 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\625821
2013-12-28 11:18 - 2013-12-28 11:18 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\6296c813
2013-08-11 06:58 - 2013-08-11 06:58 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\62dc358e
2013-12-28 11:38 - 2013-12-28 11:38 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\6306a73f
2013-09-22 06:19 - 2013-09-22 06:19 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\630851d
2013-09-22 06:20 - 2013-09-22 06:20 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\6333fe84
2013-08-11 06:54 - 2013-08-11 06:54 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\63632c1
2013-08-11 06:58 - 2013-08-11 06:58 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\637edd94
2013-12-28 11:38 - 2013-12-28 11:38 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\63b01e32
2013-09-22 06:20 - 2013-09-22 06:20 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\63cf3c9e
2013-05-01 13:59 - 2013-05-01 13:59 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\6433d21e
2013-05-01 13:59 - 2013-05-01 13:59 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\64941610
2013-12-28 11:43 - 2013-12-28 11:43 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\66fa6457
2013-11-02 04:10 - 2013-11-02 04:10 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\67305ef6
2013-12-28 11:43 - 2013-12-28 11:43 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\676a75af
2012-06-23 19:11 - 2012-06-23 19:11 - 0004634 _____ () C:\Users\PoisonFrog\AppData\Roaming\677cb57
2013-11-02 04:10 - 2013-11-02 04:10 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\68b411d0
2013-12-28 11:18 - 2013-12-28 11:18 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\68f31615
2013-08-11 06:54 - 2013-08-11 06:54 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\69aa00
2013-08-14 14:02 - 2013-08-14 14:02 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\6acfac07
2013-11-02 04:10 - 2013-11-02 04:10 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\6b8261cc
2013-12-28 11:18 - 2013-12-28 11:18 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\6bc8b589
2013-08-14 14:02 - 2013-08-14 14:02 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\6c032050
2013-11-02 04:10 - 2013-11-02 04:10 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\6c1da386
2012-06-23 19:11 - 2012-06-23 19:11 - 0004634 _____ () C:\Users\PoisonFrog\AppData\Roaming\6d5cafc
2013-11-02 04:10 - 2013-11-02 04:10 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\6e242d3f
2013-11-02 04:10 - 2013-11-02 04:10 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\6ef6799a
2013-09-22 06:19 - 2013-09-22 06:19 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\70063b0
2013-12-28 11:18 - 2013-12-28 11:18 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\70522a6a
2013-08-14 14:02 - 2013-08-14 14:02 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\712a2794
2013-08-14 14:02 - 2013-08-14 14:02 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\721e6fd9
2013-08-14 14:02 - 2013-08-14 14:02 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\728cc289
2013-08-14 14:02 - 2013-08-14 14:02 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\72e6db71
2013-12-29 14:55 - 2013-12-29 14:55 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\744f83d8
2013-12-29 14:55 - 2013-12-29 14:55 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\74a19129
2013-09-22 06:21 - 2013-09-22 06:21 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\74a43c50
2013-09-22 06:21 - 2013-09-22 06:21 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\7514c14e
2012-06-23 19:13 - 2012-06-23 19:13 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\77581f2
2013-08-11 06:54 - 2013-08-11 06:54 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\784b5895
2013-08-11 06:54 - 2013-08-11 06:54 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\78aa915d
2013-08-11 06:54 - 2013-08-11 06:54 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\79334ea7
2014-03-23 07:20 - 2014-03-23 07:20 - 0004634 _____ () C:\Users\PoisonFrog\AppData\Roaming\7a2f31fd
2013-08-11 06:54 - 2013-08-11 06:54 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\7a66269e
2014-03-23 07:20 - 2014-03-23 07:20 - 0004634 _____ () C:\Users\PoisonFrog\AppData\Roaming\7a854e2b
2013-08-11 06:54 - 2013-08-11 06:54 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\7ab9c731
2013-08-11 06:54 - 2013-08-11 06:54 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\7b1938df
2013-12-28 11:18 - 2013-12-28 11:18 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\7cb7ff6d
2012-06-23 19:13 - 2012-06-23 19:13 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\7d4d7f5
2012-06-23 19:11 - 2012-06-23 19:11 - 0004634 _____ () C:\Users\PoisonFrog\AppData\Roaming\7e36ef
2013-12-28 15:11 - 2013-12-28 15:11 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\7eaa8eae
2013-12-28 11:18 - 2013-12-28 11:18 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\7ef74f11
2013-12-28 15:11 - 2013-12-28 15:11 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\7efeb74f
2013-09-22 06:19 - 2013-09-22 06:19 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\7f94b37
2013-12-28 11:19 - 2013-12-28 11:19 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\80718946
2012-06-24 09:46 - 2012-06-24 09:46 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\80c1f8b4
2013-12-28 11:19 - 2013-12-28 11:19 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\80d21013
2012-06-24 09:46 - 2012-06-24 09:46 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\816cb71f
2012-06-23 19:11 - 2012-06-23 19:11 - 0004634 _____ () C:\Users\PoisonFrog\AppData\Roaming\8376184a
2012-06-23 19:11 - 2012-06-23 19:11 - 0004634 _____ () C:\Users\PoisonFrog\AppData\Roaming\83c0e9e3
2012-06-23 19:11 - 2012-06-23 19:11 - 0004634 _____ () C:\Users\PoisonFrog\AppData\Roaming\84afb227
2012-06-23 19:11 - 2012-06-23 19:11 - 0004634 _____ () C:\Users\PoisonFrog\AppData\Roaming\84fbfb14
2012-06-23 19:11 - 2012-06-23 19:11 - 0004634 _____ () C:\Users\PoisonFrog\AppData\Roaming\8553f83c
2012-06-23 19:11 - 2012-06-23 19:11 - 0004634 _____ () C:\Users\PoisonFrog\AppData\Roaming\8596ff28
2014-01-01 10:29 - 2014-01-01 10:29 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\88ee3308
2014-01-01 10:29 - 2014-01-01 10:29 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\8984db76
2012-06-23 19:11 - 2012-06-23 19:11 - 0004634 _____ () C:\Users\PoisonFrog\AppData\Roaming\899336eb
2012-06-23 19:11 - 2012-06-23 19:11 - 0004634 _____ () C:\Users\PoisonFrog\AppData\Roaming\89de8136
2012-06-23 19:11 - 2012-06-23 19:11 - 0004634 _____ () C:\Users\PoisonFrog\AppData\Roaming\8ac426f8
2012-07-05 11:54 - 2012-07-05 11:54 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\8b18afbd
2012-07-05 11:54 - 2012-07-05 11:54 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\8b713520
2012-06-23 19:11 - 2012-06-23 19:11 - 0004634 _____ () C:\Users\PoisonFrog\AppData\Roaming\8bde943d
2012-06-23 19:13 - 2012-06-23 19:13 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\8c95203
2012-06-24 09:53 - 2012-06-24 09:53 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\8cc64d2e
2014-03-23 07:23 - 2014-03-23 07:23 - 0004634 _____ () C:\Users\PoisonFrog\AppData\Roaming\8ccc7c65
2012-06-24 09:53 - 2012-06-24 09:53 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\8d33bd6d
2012-06-23 19:11 - 2012-06-23 19:11 - 0004634 _____ () C:\Users\PoisonFrog\AppData\Roaming\8d3de554
2012-06-23 19:11 - 2012-06-23 19:11 - 0004634 _____ () C:\Users\PoisonFrog\AppData\Roaming\8d800f22
2012-06-23 19:11 - 2012-06-23 19:11 - 0004634 _____ () C:\Users\PoisonFrog\AppData\Roaming\8df60b46
2014-03-23 07:23 - 2014-03-23 07:23 - 0004634 _____ () C:\Users\PoisonFrog\AppData\Roaming\8e0d06e1
2012-06-23 19:11 - 2012-06-23 19:11 - 0004634 _____ () C:\Users\PoisonFrog\AppData\Roaming\8e4e067f
2013-12-28 11:18 - 2013-12-28 11:18 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\8e67da53
2013-12-28 11:18 - 2013-12-28 11:18 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\8eb48a99
2014-03-23 07:20 - 2014-03-23 07:20 - 0004634 _____ () C:\Users\PoisonFrog\AppData\Roaming\8ff52fbe
2014-03-23 07:20 - 2014-03-23 07:20 - 0004634 _____ () C:\Users\PoisonFrog\AppData\Roaming\90914a1d
2012-06-23 19:13 - 2012-06-23 19:13 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\915085b
2014-03-23 07:20 - 2014-03-23 07:20 - 0004634 _____ () C:\Users\PoisonFrog\AppData\Roaming\92fc72e6
2014-03-23 07:20 - 2014-03-23 07:20 - 0004634 _____ () C:\Users\PoisonFrog\AppData\Roaming\93982bfa
2012-06-23 19:13 - 2012-06-23 19:13 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\9592a6d
2013-12-28 11:18 - 2013-12-28 11:18 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\96dcfe93
2013-09-22 06:19 - 2013-09-22 06:19 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\9761ca0e
2013-12-28 11:18 - 2013-12-28 11:18 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\979f3c04
2013-09-22 06:19 - 2013-09-22 06:19 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\97b98b7a
2015-07-26 16:35 - 2015-07-26 16:35 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\984771ab
2013-12-28 11:18 - 2013-12-28 11:18 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\9882189d
2015-07-26 16:35 - 2015-07-26 16:35 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\988ab255
2013-11-02 04:10 - 2013-11-02 04:10 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\98afaa13
2013-11-02 04:10 - 2013-11-02 04:10 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\990a0c74
2013-12-28 11:18 - 2013-12-28 11:18 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\99125c91
2013-12-28 11:35 - 2013-12-28 11:35 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\9a905529
2013-12-28 11:35 - 2013-12-28 11:35 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\9b2a3c66
2013-12-28 11:18 - 2013-12-28 11:18 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\9b6c7bc7
2013-08-10 08:35 - 2013-08-10 08:35 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\9d6c2b3c
2014-03-23 07:21 - 2014-03-23 07:21 - 0004634 _____ () C:\Users\PoisonFrog\AppData\Roaming\9d94dd99
2013-08-10 08:35 - 2013-08-10 08:35 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\9d99a828
2013-12-28 14:47 - 2013-12-28 14:47 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\9dbe171f
2013-12-28 11:34 - 2013-12-28 11:34 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\9dd2ef5
2013-08-10 08:35 - 2013-08-10 08:35 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\9de111b6
2014-03-23 07:21 - 2014-03-23 07:21 - 0004634 _____ () C:\Users\PoisonFrog\AppData\Roaming\9df406e5
2013-08-10 08:35 - 2013-08-10 08:35 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\9e33722a
2012-06-23 19:13 - 2012-06-23 19:13 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\9e8b985
2013-11-02 04:10 - 2013-11-02 04:10 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\9feb06c7
2013-11-02 04:10 - 2013-11-02 04:10 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\a05314f5
2013-12-28 11:18 - 2013-12-28 11:18 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\a05e3c17
2013-12-28 11:18 - 2013-12-28 11:18 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\a0cf5544
2013-08-14 14:06 - 2013-08-14 14:06 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\a20dde44
2013-08-14 14:06 - 2013-08-14 14:06 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\a29f0e79
2013-12-28 11:34 - 2013-12-28 11:34 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\a3714c4
2012-06-23 19:13 - 2012-06-23 19:13 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\a391ed1
2013-12-28 14:47 - 2013-12-28 14:47 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\a3cfb862
2013-11-02 04:10 - 2013-11-02 04:10 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\a51a0b0c
2014-01-10 07:38 - 2014-01-10 07:38 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\a53098be
2014-01-10 07:38 - 2014-01-10 07:38 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\a5890d58
2013-11-02 04:10 - 2013-11-02 04:10 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\a5aabe67
2013-08-10 08:33 - 2013-08-10 08:33 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\a5b8427e
2013-08-10 08:33 - 2013-08-10 08:33 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\a60b3c7a
2013-09-23 11:34 - 2013-09-23 11:34 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\a833b57
2014-01-10 07:38 - 2014-01-10 07:38 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\a851eb19
2014-01-10 07:38 - 2014-01-10 07:38 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\a8986034
2013-12-28 11:41 - 2013-12-28 11:41 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\aa592cf8
2014-01-10 07:38 - 2014-01-10 07:38 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\aac9af16
2013-12-28 11:41 - 2013-12-28 11:41 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\aaf07de6
2014-01-10 07:38 - 2014-01-10 07:38 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\ab1e82ae
2010-12-22 11:26 - 2010-12-22 11:26 - 487666616 _____ (Adobe Systems Incorporated) C:\Users\PoisonFrog\AppData\Roaming\AcrobatPro_10_Web_WWEFD.exe
2013-09-23 11:34 - 2013-09-23 11:34 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\add0591
2014-02-05 15:33 - 2014-02-05 15:33 - 0000132 _____ () C:\Users\PoisonFrog\AppData\Roaming\Adobe AIFF Format CS5 Prefs
2014-03-06 23:43 - 2014-03-13 20:39 - 0000132 _____ () C:\Users\PoisonFrog\AppData\Roaming\Adobe BMP Format CS5 Prefs
2013-05-07 21:24 - 2015-08-01 23:11 - 0000132 _____ () C:\Users\PoisonFrog\AppData\Roaming\Adobe PNG Format CS5 Prefs
2013-11-02 04:10 - 2013-11-02 04:10 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\ae650f72
2013-11-02 04:10 - 2013-11-02 04:10 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\af07db33
2013-11-02 04:10 - 2013-11-02 04:10 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\af97b022
2013-11-02 04:10 - 2013-11-02 04:10 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\b0e5042b
2013-11-02 04:10 - 2013-11-02 04:10 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\b1919a48
2012-06-23 19:11 - 2012-06-23 19:11 - 0004634 _____ () C:\Users\PoisonFrog\AppData\Roaming\b1e0a4ac
2013-08-14 14:03 - 2013-08-14 14:03 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\b3a2b168
2012-06-23 19:11 - 2012-06-23 19:11 - 0004634 _____ () C:\Users\PoisonFrog\AppData\Roaming\b3d052f
2013-08-14 14:03 - 2013-08-14 14:03 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\b3f1d01e
2014-01-10 08:58 - 2014-01-10 08:58 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\b41dfae
2013-09-22 06:19 - 2013-09-22 06:19 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\b4fad4cc
2013-09-22 06:19 - 2013-09-22 06:19 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\b5517c80
2013-05-01 13:59 - 2013-05-01 13:59 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\b567b1dd
2012-06-24 09:48 - 2012-06-24 09:48 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\b58ef1fd
2013-05-01 13:59 - 2013-05-01 13:59 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\b5bd5807
2013-09-22 06:19 - 2013-09-22 06:19 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\b5d3c838
2012-06-24 09:48 - 2012-06-24 09:48 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\b5eb2eb4
2013-09-22 06:19 - 2013-09-22 06:19 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\b627d8af
2013-05-01 13:59 - 2013-05-01 13:59 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\b633c92f
2013-09-22 06:19 - 2013-09-22 06:19 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\b67b6857
2013-05-01 13:59 - 2013-05-01 13:59 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\b6805447
2013-05-01 13:59 - 2013-05-01 13:59 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\b6cd2581
2013-09-22 06:19 - 2013-09-22 06:19 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\b6cea622
2013-05-01 13:59 - 2013-05-01 13:59 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\b71776a5
2013-08-11 06:56 - 2013-08-11 06:56 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\b8aa12d8
2013-05-01 13:59 - 2013-05-01 13:59 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\b8c8d8b0
2013-08-11 06:56 - 2013-08-11 06:56 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\b8fa4d32
2012-06-23 19:11 - 2012-06-23 19:11 - 0004634 _____ () C:\Users\PoisonFrog\AppData\Roaming\b953307
2013-05-01 13:59 - 2013-05-01 13:59 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\b95c8d9b
2012-06-23 19:13 - 2012-06-23 19:13 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\b9790c
2014-01-10 08:58 - 2014-01-10 08:58 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\b9be01b
2014-03-23 07:21 - 2014-03-23 07:21 - 0004634 _____ () C:\Users\PoisonFrog\AppData\Roaming\ba37419
2012-06-24 09:42 - 2012-06-24 09:42 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\bc752c82
2012-06-24 09:42 - 2012-06-24 09:42 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\bccb00c2
2012-06-24 09:53 - 2012-06-24 09:53 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\bd66c9fc
2012-06-24 09:53 - 2012-06-24 09:53 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\bdf8842e
2014-01-10 07:38 - 2014-01-10 07:38 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\bf7287d9
2014-01-10 07:38 - 2014-01-10 07:38 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\c0060256
2013-08-10 08:32 - 2013-08-10 08:32 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\c0aa7136
2013-08-11 06:54 - 2013-08-11 06:54 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\c14f91
2013-08-10 08:32 - 2013-08-10 08:32 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\c1592614
2014-01-10 07:38 - 2014-01-10 07:38 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\c3647690
2014-01-10 07:38 - 2014-01-10 07:38 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\c3b3d144
2012-06-24 09:53 - 2012-06-24 09:53 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\c3c6794c
2012-06-24 09:53 - 2012-06-24 09:53 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\c41bb59f
2014-03-23 07:21 - 2014-03-23 07:21 - 0004634 _____ () C:\Users\PoisonFrog\AppData\Roaming\c44a5f5
2014-01-10 07:38 - 2014-01-10 07:38 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\c52cd49e
2014-01-10 07:38 - 2014-01-10 07:38 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\c57d9922
2013-12-28 11:34 - 2013-12-28 11:34 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\c71e282
2012-06-23 19:11 - 2012-06-23 19:11 - 0004634 _____ () C:\Users\PoisonFrog\AppData\Roaming\c812e87
2015-07-26 16:29 - 2015-07-26 16:29 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\c989d4dc
2015-07-26 16:29 - 2015-07-26 16:29 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\c9ca571b
2013-08-10 08:32 - 2013-08-10 08:32 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\ca0d5126
2014-01-10 07:38 - 2014-01-10 07:38 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\ca1db9ba
2014-01-10 07:38 - 2014-01-10 07:38 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\ca7c59ca
2014-01-10 07:38 - 2014-01-10 07:38 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\cacd0e02
2013-08-10 08:32 - 2013-08-10 08:32 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\cb058c05
2014-03-23 07:23 - 2014-03-23 07:23 - 0004634 _____ () C:\Users\PoisonFrog\AppData\Roaming\cb4b4641
2013-12-29 14:55 - 2013-12-29 14:55 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\cb86f9fb
2014-03-23 07:23 - 2014-03-23 07:23 - 0004634 _____ () C:\Users\PoisonFrog\AppData\Roaming\cba97d2a
2013-08-10 08:32 - 2013-08-10 08:32 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\cbcc556e
2013-12-29 14:55 - 2013-12-29 14:55 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\cc428bd8
2013-12-28 11:20 - 2013-12-28 11:20 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\cc45ead6
2012-06-23 19:11 - 2012-06-23 19:11 - 0004634 _____ () C:\Users\PoisonFrog\AppData\Roaming\cc45f39a
2013-08-10 08:32 - 2013-08-10 08:32 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\cc5fd16e
2013-09-22 06:19 - 2013-09-22 06:19 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\ccbbfffa
2013-12-28 11:20 - 2013-12-28 11:20 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\cccd1204
2012-06-23 19:11 - 2012-06-23 19:11 - 0004634 _____ () C:\Users\PoisonFrog\AppData\Roaming\ccda0006
2013-09-22 06:19 - 2013-09-22 06:19 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\cd1093a8
2014-01-10 07:38 - 2014-01-10 07:38 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\cd2e5293
2012-06-23 19:11 - 2012-06-23 19:11 - 0004634 _____ () C:\Users\PoisonFrog\AppData\Roaming\cd6983da
2014-01-10 07:38 - 2014-01-10 07:38 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\cd84dd4a
2012-06-23 19:11 - 2012-06-23 19:11 - 0004634 _____ () C:\Users\PoisonFrog\AppData\Roaming\cdf83dcc
2013-12-28 11:34 - 2013-12-28 11:34 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\ce17c00
2012-06-23 19:11 - 2012-06-23 19:11 - 0004634 _____ () C:\Users\PoisonFrog\AppData\Roaming\ce571be0
2012-06-23 19:11 - 2012-06-23 19:11 - 0004634 _____ () C:\Users\PoisonFrog\AppData\Roaming\cea76be6
2013-08-11 06:54 - 2013-08-11 06:54 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\cef11eb7
2012-06-23 19:11 - 2012-06-23 19:11 - 0004634 _____ () C:\Users\PoisonFrog\AppData\Roaming\cef971ba
2013-08-11 06:54 - 2013-08-11 06:54 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\cf41c67e
2012-06-23 19:11 - 2012-06-23 19:11 - 0004634 _____ () C:\Users\PoisonFrog\AppData\Roaming\cf485c87
2012-06-23 19:11 - 2012-06-23 19:11 - 0004634 _____ () C:\Users\PoisonFrog\AppData\Roaming\cf969b7d
2013-08-14 14:02 - 2013-08-14 14:02 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\cfc82cfb
2012-06-23 19:11 - 2012-06-23 19:11 - 0004634 _____ () C:\Users\PoisonFrog\AppData\Roaming\cfda3bf4
2013-08-14 14:02 - 2013-08-14 14:02 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\d02c2dfd
2012-06-24 09:47 - 2012-06-24 09:47 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\d06de279
2012-06-24 09:47 - 2012-06-24 09:47 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\d0bfcf25
2013-08-14 14:02 - 2013-08-14 14:02 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\d19cc005
2013-08-14 14:02 - 2013-08-14 14:02 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\d1f70196
2014-01-30 16:48 - 2014-01-30 16:48 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\d580b25b
2012-06-23 19:11 - 2012-06-23 19:11 - 0004634 _____ () C:\Users\PoisonFrog\AppData\Roaming\d5b02a
2014-01-10 08:58 - 2014-01-10 08:58 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\d783a77
2014-03-23 07:22 - 2014-03-23 07:22 - 0004634 _____ () C:\Users\PoisonFrog\AppData\Roaming\d7bd960b
2014-03-23 07:22 - 2014-03-23 07:22 - 0004634 _____ () C:\Users\PoisonFrog\AppData\Roaming\d81dd6c2
2014-01-10 08:58 - 2014-01-10 08:58 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\d828fe81
2014-01-10 08:58 - 2014-01-10 08:58 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\d8827742
2014-01-10 08:58 - 2014-01-10 08:58 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\d8dbd0f3
2013-05-01 13:59 - 2013-05-01 13:59 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\d9249564
2014-01-10 08:58 - 2014-01-10 08:58 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\d94ccea7
2013-05-01 13:59 - 2013-05-01 13:59 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\d97d0c6f
2014-01-10 08:58 - 2014-01-10 08:58 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\d999c3f7
2014-01-10 08:58 - 2014-01-10 08:58 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\d9e08fc4
2014-01-30 16:48 - 2014-01-30 16:48 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\d9ec80c9
2013-12-28 11:39 - 2013-12-28 11:39 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\dab00303
2014-01-10 22:29 - 2014-01-10 22:29 - 0004634 _____ () C:\Users\PoisonFrog\AppData\Roaming\dad149f1
2013-12-28 11:39 - 2013-12-28 11:39 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\db03ccfc
2014-01-10 22:29 - 2014-01-10 22:29 - 0004634 _____ () C:\Users\PoisonFrog\AppData\Roaming\db8c8143
2013-05-01 13:59 - 2013-05-01 13:59 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\dbc4cb87
2013-05-01 13:59 - 2013-05-01 13:59 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\dc235897
2012-06-23 19:11 - 2012-06-23 19:11 - 0004634 _____ () C:\Users\PoisonFrog\AppData\Roaming\dd4c986
2014-01-30 16:48 - 2014-01-30 16:48 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\de1e5d8d
2014-01-30 16:48 - 2014-01-30 16:48 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\de73c57d
2014-01-30 16:48 - 2014-01-30 16:48 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\decf3870
2014-01-30 16:48 - 2014-01-30 16:48 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\df2b6663
2014-03-23 07:20 - 2014-03-23 07:20 - 0004634 _____ () C:\Users\PoisonFrog\AppData\Roaming\dfc374b8
2014-01-10 08:58 - 2014-01-10 08:58 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\dfe3388
2013-05-01 13:59 - 2013-05-01 13:59 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\e045488b
2014-03-23 07:20 - 2014-03-23 07:20 - 0004634 _____ () C:\Users\PoisonFrog\AppData\Roaming\e0797b61
2013-05-01 13:59 - 2013-05-01 13:59 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\e097211f
2013-05-01 13:59 - 2013-05-01 13:59 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\e0e11b91
2013-05-01 13:59 - 2013-05-01 13:59 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\e17d3376
2013-05-01 13:59 - 2013-05-01 13:59 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\e1d8ab94
2014-03-23 07:20 - 2014-03-23 07:20 - 0004634 _____ () C:\Users\PoisonFrog\AppData\Roaming\e28d7d13
2012-06-23 19:11 - 2012-06-23 19:11 - 0004634 _____ () C:\Users\PoisonFrog\AppData\Roaming\e33357c
2013-12-28 11:21 - 2013-12-28 11:21 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\e42c2fb5
2013-12-28 11:21 - 2013-12-28 11:21 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\e4c53203
2013-12-28 11:34 - 2013-12-28 11:34 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\e5c2826f
2013-12-28 11:34 - 2013-12-28 11:34 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\e615626c
2013-12-28 11:34 - 2013-12-28 11:34 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\e6649bda
2015-07-26 16:34 - 2015-07-26 16:34 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\e6776013
2013-08-14 14:02 - 2013-08-14 14:02 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\e67fd374
2013-12-28 11:34 - 2013-12-28 11:34 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\e6b65059
2013-08-14 14:02 - 2013-08-14 14:02 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\e6dbb1d3
2015-07-26 16:34 - 2015-07-26 16:34 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\e6f34143
2013-12-28 11:34 - 2013-12-28 11:34 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\e70c1376
2013-12-28 15:11 - 2013-12-28 15:11 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\e70fef2c
2013-08-14 14:02 - 2013-08-14 14:02 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\e72c9530
2013-12-28 15:11 - 2013-12-28 15:11 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\e7b1c7d5
2013-08-14 14:02 - 2013-08-14 14:02 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\e7ddb5ea
2012-06-23 19:11 - 2012-06-23 19:11 - 0004634 _____ () C:\Users\PoisonFrog\AppData\Roaming\e81f7d7
2013-08-14 14:02 - 2013-08-14 14:02 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\e8442b21
2014-03-23 07:20 - 2014-03-23 07:20 - 0004634 _____ () C:\Users\PoisonFrog\AppData\Roaming\e912e8e5
2014-03-23 07:20 - 2014-03-23 07:20 - 0004634 _____ () C:\Users\PoisonFrog\AppData\Roaming\e984790a
2014-03-23 07:20 - 2014-03-23 07:20 - 0004634 _____ () C:\Users\PoisonFrog\AppData\Roaming\e9d8d1b5
2015-07-26 16:29 - 2015-07-26 16:29 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\ea0efa17
2014-03-23 07:20 - 2014-03-23 07:20 - 0004634 _____ () C:\Users\PoisonFrog\AppData\Roaming\ea788006
2015-07-26 16:29 - 2015-07-26 16:29 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\ea854756
2014-03-23 07:20 - 2014-03-23 07:20 - 0004634 _____ () C:\Users\PoisonFrog\AppData\Roaming\ead5bbd5
2013-08-14 14:04 - 2013-08-14 14:04 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\eba98d63
2013-08-14 14:04 - 2013-08-14 14:04 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\ec08cd25
2014-03-23 07:21 - 2014-03-23 07:21 - 0004634 _____ () C:\Users\PoisonFrog\AppData\Roaming\ec74a451
2014-03-23 07:21 - 2014-03-23 07:21 - 0004634 _____ () C:\Users\PoisonFrog\AppData\Roaming\ed0b4d78
2012-06-23 19:13 - 2012-06-23 19:13 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\ed107c8a
2012-06-23 19:13 - 2012-06-23 19:13 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\ed612e48
2015-07-26 16:28 - 2015-07-26 16:28 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\eeab4259
2015-07-26 16:28 - 2015-07-26 16:28 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\ef0ba48d
2012-06-23 19:11 - 2012-06-23 19:11 - 0004634 _____ () C:\Users\PoisonFrog\AppData\Roaming\f04b566
2015-07-26 16:28 - 2015-07-26 16:28 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\f20d1bbe
2013-12-28 11:42 - 2013-12-28 11:42 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\f27d6fbd
2013-12-28 11:42 - 2013-12-28 11:42 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\f31c649a
2014-01-01 10:30 - 2014-01-01 10:30 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\f3642658
2012-06-24 09:54 - 2012-06-24 09:54 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\f3648823
2012-06-24 09:54 - 2012-06-24 09:54 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\f3b22457
2014-01-01 10:30 - 2014-01-01 10:30 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\f3c97761
2015-07-26 16:28 - 2015-07-26 16:28 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\f3ebad67
2015-07-26 16:28 - 2015-07-26 16:28 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\f44db395
2015-07-26 16:28 - 2015-07-26 16:28 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\f49f694b
2013-12-28 14:47 - 2013-12-28 14:47 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\f4fba2fa
2013-09-22 06:19 - 2013-09-22 06:19 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\f54a336c
2013-12-28 14:47 - 2013-12-28 14:47 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\f570fbcc
2013-09-22 06:19 - 2013-09-22 06:19 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\f5bb55fc
2012-06-23 19:11 - 2012-06-23 19:11 - 0004634 _____ () C:\Users\PoisonFrog\AppData\Roaming\f6a39f4
2013-12-28 11:34 - 2013-12-28 11:34 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\f6c95f5
2012-07-05 11:54 - 2012-07-05 11:54 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\f70c7ad
2012-06-24 09:52 - 2012-06-24 09:52 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\f7ae1130
2012-06-23 19:11 - 2012-06-23 19:11 - 0004634 _____ () C:\Users\PoisonFrog\AppData\Roaming\f7b8596f
2012-06-24 09:52 - 2012-06-24 09:52 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\f7fea3df
2012-06-23 19:11 - 2012-06-23 19:11 - 0004634 _____ () C:\Users\PoisonFrog\AppData\Roaming\f8141f3b
2013-09-23 11:34 - 2013-09-23 11:34 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\f83997b
2012-06-24 09:52 - 2012-06-24 09:52 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\f8486c0e
2012-06-23 19:11 - 2012-06-23 19:11 - 0004634 _____ () C:\Users\PoisonFrog\AppData\Roaming\f861e4fd
2012-06-24 09:52 - 2012-06-24 09:52 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\f89cd43b
2012-06-23 19:11 - 2012-06-23 19:11 - 0004634 _____ () C:\Users\PoisonFrog\AppData\Roaming\f8b285db
2014-01-10 08:58 - 2014-01-10 08:58 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\f8c2d54
2013-09-22 06:19 - 2013-09-22 06:19 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\f8d228f1
2012-06-24 09:52 - 2012-06-24 09:52 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\f8e92ece
2012-06-23 19:11 - 2012-06-23 19:11 - 0004634 _____ () C:\Users\PoisonFrog\AppData\Roaming\f90b335f
2012-06-24 09:52 - 2012-06-24 09:52 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\f92d5fa0
2012-06-23 19:11 - 2012-06-23 19:11 - 0004634 _____ () C:\Users\PoisonFrog\AppData\Roaming\f95f28d9
2012-06-23 19:11 - 2012-06-23 19:11 - 0004634 _____ () C:\Users\PoisonFrog\AppData\Roaming\f9a742d4
2012-06-23 19:11 - 2012-06-23 19:11 - 0004634 _____ () C:\Users\PoisonFrog\AppData\Roaming\f9ebcb58
2013-09-22 06:19 - 2013-09-22 06:19 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\fa0b64fe
2012-06-23 19:11 - 2012-06-23 19:11 - 0004634 _____ () C:\Users\PoisonFrog\AppData\Roaming\fa3d4c04
2012-06-23 19:11 - 2012-06-23 19:11 - 0004634 _____ () C:\Users\PoisonFrog\AppData\Roaming\fa853947
2012-06-23 19:13 - 2012-06-23 19:13 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\fc14f4
2013-12-28 11:34 - 2013-12-28 11:34 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\fcbe642
2012-06-24 09:52 - 2012-06-24 09:52 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\fd7a2433
2013-09-23 11:34 - 2013-09-23 11:34 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\fdb29b8
2012-06-24 09:52 - 2012-06-24 09:52 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\fdcddf24
2013-12-28 11:35 - 2013-12-28 11:35 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\ff5fd1b4
2012-06-24 09:52 - 2012-06-24 09:52 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\ff7947cc
2013-12-28 11:35 - 2013-12-28 11:35 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\ffb158ee
2012-06-24 09:52 - 2012-06-24 09:52 - 0004638 _____ () C:\Users\PoisonFrog\AppData\Roaming\ffed186f
2014-09-15 23:55 - 2014-10-19 19:29 - 0000029 _____ () C:\Users\PoisonFrog\AppData\Roaming\prio.ini
2013-04-26 00:52 - 2014-10-31 07:25 - 0001456 _____ () C:\Users\PoisonFrog\AppData\Local\Adobe Save for Web 12.0 Prefs
2013-05-02 00:55 - 2013-05-02 00:55 - 64330619 _____ () C:\Users\PoisonFrog\AppData\Local\AdobeSetupUtility.zip.aamdownload
2013-05-02 00:55 - 2013-05-02 00:55 - 0000914 _____ () C:\Users\PoisonFrog\AppData\Local\AdobeSetupUtility.zip.aamdownload.aamd
2012-06-28 17:06 - 2014-03-07 14:42 - 0009216 _____ () C:\Users\PoisonFrog\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-08-02 15:42 - 2015-08-02 15:42 - 0613255 _____ (CMI Limited) C:\Users\PoisonFrog\AppData\Local\nspBE70.tmp
2015-08-02 16:37 - 2015-08-02 16:37 - 0613255 _____ (CMI Limited) C:\Users\PoisonFrog\AppData\Local\nsr664C.tmp
2013-05-11 22:35 - 2013-05-11 22:35 - 0058924 _____ () C:\Users\PoisonFrog\AppData\Local\recently-used.xbel
2012-06-29 07:23 - 2012-06-29 07:23 - 0007601 _____ () C:\Users\PoisonFrog\AppData\Local\Resmon.ResmonCfg
 
Files to move or delete:
====================
C:\Users\Public\AlexaNSISPlugin.4592.dll
 
 
Some files in TEMP:
====================
C:\Users\PoisonFrog\AppData\Local\Temp\Prompt-Downloader-1811992074.exe
C:\Users\PoisonFrog\AppData\Local\Temp\tmp9A5E.tmp.exe
C:\Users\PoisonFrog\AppData\Local\Temp\Uninstall.exe
 
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2015-07-23 00:45
 
==================== End of log ============================
 
 
 
 
 
 
 
ADDITION:
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version:02-08-2015 01
Ran by PoisonFrog (2015-08-02 17:10:27)
Running from C:\Users\PoisonFrog\Desktop
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-1916205949-4121176766-1257420277-500 - Administrator - Disabled)
Guest (S-1-5-21-1916205949-4121176766-1257420277-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1916205949-4121176766-1257420277-1008 - Limited - Enabled)
PoisonFrog (S-1-5-21-1916205949-4121176766-1257420277-1000 - Administrator - Enabled) => C:\Users\PoisonFrog
UpdatusUser (S-1-5-21-1916205949-4121176766-1257420277-1001 - Limited - Enabled) => C:\Users\UpdatusUser.PoisonFrog-PC
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Avira Desktop (Enabled - Up to date) {F67B4DE5-C0B4-6C3F-0EFF-6C83BD5D0C2C}
AS: Avira Desktop (Enabled - Up to date) {4D1AAC01-E68E-63B1-344F-57F1C6DA4691}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 
==================== Installed Programs ======================
 
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
µTorrent (HKU\S-1-5-21-1916205949-4121176766-1257420277-1000\...\uTorrent) (Version: 3.4.3.40760 - BitTorrent Inc.)
ACDSee Pro 7 (64-bit) (HKLM\...\{D2A6EC54-CB46-49E4-A6FC-A9179F9D9D12}) (Version: 7.0.138 - ACD Systems International Inc.)
ACDSee Pro 8 (64-bit) (HKLM\...\{F84CE839-8CDD-4DC1-9A05-FA93BEA8B63D}) (Version: 8.0.0.262 - ACD Systems International Inc.)
Adobe Acrobat X Pro - English, Français, Deutsch (HKLM-x32\...\{AC76BA86-1033-F400-7760-000000000005}) (Version: 10.0.0 - Adobe Systems)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 4.0.0.1390 - Adobe Systems Incorporated)
Adobe Flash Player 12 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 12.0.0.77 - Adobe Systems Incorporated)
Adobe Flash Player 18 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 18.0.0.209 - Adobe Systems Incorporated)
Adobe Photoshop CS5 (HKLM-x32\...\{15FEDA5F-141C-4127-8D7E-B962D1742728}) (Version: 12.0 - Adobe Systems Incorporated)
Adobe Photoshop CS6 (HKLM-x32\...\{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}) (Version: 13.0 - Adobe Systems Incorporated)
Adobe Photoshop Lightroom 5 (HKLM-x32\...\{D176CB09-1505-4D2B-838A-4483D7DF23FB}) (Version: 5.0.1 - Adobe)
Adobe Reader XI (11.0.07) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.07 - Adobe Systems Incorporated)
Alien Skin Bokeh 2 (HKLM\...\Alien Skin Bokeh 2) (Version:  - Alien Skin)
Alien Skin Eye Candy 6 (HKLM-x32\...\Eye Candy 6) (Version:  - )
AnyProtect (HKLM-x32\...\AnyProtect) (Version: 1.0.0.4 - CMI Limited) <==== ATTENTION
Apophysis 7x (HKLM-x32\...\Apophysis 7x) (Version: 15.3.9 - XyrusWorx)
Apophysis 7x (x32 Version: 15.3.9 - Xyrus) Hidden
Autodesk 3ds Max 2012 64-bit - English (HKLM\...\Autodesk 3ds Max 2012 64-bit - English) (Version: 14.0 - Autodesk)
Autodesk 3ds Max 2012 64-bit - English (Version: 14.0 - Autodesk) Hidden
Autodesk 3ds Max 2014 (HKLM\...\Autodesk 3ds Max 2014) (Version: 16.0.420.0 - Autodesk)
Autodesk 3ds Max 2014 (Version: 16.0.420.0 - Autodesk) Hidden
Autodesk 3ds Max 2014 64-bit Populate Data (HKLM\...\{7491836B-659E-47DD-ABBF-F875AD48FD10}) (Version: 1.0.0.1 - Autodesk)
Autodesk Backburner 2012.0.0 (HKLM-x32\...\{3D347E6D-5A03-4342-B5BA-6A771885F379}) (Version: 2012.0.0 - Autodesk, Inc.)
Autodesk Composite 2014 (HKLM\...\Autodesk Composite 2014) (Version: 9.0.0.0 - Autodesk)
Autodesk Composite 2014 (Version: 9.0.0.0 - Autodesk) Hidden
Autodesk DirectConnect 2014 64-bit (HKLM\...\Autodesk DirectConnect 2014 64-bit) (Version: 8.0.56.1 - Autodesk)
Autodesk DirectConnect 2014 64-bit (Version: 8.0.56.1 - Autodesk) Hidden
Autodesk Essential Skills Movies for 3ds Max 2014 64-bit (HKLM\...\{E8814D63-BB76-4C89-A25E-264ECF11D00D}) (Version: 1.2.0.0 - Autodesk)
Autodesk FBX Plug-in 2012.0 - 3ds Max 2012 64-bit (HKLM\...\Autodesk FBX Plug-in 2012.0 - 3ds Max 2012 64-bit) (Version:  - Autodesk)
Autodesk Inventor Server Engine for 3ds Max 2014 64-bit (HKLM\...\{009751C6-22D7-4548-A313-AD48FA57076F}) (Version: 16.0 - Autodesk)
Autodesk Material Library 2012 (HKLM-x32\...\{8F0837C2-EE09-4903-88F3-1976FE7FFF4E}) (Version: 2.5.0.8 - Autodesk)
Autodesk Material Library 2014 (HKLM-x32\...\{644F9B19-A462-499C-BF4D-300ABC2A28B1}) (Version: 4.0.32.600 - Autodesk)
Autodesk Material Library Base Resolution Image Library 2012 (HKLM-x32\...\{65420DC9-306E-4371-905F-F4DC3B418E52}) (Version: 2.5.0.8 - Autodesk)
Autodesk Material Library Base Resolution Image Library 2014 (HKLM-x32\...\{51BF3210-B825-4092-8E0D-66D689916E02}) (Version: 4.0.32.600 - Autodesk)
Autodesk Material Library Medium Resolution Image Library 2012 (HKLM-x32\...\{B5751715-EC10-43D9-8C95-62E1368433EF}) (Version: 2.5.0.8 - Autodesk)
Autodesk Material Library Medium Resolution Image Library 2014 (HKLM-x32\...\{A0633D4E-5AF2-4E3E-A70A-FE9C2BD8A958}) (Version: 4.0.32.600 - Autodesk)
Autodesk Revit Interoperability for 3ds Max 2014 (HKLM\...\Autodesk Revit Interoperability for 3ds Max 2014) (Version: 13.02.15161 - Autodesk)
Autodesk Revit Interoperability for 3ds Max 2014 (Version: 13.02.15161 - Autodesk) Hidden
Avira Free Antivirus (HKLM-x32\...\Avira AntiVir Desktop) (Version: 12.0.0.1125 - Avira)
BioShock Infinite (HKLM-x32\...\BioShock Infinite_is1) (Version:  - )
BitComet 1.26 (HKLM-x32\...\BitComet) (Version: 1.26 - CometNetwork)
Boilsoft Video Joiner 3.5 (HKLM-x32\...\Boilsoft Video Joiner) (Version: 3.5 - )
Boilsoft Video Joiner 6.55 (HKLM-x32\...\{FD39EF4B-0B5C-4B33-8D57-2EE865A80EB1}_is1) (Version:  - Boilsoft, Inc.)
Boilsoft Video Splitter 6.32 (HKLM-x32\...\{24549038-9956-4EE5-976D-4419AAEA7DD5}_is1) (Version:  - Boilsoft, Inc.)
calibre 64bit (HKLM\...\{C5D20174-AB0B-4AEE-950F-D9DD52BEE68D}) (Version: 1.20.0 - Kovid Goyal)
CBR Reader (HKLM-x32\...\{EDAAC216-AC73-4152-9654-E12FE5A69F5D}_is1) (Version:  - cbrreader.com)
CleanMem v2.4.3 (64-bit) (HKLM\...\CleanMem v2.4.3 (64-bit)2.4.3) (Version: 2.4.3 - Friends in War)
Composite 2012 64-bit (HKLM\...\{EA234BC3-39FE-4734-B72F-076086889F6D}) (Version: 7.0.0 - Autodesk)
Crystal Reports for Visual Studio (x32 Version: 12.51.0.240 - SAP) Hidden
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.41.3.0173 - DT Soft Ltd)
Dfx (HKLM\...\Tiffen-Dfx 3.0) (Version: 3.0 - Tiffen)
Dotfuscator Software Services - Community Edition (HKLM-x32\...\{41B31ABE-5A6E-498A-8F28-3BA3B8779A41}) (Version: 5.0.2300.0 - PreEmptive Solutions)
Duplicate File Detective 5 (HKLM-x32\...\Duplicate File Detective 5 5.0.74) (Version: 5.0.74 - Key Metric Software)
Duplicate File Detective 5 (Version: 5.0.74 - Key Metric Software) Hidden
EA Download Manager (HKLM-x32\...\EADM) (Version: 5.0.0.255 - Electronic Arts, Inc.)
Equalizer APO (HKLM\...\EqualizerAPO) (Version: 0.8.1 - )
Explorer Suite IV (HKLM\...\Explorer Suite_is1) (Version:  - )
Fallout 3 (HKLM-x32\...\{974C4B12-4D02-4879-85E0-61C95CC63E9E}) (Version: 1.00.0000 - Bethesda Softworks)
Fallout Mod Manager 0.13.21 (HKLM-x32\...\Generic Mod Manager_is1) (Version:  - Q, Timeslip)
Fallout New Vegas (HKLM-x32\...\Fallout New Vegas_is1) (Version:  - )
FeedDemon (HKLM-x32\...\FeedDemon_is1) (Version: 4.1.0.0 - NewsGator Technologies, Inc.)
Folder Lock (HKLM-x32\...\Folder Lock) (Version:  - New Softwares.net)
Free Video Dub version 2.0.21.827 (HKLM-x32\...\Free Video Dub_is1) (Version: 2.0.21.827 - DVDVideoSoft Ltd.)
GeForce Experience NvStream Client Components (Version: 1.6.28 - NVIDIA Corporation) Hidden
GetDataBack for NTFS (HKLM-x32\...\{56582EEA-3AEF-4D84-8B9D-C87A3CD9250F}) (Version: 4.22.000 - Runtime Software)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 44.0.2403.125 - Google Inc.)
Google Drive (HKLM-x32\...\{6EA8B94E-D869-4D96-88DF-5E1ECE1D6876}) (Version: 1.23.9648.8824 - Google, Inc.)
Google Talk Plugin (HKLM-x32\...\{CA3DD97D-1FD7-37A7-BD5C-FC4430C8B8E6}) (Version: 5.41.2.0 - Google)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.28.1 - Google Inc.) Hidden
HandBrake 0.9.9.1 (HKLM-x32\...\HandBrake) (Version: 0.9.9.1 - )
HDD Regenerator (HKLM-x32\...\{97A39919-9FEA-48B7-AB2B-4F99212D1E98}) (Version: 20.11.0011 - Abstradrome)
Hide ALL IP 2015.07.17 (HKLM-x32\...\{02FC1980-2123-451F-8CB7-C9B60BE40717}_is1) (Version:  - www.hideallip.com)
INCENDIA EX V (HKLM\...\12031B46-075F-4028-A7B6-CA6218BB65E2_is1) (Version:  - Incendia.Net)
IObit Uninstaller (HKLM-x32\...\IObitUninstall) (Version: 4.3.0.122 - IObit)
Java 7 Update 25 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.250 - Oracle)
Java™ 6 Update 45 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216045FF}) (Version: 6.0.450 - Oracle)
JavaFX 2.1.1 (HKLM-x32\...\{1111706F-666A-4037-7777-211328764D10}) (Version: 2.1.1 - Oracle Corporation)
Kai's Power Tools 5 (HKLM-x32\...\Kai's Power Tools 5) (Version:  - )
Knoll Light Factory Photo 32 bit (HKLM-x32\...\InstallShield_{671BFBC4-81B0-49B0-958F-765670D7E10A}) (Version: 3.2 - Red Giant Software)
Knoll Light Factory Photo 32 bit (x32 Version: 3.2 - Red Giant Software) Hidden
Malwarebytes Anti-Malware version 1.75.0.1300 (HKLM-x32\...\Malwarebytes' Anti-Malware_is1) (Version: 1.75.0.1300 - Malwarebytes Corporation)
Mandelbulber (HKLM-x32\...\35A39AB0-5E9F-4B70-98DA-4B8158C89C4B) (Version: 1.15 - )
Media Player Classic - Home Cinema v. 1.3.1249.0 (HKLM\...\{2ACBF1FA-F5C3-4B19-A774-B22A31F231B9}_is1) (Version:  - )
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Multi-Targeting Pack (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft ASP.NET MVC 2 - Visual Studio 2010 Tools (HKLM-x32\...\{40416836-56CC-4C0E-A6AF-5C34BADCE483}) (Version: 2.0.50217.0 - Microsoft Corporation)
Microsoft ASP.NET MVC 2 (HKLM-x32\...\{1803A630-3C38-4D2B-9B9A-0CB37243539C}) (Version: 2.0.50217.0 - Microsoft Corporation)
Microsoft Chart Controls for Microsoft .NET Framework 3.5 (KB2500170) (HKLM-x32\...\{41785C66-90F2-40CE-8CB5-1C94BFC97280}) (Version: 3.5.30730.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE (HKLM-x32\...\{B45FABE7-D101-4D99-A671-E16DA40AF7F0}) (Version: 3.0.86.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{B578C85A-A84C-4230-A177-C5B2AF565B8C}) (Version: 3.0.17.0 - Microsoft Corporation)
Microsoft Help Viewer 1.0 (HKLM\...\Microsoft Help Viewer 1.0) (Version: 1.0.30319 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft Silverlight 3 SDK (HKLM-x32\...\{2012098D-EEE9-4769-8DD3-B038050854D4}) (Version: 3.0.40818.0 - Microsoft Corporation)
Microsoft SQL Server 2008 (64-bit) (HKLM\...\Microsoft SQL Server 10 Release) (Version:  - Microsoft Corporation)
Microsoft SQL Server 2008 Browser (HKLM-x32\...\{C688457E-03FD-4941-923B-A27F4D42A7DD}) (Version: 10.1.2531.0 - Microsoft Corporation)
Microsoft SQL Server 2008 Native Client (HKLM\...\{BBDE8A3D-64A2-43A6-95F3-C27B87DF7AC1}) (Version: 10.1.2531.0 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Data-Tier Application Framework (HKLM-x32\...\{0DDCEC37-369C-484B-B16D-B4413FD42FB9}) (Version: 10.50.1447.4 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Data-Tier Application Project (HKLM-x32\...\{E5AE9031-79A5-4627-9641-BEFA82819B08}) (Version: 10.50.1447.4 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Management Objects (HKLM-x32\...\{4E968D9C-21A7-4915-B698-F7AEB913541D}) (Version: 10.50.1447.4 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Management Objects (x64) (HKLM\...\{DA67488A-2689-4F10-B90F-D2F6977509D6}) (Version: 10.50.1447.4 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Transact-SQL Language Service (HKLM-x32\...\{78C3657E-742C-40B1-9F53-E5A921D40F17}) (Version: 10.50.1447.4 - Microsoft Corporation)
Microsoft SQL Server 2008 Setup Support Files  (HKLM\...\{B40EE88B-400A-4266-A17B-E3DE64E94431}) (Version: 10.1.2731.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 ENU (HKLM-x32\...\{3A9FC03D-C685-4831-94CF-4EDFD3749497}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 x64 ENU (HKLM\...\{D4AD39AD-091E-4D33-BB2B-59F6FCB8ADC3}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Database Publishing Wizard 1.4 (HKLM-x32\...\{ACE28263-76A4-4BF5-B6F4-8BD719595969}) (Version: 10.1.2512.8 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (HKLM-x32\...\{2A2F3AE8-246A-4252-BB26-1BEB45627074}) (Version: 10.50.1447.4 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (x64) (HKLM\...\{4A8CE6D7-4D52-43B9-970B-03FC75FAD667}) (Version: 10.50.1447.4 - Microsoft Corporation)
Microsoft SQL Server VSS Writer (HKLM\...\{0826F9E4-787E-481D-83E0-BC6A57B056D5}) (Version: 10.1.2531.0 - Microsoft Corporation)
Microsoft Sync Framework Runtime v1.0 SP1 (x64) (HKLM\...\{8438EC02-B8A9-462D-AC72-1B521349C001}) (Version: 1.0.3010.0 - Microsoft Corporation)
Microsoft Sync Framework SDK v1.0 SP1 (HKLM-x32\...\{0E3DFC64-CC49-4BE2-8C9C-58EF129675DB}) (Version: 1.0.3010.0 - Microsoft Corporation)
Microsoft Sync Framework Services v1.0 SP1 (x64) (HKLM\...\{034106B5-54B7-467F-B477-5B7DBB492624}) (Version: 1.0.3010.0 - Microsoft Corporation)
Microsoft Sync Services for ADO.NET v2.0 SP1 (x64) (HKLM\...\{1D1CEEF8-3741-45BD-8E77-963E1DEBDDD3}) (Version: 2.0.3010.0 - Microsoft Corporation)
Microsoft Team Foundation Server 2010 Object Model - ENU (HKLM\...\Microsoft Team Foundation Server 2010 Object Model - ENU) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Designtime - 10.0.30319 (HKLM\...\{F5079164-1DB9-3BDA-853B-F78AF67CE071}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Runtime - 10.0.30319 (HKLM\...\{94D70749-4281-39AC-AD90-B56A0E0A402E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Runtime - 10.0.30319 (HKLM-x32\...\{6A86554B-8928-30E4-A53C-D7337689134D}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual F# 2.0 Runtime (HKLM-x32\...\{729A3000-BC8A-3B74-BA5D-5068FE12D70C}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools (HKLM-x32\...\{14DD7530-CCD2-3798-B37D-3839ED6A441C}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual Studio 2010 Professional - ENU (HKLM-x32\...\Microsoft Visual Studio 2010 Professional - ENU) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50325 - Microsoft Corporation)
Microsoft Visual Studio Macro Tools (HKLM-x32\...\Microsoft Visual Studio Macro Tools) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
Morrowind (HKLM-x32\...\{C325F588-D6B1-4A7F-B6A2-914C75DDA348}) (Version:  - )
Mozilla Firefox 39.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 39.0 (x86 en-US)) (Version: 39.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
NeoDownloader v.2.9.4 (HKLM-x32\...\{E76CDDCE-EFC0-4FE5-9972-9489CE49AA55}_is1) (Version: 2.9.4 - Neowise Software)
New Vegas Configator version 1.6 (HKLM-x32\...\New Vegas Configator_is1) (Version: 1.6 - Rudolf Enberg)
NVIDIA 3D Vision Controller Driver 314.22 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 314.22 - NVIDIA Corporation)
NVIDIA 3D Vision Driver 314.22 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 314.22 - NVIDIA Corporation)
NVIDIA GeForce Experience 1.7 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 1.7 - NVIDIA Corporation)
NVIDIA Graphics Driver 314.22 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 314.22 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.23.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.23.1 - NVIDIA Corporation)
NVIDIA Photoshop Plug-ins (HKLM-x32\...\{23F79416-CAD1-41BF-99A3-040F6C814AAA}) (Version: 8.50 - )
NVIDIA PhysX System Software 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)
NVIDIA Virtual Audio 1.2.9 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver) (Version: 1.2.9 - NVIDIA Corporation)
Oblivion (HKLM-x32\...\{35CB6715-41F8-4F99-8881-6FC75BF054B0}) (Version: 1.00.0000 - Bethesda Softworks)
PDF Settings CS5 (x32 Version: 10.0 - Adobe Systems Incorporated) Hidden
PDF Settings CS6 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
PeerBlock 1.1 (r518) (HKLM\...\{015C5B35-B678-451C-9AEE-821E8D69621C}_is1) (Version: 1.1.0.518 - PeerBlock, LLC)
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.)
Picture Ripper 4 (HKLM-x32\...\{502506C0-2EFC-4590-A6B0-1A73BFD894BA}_is1) (Version:  - ISV Rouslan Grabar)
Postal 2 Share The Pain (HKLM-x32\...\Postal 2 Share The Pain) (Version:  - )
Prio (HKLM\...\Prio) (Version: 2.0.0.2960 - )
ProxySwitcher Standard (HKLM-x32\...\ProxySwitcher Standard_is1) (Version: 5.7.0 - V-Tech LLC)
QuickShare (HKLM-x32\...\{B5A7307C-BD00-4D31-9A29-627751F6C6D6}) (Version: 1.43.60.10962 - Linkury Inc.) <==== ATTENTION
SeaTools for Windows (HKLM-x32\...\{98613C99-1399-416C-A07C-1EE1C585D872}) (Version: 1.2.0.6 - Seagate Technology)
Service Installer II (x32 Version: 1.2 - Nalpeiron) Hidden
Service Pack 1 for SQL Server 2008 (KB968369) (64-bit) (HKLM\...\KB968369) (Version: 10.1.2531.0 - Microsoft Corporation)
SHIELD Streaming (Version: 1.6.34 - NVIDIA Corporation) Hidden
Snagit 11 (HKLM-x32\...\{5EAF9FAA-C4B6-4741-81B4-74CD81759EAA}) (Version: 11.4.0 - TechSmith Corporation)
Sql Server Customer Experience Improvement Program (Version: 10.1.2531.0 - Microsoft Corporation) Hidden
The Elder Scrolls V Skyrim Dragonborn © Bethesda Softworks version 1 (HKLM-x32\...\The Elder Scrolls V Skyrim Dragonborn © Bethes~300CD4A2_is1) (Version: 1 - )
The Sims™ 3 (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}) (Version: 1.67.2 - Electronic Arts)
The Sims™ 3 Ambitions (HKLM-x32\...\{910F4A29-1134-49E0-AD8B-56E4A3152BD1}) (Version: 4.10.1 - Electronic Arts)
The Sims™ 3 Generations (HKLM-x32\...\{E6B88BD6-E4B2-4701-A648-B6DAC6E491CC}) (Version: 8.0.152 - Electronic Arts)
The Sims™ 3 Into the Future (HKLM-x32\...\{A0BBD6C7-B546-4048-B33A-F21F5C9F5B09}) (Version: 21.0.150 - Electronic Arts)
The Sims™ 3 Island Paradise (HKLM-x32\...\{DB21639E-FE55-432C-BCA2-0C5249E3F79E}) (Version: 19.0.101 - Electronic Arts)
The Sims™ 3 Late Night (HKLM-x32\...\{45057FCE-5784-48BE-8176-D9D00AF56C3C}) (Version: 6.5.1 - Electronic Arts)
The Sims™ 3 Pets (HKLM-x32\...\{C12631C6-804D-4B32-B0DD-8A496462F106}) (Version: 10.0.96 - Electronic Arts)
The Sims™ 3 Seasons (HKLM-x32\...\{3DE92282-CB49-434F-81BF-94E5B380E889}) (Version: 16.0.136 - Electronic Arts)
The Sims™ 3 Supernatural (HKLM-x32\...\{B37DAFA5-717D-41F8-BDFB-3A4B68C0B3A1}) (Version: 15.0.135 - Electronic Arts)
The Sims™ 3 World Adventures (HKLM-x32\...\{BA26FFA5-6D47-47DB-BE56-34C357B5F8CC}) (Version: 2.17.2 - Electronic Arts)
ToonIt! (HKLM\...\ToonIt PS) (Version: 2.6.3 - Digital Anarchy, Inc.)
Topaz  InFocus (HKLM-x32\...\Topaz  InFocus) (Version: 1.0.0 - Topaz Labs)
Topaz  InFocus (x32 Version: 1.0.0 - Topaz Labs) Hidden
Topaz Adjust 4 (HKLM-x32\...\{0777E8B0-0BC4-4802-A6AA-0992716C78FD}) (Version: 4.0.0 - Topaz Labs)
Topaz B&W Effects (HKLM-x32\...\Topaz BW Effects 2) (Version: 2.1 - Topaz Labs, LLC)
Topaz Clarity (HKLM-x32\...\Topaz Clarity) (Version: 1.0.0 - Topaz Labs, LLC)
Topaz Clean 3 (HKLM-x32\...\Topaz Clean 3) (Version: 3.0.2 - Topaz Labs, LLC)
Topaz DeNoise 5 (HKLM-x32\...\Topaz DeNoise 5) (Version: 5.0.1 - Topaz Labs, LLC)
Topaz Detail 3 (HKLM-x32\...\Topaz Detail 3) (Version: 3.1.0 - Topaz Labs, LLC)
Topaz Fusion Express 2 (HKLM-x32\...\Topaz Fusion Express 2) (Version: 2.1.3 - Topaz Labs, LLC)
Topaz InFocus (64-bit) (HKLM-x32\...\Topaz InFocus (64-bit)) (Version: 1.0.0 - Topaz Labs)
Topaz InFocus (64-bit) (Version: 1.0.0 - Topaz Labs) Hidden
Topaz Lens Effects (64-bit) (HKLM-x32\...\Topaz Lens Effects (64-bit)) (Version: 1.2.0 - Topaz Labs)
Topaz Lens Effects (64-bit) (Version: 1.2.0 - Topaz Labs) Hidden
Topaz Lens Effects (HKLM-x32\...\Topaz Lens Effects) (Version: 1.2.0 - Topaz Labs)
Topaz Lens Effects (x32 Version: 1.2.0 - Topaz Labs) Hidden
Topaz Simplify 4 (64-bit) (HKLM-x32\...\Topaz Simplify 4 (64-bit)) (Version: 4.0.1 - Topaz Labs)
Topaz Simplify 4 (HKLM-x32\...\Topaz Simplify 4) (Version: 4.0.1 - Topaz Labs)
Topaz Star Effects (HKLM-x32\...\Topaz Star Effects) (Version: 1.1.0 - Topaz Labs, LLC)
Trojan Remover 6.9.2 (HKLM-x32\...\Trojan Remover_is1) (Version: 6.9.2 - Simply Super Software)
Ultra Fractal 5.04 (HKLM-x32\...\Ultra Fractal 5.04) (Version:  - )
Unlocker 1.9.2 (HKLM\...\Unlocker) (Version: 1.9.2 - Cedrick Collomb)
Unofficial Oblivion Patch v3.4.3 (HKLM-x32\...\Unofficial Oblivion Patch_is1) (Version: 3.4.3 - Quarn, Kivan, and Arthmoor)
Vertus Fluid Mask 3 3.2.3 (HKLM-x32\...\VertusFluidMask3) (Version: 3.2.3 - )
Video Download Capture V4.3.0 (HKLM-x32\...\{3C9D008D-3716-4C3F-90CD-38ED57568FAB}_is1) (Version: 4.3.0 - Apowersoft)
Video Image Master (HKLM-x32\...\Video Image Master_is1) (Version:  - A4Video)
Visual Studio 2010 Prerequisites - English (HKLM\...\{662014D2-0450-37ED-ABAE-157C88127BEB}) (Version: 10.0.30319 - Microsoft Corporation)
Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 ENU (HKLM-x32\...\{112C23F2-C036-4D40-BED4-0CB47BF5555C}) (Version: 4.0.8080.0 - Microsoft Corporation)
Vtune 7.6 (HKLM-x32\...\Vtune_is1) (Version:  - )
Web Deployment Tool (HKLM\...\{0F37D969-1260-419E-B308-EF7D29ABDE20}) (Version: 1.1.0618 - Microsoft Corporation)
WinRAR 4.20 (64-bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
Winsome File Renamer 7.1 (HKLM-x32\...\{FD9B68EA-2531-4056-BF98-93171264C85C}_is1) (Version:  - Winsome Technologies)
XCOM Enemy Unknown-=AviaRa=- 1.01 (HKLM-x32\...\XCOM Enemy Unknown-=AviaRa=- 1.01) (Version:  - )
XenoDream 2.502 (HKLM-x32\...\XenoDream v2.5_is1) (Version: 2.500 - )
 
==================== Custom CLSID (Whitelisted): ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
CustomCLSID: HKU\S-1-5-21-1916205949-4121176766-1257420277-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\PoisonFrog\AppData\Roaming\Dropbox\bin\Dropbox.exe /autoplay No File
CustomCLSID: HKU\S-1-5-21-1916205949-4121176766-1257420277-1000_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}\InprocServer32 -> C:\Users\PoisonFrog\AppData\Local\Google\Update\1.3.25.5\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-1916205949-4121176766-1257420277-1000_Classes\CLSID\{5C8C2A98-6133-4EBA-BBCC-34D9EA01FC2E}\InprocServer32 -> C:\Users\PoisonFrog\AppData\Local\Google\Update\1.3.28.1\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1916205949-4121176766-1257420277-1000_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\PoisonFrog\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-1916205949-4121176766-1257420277-1000_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users\PoisonFrog\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-1916205949-4121176766-1257420277-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\PoisonFrog\AppData\Local\Google\Update\1.3.28.1\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1916205949-4121176766-1257420277-1000_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\PoisonFrog\AppData\Local\Google\Update\1.3.24.7\psuser_64.dll No File
 
==================== Restore Points =========================
 
ATTENTION: System Restore is disabled
14-07-2015 21:47:04 Scheduled Checkpoint
22-07-2015 00:00:08 Scheduled Checkpoint
27-07-2015 06:00:04 pre Tor
28-07-2015 12:20:54 02
30-07-2015 10:33:10 02
30-07-2015 23:21:13 03
30-07-2015 23:24:03 Installed ACDSee Pro 8 (64-bit).
01-08-2015 07:14:35 04
 
==================== Hosts content: ==========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2009-07-13 21:34 - 2015-07-31 15:09 - 00007983 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 activate.adobe.com
127.0.0.1 practivate.adobe.com
127.0.0.1 ereg.adobe.com
127.0.0.1 activate.wip3.adobe.com
127.0.0.1 wip3.adobe.com
127.0.0.1 3dns-3.adobe.com
127.0.0.1 3dns-2.adobe.com
127.0.0.1 adobe-dns.adobe.com
127.0.0.1 adobe-dns-2.adobe.com
127.0.0.1 adobe-dns-3.adobe.com
127.0.0.1 ereg.wip3.adobe.com
127.0.0.1 activate-sea.adobe.com
127.0.0.1 wwis-dubc1-vip60.adobe.com
127.0.0.1 activate-sjc0.adobe.com
127.0.0.1                               adobe.activate.com
127.0.0.1                               adobeereg.com                        
127.0.0.1                               www.adobeereg.com                    
127.0.0.1                               wwis-dubc1-vip60.adobe.com           
127.0.0.1                               125.252.224.90                       
127.0.0.1                               125.252.224.91
127.0.0.1                               hl2rcv.adobe.com
127.0.0.1 3dns-2.adobe.com #192.150.22.22
127.0.0.1 3dns-3.adobe.com #192.150.14.21
127.0.0.1 3dns-4.adobe.com #192.150.18.247
127.0.0.1 3dns-5.adobe.com #192.150.22.46
127.0.0.1 adobe-dns.adobe.com #192.150.11.30
127.0.0.1 adobe-dns-2.adobe.com #192.150.11.247
127.0.0.1 adobe-dns-3.adobe.com #192.150.22.30
127.0.0.1 adobe.activate.com #69.175.22.26
 
There are 112 more lines.
 
 
==================== Scheduled Tasks (Whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {000131B7-CC9A-4EE6-BD82-3F0455B43F2B} - System32\Tasks\OUUBGIBUTOERQGRE => C:\ProgramData\Service1291\Service1291.exe [2015-06-28] () <==== ATTENTION
Task: {028F69DC-B0DF-4E48-A891-AB396333F077} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-07-31] (Adobe Systems Incorporated)
Task: {06EDD494-1018-48D2-82C4-9B24067FB43D} - System32\Tasks\SushiLeads => C:\Program Files (x86)\sushileads\ScheduledTask.exe
Task: {06FE7090-CCA8-4DC9-A06A-E23F1018C3C7} - System32\Tasks\TechSmith Updater => C:\Program Files (x86)\Common Files\TechSmith Shared\Updater\TSCUpdClt.exe [2013-10-04] (TechSmith Corporation)
Task: {0862E810-6F9E-42F6-A744-0AAFAED0863D} - System32\Tasks\AdobeAAMUpdater-1.0-PoisonFrog-PC-PoisonFrog => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2010-09-16] (Adobe Systems Incorporated)
Task: {1677C9FF-49A5-4CEC-9D3F-AB0047DB7F9B} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1916205949-4121176766-1257420277-1000Core => C:\Users\PoisonFrog\AppData\Local\Google\Update\GoogleUpdate.exe [2014-05-29] (Google Inc.)
Task: {1C12677B-C497-4AA3-A427-ED44A85CE0B2} - System32\Tasks\Uninstaller_SkipUac_PoisonFrog => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe [2015-08-01] (IObit)
Task: {23A85917-8D4D-4C79-A892-CB817E28A39D} - System32\Tasks\OMYQNNDMU1 => C:\ProgramData\FlashBeat\FlashBeat.exe <==== ATTENTION
Task: {3E7C18CC-9F71-4EC5-B82C-DE03CA623597} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1970835742GUI => C:\Users\PoisonFrog\AppData\Roaming\Key Metric Software\googleupd.exe <==== ATTENTION
Task: {40559ECB-4D23-4153-BE93-6C113F74BDC4} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-03-24] (Google Inc.)
Task: {51D95A77-DFE6-47EA-8CC4-65303DCAE123} - System32\Tasks\WordSurfer Auto Updater 1.10.0.19 Pending Update => C:\Program Files (x86)\WordSurfer_1.10.0.19\Update\WordSurferAutoUpdateClient.exe
Task: {741FD95A-EC8C-4338-8C3C-BA823DBBF440} - System32\Tasks\One System Care Monitor => C:\Program Files (x86)\OneSystemCare\CleanupConsole.exe
Task: {7F2D5B5B-91C8-472D-9F21-0FB211D5FBD6} - System32\Tasks\WordSurfer Auto Updater 1.10.0.19 Core => C:\Program Files (x86)\WordSurfer_1.10.0.19\Update\WordSurferAutoUpdateClient.exe
Task: {8E668B83-E64F-471D-ADCA-7EB7DF2CDCDA} - System32\Tasks\Ehcks => C:\Program Files\shopperz02082015\Cfiozf.bat <==== ATTENTION
Task: {9A5161D4-DD2B-4B7C-8653-2841125D77D4} - System32\Tasks\One System Care Run Delay => C:\Program Files (x86)\OneSystemCare\OneSystemCare.exe
Task: {C995DD93-E700-4A94-B20C-4CCCAB7BB646} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-03-24] (Google Inc.)
Task: {DA3D1338-0E8C-4276-894D-3AD940413F07} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1916205949-4121176766-1257420277-1000UA => C:\Users\PoisonFrog\AppData\Local\Google\Update\GoogleUpdate.exe [2014-05-29] (Google Inc.)
Task: {E07BCDC2-D6FD-4D53-AC58-DC935FBAF3FA} - System32\Tasks\{66A0599F-5100-4585-A67C-566FD8B0B4BD} => pcalua.exe -a "C:\Users\PoisonFrog\Desktop\KPT 5.0.exe" -d C:\Users\PoisonFrog\Desktop
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1916205949-4121176766-1257420277-1000Core.job => C:\Users\PoisonFrog\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1916205949-4121176766-1257420277-1000UA.job => C:\Users\PoisonFrog\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\OMYQNNDMU1.job => C:\ProgramData\FlashBeat\FlashBeat.exe <==== ATTENTION
Task: C:\Windows\Tasks\OUUBGIBUTOERQGRE.job => C:\ProgramData\Service1291\Service1291.exe <==== ATTENTION
 
==================== Loaded Modules (Whitelisted) ==============
 
2013-07-23 15:19 - 2013-03-14 23:16 - 00086304 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2011-02-22 21:52 - 2011-02-22 21:52 - 00086016 _____ () C:\Program Files\Autodesk\3ds Max 2012\mentalimages\satellite\raysat_3dsmax2012_64server.exe
2011-09-14 23:19 - 2011-09-14 23:19 - 00086016 _____ () C:\Program Files\Autodesk\3ds Max 2014\NVIDIA\Satellite\raysat_3dsmax2014_64server.exe
2010-07-14 23:44 - 2010-07-14 23:44 - 00020032 _____ () C:\Program Files\Unlocker\UnlockerCOM.dll
2012-11-08 14:30 - 2012-11-08 14:30 - 00012656 _____ () C:\Program Files\Prio\prio_svc.exe
2014-09-19 23:56 - 2014-09-19 23:56 - 02136072 _____ () C:\Program Files\ACD Systems\ACDSee Pro\8.0\ACDSeeCommanderPro8.exe
2015-08-01 20:24 - 2015-05-25 16:40 - 00772464 _____ () C:\Program Files (x86)\Hide ALL IP\networktunnelx64helper.exe
2013-11-04 14:49 - 2013-11-04 14:49 - 00172544 _____ () C:\Program Files\EqualizerAPO\EqualizerAPO.dll
2012-06-15 19:29 - 2012-04-16 23:11 - 00398288 _____ () C:\Program Files (x86)\Avira\AntiVir Desktop\sqlite3.dll
2015-08-01 20:24 - 2001-07-26 14:17 - 00692224 _____ () C:\Program Files (x86)\Hide ALL IP\libeay32.dll
2015-07-28 21:37 - 2015-07-25 03:46 - 01405768 _____ () C:\Program Files (x86)\Google\Chrome\Application\44.0.2403.125\libglesv2.dll
2015-07-28 21:37 - 2015-07-25 03:46 - 00081224 _____ () C:\Program Files (x86)\Google\Chrome\Application\44.0.2403.125\libegl.dll
 
==================== Alternate Data Streams (Whitelisted) =========
 
(If an entry is included in the fixlist, only the ADS will be removed.)
 
AlternateDataStreams: C:\Windows:AstInfo
AlternateDataStreams: C:\Windows:nlsPreferences
AlternateDataStreams: C:\ProgramData\TEMP:CB0AACC9
AlternateDataStreams: C:\ProgramData\TEMP:FB1B13D8
 
==================== Safe Mode (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinFLAdrv.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Shjencueit => ""="service"
 
==================== EXE Association (Whitelisted) ===============
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
 
 
==================== Internet Explorer trusted/restricted ===============
 
(If an entry is included in the fixlist, it will be removed from the registry.)
 
 
==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-1916205949-4121176766-1257420277-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\PoisonFrog\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 52.18.92.32 - 8.8.8.8
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0)
Windows Firewall is enabled.
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
(Currently there is no automatic fix for this section.)
 
MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3
MSCONFIG\Services: BITCOMET_HELPER_SERVICE => 3
MSCONFIG\Services: MozillaMaintenance => 3
MSCONFIG\Services: OO DiskImage => 2
MSCONFIG\Services: SwitchBoard => 3
MSCONFIG\startupreg: ACDSeeCommanderPro8 => C:\Program Files\ACD Systems\ACDSee Pro\8.0\ACDSeeCommanderPro8.exe
MSCONFIG\startupreg: ACPW06EN => "C:\Program Files\ACD Systems\ACDC 6\ACDSee Pro\6.0\ACDSeePro6InTouch2.exe" /pid ACPW06EN
MSCONFIG\startupreg: ACPW07EN => "C:\Program Files\ACD Systems\ACDSee Pro\7.0\acdIDInTouch2.exe"
MSCONFIG\startupreg: ACPW08EN => "C:\Program Files\ACD Systems\ACDSee Pro\8.0\acdIDInTouch2.exe"
MSCONFIG\startupreg: Acrobat Assistant 8.0 => "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe"
MSCONFIG\startupreg: Adobe Acrobat Speed Launcher => "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe"
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: AdobeCS5ServiceManager => "C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
MSCONFIG\startupreg: AdobeCS6ServiceManager => "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
MSCONFIG\startupreg: avgnt => "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min
MSCONFIG\startupreg: EA Core => "C:\Program Files (x86)\Electronic Arts\EADM\Core.exe" -silent
MSCONFIG\startupreg: Google => C:\Users\PoisonFrog\AppData\Roaming\GD1.exe 
MSCONFIG\startupreg: Google Update => "C:\Users\PoisonFrog\AppData\Local\Google\Update\GoogleUpdate.exe" /c
MSCONFIG\startupreg: OODITRAY.EXE => C:\Program Files\OO Software\DiskImage\ooditray.exe
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: SwitchBoard => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
MSCONFIG\startupreg: TBPanel => C:\Program Files (x86)\Vtune\TBPanel.exe /A
 
==================== FirewallRules (Whitelisted) ===============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [TCP Query User{6440C90A-929C-4B76-855E-98727B5F8030}C:\users\poisonfrog\desktop\new folder (2)\bitcomet.exe] => (Allow) C:\users\poisonfrog\desktop\new folder (2)\bitcomet.exe
FirewallRules: [UDP Query User{6790E616-9CAD-4F24-884B-27E9A80DAA38}C:\users\poisonfrog\desktop\new folder (2)\bitcomet.exe] => (Allow) C:\users\poisonfrog\desktop\new folder (2)\bitcomet.exe
FirewallRules: [TCP Query User{B6C2661F-9492-4EAA-8617-3350DD39383D}C:\users\poisonfrog\desktop\bitcomet_1.26\bitcomet.exe] => (Allow) C:\users\poisonfrog\desktop\bitcomet_1.26\bitcomet.exe
FirewallRules: [UDP Query User{71D739BA-B292-4C06-8EAC-0A5732DA7CD6}C:\users\poisonfrog\desktop\bitcomet_1.26\bitcomet.exe] => (Allow) C:\users\poisonfrog\desktop\bitcomet_1.26\bitcomet.exe
FirewallRules: [{B05F82F7-E0ED-47A1-A4F8-F51D8100819C}] => (Allow) LPort=16967
FirewallRules: [{FA67AD04-621C-4DCF-8751-51253D861323}] => (Allow) LPort=16967
FirewallRules: [{D8755795-F981-4A7D-BB2C-0D13723E1397}] => (Allow) C:\Program Files (x86)\BitComet_1.26\BitComet.exe
FirewallRules: [{1E65D0F6-C5F3-4D96-9FEF-3C582E173D91}] => (Allow) C:\Program Files (x86)\BitComet_1.26\BitComet.exe
FirewallRules: [{BA533E88-6E82-4B94-932B-5DD3B7A978D0}] => (Allow) C:\Program Files (x86)\BitComet\BitComet.exe
FirewallRules: [{380798E4-FD4F-4661-970E-3AA372E2D634}] => (Allow) C:\Program Files (x86)\BitComet\BitComet.exe
FirewallRules: [{30FF6EB4-9719-4773-A545-22D9D6D3590B}] => (Allow) LPort=13825
FirewallRules: [{DA893179-2730-4B23-B5B0-1633111A737C}] => (Allow) LPort=13825
FirewallRules: [TCP Query User{8FCDF411-C7FE-4F9D-8706-4B8BD811271D}C:\program files (x86)\electronic arts\eadm\core.exe] => (Block) C:\program files (x86)\electronic arts\eadm\core.exe
FirewallRules: [UDP Query User{1BD774D0-E439-4826-A4DB-24123BC72426}C:\program files (x86)\electronic arts\eadm\core.exe] => (Block) C:\program files (x86)\electronic arts\eadm\core.exe
FirewallRules: [{6C36B8FB-4B1C-4917-9308-42C990285FF3}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{20115DAB-F86A-467A-BF87-2D5128AC9132}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{91226C3E-9FD8-4AC0-9598-4AEC5AD8F01E}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{1CB848F4-B7E9-4CCA-973F-C48A849145A6}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [TCP Query User{FC712635-EE3C-4095-AC34-61E242DC704C}C:\program files (x86)\xcom enemy unknown-full unlocked+dlc\binaries\win32\xcomgame.exe] => (Block) C:\program files (x86)\xcom enemy unknown-full unlocked+dlc\binaries\win32\xcomgame.exe
FirewallRules: [UDP Query User{6BF59834-91C8-440A-95B5-40F26FC24616}C:\program files (x86)\xcom enemy unknown-full unlocked+dlc\binaries\win32\xcomgame.exe] => (Block) C:\program files (x86)\xcom enemy unknown-full unlocked+dlc\binaries\win32\xcomgame.exe
FirewallRules: [TCP Query User{A2A71CC1-A64A-469B-9544-D3131349DB19}C:\program files (x86)\xcom enemy unknown-=aviara=-\binaries\win32\xcomgame.exe] => (Block) C:\program files (x86)\xcom enemy unknown-=aviara=-\binaries\win32\xcomgame.exe
FirewallRules: [UDP Query User{073E5389-4BB9-4E23-BD84-57503B73B9CE}C:\program files (x86)\xcom enemy unknown-=aviara=-\binaries\win32\xcomgame.exe] => (Block) C:\program files (x86)\xcom enemy unknown-=aviara=-\binaries\win32\xcomgame.exe
FirewallRules: [{71EE0399-7BE2-45E4-90EE-C18FEF64F937}] => (Allow) C:\Program Files (x86)\Proxy Switcher Standard\ProxySwitcher.exe
FirewallRules: [{E24318E2-5527-4C76-9950-D4A686397A2B}] => (Allow) C:\Program Files (x86)\Proxy Switcher Standard\ProxySwitcher.exe
FirewallRules: [{19D8F8C8-7F9E-4D17-A33C-30A8EF43AA45}] => (Allow) C:\Program Files\Autodesk\3ds Max 2014\NVIDIA\Satellite\raysat_3dsmax2014_64server.exe
FirewallRules: [{26C8B999-BAD2-415E-B3D4-00D7BFFA6DE2}] => (Allow) C:\Program Files\Autodesk\3ds Max 2014\NVIDIA\Satellite\raysat_3dsmax2014_64server.exe
FirewallRules: [{CC52E643-3761-432B-B7F9-48AAC2C61D90}] => (Allow) C:\Program Files\Autodesk\3ds Max 2014\NVIDIA\Satellite\raysat_3dsmax2014_64.exe
FirewallRules: [{43241A71-1E26-4613-9212-5CAB090FA1EB}] => (Allow) C:\Program Files\Autodesk\3ds Max 2014\NVIDIA\Satellite\raysat_3dsmax2014_64.exe
FirewallRules: [{E6C68985-C24A-40A1-9B01-D70856EB4C6E}] => (Allow) C:\Program Files (x86)\Autodesk\Backburner\monitor.exe
FirewallRules: [{04907054-DD0B-4D76-B0AE-A3DE06749272}] => (Allow) C:\Program Files (x86)\Autodesk\Backburner\monitor.exe
FirewallRules: [{C9D0E870-9FFC-4291-94F9-8BE129BDF1D9}] => (Allow) C:\Program Files (x86)\Autodesk\Backburner\manager.exe
FirewallRules: [{1215BCAD-1063-4106-8767-01F9AA50F1BB}] => (Allow) C:\Program Files (x86)\Autodesk\Backburner\manager.exe
FirewallRules: [{F40C8704-CAAD-4D6F-BD8E-9A6B6818249B}] => (Allow) C:\Program Files (x86)\Autodesk\Backburner\server.exe
FirewallRules: [{6855AA86-B68B-46B7-AF18-D96AE1FD27C0}] => (Allow) C:\Program Files (x86)\Autodesk\Backburner\server.exe
FirewallRules: [{760B50F3-3CF1-4455-B54B-79FE4875BFCC}] => (Allow) C:\Program Files\Autodesk\3ds Max 2012\3dsmax.exe
FirewallRules: [{F306974A-28D3-4EC8-9480-1CE510FED2FA}] => (Allow) C:\Program Files\Autodesk\3ds Max 2012\3dsmax.exe
FirewallRules: [{5E51A731-62F0-4196-A952-68E09756FDEB}] => (Allow) C:\Program Files\Autodesk\3ds Max 2012\mentalimages\satellite\raysat_3dsmax2012_64server.exe
FirewallRules: [{2F2519E4-0B79-4B60-877B-5C8CEF29E727}] => (Allow) C:\Program Files\Autodesk\3ds Max 2012\mentalimages\satellite\raysat_3dsmax2012_64server.exe
FirewallRules: [{AE725391-F448-4E49-A2AF-3506B9D65D84}] => (Allow) C:\Program Files\Autodesk\3ds Max 2012\mentalimages\satellite\raysat_3dsmax2012_64.exe
FirewallRules: [{E7829569-EE4F-4BDE-94E5-EA09CC67B86B}] => (Allow) C:\Program Files\Autodesk\3ds Max 2012\mentalimages\satellite\raysat_3dsmax2012_64.exe
FirewallRules: [{FC3EF29C-055C-4EF4-BD13-3279C87E9C39}] => (Allow) D:\Downloads FireFox\2013\BitComet_1.36\BitComet_x64.exe
FirewallRules: [{49A30D96-4EED-44D6-B5B1-2C9FBB56496E}] => (Allow) D:\Downloads FireFox\2013\BitComet_1.36\BitComet_x64.exe
FirewallRules: [{0097C5E5-B8B8-44F0-968B-BF3FEA5E79C0}] => (Block) %ProgramFiles% (x86)\Adobe\Adobe Photoshop Lightroom 4.4\lightroom.exe
FirewallRules: [{02F7A58B-0567-4EC4-86E2-CF83BD5ED496}] => (Block) %ProgramFiles% (x86)\Adobe\Adobe Photoshop Lightroom 5\lightroom.exe
FirewallRules: [{3C1E0D1A-C12C-4C85-ACB9-B7ED340B78A6}] => (Block) %ProgramFiles% (x86)\Vertus Fluid Mask 3\FluidMask3.exe
FirewallRules: [{32E68847-DCD6-4328-8817-60BFF97FBDD0}] => (Block) %ProgramFiles% (x86)\Vertus Fluid Mask 3\FluidMask3.exe
FirewallRules: [{76591674-5A13-4F87-A7A6-9779BEB6F88E}] => (Block) %ProgramFiles%\ACD Systems\ACDC 6\ACDSee Pro\6.0\ACDSeePro6.exe
FirewallRules: [TCP Query User{B3F2E309-4D59-4B5B-AEA8-FD175E05CD49}C:\program files (x86)\arma 3\arma3server.exe] => (Block) C:\program files (x86)\arma 3\arma3server.exe
FirewallRules: [UDP Query User{4EEC1795-E139-45AD-BFDB-CCB46BFB6FDE}C:\program files (x86)\arma 3\arma3server.exe] => (Block) C:\program files (x86)\arma 3\arma3server.exe
FirewallRules: [{E645980F-7A3C-4C4D-81A0-90945714ED35}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe
FirewallRules: [{4B2D2036-BF8D-48F9-AAF9-C9174C83FCEA}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{B78578E2-0DBA-4007-A5FA-696E3AD2D54D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{911ABDC3-8FAE-4ADD-B2CB-0C0676C2A5E4}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{EC83302B-64D6-4837-BC60-A8ED7725B302}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{4C4BA847-7C4D-4DE0-939D-B66C02005C4F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{FBD05A34-1E05-4363-9AD8-A371EA1B2F9F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{7D5AB5B3-E128-40D2-BB8A-4DFA583B9FF8}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{992B27DF-0F7D-455E-B144-C60EE33B2862}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{87B8B227-23FE-4326-8A63-1A4DFFE4CA05}] => (Allow) LPort=8298
FirewallRules: [TCP Query User{8B611BA2-31EA-496E-AB99-1336AC08B48D}C:\program files (x86)\anon proxy server\bin\apache.exe] => (Allow) C:\program files (x86)\anon proxy server\bin\apache.exe
FirewallRules: [UDP Query User{59737227-BB8A-40E7-90FC-C40FDEECEA7A}C:\program files (x86)\anon proxy server\bin\apache.exe] => (Allow) C:\program files (x86)\anon proxy server\bin\apache.exe
FirewallRules: [{C78662BD-B63A-4228-A90C-5507DB3072BF}] => (Allow) C:\Program Files (x86)\Video Download Capture\Video-Download-Capture.exe
FirewallRules: [{3040486E-E22B-4F50-8D0B-3F708607B03B}] => (Allow) C:\Program Files (x86)\Video Download Capture\VideoDownloadCapture.exe
FirewallRules: [{9F943A09-DE77-4004-89BB-41A7B5311480}] => (Allow) C:\Program Files (x86)\SimCity\SimCity\SimCity.exe
FirewallRules: [{22593430-DD28-4999-948F-291E5067EBCB}] => (Allow) C:\Program Files (x86)\SimCity\SimCity\SimCity.exe
FirewallRules: [{C91D30F5-5A27-42E9-A706-DD2C69E18513}] => (Allow) D:\Downloads BC\µTorrent 3.3.1 (latest) (NO-ADS)\uTorrent-3.4.exe
FirewallRules: [{D3B27782-1B1E-489D-A5A3-657AEF9817F9}] => (Allow) D:\Downloads BC\µTorrent 3.3.1 (latest) (NO-ADS)\uTorrent-3.4.exe
FirewallRules: [{B17AAAD5-0B23-46B1-8FB4-894BD1C8DA4D}] => (Allow) C:\Users\PoisonFrog\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{C2FA36D4-A7D6-4D19-A686-BEF1EF3D97A9}] => (Allow) C:\Users\PoisonFrog\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{8C244AAE-A015-4065-AB73-9F1C2C2C789F}] => (Allow) C:\Program Files (x86)\BitComet_1.37 Portable\BitComet_x64.exe
FirewallRules: [{817D548E-94EB-4DA3-A1F1-CD12E1514C22}] => (Allow) C:\Program Files (x86)\BitComet_1.37 Portable\BitComet_x64.exe
FirewallRules: [{80F40F98-43BC-4A54-8710-51F5C04EF4AD}] => (Allow) C:\Users\PoisonFrog\Documents\Downloads Chrome\BitComet_1.36\BitComet_x64.exe
FirewallRules: [{B4A2A820-C4FA-42DE-8813-4C00F6BE1351}] => (Allow) C:\Users\PoisonFrog\Documents\Downloads Chrome\BitComet_1.36\BitComet_x64.exe
FirewallRules: [{51381A39-05AD-4C06-8BF9-B15A74B8F3B4}] => (Allow) C:\Program Files (x86)\BitComet_1.36 Portable\BitComet_x64.exe
FirewallRules: [{155F06F3-57BD-4187-BDC8-B19F4D3B64E8}] => (Allow) C:\Program Files (x86)\BitComet_1.36 Portable\BitComet_x64.exe
FirewallRules: [{D434E07E-09EE-43DF-9388-F980A3E2AE28}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{FA4AB961-7A82-4FCE-9C72-88BB49F82B57}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{6DA6DE81-BC69-4421-9E00-C1C316CBDB27}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{23B3008A-D439-4454-B227-562B1B3553DB}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
FirewallRules: [{40A397E8-DE7E-4C93-9872-341B1FC3BB66}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{5CCD1992-0C45-450F-84E1-6E2C0204EDC3}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{8C9DE0A0-BC9D-4B6E-B526-DF0CAB346BAD}] => (Allow) C:\Program Files (x86)\BitComet\BitComet.exe
FirewallRules: [{F162FF57-DBB9-4862-818B-70D1F477A1EA}] => (Allow) C:\Program Files (x86)\BitComet\BitComet.exe
FirewallRules: [{D259CC62-DCB6-4CD1-A746-5D15FF4044D3}] => (Allow) LPort=13825
FirewallRules: [{46973592-1A04-4057-B07B-D224BA018817}] => (Allow) LPort=13825
FirewallRules: [{E0F4157D-C60D-46A8-92B5-A2021D8EE448}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{40D4D924-D848-4818-BC6D-51DCD1257E66}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{B49CF199-C35B-4746-912F-A71D9173461E}] => (Allow) X:\Downloads Bitcomet\Hide.ALL.IP.v2015.07.17.150717-P2P_Portable.PROPER\Hide.ALL.IP.v2015.07.17.150717-P2P+Portable.PROPER\hideallip_portable\HideAllIP_original.exe
FirewallRules: [{A6CFED38-1EC0-4A1E-8537-930A0BEC6365}] => (Allow) X:\Downloads Bitcomet\Hide.ALL.IP.v2015.07.17.150717-P2P_Portable.PROPER\Hide.ALL.IP.v2015.07.17.150717-P2P+Portable.PROPER\hideallip_portable\HideAllIP_original.exe
FirewallRules: [{CFA3EFE5-84FD-4A01-A16C-BC24C8953565}] => (Allow) C:\Program Files (x86)\hideallip_portable\HideAllIP_original.exe
FirewallRules: [{766B789F-F532-4704-8CB3-45736D9E3B81}] => (Allow) C:\Program Files (x86)\hideallip_portable\HideAllIP_original.exe
FirewallRules: [{78718519-BBF1-423F-85A5-A38EB90438A1}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{E387EA5F-2F0C-4492-8C77-F38D543425BD}] => (Allow) C:\Windows\SysWOW64\rundll32.exe
FirewallRules: [{025412FE-F4FF-48A8-B182-ED5243455133}] => (Allow) C:\Windows\SysWOW64\rundll32.exe
FirewallRules: [{494672B6-ABB9-4B46-B394-FB79F90A8420}] => (Allow) C:\Program Files (x86)\Video Download Capture\Video Download Capture.exe
FirewallRules: [{046FFFA1-10FC-4143-9B8F-66643182F9B9}] => (Allow) C:\Program Files (x86)\Video Download Capture\Video Download Capture.exe
FirewallRules: [{70E96293-CA2D-4E17-946A-CF8D41C8F4C6}] => (Allow) C:\Program Files (x86)\Video Download Capture\ApowersoftSrv.dll
FirewallRules: [{31A5573E-9FCC-402B-A4AC-BA4D8BE1B0D1}] => (Allow) C:\Program Files (x86)\Video Download Capture\ApowersoftSrv.dll
FirewallRules: [{A0A03C70-A362-47C0-8145-59C694F56013}] => (Allow) C:\Program Files (x86)\Video Download Capture\ApowersoftDump.dll
FirewallRules: [{7FF3F09F-B624-4B24-B6D9-DE94ED3D12FD}] => (Allow) C:\Program Files (x86)\Video Download Capture\ApowersoftDump.dll
FirewallRules: [{DC1186B1-BE01-42D7-B185-0FE1A6507ADB}] => (Allow) C:\Program Files (x86)\Video Download Capture\ApowersoftAC.dll
FirewallRules: [{22608D59-C422-4874-86FF-DC36EE91A15E}] => (Allow) C:\Program Files (x86)\Video Download Capture\ApowersoftAC.dll
FirewallRules: [{E5FBC674-3F6A-41B0-A80F-246F9357613D}] => (Allow) C:\Program Files (x86)\Video Download Capture\ApowersoftPlayer.dll
FirewallRules: [{1E7D3329-7458-484A-AD99-E0F64D838D46}] => (Allow) C:\Program Files (x86)\Video Download Capture\ApowersoftPlayer.dll
FirewallRules: [{28C727AD-8D69-4D5B-91AB-D20F143D3FDC}] => (Allow) C:\Program Files (x86)\Video Download Capture\ApowersoftDownloaderHelp.dll
FirewallRules: [{306D4536-76BE-4E52-AF74-EBCCC1723872}] => (Allow) C:\Program Files (x86)\Video Download Capture\ApowersoftDownloaderHelp.dll
FirewallRules: [{874B5E64-5E72-411C-AA45-09E4792DD869}] => (Allow) C:\Program Files (x86)\Video Download Capture\ApowersoftHDSDump.dll
FirewallRules: [{FA2A0C6D-7516-4AE6-B3F6-C0232EAD1792}] => (Allow) C:\Program Files (x86)\Video Download Capture\ApowersoftHDSDump.dll
FirewallRules: [{D6C7BBEF-B46C-4344-9E2C-CF5BB78A00E5}] => (Allow) X:\Downloads Bitcomet\Hide.ALL.IP.v2015.07.17.150717-P2P_Portable.PROPER\Hide.ALL.IP.v2015.07.17.150717-P2P+Portable.PROPER\hideallip_portable\HideAllIP_original.exe
FirewallRules: [{0C5ACD59-37A7-4854-AD5E-E61348EA67C5}] => (Allow) X:\Downloads Bitcomet\Hide.ALL.IP.v2015.07.17.150717-P2P_Portable.PROPER\Hide.ALL.IP.v2015.07.17.150717-P2P+Portable.PROPER\hideallip_portable\HideAllIP_original.exe
FirewallRules: [{F1A2B584-1E05-4904-82AB-FC415CA92D64}] => (Allow) C:\Users\PoisonFrog\Desktop\hideallip_portable\HideAllIP_original.exe
FirewallRules: [{6FB780F6-F515-4581-8F24-6DF01BCF1B36}] => (Allow) C:\Users\PoisonFrog\Desktop\hideallip_portable\HideAllIP_original.exe
FirewallRules: [{E3D65B41-320A-42E5-8979-7502415665B8}] => (Allow) C:\Program Files (x86)\Hide ALL IP\HideAllIP.exe
FirewallRules: [{8A14170B-A628-4C7F-9B43-4ECC247AB934}] => (Allow) C:\Program Files (x86)\Hide ALL IP\HideAllIP.exe
FirewallRules: [{BAD53C6E-F584-48DB-991F-78D035C99B43}] => (Allow) C:\Program Files (x86)\Apowersoft\Video Download Capture\Video-Download-Capture.exe
FirewallRules: [{337BAA84-E7DD-49D8-AC10-C1DA64D9C56D}] => (Allow) C:\Program Files (x86)\Apowersoft\Video Download Capture\VideoDownloadCapture.exe
FirewallRules: [{817279E0-EAD2-48B4-8685-18A72836016C}] => (Allow) C:\Program Files (x86)\Apowersoft\Video Download Capture\ApowersoftSrv.dll
FirewallRules: [{CA0ECD15-A0C8-418C-AE47-A3BC54A24CF9}] => (Allow) C:\Program Files (x86)\Apowersoft\Video Download Capture\ApowersoftDump.dll
FirewallRules: [TCP Query User{8F0C1643-4761-4B52-93F4-6C6270B15408}C:\program files (x86)\hide all ip\hideallip.exe] => (Block) C:\program files (x86)\hide all ip\hideallip.exe
FirewallRules: [UDP Query User{801EF869-3A7F-494F-B3BE-4055E65543B4}C:\program files (x86)\hide all ip\hideallip.exe] => (Block) C:\program files (x86)\hide all ip\hideallip.exe
FirewallRules: [{C0B48A2A-8EC1-4680-B91E-81D41BFA0E4C}] => (Allow) C:\Windows\SysWOW64\rundll32.exe
FirewallRules: [{78C614D4-A828-49A1-8D42-B700E6FDDB83}] => (Allow) C:\Windows\SysWOW64\rundll32.exe
FirewallRules: [{8A0B3960-3AE9-4DDB-AE9F-ED0AE0A52BE2}] => (Allow) C:\Program Files (x86)\Microsoft.NET\v2.0.507279\msnetcore.exe
FirewallRules: [{E7F05150-8FC1-4405-A2EE-C9C1EFCC0C0A}] => (Allow) C:\Program Files (x86)\Microsoft.NET\v2.0.507279\msbuild.exe
 
==================== Faulty Device Manager Devices =============
 
Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft Teredo Tunneling Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (08/02/2015 04:59:37 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: knsu3983.tmpfs, version: 0.0.0.0, time stamp: 0x55be4154
Faulting module name: ole32.dll, version: 6.1.7601.17514, time stamp: 0x4ce7b96f
Exception code: 0xc0000005
Fault offset: 0x0003b42d
Faulting process id: 0x6a8
Faulting application start time: 0xknsu3983.tmpfs0
Faulting application path: knsu3983.tmpfs1
Faulting module path: knsu3983.tmpfs2
Report Id: knsu3983.tmpfs3
 
Error: (08/02/2015 03:50:15 PM) (Source: VSS) (EventID: 12298) (User: )
Description: Volume Shadow Copy Service error: The I/O writes cannot be held during the shadow copy creation period on volume C:\.
The volume index in the shadow copy set is 0. Error details: Open[0x00000000, The operation completed successfully.
], Flush[0x00000000, The operation completed successfully.
], Release[0x80042314, The shadow copy provider timed out while holding writes to the volume being shadow copied. This is probably due to excessive activity on the volume by an application or a system service. Try again later when activity on the volume is reduced.
], OnRun[0x00000000, The operation completed successfully.
].
 
 
Operation:
   Executing Asynchronous Operation
 
Context:
   Current State: DoSnapshotSet
 
Error: (08/02/2015 03:50:15 PM) (Source: VSS) (EventID: 12310) (User: )
Description: Volume Shadow Copy Service error: The shadow copy could not be committed - operation timed out.
Error context: DeviceIoControl(\\?\Volume{70496500-b742-11e1-9043-806e6f6e6963} - 0000000000000060,0x0053c010,0000000000275040,0,0000000000274030,4096,[0]).
 
 
Operation:
   Committing shadow copies
 
Context:
   Execution Context: System Provider
 
Error: (08/02/2015 03:00:05 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: nsh4164.tmp, version: 1.0.35.7, time stamp: 0x4b1ae3c6
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x006c6c61
Faulting process id: 0x17f8
Faulting application start time: 0xnsh4164.tmp0
Faulting application path: nsh4164.tmp1
Faulting module path: nsh4164.tmp2
Report Id: nsh4164.tmp3
 
Error: (08/02/2015 12:53:01 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcNvVAD initialization failed [6]
 
Error: (08/02/2015 12:53:01 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcFailed to set NvVAD endpoint as default Audio endpoint [0]
 
Error: (08/02/2015 12:26:08 PM) (Source: WindowsMangerProtect) (EventID: 102) (User: )
Description: WindowsMangerProtect
 
Error: (08/02/2015 12:26:05 PM) (Source: Microsoft-Windows-RPC-Events) (EventID: 10) (User: PoisonFrog-PC)
Description: "C:\Users\POISON~1\AppData\Local\Temp\xtmp13522229\QQBrowser.exe" -force  -type=2 -innerptid=cmi -mver=6.6.86.1606  C:\Users\POISON~1\AppData\Local\Temp\nsd45ED.tmp  -silence -ptid=cmi5224c0020043-0000-0000-0000-000069cff676000001a3-0000-0000-c000-000000000046
 
Error: (08/02/2015 12:21:15 PM) (Source: WindowsMangerProtect) (EventID: 102) (User: )
Description: WindowsMangerProtect
 
Error: (08/01/2015 08:21:06 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: rundll32.exe, version: 6.1.7600.16385, time stamp: 0x4a5bc637
Faulting module name: Flash32_18_0_0_209.ocx, version: 18.0.0.209, time stamp: 0x55a1edba
Exception code: 0xc0000005
Fault offset: 0x006028e8
Faulting process id: 0x404
Faulting application start time: 0xrundll32.exe0
Faulting application path: rundll32.exe1
Faulting module path: rundll32.exe2
Report Id: rundll32.exe3
 
 
System errors:
=============
Error: (08/02/2015 04:59:39 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Advanced Search Forward service terminated unexpectedly.  It has done this 1 time(s).
 
Error: (08/02/2015 04:53:40 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The TBPanel service failed to start due to the following error: 
%%2
 
Error: (08/02/2015 04:27:42 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: The following fatal alert was received: 40.
 
Error: (08/02/2015 04:04:50 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The TBPanel service failed to start due to the following error: 
%%2
 
Error: (08/02/2015 04:03:22 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\POISON~1\AppData\Local\Temp\trutil.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.
 
Error: (08/02/2015 04:03:22 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\POISON~1\AppData\Local\Temp\trutil.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.
 
Error: (08/02/2015 04:03:20 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\POISON~1\AppData\Local\Temp\trutil.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.
 
Error: (08/02/2015 04:03:20 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\POISON~1\AppData\Local\Temp\trutil.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.
 
Error: (08/02/2015 04:03:19 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Users\POISON~1\AppData\Local\Temp\trutil.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.
 
Error: (08/02/2015 03:58:30 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The TBPanel service failed to start due to the following error: 
%%2
 
 
Microsoft Office:
=========================
Error: (08/02/2015 04:59:37 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: knsu3983.tmpfs0.0.0.055be4154ole32.dll6.1.7601.175144ce7b96fc00000050003b42d6a801d0cd6db1b3be2cC:\Program Files (x86)\4C4C4544-1438534069-5710-8054-B1C04F334D31\knsu3983.tmpfsC:\Windows\syswow64\ole32.dllc3f51309-3961-11e5-9905-00217060a5e1
 
Error: (08/02/2015 03:50:15 PM) (Source: VSS) (EventID: 12298) (User: )
Description: C:\00x00000000, The operation completed successfully.
0x00000000, The operation completed successfully.
0x80042314, The shadow copy provider timed out while holding writes to the volume being shadow copied. This is probably due to excessive activity on the volume by an application or a system service. Try again later when activity on the volume is reduced.
0x00000000, The operation completed successfully.
 
 
Operation:
   Executing Asynchronous Operation
 
Context:
   Current State: DoSnapshotSet
 
Error: (08/02/2015 03:50:15 PM) (Source: VSS) (EventID: 12310) (User: )
Description: DeviceIoControl(\\?\Volume{70496500-b742-11e1-9043-806e6f6e6963} - 0000000000000060,0x0053c010,0000000000275040,0,0000000000274030,4096,[0])
 
Operation:
   Committing shadow copies
 
Context:
   Execution Context: System Provider
 
Error: (08/02/2015 03:00:05 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: nsh4164.tmp1.0.35.74b1ae3c6unknown0.0.0.000000000c0000005006c6c6117f801d0cd5dcf19a9d1C:\Users\POISON~1\AppData\Local\Temp\nsh4164.tmpunknown11281866-3951-11e5-b710-00217060a5e1
 
Error: (08/02/2015 12:53:01 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcNvVAD initialization failed [6]
 
Error: (08/02/2015 12:53:01 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcFailed to set NvVAD endpoint as default Audio endpoint [0]
 
Error: (08/02/2015 12:26:08 PM) (Source: WindowsMangerProtect) (EventID: 102) (User: )
Description: WindowsMangerProtect
 
Error: (08/02/2015 12:26:05 PM) (Source: Microsoft-Windows-RPC-Events) (EventID: 10) (User: PoisonFrog-PC)
Description: "C:\Users\POISON~1\AppData\Local\Temp\xtmp13522229\QQBrowser.exe" -force  -type=2 -innerptid=cmi -mver=6.6.86.1606  C:\Users\POISON~1\AppData\Local\Temp\nsd45ED.tmp  -silence -ptid=cmi5224c0020043-0000-0000-0000-000069cff676000001a3-0000-0000-c000-000000000046
 
Error: (08/02/2015 12:21:15 PM) (Source: WindowsMangerProtect) (EventID: 102) (User: )
Description: WindowsMangerProtect
 
Error: (08/01/2015 08:21:06 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: rundll32.exe6.1.7600.163854a5bc637Flash32_18_0_0_209.ocx18.0.0.20955a1edbac0000005006028e840401d0ccbb715e32baC:\Windows\SysWOW64\rundll32.exeC:\Windows\SysWOW64\Macromed\Flash\Flash32_18_0_0_209.ocxbf10c594-38b4-11e5-b05b-00217060a5e1
 
 
CodeIntegrity:
===================================
  Date: 2015-08-02 16:03:22.495
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Users\POISON~1\AppData\Local\Temp\trutil.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2015-08-02 16:03:22.312
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Users\POISON~1\AppData\Local\Temp\trutil.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2015-08-02 16:03:22.164
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Users\POISON~1\AppData\Local\Temp\trutil.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2015-08-02 16:03:22.015
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Users\POISON~1\AppData\Local\Temp\trutil.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2015-08-02 16:03:20.957
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Users\POISON~1\AppData\Local\Temp\trutil.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2015-08-02 16:03:20.800
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Users\POISON~1\AppData\Local\Temp\trutil.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2015-08-02 16:03:20.646
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Users\POISON~1\AppData\Local\Temp\trutil.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2015-08-02 16:03:20.491
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Users\POISON~1\AppData\Local\Temp\trutil.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2015-08-02 16:03:19.051
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Users\POISON~1\AppData\Local\Temp\trutil.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2015-08-02 16:03:18.900
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Users\POISON~1\AppData\Local\Temp\trutil.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
 
==================== Memory info =========================== 
 
Processor: Pentium® Dual-Core CPU E5400 @ 2.70GHz
Percentage of memory in use: 41%
Total physical RAM: 6143.18 MB
Available physical RAM: 3597.27 MB
Total Virtual: 12284.54 MB
Available Virtual: 9010.33 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:585.94 GB) (Free:272.66 GB) NTFS
Drive d: () (Fixed) (Total:1276.98 GB) (Free:370.73 GB) NTFS
Drive f: (WD) (Fixed) (Total:927.73 GB) (Free:816.19 GB) NTFS
Drive x: (WD) (Fixed) (Total:927.73 GB) (Free:569.47 GB) NTFS
Drive y: (WD) (Fixed) (Total:927.73 GB) (Free:910.48 GB) NTFS
Drive z: (WD) (Fixed) (Total:942.69 GB) (Free:411.48 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: 1B4ADFC0)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=1277 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=585.9 GB) - (Type=07 NTFS)
 
========================================================
Disk: 1 (Size: 3726 GB) (Disk ID: 2DF090D6)
 
Partition: GPT Partition Type.
 
==================== End of log ============================

Edited by saturday, 02 August 2015 - 08:18 PM.

  • 0

Advertisements


#2
saturday

saturday

    New Member

  • Topic Starter
  • Member
  • Pip
  • 7 posts

Ok, I eliminated the virus with Hitman Pro, I think. However, there's still a lot of collateral damage, mainly System Restore. It's not a simple fix...I suspect it's been turned off in the registry. Anyone have any ideas on how to reactivate it? It could solve a myriad of problems for me and hopefully avoid a reinstall of Windows.


  • 0

#3
Pyxis

Pyxis

    Trusted Helper

  • Malware Removal
  • 1,228 posts
Hello saturday,

I apologize for the delay! If you still require assistance, kindly follow the below steps (we are in need of fresh logs):
  • Step 1

    If you haven't already, download 'Farbar Recovery Scan Tool by Farbar' and save it to your desktop.
    • Simply double-click the program icon to run it. It will ask for administrator privileges.
    • The program will initialize. Press Yes to accept the disclaimer.
    • Put a check on Addition.
    • Press the Scan button after.
    • It will produce FRST.txt and Addition.txt on your desktop once done.
    • Copy (CTRL + A and CTRL + C) and paste (CTRL + V) the content of the logs in your next reply.
  • Logs to Post

    In summary of the above, I will need you to post the following log(s):
    • Addition.txt (Farbar Recovery Scan Tool)
    • FRST.txt (Farbar Recovery Scan Tool)
Thank you.
  • 0

#4
Pyxis

Pyxis

    Trusted Helper

  • Malware Removal
  • 1,228 posts
Due to lack of feedback, this topic has been closed.

If you need this topic reopened, please contact a staff member. This applies only to the original topic starter. Everyone else please begin a new topic.
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP