Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Opachki.ru removal


  • Please log in to reply

#1
zeph68

zeph68

    Member

  • Member
  • PipPip
  • 13 posts

My system is running slow and Task Manager shows CPU usage between 60 - 100%.  I ran SSD and it reports that my PC is infected with Opachki.ru.  Could you please assist me in removing this?  Thank you.

 

Here are the results from FRST:

 

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:07-11-2015
Ran by jenmike (administrator) on JENMIKE-PC (13-11-2015 19:09:56)
Running from C:\Users\jenmike\Desktop
Loaded Profiles: jenmike & UpdatusUser (Available Profiles: jenmike & UpdatusUser)
Platform: Microsoft® Windows Vista™ Home Premium  Service Pack 2 (X86) Language: English (United States)
Internet Explorer Version 9 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Creative Technology Ltd) C:\Program Files\Creative\Shared Files\CTAudSvc.exe
(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Amazon.com) C:\Program Files\Amazon\Amazon Games & Software Downloader\AmazonGSDownloaderService.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Nuance Communications, Inc.) C:\Program Files\Common Files\Nuance\dgnsvc.exe
(SEIKO EPSON CORPORATION) C:\Program Files\EPSON\EpsonCustomerParticipation\EPCP.exe
(Seiko Epson Corporation) C:\Windows\System32\escsvc.exe
() C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.8.586.8535\AdAwareService.exe
(LeapFrog Enterprises, Inc.) C:\Program Files\LeapFrog\LeapFrog Connect\CommandService.exe
(McAfee, Inc.) C:\Program Files\McAfee\SiteAdvisor\McSACore.exe
(McAfee, Inc.) C:\Program Files\Common Files\Mcafee\SystemCore\mfemms.exe
(McAfee, Inc.) C:\Program Files\Common Files\Mcafee\SystemCore\mfevtps.exe
(McAfee, Inc.) C:\Program Files\Common Files\Mcafee\SystemCore\mfevtps.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(McAfee, Inc.) C:\Program Files\Common Files\Mcafee\AMCore\mcshield.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(McAfee, Inc.) C:\Program Files\Common Files\Mcafee\SystemCore\mfefire.exe
() C:\Windows\System32\PnkBstrA.exe
() C:\Windows\System32\PnkBstrB.exe
(Radialpoint Inc.) C:\Program Files\Verizon\VSP\ServicepointService.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(McAfee, Inc.) C:\Program Files\McAfee\MSC\McAPExe.exe
(McAfee, Inc.) C:\Program Files\Common Files\Mcafee\SystemCore\mfefire.exe
(McAfee, Inc.) C:\Program Files\Common Files\Mcafee\Platform\McSvcHost\McSvHost.exe
(Amazon.com) C:\Program Files\Amazon\Amazon Games & Software Downloader\AmazonGSDownloaderTray.exe
(Verizon) C:\Program Files\Verizon\VSP\VerizonServicepoint.exe
(Microsoft Corporation) C:\Program Files\Microsoft IntelliPoint\ipoint.exe
(Microsoft Corporation) C:\Program Files\Microsoft IntelliType Pro\itype.exe
(SEIKO EPSON CORPORATION) C:\Program Files\EPSON Software\Event Manager\EEventManager.exe
(SEIKO EPSON CORPORATION) C:\Program Files\EPSON Software\FAX Utility\FUFAXRCV.exe
(SEIKO EPSON CORPORATION) C:\Program Files\EPSON Software\FAX Utility\FUFAXSTM.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(McAfee, Inc.) C:\Program Files\Common Files\Mcafee\Platform\McUICnt.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
(Lavasoft) C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe
(Creative Technology Ltd) C:\Windows\System32\CtHelper.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
() C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.8.586.8535\AdAwareTray.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Safer-Networking Ltd.) C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner.exe
(Microsoft Corporation) C:\Program Files\Microsoft IntelliPoint\dpupdchk.exe
(Microsoft Corporation) C:\Program Files\Windows Media Player\wmpnscfg.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Microsoft Corporation) C:\Windows\System32\wuauclt.exe
(McAfee, Inc.) C:\Program Files\McAfee\VirusScan\mcods.exe
(Safer Networking Limited) C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe
(Google Inc.) C:\Users\jenmike\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\jenmike\AppData\Local\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\cmd.exe
(McAfee, Inc.) C:\Program Files\McAfee\SiteAdvisor\McChHost.exe
(McAfee, Inc.) C:\Program Files\McAfee\SiteAdvisor\saUI.exe
(Radialpoint Inc.) C:\Program Files\Verizon\VSP\VerizonServicepointComHandler.exe
(Google Inc.) C:\Users\jenmike\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\jenmike\AppData\Local\Google\Chrome\Application\chrome.exe
 
 
==================== Registry (Whitelisted) ===========================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [Windows Defender] => C:\Program Files\Windows Defender\MSASCui.exe [1008184 2008-01-20] (Microsoft Corporation)
HKLM\...\Run: [CTxfiHlp] => C:\Windows\system32\CTXFIHLP.EXE [19968 2007-04-09] (Creative Technology Ltd)
HKLM\...\Run: [AmazonGSDownloaderTray] => C:\Program Files\Amazon\Amazon Games & Software Downloader\AmazonGSDownloaderTray.exe [246272 2009-02-02] (Amazon.com)
HKLM\...\Run: [mcui_exe] => C:\Program Files\McAfee.com\Agent\mcagent.exe [582288 2015-03-03] (McAfee, Inc.)
HKLM\...\Run: [VerizonServicepoint.exe] => C:\Program Files\Verizon\VSP\VerizonServicepoint.exe [4318520 2011-01-10] (Verizon)
HKLM\...\Run: [IntelliPoint] => c:\Program Files\Microsoft IntelliPoint\ipoint.exe [1821576 2011-08-01] (Microsoft Corporation)
HKLM\...\Run: [itype] => C:\Program Files\Microsoft IntelliType Pro\itype.exe [1505144 2009-11-05] (Microsoft Corporation)
HKLM\...\Run: [EEventManager] => C:\Program Files\Epson Software\Event Manager\EEventManager.exe [1058400 2012-01-26] (SEIKO EPSON CORPORATION)
HKLM\...\Run: [FUFAXRCV] => C:\Program Files\Epson Software\FAX Utility\FUFAXRCV.exe [502912 2012-02-29] (SEIKO EPSON CORPORATION)
HKLM\...\Run: [FUFAXSTM] => C:\Program Files\Epson Software\FAX Utility\FUFAXSTM.exe [863360 2012-02-29] (SEIKO EPSON CORPORATION)
HKLM\...\Run: [mcpltui_exe] => C:\Program Files\Common Files\McAfee\Platform\mcuicnt.exe [562688 2015-02-11] (McAfee, Inc.)
HKLM\...\Run: [Nvtmru] => C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe [1028384 2013-11-14] (NVIDIA Corporation)
HKLM\...\Run: [DNS7reminder] => C:\Program Files\Nuance\NaturallySpeaking12\Ereg\Ereg.exe [328992 2010-10-27] (Nuance Communications, Inc.)
HKLM\...\Run: [Ad-Aware Browsing Protection] => C:\ProgramData\Ad-Aware Browsing Protection\adawarebp.exe [559696 2013-09-27] (Lavasoft)
HKLM\...\Run: [CTHelper] => C:\Windows\system32\CTHELPER.EXE [19456 2010-03-18] (Creative Technology Ltd)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [597040 2015-10-06] (Oracle Corporation)
HKLM\...\Run: [AdAwareTray] => C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.8.586.8535\AdAwareTray.exe [7992032 2015-08-27] ()
HKLM\...\Run: [] => [X]
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKLM\...\Policies\Explorer: [NoFolderOptions] 0
HKU\S-1-5-21-4281579821-372289546-3755377909-1000\...\Run: [SpybotSD TeaTimer] => C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2260480 2009-03-05] (Safer-Networking Ltd.)
HKU\S-1-5-21-4281579821-372289546-3755377909-1000\...\Run: [swg] => C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [68856 2008-07-16] (Google Inc.)
HKU\S-1-5-21-4281579821-372289546-3755377909-1000\...\Run: [GoogleChromeAutoLaunch_8912F4DACD66F1C990C49677BB935403] => C:\Users\jenmike\AppData\Local\Google\Chrome\Application\chrome.exe [811848 2015-11-06] (Google Inc.)
HKU\S-1-5-21-4281579821-372289546-3755377909-1000\...\Run: [Google Update] => C:\Users\jenmike\AppData\Local\Google\Update\GoogleUpdate.exe [144200 2015-08-29] (Google Inc.)
HKU\S-1-5-21-4281579821-372289546-3755377909-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner.exe [6495144 2015-09-16] (Piriform Ltd)
HKU\S-1-5-21-4281579821-372289546-3755377909-1000\...\RunOnce: [FlashPlayerUpdate] => C:\Windows\system32\Macromed\Flash\FlashUtil32_11_4_402_287_ActiveX.exe [692152 2012-10-26] (Adobe Systems Incorporated)
HKU\S-1-5-21-4281579821-372289546-3755377909-1000\...\RunOnce: [Shockwave Updater] => "C:\Windows\system32\Adobe\Shockwave 11\SwHelper_1157609.exe" -Update
HKU\S-1-5-21-4281579821-372289546-3755377909-1000\...\MountPoints2: {bee0bea9-7d33-11df-b982-000129a45b17} - I:\Windows\bin\eblSetup.exe
HKU\S-1-5-21-4281579821-372289546-3755377909-1000\...\MountPoints2: {c287edd4-529f-11dd-b3af-806e6f6e6963} - E:\install\autorun.exe
HKU\S-1-5-21-4281579821-372289546-3755377909-1000\...\MountPoints2: {e910beb4-ea78-11df-805e-000129a45b17} - H:\LaunchU3.exe -a
HKU\S-1-5-21-4281579821-372289546-3755377909-1000\...\MountPoints2: {e910c148-ea78-11df-805e-000129a45b17} - J:\Windows\bin\eblSetup.exe
HKU\S-1-5-21-4281579821-372289546-3755377909-1000\...\MountPoints2: {e910c29c-ea78-11df-805e-000129a45b17} - G:\MI.exe
HKU\S-1-5-21-4281579821-372289546-3755377909-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\POLYMO~1.SCR [512000 2006-12-22] ( www.adamdawes.com)
Startup: C:\Users\jenmike\AppData\Local\Windows\winhelp.exe [2010-08-25] ()
GroupPolicy: Restriction - Chrome <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
ProxyServer: [.DEFAULT] => http=127.0.0.1:55980
AutoConfigURL: [.DEFAULT] => http=127.0.0.1:55980
Winsock: Catalog5 05 C:\Program Files\Bonjour\mdnsNSP.dll [121704 2011-08-30] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 71.250.0.12
Tcpip\..\Interfaces\{1435460D-49E1-4F0B-ABC4-85F0D4BB879A}: [DhcpNameServer] 192.168.1.1 71.250.0.12
 
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = 
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\.DEFAULT -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-4281579821-372289546-3755377909-1000 -> DefaultScope {D119D9E8-FF49-4236-B8F0-4DFA94414D48} URL = hxxps://search.yahoo.com/search?fr=mcafee&type=B011US756D20141024&p={searchTerms}
SearchScopes: HKU\S-1-5-21-4281579821-372289546-3755377909-1000 -> {D119D9E8-FF49-4236-B8F0-4DFA94414D48} URL = hxxps://search.yahoo.com/search?fr=mcafee&type=B011US756D20141024&p={searchTerms}
SearchScopes: HKU\S-1-5-21-4281579821-372289546-3755377909-1003 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2008-06-11] (Adobe Systems Incorporated)
BHO: Spybot-S&D IE Protection -> {53707962-6F74-2D53-2644-206D7942484F} -> C:\Program Files\Spybot - Search & Destroy\SDHelper.dll [2008-09-15] (Safer Networking Limited)
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_65\bin\ssv.dll [2015-10-24] (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2015-09-22] (Google Inc.)
BHO: McAfee SiteAdvisor BHO -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll [2015-09-15] (McAfee, Inc.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO: No Name -> {C9C42510-9B41-42c1-9DCD-7282A2D07C61}C -> No File
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_65\bin\jp2ssv.dll [2015-10-24] (Oracle Corporation)
Toolbar: HKLM - McAfee SiteAdvisor Toolbar - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll [2015-09-15] (McAfee, Inc.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2015-09-22] (Google Inc.)
Toolbar: HKU\S-1-5-21-4281579821-372289546-3755377909-1000 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2015-09-22] (Google Inc.)
DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} hxxp://office.microsoft.com/templates/ieawsdc.cab
DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83} hxxp://upload.facebook.com/controls/2008.10.10_v5.5.8/FacebookPhotoUploader5.cab
DPF: {166B1BCA-3F9C-11CF-8075-444553540000} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {233C1507-6A77-46A4-9443-F871F945D258} hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
DPF: {63DF43C2-469A-41F3-B119-17B1ACE8BB34} hxxp://65.196.27.213:8081/home/SonySncRz30View.cab
DPF: {6D2EF4B4-CB62-4C0B-85F3-B79C236D702C} hxxp://www.new.facebook.com/controls/contactx.dll
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.8.0/jinstall-1_8_0_45-windows-i586.cab
DPF: {8BE5651C-D60B-4B59-B5B2-F0EB93733D17} hxxps://www36.verizon.com/FiOSVoice/UnProtected/FiosVoiceVMUtil.CAB
DPF: {CAFEEFAC-0018-0000-0045-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.8.0/jinstall-1_8_0_45-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.8.0/jinstall-1_8_0_45-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
DPF: {E8F628B5-259A-4734-97EE-BA914D7BE941} hxxp://driveragent.com/files/driveragent.cab
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll [2015-09-15] (McAfee, Inc.)
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files\McAfee\SiteAdvisor\McIEPlg.dll [2015-09-15] (McAfee, Inc.)
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\McAfee\MSC\McSnIePl.dll [2015-03-03] (McAfee, Inc.)
StartMenuInternet: IEXPLORE.EXE - 
 
FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_14_0_0_145.dll [2014-07-11] ()
FF Plugin: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw_1168638.dll [2012-10-04] (Adobe Systems, Inc.)
FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll [2011-11-14] ()
FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll [2015-05-20] (Google)
FF Plugin: @java.com/DTPlugin,version=11.65.2 -> C:\Program Files\Java\jre1.8.0_65\bin\dtplugin\npDeployJava1.dll [2015-10-24] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.65.2 -> C:\Program Files\Java\jre1.8.0_65\bin\plugin2\npjp2.dll [2015-10-24] (Oracle Corporation)
FF Plugin: @mcafee.com/MSC,version=10 -> c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL [2015-03-03] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation)
FF Plugin: @pack.google.com/Google Updater;version=13 -> C:\Program Files\Google\Google Updater\2.4.1536.6592\npCIDetect13.dll [2009-03-24] (Google)
FF Plugin: @pandonetworks.com/PandoWebPlugin -> C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll [2011-10-15] (Pando Networks)
FF Plugin: @radialpoint.com/SPA,version=1 -> C:\Program Files\Verizon\VSP\nprpspa.dll [2011-01-10] (Verizon)
FF Plugin: @soe.sony.com/installer,version=1.0.3 -> C:\PROGRA~1\SONYON~1\npsoe.dll [2009-05-18] ()
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-15] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-15] (Google Inc.)
FF Plugin: @unity3d.com/UnityPlayer -> C:\Program Files\Unity\WebPlayer\loader\npUnity3D32.dll [2009-03-17] (Unity Technologies ApS)
FF Plugin: nuance.com/DragonRIAPlugin -> C:\PROGRA~1\Nuance\NATURA~1\Program\npDgnRia.dll [2013-10-15] (Nuance Communications Inc.)
FF Plugin HKU\S-1-5-21-4281579821-372289546-3755377909-1000: @bittorrent.com/BitTorrentDNA -> C:\Users\jenmike\Program Files\DNA\plugins\npbtdna.dll [2009-08-30] (BitTorrent, Inc.)
FF Plugin HKU\S-1-5-21-4281579821-372289546-3755377909-1000: @tools.google.com/Google Update;version=3 -> C:\Users\jenmike\AppData\Local\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-17] (Google Inc.)
FF Plugin HKU\S-1-5-21-4281579821-372289546-3755377909-1000: @tools.google.com/Google Update;version=9 -> C:\Users\jenmike\AppData\Local\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-17] (Google Inc.)
FF Plugin HKU\S-1-5-21-4281579821-372289546-3755377909-1000: pandonetworks.com/PandoWebPlugin -> C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll [2011-10-15] (Pando Networks)
FF Plugin HKU\S-1-5-21-4281579821-372289546-3755377909-1000: sony.com/MediaGoDetector -> C:\Program Files\Sony\Media Go\npMediaGoDetector.dll [2015-05-29] (Sony Network Entertainment International LLC)
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2013-08-12] [not signed]
FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files\McAfee\SiteAdvisor\saffplg.xpi
FF Extension: McAfee WebAdvisor - C:\Program Files\McAfee\SiteAdvisor\saffplg.xpi [2015-09-07]
FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files\Nuance\NaturallySpeaking12\Program\ffShim.xpi
FF Extension: Dragon NaturallySpeaking Rich Internet Application Support - C:\Program Files\Nuance\NaturallySpeaking12\Program\ffShim.xpi [2013-10-15] [not signed]
FF HKLM\...\Thunderbird\Extensions: [[email protected]] - C:\Program Files\McAfee\MSK
FF Extension: McAfee Anti-Spam Thunderbird Extension - C:\Program Files\McAfee\MSK [2015-07-05] [not signed]
FF HKU\S-1-5-21-4281579821-372289546-3755377909-1000\...\Firefox\Extensions: [{d5bc46d8-67c7-11dc-8c1d-0097498c2b7a}] - C:\Users\jenmike\Program Files\DNA
FF Extension: DNA - C:\Users\jenmike\Program Files\DNA [2013-08-12] [not signed]
FF HKU\S-1-5-21-4281579821-372289546-3755377909-1000\...\Firefox\Extensions: [{D3D66102-660C-4B70-8D9B-2899CCF57DE3}] - C:\Users\jenmike\AppData\Local\{D3D66102-660C-4B70-8D9B-2899CCF57DE3}
FF Extension: XULRunner - C:\Users\jenmike\AppData\Local\{D3D66102-660C-4B70-8D9B-2899CCF57DE3} [2013-08-12] [not signed]
 
Chrome: 
=======
CHR Profile: C:\Users\jenmike\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (SiteAdvisor) - C:\Users\jenmike\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho [2015-07-04]
CHR Extension: (Dragon NaturallySpeaking Rich Internet Application Support) - C:\Users\jenmike\AppData\Local\Google\Chrome\User Data\Default\Extensions\mikhcaiakabeeokmenglcdebplfdjicn [2015-05-21]
CHR Extension: (Chrome Web Store Payments) - C:\Users\jenmike\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-07-30]
CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho] - C:\Program Files\McAfee\SiteAdvisor\McChPlg.crx [2015-09-15]
CHR HKLM\...\Chrome\Extension: [ihenkjeihefokohmemphikjnjbmegdik] - "C:\Program Files\Sony\Media Go\MediaGoDetector.crx" <not found>
CHR HKLM\...\Chrome\Extension: [mikhcaiakabeeokmenglcdebplfdjicn] - C:\Program Files\Nuance\NaturallySpeaking12\Program\chromeShim.crx [2013-10-15]
StartMenuInternet: Google Chrome - 
 
==================== Services (Whitelisted) ========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
S2 0102281447459659mcinstcleanup; C:\Windows\TEMP\010228~1.EXE [883024 2015-05-04] (McAfee, Inc.)
S3 ABBYY.Licensing.FineReader.Sprint.9.0; C:\Program Files\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [759048 2009-05-14] (ABBYY)
R2 Amazon Download Agent; C:\Program Files\Amazon\Amazon Games & Software Downloader\AmazonGSDownloaderService.exe [317440 2009-02-02] (Amazon.com) [File not signed]
S3 Creative ALchemy AL6 Licensing Service; C:\Program Files\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [79360 2013-09-19] (Creative Labs) [File not signed]
S3 Creative Audio Engine Licensing Service; C:\Program Files\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [79360 2013-09-19] (Creative Labs) [File not signed]
R2 CTAudSvcService; C:\Program Files\Creative\Shared Files\CTAudSvc.exe [286720 2010-02-12] (Creative Technology Ltd) [File not signed]
R2 DragonSvc; C:\Program Files\Common Files\Nuance\dgnsvc.exe [311184 2013-10-15] (Nuance Communications, Inc.)
S3 EasyAntiCheat; C:\Windows\system32\EasyAntiCheat.exe [174112 2014-11-28] (EasyAntiCheat Ltd)
R2 EpsonCustomerParticipation; C:\Program Files\EPSON\EpsonCustomerParticipation\EPCP.exe [539744 2012-05-10] (SEIKO EPSON CORPORATION)
R2 EpsonScanSvc; C:\Windows\system32\EscSvc.exe [122000 2011-12-11] (Seiko Epson Corporation)
R2 HomeNetSvc; C:\Program Files\Common Files\Mcafee\Platform\McSvcHost\McSvHost.exe [291816 2015-02-11] (McAfee, Inc.)
R2 LavasoftAdAwareService11; C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.8.586.8535\AdAwareService.exe [659872 2015-08-27] ()
S2 MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
R2 McAfee SiteAdvisor Service; C:\Program Files\McAfee\SiteAdvisor\McSACore.exe [132160 2015-09-28] (McAfee, Inc.)
R2 McAPExe; C:\Program Files\McAfee\MSC\McAPExe.exe [690408 2015-03-03] (McAfee, Inc.)
R2 McMPFSvc; C:\Program Files\Common Files\Mcafee\Platform\McSvcHost\McSvHost.exe [291816 2015-02-11] (McAfee, Inc.)
R2 McNaiAnn; C:\Program Files\Common Files\Mcafee\Platform\McSvcHost\McSvHost.exe [291816 2015-02-11] (McAfee, Inc.)
R3 McODS; C:\Program Files\McAfee\VirusScan\mcods.exe [476680 2015-02-27] (McAfee, Inc.)
S2 McOobeSv; C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe [167784 2012-08-31] (McAfee, Inc.)
R2 mcpltsvc; C:\Program Files\Common Files\Mcafee\Platform\McSvcHost\McSvHost.exe [291816 2015-02-11] (McAfee, Inc.)
R2 McProxy; C:\Program Files\Common Files\Mcafee\Platform\McSvcHost\McSvHost.exe [291816 2015-02-11] (McAfee, Inc.)
R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [196600 2015-02-17] (McAfee, Inc.)
R2 mfemms; C:\Program Files\Common Files\McAfee\SystemCore\\mfemms.exe [334576 2015-03-01] (McAfee, Inc.)
R2 mfevtp; C:\Program Files\Common Files\McAfee\SystemCore\mfevtps.exe [238288 2015-02-17] (McAfee, Inc.)
R2 MSK80Service; C:\Program Files\Common Files\Mcafee\Platform\McSvcHost\McSvHost.exe [291816 2015-02-11] (McAfee, Inc.)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [43520 2006-11-08] (Hewlett-Packard) [File not signed]
S3 Origin Client Service; C:\Program Files\Origin\OriginClientService.exe [2057736 2015-09-24] (Electronic Arts)
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [53248 2006-11-08] (Hewlett-Packard) [File not signed]
R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [66872 2011-12-12] ()
R2 PnkBstrB; C:\Windows\system32\PnkBstrB.exe [107832 2011-12-12] ()
R2 ServicepointService; C:\Program Files\Verizon\VSP\ServicepointService.exe [689464 2011-01-10] (Radialpoint Inc.)
S2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [272952 2008-01-20] (Microsoft Corporation)
 
===================== Drivers (Whitelisted) ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [278984 2008-07-26] ()
R3 cfwids; C:\Windows\System32\drivers\cfwids.sys [61848 2015-02-17] (McAfee, Inc.)
S3 COMMONFX; C:\Windows\System32\drivers\COMMONFX.SYS [99416 2010-03-18] (Creative Technology Ltd)
R3 COMMONFX.SYS; C:\Windows\System32\drivers\COMMONFX.SYS [99416 2010-03-18] (Creative Technology Ltd)
S3 CT20XUT.DLL; C:\Windows\System32\CT20XUT.DLL [164608 2007-04-12] (Creative Technology Ltd.) [File not signed]
S3 CTAUDFX; C:\Windows\System32\drivers\CTAUDFX.SYS [555096 2010-03-18] (Creative Technology Ltd)
R3 CTAUDFX.SYS; C:\Windows\System32\drivers\CTAUDFX.SYS [555096 2010-03-18] (Creative Technology Ltd)
S3 ctdvda2k; C:\Windows\System32\drivers\ctdvda2k.sys [347144 2010-03-18] (Creative Technology Ltd)
S3 CTEAPSFX.DLL; C:\Windows\System32\CTEAPSFX.DLL [168192 2007-04-12] (Creative Technology Ltd) [File not signed]
S3 CTEDSPFX.DLL; C:\Windows\System32\CTEDSPFX.DLL [280320 2007-04-12] (Creative Technology Ltd) [File not signed]
S3 CTEDSPIO.DLL; C:\Windows\System32\CTEDSPIO.DLL [128768 2007-04-12] (Creative Technology Ltd) [File not signed]
S3 CTEDSPSY.DLL; C:\Windows\System32\CTEDSPSY.DLL [323328 2007-04-12] (Creative Technology Ltd) [File not signed]
S3 CTERFXFX; C:\Windows\System32\drivers\CTERFXFX.SYS [100952 2010-03-18] (Creative Technology Ltd)
S3 CTERFXFX.SYS; C:\Windows\System32\drivers\CTERFXFX.SYS [100952 2010-03-18] (Creative Technology Ltd)
S3 CTEXFIFX.DLL; C:\Windows\System32\CTEXFIFX.DLL [1317632 2007-04-12] (Creative Technology Ltd.) [File not signed]
S3 CTHWIUT.DLL; C:\Windows\System32\CTHWIUT.DLL [66816 2007-04-12] (Creative Technology Ltd.) [File not signed]
S3 CTSBLFX; C:\Windows\System32\drivers\CTSBLFX.SYS [566360 2010-03-18] (Creative Technology Ltd)
R3 CTSBLFX.SYS; C:\Windows\System32\drivers\CTSBLFX.SYS [566360 2010-03-18] (Creative Technology Ltd)
R2 enodpl; C:\Windows\System32\drivers\enodpl.sys [7552 2003-03-02] () [File not signed]
S3 ENTECH; C:\Windows\system32\DRIVERS\ENTECH.sys [27672 2007-09-07] (EnTech Taiwan)
S3 FlyUsb; C:\Windows\System32\DRIVERS\FlyUsb.sys [19456 2011-11-12] (LeapFrog)
R3 ha10kx2k; C:\Windows\System32\drivers\ha10kx2k.sys [798808 2010-03-18] (Creative Technology Ltd)
S3 hap16v2k; C:\Windows\System32\drivers\hap16v2k.sys [162904 2010-03-18] (Creative Technology Ltd)
S3 hap17v2k; C:\Windows\System32\drivers\hap17v2k.sys [189528 2010-03-18] (Creative Technology Ltd)
S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [147912 2013-09-23] (McAfee, Inc.)
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [25416 2008-07-26] ()
S3 Maplom; C:\Windows\system32\Drivers\Maplom.sys [35264 2008-03-01] (SlySoft Inc.)
R3 MaplomL; C:\Windows\system32\Drivers\MaplomL.sys [33216 2008-03-01] (SlySoft Inc.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [23256 2015-10-05] (Malwarebytes)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [51928 2015-10-05] (Malwarebytes Corporation)
R3 mfeaack; C:\Windows\System32\drivers\mfeaack.sys [304928 2015-02-17] (McAfee, Inc.)
R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [260248 2015-02-17] (McAfee, Inc.)
R0 mfedisk; C:\Windows\System32\DRIVERS\mfedisk.sys [82800 2015-02-17] (McAfee, Inc.)
R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [371648 2015-02-17] (McAfee, Inc.)
R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [648552 2015-02-17] (McAfee, Inc.)
R3 mfencbdc; C:\Windows\System32\DRIVERS\mfencbdc.sys [380496 2015-01-15] (McAfee, Inc.)
S3 mfencrk; C:\Windows\System32\DRIVERS\mfencrk.sys [80760 2015-01-15] (McAfee, Inc.)
R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [217584 2015-02-17] (McAfee, Inc.)
R3 NuidFltr; C:\Windows\System32\DRIVERS\NuidFltr.sys [14736 2009-05-09] (Microsoft Corporation)
R0 phmburnr; C:\Windows\System32\DRIVERS\phmburnr.sys [40576 2008-09-17] (Phantombility, Inc) [File not signed]
R1 prodrv06; C:\Windows\System32\drivers\prodrv06.sys [80768 2006-12-23] (Protection Technology) [File not signed]
R0 prohlp02; C:\Windows\System32\drivers\prohlp02.sys [77120 2006-12-23] (Protection Technology) [File not signed]
R0 prosync1; C:\Windows\System32\drivers\prosync1.sys [7136 2005-12-21] (Protection Technology) [File not signed]
R1 SCDEmu; C:\Windows\system32\Drivers\SCDEmu.sys [114408 2014-02-03] (Power Software Ltd)
R0 sfhlp01; C:\Windows\System32\drivers\sfhlp01.sys [4832 2003-12-01] (Protection Technology) [File not signed]
R0 sfsync04; C:\Windows\System32\drivers\sfsync04.sys [61368 2012-06-19] (Protection Technology (StarForce))
R2 tandpl; C:\Windows\System32\drivers\tandpl.sys [4736 2003-04-19] () [File not signed]
R3 Trufos; C:\Windows\System32\DRIVERS\Trufos.sys [408280 2015-01-22] (BitDefender S.R.L.)
S3 TVICHW32; C:\Windows\system32\DRIVERS\TVICHW32.SYS [23600 2008-07-15] (EnTech Taiwan) [File not signed]
R3 WinDriver6; C:\Windows\System32\drivers\windrvr6.sys [186592 2009-01-02] (Jungo)
S3 COMMONFX.DLL; system32\COMMONFX.DLL [X]
S3 CTAUDFX.DLL; system32\CTAUDFX.DLL [X]
S3 CTERFXFX.DLL; system32\CTERFXFX.DLL [X]
S3 CTSBLFX.DLL; system32\CTSBLFX.DLL [X]
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S2 MCSTRM; no ImagePath
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
S3 PCIUtil; \??\C:\Users\jenmike\AppData\Local\Temp\PCIUtil.sys [X]
S3 pnicml; \??\C:\Users\jenmike\AppData\Local\Temp\pnicml.sys [X]
S0 qxuaja; no ImagePath
S3 XDva190; \??\C:\Windows\system32\XDva190.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2015-11-13 19:09 - 2015-11-13 19:12 - 00031562 _____ C:\Users\jenmike\Desktop\FRST.txt
2015-11-13 19:08 - 2015-11-13 19:10 - 00000000 ____D C:\FRST
2015-11-13 19:07 - 2015-11-13 19:07 - 01702400 _____ (Farbar) C:\Users\jenmike\Desktop\FRST.exe
2015-11-13 17:53 - 2015-11-13 17:53 - 00001031 _____ C:\Users\jenmike\Desktop\RunAlyzer.lnk
2015-11-13 17:52 - 2015-11-13 17:52 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Safer Networking
2015-11-13 17:52 - 2015-11-13 17:52 - 00000000 ____D C:\Program Files\Safer Networking
2015-11-13 17:51 - 2015-11-13 17:51 - 07966432 _____ (Safer Networking Limited ) C:\Users\jenmike\Downloads\runalyz-1.6.1.24.exe
2015-11-13 12:41 - 2015-11-13 12:41 - 00014629 _____ C:\Users\jenmike\Desktop\hijackthis.log
2015-11-13 12:28 - 2015-11-13 12:28 - 00388608 _____ (Trend Micro Inc.) C:\Users\jenmike\Desktop\HijackThis (1).exe
2015-11-13 12:20 - 2015-11-13 12:20 - 00000304 _____ C:\Windows\PFRO.log
2015-11-12 11:51 - 2015-11-12 11:51 - 00000000 ____D C:\ProgramData\Solidshield
2015-11-11 21:34 - 2015-11-11 20:56 - 00000722 _____ C:\Users\jenmike\Desktop\Treasure Cove!.lnk
2015-11-11 20:56 - 2015-11-11 21:27 - 00000000 ____D C:\Tlcwin
2015-11-11 20:56 - 2015-11-11 20:56 - 00000106 _____ C:\Windows\TLCAPPS.INI
2015-11-11 20:56 - 2015-11-11 20:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The Learning Company
2015-11-11 20:56 - 1994-09-20 22:00 - 00092208 ____N (Microsoft Corporation) C:\Windows\system32\Wing.dll
2015-11-11 20:56 - 1994-09-20 22:00 - 00012800 ____N (Microsoft Corporation) C:\Windows\system32\Wing32.dll
2015-11-11 20:56 - 1994-09-20 22:00 - 00006736 ____N (Microsoft Corporation) C:\Windows\system32\Wingdib.drv
2015-11-11 20:56 - 1994-09-20 22:00 - 00005024 ____N (Microsoft Corporation) C:\Windows\system32\Wingpal.wnd
2015-11-11 20:56 - 1994-08-23 22:00 - 00188960 ____N (Microsoft Corporation) C:\Windows\system32\Wingde.dll
2015-11-02 09:14 - 2015-11-02 09:14 - 00000272 _____ C:\Users\jenmike\Desktop\Wall Oven Electronic Control Board  Part Number 316418553  SAME DAY SHIP GUARANTEE from Sears PartsDirect.url
2015-11-02 09:14 - 2015-11-02 09:14 - 00000208 _____ C:\Users\jenmike\Desktop\Amazon.com  Vision Bird Cage Model M02 - Medium  Parakeet Cage  Pet Supplies.url
2015-10-26 10:40 - 2015-11-13 12:24 - 00002220 _____ C:\Users\Public\Desktop\Ad-Aware Antivirus.lnk
2015-10-26 10:40 - 2015-10-26 10:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft
2015-10-26 10:38 - 2015-10-26 10:38 - 00000000 ____D C:\Program Files\Common Files\Lavasoft
2015-10-26 10:36 - 2015-10-26 10:36 - 02012464 _____ C:\Users\jenmike\Downloads\Adaware_Installer (4).exe
2015-10-26 09:58 - 2015-10-26 09:59 - 01694208 _____ C:\Users\jenmike\Downloads\adwcleaner_5.015.exe
2015-10-26 09:57 - 2015-10-26 09:57 - 00002333 _____ C:\Users\jenmike\Downloads\AdwCleaner.exe - Shortcut.lnk
2015-10-26 09:57 - 2015-10-26 09:57 - 00002333 _____ C:\Users\jenmike\Downloads\AdwCleaner.exe - Shortcut (2).lnk
2015-10-24 13:02 - 2015-10-24 13:02 - 00000000 ____D C:\Program Files\Common Files\Java
2015-10-24 13:01 - 2015-10-24 13:01 - 00000000 ____D C:\Users\jenmike\AppData\Roaming\Sun
2015-10-24 13:01 - 2015-10-24 13:01 - 00000000 ____D C:\Users\jenmike\.oracle_jre_usage
2015-10-24 12:59 - 2015-10-24 12:59 - 00000000 ____D C:\Users\jenmike\AppData\LocalLow\Oracle
2015-10-22 16:11 - 2015-10-26 10:02 - 00000000 ____D C:\AdwCleaner
2015-10-22 16:10 - 2015-10-22 16:10 - 01691648 _____ C:\Users\jenmike\Downloads\AdwCleaner.exe
2015-10-18 20:47 - 2015-10-18 20:47 - 03485985 _____ C:\Users\jenmike\Downloads\Untitled_Message (1).zip
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2015-11-13 19:13 - 2014-11-14 06:46 - 00000916 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4281579821-372289546-3755377909-1000UA1d000009d635bea.job
2015-11-13 19:01 - 2015-05-15 00:51 - 00000886 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA1d08ed33c35f3e1.job
2015-11-13 18:59 - 2015-08-29 08:08 - 00000916 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4281579821-372289546-3755377909-1000UA1d0e25bd74297c0.job
2015-11-13 18:56 - 2014-10-20 10:38 - 00000886 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA1cfec7bdbcb44d0.job
2015-11-13 18:55 - 2015-08-29 04:44 - 00000886 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA1d0e23f4e0fe28a.job
2015-11-13 18:51 - 2013-11-27 21:10 - 00000916 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4281579821-372289546-3755377909-1000UA1ceebdf2180165.job
2015-11-13 18:49 - 2015-07-15 13:56 - 00000886 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA1d0bf2ffd3603b7.job
2015-11-13 18:43 - 2014-06-17 20:32 - 00000886 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA1cf8a953702baf3.job
2015-11-13 18:20 - 2006-11-02 07:47 - 00003712 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2015-11-13 18:20 - 2006-11-02 07:47 - 00003712 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2015-11-13 16:06 - 2008-11-07 09:11 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
2015-11-13 15:08 - 2014-02-11 18:17 - 00000864 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4281579821-372289546-3755377909-1000Core1cf277f5f8c0e1b.job
2015-11-13 15:01 - 2014-05-07 23:26 - 00000882 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cf6a75ad235dcc.job
2015-11-13 14:14 - 2008-01-20 20:35 - 01494149 _____ C:\Windows\WindowsUpdate.log
2015-11-13 12:40 - 2014-05-15 09:51 - 00000000 _____ C:\Users\jenmike\Downloads\hijackthis.log
2015-11-13 12:21 - 2014-05-15 08:59 - 00000000 ____D C:\ProgramData\Ad-Aware Browsing Protection
2015-11-13 12:20 - 2015-07-15 13:56 - 00000882 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d0bf2ffc616378.job
2015-11-13 12:20 - 2006-11-02 08:01 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-11-13 12:18 - 2006-11-02 08:01 - 00032552 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2015-11-13 11:47 - 2008-12-29 22:45 - 00000000 ____D C:\Program Files\Steam
2015-11-13 11:46 - 2009-08-30 08:46 - 00000000 ____D C:\Windows\Minidump
2015-11-13 10:07 - 2014-07-11 10:35 - 00170200 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-11-13 10:00 - 2008-12-29 22:45 - 00000000 ____D C:\Program Files\Common Files\Steam
2015-11-13 02:59 - 2015-07-15 14:03 - 00000864 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4281579821-372289546-3755377909-1000Core1d0bf30ea96b90d.job
2015-11-12 11:56 - 2015-10-13 12:21 - 00000000 ____D C:\Users\jenmike\Documents\EA Games
2015-11-12 11:51 - 2015-10-13 13:55 - 00000000 ____D C:\Users\jenmike\AppData\Local\EA Games
2015-11-11 20:08 - 2009-05-24 13:20 - 00002052 _____ C:\Users\jenmike\Desktop\Google Chrome.lnk
2015-11-06 11:51 - 2006-11-02 05:33 - 00794204 _____ C:\Windows\system32\PerfStringBackup.INI
2015-11-05 20:39 - 2008-07-21 09:29 - 00000000 ____D C:\Users\jenmike\Jen's Stuff
2015-11-04 09:26 - 2015-02-23 17:14 - 00000000 ____D C:\Users\jenmike\AppData\Local\Steam
2015-11-01 17:57 - 2009-04-29 19:16 - 00000000 ____D C:\Users\jenmike\AppData\Local\Paint.NET
2015-10-24 13:09 - 2013-12-26 10:51 - 00000000 ____D C:\ProgramData\Oracle
2015-10-24 13:03 - 2013-12-26 09:59 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-10-24 13:03 - 2008-07-20 19:18 - 00000000 ____D C:\Program Files\Java
2015-10-24 13:01 - 2008-07-15 11:10 - 00000000 ____D C:\Users\jenmike
2015-10-24 13:00 - 2014-07-11 10:24 - 00097888 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll
2015-10-15 07:53 - 2014-07-11 10:29 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-10-15 07:53 - 2014-07-11 10:29 - 00000000 ____D C:\Program Files\Malwarebytes Anti-Malware
2015-10-15 07:53 - 2013-08-02 10:15 - 00000899 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
 
==================== Files in the root of some directories =======
 
2009-01-04 18:09 - 2012-10-16 18:12 - 0000905 _____ () C:\Program Files\uninstal.log
2009-03-14 08:54 - 2011-08-18 19:57 - 0000004 _____ () C:\Users\jenmike\AppData\Roaming\003ABD
2010-12-20 20:17 - 2010-12-20 20:17 - 0087608 _____ () C:\Users\jenmike\AppData\Roaming\inst.exe
2002-08-07 18:11 - 2002-08-07 18:11 - 0319488 ____R () C:\Users\jenmike\AppData\Roaming\MafiaSetup.exe
2009-03-14 08:54 - 2011-08-18 19:57 - 0870128 _____ () C:\Users\jenmike\AppData\Roaming\mcs.rma
2010-12-20 20:17 - 2010-12-20 20:17 - 0007887 _____ () C:\Users\jenmike\AppData\Roaming\pcouffin.cat
2010-12-20 20:17 - 2010-12-20 20:17 - 0001144 _____ () C:\Users\jenmike\AppData\Roaming\pcouffin.inf
2010-12-20 20:18 - 2010-12-20 20:18 - 0000034 _____ () C:\Users\jenmike\AppData\Roaming\pcouffin.log
2010-12-20 20:17 - 2010-12-20 20:17 - 0047360 _____ (VSO Software) C:\Users\jenmike\AppData\Roaming\pcouffin.sys
2011-12-12 13:39 - 2011-12-12 13:39 - 0022328 _____ () C:\Users\jenmike\AppData\Roaming\PnkBstrK.sys
2008-07-15 11:10 - 2014-07-03 07:21 - 0000680 _____ () C:\Users\jenmike\AppData\Local\d3d9caps.dat
2008-07-16 21:06 - 2014-09-08 17:43 - 0050176 _____ () C:\Users\jenmike\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2010-07-06 13:26 - 2010-07-06 13:26 - 0000095 _____ () C:\Users\jenmike\AppData\Local\fusioncache.dat
2011-07-10 10:17 - 2011-07-12 23:14 - 0000000 _____ () C:\Users\jenmike\AppData\Local\Mjinadew.bin
2011-07-10 10:17 - 2011-07-13 14:33 - 0000120 _____ () C:\Users\jenmike\AppData\Local\Wcupocal.dat
2009-10-11 20:24 - 2010-11-22 18:48 - 0000044 ___SH () C:\ProgramData\.zreglib
2013-10-19 15:47 - 2013-10-20 10:07 - 0006645 _____ () C:\ProgramData\hpzinstall.log
 
==================== Bamital & volsnap =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2015-11-13 12:29
 
==================== End of FRST.txt ============================
 
 
Additional scan result of Farbar Recovery Scan Tool (x86) Version:07-11-2015
Ran by jenmike (2015-11-13 19:13:32)
Running from C:\Users\jenmike\Desktop
Microsoft® Windows Vista™ Home Premium  Service Pack 2 (X86) (2008-07-15 19:00:02)
Boot Mode: Normal
==========================================================
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-4281579821-372289546-3755377909-500 - Administrator - Disabled)
ASPNET (S-1-5-21-4281579821-372289546-3755377909-1002 - Limited - Enabled)
Guest (S-1-5-21-4281579821-372289546-3755377909-501 - Limited - Disabled)
jenmike (S-1-5-21-4281579821-372289546-3755377909-1000 - Administrator - Enabled) => C:\Users\jenmike
UpdatusUser (S-1-5-21-4281579821-372289546-3755377909-1003 - Limited - Enabled) => C:\Users\UpdatusUser
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Ad-Aware Antivirus (Disabled - Out of date) {B0CC18C6-E527-6EE6-874C-9D19920E5619}
AV: Anti-Virus and Anti-Spyware (Enabled - Up to date) {DA9F8ED0-D0DE-39CC-F55A-51AB4CC1B556}
AS: Ad-Aware Antivirus (Disabled - Out of date) {0BADF922-C31D-6168-BDFC-A66BE9891CA4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Anti-Virus and Anti-Spyware (Enabled - Up to date) {61FE6F34-F6E4-3642-CFEA-6AD93746FFEB}
FW: Firewall (Enabled) {E2A40FF5-9AB1-3894-DE05-F89EB212F22D}
FW: Ad-Aware Firewall (Disabled) {88F799E3-AF48-6FBE-AC13-342C6CDD1162}
 
==================== Installed Programs ======================
 
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
µTorrent (HKU\S-1-5-21-4281579821-372289546-3755377909-1000\...\uTorrent) (Version: 3.4.2.31743 - BitTorrent Inc.)
32 Bit HP CIO Components Installer (Version: 1.0.0 - Hewlett-Packard) Hidden
3Deep (HKLM\...\tdp) (Version:  - )
3DMark06 (HKLM\...\{7F3AD00A-1819-4B15-BB7D-08B3586336D7}) (Version: 1.1.0 - Futuremark)
3Planesoft Screensaver Manager 1.1 (HKLM\...\3Planesoft Screensaver Manager_is1) (Version: 1.1 - 3Planesoft)
7 Days to Die (HKLM\...\Steam App 251570) (Version:  - The Fun Pimps)
7-Zip 9.20 (HKLM\...\7-Zip) (Version:  - )
ABBYY FineReader 9.0 Sprint (HKLM\...\ABBYY FineReader 9.0 Sprint) (Version: 9.01.513.58212 - ABBYY)
ABBYY FineReader 9.0 Sprint (Version: 9.01.513.58212 - ABBYY) Hidden
Absent (HKLM\...\Steam App 398450) (Version:  - FNGames)
Acrobat.com (HKLM\...\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.1.377 - Adobe Systems Incorporated)
Acrobat.com (Version: 0.0.0 - Adobe Systems Incorporated) Hidden
[email protected] ISO Burner 3.0 (HKLM\...\{3B756F35-2504-429A-B36C-EA0961B6A2C0}_is1) (Version: 3.0 - LSoft Technologies Inc)
Ad-Aware Antivirus (HKLM\...\{FC9BDF23-3AF3-4F4B-B549-E7D5259736F1}_AdAwareUpdater) (Version: 11.8.586.8535 - Lavasoft)
AdAwareInstaller (Version: 11.8.586.8535 - Lavasoft) Hidden
AdAwareUpdater (Version: 11.8.586.8535 - Lavasoft) Hidden
Adobe AIR (HKLM\...\Adobe AIR) (Version: 2.0.2.12610 - Adobe Systems Inc.)
Adobe Flash Player 11 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 11.4.402.287 - Adobe Systems Incorporated)
Adobe Flash Player 14 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 14.0.0.145 - Adobe Systems Incorporated)
Adobe Reader 9 (HKLM\...\{AC76BA86-7AD7-1033-7B44-A90000000001}) (Version: 9.0.0 - Adobe Systems Incorporated)
Adobe Shockwave Player 11.6 (HKLM\...\Adobe Shockwave Player) (Version: 11.6.8.638 - Adobe Systems, Inc.)
Advanced Wallpaper Changer 2.1 (HKLM\...\Advanced Wallpaper Changer_is1) (Version:  - )
Alex Buturuga - Muti ID3 Tag Editor 1.3b1 (HKLM\...\Muti ID3 Tag Editor) (Version:  - )
Alien Swarm (HKLM\...\Steam App 630) (Version:  - Valve)
Amazon Cloud Player (HKU\S-1-5-21-4281579821-372289546-3755377909-1000\...\Amazon Amazon Cloud Player) (Version: 2.3.0.422 - Amazon Services LLC)
Amazon Games & Software Downloader (HKLM\...\Amazon Games & Software Downloader_is1) (Version: 2.0.0.0 - Amazon)
Angry IP Scanner (HKLM\...\Angry IP Scanner) (Version: 3.2.3 - Angry IP Scanner)
AntimalwareEngine (Version: 3.0.98.0 - Lavasoft) Hidden
Apple Application Support (HKLM\...\{343666E2-A059-48AC-AD67-230BF74E2DB2}) (Version: 2.1.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{8153ED9A-C94A-426E-9880-5E6775C08B62}) (Version: 4.0.0.97 - Apple Inc.)
Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Avery Template (HKLM\...\{A760067A-C07E-1033-0000-A764AC000008}) (Version: 2.0.0.0 - Avery)
Backyard Baseball 2005 (HKLM\...\{6E7F1130-F68A-46A1-96ED-5BFE51A3A605}) (Version: 1.00.000 - )
Bejeweled® 3 (HKLM\...\{E99C27B2-EB2E-4244-9F5C-A96F55100F0C}) (Version: 1.1.13.4753 - Electronic Arts, Inc.)
Big Kahuna Reef (HKLM\...\Big Kahuna Reef_is1) (Version:  - )
Bioshock (HKLM\...\Steam App 7670) (Version:  - 2K Boston)
Blacklight: Tango Down (HKLM\...\Steam App 27330) (Version:  - Zombie Studios)
Bonjour (HKLM\...\{79155F2B-9895-49D7-8612-D92580E0DE5B}) (Version: 3.0.0.10 - Apple Inc.)
Buildalot (HKLM\...\Buildalot_is1) (Version:  - )
Burger Shop (HKLM\...\Burger Shop_is1) (Version:  - )
Call of Juarez - Bound in Blood (HKLM\...\InstallShield_{FEFAF112-4DA8-479C-89E2-7DE25091711A}) (Version: 1.00.0000 - Ubisoft)
Call of Juarez - Bound in Blood (Version: 1.00.0000 - Ubisoft) Hidden
Canon MP500 (HKLM\...\{BA4DF4C3-196E-4128-969A-00996B5A46F8}) (Version:  - )
CCleaner (HKLM\...\CCleaner) (Version: 5.10 - Piriform)
CLSetup for Tiger Woods PGA Tour 2004 (HKLM\...\CLSetup2k4) (Version:  - )
Codename CURE (HKLM\...\Steam App 355180) (Version:  - Hoobalugalar_X)
Compatibility Pack for the 2007 Office system (HKLM\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Counter-Strike: Source (HKLM\...\Steam App 240) (Version:  - Valve)
Cpt. Binary (HKLM\...\Cpt. Binary_is1) (Version:  - PJIIT)
Creative ALchemy (HKLM\...\ALchemy) (Version: 1.43 - Creative Technology Limited)
Creative Audio Console (HKLM\...\AudioConSole) (Version:  - )
Creative Audio Console (HKLM\...\AudioCS) (Version: 1.33 - Creative Technology Limited)
Creative Software AutoUpdate (HKLM\...\Creative Software AutoUpdate) (Version: 1.40 - Creative Technology Limited)
Curse - The Eye Of Isis (HKLM\...\{31677DE9-B813-4A4B-B234-04C2AA746C6D}) (Version: 0.30.000 - )
Dart 'm Up (HKLM\...\Dart 'm Up) (Version:  - )
Dead Space 2 (HKLM\...\Steam App 47780) (Version:  - Visceral Games)
Deus Ex: Game of the Year Edition (HKLM\...\Steam App 6910) (Version:  - Ion Storm)
Dino D-Day (HKLM\...\Steam App 70000) (Version:  - 800 North and Digital Ranch)
DiRT2 (HKLM\...\{52D1D62C-FEAB-4580-849E-1DB624BADBBD}) (Version: 1.00.0000 - Codemasters)
DiRT2 (Version: 1.0.0002.133 - Codemasters) Hidden
DNA (HKU\S-1-5-21-4281579821-372289546-3755377909-1000\...\BitTorrent DNA) (Version: 2.2.3 (15908) - BitTorrent Inc.)
Download Navigator (HKLM\...\{3A3A3B34-6EA2-4031-8580-D66D29533E89}) (Version: 3.4.0 - SEIKO EPSON CORPORATION)
Doxillion Document Converter (HKLM\...\Doxillion) (Version:  - NCH Software)
Dragon NaturallySpeaking 12 (HKLM\...\{D5D422B9-6976-4E98-8DDF-9632CB515D7E}) (Version: 12.50.000 - Nuance Communications Inc.)
Dragon's Lair 3D (HKLM\...\Dragon's Lair 3D) (Version:  - )
DualCoreCenter (HKLM\...\DualCoreCenter_is1) (Version:  - MSI, Inc.)
Dungeons & Dragons Online ®:  Eberron Unlimited ™ v01.12.00.803 (HKLM\...\15b35190-c6f9-11d9-9669-0800200c9a66_is1) (Version: 01.12.00.8032 - Atari, Inc.)
DVDFab Platinum 4.1.2.0 Final by Team RES (HKLM\...\DVDFab Platinum_is1) (Version:  - )
EA SPORTS online 2007 (HKLM\...\82A44D22-9452-49FB-00FB-CEC7DCAF7E23) (Version:  - )
EAX Unified (HKLM\...\EAX Unified) (Version:  - )
E-Color Indicator (HKLM\...\True Internet Color) (Version:  - )
EPSON Connect version 1.0 (HKLM\...\EPSON Connect_is1) (Version: 1.0 - Epson America Inc.)
Epson Customer Participation (HKLM\...\{814FA673-A085-403C-9545-747FC1495069}) (Version: 1.4.0.0 - SEIKO EPSON CORPORATION)
Epson Event Manager (HKLM\...\{44F72193-F59C-4303-BAE8-E3E4BC1C122C}) (Version: 3.01.0003 - Seiko Epson Corporation)
Epson FAX Utility (HKLM\...\{0CBE6C93-CB2E-4378-91EE-12BE6D4E2E4A}) (Version: 1.30.00 - SEIKO EPSON CORPORATION)
Epson PC-FAX Driver (HKLM\...\EPSON PC-FAX Driver 2) (Version:  - )
EPSON Scan (HKLM\...\EPSON Scanner) (Version:  - Seiko Epson Corporation)
EPSON WF-3520 Series Printer Uninstall (HKLM\...\EPSON WF-3520 Series) (Version:  - SEIKO EPSON Corporation)
EpsonNet Print (HKLM\...\{3E31400D-274E-4647-916C-2CACC3741799}) (Version: 2.5.00 - SEIKO EPSON CORPORATION)
Express Burn (HKLM\...\ExpressBurn) (Version: 4.68 - NCH Software)
Express Zip (HKLM\...\ExpressZip) (Version: 2.28 - NCH Software)
F.E.A.R. 2: Project Origin (HKLM\...\Steam App 16450) (Version:  - Monolith Productions, Inc.)
Fallout: New Vegas (HKLM\...\Steam App 22380) (Version:  - Obsidian Entertainment)
Far Cry (HKLM\...\InstallShield_{D6DBDC2A-E72C-4284-B6AD-6B3B61B4DABC}) (Version: 1.00.0000 - Ubisoft)
Far Cry (Version: 1.00.0000 - Ubisoft) Hidden
FastStone Image Viewer 5.3 (HKLM\...\FastStone Image Viewer) (Version: 5.3 - FastStone Soft)
FEAR (HKLM\...\{2B653229-9854-4989-B780-D978F5F13EAB}) (Version: 1.00.0000 - Vivendi Universal Games, Inc.)
FEAR Perseus Mandate (HKLM\...\{8D0BB1D1-E9FB-49E9-A9C1-09C00F38DA0C}) (Version: 1.00.0000 - Sierra Entertainment, Inc.)
Fistful of Frags (HKLM\...\Steam App 265630) (Version:  - Fistful of Frags Team)
Free M4a to MP3 Converter 6.1 (HKLM\...\Free M4a to MP3 Converter_is1) (Version:  - ManiacTools.com)
Free RAR Extract Frog 1.00 (HKLM\...\Free RAR Extract Frog 1.00) (Version: 1.00 - Philipp Winterberg)
Free Realms Installer (HKLM\...\Free Realms Installer) (Version: 1.0.3.67 - Sony Online Entertainment)
Game Jackal v3.0.0.7 (32 bit) (HKLM\...\Game Jackal_is1) (Version:  - SlySoft Inc.)
Garry's Mod (HKLM\...\Steam App 4000) (Version:  - Garry)
GEAR driver installer 4.019 (HKLM\...\{7EEB72E4-2150-49F8-BC51-B63AF7B9E2F2}) (Version: 4.019.1 - GEAR Software)
Goat Simulator (HKLM\...\Steam App 265930) (Version:  - Coffee Stain Studios)
GoodMEM (HKLM\...\GoodMEM) (Version:  - )
Google Chrome (HKU\S-1-5-21-4281579821-372289546-3755377909-1000\...\Google Chrome) (Version: 46.0.2490.86 - Google Inc.)
Google Earth (HKLM\...\{817750FA-EC6A-485D-9901-0683AE6FFDF1}) (Version: 7.1.5.1557 - Google)
Google Toolbar for Internet Explorer (HKLM\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.6904.2028 - Google Inc.)
Google Toolbar for Internet Explorer (Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.28.15 - Google Inc.) Hidden
Google Updater (HKLM\...\Google Updater) (Version: 2.4.1536.6592 - Google Inc.)
Grand Theft Auto 2 (HKLM\...\Steam App 12180) (Version:  - Rockstar North)
Grand Theft Auto III (HKLM\...\Steam App 12100) (Version:  - Rockstar Games)
Grand Theft Auto IV (HKLM\...\Steam App 12210) (Version:  - Rockstar North)
Grand Theft Auto: San Andreas (HKLM\...\Steam App 12120) (Version:  - Rockstar)
Grand Theft Auto: Vice City (HKLM\...\Steam App 12110) (Version:  - Rockstar Games)
Half-Life 2 (HKLM\...\Steam App 220) (Version:  - Valve)
Half-Life 2: Episode One (HKLM\...\Steam App 380) (Version:  - Valve)
Half-Life 2: Episode Two (HKLM\...\Steam App 420) (Version:  - Valve)
Half-Life 2: Lost Coast (HKLM\...\Steam App 340) (Version:  - Valve)
Hidden & Dangerous 2  (HKLM\...\InstallShield_{83437081-8186-4F63-BD39-4BE8A691E055}) (Version: 1.00.0002 - Illusion Softworks)
Hidden & Dangerous 2  (Version: 1.00.0002 - Illusion Softworks) Hidden
IKEA Home Planner (HKLM\...\{B3276CB1-20B6-4AF9-AAEC-E72C83816495}) (Version: 2.0.3 - IKEA IT)
ImgBurn (HKLM\...\ImgBurn) (Version: 2.5.8.0 - LIGHTNING UK!)
Insurgency (HKLM\...\Steam App 222880) (Version:  - New World Interactive)
iTunes (HKLM\...\{B7DBF6E8-0D17-4BE4-853B-ACD6EFBD4A1F}) (Version: 10.5.2.11 - Apple Inc.)
iTunes Export (HKLM\...\iTunesExport.9816BF1711E8C5ABC4CED8E503841951211D8E5D.1) (Version: 2.2.2 - UNKNOWN)
iTunes Export (Version: 2.2.2 - UNKNOWN) Hidden
Java 8 Update 65 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83218065F0}) (Version: 8.0.650.17 - Oracle Corporation)
Jewel Quest 2 (HKLM\...\Jewel Quest 2_is1) (Version:  - )
Kleptocracy! (HKLM\...\Kleptocracy!_is1) (Version:  - DigiPen Institute of Technology)
LAME v3.99.3 (for Windows) (HKLM\...\LAME_is1) (Version:  - )
LeapFrog Connect (HKLM\...\UPCShell) (Version: 4.2.14.16426 - LeapFrog)
LeapFrog Connect (Version: 4.2.14.16426 - LeapFrog) Hidden
LeapFrog Tag Plugin (Version: 4.2.9.15649 - LeapFrog) Hidden
LG USB Modem driver (HKLM\...\{C3ABE126-2BB2-4246-BFE1-6797679B3579}) (Version:  - )
LimeWire 5.5.9 (HKLM\...\LimeWire) (Version: 5.5.9 - Lime Wire, LLC)
Loadout (HKLM\...\Steam App 208090) (Version:  - Edge of Reality)
Madden NFL 07 (HKLM\...\{C85E633E-864A-4AFE-0095-844838BFCC7E}) (Version:  - )
Mafia Game (HKLM\...\Mafia Game) (Version:  - )
Malwarebytes Anti-Malware version 2.2.0.1024 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
Mass Effect (HKLM\...\{1B0FBB9A-995D-47cd-87CD-13E68B676E4F}) (Version: 1.00 - Electronic Arts, Inc.)
Mass Effect 2 (HKLM\...\{75D84EF7-0D8C-4e70-B3FA-7B42A5D4E0EB}) (Version: 1.01 - Electronic Arts, Inc.)
Mass Effect™ 3 (HKLM\...\{534A31BD-20F4-46b0-85CE-09778379663C}) (Version: 1.05.0.0 - Electronic Arts)
Max Payne (HKLM\...\{39930321-4C58-4B8B-BCBF-342698C9801D}) (Version:  - )
Max Payne 2: The Fall of Max Payne (HKLM\...\Steam App 12150) (Version:  - Remedy Entertainment)
McAfee SiteAdvisor (HKLM\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 3.7.283 - McAfee, Inc.)
Medal of Honor Allied Assault Warchest (HKLM\...\{D61BA037-2326-4CEF-B3AC-252046D0476A}) (Version: 1.11.0.2 - Electronic Arts)
Media Go (HKLM\...\{1CBCA994-0290-49AD-98D3-9013A0F102E6}) (Version: 2.9.406 - Sony)
Media Go Network Downloader (HKLM\...\{C52148B9-19E0-433A-9422-3451B1BEE20F}) (Version: 1.6.01.0 - Sony)
Media Go Video Playback Engine 2.16.101.12020 (HKLM\...\{B4CF5698-38A5-494E-0EC3-799D00C42E17}) (Version: 2.16.101.12020 - Sony)
MediaRing Dialer (HKLM\...\MediaRing Dialer) (Version:  - )
Metro 2033 (HKLM\...\Steam App 43110) (Version:  - 4A Games)
Microsoft .NET Framework 1.1 (HKLM\...\Microsoft .NET Framework 1.1  (1033)) (Version:  - )
Microsoft .NET Framework 1.1 Security Update (KB2833941) (HKLM\...\M2833941) (Version:  - )
Microsoft .NET Framework 1.1 Security Update (KB979906) (HKLM\...\M979906) (Version:  - )
Microsoft .NET Framework 3.0 Service Pack 2 (HKLM\...\{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}) (Version: 3.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM\...\{42AA4CA8-DCD8-4308-BCAB-0B6D75856A9D}) (Version: 3.5.95.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)
Microsoft IntelliPoint 8.2 (HKLM\...\Microsoft IntelliPoint 8.2) (Version: 8.20.468.0 - Microsoft Corporation)
Microsoft IntelliType Pro 7.1 (HKLM\...\{11E94FDB-C895-45F1-B756-1C9B8C36C8F1}) (Version: 7.10.344.0 - Microsoft)
Microsoft Office 2000 Disc 2 (HKLM\...\{00040409-78E1-11D2-B60F-006097C998E7}) (Version: 9.00.2720 - Microsoft Corporation)
Microsoft Office 2000 Professional (HKLM\...\{00010409-78E1-11D2-B60F-006097C998E7}) (Version: 9.00.2720 - Microsoft Corporation)
Microsoft Office Home and Student 2010 (HKLM\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Word Viewer 2003 (HKLM\...\{90850409-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft PowerPoint Viewer (HKLM\...\{95140000-00AF-0409-0000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x86) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x86)) (Version: 10.0.50903 - Microsoft Corporation)
MOV Download Tool 1.2.0 (HKLM\...\movdltool_is1) (Version: 1.2.0 - )
Move Networks Media Player for Internet Explorer (HKU\S-1-5-21-4281579821-372289546-3755377909-1000\...\Move Networks Player - IE) (Version:  - )
Mp3tag v2.46a (HKLM\...\Mp3tag) (Version: v2.46a - Florian Heidenreich)
MSI Live (HKLM\...\MSI Live) (Version:  - )
MSI Live Update 3 (HKLM\...\MSI Live Update 3) (Version:  - )
MSXML 4.0 SP2 (KB936181) (HKLM\...\{C04E32E0-0416-434D-AFB9-6969D703A9EF}) (Version: 4.20.9848.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB941833) (HKLM\...\{C523D256-313D-4866-B36A-F3DE528246EF}) (Version: 4.20.9849.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Need For Speed™ World (HKLM\...\{7B2CC3DF-64FA-44AE-8F57-B0F915147E4F}_is1) (Version: 1.0.0.655 - Electronic Arts)
NetZero For Riverdeep (HKLM\...\{86C1A488-24AD-42F0-BCEF-FDB11FC2BEFA}) (Version: 1.0.0 - NetZero, Inc.)
No More Room in [bleep] (HKLM\...\Steam App 224260) (Version:  - No More Room in [bleep] Team)
NVIDIA 3D Vision Controller Driver 331.82 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 331.82 - NVIDIA Corporation)
NVIDIA GeForce Experience 1.7.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 1.7.1 - NVIDIA Corporation)
NVIDIA Graphics Driver 331.82 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 331.82 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.13.0725 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.0725 - NVIDIA Corporation)
OpenAL (HKLM\...\OpenAL) (Version:  - )
Origin (HKLM\...\Origin) (Version: 9.4.22.2815 - Electronic Arts, Inc.)
Paint.NET v3.5.6 (HKLM\...\{639673E9-D53F-44F4-A046-485C8A6ADA15}) (Version: 3.56.0 - dotPDN LLC)
Pando Media Booster (HKLM\...\{980A182F-E0A2-4A40-94C1-AE0C1235902E}) (Version: 2.3.6.0 - Pando Networks Inc.)
Path of Exile (HKLM\...\Steam App 238960) (Version:  - Grinding Gear Games)
PCMark05 (HKLM\...\{5C104E56-A441-429D-A609-D8A46EB92EA1}) (Version: 1.2.0 - Futuremark)
Pdf995 (HKLM\...\Pdf995) (Version:  - )
Photo Viewer s2.5 (HKLM\...\Photo Viewer_is1) (Version:  - )
Pinball Arcade (HKLM\...\Steam App 238260) (Version:  - FarSight Studios)
PlanetSide 2 (HKLM\...\Steam App 218230) (Version:  - Sony Online Entertainment)
PlanetSide 2 (HKU\S-1-5-21-4281579821-372289546-3755377909-1000\...\SOE-PlanetSide 2) (Version:  - Sony Online Entertainment)
Pokemon PC (HKLM\...\Pokemon PC) (Version:  - )
Polymorf3D v1.2 (HKLM\...\Polymorf3D_is1) (Version:  - Adam Dawes)
Pool 'm Up (HKLM\...\Pool 'm Up) (Version:  - )
Portal (HKLM\...\Steam App 400) (Version:  - Valve)
Portal 2 (HKLM\...\Steam App 620) (Version:  - Valve)
PowerISO (HKLM\...\PowerISO) (Version: 5.9 - Power Software Ltd)
PowerTeacher Gradebook (HKU\S-1-5-21-4281579821-372289546-3755377909-1000\...\PowerTeacher Gradebook) (Version:  - Pearson School Systems)
Primal Carnage (HKLM\...\Steam App 215470) (Version:  - Lukewarm Media)
Print Perfect Greeting Cards Deluxe (HKLM\...\{1A8727D8-90A5-4D4B-981F-7323875E8DD4}) (Version: 9.0.1 - Cosmi Corporation)
Prism Video File Converter (HKLM\...\Prism) (Version:  - NCH Software)
Project Torque (HKLM\...\Project Torque) (Version:  - )
PunkBuster Services (HKLM\...\PunkBusterSvc) (Version: 0.986 - Even Balance, Inc.)
QuickTime (HKLM\...\{57752979-A1C9-4C02-856B-FBB27AC4E02C}) (Version: 7.69.80.9 - Apple Inc.)
RACE 07 (HKLM\...\Steam App 8600) (Version:  - SimBin)
Railroad Tycoon 3 (HKLM\...\Steam App 7610) (Version:  - PopTop)
Rapture3D 2.3.22 Game (HKLM\...\{D2FCA41E-AC01-4DCD-B3A7-DC9E32363065}}_is1) (Version:  - Blue Ripple Sound)
Revo Uninstaller 1.95 (HKLM\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Roll (HKLM\...\RollerCoaster Tycoon Setup) (Version:  - )
RPS CRT (Version: 7.0.25 - Verizon) Hidden
RPS CRT (Version: 8.0.27 - Verizon) Hidden
RunAlyzer (HKLM\...\{A5181519-9F3D-4372-ABC6-C333C2F3A816}_is1) (Version: 1.6.1.24 - Safer Networking Limited)
Rush For Berlin (HKLM\...\{722A4F83-07C6-4D5A-B553-265BF6508EC4}) (Version: 1.00 - Deep Silver)
S.T.A.L.K.E.R. - Call of Pripyat [v1.6.02] (HKLM\...\{406FB8A4-F539-48A9-809C-F94706F9C9F6}_is1) (Version: 1.6.02 - bitComposer Games)
S.T.A.L.K.E.R. - Shadow of Chernobyl (HKLM\...\GFWL_{54510872-5B9E-448B-B897-C81000000100}) (Version: 1.0.0000.1 - THQ)
S.T.A.L.K.E.R. - Shadow of Chernobyl (Version: 1.0.0000.1 - THQ) Hidden
Sam & Max Beyond Time and Space (HKLM\...\Sam and Max Beyond Time and Space) (Version: 1.5.0.0 - Telltale Games)
Sam and Max - 101, 102, and 103 (HKLM\...\Sam and Max - Season One) (Version: 1.0 - The Adventure Company)
Sam and Max - Season One - Episode 104 - Abe Lincoln Must Die! (HKLM\...\Episode 104 - Abe Lincoln Must Die!) (Version: 1.1.0.0-free - Telltale Games)
Sauerbraten (HKLM\...\Sauerbraten) (Version:  - )
ScreenSaver Druid (HKLM\...\ScreenSaver Druid) (Version:  - )
Section 8 (HKLM\...\InstallShield_{E7D59759-9859-4D74-888A-5CC3D888FB6C}) (Version: 1.00.0000 - TimeGate Studios)
Section 8 (Version: 1.00.0000 - TimeGate Studios) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
Shared C Run-time for x86 (Version: 10.0.0 - McAfee) Hidden
Sid Meier's Railroad Tycoon (HKLM\...\Sid Meier's Railroad Tycoon) (Version: 1.0 - 2K Games)
Sid Meier's Railroads! (HKLM\...\Steam App 7600) (Version:  - Firaxis Games)
Sniper Elite V2 (HKLM\...\Steam App 63380) (Version:  - Rebellion)
Space Engineers (HKLM\...\Steam App 244850) (Version:  - Keen Software House)
SPACE WARS 3D SCREENSAVER v1.2 Trial Version (HKLM\...\SpaceWars3D) (Version:  - )
SpongeBob SquarePants - The Movie (HKLM\...\{B98D958E-9E59-43B7-B47F-043D45D73EE6}) (Version: 1.0 - )
Spybot - Search & Destroy (HKLM\...\{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1) (Version: 1.6.0 - Safer Networking Limited)
Star Wars - Jedi Knight: Mysteries of the Sith (HKLM\...\Steam App 32390) (Version:  - LucasArts)
Star Wars Battlefront (HKLM\...\{C79CB9C7-10A4-4814-8402-F574672C2192}) (Version: 1.0 - LucasArts)
Star Wars Jedi Knight: Dark Forces II (HKLM\...\Steam App 32380) (Version:  - LucasArts)
Star Wars: Knights of the Old Republic II (HKLM\...\Steam App 208580) (Version:  - Obsidian Entertainment)
Star Wars: The Old Republic (HKLM\...\{3B11D799-48E0-48ED-BFD7-EA655676D8BB}) (Version: 1.00 - Electronic Arts, Inc.)
Steam (HKLM\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve)
Stranded Deep (HKLM\...\Steam App 313120) (Version:  - Beam Team Games)
SUPER © v2011.build.49 (July 1st, 2011) version v2011.build.49 (HKLM\...\{B93DCF58-AA57-41EC-8D69-B05C66C6312D}_is1) (Version: v2011.build.49 - eRightSoft)
Super Mario: Blue Twilight DX (v1.04.1) (HKLM\...\Super Mario: Blue Twilight DX (v1.04.1)) (Version:  - )
Surgeon Simulator (HKLM\...\Steam App 233720) (Version:  - Bossa Studios)
swMSM (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Syberia 1 (HKLM\...\Syberia 1_is1) (Version:  - Anuman Interactive)
System Requirements Lab CYRI (HKLM\...\{F3FCB08B-E752-444D-86A0-0634A4F3B23D}) (Version: 6.0.8.0 - Husdawg, LLC)
Tag&Rename 3.6.1 (HKLM\...\Tag&Rename_is1) (Version: 3.6.1 - Softpointer Inc)
Tales of Monkey Island: Chapter 1 - Launch of the Screaming Narwhal (HKLM\...\Steam App 31170) (Version:  - Telltale Games)
Tales of Monkey Island: Chapter 2 - The Siege of Spinner Cay  (HKLM\...\Steam App 31180) (Version:  - Telltale Games)
Tales of Monkey Island: Chapter 3 - Lair of the Leviathan  (HKLM\...\Steam App 31190) (Version:  - Telltale Games)
Tales of Monkey Island: Chapter 4 - The Trial and Execution of Guybrush Threepwood  (HKLM\...\Steam App 31200) (Version:  - Telltale Games)
Tales of Monkey Island: Chapter 5 - Rise of the Pirate God (HKLM\...\Steam App 31210) (Version:  - Telltale Games)
Team Fortress 2 (HKLM\...\Steam App 440) (Version:  - Valve)
The Darkness II (HKLM\...\Steam App 67370) (Version:  - Digital Extremes)
The Elder Scrolls IV: Oblivion  (HKLM\...\Steam App 22330) (Version:  - Bethesda Game Studios)
The Elder Scrolls V: Skyrim (HKLM\...\Steam App 72850) (Version:  - Bethesda Game Studios)
The Godfather™ II (HKLM\...\{A1416622-0DDE-45B5-B06C-DFC3ED94C53B}) (Version: 1.0.766.0 - Electronic Arts)
The Long Dark (HKLM\...\Steam App 305620) (Version:  - Hinterland Studio Inc.)
The Lord of the Rings Online™ (HKLM\...\Steam App 212500) (Version:  - Turbine, Inc.)
The One Ring 3D Screensaver 1.0 (HKLM\...\The One Ring 3D Screensaver_is1) (Version: 1.0 - 3Planesoft)
The Scruffs (HKLM\...\The Scruffs_is1) (Version:  - )
The Ship (HKLM\...\Steam App 2400) (Version:  - Outerlight Ltd.)
The Ship Single Player (HKLM\...\Steam App 2420) (Version:  - Outerlight Ltd.)
The Ship Tutorial (HKLM\...\Steam App 2430) (Version:  - Outerlight)
The Silver Lining (HKLM\...\{26ED4308-E0A5-4AE2-A1BC-7A55BC7DD32F}) (Version: 4.0.0 - Phoenix Online)
The Stanley Parable (HKLM\...\Steam App 221910) (Version:  - Galactic Cafe)
The Stanley Parable Demo (HKLM\...\Steam App 247750) (Version:  - Galactic Cafe)
The Witcher (HKLM\...\{F138762F-5A1F-4CF0-A5E1-1588EF6088A4}) (Version: 1.00.0000 - CD Projekt Red)
This War of Mine (HKLM\...\Steam App 282070) (Version:  - 11 bit studios)
Tiger Woods PGA TOUR 2004 (HKLM\...\{7E91306C-899F-45F3-B5E9-4B480A27A63D}) (Version:  - )
TmNationsForever Update 2010-03-15 (HKLM\...\TmNationsForever_is1) (Version:  - Nadeo)
Tom Clancy's Ghost Recon Phantoms - NA (HKLM\...\Steam App 243870) (Version:  - Ubisoft Singapore)
Tom Clancy's Rainbow Six 3: Raven Shield (HKLM\...\{AF131494-F5D8-45C5-938C-D5F020CF1B0D}) (Version: 1.00.000 - )
Tom Clancy's Rainbow Six Vegas 2 (HKLM\...\{FD416706-875C-4B0B-A23A-9E740DAE029E}) (Version: 1.00 - Ubisoft)
Tom Clancy's Splinter Cell (HKLM\...\{A174402A-2EE6-4B86-A930-7BC85A9933BD}) (Version: 1.00.000 - )
Tom Clancy's Splinter Cell Chaos Theory (HKLM\...\{888DD888-82BE-4D85-BCB2-2E042CD3E844}) (Version: 1.05.157 - Ubisoft)
Torchlight (HKLM\...\Torchlight_is1) (Version:  - GOG.com)
Treasure Cove! CD (HKLM\...\TCVWIN32.exe) (Version:  - )
Two Worlds (HKLM\...\{D166F9A2-C6E5-4BB1-AD66-CD0F9953089F}) (Version: 1.50.0000 - Reality Pump)
U.B. Funkeys (HKLM\...\U.B. Funkeys) (Version:  - )
Unity Web Player (HKLM\...\UnityWebPlayer) (Version: 2.5.0f5_21627 - Unity Technologies ApS)
Urban Terror 4.1 (HKLM\...\Urban Terror_is1) (Version:  - Frozen Sand LLC)
Use the entry named LeapFrog Connect to uninstall (LeapFrog Tag Plugin) (HKLM\...\TagPlugin) (Version: 4.2.9.15649 - LeapFrog)
V CAST Music with Rhapsody (HKLM\...\V CAST Music with Rhapsody) (Version:  - )
Verizon Internet Security Suite (HKLM\...\MSC) (Version: 14.0.339 - McAfee, Inc.)
Verizon Media Manager (HKLM\...\{C74C97D8-8962-411C-B223-F60E6336C405}) (Version: 9.2.4 - Verizon Communications Inc )
Verizon Servicepoint 3.7.44 (HKLM\...\RadialpointClientGateway_is1) (Version: 3.7.44 - Verizon)
VideoPad Video Editor (HKLM\...\VideoPad) (Version:  - NCH Software)
VLC media player 1.1.8 (HKLM\...\VLC media player) (Version: 1.1.8 - VideoLAN)
Windows Driver Package - LeapFrog (FlyUsb) USB  (11/05/2008 1.1.1.0) (HKLM\...\781745E87AFF80C0C1388CFF79D19ECAB2E9BB47) (Version: 11/05/2008 1.1.1.0 - LeapFrog)
Windows Driver Package - Leapfrog (Leapfrog-USBLAN) Net  (09/10/2009 02.03.05.012) (HKLM\...\8F14F2ECEDE68D26EA515B48DC25B39103C4FE8D) (Version: 09/10/2009 02.03.05.012 - Leapfrog)
Windows Live ID Sign-in Assistant (HKLM\...\{0840B4D6-7DD1-4187-8523-E6FC0007EFB7}) (Version: 6.500.3165.0 - Microsoft Corporation)
WMIinfo (HKLM\...\WMIinfo) (Version:  - )
Wolfenstein 3D (HKLM\...\Steam App 2270) (Version:  - id Software)
Wolfenstein 3D: Spear of Destiny (HKLM\...\Steam App 9000) (Version:  - id Software)
www.UselessCreations.com - Doctor Who 3D Screensaver v1.5 (HKLM\...\DoctorWho3D) (Version:  - )
XIII (HKLM\...\{42BC0474-6E50-464A-8183-5E3D32E41B1B}) (Version: 1.00.000 - Ubisoft)
Yahoo! Detect (HKLM\...\YTdetect) (Version:  - )
 
==================== Custom CLSID (Whitelisted): ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
CustomCLSID: HKU\S-1-5-21-4281579821-372289546-3755377909-1000_Classes\CLSID\{022105BD-948A-40C9-AB42-A3300DDF097F}\localserver32 -> C:\Users\jenmike\AppData\Local\Google\Update\GoogleUpdate.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-4281579821-372289546-3755377909-1000_Classes\CLSID\{035FBE31-3755-450A-A775-5E6BBD43D344}\InprocServer32 -> C:\Users\jenmike\AppData\Local\Google\Update\1.3.21.135\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-4281579821-372289546-3755377909-1000_Classes\CLSID\{095A2EEC-F7FE-42E8-96FB-C20E53081908}\InprocServer32 -> C:\Users\jenmike\AppData\Local\Google\Update\1.3.21.99\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-4281579821-372289546-3755377909-1000_Classes\CLSID\{0E55CBE1-B06A-49B6-AD8D-9EFAA0160C6F}\InprocServer32 -> C:\Users\jenmike\AppData\Local\Google\Update\1.3.21.57\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-4281579821-372289546-3755377909-1000_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}\InprocServer32 -> C:\Users\jenmike\AppData\Local\Google\Update\1.3.25.5\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-4281579821-372289546-3755377909-1000_Classes\CLSID\{1423F872-3F7F-4E57-B621-8B1A9D49B448}\InprocServer32 -> C:\Users\jenmike\AppData\Local\Google\Update\1.3.27.5\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-4281579821-372289546-3755377909-1000_Classes\CLSID\{218D2740-5A50-42A8-AB9F-62FF1B168782}\InprocServer32 -> C:\Users\jenmike\AppData\Local\Google\Update\1.3.21.69\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-4281579821-372289546-3755377909-1000_Classes\CLSID\{22181302-A8A6-4F84-A541-E5CBFC70CC43}\localserver32 -> C:\Users\jenmike\AppData\Local\Google\Update\1.3.28.15\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-4281579821-372289546-3755377909-1000_Classes\CLSID\{29A96789-9595-4947-BEDB-0FCC776F7DB8}\InprocServer32 -> C:\Users\jenmike\AppData\Local\Google\Update\1.2.183.39\goopdate.dll => No File
CustomCLSID: HKU\S-1-5-21-4281579821-372289546-3755377909-1000_Classes\CLSID\{2F0E2680-9FF5-43C0-B76E-114A56E93598}\localserver32 -> C:\Users\jenmike\AppData\Local\Google\Update\1.3.28.15\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-4281579821-372289546-3755377909-1000_Classes\CLSID\{31261F21-2B16-45EE-BEAB-07C4CFA18B65}\InprocServer32 -> C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
CustomCLSID: HKU\S-1-5-21-4281579821-372289546-3755377909-1000_Classes\CLSID\{320F0FDB-BE0A-4648-9D18-4A2C3448C007}\InprocServer32 -> C:\Users\jenmike\AppData\Local\Google\Update\1.3.21.79\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-4281579821-372289546-3755377909-1000_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users\jenmike\AppData\Local\Google\Update\1.3.23.9\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-4281579821-372289546-3755377909-1000_Classes\CLSID\{51F9E8EF-59D7-475B-A106-C7EA6F30C119}\localserver32 -> C:\Users\jenmike\AppData\Local\Google\Update\1.3.28.15\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-4281579821-372289546-3755377909-1000_Classes\CLSID\{5C65F4B0-3651-4514-B207-D10CB699B14B}\localserver32 -> C:\Users\jenmike\AppData\Local\Google\Chrome\Application\46.0.2490.86\delegate_execute.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-4281579821-372289546-3755377909-1000_Classes\CLSID\{5C8C2A98-6133-4EBA-BBCC-34D9EA01FC2E}\InprocServer32 -> C:\Users\jenmike\AppData\Local\Google\Update\1.3.28.1\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-4281579821-372289546-3755377909-1000_Classes\CLSID\{62A0D750-DED9-448C-B693-406B34BB0892}\InprocServer32 -> C:\Users\jenmike\AppData\Local\Google\Update\1.3.21.145\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-4281579821-372289546-3755377909-1000_Classes\CLSID\{634059C0-D264-4B2C-AE80-F73E48D33E5B}\InprocServer32 -> C:\Users\jenmike\AppData\Local\Google\Update\1.3.21.123\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-4281579821-372289546-3755377909-1000_Classes\CLSID\{6D7374DE-63AA-473C-8C02-60D9CDCD84C5}\InprocServer32 -> C:\Users\jenmike\AppData\Local\Google\Update\1.3.21.153\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-4281579821-372289546-3755377909-1000_Classes\CLSID\{6DA5E5A5-51C8-11D2-A5F5-0080C796E09E}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-4281579821-372289546-3755377909-1000_Classes\CLSID\{78550997-5DEF-4A8A-BAF9-D5774E87AC98}\InprocServer32 -> C:\Users\jenmike\AppData\Local\Google\Update\1.3.28.13\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-4281579821-372289546-3755377909-1000_Classes\CLSID\{8AD37F04-510E-11D2-A5F1-0080C796E09E}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-4281579821-372289546-3755377909-1000_Classes\CLSID\{8AD37F06-510E-11D2-A5F1-0080C796E09E}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-4281579821-372289546-3755377909-1000_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\jenmike\AppData\Local\Google\Update\1.3.24.15\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-4281579821-372289546-3755377909-1000_Classes\CLSID\{91EFB276-CEFE-48EC-BB3A-57795A7B4008}\InprocServer32 -> C:\Users\jenmike\AppData\Local\Google\Update\1.3.21.149\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-4281579821-372289546-3755377909-1000_Classes\CLSID\{a3c6dafc-e193-42fc-adca-5316b5d6d653}\InprocServer32 -> C:\Users\jenmike\Program Files\DNA\plugins\npbtdna.dll (BitTorrent, Inc.)
CustomCLSID: HKU\S-1-5-21-4281579821-372289546-3755377909-1000_Classes\CLSID\{A45426FB-E444-42B2-AA56-419F8FBEEC61}\InprocServer32 -> C:\Users\jenmike\AppData\Local\Google\Update\1.3.22.3\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-4281579821-372289546-3755377909-1000_Classes\CLSID\{A54D478D-4F70-4F72-9A74-17C9986E35AB}\InprocServer32 -> C:\Users\jenmike\AppData\Local\Google\Update\1.3.21.165\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-4281579821-372289546-3755377909-1000_Classes\CLSID\{BDD1F04B-858B-11D1-B16A-00C0F0283628}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-4281579821-372289546-3755377909-1000_Classes\CLSID\{C3101A8B-0EE1-4612-BFE9-41FFC1A3C19D}\InprocServer32 -> C:\Users\jenmike\AppData\Local\Google\Update\1.3.28.15\npGoogleUpdate3.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-4281579821-372289546-3755377909-1000_Classes\CLSID\{C3BC25C0-FCD3-4F01-AFDD-41373F017C9A}\InprocServer32 -> C:\Users\jenmike\AppData\Local\Google\Update\1.3.26.9\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-4281579821-372289546-3755377909-1000_Classes\CLSID\{C442AC41-9200-4770-8CC0-7CDB4F245C55}\InprocServer32 -> C:\Users\jenmike\AppData\Local\Google\Update\1.3.28.15\npGoogleUpdate3.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-4281579821-372289546-3755377909-1000_Classes\CLSID\{C5A2122B-A05B-4FD8-AE49-91990AE10998}\InprocServer32 -> C:\Users\jenmike\AppData\Local\Google\Update\1.3.21.115\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-4281579821-372289546-3755377909-1000_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users\jenmike\AppData\Local\Google\Update\1.3.25.11\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-4281579821-372289546-3755377909-1000_Classes\CLSID\{D1EDC4F5-7F4D-4B12-906A-614ECF66DDAF}\InprocServer32 -> C:\Users\jenmike\AppData\Local\Google\Update\1.3.28.15\psuser.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-4281579821-372289546-3755377909-1000_Classes\CLSID\{DB25D157-76D4-41C1-97B5-359E4A4CECEB}\InprocServer32 -> C:\Users\jenmike\AppData\Local\Google\Update\1.3.21.65\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-4281579821-372289546-3755377909-1000_Classes\CLSID\{e3e02f12-2adb-478c-8742-5f0819f9f0f4}\InprocServer32 -> C:\Users\jenmike\AppData\Roaming\Move Networks\ie_bin\qsp2ie071303000006.dll (Move Networks)
CustomCLSID: HKU\S-1-5-21-4281579821-372289546-3755377909-1000_Classes\CLSID\{e473a65c-8087-49a3-affd-c5bc4a10669b}\InprocServer32 -> C:\Users\jenmike\AppData\Roaming\Move Networks\ie_bin\qsp2ie071303000006.dll (Move Networks)
CustomCLSID: HKU\S-1-5-21-4281579821-372289546-3755377909-1000_Classes\CLSID\{E67BE843-BBBE-4484-95FB-05271AE86750}\localserver32 -> C:\Users\jenmike\AppData\Local\Google\Update\1.3.28.15\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-4281579821-372289546-3755377909-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\jenmike\AppData\Local\Google\Update\1.3.28.15\psuser.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-4281579821-372289546-3755377909-1000_Classes\CLSID\{EB06378B-ABB6-4B3C-9B40-D488DD8A6E93}\InprocServer32 -> C:\Users\jenmike\AppData\Local\Google\Update\1.3.22.5\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-4281579821-372289546-3755377909-1000_Classes\CLSID\{FB994D36-B312-46CE-A40B-CF63980641F9}\InprocServer32 -> C:\Users\jenmike\AppData\Local\Google\Update\1.3.21.111\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-4281579821-372289546-3755377909-1000_Classes\CLSID\{fc345d4c-b8f4-4674-bff7-3c37d2e535ee}\InprocServer32 -> C:\Users\jenmike\AppData\Roaming\Move Networks\ie_bin\qsp2ie071303000006.dll (Move Networks)
CustomCLSID: HKU\S-1-5-21-4281579821-372289546-3755377909-1000_Classes\CLSID\{fd6484ed-ebe3-4c3d-938a-8238003b41b7}\InprocServer32 -> C:\Users\jenmike\AppData\Roaming\Move Networks\ie_bin\qsp2ie071303000006.dll (Move Networks)
CustomCLSID: HKU\S-1-5-21-4281579821-372289546-3755377909-1000_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\jenmike\AppData\Local\Google\Update\1.3.24.7\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-4281579821-372289546-3755377909-1003_Classes\CLSID\{022105BD-948A-40C9-AB42-A3300DDF097F}\localserver32 -> C:\Users\jenmike\AppData\Local\Google\Update\GoogleUpdate.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-4281579821-372289546-3755377909-1003_Classes\CLSID\{035FBE31-3755-450A-A775-5E6BBD43D344}\InprocServer32 -> C:\Users\UpdatusUser\AppData\Local\Google\Update\1.3.21.135\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-4281579821-372289546-3755377909-1003_Classes\CLSID\{095A2EEC-F7FE-42E8-96FB-C20E53081908}\InprocServer32 -> C:\Users\UpdatusUser\AppData\Local\Google\Update\1.3.21.99\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-4281579821-372289546-3755377909-1003_Classes\CLSID\{0E55CBE1-B06A-49B6-AD8D-9EFAA0160C6F}\InprocServer32 -> C:\Users\UpdatusUser\AppData\Local\Google\Update\1.3.21.57\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-4281579821-372289546-3755377909-1003_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}\InprocServer32 -> C:\Users\UpdatusUser\AppData\Local\Google\Update\1.3.25.5\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-4281579821-372289546-3755377909-1003_Classes\CLSID\{218D2740-5A50-42A8-AB9F-62FF1B168782}\InprocServer32 -> C:\Users\UpdatusUser\AppData\Local\Google\Update\1.3.21.69\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-4281579821-372289546-3755377909-1003_Classes\CLSID\{22181302-A8A6-4F84-A541-E5CBFC70CC43}\localserver32 -> "C:\Users\jenmike\AppData\Local\Google\Update\1.3.24.15\GoogleUpdateOnDemand.exe" => No File
CustomCLSID: HKU\S-1-5-21-4281579821-372289546-3755377909-1003_Classes\CLSID\{29A96789-9595-4947-BEDB-0FCC776F7DB8}\InprocServer32 -> C:\Users\UpdatusUser\AppData\Local\Google\Update\1.2.183.39\goopdate.dll => No File
CustomCLSID: HKU\S-1-5-21-4281579821-372289546-3755377909-1003_Classes\CLSID\{2F0E2680-9FF5-43C0-B76E-114A56E93598}\localserver32 -> "C:\Users\jenmike\AppData\Local\Google\Update\1.3.24.15\GoogleUpdateOnDemand.exe" => No File
CustomCLSID: HKU\S-1-5-21-4281579821-372289546-3755377909-1003_Classes\CLSID\{31261F21-2B16-45EE-BEAB-07C4CFA18B65}\InprocServer32 -> C:\Program Files\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
CustomCLSID: HKU\S-1-5-21-4281579821-372289546-3755377909-1003_Classes\CLSID\{320F0FDB-BE0A-4648-9D18-4A2C3448C007}\InprocServer32 -> C:\Users\UpdatusUser\AppData\Local\Google\Update\1.3.21.79\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-4281579821-372289546-3755377909-1003_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users\UpdatusUser\AppData\Local\Google\Update\1.3.23.9\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-4281579821-372289546-3755377909-1003_Classes\CLSID\{51F9E8EF-59D7-475B-A106-C7EA6F30C119}\localserver32 -> "C:\Users\jenmike\AppData\Local\Google\Update\1.3.24.15\GoogleUpdateOnDemand.exe" => No File
CustomCLSID: HKU\S-1-5-21-4281579821-372289546-3755377909-1003_Classes\CLSID\{5C65F4B0-3651-4514-B207-D10CB699B14B}\localserver32 -> "C:\Users\jenmike\AppData\Local\Google\Chrome\Application\35.0.1916.153\delegate_execute.exe" => No  (the data entry has 4 more characters).
CustomCLSID: HKU\S-1-5-21-4281579821-372289546-3755377909-1003_Classes\CLSID\{62A0D750-DED9-448C-B693-406B34BB0892}\InprocServer32 -> C:\Users\UpdatusUser\AppData\Local\Google\Update\1.3.21.145\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-4281579821-372289546-3755377909-1003_Classes\CLSID\{634059C0-D264-4B2C-AE80-F73E48D33E5B}\InprocServer32 -> C:\Users\UpdatusUser\AppData\Local\Google\Update\1.3.21.123\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-4281579821-372289546-3755377909-1003_Classes\CLSID\{6D7374DE-63AA-473C-8C02-60D9CDCD84C5}\InprocServer32 -> C:\Users\UpdatusUser\AppData\Local\Google\Update\1.3.21.153\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-4281579821-372289546-3755377909-1003_Classes\CLSID\{6DA5E5A5-51C8-11D2-A5F5-0080C796E09E}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-4281579821-372289546-3755377909-1003_Classes\CLSID\{8AD37F04-510E-11D2-A5F1-0080C796E09E}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-4281579821-372289546-3755377909-1003_Classes\CLSID\{8AD37F06-510E-11D2-A5F1-0080C796E09E}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-4281579821-372289546-3755377909-1003_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\UpdatusUser\AppData\Local\Google\Update\1.3.24.15\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-4281579821-372289546-3755377909-1003_Classes\CLSID\{91EFB276-CEFE-48EC-BB3A-57795A7B4008}\InprocServer32 -> C:\Users\UpdatusUser\AppData\Local\Google\Update\1.3.21.149\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-4281579821-372289546-3755377909-1003_Classes\CLSID\{a3c6dafc-e193-42fc-adca-5316b5d6d653}\InprocServer32 -> C:\Users\UpdatusUser\Program Files\DNA\plugins\npbtdna.dll => No File
CustomCLSID: HKU\S-1-5-21-4281579821-372289546-3755377909-1003_Classes\CLSID\{A45426FB-E444-42B2-AA56-419F8FBEEC61}\InprocServer32 -> C:\Users\UpdatusUser\AppData\Local\Google\Update\1.3.22.3\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-4281579821-372289546-3755377909-1003_Classes\CLSID\{A54D478D-4F70-4F72-9A74-17C9986E35AB}\InprocServer32 -> C:\Users\UpdatusUser\AppData\Local\Google\Update\1.3.21.165\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-4281579821-372289546-3755377909-1003_Classes\CLSID\{BDD1F04B-858B-11D1-B16A-00C0F0283628}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-4281579821-372289546-3755377909-1003_Classes\CLSID\{C3101A8B-0EE1-4612-BFE9-41FFC1A3C19D}\InprocServer32 -> C:\Users\UpdatusUser\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll => No File
CustomCLSID: HKU\S-1-5-21-4281579821-372289546-3755377909-1003_Classes\CLSID\{C3BC25C0-FCD3-4F01-AFDD-41373F017C9A}\InprocServer32 -> C:\Users\UpdatusUser\AppData\Local\Google\Update\1.3.26.9\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-4281579821-372289546-3755377909-1003_Classes\CLSID\{C442AC41-9200-4770-8CC0-7CDB4F245C55}\InprocServer32 -> C:\Users\UpdatusUser\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll => No File
CustomCLSID: HKU\S-1-5-21-4281579821-372289546-3755377909-1003_Classes\CLSID\{C5A2122B-A05B-4FD8-AE49-91990AE10998}\InprocServer32 -> C:\Users\UpdatusUser\AppData\Local\Google\Update\1.3.21.115\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-4281579821-372289546-3755377909-1003_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users\UpdatusUser\AppData\Local\Google\Update\1.3.25.11\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-4281579821-372289546-3755377909-1003_Classes\CLSID\{DB25D157-76D4-41C1-97B5-359E4A4CECEB}\InprocServer32 -> C:\Users\UpdatusUser\AppData\Local\Google\Update\1.3.21.65\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-4281579821-372289546-3755377909-1003_Classes\CLSID\{e3e02f12-2adb-478c-8742-5f0819f9f0f4}\InprocServer32 -> C:\Users\jenmike\AppData\Roaming\Move Networks\ie_bin\qsp2ie071303000006.dll (Move Networks)
CustomCLSID: HKU\S-1-5-21-4281579821-372289546-3755377909-1003_Classes\CLSID\{e473a65c-8087-49a3-affd-c5bc4a10669b}\InprocServer32 -> C:\Users\jenmike\AppData\Roaming\Move Networks\ie_bin\qsp2ie071303000006.dll (Move Networks)
CustomCLSID: HKU\S-1-5-21-4281579821-372289546-3755377909-1003_Classes\CLSID\{E67BE843-BBBE-4484-95FB-05271AE86750}\localserver32 -> "C:\Users\jenmike\AppData\Local\Google\Update\1.3.24.15\GoogleUpdateOnDemand.exe" => No File
CustomCLSID: HKU\S-1-5-21-4281579821-372289546-3755377909-1003_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\UpdatusUser\AppData\Local\Google\Update\1.3.24.15\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-4281579821-372289546-3755377909-1003_Classes\CLSID\{EB06378B-ABB6-4B3C-9B40-D488DD8A6E93}\InprocServer32 -> C:\Users\UpdatusUser\AppData\Local\Google\Update\1.3.22.5\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-4281579821-372289546-3755377909-1003_Classes\CLSID\{FB994D36-B312-46CE-A40B-CF63980641F9}\InprocServer32 -> C:\Users\UpdatusUser\AppData\Local\Google\Update\1.3.21.111\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-4281579821-372289546-3755377909-1003_Classes\CLSID\{fc345d4c-b8f4-4674-bff7-3c37d2e535ee}\InprocServer32 -> C:\Users\jenmike\AppData\Roaming\Move Networks\ie_bin\qsp2ie071303000006.dll (Move Networks)
CustomCLSID: HKU\S-1-5-21-4281579821-372289546-3755377909-1003_Classes\CLSID\{fd6484ed-ebe3-4c3d-938a-8238003b41b7}\InprocServer32 -> C:\Users\jenmike\AppData\Roaming\Move Networks\ie_bin\qsp2ie071303000006.dll (Move Networks)
CustomCLSID: HKU\S-1-5-21-4281579821-372289546-3755377909-1003_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\UpdatusUser\AppData\Local\Google\Update\1.3.24.7\psuser.dll => No File
 
==================== Restore Points =========================
 
12-11-2015 00:00:05 Scheduled Checkpoint
12-11-2015 11:50:37 Installed DirectX
13-11-2015 00:00:10 Scheduled Checkpoint
 
==================== Hosts content: ===============================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2006-11-02 05:23 - 2014-07-07 08:27 - 00000761 ____A C:\Windows\system32\Drivers\etc\hosts
 
127.0.0.1       localhost
::1             localhost
 
==================== Scheduled Tasks (Whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
Task: {01EA366A-BB7B-4C8B-A692-80A5EA18C3D9} - System32\Tasks\{D4656277-AFCA-4AF3-AD1D-76ACEB0EECA4} => pcalua.exe -a "F:\Games\rrt\Setup Railroad Tycoon.exe" -d F:\Games\rrt
Task: {0E455B63-12E1-4A76-8F66-742EE5CF6819} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-4281579821-372289546-3755377909-1000UA1d000009d635bea => C:\Users\jenmike\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {20BD3282-4356-46A4-A135-1A058A113E78} - System32\Tasks\GoogleUpdateTaskMachineCore1cf6a75ad235dcc => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {225E0606-5CF3-4E04-A458-5A9822AA9763} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-09-16] (Piriform Ltd)
Task: {373236B2-F887-4383-8B67-57A7A37065C3} - System32\Tasks\NCH Software\prismShakeIcon => C:\Program Files\NCH Software\Prism\Prism.exe [2011-06-12] (NCH Software)
Task: {53666E9F-90F5-4860-9F93-ED414038E5FC} - System32\Tasks\NCH Software\VideoPadDowngrade => C:\Program Files\NCH Software\VideoPad\VideoPad.exe [2013-03-13] (NCH Software)
Task: {5B8498CB-6FE8-4322-87F2-FD62AECAA66D} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-4281579821-372289546-3755377909-1000UA1ceebdf2180165 => C:\Users\jenmike\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {5C8CB920-C8E7-4E86-AE4E-22A4FDF312B2} - System32\Tasks\Microsoft_Hardware_Launch_IPoint_exe => c:\Program Files\Microsoft IntelliPoint\IPoint.exe [2011-08-01] (Microsoft Corporation)
Task: {5EC2F40C-36EE-496E-A17C-C1596413FF7C} - \GPUpdateCheck -> No File <==== ATTENTION
Task: {6673B74E-4528-48F8-91B0-7325E5D603D4} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-4281579821-372289546-3755377909-1000Core1d0bf30ea96b90d => C:\Users\jenmike\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {6F2D692C-4698-48C8-BEBB-7D15598FDBF8} - System32\Tasks\GoogleUpdateTaskMachineUA1d0bf2ffd3603b7 => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {75B3A9F8-302F-4A5B-980F-F496D9249CB4} - System32\Tasks\GoogleUpdateTaskMachineUA1cfec7bdbcb44d0 => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {87944F0F-5F4D-4189-8DCE-8DB5FE41081B} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-4281579821-372289546-3755377909-1000Core1cf277f5f8c0e1b => C:\Users\jenmike\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {8FE992E3-3393-4645-9516-2FCD45C8436E} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-4281579821-372289546-3755377909-1000UA1d0e25bd74297c0 => C:\Users\jenmike\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {98E3D178-F359-45E9-8E1A-F066FD4BBD8F} - System32\Tasks\GoogleUpdateTaskMachineUA1cf8a953702baf3 => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {9D7A925F-BA64-4F85-86C2-0D21817C05C2} - System32\Tasks\{4CDF70A5-6C97-4F40-97D0-A908767B047F} => pcalua.exe -a E:\Utility\MSI\GoodMem\InsGoodMEM.exe -d E:\Utility\MSI\GoodMem
Task: {9DCDC87B-1883-4157-AD63-F0B9BEC42F6C} - System32\Tasks\Microsoft_Hardware_Launch_IType_exe => C:\Program Files\Microsoft IntelliType Pro\IType.exe [2009-11-05] (Microsoft Corporation)
Task: {CE8A681A-49A4-45DB-80BF-4DCA3DE41BA9} - System32\Tasks\GoogleUpdateTaskMachineCore1d0bf2ffc616378 => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {E571824B-8244-4F99-8201-EE9A147399E8} - System32\Tasks\{491DE823-CD05-4553-B84E-2A0D5381906F} => pcalua.exe -a "C:\Users\jenmike\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\BG4FG9X6\mp500vst110ej[1].exe" -d C:\Users\jenmike
Task: {EAD5E116-DC3F-47CA-81F5-6B94826B1B20} - System32\Tasks\GoogleUpdateTaskMachineUA1d0e23f4e0fe28a => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {EFFABB1E-52DC-4F83-B6A8-E7D627A25F01} - System32\Tasks\GoogleUpdateTaskMachineUA1d08ed33c35f3e1 => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cf6a75ad235dcc.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d0bf2ffc616378.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA1cf8a953702baf3.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA1cfec7bdbcb44d0.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA1d08ed33c35f3e1.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA1d0bf2ffd3603b7.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA1d0e23f4e0fe28a.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4281579821-372289546-3755377909-1000Core1cf277f5f8c0e1b.job => C:\Users\jenmike\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4281579821-372289546-3755377909-1000Core1d0bf30ea96b90d.job => C:\Users\jenmike\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4281579821-372289546-3755377909-1000UA1ceebdf2180165.job => C:\Users\jenmike\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4281579821-372289546-3755377909-1000UA1d000009d635bea.job => C:\Users\jenmike\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4281579821-372289546-3755377909-1000UA1d0e25bd74297c0.job => C:\Users\jenmike\AppData\Local\Google\Update\GoogleUpdate.exe
 
==================== Loaded Modules (Whitelisted) ==============
 
2011-01-16 15:40 - 2011-01-16 15:40 - 00051716 _____ () C:\Windows\System32\pdf995mon.dll
2009-02-06 09:07 - 2009-02-02 01:32 - 00038400 _____ () C:\Program Files\Amazon\Amazon Games & Software Downloader\utility.dll
2009-02-06 09:07 - 2008-07-23 09:02 - 00151552 _____ () C:\Program Files\Amazon\Amazon Games & Software Downloader\libexpat.dll
2011-11-01 23:26 - 2011-11-01 23:26 - 00087912 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2011-11-01 23:26 - 2011-11-01 23:26 - 01242472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2015-08-27 14:54 - 2015-08-27 14:54 - 00659872 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.8.586.8535\AdAwareService.exe
2015-08-27 14:56 - 2015-08-27 14:56 - 00023296 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.8.586.8535\boost_system-vc120-mt-1_57.dll
2015-08-27 14:56 - 2015-08-27 14:56 - 00047368 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.8.586.8535\boost_date_time-vc120-mt-1_57.dll
2015-08-27 14:56 - 2015-08-27 14:56 - 00108808 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.8.586.8535\boost_filesystem-vc120-mt-1_57.dll
2015-08-27 14:56 - 2015-08-27 14:56 - 10273528 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.8.586.8535\AdAwareServiceKernel.dll
2015-08-27 14:56 - 2015-08-27 14:56 - 02372816 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.8.586.8535\RCF.dll
2015-08-27 14:56 - 2015-08-27 14:56 - 00634624 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.8.586.8535\boost_regex-vc120-mt-1_57.dll
2015-08-27 14:56 - 2015-08-27 14:56 - 00089344 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.8.586.8535\boost_thread-vc120-mt-1_57.dll
2015-08-27 14:56 - 2015-08-27 14:56 - 00032000 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.8.586.8535\boost_chrono-vc120-mt-1_57.dll
2015-08-27 14:56 - 2015-08-27 14:56 - 00567024 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.8.586.8535\AdAwareActivation.dll
2015-08-27 14:56 - 2015-08-27 14:56 - 00375040 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.8.586.8535\AdAwareApplicationUpdater.dll
2015-08-27 14:56 - 2015-08-27 14:56 - 00679664 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.8.586.8535\AdAwareGamingMode.dll
2015-08-27 14:56 - 2015-08-27 14:56 - 00084712 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.8.586.8535\AdAwareReset.dll
2015-08-27 14:56 - 2015-08-27 14:56 - 00102624 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.8.586.8535\AdAwareTime.dll
2015-08-27 14:56 - 2015-08-27 14:56 - 00807680 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.8.586.8535\AdAwareDefinitionsUpdater.dll
2015-08-27 14:56 - 2015-08-27 14:56 - 00729872 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.8.586.8535\AdAwareDefinitionsUpdaterScheduler.dll
2015-08-27 14:56 - 2015-08-27 14:56 - 00897264 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.8.586.8535\AdAwareIgnoreList.dll
2015-08-27 14:56 - 2015-08-27 14:56 - 00205552 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.8.586.8535\AdAwareQuarantine.dll
2015-08-27 14:56 - 2015-08-27 14:56 - 00842496 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.8.586.8535\AdAwareAntiMalwareEngine.dll
2015-08-27 14:56 - 2015-08-27 14:56 - 00169728 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.8.586.8535\AdAwareAntiRootkitEngine.dll
2015-08-27 14:56 - 2015-08-27 14:56 - 00902392 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.8.586.8535\AdAwareScannerHistory.dll
2015-08-27 14:56 - 2015-08-27 14:56 - 01082088 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.8.586.8535\AdAwareScanner.dll
2015-08-27 14:56 - 2015-08-27 14:56 - 00032512 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.8.586.8535\boost_timer-vc120-mt-1_57.dll
2015-08-27 14:56 - 2015-08-27 14:56 - 00811256 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.8.586.8535\AdAwareScannerScheduler.dll
2015-08-27 14:56 - 2015-08-27 14:56 - 00940288 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.8.586.8535\AdAwareRealTimeProtection.dll
2015-08-27 14:56 - 2015-08-27 14:56 - 00199416 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.8.586.8535\AdAwareIncompatibles.dll
2015-08-27 14:56 - 2015-08-27 14:56 - 00754920 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.8.586.8535\AdAwareAntiSpam.dll
2015-08-27 14:56 - 2015-08-27 14:56 - 00713456 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.8.586.8535\AdAwareAntiPhishing.dll
2015-08-27 14:56 - 2015-08-27 14:56 - 02519288 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.8.586.8535\AdAwareParentalControl.dll
2015-08-27 14:56 - 2015-08-27 14:56 - 02701048 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.8.586.8535\AdAwareWebProtection.dll
2015-08-27 14:56 - 2015-08-27 14:56 - 01044728 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.8.586.8535\AdAwareEmailProtection.dll
2015-08-27 14:56 - 2015-08-27 14:56 - 00048392 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.8.586.8535\boost_iostreams-vc120-mt-1_57.dll
2015-08-27 14:56 - 2015-08-27 14:56 - 01032960 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.8.586.8535\AdAwareNetworkProtection.dll
2015-08-27 14:56 - 2015-08-27 14:56 - 00810728 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.8.586.8535\AdAwarePromo.dll
2015-08-27 14:56 - 2015-08-27 14:56 - 00297704 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.8.586.8535\AdAwareFeedback.dll
2015-08-27 14:56 - 2015-08-27 14:56 - 02280192 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.8.586.8535\AdAwareThreatWorkAlliance.dll
2015-08-27 14:56 - 2015-08-27 14:56 - 01017576 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.8.586.8535\AdAwarePinCode.dll
2015-08-27 14:56 - 2015-08-27 14:56 - 00810728 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.8.586.8535\AdAwareNotice.dll
2015-08-27 14:56 - 2015-08-27 14:56 - 00815344 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.8.586.8535\AdAwareAvcEngine.dll
2015-08-27 14:56 - 2015-08-27 14:56 - 00955664 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.8.586.8535\AdAwareRealTimeProtectionHistory.dll
2015-08-27 14:56 - 2015-08-27 14:56 - 00377072 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.8.586.8535\AdAwareStatistics.dll
2015-08-27 14:56 - 2015-08-27 14:56 - 02595576 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.8.586.8535\AdAwareShellExtension.dll
2014-05-13 11:16 - 2014-05-13 11:16 - 00083456 _____ () C:\Program Files\NCH Software\ExpressZip\ezcm.dll
2009-05-15 08:27 - 2015-05-01 11:09 - 00043520 _____ () C:\Windows\system32\CmdLineExt03.dll
2011-12-12 13:38 - 2011-12-12 13:38 - 00066872 _____ () C:\Windows\system32\PnkBstrA.exe
2011-12-12 13:38 - 2011-12-12 13:38 - 00107832 _____ () C:\Windows\system32\PnkBstrB.exe
2011-02-14 16:34 - 2011-01-10 11:47 - 00158208 _____ () C:\Program Files\Verizon\VSP\Windows7Features.dll
2015-08-27 14:56 - 2015-08-27 14:56 - 07992032 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.8.586.8535\AdAwareTray.exe
2015-08-27 14:56 - 2015-08-27 14:56 - 00386816 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.8.586.8535\boost_locale-vc120-mt-1_57.dll
2015-08-27 14:56 - 2015-08-27 14:56 - 01731304 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.8.586.8535\HtmlFramework.dll
2015-08-27 14:56 - 2015-08-27 14:56 - 00867576 _____ () C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.8.586.8535\AdAwareTrayDefaultSkin.dll
2008-11-07 09:11 - 2008-06-19 18:35 - 00333288 _____ () C:\Program Files\Spybot - Search & Destroy\sqlite3.dll
2008-11-07 09:11 - 2008-03-04 15:52 - 00790392 _____ () C:\Program Files\Spybot - Search & Destroy\Plugins\Chai.dll
2008-11-07 09:11 - 2008-03-05 10:34 - 00795520 _____ () C:\Program Files\Spybot - Search & Destroy\Plugins\Fennel.dll
2008-11-07 09:11 - 2008-02-26 12:04 - 00717176 _____ () C:\Program Files\Spybot - Search & Destroy\Plugins\Mate.dll
2008-11-07 09:11 - 2007-12-24 02:05 - 00121344 _____ () C:\Program Files\Spybot - Search & Destroy\Plugins\TCPIPAddress.dll
 
==================== Alternate Data Streams (Whitelisted) =========
 
(If an entry is included in the fixlist, only the ADS will be removed.)
 
AlternateDataStreams: C:\ProgramData\TEMP:B606BA34
AlternateDataStreams: C:\ProgramData\TEMP:D1B5B4F1
 
==================== Safe Mode (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ServicepointService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeaack.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfeavfk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefire => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfefirek.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfehidk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfemms => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfetdi2k.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mfevtp => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ServicepointService => ""="Service"
 
==================== EXE Association (Whitelisted) ===============
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
 
 
==================== Internet Explorer trusted/restricted ===============
 
(If an entry is included in the fixlist, it will be removed from the registry.)
 
IE trusted site: HKU\.DEFAULT\...\clonewarsadventures.com -> clonewarsadventures.com
IE trusted site: HKU\.DEFAULT\...\freerealms.com -> freerealms.com
IE trusted site: HKU\.DEFAULT\...\soe.com -> soe.com
IE trusted site: HKU\.DEFAULT\...\sony.com -> sony.com
IE trusted site: HKU\S-1-5-19\...\clonewarsadventures.com -> clonewarsadventures.com
IE trusted site: HKU\S-1-5-19\...\freerealms.com -> freerealms.com
IE trusted site: HKU\S-1-5-19\...\soe.com -> soe.com
IE trusted site: HKU\S-1-5-19\...\sony.com -> sony.com
IE trusted site: HKU\S-1-5-20\...\clonewarsadventures.com -> clonewarsadventures.com
IE trusted site: HKU\S-1-5-20\...\freerealms.com -> freerealms.com
IE trusted site: HKU\S-1-5-20\...\soe.com -> soe.com
IE trusted site: HKU\S-1-5-20\...\sony.com -> sony.com
IE trusted site: HKU\S-1-5-21-4281579821-372289546-3755377909-1000\...\clonewarsadventures.com -> clonewarsadventures.com
IE trusted site: HKU\S-1-5-21-4281579821-372289546-3755377909-1000\...\freerealms.com -> freerealms.com
IE trusted site: HKU\S-1-5-21-4281579821-372289546-3755377909-1000\...\real.com -> hxxps://rhap-app-4-0.real.com
IE trusted site: HKU\S-1-5-21-4281579821-372289546-3755377909-1000\...\smartsource.com -> hxxps://coupons2.smartsource.com
IE trusted site: HKU\S-1-5-21-4281579821-372289546-3755377909-1000\...\soe.com -> soe.com
IE trusted site: HKU\S-1-5-21-4281579821-372289546-3755377909-1000\...\sony.com -> sony.com
IE trusted site: HKU\S-1-5-21-4281579821-372289546-3755377909-1003\...\clonewarsadventures.com -> clonewarsadventures.com
IE trusted site: HKU\S-1-5-21-4281579821-372289546-3755377909-1003\...\freerealms.com -> freerealms.com
IE trusted site: HKU\S-1-5-21-4281579821-372289546-3755377909-1003\...\soe.com -> soe.com
IE trusted site: HKU\S-1-5-21-4281579821-372289546-3755377909-1003\...\sony.com -> sony.com
 
==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-4281579821-372289546-3755377909-1000\Control Panel\Desktop\\Wallpaper -> F:\images\jpg\new images\2011-10-31\hogwarts universal.bmp
HKU\S-1-5-21-4281579821-372289546-3755377909-1003\Control Panel\Desktop\\Wallpaper -> C:\windows\Web\Wallpaper\img24.jpg
DNS Servers: 192.168.1.1 - 71.250.0.12
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 2) (ConsentPromptBehaviorUser: 1) (EnableLUA: 1)
Windows Firewall is enabled.
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
(Currently there is no automatic fix for this section.)
 
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Microsoft Office.lnk => C:\Windows\pss\Microsoft Office.lnk.CommonStartup
MSCONFIG\startupreg: AdAwareTray => "C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareTray.exe"
MSCONFIG\startupreg: Adobe Reader Speed Launcher => "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
MSCONFIG\startupreg: Amazon Cloud Player => "C:\Users\jenmike\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe"
MSCONFIG\startupreg: APSDaemon => "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: Google Update => "C:\Users\jenmike\AppData\Local\Google\Update\GoogleUpdate.exe" /c
MSCONFIG\startupreg: GoogleChromeAutoLaunch_8912F4DACD66F1C990C49677BB935403 => "C:\Users\jenmike\AppData\Local\Google\Chrome\Application\chrome.exe" --no-startup-window
MSCONFIG\startupreg: ISUSPM => C:\ProgramData\FLEXnet\Connect\11\\isuspm.exe -scheduler
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: LiveMonitor => C:\Program Files\MSI\Live Update 3\LMonitor.exe
MSCONFIG\startupreg: Monitor => "C:\Program Files\LeapFrog\LeapFrog Connect\Monitor.exe"
MSCONFIG\startupreg: PWRISOVM.EXE => C:\Program Files\PowerISO\PWRISOVM.EXE -startup
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: SSDruid => "C:\PROGRA~1\XEMICO~1\SCREEN~1\SCREEN~1.EXE" /startup
MSCONFIG\startupreg: Steam => "C:\Program Files\Steam\steam.exe" -silent
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: swg => "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
MSCONFIG\startupreg: uTorrent => "C:\Users\jenmike\Downloads\uTorrent.exe"  /MINIMIZED
 
==================== FirewallRules (Whitelisted) ===============
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
FirewallRules: [WinCollab-Out-UDP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-In-UDP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-Out-TCP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-In-TCP] => (Allow) %ProgramFiles%\Windows Collaboration\WinCollab.exe
FirewallRules: [WinCollab-DFSR-Out-TCP] => (Allow) %SystemRoot%\system32\dfsr.exe
FirewallRules: [WinCollab-DFSR-In-TCP] => (Allow) %SystemRoot%\system32\dfsr.exe
FirewallRules: [TCP Query User{153E6161-D65A-471B-8490-E402F1ED78E4}C:\program files\mediaring dialer\msi\msiph.exe] => (Block) C:\program files\mediaring dialer\msi\msiph.exe
FirewallRules: [UDP Query User{3CE55E4D-9499-4372-B3F2-11E738ABA9FC}C:\program files\mediaring dialer\msi\msiph.exe] => (Block) C:\program files\mediaring dialer\msi\msiph.exe
FirewallRules: [TCP Query User{439C2299-F6DF-45AB-AF52-7FCD666372F6}C:\program files\ubisoft\crytek\far cry\bin32\farcry.exe] => (Block) C:\program files\ubisoft\crytek\far cry\bin32\farcry.exe
FirewallRules: [UDP Query User{D554EF0E-FAEE-4A3F-B2EC-9B63C6218621}C:\program files\ubisoft\crytek\far cry\bin32\farcry.exe] => (Block) C:\program files\ubisoft\crytek\far cry\bin32\farcry.exe
FirewallRules: [{95982953-359C-4AA6-90F1-8922BC272368}] => (Allow) C:\Program Files\LimeWire\LimeWire.exe
FirewallRules: [{E3C1A53E-6B23-4482-B0B7-64F9131727B6}] => (Allow) C:\Program Files\LimeWire\LimeWire.exe
FirewallRules: [TCP Query User{AD698281-0861-4CD9-B42B-54252B45C9FD}D:\program files\itunes\itunes.exe] => (Allow) D:\program files\itunes\itunes.exe
FirewallRules: [UDP Query User{3234F913-53C4-48E0-84F8-7F0EA0B6E908}D:\program files\itunes\itunes.exe] => (Allow) D:\program files\itunes\itunes.exe
FirewallRules: [TCP Query User{FE6EED4C-216D-4C4C-8445-3718D68468EA}C:\program files\limewire\limewire.exe] => (Allow) C:\program files\limewire\limewire.exe
FirewallRules: [UDP Query User{E008CD58-4978-473F-8C07-B1FDEAC894CA}C:\program files\limewire\limewire.exe] => (Allow) C:\program files\limewire\limewire.exe
FirewallRules: [TCP Query User{9757CFC5-4E1A-4045-A87C-AF18429D4720}C:\program files\itunes\itunes.exe] => (Allow) C:\program files\itunes\itunes.exe
FirewallRules: [TCP Query User{EC63F730-9BF6-445B-853E-963558DC5AA8}C:\program files\ubisoft\crytek\far cry\bin32\farcry.exe] => (Allow) C:\program files\ubisoft\crytek\far cry\bin32\farcry.exe
FirewallRules: [UDP Query User{582432FF-8FA9-4FEC-92D4-54E16E3980AF}C:\program files\ubisoft\crytek\far cry\bin32\farcry.exe] => (Allow) C:\program files\ubisoft\crytek\far cry\bin32\farcry.exe
FirewallRules: [{55801C57-DF1E-441A-A0EE-40172311C9D8}] => (Allow) C:\Program Files\uTorrent\uTorrent.exe
FirewallRules: [{8F3D7EA1-42FB-479A-958B-D96F264D5E1F}] => (Allow) C:\Program Files\uTorrent\uTorrent.exe
FirewallRules: [TCP Query User{E6B4845D-78B0-46EB-ADC9-7C510E76ACC0}D:\program files\bittorrent\btdownloadgui.exe] => (Allow) D:\program files\bittorrent\btdownloadgui.exe
FirewallRules: [UDP Query User{B214F4C8-73D3-46F4-B3F6-D7AB9030957A}D:\program files\bittorrent\btdownloadgui.exe] => (Allow) D:\program files\bittorrent\btdownloadgui.exe
FirewallRules: [{50802E86-E61F-4D64-A37F-A13A2F0C22DF}] => (Allow) C:\Program Files\AeriaGames\Project Torque\ProjectTorque.bin
FirewallRules: [{8B43264A-414E-443B-8BF1-B7795A9DF3F8}] => (Allow) C:\Program Files\AeriaGames\Project Torque\ProjectTorque.bin
FirewallRules: [{8CD6BA92-6BE5-4F8B-9EB2-43BE10569400}] => (Allow) C:\Program Files\Sierra\FEAR\FEAR.exe
FirewallRules: [{0039E6AB-CDE6-4EB0-BD3B-2C2D01F1AAD9}] => (Allow) C:\Program Files\Sierra\FEAR\FEAR.exe
FirewallRules: [{29B3EB64-5814-4369-B75F-5CA24C6299A8}] => (Allow) C:\Program Files\Sierra\FEAR\FEARMP.exe
FirewallRules: [{9CBCA4FD-484D-4825-BE1F-C9A962BA9C4E}] => (Allow) C:\Program Files\Sierra\FEAR\FEARMP.exe
FirewallRules: [{414EE686-E392-431C-90DD-36F54EAB1A3B}] => (Allow) C:\Program Files\Steam\steamapps\common\alien swarm\srcds.exe
FirewallRules: [{A2BA881F-1D4D-45D6-A545-5BB0448338FF}] => (Allow) C:\Program Files\Steam\steamapps\common\alien swarm\srcds.exe
FirewallRules: [{AFFDDD64-29DD-4475-8FA7-84EC642C2B97}] => (Allow) C:\Games\Mass Effect\Binaries\MassEffect.exe
FirewallRules: [{A22DFF01-89A0-4A99-9649-1FB565982909}] => (Allow) C:\Games\Mass Effect\Binaries\MassEffect.exe
FirewallRules: [{54A0A922-73DF-46E8-BABB-3C3EF41CCECA}] => (Allow) C:\Games\Mass Effect\MassEffectLauncher.exe
FirewallRules: [{229A7FF4-CCB2-4D72-8634-1CCC68D51D8A}] => (Allow) C:\Games\Mass Effect\MassEffectLauncher.exe
FirewallRules: [{FA19DF9A-F9C8-4808-AE44-A7BCCE5511EF}] => (Allow) C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
FirewallRules: [{DE288C7B-222D-4A19-AC17-786D6B0D1AC8}] => (Allow) C:\Program Files\Codemasters\DiRT2\dirt2_game.exe
FirewallRules: [{34AEF495-0A3C-44D1-925D-2FF9B1A43609}] => (Allow) C:\Program Files\Codemasters\DiRT2\dirt2_game.exe
FirewallRules: [{AB7C34D0-C614-4C07-B522-2EA0B63D1294}] => (Allow) C:\Program Files\FrostWire\FrostWire.exe
FirewallRules: [{E8B71C5B-9261-40B6-8893-DCCCC3598644}] => (Allow) C:\Program Files\FrostWire\FrostWire.exe
FirewallRules: [{962A7FF2-BE3F-4734-9285-96362B01B711}] => (Allow) C:\Program Files\THQ\S.T.A.L.K.E.R. - Shadow of Chernobyl\bin\XR_3DA.exe
FirewallRules: [{4D76793A-B5FF-4035-AB94-D3FAE8215E71}] => (Allow) C:\Program Files\THQ\S.T.A.L.K.E.R. - Shadow of Chernobyl\bin\XR_3DA.exe
FirewallRules: [{453EA090-D4A3-419B-A5DA-10EECEA71A1B}] => (Allow) C:\Program Files\Ubisoft\Techland\Call of Juarez - Bound in Blood\CoJBiBGame_x86.exe
FirewallRules: [{B2AA13AB-3B0E-44BE-A1B6-6FB43B196403}] => (Allow) C:\Program Files\Ubisoft\Techland\Call of Juarez - Bound in Blood\CoJBiBGame_x86.exe
FirewallRules: [{A9BDEF1C-2587-4A73-B036-5A52304B7C23}] => (Allow) C:\Program Files\Verizon\VSP\ServicepointService.exe
FirewallRules: [{C715BAEE-7DD1-4E84-97A3-5155218CEE37}] => (Allow) C:\Program Files\Verizon\VSP\ServicepointService.exe
FirewallRules: [{911A121E-8B81-45EA-9408-F0055D51A112}] => (Allow) C:\Program Files\Sierra Entertainment\FEAR Perseus Mandate\FEARXP2.exe
FirewallRules: [{64AD910A-010A-4CB9-9AFE-033B6849745D}] => (Allow) C:\Program Files\Sierra Entertainment\FEAR Perseus Mandate\FEARXP2.exe
FirewallRules: [{6FB147F5-58F5-4A3F-A9B3-66EB8EC94ADD}] => (Allow) C:\Program Files\Mass Effect 2\Binaries\MassEffect2.exe
FirewallRules: [{7F680E1B-30DE-4391-B08E-B2AE917613D6}] => (Allow) C:\Program Files\Mass Effect 2\Binaries\MassEffect2.exe
FirewallRules: [{5F88DC55-9C21-4D28-AC6B-6F3099F2E165}] => (Allow) C:\Program Files\Mass Effect 2\MassEffect2Launcher.exe
FirewallRules: [{C0D0A261-1330-4D69-9C3F-C97974B47697}] => (Allow) C:\Program Files\Mass Effect 2\MassEffect2Launcher.exe
FirewallRules: [{3241C265-82E1-4D63-ADE1-63D2D23C5FA0}] => (Allow) LPort=80
FirewallRules: [{12EC4771-73DE-46B4-8225-C0DD83109B20}] => (Allow) LPort=80
FirewallRules: [{6064C412-9308-4034-98B9-2B09FD1610D5}] => (Allow) LPort=80
FirewallRules: [{A70BEF72-E387-4D9B-AFB1-64802F2B8D65}] => (Allow) C:\Program Files\Steam\steamapps\common\alien swarm\swarm.exe
FirewallRules: [{0BCC2345-4AEF-4E97-86BB-890B4116367B}] => (Allow) C:\Program Files\Steam\steamapps\common\alien swarm\swarm.exe
FirewallRules: [{DE8CEFD1-BF4B-4A39-B8D0-854A2A0ADC9E}] => (Allow) C:\Program Files\Steam\steamapps\common\bioshock\Builds\Release\Bioshock.exe
FirewallRules: [{FA41269B-11DF-4636-B2BA-9D2574EC2C70}] => (Allow) C:\Program Files\Steam\steamapps\common\bioshock\Builds\Release\Bioshock.exe
FirewallRules: [{CA230FF7-297A-4E4A-AB17-5D887A9E4272}] => (Allow) C:\Program Files\Steam\steamapps\common\tales of monkey island - chapter 1\MonkeyIsland101.exe
FirewallRules: [{1C0D4956-8FD9-484C-A255-7DF28918CA64}] => (Allow) C:\Program Files\Steam\steamapps\common\tales of monkey island - chapter 1\MonkeyIsland101.exe
FirewallRules: [{148DEE90-36B8-411B-90BF-FB2D9440EDBA}] => (Allow) C:\Program Files\Steam\steamapps\common\tales of monkey island - chapter 2\MonkeyIsland102.exe
FirewallRules: [{9DBB7805-8351-480C-9E29-C43781E1D67C}] => (Allow) C:\Program Files\Steam\steamapps\common\tales of monkey island - chapter 2\MonkeyIsland102.exe
FirewallRules: [{7B327420-C57D-45B7-A545-DA27C3138D43}] => (Allow) C:\Program Files\Pando Networks\Media Booster\PMB.exe
FirewallRules: [{99CA4CCD-059F-4091-9E1E-4FEB16178DEA}] => (Allow) C:\Program Files\Pando Networks\Media Booster\PMB.exe
FirewallRules: [{8EE00B49-F648-450D-9A11-B8CA7D7A6B6D}] => (Allow) C:\Program Files\Pando Networks\Media Booster\PMB.exe
FirewallRules: [{43D82020-E3CB-4926-B1FF-31D007890C6A}] => (Allow) C:\Program Files\Pando Networks\Media Booster\PMB.exe
FirewallRules: [{2D11900E-B622-49BF-BD25-BD287EF76737}] => (Allow) C:\Program Files\Pando Networks\Media Booster\PMB.exe
FirewallRules: [{9391EA6D-2F7A-4B7F-B8D7-7DAA9B9604B7}] => (Allow) C:\Program Files\FrostWire 5\FrostWire.exe
FirewallRules: [{E489A016-117E-49FC-8586-4C467C535652}] => (Allow) C:\Program Files\FrostWire 5\FrostWire.exe
FirewallRules: [{1DF01FF1-C299-4C83-9720-8A050D80C30C}] => (Allow) C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
FirewallRules: [{9E53A293-67A3-4632-B34E-9EC6B016EA71}] => (Allow) C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
FirewallRules: [{4E38391F-9F04-4B2E-97F9-D0581F4D0CD7}] => (Allow) C:\Windows\System32\PnkBstrA.exe
FirewallRules: [{D4AE1915-346F-4B8B-A8CE-F150C3FA7AF8}] => (Allow) C:\Windows\System32\PnkBstrA.exe
FirewallRules: [{B579FCF2-B721-4E7C-AE76-3473E4FB51C2}] => (Allow) C:\Windows\System32\PnkBstrB.exe
FirewallRules: [{3A4739B0-7AEF-4950-94FF-022E2F7DB988}] => (Allow) C:\Windows\System32\PnkBstrB.exe
FirewallRules: [{8064A3CF-E866-4028-BD12-1B1A6DE5524E}] => (Allow) C:\Program Files\Ubisoft\Tom Clancy's Rainbow Six Vegas 2\Binaries\R6Vegas2_Game.exe
FirewallRules: [{43AB8933-C6E9-4346-BFF9-B69FEBCE3E22}] => (Allow) C:\Program Files\Ubisoft\Tom Clancy's Rainbow Six Vegas 2\Binaries\R6Vegas2_Game.exe
FirewallRules: [{06FB0DA9-C345-4831-A064-055EB70992C9}] => (Allow) C:\Program Files\Ubisoft\Tom Clancy's Rainbow Six Vegas 2\Binaries\R6Vegas2_Launcher.exe
FirewallRules: [{551D9FAB-D4B0-4D43-A6B8-0EFA6A64A39D}] => (Allow) C:\Program Files\Ubisoft\Tom Clancy's Rainbow Six Vegas 2\Binaries\R6Vegas2_Launcher.exe
FirewallRules: [{B62CF472-7C58-4359-B4CA-8E9271A2BC14}] => (Allow) C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe
FirewallRules: [{797F1A47-C231-42F9-AE16-9DA633153643}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{BB0BEDF4-CD97-43F8-81B8-B70319D7A45C}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{AB8F6854-C64D-41E6-995B-A167E8DED52E}] => (Allow) C:\Program Files\Steam\steamapps\common\fear2\FEAR2.exe
FirewallRules: [{E508F386-6331-48F4-8888-FB698DBAA8EA}] => (Allow) C:\Program Files\Steam\steamapps\common\fear2\FEAR2.exe
FirewallRules: [{89FC3194-C58B-44AB-995B-8AD96CF75E24}] => (Allow) C:\Program Files\Steam\steamapps\common\portal 2\portal2.exe
FirewallRules: [{78791828-76EC-4ACF-9BE1-52BEA1F29FC3}] => (Allow) C:\Program Files\Steam\steamapps\common\portal 2\portal2.exe
FirewallRules: [{FD607822-BF6D-4ED7-B2B3-4A3EA06509CD}] => (Allow) C:\Program Files\Steam\steamapps\common\grand theft auto san andreas\gta-sa.exe
FirewallRules: [{0B3E287F-1268-4DDC-B8CE-D15FA28B4AAB}] => (Allow) C:\Program Files\Steam\steamapps\common\grand theft auto san andreas\gta-sa.exe
FirewallRules: [TCP Query User{D6490EF2-113B-48ED-9AB4-FC88ABF20706}E:\bin\nssapp.exe] => (Allow) E:\bin\nssapp.exe
FirewallRules: [UDP Query User{E671AB96-5175-4733-B29A-AE7DEE6915D4}E:\bin\nssapp.exe] => (Allow) E:\bin\nssapp.exe
FirewallRules: [{F110CAA3-3D78-4616-845D-78A9B48073EC}] => (Allow) C:\Program Files\Reality Pump\Two Worlds\TwoWorlds.exe
FirewallRules: [{25B1B7D0-2EBE-48B5-8F07-C5F5E65CD9E5}] => (Allow) C:\Program Files\Reality Pump\Two Worlds\TwoWorlds.exe
FirewallRules: [{F67A5917-1749-4C57-8278-FB4BFCCCF5AD}] => (Allow) C:\Program Files\Reality Pump\Two Worlds\TwoWorlds_RADEON.exe
FirewallRules: [{AD0B246E-D9E1-4F8B-A10E-00E17E911DD5}] => (Allow) C:\Program Files\Reality Pump\Two Worlds\TwoWorlds_RADEON.exe
FirewallRules: [TCP Query User{D33A51B2-00FE-413D-9581-4BD5FB3A6FC1}C:\program files\tmnationsforever\tmforever.exe] => (Block) C:\program files\tmnationsforever\tmforever.exe
FirewallRules: [UDP Query User{E3CF0481-4917-4361-8106-C5AD8845F5A0}C:\program files\tmnationsforever\tmforever.exe] => (Block) C:\program files\tmnationsforever\tmforever.exe
FirewallRules: [TCP Query User{40E09DC9-88A8-4668-8FB0-29623AA47930}C:\programdata\electronic arts\need for speed world\data\nfsw.exe] => (Allow) C:\programdata\electronic arts\need for speed world\data\nfsw.exe
FirewallRules: [UDP Query User{66D8EC08-6A8F-4760-8101-A0B4BDC7D0B8}C:\programdata\electronic arts\need for speed world\data\nfsw.exe] => (Allow) C:\programdata\electronic arts\need for speed world\data\nfsw.exe
FirewallRules: [{B7D4C2D1-DFA4-4281-97C4-12C2DA9A6069}] => (Allow) C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
FirewallRules: [{68FDC3A6-E9D1-480E-9FEE-9BD71109E926}] => (Allow) C:\Program Files\Common Files\Mcafee\McSvcHost\McSvHost.exe
FirewallRules: [{D97AC572-CFF7-4C4D-9CE9-65D1782E1DB3}] => (Allow) C:\Program Files\Electronic Arts\BioWare\Star Wars - The Old Republic\launcher.exe
FirewallRules: [{94A8F83B-7195-420A-8712-D06AFD2BE4E8}] => (Allow) C:\Program Files\Electronic Arts\BioWare\Star Wars - The Old Republic\launcher.exe
FirewallRules: [{7EEAA156-1666-4FB1-AF72-32F67BE22622}] => (Allow) C:\Program Files\Electronic Arts\BioWare\Star Wars - The Old Republic\launcher.exe
FirewallRules: [{38478FC6-D215-41AE-B0AE-8E362260AB58}] => (Allow) C:\Program Files\Electronic Arts\BioWare\Star Wars - The Old Republic\launcher.exe
FirewallRules: [{CA7B5E73-89F4-4704-AD0A-36731E2CA0FB}] => (Allow) C:\Program Files\GoforFiles\goforfilesdl.exe
FirewallRules: [{2E6DB2E1-508C-438E-8A8C-57C82C2972F4}] => (Allow) C:\Program Files\GoforFiles\goforfilesdl.exe
FirewallRules: [{ECD02C55-F17B-4311-BB34-94420746C9FF}] => (Allow) C:\Program Files\GoforFiles\GoforFiles.exe
FirewallRules: [{4AA3DE3C-5ADA-4748-A7A5-D0AAE0CFB41A}] => (Allow) C:\Program Files\GoforFiles\GoforFiles.exe
FirewallRules: [{68E56878-DDD5-4CDA-BEDA-A44074E6D365}] => (Allow) C:\Program Files\LeapFrog\LeapFrog Connect\LeapfrogConnect.exe
FirewallRules: [TCP Query User{94A24534-38AC-4C2D-BDAA-6344DC74AD36}C:\program files\imesh applications\imesh\imesh.exe] => (Block) C:\program files\imesh applications\imesh\imesh.exe
FirewallRules: [UDP Query User{DB5CDC9C-9B0C-454C-A1F8-99C959414B1D}C:\program files\imesh applications\imesh\imesh.exe] => (Block) C:\program files\imesh applications\imesh\imesh.exe
FirewallRules: [TCP Query User{9C8155F2-F3F5-46A7-87AF-B288FACDCA3F}C:\users\jenmike\appdata\local\temp\ilcnmpgb.exe] => (Block) C:\users\jenmike\appdata\local\temp\ilcnmpgb.exe
FirewallRules: [UDP Query User{DD026FF4-3D62-493E-8040-E1DB9F406CD6}C:\users\jenmike\appdata\local\temp\ilcnmpgb.exe] => (Block) C:\users\jenmike\appdata\local\temp\ilcnmpgb.exe
FirewallRules: [TCP Query User{F225BA79-813F-4EF9-A9AE-DF5389DFF3B4}C:\windows\system32\rundll32.exe] => (Block) C:\windows\system32\rundll32.exe
FirewallRules: [UDP Query User{E3990123-9C8A-430C-BFF0-D1EDBD8F694B}C:\windows\system32\rundll32.exe] => (Block) C:\windows\system32\rundll32.exe
FirewallRules: [TCP Query User{7C8A94AD-BACA-445F-BE93-7994A91D9D5B}C:\program files\verizon\media manager\mediamanager.exe] => (Allow) C:\program files\verizon\media manager\mediamanager.exe
FirewallRules: [UDP Query User{49501120-72DB-484F-9D41-97FFD18042E3}C:\program files\verizon\media manager\mediamanager.exe] => (Allow) C:\program files\verizon\media manager\mediamanager.exe
FirewallRules: [{3D7318E4-0769-4999-B52B-B2A0BC921862}] => (Allow) C:\Program Files\EPSON Software\Event Manager\EEventManager.exe
FirewallRules: [{339D36AB-B2BE-4CFE-B8F4-5107A25B45FB}] => (Allow) C:\Program Files\EPSON Software\Event Manager\EEventManager.exe
FirewallRules: [{BF6BE715-9F5E-4933-85E5-E0DD390FE207}] => (Allow) E:\Common\EpsonNet Setup\ENEasyApp.exe
FirewallRules: [{404D019B-A1E6-467D-9F08-36656DFBE9F2}] => (Allow) E:\Common\EpsonNet Setup\ENEasyApp.exe
FirewallRules: [{811AF38D-35D9-41EB-9B89-60F0CB4160CA}] => (Allow) C:\Program Files\Common Files\Mcafee\Platform\McSvcHost\McSvHost.exe
FirewallRules: [{CDBC8620-94FC-49D0-9A87-21341595CFC6}] => (Allow) C:\Program Files\Common Files\Mcafee\Platform\McSvcHost\McSvHost.exe
FirewallRules: [TCP Query User{D1D85CD1-C664-4CDB-B08A-08C206490449}C:\program files\steam\steam.exe] => (Allow) C:\program files\steam\steam.exe
FirewallRules: [UDP Query User{B24A5523-486A-4577-ABA6-EEFE0A21E323}C:\program files\steam\steam.exe] => (Allow) C:\program files\steam\steam.exe
FirewallRules: [{B54046A1-A974-4297-92E5-735DA4AACD8C}] => (Allow) C:\Program Files\Steam\steamapps\common\GarrysMod\hl2.exe
FirewallRules: [{9C90DCDD-C974-4999-8A7A-F48B5DC14D65}] => (Allow) C:\Program Files\Steam\steamapps\common\GarrysMod\hl2.exe
FirewallRules: [{10F15438-686F-4F2B-9C87-0B1D73AF9B5C}] => (Allow) C:\Program Files\Steam\steamapps\common\GarrysMod\hl2.exe
FirewallRules: [{DD9C535A-A560-4EFB-9341-FF10EB59BDFC}] => (Allow) C:\Program Files\Steam\steamapps\common\GarrysMod\hl2.exe
FirewallRules: [{43CE038B-5309-4230-8596-B958CA74007F}] => (Allow) C:\Program Files\Steam\steamapps\common\Team Fortress 2\hl2.exe
FirewallRules: [{4AF8CD04-6741-44AC-A987-61ED0BF232C2}] => (Allow) C:\Program Files\Steam\steamapps\common\Team Fortress 2\hl2.exe
FirewallRules: [{659BBAFA-3BB0-48DE-8E3A-4DD135D4241D}] => (Allow) C:\Program Files\Steam\steamapps\common\Team Fortress 2\hl2.exe
FirewallRules: [{5FE25D2C-8F49-4CB0-85DC-1CB58FC4A84F}] => (Allow) C:\Program Files\Steam\steamapps\common\Team Fortress 2\hl2.exe
FirewallRules: [{D920610C-BC9C-4940-967C-C1839223B3FA}] => (Allow) C:\Program Files\Steam\steamapps\common\portal 2\portal2.exe
FirewallRules: [{E2B02187-2B87-4945-9955-841AF7ACE6B6}] => (Allow) C:\Program Files\Steam\steamapps\common\portal 2\portal2.exe
FirewallRules: [{6D20A3FF-F709-4008-B213-EAB81E8FFF48}] => (Allow) C:\Program Files\Steam\steamapps\common\alien swarm\swarm.exe
FirewallRules: [{02B0CCF5-A20C-4A94-9815-40F2C2E9C725}] => (Allow) C:\Program Files\Steam\steamapps\common\alien swarm\swarm.exe
FirewallRules: [{3BA48A47-00D5-46CF-8828-48368B9A51CF}] => (Allow) C:\Program Files\Steam\steamapps\common\GarrysMod\hl2.exe
FirewallRules: [{2ED6D443-207E-4BAB-AB02-8B80865E088F}] => (Allow) C:\Program Files\Steam\steamapps\common\GarrysMod\hl2.exe
FirewallRules: [{1E63E461-3973-4872-B638-58B100B1BE16}] => (Allow) C:\Program Files\Steam\steamapps\common\bioshock\Builds\Release\Bioshock.exe
FirewallRules: [{FFD96A7F-A7B5-44D1-A248-E8A28B75A70B}] => (Allow) C:\Program Files\Steam\steamapps\common\bioshock\Builds\Release\Bioshock.exe
FirewallRules: [{7D6FB87A-6C28-423C-9019-10F9E0530CE0}] => (Allow) C:\Program Files\Steam\steamapps\common\Grand Theft Auto 3\gta3.exe
FirewallRules: [{83B49A51-036B-4FAE-AF66-7B362BEF2AAE}] => (Allow) C:\Program Files\Steam\steamapps\common\Grand Theft Auto 3\gta3.exe
FirewallRules: [{BE2FCB4C-47F5-4836-8F72-25DC7D992ADB}] => (Allow) C:\Program Files\Steam\steamapps\common\grand theft auto san andreas\gta-sa.exe
FirewallRules: [{A408FB73-9623-4597-A65D-9D4973CE1EB0}] => (Allow) C:\Program Files\Steam\steamapps\common\grand theft auto san andreas\gta-sa.exe
FirewallRules: [{D056528A-B7F3-4172-BC3B-FF576DE2D08B}] => (Allow) C:\Program Files\Steam\steamapps\common\Max Payne 2 The Fall of Max Payne\maxpayne2.exe
FirewallRules: [{30921AEC-C90A-4B49-876D-011B39F283B1}] => (Allow) C:\Program Files\Steam\steamapps\common\Max Payne 2 The Fall of Max Payne\maxpayne2.exe
FirewallRules: [{BD64DCA0-DEF3-4203-BAC3-D1D107A62CFB}] => (Allow) C:\Program Files\Steam\steamapps\common\Grand Theft Auto 2\gta2.exe
FirewallRules: [{F426E514-3D1F-4D29-83D3-5A3C850F7952}] => (Allow) C:\Program Files\Steam\steamapps\common\Grand Theft Auto 2\gta2.exe
FirewallRules: [{E58DECEE-B7AE-43B4-85C1-C7439AE1FC8A}] => (Allow) C:\Program Files\Steam\steamapps\common\fear2\FEAR2.exe
FirewallRules: [{08E95F00-9E7E-47BB-BB4C-F01E0723F6C5}] => (Allow) C:\Program Files\Steam\steamapps\common\fear2\FEAR2.exe
FirewallRules: [{4D02B2BF-64E0-40EE-93C1-CA3F22AFD80A}] => (Allow) C:\Program Files\Steam\steamapps\common\Blacklight Tango Down\Binaries\Win32\BLTD.exe
FirewallRules: [{4EA3D5A4-A3F2-42B2-ACAA-87058B8E2051}] => (Allow) C:\Program Files\Steam\steamapps\common\Blacklight Tango Down\Binaries\Win32\BLTD.exe
FirewallRules: [{4D40E652-CB3E-4AC2-97D9-4426573EAD6A}] => (Allow) C:\Program Files\Steam\steamapps\common\tales of monkey island - chapter 1\MonkeyIsland101.exe
FirewallRules: [{69BB9A01-2979-4840-98DC-384998E6DD60}] => (Allow) C:\Program Files\Steam\steamapps\common\tales of monkey island - chapter 1\MonkeyIsland101.exe
FirewallRules: [{36FB992C-A0DF-4ECF-AE8C-DC9EE2704341}] => (Allow) C:\Program Files\Steam\steamapps\common\tales of monkey island - chapter 2\MonkeyIsland102.exe
FirewallRules: [{10E6B761-1785-4695-8F13-2FFDDC6F00A5}] => (Allow) C:\Program Files\Steam\steamapps\common\tales of monkey island - chapter 2\MonkeyIsland102.exe
FirewallRules: [{EDD964FF-2147-4E80-BE7B-7265B41061B6}] => (Allow) C:\Program Files\Steam\steamapps\common\Tales of Monkey Island - Chapter 3\MonkeyIsland103.exe
FirewallRules: [{9ACA7873-73F7-4B68-BF0D-52BD8F4F39B0}] => (Allow) C:\Program Files\Steam\steamapps\common\Tales of Monkey Island - Chapter 3\MonkeyIsland103.exe
FirewallRules: [{5E33EE3C-D3F2-470C-A383-D3A1973ACEB4}] => (Allow) C:\Program Files\Steam\steamapps\common\Tales of Monkey Island - Chapter 4\MonkeyIsland104.exe
FirewallRules: [{304E1F14-4096-4653-88C6-819119B93F4D}] => (Allow) C:\Program Files\Steam\steamapps\common\Tales of Monkey Island - Chapter 4\MonkeyIsland104.exe
FirewallRules: [{AE0C1757-10C7-4B39-A443-C71C1E5C1701}] => (Allow) C:\Program Files\Steam\steamapps\common\PlanetSide 2\LaunchPad.exe
FirewallRules: [{42B434AC-13FB-467C-925A-753B29534BA0}] => (Allow) C:\Program Files\Steam\steamapps\common\PlanetSide 2\LaunchPad.exe
FirewallRules: [{4E3FDB86-37F7-4689-9DA1-129355AF6C86}] => (Allow) C:\Program Files\Steam\steamapps\common\The Stanley Parable\stanley.exe
FirewallRules: [{2A5B4409-2540-4E0B-8C06-5CA8FC59BB1A}] => (Allow) C:\Program Files\Steam\steamapps\common\The Stanley Parable\stanley.exe
FirewallRules: [{0B482A20-A50E-4636-90A2-C7FBBC8B664A}] => (Allow) C:\Program Files\Steam\steamapps\common\The Stanley Parable Demo\stanley.exe
FirewallRules: [{3CBBA894-5E56-4D77-AE73-F9043D09AB8D}] => (Allow) C:\Program Files\Steam\steamapps\common\The Stanley Parable Demo\stanley.exe
FirewallRules: [{120C5FDA-3A11-42C2-ACD5-DBC7496D0F57}] => (Allow) C:\Program Files\Steam\steamapps\common\Team Fortress 2\hl2.exe
FirewallRules: [{8C592786-897B-45D1-A3C9-8252FDF53FB2}] => (Allow) C:\Program Files\Steam\steamapps\common\Team Fortress 2\hl2.exe
FirewallRules: [{1E1B8F7B-CC4A-44D0-BA0E-1AB2F25796EE}] => (Allow) C:\Program Files\Steam\steamapps\common\Metro 2033\metro2033.exe
FirewallRules: [{8B0309CF-5A97-48E8-BD5C-E5496B1B5772}] => (Allow) C:\Program Files\Steam\steamapps\common\Metro 2033\metro2033.exe
FirewallRules: [{5BEE6AF1-04EB-4AF7-9FF3-4B1FD9457CB2}] => (Allow) C:\Program Files\Steam\steamapps\common\Team Fortress 2\hl2.exe
FirewallRules: [{B6136FD7-79BC-4A7D-9F20-9D56DE4DDD8A}] => (Allow) C:\Program Files\Steam\steamapps\common\Team Fortress 2\hl2.exe
FirewallRules: [{17C7E6C9-E966-444D-95C4-5A3007FE5CEE}] => (Allow) C:\Program Files\Steam\steamapps\common\The Stanley Parable\stanley.exe
FirewallRules: [{7711A8B1-AC86-484E-B8A2-F432EFC1D030}] => (Allow) C:\Program Files\Steam\steamapps\common\The Stanley Parable\stanley.exe
FirewallRules: [{B3F232D7-4DEC-414C-B54C-FE2EF7AF570C}] => (Allow) C:\Program Files\Steam\steamapps\common\Team Fortress 2\hl2.exe
FirewallRules: [{48776354-A266-414E-800E-A2B3E5F9EDFA}] => (Allow) C:\Program Files\Steam\steamapps\common\Team Fortress 2\hl2.exe
FirewallRules: [{5221D9DC-BAF2-4147-846F-5B284925F4D5}] => (Allow) C:\Program Files\Steam\steamapps\common\Skyrim\SkyrimLauncher.exe
FirewallRules: [{62EBE7D4-0CE2-42EE-B948-8C8045FED030}] => (Allow) C:\Program Files\Steam\steamapps\common\Skyrim\SkyrimLauncher.exe
FirewallRules: [{18762121-3F8A-4AEA-A018-054A404861D1}] => (Allow) c:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
FirewallRules: [{1FBC798A-C4A5-4D20-A834-605D71D2F897}] => (Allow) C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{196B6192-F230-41DC-9906-153D7DA53F45}] => (Allow) C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [TCP Query User{C51445E8-B13D-4369-AA56-08CCF8CE4C16}C:\program files\steam\steamapps\common\planetside 2\planetside2.exe] => (Allow) C:\program files\steam\steamapps\common\planetside 2\planetside2.exe
FirewallRules: [UDP Query User{D8708528-806F-4781-AE56-CB53CD34FB10}C:\program files\steam\steamapps\common\planetside 2\planetside2.exe] => (Allow) C:\program files\steam\steamapps\common\planetside 2\planetside2.exe
FirewallRules: [{555AF6B9-5788-4E22-B361-01D0816DB2A4}] => (Allow) C:\Program Files\Steam\steamapps\common\Skyrim\SkyrimLauncher.exe
FirewallRules: [{8C497A62-2619-4B89-83E0-A6F05A9F58B3}] => (Allow) C:\Program Files\Steam\steamapps\common\Skyrim\SkyrimLauncher.exe
FirewallRules: [{E88A51EB-73F1-4B38-855A-4478F5D91D69}] => (Allow) C:\Program Files\Steam\steamapps\common\Grand Theft Auto Vice City\gta-vc.exe
FirewallRules: [{0326BFBA-BBC2-49B0-8948-FE2587F4447A}] => (Allow) C:\Program Files\Steam\steamapps\common\Grand Theft Auto Vice City\gta-vc.exe
FirewallRules: [{5C9F529F-4DFD-4CFD-A794-B3064D1A46D6}] => (Allow) C:\Program Files\Steam\steamapps\common\Tales of Monkey Island - Chapter 5\MonkeyIsland105.exe
FirewallRules: [{8EE86371-D648-4CE2-99DD-95203BB4701C}] => (Allow) C:\Program Files\Steam\steamapps\common\Tales of Monkey Island - Chapter 5\MonkeyIsland105.exe
FirewallRules: [{6F6E26D7-FD4A-4325-ABF5-1F8DDAC426C6}] => (Allow) C:\Program Files\Steam\steamapps\common\PinballArcade\PinballArcade.exe
FirewallRules: [{E2FE12AD-58E2-48BD-8400-13EB6D89FD74}] => (Allow) C:\Program Files\Steam\steamapps\common\PinballArcade\PinballArcade.exe
FirewallRules: [{B7F20C71-ADA8-4535-B4E5-164E9BF1697E}] => (Allow) C:\Program Files\Steam\steamapps\common\PinballArcade\PBAConfig.exe
FirewallRules: [{5AEF8531-A26D-4BF8-8C1F-07C9D9078914}] => (Allow) C:\Program Files\Steam\steamapps\common\PinballArcade\PBAConfig.exe
FirewallRules: [TCP Query User{5888FBFB-4AEC-4805-A9D4-974BABA793C4}C:\program files\epson software\event manager\eeventmanager.exe] => (Block) C:\program files\epson software\event manager\eeventmanager.exe
FirewallRules: [UDP Query User{5CFE8DE5-F85D-48A5-A6F4-DDE323A96882}C:\program files\epson software\event manager\eeventmanager.exe] => (Block) C:\program files\epson software\event manager\eeventmanager.exe
FirewallRules: [{7F56A5B8-A5AD-4C33-84D2-F6B58E587E30}] => (Allow) C:\Program Files\LucasArts\Star Wars Battlefront\GameData\battlefront.exe
FirewallRules: [{C999A37A-A77D-4294-966C-B8EF3A0221FA}] => (Allow) C:\Program Files\LucasArts\Star Wars Battlefront\GameData\battlefront.exe
FirewallRules: [{AB96636F-16FA-4A65-897D-CFECDB734AF9}] => (Allow) C:\Program Files\Steam\steamapps\common\Darkness II\DarknessII.exe
FirewallRules: [{3B7B32C0-3607-45A0-A5A6-52412858DA2F}] => (Allow) C:\Program Files\Steam\steamapps\common\Darkness II\DarknessII.exe
FirewallRules: [{D2DE1D28-D0D8-4F26-963A-3B3FE876019F}] => (Allow) C:\Program Files\Steam\steamapps\common\Loadout\Loadout.exe
FirewallRules: [{F8EB86FD-EB5D-4DD2-9BDD-21E5AF3BB656}] => (Allow) C:\Program Files\Steam\steamapps\common\Loadout\Loadout.exe
FirewallRules: [{1307151C-E3A4-4E96-9314-468930B7C17F}] => (Allow) C:\Program Files\Steam\steamapps\common\Path of Exile\PathOfExileSteam.exe
FirewallRules: [{E5142E41-7650-4483-8D7C-EDE798AA5C6F}] => (Allow) C:\Program Files\Steam\steamapps\common\Path of Exile\PathOfExileSteam.exe
FirewallRules: [{DD79CFCA-C220-4511-AE03-577D6AE706B5}] => (Allow) C:\Program Files\Steam\steamapps\common\Tom Clancy's Ghost Recon Online\Launcher.exe
FirewallRules: [{752BCA94-1A00-4FA4-A1F2-11AE87EA7F58}] => (Allow) C:\Program Files\Steam\steamapps\common\Tom Clancy's Ghost Recon Online\Launcher.exe
FirewallRules: [{4A4A0416-DF6D-444A-B2E9-0FCE9ED3649A}] => (Allow) C:\Program Files\Steam\steamapps\common\Lord of the Rings Online\TurbineInvoker.exe
FirewallRules: [{E916E867-D9B0-40A4-94FE-3E47DC04261D}] => (Allow) C:\Program Files\Steam\steamapps\common\Lord of the Rings Online\TurbineInvoker.exe
FirewallRules: [TCP Query User{B1C06666-6502-4E58-9A3D-4C33DFA82567}C:\program files\steam\steamapps\common\lord of the rings online\lotroclient.exe] => (Allow) C:\program files\steam\steamapps\common\lord of the rings online\lotroclient.exe
FirewallRules: [UDP Query User{00E2E7AC-9B1F-42B2-B31B-0E2059D26260}C:\program files\steam\steamapps\common\lord of the rings online\lotroclient.exe] => (Allow) C:\program files\steam\steamapps\common\lord of the rings online\lotroclient.exe
FirewallRules: [{EC8F3EA3-8C2E-4113-A774-5E7BAA85FCB3}] => (Allow) C:\Program Files\Steam\steamapps\common\Star Wars Jedi Knight\JK.EXE
FirewallRules: [{A2F993F9-CE71-40F4-AB1A-2CBEDFC5A527}] => (Allow) C:\Program Files\Steam\steamapps\common\Star Wars Jedi Knight\JK.EXE
FirewallRules: [{252423C3-A170-4967-AD06-22B81554705A}] => (Allow) C:\Program Files\Lavasoft\AdAware SecureSearch Toolbar\dtUser.exe
FirewallRules: [{5244A2D8-BC9B-4047-BD9B-74CE0940EFA6}] => (Allow) C:\Program Files\Lavasoft\AdAware SecureSearch Toolbar\dtUser.exe
FirewallRules: [{709214BF-39FE-4D69-B90A-2D05F8F43F82}] => (Allow) C:\Program Files\Steam\steamapps\common\Grand Theft Auto IV\GTAIV\LaunchGTAIV.exe
FirewallRules: [{27111C1F-DE83-475F-B4B2-A80436467438}] => (Allow) C:\Program Files\Steam\steamapps\common\Grand Theft Auto IV\GTAIV\LaunchGTAIV.exe
FirewallRules: [TCP Query User{3305364C-976D-4727-A2D1-4D69268C7BE7}C:\program files\steam\steamapps\common\grand theft auto iv\gtaiv\gtaiv.exe] => (Block) C:\program files\steam\steamapps\common\grand theft auto iv\gtaiv\gtaiv.exe
FirewallRules: [UDP Query User{90204785-8A52-4B56-A3C3-5A15FB1AE9F9}C:\program files\steam\steamapps\common\grand theft auto iv\gtaiv\gtaiv.exe] => (Block) C:\program files\steam\steamapps\common\grand theft auto iv\gtaiv\gtaiv.exe
FirewallRules: [{292F9E97-B4DD-4DF7-9C1E-49D6E879A470}] => (Allow) C:\Program Files\Steam\steamapps\common\Sniper Elite V2\bin\SniperEliteV2.exe
FirewallRules: [{14FED991-F318-4056-9665-BC38E416EA75}] => (Allow) C:\Program Files\Steam\steamapps\common\Sniper Elite V2\bin\SniperEliteV2.exe
FirewallRules: [{4074E025-6DFA-4E56-ADDB-83660F1E101B}] => (Allow) C:\Users\jenmike\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{C45ADE51-BC90-425A-B78C-2C8455E45220}] => (Allow) C:\Users\jenmike\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{62A4112C-488B-4C38-AA40-85B816593273}] => (Allow) C:\Program Files\Bench\Proxy\proc.exe
FirewallRules: [{30CEBB9E-ABB0-432B-9F42-B0A51C573671}] => (Allow) C:\Program Files\Bench\Proxy\pwdg.exe
FirewallRules: [{61CDF132-F528-414B-ADF9-85D7118F164D}] => (Allow) C:\Program Files\Steam\steamapps\common\Jedi Knight Mysteries of the Sith\JKM.EXE
FirewallRules: [{A2A59BAC-3C30-4A99-8041-282991E89822}] => (Allow) C:\Program Files\Steam\steamapps\common\Jedi Knight Mysteries of the Sith\JKM.EXE
FirewallRules: [{C1DA04A2-0F2B-4CED-BA06-89F1E6AEE2A2}] => (Allow) C:\Program Files\Steam\bin\steamwebhelper.exe
FirewallRules: [{E29CB606-6DE6-4AA1-8E91-2D905102B041}] => (Allow) C:\Program Files\Steam\bin\steamwebhelper.exe
FirewallRules: [TCP Query User{8FAE3A53-4048-4303-9712-2C3B58320EEA}F:\games\nick-jigsaw\njigsaw.exe] => (Block) F:\games\nick-jigsaw\njigsaw.exe
FirewallRules: [UDP Query User{5DDB3A13-A72F-4262-9A58-6C4C6C2E2687}F:\games\nick-jigsaw\njigsaw.exe] => (Block) F:\games\nick-jigsaw\njigsaw.exe
FirewallRules: [{DC3C7A69-0038-437D-A11D-20EEC29C8D0F}] => (Allow) C:\Program Files\Steam\steamapps\common\Fallout New Vegas\FalloutNVLauncher.exe
FirewallRules: [{214D481B-6A4C-42F2-9753-0C8E88ED3DFF}] => (Allow) C:\Program Files\Steam\steamapps\common\Fallout New Vegas\FalloutNVLauncher.exe
FirewallRules: [{6045A35E-79A1-4B5A-88D6-61DB06EB6F56}] => (Allow) C:\Program Files\Origin Games\Bejeweled 3\Bejeweled3.exe
FirewallRules: [{3D14C9C4-C85F-4035-A2FB-B79AF5969C3A}] => (Allow) C:\Program Files\Origin Games\Bejeweled 3\Bejeweled3.exe
FirewallRules: [{E8C8BA9D-3C0A-4897-8339-76C2E599C917}] => (Allow) C:\Program Files\Steam\steamapps\common\7 Days To Die\7DaysToDie_EAC.exe
FirewallRules: [{8FAECF01-A264-4B9B-A5C6-EC2AB0A7A485}] => (Allow) C:\Program Files\Steam\steamapps\common\7 Days To Die\7DaysToDie_EAC.exe
FirewallRules: [{6426D7EA-8968-4455-BC6F-C13C739723E4}] => (Allow) C:\Program Files\Steam\steamapps\common\7 Days To Die\7DaysToDie.exe
FirewallRules: [{564A79E8-A364-4F8A-BB12-9EC507AD1035}] => (Allow) C:\Program Files\Steam\steamapps\common\7 Days To Die\7DaysToDie.exe
FirewallRules: [{213196A6-0713-4980-8BB6-FD8BB713EC8A}] => (Allow) C:\Program Files\Steam\steamapps\common\Half-Life 2\hl2.exe
FirewallRules: [{D7BC0923-F36B-45E5-B84B-3C76EB44C643}] => (Allow) C:\Program Files\Steam\steamapps\common\Half-Life 2\hl2.exe
FirewallRules: [{628EF869-7849-4B9F-BAB7-9D0D8C1DCC42}] => (Allow) C:\Program Files\Steam\steamapps\common\This War of Mine\This War of Mine.exe
FirewallRules: [{F9E2B087-2308-4F35-8EA9-F692623BBE10}] => (Allow) C:\Program Files\Steam\steamapps\common\This War of Mine\This War of Mine.exe
FirewallRules: [{35F18D9A-2E3E-4ED9-BB04-43965C29191E}] => (Allow) C:\Program Files\Steam\steamapps\common\Surgeon Simulator 2013\ss2013.exe
FirewallRules: [{C17B0725-5202-4EBE-8871-C349B716AE70}] => (Allow) C:\Program Files\Steam\steamapps\common\Surgeon Simulator 2013\ss2013.exe
FirewallRules: [{9A092144-39ED-47B5-A69A-39C114B7C07C}] => (Allow) C:\Program Files\Steam\steamapps\common\The Ship Tutorial\ship.exe
FirewallRules: [{1D63EE69-68B6-469C-9DF6-830B8EAD9C54}] => (Allow) C:\Program Files\Steam\steamapps\common\The Ship Tutorial\ship.exe
FirewallRules: [{81412385-2FF4-487E-B172-9608EF4EAA71}] => (Allow) C:\Program Files\Steam\steamapps\common\TheLongDark\tld.exe
FirewallRules: [{E8BB39D2-5FA8-40A5-B920-1A60F6673895}] => (Allow) C:\Program Files\Steam\steamapps\common\TheLongDark\tld.exe
FirewallRules: [{265B6082-C33E-4AEC-A386-FCFCE28F6389}] => (Allow) C:\Program Files\Steam\steamapps\common\The Ship\ship.exe
FirewallRules: [{476B8FE2-5C41-4DC7-BD16-38F6AC4B5FD3}] => (Allow) C:\Program Files\Steam\steamapps\common\The Ship\ship.exe
FirewallRules: [{29AB8E3C-58E9-414A-9BF4-AF76121DB79D}] => (Allow) C:\Program Files\Steam\steamapps\common\The Ship Single Player\ship.exe
FirewallRules: [{CB86B566-76F2-450C-94DC-B8B3F11E3B13}] => (Allow) C:\Program Files\Steam\steamapps\common\The Ship Single Player\ship.exe
FirewallRules: [{3F2B2034-0F0A-4A50-A854-45823DEC5D44}] => (Allow) C:\Program Files\Steam\steamapps\common\Dino D-Day\dinodday.exe
FirewallRules: [{DCDCE3AC-E0C2-4EEC-9D0B-32F4BE492132}] => (Allow) C:\Program Files\Steam\steamapps\common\Dino D-Day\dinodday.exe
FirewallRules: [{B06F404B-FFC5-4014-BC85-FE11ED1BA6F2}] => (Allow) C:\Program Files\Steam\steamapps\common\Portal\hl2.exe
FirewallRules: [{F67AC285-0E8A-493B-A393-9B8C223C6EDE}] => (Allow) C:\Program Files\Steam\steamapps\common\Portal\hl2.exe
FirewallRules: [{55083405-E3F1-4D19-859D-FF3C6CA1A88D}] => (Allow) C:\Program Files\Steam\steamapps\common\primal_carnage\Binaries\Win32\PrimalCarnageGame.exe
FirewallRules: [{F4598764-4EF9-4DEB-9E02-C8D626ED9D8C}] => (Allow) C:\Program Files\Steam\steamapps\common\primal_carnage\Binaries\Win32\PrimalCarnageGame.exe
FirewallRules: [{612C4D57-E47D-47A6-8884-63531EE19F6E}] => (Allow) C:\Program Files\Steam\steamapps\common\Oblivion\OblivionLauncher.exe
FirewallRules: [{CDB19641-BA06-4228-A844-0851F46B3FA7}] => (Allow) C:\Program Files\Steam\steamapps\common\Oblivion\OblivionLauncher.exe
FirewallRules: [TCP Query User{652D7D2B-C9F8-4DCA-852A-3C39BA93E524}C:\program files\steam\steamapps\common\planetside 2\planetside2_x86.exe] => (Block) C:\program files\steam\steamapps\common\planetside 2\planetside2_x86.exe
FirewallRules: [UDP Query User{A39D4082-F6DA-4BA0-A06A-0A6B09ABDA90}C:\program files\steam\steamapps\common\planetside 2\planetside2_x86.exe] => (Block) C:\program files\steam\steamapps\common\planetside 2\planetside2_x86.exe
FirewallRules: [{2A04B4D0-80F9-4E6C-8C9E-EC2CEF6ACD8D}] => (Allow) C:\Program Files\Steam\steamapps\common\SpaceEngineers\Bin\SpaceEngineers.exe
FirewallRules: [{6CF3616D-1773-44FA-B1D0-27A7ED8E0A3B}] => (Allow) C:\Program Files\Steam\steamapps\common\SpaceEngineers\Bin\SpaceEngineers.exe
FirewallRules: [TCP Query User{A4A73739-2D02-4DA7-A287-EAB39180BE19}C:\users\jenmike\downloads\urbanterror42\urbanterror42\quake3-urt.exe] => (Block) C:\users\jenmike\downloads\urbanterror42\urbanterror42\quake3-urt.exe
FirewallRules: [UDP Query User{555DF2E3-AFC5-4276-9CCA-085641568224}C:\users\jenmike\downloads\urbanterror42\urbanterror42\quake3-urt.exe] => (Block) C:\users\jenmike\downloads\urbanterror42\urbanterror42\quake3-urt.exe
FirewallRules: [TCP Query User{319258F8-B12C-44C1-95FB-F27AA0B40452}C:\program files\urbanterror\iourbanterror.exe] => (Allow) C:\program files\urbanterror\iourbanterror.exe
FirewallRules: [UDP Query User{20C8ECFE-EDDE-4480-A662-6625AAFABC64}C:\program files\urbanterror\iourbanterror.exe] => (Allow) C:\program files\urbanterror\iourbanterror.exe
FirewallRules: [{C35BEE31-E376-4B0B-8B5E-B2DDF09C0F5F}] => (Allow) C:\Program Files\Steam\steamapps\common\Sniper Elite V2\Launcher\SniperV2Launcher.exe
FirewallRules: [{87492CDF-5503-43A0-9DF2-7DE0F12A4FE3}] => (Allow) C:\Program Files\Steam\steamapps\common\Sniper Elite V2\Launcher\SniperV2Launcher.exe
FirewallRules: [{BBD63AA5-36D4-40E2-A351-58637226B727}] => (Allow) C:\Program Files\Steam\steamapps\common\nmrih\sdk\hl2.exe
FirewallRules: [{DC35AC22-2AA0-4A3A-9B9F-DEACFA105DA9}] => (Allow) C:\Program Files\Steam\steamapps\common\nmrih\sdk\hl2.exe
FirewallRules: [{4F9F1E6D-1591-4242-BCDC-F27237DDEF67}] => (Allow) C:\Program Files\Steam\steamapps\common\Fistful of Frags\sdk\hl2.exe
FirewallRules: [{5C4F76CC-6700-4191-A2F2-434B79EB15AA}] => (Allow) C:\Program Files\Steam\steamapps\common\Fistful of Frags\sdk\hl2.exe
FirewallRules: [{B1DA9084-87CD-47BE-AC04-094B10C8AE0F}] => (Allow) C:\Program Files\Steam\steamapps\common\Deus Ex\System\DeusEx.exe
FirewallRules: [{2BF22791-76AB-447C-AE32-9FD884B3218D}] => (Allow) C:\Program Files\Steam\steamapps\common\Deus Ex\System\DeusEx.exe
FirewallRules: [{37A911D9-3B96-4FB9-89D1-AC9AFE1A3DF0}] => (Allow) C:\Program Files\Steam\steamapps\common\PinballArcade\PinballArcade11.exe
FirewallRules: [{47DD7E0F-4702-46EB-BA9E-A6C2BA36768B}] => (Allow) C:\Program Files\Steam\steamapps\common\PinballArcade\PinballArcade11.exe
FirewallRules: [{DA65E948-74D0-4D2D-B344-8C16C38E1C7F}] => (Allow) C:\Program Files\Steam\steamapps\common\Knights of the Old Republic II\swkotor2.exe
FirewallRules: [{8CA06ED7-B175-43CF-8648-A5CD342D3449}] => (Allow) C:\Program Files\Steam\steamapps\common\Knights of the Old Republic II\swkotor2.exe
FirewallRules: [{FE51D898-77C1-4AA1-AA76-5AD9DD0BCFB1}] => (Allow) C:\Program Files\Origin Games\Medal of Honor Allied Assault Warchest\MOHAA.exe
FirewallRules: [{B036F3D3-CC38-41D7-A2C1-ADD4A237CAC7}] => (Allow) C:\Program Files\Origin Games\Medal of Honor Allied Assault Warchest\MOHAA.exe
FirewallRules: [TCP Query User{4157EE93-CFF3-47E6-92E3-DEC5ADD3DC4C}C:\program files\origin games\medal of honor allied assault warchest\moh_breakthrough.exe] => (Allow) C:\program files\origin games\medal of honor allied assault warchest\moh_breakthrough.exe
FirewallRules: [UDP Query User{52622441-B2BA-40EB-98F3-E498AD73CA32}C:\program files\origin games\medal of honor allied assault warchest\moh_breakthrough.exe] => (Allow) C:\program files\origin games\medal of honor allied assault warchest\moh_breakthrough.exe
FirewallRules: [TCP Query User{FBE8D27B-6D26-496A-94A0-D7C9AEAEE787}C:\program files\origin games\medal of honor allied assault warchest\moh_spearhead.exe] => (Allow) C:\program files\origin games\medal of honor allied assault warchest\moh_spearhead.exe
FirewallRules: [UDP Query User{396A3C31-52CA-456F-A150-B3CCE5DCBE47}C:\program files\origin games\medal of honor allied assault warchest\moh_spearhead.exe] => (Allow) C:\program files\origin games\medal of honor allied assault warchest\moh_spearhead.exe
FirewallRules: [{21DFD6F4-EA17-453B-94D1-6F989AAA103E}] => (Allow) C:\Program Files\Origin Games\Mass Effect 3\Binaries\Win32\MassEffect3.exe
FirewallRules: [{0737A91D-4E28-4800-857A-61FEC8C6C109}] => (Allow) C:\Program Files\Origin Games\Mass Effect 3\Binaries\Win32\MassEffect3.exe
FirewallRules: [{66775375-08C3-48A7-BD02-52799908E42B}] => (Allow) C:\Program Files\Steam\steamapps\common\GoatSimulator\Binaries\Win32\GoatGame-Win32-Shipping.exe
FirewallRules: [{B0D83D6C-27EA-4157-A441-43FEFEFF287E}] => (Allow) C:\Program Files\Steam\steamapps\common\GoatSimulator\Binaries\Win32\GoatGame-Win32-Shipping.exe
FirewallRules: [{29F96A93-E084-4BCB-8FB3-8CEA5AB1CD4E}] => (Allow) C:\Program Files\Steam\steamapps\common\Stranded Deep\Stranded_Deep_x86.exe
FirewallRules: [{207017B4-E117-4CAF-A1FF-2B6035A13C88}] => (Allow) C:\Program Files\Steam\steamapps\common\Stranded Deep\Stranded_Deep_x86.exe
FirewallRules: [{FF30C72C-F546-4098-9999-B33F15CF23F3}] => (Allow) C:\Program Files\Steam\steamapps\common\insurgency2\insurgency.exe
FirewallRules: [{016CA2BB-AE1D-43CB-9EAF-DC949256F73E}] => (Allow) C:\Program Files\Steam\steamapps\common\insurgency2\insurgency.exe
FirewallRules: [{27E6EAC6-2540-4FE1-A063-C7F2A797B06F}] => (Allow) C:\Program Files\Steam\steamapps\common\Wolfenstein 3D\base\dosbox.exe
FirewallRules: [{7113A4E9-A1F0-47C1-B4A7-40522C1D7D98}] => (Allow) C:\Program Files\Steam\steamapps\common\Wolfenstein 3D\base\dosbox.exe
FirewallRules: [{ECA3C44B-7BA7-43E6-95AE-8283DEE8DC5E}] => (Allow) C:\Program Files\Steam\steamapps\common\Spear of Destiny\base\dosbox.exe
FirewallRules: [{F67D8F54-F2E7-488E-9D8D-BFE59A989FE6}] => (Allow) C:\Program Files\Steam\steamapps\common\Spear of Destiny\base\dosbox.exe
FirewallRules: [{D979172C-D871-4778-84A9-0265AE114D3D}] => (Allow) C:\Program Files\Steam\steamapps\common\Codename CURE\cure.exe
FirewallRules: [{CB5F37D9-C588-4768-B4A3-DC89B6437A13}] => (Allow) C:\Program Files\Steam\steamapps\common\Codename CURE\cure.exe
FirewallRules: [{182A78B6-7B3B-4F31-9550-75502CB42842}] => (Allow) C:\Program Files\Steam\steamapps\common\Sid Meier's Railroads\RailRoads.exe
FirewallRules: [{B9D6B673-0B17-4CAE-8F92-8F4F1D9DDA99}] => (Allow) C:\Program Files\Steam\steamapps\common\Sid Meier's Railroads\RailRoads.exe
FirewallRules: [{587D671A-688C-4D09-8A85-8119C36607CB}] => (Allow) C:\Program Files\Steam\steamapps\common\Railroad Tycoon 3\RT3.exe
FirewallRules: [{FCD16A29-69CA-4CC2-9076-16E7462A80A4}] => (Allow) C:\Program Files\Steam\steamapps\common\Railroad Tycoon 3\RT3.exe
FirewallRules: [TCP Query User{04A5872B-68FF-4AA1-9CE0-D0ED632B8157}C:\program files\timegate studios\section 8\binaries\s8game-f.exe] => (Block) C:\program files\timegate studios\section 8\binaries\s8game-f.exe
FirewallRules: [UDP Query User{EEDA4C75-2694-4B8B-BD19-92A8A4273ADC}C:\program files\timegate studios\section 8\binaries\s8game-f.exe] => (Block) C:\program files\timegate studios\section 8\binaries\s8game-f.exe
FirewallRules: [{CCC5EADA-3299-4942-9AC1-965D13463448}] => (Allow) C:\Program Files\Steam\steamapps\common\Absent\Absent.exe
FirewallRules: [{913EB5F7-05FA-4D58-9440-D1D93D0CC845}] => (Allow) C:\Program Files\Steam\steamapps\common\Absent\Absent.exe
FirewallRules: [{E36CF21E-7CAE-4A7F-9736-1B8345809442}] => (Allow) C:\Program Files\Steam\steamapps\common\Counter-Strike Source\hl2.exe
FirewallRules: [{0B962FB7-988E-4C75-A355-7E9DCBDF9D5B}] => (Allow) C:\Program Files\Steam\steamapps\common\Counter-Strike Source\hl2.exe
FirewallRules: [{5C0A8F4B-7EDB-49A8-B78D-D31D9F5C9BA6}] => (Allow) C:\Program Files\bitComposer Games\S.T.A.L.K.E.R. - Call of Pripyat\bin\xrEngine.exe
FirewallRules: [{97AA9F88-2BC9-41C5-BE43-357184CF3862}] => (Allow) C:\Program Files\bitComposer Games\S.T.A.L.K.E.R. - Call of Pripyat\bin\xrEngine.exe
FirewallRules: [{E1E7D1E7-A879-43B2-ABD9-070DEA312FF1}] => (Allow) C:\Program Files\bitComposer Games\S.T.A.L.K.E.R. - Call of Pripyat\bin\dedicated\xrEngine.exe
FirewallRules: [{DF9E2167-245E-43A5-9CC4-61A7F596D12B}] => (Allow) C:\Program Files\bitComposer Games\S.T.A.L.K.E.R. - Call of Pripyat\bin\dedicated\xrEngine.exe
FirewallRules: [TCP Query User{9CB9882F-6C5C-409C-9BE2-978649F7DCE6}C:\users\jenmike\appdata\local\google\chrome\application\chrome.exe] => (Allow) C:\users\jenmike\appdata\local\google\chrome\application\chrome.exe
FirewallRules: [UDP Query User{EB2D9A8B-910B-4A16-9713-FB020C275DDB}C:\users\jenmike\appdata\local\google\chrome\application\chrome.exe] => (Allow) C:\users\jenmike\appdata\local\google\chrome\application\chrome.exe
FirewallRules: [{B38EC966-3B66-430F-8138-668E748D873A}] => (Allow) C:\Program Files\Steam\steamapps\common\Dead Space 2\deadspace2.exe
FirewallRules: [{C00F454D-EA07-4E59-BD38-7A9358AD2910}] => (Allow) C:\Program Files\Steam\steamapps\common\Dead Space 2\deadspace2.exe
 
==================== Faulty Device Manager Devices =============
 
Name: Microsoft Tun Miniport Adapter #2
Description: Microsoft Tun Miniport Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunmp
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
 
Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft Tun Miniport Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunmp
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
 
Name: 
Description: 
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (11/13/2015 12:21:41 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (11/13/2015 09:54:02 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (11/12/2015 11:51:13 AM) (Source: System Restore) (EventID: 8193) (User: )
Description: Failed to create restore point on volume (Process = C:\Program Files\Steam\steamapps\common\Dead Space 2\install\DirectX\dxsetup.exe Files\Steam\steamapps\common\Dead Space 2\install\DirectX\dxsetup.exe" /silent; Descripton = äxPw; Hr = 0x80070057).
 
Error: (11/12/2015 11:50:34 AM) (Source: VSS) (EventID: 8194) (User: )
Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface.  hr = 0x80070005.
This is often caused by incorrect security settings in either the writer or requestor process.
 
 
Operation:
   Gathering Writer Data
 
Context:
   Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
   Writer Name: System Writer
   Writer Instance ID: {263a0beb-6bdd-4950-8dff-b0ff14bb72e9}
 
Error: (11/09/2015 12:47:17 AM) (Source: VSS) (EventID: 12289) (User: )
Description: Volume Shadow Copy Service error: Unexpected error CreateFileW(\\?\GLOBALROOT\Device\HarddiskVolumeShadowCopy20,0xc0000000,0x00000003,...).  hr = 0x80070037.
 
 
Operation:
   Processing PostFinalCommitSnapshots
 
Context:
   Execution Context: System Provider
 
Error: (11/09/2015 12:47:17 AM) (Source: System Restore) (EventID: 8210) (User: )
Description: The scheduled restore point could not be created.  Additional information: (0x81000101).
 
Error: (11/09/2015 12:47:17 AM) (Source: System Restore) (EventID: 8193) (User: )
Description: Failed to create restore point on volume (Process = C:\Windows\system32\rundll32.exe /d srrstr.dll,ExecuteScheduledSPPCreation; Descripton = Scheduled Checkpoint; Hr = 0x81000101).
 
Error: (11/08/2015 11:38:49 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (11/05/2015 08:00:09 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application McUICnt.exe, version 7.0.232.0, time stamp 0x54dbd49b, faulting module mcmscshm.dll, version 14.0.339.0, time stamp 0x54f5e4bb, exception code 0xc0000005, fault offset 0x00027d31,
process id 0x1ae8, application start time 0xMcUICnt.exe0.
 
Error: (11/04/2015 10:26:32 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
 
System errors:
=============
Error: (11/13/2015 12:25:57 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {209500FC-6B45-4693-8871-6296C4843751}
 
Error: (11/13/2015 12:22:26 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: i8042prt
qxuaja
 
Error: (11/13/2015 12:21:41 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: MCSTRM%%2
 
Error: (11/13/2015 12:21:41 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Parallel port driver%%1058
 
Error: (11/13/2015 12:20:15 PM) (Source: Print) (EventID: 19) (User: NT AUTHORITY)
Description: The print spooler failed to share printer Canon MP500 Series Printer with shared resource name Canon MP500 Series Printer. Error 2114. The printer cannot be used by others on the network.
 
Error: (11/13/2015 09:58:08 AM) (Source: DCOM) (EventID: 10010) (User: )
Description: {209500FC-6B45-4693-8871-6296C4843751}
 
Error: (11/13/2015 09:55:20 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: i8042prt
qxuaja
 
Error: (11/13/2015 09:54:05 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: MCSTRM%%2
 
Error: (11/13/2015 09:54:05 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Parallel port driver%%1058
 
Error: (11/13/2015 09:53:40 AM) (Source: Print) (EventID: 19) (User: NT AUTHORITY)
Description: The print spooler failed to share printer Canon MP500 Series Printer with shared resource name Canon MP500 Series Printer. Error 2114. The printer cannot be used by others on the network.
 
 
CodeIntegrity:
===================================
  Date: 2015-11-13 19:11:19.559
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-11-13 19:11:19.329
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-11-13 19:11:19.069
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-11-13 19:11:18.780
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\mwac.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-11-13 10:52:09.208
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-11-13 10:52:08.979
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-11-13 10:52:08.739
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-11-13 10:52:08.515
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-11-13 10:52:08.267
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-11-13 10:52:08.027
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\mbamchameleon.sys because the set of per-page image hashes could not be found on the system.
 
 
==================== Memory info =========================== 
 
Processor: Intel® Core™2 Duo CPU E8400 @ 3.00GHz
Percentage of memory in use: 64%
Total physical RAM: 3325.58 MB
Available physical RAM: 1189.18 MB
Total Virtual: 6844.12 MB
Available Virtual: 4014.27 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:931.51 GB) (Free:98.41 GB) NTFS ==>[drive with boot components (obtained from BCD)]
Drive e: (TCVCD) (CDROM) (Total:0.1 GB) (Free:0 GB) CDFS
Drive f: (DISK2_VOL1) (Fixed) (Total:232.88 GB) (Free:21.54 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (Size: 232.9 GB) (Disk ID: 1C9F2E67)
Partition 1: (Active) - (Size=232.9 GB) - (Type=07 NTFS)
 
========================================================
Disk: 1 (MBR Code: Windows 7 or Vista) (Size: 931.5 GB) (Disk ID: 2E70E633)
Partition 1: (Active) - (Size=931.5 GB) - (Type=07 NTFS)
 
==================== End of Addition.txt ============================
 
 
 

  • 0

Advertisements


#2
BrianDrab

BrianDrab

    Trusted Helper

  • Malware Removal
  • 3,583 posts

Hi. My name is Brian, and I would be happy to look into your issue.
 


- General Instructions -


  • Please read all instructions and fixes thoroughly. Read the ENTIRE post BEFORE performing any steps so you understand all that needs to be done.
  • I would advise printing any instructions for easy reference as some of the fixes may require you to boot in Safe mode. Access to these instructions may not be available in Safe Mode.
  • Any fixes provided by myself are for this log file only and should not be used on any other systems.
  • Do not run any other removal software or perform updates other than the ones I provide, as it will complicate the cleaning process.
  • It's very likely that part of our cleanup will include emptying your recycle bin. If you use your recycle bin as an archive and do not wish this to be emptied, please let me know.
  • It is also likely during our cleaning process that your internet browsing history will be removed. Your favorites will be untouched. If you don't want this to happen you need to let me know before running any steps so I can adjust my fixes accordingly.
  • You have 4 days to reply to each post or the topic will be closed. You will be able to request that the topic be re-opened by sending me a PM (Personal Message) or PM a moderator.
  • Please feel free to ask any questions, especially if you are having problems with my instructions.


- Save ALL Tools to your Desktop-



All tools that I have you download should be placed on the desktop unless otherwise stated. If you are familiar with how to save files to the desktop then you can skip this step.
 
Since you are continuing with this step then I assume you are unfamiliar with saving files to your desktop. As a result it's easiest if you configure your browser(s) to download any tools to the desktop by default. Please use the appropriate instructions below depending on the browser you are using.
Chrome.JPGGoogle Chrome - Click the "Customize and control Google Chrome" button in the upper right-corner of the browser.Settings.JPG Choose Settings. at the bottom of the screen click the
"Show advanced settings..." link. Scroll down to find the Downloads section and click the Change... button. Select your desktop and click OK.
Firefox.JPGMozilla Firefox - Click the "Open Menu" button in the upper right-corner of the browser. Settings.JPG Choose Options. In the downloads section, click the Browse button, click on the Desktop folder
and the click the "Select Folder" button. Click OK to get out of the Options menu.
IE.jpgInternet Explorer - Click the Tools menu in the upper right-corner of the browser. Tools.JPG Select View downloads. Select the Options link in the lower left of the window. Click Browse and
select the Desktop and then choose the Select Folder button. Click OK to get out of the download options screen and then click Close to get out of the View Downloads screen.
NOTE: IE8 Does not support changing download locations in this manner. You will need to download the tool(s) to the default folder, usually Downloads, then copy them to the desktop.
 

- Finally Before We Start-


 
Removing malware is a complicated multiple step process, Please stay with me until I have declared your system clean. I strongly recommend you backup your personal files and folders. Although rare, attempting to remove malware can render your machine unbootable or cause data loss. Having backups of your data is your responsibility. Your security programs may give warnings for some of the tools I will ask you to use. Be assured, any links I give are safe.

 

I'm reviewing your logs now.


  • 0

#3
BrianDrab

BrianDrab

    Trusted Helper

  • Malware Removal
  • 3,583 posts

OK, let's get started. There are several things that need addressed.

 

Step#1 - Warnings
#1 - The Dangers of P2P Programs
IMPORTANT: I noticed that you have a P2P (Peer to Peer) file sharing program on your computer. I cannot stress highly enough the danger in using these types of programs. P2P programs are one of the major avenues of infection these days. The files downloaded with these programs are more than likely infected with trojans, malware, rootkits, etc.
You run the risk of getting an infection that can compromise your sensitive data, such as financial records, personal information, etc. That is just the infection aspect of using P2P programs. You also run the risk of possible arrest, fines, or in severe cases, jail time for illegal downloading of copyrighted material.
 
Here are some information sources about the dangers of P2P programs:
FBI - Peer to Peer Scams
USA Today Artticle on P2P Programs
File Sharing Infects 500,000 Computers
 
I very much recommend you uninstall this program from your machine. If not, you will likely be back needing help with your machine again. The risks of infections from content downloaded with P2P programs far outweigh any benefit of using them.
 
It is, of course, your choice as to whether or not you remove the program from your machine. It is my duty though, to point out how dangerous it is to use these programs. However, I must request that you do not use it while we are cleaning your machine.
 
Please uninstall the following Peer-to-Peer program(s): uTorrent / BitTorrent / Limewire

 

#2 - Registry Cleaner
I see that you have CCleaner installed. This is indeed a good product but I wanted to caution you on running the registry cleaning functionality of the tool. Please avoid this as it can do more harm than good.
http://www.bleepingc...s/#entry2853053
http://miekiemoes.bl...weaking_13.html

 

#3 - Spybot Search & Destroy
I see that you have Spybot Search & Destroy. We no longer recommend this product because of the poor testing results. I recommend uninstalling this program. If you don't want to uninstall the program then please at least disable Tea Timer while performing any of my instructions. You can re-enable it when we are all done. Instructions for that are here. If you do decide to uninstall the program, first Undo your immunization before uninstalling. You can do that by clicking the Undo button with Spybot S&D and then remove from Add/Remove programs.
immunize.JPG

 

 

#4 - Pando Media Booster Advice:

I see you have Pando Media Booster installed, maybe intentionally and or came with one of your installed games for example. Technically this type of software is based upon peer to

peer technology and you can never really be sure what it is purportedly downloading is always safe. Plus it does not always make that much of a improvement with downloading.

My friendly advice is if you do not really use it, merely uninstall. However this is your choice and I respect whomever I assist with what they wish to have installed on their respective machines.

 

#5 - Low Disk Space

Your C:\ drive has about 10% percent free disk space. This can adversely affect the performance of your computer. It's recommended to have at least 15% free disk space so that tools such as the automated defragger can keep your drive optimized. You may want to clean up some space so your machine performs optimally.

 

 

#6 - Windows Sidebar/Gadgets
I see that you use the Windows Sidebar with Gadgets. Microsoft deems these as a security vulnerability and recommends that they are disabled. Unless you have good reason not to, please download and install the Microsoft Fix-It from here. Note: Please ensure you reboot when prompted. If you don't and continue this could leave your machine in an unstable state.

 

 

#7 - Too Many AVs

You are running too many antivirus programs. This is not a good idea as this can cause problems such as slowness in computer speed, conflicts and cause more vulnerability to infection. It appears you are running McAfee and Ad-Aware Antivirus.

 

You need to decide on which one you want to keep and uninstall the otherone. I suspect you are getting rid of (or already tried) McAfee. If this is the case please ensure that you run the uninstall tool for McAfee shown below.

 

McAfee. Step by Step instructions for running this tool are located here.
 

Let me know what you decided.

 

 

Step#2 - FRST Fix
NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system
1. Download attached file and save it to the Desktop. Attached File  fixlist.txt   13.42KB   65 downloads
Note. It's important that both files, FRST and fixlist.txt are in the same location or the fix will not work (in this case...the desktop).
2. Run FRST by Right-Clicking on the file and choosing Run as administrator.
3. Press the Fix button just once and wait. If for some reason the tool needs a restart, please make sure you let the system restart normally. After that let the tool complete its run.
4. When finished FRST will generate a log on the Desktop (Fixlog.txt). Please post the contents of it in your reply.

 

Step#3 - JRT by Malwarebytes
1. Download Junkware Removal Tool to your desktop.
2. Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
3. The tool will open. Press any key at the Disclaimer screen and the program will start scanning your system.
4. Please be patient as this can take a while to complete depending on your system's specifications.
5. On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
6. Close the text file and reboot your machine.
7. Post the contents of JRT.txt into your next message.

 

Items for your next post

1. Let me know what you decided on your AV

2. Fixlog.txt

3. JRT log


  • 0

#4
zeph68

zeph68

    Member

  • Topic Starter
  • Member
  • PipPip
  • 13 posts

Brian,

 

Thank you for you reply.

 

Here are the responses to your questions/suggestions:

 

1-1 - I have uninstalled Limewire and uTorrent.  I haven't used these in years.

 

1-2 - I do not use the Registry Cleaner feature of CCleaner.

 

1-3 - I have disabled TeaTimer.

 

1-4 - I have uninstalled Pando.

 

1-5 - I will work on creating more space on my HDD to get to at least 15% available.

 

1-6 - I have uninstalled Windows Sidebar.

 

1-7 - I wish to keep McAfee.  I was using Adaware for manual scanning.  I did try to Uninstall Adaware through Programs and Features, but it will not uninstall.  Some times it will ask me for my security code, i enter it, then it says 'service unavailable'.  Other times it just will not go past the 'Are you sure' screen.  If you have any suggestions on how to remove this, it would be appreciated.

 

Here are the results of the Fixlog and JRT:

 

Fix result of Farbar Recovery Scan Tool (x86) Version:07-11-2015
Ran by jenmike (2015-11-16 13:19:46) Run:1
Running from C:\Users\jenmike\Desktop
Loaded Profiles: jenmike & UpdatusUser (Available Profiles: jenmike & UpdatusUser)
Boot Mode: Normal
 
==============================================
 
fixlist content:
*****************
CreateRestorePoint:
CustomCLSID: HKU\S-1-5-21-4281579821-372289546-3755377909-1000_Classes\CLSID\{035FBE31-3755-450A-A775-5E6BBD43D344}\InprocServer32 -> C:\Users\jenmike\AppData\Local\Google\Update\1.3.21.135\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-4281579821-372289546-3755377909-1000_Classes\CLSID\{095A2EEC-F7FE-42E8-96FB-C20E53081908}\InprocServer32 -> C:\Users\jenmike\AppData\Local\Google\Update\1.3.21.99\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-4281579821-372289546-3755377909-1000_Classes\CLSID\{0E55CBE1-B06A-49B6-AD8D-9EFAA0160C6F}\InprocServer32 -> C:\Users\jenmike\AppData\Local\Google\Update\1.3.21.57\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-4281579821-372289546-3755377909-1000_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}\InprocServer32 -> C:\Users\jenmike\AppData\Local\Google\Update\1.3.25.5\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-4281579821-372289546-3755377909-1000_Classes\CLSID\{1423F872-3F7F-4E57-B621-8B1A9D49B448}\InprocServer32 -> C:\Users\jenmike\AppData\Local\Google\Update\1.3.27.5\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-4281579821-372289546-3755377909-1000_Classes\CLSID\{218D2740-5A50-42A8-AB9F-62FF1B168782}\InprocServer32 -> C:\Users\jenmike\AppData\Local\Google\Update\1.3.21.69\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-4281579821-372289546-3755377909-1000_Classes\CLSID\{29A96789-9595-4947-BEDB-0FCC776F7DB8}\InprocServer32 -> C:\Users\jenmike\AppData\Local\Google\Update\1.2.183.39\goopdate.dll => No File
CustomCLSID: HKU\S-1-5-21-4281579821-372289546-3755377909-1000_Classes\CLSID\{320F0FDB-BE0A-4648-9D18-4A2C3448C007}\InprocServer32 -> C:\Users\jenmike\AppData\Local\Google\Update\1.3.21.79\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-4281579821-372289546-3755377909-1000_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users\jenmike\AppData\Local\Google\Update\1.3.23.9\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-4281579821-372289546-3755377909-1000_Classes\CLSID\{5C8C2A98-6133-4EBA-BBCC-34D9EA01FC2E}\InprocServer32 -> C:\Users\jenmike\AppData\Local\Google\Update\1.3.28.1\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-4281579821-372289546-3755377909-1000_Classes\CLSID\{62A0D750-DED9-448C-B693-406B34BB0892}\InprocServer32 -> C:\Users\jenmike\AppData\Local\Google\Update\1.3.21.145\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-4281579821-372289546-3755377909-1000_Classes\CLSID\{634059C0-D264-4B2C-AE80-F73E48D33E5B}\InprocServer32 -> C:\Users\jenmike\AppData\Local\Google\Update\1.3.21.123\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-4281579821-372289546-3755377909-1000_Classes\CLSID\{6D7374DE-63AA-473C-8C02-60D9CDCD84C5}\InprocServer32 -> C:\Users\jenmike\AppData\Local\Google\Update\1.3.21.153\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-4281579821-372289546-3755377909-1000_Classes\CLSID\{6DA5E5A5-51C8-11D2-A5F5-0080C796E09E}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-4281579821-372289546-3755377909-1000_Classes\CLSID\{78550997-5DEF-4A8A-BAF9-D5774E87AC98}\InprocServer32 -> C:\Users\jenmike\AppData\Local\Google\Update\1.3.28.13\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-4281579821-372289546-3755377909-1000_Classes\CLSID\{8AD37F04-510E-11D2-A5F1-0080C796E09E}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-4281579821-372289546-3755377909-1000_Classes\CLSID\{8AD37F06-510E-11D2-A5F1-0080C796E09E}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-4281579821-372289546-3755377909-1000_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\jenmike\AppData\Local\Google\Update\1.3.24.15\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-4281579821-372289546-3755377909-1000_Classes\CLSID\{91EFB276-CEFE-48EC-BB3A-57795A7B4008}\InprocServer32 -> C:\Users\jenmike\AppData\Local\Google\Update\1.3.21.149\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-4281579821-372289546-3755377909-1000_Classes\CLSID\{A45426FB-E444-42B2-AA56-419F8FBEEC61}\InprocServer32 -> C:\Users\jenmike\AppData\Local\Google\Update\1.3.22.3\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-4281579821-372289546-3755377909-1000_Classes\CLSID\{A54D478D-4F70-4F72-9A74-17C9986E35AB}\InprocServer32 -> C:\Users\jenmike\AppData\Local\Google\Update\1.3.21.165\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-4281579821-372289546-3755377909-1000_Classes\CLSID\{BDD1F04B-858B-11D1-B16A-00C0F0283628}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-4281579821-372289546-3755377909-1000_Classes\CLSID\{C3BC25C0-FCD3-4F01-AFDD-41373F017C9A}\InprocServer32 -> C:\Users\jenmike\AppData\Local\Google\Update\1.3.26.9\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-4281579821-372289546-3755377909-1000_Classes\CLSID\{C5A2122B-A05B-4FD8-AE49-91990AE10998}\InprocServer32 -> C:\Users\jenmike\AppData\Local\Google\Update\1.3.21.115\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-4281579821-372289546-3755377909-1000_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users\jenmike\AppData\Local\Google\Update\1.3.25.11\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-4281579821-372289546-3755377909-1000_Classes\CLSID\{DB25D157-76D4-41C1-97B5-359E4A4CECEB}\InprocServer32 -> C:\Users\jenmike\AppData\Local\Google\Update\1.3.21.65\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-4281579821-372289546-3755377909-1000_Classes\CLSID\{EB06378B-ABB6-4B3C-9B40-D488DD8A6E93}\InprocServer32 -> C:\Users\jenmike\AppData\Local\Google\Update\1.3.22.5\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-4281579821-372289546-3755377909-1000_Classes\CLSID\{FB994D36-B312-46CE-A40B-CF63980641F9}\InprocServer32 -> C:\Users\jenmike\AppData\Local\Google\Update\1.3.21.111\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-4281579821-372289546-3755377909-1000_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\jenmike\AppData\Local\Google\Update\1.3.24.7\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-4281579821-372289546-3755377909-1003_Classes\CLSID\{035FBE31-3755-450A-A775-5E6BBD43D344}\InprocServer32 -> C:\Users\UpdatusUser\AppData\Local\Google\Update\1.3.21.135\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-4281579821-372289546-3755377909-1003_Classes\CLSID\{095A2EEC-F7FE-42E8-96FB-C20E53081908}\InprocServer32 -> C:\Users\UpdatusUser\AppData\Local\Google\Update\1.3.21.99\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-4281579821-372289546-3755377909-1003_Classes\CLSID\{0E55CBE1-B06A-49B6-AD8D-9EFAA0160C6F}\InprocServer32 -> C:\Users\UpdatusUser\AppData\Local\Google\Update\1.3.21.57\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-4281579821-372289546-3755377909-1003_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}\InprocServer32 -> C:\Users\UpdatusUser\AppData\Local\Google\Update\1.3.25.5\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-4281579821-372289546-3755377909-1003_Classes\CLSID\{218D2740-5A50-42A8-AB9F-62FF1B168782}\InprocServer32 -> C:\Users\UpdatusUser\AppData\Local\Google\Update\1.3.21.69\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-4281579821-372289546-3755377909-1003_Classes\CLSID\{22181302-A8A6-4F84-A541-E5CBFC70CC43}\localserver32 -> "C:\Users\jenmike\AppData\Local\Google\Update\1.3.24.15\GoogleUpdateOnDemand.exe" => No File
CustomCLSID: HKU\S-1-5-21-4281579821-372289546-3755377909-1003_Classes\CLSID\{29A96789-9595-4947-BEDB-0FCC776F7DB8}\InprocServer32 -> C:\Users\UpdatusUser\AppData\Local\Google\Update\1.2.183.39\goopdate.dll => No File
CustomCLSID: HKU\S-1-5-21-4281579821-372289546-3755377909-1003_Classes\CLSID\{2F0E2680-9FF5-43C0-B76E-114A56E93598}\localserver32 -> "C:\Users\jenmike\AppData\Local\Google\Update\1.3.24.15\GoogleUpdateOnDemand.exe" => No File
CustomCLSID: HKU\S-1-5-21-4281579821-372289546-3755377909-1003_Classes\CLSID\{320F0FDB-BE0A-4648-9D18-4A2C3448C007}\InprocServer32 -> C:\Users\UpdatusUser\AppData\Local\Google\Update\1.3.21.79\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-4281579821-372289546-3755377909-1003_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users\UpdatusUser\AppData\Local\Google\Update\1.3.23.9\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-4281579821-372289546-3755377909-1003_Classes\CLSID\{51F9E8EF-59D7-475B-A106-C7EA6F30C119}\localserver32 -> "C:\Users\jenmike\AppData\Local\Google\Update\1.3.24.15\GoogleUpdateOnDemand.exe" => No File
CustomCLSID: HKU\S-1-5-21-4281579821-372289546-3755377909-1003_Classes\CLSID\{62A0D750-DED9-448C-B693-406B34BB0892}\InprocServer32 -> C:\Users\UpdatusUser\AppData\Local\Google\Update\1.3.21.145\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-4281579821-372289546-3755377909-1003_Classes\CLSID\{634059C0-D264-4B2C-AE80-F73E48D33E5B}\InprocServer32 -> C:\Users\UpdatusUser\AppData\Local\Google\Update\1.3.21.123\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-4281579821-372289546-3755377909-1003_Classes\CLSID\{6D7374DE-63AA-473C-8C02-60D9CDCD84C5}\InprocServer32 -> C:\Users\UpdatusUser\AppData\Local\Google\Update\1.3.21.153\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-4281579821-372289546-3755377909-1003_Classes\CLSID\{6DA5E5A5-51C8-11D2-A5F5-0080C796E09E}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-4281579821-372289546-3755377909-1003_Classes\CLSID\{8AD37F04-510E-11D2-A5F1-0080C796E09E}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-4281579821-372289546-3755377909-1003_Classes\CLSID\{8AD37F06-510E-11D2-A5F1-0080C796E09E}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-4281579821-372289546-3755377909-1003_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\UpdatusUser\AppData\Local\Google\Update\1.3.24.15\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-4281579821-372289546-3755377909-1003_Classes\CLSID\{91EFB276-CEFE-48EC-BB3A-57795A7B4008}\InprocServer32 -> C:\Users\UpdatusUser\AppData\Local\Google\Update\1.3.21.149\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-4281579821-372289546-3755377909-1003_Classes\CLSID\{a3c6dafc-e193-42fc-adca-5316b5d6d653}\InprocServer32 -> C:\Users\UpdatusUser\Program Files\DNA\plugins\npbtdna.dll => No File
CustomCLSID: HKU\S-1-5-21-4281579821-372289546-3755377909-1003_Classes\CLSID\{A45426FB-E444-42B2-AA56-419F8FBEEC61}\InprocServer32 -> C:\Users\UpdatusUser\AppData\Local\Google\Update\1.3.22.3\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-4281579821-372289546-3755377909-1003_Classes\CLSID\{A54D478D-4F70-4F72-9A74-17C9986E35AB}\InprocServer32 -> C:\Users\UpdatusUser\AppData\Local\Google\Update\1.3.21.165\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-4281579821-372289546-3755377909-1003_Classes\CLSID\{BDD1F04B-858B-11D1-B16A-00C0F0283628}\InprocServer32 -> no filepath
CustomCLSID: HKU\S-1-5-21-4281579821-372289546-3755377909-1003_Classes\CLSID\{C3101A8B-0EE1-4612-BFE9-41FFC1A3C19D}\InprocServer32 -> C:\Users\UpdatusUser\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll => No File
CustomCLSID: HKU\S-1-5-21-4281579821-372289546-3755377909-1003_Classes\CLSID\{C3BC25C0-FCD3-4F01-AFDD-41373F017C9A}\InprocServer32 -> C:\Users\UpdatusUser\AppData\Local\Google\Update\1.3.26.9\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-4281579821-372289546-3755377909-1003_Classes\CLSID\{C442AC41-9200-4770-8CC0-7CDB4F245C55}\InprocServer32 -> C:\Users\UpdatusUser\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll => No File
CustomCLSID: HKU\S-1-5-21-4281579821-372289546-3755377909-1003_Classes\CLSID\{C5A2122B-A05B-4FD8-AE49-91990AE10998}\InprocServer32 -> C:\Users\UpdatusUser\AppData\Local\Google\Update\1.3.21.115\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-4281579821-372289546-3755377909-1003_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users\UpdatusUser\AppData\Local\Google\Update\1.3.25.11\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-4281579821-372289546-3755377909-1003_Classes\CLSID\{DB25D157-76D4-41C1-97B5-359E4A4CECEB}\InprocServer32 -> C:\Users\UpdatusUser\AppData\Local\Google\Update\1.3.21.65\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-4281579821-372289546-3755377909-1003_Classes\CLSID\{E67BE843-BBBE-4484-95FB-05271AE86750}\localserver32 -> "C:\Users\jenmike\AppData\Local\Google\Update\1.3.24.15\GoogleUpdateOnDemand.exe" => No File
CustomCLSID: HKU\S-1-5-21-4281579821-372289546-3755377909-1003_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\UpdatusUser\AppData\Local\Google\Update\1.3.24.15\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-4281579821-372289546-3755377909-1003_Classes\CLSID\{EB06378B-ABB6-4B3C-9B40-D488DD8A6E93}\InprocServer32 -> C:\Users\UpdatusUser\AppData\Local\Google\Update\1.3.22.5\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-4281579821-372289546-3755377909-1003_Classes\CLSID\{FB994D36-B312-46CE-A40B-CF63980641F9}\InprocServer32 -> C:\Users\UpdatusUser\AppData\Local\Google\Update\1.3.21.111\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-4281579821-372289546-3755377909-1003_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\UpdatusUser\AppData\Local\Google\Update\1.3.24.7\psuser.dll => No File
Task: {5EC2F40C-36EE-496E-A17C-C1596413FF7C} - \GPUpdateCheck -> No File <==== ATTENTION
AlternateDataStreams: C:\ProgramData\TEMP:B606BA34
AlternateDataStreams: C:\ProgramData\TEMP:D1B5B4F1
HKLM\...\Run: [] => [X]
GroupPolicy: Restriction - Chrome <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
RemoveProxy:
FF HKU\S-1-5-21-4281579821-372289546-3755377909-1000\...\Firefox\Extensions: [{D3D66102-660C-4B70-8D9B-2899CCF57DE3}] - C:\Users\jenmike\AppData\Local\{D3D66102-660C-4B70-8D9B-2899CCF57DE3}
FF Extension: XULRunner - C:\Users\jenmike\AppData\Local\{D3D66102-660C-4B70-8D9B-2899CCF57DE3} [2013-08-12] [not signed]
S0 qxuaja; no ImagePath
EmptyTemp:
*****************
 
Restore point was successfully created.
"HKU\S-1-5-21-4281579821-372289546-3755377909-1000_Classes\CLSID\{035FBE31-3755-450A-A775-5E6BBD43D344}" => key removed successfully.
"HKU\S-1-5-21-4281579821-372289546-3755377909-1000_Classes\CLSID\{095A2EEC-F7FE-42E8-96FB-C20E53081908}" => key removed successfully.
"HKU\S-1-5-21-4281579821-372289546-3755377909-1000_Classes\CLSID\{0E55CBE1-B06A-49B6-AD8D-9EFAA0160C6F}" => key removed successfully.
"HKU\S-1-5-21-4281579821-372289546-3755377909-1000_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}" => key removed successfully.
"HKU\S-1-5-21-4281579821-372289546-3755377909-1000_Classes\CLSID\{1423F872-3F7F-4E57-B621-8B1A9D49B448}" => key removed successfully.
"HKU\S-1-5-21-4281579821-372289546-3755377909-1000_Classes\CLSID\{218D2740-5A50-42A8-AB9F-62FF1B168782}" => key removed successfully.
"HKU\S-1-5-21-4281579821-372289546-3755377909-1000_Classes\CLSID\{29A96789-9595-4947-BEDB-0FCC776F7DB8}" => key removed successfully.
"HKU\S-1-5-21-4281579821-372289546-3755377909-1000_Classes\CLSID\{320F0FDB-BE0A-4648-9D18-4A2C3448C007}" => key removed successfully.
"HKU\S-1-5-21-4281579821-372289546-3755377909-1000_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}" => key removed successfully.
"HKU\S-1-5-21-4281579821-372289546-3755377909-1000_Classes\CLSID\{5C8C2A98-6133-4EBA-BBCC-34D9EA01FC2E}" => key removed successfully.
"HKU\S-1-5-21-4281579821-372289546-3755377909-1000_Classes\CLSID\{62A0D750-DED9-448C-B693-406B34BB0892}" => key removed successfully.
"HKU\S-1-5-21-4281579821-372289546-3755377909-1000_Classes\CLSID\{634059C0-D264-4B2C-AE80-F73E48D33E5B}" => key removed successfully.
"HKU\S-1-5-21-4281579821-372289546-3755377909-1000_Classes\CLSID\{6D7374DE-63AA-473C-8C02-60D9CDCD84C5}" => key removed successfully.
"HKU\S-1-5-21-4281579821-372289546-3755377909-1000_Classes\CLSID\{6DA5E5A5-51C8-11D2-A5F5-0080C796E09E}" => key removed successfully.
"HKU\S-1-5-21-4281579821-372289546-3755377909-1000_Classes\CLSID\{78550997-5DEF-4A8A-BAF9-D5774E87AC98}" => key removed successfully.
"HKU\S-1-5-21-4281579821-372289546-3755377909-1000_Classes\CLSID\{8AD37F04-510E-11D2-A5F1-0080C796E09E}" => key removed successfully.
"HKU\S-1-5-21-4281579821-372289546-3755377909-1000_Classes\CLSID\{8AD37F06-510E-11D2-A5F1-0080C796E09E}" => key removed successfully.
"HKU\S-1-5-21-4281579821-372289546-3755377909-1000_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}" => key removed successfully.
"HKU\S-1-5-21-4281579821-372289546-3755377909-1000_Classes\CLSID\{91EFB276-CEFE-48EC-BB3A-57795A7B4008}" => key removed successfully.
"HKU\S-1-5-21-4281579821-372289546-3755377909-1000_Classes\CLSID\{A45426FB-E444-42B2-AA56-419F8FBEEC61}" => key removed successfully.
"HKU\S-1-5-21-4281579821-372289546-3755377909-1000_Classes\CLSID\{A54D478D-4F70-4F72-9A74-17C9986E35AB}" => key removed successfully.
"HKU\S-1-5-21-4281579821-372289546-3755377909-1000_Classes\CLSID\{BDD1F04B-858B-11D1-B16A-00C0F0283628}" => key removed successfully.
"HKU\S-1-5-21-4281579821-372289546-3755377909-1000_Classes\CLSID\{C3BC25C0-FCD3-4F01-AFDD-41373F017C9A}" => key removed successfully.
"HKU\S-1-5-21-4281579821-372289546-3755377909-1000_Classes\CLSID\{C5A2122B-A05B-4FD8-AE49-91990AE10998}" => key removed successfully.
"HKU\S-1-5-21-4281579821-372289546-3755377909-1000_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}" => key removed successfully.
"HKU\S-1-5-21-4281579821-372289546-3755377909-1000_Classes\CLSID\{DB25D157-76D4-41C1-97B5-359E4A4CECEB}" => key removed successfully.
"HKU\S-1-5-21-4281579821-372289546-3755377909-1000_Classes\CLSID\{EB06378B-ABB6-4B3C-9B40-D488DD8A6E93}" => key removed successfully.
"HKU\S-1-5-21-4281579821-372289546-3755377909-1000_Classes\CLSID\{FB994D36-B312-46CE-A40B-CF63980641F9}" => key removed successfully.
"HKU\S-1-5-21-4281579821-372289546-3755377909-1000_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}" => key removed successfully.
"HKU\S-1-5-21-4281579821-372289546-3755377909-1003_Classes\CLSID\{035FBE31-3755-450A-A775-5E6BBD43D344}" => key removed successfully.
"HKU\S-1-5-21-4281579821-372289546-3755377909-1003_Classes\CLSID\{095A2EEC-F7FE-42E8-96FB-C20E53081908}" => key removed successfully.
"HKU\S-1-5-21-4281579821-372289546-3755377909-1003_Classes\CLSID\{0E55CBE1-B06A-49B6-AD8D-9EFAA0160C6F}" => key removed successfully.
"HKU\S-1-5-21-4281579821-372289546-3755377909-1003_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}" => key removed successfully.
"HKU\S-1-5-21-4281579821-372289546-3755377909-1003_Classes\CLSID\{218D2740-5A50-42A8-AB9F-62FF1B168782}" => key removed successfully.
"HKU\S-1-5-21-4281579821-372289546-3755377909-1003_Classes\CLSID\{22181302-A8A6-4F84-A541-E5CBFC70CC43}" => key removed successfully.
"HKU\S-1-5-21-4281579821-372289546-3755377909-1003_Classes\CLSID\{29A96789-9595-4947-BEDB-0FCC776F7DB8}" => key removed successfully.
"HKU\S-1-5-21-4281579821-372289546-3755377909-1003_Classes\CLSID\{2F0E2680-9FF5-43C0-B76E-114A56E93598}" => key removed successfully.
"HKU\S-1-5-21-4281579821-372289546-3755377909-1003_Classes\CLSID\{320F0FDB-BE0A-4648-9D18-4A2C3448C007}" => key removed successfully.
"HKU\S-1-5-21-4281579821-372289546-3755377909-1003_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}" => key removed successfully.
"HKU\S-1-5-21-4281579821-372289546-3755377909-1003_Classes\CLSID\{51F9E8EF-59D7-475B-A106-C7EA6F30C119}" => key removed successfully.
"HKU\S-1-5-21-4281579821-372289546-3755377909-1003_Classes\CLSID\{62A0D750-DED9-448C-B693-406B34BB0892}" => key removed successfully.
"HKU\S-1-5-21-4281579821-372289546-3755377909-1003_Classes\CLSID\{634059C0-D264-4B2C-AE80-F73E48D33E5B}" => key removed successfully.
"HKU\S-1-5-21-4281579821-372289546-3755377909-1003_Classes\CLSID\{6D7374DE-63AA-473C-8C02-60D9CDCD84C5}" => key removed successfully.
"HKU\S-1-5-21-4281579821-372289546-3755377909-1003_Classes\CLSID\{6DA5E5A5-51C8-11D2-A5F5-0080C796E09E}" => key removed successfully.
"HKU\S-1-5-21-4281579821-372289546-3755377909-1003_Classes\CLSID\{8AD37F04-510E-11D2-A5F1-0080C796E09E}" => key removed successfully.
"HKU\S-1-5-21-4281579821-372289546-3755377909-1003_Classes\CLSID\{8AD37F06-510E-11D2-A5F1-0080C796E09E}" => key removed successfully.
"HKU\S-1-5-21-4281579821-372289546-3755377909-1003_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}" => key removed successfully.
"HKU\S-1-5-21-4281579821-372289546-3755377909-1003_Classes\CLSID\{91EFB276-CEFE-48EC-BB3A-57795A7B4008}" => key removed successfully.
"HKU\S-1-5-21-4281579821-372289546-3755377909-1003_Classes\CLSID\{a3c6dafc-e193-42fc-adca-5316b5d6d653}" => key removed successfully.
"HKU\S-1-5-21-4281579821-372289546-3755377909-1003_Classes\CLSID\{A45426FB-E444-42B2-AA56-419F8FBEEC61}" => key removed successfully.
"HKU\S-1-5-21-4281579821-372289546-3755377909-1003_Classes\CLSID\{A54D478D-4F70-4F72-9A74-17C9986E35AB}" => key removed successfully.
"HKU\S-1-5-21-4281579821-372289546-3755377909-1003_Classes\CLSID\{BDD1F04B-858B-11D1-B16A-00C0F0283628}" => key removed successfully.
"HKU\S-1-5-21-4281579821-372289546-3755377909-1003_Classes\CLSID\{C3101A8B-0EE1-4612-BFE9-41FFC1A3C19D}" => key removed successfully.
"HKU\S-1-5-21-4281579821-372289546-3755377909-1003_Classes\CLSID\{C3BC25C0-FCD3-4F01-AFDD-41373F017C9A}" => key removed successfully.
"HKU\S-1-5-21-4281579821-372289546-3755377909-1003_Classes\CLSID\{C442AC41-9200-4770-8CC0-7CDB4F245C55}" => key removed successfully.
"HKU\S-1-5-21-4281579821-372289546-3755377909-1003_Classes\CLSID\{C5A2122B-A05B-4FD8-AE49-91990AE10998}" => key removed successfully.
"HKU\S-1-5-21-4281579821-372289546-3755377909-1003_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}" => key removed successfully.
"HKU\S-1-5-21-4281579821-372289546-3755377909-1003_Classes\CLSID\{DB25D157-76D4-41C1-97B5-359E4A4CECEB}" => key removed successfully.
"HKU\S-1-5-21-4281579821-372289546-3755377909-1003_Classes\CLSID\{E67BE843-BBBE-4484-95FB-05271AE86750}" => key removed successfully.
"HKU\S-1-5-21-4281579821-372289546-3755377909-1003_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}" => key removed successfully.
"HKU\S-1-5-21-4281579821-372289546-3755377909-1003_Classes\CLSID\{EB06378B-ABB6-4B3C-9B40-D488DD8A6E93}" => key removed successfully.
"HKU\S-1-5-21-4281579821-372289546-3755377909-1003_Classes\CLSID\{FB994D36-B312-46CE-A40B-CF63980641F9}" => key removed successfully.
"HKU\S-1-5-21-4281579821-372289546-3755377909-1003_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{5EC2F40C-36EE-496E-A17C-C1596413FF7C}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5EC2F40C-36EE-496E-A17C-C1596413FF7C}" => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GPUpdateCheck => key not found. 
C:\ProgramData\TEMP => ":B606BA34" ADS removed successfully..
C:\ProgramData\TEMP => ":D1B5B4F1" ADS removed successfully..
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\ => value removed successfully.
C:\Windows\system32\GroupPolicy\Machine => moved successfully
C:\Windows\system32\GroupPolicy\GPT.ini => moved successfully
"HKLM\SOFTWARE\Policies\Google" => key removed successfully.
 
========= RemoveProxy: =========
 
HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyServer => value removed successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\AutoConfigURL => value removed successfully.
HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyServer => value removed successfully.
HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => value removed successfully.
HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => value removed successfully.
HKU\S-1-5-21-4281579821-372289546-3755377909-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => value removed successfully.
HKU\S-1-5-21-4281579821-372289546-3755377909-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => value removed successfully.
 
 
========= End of RemoveProxy: =========
 
HKU\S-1-5-21-4281579821-372289546-3755377909-1000\Software\Mozilla\Firefox\Extensions\\{D3D66102-660C-4B70-8D9B-2899CCF57DE3} => value removed successfully.
C:\Users\jenmike\AppData\Local\{D3D66102-660C-4B70-8D9B-2899CCF57DE3} => moved successfully
qxuaja => service removed successfully.
EmptyTemp: => 598 MB temporary data Removed.
 
 
The system needed a reboot.
 
==== End of Fixlog 13:32:31 ====
 
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 7.6.4 (09.28.2015:1)
OS: Windows Vista ™ Home Premium x86
Ran by jenmike on Mon 11/16/2015 at 13:52:40.37
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
 
~~~ Services
 
 
 
~~~ Tasks
 
 
 
~~~ Registry Values
 
Successfully deleted: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\GoogleChromeAutoLaunch_8912F4DACD66F1C990C49677BB935403
Successfully deleted: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ad-aware browsing protection
 
 
 
~~~ Registry Keys
 
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{D119D9E8-FF49-4236-B8F0-4DFA94414D48}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Eventlog\Application\Update ToggleMark
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Eventlog\Application\Util ToggleMark
 
 
 
~~~ Files
 
 
 
~~~ Folders
 
Failed to delete: [Folder] C:\ProgramData\ad-aware browsing protection
Successfully deleted: [Folder] C:\ProgramData\lavasoft\web companion
Successfully deleted: [Folder] C:\Users\jenmike\Appdata\Local\adawarebp
Successfully deleted: [Folder] C:\Users\jenmike\AppData\Roaming\media freeware
 
 
 
~~~ Chrome
 
 
[C:\Users\jenmike\Appdata\Local\Google\Chrome\User Data\Default\Preferences] - default search provider reset
 
[C:\Users\jenmike\Appdata\Local\Google\Chrome\User Data\Default\Preferences] - Extensions Deleted:
 
[C:\Users\jenmike\Appdata\Local\Google\Chrome\User Data\Default\Secure Preferences] - default search provider reset
 
[C:\Users\jenmike\Appdata\Local\Google\Chrome\User Data\Default\Secure Preferences] - Extensions Deleted:
[]
 
 
 
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Mon 11/16/2015 at 14:11:12.91
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 

  • 0

#5
BrianDrab

BrianDrab

    Trusted Helper

  • Malware Removal
  • 3,583 posts

Thanks. Let me know if the following link helps you uninstall Adaware.

 

http://www.lavasofts...ind-installlog/


  • 0

#6
zeph68

zeph68

    Member

  • Topic Starter
  • Member
  • PipPip
  • 13 posts

Unfortunately, the instructions this link points to seem to be for a different version of Ad-Aware.  I have Ad-Aware Antivirus installed and there are no unwise or unregaaw files in the Ad-Aware folders.


  • 0

#7
BrianDrab

BrianDrab

    Trusted Helper

  • Malware Removal
  • 3,583 posts

I see that you have Revo Uninstaller. Can you try using this program to uninstall Adaware?


  • 0

#8
zeph68

zeph68

    Member

  • Topic Starter
  • Member
  • PipPip
  • 13 posts

I was able to get Ad-Aware uninstalled using Revo.  Thank you.  I had forgotten that I had it.

 

Was there anything else I need to do to clean my system, or is it now complete?


  • 0

#9
BrianDrab

BrianDrab

    Trusted Helper

  • Malware Removal
  • 3,583 posts

Let's do a MalwareBytes scan with some slighly different options than you may have in the past. Also, how is your machine doing?

 

Step#1 - Malwarebytes Scan


  • Open Malwarebytes.
  • If an update is found you will be prompted to download and install. Go ahead.
  • Click the Settings button and then the Detection and Protection tab. Then check the box to Scan for rootkits. as shown below.
  • ScanForRootkits.JPG
     
  • Click the Scan button at the top of the form and then click Start Scan button and let complete.
  • If malware was detected you can now click the Remove Selected Button. If no malware was detected you can skip the rest of these bullet items and go to the next step which is to retrieve the Malwarebytes log.
  • RemoveSelected.JPG
  • Once the malware is removed you may get a prompt asking you to reboot. Note: Please answer Yes.
  • Restart.JPG.

 
Step#2 - Retrieve Malwarebytes Log
1. Open up the Malwarebytes program again if it's not already. You can simply double click on the shortcut on your desktop that says "Malwarebytes Anti-Malware".
2. Click the History button as shown in the picture below.
3. Click Application Logs as shown in the picture below.
4. Click on the most recent Scan Log as shown in the picture below.
ApplicationLog.JPG
 
5. The Scanning History Log screen will open. Click the Export button in the lower left and choose Copy to Clipboard. Paste the info into your next post (Right-click your mouse in the post and select Paste).
ScanningHistory.JPG

 


  • 0

#10
zeph68

zeph68

    Member

  • Topic Starter
  • Member
  • PipPip
  • 13 posts

Here is a copy of the Scan Log:

 

Malwarebytes Anti-Malware
www.malwarebytes.org
 
Scan Date: 11/18/2015
Scan Time: 8:56:52 AM
Logfile: 
Administrator: Yes
 
Version: 2.2.0.1024
Malware Database: v2015.11.18.04
Rootkit Database: v2015.11.14.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled
 
OS: Windows Vista Service Pack 2
CPU: x86
File System: NTFS
User: jenmike
 
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 30
Time Elapsed: 1 min, 9 sec
 
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Deep Rootkit Scan: Enabled
Heuristics: Enabled
PUP: Warn
PUM: Enabled
 
Processes: 0
(No malicious items detected)
 
Modules: 0
(No malicious items detected)
 
Registry Keys: 0
(No malicious items detected)
 
Registry Values: 0
(No malicious items detected)
 
Registry Data: 0
(No malicious items detected)
 
Folders: 0
(No malicious items detected)
 
Files: 0
(No malicious items detected)
 
Physical Sectors: 0
(No malicious items detected)
 
 
(end)

  • 0

Advertisements


#11
BrianDrab

BrianDrab

    Trusted Helper

  • Malware Removal
  • 3,583 posts

Excellent. How is your machine doing now?


  • 0

#12
zeph68

zeph68

    Member

  • Topic Starter
  • Member
  • PipPip
  • 13 posts

Seems ok, but I haven't used it much since starting this process, for fear that something would interfere with the system getting clean.  I can start to use it normally again and let you know if I have any further issues.  Thank you very much for your time.


  • 0

#13
BrianDrab

BrianDrab

    Trusted Helper

  • Malware Removal
  • 3,583 posts

No problem. If all appears to be good then we can clean up our tools and provide you with some information below.

 

OK! Well done, your computer is clean again! :thumbsup: Part of our jobs here is to help you clean your computer. But beyond that and just as important is to provide you with some information to keep you safe and secure on the net as well as to share knowledge. Following is that information.
 
1. Clean Up!
We need to remove all the tools that we used so that should you ever be re-infected, you will download updated versions which may have updated detection logic.
1. Download Delfix from here.
2. Ensure everything is checked.
3. Click Run.
Note: The program will run for a few moments and then notepad will open with a log. Please paste the log in your next reply.
Note: Delete any  other .bat, .log, .reg, .txt,  and any other files created during this process, and left on the desktop and empty the Recycle Bin.
 
2. Windows Updates
Another essential task is to keep your computer updated with the latest operating system patches and security fixes. Windows Updates are constantly being revised to combat the newest hacks and threats. Microsoft releases security updates that help your computer from becoming vulnerable. It is best if you have these set to download automatically. Follow the instructions below to ensure your settings are optimal.
1. Click the Start Orb in the lower left corner of the screen.
2. Type Windows Update in the search box that appears
3. Click on the Windows Update program that appears in the search results.
Windows%20Update.JPG
4. Click on Change Settings.
CheckForUpdates.JPG
5. Select "Install updates automatically (recommended)" from the Important updates drop-down.
WUChangeSettings.JPG
6. Choose a day and a time when you know the computer will be on and connected to the internet. The default is 3:00AM every day.
7. Ensure that all of the other check boxes are checked.
8. Click OK.
 
3. Keeping Programs Updated
You need to ensure that any programs installed on your machine are kept current. The bad guys exploit vulnerabilities that are found in older versions of software. A very good piece of software that keeps your programs up-to-date is Secunia Personal Software Inspector (PSI). You can download and install it from here. You can read more information about this free software as well as a video walkthrough from here.
 
4. Antimalware- Preventative
Note: Let's keep Malwarebytes installed as it's a fantastic piece of software. Malwarebytes is an anti-malware software and not an antivirus software so it won't conflict with the Antivirus that you are running. I would recommend that you open up this program, allow it to update and scan your machine at least quarterly...monthly if you can.
 
5. Crypto Warning!!!! - Complete Data Loss can occur!
There are particularly nasty infections out there at the moment that encrypt your data and hold it for ransom. You may read more about this here.
 


  • Download CryptoPrevent free for home use here following the instructions below.
  • Save the file to your desktop from the link above and then open the program by clicking Run when prompted from your browser or by going to the desktop where the file was saved and double-clicking.
  • Accept all the defaults during the install. The last screen of the install has a checkmark in "Launch CryptoPrevent". This is good and will launch the program once you click Finish.
  • You will get a prompt asking if you purchased a Product Key for Automatic Updates. You can answer No.
  • You will then be prompted to learn more about automatic updates or if you want to purchase a key. This is up to you but you don't have to.
  • You will be prompted to click OK to continue and select your protection level. Go ahead and click OK.
  • Click the Apply button to set Default protection.
  • You may get a message stating that Windows Sidebar and Desktop Gadgets are a major security vulnerability and asking you if you want to disable them. If you don't use these features, answer Yes.
  • That's it. The protection is in place.

Note: The free version doesn't provide automatic updates. Periodically, you should open up the program (there is a shortcut on your desktop now) and select the Updates! menu....and select Check for Updates to see if there are any as this infection has serious consequences.
 
UpdatesV7.4.11.JPG
 

 

 
 
For more information about computer security and how to protect yourself when on the internet, please read this guide Best Practices for Safe Computing
 
OK, all the best, and stay safe!
 
Items for your next post
1. Contents of the delfix log


  • 0

#14
zeph68

zeph68

    Member

  • Topic Starter
  • Member
  • PipPip
  • 13 posts

Hi Brian,

 

Unfortunately, there is still an issue.  My CPU Usage has spiked to over 60% and Spybot says Opachki.ru is stil on the system.  (see attached.)

 

What should I do now?

 

Thank you.

 

I did not do any of the steps in you suggested in your last post.

 

 

 

  

 

Attached Thumbnails

  • Spybot - Opachki.ru.jpg

  • 0

#15
BrianDrab

BrianDrab

    Trusted Helper

  • Malware Removal
  • 3,583 posts

Can you provide a screen shot after you click the plus sign next to Opachki.ru?

 

Also, please provide a fresh set of logs.

 

Fresh Set of Logs
 
1. Right click on FRST.exe and select Run as administrator. When the tool opens click Yes to disclaimer.
2. Please ensure you place a check mark in the Addition.txt check box at the bottom of the form before running.
3. Press Scan button.
4. It will produce a log called FRST.txt in the same directory the tool is run from (which should now be the desktop)
5. Please copy and paste log back here.
6. Because you selected the Addition.txt check box this log will be created as well. Please copy and paste this log as well.
 
 
 
Items for your next post
1. FRST and Addition logs


  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP