Jump to content

Build Theme!
  •  
  • Infected?

WE'RE SURE THAT YOU'LL LOVE US!

Hey there! :wub: Looks like you're enjoying the discussion, but you're not signed up for an account. When you create an account, we remember exactly what you've read, so you always come right back where you left off. You also get notifications, here and via email, whenever new posts are made. You can like posts to share the love. :D Join 91681 other members! Anybody can ask, anybody can answer. Consistently helpful members may be invited to become staff. Here's how it works. Virus cleanup? Start here -> Malware Removal Forum.

Try What the Tech -- It's free!


Photo

Windows cannot find [Path] make sure you typed the name correctly,then


  • This topic is locked This topic is locked
17 replies to this topic

#1 Nerfman7

Nerfman7

    New Member

  • Authentic Member
  • Pip
  • 10 posts

Posted 12 July 2014 - 06:53 PM

http://gyazo.com/707...ef2f1bedd6f45f2
This happend for most of my files.


Antivirus: Malwarebytes
If I try to open it nothing happends or I get the error message


Edited by Nerfman7, 12 July 2014 - 06:54 PM.

    Advertisements

Register to Remove


#2 ----------------

----------------

    SuperMember

  • Authentic Member
  • PipPipPipPipPip
  • 1,095 posts

Posted 13 July 2014 - 11:57 AM

Hi there,
my name is Marius and I will assist you with your malware related problems.

Before we move on, please read the following points carefully.

  • First, read my instructions completely. If there is anything that you do not understand kindly ask before proceeding.
  • Perform everything in the correct order. Sometimes one step requires the previous one.
  • If you have any problems while following my instructions, Stop there and tell me the exact nature of your problem.
  • Do not run any other scans without instruction or add/remove software unless I tell you to do so. This would change the output of our tools and could be confusing for me.
  • Post all logfiles as a reply rather than as an attachment unless I specifically ask you. If you can not post all logfiles in one reply, feel free to use more posts.
  • If I don't hear from you within 3 days from this initial or any subsequent post, then this thread will be closed.
  • Stay with me. I will give you some advice about prevention after the cleanup process. Absence of symptoms does not always mean the computer is clean.
  • My first language is not english. So please do not use slang or idioms. It could be hard for me to read. Thanks for your understanding.

 
 
 
 
 
HijackThis is not the preferred initial scanning tool in this forum. With today's malware, a more comprehensive set of logs is required to determine the presence of malware.
 
 
 
 
Scan with FRST in normal mode

Please download Farbar's Recovery Scan Tool to your desktop: FRST 32bit or FRST 64bit (If not sure: Start --> Computer (right click) --> properties)
 
  • Run FRST.
  • Don´t change one of the checkboxes and hit Scan.
  • Logfiles are created on your desktop.
  • Poste the FRST.txt and (after the first scan only!) the Addition.txt.

 
 
 
 
 Scan with aswMBR

Please download aswMBR ( 4.5MB ) to your desktop.
  • Double click the aswMBR.exe icon, and click Run.
  • There will be a short delay before the next dialog box comes up. Please just wait a minute or two.
  • When asked if you'd like to "download the latest Avast! virus definitions", click Yes.
  • Typically this is about a 100MB download so depending on your connection speed it can take a short while to download and become ready.
  • Click the Scan button to start the scan once the update has finished downloading
  • On completion of the scan, click the save log button, save it to your desktop, then copy and paste it in your next reply.

Note: There will also be a file on your desktop named MBR.dat do not delete this for now. It is an actual backup of the MBR (master boot record).


Proud Member of UNITE & TB
 

#3 Nerfman7

Nerfman7

    New Member

  • Authentic Member
  • Pip
  • 10 posts

Posted 13 July 2014 - 12:56 PM

Addition:


Additional scan result of Farbar Recovery Scan Tool (x64) Version: 13-07-2014
Ran by Tyler at 2014-07-13 13:50:41
Running from C:\Users\Tyler\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

 Leawo Video Converter version  5.3.0.0 (HKLM-x32\...\{331ED3CF-3A1B-467C-9A62-899E2D3B20C4}_is1) (Version: 5.3.0.0 - Leawo Software Co.,Ltd.)
 Tools for .Net 3.5 (x32 Version: 3.11.50727 - Microsoft Corporation) Hidden
µTorrent (HKCU\...\uTorrent) (Version: 3.4.2.32343 - BitTorrent Inc.)
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Addon Sync 2009 (HKLM-x32\...\{4E3AA543-09D7-401E-9DF2-2591D24C7C49}) (Version: 1.0.67 - YomaTools)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.7.0.2090 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 3.7.0.2090 - Adobe Systems Incorporated) Hidden
Adobe Community Help (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.5.23 - Adobe Systems Incorporated.)
Adobe Community Help (x32 Version: 3.5.23 - Adobe Systems Incorporated.) Hidden
Adobe Download Assistant (HKLM-x32\...\com.adobe.downloadassistant.AdobeDownloadAssistant) (Version: 1.2.3 - Adobe Systems Incorporated)
Adobe Download Assistant (x32 Version: 1.2.3 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 11 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 11.6.602.180 - Adobe Systems Incorporated)
Adobe Flash Player 13 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 13.0.0.214 - Adobe Systems Incorporated)
Adobe Photoshop CS5.1 (HKLM-x32\...\{9158FF30-78D7-40EF-B83E-451AC5334640}) (Version: 12.1 - Adobe Systems Incorporated)
Adobe Story (HKLM-x32\...\com.adobe.AdobeStory.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.0.571 - Adobe Systems Incorporated)
Adobe Story (x32 Version: 1.0.571 - Adobe Systems Incorporated) Hidden
Advanced IP Scanner (HKLM-x32\...\{7774E6AB-D658-40A2-B9FA-7136FA917BAE}) (Version: 2.2.224 - Famatech)
AMD Accelerated Video Transcoding (Version: 13.20.100.31206 - Advanced Micro Devices, Inc.) Hidden
AMD APP SDK Runtime (Version: 10.0.1016.4 - Advanced Micro Devices Inc.) Hidden
AMD Catalyst Control Center (x32 Version: 2013.1206.1603.28764 - Advanced Micro Devices, Inc.) Hidden
AMD Catalyst Install Manager (HKLM\...\{308051DA-0048-7A07-FE8B-9B6EC119A9E8}) (Version: 8.0.915.0 - Advanced Micro Devices, Inc.)
AMD Drag and Drop Transcoding (Version: 2.00.0000 - Advanced Micro Devices, Inc.) Hidden
AMD Media Foundation Decoders (Version: 1.0.81206.1620 - Advanced Micro Devices, Inc.) Hidden
AMD Wireless Display v3.0 (Version: 1.0.0.14 - Advanced Micro Devices, Inc.) Hidden
Apple Application Support (HKLM-x32\...\{5D09C772-ECB3-442B-9CC6-B4341C78FDC2}) (Version: 2.3.4 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{2F72F540-1F60-4266-9506-952B21D6640D}) (Version: 6.1.0.13 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Arma 2 (HKLM-x32\...\Steam App 33910) (Version:  - Bohemia Interactive)
Arma 2: Operation Arrowhead - Dedicated Server (HKLM-x32\...\Steam App 33935) (Version:  - Bohemia Interactive)
Arma 2: Operation Arrowhead (HKLM-x32\...\Steam App 33930) (Version:  - Bohemia Interactive)
Arma 2: Operation Arrowhead Beta (Obsolete) (HKLM-x32\...\Steam App 219540) (Version:  - )
Ask Toolbar (HKLM-x32\...\{4D594333-0076-A76A-76A7-A758B70C0F00}) (Version: 12.15.0.179 - APN, LLC) <==== ATTENTION
Audacity 2.0.2 (HKLM-x32\...\Audacity_is1) (Version: 2.0.2 - Audacity Team)
Auslogics Disk Defrag (HKLM-x32\...\{DF6A13C0-77DF-41FE-BD05-6D5201EB0CE7}_is1) (Version: version 3.1 - Auslogics Software Pty Ltd)
AVI To MP4 Converter 1.0 (HKLM-x32\...\AVI To MP4 Converter_is1) (Version:  - A Software Plus)
Awesomenauts (HKLM-x32\...\Awesomenauts) (Version:  - )
AzureTools.Notifications.VwdExpress (x32 Version: 2.1.10731.1602 - Microsoft Corporation) Hidden
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
BattlEye for OA Uninstall (HKLM-x32\...\BattlEye for OA) (Version:  - )
BattlEye Uninstall (HKLM-x32\...\BattlEye for A2) (Version:  - )
BioShock Infinite (HKLM-x32\...\Steam App 8870) (Version:  - Irrational Games)
BitMeter OS (HKLM-x32\...\BitMeterOS) (Version:  - )
Blocker (HKCU\...\Blocker) (Version:  - )
Blockland (HKLM-x32\...\Blockland) (Version:  - )
Blockland (HKLM-x32\...\Steam App 250340) (Version:  - Eric Hartman)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
BootSkin (HKLM-x32\...\BootSkin) (Version:  - )
Build Tools - amd64 (Version: 12.0.21005 - Microsoft Corporation) Hidden
Build Tools - x86 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Build Tools Language Resources - amd64 (Version: 12.0.21005 - Microsoft Corporation) Hidden
Build Tools Language Resources - x86 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Bukkit-Server-Maker version 1.3 (HKLM-x32\...\{15290B72-9E65-4F6B-AD88-C79C86BDF089}_is1) (Version: 1.3 - Bemelcraft, ishi1000.)
Burnout Paradise: The Ultimate Box (HKLM-x32\...\Steam App 24740) (Version:  - Criterion Games)
BuzzSocialPoints_DNS version 1.0 (HKLM-x32\...\BuzzSocialPoints_DNS_is1) (Version: 1.0 - BuzzSocialPoints)
Cain & Abel 4.9.52 (HKLM-x32\...\Cain & Abel 4.9.52) (Version:  - )
Call of Duty: Black Ops II - Multiplayer (HKLM-x32\...\Steam App 202990) (Version:  - )
Call of Duty: Black Ops II - Zombies (HKLM-x32\...\Steam App 212910) (Version:  - )
Call of Juarez Gunslinger (HKLM-x32\...\Steam App 204450) (Version:  - Techland)
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2013.1206.1603.28764 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2013.1206.1603.28764 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2013.1206.1603.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Standard (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Traditional (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Czech (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Danish (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Dutch (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help English (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Finnish (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help French (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help German (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Greek (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Hungarian (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Italian (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Japanese (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Korean (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Norwegian (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Polish (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Portuguese (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Russian (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Spanish (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Swedish (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Thai (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
CCC Help Turkish (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
ccc-utility64 (Version: 2013.1206.1603.28764 - Advanced Micro Devices, Inc.) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 4.07 - Piriform)
Clownfish for Skype (HKLM-x32\...\Clownfish) (Version:  - )
CodeBlocks (HKCU\...\CodeBlocks) (Version: 12.11 - The Code::Blocks Team)
Contagion (HKLM-x32\...\Steam App 238430) (Version:  - Monochrome LLC)
CyberGhost 5 (HKLM\...\CyberGhost 5_is1) (Version:  - CyberGhost S.R.L.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.47.1.0337 - Disc Soft Ltd)
Dark GDK (HKLM-x32\...\{3C3FDF98-57CF-4FF4-9C95-167AE920ECCE}) (Version:  - )
DarksidersInstaller (HKLM-x32\...\{B93EEE50-9C8F-45DF-95E4-3D85A6E242F3}) (Version: 1.00.1000 - THQ)
DayZ (HKLM-x32\...\Steam App 221100) (Version:  - Bohemia Interactive)
DayZ Commander (HKLM-x32\...\{B3653588-3AC0-4A1D-950F-D96531E84374}) (Version: 0.92.91 - Dotjosh Studios)
Dead Space™ (HKLM-x32\...\{9789E33B-317A-44B2-AF9A-FF8708AD93E0}) (Version: 1.0.0.222 - Electronic Arts)
Democracy 3 (HKLM-x32\...\GOGPACKDEMOCRACY3_is1) (Version: 2.0.0.3 - GOG.com)
DesktopX (HKLM-x32\...\DesktopX) (Version:  - )
DivX Setup (HKLM-x32\...\DivX Setup) (Version: 2.6.1.22 - DivX, LLC)
Donavon's Turtle Adventure (HKCU\...\Donavon's Turtle Adventure) (Version:  - )
Doxillion Document Converter (HKLM-x32\...\Doxillion) (Version:  - NCH Software)
Dropbox (HKCU\...\Dropbox) (Version: 2.8.2 - Dropbox, Inc.)
Dual-Core Optimizer (HKLM-x32\...\{9FD6F1A8-5550-46AF-8509-271DF0E768B5}) (Version: 1.1.4.0169 - AMD)
Dxtory version 2.0.123 (HKLM-x32\...\Dxtory2.0_is1) (Version: 2.0.123 - ExKode Co. Ltd.)
Entity Framework Tools for Visual Studio 2013 (HKLM-x32\...\{08AEF86A-1956-4846-B906-B01350E96E30}) (Version: 12.0.20912.0 - Microsoft Corporation)
Etron USB3.0 Host Controller (HKLM-x32\...\InstallShield_{DFBB738C-71D8-4DC5-B8D2-D65C37680E27}) (Version: 0.115 - Etron Technology)
Etron USB3.0 Host Controller (x32 Version: 0.115 - Etron Technology) Hidden
Euro Truck Simulator 2 (HKLM-x32\...\Steam App 227300) (Version:  - SCS Software)
Fake Webcam 7.3 (HKLM-x32\...\fakewebcam7.3.0_is1) (Version: 7.3.0 - Web Solution Mart)
Fake Webcam Codecs Pack 1.0.0 (HKLM\...\fwccpsetup_is1) (Version: 1.0.0 - Web Solution Mart)
Far Cry® 3 (HKLM-x32\...\Steam App 220240) (Version:  - Ubisoft Montreal, Massive Entertainment, and Ubisoft Shanghai)
fbDownloader 1.0.2 (HKLM-x32\...\fbDownloader) (Version: 1.0.2 - HTTO Group, Ltd.)
FileZilla Client 3.8.1 (HKCU\...\FileZilla Client) (Version: 3.8.1 - Tim Kosse)
FileZilla Server (HKLM-x32\...\FileZilla Server) (Version: beta 0.9.45 - FileZilla Project)
Folder Size (64-bit) (HKLM\...\{F24FF688-7138-4CCF-A83F-71E9FB01170E}) (Version: 2.6 - Brio)
FPS Creator Free (HKLM-x32\...\{800218C2-2E07-461C-85D6-8FDB4F9161D9}) (Version:  - )
Fraps (remove only) (HKLM-x32\...\Fraps) (Version:  - )
Galerie de photos (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Game Creators Dark GDK (HKLM-x32\...\{8F014E72-8456-431B-A985-EBBBFEAE85ED}) (Version: 1.0.0 - MSDN)
Game Dev Tycoon (HKLM-x32\...\Steam App 239820) (Version:  - Greenheart Games)
Game Maker 8.0 (HKLM-x32\...\Game Maker 8.0) (Version:  - )
GameMaker 8.1 (HKCU\...\GameMaker81) (Version:  - )
GameMaker: Studio (HKLM-x32\...\Steam App 214850) (Version:  - YoYo Games Ltd.)
GameTracker Lite (HKLM-x32\...\GameTracker Lite) (Version:  - ClanServers Hosting LLC.)
Garry's Mod (HKLM-x32\...\Steam App 4000) (Version:  - Team Garry)
GC (HKLM-x32\...\GC) (Version:  - ) <==== ATTENTION
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 35.0.1916.153 - Google Inc.)
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
Grand Theft Auto IV (x32 Version: 1.0.0013.131 - Rockstar Games Inc.) Hidden
Gravitexx (HKCU\...\Gravitexx) (Version:  - )
GRID (HKLM-x32\...\{5A0B7BA5-4682-4273-81C2-69B17E649103}) (Version: 1.00.0000 - Codemasters)
Gyazo 2.0.1 (HKLM-x32\...\{6DB8C365-E719-4BA5-9594-10DFC244D3FD}_is1) (Version:  - Nota Inc. & Toshiyuki Masui)
Hacker Evolution Duality (HKLM-x32\...\Steam App 70120) (Version:  - exosyphen studios)
Hex Workshop v6.7 (HKLM\...\{A47DAFC0-AF57-4462-BD40-B3F02F33CB40}) (Version: 6.7.3.5308 - BreakPoint Software)
HiJackThis (HKLM-x32\...\{45A66726-69BC-466B-A7A4-12FCBA4883D7}) (Version: 1.0.0 - Trend Micro)
Hi-Rez Studios Authenticate and Update Service (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF1FC}) (Version: 3.0.0.0 - Hi-Rez Studios)
HitBliss (HKCU\...\HitBliss) (Version: 1.0.0.24738 - Project Concord, Inc.)
HTC Driver Installer (HKLM-x32\...\{4CEEE5D0-F905-4688-B9F9-ECC710507796}) (Version: 4.11.0.001 - HTC Corporation)
HTC Sync Manager (HKLM-x32\...\{231D0C79-98A6-4693-A366-36DE7D7346EC}) (Version: 3.1.13.0 - HTC)
IIS 8.0 Express (HKLM\...\{7BF61FA9-BDFB-4563-98AD-FCB0DA28CCC7}) (Version: 8.0.1557 - Microsoft Corporation)
IIS Express Application Compatibility Database for x64 (HKLM\...\{9f4f4a9b-eec5-4906-92fe-d1f43ccf5c8d}.sdb) (Version:  - )
IIS Express Application Compatibility Database for x86 (HKLM\...\{fdfba1f3-74ae-4255-9c10-a0f552b4610f}.sdb) (Version:  - )
Infinity Wars - Animated Trading Card Game (HKLM-x32\...\Steam App 257730) (Version:  - Lightmare Studios)
IPTInstaller (HKLM-x32\...\{08208143-777D-4A06-BB54-71BF0AD1BB70}) (Version: 4.0.9 - HTC)
iTunes (HKLM\...\{427174C0-096E-40D9-9684-9C109BEE2CBF}) (Version: 11.0.5.5 - Apple Inc.)
Java 7 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217051FF}) (Version: 7.0.510 - Oracle)
Java 7 Update 55 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417055FF}) (Version: 7.0.550 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Junk Mail filter update (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
K-Lite Codec Pack 9.7.0 (Full) (HKLM-x32\...\KLiteCodecPack_is1) (Version: 9.7.0 - )
Lagarith lossless video codec (Remove Only) (HKLM\...\LAGARITH) (Version:  - )
Lagarith lossless video codec (Remove Only) (HKLM-x32\...\LAGARITH) (Version:  - )
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version:  - )
League of Legends (HKLM-x32\...\{92606477-9366-4D3B-8AE3-6BE4B29727AB}) (Version: 1.3 - Riot Games)
Left 4 Dead 2 (HKLM-x32\...\Steam App 550) (Version:  - Valve)
Little Inferno 1.2 (HKLM-x32\...\{D3D39D29-432D-4151-BA0E-77FB6A115CD3}) (Version: 1.2.0 - Tomorrow Corporation)
Livestream for Producers (HKLM-x32\...\{53466613-9260-4814-AE66-7F3A3FA978D3}) (Version: 0.0.64 - Livestream)
Magic ISO Maker v5.5 (build 0281) (HKLM-x32\...\Magic ISO Maker v5.5 (build 0281)) (Version:  - )
Malwarebytes Anti-Malware version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
ManyCam 4.0.44 (HKLM-x32\...\ManyCam) (Version: 4.0.44 - Visicom Media Inc.)
marvell 91xx driver (HKLM-x32\...\MagniDriver) (Version: 1.2.0.1020 - Marvell)
Marvell Storage Utility V4 (HKLM-x32\...\mvMSU) (Version: 4.1.0.2013 - Marvell)
Microsoft .NET Framework 4 Multi-Targeting Pack (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4.5 Multi-Targeting Pack (HKLM-x32\...\{56E962F0-4FB0-3C67-88DB-9EAA6EEFC493}) (Version: 4.5.50710 - Microsoft Corporation)
Microsoft .NET Framework 4.5 SDK (HKLM-x32\...\{4AE57014-05C4-4864-A13D-86517A7E1BA4}) (Version: 4.5.50710 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (ENU) (HKLM-x32\...\{D3517C62-68A5-37CF-92F7-93C029A89681}) (Version: 4.5.50932 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (HKLM-x32\...\{6A0C6700-EA93-372C-8871-DCCF13D160A4}) (Version: 4.5.50932 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 SDK (HKLM-x32\...\{19A5926D-66E1-46FC-854D-163AA10A52D3}) (Version: 4.5.51641 - Microsoft Corporation)
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (x32 Version: 12.0.6012.5000 - Microsoft Corporation) Hidden
Microsoft ASP.NET MVC 4 - Visual Studio Express 2013 for Web - ENU (x32 Version: 4.1.21001.0 - Microsoft Corporation) Hidden
Microsoft ASP.NET MVC 4 Runtime (x32 Version: 4.0.20716.0 - Microsoft Corporation) Hidden
Microsoft ASP.NET Web Frameworks and Tools - Visual Studio Express 2013 for Web - ENU (x32 Version: 5.0.11001.0 - Microsoft Corporation) Hidden
Microsoft ASP.NET Web Pages 2 - Visual Studio Express 2013 for Web - ENU (x32 Version: 4.1.21001.0 - Microsoft Corporation) Hidden
Microsoft ASP.NET Web Pages 2 Runtime (x32 Version: 2.0.20716.0 - Microsoft Corporation) Hidden
Microsoft Chart Controls for Microsoft .NET Framework 3.5 (KB2500170) (HKLM-x32\...\{41785C66-90F2-40CE-8CB5-1C94BFC97280}) (Version: 3.5.30730.0 - Microsoft Corporation)
Microsoft Corporation (Version: 9.1.0.0 - Microsoft Corporation) Hidden
Microsoft Corporation (x32 Version: 9.1.0.0 - Microsoft Corporation) Hidden
Microsoft DirectX SDK (August 2007) (HKLM-x32\...\{F0A4913F-46A5-48F2-BC73-EE41A6C81EB3}) (Version: 9.20.1057 - Microsoft® Corporation)
Microsoft Expression Encoder 4 (HKLM-x32\...\Encoder_4.0.1651.0) (Version: 4.0.1651.0 - Microsoft Corporation)
Microsoft Expression Encoder 4 (x32 Version: 4.0.1651.0 - Microsoft Corporation) Hidden
Microsoft Expression Encoder 4 Screen Capture Codec (HKLM-x32\...\{952DCCD8-4039-46C8-BC8B-5C1EB6C8E130}) (Version: 4.0.1651.0 - Microsoft Corporation)
Microsoft Flight (HKLM-x32\...\Steam App 203850) (Version:  - )
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}) (Version: 3.5.92.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)
Microsoft Help Viewer 1.0 (HKLM\...\Microsoft Help Viewer 1.0) (Version: 1.0.30319 - Microsoft Corporation)
Microsoft Help Viewer 1.0 (Version: 1.0.30319 - Microsoft Corporation) Hidden
Microsoft Help Viewer 2.1 (HKLM-x32\...\Microsoft Help Viewer 2.1) (Version: 2.1.21005 - Microsoft Corporation)
Microsoft Help Viewer 2.1 (x32 Version: 2.1.21005 - Microsoft Corporation) Hidden
Microsoft LifeCam (HKLM\...\{6965A8D2-465D-4F98-9FAA-0E9E2348F329}) (Version: 3.22.270.0 - Microsoft Corporation)
Microsoft NuGet - Visual Studio Express 2013 for Web (x32 Version: 2.7.40911.287 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft SkyDrive (HKCU\...\SkyDriveSetup.exe) (Version: 16.4.6013.0910 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Management Objects (HKLM-x32\...\{4E968D9C-21A7-4915-B698-F7AEB913541D}) (Version: 10.50.1447.4 - Microsoft Corporation)
Microsoft SQL Server 2012 Command Line Utilities  (HKLM\...\{58FED865-4F13-408D-A5BF-996019C4B936}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Data-Tier App Framework  (HKLM-x32\...\{1B876496-B3A2-4D22-9B12-B608A3FD4B8B}) (Version: 11.1.2902.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Data-Tier App Framework  (x64) (HKLM\...\{A6BA243E-85A3-4635-A269-32949C98AC7F}) (Version: 11.1.2902.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Express LocalDB  (HKLM\...\{6C026A91-640F-4A23-8B68-05D589CC6F18}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Management Objects  (HKLM-x32\...\{2F7DBBE6-8EBC-495C-9041-46A772F4E311}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Management Objects  (x64) (HKLM\...\{43A5C316-9521-49C3-B9B6-FCE5E1005DF0}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Native Client  (HKLM\...\{D411E9C9-CE62-4DBF-9D92-4CB22B750ED5}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Transact-SQL ScriptDom  (HKLM\...\{54C5041B-0E91-4E92-8417-AAA12493C790}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server 2012 T-SQL Language Service  (HKLM-x32\...\{04DD7AF4-A6D3-4E30-9BB9-3B3670719234}) (Version: 11.1.3000.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 ENU (HKLM-x32\...\{3A9FC03D-C685-4831-94CF-4EDFD3749497}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 x64 ENU (HKLM\...\{D4AD39AD-091E-4D33-BB2B-59F6FCB8ADC3}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 SP1 x64 ENU (HKLM\...\{78909610-D229-459C-A936-25D92283D3FD}) (Version: 4.0.8876.1 - Microsoft Corporation)
Microsoft SQL Server Data Tools - enu (12.0.30919.1) (HKLM-x32\...\{0D7FCBFB-F478-4D32-901C-83F0BF5A3501}) (Version: 12.0.30919.1 - Microsoft Corporation)
Microsoft SQL Server Data Tools Build Utilities - enu (12.0.30919.1) (HKLM-x32\...\{6781FF9B-E87D-4A03-9373-A55A288B83FA}) (Version: 12.0.30919.1 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (HKLM-x32\...\{A47FD1BF-A815-4A76-BE65-53A15BD5D25D}) (Version: 10.50.1600.1 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (x64) (HKLM\...\{4701DEDE-1888-49E0-BAE5-857875924CA2}) (Version: 10.50.1600.1 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2012 (HKLM-x32\...\{070C38AC-05CE-43DF-9A20-141332F6AB2B}) (Version: 11.1.3366.16 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2012 (x64) (HKLM\...\{05FF8209-C4F1-4C77-BC28-791653156D20}) (Version: 11.1.3366.16 - Microsoft Corporation)
Microsoft Team Foundation Server 2013 Object Model (x64) (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Team Foundation Server 2013 Object Model Language Pack (x64) - ENU (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft VC9 runtime libraries (x32 Version: 2.0.0 - AOL Inc.) Hidden
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Express Edition with SP1 - ENU (HKLM-x32\...\Microsoft Visual C++ 2008 Express Edition with SP1 - ENU) (Version:  - Microsoft Corporation)
Microsoft Visual C++ 2008 Express Edition with SP1 - ENU (x32 Version: 9.0.30729 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (HKLM\...\{14297226-E0A0-3781-8911-E9D529552663}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411 (HKLM-x32\...\{5DA8F6CD-C70E-39D8-8430-3D9808D6BD17}) (Version: 9.0.30411 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{3C3D696B-0DB7-3C6D-A356-3DB8CE541918}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Runtime - 10.0.30319 (HKLM\...\{94D70749-4281-39AC-AD90-B56A0E0A402E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005 (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Debug Runtime - 12.0.21005 (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005 (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Debug Runtime - 12.0.21005 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2008 Remote Debugger Light (x64) - ENU (HKLM\...\Microsoft Visual Studio 2008 Remote Debugger Light (x64) - ENU) (Version:  - Microsoft Corporation)
Microsoft Visual Studio 2008 Remote Debugger Light (x64) - ENU (Version: 9.0.30729 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2008 Remote Debugger Light (x64) - ENU Service Pack 1 (KB945140) (HKLM-x32\...\{90A80D89-A0E4-33C1-B13D-B93CB3496867}.KB945140) (Version: 1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Express Prerequisites x64 - ENU (HKLM\...\{BCA26999-EC22-3007-BB79-638913079C9A}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual Studio 2013 Express Prerequisites x64 - ENU (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2013 Preparation (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2013 Shell (Minimum) (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2013 Shell (Minimum) Interop Assemblies (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2013 Shell (Minimum) Resources (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2013 Team Explorer Language Pack - ENU (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual Studio Express 2013 for Web - ENU (HKLM-x32\...\{3e544097-53d1-4252-98a6-93cc12a6d487}) (Version: 12.0.21005.13 - Microsoft Corporation)
Microsoft Visual Studio Express 2013 for Web - ENU (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual Studio Ultimate 2013 XAML UI Designer Core (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual Studio Ultimate 2013 XAML UI Designer enu Resources (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Web Deploy 3.5 (HKLM\...\{3674F088-9B90-473A-AAC3-20A00D8D810C}) (Version: 3.1237.1762 - Microsoft Corporation)
Microsoft Web Developer Tools 2013 - Visual Studio Express 2013 for Web (x32 Version: 2.0.40926.0 - Microsoft Corporation) Hidden
Microsoft Windows SDK for Visual Studio 2008 Headers and Libraries (HKLM\...\{5DE154DF-A55E-4FA5-BE59-32E78FCACF3E}) (Version: 6.1.5288.17011 - Microsoft Corporation)
Microsoft Windows SDK for Visual Studio 2008 SP1 Express Tools for .NET Framework - enu (HKLM\...\{DFB3AD2B-4EE2-3077-BF1D-3CA164BC5336}) (Version: 3.5.30729 - Microsoft Corporation)
Microsoft Windows SDK for Visual Studio 2008 SP1 Express Tools for Win32 (HKLM\...\{F5C819A5-E068-4f7d-B91A-1BD18702AFFB}) (Version: 6.1.5295.17011 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
Microsoft XNA Framework Redistributable 3.1 (HKLM-x32\...\{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}) (Version: 3.1.10527.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
Microsoft_VC80_ATL_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_ATL_x86_x64 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_CRT_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_CRT_x86_x64 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFC_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFC_x86_x64 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFCLOC_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFCLOC_x86_x64 (Version: 80.50727.4053 - Adobe) Hidden
Microsoft_VC90_ATL_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_ATL_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_CRT_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_CRT_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFC_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFC_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFCLOC_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFCLOC_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
Moon Tycoon (HKLM-x32\...\Moon Tycoon) (Version:  - )
Movie Maker (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Mozilla Firefox 28.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 28.0 (x86 en-US)) (Version: 28.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT Redists (Version: 1.0 - Sony Creative Software Inc.) Hidden
MSVCRT Redists (x32 Version: 1.0 - Sony Creative Software Inc.) Hidden
MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden
MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden
MSXML 4.0 SP2 Parser and SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2721691) (HKLM-x32\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MultiBit 0.5.16 (HKLM-x32\...\MultiBit 0.5.16) (Version: 0.5.16 - )
NetLab for Win95/NT (HKLM-x32\...\NetLab for Win95/NT) (Version:  - )
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.2.3 - )
NTFS Undelete v0.94 (HKLM-x32\...\NTFS Undelete_is1) (Version: 0.94 - Atola Technology)
NVIDIA PhysX (HKLM-x32\...\{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}) (Version: 9.12.1031 - NVIDIA Corporation)
ObjectDock Plus (HKLM-x32\...\ObjectDock Plus) (Version:  - )
OnLive (HKLM-x32\...\OnLive) (Version:  - OnLive)
ooVoo (HKLM-x32\...\{FAA7F8FF-3C05-4A61-8F14-D8A6E9ED6623}) (Version: 3.5.9056 - ooVoo LLC.)
Open Broadcaster Software (HKLM-x32\...\Open Broadcaster Software) (Version:  - )
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
Oracle VM VirtualBox 4.2.16 (HKLM\...\{4CC3444D-7279-4E83-984F-18E9A7B2E803}) (Version: 4.2.16 - Oracle Corporation)
Origin (HKLM-x32\...\Origin) (Version: 9.1.13.85 - Electronic Arts, Inc.)
osu! (HKLM-x32\...\{C3592426-531E-4110-911D-BFECE2CE284C}) (Version: 0.0.0.0 - peppy)
Overwolf (HKLM-x32\...\Overwolf) (Version: 0.76.1.0 - Overwolf Ltd.)
Paint.NET v3.5.10 (HKLM\...\{529125EF-E3AC-4B74-97E6-F688A7C0F1C0}) (Version: 3.60.0 - dotPDN LLC)
Pando Media Booster (HKLM-x32\...\{980A182F-E0A2-4A40-94C1-AE0C1235902E}) (Version: 2.6.0.9 - Pando Networks Inc.)
PAYDAY 2 (HKLM-x32\...\Steam App 218620) (Version:  - OVERKILL - a Starbreeze Studio.)
Pazera Free MP4 to AVI Converter 1.7 (HKLM-x32\...\{42442BC6-5A92-4BC2-9E0C-3D359D548A21}_is1) (Version: 1.7 - Pazera Jacek)
PDF Reader 1.9 (HKLM-x32\...\PDF Reader) (Version: 1.9 - PDF Reader)
PDF Settings CS5 (x32 Version: 10.0 - Adobe Systems Incorporated) Hidden
PeerBlock 1.1 (r518) (HKLM\...\{015C5B35-B678-451C-9AEE-821E8D69621C}_is1) (Version: 1.1.0.518 - PeerBlock, LLC)
Photo Common (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Photo Gallery (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Pixel Piracy (HKLM-x32\...\Steam App 264140) (Version:  - Vitali Kirpu)
PlagueInc 1.0 (HKLM-x32\...\PlagueInc 1.0) (Version: 1.0 - Cat-A-Cat)
Plants vs. Zombies™ (HKLM-x32\...\{5E6536C2-E79A-49CF-83EA-817AD81F9FC8}) (Version: 1.2.0.1093 - Electronic Arts, Inc.)
PowerISO (HKLM-x32\...\PowerISO) (Version: 4.8 - PowerISO Computing, Inc.)
Prerequisites for SSDT  (HKLM-x32\...\{35C1D9D6-87C0-46A3-B1B4-EDBCC063221C}) (Version: 11.1.3000.0 - Microsoft Corporation)
Professional Farmer 2014 (HKLM-x32\...\Professional Farmer 2014_is1) (Version:  - )
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.)
PxMergeModule (x32 Version: 1.00.0000 - Your Company Name) Hidden
Python 3.3.2 (64-bit) (HKLM\...\{9FA9A2A6-19E4-381A-8AF3-F8CF12F0DCF0}) (Version: 3.3.2150 - Python Software Foundation)
Qualcomm Atheros Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Qualcomm Atheros)
RAR Password Recovery v1.1 RC16 (remove only) (HKLM-x32\...\Intelore - RAR Password Recovery) (Version:  - )
Razer Game Booster (HKLM-x32\...\Razer Game Booster_is1) (Version: 4.0.68.0 - Razer Inc.)
RealDownloader (x32 Version: 1.3.0 - RealNetworks, Inc.) Hidden
RealNetworks - Microsoft Visual C++ 2008 Runtime (x32 Version: 9.0 - RealNetworks, Inc) Hidden
RealNetworks - Microsoft Visual C++ 2010 Runtime (x32 Version: 10.0 - RealNetworks, Inc) Hidden
Realtek HDMI Audio Driver for ATI (HKLM-x32\...\{5449FB4F-1802-4D5B-A6D8-087DB1142147}) (Version: 6.0.1.6519 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6662 - Realtek Semiconductor Corp.)
RealUpgrade 1.1 (x32 Version: 1.1.0 - RealNetworks, Inc.) Hidden
Resource Hacker Version 3.6.0 (HKLM-x32\...\ResourceHacker_is1) (Version:  - )
ROBLOX Player (HKLM-x32\...\{373B1718-8CC5-4567-8EE2-9033AD08A680}) (Version:  - ROBLOX Corporation)
RocketDock 1.3.5 (HKLM-x32\...\RocketDock_is1) (Version:  - Punk Software)
Rosetta Stone Version 3 (HKLM-x32\...\{99011A6E-5200-11DE-BDB8-7ACD56D89593}) (Version: 3.4.5.0 - Rosetta Stone Ltd.)
RPG Maker VX Ace (HKLM-x32\...\Steam App 220700) (Version:  - Enterbrain)
RPG MAKER VX Ace RTP (HKLM-x32\...\RPGVXAce_RTP_is1) (Version: 1.00 - Enterbrain)
Ruby 2.0.0-p481-x64 (HKCU\...\{B5BD4615-7C8A-4E50-9179-71B593CA6B67}_is1) (Version: 2.0.0-p481 - RubyInstaller Team)
Rust (HKLM-x32\...\Steam App 252490) (Version:  - Facepunch Studios)
Saints Row 2 (HKLM-x32\...\Steam App 9480) (Version:  - Volition)
Saints Row: The Third (HKLM-x32\...\Steam App 55230) (Version:  - Volition)
Sansa Updater (HKCU\...\Sansa Updater) (Version: 1.406 - SanDisk Corporation)
Search Protection (HKCU\...\Search Protection) (Version: 7.5.0.1 - Spigot, Inc.) <==== ATTENTION
Sid Meier's Civilization V (HKLM-x32\...\Steam App 8930) (Version:  - 2K Games, Inc.)
SimCity™ (HKLM-x32\...\{F70FDE4B-8F86-4eb6-8C8E-636EC89F6419}) (Version: 1.0.0.0 - Electronic Arts)
Skype Click to Call (HKLM-x32\...\{BB285C9F-C821-4770-8970-56C4AB52C87E}) (Version: 7.2.15747.10003 - Microsoft Corporation)
Skype™ 6.16 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.16.105 - Skype Technologies S.A.)
Smart Install Maker 5.04 (HKLM-x32\...\Smart Install Maker 5.04) (Version: 5.04 - InstallBuilders)
SmartStartup (HKLM-x32\...\SmartStartup) (Version:  - )
Sniper Elite V2 (HKLM-x32\...\Sniper Elite V2_is1) (Version:  - )
SpaceChem (HKLM-x32\...\Steam App 92800) (Version:  - Zachtronics)
Spoon Virtual Application Studio 2012 (HKLM-x32\...\{7ab0b5ec-0592-49a4-80dc-3a4741b9a1e8}) (Version: 10.4.2491.0 - Code Systems Corporation)
SpyNet Field Office (HKLM-x32\...\com.jakks.spynet) (Version: 1.05 - UNKNOWN)
SpyNet Field Office (x32 Version: 1.05 - UNKNOWN) Hidden
SqliteBrowser3 (HKLM-x32\...\SqliteBrowser3) (Version: 3.1.0 - oldsch00l)
Stardock WindowBlinds (HKLM-x32\...\Stardock WindowBlinds) (Version: 8.05 - Stardock Software, Inc.)
State of Decay - Lifeline (HKLM-x32\...\State of Decay - Lifeline_is1) (Version:  - )
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
Surgeon Simulator 2013 Steam Edition 1.0 (HKLM-x32\...\Surgeon Simulator 2013 Steam Edition 1.0) (Version: 1.0 - Cat-A-Cat)
Takedown: Red Sabre (HKLM-x32\...\Steam App 236510) (Version:  - Serellan LLC)
TAP-Windows 9.9.2 (HKLM\...\TAP-Windows) (Version: 9.9.2 - )
Team Explorer for Microsoft Visual Studio 2013 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Team Fortress 2 (HKLM-x32\...\Steam App 440) (Version:  - Valve)
TeamSpeak 3 Client (HKCU\...\TeamSpeak 3 Client) (Version: 3.0.14 - TeamSpeak Systems GmbH)
TeamViewer 8 (HKLM-x32\...\TeamViewer 8) (Version: 8.0.17396 - TeamViewer)
The Amazing Spider-Man (HKLM-x32\...\The Amazing Spider-Man_is1) (Version:  - )
The Forest 1.0 (HKLM-x32\...\The Forest 1.0) (Version: 1.0 - Cat-A-Cat)
The Sims™ 3 (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}) (Version: 1.55.4 - Electronic Arts)
The Sims™ 3 Island Paradise (HKLM-x32\...\{DB21639E-FE55-432C-BCA2-0C5249E3F79E}) (Version: 19.0.101 - Electronic Arts)
The Sims™ 3 Pets (HKLM-x32\...\{C12631C6-804D-4B32-B0DD-8A496462F106}) (Version: 10.0.96 - Electronic Arts)
The Sims™ 3 Seasons (HKLM-x32\...\{3DE92282-CB49-434F-81BF-94E5B380E889}) (Version: 16.0.136 - Electronic Arts)
The Sims™ 3 University Life (HKLM-x32\...\{F26DE8EF-F2CF-40DC-8CDA-CC0D82D11B36}) (Version: 18.0.126 - Electronic Arts)
TortoiseSVN 1.8.4.24972 (64 bit) (HKLM\...\{A2EFDE01-96B3-4E55-8834-81617ED6BCBE}) (Version: 1.8.24972 - TortoiseSVN)
Tropico (HKLM-x32\...\Steam App 33520) (Version:  - PopTop Software)
Tropico 2: Pirate Cove (HKLM-x32\...\Steam App 33530) (Version:  - PopTop Software)
Tropico 3 - Steam Special Edition (HKLM-x32\...\Steam App 23490) (Version:  - Haemimont Games)
Tropico 3: Absolute Power (HKLM-x32\...\Steam App 57600) (Version:  - Haemimont Games)
Tunngle beta (HKLM-x32\...\Tunngle beta_is1) (Version:  - Tunngle.net GmbH)
Unity Web Player (HKCU\...\UnityWebPlayer) (Version:  - Unity Technologies ApS)
Unturned (HKLM-x32\...\Steam App 304930) (Version:  - Nelson Sexton)
Uplay (HKLM-x32\...\Uplay) (Version: 2.0 - Ubisoft)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
Vegas Pro 12.0 (64-bit) (HKLM\...\{A1188CD2-9C9F-11E2-B88F-F04DA23A5C58}) (Version: 12.0.563 - Sony)
VoiceMaster 2.0.0.83 (HKLM\...\VoiceMaster_is1) (Version:  - )
Wally (HKLM-x32\...\Wally) (Version:  - )
War Thunder (HKLM-x32\...\Steam App 236390) (Version:  - Gaijin Entertainment)
War Thunder Launcher 1.0.1.376 (HKLM-x32\...\{ed8deea4-29fa-3932-9612-e2122d8a62d9}}_is1) (Version:  - Gaijin Entertainment)
Warface (HKLM-x32\...\Steam App 291480) (Version:  - Crytek GmbH)
WhatPulse version 2.3.1 (HKLM-x32\...\{95CC8D5F-90A1-4285-9B2D-8D0FBCFD8D0D}_is1) (Version: 2.3.1 - WhatPulse)
WinDirStat 1.1.2 (HKCU\...\WinDirStat) (Version:  - )
Windows Azure Shared Components for Microsoft Visual Studio 2013 - v1.0 (x32 Version: 1.0.10829.1601 - Microsoft Corporation) Hidden
Windows Live (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Communications Platform (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3508.0205 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Family Safety (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Family Safety (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4311.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Mail (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Messenger (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live MIME IFilter (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Writer (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Windows Live Writer Resources (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
WinPcap 4.1.2 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2001 - CACE Technologies)
WinRAR 4.20 (64-bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
World of Guns: Gun Disassembly (HKLM-x32\...\Steam App 262410) (Version:  - Noble Empire Corp.)
XSplit Broadcaster (HKLM-x32\...\{641A9A78-643E-437E-9EA9-18AC8842B622}) (Version: 1.3.1401.0901 - SplitMediaLabs)
Yahoo! Software Update (HKLM-x32\...\Yahoo! Software Update) (Version:  - )

==================== Restore Points  =========================

13-07-2014 02:20:34 Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005

==================== Hosts content: ==========================

2009-07-13 21:34 - 2013-01-13 12:29 - 00000852 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 activate.adobe.com

==================== Scheduled Tasks (whitelisted) =============

Task: {0DF626E6-F1D5-49A1-9472-B0EE39071054} - System32\Tasks\GC_Scheduler => %LOCALAPPDATA%\GC\Runner.exe <==== ATTENTION
Task: {0FEF7B04-F93F-4747-9659-D3F1CF90B119} - System32\Tasks\ParetoLogic Update Version3 => C:\Program Files (x86)\Common Files\ParetoLogic\UUS3\Pareto_Update3.exe [2013-06-20] ()
Task: {10532A76-8AD4-4228-BE60-32BD738E54BA} - System32\Tasks\RunAsStdUser Task => C:\Users\Tyler\AppData\Local\teeveewatchSA\bin\1.0.9.0\TeeveeWatchSA.exe
Task: {10F2AFB7-2C90-4061-85DF-BB743ED9E772} - System32\Tasks\UP_Scheduler => %LOCALAPPDATA%\GC\updater.exe <==== ATTENTION
Task: {1E482D95-EE66-4C33-AEF1-7664F265B935} - \EPUpdater No Task File <==== ATTENTION
Task: {28DA0C56-7993-423F-AA81-1E4E89AC2569} - System32\Tasks\Overwolf Updater Task => C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [2014-06-10] (Overwolf LTD)
Task: {33498DC9-E48E-4EB6-9FA9-7937DD0B3BE7} - \YourFile DownloaderUpdate No Task File <==== ATTENTION
Task: {367511A8-4F91-445B-9312-E91488CD46A9} - System32\Tasks\Razer_Game_Booster_AutoUpdate => C:\Program Files (x86)\Razer\Razer Game Booster\AutoUpdate.exe
Task: {420A176D-11B6-4060-98B7-DCF04EEF6E8E} - System32\Tasks\BullGuardResumeInstall => C:\Users\Tyler\AppData\Local\Temp\Rar$EXa0.192\ind-bullguard.exe <==== ATTENTION
Task: {5AAB256D-B5E8-412B-BB7D-816497A84A29} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-10-21] (Piriform Ltd)
Task: {5D1F0046-F281-47C2-9D7A-85AAD2BAAA4E} - System32\Tasks\ParetoLogic Update Version3 Startup Task => C:\Program Files (x86)\Common Files\ParetoLogic\UUS3\Pareto_Update3.exe [2013-06-20] ()
Task: {5D4A32D2-564A-4D9A-92E4-7BFC8EE5A469} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-01-20] (Google Inc.)
Task: {60B40953-3854-4F0D-878F-6C9562D1AAA8} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-584796006-2325184674-3092041102-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2012-11-30] (RealNetworks, Inc.)
Task: {6E2CF2BC-CC36-4673-BBED-13963299C475} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-06-10] (Adobe Systems Incorporated)
Task: {83193053-484D-4C91-99C2-4D221D620FEA} - System32\Tasks\ParetoLogic Registration3 => Rundll32.exe "C:\Program Files (x86)\Common Files\ParetoLogic\UUS3\UUS3.dll" RunUns
Task: {8D4A90EE-0094-4838-B0B7-633263983101} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
Task: {C8A9857D-FD2E-433D-8A84-A5F96FE283CB} - \Funmoods No Task File <==== ATTENTION
Task: {CA583911-B66F-44D9-81BF-109F147BA628} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-584796006-2325184674-3092041102-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2012-11-30] (RealNetworks, Inc.)
Task: {D1B67F78-75EC-4DBE-9D11-3BE2001CD553} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {D714FB2F-35C4-425B-B5B1-140FDC3B9EE8} - System32\Tasks\BuzzSocialPoints_DNS_Checker => C:\Windows\BuzzSocialPointsChecker\BSP_li.exe <==== ATTENTION
Task: {DAAE492B-DAFF-4B32-92D2-9518FD43F82E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-01-20] (Google Inc.)
Task: {DB189074-CDF2-4114-88F9-5597E1E36E3C} - System32\Tasks\AdobeAAMUpdater-1.0-Tyler-PC-Tyler => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2011-03-15] (Adobe Systems Incorporated)
Task: {EF5874A5-DDF6-4E14-99F1-FF7DC545B2C3} - System32\Tasks\Express FilesUpdate => C:\Program Files (x86)\ExpressFiles\EFUpdater.exe <==== ATTENTION
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\ParetoLogic Registration3.job => C:\Program Files (x86)\Common Files\ParetoLogic\UUS3\UUS3.dll
Task: C:\Windows\Tasks\ParetoLogic Update Version3 Startup Task.job => C:\Program Files (x86)\Common Files\ParetoLogic\UUS3\Pareto_Update3.exe
Task: C:\Windows\Tasks\ParetoLogic Update Version3.job => C:\Program Files (x86)\Common Files\ParetoLogic\UUS3\Pareto_Update3.exe

==================== Loaded Modules (whitelisted) =============

2013-10-17 15:27 - 2013-10-17 15:27 - 00166912 ____C () C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
2013-04-20 11:59 - 2013-12-30 12:30 - 00076888 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2013-11-24 14:37 - 2013-11-24 14:37 - 00075504 ____C () C:\Program Files\TortoiseSVN\bin\TortoiseStub.dll
2013-11-24 14:36 - 2013-11-24 14:36 - 00088304 ____C () C:\Program Files\TortoiseSVN\bin\libsasl.dll
2014-05-01 14:29 - 2014-05-01 14:29 - 00098304 ____C () C:\Program Files (x86)\FileZilla FTP Client\fzshellext_64.dll
2012-06-18 10:24 - 2012-06-18 10:24 - 00222720 ____C () C:\Program Files (x86)\Notepad++\NppShell_05.dll
2014-03-06 21:57 - 2013-12-11 20:40 - 03126272 ____C () C:\Program Files (x86)\WhatPulse2\whatpulse.exe
2014-07-12 21:21 - 2014-07-12 21:21 - 00017408 ____C () C:\Users\Tyler\AppData\Local\Temp\jansi-64-git-Bukkit-1.7.9-R0.2-10-ge6cd8c0-b3096jnks.dll
2014-05-18 09:36 - 2014-05-18 09:36 - 00515584 ____C () C:\Users\Tyler\AppData\Local\Temp\sqlite-3.7.2-sqlitejdbc.dll
2013-04-21 21:44 - 2013-04-21 21:44 - 00087952 ____C () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2013-04-21 21:44 - 2013-04-21 21:44 - 01242952 ____C () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2014-05-27 12:42 - 2014-05-27 12:42 - 00031080 ____C () C:\Program Files (x86)\HTC\HTC Sync Manager\DbAccess.dll
2014-05-27 12:42 - 2014-05-27 12:42 - 00607376 ____C () C:\Program Files (x86)\HTC\HTC Sync Manager\sqlite3.dll
2014-05-27 12:43 - 2014-05-27 12:43 - 00059752 ____C () C:\Program Files (x86)\HTC\HTC Sync Manager\NAdvLog.dll
2014-05-27 12:42 - 2014-05-27 12:42 - 00036216 ____C () C:\Program Files (x86)\HTC\HTC Sync Manager\NFileCacheDBAccess.dll
2014-05-27 12:43 - 2014-05-27 12:43 - 00080248 ____C () C:\Program Files (x86)\HTC\HTC Sync Manager\ninstallerhelper.dll
2014-05-27 12:44 - 2014-05-27 12:44 - 00129376 ____C () C:\Program Files (x86)\HTC\HTC Sync Manager\zlib1.dll
2014-05-27 12:45 - 2014-05-27 12:45 - 00223592 ____C () C:\Program Files (x86)\HTC\HTC Sync Manager\DevConnMon.dll
2012-11-13 22:22 - 2012-11-13 22:22 - 02010624 ____C () C:\Program Files (x86)\ManyCam\opencv_core220.dll
2012-11-13 22:23 - 2012-11-13 22:23 - 01241088 ____C () C:\Program Files (x86)\ManyCam\opencv_imgproc220.dll
2012-11-13 22:23 - 2012-11-13 22:23 - 00241152 ____C () C:\Program Files (x86)\ManyCam\opencv_objdetect220.dll
2012-11-13 22:23 - 2012-11-13 22:23 - 00775680 ____C () C:\Program Files (x86)\ManyCam\opencv_highgui220.dll
2012-11-13 22:23 - 2012-11-13 22:23 - 00201216 ____C () C:\Program Files (x86)\ManyCam\opencv_video220.dll
2014-03-06 21:57 - 2013-04-08 10:34 - 00137728 ____C () C:\Program Files (x86)\WhatPulse2\CrashRpt1402.dll
2013-11-24 13:48 - 2013-11-24 13:48 - 00065264 ____C () C:\Program Files\TortoiseSVN\bin\TortoiseStub32.dll
2013-11-24 13:48 - 2013-11-24 13:48 - 00071408 ____C () C:\Program Files\TortoiseSVN\bin\libsasl32.dll
2014-06-10 04:53 - 2014-06-10 04:53 - 00025600 ____C () C:\Program Files (x86)\Overwolf\0.76.1.0\CoreAudioApi.dll
2014-07-12 19:00 - 2014-07-12 19:00 - 00043008 ____C () c:\users\tyler\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpwq6pjz.dll
2013-08-23 14:01 - 2013-08-23 14:01 - 25100288 ____C () C:\Users\Tyler\AppData\Roaming\Dropbox\bin\libcef.dll
2014-01-03 06:03 - 2014-01-03 06:03 - 07816192 ____C () C:\Program Files (x86)\SplitMediaLabs\XSplit\avcodec-54.dll
2014-01-03 06:03 - 2014-01-03 06:03 - 00188416 ____C () C:\Program Files (x86)\SplitMediaLabs\XSplit\avutil-52.dll
2014-01-03 06:03 - 2014-01-03 06:03 - 01425920 ____C () C:\Program Files (x86)\SplitMediaLabs\XSplit\avformat-54.dll
2014-01-03 06:03 - 2014-01-03 06:03 - 00336896 ____C () C:\Program Files (x86)\SplitMediaLabs\XSplit\swscale-2.dll
2014-01-03 06:03 - 2014-01-03 06:03 - 00096256 ____C () C:\Program Files (x86)\SplitMediaLabs\XSplit\swresample-0.dll
2014-06-10 04:53 - 2014-06-10 04:53 - 01213633 ____C () C:\Program Files (x86)\Overwolf\0.76.1.0\Purplizer\libxml2-2.dll
2014-06-10 04:53 - 2014-06-10 04:53 - 00055808 ____C () C:\Program Files (x86)\Overwolf\0.76.1.0\Purplizer\zlib1.dll
2014-06-10 04:53 - 2014-06-10 04:53 - 00301681 ____C () C:\Program Files (x86)\Overwolf\0.76.1.0\Purplizer\plugins\libmsn.dll
2014-06-10 04:53 - 2014-06-10 04:53 - 00482872 ____C () C:\Program Files (x86)\Overwolf\0.76.1.0\Purplizer\libgio-2.0-0.dll
2014-06-10 04:53 - 2014-06-10 04:53 - 00219305 ____C () C:\Program Files (x86)\Overwolf\0.76.1.0\Purplizer\libpng14-14.dll
2014-06-10 04:53 - 2014-06-10 04:53 - 00904525 ____C () C:\Program Files (x86)\Overwolf\0.76.1.0\Purplizer\libcairo-2.dll
2014-06-10 04:53 - 2014-06-10 04:53 - 00279059 ____C () C:\Program Files (x86)\Overwolf\0.76.1.0\Purplizer\libfontconfig-1.dll
2014-06-10 04:53 - 2014-06-10 04:53 - 00143096 ____C () C:\Program Files (x86)\Overwolf\0.76.1.0\Purplizer\libexpat-1.dll
2014-06-10 04:53 - 2014-06-10 04:53 - 00535264 ____C () C:\Program Files (x86)\Overwolf\0.76.1.0\Purplizer\freetype6.dll
2014-06-10 04:53 - 2014-06-10 04:53 - 00095189 ____C () C:\Program Files (x86)\Overwolf\0.76.1.0\Purplizer\libpangocairo-1.0-0.dll
2014-06-10 04:53 - 2014-06-10 04:53 - 00016371 ____C () C:\Program Files (x86)\Overwolf\0.76.1.0\Purplizer\plugins\libxmpp.dll
2014-06-10 04:53 - 2014-06-10 04:53 - 00323844 ____C () C:\Program Files (x86)\Overwolf\0.76.1.0\Purplizer\libjabber.dll
2014-06-10 04:53 - 2014-06-10 04:53 - 00016330 ____C () C:\Program Files (x86)\Overwolf\0.76.1.0\Purplizer\plugins\libyahoo.dll
2014-06-10 04:53 - 2014-06-10 04:53 - 00190138 ____C () C:\Program Files (x86)\Overwolf\0.76.1.0\Purplizer\libymsg.dll
2014-06-10 04:53 - 2014-06-10 04:53 - 00018706 ____C () C:\Program Files (x86)\Overwolf\0.76.1.0\Purplizer\plugins\ssl-nss.dll
2014-06-10 04:53 - 2014-06-10 04:53 - 00006526 ____C () C:\Program Files (x86)\Overwolf\0.76.1.0\Purplizer\plugins\ssl.dll
2014-06-10 04:53 - 2014-06-10 04:53 - 00417501 ____C () C:\Program Files (x86)\Overwolf\0.76.1.0\Purplizer\sqlite3.dll
2014-06-17 20:22 - 2014-06-17 20:22 - 03852912 ____C () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2014-06-01 04:08 - 2014-06-01 04:08 - 00035328 ____C () C:\Program Files (x86)\FileZilla FTP Client\fzshellext.dll
2014-05-24 11:41 - 2014-05-24 11:41 - 00091648 ____C () C:\Program Files (x86)\FileZilla FTP Client\libgcc_s_sjlj-1.dll
2014-05-24 11:41 - 2014-05-24 11:41 - 00892416 ____C () C:\Program Files (x86)\FileZilla FTP Client\libstdc++-6.dll
2014-06-07 12:55 - 2014-06-10 00:20 - 16361136 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll
2014-05-22 07:03 - 2014-07-11 19:53 - 01116672 ____C () C:\Program Files (x86)\Steam\libavcodec-55.dll
2014-04-24 17:38 - 2014-07-11 19:53 - 00438784 ____C () C:\Program Files (x86)\Steam\libavutil-53.dll
2014-05-22 07:03 - 2014-07-11 19:53 - 00399360 ____C () C:\Program Files (x86)\Steam\libavformat-55.dll
2014-01-07 21:54 - 2014-07-11 19:53 - 00331264 ____C () C:\Program Files (x86)\Steam\libavresample-1.dll
2013-03-12 17:10 - 2014-06-26 17:40 - 00764416 ____C () C:\Program Files (x86)\Steam\SDL2.dll
2014-05-22 07:04 - 2014-07-11 19:53 - 02139328 ____C () C:\Program Files (x86)\Steam\video.dll
2014-05-22 07:03 - 2014-04-28 19:37 - 00519168 ____C () C:\Program Files (x86)\Steam\libswscale-2.dll
2012-11-09 07:54 - 2014-07-11 19:53 - 01116864 ____C () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2014-05-22 07:04 - 2014-05-01 18:35 - 20628160 ____C () C:\Program Files (x86)\Steam\bin\libcef.dll

==================== Alternate Data Streams (whitelisted) =========

AlternateDataStreams: C:\ProgramData\TEMP:0FF263E8
AlternateDataStreams: C:\ProgramData\TEMP:FB6A21E3
AlternateDataStreams: C:\Users\Tyler\Local Settings:jDaNJFIR5WbxUe5c1AP5C6QLok
AlternateDataStreams: C:\Users\Tyler\AppData\Local:jDaNJFIR5WbxUe5c1AP5C6QLok
AlternateDataStreams: C:\Users\Tyler\AppData\Local\Application Data:jDaNJFIR5WbxUe5c1AP5C6QLok
AlternateDataStreams: C:\Users\Tyler\AppData\Local\Temporary Internet Files:dfWxotlxeiEpzAIN1l2HhekP
AlternateDataStreams: C:\Users\Tyler\AppData\Local\Temporary Internet Files:SpF0mklYFroRYxWPwKJpCS

==================== Safe Mode (whitelisted) ===================

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BsScanner => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BsScanner => ""="Service"

==================== EXE Association (whitelisted) =============


==================== MSCONFIG/TASK MANAGER disabled items =========

MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3
MSCONFIG\Services: AMD External Events Utility => 2
MSCONFIG\Services: CltMngSvc => 2
MSCONFIG\Services: DragonSvc => 2
MSCONFIG\Services: FirebirdServerMAGIXInstance => 3
MSCONFIG\Services: FLEXnet Licensing Service => 3
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: HitmanProScheduler => 2
MSCONFIG\Services: Marvell Storage Management => 2
MSCONFIG\Services: MBAMScheduler => 2
MSCONFIG\Services: MBAMService => 2
MSCONFIG\Services: McComponentHostService => 3
MSCONFIG\Services: MozillaMaintenance => 3
MSCONFIG\Services: MSUWebService => 2
MSCONFIG\Services: PCSUService => 2
MSCONFIG\Services: RealNetworks Downloader Resolver Service => 2
MSCONFIG\Services: SkypeUpdate => 2
MSCONFIG\Services: SNAC => 3
MSCONFIG\Services: SrvUpdater => 2
MSCONFIG\Services: Steam Client Service => 3
MSCONFIG\Services: SwitchBoard => 3
MSCONFIG\Services: TeamViewer8 => 2
MSCONFIG\Services: WindowBlinds => 2
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk => C:\Windows\pss\McAfee Security Scan Plus.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^Tyler^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^CurseClientStartup.ccip => C:\Windows\pss\CurseClientStartup.ccip.Startup
MSCONFIG\startupfolder: C:^Users^Tyler^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Dropbox.lnk => C:\Windows\pss\Dropbox.lnk.Startup
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: AdobeCS5.5ServiceManager => "C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" -launchedbylogin
MSCONFIG\startupreg: ApnTBMon => "C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe"
MSCONFIG\startupreg: Clownfish => "C:\Program Files (x86)\Clownfish\Clownfish.exe"
MSCONFIG\startupreg: DAEMON Tools Lite => "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
MSCONFIG\startupreg: DataMgr => C:\Users\Tyler\AppData\Roaming\DataMgr\datamgr.exe
MSCONFIG\startupreg: DivXUpdate => "C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
MSCONFIG\startupreg: DNS7reminder => "C:\Program Files (x86)\Nuance\NaturallySpeaking12\Ereg\Ereg.exe" -r "C:\ProgramData\Nuance\NaturallySpeaking12\Ereg.ini"
MSCONFIG\startupreg: Dxtory Update Checker 2.0 => C:\Program Files (x86)\Dxtory Software\Dxtory2.0\UpdateChecker.exe
MSCONFIG\startupreg: EADM => "C:\Program Files (x86)\Origin\Origin.exe" -AutoStart
MSCONFIG\startupreg: Iminent => C:\Program Files (x86)\Iminent\Iminent.exe /warmup "F77F87E5-A6BD-4922-A530-EDF63D7E9F8C"
MSCONFIG\startupreg: IminentMessenger => C:\Program Files (x86)\Iminent\Iminent.Messengers.exe
MSCONFIG\startupreg: ISUSPM => C:\ProgramData\FLEXnet\Connect\11\ISUSPM.exe -scheduler
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: LifeCam => "C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe"
MSCONFIG\startupreg: Logitech Download Assistant => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
MSCONFIG\startupreg: MC.exe => C:\ProgramData\Microsoft\Windows\Start Menu\7S0jCunVcZyZ\MC.exe
MSCONFIG\startupreg: Messenger (Yahoo!) => "C:\PROGRA~2\Yahoo!\Messenger\YahooMessenger.exe" -quiet
MSCONFIG\startupreg: MicroUpdate => C:\Users\Tyler\Documents\MSDCSC\msdcsc.exe
MSCONFIG\startupreg: MSUTray => C:\Program Files (x86)\Marvell\storage\tray\MarvellTray.exe
MSCONFIG\startupreg: ooVoo.exe => C:\Program Files (x86)\ooVoo\oovoo.exe /minimized
MSCONFIG\startupreg: Pando Media Booster => C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
MSCONFIG\startupreg: PCSpeedUp => C:\Program Files (x86)\PC Speed Up\PCSUNotifier.exe
MSCONFIG\startupreg: RtHDVCpl => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
MSCONFIG\startupreg: SandboxieControl => "C:\Program Files\Sandboxie\SbieCtrl.exe"
MSCONFIG\startupreg: SearchProtect => C:\Users\Tyler\AppData\Roaming\SearchProtect\bin\cltmng.exe
MSCONFIG\startupreg: SearchProtectAll => C:\Program Files (x86)\SearchProtect\bin\cltmng.exe
MSCONFIG\startupreg: StartCCC => "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: SwitchBoard => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
MSCONFIG\startupreg: TkBellExe => "C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe"  -osboot
MSCONFIG\startupreg: VoiceMaster => C:\Program Files\VoiceMaster\VoiceMaster.exe
MSCONFIG\startupreg: VX3000 => C:\Windows\vVX3000.exe
MSCONFIG\startupreg: winupdater => C:\Windows\Windupdt\winupdate.exe
MSCONFIG\startupreg: Wisdom-soft AutoScreenRecorder 3.1 Pro => 0
MSCONFIG\startupreg: Yontoo Desktop => "C:\Users\Tyler\AppData\Roaming\Yontoo\YontooDesktop.exe"

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (07/13/2014 01:36:58 PM) (Source: FolderSize) (EventID: 0) (User: )
Description: Scanner GetCompressedFileSize reports error 5: Access is denied.

Error: (07/13/2014 01:36:58 PM) (Source: FolderSize) (EventID: 0) (User: )
Description: Scanner GetCompressedFileSize reports error 5: Access is denied.

Error: (07/13/2014 10:25:23 AM) (Source: FolderSize) (EventID: 0) (User: )
Description: Scanner GetCompressedFileSize reports error 5: Access is denied.

Error: (07/13/2014 10:24:37 AM) (Source: FolderSize) (EventID: 0) (User: )
Description: Scanner GetCompressedFileSize reports error 5: Access is denied.

Error: (07/13/2014 10:24:37 AM) (Source: FolderSize) (EventID: 0) (User: )
Description: Scanner GetCompressedFileSize reports error 5: Access is denied.

Error: (07/12/2014 09:23:54 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program rust.exe version 4.5.2.26843 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 1d60

Start Time: 01cf9e413fe4e4b0

Termination Time: 5

Application Path: C:\Program Files (x86)\Steam\steamapps\common\Rust\legacy\rust.exe

Report Id: ae8e7f5b-0a34-11e4-b836-e738c3edeadb

Error: (07/12/2014 09:20:18 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program rust.exe version 4.5.2.26843 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 178

Start Time: 01cf9e40c17ea0b2

Termination Time: 6

Application Path: C:\Program Files (x86)\Steam\steamapps\common\Rust\legacy\rust.exe

Report Id: 35c2caef-0a34-11e4-b836-e738c3edeadb

Error: (07/12/2014 09:18:33 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program rust.exe version 4.5.2.26843 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 11d0

Start Time: 01cf9e4078fc0315

Termination Time: 28

Application Path: C:\Program Files (x86)\Steam\steamapps\common\Rust\legacy\rust.exe

Report Id: f572134a-0a33-11e4-b836-e738c3edeadb

Error: (07/12/2014 09:12:45 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program rust.exe version 4.5.2.26843 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 1294

Start Time: 01cf9e3f7552068f

Termination Time: 5

Application Path: C:\Program Files (x86)\Steam\steamapps\common\Rust\legacy\rust.exe

Report Id: 1f0b353e-0a33-11e4-b836-e738c3edeadb

Error: (07/12/2014 07:28:05 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program MT.exe version 1.0.0.1 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 21e0

Start Time: 01cf9e3139c50ec9

Termination Time: 6

Application Path: C:\Program Files (x86)\Moon Tycoon\MT.exe

Report Id: 7d17f8e1-0a24-11e4-b836-e738c3edeadb


System errors:
=============
Error: (07/12/2014 06:35:29 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The MBAMService service terminated unexpectedly.  It has done this 1 time(s).

Error: (07/12/2014 06:35:29 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The MBAMScheduler service terminated unexpectedly.  It has done this 1 time(s).

Error: (07/10/2014 04:23:13 AM) (Source: volsnap) (EventID: 14) (User: )
Description: The shadow copies of volume C: were aborted because of an IO failure on volume C:.

Error: (07/10/2014 04:22:57 AM) (Source: atapi) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Ide\IdePort2.

Error: (07/10/2014 04:22:57 AM) (Source: atapi) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Ide\IdePort2.

Error: (07/10/2014 04:22:57 AM) (Source: atapi) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Ide\IdePort2.

Error: (07/10/2014 03:39:24 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
BootScreen

Error: (07/10/2014 03:37:50 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The McAfee Task Manager service failed to start due to the following error:
%%2

Error: (07/08/2014 00:38:38 AM) (Source: volsnap) (EventID: 14) (User: )
Description: The shadow copies of volume C: were aborted because of an IO failure on volume C:.

Error: (07/08/2014 00:38:22 AM) (Source: atapi) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Ide\IdePort2.


Microsoft Office Sessions:
=========================
Error: (07/13/2014 01:36:58 PM) (Source: FolderSize) (EventID: 0) (User: )
Description: Scanner GetCompressedFileSize reports error 5: Access is denied.

Error: (07/13/2014 01:36:58 PM) (Source: FolderSize) (EventID: 0) (User: )
Description: Scanner GetCompressedFileSize reports error 5: Access is denied.

Error: (07/13/2014 10:25:23 AM) (Source: FolderSize) (EventID: 0) (User: )
Description: Scanner GetCompressedFileSize reports error 5: Access is denied.

Error: (07/13/2014 10:24:37 AM) (Source: FolderSize) (EventID: 0) (User: )
Description: Scanner GetCompressedFileSize reports error 5: Access is denied.

Error: (07/13/2014 10:24:37 AM) (Source: FolderSize) (EventID: 0) (User: )
Description: Scanner GetCompressedFileSize reports error 5: Access is denied.

Error: (07/12/2014 09:23:54 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: rust.exe4.5.2.268431d6001cf9e413fe4e4b05C:\Program Files (x86)\Steam\steamapps\common\Rust\legacy\rust.exeae8e7f5b-0a34-11e4-b836-e738c3edeadb

Error: (07/12/2014 09:20:18 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: rust.exe4.5.2.2684317801cf9e40c17ea0b26C:\Program Files (x86)\Steam\steamapps\common\Rust\legacy\rust.exe35c2caef-0a34-11e4-b836-e738c3edeadb

Error: (07/12/2014 09:18:33 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: rust.exe4.5.2.2684311d001cf9e4078fc031528C:\Program Files (x86)\Steam\steamapps\common\Rust\legacy\rust.exef572134a-0a33-11e4-b836-e738c3edeadb

Error: (07/12/2014 09:12:45 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: rust.exe4.5.2.26843129401cf9e3f7552068f5C:\Program Files (x86)\Steam\steamapps\common\Rust\legacy\rust.exe1f0b353e-0a33-11e4-b836-e738c3edeadb

Error: (07/12/2014 07:28:05 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: MT.exe1.0.0.121e001cf9e3139c50ec96C:\Program Files (x86)\Moon Tycoon\MT.exe7d17f8e1-0a24-11e4-b836-e738c3edeadb


CodeIntegrity Errors:
===================================
  Date: 2013-04-12 16:02:30.523
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\sysfer.dll because the set of per-page image hashes could not be found on the system.

  Date: 2013-04-12 14:24:11.054
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\sysfer.dll because the set of per-page image hashes could not be found on the system.

  Date: 2013-04-12 14:16:13.481
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\sysfer.dll because the set of per-page image hashes could not be found on the system.

  Date: 2013-04-12 08:20:03.582
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\sysfer.dll because the set of per-page image hashes could not be found on the system.

  Date: 2013-04-12 08:10:52.197
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\sysfer.dll because the set of per-page image hashes could not be found on the system.

  Date: 2013-04-12 08:04:47.440
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\sysfer.dll because the set of per-page image hashes could not be found on the system.

  Date: 2013-04-12 07:55:38.488
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\sysfer.dll because the set of per-page image hashes could not be found on the system.

  Date: 2013-04-12 07:34:10.780
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\sysfer.dll because the set of per-page image hashes could not be found on the system.

  Date: 2013-04-12 06:35:13.141
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\sysfer.dll because the set of per-page image hashes could not be found on the system.

  Date: 2013-04-12 06:22:16.052
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\sysfer.dll because the set of per-page image hashes could not be found on the system.


==================== Memory info ===========================

Percentage of memory in use: 64%
Total physical RAM: 8175.11 MB
Available physical RAM: 2934.89 MB
Total Pagefile: 16348.4 MB
Available Pagefile: 10836.65 MB
Total Virtual: 8192 MB
Available Virtual: 8191.81 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:465.66 GB) (Free:97.23 GB) NTFS
Drive d: (MT-Scholastic) (CDROM) (Total:0.08 GB) (Free:0 GB) CDFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: BA5FFD29)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=466 GB) - (Type=07 NTFS)

==================== End Of Log ============================



#4 Nerfman7

Nerfman7

    New Member

  • Authentic Member
  • Pip
  • 10 posts

Posted 13 July 2014 - 12:57 PM

FRST:


Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 13-07-2014
Ran by Tyler (administrator) on TYLER-PC on 13-07-2014 13:49:49
Running from C:\Users\Tyler\Downloads
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingc...can-tool/dl/81/
Download link for 64-Bit Version: http://www.bleepingc...can-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo...very-scan-tool/

==================== Processes (Whitelisted) =================

(AMD) C:\Windows\System32\atiesrxx.exe
(Stardock Corporation) C:\Program Files (x86)\Stardock\WindowBlinds\WBSrv.exe
(APN LLC.) C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Codebox Software) C:\Program Files (x86)\Codebox\BitMeterOS\BitMeterCaptureService.exe
(Codebox Software) C:\Program Files (x86)\Codebox\BitMeterOS\BitMeterWebService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Scarlet.Crush Productions) C:\Users\Tyler\Documents\PS3 Controller\ScpService.exe
(FileZilla Project) C:\Program Files (x86)\FileZilla Server\FileZilla Server.exe
(Brio) C:\Program Files\FolderSize\FolderSizeSvc.exe
(ClanServers Hosting LLC) C:\Program Files (x86)\GameTracker\GSInGameService.exe
(Hi-Rez Studios) C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
(Nero AG) C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe
(Microsoft Corporation) C:\Program Files\Microsoft LifeCam\MSCamS64.exe
() C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Razer Inc.) C:\Program Files (x86)\Razer\Razer Game Booster\RzKLService.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Yahoo! Inc.) C:\Program Files (x86)\Yahoo!\SoftwareUpdate\YahooAUService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Stardock Software, Inc) C:\Program Files (x86)\Stardock\WindowBlinds\WBCore.exe
(Pixart Imaging Inc) C:\Windows\System32\TiltWheelMouse.exe
(SanDisk Corporation) C:\Users\Tyler\AppData\Roaming\SanDisk\Sansa Updater\SansaDispatch.exe
(Nota Inc.) C:\Program Files (x86)\Gyazo\GyStation.exe
(Brio) C:\Program Files\FolderSize\FolderSize.exe
(http://tortoisesvn.net) C:\Program Files\TortoiseSVN\bin\TSVNCache.exe
(Visicom Media Inc.) C:\Program Files (x86)\ManyCam\ManyCam.exe
(Project Concord, Inc.) C:\Users\Tyler\AppData\Roaming\HitBliss\Player\HitBliss.exe
(Bogdan Sharkov) C:\Program Files (x86)\Clownfish\Clownfish.exe
() C:\Program Files (x86)\WhatPulse2\whatpulse.exe
(Overwolf LTD) C:\Program Files (x86)\Overwolf\Overwolf.exe
(Dropbox, Inc.) C:\Users\Tyler\AppData\Roaming\Dropbox\bin\Dropbox.exe
(APN) C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ASUSTek Computer Inc.) C:\Windows\SysWOW64\Windows Server\wserver.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Overwolf LTD) C:\Program Files (x86)\Common Files\Overwolf\0.76.1.0\OverwolfHelper.exe
(Overwolf LTD) C:\Program Files (x86)\Common Files\Overwolf\0.76.1.0\OverwolfHelper64.exe
(Overwolf LTD) C:\Program Files (x86)\Overwolf\0.76.1.0\Purplizer\Purplizer.exe
(Microsoft Corporation) C:\Windows\System32\cmd.exe
(Oracle Corporation) C:\Windows\System32\java.exe
(CyberGhost S.R.L) C:\Program Files\CyberGhost 5\Service.exe
(CyberGhost S.R.L.) C:\Program Files\CyberGhost 5\CyberGhost.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_13_0_0_214.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_13_0_0_214.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Dotjosh Studios, LLC) C:\Program Files (x86)\Dotjosh Studios\DayZ Commander\Current\DayZCommander.exe


==================== Registry (Whitelisted) ==================

HKLM\...\Run: [MouseDriver] => C:\Windows\system32\TiltWheelMouse.exe [241152 2012-12-19] (Pixart Imaging Inc)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [499608 2011-03-15] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-04-21] (Apple Inc.)
HKLM-x32\...\Run: [ApnTBMon] => C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe [1956760 2014-06-14] (APN)
HKLM-x32\...\Run: [VNT] => C:\Program Files (x86)\VNT\vntldr.exe [196504 2014-06-14] (APN LLC.)
HKLM-x32\...\Run: [amd_dc_opt] => C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe [77824 2008-07-22] (AMD)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766208 2013-12-06] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS5.5ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe [1523360 2011-01-12] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [FileZilla Server Interface] => C:\Program Files (x86)\FileZilla Server\FileZilla Server Interface.exe [2322944 2014-06-07] (FileZilla Project)
Winlogon\Notify\WB: C:\Program Files (x86)\Stardock\WindowBlinds\fast64.dll [X]
Winlogon\Notify\MCPClient-x32: C:\Program Files (x86)\Common Files\Stardock\MCPStub.dll (Stardock)
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-21-584796006-2325184674-3092041102-1000\...\Run: [SansaDispatch] => C:\Users\Tyler\AppData\Roaming\SanDisk\Sansa Updater\SansaDispatch.exe [1465616 2014-07-10] (SanDisk Corporation)
HKU\S-1-5-21-584796006-2325184674-3092041102-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3673696 2013-08-01] (Disc Soft Ltd)
HKU\S-1-5-21-584796006-2325184674-3092041102-1000\...\Run: [Gyazo] => C:\Program Files (x86)\Gyazo\GyStation.exe [2990304 2013-10-03] (Nota Inc.)
HKU\S-1-5-21-584796006-2325184674-3092041102-1000\...\Run: [Folder Size] => C:\Program Files\FolderSize\FolderSize.exe [169472 2013-02-13] (Brio)
HKU\S-1-5-21-584796006-2325184674-3092041102-1000\...\Run: [ManyCam] => C:\Program Files (x86)\ManyCam\ManyCam.exe [5679200 2013-12-09] (Visicom Media Inc.)
HKU\S-1-5-21-584796006-2325184674-3092041102-1000\...\Run: [HitBliss] => C:\Users\Tyler\AppData\Roaming\HitBliss\Player\HitBliss.exe [5954136 2014-05-13] (Project Concord, Inc.)
HKU\S-1-5-21-584796006-2325184674-3092041102-1000\...\Run: [Clownfish] => C:\Program Files (x86)\Clownfish\Clownfish.exe [1309432 2014-02-04] (Bogdan Sharkov)
HKU\S-1-5-21-584796006-2325184674-3092041102-1000\...\Run: [CyberGhost] => C:\Program Files\CyberGhost 5\CyberGhost.EXE [404080 2014-06-12] (CyberGhost S.R.L.)
HKU\S-1-5-21-584796006-2325184674-3092041102-1000\...\Run: [WhatPulse] => C:\Program Files (x86)\WhatPulse2\whatpulse.exe [3126272 2013-12-11] ()
HKU\S-1-5-21-584796006-2325184674-3092041102-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [21445248 2014-05-08] (Skype Technologies S.A.)
HKU\S-1-5-21-584796006-2325184674-3092041102-1000\...\Run: [Overwolf] => C:\Program Files (x86)\Overwolf\Overwolf.exe [39712 2014-06-10] (Overwolf LTD)
HKU\S-1-5-21-584796006-2325184674-3092041102-1000\...\MountPoints2: E - E:\setup.exe
HKU\S-1-5-21-584796006-2325184674-3092041102-1000\...\MountPoints2: F - F:\Launcher.exe
HKU\S-1-5-21-584796006-2325184674-3092041102-1000\...\MountPoints2: G - G:\Launcher.exe
HKU\S-1-5-21-584796006-2325184674-3092041102-1000\...\MountPoints2: H - H:\Setup.exe
HKU\S-1-5-21-584796006-2325184674-3092041102-1000\...\MountPoints2: I - I:\Autorun.exe
HKU\S-1-5-21-584796006-2325184674-3092041102-1000\...\MountPoints2: {c9d5424e-a4da-11e3-9992-080027007c9a} - G:\HTC_Sync_Manager_PC.exe
HKU\S-1-5-21-584796006-2325184674-3092041102-1000\...\MountPoints2: {e4df013e-17dc-11e2-826b-806e6f6e6963} - D:\launcher.exe
HKU\S-1-5-21-584796006-2325184674-3092041102-1000\...\MountPoints2: {f0e5caa3-dda2-11e2-a9c3-9882d50d619e} - H:\TL-Bootstrap.exe
HKU\S-1-5-21-584796006-2325184674-3092041102-1000\...\Winlogon: [Shell] C:\Windows\SysWOW64\Windows Server\wserver.exe [584192 2014-07-12] (ASUSTek Computer Inc.) <==== ATTENTION
IFEO\AvastSvc.exe: [Debugger] nqij.exe
IFEO\AvastUI.exe: [Debugger] nqij.exe
IFEO\avcenter.exe: [Debugger] nqij.exe
IFEO\avconfig.exe: [Debugger] nqij.exe
IFEO\avgcsrvx.exe: [Debugger] nqij.exe
IFEO\avgidsagent.exe: [Debugger] nqij.exe
IFEO\avgnt.exe: [Debugger] nqij.exe
IFEO\avgrsx.exe: [Debugger] nqij.exe
IFEO\avguard.exe: [Debugger] nqij.exe
IFEO\avgui.exe: [Debugger] nqij.exe
IFEO\avgwdsvc.exe: [Debugger] nqij.exe
IFEO\avp.exe: [Debugger] nqij.exe
IFEO\avscan.exe: [Debugger] nqij.exe
IFEO\bdagent.exe: [Debugger] nqij.exe
IFEO\blindman.exe: [Debugger] nqij.exe
IFEO\ccuac.exe: [Debugger] nqij.exe
IFEO\ComboFix.exe: [Debugger] nqij.exe
IFEO\egui.exe: [Debugger] nqij.exe
IFEO\hijackthis.exe: [Debugger] nqij.exe
IFEO\instup.exe: [Debugger] nqij.exe
IFEO\keyscrambler.exe: [Debugger] nqij.exe
IFEO\mbam.exe: [Debugger] nqij.exe
IFEO\mbamgui.exe: [Debugger] nqij.exe
IFEO\mbampt.exe: [Debugger] nqij.exe
IFEO\mbamscheduler.exe: [Debugger] nqij.exe
IFEO\mbamservice.exe: [Debugger] nqij.exe
IFEO\MpCmdRun.exe: [Debugger] nqij.exe
IFEO\MSASCui.exe: [Debugger] nqij.exe
IFEO\MsMpEng.exe: [Debugger] nqij.exe
IFEO\msseces.exe: [Debugger] nqij.exe
IFEO\rstrui.exe: [Debugger] nqij.exe
IFEO\SDFiles.exe: [Debugger] nqij.exe
IFEO\SDMain.exe: [Debugger] nqij.exe
IFEO\SDWinSec.exe: [Debugger] nqij.exe
IFEO\spybotsd.exe: [Debugger] nqij.exe
IFEO\wireshark.exe: [Debugger] nqij.exe
IFEO\zlclient.exe: [Debugger] nqij.exe
Startup: C:\Users\Tyler\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Tyler\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\Tyler\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Skype.lnk
ShortcutTarget: Skype.lnk -> C:\Program Files (x86)\Skype\Phone\Skype.exe (Skype Technologies S.A.)
SSODL: IconPackager Repair - {1799460C-0BC8-4865-B9DF-4A36CD703FF0} -  No File
SSODL-x32: 0aMCPClient - {F5DF91F9-15E9-416B-A7C3-7519B11ECBFC} - C:\Program Files (x86)\Common Files\Stardock\MCPCore.dll (Stardock)
SSODL-x32: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} - %SystemRoot%\system32\stobject.dll (Microsoft Corporation)
SSODL-x32: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} - %SystemRoot%\system32\shell32.dll (Microsoft Corporation)
SSODL-x32: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} - %SystemRoot%\system32\shell32.dll (Microsoft Corporation)
ShellIconOverlayIdentifiers:  SkyDrive1 -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  No File
ShellIconOverlayIdentifiers:  SkyDrive2 -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  No File
ShellIconOverlayIdentifiers:  SkyDrive3 -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  No File
ShellIconOverlayIdentifiers: 1TortoiseNormal -> {C5994560-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)
ShellIconOverlayIdentifiers: 2TortoiseModified -> {C5994561-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)
ShellIconOverlayIdentifiers: 3TortoiseConflict -> {C5994562-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)
ShellIconOverlayIdentifiers: 4TortoiseLocked -> {C5994563-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)
ShellIconOverlayIdentifiers: 5TortoiseReadOnly -> {C5994564-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)
ShellIconOverlayIdentifiers: 6TortoiseDeleted -> {C5994565-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)
ShellIconOverlayIdentifiers: 7TortoiseAdded -> {C5994566-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)
ShellIconOverlayIdentifiers: 8TortoiseIgnored -> {C5994567-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)
ShellIconOverlayIdentifiers: 9TortoiseUnversioned -> {C5994568-53D9-4125-87C9-F193FC689CB2} => C:\Program Files\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)
ShellIconOverlayIdentifiers: DropboxExt1 -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: DropboxExt2 -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: DropboxExt3 -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers: DropboxExt4 -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers-x32:  SkyDrive1 -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  No File
ShellIconOverlayIdentifiers-x32:  SkyDrive2 -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  No File
ShellIconOverlayIdentifiers-x32:  SkyDrive3 -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  No File
ShellIconOverlayIdentifiers-x32: 1TortoiseNormal -> {C5994560-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: 2TortoiseModified -> {C5994561-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: 3TortoiseConflict -> {C5994562-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: 4TortoiseLocked -> {C5994563-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: 5TortoiseReadOnly -> {C5994564-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: 6TortoiseDeleted -> {C5994565-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: 7TortoiseAdded -> {C5994566-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: 8TortoiseIgnored -> {C5994567-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: 9TortoiseUnversioned -> {C5994568-53D9-4125-87C9-F193FC689CB2} => C:\Program Files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll (http://tortoisesvn.net)
ShellIconOverlayIdentifiers-x32: DropboxExt1 -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers-x32: DropboxExt2 -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} =>  No File
ShellIconOverlayIdentifiers-x32: DropboxExt3 -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} =>  No File

==================== Internet (Whitelisted) ====================

HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.b1.org...xr&chid=c167991
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.msn.com/?...=EIE9HP&PC=UP50
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Before = http://search.b1.org...xr&chid=c167991
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page Before = http://search.b1.org...xr&chid=c167991
SearchScopes: HKLM-x32 - DefaultScope {BB74DE59-BC4C-4172-9AC4-73315F71CFFE} URL = http://websearch.web...&cc=US&unqvl=48
SearchScopes: HKLM-x32 - {BB74DE59-BC4C-4172-9AC4-73315F71CFFE} URL = http://websearch.web...&cc=US&unqvl=48
SearchScopes: HKLM-x32 - {EEE6C360-6118-11DC-9C72-001320C79847} URL = http://start.sweetpa...3-C5922661A394}
SearchScopes: HKCU - DefaultScope {A323B433-E68B-4B5C-BC11-37A0DF504B8F} URL = http://search.yahoo....p={searchTerms}
SearchScopes: HKCU - {58D9A283-EC1B-4FD9-A98F-078C76A02FCA} URL = http://search.condui...6526312225&UM=2
SearchScopes: HKCU - {A323B433-E68B-4B5C-BC11-37A0DF504B8F} URL = http://search.yahoo....p={searchTerms}
SearchScopes: HKCU - {EEE6C360-6118-11DC-9C72-001320C79847} URL = http://start.sweetpa...3-C5922661A394}
BHO: Ask Toolbar - {4D594333-0076-A76A-76A7-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\MYC3\Passport_x64.dll (APN LLC.)
BHO: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Skype add-on for Internet Explorer - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
BHO: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: No Name - {02478D38-C3F9-4efb-9B51-7695ECA05670} -  No File
BHO-x32: DownloadTerms - {2C4BA31C-0C15-11E2-90C7-9BFCBEB168B3} -  No File
BHO-x32: RealNetworks Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll (RealDownloader)
BHO-x32: Ask Toolbar - {4D594333-0076-A76A-76A7-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\MYC3\Passport.dll (APN LLC.)
BHO-x32: Java™ Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Skype Browser Helper - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Ask Toolbar - {4D594333-0076-A76A-76A7-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\MYC3\Passport_x64.dll (APN LLC.)
Toolbar: HKLM-x32 - Ask Toolbar - {4D594333-0076-A76A-76A7-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\MYC3\Passport.dll (APN LLC.)
Toolbar: HKCU - Ask Toolbar - {4D594333-0076-A76A-76A7-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\MYC3\Passport_x64.dll (APN LLC.)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Hosts: 127.0.0.1 activate.adobe.com
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\Tyler\AppData\Roaming\Mozilla\Firefox\Profiles\e074ac4x.default-1404074632853
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_214.dll ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @java.com/DTPlugin,version=10.55.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.55.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin-x32: @real.com/nppl3260;version=16.0.0.282 - c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlchromebrowserrecordext;version=1.3.0 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlhtml5videoshim;version=1.3.0 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlpepperflashvideoshim;version=1.3.0 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpplugin;version=16.0.0.282 - c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll (RealPlayer)
FF Plugin-x32: @realnetworks.com/npdlplugin;version=1 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll (RealDownloader)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @nsroblox.roblox.com/launcher - C:\Program Files (x86)\Roblox\Versions\version-2135c02b59614a08\\NPRobloxProxy.dll ( ROBLOX Corporation)
FF Plugin HKCU: @onlive.com/OnLiveGameClientDetector,version=1.0.0 - C:\Program Files (x86)\OnLive\Plugin\npolgdet.dll (OnLive)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\Tyler\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin HKCU: pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin HKCU: ubisoft.com/uplaypc - C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll ()
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppl3260.dll (RealNetworks, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nprpplugin.dll (RealPlayer)
FF Extension: Adblock Plus - C:\Users\Tyler\AppData\Roaming\Mozilla\Firefox\Profiles\e074ac4x.default-1404074632853\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-07-01]
FF Extension: DownloadTerms - C:\Program Files (x86)\Mozilla Firefox\extensions\cxfnl@nxazbwxrbgsgfqqp.net [2014-06-17]
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\extensions\buzzsocial_lidns@buzzsocialpoints.com.xpi [2014-06-17]
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2014-06-17]
FF HKLM-x32\...\Firefox\Extensions: [{34712C68-7391-4c47-94F3-8F88D49AD632}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2013-01-14]
FF HKLM-x32\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext

==================== Services (Whitelisted) =================

R2 APNMCP; C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe [165784 2014-06-14] (APN LLC.)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [345984 2014-06-30] ()
R2 BitMeterCaptureService; C:\Program Files (x86)\Codebox\BitMeterOS\BitMeterCaptureService.exe [99037 2012-03-04] (Codebox Software) [File not signed]
R2 BitMeterWebService; C:\Program Files (x86)\Codebox\BitMeterOS\BitMeterWebService.exe [148484 2012-03-04] (Codebox Software) [File not signed]
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390720 2014-04-11] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1764992 2014-04-11] (Microsoft Corporation)
R2 CGVPNCliService; C:\Program Files\CyberGhost 5\Service.exe [64624 2014-06-12] (CyberGhost S.R.L)
R2 Ds3Service; C:\Users\Tyler\Documents\PS3 Controller\ScpService.exe [381952 2014-03-13] (Scarlet.Crush Productions) [File not signed]
S3 EasyAntiCheat; C:\Windows\SysWOW64\EasyAntiCheat.exe [107552 2014-07-11] (EasyAntiCheat Ltd)
R2 FileZilla Server; C:\Program Files (x86)\FileZilla Server\FileZilla Server.exe [642048 2014-06-07] (FileZilla Project) [File not signed]
R2 FolderSize; C:\Program Files\FolderSize\FolderSizeSvc.exe [163840 2013-02-13] (Brio) [File not signed]
U2 HiPatchService; C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [9216 2014-02-28] (Hi-Rez Studios) [File not signed]
R2 HTCMonitorService; C:\Program Files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe [87368 2014-04-02] (Nero AG)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
S2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-05-12] () [File not signed]
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [860472 2014-05-12] () [File not signed]
S4 MSUWebService; C:\Program Files (x86)\Marvell\storage\Apache2\bin\httpd.exe [24645 2011-11-21] (Apache Software Foundation) [File not signed]
S4 msvsmon90; C:\Program Files\Microsoft Visual Studio 9.0\Common7\IDE\Remote Debugger\x64\msvsmon.exe [4737024 2008-07-29] (Microsoft Corporation)
S3 OverwolfUpdater; C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [976672 2014-06-10] (Overwolf LTD)
R2 PassThru Service; C:\Program Files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [166912 2013-10-17] () [File not signed]
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2013-12-30] ()
S4 RealNetworks Downloader Resolver Service; C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [38608 2012-11-29] ()
S3 rpcapd; C:\Program Files (x86)\WinPcap\rpcapd.exe [117264 2010-06-25] (CACE Technologies, Inc.)
R2 RzKLService; C:\Program Files (x86)\Razer\Razer Game Booster\RzKLService.exe [106472 2013-09-18] (Razer Inc.)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
S4 TlntSvr; C:\Windows\System32\tlntsvr.exe [81920 2009-07-13] (Microsoft Corporation)
S3 TunngleService; C:\Program Files (x86)\Tunngle\TnglCtrl.exe [758224 2013-11-06] (Tunngle.net GmbH)
S3 VsEtwService120; C:\Program Files (x86)\Microsoft Visual Studio 12.0\Common7\Packages\Debugger\Services\VsEtwService.exe [87728 2013-10-04] (Microsoft Corporation)
R2 WindowBlinds; C:\Program Files (x86)\Stardock\WindowBlinds\wbsrv.exe [89600 2013-05-16] (Stardock Corporation) [File not signed]
S2 McTaskManager; "C:\Program Files (x86)\McAfee\VirusScan Enterprise\VsTskMgr.exe" [X]

==================== Drivers (Whitelisted) ====================

R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2013-08-21] (Disc Soft Ltd)
S3 EvolveVirtualAdapter; C:\Windows\System32\DRIVERS\evolve.sys [21656 2014-01-11] (Echobit, LLC)
R2 hitbliss; C:\Windows\System32\drivers\hitbliss.sys [19928 2014-01-30] (Project Concord, Inc.)
S3 hitmanpro37; C:\Windows\system32\drivers\hitmanpro37.sys [32152 2013-04-11] ()
R3 ManyCam; C:\Windows\System32\DRIVERS\mcvidrv.sys [42016 2013-11-26] (Visicom Media Inc.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-05-12] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [122584 2014-07-10] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-05-12] (Malwarebytes Corporation)
R3 mcaudrv_simple; C:\Windows\System32\drivers\mcaudrv_x64.sys [35232 2013-12-06] (Visicom Media Inc.)
S3 mirrorv3; C:\Windows\System32\DRIVERS\rminiv3.sys [5632 2012-12-18] (Famatech International Corp.)
S3 Mv_Process; c:\windows\syswow64\mv_process.sys [14376 2011-11-21] ()
R1 netfilter64; C:\Windows\System32\drivers\netfilter64.sys [61592 2013-12-17] (NetFilterSDK.com)
R2 NPF; C:\Windows\System32\drivers\npf.sys [35344 2010-06-25] (CACE Technologies, Inc.)
S3 pbfilter; C:\Program Files\PeerBlock\pbfilter.sys [24176 2010-11-06] ()
R3 ScpVBus; C:\Windows\System32\DRIVERS\ScpVBus.sys [39168 2013-05-19] (Scarlet.Crush Productions)
R1 Serial; C:\Windows\System32\DRIVERS\serial.sys [94208 2009-07-13] (Brother Industries Ltd.)
R3 tap0901t; C:\Windows\System32\DRIVERS\tap0901t.sys [31232 2009-09-16] (Tunngle.net)
S3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [42184 2013-10-15] (Anchorfree Inc.)
S3 tapoas; C:\Windows\System32\DRIVERS\tapoas.sys [30720 2012-07-15] (The OpenVPN Project)
R3 t_mouse.sys; C:\Windows\System32\DRIVERS\t_mouse.sys [6144 2012-12-19] ()
S0 BootScreen; \SystemRoot\System32\drivers\vidstub.sys [X]
S3 WinRing0_1_2_0; \??\C:\Program Files (x86)\Razer\Razer Game Booster\Driver\WinRing0x64.sys [X]

==================== NetSvcs (Whitelisted) ===================


==================== One Month Created Files and Folders ========

2014-07-13 13:49 - 2014-07-13 13:50 - 00032579 _____ () C:\Users\Tyler\Downloads\FRST.txt
2014-07-13 13:49 - 2014-07-13 13:49 - 02086912 ____C (Farbar) C:\Users\Tyler\Downloads\FRST64.exe
2014-07-13 13:49 - 2014-07-13 13:49 - 00000000 ____D () C:\FRST
2014-07-13 10:45 - 2014-07-13 10:45 - 00000951 ____C () C:\Users\Public\Desktop\Tunngle beta.lnk
2014-07-13 10:45 - 2014-07-13 10:45 - 00000000 ___DC () C:\ProgramData\Tunngle
2014-07-13 10:42 - 2014-07-13 10:43 - 04055968 ____C (Tunngle.net GmbH ) C:\Users\Tyler\Downloads\Tunngle_Setup_v4.5.1.4b.exe
2014-07-13 10:39 - 2014-07-13 10:39 - 00000000 __SHC () C:\Users\Tyler\AppData\Local\LumaEmu
2014-07-13 10:39 - 2014-07-13 10:39 - 00000000 ___DC () C:\ProgramData\LumaEmu_SteamCloud
2014-07-13 10:33 - 2014-03-19 20:24 - 00000000 ___DC () C:\Users\Tyler\Desktop\Rust 14.03
2014-07-13 10:28 - 2014-07-13 10:32 - 528272906 _____ () C:\Users\Tyler\Downloads\Rust 14.03 Cracked [DerpTeam].zip
2014-07-13 10:27 - 2014-07-13 10:27 - 01855312 ____C (BitTorrent Inc.) C:\Users\Tyler\Downloads\uTorrent.exe
2014-07-12 23:32 - 2014-07-12 23:32 - 08646824 ____C (CyberGhost S.R.L. ) C:\Users\Tyler\Downloads\CG_5.0.13.17.exe
2014-07-12 23:17 - 2014-07-11 23:12 - 00107552 _____ (EasyAntiCheat Ltd) C:\Windows\SysWOW64\EasyAntiCheat.exe
2014-07-12 21:27 - 2014-07-12 21:27 - 06498200 ____C (Microsoft Corporation) C:\Users\Tyler\Downloads\vcredist_x86(1).exe
2014-07-12 21:19 - 2014-07-12 21:20 - 06498200 ____C (Microsoft Corporation) C:\Users\Tyler\Downloads\vcredist_x86.exe
2014-07-12 20:04 - 2014-07-12 20:04 - 00002975 _____ () C:\Users\Tyler\Desktop\HiJackThis.lnk
2014-07-12 20:04 - 2014-07-12 20:04 - 00000000 ___DC () C:\Users\Tyler\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HiJackThis
2014-07-12 20:04 - 2014-07-12 20:04 - 00000000 ___DC () C:\Program Files (x86)\Trend Micro
2014-07-12 20:03 - 2014-07-12 20:03 - 01402880 _____ () C:\Users\Tyler\Downloads\HiJackThis.msi
2014-07-12 20:02 - 2014-07-12 20:02 - 00760544 ____C () C:\Users\Tyler\Downloads\hijackthis setup.exe
2014-07-12 19:43 - 2014-07-12 19:43 - 00050688 ____C (Atribune.org) C:\Users\Tyler\Downloads\ATF-Cleaner.exe
2014-07-12 19:29 - 2014-07-12 19:29 - 29611712 ____C (Microsoft Corporation) C:\Users\Tyler\Downloads\Windows-KB890830-x64-V5.14.exe
2014-07-12 19:02 - 2014-07-12 19:06 - 231648632 ____C (Symantec Corporation) C:\Users\Tyler\Downloads\N360_21.1.0.18_SYMTB_PROMO_4_MRFTT_830_10145-US1.exe
2014-07-12 18:35 - 2014-07-13 13:50 - 00143744 ____C () C:\Users\Tyler\AppData\Roaming\msconfig.ini
2014-07-12 18:35 - 2014-07-12 18:35 - 00000000 __SHD () C:\Windows\SysWOW64\Windows Server
2014-07-12 08:51 - 2014-07-12 08:51 - 00000004 _____ () C:\Users\Tyler\Desktop\RUST.txt
2014-07-11 23:12 - 2014-07-11 23:12 - 00000222 _____ () C:\Users\Tyler\Desktop\Rust.url
2014-07-11 22:44 - 2014-07-11 22:44 - 00000222 _____ () C:\Users\Tyler\Desktop\DayZ.url
2014-07-11 22:19 - 2014-07-11 22:21 - 00000012 _____ () C:\Users\Tyler\Desktop\Password.txt
2014-07-11 10:28 - 2014-07-11 19:29 - 00000242 _____ () C:\Users\Tyler\Desktop\Trading cards.txt
2014-07-10 10:58 - 2014-07-10 10:58 - 00001878 ____C () C:\Users\Tyler\Desktop\ArmA2OA - Shortcut.lnk
2014-07-09 19:32 - 2014-06-29 21:09 - 00519168 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-07-09 19:32 - 2014-06-29 21:04 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-07-09 19:31 - 2014-06-20 15:14 - 00266424 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-07-09 19:31 - 2014-06-20 14:39 - 00240824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-07-09 19:31 - 2014-06-18 20:39 - 23464448 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-07-09 19:31 - 2014-06-18 20:06 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-07-09 19:31 - 2014-06-18 20:06 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-07-09 19:31 - 2014-06-18 19:48 - 02768384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-07-09 19:31 - 2014-06-18 19:42 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-07-09 19:31 - 2014-06-18 19:42 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-07-09 19:31 - 2014-06-18 19:41 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-07-09 19:31 - 2014-06-18 19:41 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-07-09 19:31 - 2014-06-18 19:32 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-07-09 19:31 - 2014-06-18 19:31 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-07-09 19:31 - 2014-06-18 19:26 - 00598016 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-07-09 19:31 - 2014-06-18 19:24 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-07-09 19:31 - 2014-06-18 19:24 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-07-09 19:31 - 2014-06-18 19:23 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-07-09 19:31 - 2014-06-18 19:16 - 17276416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-07-09 19:31 - 2014-06-18 19:14 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-07-09 19:31 - 2014-06-18 19:09 - 00452608 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-07-09 19:31 - 2014-06-18 18:59 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-07-09 19:31 - 2014-06-18 18:56 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-07-09 19:31 - 2014-06-18 18:53 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-07-09 19:31 - 2014-06-18 18:51 - 05721088 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-07-09 19:31 - 2014-06-18 18:50 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-07-09 19:31 - 2014-06-18 18:48 - 00292864 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-07-09 19:31 - 2014-06-18 18:39 - 00608768 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-07-09 19:31 - 2014-06-18 18:38 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-07-09 19:31 - 2014-06-18 18:37 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-07-09 19:31 - 2014-06-18 18:36 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-07-09 19:31 - 2014-06-18 18:35 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-07-09 19:31 - 2014-06-18 18:33 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-07-09 19:31 - 2014-06-18 18:32 - 02179072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-07-09 19:31 - 2014-06-18 18:28 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-07-09 19:31 - 2014-06-18 18:28 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-07-09 19:31 - 2014-06-18 18:27 - 02040832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-07-09 19:31 - 2014-06-18 18:27 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-07-09 19:31 - 2014-06-18 18:25 - 00442368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-07-09 19:31 - 2014-06-18 18:23 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-07-09 19:31 - 2014-06-18 18:22 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-07-09 19:31 - 2014-06-18 18:12 - 00367616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-07-09 19:31 - 2014-06-18 18:06 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-07-09 19:31 - 2014-06-18 18:01 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-07-09 19:31 - 2014-06-18 17:59 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-07-09 19:31 - 2014-06-18 17:58 - 02266112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-07-09 19:31 - 2014-06-18 17:58 - 00239616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-07-09 19:31 - 2014-06-18 17:52 - 04254720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-07-09 19:31 - 2014-06-18 17:51 - 13527040 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-07-09 19:31 - 2014-06-18 17:49 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-07-09 19:31 - 2014-06-18 17:46 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-07-09 19:31 - 2014-06-18 17:45 - 01964544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-07-09 19:31 - 2014-06-18 17:35 - 11742208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-07-09 19:31 - 2014-06-18 17:34 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-07-09 19:31 - 2014-06-18 17:15 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-07-09 19:31 - 2014-06-18 17:13 - 01791488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-07-09 19:31 - 2014-06-18 17:09 - 01139200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-07-09 19:31 - 2014-06-18 17:07 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-07-09 19:31 - 2014-06-17 21:18 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe
2014-07-09 19:31 - 2014-06-17 20:51 - 00646144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\osk.exe
2014-07-09 19:31 - 2014-06-17 20:10 - 03157504 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-07-09 19:31 - 2014-06-06 05:10 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-07-09 19:31 - 2014-06-06 04:44 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2014-07-09 19:31 - 2014-06-05 09:45 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-07-09 19:31 - 2014-06-05 09:26 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-07-09 19:31 - 2014-06-05 09:25 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-07-09 19:31 - 2014-05-30 03:08 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-07-09 19:31 - 2014-05-30 03:08 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-07-09 19:31 - 2014-05-30 03:08 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-07-09 19:31 - 2014-05-30 03:08 - 00307200 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2014-07-09 19:31 - 2014-05-30 03:08 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-07-09 19:31 - 2014-05-30 03:08 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-07-09 19:31 - 2014-05-30 03:08 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-07-09 19:31 - 2014-05-30 02:52 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-07-09 19:31 - 2014-05-30 02:52 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2014-07-09 19:31 - 2014-05-30 02:52 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-07-09 19:31 - 2014-05-30 02:52 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2014-07-09 19:31 - 2014-05-30 02:52 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2014-07-09 19:31 - 2014-05-30 02:52 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-07-09 19:31 - 2014-05-30 02:52 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-07-09 19:31 - 2014-05-30 01:45 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys
2014-07-09 14:32 - 2014-07-09 15:18 - 00000000 ____D () C:\Users\Tyler\Desktop\Pigoo Mods
2014-07-09 14:17 - 2014-07-09 15:22 - 00000000 ____D () C:\Users\Tyler\Desktop\Pigoo Pack
2014-07-08 21:49 - 2014-07-12 19:00 - 00000000 ___DC () C:\Users\Tyler\AppData\Roaming\DropboxMaster
2014-07-08 21:48 - 2014-07-12 19:00 - 00000000 __RDC () C:\Users\Tyler\Dropbox
2014-07-08 21:48 - 2014-07-08 21:49 - 00001017 _____ () C:\Users\Tyler\Desktop\Dropbox.lnk
2014-07-08 20:46 - 2014-07-09 15:19 - 00000000 ____D () C:\Users\Tyler\Desktop\Modpack
2014-07-07 14:49 - 2014-07-07 14:49 - 02346942 ____C () C:\Users\Tyler\Desktop\TechnicLauncher.exe
2014-07-07 14:44 - 2014-07-09 14:09 - 00000000 ____D () C:\Users\Tyler\Desktop\Tekkit Server
2014-07-07 10:42 - 2014-07-07 15:01 - 00000000 ___DC () C:\Program Files (x86)\WarThunder
2014-07-07 10:42 - 2014-07-07 10:42 - 00001061 ____C () C:\Users\Public\Desktop\WarThunder.lnk
2014-07-07 10:42 - 2014-07-07 10:42 - 00000000 ___DC () C:\Users\Tyler\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WarThunder
2014-07-07 10:22 - 2014-07-07 10:38 - 00000000 ___DC () C:\Users\Tyler\AppData\Roaming\Tropico 3
2014-07-04 11:17 - 2014-07-05 06:44 - 00000000 ___DC () C:\Users\Tyler\AppData\Local\wf-launcher
2014-07-04 11:17 - 2014-07-05 06:44 - 00000000 ___DC () C:\ProgramData\GFACE
2014-07-04 11:05 - 2014-07-13 10:46 - 00000000 _____ () C:\Windows\SysWOW64\Access.dat
2014-07-03 20:41 - 2014-07-03 20:45 - 00001233 _____ () C:\Users\Tyler\Desktop\irb - Shortcut.lnk
2014-07-03 20:39 - 2014-07-03 20:39 - 00000000 ___DC () C:\Users\Tyler\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ruby 2.0.0-p481-x64
2014-07-03 20:39 - 2014-07-03 20:39 - 00000000 ____D () C:\Ruby200-x64
2014-07-03 20:30 - 2014-07-03 20:30 - 00000000 ____D () C:\Users\Tyler\Desktop\obsidium
2014-07-03 20:13 - 2014-07-03 20:25 - 197224939 _____ () C:\Users\Tyler\Desktop\obsidium.exe
2014-07-01 14:11 - 2014-07-01 14:11 - 00000222 _____ () C:\Users\Tyler\Desktop\Warface.url
2014-06-30 13:09 - 2014-06-30 13:09 - 07141888 ____C () C:\Users\Tyler\Desktop\theHubskie launcher v1.0.3b.exe
2014-06-29 10:24 - 2014-06-29 10:24 - 00003480 _____ () C:\Windows\System32\Tasks\BullGuardResumeInstall
2014-06-29 10:20 - 2014-06-29 10:21 - 00000000 _____ () C:\Windows\system32\F39D4DE6-98B8-4E05-91BD-549E8A8248BD.tmp
2014-06-29 10:20 - 2014-06-29 10:20 - 00000512 _____ () C:\Windows\system32\F39D4DE6-98B8-4E05-91BD-549E8A8248BD
2014-06-28 21:09 - 2014-06-28 23:13 - 00000000 ____D () C:\Users\Tyler\Desktop\Hub
2014-06-28 15:12 - 2014-07-11 10:28 - 00000036 _____ () C:\Users\Tyler\Desktop\TS3.txt
2014-06-28 15:07 - 2014-06-28 15:07 - 00000221 _____ () C:\Users\Tyler\Desktop\SpaceChem.url
2014-06-28 14:54 - 2014-06-28 14:54 - 00000000 ___DC () C:\Program Files (x86)\sweetpacks bundle uninstaller_FileZilla_1639621
2014-06-28 14:51 - 2014-06-28 14:51 - 00000005 _____ () C:\Users\Tyler\Desktop\FTP PORT.txt
2014-06-28 14:51 - 2014-06-28 14:51 - 00000000 ___DC () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileZilla Server
2014-06-28 14:51 - 2014-06-28 14:51 - 00000000 ___DC () C:\Program Files (x86)\FileZilla Server
2014-06-28 14:14 - 2014-06-28 14:14 - 00000952 ____C () C:\Users\Public\Desktop\Play Moon Tycoon.lnk
2014-06-28 14:14 - 2014-06-28 14:14 - 00000034 _____ () C:\Windows\lnpth.lnf
2014-06-28 14:14 - 2014-06-28 14:14 - 00000000 ___DC () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Moon Tycoon
2014-06-28 14:12 - 2014-06-28 14:14 - 00000000 ___DC () C:\Program Files (x86)\Moon Tycoon
2014-06-26 19:22 - 2014-06-26 21:45 - 00000000 ____D () C:\Users\Tyler\Desktop\TheBuildingGame
2014-06-26 11:29 - 2014-06-26 11:29 - 00001441 ____C () C:\Users\Tyler\Desktop\vegas120 - Shortcut.lnk
2014-06-25 09:34 - 2014-07-10 12:14 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-06-25 09:33 - 2014-07-12 18:37 - 00000000 ___DC () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-06-25 09:33 - 2014-06-25 09:33 - 00001080 ____C () C:\Users\Tyler\Desktop\Malwarebytes Anti-Malware.lnk
2014-06-25 09:33 - 2014-06-25 09:33 - 00000000 ___DC () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-06-25 09:33 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-06-25 09:33 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-06-24 14:54 - 2014-06-25 10:19 - 00000000 ___DC () C:\Users\Tyler\AppData\Local\Game Dev Tycoon - Steam
2014-06-24 12:15 - 2014-06-24 12:22 - 00000222 _____ () C:\Users\Tyler\Desktop\Game Dev Tycoon.url
2014-06-24 12:11 - 2014-06-24 12:11 - 00000000 ___DC () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SqliteBrowser3
2014-06-24 12:11 - 2014-06-24 12:11 - 00000000 ___DC () C:\Program Files (x86)\SqliteBrowser3
2014-06-21 23:14 - 2014-06-21 23:14 - 00000222 _____ () C:\Users\Tyler\Desktop\Contagion.url
2014-06-21 13:49 - 2014-06-21 13:49 - 00000000 ___DC () C:\Users\Tyler\AppData\Local\techland
2014-06-20 20:30 - 2014-06-20 20:30 - 00000222 _____ () C:\Users\Tyler\Desktop\Call of Juarez Gunslinger.url
2014-06-20 20:24 - 2014-06-20 20:24 - 00000222 _____ () C:\Users\Tyler\Desktop\Pixel Piracy.url
2014-06-20 20:15 - 2014-06-20 20:24 - 00000000 ___DC () C:\Users\Tyler\AppData\Roaming\HTC
2014-06-20 20:13 - 2014-07-10 10:20 - 00000000 ___DC () C:\Users\Tyler\AppData\Local\HTC MediaHub
2014-06-20 20:13 - 2014-06-20 20:14 - 00000000 ____D () C:\Users\Tyler\Documents\HTC
2014-06-20 20:13 - 2014-06-20 20:13 - 00000000 ___DC () C:\Users\Tyler\.android
2014-06-20 20:13 - 2014-06-20 20:13 - 00000000 ___DC () C:\ProgramData\HTC
2014-06-20 19:52 - 2014-06-20 20:12 - 00000000 ___DC () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HTC
2014-06-20 19:52 - 2014-06-20 20:12 - 00000000 ___DC () C:\Program Files (x86)\HTC
2014-06-20 19:52 - 2014-06-20 19:52 - 00003680 _____ () C:\Windows\DPINST.LOG
2014-06-20 19:52 - 2014-06-20 19:52 - 00000000 ___DC () C:\Program Files (x86)\Spirent Communications
2014-06-20 15:03 - 2014-06-20 15:03 - 00000000 ___DC () C:\Program Files (x86)\Square Enix
2014-06-20 14:28 - 2014-06-20 14:50 - 00000000 ___DC () C:\Users\Tyler\AppData\Local\Arma 3
2014-06-20 14:28 - 2014-06-20 14:39 - 00000000 ____D () C:\Users\Tyler\Documents\Arma 3
2014-06-20 14:28 - 2014-06-20 14:28 - 00000000 ___DC () C:\ProgramData\Bohemia Interactive
2014-06-20 13:25 - 2014-06-20 13:25 - 00000239 _____ () C:\Windows\hhdrvi.log
2014-06-19 12:15 - 2014-07-13 13:37 - 00000000 ___DC () C:\Users\Tyler\AppData\Local\Purplizer
2014-06-19 12:12 - 2014-06-19 12:12 - 00003728 _____ () C:\Windows\System32\Tasks\Overwolf Updater Task
2014-06-17 20:22 - 2014-06-17 20:22 - 00000000 ___DC () C:\Program Files (x86)\Mozilla Firefox
2014-06-16 12:20 - 2014-06-16 12:26 - 00000000 ____D () C:\Users\Tyler\Desktop\BL Admin Applicants

==================== One Month Modified Files and Folders =======

2014-07-13 13:50 - 2014-07-13 13:49 - 00032579 _____ () C:\Users\Tyler\Downloads\FRST.txt
2014-07-13 13:50 - 2014-07-12 18:35 - 00143744 ____C () C:\Users\Tyler\AppData\Roaming\msconfig.ini
2014-07-13 13:50 - 2012-10-16 20:21 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-07-13 13:49 - 2014-07-13 13:49 - 02086912 ____C (Farbar) C:\Users\Tyler\Downloads\FRST64.exe
2014-07-13 13:49 - 2014-07-13 13:49 - 00000000 ____D () C:\FRST
2014-07-13 13:45 - 2014-03-06 21:57 - 00000000 ___DC () C:\Users\Tyler\AppData\Local\WhatPulse
2014-07-13 13:39 - 2013-09-18 19:19 - 00000000 ___DC () C:\ProgramData\BitMeterOS
2014-07-13 13:37 - 2014-06-19 12:15 - 00000000 ___DC () C:\Users\Tyler\AppData\Local\Purplizer
2014-07-13 13:37 - 2012-11-09 07:53 - 00000000 ___DC () C:\Program Files (x86)\Steam
2014-07-13 13:37 - 2012-10-29 14:57 - 00000000 ___DC () C:\Users\Tyler\AppData\Roaming\Skype
2014-07-13 13:36 - 2012-10-16 16:50 - 00003926 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{8993F223-5ADA-4263-BC9D-58C509458438}
2014-07-13 13:28 - 2014-01-17 18:58 - 00000000 ___DC () C:\Users\Tyler\AppData\Local\ArmA 2 OA
2014-07-13 13:10 - 2013-01-20 13:56 - 00000896 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-07-13 10:53 - 2013-01-16 15:37 - 00000000 ____D () C:\Users\Tyler\AppData\Roaming\uTorrent
2014-07-13 10:46 - 2014-07-04 11:05 - 00000000 _____ () C:\Windows\SysWOW64\Access.dat
2014-07-13 10:45 - 2014-07-13 10:45 - 00000951 ____C () C:\Users\Public\Desktop\Tunngle beta.lnk
2014-07-13 10:45 - 2014-07-13 10:45 - 00000000 ___DC () C:\ProgramData\Tunngle
2014-07-13 10:45 - 2013-09-12 18:36 - 00000000 ___DC () C:\Users\Tyler\AppData\Roaming\Tunngle
2014-07-13 10:45 - 2013-09-12 18:36 - 00000000 ___DC () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tunngle
2014-07-13 10:45 - 2013-09-12 18:36 - 00000000 ___DC () C:\Program Files (x86)\Tunngle
2014-07-13 10:43 - 2014-07-13 10:42 - 04055968 ____C (Tunngle.net GmbH ) C:\Users\Tyler\Downloads\Tunngle_Setup_v4.5.1.4b.exe
2014-07-13 10:39 - 2014-07-13 10:39 - 00000000 __SHC () C:\Users\Tyler\AppData\Local\LumaEmu
2014-07-13 10:39 - 2014-07-13 10:39 - 00000000 ___DC () C:\ProgramData\LumaEmu_SteamCloud
2014-07-13 10:32 - 2014-07-13 10:28 - 528272906 _____ () C:\Users\Tyler\Downloads\Rust 14.03 Cracked [DerpTeam].zip
2014-07-13 10:27 - 2014-07-13 10:27 - 01855312 ____C (BitTorrent Inc.) C:\Users\Tyler\Downloads\uTorrent.exe
2014-07-13 04:10 - 2013-01-20 13:56 - 00000892 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-07-13 03:00 - 2012-10-16 17:04 - 01839595 _____ () C:\Windows\WindowsUpdate.log
2014-07-13 02:00 - 2014-06-10 00:25 - 00000000 ___DC () C:\Users\Tyler\AppData\Local\Adobe
2014-07-12 23:33 - 2014-02-10 21:28 - 00000000 ___DC () C:\Program Files\CyberGhost 5
2014-07-12 23:32 - 2014-07-12 23:32 - 08646824 ____C (CyberGhost S.R.L. ) C:\Users\Tyler\Downloads\CG_5.0.13.17.exe
2014-07-12 23:32 - 2014-02-10 21:28 - 00000000 ___DC () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberGhost 5
2014-07-12 22:01 - 2013-10-15 15:42 - 00000000 ___DC () C:\Users\Tyler\AppData\Roaming\.minecraft
2014-07-12 21:27 - 2014-07-12 21:27 - 06498200 ____C (Microsoft Corporation) C:\Users\Tyler\Downloads\vcredist_x86(1).exe
2014-07-12 21:21 - 2013-04-20 12:00 - 00000000 ___DC () C:\ProgramData\Package Cache
2014-07-12 21:20 - 2014-07-12 21:19 - 06498200 ____C (Microsoft Corporation) C:\Users\Tyler\Downloads\vcredist_x86.exe
2014-07-12 20:33 - 2009-07-13 23:45 - 00021728 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-07-12 20:33 - 2009-07-13 23:45 - 00021728 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-07-12 20:04 - 2014-07-12 20:04 - 00002975 _____ () C:\Users\Tyler\Desktop\HiJackThis.lnk
2014-07-12 20:04 - 2014-07-12 20:04 - 00000000 ___DC () C:\Users\Tyler\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HiJackThis
2014-07-12 20:04 - 2014-07-12 20:04 - 00000000 ___DC () C:\Program Files (x86)\Trend Micro
2014-07-12 20:03 - 2014-07-12 20:03 - 01402880 _____ () C:\Users\Tyler\Downloads\HiJackThis.msi
2014-07-12 20:02 - 2014-07-12 20:02 - 00760544 ____C () C:\Users\Tyler\Downloads\hijackthis setup.exe
2014-07-12 19:43 - 2014-07-12 19:43 - 00050688 ____C (Atribune.org) C:\Users\Tyler\Downloads\ATF-Cleaner.exe
2014-07-12 19:29 - 2014-07-12 19:29 - 29611712 ____C (Microsoft Corporation) C:\Users\Tyler\Downloads\Windows-KB890830-x64-V5.14.exe
2014-07-12 19:06 - 2014-07-12 19:02 - 231648632 ____C (Symantec Corporation) C:\Users\Tyler\Downloads\N360_21.1.0.18_SYMTB_PROMO_4_MRFTT_830_10145-US1.exe
2014-07-12 19:01 - 2014-06-11 00:09 - 00003340 _____ () C:\Windows\System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-584796006-2325184674-3092041102-1000
2014-07-12 19:01 - 2014-06-11 00:09 - 00003206 _____ () C:\Windows\System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-584796006-2325184674-3092041102-1000
2014-07-12 19:00 - 2014-07-08 21:49 - 00000000 ___DC () C:\Users\Tyler\AppData\Roaming\DropboxMaster
2014-07-12 19:00 - 2014-07-08 21:48 - 00000000 __RDC () C:\Users\Tyler\Dropbox
2014-07-12 19:00 - 2014-05-31 12:13 - 00000000 ___DC () C:\Users\Tyler\AppData\Local\Overwolf
2014-07-12 19:00 - 2014-01-12 19:08 - 00000000 ___DC () C:\Users\Tyler\AppData\Local\TSVNCache
2014-07-12 19:00 - 2013-04-04 17:12 - 00000000 ___DC () C:\Users\Tyler\AppData\Roaming\Dropbox
2014-07-12 19:00 - 2013-02-24 17:03 - 00000494 _____ () C:\Windows\Tasks\ParetoLogic Update Version3 Startup Task.job
2014-07-12 18:37 - 2014-06-25 09:33 - 00000000 ___DC () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-07-12 18:35 - 2014-07-12 18:35 - 00000000 __SHD () C:\Windows\SysWOW64\Windows Server
2014-07-12 18:00 - 2013-02-24 17:03 - 00000468 _____ () C:\Windows\Tasks\ParetoLogic Registration3.job
2014-07-12 08:51 - 2014-07-12 08:51 - 00000004 _____ () C:\Users\Tyler\Desktop\RUST.txt
2014-07-11 23:12 - 2014-07-12 23:17 - 00107552 _____ (EasyAntiCheat Ltd) C:\Windows\SysWOW64\EasyAntiCheat.exe
2014-07-11 23:12 - 2014-07-11 23:12 - 00000222 _____ () C:\Users\Tyler\Desktop\Rust.url
2014-07-11 22:44 - 2014-07-11 22:44 - 00000222 _____ () C:\Users\Tyler\Desktop\DayZ.url
2014-07-11 22:21 - 2014-07-11 22:19 - 00000012 _____ () C:\Users\Tyler\Desktop\Password.txt
2014-07-11 19:29 - 2014-07-11 10:28 - 00000242 _____ () C:\Users\Tyler\Desktop\Trading cards.txt
2014-07-11 10:28 - 2014-06-28 15:12 - 00000036 _____ () C:\Users\Tyler\Desktop\TS3.txt
2014-07-10 12:14 - 2014-06-25 09:34 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-07-10 10:58 - 2014-07-10 10:58 - 00001878 ____C () C:\Users\Tyler\Desktop\ArmA2OA - Shortcut.lnk
2014-07-10 10:20 - 2014-06-20 20:13 - 00000000 ___DC () C:\Users\Tyler\AppData\Local\HTC MediaHub
2014-07-10 04:14 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\rescache
2014-07-10 03:37 - 2014-06-10 01:40 - 00000000 ____D () C:\Users\Tyler\Documents\PS3 Controller
2014-07-10 03:37 - 2014-04-28 18:05 - 00003552 _____ () C:\Windows\setupact.log
2014-07-10 03:37 - 2009-07-14 00:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-07-10 03:37 - 2009-07-13 23:45 - 04915720 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-07-10 03:33 - 2014-05-23 04:17 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-07-10 03:33 - 2011-04-12 03:28 - 00000000 ___DC () C:\Program Files\Windows Journal
2014-07-10 03:33 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\SysWOW64\Dism
2014-07-10 03:33 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\system32\Dism
2014-07-10 03:13 - 2013-07-26 23:50 - 00000000 ____D () C:\Windows\system32\MRT
2014-07-10 03:00 - 2013-02-24 17:03 - 00000442 _____ () C:\Windows\Tasks\ParetoLogic Update Version3.job
2014-07-09 20:58 - 2014-01-17 18:58 - 00000000 ____D () C:\Users\Tyler\Documents\ArmA 2
2014-07-09 15:22 - 2014-07-09 14:17 - 00000000 ____D () C:\Users\Tyler\Desktop\Pigoo Pack
2014-07-09 15:19 - 2014-07-08 20:46 - 00000000 ____D () C:\Users\Tyler\Desktop\Modpack
2014-07-09 15:18 - 2014-07-09 14:32 - 00000000 ____D () C:\Users\Tyler\Desktop\Pigoo Mods
2014-07-09 14:09 - 2014-07-07 14:44 - 00000000 ____D () C:\Users\Tyler\Desktop\Tekkit Server
2014-07-08 21:49 - 2014-07-08 21:48 - 00001017 _____ () C:\Users\Tyler\Desktop\Dropbox.lnk
2014-07-08 21:49 - 2014-04-28 19:34 - 00000000 ___DC () C:\Users\Tyler\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-07-08 21:48 - 2012-10-16 15:14 - 00000000 ___DC () C:\Users\Tyler
2014-07-07 15:01 - 2014-07-07 10:42 - 00000000 ___DC () C:\Program Files (x86)\WarThunder
2014-07-07 14:49 - 2014-07-07 14:49 - 02346942 ____C () C:\Users\Tyler\Desktop\TechnicLauncher.exe
2014-07-07 14:38 - 2012-10-16 16:51 - 00000000 ___HD () C:\Windows\msdownld.tmp
2014-07-07 12:04 - 2013-10-28 17:44 - 00000000 ___DC () C:\Users\Tyler\Desktop\screenshots
2014-07-07 10:42 - 2014-07-07 10:42 - 00001061 ____C () C:\Users\Public\Desktop\WarThunder.lnk
2014-07-07 10:42 - 2014-07-07 10:42 - 00000000 ___DC () C:\Users\Tyler\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WarThunder
2014-07-07 10:38 - 2014-07-07 10:22 - 00000000 ___DC () C:\Users\Tyler\AppData\Roaming\Tropico 3
2014-07-07 10:21 - 2014-05-01 17:22 - 00092742 _____ () C:\Windows\DirectX.log
2014-07-06 07:08 - 2014-04-28 18:05 - 00188662 _____ () C:\Windows\PFRO.log
2014-07-05 08:29 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\AppCompat
2014-07-05 08:26 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-07-05 06:44 - 2014-07-04 11:17 - 00000000 ___DC () C:\Users\Tyler\AppData\Local\wf-launcher
2014-07-05 06:44 - 2014-07-04 11:17 - 00000000 ___DC () C:\ProgramData\GFACE
2014-07-04 11:15 - 2014-01-20 22:05 - 00000000 ____D () C:\Users\Tyler\Desktop\Minecraft server
2014-07-04 11:12 - 2012-10-16 20:36 - 00000000 ___DC () C:\ProgramData\Skype
2014-07-04 11:11 - 2013-02-08 21:46 - 00000000 __RDC () C:\Program Files (x86)\Skype
2014-07-03 20:45 - 2014-07-03 20:41 - 00001233 _____ () C:\Users\Tyler\Desktop\irb - Shortcut.lnk
2014-07-03 20:39 - 2014-07-03 20:39 - 00000000 ___DC () C:\Users\Tyler\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ruby 2.0.0-p481-x64
2014-07-03 20:39 - 2014-07-03 20:39 - 00000000 ____D () C:\Ruby200-x64
2014-07-03 20:30 - 2014-07-03 20:30 - 00000000 ____D () C:\Users\Tyler\Desktop\obsidium
2014-07-03 20:25 - 2014-07-03 20:13 - 197224939 _____ () C:\Users\Tyler\Desktop\obsidium.exe
2014-07-01 14:11 - 2014-07-01 14:11 - 00000222 _____ () C:\Users\Tyler\Desktop\Warface.url
2014-06-30 13:09 - 2014-06-30 13:09 - 07141888 ____C () C:\Users\Tyler\Desktop\theHubskie launcher v1.0.3b.exe
2014-06-29 21:09 - 2014-07-09 19:32 - 00519168 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-06-29 21:04 - 2014-07-09 19:32 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-06-29 10:24 - 2014-06-29 10:24 - 00003480 _____ () C:\Windows\System32\Tasks\BullGuardResumeInstall
2014-06-29 10:21 - 2014-06-29 10:20 - 00000000 _____ () C:\Windows\system32\F39D4DE6-98B8-4E05-91BD-549E8A8248BD.tmp
2014-06-29 10:21 - 2014-05-03 11:29 - 00000928 _____ () C:\Windows\system32\config\afw_hm.conf
2014-06-29 10:21 - 2014-05-03 11:29 - 00000004 _____ () C:\Windows\system32\config\afw_db.conf
2014-06-29 10:21 - 2014-04-30 15:11 - 00000000 ___DC () C:\ProgramData\BullGuard
2014-06-29 10:21 - 2014-02-10 20:58 - 00000000 ___DC () C:\Users\HomeGroupUser$
2014-06-29 10:21 - 2014-02-10 20:58 - 00000000 ___DC () C:\Users\Guest
2014-06-29 10:21 - 2014-02-10 20:58 - 00000000 ___DC () C:\Users\Administrator
2014-06-29 10:20 - 2014-06-29 10:20 - 00000512 _____ () C:\Windows\system32\F39D4DE6-98B8-4E05-91BD-549E8A8248BD
2014-06-28 23:13 - 2014-06-28 21:09 - 00000000 ____D () C:\Users\Tyler\Desktop\Hub
2014-06-28 15:07 - 2014-06-28 15:07 - 00000221 _____ () C:\Users\Tyler\Desktop\SpaceChem.url
2014-06-28 14:58 - 2013-07-30 19:39 - 00000000 ___DC () C:\Users\Tyler\AppData\Roaming\FileZilla
2014-06-28 14:54 - 2014-06-28 14:54 - 00000000 ___DC () C:\Program Files (x86)\sweetpacks bundle uninstaller_FileZilla_1639621
2014-06-28 14:54 - 2014-03-03 16:59 - 00000000 ___DC () C:\Program Files (x86)\FileZilla FTP Client
2014-06-28 14:54 - 2013-07-30 19:39 - 00000000 ___DC () C:\Users\Tyler\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client
2014-06-28 14:51 - 2014-06-28 14:51 - 00000005 _____ () C:\Users\Tyler\Desktop\FTP PORT.txt
2014-06-28 14:51 - 2014-06-28 14:51 - 00000000 ___DC () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileZilla Server
2014-06-28 14:51 - 2014-06-28 14:51 - 00000000 ___DC () C:\Program Files (x86)\FileZilla Server
2014-06-28 14:14 - 2014-06-28 14:14 - 00000952 ____C () C:\Users\Public\Desktop\Play Moon Tycoon.lnk
2014-06-28 14:14 - 2014-06-28 14:14 - 00000034 _____ () C:\Windows\lnpth.lnf
2014-06-28 14:14 - 2014-06-28 14:14 - 00000000 ___DC () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Moon Tycoon
2014-06-28 14:14 - 2014-06-28 14:12 - 00000000 ___DC () C:\Program Files (x86)\Moon Tycoon
2014-06-26 21:45 - 2014-06-26 19:22 - 00000000 ____D () C:\Users\Tyler\Desktop\TheBuildingGame
2014-06-26 17:40 - 2012-10-16 17:01 - 96441528 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-06-26 11:29 - 2014-06-26 11:29 - 00001441 ____C () C:\Users\Tyler\Desktop\vegas120 - Shortcut.lnk
2014-06-25 10:19 - 2014-06-24 14:54 - 00000000 ___DC () C:\Users\Tyler\AppData\Local\Game Dev Tycoon - Steam
2014-06-25 09:33 - 2014-06-25 09:33 - 00001080 ____C () C:\Users\Tyler\Desktop\Malwarebytes Anti-Malware.lnk
2014-06-25 09:33 - 2014-06-25 09:33 - 00000000 ___DC () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-06-25 09:33 - 2012-12-25 10:07 - 00000000 ___DC () C:\Users\Tyler\AppData\Roaming\Malwarebytes
2014-06-25 09:33 - 2012-12-25 10:07 - 00000000 ___DC () C:\ProgramData\Malwarebytes
2014-06-25 09:33 - 2012-12-25 10:07 - 00000000 ___DC () C:\Program Files (x86)\Malwarebytes' Anti-Malware
2014-06-24 18:49 - 2014-01-18 17:13 - 00000000 ___DC () C:\Users\Tyler\AppData\Local\ArmA 2
2014-06-24 12:22 - 2014-06-24 12:15 - 00000222 _____ () C:\Users\Tyler\Desktop\Game Dev Tycoon.url
2014-06-24 12:11 - 2014-06-24 12:11 - 00000000 ___DC () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SqliteBrowser3
2014-06-24 12:11 - 2014-06-24 12:11 - 00000000 ___DC () C:\Program Files (x86)\SqliteBrowser3
2014-06-22 17:25 - 2014-06-07 11:24 - 00000000 ___DC () C:\Users\Tyler\Documents\Arma 2 Operation Arrowhead
2014-06-22 16:29 - 2013-11-08 16:30 - 00000000 ___DC () C:\Users\Tyler\AppData\Local\VNT
2014-06-22 16:29 - 2013-11-08 16:30 - 00000000 ___DC () C:\Program Files (x86)\VNT
2014-06-22 16:29 - 2013-05-19 12:06 - 00000000 ___DC () C:\Program Files (x86)\AskPartnerNetwork
2014-06-22 11:31 - 2014-05-31 12:15 - 00000000 ___DC () C:\Program Files (x86)\Overwolf
2014-06-22 11:19 - 2012-10-17 15:37 - 00000000 ___DC () C:\Program Files (x86)\Mozilla Maintenance Service
2014-06-22 09:13 - 2012-10-28 16:56 - 00000000 ____D () C:\Users\Tyler\Documents\My Games
2014-06-21 23:14 - 2014-06-21 23:14 - 00000222 _____ () C:\Users\Tyler\Desktop\Contagion.url
2014-06-21 13:49 - 2014-06-21 13:49 - 00000000 ___DC () C:\Users\Tyler\AppData\Local\techland
2014-06-21 11:49 - 2009-07-13 21:34 - 00000483 _____ () C:\Windows\win.ini
2014-06-21 11:09 - 2014-06-08 22:42 - 00000000 ___DC () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Roblox
2014-06-20 20:30 - 2014-06-20 20:30 - 00000222 _____ () C:\Users\Tyler\Desktop\Call of Juarez Gunslinger.url
2014-06-20 20:24 - 2014-06-20 20:24 - 00000222 _____ () C:\Users\Tyler\Desktop\Pixel Piracy.url
2014-06-20 20:24 - 2014-06-20 20:15 - 00000000 ___DC () C:\Users\Tyler\AppData\Roaming\HTC
2014-06-20 20:14 - 2014-06-20 20:13 - 00000000 ____D () C:\Users\Tyler\Documents\HTC
2014-06-20 20:14 - 2012-10-16 19:26 - 00103936 ____C () C:\Users\Tyler\AppData\Local\GDIPFONTCACHEV1.DAT
2014-06-20 20:13 - 2014-06-20 20:13 - 00000000 ___DC () C:\Users\Tyler\.android
2014-06-20 20:13 - 2014-06-20 20:13 - 00000000 ___DC () C:\ProgramData\HTC
2014-06-20 20:13 - 2013-04-09 15:27 - 00000000 ___DC () C:\Users\Tyler\AppData\Roaming\Apple Computer
2014-06-20 20:13 - 2013-04-09 15:27 - 00000000 ___DC () C:\Users\Tyler\AppData\Local\Apple Computer
2014-06-20 20:12 - 2014-06-20 19:52 - 00000000 ___DC () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HTC
2014-06-20 20:12 - 2014-06-20 19:52 - 00000000 ___DC () C:\Program Files (x86)\HTC
2014-06-20 19:52 - 2014-06-20 19:52 - 00003680 _____ () C:\Windows\DPINST.LOG
2014-06-20 19:52 - 2014-06-20 19:52 - 00000000 ___DC () C:\Program Files (x86)\Spirent Communications
2014-06-20 19:50 - 2014-01-17 07:51 - 00000000 ___DC () C:\Users\Tyler\AppData\Local\Downloaded Installations
2014-06-20 18:21 - 2013-06-03 19:32 - 00000000 ___DC () C:\Games
2014-06-20 15:14 - 2014-07-09 19:31 - 00266424 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-06-20 15:03 - 2014-06-20 15:03 - 00000000 ___DC () C:\Program Files (x86)\Square Enix
2014-06-20 14:50 - 2014-06-20 14:28 - 00000000 ___DC () C:\Users\Tyler\AppData\Local\Arma 3
2014-06-20 14:39 - 2014-07-09 19:31 - 00240824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-06-20 14:39 - 2014-06-20 14:28 - 00000000 ____D () C:\Users\Tyler\Documents\Arma 3
2014-06-20 14:28 - 2014-06-20 14:28 - 00000000 ___DC () C:\ProgramData\Bohemia Interactive
2014-06-20 13:25 - 2014-06-20 13:25 - 00000239 _____ () C:\Windows\hhdrvi.log
2014-06-19 12:12 - 2014-06-19 12:12 - 00003728 _____ () C:\Windows\System32\Tasks\Overwolf Updater Task
2014-06-19 12:12 - 2014-06-07 12:56 - 00000000 ___DC () C:\ProgramData\Overwolf
2014-06-19 04:05 - 2013-01-20 13:56 - 00003892 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-06-19 04:05 - 2013-01-20 13:56 - 00003640 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-06-18 20:39 - 2014-07-09 19:31 - 23464448 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-06-18 20:06 - 2014-07-09 19:31 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-06-18 20:06 - 2014-07-09 19:31 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-06-18 19:48 - 2014-07-09 19:31 - 02768384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-06-18 19:42 - 2014-07-09 19:31 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-06-18 19:42 - 2014-07-09 19:31 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-06-18 19:41 - 2014-07-09 19:31 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-06-18 19:41 - 2014-07-09 19:31 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-06-18 19:32 - 2014-07-09 19:31 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-06-18 19:31 - 2014-07-09 19:31 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-06-18 19:26 - 2014-07-09 19:31 - 00598016 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-06-18 19:24 - 2014-07-09 19:31 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-06-18 19:24 - 2014-07-09 19:31 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-06-18 19:23 - 2014-07-09 19:31 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-06-18 19:16 - 2014-07-09 19:31 - 17276416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-06-18 19:14 - 2014-07-09 19:31 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-06-18 19:09 - 2014-07-09 19:31 - 00452608 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-06-18 18:59 - 2014-07-09 19:31 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-06-18 18:56 - 2014-07-09 19:31 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-06-18 18:53 - 2014-07-09 19:31 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-06-18 18:51 - 2014-07-09 19:31 - 05721088 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-06-18 18:50 - 2014-07-09 19:31 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-06-18 18:48 - 2014-07-09 19:31 - 00292864 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-06-18 18:39 - 2014-07-09 19:31 - 00608768 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-06-18 18:38 - 2014-07-09 19:31 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-06-18 18:37 - 2014-07-09 19:31 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-06-18 18:36 - 2014-07-09 19:31 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-06-18 18:35 - 2014-07-09 19:31 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-06-18 18:33 - 2014-07-09 19:31 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-06-18 18:32 - 2014-07-09 19:31 - 02179072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-06-18 18:28 - 2014-07-09 19:31 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-06-18 18:28 - 2014-07-09 19:31 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-06-18 18:27 - 2014-07-09 19:31 - 02040832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-06-18 18:27 - 2014-07-09 19:31 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-06-18 18:25 - 2014-07-09 19:31 - 00442368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-06-18 18:23 - 2014-07-09 19:31 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-06-18 18:22 - 2014-07-09 19:31 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-06-18 18:12 - 2014-07-09 19:31 - 00367616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-06-18 18:06 - 2014-07-09 19:31 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-06-18 18:01 - 2014-07-09 19:31 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-06-18 17:59 - 2014-07-09 19:31 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-06-18 17:58 - 2014-07-09 19:31 - 02266112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-06-18 17:58 - 2014-07-09 19:31 - 00239616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-06-18 17:52 - 2014-07-09 19:31 - 04254720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-06-18 17:51 - 2014-07-09 19:31 - 13527040 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-06-18 17:49 - 2014-07-09 19:31 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-06-18 17:46 - 2014-07-09 19:31 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-06-18 17:45 - 2014-07-09 19:31 - 01964544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-06-18 17:35 - 2014-07-09 19:31 - 11742208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-06-18 17:34 - 2014-07-09 19:31 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-06-18 17:15 - 2014-07-09 19:31 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-06-18 17:13 - 2014-07-09 19:31 - 01791488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-06-18 17:09 - 2014-07-09 19:31 - 01139200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-06-18 17:07 - 2014-07-09 19:31 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-06-17 21:18 - 2014-07-09 19:31 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe
2014-06-17 20:51 - 2014-07-09 19:31 - 00646144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\osk.exe
2014-06-17 20:22 - 2014-06-17 20:22 - 00000000 ___DC () C:\Program Files (x86)\Mozilla Firefox
2014-06-17 20:10 - 2014-07-09 19:31 - 03157504 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-06-17 02:14 - 2009-07-14 00:13 - 00782470 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-06-16 22:26 - 2013-05-25 15:20 - 00000000 ____D () C:\Users\Tyler\Documents\Euro Truck Simulator 2
2014-06-16 12:58 - 2014-03-03 17:22 - 00000000 ____D () C:\Users\Tyler\Documents\Blockland
2014-06-16 12:26 - 2014-06-16 12:20 - 00000000 ____D () C:\Users\Tyler\Desktop\BL Admin Applicants
2014-06-14 10:14 - 2013-01-06 12:49 - 00000000 ____D () C:\Windows\System32\Tasks\NCH Software
2014-06-13 14:23 - 2013-03-10 12:33 - 00000000 ___DC () C:\Program Files (x86)\osu!
2014-06-13 10:51 - 2012-11-04 09:10 - 00000000 ___DC () C:\Program Files (x86)\Blockland

Files to move or delete:
====================
C:\Users\Tyler\AppData\Roaming\msconfig.ini


Some content of TEMP:
====================
C:\Users\Tyler\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpwq6pjz.dll
C:\Users\Tyler\AppData\Local\Temp\jansi-64-git-Bukkit-1.7.9-R0.2-10-ge6cd8c0-b3096jnks.dll
C:\Users\Tyler\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Tyler\AppData\Local\Temp\sqlite-3.7.2-sqlitejdbc.dll
C:\Users\Tyler\AppData\Local\Temp\zel7ka5p.dll


==================== Bamital & volsnap Check =================

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-07-08 00:40

==================== End Of Log ============================



#5 ----------------

----------------

    SuperMember

  • Authentic Member
  • PipPipPipPipPip
  • 1,095 posts

Posted 15 July 2014 - 06:54 AM

Your logs show obvious signs of having cracked software on your system. This is the main reason your computer is infected. Visiting cracksites/warezsites - and other questionable/illegal sites is always a risk.

Even a single click on the site can drop multiple forms of very serious malware, many of which disable your onboard protection, and System Restore.

If you install the cracked software, you are running executable files from these dubious, unknown sources. You are in effect giving these sources access to information on your hard disk, and potential control over the operation of your computer.

Additionally, cracked programs are illegal. Referring to the Forum Rules which you should have read at the time of Registering at this forum, this forum does not support illegal activity. As such, be advised that any request for assistance in removing malware may go unanswered, or may be discontinued, if the cracked (illegal) software is still present on the machine

Having said that we can help you clean your machine this time BUT this would be a ONCE ONLY offer on the understanding that all cracks are removed. This would apply not only here but at many other Malware Support forums if you were to appear again with cracks onboard, as many of us analysts work at multiple support sites. Please remove all cracked software and illegally obtained copyrighted material you have on the system so we may continue with the clean up.


Proud Member of UNITE & TB
 

#6 Nerfman7

Nerfman7

    New Member

  • Authentic Member
  • Pip
  • 10 posts

Posted 15 July 2014 - 09:51 AM

Can you tell me which programs are cracked, if not than it may take a while to figure all out.



#7 ----------------

----------------

    SuperMember

  • Authentic Member
  • PipPipPipPipPip
  • 1,095 posts

Posted 15 July 2014 - 10:06 AM

At least this is cracked:

 

2014-07-13 10:33 - 2014-03-19 20:24 - 00000000 ___DC () C:\Users\Tyler\Desktop\Rust 14.03
2014-07-13 10:28 - 2014-07-13 10:32 - 528272906 _____ () C:\Users\Tyler\Downloads\Rust 14.03 Cracked [DerpTeam].zip

 

Are your Microsoft products also pirated?


Proud Member of UNITE & TB
 

#8 Nerfman7

Nerfman7

    New Member

  • Authentic Member
  • Pip
  • 10 posts

Posted 19 July 2014 - 07:11 AM

Done removed the cracked items, Also nothing else is cracked.



#9 Tomk

Tomk

    Beguilement Monitor

  • Classroom Admin
  • 20,136 posts

Posted 21 July 2014 - 12:10 PM

Hi Nerfman7,

TB-Psychotic is away for a few days so let's see if I can help you get things straightened out.

Download ComboFix from here: http://download.blee...Bs/ComboFix.exe

* IMPORTANT !!! Save ComboFix.exe to your Desktop
  • Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. If you have difficulty properly disabling your protective programs, refer to this link --> http://forums.whatth...ams_t96260.html
  • Double click on ComboFix.exe & follow the prompts.
When finished, it shall produce a log for you. Please include the C:\ComboFix.txt in your next reply.


Notes:

1. Do not mouse-click Combofix's window while it is running. That may cause it to stall.
2. Do not "re-run" Combofix. If you have a problem, reply back for further instructions.
3. ComboFix may reset a number of Internet Explorer's settings, including making I-E the default browser.
4. CF disconnects your machine from the internet. The connection is automatically restored before CF completes its run. If CF runs into difficulty and terminates prematurely, the connection can be manually restored by restarting your machine.

Tomk
------------------------------------------------------------

mvplogo1_zpsea7gtc7e.gif


WTT-Grad1.jpg

Topics are closed after 5 days without response
unite_blue_zpsbfd3cd98.png


#10 Nerfman7

Nerfman7

    New Member

  • Authentic Member
  • Pip
  • 10 posts

Posted 21 July 2014 - 01:22 PM

ComboFix 14-07-21.01 - Tyler 07/21/2014  13:44:40.1.4 - x64
Microsoft Windows 7 Home Premium   6.1.7601.1.1252.1.1033.18.8175.3485 [GMT -5:00]
Running from: c:\users\Tyler\Downloads\ComboFix.exe
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((((((   Other Deletions   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\END
C:\install.exe
c:\program files (x86)\Open JDK Explorer\ywnmon32.exe
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\ywnmon32.exe.lnk
c:\users\Tyler\AppData\Local\assembly\tmp
c:\users\Tyler\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\pkbmgjgcofflkoljngfahgohapelgjbm
c:\users\Tyler\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\pkbmgjgcofflkoljngfahgohapelgjbm\2.1\background.html
c:\users\Tyler\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\pkbmgjgcofflkoljngfahgohapelgjbm\2.1\content.js
c:\users\Tyler\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\pkbmgjgcofflkoljngfahgohapelgjbm\2.1\lsdb.js
c:\users\Tyler\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\pkbmgjgcofflkoljngfahgohapelgjbm\2.1\manifest.json
c:\users\Tyler\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\pkbmgjgcofflkoljngfahgohapelgjbm\2.1\newtab.html
c:\users\Tyler\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\pkbmgjgcofflkoljngfahgohapelgjbm\2.1\sDAzT.js
c:\users\Tyler\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\pkbmgjgcofflkoljngfahgohapelgjbm
c:\users\Tyler\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\pkbmgjgcofflkoljngfahgohapelgjbm\2.1\background.html
c:\users\Tyler\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\pkbmgjgcofflkoljngfahgohapelgjbm\2.1\content.js
c:\users\Tyler\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\pkbmgjgcofflkoljngfahgohapelgjbm\2.1\lsdb.js
c:\users\Tyler\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\pkbmgjgcofflkoljngfahgohapelgjbm\2.1\manifest.json
c:\users\Tyler\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\pkbmgjgcofflkoljngfahgohapelgjbm\2.1\newtab.html
c:\users\Tyler\AppData\Local\Google\Chrome SxS\User Data\Default\Extensions\pkbmgjgcofflkoljngfahgohapelgjbm\2.1\sDAzT.js
c:\users\Tyler\AppData\Local\Temp\tmpAC2B.tmp
c:\users\Tyler\AppData\Local\Torch\User Data\Default\Extensions\pkbmgjgcofflkoljngfahgohapelgjbm
c:\users\Tyler\AppData\Local\Torch\User Data\Default\Extensions\pkbmgjgcofflkoljngfahgohapelgjbm\2.1\background.html
c:\users\Tyler\AppData\Local\Torch\User Data\Default\Extensions\pkbmgjgcofflkoljngfahgohapelgjbm\2.1\content.js
c:\users\Tyler\AppData\Local\Torch\User Data\Default\Extensions\pkbmgjgcofflkoljngfahgohapelgjbm\2.1\lsdb.js
c:\users\Tyler\AppData\Local\Torch\User Data\Default\Extensions\pkbmgjgcofflkoljngfahgohapelgjbm\2.1\manifest.json
c:\users\Tyler\AppData\Local\Torch\User Data\Default\Extensions\pkbmgjgcofflkoljngfahgohapelgjbm\2.1\newtab.html
c:\users\Tyler\AppData\Local\Torch\User Data\Default\Extensions\pkbmgjgcofflkoljngfahgohapelgjbm\2.1\sDAzT.js
c:\users\Tyler\AppData\Roaming\dclogs
c:\users\Tyler\AppData\Roaming\dclogs\2014-07-17-5.dc
c:\users\Tyler\AppData\Roaming\dclogs\2014-07-18-6.dc
c:\users\Tyler\AppData\Roaming\dclogs\2014-07-19-7.dc
c:\users\Tyler\AppData\Roaming\dclogs\2014-07-20-1.dc
c:\users\Tyler\AppData\Roaming\dclogs\2014-07-21-2.dc
c:\users\Tyler\AppData\Roaming\LiveSupport.exe_log.txt
c:\users\Tyler\AppData\Roaming\Love
c:\users\Tyler\AppData\Roaming\Love\mari0\options.txt
c:\users\Tyler\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Skype.lnk
c:\users\Tyler\AppData\Roaming\msconfig.ini
c:\users\Tyler\AppData\Roaming\poclbm
c:\users\Tyler\AppData\Roaming\poclbm\poclbm.ini
c:\users\Tyler\AppData\Roaming\regsvr32.exe_log.txt
c:\users\Tyler\AppData\Roaming\Roaming
c:\users\Tyler\AppData\Roaming\Roaming\Quest3D\ShipSimExtreme\channels.lst
c:\users\Tyler\AppData\Roaming\SearchProtect
c:\users\Tyler\AppData\Roaming\SQLite3.dll
c:\users\Tyler\AppData\Roaming\system32
c:\users\Tyler\AppData\Roaming\technic-launcher.jar
c:\users\Tyler\AppData\Roaming\Tyler3SQLite3.dll
c:\users\Tyler\AppData\Roaming\Tylerlog.dat
c:\windows\SwSys1.bmp
c:\windows\SwSys2.bmp
c:\windows\SysWow64\tmpEEDC.tmp
c:\windows\SysWow64\tmpEEDD.tmp
.
.
(((((((((((((((((((((((((   Files Created from 2014-06-21 to 2014-07-21  )))))))))))))))))))))))))))))))
.
.
2014-07-21 00:15 . 2014-07-21 00:15    --------    d-----w-    C:\SQLPatch
2014-07-21 00:15 . 2014-07-21 00:15    --------    d-----w-    C:\ru-RU
2014-07-21 00:15 . 2014-07-21 00:15    --------    d-----w-    C:\nl-BE
2014-07-21 00:15 . 2014-07-21 00:15    --------    d-----w-    C:\en-US
2014-07-21 00:15 . 2014-07-21 00:15    --------    d-----w-    C:\de-DE
2014-07-20 07:49 . 2014-07-20 07:49    --------    dc----w-    c:\users\Tyler\AppData\Local\27906
2014-07-20 07:49 . 2014-07-20 07:49    --------    dc----w-    c:\programdata\IePluginServices
2014-07-20 07:48 . 2014-07-20 07:49    --------    dc----w-    c:\program files (x86)\SupTab
2014-07-20 07:48 . 2014-07-20 07:48    --------    dc----w-    c:\programdata\WindowsMangerProtect
2014-07-20 07:48 . 2014-07-20 07:48    --------    dc----w-    c:\users\Tyler\AppData\Roaming\istart123
2014-07-19 13:52 . 2014-07-19 13:52    --------    dc----w-    c:\users\Tyler\AppData\Roaming\MotioninJoy
2014-07-19 13:52 . 2014-07-19 13:52    --------    dc----w-    c:\program files\MotioninJoy
2014-07-19 13:52 . 2012-05-12 17:31    121416    ----a-w-    c:\windows\system32\drivers\MijXfilt.sys
2014-07-19 13:52 . 2011-12-08 00:42    74960    ----a-w-    c:\windows\system32\drivers\xusb21.sys
2014-07-19 13:52 . 2011-12-08 00:42    328712    ----a-w-    c:\windows\system32\MijFrc.dll
2014-07-19 13:52 . 2011-12-08 00:42    1721576    ----a-w-    c:\windows\system32\WdfCoInstaller01009.dll
2014-07-19 03:45 . 2014-07-19 03:45    --------    dc----w-    c:\users\Tyler\AppData\Roaming\PandoraRecovery
2014-07-19 03:45 . 2014-07-19 03:52    --------    dc----w-    c:\program files (x86)\Pandora Recovery
2014-07-19 03:43 . 2014-07-19 03:43    75888    ----a-w-    c:\programdata\Microsoft\Windows Defender\Definition Updates\{A9F9666A-5978-49A2-9D4D-98C1EE2D2F6E}\offreg.dll
2014-07-18 23:38 . 2014-07-02 03:09    10924376    ----a-w-    c:\programdata\Microsoft\Windows Defender\Definition Updates\{A9F9666A-5978-49A2-9D4D-98C1EE2D2F6E}\mpengine.dll
2014-07-18 18:46 . 2014-07-18 18:46    --------    dc----w-    c:\users\Tyler\AppData\Local\theHunter
2014-07-18 18:28 . 2014-07-18 18:46    --------    dc----w-    c:\users\Tyler\AppData\Roaming\theHunter
2014-07-18 18:27 . 2014-07-18 18:27    --------    dc----w-    c:\programdata\Hunter
2014-07-18 01:53 . 2014-07-18 01:53    --------    dc----w-    c:\program files (x86)\Euro Truck Simulator 2 Multiplayer
2014-07-17 02:54 . 2014-07-15 21:16    863528    ----a-w-    c:\windows\system32\drivers\VBoxDrv.sys
2014-07-17 02:54 . 2014-07-15 21:15    129168    ----a-w-    c:\windows\system32\drivers\VBoxUSBMon.sys
2014-07-17 02:54 . 2014-07-17 02:54    --------    dc----w-    c:\program files\Oracle VM VirtualBox
2014-07-17 02:21 . 2014-07-17 02:29    --------    dc----w-    c:\users\Tyler\AppData\Local\VMware
2014-07-17 02:21 . 2014-07-17 02:38    --------    dc----w-    c:\users\Tyler\AppData\Roaming\VMware
2014-07-17 02:14 . 2014-07-17 02:39    --------    dc----w-    c:\programdata\VMware
2014-07-17 01:46 . 2014-07-21 18:58    --------    dc----w-    c:\program files (x86)\Open JDK Explorer
2014-07-17 01:13 . 2014-07-17 01:13    --------    dc----w-    c:\users\Tyler\AppData\Local\Electronic Arts
2014-07-15 21:15 . 2014-07-15 21:15    157448    ----a-w-    c:\windows\system32\drivers\VBoxNetFlt.sys
2014-07-15 21:15 . 2014-07-15 21:15    142528    ----a-w-    c:\windows\system32\drivers\VBoxNetAdp.sys
2014-07-15 21:13 . 2014-07-15 21:13    205352    ----a-w-    c:\windows\system32\VBoxNetFltNobj.dll
2014-07-14 04:23 . 2014-07-14 04:23    --------    d-sh--w-    c:\windows\SysWow64\Windows Firewall
2014-07-13 18:49 . 2014-07-13 18:51    --------    d-----w-    C:\FRST
2014-07-13 15:45 . 2014-07-13 15:45    --------    dc----w-    c:\programdata\Tunngle
2014-07-13 15:39 . 2014-07-13 15:39    --------    dc----w-    c:\programdata\LumaEmu_SteamCloud
2014-07-13 04:17 . 2014-07-12 04:12    107552    ----a-w-    c:\windows\SysWow64\EasyAntiCheat.exe
2014-07-13 01:04 . 2014-07-13 01:04    --------    dc----w-    c:\program files (x86)\Trend Micro
2014-07-13 00:06 . 2014-07-13 00:06    --------    dc----w-    c:\programdata\NortonInstaller
2014-07-13 00:06 . 2014-07-13 00:06    --------    dc----w-    c:\program files (x86)\NortonInstaller
2014-07-12 23:35 . 2014-07-14 22:23    --------    d-sh--w-    c:\windows\SysWow64\Windows Server
2014-07-10 00:32 . 2014-06-03 10:02    1719296    ----a-w-    c:\program files\Windows Journal\NBDoc.DLL
2014-07-10 00:32 . 2014-06-03 10:02    1380864    ----a-w-    c:\program files\Windows Journal\JNTFiltr.dll
2014-07-10 00:32 . 2014-06-03 10:02    1389568    ----a-w-    c:\program files\Windows Journal\JNWDRV.dll
2014-07-10 00:32 . 2014-06-03 10:02    1354240    ----a-w-    c:\program files\Common Files\Microsoft Shared\ink\journal.dll
2014-07-10 00:32 . 2014-06-03 09:29    936960    ----a-w-    c:\program files (x86)\Common Files\Microsoft Shared\ink\journal.dll
2014-07-10 00:32 . 2014-06-30 02:09    519168    ----a-w-    c:\windows\system32\aepdu.dll
2014-07-10 00:32 . 2014-06-30 02:04    424448    ----a-w-    c:\windows\system32\aeinv.dll
2014-07-09 02:49 . 2014-07-15 16:27    --------    dc----w-    c:\users\Tyler\AppData\Roaming\DropboxMaster
2014-07-09 02:48 . 2014-07-20 19:57    --------    dc----r-    c:\users\Tyler\Dropbox
2014-07-07 15:42 . 2014-07-07 20:01    --------    dc----w-    c:\program files (x86)\WarThunder
2014-07-07 15:22 . 2014-07-07 15:38    --------    dc----w-    c:\users\Tyler\AppData\Roaming\Tropico 3
2014-07-04 16:17 . 2014-07-05 11:44    --------    dc----w-    c:\programdata\GFACE
2014-07-04 16:17 . 2014-07-05 11:44    --------    dc----w-    c:\users\Tyler\AppData\Local\wf-launcher
2014-07-04 16:11 . 2014-07-04 16:11    --------    dc----w-    c:\program files (x86)\Common Files\Skype
2014-07-04 01:39 . 2014-07-04 01:39    --------    d-----w-    C:\Ruby200-x64
2014-06-29 15:20 . 2014-06-29 15:21    0    ----a-w-    c:\windows\system32\F39D4DE6-98B8-4E05-91BD-549E8A8248BD.tmp
2014-06-28 19:54 . 2014-06-28 19:54    --------    dc----w-    c:\program files (x86)\sweetpacks bundle uninstaller_FileZilla_1639621
2014-06-28 19:51 . 2014-06-28 19:51    --------    dc----w-    c:\program files (x86)\FileZilla Server
2014-06-28 19:12 . 2014-06-28 19:14    --------    dc----w-    c:\program files (x86)\Moon Tycoon
2014-06-25 14:34 . 2014-07-10 17:14    122584    ----a-w-    c:\windows\system32\drivers\MBAMSwissArmy.sys
2014-06-25 14:33 . 2014-06-25 14:33    --------    dc----w-    c:\program files (x86)\Malwarebytes Anti-Malware
2014-06-25 14:33 . 2014-05-12 12:26    63704    ----a-w-    c:\windows\system32\drivers\mwac.sys
2014-06-25 14:33 . 2014-05-12 12:26    91352    ----a-w-    c:\windows\system32\drivers\mbamchameleon.sys
2014-06-24 19:54 . 2014-06-25 15:19    --------    dc----w-    c:\users\Tyler\AppData\Local\Game Dev Tycoon - Steam
2014-06-24 17:11 . 2014-06-24 17:11    --------    dc----w-    c:\program files (x86)\SqliteBrowser3
.
.
.
((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-07-17 16:20 . 2013-04-20 17:06    290776    ----a-w-    c:\windows\SysWow64\PnkBstrB.xtr
2014-07-17 16:20 . 2013-04-20 16:59    290776    ----a-w-    c:\windows\SysWow64\PnkBstrB.exe
2014-07-17 15:58 . 2013-04-20 16:59    281288    ----a-w-    c:\windows\SysWow64\PnkBstrB.ex0
2014-07-16 22:54 . 2013-04-20 16:59    76888    ----a-w-    c:\windows\SysWow64\PnkBstrA.exe
2014-07-13 23:02 . 2014-07-13 23:02    32436184    ----a-w-    C:\Fraps.zip
2014-06-26 22:40 . 2012-10-16 22:01    96441528    ----a-w-    c:\windows\system32\MRT.exe
2014-06-10 05:20 . 2012-10-17 01:21    70832    ----a-w-    c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-06-10 05:20 . 2012-10-17 01:21    692400    ----a-w-    c:\windows\SysWow64\FlashPlayerApp.exe
2014-06-07 16:38 . 2012-10-17 01:03    56272    ----a-w-    c:\windows\system32\snacnp.dll
2014-05-23 08:45 . 2014-05-23 08:45    194048    ----a-w-    c:\windows\SysWow64\elshyph.dll
2014-05-23 08:45 . 2014-05-23 08:45    71680    ----a-w-    c:\windows\SysWow64\RegisterIEPKEYs.exe
2014-05-23 08:45 . 2014-05-23 08:45    645120    ----a-w-    c:\windows\SysWow64\jsIntl.dll
2014-05-23 08:45 . 2014-05-23 08:45    235008    ----a-w-    c:\windows\system32\elshyph.dll
2014-05-23 08:45 . 2014-05-23 08:45    182272    ----a-w-    c:\windows\SysWow64\msls31.dll
2014-05-23 08:45 . 2014-05-23 08:45    62464    ----a-w-    c:\windows\SysWow64\tdc.ocx
2014-05-23 08:45 . 2014-05-23 08:45    337408    ----a-w-    c:\windows\SysWow64\html.iec
2014-05-23 08:45 . 2014-05-23 08:45    24576    ----a-w-    c:\windows\SysWow64\licmgr10.dll
2014-05-23 08:45 . 2014-05-23 08:45    151552    ----a-w-    c:\windows\SysWow64\iexpress.exe
2014-05-23 08:45 . 2014-05-23 08:45    139264    ----a-w-    c:\windows\SysWow64\wextract.exe
2014-05-23 08:45 . 2014-05-23 08:45    36352    ----a-w-    c:\windows\SysWow64\imgutil.dll
2014-05-23 08:45 . 2014-05-23 08:45    13312    ----a-w-    c:\windows\SysWow64\mshta.exe
2014-05-23 08:45 . 2014-05-23 08:45    111616    ----a-w-    c:\windows\SysWow64\IEAdvpack.dll
2014-05-23 08:45 . 2014-05-23 08:45    74240    ----a-w-    c:\windows\SysWow64\SetIEInstalledDate.exe
2014-05-23 08:45 . 2014-05-23 08:45    48640    ----a-w-    c:\windows\SysWow64\mshtmler.dll
2014-05-23 08:45 . 2014-05-23 08:45    86016    ----a-w-    c:\windows\SysWow64\iesysprep.dll
2014-05-23 08:45 . 2014-05-23 08:45    942592    ----a-w-    c:\windows\system32\jsIntl.dll
2014-05-23 08:45 . 2014-05-23 08:45    86016    ----a-w-    c:\windows\system32\RegisterIEPKEYs.exe
2014-05-23 08:45 . 2014-05-23 08:45    247808    ----a-w-    c:\windows\system32\msls31.dll
2014-05-23 08:45 . 2014-05-23 08:45    52224    ----a-w-    c:\windows\system32\msfeedsbs.dll
2014-05-23 08:45 . 2014-05-23 08:45    13312    ----a-w-    c:\windows\system32\msfeedssync.exe
2014-05-23 08:45 . 2014-05-23 08:45    90112    ----a-w-    c:\windows\system32\SetIEInstalledDate.exe
2014-05-23 08:45 . 2014-05-23 08:45    77312    ----a-w-    c:\windows\system32\tdc.ocx
2014-05-23 08:45 . 2014-05-23 08:45    48640    ----a-w-    c:\windows\system32\mshtmler.dll
2014-05-23 08:45 . 2014-05-23 08:45    131072    ----a-w-    c:\windows\system32\IEAdvpack.dll
2014-05-23 08:45 . 2014-05-23 08:45    105984    ----a-w-    c:\windows\system32\iesysprep.dll
2014-05-23 08:45 . 2014-05-23 08:45    413696    ----a-w-    c:\windows\system32\html.iec
2014-05-23 08:45 . 2014-05-23 08:45    616104    ----a-w-    c:\windows\system32\ieapfltr.dat
2014-05-23 08:45 . 2014-05-23 08:45    81408    ----a-w-    c:\windows\system32\icardie.dll
2014-05-23 08:45 . 2014-05-23 08:45    235520    ----a-w-    c:\windows\system32\url.dll
2014-05-23 08:45 . 2014-05-23 08:45    243200    ----a-w-    c:\windows\system32\webcheck.dll
2014-05-23 08:45 . 2014-05-23 08:45    30208    ----a-w-    c:\windows\system32\licmgr10.dll
2014-05-23 08:45 . 2014-05-23 08:45    167424    ----a-w-    c:\windows\system32\iexpress.exe
2014-05-23 08:45 . 2014-05-23 08:45    143872    ----a-w-    c:\windows\system32\wextract.exe
2014-05-23 08:45 . 2014-05-23 08:45    101376    ----a-w-    c:\windows\system32\inseng.dll
2014-05-23 08:45 . 2014-05-23 08:45    147968    ----a-w-    c:\windows\system32\occache.dll
2014-05-23 08:45 . 2014-05-23 08:45    62464    ----a-w-    c:\windows\system32\pngfilt.dll
2014-05-23 08:45 . 2014-05-23 08:45    774144    ----a-w-    c:\windows\system32\jscript.dll
2014-05-23 08:45 . 2014-05-23 08:45    13824    ----a-w-    c:\windows\system32\mshta.exe
2014-05-23 08:45 . 2014-05-23 08:45    48128    ----a-w-    c:\windows\system32\imgutil.dll
2014-05-23 08:45 . 2014-05-23 08:45    135680    ----a-w-    c:\windows\system32\iepeers.dll
2014-05-12 12:25 . 2012-12-25 15:07    25816    ----a-w-    c:\windows\system32\drivers\mbam.sys
2014-05-05 20:34 . 2014-05-05 20:34    49576    ----a-w-    c:\windows\SysWow64\wbload2.dll
2014-05-05 20:34 . 2014-05-05 20:34    318544    ----a-w-    c:\windows\system32\wbload.dll
2014-05-05 20:34 . 2014-05-05 20:34    157264    ----a-w-    c:\windows\system32\wbload2.dll
2014-05-05 20:34 . 2014-05-05 20:34    128368    ----a-w-    c:\windows\SysWow64\wbload.dll
2014-04-29 00:48 . 2014-04-29 00:49    108968    ----a-w-    c:\windows\system32\WindowsAccessBridge-64.dll
2014-04-29 00:48 . 2014-04-29 00:49    313256    ----a-w-    c:\windows\system32\javaws.exe
2014-04-29 00:48 . 2014-04-29 00:49    189352    ----a-w-    c:\windows\system32\javaw.exe
2014-04-29 00:48 . 2014-04-29 00:49    189352    ----a-w-    c:\windows\system32\java.exe
2014-04-25 02:34 . 2014-06-11 13:20    801280    ----a-w-    c:\windows\system32\usp10.dll
2014-04-25 02:06 . 2014-06-11 13:20    626688    ----a-w-    c:\windows\SysWow64\usp10.dll
2011-03-30 17:40 . 2011-03-30 17:40    517976    -c--a-w-    c:\program files (x86)\DXSETUP.exe
2011-03-30 17:40 . 2011-03-30 17:40    95576    -c--a-w-    c:\program files (x86)\DSETUP.dll
2011-03-30 17:40 . 2011-03-30 17:40    1566040    -c--a-w-    c:\program files (x86)\dsetup32.dll
.
.
(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}]
2014-07-20 07:49    515464    -c--a-w-    c:\program files (x86)\SupTab\SupTab.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{4D594333-0076-A76A-76A7-7A786E7484D7}]
2014-06-14 20:06    12184    -c--a-w-    c:\program files (x86)\AskPartnerNetwork\Toolbar\MYC3\Passport.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar]
"{4D594333-0076-A76A-76A7-7A786E7484D7}"= "c:\program files (x86)\AskPartnerNetwork\Toolbar\MYC3\Passport.dll" [2014-06-14 12184]
.
[HKEY_CLASSES_ROOT\clsid\{4d594333-0076-a76a-76a7-7a786e7484d7}]
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1]
@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
2013-01-16 20:22    220632    ----a-w-    c:\users\Tyler\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2]
@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
2013-01-16 20:22    220632    ----a-w-    c:\users\Tyler\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3]
@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
2013-01-16 20:22    220632    ----a-w-    c:\users\Tyler\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\SkyDriveShell.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\1TortoiseNormal]
@="{C5994560-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994560-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 16:20    64792    -c--a-w-    c:\program files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\2TortoiseModified]
@="{C5994561-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994561-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 16:20    64792    -c--a-w-    c:\program files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\3TortoiseConflict]
@="{C5994562-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994562-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 16:20    64792    -c--a-w-    c:\program files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\4TortoiseLocked]
@="{C5994563-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994563-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 16:20    64792    -c--a-w-    c:\program files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\5TortoiseReadOnly]
@="{C5994564-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994564-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 16:20    64792    -c--a-w-    c:\program files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\6TortoiseDeleted]
@="{C5994565-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994565-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 16:20    64792    -c--a-w-    c:\program files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\7TortoiseAdded]
@="{C5994566-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994566-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 16:20    64792    -c--a-w-    c:\program files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\8TortoiseIgnored]
@="{C5994567-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994567-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 16:20    64792    -c--a-w-    c:\program files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\9TortoiseUnversioned]
@="{C5994568-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994568-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 16:20    64792    -c--a-w-    c:\program files (x86)\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-10 23:54    131248    -c--a-w-    c:\users\Tyler\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-10 23:54    131248    -c--a-w-    c:\users\Tyler\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-10 23:54    131248    -c--a-w-    c:\users\Tyler\AppData\Roaming\Dropbox\bin\DropboxExt.22.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SansaDispatch"="c:\users\Tyler\AppData\Roaming\SanDisk\Sansa Updater\SansaDispatch.exe" [2014-07-11 1465616]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2013-08-01 3673696]
"Gyazo"="c:\program files (x86)\Gyazo\GyStation.exe" [2013-10-03 2990304]
"Folder Size"="c:\program files\FolderSize\FolderSize.exe" [2013-02-13 169472]
"ManyCam"="c:\program files (x86)\ManyCam\ManyCam.exe" [2013-12-09 5679200]
"HitBliss"="c:\users\Tyler\AppData\Roaming\HitBliss\Player\HitBliss.exe" [2014-05-13 5954136]
"Clownfish"="c:\program files (x86)\Clownfish\Clownfish.exe" [2014-02-04 1309432]
"CyberGhost"="c:\program files\CyberGhost 5\CyberGhost.EXE" [2014-06-12 404080]
"WhatPulse"="c:\program files (x86)\WhatPulse2\whatpulse.exe" [2013-12-12 3126272]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2014-05-08 21445248]
"Overwolf"="c:\program files (x86)\Overwolf\Overwolf.exe" [2014-06-10 39712]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2013-04-22 59720]
"ApnTBMon"="c:\program files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe" [2014-06-14 1956760]
"VNT"="c:\program files (x86)\VNT\vntldr.exe" [2014-06-14 196504]
"amd_dc_opt"="c:\program files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe" [2008-07-22 77824]
"StartCCC"="c:\program files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe" [2013-12-06 766208]
"SwitchBoard"="c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
"AdobeCS5.5ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" [2011-01-12 1523360]
"FileZilla Server Interface"="c:\program files (x86)\FileZilla Server\FileZilla Server Interface.exe" [2014-06-07 2322944]
.
c:\users\Tyler\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dropbox.lnk - c:\users\Tyler\AppData\Roaming\Dropbox\bin\Dropbox.exe /systemstartup [2014-5-19 33322312]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\MCPClient]
2003-08-25 16:25    139264    -c--a-w-    c:\progra~2\COMMON~1\Stardock\MCPStub.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 IePluginServices;IePlugin Services;c:\programdata\IePluginServices\PluginService.exe;c:\programdata\IePluginServices\PluginService.exe [x]
R2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe;c:\program files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [x]
R2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R2 WindowsMangerProtect;WindowsMangerProtect Service;c:\programdata\WindowsMangerProtect\ProtectWindowsManager.exe;c:\programdata\WindowsMangerProtect\ProtectWindowsManager.exe [x]
R3 BEService;BattlEye Service;c:\program files (x86)\Common Files\BattlEye\BEService.exe;c:\program files (x86)\Common Files\BattlEye\BEService.exe [x]
R3 EasyAntiCheat;EasyAntiCheat;c:\windows\system32\EasyAntiCheat.exe;c:\windows\SYSNATIVE\EasyAntiCheat.exe [x]
R3 EvolveVirtualAdapter;Evolve Virtual Miniport Driver;c:\windows\system32\DRIVERS\evolve.sys;c:\windows\SYSNATIVE\DRIVERS\evolve.sys [x]
R3 hitmanpro37;HitmanPro 3.7 Support Driver;c:\windows\system32\drivers\hitmanpro37.sys;c:\windows\SYSNATIVE\drivers\hitmanpro37.sys [x]
R3 htcnprot;HTC NDIS Protocol Driver;c:\windows\system32\DRIVERS\htcnprot.sys;c:\windows\SYSNATIVE\DRIVERS\htcnprot.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\MBAMSwissArmy.sys;c:\windows\SYSNATIVE\drivers\MBAMSwissArmy.sys [x]
R3 MBAMWebAccessControl;MBAMWebAccessControl;c:\windows\system32\drivers\mwac.sys;c:\windows\SYSNATIVE\drivers\mwac.sys [x]
R3 MotioninJoyXFilter;MotioninJoy Virtual Xinput device Filter Driver;c:\windows\system32\DRIVERS\MijXfilt.sys;c:\windows\SYSNATIVE\DRIVERS\MijXfilt.sys [x]
R3 Mv_Process;Marvell process notification.;c:\windows\syswow64\mv_process.sys;c:\windows\syswow64\mv_process.sys [x]
R3 OverwolfUpdater;Overwolf Updater Windows SCM;c:\program files (x86)\Overwolf\OverwolfUpdater.exe;c:\program files (x86)\Overwolf\OverwolfUpdater.exe [x]
R3 pbfilter;pbfilter;c:\program files\PeerBlock\pbfilter.sys;c:\program files\PeerBlock\pbfilter.sys [x]
R3 ScreamBAudioSvc;ScreamBee Audio;c:\windows\system32\drivers\ScreamingBAudio64.sys;c:\windows\SYSNATIVE\drivers\ScreamingBAudio64.sys [x]
R3 SwitchBoard;Adobe SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [x]
R3 taphss6;Anchorfree HSS VPN Adapter;c:\windows\system32\DRIVERS\taphss6.sys;c:\windows\SYSNATIVE\DRIVERS\taphss6.sys [x]
R3 tapoas;TAP-Win32 Adapter OAS;c:\windows\system32\DRIVERS\tapoas.sys;c:\windows\SYSNATIVE\DRIVERS\tapoas.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 TunngleService;TunngleService;c:\program files (x86)\Tunngle\TnglCtrl.exe;c:\program files (x86)\Tunngle\TnglCtrl.exe [x]
R3 vmci;VMware VMCI Bus Driver;c:\windows\system32\DRIVERS\vmci.sys;c:\windows\SYSNATIVE\DRIVERS\vmci.sys [x]
R3 VsEtwService120;Visual Studio ETW Event Collection Service;c:\program files (x86)\Microsoft Visual Studio 12.0\Common7\Packages\Debugger\Services\VsEtwService.exe;c:\program files (x86)\Microsoft Visual Studio 12.0\Common7\Packages\Debugger\Services\VsEtwService.exe [x]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R3 WinRing0_1_2_0;WinRing0_1_2_0;c:\program files (x86)\Razer\Razer Game Booster\Driver\WinRing0x64.sys;c:\program files (x86)\Razer\Razer Game Booster\Driver\WinRing0x64.sys [x]
R4 Marvell Storage Management;Marvell Storage Management Service;c:\program files (x86)\Marvell\storage\svc\mvraidsvc.exe;c:\program files (x86)\Marvell\storage\svc\mvraidsvc.exe [x]
R4 MSUWebService;MSU Web Service;c:\program files (x86)\Marvell\storage\Apache2\bin\httpd.exe;c:\program files (x86)\Marvell\storage\Apache2\bin\httpd.exe [x]
R4 RealNetworks Downloader Resolver Service;RealNetworks Downloader Resolver Service;c:\program files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe;c:\program files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [x]
R4 TeamViewer8;TeamViewer 8;c:\program files (x86)\TeamViewer\Version8\TeamViewer_Service.exe;c:\program files (x86)\TeamViewer\Version8\TeamViewer_Service.exe [x]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys;c:\windows\SYSNATIVE\Drivers\PxHlpa64.sys [x]
S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys;c:\windows\SYSNATIVE\DRIVERS\dtsoftbus01.sys [x]
S1 netfilter64;netfilter64;c:\windows\system32\drivers\netfilter64.sys;c:\windows\SYSNATIVE\drivers\netfilter64.sys [x]
S1 VBoxDrv;VirtualBox Service;c:\windows\system32\DRIVERS\VBoxDrv.sys;c:\windows\SYSNATIVE\DRIVERS\VBoxDrv.sys [x]
S1 VBoxUSBMon;VirtualBox USB Monitor Driver;c:\windows\system32\DRIVERS\VBoxUSBMon.sys;c:\windows\SYSNATIVE\DRIVERS\VBoxUSBMon.sys [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 APNMCP;Ask Update Service;c:\program files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe;c:\program files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe [x]
S2 BitMeterCaptureService;BitMeter Capture Service;c:\program files (x86)\Codebox\BitMeterOS\BitMeterCaptureService.exe;c:\program files (x86)\Codebox\BitMeterOS\BitMeterCaptureService.exe [x]
S2 BitMeterWebService;BitMeter Web Service;c:\program files (x86)\Codebox\BitMeterOS\BitMeterWebService.exe;c:\program files (x86)\Codebox\BitMeterOS\BitMeterWebService.exe [x]
S2 c2cautoupdatesvc;Skype Click to Call Updater;c:\program files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe;c:\program files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [x]
S2 c2cpnrsvc;Skype Click to Call PNR Service;c:\program files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe;c:\program files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [x]
S2 CGVPNCliService;CyberGhost 5 Client Service;c:\program files\CyberGhost 5\Service.exe;c:\program files\CyberGhost 5\Service.exe [x]
S2 Ds3Service;SCP DS3 Service;c:\users\Tyler\Documents\PS3 Controller\ScpService.exe;c:\users\Tyler\Documents\PS3 Controller\ScpService.exe [x]
S2 GS In-Game Service;GS In-Game Service;c:\program files (x86)\GameTracker\GSInGameService.exe;c:\program files (x86)\GameTracker\GSInGameService.exe [x]
S2 hitbliss;HitBliss WFP driver;c:\windows\system32\drivers\hitbliss.sys;c:\windows\SYSNATIVE\drivers\hitbliss.sys [x]
S2 HTCMonitorService;HTCMonitorService;c:\program files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe;c:\program files (x86)\HTC\HTC Sync Manager\HSMServiceEntry.exe [x]
S2 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys;c:\windows\SYSNATIVE\drivers\npf.sys [x]
S2 PassThru Service;Internet Pass-Through Service;c:\program files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe;c:\program files (x86)\HTC\Internet Pass-Through\PassThruSvr.exe [x]
S2 RzKLService;RzKLService;c:\program files (x86)\Razer\Razer Game Booster\RzKLService.exe;c:\program files (x86)\Razer\Razer Game Booster\RzKLService.exe [x]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdW76.sys;c:\windows\SYSNATIVE\drivers\AtihdW76.sys [x]
S3 EtronHub3;Etron USB 3.0 Extensible Hub Driver;c:\windows\system32\Drivers\EtronHub3.sys;c:\windows\SYSNATIVE\Drivers\EtronHub3.sys [x]
S3 EtronXHCI;Etron USB 3.0 Extensible Host Controller Driver;c:\windows\system32\Drivers\EtronXHCI.sys;c:\windows\SYSNATIVE\Drivers\EtronXHCI.sys [x]
S3 ManyCam;ManyCam Virtual Webcam;c:\windows\system32\DRIVERS\mcvidrv.sys;c:\windows\SYSNATIVE\DRIVERS\mcvidrv.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
S3 mcaudrv_simple;ManyCam Virtual Microphone;c:\windows\system32\drivers\mcaudrv_x64.sys;c:\windows\SYSNATIVE\drivers\mcaudrv_x64.sys [x]
S3 ScpVBus;Scp Virtual Bus Driver;c:\windows\system32\DRIVERS\ScpVBus.sys;c:\windows\SYSNATIVE\DRIVERS\ScpVBus.sys [x]
S3 t_mouse.sys;HID-compliand device;c:\windows\system32\DRIVERS\t_mouse.sys;c:\windows\SYSNATIVE\DRIVERS\t_mouse.sys [x]
S3 tap0901t;TAP-Win32 Adapter V9 (Tunngle);c:\windows\system32\DRIVERS\tap0901t.sys;c:\windows\SYSNATIVE\DRIVERS\tap0901t.sys [x]
S3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter;c:\windows\system32\DRIVERS\VBoxNetAdp.sys;c:\windows\SYSNATIVE\DRIVERS\VBoxNetAdp.sys [x]
S3 VBoxNetFlt;VirtualBox Bridged Networking Service;c:\windows\system32\DRIVERS\VBoxNetFlt.sys;c:\windows\SYSNATIVE\DRIVERS\VBoxNetFlt.sys [x]
.
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - HCMON
*NewlyCreated* - VMNETBRIDGE
*NewlyCreated* - VMNETUSERIF
*NewlyCreated* - VMX86
*NewlyCreated* - VSOCK
*NewlyCreated* - WS2IFSL
*Deregistered* - hcmon
*Deregistered* - VMnetBridge
*Deregistered* - VMnetuserif
*Deregistered* - vmx86
*Deregistered* - vsock
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-07-18 17:09    1104200    -c--a-w-    c:\program files (x86)\Google\Chrome\Application\36.0.1985.125\Installer\chrmstp.exe
.
Contents of the 'Scheduled Tasks' folder
.
2014-07-15 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-10-17 05:20]
.
2014-07-20 c:\windows\Tasks\AmiUpdXp.job
- c:\users\Tyler\AppData\Local\27906\a17884.exe [2014-07-20 07:48]
.
2014-07-15 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-01-20 18:56]
.
2014-07-15 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-01-20 18:56]
.
2014-07-14 c:\windows\Tasks\ParetoLogic Registration3.job
- c:\windows\system32\rundll32.exe [2009-07-13 01:14]
.
2014-07-13 c:\windows\Tasks\ParetoLogic Update Version3 Startup Task.job
- c:\program files (x86)\Common Files\ParetoLogic\UUS3\Pareto_Update3.exe [2013-06-20 20:52]
.
2014-07-10 c:\windows\Tasks\ParetoLogic Update Version3.job
- c:\program files (x86)\Common Files\ParetoLogic\UUS3\Pareto_Update3.exe [2013-06-20 20:52]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{4D594333-0076-A76A-76A7-7A786E7484D7}]
2014-06-14 20:06    13720    -c--a-w-    c:\program files (x86)\AskPartnerNetwork\Toolbar\MYC3\Passport_x64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{4D594333-0076-A76A-76A7-7A786E7484D7}"= "c:\program files (x86)\AskPartnerNetwork\Toolbar\MYC3\Passport_x64.dll" [2014-06-14 13720]
.
[HKEY_CLASSES_ROOT\CLSID\{4D594333-0076-A76A-76A7-7A786E7484D7}]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive1]
@="{F241C880-6982-4CE5-8CF7-7085BA96DA5A}"
[HKEY_CLASSES_ROOT\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}]
2013-01-16 20:22    244696    ----a-w-    c:\users\Tyler\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive2]
@="{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}"
[HKEY_CLASSES_ROOT\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}]
2013-01-16 20:22    244696    ----a-w-    c:\users\Tyler\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrive3]
@="{BBACC218-34EA-4666-9D7A-C78F2274A524}"
[HKEY_CLASSES_ROOT\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}]
2013-01-16 20:22    244696    ----a-w-    c:\users\Tyler\AppData\Local\Microsoft\SkyDrive\16.4.6013.0910\amd64\SkyDriveShell64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\1TortoiseNormal]
@="{C5994560-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994560-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 16:20    75544    -c--a-w-    c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\2TortoiseModified]
@="{C5994561-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994561-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 16:20    75544    -c--a-w-    c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\3TortoiseConflict]
@="{C5994562-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994562-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 16:20    75544    -c--a-w-    c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\4TortoiseLocked]
@="{C5994563-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994563-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 16:20    75544    -c--a-w-    c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\5TortoiseReadOnly]
@="{C5994564-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994564-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 16:20    75544    -c--a-w-    c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\6TortoiseDeleted]
@="{C5994565-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994565-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 16:20    75544    -c--a-w-    c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\7TortoiseAdded]
@="{C5994566-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994566-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 16:20    75544    -c--a-w-    c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\8TortoiseIgnored]
@="{C5994567-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994567-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 16:20    75544    -c--a-w-    c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\9TortoiseUnversioned]
@="{C5994568-53D9-4125-87C9-F193FC689CB2}"
[HKEY_CLASSES_ROOT\CLSID\{C5994568-53D9-4125-87C9-F193FC689CB2}]
2011-06-13 16:20    75544    -c--a-w-    c:\program files\Common Files\TortoiseOverlays\TortoiseOverlays.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt1]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-10 23:54    164016    -c--a-w-    c:\users\Tyler\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt2]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-10 23:54    164016    -c--a-w-    c:\users\Tyler\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt3]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-10 23:54    164016    -c--a-w-    c:\users\Tyler\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\DropboxExt4]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2013-09-10 23:54    164016    -c--a-w-    c:\users\Tyler\AppData\Roaming\Dropbox\bin\DropboxExt64.22.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"MouseDriver"="TiltWheelMouse.exe" [2012-12-19 241152]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2011-03-15 499608]
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.istart123.com/?type=hp&ts=1405842490&from=amt&uid=WDCXWD5000AAKX-603CA0_WD-WCAYUAK2864628646
mDefault_Search_URL = hxxp://www.istart123.com/web/?type=ds&ts=1405842490&from=amt&uid=WDCXWD5000AAKX-603CA0_WD-WCAYUAK2864628646&q={searchTerms}
mDefault_Page_URL = hxxp://www.istart123.com/?type=hp&ts=1405842490&from=amt&uid=WDCXWD5000AAKX-603CA0_WD-WCAYUAK2864628646
mStart Page = hxxp://www.istart123.com/?type=hp&ts=1405842490&from=amt&uid=WDCXWD5000AAKX-603CA0_WD-WCAYUAK2864628646
mLocal Page = c:\windows\SysWOW64\blank.htm
mSearch Page = hxxp://www.istart123.com/web/?type=ds&ts=1405842490&from=amt&uid=WDCXWD5000AAKX-603CA0_WD-WCAYUAK2864628646&q={searchTerms}
uInternet Settings,ProxyOverride = local;*.local
Trusted Zone: clonewarsadventures.com
Trusted Zone: freerealms.com
Trusted Zone: genieo.com\yahoo
Trusted Zone: soe.com
Trusted Zone: sony.com
TCP: DhcpNameServer = 192.168.1.1
FF - ProfilePath - c:\users\Tyler\AppData\Roaming\Mozilla\Firefox\Profiles\e074ac4x.default-1404074632853\
FF - prefs.js: browser.search.selectedEngine - istart123
FF - prefs.js: browser.startup.homepage - hxxp://google.com/
.
- - - - ORPHANS REMOVED - - - -
.
BHO-{2C4BA31C-0C15-11E2-90C7-9BFCBEB168B3} - (no file)
Wow6432Node-HKCU-Run-MicroUpdate - c:\windows\system32\MSDCSC\yyV7aPV3gp8F\msdcsc.exe
Wow6432Node-HKLM-Run-Windows YWN Monitor - c:\program files (x86)\Open JDK Explorer\ywnmon32.exe
Wow6432Node-HKLM-Run-ywnmon32 - c:\program files (x86)\Open JDK Explorer\ywnmon32.exe
SafeBoot-BsScanner
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
AddRemove-BattlEye for A2 - c:\program files (x86)\Steam\steamapps\common\Arma 2BattlEye\UnInstallBE.exe
AddRemove-Blockland - c:\program files (x86)\Blockland\uninstall.exe
AddRemove-PunkBusterSvc - c:\program files (x86)\STEAM\STEAMAPPS\COMMON\APB RELOADED\Binaries\pbsvc_apb.exe
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\Approved Extensions]
@Denied: (2) (LocalSystem)
"{82E1477C-B154-48D3-9891-33D83C26BCD3}"=hex:51,66,7a,6c,4c,1d,38,12,12,44,f2,
   86,66,ff,bd,0d,e7,87,70,98,39,78,f8,c7
"{4D594333-0076-A76A-76A7-7A786E7484D7}"=hex:51,66,7a,6c,4c,1d,38,12,5d,40,4a,
   49,44,4e,04,e2,09,b1,39,38,6b,2a,c0,c3
"{0E8A89AD-95D7-40EB-8D9D-083EF7066A01}"=hex:51,66,7a,6c,4c,1d,38,12,c3,8a,99,
   0a,e5,db,85,05,f2,8b,4b,7e,f2,58,2e,15
"{3049C3E9-B461-4BC5-8870-4C09146192CA}"=hex:51,66,7a,6c,4c,1d,38,12,87,c0,5a,
   34,53,fa,ab,0e,f7,66,0f,49,11,3f,d6,de
"{9030D464-4C02-4ABF-8ECC-5164760863C6}"=hex:51,66,7a,6c,4c,1d,38,12,0a,d7,23,
   94,30,02,d1,0f,f1,da,12,24,73,56,27,d2
"{C1AF5FA5-852C-4C90-812E-A7F75E011D87}"=hex:51,66,7a,6c,4c,1d,38,12,cb,5c,bc,
   c5,1e,cb,fe,09,fe,38,e4,b7,5b,5f,59,93
"{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}"=hex:51,66,7a,6c,4c,1d,38,12,70,05,61,
   f9,ec,d1,23,0d,da,9c,48,eb,44,0f,8e,cc
"{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}"=hex:51,66,7a,6c,4c,1d,38,12,d5,94,07,
   72,c2,98,42,03,c9,fd,97,9a,f4,87,69,57
"{DBC80044-A445-435B-BC74-9C25C1C588A9}"=hex:51,66,7a,6c,4c,1d,38,12,2a,03,db,
   df,77,ea,35,06,c3,62,df,65,c4,9b,cc,bd
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\ApprovedExtensionsMigration]
@Denied: (2) (LocalSystem)
"Timestamp"=hex:85,7d,7a,2e,4b,61,ce,01
.
[HKEY_USERS\S-1-5-21-584796006-2325184674-3092041102-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.eml\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.Email.1"
.
[HKEY_USERS\S-1-5-21-584796006-2325184674-3092041102-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vcf\UserChoice]
@Denied: (2) (LocalSystem)
"Progid"="WindowsLiveMail.VCard.1"
.
[HKEY_USERS\S-1-5-21-584796006-2325184674-3092041102-1000\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{103A74ED-C27F-3694-106E-6BC28C727501}*]
"iaojllekhemgilgdki"=hex:69,61,64,62,6e,6f,6d,64,62,6c,67,6d,66,62,63,64,68,6f,
   00,00
"haiknldlghcloeno"=hex:69,61,64,62,6e,6f,6d,64,62,6c,67,6d,66,62,63,64,68,6f,
   00,00
"haneiebppegioiie"=hex:66,61,61,62,68,6e,66,62,66,62,6a,70,00,40
.
[HKEY_USERS\S-1-5-21-584796006-2325184674-3092041102-1000\Software\SecuROM\License information*]
"datasecu"=hex:12,0d,5e,cb,46,3d,7a,8d,40,f7,25,1d,dc,48,64,6b,07,43,f4,fd,79,
   b1,16,62,56,ef,51,51,df,f0,52,b5,5e,5b,64,1e,7d,fe,03,2e,fe,33,ea,27,85,62,\
"rkeysecu"=hex:73,7d,30,50,39,d4,6c,1c,96,b6,21,31,fc,d9,f8,23
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_6_602_180_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_6_602_180_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_6_602_180_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_6_602_180_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_6_602_180.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_6_602_180.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_6_602_180.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_6_602_180.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Bohemia Interactive Studio\ArmA 2 OA]
@Denied: (2) (Administrators)
"main"="c:\\Program Files (x86)\\Steam\\steamapps\\common\\Arma 2 Operation Arrowhead"
"data"="c:\\Program Files (x86)\\Steam\\steamapps\\common\\Arma 2 Operation Arrowhead\\Expansion"
"key"=hex:c6,29,42,6f,29,81,a8,41,63,1d,a0,af,a1,98,72
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Bohemia Interactive Studio\ArmA 2 OA\Expansions\arma 2]
"path"="SOFTWARE\\Bohemia Interactive Studio\\ArmA 2"
"loadbefore"=""
"loadafter"="ARMA 2 OA"
"moddir"="CA"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Bohemia Interactive Studio\ArmA 2 OA\Expansions\arma 2 oa]
"path"="SOFTWARE\\Bohemia Interactive Studio\\ArmA 2 OA"
"loadbefore"=""
"loadafter"=""
"moddir"="Expansion"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2014-07-21  14:20:01
ComboFix-quarantined-files.txt  2014-07-21 19:19
.
Pre-Run: 271,542,566,912 bytes free
Post-Run: 272,907,890,688 bytes free
.
- - End Of File - - 39E57617BA22C80A5F29B03614F71E38
A36C5E4F47E84449FF07ED3517B43A31
 


    Advertisements

Register to Remove


#11 Tomk

Tomk

    Beguilement Monitor

  • Classroom Admin
  • 20,136 posts

Posted 21 July 2014 - 10:54 PM

You have some "suspicious" programs installed.  I suggest that you uninstall all programs that were not acquired legitimately.

 

Also, please quit installing programs during the cleaning process.  I expect you to only install programs that I request.

 

Step 1

Please download Junkware Removal Tool to your desktop.

  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista or Seven, right-mouse click it and select Run as Administrator.
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.

Step 2

Please download AdwCleaner by Xplode onto your desktop.
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click on Scan button. Wait until is finished.
  • Click on Clean.
  • Confirm each time with Ok.
  • Your computer will be rebooted automatically. A text file will open after the restart.
  • Please post the content of that logfile with your next answer.
  • You can find the logfile at C:\AdwCleaner\AdwCleaner[S0].txt as well.

Step 3
Please download Malwarebytes' Anti-Malware to your desktop.
 
  • Double-click mbam-setup.exe and follow the prompts to install the program.
  • At the end, be sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select Perform quick scan, then click Scan.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Be sure that everything is checked, and click Remove Selected.
  • When completed, a log will open in Notepad. Please save it to a convenient location and post the results.
  • Note: If you receive a notice that some of the items couldn't be removed, that they have been added to the delete on reboot list, please reboot (shut down your computer then restart it).

 


In your next reply, post the following log files:
  • Junkware Removal Tool log
  • AdwCleaner log
  • Malwarebytes' Anti-Malware log

 

Also, please let me know how things seem to be running now.


Tomk
------------------------------------------------------------

mvplogo1_zpsea7gtc7e.gif


WTT-Grad1.jpg

Topics are closed after 5 days without response
unite_blue_zpsbfd3cd98.png


#12 Nerfman7

Nerfman7

    New Member

  • Authentic Member
  • Pip
  • 10 posts

Posted 22 July 2014 - 07:32 AM

# AdwCleaner v3.216 - Report created 22/07/2014 at 08:21:14
# Updated 17/07/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Tyler - TYLER-PC
# Running from : C:\Users\Tyler\Downloads\AdwCleaner.exe
# Option : Clean

***** [ Services ] *****

[#] Service Deleted : IePluginServices

***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\AskPartnerNetwork
Folder Deleted : C:\ProgramData\IePluginServices
Folder Deleted : C:\ProgramData\NCH Software
Folder Deleted : C:\ProgramData\ParetoLogic
Folder Deleted : C:\ProgramData\WindowsMangerProtect
Folder Deleted : C:\Program Files (x86)\AskPartnerNetwork
Folder Deleted : C:\Program Files (x86)\HiDefMedia
Folder Deleted : C:\Program Files (x86)\NCH Software
Folder Deleted : C:\Program Files (x86)\SupTab
Folder Deleted : C:\Program Files (x86)\VideoConverter
Folder Deleted : C:\Program Files (x86)\VNT
Folder Deleted : C:\Program Files (x86)\Common Files\ParetoLogic
Folder Deleted : C:\Windows\Installer\{813BA625-B0FA-48D8-9B75-59759C88C219}
Folder Deleted : C:\Users\Tyler\AppData\Local\AskPartnerNetwork
Folder Deleted : C:\Users\Tyler\AppData\Local\b1e
Folder Deleted : C:\Users\Tyler\AppData\Local\Bundled software uninstaller
Folder Deleted : C:\Users\Tyler\AppData\Local\Conduit
Folder Deleted : C:\Users\Tyler\AppData\Local\DownloadTerms
Folder Deleted : C:\Users\Tyler\AppData\Local\NativeMessaging
Folder Deleted : C:\Users\Tyler\AppData\Local\PackageAware
Folder Deleted : C:\Users\Tyler\AppData\Local\SwvUpdater
Folder Deleted : C:\Users\Tyler\AppData\Local\torch
Folder Deleted : C:\Users\Tyler\AppData\Local\VNT
Folder Deleted : C:\Users\Tyler\AppData\Roaming\ExpressFiles
Folder Deleted : C:\Users\Tyler\AppData\Roaming\NCH Software
Folder Deleted : C:\Users\Tyler\AppData\Roaming\ParetoLogic
Folder Deleted : C:\Users\Tyler\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\fbDownloader
Folder Deleted : C:\Users\Tyler\AppData\Roaming\Mozilla\Firefox\Profiles\e074ac4x.default-1404074632853\Extensions\faststartff@gmail.com
File Deleted : C:\Program Files (x86)\Mozilla Firefox\browser\nsprotector.js
File Deleted : C:\Windows\System32\Tasks\Express FilesUpdate
File Deleted : C:\Windows\Tasks\paretologic registration3.job
File Deleted : C:\Windows\System32\Tasks\paretologic registration3
File Deleted : C:\Windows\Tasks\paretologic update version3.job
File Deleted : C:\Windows\System32\Tasks\paretologic update version3

***** [ Shortcuts ] *****

Shortcut Disinfected : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
Shortcut Disinfected : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk
Shortcut Disinfected : C:\Users\Tyler\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
Shortcut Disinfected : C:\Users\Tyler\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk
Shortcut Disinfected : C:\Users\Tyler\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
Shortcut Disinfected : C:\Users\Tyler\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
Shortcut Disinfected : C:\Users\Tyler\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Mozilla Firefox.lnk
Shortcut Disinfected : C:\Users\Tyler\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk
Shortcut Disinfected : C:\Users\Tyler\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk
Shortcut Disinfected : C:\Users\Tyler\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\69639df789022856\Google Chrome.lnk

***** [ Registry ] *****

Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [faststartff@gmail.com]
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\aaaamlnbcjjkcgabjgbhdkjncianpaah
Key Deleted : HKCU\Software\Google\Chrome\Extensions\kheelobnibmchifldedamogdmhemfjio
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\kheelobnibmchifldedamogdmhemfjio
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\ogccgbmabaphcakpiclgcnmcnimhokcj
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\avg-secure-search-installer_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\avg-secure-search-installer_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\LatestDLMgr_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\LatestDLMgr_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SearchSettings_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\SearchSettings_RASMANCS
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\YontooDesktop_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\YontooDesktop_RASMANCS
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [VNT]
Key Deleted : HKCU\Software\5257dcdbe634e841
Key Deleted : HKLM\SOFTWARE\5257dcdbe634e841
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{960DF771-CFCB-4E53-A5B5-6EF2BBE6E706}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{C3110516-8EFC-49D6-8B72-69354F332062}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{02054E11-5113-4BE3-8153-AA8DFB5D3761}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{2C4BA31C-0C15-11E2-90C7-9BFCBEB168B3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7E84186E-B5DE-4226-8A66-6E49C6B511B4}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{99066096-8989-4612-841F-621A01D54AD7}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AF175732-0D59-716D-F757-9F1492D808D9}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A1CCCE0D-AE21-42A2-BE58-8E6109410995}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{80703783-E415-4EE3-AB60-D36981C5A6F1}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{917CAAE9-DD47-4025-936E-1414F07DF5B8}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C66F0B7A-BD67-4982-AF71-C6CA6E7F016F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EAF749DC-CD87-4B04-B22A-D4AC3FBCB2BC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EE95078D-518C-4FD2-8093-FD1D4E33D3CA}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{2BF2028E-3F3C-4C05-AB45-B2F1DCFE0759}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{DB538320-D3C5-433C-BCA9-C4081A054FCF}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3593C8B9-8E18-4B4B-B7D3-CB8BEB1AA42C}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{EBFCF40E-A87B-463F-A782-55BDD4160B5E}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{021B4049-F57D-4565-A693-FD3B04786BFA}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{0362AA09-808D-48E9-B360-FB51A8CBCE09}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{06844020-CD0B-3D3D-A7FE-371153013E49}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{0ADC01BB-303B-3F8E-93DA-12C140E85460}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{10D3722F-23E6-3901-B6C1-FF6567121920}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{1675E62B-F911-3B7B-A046-EB57261212F3}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{192929F2-9273-3894-91B0-F54671C4C861}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{2932897E-3036-43D9-8A64-B06447992065}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{2DE92D29-A042-3C37-BFF8-07C7D8893EFA}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{31E3BC75-2A09-4CFF-9C92-8D0ED8D1DC0F}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{32B80AD6-1214-45F4-994E-78A5D482C000}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{3A8E103F-B2B7-3BEF-B3B0-88E29B2420E4}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{43969E3F-3E7C-4911-A8F1-79C6CA6AC731}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{478CE5D3-D38E-3FFE-8DBE-8C4A0F1C4D8D}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{48B7DA4E-69ED-39E3-BAD5-3E3EFF22CFB0}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{5982F405-44E4-3BBB-BAC4-CF8141CBBC5C}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{5D8C3CC3-3C05-38A1-B244-924A23115FE9}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{641593AF-D9FD-30F7-B783-36E16F7A2E08}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{711FC48A-1356-3932-94D8-A8B733DBC7E4}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{72227B7F-1F02-3560-95F5-592E68BACC0C}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{7B5E8CE3-4722-4C0E-A236-A6FF731BEF37}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{890D4F59-5ED0-3CB4-8E0E-74A5A86E7ED0}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{8C68913C-AC3C-4494-8B9C-984D87C85003}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{8D019513-083F-4AA5-933F-7D43A6DA82C4}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{917CAAE9-DD47-4025-936E-1414F07DF5B8}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{923F6FB8-A390-370E-A0D2-DD505432481D}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{9BBB26EF-B178-35D6-9D3D-B485F4279FE5}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{A62DDBE0-8D2A-339A-B089-8CBCC5CD322A}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{A82AD04D-0B8E-3A49-947B-6A69A8A9C96D}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{ADEB3CC9-A05D-4FCC-BD09-9025456AA3EA}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{B06D4521-D09C-3F41-8E39-9D784CCA2A75}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C06DAD42-6F39-4CE1-83CC-9A8B9105E556}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C2E799D0-43A5-3477-8A98-FC5F3677F35C}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C66F0B7A-BD67-4982-AF71-C6CA6E7F016F}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C815E3DA-0823-49B0-9270-D1771D58B317}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{D16107CD-2AD5-46A8-BA59-303B7C32C500}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{D25B101F-8188-3B43-9D85-201F372BC205}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{D2BA7595-5E44-3F1E-880F-03B3139FA5ED}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{D35F5C81-17D9-3E1C-A1FC-4472542E1D25}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{D8FA96CA-B250-312C-AF34-4FF1DD72589D}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{DAFC1E63-3359-416D-9BC2-E7DCA6F7B0F3}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{DC5E5C44-80FD-3697-9E65-9F286D92F3E7}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{E1B4C9DE-D741-385F-981E-6745FACE6F01}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{E7B623F5-9715-3F9F-A671-D1485A39F8A2}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{EAF749DC-CD87-4B04-B22A-D4AC3FBCB2BC}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{ED916A7B-7C68-3198-B87D-2DABC30A5587}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{EE95078D-518C-4FD2-8093-FD1D4E33D3CA}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{EFA1BDB2-BB3D-3D9A-8EB5-D0D22E0F64F4}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{F4CBF4DD-F8FE-35BA-BB7E-68304DAAB70B}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{FC32005D-E27C-32E0-ADFA-152F598B75E7}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6978F29A-3493-40B2-8CDC-9C13A02F85A4}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D7949A66-D936-4028-9552-14F7DC50F38D}
Data Restored : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\Google Chrome\shell\open\command
Data Restored : HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\FIREFOX.EXE\shell\open\command
Key Deleted : HKCU\Software\Claro LTD
Key Deleted : HKCU\Software\ExpressFiles
Key Deleted : HKCU\Software\ParetoLogic
Key Deleted : HKCU\Software\RegisteredApplicationsEx
Key Deleted : HKCU\Software\WEDLMNGR
Key Deleted : HKCU\Software\AppDataLow\{4A0F38A9-FE55-4B89-B73F-E60FDC0F72E9}
Key Deleted : HKLM\Software\{4A0F38A9-FE55-4B89-B73F-E60FDC0F72E9}
Key Deleted : HKLM\Software\ExpressFiles
Key Deleted : HKLM\Software\ParetoLogic
Key Deleted : HKLM\Software\PIP
Key Deleted : HKLM\Software\SoftwareUpdater
Key Deleted : HKLM\Software\SupDp
Key Deleted : HKLM\Software\SupTab
Key Deleted : HKLM\Software\supWindowsMangerProtect
Key Deleted : HKLM\Software\supWPM
Key Deleted : HKLM\Software\Trymedia Systems
Key Deleted : HKLM\Software\Vittalia
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Search Protection
Key Deleted : [x64] HKLM\SOFTWARE\AskPartnerNetwork
Key Deleted : [x64] HKLM\SOFTWARE\Speedchecker Limited
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Optimizer Pro_is1
Key Deleted : HKLM\Software\Classes\Installer\Features\526AB318AF0B8D84B9579557C9882C91
Key Deleted : HKLM\Software\Classes\Installer\Products\526AB318AF0B8D84B9579557C9882C91

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17207

Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page Before]
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Search Page Before]
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]
Setting Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]

-\\ Mozilla Firefox v28.0 (en-US)

[ File : C:\Users\Tyler\AppData\Roaming\Mozilla\Firefox\Profiles\e074ac4x.default-1404074632853\prefs.js ]

Line Deleted : user_pref("browser.search.defaultenginename", "istart123");
Line Deleted : user_pref("browser.search.selectedEngine", "istart123");

-\\ Google Chrome v36.0.1985.125

*************************

AdwCleaner[R0].txt - [21930 octets] - [22/07/2014 08:20:22]
AdwCleaner[S0].txt - [19294 octets] - [22/07/2014 08:21:14]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [19355 octets] ##########

 



#13 Nerfman7

Nerfman7

    New Member

  • Authentic Member
  • Pip
  • 10 posts

Posted 22 July 2014 - 07:32 AM

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 7 Home Premium x64
Ran by Tyler on Tue 07/22/2014 at  8:13:10.26
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services

Successfully stopped: [Service] APNMCP
Successfully deleted: [Service] APNMCP



~~~ Registry Values

Successfully deleted: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\apntbmon



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{18B9B16E-716F-43DF-A6AD-512C7D2EB983}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{39CB8175-E224-4446-8746-00566302DF8D}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{CFDAFE39-20CE-451D-BD45-A37452F39CF0}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\escort.dll
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\escortapp.dll
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\escorteng.dll
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\escortlbr.dll
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\esrv.exe
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\propertysync.exe
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{37211D63-CCE9-4780-B182-96538CFC6FED}
Failed to delete: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{8B9C4F32-044E-491C-893E-362CB8A679D5}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{CF2BF214-9D1E-4803-9AEB-38552615FD40}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{FE9271F2-6EFD-44B0-A826-84C829536E93}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{43969E3F-3E7C-4911-A8F1-79C6CA6AC731}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{C815E3DA-0823-49B0-9270-D1771D58B317}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Wow6432Node\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\anchorfree
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\conduit
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\filescout
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\im
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\livesupport
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\smarttweak
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\softonic
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\speedypc software
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\wecarereminder
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\conduit
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\conduitsearchscopes
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\smartbar
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-584796006-2325184674-3092041102-1000\Software\sweetim
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\babylon
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\conduit
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\delta
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\freeze.com
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\funmoods
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\searchprotect
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\speedypc software
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\yourfiledownloader
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\prod.cap
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\apnstub_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\apnstub_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\au__rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\au__rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\bundlesweetimsetup_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\bundlesweetimsetup_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\iminent_nonsearch_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\iminent_nonsearch_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\iminent_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\iminent_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\mybabylontb_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\mybabylontb_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\privitizevpn_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\privitizevpn_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\softwareupdater_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\softwareupdater_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\fbdownloader
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\searchthewebarp
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{99c91fc5-db5b-4aa0-bb70-5d89c5a4df96}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\askchecker_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\askchecker_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\AskInstallChecker-1_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\AskInstallChecker-1_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\UpdateTask_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\UpdateTask_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\mconduitinstaller_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\mconduitinstaller_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\dropdowndeals_132013-2294_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\dropdowndeals_132013-2294_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\aol_pricecheck_fx_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\aol_pricecheck_fx_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\aol_pricecheck_ie_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\aol_pricecheck_ie_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\pricepeep_40001_1001_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\pricepeep_40001_1001_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\PricePeep_RocketFuelInstaller_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\PricePeep_RocketFuelInstaller_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\SoftonicDownloader_for_desktop-activity-recorder_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\SoftonicDownloader_for_desktop-activity-recorder_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\SoftonicDownloader_for_fps-creator_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\SoftonicDownloader_for_fps-creator_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\SoftonicDownloader_for_game-maker_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\SoftonicDownloader_for_game-maker_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\SoftonicDownloader_for_k-lite-codec-pack_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\SoftonicDownloader_for_k-lite-codec-pack_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\SoftonicDownloader_for_postal-2_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\SoftonicDownloader_for_postal-2_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\SoftonicDownloader_for_slender-the-eight-pages_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\SoftonicDownloader_for_slender-the-eight-pages_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\SoftonicDownloader_for_visual-basic_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\SoftonicDownloader_for_visual-basic_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\ApnSetup_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\ApnSetup_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\askchecker_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\askchecker_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\AskInstallChecker-1_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\AskInstallChecker-1_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\UpdateTask_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\UpdateTask_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\mconduitinstaller_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\mconduitinstaller_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\dropdowndeals_132013-2294_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\dropdowndeals_132013-2294_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\aol_pricecheck_fx_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\aol_pricecheck_fx_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\aol_pricecheck_ie_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\aol_pricecheck_ie_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\pricepeep_40001_1001_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\pricepeep_40001_1001_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\PricePeep_RocketFuelInstaller_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\PricePeep_RocketFuelInstaller_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\SoftonicDownloader_for_desktop-activity-recorder_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\SoftonicDownloader_for_desktop-activity-recorder_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\SoftonicDownloader_for_fps-creator_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\SoftonicDownloader_for_fps-creator_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\SoftonicDownloader_for_game-maker_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\SoftonicDownloader_for_game-maker_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\SoftonicDownloader_for_k-lite-codec-pack_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\SoftonicDownloader_for_k-lite-codec-pack_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\SoftonicDownloader_for_postal-2_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\SoftonicDownloader_for_postal-2_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\SoftonicDownloader_for_slender-the-eight-pages_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\SoftonicDownloader_for_slender-the-eight-pages_RASMANCS
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\SoftonicDownloader_for_visual-basic_RASAPI32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Tracing\SoftonicDownloader_for_visual-basic_RASMANCS
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{58D9A283-EC1B-4FD9-A98F-078C76A02FCA}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{BB74DE59-BC4C-4172-9AC4-73315F71CFFE}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{EEE6C360-6118-11DC-9C72-001320C79847}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2C4BA31C-0C15-11E2-90C7-9BFCBEB168B3}
Successfully deleted: [Registry Key] "hkey_current_user\software\apn pip"
Successfully deleted: [Registry Key] "hkey_current_user\software\askpartnernetwork"
Successfully deleted: [Registry Key] "hkey_local_machine\software\askpartnernetwork"
Successfully deleted: [Registry Key] "hkey_local_machine\software\classes\clsid\{44cbc005-6243-4502-8a02-3a096a282664}"
Successfully deleted: [Registry Key] "hkey_local_machine\software\classes\clsid\{80703783-e415-4ee3-ab60-d36981c5a6f1}"
Successfully deleted: [Registry Key] "hkey_local_machine\software\classes\clsid\{d8278076-bc68-4484-9233-6e7f1628b56c}"
Successfully deleted: [Registry Key] "hkey_local_machine\software\classes\clsid\{f297534d-7b06-459d-bc19-2dd8ef69297b}"
Successfully deleted: [Registry Key] "hkey_local_machine\software\classes\typelib\{9945959c-aad8-4312-8b57-2de11927e770}"
Successfully deleted: [Registry Key] "hkey_local_machine\software\microsoft\internet explorer\low rights\elevationpolicy\{6978f29a-3493-40b2-8cdc-9c13a02f85a4}"
Successfully deleted: [Registry Key] "hkey_local_machine\software\microsoft\internet explorer\low rights\elevationpolicy\{d7949a66-d936-4028-9552-14f7dc50f38d}"



~~~ Files

Successfully deleted: [File] C:\Windows\Tasks\amiupdxp.job
Successfully deleted: [File] "C:\Program Files (x86)\mozilla firefox\nsprotector.js"



~~~ Folders

Successfully deleted: [Folder] "C:\ProgramData\apn"
Successfully deleted: [Folder] "C:\ProgramData\babylon"
Successfully deleted: [Folder] "C:\ProgramData\premium"
Successfully deleted: [Folder] "C:\ProgramData\simplitec"
Successfully deleted: [Folder] "C:\ProgramData\snt"
Successfully deleted: [Folder] "C:\ProgramData\speedypc software"
Successfully deleted: [Folder] "C:\Users\Tyler\AppData\Roaming\b1toolbar"
Successfully deleted: [Folder] "C:\Users\Tyler\AppData\Roaming\claro ltd"
Successfully deleted: [Folder] "C:\Users\Tyler\AppData\Roaming\datamgr"
Successfully deleted: [Folder] "C:\Users\Tyler\AppData\Roaming\drivercure"
Successfully deleted: [Folder] "C:\Users\Tyler\AppData\Roaming\funmoods"
Successfully deleted: [Folder] "C:\Users\Tyler\AppData\Roaming\hmn"
Successfully deleted: [Folder] "C:\Users\Tyler\AppData\Roaming\performersoft"
Successfully deleted: [Folder] "C:\Users\Tyler\AppData\Roaming\search protection"
Successfully deleted: [Folder] "C:\Users\Tyler\AppData\Roaming\simplitec"
Successfully deleted: [Folder] "C:\Users\Tyler\AppData\Roaming\speedypc software"
Successfully deleted: [Folder] "C:\Users\Tyler\AppData\Roaming\yourfiledownloader"
Successfully deleted: [Folder] "C:\Users\Tyler\appdata\locallow\conduit"
Successfully deleted: [Folder] "C:\Users\Tyler\appdata\locallow\download and sa"
Successfully deleted: [Folder] "C:\Users\Tyler\appdata\locallow\fast free converter"
Successfully deleted: [Folder] "C:\Users\Tyler\appdata\locallow\pricegong"
Successfully deleted: [Folder] "C:\Program Files (x86)\conduit"
Successfully deleted: [Folder] "C:\Program Files (x86)\delta"
Successfully deleted: [Folder] "C:\Program Files (x86)\fbdownloader"
Successfully deleted: [Folder] "C:\Program Files (x86)\file scout"
Successfully deleted: [Folder] "C:\Program Files (x86)\file type helper"
Successfully deleted: [Folder] "C:\Program Files (x86)\optimizer pro"
Successfully deleted: [Folder] "C:\Program Files (x86)\searchprotect"
Successfully deleted: [Folder] "C:\Program Files (x86)\trymedia"
Successfully deleted: [Folder] "C:\Program Files (x86)\Common Files\spigot"
Successfully deleted: [Folder] "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\buzzsocialpoints_dns"
Successfully deleted: [Folder] "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\livesupport"
Successfully deleted: [Folder] "C:\Users\Tyler\AppData\Roaming\microsoft\windows\start menu\programs\torntv.com"
Successfully deleted: [Folder] "C:\Windows\syswow64\ai_recyclebin"
Successfully deleted: [Folder] "C:\Users\Tyler\documents\optimizer pro"
Successfully deleted: [Folder] "C:\Windows\buzzsocialpointschecker"
Successfully deleted: [Folder] "C:\ProgramData\ask"
Failed to delete: [Folder] "C:\ProgramData\AskPartnerNetwork"
Failed to delete: [Folder] "C:\Program Files (x86)\askpartnernetwork"



~~~ FireFox

Successfully deleted: [Folder] "C:\Program Files (x86)\Mozilla Firefox\extensions\cxfnl@nxazbwxrbgsgfqqp.net"
Emptied folder: C:\Users\Tyler\AppData\Roaming\mozilla\firefox\profiles\e074ac4x.default-1404074632853\minidumps [6 files]



~~~ Chrome

Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Google\Chrome\Extensions\ejpbbhjlbipncjklfjjaedaieimbmdda
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Google\Chrome\Extensions\ejpbbhjlbipncjklfjjaedaieimbmdda
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Google\Chrome\Extensions\hahpjplbmicfkmoccokbjejahjjpnena



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Tue 07/22/2014 at  8:19:03.45
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 



#14 Nerfman7

Nerfman7

    New Member

  • Authentic Member
  • Pip
  • 10 posts

Posted 22 July 2014 - 07:46 AM

Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 7/22/2014
Scan Time: 8:38:19 AM
Logfile:
Administrator: Yes

Version: 2.00.2.1012
Malware Database: v2014.07.22.03
Rootkit Database: v2014.07.17.01
License: Premium
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled

OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: Tyler

Scan Type: Hyper Scan
Result: Completed
Objects Scanned: 293363
Time Elapsed: 5 min, 9 sec

Memory: Enabled
Startup: Enabled
Filesystem: Disabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 2
PUP.Optional.AdPeak, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\netfilter64, Quarantined, [662539693b4052e438fc695a748ee51b],
PUP.Optional.IStart.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\istart123 uninstall, Quarantined, [6d1ebfe3d2a95dd90f292c9619e909f7],

Registry Values: 2
Backdoor.Agent.DCEGen, HKU\S-1-5-21-584796006-2325184674-3092041102-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|MicroUpdate, C:\Windows\system32\MSDCSC\yyV7aPV3gp8F\msdcsc.exe, Quarantined, [b0db91113348c96d32682dc1aa58ee12]
PUP.Optional.FastStart.A, HKU\S-1-5-21-584796006-2325184674-3092041102-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MOZILLA\EXTENDS|appid, faststartff@gmail.com, Quarantined, [f893cad86e0da78fa956feca07fb56aa]

Registry Data: 1
PUP.Optional.Qone8, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES|DefaultScope, {33BB0A4E-99AF-4226-BDF6-49120163DE86}, Good: ({0633EE93-D776-472f-A0FF-E1416B8B2E3A}), Bad: ({33BB0A4E-99AF-4226-BDF6-49120163DE86}),Replaced,[6b20dac80279e155ff420f9e37cdc040]

Folders: 5
PUP.Optional.OpenJDKExplorer.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Open JDK Explorer, Quarantined, [602b52504b301c1a23e7cbfbdd255aa6],
PUP.Optional.OpenJDKExplorer.A, C:\Program Files (x86)\Open JDK Explorer, Quarantined, [4447129088f38aac092a89362ed4db25],
PUP.Optional.IStart.A, C:\Users\Tyler\AppData\Roaming\istart123, Quarantined, [6d1ebfe3d2a95dd90f292c9619e909f7],
PUP.Optional.IStart.A, C:\Users\Tyler\AppData\Roaming\istart123\images, Quarantined, [6d1ebfe3d2a95dd90f292c9619e909f7],
PUP.Optional.IStart.A, C:\Users\Tyler\AppData\Roaming\istart123\images\code, Quarantined, [6d1ebfe3d2a95dd90f292c9619e909f7],

Files: 33
PUP.Optional.OpenJDKExplorer.A, C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Open JDK Explorer\Open JDK Explorer.lnk, Quarantined, [602b52504b301c1a23e7cbfbdd255aa6],
Trojan.Backdoor, C:\Windows\SysWOW64\Windows Server\wserver.exe, Quarantined, [5f2c4d5573089e98846f06e0659dc63a],
PUP.Optional.IStart123.A, C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\istart123.xml, Quarantined, [e2a94f5399e260d68bfda4818480a15f],
PUP.Optional.AdPeak, C:\Windows\System32\drivers\netfilter64.sys, Quarantined, [662539693b4052e438fc695a748ee51b],
PUP.Optional.OpenJDKExplorer.A, C:\Program Files (x86)\Open JDK Explorer\jdkcheck.exe, Quarantined, [4447129088f38aac092a89362ed4db25],
PUP.Optional.OpenJDKExplorer.A, C:\Program Files (x86)\Open JDK Explorer\serviceio.exe, Quarantined, [4447129088f38aac092a89362ed4db25],
PUP.Optional.OpenJDKExplorer.A, C:\Program Files (x86)\Open JDK Explorer\sqlite3.dll, Quarantined, [4447129088f38aac092a89362ed4db25],
PUP.Optional.IStart.A, C:\Users\Tyler\AppData\Roaming\istart123\182.json, Quarantined, [6d1ebfe3d2a95dd90f292c9619e909f7],
PUP.Optional.IStart.A, C:\Users\Tyler\AppData\Roaming\istart123\MessageBox.xml, Quarantined, [6d1ebfe3d2a95dd90f292c9619e909f7],
PUP.Optional.IStart.A, C:\Users\Tyler\AppData\Roaming\istart123\uninstallDlg2.xml, Quarantined, [6d1ebfe3d2a95dd90f292c9619e909f7],
PUP.Optional.IStart.A, C:\Users\Tyler\AppData\Roaming\istart123\UninstallManager.exe, Quarantined, [6d1ebfe3d2a95dd90f292c9619e909f7],
PUP.Optional.IStart.A, C:\Users\Tyler\AppData\Roaming\istart123\images\bg.png, Quarantined, [6d1ebfe3d2a95dd90f292c9619e909f7],
PUP.Optional.IStart.A, C:\Users\Tyler\AppData\Roaming\istart123\images\bg1.png, Quarantined, [6d1ebfe3d2a95dd90f292c9619e909f7],
PUP.Optional.IStart.A, C:\Users\Tyler\AppData\Roaming\istart123\images\bk_shadow.png, Quarantined, [6d1ebfe3d2a95dd90f292c9619e909f7],
PUP.Optional.IStart.A, C:\Users\Tyler\AppData\Roaming\istart123\images\button.png, Quarantined, [6d1ebfe3d2a95dd90f292c9619e909f7],
PUP.Optional.IStart.A, C:\Users\Tyler\AppData\Roaming\istart123\images\button1.png, Quarantined, [6d1ebfe3d2a95dd90f292c9619e909f7],
PUP.Optional.IStart.A, C:\Users\Tyler\AppData\Roaming\istart123\images\checkbox.png, Quarantined, [6d1ebfe3d2a95dd90f292c9619e909f7],
PUP.Optional.IStart.A, C:\Users\Tyler\AppData\Roaming\istart123\images\checkbox_select.png, Quarantined, [6d1ebfe3d2a95dd90f292c9619e909f7],
PUP.Optional.IStart.A, C:\Users\Tyler\AppData\Roaming\istart123\images\checked.png, Quarantined, [6d1ebfe3d2a95dd90f292c9619e909f7],
PUP.Optional.IStart.A, C:\Users\Tyler\AppData\Roaming\istart123\images\close.png, Quarantined, [6d1ebfe3d2a95dd90f292c9619e909f7],
PUP.Optional.IStart.A, C:\Users\Tyler\AppData\Roaming\istart123\images\loading_bg.png, Quarantined, [6d1ebfe3d2a95dd90f292c9619e909f7],
PUP.Optional.IStart.A, C:\Users\Tyler\AppData\Roaming\istart123\images\loading_light.png, Quarantined, [6d1ebfe3d2a95dd90f292c9619e909f7],
PUP.Optional.IStart.A, C:\Users\Tyler\AppData\Roaming\istart123\images\min.png, Quarantined, [6d1ebfe3d2a95dd90f292c9619e909f7],
PUP.Optional.IStart.A, C:\Users\Tyler\AppData\Roaming\istart123\images\scrollbar.bmp, Quarantined, [6d1ebfe3d2a95dd90f292c9619e909f7],
PUP.Optional.IStart.A, C:\Users\Tyler\AppData\Roaming\istart123\images\Thumbs.db, Quarantined, [6d1ebfe3d2a95dd90f292c9619e909f7],
PUP.Optional.IStart.A, C:\Users\Tyler\AppData\Roaming\istart123\images\unchecked.png, Quarantined, [6d1ebfe3d2a95dd90f292c9619e909f7],
PUP.Optional.IStart.A, C:\Users\Tyler\AppData\Roaming\istart123\images\code\code1.jpg, Quarantined, [6d1ebfe3d2a95dd90f292c9619e909f7],
PUP.Optional.IStart.A, C:\Users\Tyler\AppData\Roaming\istart123\images\code\code2.jpg, Quarantined, [6d1ebfe3d2a95dd90f292c9619e909f7],
PUP.Optional.IStart.A, C:\Users\Tyler\AppData\Roaming\istart123\images\code\code3.jpg, Quarantined, [6d1ebfe3d2a95dd90f292c9619e909f7],
PUP.Optional.IStart.A, C:\Users\Tyler\AppData\Roaming\istart123\images\code\code4.jpg, Quarantined, [6d1ebfe3d2a95dd90f292c9619e909f7],
PUP.Optional.IStart.A, C:\Users\Tyler\AppData\Roaming\istart123\images\code\code5.jpg, Quarantined, [6d1ebfe3d2a95dd90f292c9619e909f7],
PUP.Optional.IStart.A, C:\Users\Tyler\AppData\Roaming\istart123\images\code\code6.jpg, Quarantined, [6d1ebfe3d2a95dd90f292c9619e909f7],
PUP.Optional.IStart.A, C:\Users\Tyler\AppData\Roaming\istart123\images\code\Thumbs.db, Quarantined, [6d1ebfe3d2a95dd90f292c9619e909f7],

Physical Sectors: 0
(No malicious items detected)


(end)



#15 Tomk

Tomk

    Beguilement Monitor

  • Classroom Admin
  • 20,136 posts

Posted 22 July 2014 - 09:55 AM

Your computer appears to have been infected by a backdoor trojan. These programs have the ability to steal passwords and other information from your system. If you use your computer for sensitive purposes such as internet banking then I recommend you take the following steps immediately:

  • Use another, uninfected computer to change all your internet passwords, especially ones with financial implications such as banks, paypal, ebay, etc. You should also change the passwords for any other site you use.
  • Call your bank(s), credit card company or any other institution which may be affected and advise them that your login/password or credit card information may have been stolen and ask what steps to take with regard to your account.
  • Consider what other private information could possibly have been taken from your computer and take appropriate steps

This infection can almost certainly be cleaned, but as the malware could be configured to run any program a remote attacker requires, it will be impossible to be 100% sure that the machine is clean, if this is unacceptable to you then you should consider reformatting the system partition and reinstalling Windows as this is the only 100% sure answer.

If you wish to reformat then please let me know in your next response, I'll now continue with instructions for cleaning.
 

 

 

You didn't tell me how things seem now?

 

ESET Online Scanner:

Note: You can use either Internet Explorer or Mozilla FireFox for this scan. You will however need to disable your current installed Anti-Virus, how to do so can be read here.

Vista users: You will need to to right-click on the either the IE or FF icon in the Start Menu or Quick Launch Bar on the Taskbar and select Run as Administrator from the context menu.
 

  • Please go here then click on: EOLS1.gif

    Note: If using Mozilla Firefox you will need to download esetsmartinstaller_enu.exe when prompted then double click on it to install.
    All of the below instructions are compatible with either Internet Explorer or Mozilla FireFox.

  • Select the option   YES, I accept the Terms of Use then click on: EOLS2.gif
  • When prompted allow the Add-On/Active X to install.
  • Make sure that the option Remove found threats is NOT checked, and the option Scan archives is  checked.
  • Now click on Advanced Settings and select the following:
    • Scan for potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth Technology
  • Now click on: EOLS3.gif
  • The virus signature database... will begin to download. Be patient this make take some time depending on the speed of your Internet Connection.
  • When completed the Online Scan will begin automatically.
  • Do not touch either the Mouse or keyboard during the scan otherwise it may stall.
  • When completed select Uninstall application on close if you so wish, make sure you copy the logfile first!
  • Now click on: EOLS4.gif
  • Use notepad to open the logfile located at C:\Program Files\ESET\EsetOnlineScanner\log.txt.
  • Copy and paste that log as a reply to this topic.

Note: Do not forget to re-enable your Anti-Virus application after running the above scan!
 

 


Tomk
------------------------------------------------------------

mvplogo1_zpsea7gtc7e.gif


WTT-Grad1.jpg

Topics are closed after 5 days without response
unite_blue_zpsbfd3cd98.png

Related Topics



0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users