Inactive-A Had white screen freeze and found related post. Would like to try to clean.

Status
Not open for further replies.

KnightCat

Posts: 19   +0
Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 12/18/2014
Scan Time: 8:57:07 AM
Logfile:
Administrator: Yes

Version: 2.00.4.1028
Malware Database: v2014.12.18.03
Rootkit Database: v2014.12.14.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled

OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: KnightCat

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 413164
Time Elapsed: 20 min, 38 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Warn
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 0
(No malicious items detected)

Registry Values: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Folders: 0
(No malicious items detected)

Files: 0
(No malicious items detected)

Physical Sectors: 0
(No malicious items detected)


(end)
 
DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 11.0.9600.17420 BrowserJavaVersion: 10.67.2
Run by KnightCat at 10:16:46 on 2014-12-18
Microsoft Windows 7 Ultimate 6.1.7601.1.1252.1.1033.18.32708.25708 [GMT -6:00]
.
AV: avast! Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: avast! Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
FW: avast! Antivirus *Disabled* {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\AVAST Software\Avast\afwServ.exe
C:\Program Files (x86)\Common Files\ArcSoft\esinter\Bin\eservutil.exe
C:\Program Files (x86)\Amazon\Amazon Games & Software Downloader\AmazonGSDownloaderService.exe
C:\Windows\system32\taskhost.exe
C:\Windows\system32\svchost.exe -k apphost
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe
C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe
C:\Program Files (x86)\RivaTuner Statistics Server\RTSS.exe
C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe
C:\Program Files (x86)\ASUS\AI Suite II\DIGI+ Power Control\PowerControlHelp.exe
C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe
C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe
C:\Program Files (x86)\ASUS\AsusFanControlService\1.01.14\AsusFanControlService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe
C:\Program Files (x86)\Motorola Media Link\Lite\NServiceEntry.exe
C:\Program Files\Logitech Gaming Software\LCore.exe
C:\Windows\WindowsMobile\wmdc.exe
C:\Windows\SysWOW64\rundll32.exe
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
F:\Games\Steam2\Steam.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Program Files (x86)\Google\Drive\googledrivesync.exe
C:\Users\KnightCat\AppData\Local\Workspace\workspacestatus.exe
C:\Program Files (x86)\IndieVolume\IndieVolume.GUI.exe
F:\Games\Steam2\bin\steamwebhelper.exe
C:\Users\KnightCat\AppData\Local\Workspace\workspaceupdate.exe
C:\Users\KnightCat\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
C:\Users\KnightCat\AppData\Local\FluxSoftware\Flux\flux.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Windows\System32\StikyNot.exe
C:\Windows\SysWOW64\C2MP\TrayMenu.exe
C:\Program Files (x86)\HP\Digital Imaging\bin\HpqSRmon.exe
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\Program Files (x86)\Gizmo\gizmo.exe
C:\Program Files (x86)\Amazon\Amazon Games & Software Downloader\AmazonGSDownloaderTray.exe
C:\Program Files (x86)\Workspace\offSyncService.exe
C:\Program Files (x86)\BlueStacks\HD-Agent.exe
C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin64\rpsystray.exe
C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
C:\Program Files (x86)\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe
C:\Program Files (x86)\SamLogic\USB Supervisor\USBsupervisor.exe
C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
C:\Program Files\Microsoft Office 15\root\office15\GROOVE.EXE
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\PowerMenu\PowerMenu.exe
C:\Program Files (x86)\Gizmo\gservice.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
C:\Windows\SysWOW64\svchost.exe -k hpdevmgmt
C:\Windows\SysWOW64\CtHelper.exe
C:\Windows\system32\IProsetMonitor.exe
C:\Windows\SysWOW64\srvany.exe
C:\Windows\KMService.exe
C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
C:\Program Files (x86)\MediaMall\MediaMallServer.exe
C:\Program Files (x86)\Google\Drive\googledrivesync.exe
C:\PROGRA~2\Raptr\raptr.exe
C:\Program Files\Logitech Gaming Software\Applets\LCDPictureViewer.exe
C:\Program Files\Logitech Gaming Software\Applets\LCDMovieViewer.exe
C:\Program Files\Logitech Gaming Software\Applets\LCDClock.exe
C:\Program Files\Logitech Gaming Software\Applets\LCDYT.exe
C:\Program Files\Logitech Gaming Software\Applets\LCDMedia.exe
C:\Program Files\Logitech Gaming Software\Applets\LCDCountdown.exe
C:\Program Files\Logitech Gaming Software\Applets\LCDPop3.exe
C:\Program Files\Logitech Gaming Software\Applets\LCDWebCam.exe
C:\Program Files\Logitech Gaming Software\Applets\LCDRSS.exe
C:\Program Files (x86)\ASUS\AI Suite II\USB 3.0 Boost\U3BoostSvr64.exe
C:\Windows\System32\svchost.exe -k HPZ12
C:\Program Files (x86)\NVMS5 Standard Edition\bin\cms.exe
C:\Program Files (x86)\NVMS5 Standard Edition\data\bin\mysqld.exe
C:\PROGRA~2\Raptr\raptr_im.exe
C:\Program Files (x86)\NVMS5 Standard Edition\bin\vtdu.exe
C:\Program Files (x86)\NVMS5 Standard Edition\bin\watch.exe
C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
C:\Windows\System32\svchost.exe -k HPZ12
C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
C:\Windows\SysWOW64\PnkBstrA.exe
C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe
C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRService.exe
C:\Program Files (x86)\Splashtop\Splashtop Software Updater\SSUService.exe
C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRServer.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
C:\Program Files (x86)\ASUS\AI Suite II\TurboV EVO\TurboVHelp.exe
C:\Program Files (x86)\Raptr\raptr_ep64.exe
C:\Windows\system32\svchost.exe -k iissvcs
C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRFeature.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files (x86)\Dyn Updater\DynUpSvc.exe
C:\Program Files (x86)\ASUS\AI Suite II\AI Suite II.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files (x86)\ASUS\AI Suite II\Sensor\AlertHelper\AlertHelper.exe
C:\Program Files (x86)\MediaMall\MediaMallServer.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
C:\Windows\system32\svchost.exe -k WindowsMobile
C:\Program Files\iPod\bin\iPodService.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\System32\WUDFHost.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
C:\Program Files\AVAST Software\Avast\ng\ngservice.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files (x86)\NVMS5 Standard Edition\bin\nru.exe
C:\Program Files (x86)\RivaTuner Statistics Server\EncoderServer.exe
C:\Program Files (x86)\RivaTuner Statistics Server\RTSSHooksLoader64.exe
C:\Program Files (x86)\DisplayFusion\DisplayFusionService.exe
C:\Program Files (x86)\DisplayFusion\DisplayFusion.exe
C:\Program Files (x86)\DisplayFusion\DisplayFusionHookAppWIN6064.exe
C:\Program Files (x86)\DisplayFusion\DisplayFusionHookAppWIN6032.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files (x86)\RivaTuner Statistics Server\RTSSHooksLoader64.exe
C:\Program Files (x86)\RivaTuner Statistics Server\RTSSHooksLoader64.exe
C:\Program Files (x86)\RivaTuner Statistics Server\RTSSHooksLoader64.exe
C:\Program Files (x86)\RivaTuner Statistics Server\RTSSHooksLoader64.exe
C:\Program Files (x86)\RivaTuner Statistics Server\RTSSHooksLoader64.exe
C:\Program Files (x86)\RivaTuner Statistics Server\RTSSHooksLoader64.exe
C:\Program Files (x86)\RivaTuner Statistics Server\RTSSHooksLoader64.exe
C:\Users\KnightCat\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files\Microsoft Office 15\Root\Office15\MsoSync.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uSearch Bar = Preserve
uProxyOverride = <local>;*.local
mWinlogon: Userinit = userinit.exe,
BHO: {074C1DC5-9320-4A9A-947D-C042949C6216} - <orphaned>
BHO: Skype4Salesforce.BrowserMonitor: {090F4A60-3146-41b5-8584-297FBF7D5B59} -
BHO: RealNetworks Download and Record Plugin for Internet Explorer: {3049C3E9-B461-4BC5-8870-4C09146192CA} -
BHO: Lync Browser Helper: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX86\Microsoft Office\Office15\OCHelper.dll
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -
BHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX86\Microsoft Office\Office15\URLREDIR.DLL
BHO: Microsoft SkyDrive Pro Browser Helper: {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX86\Microsoft Office\Office15\grooveex.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} -
TB: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
EB: HP Smart Web Printing: {555D4D79-4BD2-4094-A395-CFC534424A05} -
uRun: [Steam] "F:\Games\Steam2\steam.exe" -silent
uRun: [Google Update] "C:\Users\KnightCat\AppData\Local\Google\Update\GoogleUpdate.exe" /c
uRun: [AdobeBridge] <no file>
mRun: [hpqSRMon] C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe
mRun: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
mRun: [AmazonGSDownloaderTray] C:\Program Files (x86)\Amazon\Amazon Games & Software Downloader\AmazonGSDownloaderTray.exe
mRun: [BlueStacks Agent] C:\Program Files (x86)\BlueStacks\HD-Agent.exe
mRun: [Communicator] "C:\Program Files (x86)\Microsoft Lync\communicator.exe" /fromrunkey
mRun: [TkBellExe] "C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe" -osboot
mRun: [USBsupervisor] C:\Program Files (x86)\SamLogic\USB Supervisor\USBsupervisor.exe
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mRun: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun: [AsioThk32Reg] REGSVR32.EXE /S CTASIO.DLL
mRun: [CTHelper] CTHELPER.EXE
mRun: [UpdReg] C:\Windows\UpdReg.EXE
mRun: [Raptr] "C:\Program Files (x86)\Raptr\raptrstub.exe" --startup
dRunOnce: [FlashPlayerUpdate] C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_15_0_0_167_ActiveX.exe -update activex
StartupFolder: C:\Users\KNIGHT~1\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\Dropbox.lnk - C:\Users\KnightCat\AppData\Roaming\Dropbox\bin\Dropbox.exe
StartupFolder: C:\Users\KNIGHT~1\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\ONEDRI~1.LNK - C:\Program Files\Microsoft Office 15\root\office15\GROOVE.EXE
StartupFolder: C:\Users\KNIGHT~1\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\POWERM~1.LNK - C:\Program Files (x86)\PowerMenu\PowerMenu.exe
StartupFolder: C:\Users\KNIGHT~1\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\AUTORU~1\VERIZO~1.LNK - C:\Users\KnightCat\AppData\Roaming\VERIZON\UA_ar\UA.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\CODECP~2.LNK - C:\Windows\SysWOW64\C2MP\TrayMenu.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\CODECP~1.LNK - C:\Windows\SysWOW64\C2MP\UpdateChecker.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\Gizmo.lnk - C:\Program Files (x86)\Gizmo\gizmo.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\REALPL~1.LNK - C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin64\rpsystray.exe
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
uPolicies-Explorer: NoResolveTrack = dword:1
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:0
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableLUA = dword:0
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-System: PromptOnSecureDesktop = dword:0
mPolicies-System: DisableCAD = dword:1
mPolicies-System: SoftwareSASGeneration = dword:1
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX86\Microsoft Office\Office15\onbttnie.dll
IE: {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
IE: {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll
IE: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX86\Microsoft Office\Office15\OCHelper.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX86\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} -
IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} -
.
INFO: HKCU has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
.
INFO: HKLM has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
DPF: {0D41B8C5-2599-4893-8183-00195EC8D5F9} - hxxps://www.asus.com/support/asusTek_sys_ctrl3.cab
DPF: {688C8675-1834-48FA-9DEF-4755CEFB9EDE} - hxxp://192.168.1.101/EDVR.CAB
DPF: {A4150320-98EC-4DB6-9BFB-EBF4B6FBEB16} - hxxp://192.168.1.99:5050/codebase/DVM_IPCam2.cab
TCP: NameServer = 192.168.1.1
TCP: Interfaces\{4FFF7218-10CA-4B50-B472-66A8952058BD} : DHCPNameServer = 192.168.1.1
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX86\Microsoft Office\Office15\MSOSB.DLL
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} -
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\18.0.0\ViProtocol.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
SSODL: WebCheck - <orphaned>
mASetup: {10880D85-AAD9-4558-ABDC-2AB1552D831F} - "C:\Program Files (x86)\Common Files\LightScribe\LSRunOnce.exe"
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-BHO: RealNetworks Download and Record Plugin for Internet Explorer: {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files (x86)\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin64.dll
x64-BHO: Lync Browser Helper: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\office15\ochelper.dll
x64-BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll
x64-BHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\office15\urlredir.dll
x64-BHO: Microsoft SkyDrive Pro Browser Helper: {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\office15\grooveex.dll
x64-BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll
x64-TB: avast! Online Security: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - LocalServer32 - <no file>
x64-Run: [Launch LCore] C:\Program Files\Logitech Gaming Software\LCore.exe /minimized
x64-Run: [Windows Mobile Device Center] C:\Windows\WindowsMobile\wmdc.exe
x64-Run: [Cm106Sound] C:\Windows\syswow64\RunDll32.exe C:\Windows\Syswow64\cm106.dll,CMICtrlWnd
x64-Run: [NvBackend] "C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
x64-Run: [ShadowPlay] C:\Windows\System32\rundll32.exe C:\Windows\System32\nvspcap64.dll,ShadowPlayOnSystemStart
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office 15\root\office15\onbttnie.dll
x64-IE: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\office15\ochelper.dll
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office 15\root\office15\ONBttnIELinkedNotes.dll
x64-IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\office15\MSOSB.DLL
x64-Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - <orphaned>
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-SSODL: WebCheck - <orphaned>
Hosts: 127.0.0.1 www.spywareinfo.com
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\KnightCat\AppData\Roaming\Mozilla\Firefox\Profiles\ewzku24u.Seth\
FF - prefs.js: browser.search.selectedEngine - AVG Secure Search
FF - prefs.js: browser.startup.homepage - hxxp://mysearch.avg.com?cid={9BD985C1-17C8-42F9-A24E-AF49663426DB}&mid=27cb2d8fe60c44d99f3c4bf7da99ecdb-b846aedc0b47d38eeafd9f7ca50187f504336a34&lang=en&ds=ag011&coid=avgtbdisag&cmpid=&pr=sa&d=&v=&pid=safeguard&sg=&sap=hp
FF - prefs.js: keyword.URL -
FF - plugin: C:\Program Files (x86)\Battlelog Web Plugins\2.3.2\npbattlelog.dll
FF - plugin: C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll
FF - plugin: C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll
FF - plugin: C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll
FF - plugin: C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\18.0.0\npsitesafety.dll
FF - plugin: C:\Program Files (x86)\Common Files\Oberon Media\NCAdapter\1.0.0.14\npapicomadapter.dll
FF - plugin: C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll
FF - plugin: C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
FF - plugin: C:\Program Files (x86)\MediaMall\toolbar\npVT.dll
FF - plugin: C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
FF - plugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll
FF - plugin: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpplugin.dll
FF - plugin: C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll
FF - plugin: C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypchub.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\NPSPWRAP.DLL
FF - plugin: C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npMeetingJoinPluginOC.dll
FF - plugin: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll
FF - plugin: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll
FF - plugin: C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll
FF - plugin: C:\Users\KnightCat\AppData\Local\Citrix\Plugins\104\npappdetector.dll
FF - plugin: C:\Users\KnightCat\AppData\Local\Google\Update\1.3.25.11\npGoogleUpdate3.dll
FF - plugin: C:\Users\KnightCat\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll
FF - plugin: C:\Users\KnightCat\AppData\Roaming\Mozilla\Plugins\npatgpc.dll
FF - plugin: C:\Users\KnightCat\AppData\Roaming\Mozilla\plugins\npatgpc.dll
FF - plugin: C:\Users\KnightCat\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll
FF - plugin: C:\Users\KnightCat\AppData\Roaming\Mozilla\Plugins\npgoogletalk.dll
FF - plugin: C:\Users\KnightCat\AppData\Roaming\Mozilla\plugins\npo1d.dll
FF - plugin: C:\Users\KnightCat\AppData\Roaming\Mozilla\Plugins\npo1d.dll
FF - plugin: C:\Users\KnightCat\AppData\Roaming\Mozilla\plugins\npoff.dll
FF - plugin: C:\Users\KnightCat\AppData\Roaming\Mozilla\Plugins\npoff.dll
FF - plugin: C:\Users\KnightCat\AppData\Roaming\Mozilla\Plugins\npoff64.dll
FF - plugin: C:\Users\KnightCat\AppData\Roaming\Mozilla\plugins\npoff64.dll
FF - plugin: C:\Users\KnightCat\AppData\Roaming\Mozilla\plugins\npwbe.dll
FF - plugin: C:\Users\KnightCat\AppData\Roaming\Mozilla\Plugins\npwbe.dll
FF - plugin: C:\Users\KnightCat\AppData\Roaming\Mozilla\Plugins\npwbe64.dll
FF - plugin: C:\Users\KnightCat\AppData\Roaming\Mozilla\plugins\npwbe64.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_246.dll
FF - ExtSQL: !HIDDEN! 2013-03-18 20:03; smartwebprinting@hp.com; C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
.
============= SERVICES / DRIVERS ===============
.
R?2 AsusFanControlService;AsusFanControlService;C:\Program Files (x86)\ASUS\AsusFanControlService\1.01.14\AsusFanControlService.exe [2013-4-12 1457152]
R0 aswNdisFlt;Avast! Firewall Driver;C:\Windows\System32\drivers\aswNdisFlt.sys [2014-11-25 449936]
R0 aswRvrt;avast! Revert;C:\Windows\System32\drivers\aswRvrt.sys [2014-3-13 65776]
R0 aswVmm;avast! VM Monitor;C:\Windows\System32\drivers\aswVmm.sys [2014-3-13 267632]
R0 PxHlpa64;PxHlpa64;C:\Windows\System32\drivers\PxHlpa64.sys [2013-3-14 55280]
R1 aswKbd;aswKbd;C:\Windows\System32\drivers\aswKbd.sys [2014-3-12 28184]
R1 aswSnx;aswSnx;C:\Windows\System32\drivers\aswsnx.sys [2014-3-12 1050432]
R1 aswSP;aswSP;C:\Windows\System32\drivers\aswsp.sys [2014-3-12 436624]
R1 avgtp;avgtp;C:\Windows\System32\drivers\avgtpx64.sys [2014-2-20 50976]
R1 GizmoDrv;Gizmo Device Driver;C:\Windows\System32\drivers\gizmodrv.sys [2014-2-12 34704]
R2 ADExchange;ArcSoft Exchange Service;C:\Program Files (x86)\Common Files\ArcSoft\esinter\Bin\eservutil.exe [2013-10-24 44736]
R2 Amazon Download Agent;Amazon Download Agent;C:\Program Files (x86)\Amazon\Amazon Games & Software Downloader\AmazonGSDownloaderService.exe [2014-4-21 401920]
R2 asComSvc;ASUS Com Service;C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe [2013-3-14 920736]
R2 asHmComSvc;ASUS HM Com Service;C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe [2013-3-14 951936]
R2 AsSysCtrlService;ASUS System Control Service;C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe [2013-3-14 149120]
R2 aswHwid;avast! HardwareID;C:\Windows\System32\drivers\aswHwid.sys [2014-5-7 29208]
R2 aswMonFlt;aswMonFlt;C:\Windows\System32\drivers\aswMonFlt.sys [2014-3-12 83280]
R2 avast! Antivirus;avast! Antivirus;C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2014-11-25 50344]
R2 avast! Firewall;avast! Firewall;C:\Program Files\AVAST Software\Avast\afwServ.exe [2014-11-25 104416]
R2 BstHdDrv;BlueStacks Hypervisor;C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [2014-5-1 123152]
R2 ClickToRunSvc;Microsoft Office ClickToRun Service;C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe [2014-9-22 2443960]
R2 DeviceMonitorService;DeviceMonitorService;C:\Program Files (x86)\Motorola Media Link\Lite\NServiceEntry.exe [2012-9-7 87992]
R2 DisplayFusionService;DisplayFusionService;C:\Program Files (x86)\DisplayFusion\DisplayFusionService.exe [2014-8-27 3075440]
R2 Dyn Updater;Dyn Updater;C:\Program Files (x86)\Dyn Updater\DynUpSvc.exe [2011-11-15 95608]
R2 File Backup;File Backup Service;C:\Program Files (x86)\Workspace\offSyncService.exe [2013-7-22 1187040]
R2 FoxitCloudUpdateService;Foxit Cloud Safe Update Service;C:\Program Files (x86)\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe [2014-3-18 241728]
R2 GfExperienceService;NVIDIA GeForce Experience Service;C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [2014-10-11 1148744]
R2 Gizmo Central;Gizmo Central;C:\Program Files (x86)\Gizmo\gservice.exe [2014-2-12 34728]
R2 HiPatchService;Hi-Rez Studios Authenticate and Update Service;C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [2013-3-25 8704]
R2 Intel(R) PROSet Monitoring Service;Intel(R) PROSet Monitoring Service;C:\Windows\System32\IPROSetMonitor.exe [2014-2-5 259848]
R2 KMService;KMService;C:\Windows\System32\srvany.exe --> C:\Windows\System32\srvany.exe [?]
R2 MediaMall Server;MediaMall Server;C:\Program Files (x86)\MediaMall\MediaMallServer.exe [2014-10-17 5826352]
R2 NVMS-SRV-CMS;NVMS-SRV-CMS;C:\Program Files (x86)\NVMS5 Standard Edition\bin\cms.exe [2014-5-17 155136]
R2 NVMS-SRV-DB;NVMS-SRV-DB;C:\Program Files (x86)\NVMS5 Standard Edition\data\bin\mysqld.exe [2014-5-17 6562432]
R2 NVMS-SRV-NRU;NVMS-SRV-NRU;C:\Program Files (x86)\NVMS5 Standard Edition\bin\nru.exe [2014-5-17 15872]
R2 NVMS-SRV-VTDU;NVMS-SRV-VTDU;C:\Program Files (x86)\NVMS5 Standard Edition\bin\vtdu.exe [2014-5-17 14848]
R2 NVMS-SRV-WATCH;NVMS-SRV-WATCH;C:\Program Files (x86)\NVMS5 Standard Edition\bin\watch.exe [2014-5-17 176640]
R2 NvNetworkService;NVIDIA Network Service;C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2014-10-11 1795912]
R2 NvStreamSvc;NVIDIA Streamer Service;C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2014-10-11 19819848]
R2 RealNetworks Downloader Resolver Service;RealNetworks Downloader Resolver Service;C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [2014-5-13 39568]
R2 RealPlayerUpdateSvc;RealPlayer Update Service;C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe [2014-5-23 23552]
R2 Skype C2C Service;Skype C2C Service;C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [2013-8-6 3291008]
R2 SplashtopRemoteService;Splashtop® Remote Service;C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRService.exe [2014-6-24 790880]
R2 SSUService;Splashtop Software Updater Service;C:\Program Files (x86)\Splashtop\Splashtop Software Updater\SSUService.exe [2013-10-8 609056]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2014-12-8 409800]
R2 TeamViewer9;TeamViewer 9;C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe [2014-5-15 5024576]
R2 VBoxAswDrv;VBoxAsw Support Driver;C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [2014-11-25 271752]
R3 asmthub3;ASMedia USB3 Hub Service;C:\Windows\System32\drivers\asmthub3.sys [2012-7-6 138568]
R3 asmtxhci;ASMEDIA XHCI Service;C:\Windows\System32\drivers\asmtxhci.sys [2012-7-6 415560]
R3 AvastVBoxSvc;AvastVBox COM Service;C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [2014-11-25 4012248]
R3 COMMONFX.SYS;COMMONFX.SYS;C:\Windows\System32\drivers\COMMONFX.sys [2014-11-7 161048]
R3 CTAUDFX.SYS;CTAUDFX.SYS;C:\Windows\System32\drivers\CTAUDFX.sys [2014-11-7 708888]
R3 CTSBLFX.SYS;CTSBLFX.SYS;C:\Windows\System32\drivers\CTSBLFX.sys [2014-11-7 683288]
R3 ICCWDT;Intel(R) Watchdog Timer Driver (Intel(R) WDT);C:\Windows\System32\drivers\ICCWDT.sys [2013-4-12 26136]
R3 LGBusEnum;Logitech GamePanel Virtual Bus Enumerator Driver;C:\Windows\System32\drivers\LGBusEnum.sys [2009-11-23 22408]
R3 LGPBTDD;LGPBTDD.sys Display Driver;C:\Windows\System32\drivers\LGPBTDD.sys [2009-7-1 30728]
R3 LGVirHid;Logitech Gamepanel Virtual HID Device Driver;C:\Windows\System32\drivers\LGVirHid.sys [2009-11-23 16008]
R3 NvStreamKms;NvStreamKms;C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2014-10-11 19784]
R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);C:\Windows\System32\drivers\nvvad64v.sys [2014-11-19 38216]
R3 RTCore64;RTCore64;C:\Program Files (x86)\MSI Afterburner\RTCore64.sys [2013-3-11 13368]
R3 SaiK1708;SaiK1708;C:\Windows\System32\drivers\SaiK1708.sys [2012-9-20 180544]
R3 SaiU1708;SaiU1708;C:\Windows\System32\drivers\SaiU1708.sys [2012-9-20 47168]
S2 aswStm;aswStm;C:\Windows\System32\drivers\aswstm.sys [2014-3-13 116728]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-9-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-9-11 124088]
S2 IndieVolumeService;IndieVolume Service;C:\Program Files (x86)\IndieVolume\IndieVolume.SVC.exe [2013-11-1 182248]
S2 MouseWithoutBordersSvc;Mouse without Borders Service;C:\Program Files (x86)\Microsoft Garage\Mouse without Borders\MouseWithoutBordersSvc.exe [2012-12-28 27872]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2014-4-3 315008]
S3 ASUSstpt;ASUS USB 3.0 Boost Storage Driver (Storage Driver);C:\Windows\System32\drivers\ASUSstpt.sys [2013-4-12 24648]
S3 ASUSumsc;ASUS USB 3.0 Boost Storage Driver (WDM);C:\Windows\System32\drivers\ASUSumsc.sys [2013-4-12 141896]
S3 BRSptSvc;BitRaider Mini-Support Service;C:\ProgramData\bitraider\BRSptSvc.exe [2013-4-26 909592]
S3 COMMONFX;COMMONFX;C:\Windows\System32\drivers\COMMONFX.sys [2014-11-7 161048]
S3 cpudrv64;cpudrv64;C:\Program Files (x86)\SystemRequirementsLab\cpudrv64.sys [2011-6-2 17864]
S3 CTAUDFX;CTAUDFX;C:\Windows\System32\drivers\CTAUDFX.sys [2014-11-7 708888]
S3 CTERFXFX.SYS;CTERFXFX.SYS;C:\Windows\System32\drivers\CTERFXFX.sys [2014-11-7 144152]
S3 CTERFXFX;CTERFXFX;C:\Windows\System32\drivers\CTERFXFX.sys [2014-11-7 144152]
S3 CTSBLFX;CTSBLFX;C:\Windows\System32\drivers\CTSBLFX.sys [2014-11-7 683288]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);C:\Windows\System32\drivers\ssudbus.sys [2014-11-15 110336]
S3 dmvsc;dmvsc;C:\Windows\System32\drivers\dmvsc.sys [2010-11-21 71168]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2014-11-11 114688]
S3 ose64;Office 64 Source Engine;C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2014-9-12 178760]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2014-3-18 19456]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);C:\Windows\System32\drivers\ssudmdm.sys [2014-11-15 206080]
S3 SwitchBoard;Adobe SwitchBoard;C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-2-19 517096]
S3 Synth3dVsc;Synth3dVsc;C:\Windows\System32\drivers\Synth3dVsc.sys [2010-11-21 88960]
S3 terminpt;Microsoft Remote Desktop Input Driver;C:\Windows\System32\drivers\terminpt.sys [2014-3-18 29696]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2014-3-18 56832]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2014-3-18 30208]
S3 tsusbhub;tsusbhub;C:\Windows\System32\drivers\tsusbhub.sys [2010-11-21 117248]
S3 USBMULCD;USB Multi-Channel Audio Device Interface;C:\Windows\System32\drivers\CM10664.sys [2014-2-25 1310720]
S3 vl810filter;VL810 Filter Driver;C:\Windows\System32\drivers\vl810filter.sys [2013-3-14 17008]
S3 vToolbarUpdater18.0.0;vToolbarUpdater18.0.0;C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.0.0\ToolbarUpdater.exe [2014-3-3 1759768]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2014-3-18 1255736]
S3 WDC_SAM;WD SCSI Pass Thru driver;C:\Windows\System32\drivers\wdcsam64.sys [2008-5-6 14464]
S4 BstHdAndroidSvc;BlueStacks Android Service;C:\Program Files (x86)\BlueStacks\HD-Service.exe [2014-5-1 402192]
S4 BstHdLogRotatorSvc;BlueStacks Log Rotator Service;C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [2014-5-1 385808]
S4 BstHdUpdaterSvc;BlueStacks Updater Service;C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe [2014-5-1 774928]
S4 RealPlayer Cloud Service;RealPlayer Cloud Service;C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin\rpdsvc.exe [2014-6-6 1141848]
.
=============== File Associations ===============
.
FileExt: .js: jsfile="F:\Programs\Adobe Creative Suite\Adobe Dreamweaver CS5\Dreamweaver.exe","%1"
ShellExec: dreamweaver.exe: Open="F:\Programs\Adobe Creative Suite\Adobe Dreamweaver CS5\dreamweaver.exe", "%1"
.
=============== Created Last 30 ================
.
2014-12-12 00:20:50 -------- d-sh--w- C:\Users\KnightCat\AppData\Local\EmieBrowserModeList
2014-12-08 22:13:10 615624 ----a-w- C:\Windows\SysWow64\nvStreaming.exe
2014-12-08 22:12:34 2559808 ----a-w- C:\Windows\System32\nvsvcr.dll
2014-12-08 20:08:57 98304 ----a-w- C:\Users\KnightCat\AppData\Roaming\Microsoft\Windows\Templates\TLPC\LGUTchkdl.dll
2014-12-08 20:08:56 24576 ----a-w- C:\Users\KnightCat\AppData\Roaming\Microsoft\Windows\Templates\TLPC\LGEUSBAutorun.dll
2014-12-08 20:08:50 1347584 ----a-w- C:\Users\KnightCat\AppData\Roaming\Microsoft\Windows\Templates\TLPC\TL_PC.exe
2014-12-08 20:08:23 98304 ----a-r- C:\Users\KnightCat\AppData\Roaming\Microsoft\Windows\Templates\D\LGUTchkdl.dll
2014-12-08 20:08:23 24576 ----a-r- C:\Users\KnightCat\AppData\Roaming\Microsoft\Windows\Templates\D\LGEUSBAutorun.dll
2014-12-07 20:07:58 -------- d-----w- C:\Users\KnightCat\AppData\Local\Ubisoft
2014-11-30 22:16:52 -------- d-----w- C:\Windows\SysWow64\vbox
2014-11-30 22:16:52 -------- d-----w- C:\Windows\System32\vbox
2014-11-26 10:12:19 75888 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{EBAA9514-9BB5-47F2-9355-8B0379F1719B}\offreg.dll
2014-11-25 18:38:36 43152 ----a-w- C:\Windows\avastSS.scr
2014-11-25 18:38:20 449936 ----a-w- C:\Windows\System32\drivers\aswNdisFlt.sys
2014-11-22 05:20:51 11632448 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{EBAA9514-9BB5-47F2-9355-8B0379F1719B}\mpengine.dll
2014-11-20 03:49:07 38216 ----a-w- C:\Windows\System32\drivers\nvvad64v.sys
2014-11-20 03:49:07 32584 ----a-w- C:\Windows\SysWow64\nvaudcap32v.dll
2014-11-19 12:57:59 728064 ----a-w- C:\Windows\System32\kerberos.dll
2014-11-19 12:57:59 550912 ----a-w- C:\Windows\SysWow64\kerberos.dll
2014-11-19 12:57:59 155064 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys
2014-11-19 12:57:59 1460736 ----a-w- C:\Windows\System32\lsasrv.dll
2014-11-19 12:57:58 241152 ----a-w- C:\Windows\System32\pku2u.dll
2014-11-19 12:57:58 186880 ----a-w- C:\Windows\SysWow64\pku2u.dll
2014-11-19 12:57:57 22016 ----a-w- C:\Windows\SysWow64\secur32.dll
2014-11-19 12:57:56 96768 ----a-w- C:\Windows\SysWow64\sspicli.dll
.
==================== Find3M ====================
.
2014-12-18 15:30:40 129752 ----a-w- C:\Windows\System32\drivers\MBAMSwissArmy.sys
2014-12-10 08:43:07 71344 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2014-12-10 08:43:07 701104 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2014-11-25 18:39:02 1050432 ----a-w- C:\Windows\System32\drivers\aswsnx.sys
2014-11-25 18:38:37 93568 ----a-w- C:\Windows\System32\drivers\aswRdr2.sys
2014-11-25 18:38:37 83280 ----a-w- C:\Windows\System32\drivers\aswMonFlt.sys
2014-11-25 18:38:37 65776 ----a-w- C:\Windows\System32\drivers\aswRvrt.sys
2014-11-25 18:38:37 29208 ----a-w- C:\Windows\System32\drivers\aswHwid.sys
2014-11-25 18:38:37 267632 ----a-w- C:\Windows\System32\drivers\aswVmm.sys
2014-11-25 18:38:37 116728 ----a-w- C:\Windows\System32\drivers\aswstm.sys
2014-11-25 18:38:27 28184 ----a-w- C:\Windows\System32\drivers\aswKbd.sys
2014-11-21 12:14:22 63704 ----a-w- C:\Windows\System32\drivers\mwac.sys
2014-11-21 12:14:12 93400 ----a-w- C:\Windows\System32\drivers\mbamchameleon.sys
2014-11-21 12:14:08 25816 ----a-w- C:\Windows\System32\drivers\mbam.sys
2014-11-17 22:18:52 31520 ----a-w- C:\Windows\System32\nvhdap64.dll
2014-11-17 22:18:52 197408 ----a-w- C:\Windows\System32\drivers\nvhda64v.sys
2014-11-17 22:18:52 1538880 ----a-w- C:\Windows\System32\nvhdagenco6420103.dll
2014-11-12 21:56:45 6897352 ----a-w- C:\Windows\System32\nvcpl.dll
2014-11-12 21:56:45 3534152 ----a-w- C:\Windows\System32\nvsvc64.dll
2014-11-12 21:56:42 934032 ----a-w- C:\Windows\System32\nvvsvc.exe
2014-11-12 21:56:42 62608 ----a-w- C:\Windows\System32\nvshext.dll
2014-11-12 21:56:42 386368 ----a-w- C:\Windows\System32\nvmctray.dll
2014-11-11 10:29:54 4100776 ----a-w- C:\Windows\System32\nvcoproc.bin
2014-11-07 23:47:27 466520 ----a-w- C:\Windows\System32\wrap_oal.dll
2014-11-07 23:47:26 445016 ----a-w- C:\Windows\SysWow64\wrap_oal.dll
2014-11-07 23:47:26 123480 ----a-w- C:\Windows\System32\OpenAL32.dll
2014-11-07 23:47:26 109144 ----a-w- C:\Windows\SysWow64\OpenAL32.dll
2014-11-06 17:06:52 2197680 ----a-w- C:\Windows\SysWow64\nvspcap.dll
2014-11-06 17:06:52 1291280 ----a-w- C:\Windows\SysWow64\nvspbridge.dll
2014-11-06 17:06:33 2800296 ----a-w- C:\Windows\System32\nvspcap64.dll
2014-11-06 17:06:33 1715224 ----a-w- C:\Windows\System32\nvspbridge64.dll
2014-11-06 04:04:03 2724864 ----a-w- C:\Windows\System32\mshtml.tlb
2014-11-06 04:03:50 4096 ----a-w- C:\Windows\System32\ieetwcollectorres.dll
2014-11-06 03:47:03 66560 ----a-w- C:\Windows\System32\iesetup.dll
2014-11-06 03:46:12 580096 ----a-w- C:\Windows\System32\vbscript.dll
2014-11-06 03:46:12 48640 ----a-w- C:\Windows\System32\ieetwproxystub.dll
2014-11-06 03:44:28 88064 ----a-w- C:\Windows\System32\MshtmlDac.dll
2014-11-06 03:30:22 144384 ----a-w- C:\Windows\System32\ieUnatt.exe
2014-11-06 03:30:08 114688 ----a-w- C:\Windows\System32\ieetwcollector.exe
2014-11-06 03:29:18 814080 ----a-w- C:\Windows\System32\jscript9diag.dll
2014-11-06 03:28:20 2724864 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2014-11-06 03:23:57 6040064 ----a-w- C:\Windows\System32\jscript9.dll
2014-11-06 03:20:18 968704 ----a-w- C:\Windows\System32\MsSpellCheckingFacility.exe
2014-11-06 03:13:43 501248 ----a-w- C:\Windows\SysWow64\vbscript.dll
2014-11-06 03:13:36 62464 ----a-w- C:\Windows\SysWow64\iesetup.dll
2014-11-06 03:12:44 47616 ----a-w- C:\Windows\SysWow64\ieetwproxystub.dll
2014-11-06 03:10:58 64000 ----a-w- C:\Windows\SysWow64\MshtmlDac.dll
2014-11-06 03:07:29 77824 ----a-w- C:\Windows\System32\JavaScriptCollectionAgent.dll
2014-11-06 02:59:36 115712 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
2014-11-06 02:58:38 620032 ----a-w- C:\Windows\SysWow64\jscript9diag.dll
2014-11-06 02:42:36 60416 ----a-w- C:\Windows\SysWow64\JavaScriptCollectionAgent.dll
2014-11-06 02:39:39 1359360 ----a-w- C:\Windows\System32\mshtmlmedia.dll
2014-11-06 02:38:25 2124288 ----a-w- C:\Windows\System32\inetcpl.cpl
2014-11-06 02:21:49 4298240 ----a-w- C:\Windows\SysWow64\jscript9.dll
2014-11-06 02:21:25 2051072 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2014-11-06 02:20:37 1155072 ----a-w- C:\Windows\SysWow64\mshtmlmedia.dll
2014-11-06 02:17:24 2365440 ----a-w- C:\Windows\System32\wininet.dll
2014-11-06 01:52:35 1892864 ----a-w- C:\Windows\SysWow64\wininet.dll
2014-11-04 20:30:58 275080 ------w- C:\Windows\System32\MpSigStub.exe
2014-10-25 01:57:59 77824 ----a-w- C:\Windows\System32\packager.dll
2014-10-25 01:32:37 67584 ----a-w- C:\Windows\SysWow64\packager.dll
2014-10-18 02:05:23 861696 ----a-w- C:\Windows\System32\oleaut32.dll
2014-10-18 01:33:18 571904 ----a-w- C:\Windows\SysWow64\oleaut32.dll
2014-10-16 16:54:03 1876296 ----a-w- C:\Windows\System32\nvdispco6434448.dll
2014-10-16 16:54:03 1539272 ----a-w- C:\Windows\System32\nvdispgenco6434448.dll
2014-10-14 02:13:06 683520 ----a-w- C:\Windows\System32\termsrv.dll
2014-10-14 02:13:00 3241984 ----a-w- C:\Windows\System32\msi.dll
2014-10-14 02:09:31 146432 ----a-w- C:\Windows\System32\msaudite.dll
2014-10-14 02:07:31 681984 ----a-w- C:\Windows\System32\adtschema.dll
2014-10-14 01:50:41 2363904 ----a-w- C:\Windows\SysWow64\msi.dll
2014-10-14 01:47:30 146432 ----a-w- C:\Windows\SysWow64\msaudite.dll
2014-10-14 01:46:02 681984 ----a-w- C:\Windows\SysWow64\adtschema.dll
2014-10-11 15:13:29 98216 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
2014-10-10 19:13:40 111016 ----a-w- C:\Windows\System32\WindowsAccessBridge-64.dll
2014-10-10 00:57:42 3198976 ----a-w- C:\Windows\System32\win32k.sys
2014-10-03 19:23:02 35144 ----a-w- C:\Windows\System32\nvaudcap64v.dll
2014-10-03 02:12:00 500224 ----a-w- C:\Windows\System32\AUDIOKSE.dll
2014-10-03 02:11:54 284672 ----a-w- C:\Windows\System32\EncDump.dll
2014-10-03 02:11:51 680960 ----a-w- C:\Windows\System32\audiosrv.dll
2014-10-03 02:11:51 440832 ----a-w- C:\Windows\System32\AudioEng.dll
2014-10-03 02:11:51 296448 ----a-w- C:\Windows\System32\AudioSes.dll
2014-10-03 01:44:42 442880 ----a-w- C:\Windows\SysWow64\AUDIOKSE.dll
2014-10-03 01:44:26 374784 ----a-w- C:\Windows\SysWow64\AudioEng.dll
2014-10-03 01:44:26 195584 ----a-w- C:\Windows\SysWow64\AudioSes.dll
2014-10-02 19:23:20 94208 ----a-w- C:\Windows\SysWow64\QuickTimeVR.qtx
2014-10-02 19:23:20 69632 ----a-w- C:\Windows\SysWow64\QuickTime.qts
2014-09-25 00:54:46 144664 ----a-w- C:\Windows\SysWow64\secman.dll
.
============= FINISH: 10:17:23.33 ===============
 
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 7 Ultimate
Boot Device: \Device\HarddiskVolume1
Install Date: 3/14/2013 10:04:42 AM
System Uptime: 12/18/2014 8:38:24 AM (2 hours ago)
.
Motherboard: ASUSTeK COMPUTER INC. | | SABERTOOTH X79
Processor: Intel(R) Core(TM) i7-3960X CPU @ 3.30GHz | LGA2011 | 3301/100mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 466 GiB total, 92.788 GiB free.
D: is Removable
E: is CDROM (CDFS)
F: is FIXED (NTFS) - 5589 GiB total, 2999.329 GiB free.
G: is FIXED (NTFS) - 3726 GiB total, 3033.646 GiB free.
I: is FIXED (NTFS) - 0 GiB total, 0.033 GiB free.
M: is NetworkDisk (NTFS) - 7452 GiB total, 2338.359 GiB free.
T: is NetworkDisk (NTFS) - 14904 GiB total, 6748.171 GiB free.
.
==== Disabled Device Manager Items =============
.
Class GUID:
Description: PCI Simple Communications Controller
Device ID: PCI\VEN_8086&DEV_1D3A&SUBSYS_84EF1043&REV_05\3&11583659&0&B0
Manufacturer:
Name: PCI Simple Communications Controller
PNP Device ID: PCI\VEN_8086&DEV_1D3A&SUBSYS_84EF1043&REV_05\3&11583659&0&B0
Service:
.
Class GUID: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Description: Hook Test Driver
Device ID: ROOT\LEGACY_SDHOOKDRIVER\0000
Manufacturer:
Name: Hook Test Driver
PNP Device ID: ROOT\LEGACY_SDHOOKDRIVER\0000
Service: SDHookDriver
.
Class GUID: {36fc9e60-c465-11cf-8056-444553540000}
Description: Unknown Device
Device ID: USB\VID_0000&PID_0000\6&DBCE08D&0&7
Manufacturer: (Standard USB Host Controller)
Name: Unknown Device
PNP Device ID: USB\VID_0000&PID_0000\6&DBCE08D&0&7
Service:
.
==== System Restore Points ===================
.
RP327: 11/25/2014 12:36:41 PM - avast! antivirus system restore point
RP328: 11/25/2014 12:39:30 PM - Device Driver Package Install: Avast Network Service
RP329: 12/2/2014 4:05:05 PM - Scheduled Checkpoint
RP330: 12/6/2014 2:44:56 PM - Installed Samsung Kies3
RP331: 12/12/2014 5:56:02 PM - Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030
.
==== Installed Programs ======================
.
1954 Alcatraz
4 Elements
4500_Help
64 Bit HP CIO Components Installer
7-Zip 9.20 (x64 edition)
7 Days to Die
7th Legion
8BitBoy
911 - First Reponsders
A Game of Thrones - Genesis
A Game of Thrones version 0.4.3
A Story About My Uncle
Aarklash: Legacy
Adobe After Effects CS5 Third Party Content
Adobe After Effects CS5 Third Party Royalty Content
Adobe AIR
Adobe Community Help
Adobe Connect 9 Add-in
Adobe Creative Suite 5 Master Collection
Adobe Download Assistant
Adobe Flash Player 15 ActiveX
Adobe Flash Player 15 Plugin
Adobe Media Encoder CS5 Dolby X64
Adobe Media Encoder CS5 PCI X64
Adobe Media Player
Adobe Premiere Pro CS5 Third Party Royalty Content
Adobe Soundbooth CS5 Codecs
Adobe Soundbooth CS5 Royalty Codecs
Aerena
Age of Empires II: HD Edition
Age of Empires® III: Complete Collection
AI Suite II
AI War: Fleet Command
AIDA64 Extreme Edition v3.20
Airport Simulator 2014
Aliens: Colonial Marines
AlternativA
Amazon Games & Software Downloader
Amazon Kindle
Amnesia: A Machine for Pigs
Anna - Extended Edition
APB Reloaded
Apple Application Support
Apple Mobile Device Support
Apple Software Update
ArcaniA – Gothic 4
ArcheAge
Archeage Beta
ArcSoft MediaConverter 8
Aria Karaoke Pro
Arma 3 Alpha
Armada 2526 Gold Edition
Artemis Artemis
Artisteer 4
Asmedia ASM104x USB 3.0 Host Controller Driver
Assassin's Creed Liberation
Assassin's Creed Unity
Assassin’s Creed® III
Audacity 2.0.3
AudibleManager
AutoHotkey 1.1.13.01
Avast Premier
Back to the Future: Ep 1 - It's About Time
Back to the Future: Ep 2 - Get Tannen!
Back to the Future: Ep 3 - Citizen Brown
Back to the Future: Ep 4 - Double Visions
Back to the Future: Ep 5 - OUTATIME
Balsamiq Mockups For Desktop
Banished
Bastion
Batman: Arkham City™
Batman™: Arkham Origins Blackgate - Deluxe Edition
Battle Group 2
Battle Mages: Sign of Darkness
BattleBlock Theater
Battlefield 3™
Battlefield 4™
Battlefield 4™ Beta
Battlelog Web Plugins
Ben There, Dan That!
Beyond Divinity
BioShock
BioShock 2
BitRaider Web Client
Blackguards
Blockland
BloodNet
BlueStacks Notification Center
Blur
Bonjour
Bot Colony
Bound By Flame
bpd_scan
BPDSoftware
BPDSoftware_Ini
Braid
Breach
Breach & Clear
Bridge Constructor
Bridge It (plus)
Bridge Project
BRINK
Brütal Legend
Brothers - A Tale of Two Sons
BufferChm
Bulk Rename Utility 2.7.1.2
Bus Driver
calibre
Call of Duty: Advanced Warfare
Call of Duty: Advanced Warfare - Multiplayer
Call of Juarez
Call of Juarez Gunslinger
Call of Juarez: Bound in Blood
Call of Juarez: The Cartel
Car Mechanic Simulator 2014
Carmageddon: Reincarnation
Cars 2
Cars Toon
Castle Crashers
CDisplay 1.8
CDisplayEx 1.9.11
Cisco WebEx Meetings
Citadels
Cities in Motion
Cities in Motion 2
Citrix Online Launcher
Clockwork Tales: Of Glass and Ink
Combat
CombatLoader
Commandos 2: Men of Courage
Commandos 3: Destination Berlin
Commandos: Behind Enemy Lines
Commandos: Beyond the Call of Duty
CONSORTIUM
Contagion
ControlCenter
Core Temp version 0.99.7
CPUID CPU-Z 1.66.1
Crazy Machines
Creative System Information
Creeper World 3: Arc Eternal
Crusader Kings II
Crysis
CT Special Forces: Fire for Effect
CutePDF Writer 3.0
CyberLink BD Advisor 2.0
CyberLink Blu-ray Disc Suite
CyberLink LabelPrint
CyberLink LG Burning Tool
CyberLink MediaShow
CyberLink PowerDVD 9
CyberLink PowerProducer
CyberLink YouCam
D3DX10
Damnation
Darkest Hour: Europe '44-'45
DarkStar One
Data Hacker: Initiation
Dead Island
Dead Island Riptide
Dead Rising 2
Dead Rising 2: Off the Record
Dead Rising 3
Dead Space™
Dead State
Deadly 30
Deadly Sin 2
Deadpool
Deep Black : Reloaded
Deer Drive
Defiance
DefianceRuntimes
Demolition Master 3D
Deponia
Desperados - Wanted Dead or Alive
Desperados 2: Cooper’s Revenge
Destinations
DeviceDiscovery
DiRT 3
Dishonored
Disney Planes
DisplayFusion 7.0
Divine Divinity
Divinity II: Developer's Cut
DocMgr
DocProc
Doctor Who: The Eternity Clock
Door Kickers
doubleTwist Sync
Dracula 4 and 5 - Special Steam Edition
Dream
Dropbox
DuckTales Remastered
DUNGEONS - Steam Special Edition
Dungeons: The Eye of Draconus
DVD-Cloner V10.00 Build 1200
Dwarfs!?
Dyn Updater
DYNASTY WARRIORS 8: Xtreme Legends Complete Edition
Eador. Genesis
Eador. Masters of the Broken World
Earth 2160
East India Company
East India Company: Battle of Trafalgar
East India Company: Pirate Bay
East India Company: Privateer
Elder Kings CK2 Total Conversion
Emergency 2014
Emergency 3
Emergency 5 - Deluxe Edition
Enclave
Endless Legend
Enforcer: Police Crime Action
ESN Sonar
Euro Truck Simulator
Evil Genius
Evolve
Expeditions: Conquistador
f.lux
F1 2013
Fable - The Lost Chapters
Face Noir
Fallout 3 - Game of the Year Edition
Fallout: New Vegas
Far Cry 4
Farming World
FarSky
Fax
FileZilla Client 3.8.1
Firefighters 2014
FlatOut
FlatOut 2
Flatout 3
FlatOut: Ultimate Carnage
Floe IRC Client
Folk Tale
Foreign Legion: Buckets of Blood
Foxit Cloud
Foxit Reader
Franchise Hockey Manager 2014
Fraps (remove only)
Freedom Fall
Freespace 2
FX Football - The Manager for Every Football Fan
Galactic Arms Race
Galactic Civilizations II: Ultimate Edition
Galaxy on Fire 2™ Full HD
Game Dev Tycoon
Ghostbusters: The Video Game
Gizmo Central
Glyph
Gnomoria
Google Chrome
Google Drive
Google Earth Plug-in
Google Talk Plugin
Google Update Helper
GoToMeeting 6.4.8.2093
GPBaseService2
Grand Theft Auto IV
Grand Theft Auto V - The Manual
Gunpoint
Gunship!
Hack 'n' Slash
HAL 9000 [Console] Advanced Flat Screen Saver
HAL 9000 [Console] Advanced Shaded Screen Saver
HAL 9000 [Full Screen] Advanced Flat Screen Saver
HAL 9000 [Full Screen] Advanced Screen Saver
HAL 9000 [Full Screen] Advanced Shaded Screen Saver
HandBrake 0.9.9.1
Hard Truck Apocalypse / Ex Machina
HD Tune Pro 5.50
HE Auto Launcher
Heavy Fire: Afghanistan
Hector: Ep 1
Hector: Ep 2
Hector: Ep 3
Heli Heroes
Helicopter Simulator 2014: Search and Rescue
Hi-Rez Studios Authenticate and Update Service
Hitman 2: Silent Assassin
Hitman: Absolution
Hitman: Blood Money
Hitman: Codename 47
Hospital Tycoon
Hotel Collectors Edition
HP Customer Participation Program 13.0
HP Document Manager 2.0
HP Imaging Device Functions 13.0
HP Photosmart Essential 3.5
HP Smart Web Printing 4.51
HP Solution Center 13.0
HP Update
HPDiagnosticAlert
HPPhotoSmartDiscLabelContent1
HPPhotosmartEssential
HPProductAssistant
HPSSupply
Hydrophobia: Prophecy
I Shall Remain
Icewind Dale Complete
iCloud
IndieVolume 3.5.99.171
Influent
Injustice: Gods Among Us Ultimate Edition
Installer
Intel(R) Network Connections 19.0.27.0
Intel® Watchdog Timer Driver (Intel® WDT)
International Snooker
Internet Explorer Proxy Monitor 1.0
Invisible, Inc.
IP Camera Viewer 1.0
Iron Grip: Warlord
Iron Sky Invasion
iTunes
iZotope Vinyl
J4500
Jack Keane
Jagged Alliance - Back in Action
Jagged Alliance Gold
Java 7 Update 67
Java 7 Update 67 (64-bit)
Java Auto Updater
Java SE Development Kit 7 Update 67 (64-bit)
Jet Car Stunts
join.me
Joint Task Force
Jurassic Park: The Game
Kane & Lynch 2: Dog Days
Kane & Lynch: Dead Men
Kaptain Brawe
Keeper Password & Data Vault
Kenshi
Kerbal Space Program
Killer is Dead
Killing Floor
Killing Floor Mod: Defence Alliance 2
Kinetic Void
King Arthur II - The Role-playing Wargame
Knytt Underground
Kung Fu Strike: The Warrior's Rise
L.A. Noire
Law & Order: Legacies
League of Legends
LEGO - The Hobbit
LEGO Batman 2
LEGO Batman: The Videogame
LEGO Lord of the Rings
LEGO MARVEL Super Heroes
Lego Star Wars Saga
LEGO® Pirates of the Caribbean The Video Game
LG Tool Kit
LG USB Modem driver
Lichdom: Battlemage
Life is Feudal: Your Own
Lifeless Planet
LightScribe System Software
Logitech Gaming Software
Logitech Gaming Software 8.57
LogMeIn Rescue Technician Console
Lost Planet 3
m05 SurveillanceSaver 1.0
Maelstrom
Mafia
Mafia II
Magic ISO Maker v5.5 (build 0281)
MakeMKV v1.8.9
Malwarebytes Anti-Malware version 2.0.4.1028
Mare Nostrum
Mark of the Ninja
MarketResearch
Mars: War Logs
Marvel Heroes
marvell 91xx driver
MechWarrior Online
Medal of Honor: Airborne
MediaCoder x64 0.8.30.5622
Mercenaries 2 World in Flames™
METAL GEAR RISING: REVENGEANCE
Metro 2033 Redux
Metro: Last Light
Metro: Last Light Redux
Microsoft .NET Framework 1.1
Microsoft .NET Framework 4.5.1
Microsoft Application Error Reporting
Microsoft Games for Windows - LIVE Redistributable
Microsoft Games for Windows Marketplace
Microsoft Garage Mouse without Borders
Microsoft Lync 2010
Microsoft Office 365 ProPlus - en-us
Microsoft OneDrive for Business 2013 - en-us
Microsoft Silverlight
Microsoft SQL Server 2005 Compact Edition [ENU]
Microsoft Virtual PC 2007
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2005 Redistributable (x64)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005
Microsoft Visual Studio 2010 Tools for Office Runtime (x64)
Microsoft Xbox 360 Accessories 1.2
Microsoft XNA Framework Redistributable 3.1
Microsoft XNA Framework Redistributable 4.0 Refresh
Microsoft_VC80_ATL_x86
Microsoft_VC80_ATL_x86_x64
Microsoft_VC80_CRT_x86
Microsoft_VC80_CRT_x86_x64
Microsoft_VC80_MFC_x86
Microsoft_VC80_MFC_x86_x64
Microsoft_VC80_MFCLOC_x86
Microsoft_VC80_MFCLOC_x86_x64
Microsoft_VC90_ATL_x86
Microsoft_VC90_ATL_x86_x64
Microsoft_VC90_CRT_x86
Microsoft_VC90_CRT_x86_x64
Microsoft_VC90_MFC_x86
Microsoft_VC90_MFC_x86_x64
Middle-earth: Shadow of Mordor
Minion
mIRC
MKVToolNix 7.0.0 (64bit)
Monaco
Monday Night Combat
MotoCast
MOTOROLA MEDIA LINK
Mount & Blade: Warband
Movie Maker
Mozilla Firefox 32.0.2 (x86 en-US)
Mozilla Maintenance Service
MSI Afterburner 4.0.0
MSI Kombustor 2.5.0
MSVCRT
MSVCRT110
MSVCRT110_amd64
MSXML 4.0 SP3 Parser
MSXML 4.0 SP3 Parser (KB2758694)
Multi Timer 3.6
MURDERED: SOUL SUSPECT™
MuseScore 1.3
MyFreeCodec
Natural Selection 2
Nether
Nikopol: Secrets of the Immortals
NirSoft ShellExView
Nosgoth
Notepad++
NVIDIA 3D Vision Controller Driver 344.75
NVIDIA 3D Vision Driver 344.75
NVIDIA Control Panel 344.75
NVIDIA GeForce Experience 2.1.4
NVIDIA GeForce Experience Service
NVIDIA Graphics Driver 344.75
NVIDIA HD Audio Driver 1.3.32.1
NVIDIA Install Application
NVIDIA LED Visualizer 1.0
NVIDIA Network Service
NVIDIA PhysX
NVIDIA PhysX (Legacy)
NVIDIA PhysX System Software 9.14.0702
NVIDIA ShadowPlay 16.13.65
NVIDIA Stereoscopic 3D Driver
NVIDIA Update 16.13.65
NVIDIA Update Core
NVIDIA Virtual Audio 1.2.26
NVMS5 Standard Edition
OCR Software by I.R.I.S. 13.0
Office 15 Click-to-Run Extensibility Component
Office 15 Click-to-Run Licensing Component
Office 15 Click-to-Run Localization Component
Officejet J4500 Series
Omerta - City of Gangsters
Only If
OnTopReplica
Open Broadcaster Software
Open DVD Ripper 3.30 Build 507
OpenAL
Orbital Gear
Orborun
Origin
Out of the Park Baseball 14
Pando Media Booster
Pandora
Papers, Please
Path of Exile
Patrician III
PAYDAY 2
PDF Settings CS5
PeerBlock 1.2 (r693)
Pepakura Designer 3
Pepakura Viewer 3
Photo Common
Photo Gallery
Pirates Of The Burning Sea
Pirates of the Caribbean - At Worlds End
Pirates! Gold Plus (Classic)
Plague Inc: Evolved
Planet Explorers
Planet Stronghold
Planetary Annihilation
PlanetSide 2
PlayLater
PlayOn
Plex Home Theater
Plex Media Server
Poker Night 2
Poker Night at the Inventory
Police Destruction Street
Police Simulator 2
Pool Nation
Post Mortem
Power CD+G Burner 2
Power SCDG Ripper
Praetorians
Pressure
Prison Architect
ProductContext
Proxy Switcher
PunkBuster Services
Puzzle Agent
Puzzle Agent 2
PxMergeModule
Quantum Conundrum
QuickTime 7
R.I.P.D.: The Game
Rage Runner
Raptr
Rapture3D 2.4.8 Game
Real Heroes Firefighter
RealDownloader
Realms of Arkania: Blade of Destiny
RealNetworks - Microsoft Visual C++ 2008 Runtime
RealNetworks - Microsoft Visual C++ 2010 Runtime
RealPlayer Cloud
RealUpgrade 1.1
Recovery Search and Rescue Simulation
Red Orchestra 2: Heroes of Stalingrad
Red Orchestra 2: Heroes of Stalingrad Beta
Red Orchestra: Ostfront 41-45
Rescue: Everyday Heroes
Residue: Final Cut
Return to Mysterious Island
Return to Mysterious Island 2
Rex Nebular and the Cosmic Gender Bender
Riot Police
Risen 3 - Titan Lords
RivaTuner Statistics Server 6.2.0
RoboBasket3
Rocksmith 2014
Rome: Total War
Rulers of Nations
Rust
Sacred 2 Gold
Sacred 3
Saints Row IV
salesforce.com Data Loader
Sam & Max 101: Culture Shock
Sam & Max 102: Situation: Comedy
Sam & Max 103: The Mole, the Mob and the Meatball
Sam & Max 104: Abe Lincoln Must Die!
Sam & Max 105: Reality 2.0
Sam & Max 106: Bright Side of the Moon
Sam & Max 201: Ice Station Santa
Sam & Max 202: Moai Better Blues
Sam & Max 203: Night of the Raving Dead
Sam & Max 204: Chariots of the Dogs
Sam & Max 205: What's New Beelzebub?
Sam & Max 301: The Penal Zone
Sam & Max 302: The Tomb of Sammun-Mak
Sam & Max 303: They Stole Max's Brain!
Sam & Max 304: Beyond the Alley of the Dolls
Sam & Max 305: The City that Dares not Sleep
SamLogic USB Supervisor
Samsung Kies
Samsung Kies3
Samsung Story Album Viewer
SAMSUNG USB Driver for Mobile Phones
Saturday Morning RPG
Scan
Scania Truck Driving Simulator
Scratches: Director's Cut
Security Update for Microsoft .NET Framework 4.5.1 (KB2898869)
Security Update for Microsoft .NET Framework 4.5.1 (KB2901126)
Security Update for Microsoft .NET Framework 4.5.1 (KB2931368)
Security Update for Microsoft .NET Framework 4.5.1 (KB2978128)
Sentinel 3: Homeworld
Shadow Ops: Red Mercury
Shadowrun Online
Shadowrun Returns
SHIELD Streaming
SHIELD Wireless Controller Driver
Ship Simulator Extremes
Ship Simulator: Maritime Search and Rescue
Shop for HP Supplies
Sid Meier's Colonization (Classic)
Sid Meier's Covert Action (Classic)
Sine Mora
Ski Region Simulator
Skyborn
SkyDrift
Skype Click to Call
Skype for Salesforce Basic Edition
Skype™ 7.0
Slave Zero
Smart Technology Programming Software 7.0.24.8
SmartWebPrinting
Smite
Sniper Elite 3
Sniper Ghost Warrior 2
Sniper: Ghost Warrior
SolutionCenter
Sound Blaster Audigy 5_Audigy Rx
Space Empires IV Deluxe
Space Engineers
Space Trader: Merchant Marine
Spacebase DF-9
Spec Ops: The Line
Speccy
Speed Kills
Speedball 2 HD
SpeedFan (remove only)
Spelunky
Spintires
Splashtop Personal
Splashtop Software Updater
Splashtop Streamer
Spore
Spore: Creepy & Cute Parts Pack
Spore: Galactic Adventures
Spotify
Star Conflict
StarDrive
StarForge Alpha
State of Decay
Status
Steam
Steel Storm: Burning Retribution
Still Life
Still Life 2
Strike Suit Infinity
Strike Suit Zero
Strong Bad Episode 1: Homestar Ruiner
Strong Bad Episode 2: Strong Badia the Free
Strong Bad Episode 3: Baddest of the Bands
Strong Bad Episode 4: Dangeresque 3
Strong Bad Episode 5: 8-Bit Is Enough
SUABnR
Super Monday Night Combat
Supreme Commander
Supreme Commander: Forged Alliance
SWAT 4
SWAT 4 - The Stetchkov Syndicate
Swift Elite 1.0 Release 1.012
Sword of the Samurai
Syder Arcade
System Requirements Lab for Intel
Take On Helicopters
Taxi
TeamSpeak 3 Client
TeamViewer 9
Telltale Texas Hold'Em
Tesla Effect
The 39 Steps
The Ball
The Cat Lady
The Chronicles of Narnia - Prince Caspian
The Crew
The Dark Eye: Chains of Satinav
The Elder Scrolls Online
The Few
The Incredible Adventures of Van Helsing
The LEGO® Movie - Videogame
The Mighty Quest For Epic Loot
The Red Solstice
The Saboteur™
The Ship
The Ship Single Player
The Ship Tutorial
The Stanley Parable
The Swapper
The Testament of Sherlock Holmes
The Walking Dead
The Walking Dead: Season Two
The Witcher 2: Assassins of Kings Enhanced Edition
The Wolf Among Us
theHunter
theRenamer 7.68
Thief
This War of Mine
Thunder Wolves
Tidalis
Time Gentlemen, Please!
Titanfall™
Tixati
Tom Clancy's Splinter Cell Blacklist
Tom Clancy's Splinter Cell: Conviction
Toolbox
Total Pro Golf 3
Toy Story 3
Toy Story Mania
TrayApp
Trials Fusion
Tron 2.0
TRON: Evolution
Tropico 3 - Steam Special Edition
Tropico 4
Trucks & Trailers
Under the Ocean
Unity Web Player
UpdateService
Uplay
Urban Trial Freestyle
USB Multi-Channel Audio Device
USBFast
Vector
Velvet Assassin
Verizon Wireless Software Upgrade Assistant - Samsung(ar)
Verizon Wireless Software Utility Application for Android - Samsung
Viking: Battle for Asgard
VST Bridge 1.1
War Thunder
Warframe
Wargame: AirLand Battle
Warhammer 40,000 Space Marine
Wasteland 1 - The Original Classic
Wasteland 2
Watchmen: The End Is Nigh
Watchmen: The End Is Nigh Part 2
WebReg
WinCDG Pro 3.0 Release 3.0
Windows 7 Codec Pack 4.0.9
Windows Live Communications Platform
Windows Live Essentials
Windows Live ID Sign-in Assistant
Windows Live Installer
Windows Live Photo Common
Windows Live PIMT Platform
Windows Live SOXE
Windows Live SOXE Definitions
Windows Live UX Platform
Windows Live UX Platform Language Pack
Windows Mobile Device Center
Windows Mobile Device Center Driver Update
Wing Commander III
WinPcap 4.0.2
WinRAR archiver
Woodcutter Simulator 2013
Workspace Desktop
World Basketball Tycoon
ZViewer version 1.0.1.31
.
==== Event Viewer Messages From Past Week ========
.
12/18/2014 8:46:26 AM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: SDHookDriver
12/18/2014 8:46:26 AM, Error: Service Control Manager [7022] - The AsusFanControlService service hung on starting.
12/18/2014 8:44:59 AM, Error: Microsoft-Windows-IIS-W3SVC [1004] - The World Wide Web Publishing Service (WWW Service) did not register the URL prefix :80/[/url] for site 1. The site has been disabled. The data field contains the error number.
12/18/2014 8:44:59 AM, Error: Microsoft-Windows-HttpEvent [15005] - Unable to bind to the underlying transport for [::]:80. The IP Listen-Only list may contain a reference to an interface which may not exist on this machine. The data field contains the error number.
12/18/2014 8:44:58 AM, Error: Service Control Manager [7001] - The Net.Tcp Listener Adapter service depends on the Net.Tcp Port Sharing Service service which failed to start because of the following error: The service did not respond to the start or control request in a timely fashion.
12/18/2014 8:43:44 AM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Net.Tcp Port Sharing Service service to connect.
12/18/2014 8:43:44 AM, Error: Service Control Manager [7000] - The Net.Tcp Port Sharing Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
12/18/2014 8:42:59 AM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Mouse without Borders Service service to connect.
12/18/2014 8:42:59 AM, Error: Service Control Manager [7000] - The Mouse without Borders Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
12/18/2014 8:41:29 AM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the DisplayFusionService service to connect.
12/18/2014 8:41:29 AM, Error: Service Control Manager [7000] - The DisplayFusionService service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
12/15/2014 12:43:01 PM, Error: Schannel [36888] - The following fatal alert was generated: 10. The internal error state is 10.
12/15/2014 12:36:51 PM, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: cdrom SDHookDriver
12/15/2014 12:33:59 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the NVMS-SRV-CMS service to connect.
12/15/2014 12:33:59 PM, Error: Service Control Manager [7000] - The NVMS-SRV-CMS service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
12/12/2014 4:21:57 PM, Error: Schannel [36888] - The following fatal alert was generated: 43. The internal error state is 552.
.
==== End Of File ===========================
 
Welcome aboard

Please, observe following rules:
  • Read all of my instructions very carefully. Your mistakes during cleaning process may have very serious consequences, like unbootable computer.
  • If you're stuck, or you're not sure about certain step, always ask before doing anything else.
  • Please refrain from running any tools, fixes or applying any changes to your computer other than those I suggest.
  • Never run more than one scan at a time.
  • Keep updating me regarding your computer behavior, good, or bad.
  • The cleaning process, once started, has to be completed. Even if your computer appears to act better, it may still be infected. Once the computer is totally clean, I'll certainly let you know.
  • If you leave the topic without explanation in the middle of a cleaning process, you may not be eligible to receive any more help in malware removal forum.
  • I close my topics if you have not replied in 5 days. If you need more time, simply let me know. If I closed your topic and you need it to be reopened, simply PM me.

================================

redtarget.gif
Download RogueKiller from one of the following links and save it to your Desktop:

Link 1
Link 2

  • Close all the running programs
  • Windows Vista/7/8 users: right click on RogueKiller.exe, click Run as Administrator
  • Otherwise just double-click on RogueKiller.exe
  • Pre-scan will start. Let it finish.
  • Click on SCAN button.
  • Wait until the Status box shows Scan Finished
  • Click on Delete.
  • Wait until the Status box shows Deleting Finished.
  • Click on Report and copy/paste the content of the Notepad into your next reply.
  • RKreport.txt could also be found on your desktop.
  • If more than one log is produced post all logs.
  • If RogueKiller has been blocked, do not hesitate to try a few times more. If really won't run, rename it to winlogon.exe (or winlogon.com) and try again

redtarget.gif
Create new restore point before proceeding with the next step....
How to: http://www.smartestcomputing.us.com/topic/63983-how-to-create-new-restore-point-all-windows/

Download
51a5f31352b88-icon_MBAR.png
Malwarebytes Anti-Rootkit (MBAR) to your desktop.
  • Warning! Malwarebytes Anti-Rootkit needs to be run from an account with administrator rights.
  • Double click on downloaded file. OK self extracting prompt.
  • MBAR will start. Click "Next" to continue.
  • Click in the following screen "Update" to obtain the latest malware definitions.
  • Once the update is complete select "Next" and click "Scan".
  • When the scan is finished and no malware has been found select "Exit".
  • If malware was detected, make sure to check all the items and click "Cleanup". Reboot your computer.
  • Open the MBAR folder located on your Desktop and paste the content of the following files in your next reply:
    • "mbar-log-{date} (xx-xx-xx).txt"
    • "system-log.txt"
NOTE. If you see This version requires you to completely exit the Anti Malware application message right click on the Malwarebytes Anti-Malware icon in the system tray and click on Exit.
 
RogueKiller Step:

RogueKiller V10.1.0.0 [Dec 11 2014] by Adlice Software
mail : http://www.adlice.com/contact/
Feedback : http://forum.adlice.com
Website : http://www.adlice.com/softwares/roguekiller/
Blog : http://www.adlice.com

Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Started in : Normal mode
User : KnightCat [Administrator]
Mode : Delete -- Date : 12/18/2014 21:37:31

¤¤¤ Processes : 2 ¤¤¤
[Suspicious.Path] workspaceupdate.exe -- C:\Users\KnightCat\AppData\Local\Workspace\workspaceupdate.exe[7] -> Killed [TermProc]
[Suspicious.Path] (SVC) ALSysIO -- \??\C:\Users\KNIGHT~1\AppData\Local\Temp\ALSysIO64.sys[x] -> Stopped

¤¤¤ Registry : 22 ¤¤¤
[Suspicious.Path] (X64) HKEY_USERS\S-1-5-21-2305213872-2505911372-3816809497-1000\Software\Microsoft\Windows\CurrentVersion\Run | Workspace Status : "C:\Users\KnightCat\AppData\Local\Workspace\workspacestatus.exe" [7] -> Deleted
[Suspicious.Path] (X64) HKEY_USERS\S-1-5-21-2305213872-2505911372-3816809497-1000\Software\Microsoft\Windows\CurrentVersion\Run | Starfield Updater : "C:\Users\KnightCat\AppData\Local\Workspace\workspaceupdate.exe" [7] -> Deleted
[Suspicious.Path] (X86) HKEY_USERS\S-1-5-21-2305213872-2505911372-3816809497-1000\Software\Microsoft\Windows\CurrentVersion\Run | Workspace Status : "C:\Users\KnightCat\AppData\Local\Workspace\workspacestatus.exe" -> ERROR [2]
[Suspicious.Path] (X86) HKEY_USERS\S-1-5-21-2305213872-2505911372-3816809497-1000\Software\Microsoft\Windows\CurrentVersion\Run | Starfield Updater : "C:\Users\KnightCat\AppData\Local\Workspace\workspaceupdate.exe" -> ERROR [2]
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\ALSysIO (\??\C:\Users\KNIGHT~1\AppData\Local\Temp\ALSysIO64.sys) -> Not selected
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\BRDriver64 (\??\C:\programdata\bitraider\BRDriver64.sys) -> Not selected
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\BRSptSvc ("C:\programdata\bitraider\BRSptSvc.exe") -> Not selected
[PUP] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\vToolbarUpdater18.0.0 (C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.0.0\ToolbarUpdater.exe) -> Not selected
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\ALSysIO (\??\C:\Users\KNIGHT~1\AppData\Local\Temp\ALSysIO64.sys) -> Not selected
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\BRDriver64 (\??\C:\programdata\bitraider\BRDriver64.sys) -> Not selected
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\BRSptSvc ("C:\programdata\bitraider\BRSptSvc.exe") -> Not selected
[PUP] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\vToolbarUpdater18.0.0 (C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.0.0\ToolbarUpdater.exe) -> Not selected
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\ALSysIO (\??\C:\Users\KNIGHT~1\AppData\Local\Temp\ALSysIO64.sys) -> Not selected
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\BRDriver64 (\??\C:\programdata\bitraider\BRDriver64.sys) -> Not selected
[Suspicious.Path] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\BRSptSvc ("C:\programdata\bitraider\BRSptSvc.exe") -> Not selected
[PUP] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\vToolbarUpdater18.0.0 (C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.0.0\ToolbarUpdater.exe) -> Not selected
[PUM.Policies] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System | ConsentPromptBehaviorAdmin : 0 -> Not selected
[PUM.Policies] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System | ConsentPromptBehaviorAdmin : 0 -> Not selected
[PUM.DesktopIcons] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1 -> Not selected
[PUM.DesktopIcons] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1 -> Not selected
[PUM.DesktopIcons] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1 -> Not selected
[PUM.DesktopIcons] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1 -> Not selected

¤¤¤ Tasks : 0 ¤¤¤

¤¤¤ Files : 1 ¤¤¤
[Suspicious.Path][File] Verizon Wireless Software Utility Application for Android – Samsung.lnk -- C:\Users\KnightCat\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\AutorunsDisabled\Verizon Wireless Software Utility Application for Android – Samsung.lnk [LNK@] C:\Users\KNIGHT~1\AppData\Roaming\VERIZON\UA_ar\UA.exe -> Deleted

¤¤¤ Hosts File : 0 [Too big!] ¤¤¤

¤¤¤ Antirootkit : 0 (Driver: Not loaded [0xc000036b]) ¤¤¤

¤¤¤ Web browsers : 1 ¤¤¤
[PUM.HomePage][FIREFX:Config] ewzku24u.Seth : user_pref("browser.startup.homepage", "http://mysearch.avg.com?cid={9BD985...g&cmpid=&pr=sa&d=&v=&pid=safeguard&sg=&sap=hp"); -> Not selected

¤¤¤ MBR Check : ¤¤¤
+++++ PhysicalDrive0: WDC WD40EZRX-00SPEB0 ATA Device +++++
--- User ---
[MBR] 0086f36f0b7bc8b257f89fc226376c3d
[BSP] 9e3b3c473b1db0daa516427cdae6e1cc : Windows Vista/7/8 MBR Code
Partition table:
0 - [XXXXXX] UNKNOWN (0x0) [VISIBLE] Offset (sectors): 1 | Size: 2097151 MB
User = LL1 ... OK
User = LL2 ... OK

+++++ PhysicalDrive1: ST4000DM000-1F2168 ATA Device +++++
--- User ---
[MBR] 0086f36f0b7bc8b257f89fc226376c3d
[BSP] 9e3b3c473b1db0daa516427cdae6e1cc : Windows Vista/7/8 MBR Code
Partition table:
0 - [XXXXXX] UNKNOWN (0x0) [VISIBLE] Offset (sectors): 1 | Size: 2097151 MB
User = LL1 ... OK
User = LL2 ... OK

+++++ PhysicalDrive2: WDC WD5000AAKX-083CA0 ATA Device +++++
--- User ---
[MBR] e02cc8630810cd7d615049244ed6712e
[BSP] a8b080c376ca9f15c156d8dfefe74914 : Windows Vista/7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 100 MB
1 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 206848 | Size: 476838 MB
User = LL1 ... OK
User = LL2 ... OK

+++++ PhysicalDrive3: WDC WD2002FAEX-007BA0 ATA Device +++++
--- User ---
[MBR] 0086f36f0b7bc8b257f89fc226376c3d
[BSP] 9e3b3c473b1db0daa516427cdae6e1cc : Windows Vista/7/8 MBR Code
Partition table:
0 - [XXXXXX] UNKNOWN (0x0) [VISIBLE] Offset (sectors): 1 | Size: 2097151 MB
User = LL1 ... OK
User = LL2 ... OK

+++++ PhysicalDrive4: Generic Storage Device USB Device +++++
Error reading User MBR! ([15] The device is not ready. )
Error reading LL1 MBR! NOT VALID!
Error reading LL2 MBR! ([32] The request is not supported. )


============================================
RKreport_SCN_12182014_213542.log
 
Malwarebytes Anti-Rootkit BETA 1.08.2.1001
www.malwarebytes.org

Database version: v2014.12.19.01

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.17420
KnightCat :: KNIGHTCAT-PC [administrator]

12/18/2014 9:42:35 PM
mbar-log-2014-12-18 (21-42-35).txt

Scan type: Quick scan
Scan options enabled: Anti-Rootkit | Drivers | MBR | Physical Sectors | Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken
Scan options disabled:
Objects scanned: 407125
Time elapsed: 22 minute(s), 1 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

Physical Sectors Detected: 0
(No malicious items detected)

(end)

-------------------------------------------------------------------------------------------------

---------------------------------------
Malwarebytes Anti-Rootkit BETA 1.08.2.1001

(c) Malwarebytes Corporation 2011-2012

OS version: 6.1.7601 Windows 7 Service Pack 1 x64

Account is Administrative

Internet Explorer version: 11.0.9600.17420

File system is: NTFS
Disk drives: C:\ DRIVE_FIXED, F:\ DRIVE_FIXED, G:\ DRIVE_FIXED, I:\ DRIVE_FIXED
CPU speed: 3.302000 GHz
Memory total: 34297122816, free: 26115735552

Downloaded database version: v2014.12.19.01
Downloaded database version: v2014.12.14.01
Downloaded database version: v2014.12.06.01
=======================================
Initializing...
------------ Kernel report ------------
12/18/2014 21:42:23
------------ Loaded modules -----------
\SystemRoot\system32\ntoskrnl.exe
\SystemRoot\system32\hal.dll
\SystemRoot\system32\kdcom.dll
\SystemRoot\system32\mcupdate_GenuineIntel.dll
\SystemRoot\system32\PSHED.dll
\SystemRoot\system32\CLFS.SYS
\SystemRoot\system32\CI.dll
\SystemRoot\system32\drivers\Wdf01000.sys
\SystemRoot\system32\drivers\WDFLDR.SYS
\SystemRoot\system32\drivers\ACPI.sys
\SystemRoot\system32\drivers\WMILIB.SYS
\SystemRoot\system32\drivers\msisadrv.sys
\SystemRoot\system32\drivers\pci.sys
\SystemRoot\system32\drivers\vdrvroot.sys
\SystemRoot\System32\drivers\partmgr.sys
\SystemRoot\system32\drivers\volmgr.sys
\SystemRoot\System32\drivers\volmgrx.sys
\SystemRoot\System32\drivers\mountmgr.sys
\SystemRoot\system32\drivers\atapi.sys
\SystemRoot\system32\drivers\ataport.SYS
\SystemRoot\system32\drivers\msahci.sys
\SystemRoot\system32\drivers\PCIIDEX.SYS
\SystemRoot\system32\drivers\amdxata.sys
\SystemRoot\system32\drivers\fltmgr.sys
\SystemRoot\system32\drivers\fileinfo.sys
\SystemRoot\System32\Drivers\PxHlpa64.sys
\SystemRoot\System32\Drivers\Ntfs.sys
\SystemRoot\System32\Drivers\msrpc.sys
\SystemRoot\System32\Drivers\ksecdd.sys
\SystemRoot\System32\Drivers\cng.sys
\SystemRoot\System32\drivers\pcw.sys
\SystemRoot\System32\Drivers\Fs_Rec.sys
\SystemRoot\system32\drivers\ndis.sys
\SystemRoot\system32\drivers\NETIO.SYS
\SystemRoot\System32\Drivers\ksecpkg.sys
\SystemRoot\System32\drivers\tcpip.sys
\SystemRoot\System32\drivers\fwpkclnt.sys
\SystemRoot\system32\DRIVERS\aswNdisFlt.sys
\SystemRoot\system32\drivers\vmstorfl.sys
\SystemRoot\system32\drivers\volsnap.sys
\SystemRoot\System32\Drivers\spldr.sys
\SystemRoot\SysWOW64\speedfan.sys
\SystemRoot\System32\drivers\rdyboost.sys
\SystemRoot\System32\Drivers\mup.sys
\SystemRoot\System32\drivers\hwpolicy.sys
\SystemRoot\System32\DRIVERS\fvevol.sys
\SystemRoot\system32\drivers\disk.sys
\SystemRoot\system32\drivers\CLASSPNP.SYS
\SystemRoot\System32\Drivers\aswVmm.sys
\SystemRoot\System32\Drivers\aswRvrt.sys
\SystemRoot\system32\drivers\aswSnx.sys
\SystemRoot\system32\drivers\aswSP.sys
\SystemRoot\System32\Drivers\Null.SYS
\SystemRoot\System32\Drivers\Beep.SYS
\??\C:\Windows\system32\drivers\avgtpx64.sys
\SystemRoot\system32\drivers\aswKbd.sys
\SystemRoot\System32\drivers\vga.sys
\SystemRoot\System32\drivers\VIDEOPRT.SYS
\SystemRoot\System32\drivers\watchdog.sys
\SystemRoot\System32\DRIVERS\RDPCDD.sys
\SystemRoot\system32\drivers\rdpencdd.sys
\SystemRoot\system32\drivers\rdprefmp.sys
\SystemRoot\System32\Drivers\Msfs.SYS
\SystemRoot\System32\Drivers\Npfs.SYS
\SystemRoot\system32\DRIVERS\tdx.sys
\SystemRoot\system32\DRIVERS\TDI.SYS
\SystemRoot\system32\drivers\afd.sys
\SystemRoot\system32\drivers\aswRdr2.sys
\SystemRoot\System32\DRIVERS\netbt.sys
\SystemRoot\system32\DRIVERS\wfplwf.sys
\SystemRoot\system32\DRIVERS\pacer.sys
\SystemRoot\system32\DRIVERS\netbios.sys
\SystemRoot\system32\DRIVERS\serial.sys
\SystemRoot\system32\DRIVERS\wanarp.sys
\??\C:\Windows\system32\Drivers\vmm.sys
\SystemRoot\system32\DRIVERS\termdd.sys
\SystemRoot\system32\DRIVERS\rdbss.sys
\SystemRoot\system32\drivers\nsiproxy.sys
\SystemRoot\system32\DRIVERS\mssmbios.sys
\SystemRoot\System32\Drivers\GizmoDrv.SYS
\SystemRoot\System32\drivers\discache.sys
\SystemRoot\system32\drivers\csc.sys
\SystemRoot\System32\Drivers\dfsc.sys
\SystemRoot\system32\DRIVERS\blbdrive.sys
\SystemRoot\SysWow64\drivers\AsUpIO.sys
\SystemRoot\SysWow64\drivers\AsIO.sys
\SystemRoot\system32\DRIVERS\tunnel.sys
\SystemRoot\system32\DRIVERS\nvlddmkm.sys
\SystemRoot\System32\drivers\dxgkrnl.sys
\SystemRoot\System32\drivers\dxgmms1.sys
\SystemRoot\system32\DRIVERS\HDAudBus.sys
\SystemRoot\system32\DRIVERS\e1c62x64.sys
\SystemRoot\system32\DRIVERS\usbehci.sys
\SystemRoot\system32\DRIVERS\USBPORT.SYS
\SystemRoot\system32\drivers\ctaud2k.sys
\SystemRoot\system32\drivers\portcls.sys
\SystemRoot\system32\drivers\drmk.sys
\SystemRoot\system32\drivers\ks.sys
\SystemRoot\system32\drivers\ctoss2k.sys
\SystemRoot\system32\drivers\ctprxy2k.sys
\SystemRoot\system32\drivers\ksthunk.sys
\SystemRoot\system32\DRIVERS\asmtxhci.sys
\SystemRoot\system32\DRIVERS\1394ohci.sys
\SystemRoot\system32\DRIVERS\serenum.sys
\SystemRoot\system32\DRIVERS\ICCWDT.sys
\SystemRoot\system32\DRIVERS\wmiacpi.sys
\SystemRoot\system32\DRIVERS\intelppm.sys
\SystemRoot\system32\DRIVERS\VMNetSrv.sys
\SystemRoot\system32\DRIVERS\CompositeBus.sys
\SystemRoot\system32\drivers\povrtdev.sys
\SystemRoot\system32\DRIVERS\AgileVpn.sys
\SystemRoot\system32\DRIVERS\rasl2tp.sys
\SystemRoot\system32\DRIVERS\ndistapi.sys
\SystemRoot\system32\DRIVERS\ndiswan.sys
\SystemRoot\system32\DRIVERS\raspppoe.sys
\SystemRoot\system32\DRIVERS\raspptp.sys
\SystemRoot\system32\DRIVERS\rassstp.sys
\SystemRoot\system32\drivers\SaiBus.sys
\SystemRoot\system32\DRIVERS\rdpbus.sys
\SystemRoot\system32\DRIVERS\kbdclass.sys
\SystemRoot\system32\DRIVERS\mouclass.sys
\SystemRoot\system32\DRIVERS\swenum.sys
\SystemRoot\system32\drivers\LGBusEnum.sys
\SystemRoot\system32\DRIVERS\umbus.sys
\SystemRoot\system32\drivers\nvvad64v.sys
\SystemRoot\system32\DRIVERS\usbhub.sys
\SystemRoot\System32\Drivers\NDProxy.SYS
\SystemRoot\system32\DRIVERS\SaiMini.sys
\SystemRoot\system32\DRIVERS\HIDCLASS.SYS
\SystemRoot\system32\DRIVERS\HIDPARSE.SYS
\SystemRoot\system32\drivers\nvhda64v.sys
\SystemRoot\system32\drivers\HdAudio.sys
\SystemRoot\system32\DRIVERS\asmthub3.sys
\SystemRoot\SysWow64\drivers\ASUSFILTER.sys
\SystemRoot\system32\drivers\hap17v2k.sys
\SystemRoot\system32\drivers\ha10kx2k.sys
\SystemRoot\system32\drivers\emupia2k.sys
\SystemRoot\system32\drivers\ctsfm2k.sys
\SystemRoot\system32\drivers\ctac32k.sys
\SystemRoot\System32\drivers\COMMONFX.SYS
\SystemRoot\System32\drivers\CTSBLFX.SYS
\SystemRoot\System32\drivers\CTAUDFX.SYS
\SystemRoot\system32\DRIVERS\kbdhid.sys
\SystemRoot\system32\DRIVERS\mouhid.sys
\SystemRoot\system32\DRIVERS\USBSTOR.SYS
\SystemRoot\system32\DRIVERS\USBD.SYS
\SystemRoot\system32\DRIVERS\GEARAspiWDM.sys
\SystemRoot\system32\DRIVERS\cdfs.sys
\SystemRoot\system32\DRIVERS\SaiU1708.sys
\SystemRoot\system32\DRIVERS\hidusb.sys
\SystemRoot\system32\DRIVERS\SaiK1708.sys
\SystemRoot\System32\Drivers\crashdmp.sys
\SystemRoot\System32\Drivers\dump_dumpata.sys
\SystemRoot\System32\Drivers\dump_msahci.sys
\SystemRoot\System32\Drivers\dump_dumpfve.sys
\SystemRoot\system32\DRIVERS\usbccgp.sys
\SystemRoot\System32\Drivers\LGPBTDD.sys
\SystemRoot\System32\win32k.sys
\SystemRoot\System32\drivers\Dxapi.sys
\SystemRoot\system32\DRIVERS\monitor.sys
\SystemRoot\System32\TSDDD.dll
\SystemRoot\System32\cdd.dll
\SystemRoot\System32\ATMFD.DLL
\SystemRoot\system32\drivers\luafv.sys
\SystemRoot\system32\drivers\aswMonFlt.sys
\SystemRoot\system32\drivers\aswStm.sys
\SystemRoot\system32\DRIVERS\lltdio.sys
\SystemRoot\system32\DRIVERS\rspndr.sys
\SystemRoot\system32\drivers\HTTP.sys
\SystemRoot\system32\DRIVERS\bowser.sys
\SystemRoot\System32\drivers\mpsdrv.sys
\SystemRoot\system32\DRIVERS\mrxsmb.sys
\SystemRoot\system32\DRIVERS\mrxsmb10.sys
\SystemRoot\system32\DRIVERS\mrxsmb20.sys
\SystemRoot\system32\drivers\aswHwid.sys
\??\C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys
\??\C:\Program Files (x86)\IndieVolume\IndieVolume.DRV.x64.sys
\SystemRoot\system32\drivers\LGVirHid.sys
\SystemRoot\System32\Drivers\secdrv.SYS
\SystemRoot\System32\DRIVERS\srvnet.sys
\SystemRoot\System32\drivers\tcpipreg.sys
\??\C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys
\SystemRoot\System32\DRIVERS\srv2.sys
\SystemRoot\System32\DRIVERS\srv.sys
\??\C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys
\SystemRoot\system32\drivers\WudfPf.sys
\SystemRoot\system32\DRIVERS\WUDFRd.sys
\SystemRoot\system32\DRIVERS\asyncmac.sys
\SystemRoot\system32\drivers\usbscan.sys
\SystemRoot\system32\DRIVERS\usbprint.sys
\SystemRoot\system32\DRIVERS\dot4usb.sys
\SystemRoot\system32\DRIVERS\Dot4.sys
\SystemRoot\system32\DRIVERS\Dot4Prt.sys
\SystemRoot\system32\drivers\mrxdav.sys
\??\C:\Windows\system32\drivers\mbamchameleon.sys
\??\C:\Windows\system32\drivers\MBAMSwissArmy.sys
\Windows\System32\ntdll.dll
\Windows\System32\smss.exe
\Windows\System32\apisetschema.dll
----------- End -----------
Done!
<<<1>>>
Upper Device Name: \Device\Harddisk4\DR4
Upper Device Object: 0xfffffa801c09a060
Upper Device Driver Name: \Driver\Disk\
Lower Device Name: \Device\000000bc\
Lower Device Object: 0xfffffa801c005650
Lower Device Driver Name: \Driver\USBSTOR\
<<<1>>>
Upper Device Name: \Device\Harddisk3\DR3
Upper Device Object: 0xfffffa801a816790
Upper Device Driver Name: \Driver\Disk\
Lower Device Name: \Device\Ide\IdeDeviceP11T0L0-b\
Lower Device Object: 0xfffffa801a5ca060
Lower Device Driver Name: \Driver\atapi\
<<<1>>>
Upper Device Name: \Device\Harddisk2\DR2
Upper Device Object: 0xfffffa801a810790
Upper Device Driver Name: \Driver\Disk\
Lower Device Name: \Device\Ide\IdeDeviceP10T0L0-9\
Lower Device Object: 0xfffffa801a5ac060
Lower Device Driver Name: \Driver\atapi\
<<<1>>>
Upper Device Name: \Device\Harddisk1\DR1
Upper Device Object: 0xfffffa801a80a790
Upper Device Driver Name: \Driver\Disk\
Lower Device Name: \Device\Ide\IdeDeviceP13T0L0-d\
Lower Device Object: 0xfffffa801a592060
Lower Device Driver Name: \Driver\atapi\
<<<1>>>
Upper Device Name: \Device\Harddisk0\DR0
Upper Device Object: 0xfffffa801a804790
Upper Device Driver Name: \Driver\Disk\
Lower Device Name: \Device\Ide\IdeDeviceP12T0L0-c\
Lower Device Object: 0xfffffa801a587060
Lower Device Driver Name: \Driver\atapi\
<<<2>>>
Physical Sector Size: 512
Drive: 2, DevicePointer: 0xfffffa801a810790, DeviceName: \Device\Harddisk2\DR2\, DriverName: \Driver\Disk\
--------- Disk Stack ------
DevicePointer: 0xfffffa801a75d990, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xfffffa801a810790, DeviceName: \Device\Harddisk2\DR2\, DriverName: \Driver\Disk\
DevicePointer: 0xfffffa801a5ac060, DeviceName: \Device\Ide\IdeDeviceP10T0L0-9\, DriverName: \Driver\atapi\
------------ End ----------
Alternate DeviceName: \Device\Harddisk2\DR2\, DriverName: \Driver\Disk\
Upper DeviceData: 0x0, 0x0, 0x0
Lower DeviceData: 0x0, 0x0, 0x0
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
<<<2>>>
<<<3>>>
Volume: C:
File system type: NTFS
SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes
Scanning drivers directory: C:\WINDOWS\SYSTEM32\drivers...
Done!
Physical Sector Size: 512
Drive: 0, DevicePointer: 0xfffffa801a804790, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
--------- Disk Stack ------
DevicePointer: 0xfffffa801a8042c0, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xfffffa801a804790, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
DevicePointer: 0xfffffa801a587060, DeviceName: \Device\Ide\IdeDeviceP12T0L0-c\, DriverName: \Driver\atapi\
------------ End ----------
Alternate DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\
Upper DeviceData: 0x0, 0x0, 0x0
Lower DeviceData: 0x0, 0x0, 0x0
Drive 0
Scanning MBR on drive 0...
Inspecting partition table:
This drive is a GPT Drive.
MBR Signature: 55AA
Disk Signature: 0

GPT Protective MBR Partition information:

Partition 0 type is EFI-GPT (0xee)
Partition is NOT ACTIVE.
Partition starts at LBA: 1 Numsec = 4294967295

Partition 1 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0

Partition 2 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0

Partition 3 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0

GPT Partition information:

GPT Header Signature 4546492050415254
GPT Header Revision 65536 Size 92 CRC 198261298
GPT Header CurrentLba = 1 BackupLba 7814037167
GPT Header FirstUsableLba 34 LastUsableLba 7814037134
GPT Header Guid 639180aa-d258-4739-87a3-f2f6535e7213
GPT Header Contains 128 partition entries starting at LBA 2
GPT Header Partition entry size = 128

Backup GPT header Signature 4546492050415254
Backup GPT header Revision 65536 Size 92 CRC 198261298
Backup GPT header CurrentLba = 7814037167 BackupLba 1
Backup GPT header FirstUsableLba 34 LastUsableLba 7814037134
Backup GPT header Guid 639180aa-d258-4739-87a3-f2f6535e7213
Backup GPT header Contains 128 partition entries starting at LBA 7814037135
Backup GPT header Partition entry size = 128

Partition 0 Type 5808c8aa-7e8f-42e0-85d2-e1e9434cfb3
Partition ID ebc4b79a-1383-11e4-97fc-0272237fb8
FirstLBA 34 Last LBA 2081
Attributes 0
Partition Name LDM metadata partition

Partition 1 Type e3c9e316-b5c-4db8-817d-f92df0215ae
Partition ID ac2fb8-fa05-467c-ae1f-2ed5731514d1
FirstLBA 2082 Last LBA 262177
Attributes 0
Partition Name Microsoft reserved partition

Partition 2 Type af9b60a0-1431-4f62-bc68-3311714a69ad
Partition ID ebc4b7a9-1383-11e4-97fc-0272237fb8
FirstLBA 262178 Last LBA 7814037134
Attributes 0
Partition Name LDM data partition

Disk Size: 4000787030016 bytes
Sector size: 512 bytes

Done!
Physical Sector Size: 512
Drive: 1, DevicePointer: 0xfffffa801a80a790, DeviceName: \Device\Harddisk1\DR1\, DriverName: \Driver\Disk\
--------- Disk Stack ------
DevicePointer: 0xfffffa801a80a2c0, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xfffffa801a80a790, DeviceName: \Device\Harddisk1\DR1\, DriverName: \Driver\Disk\
DevicePointer: 0xfffffa801a592060, DeviceName: \Device\Ide\IdeDeviceP13T0L0-d\, DriverName: \Driver\atapi\
------------ End ----------
Alternate DeviceName: \Device\Harddisk1\DR1\, DriverName: \Driver\Disk\
Upper DeviceData: 0x0, 0x0, 0x0
Lower DeviceData: 0x0, 0x0, 0x0
Drive 1
Scanning MBR on drive 1...
Inspecting partition table:
This drive is a GPT Drive.
MBR Signature: 55AA
Disk Signature: 0

GPT Protective MBR Partition information:

Partition 0 type is EFI-GPT (0xee)
Partition is NOT ACTIVE.
Partition starts at LBA: 1 Numsec = 4294967295

Partition 1 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0

Partition 2 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0

Partition 3 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0

GPT Partition information:

GPT Header Signature 4546492050415254
GPT Header Revision 65536 Size 92 CRC 2557766428
GPT Header CurrentLba = 1 BackupLba 7814037167
GPT Header FirstUsableLba 34 LastUsableLba 7814037134
GPT Header Guid c02cb519-4251-425b-ab2f-9d373391543
GPT Header Contains 128 partition entries starting at LBA 2
GPT Header Partition entry size = 128

Backup GPT header Signature 4546492050415254
Backup GPT header Revision 65536 Size 92 CRC 2557766428
Backup GPT header CurrentLba = 7814037167 BackupLba 1
Backup GPT header FirstUsableLba 34 LastUsableLba 7814037134
Backup GPT header Guid c02cb519-4251-425b-ab2f-9d373391543
Backup GPT header Contains 128 partition entries starting at LBA 7814037135
Backup GPT header Partition entry size = 128

Partition 0 Type e3c9e316-b5c-4db8-817d-f92df0215ae
Partition ID 9d6d7418-10d8-412e-9a4b-4f8ef5b2795
FirstLBA 34 Last LBA 262177
Attributes 0
Partition Name Microsoft reserved partition

Partition 1 Type ebd0a0a2-b9e5-4433-87c0-68b6b72699c7
Partition ID 888a640a-a854-42f0-ab1e-7115f1d336bd
FirstLBA 264192 Last LBA 7814035455
Attributes 0
Partition Name Basic data partition

Disk Size: 4000787030016 bytes
Sector size: 512 bytes

Done!
Drive 2
This is a System drive
Scanning MBR on drive 2...
Inspecting partition table:
MBR Signature: 55AA
Disk Signature: A60CB2D3

Partition information:

Partition 0 type is Primary (0x7)
Partition is ACTIVE.
Partition starts at LBA: 2048 Numsec = 204800
Partition file system is NTFS
Partition is bootable

Partition 1 type is Primary (0x7)
Partition is NOT ACTIVE.
Partition starts at LBA: 206848 Numsec = 976564224

Partition 2 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0

Partition 3 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0

Disk Size: 500107862016 bytes
Sector size: 512 bytes

Done!
Physical Sector Size: 512
Drive: 3, DevicePointer: 0xfffffa801a816790, DeviceName: \Device\Harddisk3\DR3\, DriverName: \Driver\Disk\
--------- Disk Stack ------
DevicePointer: 0xfffffa801a8162c0, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xfffffa801a816790, DeviceName: \Device\Harddisk3\DR3\, DriverName: \Driver\Disk\
DevicePointer: 0xfffffa801a5ca060, DeviceName: \Device\Ide\IdeDeviceP11T0L0-b\, DriverName: \Driver\atapi\
------------ End ----------
Alternate DeviceName: \Device\Harddisk3\DR3\, DriverName: \Driver\Disk\
Upper DeviceData: 0x0, 0x0, 0x0
Lower DeviceData: 0x0, 0x0, 0x0
Drive 3
Scanning MBR on drive 3...
Inspecting partition table:
This drive is a GPT Drive.
MBR Signature: 55AA
Disk Signature: 0

GPT Protective MBR Partition information:

Partition 0 type is EFI-GPT (0xee)
Partition is NOT ACTIVE.
Partition starts at LBA: 1 Numsec = 4294967295

Partition 1 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0

Partition 2 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0

Partition 3 type is Empty (0x0)
Partition is NOT ACTIVE.
Partition starts at LBA: 0 Numsec = 0

GPT Partition information:

GPT Header Signature 4546492050415254
GPT Header Revision 65536 Size 92 CRC 780038172
GPT Header CurrentLba = 1 BackupLba 3907029167
GPT Header FirstUsableLba 34 LastUsableLba 3907029134
GPT Header Guid 492d48e7-1388-4218-af32-6632f158ab5d
GPT Header Contains 128 partition entries starting at LBA 2
GPT Header Partition entry size = 128

Backup GPT header Signature 4546492050415254
Backup GPT header Revision 65536 Size 92 CRC 780038172
Backup GPT header CurrentLba = 3907029167 BackupLba 1
Backup GPT header FirstUsableLba 34 LastUsableLba 3907029134
Backup GPT header Guid 492d48e7-1388-4218-af32-6632f158ab5d
Backup GPT header Contains 128 partition entries starting at LBA 3907029135
Backup GPT header Partition entry size = 128

Partition 0 Type 5808c8aa-7e8f-42e0-85d2-e1e9434cfb3
Partition ID ebc4b757-1383-11e4-97fc-0272237fb8
FirstLBA 34 Last LBA 2081
Attributes 0
Partition Name LDM metadata partition

Partition 1 Type e3c9e316-b5c-4db8-817d-f92df0215ae
Partition ID 95ab1a6-f158-4f9e-a2ca-695111f4e4f7
FirstLBA 2082 Last LBA 262177
Attributes 0
Partition Name Microsoft reserved partition

Partition 2 Type af9b60a0-1431-4f62-bc68-3311714a69ad
Partition ID ebc4b769-1383-11e4-97fc-0272237fb8
FirstLBA 262178 Last LBA 3907029134
Attributes 0
Partition Name LDM data partition

Disk Size: 2000398934016 bytes
Sector size: 512 bytes

Done!
Physical Sector Size: 0
Drive: 4, DevicePointer: 0xfffffa801c09a060, DeviceName: \Device\Harddisk4\DR4\, DriverName: \Driver\Disk\
--------- Disk Stack ------
DevicePointer: 0xfffffa801c09ab90, DeviceName: Unknown, DriverName: \Driver\partmgr\
DevicePointer: 0xfffffa801c09a060, DeviceName: \Device\Harddisk4\DR4\, DriverName: \Driver\Disk\
DevicePointer: 0xfffffa801c005650, DeviceName: \Device\000000bc\, DriverName: \Driver\USBSTOR\
------------ End ----------
Scan finished
=======================================


Removal queue found; removal started
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-0-I.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-0-r.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-1-I.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-1-r.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-2-I.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\VBR-2-0-2048-I.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-2-r.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-3-I.mbam...
Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR-3-r.mbam...
Removal finished
 
Please download ComboFix from Here, Here or Here to your Desktop.

**Note: In the event you already have Combofix, this is a new version that I need you to download. It is important that it is saved directly to your desktop**
  • Never rename Combofix unless instructed.
  • Close any open browsers.
  • Very Important! Temporarily disable your anti-virus and any anti-malware real-time protection before performing a scan. They can interfere with ComboFix or remove some of its embedded files which may cause "unpredictable results".
  • Click on this link to see a list of programs that should be disabled. The list is not all inclusive. If yours is not listed and you don't know how to disable it, please ask.
  • Close any open browsers.
  • WARNING: Combofix will disconnect your machine from the Internet as soon as it starts
  • Please do not attempt to re-connect your machine back to the Internet until Combofix has completely finished.
  • If there is no internet connection after running Combofix, then restart your computer to restore back your connection.
    If the connection is not there use restore point you created prior to running Combofix.
  • Double click on combofix.exe & follow the prompts.

  • NOTE1. If Combofix asks you to install Recovery Console, please allow it.
    NOTE 2. If Combofix asks you to update the program, always do so.
  • When finished, it will produce a report for you.
  • Please post the "C:\ComboFix.txt"
**Note 1: Do not mouseclick combofix's window while it's running. That may cause it to stall
**Note 2 for AVG and CA Internet Security (Total Defense Internet Security) users: ComboFix will not run until AVG/CA Internet Security is uninstalled as a protective measure against the anti-virus. This is because AVG/CA Internet Security "falsely" detects ComboFix (or its embedded files) as a threat and may remove them resulting in the tool not working correctly which in turn can cause "unpredictable results". Since AVG/CA Internet Security cannot be effectively disabled before running ComboFix, the author recommends you to uninstall AVG/CA Internet Security first.
Use AppRemover to uninstall it: https://www.techspot.com/downloads/5514-appremover.html
We can reinstall it when we're done with CF.
**Note 3: If you receive an error Illegal operation attempted on a registery key that has been marked for deletion, restart computer to fix the issue.
**Note 4: Some infections may take some significant time to be cured. As long as your computer clock is running Combofix is still working. Be patient.


Make sure, you re-enable your security programs, when you're done with Combofix.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

NOTE.
If, for some reason, Combofix refuses to run, try the following...

Delete Combofix file, download fresh one, but rename combofix.exe to your_name.exe BEFORE saving it to your desktop.
Do NOT run it yet.
Download Rkill (courtesy of BleepingComputer.com) to your desktop.
There are 2 different versions. If one of them won't run then download and try to run the other one.
You only need to get one of these to run, not all of them. You may get warnings from your antivirus about this tool, ignore them or shutdown your antivirus.

rKill.exe: http://www.bleepingcomputer.com/download/rkill/dl/10/
iExplore.exe (renamed rKill.exe): http://www.bleepingcomputer.com/download/rkill/dl/11/

Restart computer in safe mode

  • Double-click on the Rkill desktop icon to run the tool.
  • If using Vista or Windows 7 right-click on it and choose Run As Administrator.
  • A black DOS box will briefly flash and then disappear. This is normal and indicates the tool ran successfully.
  • If not, delete the file, then download and use the one provided in Link 2.
  • Do not reboot until instructed.
  • If the tool does not run from any of the links provided, please let me know.

When the scan is done Notepad will open with rKill.txt log.
NOTE. rKill.txt log will also be present on your desktop.

Once you've gotten one of them to run, immediately run your_name.exe by double clicking on it.

IF you had to run rKill post BOTH logs, rKill.txt and Combofix.txt.
 
ComboFix 14-12-14.01 - KnightCat 12/18/2014 23:29:42.1.12 - x64
Microsoft Windows 7 Ultimate 6.1.7601.1.1252.1.1033.18.32708.26230 [GMT -6:00]
Running from: c:\users\KnightCat\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
FW: avast! Antivirus *Disabled* {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}
SP: avast! Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\KNIGHT~1\AppData\Local\Temp\_MEI16922\_ctypes.pyd
c:\users\KNIGHT~1\AppData\Local\Temp\_MEI16922\_elementtree.pyd
c:\users\KNIGHT~1\AppData\Local\Temp\_MEI16922\_hashlib.pyd
c:\users\KNIGHT~1\AppData\Local\Temp\_MEI16922\_multiprocessing.pyd
c:\users\KNIGHT~1\AppData\Local\Temp\_MEI16922\_socket.pyd
c:\users\KNIGHT~1\AppData\Local\Temp\_MEI16922\_ssl.pyd
c:\users\KNIGHT~1\AppData\Local\Temp\_MEI16922\hashobjs_ext.pyd
c:\users\KNIGHT~1\AppData\Local\Temp\_MEI16922\pyexpat.pyd
c:\users\KNIGHT~1\AppData\Local\Temp\_MEI16922\pysqlite2._sqlite.pyd
c:\users\KNIGHT~1\AppData\Local\Temp\_MEI16922\python27.dll
c:\users\KNIGHT~1\AppData\Local\Temp\_MEI16922\pythoncom27.dll
c:\users\KNIGHT~1\AppData\Local\Temp\_MEI16922\PyWinTypes27.dll
c:\users\KNIGHT~1\AppData\Local\Temp\_MEI16922\select.pyd
c:\users\KNIGHT~1\AppData\Local\Temp\_MEI16922\unicodedata.pyd
c:\users\KNIGHT~1\AppData\Local\Temp\_MEI16922\win32api.pyd
c:\users\KNIGHT~1\AppData\Local\Temp\_MEI16922\win32com.shell.shell.pyd
c:\users\KNIGHT~1\AppData\Local\Temp\_MEI16922\win32crypt.pyd
c:\users\KNIGHT~1\AppData\Local\Temp\_MEI16922\win32event.pyd
c:\users\KNIGHT~1\AppData\Local\Temp\_MEI16922\win32file.pyd
c:\users\KNIGHT~1\AppData\Local\Temp\_MEI16922\win32gui.pyd
c:\users\KNIGHT~1\AppData\Local\Temp\_MEI16922\win32inet.pyd
c:\users\KNIGHT~1\AppData\Local\Temp\_MEI16922\win32pdh.pyd
c:\users\KNIGHT~1\AppData\Local\Temp\_MEI16922\win32pipe.pyd
c:\users\KNIGHT~1\AppData\Local\Temp\_MEI16922\win32process.pyd
c:\users\KNIGHT~1\AppData\Local\Temp\_MEI16922\win32profile.pyd
c:\users\KNIGHT~1\AppData\Local\Temp\_MEI16922\win32security.pyd
c:\users\KNIGHT~1\AppData\Local\Temp\_MEI16922\win32ts.pyd
c:\users\KNIGHT~1\AppData\Local\Temp\_MEI16922\windows._lib_cacheinvalidation.pyd
c:\users\KNIGHT~1\AppData\Local\Temp\_MEI16922\wx._animate.pyd
c:\users\KNIGHT~1\AppData\Local\Temp\_MEI16922\wx._controls_.pyd
c:\users\KNIGHT~1\AppData\Local\Temp\_MEI16922\wx._core_.pyd
c:\users\KNIGHT~1\AppData\Local\Temp\_MEI16922\wx._gdi_.pyd
c:\users\KNIGHT~1\AppData\Local\Temp\_MEI16922\wx._html2.pyd
c:\users\KNIGHT~1\AppData\Local\Temp\_MEI16922\wx._misc_.pyd
c:\users\KNIGHT~1\AppData\Local\Temp\_MEI16922\wx._windows_.pyd
c:\users\KNIGHT~1\AppData\Local\Temp\_MEI16922\wx._wizard.pyd
c:\users\KNIGHT~1\AppData\Local\Temp\_MEI16922\wxbase294u_net_vc90.dll
c:\users\KNIGHT~1\AppData\Local\Temp\_MEI16922\wxbase294u_vc90.dll
c:\users\KNIGHT~1\AppData\Local\Temp\_MEI16922\wxmsw294u_adv_vc90.dll
c:\users\KNIGHT~1\AppData\Local\Temp\_MEI16922\wxmsw294u_core_vc90.dll
c:\users\KNIGHT~1\AppData\Local\Temp\_MEI16922\wxmsw294u_html_vc90.dll
c:\users\KNIGHT~1\AppData\Local\Temp\_MEI16922\wxmsw294u_webview_vc90.dll
c:\users\KnightCat\AppData\Local\assembly\tmp
c:\users\KnightCat\AppData\Local\Temp\_MEI16922\_ctypes.pyd
c:\users\KnightCat\AppData\Local\Temp\_MEI16922\_elementtree.pyd
c:\users\KnightCat\AppData\Local\Temp\_MEI16922\_hashlib.pyd
c:\users\KnightCat\AppData\Local\Temp\_MEI16922\_multiprocessing.pyd
c:\users\KnightCat\AppData\Local\Temp\_MEI16922\_socket.pyd
c:\users\KnightCat\AppData\Local\Temp\_MEI16922\_ssl.pyd
c:\users\KnightCat\AppData\Local\Temp\_MEI16922\hashobjs_ext.pyd
c:\users\KnightCat\AppData\Local\Temp\_MEI16922\pyexpat.pyd
c:\users\KnightCat\AppData\Local\Temp\_MEI16922\pysqlite2._sqlite.pyd
c:\users\KnightCat\AppData\Local\Temp\_MEI16922\python27.dll
c:\users\KnightCat\AppData\Local\Temp\_MEI16922\pythoncom27.dll
c:\users\KnightCat\AppData\Local\Temp\_MEI16922\PyWinTypes27.dll
c:\users\KnightCat\AppData\Local\Temp\_MEI16922\select.pyd
c:\users\KnightCat\AppData\Local\Temp\_MEI16922\unicodedata.pyd
c:\users\KnightCat\AppData\Local\Temp\_MEI16922\win32api.pyd
c:\users\KnightCat\AppData\Local\Temp\_MEI16922\win32com.shell.shell.pyd
c:\users\KnightCat\AppData\Local\Temp\_MEI16922\win32crypt.pyd
c:\users\KnightCat\AppData\Local\Temp\_MEI16922\win32event.pyd
c:\users\KnightCat\AppData\Local\Temp\_MEI16922\win32file.pyd
c:\users\KnightCat\AppData\Local\Temp\_MEI16922\win32gui.pyd
c:\users\KnightCat\AppData\Local\Temp\_MEI16922\win32inet.pyd
c:\users\KnightCat\AppData\Local\Temp\_MEI16922\win32pdh.pyd
c:\users\KnightCat\AppData\Local\Temp\_MEI16922\win32pipe.pyd
c:\users\KnightCat\AppData\Local\Temp\_MEI16922\win32process.pyd
c:\users\KnightCat\AppData\Local\Temp\_MEI16922\win32profile.pyd
c:\users\KnightCat\AppData\Local\Temp\_MEI16922\win32security.pyd
c:\users\KnightCat\AppData\Local\Temp\_MEI16922\win32ts.pyd
c:\users\KnightCat\AppData\Local\Temp\_MEI16922\windows._lib_cacheinvalidation.pyd
c:\users\KnightCat\AppData\Local\Temp\_MEI16922\wx._animate.pyd
c:\users\KnightCat\AppData\Local\Temp\_MEI16922\wx._controls_.pyd
c:\users\KnightCat\AppData\Local\Temp\_MEI16922\wx._core_.pyd
c:\users\KnightCat\AppData\Local\Temp\_MEI16922\wx._gdi_.pyd
c:\users\KnightCat\AppData\Local\Temp\_MEI16922\wx._html2.pyd
c:\users\KnightCat\AppData\Local\Temp\_MEI16922\wx._misc_.pyd
c:\users\KnightCat\AppData\Local\Temp\_MEI16922\wx._windows_.pyd
c:\users\KnightCat\AppData\Local\Temp\_MEI16922\wx._wizard.pyd
c:\users\KnightCat\AppData\Local\Temp\_MEI16922\wxbase294u_net_vc90.dll
c:\users\KnightCat\AppData\Local\Temp\_MEI16922\wxbase294u_vc90.dll
c:\users\KnightCat\AppData\Local\Temp\_MEI16922\wxmsw294u_adv_vc90.dll
c:\users\KnightCat\AppData\Local\Temp\_MEI16922\wxmsw294u_core_vc90.dll
c:\users\KnightCat\AppData\Local\Temp\_MEI16922\wxmsw294u_html_vc90.dll
c:\users\KnightCat\AppData\Local\Temp\_MEI16922\wxmsw294u_webview_vc90.dll
c:\users\KnightCat\Documents\~WRL0001.tmp
c:\users\KnightCat\Documents\~WRL0003.tmp
c:\users\KnightCat\Documents\~WRL0004.tmp
c:\users\KnightCat\Documents\~WRL2750.tmp
c:\users\KnightCat\Documents\~WRL3777.tmp
c:\windows\SysWOW64\C2MP\TrayMenu.exe
C:\Windows6.1-KB2528614-x64.msu
C:\Windows6.1-KB979538-x64.msu
F:\install.exe
G:\install.exe
.
.
((((((((((((((((((((((((( Files Created from 2014-11-19 to 2014-12-19 )))))))))))))))))))))))))))))))
.
.
2014-12-19 04:24 . 2014-12-19 04:24 -------- d-----w- C:\found.000
2014-12-19 03:42 . 2014-12-19 04:04 -------- d-----w- c:\programdata\Malwarebytes' Anti-Malware (portable)
2014-12-19 03:30 . 2014-12-19 03:30 35064 ----a-w- c:\windows\system32\drivers\TrueSight.sys
2014-12-19 03:30 . 2014-12-19 03:30 -------- d-----w- c:\programdata\RogueKiller
2014-12-12 00:20 . 2014-12-12 00:20 -------- d-sh--w- c:\users\KnightCat\AppData\Local\EmieBrowserModeList
2014-12-08 22:13 . 2014-12-08 22:13 -------- d-----w- c:\program files (x86)\AGEIA Technologies
2014-12-08 22:13 . 2014-11-12 20:46 615624 ----a-w- c:\windows\SysWow64\nvStreaming.exe
2014-12-08 22:12 . 2014-11-12 21:56 2559808 ----a-w- c:\windows\system32\nvsvcr.dll
2014-12-07 20:07 . 2014-12-07 20:07 -------- d-----w- c:\users\KnightCat\AppData\Local\Ubisoft
2014-11-30 22:16 . 2014-11-30 22:17 -------- d-----w- c:\windows\system32\vbox
2014-11-25 18:38 . 2014-11-25 18:38 364512 ----a-w- c:\windows\system32\aswBoot.exe
2014-11-25 18:38 . 2014-11-25 18:38 43152 ----a-w- c:\windows\avastSS.scr
2014-11-25 18:38 . 2014-11-25 18:38 449936 ----a-w- c:\windows\system32\drivers\aswNdisFlt.sys
2014-11-20 03:49 . 2014-10-03 19:23 38216 ----a-w- c:\windows\system32\drivers\nvvad64v.sys
2014-11-20 03:49 . 2014-10-03 19:23 32584 ----a-w- c:\windows\SysWow64\nvaudcap32v.dll
2014-11-19 12:57 . 2014-11-11 03:08 728064 ----a-w- c:\windows\system32\kerberos.dll
2014-11-19 12:57 . 2014-11-11 02:44 550912 ----a-w- c:\windows\SysWow64\kerberos.dll
2014-11-19 12:57 . 2014-10-14 02:16 155064 ----a-w- c:\windows\system32\drivers\ksecpkg.sys
2014-11-19 12:57 . 2014-10-14 02:12 1460736 ----a-w- c:\windows\system32\lsasrv.dll
2014-11-19 12:57 . 2014-11-11 03:08 241152 ----a-w- c:\windows\system32\pku2u.dll
2014-11-19 12:57 . 2014-11-11 02:44 186880 ----a-w- c:\windows\SysWow64\pku2u.dll
2014-11-19 12:57 . 2014-10-14 01:50 22016 ----a-w- c:\windows\SysWow64\secur32.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-12-19 03:42 . 2014-09-23 14:26 135384 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2014-12-19 03:41 . 2014-09-23 14:26 96472 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2014-12-16 09:10 . 2014-11-26 10:12 75888 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{EBAA9514-9BB5-47F2-9355-8B0379F1719B}\offreg.dll
2014-12-10 08:43 . 2013-04-08 22:40 71344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-12-10 08:43 . 2013-04-08 22:40 701104 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2014-12-08 20:08 . 2014-12-08 20:08 98304 ----a-w- c:\users\KnightCat\AppData\Roaming\Microsoft\Windows\Templates\TLPC\LGUTchkdl.dll
2014-12-08 20:08 . 2014-12-08 20:08 24576 ----a-w- c:\users\KnightCat\AppData\Roaming\Microsoft\Windows\Templates\TLPC\LGEUSBAutorun.dll
2014-12-08 20:08 . 2014-12-08 20:08 1347584 ----a-w- c:\users\KnightCat\AppData\Roaming\Microsoft\Windows\Templates\TLPC\TL_PC.exe
2014-11-25 18:39 . 2014-03-12 20:59 1050432 ----a-w- c:\windows\system32\drivers\aswsnx.sys
2014-11-25 18:38 . 2014-05-07 19:24 29208 ----a-w- c:\windows\system32\drivers\aswHwid.sys
2014-11-25 18:38 . 2014-03-13 19:35 116728 ----a-w- c:\windows\system32\drivers\aswstm.sys
2014-11-25 18:38 . 2014-03-13 19:32 267632 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2014-11-25 18:38 . 2014-03-13 19:32 65776 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2014-11-25 18:38 . 2014-03-12 21:00 436624 ----a-w- c:\windows\system32\drivers\aswsp.sys
2014-11-25 18:38 . 2014-03-12 20:59 93568 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2014-11-25 18:38 . 2014-03-12 20:59 83280 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2014-11-25 18:38 . 2014-03-12 20:59 28184 ----a-w- c:\windows\system32\drivers\aswKbd.sys
2014-11-21 12:14 . 2014-09-23 14:26 63704 ----a-w- c:\windows\system32\drivers\mwac.sys
2014-11-21 12:14 . 2013-09-29 06:20 25816 ----a-w- c:\windows\system32\drivers\mbam.sys
2014-11-17 22:18 . 2014-04-16 04:57 1538880 ----a-w- c:\windows\system32\nvhdagenco6420103.dll
2014-11-13 00:20 . 2014-10-11 15:49 4011208 ----a-w- c:\windows\SysWow64\nvcuvid.dll
2014-11-13 00:20 . 2014-08-18 04:08 11336432 ----a-w- c:\windows\SysWow64\nvcuda.dll
2014-11-13 00:20 . 2014-05-27 04:27 418112 ----a-w- c:\windows\SysWow64\nvEncodeAPI.dll
2014-11-13 00:20 . 2014-05-27 04:27 20986592 ----a-w- c:\windows\system32\nvwgf2umx.dll
2014-11-13 00:20 . 2014-05-27 04:27 18514616 ----a-w- c:\windows\SysWow64\nvwgf2um.dll
2014-11-13 00:20 . 2014-02-13 22:04 989056 ----a-w- c:\windows\system32\nvumdshimx.dll
2014-11-13 00:20 . 2014-02-13 22:04 3262784 ----a-w- c:\windows\system32\nvapi64.dll
2014-11-13 00:20 . 2014-02-13 22:04 31893136 ----a-w- c:\windows\system32\nvoglv64.dll
2014-11-13 00:20 . 2014-02-13 22:04 2874456 ----a-w- c:\windows\SysWow64\nvapi.dll
2014-11-13 00:20 . 2014-02-13 22:04 16884632 ----a-w- c:\windows\SysWow64\nvd3dum.dll
2014-11-13 00:20 . 2013-03-14 16:41 74056 ----a-w- c:\windows\system32\OpenCL.dll
2014-11-13 00:20 . 2013-03-14 16:41 59592 ----a-w- c:\windows\SysWow64\OpenCL.dll
2014-11-12 21:56 . 2013-03-19 15:24 6897352 ----a-w- c:\windows\system32\nvcpl.dll
2014-11-12 21:56 . 2013-03-19 15:24 3534152 ----a-w- c:\windows\system32\nvsvc64.dll
2014-11-12 21:56 . 2013-03-19 15:24 934032 ----a-w- c:\windows\system32\nvvsvc.exe
2014-11-12 21:56 . 2013-03-19 15:24 62608 ----a-w- c:\windows\system32\nvshext.dll
2014-11-12 21:56 . 2013-03-19 15:24 386368 ----a-w- c:\windows\system32\nvmctray.dll
2014-11-11 10:29 . 2013-03-19 15:24 4100776 ----a-w- c:\windows\system32\nvcoproc.bin
2014-11-07 23:47 . 2014-07-30 03:37 466520 ----a-w- c:\windows\system32\wrap_oal.dll
2014-11-07 23:47 . 2014-07-30 03:37 445016 ----a-w- c:\windows\SysWow64\wrap_oal.dll
2014-11-07 23:47 . 2014-07-30 03:37 123480 ----a-w- c:\windows\system32\OpenAL32.dll
2014-11-07 23:47 . 2014-07-30 03:37 109144 ----a-w- c:\windows\SysWow64\OpenAL32.dll
2014-11-07 19:49 . 2014-11-11 23:55 388272 ----a-w- c:\windows\system32\iedkcs32.dll
2014-11-06 17:06 . 2014-10-11 17:45 2197680 ----a-w- c:\windows\SysWow64\nvspcap.dll
2014-11-06 17:06 . 2014-10-11 17:45 1291280 ----a-w- c:\windows\SysWow64\nvspbridge.dll
2014-11-06 17:06 . 2014-10-11 17:45 2800296 ----a-w- c:\windows\system32\nvspcap64.dll
2014-11-06 17:06 . 2014-10-11 17:45 1715224 ----a-w- c:\windows\system32\nvspbridge64.dll
2014-11-06 04:04 . 2014-11-11 23:55 2724864 ----a-w- c:\windows\system32\mshtml.tlb
2014-11-06 04:03 . 2014-11-11 23:55 4096 ----a-w- c:\windows\system32\ieetwcollectorres.dll
2014-11-06 04:03 . 2014-11-11 23:54 25110016 ----a-w- c:\windows\system32\mshtml.dll
2014-11-06 03:47 . 2014-11-11 23:55 66560 ----a-w- c:\windows\system32\iesetup.dll
2014-11-06 03:46 . 2014-11-11 23:55 48640 ----a-w- c:\windows\system32\ieetwproxystub.dll
2014-11-06 03:46 . 2014-11-11 23:54 580096 ----a-w- c:\windows\system32\vbscript.dll
2014-11-06 03:44 . 2014-11-11 23:54 88064 ----a-w- c:\windows\system32\MshtmlDac.dll
2014-11-06 03:43 . 2014-11-11 23:55 2884096 ----a-w- c:\windows\system32\iertutil.dll
2014-11-06 03:36 . 2014-11-11 23:54 54784 ----a-w- c:\windows\system32\jsproxy.dll
2014-11-06 03:35 . 2014-11-11 23:55 34304 ----a-w- c:\windows\system32\iernonce.dll
2014-11-06 03:31 . 2014-11-11 23:54 633856 ----a-w- c:\windows\system32\ieui.dll
2014-11-06 03:30 . 2014-11-11 23:54 144384 ----a-w- c:\windows\system32\ieUnatt.exe
2014-11-06 03:30 . 2014-11-11 23:55 114688 ----a-w- c:\windows\system32\ieetwcollector.exe
2014-11-06 03:29 . 2014-11-11 23:54 814080 ----a-w- c:\windows\system32\jscript9diag.dll
2014-11-06 03:28 . 2014-11-11 23:55 2724864 ----a-w- c:\windows\SysWow64\mshtml.tlb
2014-11-06 03:23 . 2014-11-11 23:54 6040064 ----a-w- c:\windows\system32\jscript9.dll
2014-11-06 03:20 . 2014-11-11 23:55 968704 ----a-w- c:\windows\system32\MsSpellCheckingFacility.exe
2014-11-06 03:16 . 2014-11-11 23:54 490496 ----a-w- c:\windows\system32\dxtmsft.dll
2014-11-06 03:13 . 2014-11-11 23:55 501248 ----a-w- c:\windows\SysWow64\vbscript.dll
2014-11-06 03:13 . 2014-11-11 23:55 62464 ----a-w- c:\windows\SysWow64\iesetup.dll
2014-11-06 03:12 . 2014-11-11 23:55 47616 ----a-w- c:\windows\SysWow64\ieetwproxystub.dll
2014-11-06 03:10 . 2014-11-11 23:54 64000 ----a-w- c:\windows\SysWow64\MshtmlDac.dll
2014-11-06 03:07 . 2014-11-11 23:55 77824 ----a-w- c:\windows\system32\JavaScriptCollectionAgent.dll
2014-11-06 03:02 . 2014-11-11 23:54 199680 ----a-w- c:\windows\system32\msrating.dll
2014-11-06 03:00 . 2014-11-11 23:54 92160 ----a-w- c:\windows\system32\mshtmled.dll
2014-11-06 02:59 . 2014-11-11 23:55 115712 ----a-w- c:\windows\SysWow64\ieUnatt.exe
2014-11-06 02:58 . 2014-11-11 23:55 620032 ----a-w- c:\windows\SysWow64\jscript9diag.dll
2014-11-06 02:57 . 2014-11-11 23:55 316928 ----a-w- c:\windows\system32\dxtrans.dll
2014-11-06 02:42 . 2014-11-11 23:55 60416 ----a-w- c:\windows\SysWow64\JavaScriptCollectionAgent.dll
2014-11-06 02:41 . 2014-11-11 23:55 716800 ----a-w- c:\windows\system32\ie4uinit.exe
2014-11-06 02:41 . 2014-11-11 23:55 800768 ----a-w- c:\windows\system32\msfeeds.dll
2014-11-06 02:39 . 2014-11-11 23:54 1359360 ----a-w- c:\windows\system32\mshtmlmedia.dll
2014-11-06 02:38 . 2014-11-11 23:55 2124288 ----a-w- c:\windows\system32\inetcpl.cpl
2014-11-06 02:30 . 2014-11-11 23:54 14390272 ----a-w- c:\windows\system32\ieframe.dll
2014-11-06 02:21 . 2014-11-11 23:55 4298240 ----a-w- c:\windows\SysWow64\jscript9.dll
2014-11-06 02:21 . 2014-11-11 23:55 2051072 ----a-w- c:\windows\SysWow64\inetcpl.cpl
2014-11-06 02:20 . 2014-11-11 23:55 1155072 ----a-w- c:\windows\SysWow64\mshtmlmedia.dll
2014-11-06 02:17 . 2014-11-11 23:54 2365440 ----a-w- c:\windows\system32\wininet.dll
2014-11-06 02:04 . 2014-11-11 23:55 1550336 ----a-w- c:\windows\system32\urlmon.dll
2014-11-06 01:53 . 2014-11-11 23:55 799232 ----a-w- c:\windows\system32\ieapfltr.dll
2014-11-06 01:52 . 2014-11-11 23:54 1892864 ----a-w- c:\windows\SysWow64\wininet.dll
2014-11-04 20:30 . 2010-11-21 03:27 275080 ------w- c:\windows\system32\MpSigStub.exe
2014-11-02 04:20 . 2014-11-22 05:20 11632448 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{EBAA9514-9BB5-47F2-9355-8B0379F1719B}\mpengine.dll
2014-11-01 05:26 . 2014-03-18 20:44 103374192 ----a-w- c:\windows\system32\MRT.exe
2014-10-25 01:57 . 2014-11-11 23:53 77824 ----a-w- c:\windows\system32\packager.dll
2014-10-25 01:32 . 2014-11-11 23:53 67584 ----a-w- c:\windows\SysWow64\packager.dll
2014-10-18 02:05 . 2014-11-11 23:52 861696 ----a-w- c:\windows\system32\oleaut32.dll
2014-10-18 01:33 . 2014-11-11 23:52 571904 ----a-w- c:\windows\SysWow64\oleaut32.dll
2014-10-16 16:54 . 2014-11-02 02:54 1539272 ----a-w- c:\windows\system32\nvdispgenco6434448.dll
2014-10-16 16:54 . 2014-11-02 02:54 1876296 ----a-w- c:\windows\system32\nvdispco6434448.dll
2014-10-14 02:13 . 2014-11-11 23:55 683520 ----a-w- c:\windows\system32\termsrv.dll
2014-10-14 02:13 . 2014-11-11 23:52 3241984 ----a-w- c:\windows\system32\msi.dll
2014-10-14 02:09 . 2014-11-11 23:55 146432 ----a-w- c:\windows\system32\msaudite.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro1 (ErrorConflict)]
@="{8BA85C75-763B-4103-94EB-9470F12FE0F7}"
[HKEY_CLASSES_ROOT\CLSID\{8BA85C75-763B-4103-94EB-9470F12FE0F7}]
2014-10-14 16:29 1729752 ----a-w- c:\program files\Microsoft Office 15\root\vfs\ProgramFilesX86\Microsoft Office\Office15\grooveex.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro2 (SyncInProgress)]
@="{CD55129A-B1A1-438E-A425-CEBC7DC684EE}"
[HKEY_CLASSES_ROOT\CLSID\{CD55129A-B1A1-438E-A425-CEBC7DC684EE}]
2014-10-14 16:29 1729752 ----a-w- c:\program files\Microsoft Office 15\root\vfs\ProgramFilesX86\Microsoft Office\Office15\grooveex.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro3 (InSync)]
@="{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}"
[HKEY_CLASSES_ROOT\CLSID\{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}]
2014-10-14 16:29 1729752 ----a-w- c:\program files\Microsoft Office 15\root\vfs\ProgramFilesX86\Microsoft Office\Office15\grooveex.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt1"]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 22:04 131480 ----a-w- c:\users\KnightCat\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt2"]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 22:04 131480 ----a-w- c:\users\KnightCat\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt3"]
@="{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 22:04 131480 ----a-w- c:\users\KnightCat\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt4"]
@="{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 22:04 131480 ----a-w- c:\users\KnightCat\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt5"]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 22:04 131480 ----a-w- c:\users\KnightCat\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt6"]
@="{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 22:04 131480 ----a-w- c:\users\KnightCat\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt7"]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 22:04 131480 ----a-w- c:\users\KnightCat\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt8"]
@="{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 22:04 131480 ----a-w- c:\users\KnightCat\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Steam"="f:\games\Steam2\steam.exe" [2014-12-17 1941696]
"GoogleDriveSync"="c:\program files (x86)\Google\Drive\googledrivesync.exe" [2014-10-21 22869088]
"IndieVolume"="c:\program files (x86)\IndieVolume\IndieVolume.GUI.exe" [2013-04-02 3736576]
"DisplayFusion"="c:\program files (x86)\DisplayFusion\DisplayFusion.exe" [2014-12-16 6780256]
"Spotify Web Helper"="c:\users\KnightCat\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" [2014-09-07 1245752]
"f.lux"="c:\users\KnightCat\AppData\Local\FluxSoftware\Flux\flux.exe" [2013-10-23 1017224]
"Lync"="c:\program files\Microsoft Office 15\root\office15\lync.exe" [2014-10-14 22672536]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2014-12-03 30872160]
"GizmoDriveDelegate"="c:\program files (x86)\Gizmo\gizmo.exe" [2014-02-12 223640]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"hpqSRMon"="c:\program files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe" [2008-07-22 150528]
"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2014-12-11 5227112]
"BlueStacks Agent"="c:\program files (x86)\BlueStacks\HD-Agent.exe" [2014-05-01 832272]
"Communicator"="c:\program files (x86)\Microsoft Lync\communicator.exe" [2014-05-02 12117312]
"USBsupervisor"="c:\program files (x86)\SamLogic\USB Supervisor\USBsupervisor.exe" [2012-07-24 1634928]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2014-07-25 256896]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2014-10-15 157480]
"AsioThk32Reg"="CTASIO.DLL" [2013-08-14 47104]
"Raptr"="c:\program files (x86)\Raptr\raptrstub.exe" [2014-12-08 55568]
.
c:\users\KnightCat\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dropbox.lnk - c:\users\KnightCat\AppData\Roaming\Dropbox\bin\Dropbox.exe /systemstartup [2014-12-8 39207112]
OneDrive for Business.lnk - c:\program files\Microsoft Office 15\root\office15\GROOVE.EXE /RunFolderSync /TrayOnly [2014-10-16 13759160]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
CodecPackUpdateChecker.lnk - c:\windows\SysWOW64\C2MP\UpdateChecker.exe [2013-6-8 48200]
Gizmo.lnk - c:\program files (x86)\Gizmo\gizmo.exe /NoSplash /NoShow [2014-2-12 223640]
RealPlayer Cloud Service UI.lnk - c:\program files (x86)\Real\RealPlayer\RPDS\Bin64\rpsystray.exe [2014-6-6 1022048]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
"DisableCAD"= 1 (0x1)
"SoftwareSASGeneration"= 1 (0x1)
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoResolveTrack"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0\0sdnclean64.exe
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
"LGODDFU"="c:\program files (x86)\lg_fwupdate\lgfw.exe" blrun
.
2;2 AsusFanControlService;AsusFanControlService;c:\program files (x86)\ASUS\AsusFanControlService\1.01.14\AsusFanControlService.exe;c:\program files (x86)\ASUS\AsusFanControlService\1.01.14\AsusFanControlService.exe [x]
R1 SDHookDriver;Hook Test Driver;c:\program files (x86)\Spybot - Search & Destroy 2\SDHookDrv64.sys;c:\program files (x86)\Spybot - Search & Destroy 2\SDHookDrv64.sys [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 MouseWithoutBordersSvc;Mouse without Borders Service;c:\program files (x86)\Microsoft Garage\Mouse without Borders\MouseWithoutBordersSvc.exe;c:\program files (x86)\Microsoft Garage\Mouse without Borders\MouseWithoutBordersSvc.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 ASUSstpt;ASUS USB 3.0 Boost Storage Driver (Storage Driver);c:\windows\system32\DRIVERS\ASUSstpt.sys;c:\windows\SYSNATIVE\DRIVERS\ASUSstpt.sys [x]
R3 ASUSumsc;ASUS USB 3.0 Boost Storage Driver (WDM);c:\windows\system32\DRIVERS\ASUSumsc.sys;c:\windows\SYSNATIVE\DRIVERS\ASUSumsc.sys [x]
R3 BRDriver64;BRDriver64;c:\programdata\bitraider\BRDriver64.sys;c:\programdata\bitraider\BRDriver64.sys [x]
R3 BRSptSvc;BitRaider Mini-Support Service;c:\programdata\bitraider\BRSptSvc.exe;c:\programdata\bitraider\BRSptSvc.exe [x]
R3 COMMONFX;COMMONFX;c:\windows\system32\drivers\COMMONFX.SYS;c:\windows\SYSNATIVE\drivers\COMMONFX.SYS [x]
R3 cpudrv64;cpudrv64;c:\program files (x86)\SystemRequirementsLab\cpudrv64.sys;c:\program files (x86)\SystemRequirementsLab\cpudrv64.sys [x]
R3 CTAUDFX;CTAUDFX;c:\windows\system32\drivers\CTAUDFX.SYS;c:\windows\SYSNATIVE\drivers\CTAUDFX.SYS [x]
R3 CTERFXFX.SYS;CTERFXFX.SYS;c:\windows\System32\drivers\CTERFXFX.SYS;c:\windows\SYSNATIVE\drivers\CTERFXFX.SYS [x]
R3 CTERFXFX;CTERFXFX;c:\windows\system32\drivers\CTERFXFX.SYS;c:\windows\SYSNATIVE\drivers\CTERFXFX.SYS [x]
R3 CTSBLFX;CTSBLFX;c:\windows\system32\drivers\CTSBLFX.SYS;c:\windows\SYSNATIVE\drivers\CTSBLFX.SYS [x]
R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudbus.sys;c:\windows\SYSNATIVE\DRIVERS\ssudbus.sys [x]
R3 DisplayLinkUsbPort;DisplayLink USB Device;c:\windows\system32\DRIVERS\DisplayLinkUsbPort_6.1.32700.0.sys;c:\windows\SYSNATIVE\DRIVERS\DisplayLinkUsbPort_6.1.32700.0.sys [x]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys;c:\windows\SYSNATIVE\drivers\dmvsc.sys [x]
R3 EagleX64;EagleX64;c:\windows\system32\drivers\EagleX64.sys;c:\windows\SYSNATIVE\drivers\EagleX64.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys;c:\windows\SYSNATIVE\drivers\npf.sys [x]
R3 ose64;Office 64 Source Engine;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudmdm.sys;c:\windows\SYSNATIVE\DRIVERS\ssudmdm.sys [x]
R3 SwitchBoard;Adobe SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [x]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys;c:\windows\SYSNATIVE\drivers\synth3dvsc.sys [x]
R3 terminpt;Microsoft Remote Desktop Input Driver;c:\windows\system32\drivers\terminpt.sys;c:\windows\SYSNATIVE\drivers\terminpt.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys;c:\windows\SYSNATIVE\drivers\tsusbhub.sys [x]
R3 USBMULCD;USB Multi-Channel Audio Device Interface;c:\windows\system32\drivers\CM10664.sys;c:\windows\SYSNATIVE\drivers\CM10664.sys [x]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys;c:\windows\SYSNATIVE\drivers\rdvgkmd.sys [x]
R3 vl810filter;VL810 Filter Driver;c:\windows\system32\DRIVERS\vl810filter.sys;c:\windows\SYSNATIVE\DRIVERS\vl810filter.sys [x]
R3 vToolbarUpdater18.0.0;vToolbarUpdater18.0.0;c:\program files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.0.0\ToolbarUpdater.exe;c:\program files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.0.0\ToolbarUpdater.exe [x]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\DRIVERS\wdcsam64.sys;c:\windows\SYSNATIVE\DRIVERS\wdcsam64.sys [x]
R4 BstHdAndroidSvc;BlueStacks Android Service;c:\program files (x86)\BlueStacks\HD-Service.exe BstHdAndroidSvc Android;c:\program files (x86)\BlueStacks\HD-Service.exe BstHdAndroidSvc Android [x]
R4 BstHdLogRotatorSvc;BlueStacks Log Rotator Service;c:\program files (x86)\BlueStacks\HD-LogRotatorService.exe;c:\program files (x86)\BlueStacks\HD-LogRotatorService.exe [x]
R4 BstHdUpdaterSvc;BlueStacks Updater Service;c:\program files (x86)\BlueStacks\HD-UpdaterService.exe;c:\program files (x86)\BlueStacks\HD-UpdaterService.exe [x]
R4 RealPlayer Cloud Service;RealPlayer Cloud Service;c:\program files (x86)\Real\RealPlayer\RPDS\Bin\rpdsvc.exe;c:\program files (x86)\Real\RealPlayer\RPDS\Bin\rpdsvc.exe [x]
S0 aswNdisFlt;Avast! Firewall Driver;c:\windows\system32\DRIVERS\aswNdisFlt.sys;c:\windows\SYSNATIVE\DRIVERS\aswNdisFlt.sys [x]
S0 aswRvrt;avast! Revert; [x]
S0 aswVmm;avast! VM Monitor; [x]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys;c:\windows\SYSNATIVE\Drivers\PxHlpa64.sys [x]
S1 AsUpIO;AsUpIO;SysWow64\drivers\AsUpIO.sys;SysWow64\drivers\AsUpIO.sys [x]
S1 aswKbd;aswKbd;c:\windows\system32\drivers\aswKbd.sys;c:\windows\SYSNATIVE\drivers\aswKbd.sys [x]
S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys;c:\windows\SYSNATIVE\drivers\aswSnx.sys [x]
S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys;c:\windows\SYSNATIVE\drivers\aswSP.sys [x]
S1 avgtp;avgtp;c:\windows\system32\drivers\avgtpx64.sys;c:\windows\SYSNATIVE\drivers\avgtpx64.sys [x]
S1 GizmoDrv;Gizmo Device Driver; [x]
S2 ADExchange;ArcSoft Exchange Service;c:\program files (x86)\Common Files\ArcSoft\esinter\Bin\eservutil.exe;c:\program files (x86)\Common Files\ArcSoft\esinter\Bin\eservutil.exe [x]
S2 Amazon Download Agent;Amazon Download Agent;c:\program files (x86)\Amazon\Amazon Games & Software Downloader\AmazonGSDownloaderService.exe;c:\program files (x86)\Amazon\Amazon Games & Software Downloader\AmazonGSDownloaderService.exe [x]
S2 asComSvc;ASUS Com Service;c:\program files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe;c:\program files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe [x]
S2 asHmComSvc;ASUS HM Com Service;c:\program files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe;c:\program files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe [x]
S2 AsSysCtrlService;ASUS System Control Service;c:\program files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe;c:\program files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe [x]
S2 aswHwid;avast! HardwareID;c:\windows\system32\drivers\aswHwid.sys;c:\windows\SYSNATIVE\drivers\aswHwid.sys [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]
S2 aswStm;aswStm;c:\windows\system32\drivers\aswStm.sys;c:\windows\SYSNATIVE\drivers\aswStm.sys [x]
S2 avast! Firewall;avast! Firewall;c:\program files\AVAST Software\Avast\afwServ.exe;c:\program files\AVAST Software\Avast\afwServ.exe [x]
S2 BstHdDrv;BlueStacks Hypervisor;c:\program files (x86)\BlueStacks\HD-Hypervisor-amd64.sys;c:\program files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [x]
S2 ClickToRunSvc;Microsoft Office ClickToRun Service;c:\program files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe;c:\program files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [x]
S2 DeviceMonitorService;DeviceMonitorService;c:\program files (x86)\Motorola Media Link\Lite\NServiceEntry.exe;c:\program files (x86)\Motorola Media Link\Lite\NServiceEntry.exe [x]
S2 DisplayFusionService;DisplayFusionService;c:\program files (x86)\DisplayFusion\DisplayFusionService.exe;c:\program files (x86)\DisplayFusion\DisplayFusionService.exe [x]
S2 Dyn Updater;Dyn Updater;c:\program files (x86)\Dyn Updater\DynUpSvc.exe;c:\program files (x86)\Dyn Updater\DynUpSvc.exe [x]
S2 File Backup;File Backup Service;c:\program files (x86)\Workspace\offSyncService.exe;c:\program files (x86)\Workspace\offSyncService.exe [x]
S2 FoxitCloudUpdateService;Foxit Cloud Safe Update Service;c:\program files (x86)\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe;c:\program files (x86)\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe [x]
S2 GfExperienceService;NVIDIA GeForce Experience Service;c:\program files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe;c:\program files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [x]
S2 Gizmo Central;Gizmo Central;c:\program files (x86)\Gizmo\gservice.exe;c:\program files (x86)\Gizmo\gservice.exe [x]
S2 IndieVolumeService;IndieVolume Service;c:\program files (x86)\IndieVolume\IndieVolume.SVC.exe;c:\program files (x86)\IndieVolume\IndieVolume.SVC.exe [x]
S2 Intel(R) PROSet Monitoring Service;Intel(R) PROSet Monitoring Service;c:\windows\system32\IProsetMonitor.exe;c:\windows\SYSNATIVE\IProsetMonitor.exe [x]
S2 KMService;KMService;c:\windows\system32\srvany.exe;c:\windows\SYSNATIVE\srvany.exe [x]
S2 MediaMall Server;MediaMall Server;c:\program files (x86)\MediaMall\MediaMallServer.exe;c:\program files (x86)\MediaMall\MediaMallServer.exe [x]
S2 NVMS-SRV-CMS;NVMS-SRV-CMS;c:\program files (x86)\NVMS5 Standard Edition\bin\cms.exe cms.cfg;c:\program files (x86)\NVMS5 Standard Edition\bin\cms.exe cms.cfg [x]
S2 NVMS-SRV-DB;NVMS-SRV-DB;c:\program files (x86)\NVMS5 Standard Edition\data\bin\mysqld.exe;c:\program files (x86)\NVMS5 Standard Edition\data\bin\mysqld.exe [x]
S2 NVMS-SRV-NRU;NVMS-SRV-NRU;c:\program files (x86)\NVMS5 Standard Edition\bin\nru.exe nru.cfg;c:\program files (x86)\NVMS5 Standard Edition\bin\nru.exe nru.cfg [x]
S2 NVMS-SRV-VTDU;NVMS-SRV-VTDU;c:\program files (x86)\NVMS5 Standard Edition\bin\vtdu.exe vtdu.cfg;c:\program files (x86)\NVMS5 Standard Edition\bin\vtdu.exe vtdu.cfg [x]
S2 NVMS-SRV-WATCH;NVMS-SRV-WATCH;c:\program files (x86)\NVMS5 Standard Edition\bin\watch.exe;c:\program files (x86)\NVMS5 Standard Edition\bin\watch.exe [x]
S2 NvNetworkService;NVIDIA Network Service;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [x]
S2 NvStreamSvc;NVIDIA Streamer Service;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [x]
S2 RealNetworks Downloader Resolver Service;RealNetworks Downloader Resolver Service;c:\program files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe;c:\program files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [x]
S2 RealPlayerUpdateSvc;RealPlayer Update Service;c:\program files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe;c:\program files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe [x]
S2 Skype C2C Service;Skype C2C Service;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe [x]
S2 SplashtopRemoteService;Splashtop® Remote Service;c:\program files (x86)\Splashtop\Splashtop Remote\Server\SRService.exe;c:\program files (x86)\Splashtop\Splashtop Remote\Server\SRService.exe [x]
S2 SSUService;Splashtop Software Updater Service;c:\program files (x86)\Splashtop\Splashtop Software Updater\SSUService.exe;c:\program files (x86)\Splashtop\Splashtop Software Updater\SSUService.exe [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S2 TeamViewer9;TeamViewer 9;c:\program files (x86)\TeamViewer\Version9\TeamViewer_Service.exe;c:\program files (x86)\TeamViewer\Version9\TeamViewer_Service.exe [x]
S2 VBoxAswDrv;VBoxAsw Support Driver;c:\program files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys;c:\program files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [x]
S3 ALSysIO;ALSysIO;c:\users\KNIGHT~1\AppData\Local\Temp\ALSysIO64.sys;c:\users\KNIGHT~1\AppData\Local\Temp\ALSysIO64.sys [x]
S3 asmthub3;ASMedia USB3 Hub Service;c:\windows\system32\DRIVERS\asmthub3.sys;c:\windows\SYSNATIVE\DRIVERS\asmthub3.sys [x]
S3 asmtxhci;ASMEDIA XHCI Service;c:\windows\system32\DRIVERS\asmtxhci.sys;c:\windows\SYSNATIVE\DRIVERS\asmtxhci.sys [x]
S3 ASUSFILTER;ASUSFILTER;SysWow64\drivers\ASUSFILTER.sys;SysWow64\drivers\ASUSFILTER.sys [x]
S3 AvastVBoxSvc;AvastVBox COM Service;c:\program files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe;c:\program files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [x]
S3 COMMONFX.SYS;COMMONFX.SYS;c:\windows\System32\drivers\COMMONFX.SYS;c:\windows\SYSNATIVE\drivers\COMMONFX.SYS [x]
S3 CTAUDFX.SYS;CTAUDFX.SYS;c:\windows\System32\drivers\CTAUDFX.SYS;c:\windows\SYSNATIVE\drivers\CTAUDFX.SYS [x]
S3 CTSBLFX.SYS;CTSBLFX.SYS;c:\windows\System32\drivers\CTSBLFX.SYS;c:\windows\SYSNATIVE\drivers\CTSBLFX.SYS [x]
S3 ICCWDT;Intel(R) Watchdog Timer Driver (Intel(R) WDT);c:\windows\system32\DRIVERS\ICCWDT.sys;c:\windows\SYSNATIVE\DRIVERS\ICCWDT.sys [x]
S3 LGBusEnum;Logitech GamePanel Virtual Bus Enumerator Driver;c:\windows\system32\drivers\LGBusEnum.sys;c:\windows\SYSNATIVE\drivers\LGBusEnum.sys [x]
S3 LGPBTDD;LGPBTDD.sys Display Driver;c:\windows\system32\Drivers\LGPBTDD.sys;c:\windows\SYSNATIVE\Drivers\LGPBTDD.sys [x]
S3 LGVirHid;Logitech Gamepanel Virtual HID Device Driver;c:\windows\system32\drivers\LGVirHid.sys;c:\windows\SYSNATIVE\drivers\LGVirHid.sys [x]
S3 NvStreamKms;NvStreamKms;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [x]
S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x]
S3 RTCore64;RTCore64;c:\program files (x86)\MSI Afterburner\RTCore64.sys;c:\program files (x86)\MSI Afterburner\RTCore64.sys [x]
S3 SaiK1708;SaiK1708;c:\windows\system32\DRIVERS\SaiK1708.sys;c:\windows\SYSNATIVE\DRIVERS\SaiK1708.sys [x]
S3 SaiU1708;SaiU1708;c:\windows\system32\DRIVERS\SaiU1708.sys;c:\windows\SYSNATIVE\DRIVERS\SaiU1708.sys [x]
.
.
 
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - WS2IFSL
*Deregistered* - IndieVolumeDriver
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
iissvcs REG_MULTI_SZ w3svc was
apphost REG_MULTI_SZ apphostsvc
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2010-08-16 18:43 451872 ----a-w- c:\program files (x86)\Common Files\LightScribe\LSRunOnce.exe
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-12-11 13:32 1087816 ----a-w- c:\program files (x86)\Google\Chrome\Application\39.0.2171.95\Installer\chrmstp.exe
.
Contents of the 'Scheduled Tasks' folder
.
2014-12-19 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-04-08 08:43]
.
2014-12-19 c:\windows\Tasks\G2MUpdateTask-S-1-5-21-2305213872-2505911372-3816809497-1000.job
- c:\program files (x86)\Citrix\GoToMeeting\2093\g2mupdate.exe [2014-12-14 19:09]
.
2014-12-19 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-03-14 16:35]
.
2014-12-19 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-03-14 16:35]
.
2014-12-17 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2305213872-2505911372-3816809497-1000Core.job
- c:\users\KnightCat\AppData\Local\Google\Update\GoogleUpdate.exe [2013-03-20 16:35]
.
2014-12-19 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2305213872-2505911372-3816809497-1000UA.job
- c:\users\KnightCat\AppData\Local\Google\Update\GoogleUpdate.exe [2013-03-20 16:35]
.
2014-12-18 c:\windows\Tasks\ReclaimerUpdateFiles_KnightCat.job
- c:\users\KnightCat\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\11.03\agent\rnupgagent.exe [2014-11-16 23:31]
.
2014-12-19 c:\windows\Tasks\ReclaimerUpdateXML_KnightCat.job
- c:\users\KnightCat\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\11.03\agent\rnupgagent.exe [2014-11-16 23:31]
.
2014-12-19 c:\windows\Tasks\RNUpgradeHelperLogonPrompt_KnightCat.job
- c:\users\KnightCat\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\11.03\agent\rnupgagent.exe [2014-11-16 23:31]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro1 (ErrorConflict)]
@="{8BA85C75-763B-4103-94EB-9470F12FE0F7}"
[HKEY_CLASSES_ROOT\CLSID\{8BA85C75-763B-4103-94EB-9470F12FE0F7}]
2014-10-14 18:27 2334928 ----a-w- c:\program files\Microsoft Office 15\root\office15\grooveex.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro2 (SyncInProgress)]
@="{CD55129A-B1A1-438E-A425-CEBC7DC684EE}"
[HKEY_CLASSES_ROOT\CLSID\{CD55129A-B1A1-438E-A425-CEBC7DC684EE}]
2014-10-14 18:27 2334928 ----a-w- c:\program files\Microsoft Office 15\root\office15\grooveex.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro3 (InSync)]
@="{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}"
[HKEY_CLASSES_ROOT\CLSID\{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}]
2014-10-14 18:27 2334928 ----a-w- c:\program files\Microsoft Office 15\root\office15\grooveex.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt1"]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 22:04 164760 ----a-w- c:\users\KnightCat\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt2"]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 22:04 164760 ----a-w- c:\users\KnightCat\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt3"]
@="{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 22:04 164760 ----a-w- c:\users\KnightCat\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt4"]
@="{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 22:04 164760 ----a-w- c:\users\KnightCat\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt5"]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 22:04 164760 ----a-w- c:\users\KnightCat\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt6"]
@="{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 22:04 164760 ----a-w- c:\users\KnightCat\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt7"]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 22:04 164760 ----a-w- c:\users\KnightCat\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt8"]
@="{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 22:04 164760 ----a-w- c:\users\KnightCat\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2014-11-25 18:38 860984 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveBlacklistedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}]
2014-10-21 23:52 777032 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedEditOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}]
2014-10-21 23:52 777032 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedViewOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}]
2014-10-21 23:52 777032 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}]
2014-10-21 23:52 777032 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncingOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}]
2014-10-21 23:52 777032 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\off0]
@="{8E33AEC3-C5F2-43C4-B048-9E3EB19B1DD5}"
[HKEY_CLASSES_ROOT\CLSID\{8E33AEC3-C5F2-43C4-B048-9E3EB19B1DD5}]
2013-09-30 23:20 1308432 ----a-w- c:\program files (x86)\Workspace\offsyncext64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\off1]
@="{8E33AEC4-C5F2-43C4-B048-9E3EB19B1DD5}"
[HKEY_CLASSES_ROOT\CLSID\{8E33AEC4-C5F2-43C4-B048-9E3EB19B1DD5}]
2013-09-30 23:20 1308432 ----a-w- c:\program files (x86)\Workspace\offsyncext64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Launch LCore"="c:\program files\Logitech Gaming Software\LCore.exe" [2014-10-14 12697368]
"Windows Mobile Device Center"="c:\windows\WindowsMobile\wmdc.exe" [2007-05-31 660360]
"Cm106Sound"="c:\windows\Syswow64\cm106.dll" [2010-10-13 8757248]
"NvBackend"="c:\program files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" [2014-11-06 2464072]
"ShadowPlay"="c:\windows\system32\nvspcap64.dll" [2014-11-06 2800296]
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = <local>;*.local
Trusted Zone: clonewarsadventures.com
Trusted Zone: freerealms.com
Trusted Zone: netflix.com
Trusted Zone: sharepoint.com\digitalairstrike
Trusted Zone: sharepoint.com\digitalairstrike-my
Trusted Zone: soe.com
Trusted Zone: sony.com
TCP: DhcpNameServer = 192.168.1.1
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - c:\program files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\18.0.0\ViProtocol.dll
DPF: {688C8675-1834-48FA-9DEF-4755CEFB9EDE} - hxxp://192.168.1.101/EDVR.CAB
DPF: {A4150320-98EC-4DB6-9BFB-EBF4B6FBEB16} - hxxp://192.168.1.99:5050/codebase/DVM_IPCam2.cab
FF - ProfilePath - c:\users\KnightCat\AppData\Roaming\Mozilla\Firefox\Profiles\ewzku24u.Seth\
FF - prefs.js: browser.search.selectedEngine - AVG Secure Search
FF - prefs.js: browser.startup.homepage - hxxp://mysearch.avg.com?cid={9BD985C1-17C8-42F9-A24E-AF49663426DB}&mid=27cb2d8fe60c44d99f3c4bf7da99ecdb-b846aedc0b47d38eeafd9f7ca50187f504336a34&lang=en&ds=ag011&coid=avgtbdisag&cmpid=&pr=sa&d=&v=&pid=safeguard&sg=&sap=hp
FF - prefs.js: keyword.URL -
FF - ExtSQL: !HIDDEN! 2013-03-18 20:03; smartwebprinting@hp.com; c:\program files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
.
- - - - ORPHANS REMOVED - - - -
.
Toolbar-Locked - (no file)
Wow6432Node-HKCU-Run-AdobeBridge - (no file)
Wow6432Node-HKU-Default-RunOnce-FlashPlayerUpdate - c:\windows\SysWOW64\Macromed\Flash\FlashUtil32_15_0_0_167_ActiveX.exe
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\CodecPackTrayMenu.lnk - c:\windows\SysWOW64\C2MP\TrayMenu.exe
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
Toolbar-Locked - (no file)
AddRemove-ESN Sonar-0.70.4 - c:\program files (x86)\Battlelog Web Plugins\Sonar\esnsonar_uninstall.exe
AddRemove-PunkBusterSvc - c:\windows\system32\pbsvc.exe
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\Approved Extensions]
@Denied: (2) (LocalSystem)
"{517BDDE4-E3A7-4570-B21E-2B52B6139FC7}"=hex:51,66,7a,6c,4c,1d,38,12,8a,de,68,
55,95,ad,1e,00,cd,08,68,12,b3,4d,db,d3
"{0347C33E-8762-4905-BF09-768834316C61}"=hex:51,66,7a,6c,4c,1d,38,12,50,c0,54,
07,50,c9,6b,0c,c0,1f,35,c8,31,6f,28,75
"{074C1DC5-9320-4A9A-947D-C042949C6216}"=hex:51,66,7a,6c,4c,1d,38,12,ab,1e,5f,
03,12,dd,f4,0f,eb,6b,83,02,91,c2,26,02
"{090F4A60-3146-41B5-8584-297FBF7D5B59}"=hex:51,66,7a,6c,4c,1d,38,12,0e,49,1c,
0d,74,7f,db,04,fa,92,6a,3f,ba,23,1f,4d
"{6C8DB2EC-499B-4897-A784-0E3186C97E9D}"=hex:51,66,7a,6c,4c,1d,38,12,82,b1,9e,
68,a9,07,f9,0d,d8,92,4d,71,83,97,3a,89
"{72853161-30C5-4D22-B7F9-0BBC1D38A37E}"=hex:51,66,7a,6c,4c,1d,38,12,0f,32,96,
76,f7,7e,4c,08,c8,ef,48,fc,18,66,e7,6a
"{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}"=hex:51,66,7a,6c,4c,1d,38,12,d5,94,07,
72,c2,98,42,03,c9,fd,97,9a,f4,87,69,57
"{9030D464-4C02-4ABF-8ECC-5164760863C6}"=hex:51,66,7a,6c,4c,1d,38,12,0a,d7,23,
94,30,02,d1,0f,f1,da,12,24,73,56,27,d2
"{B4F3A835-0E21-4959-BA22-42B3008E02FF}"=hex:51,66,7a,6c,4c,1d,38,12,5b,ab,e0,
b0,13,40,37,0c,c5,34,01,f3,05,d0,46,eb
"{DBC80044-A445-435B-BC74-9C25C1C588A9}"=hex:51,66,7a,6c,4c,1d,38,12,2a,03,db,
df,77,ea,35,06,c3,62,df,65,c4,9b,cc,bd
"{FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856}"=hex:51,66,7a,6c,4c,1d,38,12,91,fc,ec,
fb,7c,81,45,0a,c2,d4,4d,32,e4,48,ec,42
.
[HKEY_USERS\S-1-5-21-2305213872-2505911372-3816809497-1000\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{FD302A77-B25E-445C-66C7-306CACA3680D}*]
@Allowed: (Read) (RestrictedCode)
"laifjhgpedfppaldlpabgefd"=hex:67,62,63,6b,6f,65,63,65,6a,63,61,6d,6a,63,65,61,
6d,69,66,6a,6a,68,61,6b,61,61,6e,67,64,68,65,6c,69,67,68,70,67,6a,6d,66,69,\
"lakficbpedfcjpdkgfpcdkam"=hex:67,62,63,6b,6f,65,63,65,6a,63,61,6d,6a,63,65,61,
6d,69,66,6a,6a,68,61,6b,61,61,6e,67,64,68,65,6c,69,67,68,70,67,6a,6d,66,69,\
"hahmkkemppijnamb"=hex:6c,61,69,6d,64,6c,65,62,6f,6e,6b,69,70,62,6d,6f,64,6a,
6e,67,70,67,65,64,00,62
"hahmkkemcplelfkb"=hex:6f,61,69,6d,62,6f,62,6b,69,64,6c,6e,6b,70,6a,6b,69,65,
68,6e,63,6d,67,6f,6b,6b,6a,66,6d,65,00,00
.
[HKEY_USERS\S-1-5-21-2305213872-2505911372-3816809497-1000\Software\SecuROM\License information*]
"datasecu"=hex:68,a3,ad,90,e6,ea,ae,b9,43,ba,0f,59,16,18,d8,6b,28,92,b6,b3,e2,
c4,3c,2d,14,75,4d,9e,cc,4e,b0,67,3a,7a,15,15,29,70,34,6f,ee,22,fb,1a,b0,8f,\
"rkeysecu"=hex:62,bd,bb,85,07,50,b8,ac,78,8b,a1,60,51,63,29,d8
.
[HKEY_LOCAL_MACHINE\software\BlueStacks]
"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_15_0_0_246_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_15_0_0_246_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{BEB3C0C7-B648-4257-96D9-B5D024816E27}\Version*Version]
"Version"=hex:e0,62,c4,d4,8f,7f,89,66,96,01,d6,3f,e5,1d,fe,d4,1e,32,94,0e,4c,
c5,34,24,70,f3,0e,98,4d,6f,43,10,52,fb,99,48,a0,63,12,1f,95,35,f6,8a,30,fc,\
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_15_0_0_246_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_15_0_0_246_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_15_0_0_246.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.15"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_15_0_0_246.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_15_0_0_246.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_15_0_0_246.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Minnetonka Audio Software\SurCode Dolby Digital Premiere\Version*Version]
"Version"=hex:e0,62,c4,d4,8f,7f,89,66,96,01,d6,3f,e5,1d,fe,d4,1e,32,94,0e,4c,
c5,34,24,70,f3,0e,98,4d,6f,43,10,52,fb,99,48,a0,63,12,1f,95,35,f6,8a,30,fc,\
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Windows CE Services]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Other Running Processes ------------------------
.
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files (x86)\MSI Afterburner\MSIAfterburner.exe
c:\program files (x86)\RivaTuner Statistics Server\RTSS.exe
c:\program files (x86)\ASUS\AI Suite II\DIGI+ Power Control\PowerControlHelp.exe
c:\program files (x86)\ASUS\AI Suite II\AsRoutineController.exe
c:\windows\SysWOW64\srvany.exe
c:\program files (x86)\Common Files\LightScribe\LSSrvc.exe
c:\windows\KMService.exe
c:\program files (x86)\NVMS5 Standard Edition\bin\cms.exe
c:\program files (x86)\NVMS5 Standard Edition\bin\nru.exe
c:\program files (x86)\NVMS5 Standard Edition\bin\vtdu.exe
c:\windows\SysWOW64\PnkBstrA.exe
c:\windows\SysWOW64\rundll32.exe
c:\program files (x86)\Splashtop\Splashtop Remote\Server\SRServer.exe
f:\games\Steam2\bin\steamwebhelper.exe
c:\program files (x86)\Splashtop\Splashtop Remote\Server\SRFeature.exe
c:\program files\Logitech Gaming Software\Applets\LCDMovieViewer.exe
c:\program files\Logitech Gaming Software\Applets\LCDYT.exe
c:\program files\Logitech Gaming Software\Applets\LCDMedia.exe
c:\program files\Logitech Gaming Software\Applets\LCDWebCam.exe
c:\users\KnightCat\AppData\Roaming\Dropbox\bin\Dropbox.exe
c:\progra~2\Raptr\raptr.exe
c:\progra~2\Raptr\raptr_im.exe
c:\program files (x86)\Common Files\Java\Java Update\jucheck.exe
.
**************************************************************************
.
Completion time: 2014-12-19 00:18:56 - machine was rebooted
ComboFix-quarantined-files.txt 2014-12-19 06:18
.
Pre-Run: 102,638,997,504 bytes free
Post-Run: 102,423,855,104 bytes free
.
- - End Of File - - 41C0628000F24CE6BC225415F5332CB9
A36C5E4F47E84449FF07ED3517B43A31
 
1. Please open Notepad (Start>All Programs>Accessories>Notepad).

2. Now copy/paste the entire content of the codebox below into the Notepad window:

Code:
RegNull::
[HKEY_USERS\S-1-5-21-2305213872-2505911372-3816809497-1000\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{FD302A77-B25E-445C-66C7-306CACA3680D}*]

ClearJavaCache::


3. Save the above as CFScript.txt

4. Close/disable all anti virus and anti malware programs again, so they do not interfere with the running of ComboFix.

5. Then drag the CFScript.txt into ComboFix.exe as depicted in the animation below. This will start ComboFix again.

CFScript.gif



6. After reboot, (in case it asks to reboot), please post the following reports/logs into your next reply:
  • Combofix.txt
 
ComboFix 14-12-14.01 - KnightCat 12/19/2014 17:39:02.2.12 - x64
Microsoft Windows 7 Ultimate 6.1.7601.1.1252.1.1033.18.32708.25161 [GMT -6:00]
Running from: c:\users\KnightCat\Desktop\ComboFix.exe
Command switches used :: c:\users\KnightCat\Desktop\CFScript.txt
AV: avast! Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
FW: avast! Antivirus *Disabled* {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}
SP: avast! Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\users\KNIGHT~1\AppData\Local\Temp\_MEI36922\_ctypes.pyd
c:\users\KNIGHT~1\AppData\Local\Temp\_MEI36922\_elementtree.pyd
c:\users\KNIGHT~1\AppData\Local\Temp\_MEI36922\_hashlib.pyd
c:\users\KNIGHT~1\AppData\Local\Temp\_MEI36922\_multiprocessing.pyd
c:\users\KNIGHT~1\AppData\Local\Temp\_MEI36922\_socket.pyd
c:\users\KNIGHT~1\AppData\Local\Temp\_MEI36922\_ssl.pyd
c:\users\KNIGHT~1\AppData\Local\Temp\_MEI36922\hashobjs_ext.pyd
c:\users\KNIGHT~1\AppData\Local\Temp\_MEI36922\pyexpat.pyd
c:\users\KNIGHT~1\AppData\Local\Temp\_MEI36922\pysqlite2._sqlite.pyd
c:\users\KNIGHT~1\AppData\Local\Temp\_MEI36922\python27.dll
c:\users\KNIGHT~1\AppData\Local\Temp\_MEI36922\pythoncom27.dll
c:\users\KNIGHT~1\AppData\Local\Temp\_MEI36922\PyWinTypes27.dll
c:\users\KNIGHT~1\AppData\Local\Temp\_MEI36922\select.pyd
c:\users\KNIGHT~1\AppData\Local\Temp\_MEI36922\unicodedata.pyd
c:\users\KNIGHT~1\AppData\Local\Temp\_MEI36922\win32api.pyd
c:\users\KNIGHT~1\AppData\Local\Temp\_MEI36922\win32com.shell.shell.pyd
c:\users\KNIGHT~1\AppData\Local\Temp\_MEI36922\win32crypt.pyd
c:\users\KNIGHT~1\AppData\Local\Temp\_MEI36922\win32event.pyd
c:\users\KNIGHT~1\AppData\Local\Temp\_MEI36922\win32file.pyd
c:\users\KNIGHT~1\AppData\Local\Temp\_MEI36922\win32gui.pyd
c:\users\KNIGHT~1\AppData\Local\Temp\_MEI36922\win32inet.pyd
c:\users\KNIGHT~1\AppData\Local\Temp\_MEI36922\win32pdh.pyd
c:\users\KNIGHT~1\AppData\Local\Temp\_MEI36922\win32pipe.pyd
c:\users\KNIGHT~1\AppData\Local\Temp\_MEI36922\win32process.pyd
c:\users\KNIGHT~1\AppData\Local\Temp\_MEI36922\win32profile.pyd
c:\users\KNIGHT~1\AppData\Local\Temp\_MEI36922\win32security.pyd
c:\users\KNIGHT~1\AppData\Local\Temp\_MEI36922\win32ts.pyd
c:\users\KNIGHT~1\AppData\Local\Temp\_MEI36922\windows._lib_cacheinvalidation.pyd
c:\users\KNIGHT~1\AppData\Local\Temp\_MEI36922\wx._animate.pyd
c:\users\KNIGHT~1\AppData\Local\Temp\_MEI36922\wx._controls_.pyd
c:\users\KNIGHT~1\AppData\Local\Temp\_MEI36922\wx._core_.pyd
c:\users\KNIGHT~1\AppData\Local\Temp\_MEI36922\wx._gdi_.pyd
c:\users\KNIGHT~1\AppData\Local\Temp\_MEI36922\wx._html2.pyd
c:\users\KNIGHT~1\AppData\Local\Temp\_MEI36922\wx._misc_.pyd
c:\users\KNIGHT~1\AppData\Local\Temp\_MEI36922\wx._windows_.pyd
c:\users\KNIGHT~1\AppData\Local\Temp\_MEI36922\wx._wizard.pyd
c:\users\KNIGHT~1\AppData\Local\Temp\_MEI36922\wxbase294u_net_vc90.dll
c:\users\KNIGHT~1\AppData\Local\Temp\_MEI36922\wxbase294u_vc90.dll
c:\users\KNIGHT~1\AppData\Local\Temp\_MEI36922\wxmsw294u_adv_vc90.dll
c:\users\KNIGHT~1\AppData\Local\Temp\_MEI36922\wxmsw294u_core_vc90.dll
c:\users\KNIGHT~1\AppData\Local\Temp\_MEI36922\wxmsw294u_html_vc90.dll
c:\users\KNIGHT~1\AppData\Local\Temp\_MEI36922\wxmsw294u_webview_vc90.dll
c:\users\KnightCat\AppData\Local\Temp\_MEI36922\_ctypes.pyd
c:\users\KnightCat\AppData\Local\Temp\_MEI36922\_elementtree.pyd
c:\users\KnightCat\AppData\Local\Temp\_MEI36922\_hashlib.pyd
c:\users\KnightCat\AppData\Local\Temp\_MEI36922\_multiprocessing.pyd
c:\users\KnightCat\AppData\Local\Temp\_MEI36922\_socket.pyd
c:\users\KnightCat\AppData\Local\Temp\_MEI36922\_ssl.pyd
c:\users\KnightCat\AppData\Local\Temp\_MEI36922\hashobjs_ext.pyd
c:\users\KnightCat\AppData\Local\Temp\_MEI36922\pyexpat.pyd
c:\users\KnightCat\AppData\Local\Temp\_MEI36922\pysqlite2._sqlite.pyd
c:\users\KnightCat\AppData\Local\Temp\_MEI36922\python27.dll
c:\users\KnightCat\AppData\Local\Temp\_MEI36922\pythoncom27.dll
c:\users\KnightCat\AppData\Local\Temp\_MEI36922\PyWinTypes27.dll
c:\users\KnightCat\AppData\Local\Temp\_MEI36922\select.pyd
c:\users\KnightCat\AppData\Local\Temp\_MEI36922\unicodedata.pyd
c:\users\KnightCat\AppData\Local\Temp\_MEI36922\win32api.pyd
c:\users\KnightCat\AppData\Local\Temp\_MEI36922\win32com.shell.shell.pyd
c:\users\KnightCat\AppData\Local\Temp\_MEI36922\win32crypt.pyd
c:\users\KnightCat\AppData\Local\Temp\_MEI36922\win32event.pyd
c:\users\KnightCat\AppData\Local\Temp\_MEI36922\win32file.pyd
c:\users\KnightCat\AppData\Local\Temp\_MEI36922\win32gui.pyd
c:\users\KnightCat\AppData\Local\Temp\_MEI36922\win32inet.pyd
c:\users\KnightCat\AppData\Local\Temp\_MEI36922\win32pdh.pyd
c:\users\KnightCat\AppData\Local\Temp\_MEI36922\win32pipe.pyd
c:\users\KnightCat\AppData\Local\Temp\_MEI36922\win32process.pyd
c:\users\KnightCat\AppData\Local\Temp\_MEI36922\win32profile.pyd
c:\users\KnightCat\AppData\Local\Temp\_MEI36922\win32security.pyd
c:\users\KnightCat\AppData\Local\Temp\_MEI36922\win32ts.pyd
c:\users\KnightCat\AppData\Local\Temp\_MEI36922\windows._lib_cacheinvalidation.pyd
c:\users\KnightCat\AppData\Local\Temp\_MEI36922\wx._animate.pyd
c:\users\KnightCat\AppData\Local\Temp\_MEI36922\wx._controls_.pyd
c:\users\KnightCat\AppData\Local\Temp\_MEI36922\wx._core_.pyd
c:\users\KnightCat\AppData\Local\Temp\_MEI36922\wx._gdi_.pyd
c:\users\KnightCat\AppData\Local\Temp\_MEI36922\wx._html2.pyd
c:\users\KnightCat\AppData\Local\Temp\_MEI36922\wx._misc_.pyd
c:\users\KnightCat\AppData\Local\Temp\_MEI36922\wx._windows_.pyd
c:\users\KnightCat\AppData\Local\Temp\_MEI36922\wx._wizard.pyd
c:\users\KnightCat\AppData\Local\Temp\_MEI36922\wxbase294u_net_vc90.dll
c:\users\KnightCat\AppData\Local\Temp\_MEI36922\wxbase294u_vc90.dll
c:\users\KnightCat\AppData\Local\Temp\_MEI36922\wxmsw294u_adv_vc90.dll
c:\users\KnightCat\AppData\Local\Temp\_MEI36922\wxmsw294u_core_vc90.dll
c:\users\KnightCat\AppData\Local\Temp\_MEI36922\wxmsw294u_html_vc90.dll
c:\users\KnightCat\AppData\Local\Temp\_MEI36922\wxmsw294u_webview_vc90.dll
.
.
((((((((((((((((((((((((( Files Created from 2014-11-20 to 2014-12-20 )))))))))))))))))))))))))))))))
.
.
2014-12-20 00:11 . 2014-12-20 00:11 -------- d-----w- c:\users\DefaultAppPool\AppData\Local\temp
2014-12-20 00:11 . 2014-12-20 00:11 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-12-19 07:27 . 2014-12-19 23:43 -------- d-----w- c:\users\KnightCat\AppData\Local\DisplayFusion
2014-12-19 07:04 . 2014-12-19 07:24 -------- d-----w- c:\users\KnightCat\AppData\Roaming\DisplayFusion
2014-12-19 07:04 . 2014-12-19 07:04 -------- d-----w- c:\programdata\Binary Fortress Software
2014-12-19 06:59 . 2014-12-19 06:59 -------- d-----w- c:\program files (x86)\DisplayFusion
2014-12-19 04:24 . 2014-12-19 04:24 -------- d-----w- C:\found.000
2014-12-19 03:42 . 2014-12-19 04:04 -------- d-----w- c:\programdata\Malwarebytes' Anti-Malware (portable)
2014-12-19 03:30 . 2014-12-19 03:30 35064 ----a-w- c:\windows\system32\drivers\TrueSight.sys
2014-12-19 03:30 . 2014-12-19 03:30 -------- d-----w- c:\programdata\RogueKiller
2014-12-12 00:20 . 2014-12-12 00:20 -------- d-sh--w- c:\users\KnightCat\AppData\Local\EmieBrowserModeList
2014-12-08 22:13 . 2014-12-08 22:13 -------- d-----w- c:\program files (x86)\AGEIA Technologies
2014-12-08 22:13 . 2014-11-12 20:46 615624 ----a-w- c:\windows\SysWow64\nvStreaming.exe
2014-12-08 22:12 . 2014-11-12 21:56 2559808 ----a-w- c:\windows\system32\nvsvcr.dll
2014-12-07 20:07 . 2014-12-07 20:07 -------- d-----w- c:\users\KnightCat\AppData\Local\Ubisoft
2014-11-30 22:16 . 2014-11-30 22:17 -------- d-----w- c:\windows\system32\vbox
2014-11-25 18:38 . 2014-11-25 18:38 364512 ----a-w- c:\windows\system32\aswBoot.exe
2014-11-25 18:38 . 2014-11-25 18:38 43152 ----a-w- c:\windows\avastSS.scr
2014-11-25 18:38 . 2014-11-25 18:38 449936 ----a-w- c:\windows\system32\drivers\aswNdisFlt.sys
2014-11-20 03:49 . 2014-10-03 19:23 38216 ----a-w- c:\windows\system32\drivers\nvvad64v.sys
2014-11-20 03:49 . 2014-10-03 19:23 32584 ----a-w- c:\windows\SysWow64\nvaudcap32v.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-12-19 03:42 . 2014-09-23 14:26 135384 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2014-12-19 03:41 . 2014-09-23 14:26 96472 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2014-12-10 08:43 . 2013-04-08 22:40 71344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-12-10 08:43 . 2013-04-08 22:40 701104 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2014-12-08 20:08 . 2014-12-08 20:08 98304 ----a-w- c:\users\KnightCat\AppData\Roaming\Microsoft\Windows\Templates\TLPC\LGUTchkdl.dll
2014-12-08 20:08 . 2014-12-08 20:08 24576 ----a-w- c:\users\KnightCat\AppData\Roaming\Microsoft\Windows\Templates\TLPC\LGEUSBAutorun.dll
2014-12-08 20:08 . 2014-12-08 20:08 1347584 ----a-w- c:\users\KnightCat\AppData\Roaming\Microsoft\Windows\Templates\TLPC\TL_PC.exe
2014-11-25 18:39 . 2014-03-12 20:59 1050432 ----a-w- c:\windows\system32\drivers\aswsnx.sys
2014-11-25 18:38 . 2014-05-07 19:24 29208 ----a-w- c:\windows\system32\drivers\aswHwid.sys
2014-11-25 18:38 . 2014-03-13 19:35 116728 ----a-w- c:\windows\system32\drivers\aswstm.sys
2014-11-25 18:38 . 2014-03-13 19:32 267632 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2014-11-25 18:38 . 2014-03-13 19:32 65776 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2014-11-25 18:38 . 2014-03-12 21:00 436624 ----a-w- c:\windows\system32\drivers\aswsp.sys
2014-11-25 18:38 . 2014-03-12 20:59 93568 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2014-11-25 18:38 . 2014-03-12 20:59 83280 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2014-11-25 18:38 . 2014-03-12 20:59 28184 ----a-w- c:\windows\system32\drivers\aswKbd.sys
2014-11-21 12:14 . 2014-09-23 14:26 63704 ----a-w- c:\windows\system32\drivers\mwac.sys
2014-11-21 12:14 . 2013-09-29 06:20 25816 ----a-w- c:\windows\system32\drivers\mbam.sys
2014-11-17 22:18 . 2014-04-16 04:57 1538880 ----a-w- c:\windows\system32\nvhdagenco6420103.dll
2014-11-13 00:20 . 2014-10-11 15:49 4011208 ----a-w- c:\windows\SysWow64\nvcuvid.dll
2014-11-13 00:20 . 2014-08-18 04:08 11336432 ----a-w- c:\windows\SysWow64\nvcuda.dll
2014-11-13 00:20 . 2014-05-27 04:27 418112 ----a-w- c:\windows\SysWow64\nvEncodeAPI.dll
2014-11-13 00:20 . 2014-05-27 04:27 20986592 ----a-w- c:\windows\system32\nvwgf2umx.dll
2014-11-13 00:20 . 2014-05-27 04:27 18514616 ----a-w- c:\windows\SysWow64\nvwgf2um.dll
2014-11-13 00:20 . 2014-02-13 22:04 989056 ----a-w- c:\windows\system32\nvumdshimx.dll
2014-11-13 00:20 . 2014-02-13 22:04 3262784 ----a-w- c:\windows\system32\nvapi64.dll
2014-11-13 00:20 . 2014-02-13 22:04 31893136 ----a-w- c:\windows\system32\nvoglv64.dll
2014-11-13 00:20 . 2014-02-13 22:04 2874456 ----a-w- c:\windows\SysWow64\nvapi.dll
2014-11-13 00:20 . 2014-02-13 22:04 16884632 ----a-w- c:\windows\SysWow64\nvd3dum.dll
2014-11-13 00:20 . 2013-03-14 16:41 74056 ----a-w- c:\windows\system32\OpenCL.dll
2014-11-13 00:20 . 2013-03-14 16:41 59592 ----a-w- c:\windows\SysWow64\OpenCL.dll
2014-11-12 21:56 . 2013-03-19 15:24 6897352 ----a-w- c:\windows\system32\nvcpl.dll
2014-11-12 21:56 . 2013-03-19 15:24 3534152 ----a-w- c:\windows\system32\nvsvc64.dll
2014-11-12 21:56 . 2013-03-19 15:24 934032 ----a-w- c:\windows\system32\nvvsvc.exe
2014-11-12 21:56 . 2013-03-19 15:24 62608 ----a-w- c:\windows\system32\nvshext.dll
2014-11-12 21:56 . 2013-03-19 15:24 386368 ----a-w- c:\windows\system32\nvmctray.dll
2014-11-11 10:29 . 2013-03-19 15:24 4100776 ----a-w- c:\windows\system32\nvcoproc.bin
2014-11-11 03:08 . 2014-11-19 12:57 241152 ----a-w- c:\windows\system32\pku2u.dll
2014-11-11 03:08 . 2014-11-19 12:57 728064 ----a-w- c:\windows\system32\kerberos.dll
2014-11-11 02:44 . 2014-11-19 12:57 186880 ----a-w- c:\windows\SysWow64\pku2u.dll
2014-11-11 02:44 . 2014-11-19 12:57 550912 ----a-w- c:\windows\SysWow64\kerberos.dll
2014-11-07 23:47 . 2014-07-30 03:37 466520 ----a-w- c:\windows\system32\wrap_oal.dll
2014-11-07 23:47 . 2014-07-30 03:37 445016 ----a-w- c:\windows\SysWow64\wrap_oal.dll
2014-11-07 23:47 . 2014-07-30 03:37 123480 ----a-w- c:\windows\system32\OpenAL32.dll
2014-11-07 23:47 . 2014-07-30 03:37 109144 ----a-w- c:\windows\SysWow64\OpenAL32.dll
2014-11-07 19:49 . 2014-11-11 23:55 388272 ----a-w- c:\windows\system32\iedkcs32.dll
2014-11-06 17:06 . 2014-10-11 17:45 2197680 ----a-w- c:\windows\SysWow64\nvspcap.dll
2014-11-06 17:06 . 2014-10-11 17:45 1291280 ----a-w- c:\windows\SysWow64\nvspbridge.dll
2014-11-06 17:06 . 2014-10-11 17:45 2800296 ----a-w- c:\windows\system32\nvspcap64.dll
2014-11-06 17:06 . 2014-10-11 17:45 1715224 ----a-w- c:\windows\system32\nvspbridge64.dll
2014-11-06 04:04 . 2014-11-11 23:55 2724864 ----a-w- c:\windows\system32\mshtml.tlb
2014-11-06 04:03 . 2014-11-11 23:55 4096 ----a-w- c:\windows\system32\ieetwcollectorres.dll
2014-11-06 04:03 . 2014-11-11 23:54 25110016 ----a-w- c:\windows\system32\mshtml.dll
2014-11-06 03:47 . 2014-11-11 23:55 66560 ----a-w- c:\windows\system32\iesetup.dll
2014-11-06 03:46 . 2014-11-11 23:55 48640 ----a-w- c:\windows\system32\ieetwproxystub.dll
2014-11-06 03:46 . 2014-11-11 23:54 580096 ----a-w- c:\windows\system32\vbscript.dll
2014-11-06 03:44 . 2014-11-11 23:54 88064 ----a-w- c:\windows\system32\MshtmlDac.dll
2014-11-06 03:43 . 2014-11-11 23:55 2884096 ----a-w- c:\windows\system32\iertutil.dll
2014-11-06 03:36 . 2014-11-11 23:54 54784 ----a-w- c:\windows\system32\jsproxy.dll
2014-11-06 03:35 . 2014-11-11 23:55 34304 ----a-w- c:\windows\system32\iernonce.dll
2014-11-06 03:31 . 2014-11-11 23:54 633856 ----a-w- c:\windows\system32\ieui.dll
2014-11-06 03:30 . 2014-11-11 23:54 144384 ----a-w- c:\windows\system32\ieUnatt.exe
2014-11-06 03:30 . 2014-11-11 23:55 114688 ----a-w- c:\windows\system32\ieetwcollector.exe
2014-11-06 03:29 . 2014-11-11 23:54 814080 ----a-w- c:\windows\system32\jscript9diag.dll
2014-11-06 03:28 . 2014-11-11 23:55 2724864 ----a-w- c:\windows\SysWow64\mshtml.tlb
2014-11-06 03:23 . 2014-11-11 23:54 6040064 ----a-w- c:\windows\system32\jscript9.dll
2014-11-06 03:20 . 2014-11-11 23:55 968704 ----a-w- c:\windows\system32\MsSpellCheckingFacility.exe
2014-11-06 03:16 . 2014-11-11 23:54 490496 ----a-w- c:\windows\system32\dxtmsft.dll
2014-11-06 03:13 . 2014-11-11 23:55 501248 ----a-w- c:\windows\SysWow64\vbscript.dll
2014-11-06 03:13 . 2014-11-11 23:55 62464 ----a-w- c:\windows\SysWow64\iesetup.dll
2014-11-06 03:12 . 2014-11-11 23:55 47616 ----a-w- c:\windows\SysWow64\ieetwproxystub.dll
2014-11-06 03:10 . 2014-11-11 23:54 64000 ----a-w- c:\windows\SysWow64\MshtmlDac.dll
2014-11-06 03:07 . 2014-11-11 23:55 77824 ----a-w- c:\windows\system32\JavaScriptCollectionAgent.dll
2014-11-06 03:02 . 2014-11-11 23:54 199680 ----a-w- c:\windows\system32\msrating.dll
2014-11-06 03:00 . 2014-11-11 23:54 92160 ----a-w- c:\windows\system32\mshtmled.dll
2014-11-06 02:59 . 2014-11-11 23:55 115712 ----a-w- c:\windows\SysWow64\ieUnatt.exe
2014-11-06 02:58 . 2014-11-11 23:55 620032 ----a-w- c:\windows\SysWow64\jscript9diag.dll
2014-11-06 02:57 . 2014-11-11 23:55 316928 ----a-w- c:\windows\system32\dxtrans.dll
2014-11-06 02:42 . 2014-11-11 23:55 60416 ----a-w- c:\windows\SysWow64\JavaScriptCollectionAgent.dll
2014-11-06 02:41 . 2014-11-11 23:55 716800 ----a-w- c:\windows\system32\ie4uinit.exe
2014-11-06 02:41 . 2014-11-11 23:55 800768 ----a-w- c:\windows\system32\msfeeds.dll
2014-11-06 02:39 . 2014-11-11 23:54 1359360 ----a-w- c:\windows\system32\mshtmlmedia.dll
2014-11-06 02:38 . 2014-11-11 23:55 2124288 ----a-w- c:\windows\system32\inetcpl.cpl
2014-11-06 02:30 . 2014-11-11 23:54 14390272 ----a-w- c:\windows\system32\ieframe.dll
2014-11-06 02:21 . 2014-11-11 23:55 4298240 ----a-w- c:\windows\SysWow64\jscript9.dll
2014-11-06 02:21 . 2014-11-11 23:55 2051072 ----a-w- c:\windows\SysWow64\inetcpl.cpl
2014-11-06 02:20 . 2014-11-11 23:55 1155072 ----a-w- c:\windows\SysWow64\mshtmlmedia.dll
2014-11-06 02:17 . 2014-11-11 23:54 2365440 ----a-w- c:\windows\system32\wininet.dll
2014-11-06 02:04 . 2014-11-11 23:55 1550336 ----a-w- c:\windows\system32\urlmon.dll
2014-11-06 01:53 . 2014-11-11 23:55 799232 ----a-w- c:\windows\system32\ieapfltr.dll
2014-11-06 01:52 . 2014-11-11 23:54 1892864 ----a-w- c:\windows\SysWow64\wininet.dll
2014-11-04 20:30 . 2010-11-21 03:27 275080 ------w- c:\windows\system32\MpSigStub.exe
2014-11-02 04:20 . 2014-11-22 05:20 11632448 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{EBAA9514-9BB5-47F2-9355-8B0379F1719B}\mpengine.dll
2014-11-01 05:26 . 2014-03-18 20:44 103374192 ----a-w- c:\windows\system32\MRT.exe
2014-10-25 01:57 . 2014-11-11 23:53 77824 ----a-w- c:\windows\system32\packager.dll
2014-10-25 01:32 . 2014-11-11 23:53 67584 ----a-w- c:\windows\SysWow64\packager.dll
2014-10-18 02:05 . 2014-11-11 23:52 861696 ----a-w- c:\windows\system32\oleaut32.dll
2014-10-18 01:33 . 2014-11-11 23:52 571904 ----a-w- c:\windows\SysWow64\oleaut32.dll
2014-10-16 16:54 . 2014-11-02 02:54 1539272 ----a-w- c:\windows\system32\nvdispgenco6434448.dll
2014-10-16 16:54 . 2014-11-02 02:54 1876296 ----a-w- c:\windows\system32\nvdispco6434448.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro1 (ErrorConflict)]
@="{8BA85C75-763B-4103-94EB-9470F12FE0F7}"
[HKEY_CLASSES_ROOT\CLSID\{8BA85C75-763B-4103-94EB-9470F12FE0F7}]
2014-10-14 16:29 1729752 ----a-w- c:\program files\Microsoft Office 15\root\vfs\ProgramFilesX86\Microsoft Office\Office15\grooveex.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro2 (SyncInProgress)]
@="{CD55129A-B1A1-438E-A425-CEBC7DC684EE}"
[HKEY_CLASSES_ROOT\CLSID\{CD55129A-B1A1-438E-A425-CEBC7DC684EE}]
2014-10-14 16:29 1729752 ----a-w- c:\program files\Microsoft Office 15\root\vfs\ProgramFilesX86\Microsoft Office\Office15\grooveex.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro3 (InSync)]
@="{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}"
[HKEY_CLASSES_ROOT\CLSID\{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}]
2014-10-14 16:29 1729752 ----a-w- c:\program files\Microsoft Office 15\root\vfs\ProgramFilesX86\Microsoft Office\Office15\grooveex.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt1"]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 22:04 131480 ----a-w- c:\users\KnightCat\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt2"]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 22:04 131480 ----a-w- c:\users\KnightCat\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt3"]
@="{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 22:04 131480 ----a-w- c:\users\KnightCat\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt4"]
@="{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 22:04 131480 ----a-w- c:\users\KnightCat\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt5"]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 22:04 131480 ----a-w- c:\users\KnightCat\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt6"]
@="{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 22:04 131480 ----a-w- c:\users\KnightCat\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt7"]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 22:04 131480 ----a-w- c:\users\KnightCat\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt8"]
@="{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 22:04 131480 ----a-w- c:\users\KnightCat\AppData\Roaming\Dropbox\bin\DropboxExt.24.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Steam"="f:\games\Steam2\steam.exe" [2014-12-17 1941696]
"GoogleDriveSync"="c:\program files (x86)\Google\Drive\googledrivesync.exe" [2014-10-21 22869088]
"IndieVolume"="c:\program files (x86)\IndieVolume\IndieVolume.GUI.exe" [2013-04-02 3736576]
"Spotify Web Helper"="c:\users\KnightCat\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" [2014-09-07 1245752]
"f.lux"="c:\users\KnightCat\AppData\Local\FluxSoftware\Flux\flux.exe" [2013-10-23 1017224]
"Lync"="c:\program files\Microsoft Office 15\root\office15\lync.exe" [2014-10-14 22672536]
"Skype"="c:\program files (x86)\Skype\Phone\Skype.exe" [2014-12-03 30872160]
"DisplayFusion"="c:\program files (x86)\DisplayFusion\DisplayFusion.exe" [2014-12-16 6780256]
"GoToAssist Remote Support Expert"="c:\program files (x86)\Citrix\GoToAssist Remote Support Expert\758\g2ax_start.exe" [2014-12-19 610888]
"GizmoDriveDelegate"="c:\program files (x86)\Gizmo\gizmo.exe" [2014-02-12 223640]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"hpqSRMon"="c:\program files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe" [2008-07-22 150528]
"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2014-12-11 5227112]
"BlueStacks Agent"="c:\program files (x86)\BlueStacks\HD-Agent.exe" [2014-05-01 832272]
"Communicator"="c:\program files (x86)\Microsoft Lync\communicator.exe" [2014-05-02 12117312]
"USBsupervisor"="c:\program files (x86)\SamLogic\USB Supervisor\USBsupervisor.exe" [2012-07-24 1634928]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2014-07-25 256896]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2014-10-15 157480]
"AsioThk32Reg"="CTASIO.DLL" [2013-08-14 47104]
"Raptr"="c:\program files (x86)\Raptr\raptrstub.exe" [2014-12-08 55568]
.
c:\users\KnightCat\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
Dropbox.lnk - c:\users\KnightCat\AppData\Roaming\Dropbox\bin\Dropbox.exe /systemstartup [2014-12-8 39207112]
OneDrive for Business.lnk - c:\program files\Microsoft Office 15\root\office15\GROOVE.EXE /RunFolderSync /TrayOnly [2014-10-16 13759160]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
CodecPackUpdateChecker.lnk - c:\windows\SysWOW64\C2MP\UpdateChecker.exe [2013-6-8 48200]
Gizmo.lnk - c:\program files (x86)\Gizmo\gizmo.exe /NoSplash /NoShow [2014-2-12 223640]
RealPlayer Cloud Service UI.lnk - c:\program files (x86)\Real\RealPlayer\RPDS\Bin64\rpsystray.exe [2014-6-6 1022048]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
"DisableCAD"= 1 (0x1)
"SoftwareSASGeneration"= 1 (0x1)
.
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer]
"NoResolveTrack"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager]
BootExecute REG_MULTI_SZ autocheck autochk *\0\0sdnclean64.exe
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-]
"LGODDFU"="c:\program files (x86)\lg_fwupdate\lgfw.exe" blrun
.
2;2 AsusFanControlService;AsusFanControlService;c:\program files (x86)\ASUS\AsusFanControlService\1.01.14\AsusFanControlService.exe;c:\program files (x86)\ASUS\AsusFanControlService\1.01.14\AsusFanControlService.exe [x]
R1 SDHookDriver;Hook Test Driver;c:\program files (x86)\Spybot - Search & Destroy 2\SDHookDrv64.sys;c:\program files (x86)\Spybot - Search & Destroy 2\SDHookDrv64.sys [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 DisplayFusionService;DisplayFusionService;c:\program files (x86)\DisplayFusion\DisplayFusionService.exe;c:\program files (x86)\DisplayFusion\DisplayFusionService.exe [x]
R2 HiPatchService;Hi-Rez Studios Authenticate and Update Service;c:\program files (x86)\Hi-Rez Studios\HiPatchService.exe;c:\program files (x86)\Hi-Rez Studios\HiPatchService.exe [x]
R2 MouseWithoutBordersSvc;Mouse without Borders Service;c:\program files (x86)\Microsoft Garage\Mouse without Borders\MouseWithoutBordersSvc.exe;c:\program files (x86)\Microsoft Garage\Mouse without Borders\MouseWithoutBordersSvc.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 ASUSstpt;ASUS USB 3.0 Boost Storage Driver (Storage Driver);c:\windows\system32\DRIVERS\ASUSstpt.sys;c:\windows\SYSNATIVE\DRIVERS\ASUSstpt.sys [x]
R3 ASUSumsc;ASUS USB 3.0 Boost Storage Driver (WDM);c:\windows\system32\DRIVERS\ASUSumsc.sys;c:\windows\SYSNATIVE\DRIVERS\ASUSumsc.sys [x]
R3 BRDriver64;BRDriver64;c:\programdata\bitraider\BRDriver64.sys;c:\programdata\bitraider\BRDriver64.sys [x]
R3 BRSptSvc;BitRaider Mini-Support Service;c:\programdata\bitraider\BRSptSvc.exe;c:\programdata\bitraider\BRSptSvc.exe [x]
R3 COMMONFX;COMMONFX;c:\windows\system32\drivers\COMMONFX.SYS;c:\windows\SYSNATIVE\drivers\COMMONFX.SYS [x]
R3 cpudrv64;cpudrv64;c:\program files (x86)\SystemRequirementsLab\cpudrv64.sys;c:\program files (x86)\SystemRequirementsLab\cpudrv64.sys [x]
R3 CTAUDFX;CTAUDFX;c:\windows\system32\drivers\CTAUDFX.SYS;c:\windows\SYSNATIVE\drivers\CTAUDFX.SYS [x]
R3 CTERFXFX.SYS;CTERFXFX.SYS;c:\windows\System32\drivers\CTERFXFX.SYS;c:\windows\SYSNATIVE\drivers\CTERFXFX.SYS [x]
R3 CTERFXFX;CTERFXFX;c:\windows\system32\drivers\CTERFXFX.SYS;c:\windows\SYSNATIVE\drivers\CTERFXFX.SYS [x]
R3 CTSBLFX;CTSBLFX;c:\windows\system32\drivers\CTSBLFX.SYS;c:\windows\SYSNATIVE\drivers\CTSBLFX.SYS [x]
R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudbus.sys;c:\windows\SYSNATIVE\DRIVERS\ssudbus.sys [x]
R3 DisplayLinkUsbPort;DisplayLink USB Device;c:\windows\system32\DRIVERS\DisplayLinkUsbPort_6.1.32700.0.sys;c:\windows\SYSNATIVE\DRIVERS\DisplayLinkUsbPort_6.1.32700.0.sys [x]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys;c:\windows\SYSNATIVE\drivers\dmvsc.sys [x]
R3 EagleX64;EagleX64;c:\windows\system32\drivers\EagleX64.sys;c:\windows\SYSNATIVE\drivers\EagleX64.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys;c:\windows\SYSNATIVE\drivers\npf.sys [x]
R3 Origin Client Service;Origin Client Service;c:\program files (x86)\Origin\OriginClientService.exe;c:\program files (x86)\Origin\OriginClientService.exe [x]
R3 ose64;Office 64 Source Engine;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE;c:\program files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows\system32\DRIVERS\ssudmdm.sys;c:\windows\SYSNATIVE\DRIVERS\ssudmdm.sys [x]
R3 SwitchBoard;Adobe SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [x]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys;c:\windows\SYSNATIVE\drivers\synth3dvsc.sys [x]
R3 terminpt;Microsoft Remote Desktop Input Driver;c:\windows\system32\drivers\terminpt.sys;c:\windows\SYSNATIVE\drivers\terminpt.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys;c:\windows\SYSNATIVE\drivers\tsusbhub.sys [x]
R3 USBMULCD;USB Multi-Channel Audio Device Interface;c:\windows\system32\drivers\CM10664.sys;c:\windows\SYSNATIVE\drivers\CM10664.sys [x]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys;c:\windows\SYSNATIVE\drivers\rdvgkmd.sys [x]
R3 vl810filter;VL810 Filter Driver;c:\windows\system32\DRIVERS\vl810filter.sys;c:\windows\SYSNATIVE\DRIVERS\vl810filter.sys [x]
R3 vToolbarUpdater18.0.0;vToolbarUpdater18.0.0;c:\program files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.0.0\ToolbarUpdater.exe;c:\program files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.0.0\ToolbarUpdater.exe [x]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\DRIVERS\wdcsam64.sys;c:\windows\SYSNATIVE\DRIVERS\wdcsam64.sys [x]
R4 BstHdAndroidSvc;BlueStacks Android Service;c:\program files (x86)\BlueStacks\HD-Service.exe BstHdAndroidSvc Android;c:\program files (x86)\BlueStacks\HD-Service.exe BstHdAndroidSvc Android [x]
R4 BstHdLogRotatorSvc;BlueStacks Log Rotator Service;c:\program files (x86)\BlueStacks\HD-LogRotatorService.exe;c:\program files (x86)\BlueStacks\HD-LogRotatorService.exe [x]
R4 BstHdUpdaterSvc;BlueStacks Updater Service;c:\program files (x86)\BlueStacks\HD-UpdaterService.exe;c:\program files (x86)\BlueStacks\HD-UpdaterService.exe [x]
R4 RealPlayer Cloud Service;RealPlayer Cloud Service;c:\program files (x86)\Real\RealPlayer\RPDS\Bin\rpdsvc.exe;c:\program files (x86)\Real\RealPlayer\RPDS\Bin\rpdsvc.exe [x]
S0 aswNdisFlt;Avast! Firewall Driver;c:\windows\system32\DRIVERS\aswNdisFlt.sys;c:\windows\SYSNATIVE\DRIVERS\aswNdisFlt.sys [x]
S0 aswRvrt;avast! Revert; [x]
S0 aswVmm;avast! VM Monitor; [x]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys;c:\windows\SYSNATIVE\Drivers\PxHlpa64.sys [x]
S1 AsUpIO;AsUpIO;SysWow64\drivers\AsUpIO.sys;SysWow64\drivers\AsUpIO.sys [x]
S1 aswKbd;aswKbd;c:\windows\system32\drivers\aswKbd.sys;c:\windows\SYSNATIVE\drivers\aswKbd.sys [x]
S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys;c:\windows\SYSNATIVE\drivers\aswSnx.sys [x]
S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys;c:\windows\SYSNATIVE\drivers\aswSP.sys [x]
S1 avgtp;avgtp;c:\windows\system32\drivers\avgtpx64.sys;c:\windows\SYSNATIVE\drivers\avgtpx64.sys [x]
S1 GizmoDrv;Gizmo Device Driver; [x]
S2 ADExchange;ArcSoft Exchange Service;c:\program files (x86)\Common Files\ArcSoft\esinter\Bin\eservutil.exe;c:\program files (x86)\Common Files\ArcSoft\esinter\Bin\eservutil.exe [x]
S2 Amazon Download Agent;Amazon Download Agent;c:\program files (x86)\Amazon\Amazon Games & Software Downloader\AmazonGSDownloaderService.exe;c:\program files (x86)\Amazon\Amazon Games & Software Downloader\AmazonGSDownloaderService.exe [x]
S2 asComSvc;ASUS Com Service;c:\program files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe;c:\program files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe [x]
S2 asHmComSvc;ASUS HM Com Service;c:\program files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe;c:\program files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe [x]
S2 AsSysCtrlService;ASUS System Control Service;c:\program files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe;c:\program files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe [x]
S2 aswHwid;avast! HardwareID;c:\windows\system32\drivers\aswHwid.sys;c:\windows\SYSNATIVE\drivers\aswHwid.sys [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]
S2 aswStm;aswStm;c:\windows\system32\drivers\aswStm.sys;c:\windows\SYSNATIVE\drivers\aswStm.sys [x]
S2 avast! Firewall;avast! Firewall;c:\program files\AVAST Software\Avast\afwServ.exe;c:\program files\AVAST Software\Avast\afwServ.exe [x]
S2 BstHdDrv;BlueStacks Hypervisor;c:\program files (x86)\BlueStacks\HD-Hypervisor-amd64.sys;c:\program files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [x]
S2 ClickToRunSvc;Microsoft Office ClickToRun Service;c:\program files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe;c:\program files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [x]
S2 DeviceMonitorService;DeviceMonitorService;c:\program files (x86)\Motorola Media Link\Lite\NServiceEntry.exe;c:\program files (x86)\Motorola Media Link\Lite\NServiceEntry.exe [x]
S2 Dyn Updater;Dyn Updater;c:\program files (x86)\Dyn Updater\DynUpSvc.exe;c:\program files (x86)\Dyn Updater\DynUpSvc.exe [x]
S2 File Backup;File Backup Service;c:\program files (x86)\Workspace\offSyncService.exe;c:\program files (x86)\Workspace\offSyncService.exe [x]
S2 FoxitCloudUpdateService;Foxit Cloud Safe Update Service;c:\program files (x86)\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe;c:\program files (x86)\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe [x]
S2 GfExperienceService;NVIDIA GeForce Experience Service;c:\program files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe;c:\program files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [x]
S2 Gizmo Central;Gizmo Central;c:\program files (x86)\Gizmo\gservice.exe;c:\program files (x86)\Gizmo\gservice.exe [x]
S2 IndieVolumeService;IndieVolume Service;c:\program files (x86)\IndieVolume\IndieVolume.SVC.exe;c:\program files (x86)\IndieVolume\IndieVolume.SVC.exe [x]
S2 Intel(R) PROSet Monitoring Service;Intel(R) PROSet Monitoring Service;c:\windows\system32\IProsetMonitor.exe;c:\windows\SYSNATIVE\IProsetMonitor.exe [x]
S2 KMService;KMService;c:\windows\system32\srvany.exe;c:\windows\SYSNATIVE\srvany.exe [x]
S2 MediaMall Server;MediaMall Server;c:\program files (x86)\MediaMall\MediaMallServer.exe;c:\program files (x86)\MediaMall\MediaMallServer.exe [x]
S2 NVMS-SRV-CMS;NVMS-SRV-CMS;c:\program files (x86)\NVMS5 Standard Edition\bin\cms.exe cms.cfg;c:\program files (x86)\NVMS5 Standard Edition\bin\cms.exe cms.cfg [x]
S2 NVMS-SRV-DB;NVMS-SRV-DB;c:\program files (x86)\NVMS5 Standard Edition\data\bin\mysqld.exe;c:\program files (x86)\NVMS5 Standard Edition\data\bin\mysqld.exe [x]
S2 NVMS-SRV-NRU;NVMS-SRV-NRU;c:\program files (x86)\NVMS5 Standard Edition\bin\nru.exe nru.cfg;c:\program files (x86)\NVMS5 Standard Edition\bin\nru.exe nru.cfg [x]
S2 NVMS-SRV-VTDU;NVMS-SRV-VTDU;c:\program files (x86)\NVMS5 Standard Edition\bin\vtdu.exe vtdu.cfg;c:\program files (x86)\NVMS5 Standard Edition\bin\vtdu.exe vtdu.cfg [x]
S2 NVMS-SRV-WATCH;NVMS-SRV-WATCH;c:\program files (x86)\NVMS5 Standard Edition\bin\watch.exe;c:\program files (x86)\NVMS5 Standard Edition\bin\watch.exe [x]
S2 NvNetworkService;NVIDIA Network Service;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [x]
S2 NvStreamSvc;NVIDIA Streamer Service;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [x]
S2 RealNetworks Downloader Resolver Service;RealNetworks Downloader Resolver Service;c:\program files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe;c:\program files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [x]
S2 RealPlayerUpdateSvc;RealPlayer Update Service;c:\program files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe;c:\program files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe [x]
S2 Skype C2C Service;Skype C2C Service;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe;c:\programdata\Skype\Toolbars\Skype C2C Service\c2c_service.exe [x]
S2 SplashtopRemoteService;Splashtop® Remote Service;c:\program files (x86)\Splashtop\Splashtop Remote\Server\SRService.exe;c:\program files (x86)\Splashtop\Splashtop Remote\Server\SRService.exe [x]
S2 SSUService;Splashtop Software Updater Service;c:\program files (x86)\Splashtop\Splashtop Software Updater\SSUService.exe;c:\program files (x86)\Splashtop\Splashtop Software Updater\SSUService.exe [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S2 TeamViewer9;TeamViewer 9;c:\program files (x86)\TeamViewer\Version9\TeamViewer_Service.exe;c:\program files (x86)\TeamViewer\Version9\TeamViewer_Service.exe [x]
S2 VBoxAswDrv;VBoxAsw Support Driver;c:\program files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys;c:\program files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [x]
S3 ALSysIO;ALSysIO;c:\users\KNIGHT~1\AppData\Local\Temp\ALSysIO64.sys;c:\users\KNIGHT~1\AppData\Local\Temp\ALSysIO64.sys [x]
S3 asmthub3;ASMedia USB3 Hub Service;c:\windows\system32\DRIVERS\asmthub3.sys;c:\windows\SYSNATIVE\DRIVERS\asmthub3.sys [x]
S3 asmtxhci;ASMEDIA XHCI Service;c:\windows\system32\DRIVERS\asmtxhci.sys;c:\windows\SYSNATIVE\DRIVERS\asmtxhci.sys [x]
S3 ASUSFILTER;ASUSFILTER;SysWow64\drivers\ASUSFILTER.sys;SysWow64\drivers\ASUSFILTER.sys [x]
S3 AvastVBoxSvc;AvastVBox COM Service;c:\program files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe;c:\program files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [x]
S3 COMMONFX.SYS;COMMONFX.SYS;c:\windows\System32\drivers\COMMONFX.SYS;c:\windows\SYSNATIVE\drivers\COMMONFX.SYS [x]
S3 CTAUDFX.SYS;CTAUDFX.SYS;c:\windows\System32\drivers\CTAUDFX.SYS;c:\windows\SYSNATIVE\drivers\CTAUDFX.SYS [x]
S3 CTSBLFX.SYS;CTSBLFX.SYS;c:\windows\System32\drivers\CTSBLFX.SYS;c:\windows\SYSNATIVE\drivers\CTSBLFX.SYS [x]
S3 ICCWDT;Intel(R) Watchdog Timer Driver (Intel(R) WDT);c:\windows\system32\DRIVERS\ICCWDT.sys;c:\windows\SYSNATIVE\DRIVERS\ICCWDT.sys [x]
S3 LGBusEnum;Logitech GamePanel Virtual Bus Enumerator Driver;c:\windows\system32\drivers\LGBusEnum.sys;c:\windows\SYSNATIVE\drivers\LGBusEnum.sys [x]
S3 LGPBTDD;LGPBTDD.sys Display Driver;c:\windows\system32\Drivers\LGPBTDD.sys;c:\windows\SYSNATIVE\Drivers\LGPBTDD.sys [x]
S3 LGVirHid;Logitech Gamepanel Virtual HID Device Driver;c:\windows\system32\drivers\LGVirHid.sys;c:\windows\SYSNATIVE\drivers\LGVirHid.sys [x]
S3 NvStreamKms;NvStreamKms;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [x]
S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x]
S3 RTCore64;RTCore64;c:\program files (x86)\MSI Afterburner\RTCore64.sys;c:\program files (x86)\MSI Afterburner\RTCore64.sys [x]
S3 SaiK1708;SaiK1708;c:\windows\system32\DRIVERS\SaiK1708.sys;c:\windows\SYSNATIVE\DRIVERS\SaiK1708.sys [x]
S3 SaiU1708;SaiU1708;c:\windows\system32\DRIVERS\SaiU1708.sys;c:\windows\SYSNATIVE\DRIVERS\SaiU1708.sys [x]
.
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - NAL
*Deregistered* - IndieVolumeDriver
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
iissvcs REG_MULTI_SZ w3svc was
apphost REG_MULTI_SZ apphostsvc
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2010-08-16 18:43 451872 ----a-w- c:\program files (x86)\Common Files\LightScribe\LSRunOnce.exe
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-12-11 13:32 1087816 ----a-w- c:\program files (x86)\Google\Chrome\Application\39.0.2171.95\Installer\chrmstp.exe
.
Contents of the 'Scheduled Tasks' folder
.
2014-12-19 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-04-08 08:43]
.
2014-12-19 c:\windows\Tasks\G2MUpdateTask-S-1-5-21-2305213872-2505911372-3816809497-1000.job
- c:\program files (x86)\Citrix\GoToMeeting\2093\g2mupdate.exe [2014-12-14 19:09]
.
2014-12-20 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-03-14 16:35]
.
2014-12-19 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-03-14 16:35]
.
2014-12-19 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2305213872-2505911372-3816809497-1000Core.job
- c:\users\KnightCat\AppData\Local\Google\Update\GoogleUpdate.exe [2013-03-20 16:35]
.
2014-12-20 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2305213872-2505911372-3816809497-1000UA.job
- c:\users\KnightCat\AppData\Local\Google\Update\GoogleUpdate.exe [2013-03-20 16:35]
.
2014-12-18 c:\windows\Tasks\ReclaimerUpdateFiles_KnightCat.job
- c:\users\KnightCat\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\11.03\agent\rnupgagent.exe [2014-11-16 23:31]
.
2014-12-19 c:\windows\Tasks\ReclaimerUpdateXML_KnightCat.job
- c:\users\KnightCat\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\11.03\agent\rnupgagent.exe [2014-11-16 23:31]
.
2014-12-20 c:\windows\Tasks\RNUpgradeHelperLogonPrompt_KnightCat.job
- c:\users\KnightCat\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\11.03\agent\rnupgagent.exe [2014-11-16 23:31]
.
.
 
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro1 (ErrorConflict)]
@="{8BA85C75-763B-4103-94EB-9470F12FE0F7}"
[HKEY_CLASSES_ROOT\CLSID\{8BA85C75-763B-4103-94EB-9470F12FE0F7}]
2014-10-14 18:27 2334928 ----a-w- c:\program files\Microsoft Office 15\root\office15\grooveex.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro2 (SyncInProgress)]
@="{CD55129A-B1A1-438E-A425-CEBC7DC684EE}"
[HKEY_CLASSES_ROOT\CLSID\{CD55129A-B1A1-438E-A425-CEBC7DC684EE}]
2014-10-14 18:27 2334928 ----a-w- c:\program files\Microsoft Office 15\root\office15\grooveex.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\ SkyDrivePro3 (InSync)]
@="{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}"
[HKEY_CLASSES_ROOT\CLSID\{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}]
2014-10-14 18:27 2334928 ----a-w- c:\program files\Microsoft Office 15\root\office15\grooveex.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt1"]
@="{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 22:04 164760 ----a-w- c:\users\KnightCat\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt2"]
@="{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 22:04 164760 ----a-w- c:\users\KnightCat\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt3"]
@="{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 22:04 164760 ----a-w- c:\users\KnightCat\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt4"]
@="{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 22:04 164760 ----a-w- c:\users\KnightCat\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt5"]
@="{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 22:04 164760 ----a-w- c:\users\KnightCat\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt6"]
@="{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 22:04 164760 ----a-w- c:\users\KnightCat\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt7"]
@="{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 22:04 164760 ----a-w- c:\users\KnightCat\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\"DropboxExt8"]
@="{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}"
[HKEY_CLASSES_ROOT\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}]
2014-06-24 22:04 164760 ----a-w- c:\users\KnightCat\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2014-11-25 18:38 860984 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveBlacklistedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}]
2014-10-21 23:52 777032 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedEditOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}]
2014-10-21 23:52 777032 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedViewOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}]
2014-10-21 23:52 777032 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}]
2014-10-21 23:52 777032 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncingOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}]
2014-10-21 23:52 777032 ----a-w- c:\program files (x86)\Google\Drive\googledrivesync64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\off0]
@="{8E33AEC3-C5F2-43C4-B048-9E3EB19B1DD5}"
[HKEY_CLASSES_ROOT\CLSID\{8E33AEC3-C5F2-43C4-B048-9E3EB19B1DD5}]
2013-09-30 23:20 1308432 ----a-w- c:\program files (x86)\Workspace\offsyncext64.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\off1]
@="{8E33AEC4-C5F2-43C4-B048-9E3EB19B1DD5}"
[HKEY_CLASSES_ROOT\CLSID\{8E33AEC4-C5F2-43C4-B048-9E3EB19B1DD5}]
2013-09-30 23:20 1308432 ----a-w- c:\program files (x86)\Workspace\offsyncext64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Launch LCore"="c:\program files\Logitech Gaming Software\LCore.exe" [2014-10-14 12697368]
"Windows Mobile Device Center"="c:\windows\WindowsMobile\wmdc.exe" [2007-05-31 660360]
"Cm106Sound"="c:\windows\Syswow64\cm106.dll" [2010-10-13 8757248]
"NvBackend"="c:\program files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" [2014-11-06 2464072]
"ShadowPlay"="c:\windows\system32\nvspcap64.dll" [2014-11-06 2800296]
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = <local>;*.local
Trusted Zone: clonewarsadventures.com
Trusted Zone: freerealms.com
Trusted Zone: netflix.com
Trusted Zone: sharepoint.com\digitalairstrike
Trusted Zone: sharepoint.com\digitalairstrike-my
Trusted Zone: soe.com
Trusted Zone: sony.com
TCP: DhcpNameServer = 192.168.1.1
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - c:\program files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\18.0.0\ViProtocol.dll
DPF: {688C8675-1834-48FA-9DEF-4755CEFB9EDE} - hxxp://192.168.1.101/EDVR.CAB
DPF: {A4150320-98EC-4DB6-9BFB-EBF4B6FBEB16} - hxxp://192.168.1.99:5050/codebase/DVM_IPCam2.cab
FF - ProfilePath - c:\users\KnightCat\AppData\Roaming\Mozilla\Firefox\Profiles\ewzku24u.Seth\
FF - prefs.js: browser.search.selectedEngine - AVG Secure Search
FF - prefs.js: browser.startup.homepage - hxxp://mysearch.avg.com?cid={9BD985C1-17C8-42F9-A24E-AF49663426DB}&mid=27cb2d8fe60c44d99f3c4bf7da99ecdb-b846aedc0b47d38eeafd9f7ca50187f504336a34&lang=en&ds=ag011&coid=avgtbdisag&cmpid=&pr=sa&d=&v=&pid=safeguard&sg=&sap=hp
FF - prefs.js: keyword.URL -
FF - ExtSQL: !HIDDEN! 2013-03-18 20:03; smartwebprinting@hp.com; c:\program files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
.
- - - - ORPHANS REMOVED - - - -
.
Toolbar-Locked - (no file)
AddRemove-ESN Sonar-0.70.4 - c:\program files (x86)\Battlelog Web Plugins\Sonar\esnsonar_uninstall.exe
AddRemove-PunkBusterSvc - c:\windows\system32\pbsvc.exe
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\Approved Extensions]
@Denied: (2) (LocalSystem)
"{517BDDE4-E3A7-4570-B21E-2B52B6139FC7}"=hex:51,66,7a,6c,4c,1d,38,12,8a,de,68,
55,95,ad,1e,00,cd,08,68,12,b3,4d,db,d3
"{0347C33E-8762-4905-BF09-768834316C61}"=hex:51,66,7a,6c,4c,1d,38,12,50,c0,54,
07,50,c9,6b,0c,c0,1f,35,c8,31,6f,28,75
"{074C1DC5-9320-4A9A-947D-C042949C6216}"=hex:51,66,7a,6c,4c,1d,38,12,ab,1e,5f,
03,12,dd,f4,0f,eb,6b,83,02,91,c2,26,02
"{090F4A60-3146-41B5-8584-297FBF7D5B59}"=hex:51,66,7a,6c,4c,1d,38,12,0e,49,1c,
0d,74,7f,db,04,fa,92,6a,3f,ba,23,1f,4d
"{6C8DB2EC-499B-4897-A784-0E3186C97E9D}"=hex:51,66,7a,6c,4c,1d,38,12,82,b1,9e,
68,a9,07,f9,0d,d8,92,4d,71,83,97,3a,89
"{72853161-30C5-4D22-B7F9-0BBC1D38A37E}"=hex:51,66,7a,6c,4c,1d,38,12,0f,32,96,
76,f7,7e,4c,08,c8,ef,48,fc,18,66,e7,6a
"{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}"=hex:51,66,7a,6c,4c,1d,38,12,d5,94,07,
72,c2,98,42,03,c9,fd,97,9a,f4,87,69,57
"{9030D464-4C02-4ABF-8ECC-5164760863C6}"=hex:51,66,7a,6c,4c,1d,38,12,0a,d7,23,
94,30,02,d1,0f,f1,da,12,24,73,56,27,d2
"{B4F3A835-0E21-4959-BA22-42B3008E02FF}"=hex:51,66,7a,6c,4c,1d,38,12,5b,ab,e0,
b0,13,40,37,0c,c5,34,01,f3,05,d0,46,eb
"{DBC80044-A445-435B-BC74-9C25C1C588A9}"=hex:51,66,7a,6c,4c,1d,38,12,2a,03,db,
df,77,ea,35,06,c3,62,df,65,c4,9b,cc,bd
"{FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856}"=hex:51,66,7a,6c,4c,1d,38,12,91,fc,ec,
fb,7c,81,45,0a,c2,d4,4d,32,e4,48,ec,42
.
[HKEY_USERS\S-1-5-21-2305213872-2505911372-3816809497-1000\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{FD302A77-B25E-445C-66C7-306CACA3680D}*]
"laifjhgpedfppaldlpabgefd"=hex:67,62,63,6b,6d,65,6d,65,6a,6d,63,6a,6e,6a,67,6f,
69,65,65,67,65,64,61,6b,61,64,6d,65,68,69,6b,6f,70,63,6d,6c,68,66,69,68,6d,\
"lakficbpedfcjpdkgfpcdkam"=hex:67,62,63,6b,6d,65,6d,65,6a,6d,63,6a,6e,6a,67,6f,
69,65,65,67,65,64,61,6b,61,64,6d,65,68,69,6b,6f,70,63,6d,6c,68,66,69,68,6d,\
.
[HKEY_USERS\S-1-5-21-2305213872-2505911372-3816809497-1000\Software\SecuROM\License information*]
"datasecu"=hex:68,a3,ad,90,e6,ea,ae,b9,43,ba,0f,59,16,18,d8,6b,28,92,b6,b3,e2,
c4,3c,2d,14,75,4d,9e,cc,4e,b0,67,3a,7a,15,15,29,70,34,6f,ee,22,fb,1a,b0,8f,\
"rkeysecu"=hex:62,bd,bb,85,07,50,b8,ac,78,8b,a1,60,51,63,29,d8
.
[HKEY_LOCAL_MACHINE\software\BlueStacks]
"SymbolicLinkValue"=hex(6):5c,00,52,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_15_0_0_246_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_15_0_0_246_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{BEB3C0C7-B648-4257-96D9-B5D024816E27}\Version*Version]
"Version"=hex:e0,62,c4,d4,8f,7f,89,66,96,01,d6,3f,e5,1d,fe,d4,1e,32,94,0e,4c,
c5,34,24,70,f3,0e,98,4d,6f,43,10,52,fb,99,48,a0,63,12,1f,95,35,f6,8a,30,fc,\
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_15_0_0_246_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_15_0_0_246_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_15_0_0_246.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.15"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_15_0_0_246.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_15_0_0_246.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_15_0_0_246.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@="IFlashBroker6"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Minnetonka Audio Software\SurCode Dolby Digital Premiere\Version*Version]
"Version"=hex:e0,62,c4,d4,8f,7f,89,66,96,01,d6,3f,e5,1d,fe,d4,1e,32,94,0e,4c,
c5,34,24,70,f3,0e,98,4d,6f,43,10,52,fb,99,48,a0,63,12,1f,95,35,f6,8a,30,fc,\
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Office\Common\Smart Tag\Actions\{B7EFF951-E52F-45CC-9EF7-57124F2177CC}]
@Denied: (A) (Everyone)
"Solution"="{15727DE6-F92D-4E46-ACB4-0E2C58B31A18}"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3]
@Denied: (A) (Everyone)
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Schema Library\ActionsPane3\0]
"Key"="ActionsPane3"
"Location"="c:\\Program Files (x86)\\Common Files\\Microsoft Shared\\VSTO\\ActionsPane3.xsd"
.
[HKEY_LOCAL_MACHINE\software\Wow6432Node\Microsoft\Windows CE Services]
"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,
00,5c,00,4d,00,41,00,43,00,48,00,49,00,4e,00,45,00,5c,00,53,00,4f,00,46,00,\
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
------------------------ Other Running Processes ------------------------
.
c:\program files\AVAST Software\Avast\AvastSvc.exe
c:\program files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\program files (x86)\MSI Afterburner\MSIAfterburner.exe
c:\program files (x86)\ASUS\AI Suite II\AsRoutineController.exe
c:\program files (x86)\ASUS\AI Suite II\USB 3.0 Boost\U3BoostSvr.exe
c:\program files (x86)\ASUS\AI Suite II\DIGI+ Power Control\PowerControlHelp.exe
c:\program files (x86)\RivaTuner Statistics Server\RTSS.exe
c:\windows\SysWOW64\rundll32.exe
c:\windows\SysWOW64\srvany.exe
c:\program files (x86)\Common Files\LightScribe\LSSrvc.exe
c:\windows\KMService.exe
c:\program files (x86)\NVMS5 Standard Edition\bin\cms.exe
f:\games\Steam2\bin\steamwebhelper.exe
c:\program files (x86)\Citrix\GoToAssist Remote Support Expert\758\g2ax_comm_expert.exe
c:\windows\SysWOW64\PnkBstrA.exe
c:\program files (x86)\Citrix\GoToAssist Remote Support Expert\758\g2ax_user_expert.exe
c:\program files (x86)\Splashtop\Splashtop Remote\Server\SRServer.exe
c:\users\KnightCat\AppData\Roaming\Dropbox\bin\Dropbox.exe
c:\progra~2\Raptr\raptr.exe
c:\program files (x86)\Splashtop\Splashtop Remote\Server\SRFeature.exe
c:\progra~2\Raptr\raptr_im.exe
c:\program files (x86)\NVMS5 Standard Edition\bin\vtdu.exe
c:\program files (x86)\NVMS5 Standard Edition\bin\nru.exe
c:\program files (x86)\Common Files\Java\Java Update\jucheck.exe
.
**************************************************************************
.
Completion time: 2014-12-19 18:27:13 - machine was rebooted
ComboFix-quarantined-files.txt 2014-12-20 00:27
ComboFix2.txt 2014-12-19 06:19
.
Pre-Run: 98,378,080,256 bytes free
Post-Run: 98,206,285,824 bytes free
.
- - End Of File - - 6A864F36957DED2675A4BA8D65989BD6
A36C5E4F47E84449FF07ED3517B43A31
 
From my instructions:
**Note 3: If you receive an error Illegal operation attempted on a registery key that has been marked for deletion, restart computer to fix the issue.

redtarget.gif
Please download AdwCleaner by Xplode onto your desktop.
  • Close all open programs and internet browsers.
  • Double click on adwcleaner.exe to run the tool.
  • Click on Scan button.
  • When the scan has finished click on Clean button.
  • Your computer will be rebooted automatically. A text file will open after the restart.
  • Please post the contents of that logfile with your next reply.
  • You can find the logfile at C:\AdwCleaner[S1].txt as well.

redtarget.gif
Please download Junkware Removal Tool to your desktop.
  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.

redtarget.gif
Please download Farbar Recovery Scan Tool and save it to your Desktop.

Note: You need to run the version compatibale with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.
  • Double-click to run it. When the tool opens click Yes to disclaimer.
  • Press Scan button.
  • It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
  • The first time the tool is run, it makes also another log (Addition.txt). Please copy and paste it to your reply.
 
# AdwCleaner v4.105 - Report created 21/12/2014 at 09:33:17
# Updated 08/12/2014 by Xplode
# Database : 2014-12-21.4 [Live]
# Operating System : Windows 7 Ultimate Service Pack 1 (64 bits)
# Username : KnightCat - KNIGHTCAT-PC
# Running from : C:\Users\KnightCat\Downloads\adwcleaner_4.105.exe
# Option : Clean

***** [ Services ] *****

[#] Service Deleted : vToolbarUpdater18.0.0
Service Deleted : Skype C2C Service

***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\AVG Secure Search
Folder Deleted : C:\Program Files (x86)\AVG SafeGuard toolbar
Folder Deleted : C:\Program Files (x86)\Common Files\AVG Secure Search
Folder Deleted : C:\Users\KnightCat\AppData\Local\AVG SafeGuard toolbar
Folder Deleted : C:\Users\KnightCat\AppData\Local\AVG Secure Search
Folder Deleted : C:\Users\KnightCat\AppData\Local\CrashRpt
Folder Deleted : C:\Users\KnightCat\AppData\LocalLow\HPAppData
Folder Deleted : C:\Users\KnightCat\AppData\Local\Google\Chrome\User Data\Default\Extensions\iabeihobmhlgpkcgjiloemdbofjbdcic
File Deleted : C:\END
File Deleted : C:\Users\KnightCat\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Torch.lnk

***** [ Scheduled Tasks ] *****

Task Deleted : AmiUpdXp

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl
Key Deleted : HKLM\SOFTWARE\Classes\AppID\secman.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL
Key Deleted : HKLM\SOFTWARE\Classes\Applications\Torch.exe
Key Deleted : HKLM\SOFTWARE\Classes\protocols\handler\viprotocol
Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi
Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1
Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE
Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4D076AB4-7562-427A-B5D2-BD96E19DEE56}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{826D7151-8D99-434B-8540-082B8C2AE556}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8EEE}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{66EEF543-A9AC-4A9D-AA3C-1ED148AC8FFE}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKCU\Software\AVG SafeGuard toolbar
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\Myfree Codec
Key Deleted : HKCU\Software\usyndication.com
Key Deleted : HKLM\SOFTWARE\AVG SafeGuard toolbar
Key Deleted : HKLM\SOFTWARE\AVG Security Toolbar
Key Deleted : HKLM\SOFTWARE\Myfree Codec

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.17420


-\\ Mozilla Firefox v32.0.2 (x86 en-US)

[ewzku24u.Seth\prefs.js] - Line Deleted : user_pref("browser.search.defaultenginename", "AVG Secure Search");
[ewzku24u.Seth\prefs.js] - Line Deleted : user_pref("browser.search.selectedEngine", "AVG Secure Search");

-\\ Google Chrome v39.0.2171.95

[C:\Users\KnightCat\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://www.midwayusa.com/find?userSearchQuery={searchTerms}
[C:\Users\KnightCat\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://www.ask.com/web?q={searchTerms}
[C:\Users\KnightCat\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://www.fathead.com/search-results/?term={searchTerms}
[C:\Users\KnightCat\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://www.stubhub.com/search/doSearch?searchStr={searchTerms}&pageNumber=1&resultsPerPage=50&searchMode=event&start=0&rows=50&geo_exp=1
[C:\Users\KnightCat\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://movies.netflix.com/WiSearch?raw_query=space+trucker&ac_category_type=none&ac_rel_posn=-1&ac_abs_posn=-1&v1={searchTerms}&search_submit=
[C:\Users\KnightCat\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://wordpress.org/search/do-search.php?search={searchTerms}
[C:\Users\KnightCat\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://search.aol.com/aol/search?q={searchTerms}
[C:\Users\KnightCat\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://en.softonic.com/s/{searchTerms}
[C:\Users\KnightCat\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://en.softonic.com/s/{searchTerms}
[C:\Users\KnightCat\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://www.netflix.com/WiSearch?raw_query=&ac_category_type=none&ac_rel_posn=-1&ac_abs_posn=-1&v1={searchTerms}&search_submit=
[C:\Users\KnightCat\AppData\Local\Google\Chrome\User Data\Default\preferences] - Deleted [Extension] : lifbcibllhkdhoafpjfnlhfpfgnpldfl
[C:\Users\KnightCat\AppData\Local\Google\Chrome\User Data\Default\preferences] - Deleted [Extension] : iabeihobmhlgpkcgjiloemdbofjbdcic

-\\ Chromium v

[C:\Users\KnightCat\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://www.midwayusa.com/find?userSearchQuery={searchTerms}
[C:\Users\KnightCat\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://www.ask.com/web?q={searchTerms}
[C:\Users\KnightCat\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://www.fathead.com/search-results/?term={searchTerms}
[C:\Users\KnightCat\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://www.stubhub.com/search/doSearch?searchStr={searchTerms}&pageNumber=1&resultsPerPage=50&searchMode=event&start=0&rows=50&geo_exp=1
[C:\Users\KnightCat\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://movies.netflix.com/WiSearch?raw_query=space+trucker&ac_category_type=none&ac_rel_posn=-1&ac_abs_posn=-1&v1={searchTerms}&search_submit=
[C:\Users\KnightCat\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://wordpress.org/search/do-search.php?search={searchTerms}
[C:\Users\KnightCat\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://search.aol.com/aol/search?q={searchTerms}
[C:\Users\KnightCat\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://en.softonic.com/s/{searchTerms}
[C:\Users\KnightCat\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://en.softonic.com/s/{searchTerms}
[C:\Users\KnightCat\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://www.netflix.com/WiSearch?raw_query=&ac_category_type=none&ac_rel_posn=-1&ac_abs_posn=-1&v1={searchTerms}&search_submit=

*************************

AdwCleaner[R8].txt - [7519 octets] - [21/12/2014 09:30:38]
AdwCleaner[S6].txt - [9210 octets] - [21/12/2014 09:33:17]

########## EOF - C:\AdwCleaner\AdwCleaner[S6].txt - [9270 octets] ##########
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.4.0 (11.29.2014:1)
OS: Windows 7 Ultimate x64
Ran by KnightCat on Sun 12/21/2014 at 10:04:34.34
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values

Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-19\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-20\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-21-2305213872-2505911372-3816809497-1000\Software\Microsoft\Internet Explorer\Main\\Start Page



~~~ Registry Keys

Successfully deleted: [Registry Key - Orphan] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{074C1DC5-9320-4A9A-947D-C042949C6216}
Successfully deleted: [Registry Key - Orphan] HKEY_CLASSES_ROOT\CLSID\{074C1DC5-9320-4A9A-947D-C042949C6216}
Successfully deleted: [Registry Key - Orphan] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{074C1DC5-9320-4A9A-947D-C042949C6216}
Successfully deleted: [Registry Key - Orphan] HKEY_CLASSES_ROOT\CLSID\{074C1DC5-9320-4A9A-947D-C042949C6216}



~~~ Files

Successfully deleted: [File] "C:\Windows\wininit.ini"



~~~ Folders

Successfully deleted: [Folder] "C:\Program Files (x86)\myfree codec"
Successfully deleted: [Folder] "C:\Windows\syswow64\ai_recyclebin"



~~~ FireFox

Successfully deleted: [File] C:\user.js
Successfully deleted the following from C:\Users\KnightCat\AppData\Roaming\mozilla\firefox\profiles\ewzku24u.Seth\prefs.js

user_pref("browser.startup.homepage", "hxxp://mysearch.avg.com?cid={9BD985C1-17C8-42F9-A24E-AF49663426DB}&mid=27cb2d8fe60c44d99f3c4bf7da99ecdb-b846aedc0b47d38eeafd9f7ca50187f5
Emptied folder: C:\Users\KnightCat\AppData\Roaming\mozilla\firefox\profiles\ewzku24u.Seth\minidumps [9 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Sun 12/21/2014 at 10:38:42.76
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 21-12-2014 01
Ran by KnightCat at 2014-12-21 11:31:00
Running from C:\Users\KnightCat\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: avast! Antivirus (Disabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Disabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
FW: avast! Antivirus (Disabled) {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

1954 Alcatraz (HKLM-x32\...\Steam App 255280) (Version: - Daedalic Entertainment)
4 Elements (HKLM-x32\...\Steam App 47000) (Version: - Playrix Entertainment)
4500_Help (x32 Version: 1.00.0000 - Hewlett-Packard) Hidden
64 Bit HP CIO Components Installer (Version: 7.2.8 - Hewlett-Packard) Hidden
7 Days to Die (HKLM-x32\...\Steam App 251570) (Version: - The Fun Pimps)
7th Legion (HKLM-x32\...\Steam App 327910) (Version: - Epic MegaGames)
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
8BitBoy (HKLM-x32\...\Steam App 296910) (Version: - AwesomeBlade)
911 - First Reponsders (HKLM-x32\...\911 - First Responders) (Version: 1.0.0.0 - Atari)
A Game of Thrones - Genesis (HKLM-x32\...\Steam App 58550) (Version: - Cyanide Studios)
A Game of Thrones version 0.4.3 (HKLM-x32\...\{7C82709E-75FE-4C3A-976A-8C97908DDD7B}_is1) (Version: 0.4.3 - AGOT TEAM)
A Story About My Uncle (HKLM-x32\...\Steam App 278360) (Version: - Gone North Games)
Aarklash: Legacy (HKLM-x32\...\Steam App 222640) (Version: - Cyanide Studio)
Adobe After Effects CS5 Third Party Content (HKLM-x32\...\{C0AA232E-BD1B-40B5-A176-A2BEB67FFAE1}) (Version: 10 - Adobe Systems Incorporated)
Adobe After Effects CS5 Third Party Royalty Content (HKLM-x32\...\{CD29B5CA-4727-4114-9AD9-25CCCE6E4014}) (Version: 10 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 14.0.0.178 - Adobe Systems Incorporated)
Adobe Connect 9 Add-in (HKU\S-1-5-21-2305213872-2505911372-3816809497-1000\...\Adobe Connect 9 Add-in) (Version: 11,2,369,0 - Adobe Systems Incorporated)
Adobe Creative Suite 5 Master Collection (HKLM-x32\...\{FBB02B04-C034-4382-A3F6-57416E2752C4}) (Version: 5.0 - Adobe Systems Incorporated)
Adobe Flash Player 15 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 15.0.0.246 - Adobe Systems Incorporated)
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.246 - Adobe Systems Incorporated)
Adobe Media Encoder CS5 Dolby X64 (HKLM-x32\...\{5DDABB74-A879-4BE7-A4C6-FD41793942DB}) (Version: 5.0 - Adobe Systems Incorporated)
Adobe Media Encoder CS5 PCI X64 (HKLM-x32\...\{F9C71630-0EE3-475C-9E2B-ED95AE197DBD}) (Version: 5.0 - Adobe Systems Incorporated)
Adobe Premiere Pro CS5 Third Party Royalty Content (HKLM-x32\...\{565DE707-5798-4FC3-8DF6-0F58A348A9B0}) (Version: 5.0.0 - Adobe Systems Incorporated)
Adobe Soundbooth CS5 Codecs (HKLM-x32\...\{DE5DE662-2ECB-4D93-967B-221FBCC8A736}) (Version: 3.0 - Adobe Systems Incorporated)
Adobe Soundbooth CS5 Royalty Codecs (HKLM-x32\...\{F319804F-E3A4-4C02-8AEC-CB39A4F6447E}) (Version: 3.0 - Adobe Systems Incorporated)
Aerena (HKLM-x32\...\Steam App 247830) (Version: - Cliffhanger Productions)
Age of Empires II: HD Edition (HKLM-x32\...\Steam App 221380) (Version: - Hidden Path Entertainment, Ensemble Studios)
Age of Empires® III: Complete Collection (HKLM-x32\...\Steam App 105450) (Version: - Ensemble Studios)
AI Suite II (HKLM-x32\...\{34D3688E-A737-44C5-9E2A-FF73618728E1}) (Version: 2.01.01 - ASUSTeK Computer Inc.)
AI War: Fleet Command (HKLM-x32\...\Steam App 40400) (Version: - Arcen Games, LLC)
AIDA64 Extreme Edition v3.20 (HKLM-x32\...\AIDA64 Extreme Edition_is1) (Version: 3.20 - FinalWire Ltd.)
Airport Simulator 2014 (HKLM-x32\...\Steam App 267600) (Version: - United Independent Entertainment GmbH)
Aliens: Colonial Marines (HKLM-x32\...\Steam App 49540) (Version: - Gearbox Software)
AlternativA (HKLM-x32\...\Steam App 33990) (Version: - Centauri Production)
Amazon Games & Software Downloader (HKLM-x32\...\Amazon Games & Software Downloader_is1) (Version: 2.0.2.0 - Amazon)
Amazon Kindle (HKLM-x32\...\Amazon Kindle) (Version: - Amazon)
Amnesia: A Machine for Pigs (HKLM-x32\...\Steam App 239200) (Version: - The Chinese Room)
Anna - Extended Edition (HKLM-x32\...\Steam App 217690) (Version: - Dreampainters)
APB Reloaded (HKLM-x32\...\Steam App 113400) (Version: - )
Apple Application Support (HKLM-x32\...\{83CAF0DE-8D3B-4C37-A631-2B8F16EC3031}) (Version: 3.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{BDD99690-3541-4619-9D2A-3CDDB3E15F9E}) (Version: 8.0.5.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ArcaniA – Gothic 4 (HKLM-x32\...\Steam App 39690) (Version: - Spellbound Studios)
ArcheAge (HKLM-x32\...\Glyph ArcheAge) (Version: - Trion Worlds, Inc.)
Archeage Beta (HKLM-x32\...\Glyph Archeage Beta) (Version: - Trion Worlds, Inc.)
ArcSoft MediaConverter 8 (HKLM-x32\...\{2CAD3C16-ACD0-43E5-81DA-7E56C3E5336C}) (Version: 8.0.0.21 - ArcSoft)
Aria Karaoke Pro (HKLM-x32\...\{7BF81171-FA6D-47E0-9135-8378A48A8382}_is1) (Version: 1.0.4437.26033 - APW Electronic Services)
Arma 3 Alpha (HKLM-x32\...\Steam App 107410) (Version: - Bohemia Interactive)
Armada 2526 Gold Edition (HKLM-x32\...\Steam App 229970) (Version: - Ntronium Games)
Artemis Artemis (HKLM-x32\...\Artemis) (Version: 1.702.0 - Thom Robertson)
Artisteer 4 (HKLM-x32\...\Artisteer 4) (Version: 4.1 - Extensoft)
Asmedia ASM104x USB 3.0 Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.16.1.0 - Asmedia Technology)
Assassin’s Creed® III (HKLM-x32\...\Steam App 208480) (Version: - Ubisoft Montreal)
Assassin's Creed Liberation (HKLM-x32\...\Steam App 260210) (Version: - Ubisoft Sofia)
Assassin's Creed Unity (HKLM-x32\...\Uplay Install 720) (Version: - Ubisoft)
Audacity 2.0.3 (HKLM-x32\...\Audacity_is1) (Version: 2.0.3 - Audacity Team)
AudibleManager (HKLM-x32\...\AudibleManager) (Version: 2010528974.48.56.70986138 - Audible, Inc.)
AutoHotkey 1.1.13.01 (HKLM\...\AutoHotkey) (Version: 1.1.13.01 - Lexikos)
Avast Premier (HKLM-x32\...\avast) (Version: 10.0.2208 - AVAST Software)
Back to the Future: Ep 1 - It's About Time (HKLM-x32\...\Steam App 31290) (Version: - Telltale Games)
Back to the Future: Ep 2 - Get Tannen! (HKLM-x32\...\Steam App 94500) (Version: - Telltale Games)
Back to the Future: Ep 3 - Citizen Brown (HKLM-x32\...\Steam App 94510) (Version: - Telltale Games)
Back to the Future: Ep 4 - Double Visions (HKLM-x32\...\Steam App 94520) (Version: - Telltale Games)
Back to the Future: Ep 5 - OUTATIME (HKLM-x32\...\Steam App 94530) (Version: - Telltale Games)
Balsamiq Mockups For Desktop (HKLM-x32\...\BalsamiqMockupsForDesktop.EDE15CF69E11F7F7D45B5430C7D37CC6C3545E3C.1) (Version: 2.2.22 - Balsamiq SRL)
Balsamiq Mockups For Desktop (x32 Version: 2.2.22 - Balsamiq SRL) Hidden
Banished (HKLM-x32\...\Steam App 242920) (Version: - Shining Rock Software LLC)
Bastion (HKLM-x32\...\Steam App 107100) (Version: - Supergiant Games)
Batman: Arkham City™ (HKLM-x32\...\Steam App 57400) (Version: - Rocksteady)
Batman™: Arkham Origins Blackgate - Deluxe Edition (HKLM-x32\...\Steam App 267490) (Version: - Armature Studio)
Battle Group 2 (HKLM-x32\...\Steam App 277490) (Version: - Bane Games)
Battle Mages: Sign of Darkness (HKLM-x32\...\Steam App 311060) (Version: - Targem Games)
BattleBlock Theater (HKLM-x32\...\Steam App 238460) (Version: - The Behemoth)
Battlefield 3™ (HKLM-x32\...\{76285C16-411A-488A-BCE3-C83CB933D8CF}) (Version: 1.6.0.0 - Electronic Arts)
Battlefield 4™ (HKLM-x32\...\{ABADE36E-EC37-413B-8179-B432AD3FACE7}) (Version: 1.2.0.0 - Electronic Arts)
Battlefield 4™ Beta (HKLM-x32\...\{CFAB3721-549D-4827-A4E8-7F90192114AB}) (Version: 1.0.0.0 - Electronic Arts)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.3.2 - EA Digital Illusions CE AB)
Ben There, Dan That! (HKLM-x32\...\Steam App 37420) (Version: - Zombie Cow Studios)
Beyond Divinity (HKLM-x32\...\Steam App 219760) (Version: - Larian Studios)
BioShock (HKLM-x32\...\Steam App 7670) (Version: - 2K Boston)
BioShock 2 (HKLM-x32\...\Steam App 8850) (Version: - 2K Games)
BitRaider Web Client (HKLM-x32\...\BitRaider Web Client) (Version: 1.1.3.1 - BitRaider, LLC)
Blackguards (HKLM-x32\...\Steam App 249650) (Version: - Daedalic Entertainment)
Blockland (HKLM-x32\...\Steam App 250340) (Version: - Eric Hartman)
BloodNet (HKLM-x32\...\Steam App 327920) (Version: - MicroProse Software, Inc)
BlueStacks Notification Center (HKLM-x32\...\{4C02AFA8-074D-44FE-B0E1-A73D4AA65390}) (Version: 0.8.9.3088 - BlueStack Systems, Inc.)
Blur (HKLM-x32\...\Steam App 42640) (Version: - Bizarre Creations)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Bot Colony (HKLM-x32\...\Steam App 263040) (Version: - North Side)
Bound By Flame (HKLM-x32\...\Steam App 243930) (Version: - Spiders)
bpd_scan (x32 Version: 3.00.0000 - Hewlett-Packard) Hidden
BPDSoftware (x32 Version: 50.0.165.000 - Hewlett-Packard) Hidden
BPDSoftware_Ini (x32 Version: 1.00.0000 - Hewlett-Packard) Hidden
Braid (HKLM-x32\...\Steam App 26800) (Version: - Number None)
Breach & Clear (HKLM-x32\...\Steam App 266130) (Version: - Mighty Rabbit Studios)
Breach (HKLM-x32\...\Steam App 72300) (Version: - Atomic Games)
Bridge Constructor (HKLM-x32\...\Steam App 250460) (Version: - )
Bridge It (plus) (HKLM-x32\...\Steam App 248370) (Version: - Chronic Logic)
Bridge Project (HKLM-x32\...\Steam App 232950) (Version: - Halycon Media GmbH &amp; Co. KG)
BRINK (HKLM-x32\...\Steam App 22350) (Version: - Splash Damage)
Brothers - A Tale of Two Sons (HKLM-x32\...\Steam App 225080) (Version: - Starbreeze Studios AB)
Brütal Legend (HKLM-x32\...\Steam App 225260) (Version: - Double Fine Productions)
BufferChm (x32 Version: 130.0.331.000 - Hewlett-Packard) Hidden
Bulk Rename Utility 2.7.1.2 (HKLM\...\Bulk Rename Utility_is1) (Version: - TGRMN Software)
Bus Driver (HKLM-x32\...\Steam App 302080) (Version: - SCS Software)
calibre (HKLM-x32\...\{DD649DA2-BBD9-4247-85DD-E04F7C1E8552}) (Version: 1.48.0 - Kovid Goyal)
Call of Duty: Advanced Warfare - Multiplayer (HKLM-x32\...\Steam App 209660) (Version: - Sledgehammer Games)
Call of Duty: Advanced Warfare (HKLM-x32\...\Steam App 209650) (Version: - Sledgehammer Games)
Call of Juarez (HKLM-x32\...\Steam App 3020) (Version: - Techland)
Call of Juarez Gunslinger (HKLM-x32\...\Steam App 204450) (Version: - Techland)
Call of Juarez: Bound in Blood (HKLM-x32\...\Steam App 21980) (Version: - Techland)
Call of Juarez: The Cartel (HKLM-x32\...\Steam App 33420) (Version: - Techland)
Car Mechanic Simulator 2014 (HKLM-x32\...\Steam App 270850) (Version: - PlayWay S.A.)
Carmageddon: Reincarnation (HKLM-x32\...\Steam App 249380) (Version: - Stainless Games Ltd)
Cars 2 (HKLM-x32\...\Steam App 301760) (Version: - Avalanche Software)
Cars Toon (HKLM-x32\...\Steam App 316320) (Version: - Avalanche Software)
Castle Crashers (HKLM-x32\...\Steam App 204360) (Version: - The Behemoth)
CDisplay 1.8 (HKLM-x32\...\CDisplay_is1) (Version: - dvd8n)
CDisplayEx 1.9.11 (HKLM\...\CDisplayEx_is1) (Version: - cdisplayex.com)
Cisco WebEx Meetings (HKLM-x32\...\ActiveTouchMeetingClient) (Version: - Cisco WebEx LLC)
Citadels (HKLM-x32\...\Steam App 238870) (Version: - Games Distillery s.r.o.)
Cities in Motion (HKLM-x32\...\Steam App 73010) (Version: - Colossal Order Ltd.)
Cities in Motion 2 (HKLM-x32\...\Steam App 225420) (Version: - Colossal Order Ltd.)
Citrix Online Launcher (HKLM-x32\...\{A08A6B7D-1F21-4843-85A3-77B8D15FAE0E}) (Version: 1.0.244 - Citrix)
Clockwork Tales: Of Glass and Ink (HKLM-x32\...\Steam App 284830) (Version: - Artifex Mundi sp. z o.o.)
Combat (HKLM-x32\...\Steam App 310110) (Version: - )
CombatLoader (HKU\S-1-5-21-2305213872-2505911372-3816809497-1000\...\ade550b722df5895) (Version: 1.0.0.5 - CombatLoader)
Commandos 2: Men of Courage (HKLM-x32\...\Steam App 6830) (Version: - Pyro Studios)
Commandos 3: Destination Berlin (HKLM-x32\...\Steam App 6840) (Version: - Pyro Studios)
Commandos: Behind Enemy Lines (HKLM-x32\...\Steam App 6800) (Version: - Pyro Studios)
Commandos: Beyond the Call of Duty (HKLM-x32\...\Steam App 6810) (Version: - Pyro Studios)
CONSORTIUM (HKLM-x32\...\Steam App 264240) (Version: - Interdimensional Games Inc)
Contagion (HKLM-x32\...\Steam App 238430) (Version: - Monochrome LLC)
ControlCenter (HKLM-x32\...\{E5EDA1E6-5FDD-4B29-8399-6022B81C3A7C}) (Version: - )
Core Temp version 0.99.7 (HKLM\...\{086D343F-8E78-4AFC-81AC-D6D414AFD8AC}_is1) (Version: 0.99.7 - Arthur Liberman)
CPUID CPU-Z 1.66.1 (HKLM\...\CPUID CPU-Z_is1) (Version: - )
Crazy Machines (HKLM-x32\...\Steam App 18420) (Version: - Fakt Software)
Creative System Information (HKLM-x32\...\SysInfo) (Version: 1.10 - Creative Technology Limited)
Creeper World 3: Arc Eternal (HKLM-x32\...\Steam App 280220) (Version: - Knuckle Cracker)
Crusader Kings II (HKLM-x32\...\Steam App 203770) (Version: - Paradox)
Crysis (HKLM-x32\...\{E70E73B2-DABD-40E4-AE50-81B22567F418}) (Version: 1.1.1.6115 - Electronic Arts)
CT Special Forces: Fire for Effect (HKLM-x32\...\Steam App 283410) (Version: - Asobo Studio)
CutePDF Writer 3.0 (HKLM\...\CutePDF Writer Installation) (Version: 3.0 - CutePDF.com)
CyberLink BD Advisor 2.0 (HKLM-x32\...\{2D2D8FE2-605C-4D3C-B706-36E981E7EEF0}) (Version: - )
CyberLink Blu-ray Disc Suite (HKLM-x32\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 6.0.4703 - CyberLink Corp.)
CyberLink LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.1916 - CyberLink Corp.)
CyberLink LG Burning Tool (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.2.4619 - CyberLink Corp.)
CyberLink MediaShow (HKLM-x32\...\InstallShield_{80E158EA-7181-40FE-A701-301CE6BE64AB}) (Version: 4.1.3402 - CyberLink Corp.)
CyberLink PowerDVD 9 (HKLM-x32\...\InstallShield_{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}) (Version: 9.0.3530.52 - CyberLink Corp.)
CyberLink PowerProducer (HKLM-x32\...\InstallShield_{B7A0CE06-068E-11D6-97FD-0050BACBF861}) (Version: 5.0.2.2512 - CyberLink Corp.)
CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 2.0.3718 - CyberLink Corp.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Damnation (HKLM-x32\...\Steam App 12790) (Version: - Blue Omega Entertainment)
Darkest Hour: Europe '44-'45 (HKLM-x32\...\Steam App 1280) (Version: - Darkest Hour Team)
DarkStar One (HKLM-x32\...\Steam App 12330) (Version: - Ascaron Entertainment ltd.)
Data Hacker: Initiation (HKLM-x32\...\Steam App 311860) (Version: - New Reality Games)
Dead Island (HKLM-x32\...\Steam App 91310) (Version: - Techland)
Dead Island Riptide (HKLM-x32\...\Steam App 216250) (Version: - Techland)
Dead Rising 2 (HKLM-x32\...\Steam App 45740) (Version: - Blue Castle Games)
Dead Rising 2: Off the Record (HKLM-x32\...\Steam App 45770) (Version: - Capcom Vancouver)
Dead Rising 3 (HKLM-x32\...\Steam App 265550) (Version: - Capcom Game Studio Vancouver)
Dead Space™ (HKLM-x32\...\{9789E33B-317A-44B2-AF9A-FF8708AD93E0}) (Version: 1.0.0.222 - Electronic Arts)
Dead State (HKLM-x32\...\Steam App 239840) (Version: - DoubleBear Productions)
Deadly 30 (HKLM-x32\...\Steam App 264730) (Version: - Ignatus Zuk and Gonzalo Villagomez)
Deadly Sin 2 (HKLM-x32\...\Steam App 285420) (Version: - Dancing Dragon Games)
Deadpool (HKLM-x32\...\Steam App 224060) (Version: - High Moon Studios)
Deep Black : Reloaded (HKLM-x32\...\Steam App 204760) (Version: - Biart)
Deer Drive (HKLM-x32\...\111448437) (Version: - Oberon Media)
Defiance (HKLM-x32\...\Steam App 224600) (Version: - )
DefianceRuntimes (HKLM-x32\...\{79B1FF35-9EA8-48ED-98D6-19ABE004BE89}) (Version: 1.0.2 - Trion Worlds, Inc.)
Demolition Master 3D (HKLM-x32\...\Steam App 288710) (Version: - Appmania)
Deponia (HKLM-x32\...\Steam App 214340) (Version: - Daedalic Entertainment)
Desperados - Wanted Dead or Alive (HKLM-x32\...\Steam App 260730) (Version: - Spellbound)
Desperados 2: Cooper’s Revenge (HKLM-x32\...\Steam App 9710) (Version: - Spellbound)
Destinations (x32 Version: 130.0.0.0 - Hewlett-Packard) Hidden
DeviceDiscovery (x32 Version: 130.0.465.000 - Hewlett-Packard) Hidden
DiRT 3 (HKLM-x32\...\Steam App 44320) (Version: - Codemasters Racing Studio)
Dishonored (HKLM-x32\...\Steam App 205100) (Version: 1.0 - Bethesda Softworks)
Disney Planes (HKLM-x32\...\Steam App 286880) (Version: - Behaviour Interactive)
DisplayFusion 7.0 (HKLM-x32\...\B076073A-5527-4f4f-B46B-B10692277DA2_is1) (Version: 7.0.0.0 - Binary Fortress Software)
Divine Divinity (HKLM-x32\...\Steam App 214170) (Version: - Larian Studios)
Divinity II: Developer's Cut (HKLM-x32\...\Steam App 219780) (Version: - Larian Studios)
DocMgr (x32 Version: 130.0.000.000 - Hewlett-Packard) Hidden
DocProc (x32 Version: 13.0.0.0 - Hewlett-Packard) Hidden
Doctor Who: The Eternity Clock (HKLM-x32\...\Steam App 217080) (Version: - )
Door Kickers (HKLM-x32\...\Steam App 248610) (Version: - Killhouse Games)
doubleTwist Sync (HKLM-x32\...\doubleTwist) (Version: 4.0.4.19767 - doubleTwist Corporation)
Dracula 4 and 5 - Special Steam Edition (HKLM-x32\...\Steam App 279560) (Version: - Microïds)
Dream (HKLM-x32\...\Steam App 229580) (Version: - HyperSloth)
Dropbox (HKU\S-1-5-21-2305213872-2505911372-3816809497-1000\...\Dropbox) (Version: 3.0.3 - Dropbox, Inc.)
DuckTales Remastered (HKLM-x32\...\Steam App 237630) (Version: - WayForward)
DUNGEONS - Steam Special Edition (HKLM-x32\...\Steam App 57650) (Version: - Realmforge Studios)
Dungeons: The Eye of Draconus (HKLM-x32\...\Steam App 303510) (Version: - SuckerFree Games)
DVD-Cloner V10.00 Build 1200 (HKLM-x32\...\DVD-Cloner 2013_is1) (Version: 10.00.0.1200 - OpenCloner Inc.)
Dwarfs!? (HKLM-x32\...\Steam App 35480) (Version: - Power of Two)
Dyn Updater (HKLM-x32\...\DynUpdater) (Version: 4.1.10 - Dyn, Inc.)
DYNASTY WARRIORS 8: Xtreme Legends Complete Edition (HKLM-x32\...\Steam App 278080) (Version: - TECMO KOEI GAMES CO., LTD.)
Eador. Genesis (HKLM-x32\...\Steam App 235660) (Version: - Alexey Bokulev / Snowbird Games)
Eador. Masters of the Broken World (HKLM-x32\...\Steam App 232050) (Version: - Snowbird Games)
Earth 2160 (HKLM-x32\...\Steam App 1900) (Version: - Reality Pump Studios)
East India Company (HKLM-x32\...\Steam App 25930) (Version: - )
East India Company: Battle of Trafalgar (HKLM-x32\...\Steam App 42820) (Version: - )
East India Company: Pirate Bay (HKLM-x32\...\Steam App 25940) (Version: - )
East India Company: Privateer (HKLM-x32\...\Steam App 42800) (Version: - )
Elder Kings CK2 Total Conversion (HKU\S-1-5-21-2305213872-2505911372-3816809497-1000\...\Elder Kings CK2 Total Conversion 0.1.2a) (Version: 0.1.2a - Elder Kings Team)
Emergency 2014 (HKLM-x32\...\Emergency 2014) (Version: - Quadriga Games)
Emergency 2014 (HKLM-x32\...\Steam App 260930) (Version: - Promotion Software)
Emergency 3 (HKLM-x32\...\Emergency 3_is1) (Version: - )
Emergency 5 - Deluxe Edition (HKLM-x32\...\Steam App 328140) (Version: - Sixteen Tons Entertainment)
Enclave (HKLM-x32\...\Steam App 253980) (Version: - Topware)
Endless Legend (HKLM-x32\...\Steam App 289130) (Version: - AMPLITUDE Studios)
Enforcer: Police Crime Action (HKLM-x32\...\Steam App 318220) (Version: - Odin Game Studio)
ESN Sonar (HKLM-x32\...\ESN Sonar-0.70.4) (Version: 0.70.4 - ESN Social Software AB)
Euro Truck Simulator (HKLM-x32\...\Steam App 232010) (Version: - SCS Software)
Evil Genius (HKLM-x32\...\Steam App 3720) (Version: - Elixir Studios)
Evolve (HKLM-x32\...\Steam App 273350) (Version: - Turtle Rock Studios)
Expeditions: Conquistador (HKLM-x32\...\Steam App 237430) (Version: - Logic Artists)
f.lux (HKU\S-1-5-21-2305213872-2505911372-3816809497-1000\...\Flux) (Version: - )
F1 2013 (HKLM-x32\...\Steam App 223670) (Version: - Codemasters Birmingham)
Fable - The Lost Chapters (HKLM-x32\...\Steam App 204030) (Version: - Lionhead Studios)
Fable Anniversary (HKLM-x32\...\Steam App 288470) (Version: - Lionhead Studios)
Face Noir (HKLM-x32\...\Steam App 244690) (Version: - Mad Orange)
Fallout 3 - Game of the Year Edition (HKLM-x32\...\Steam App 22370) (Version: - Bethesda Game Studios)
Fallout: New Vegas (HKLM-x32\...\Steam App 22380) (Version: - Bethesda Softworks)
Far Cry 4 (HKLM-x32\...\Uplay Install 420) (Version: - Ubisoft)
Farming World (HKLM-x32\...\Steam App 277500) (Version: - Excalibur)
FarSky (HKLM-x32\...\Steam App 286340) (Version: - Farsky Interactive)
Fax (x32 Version: 130.0.418.000 - Hewlett-Packard) Hidden
FileZilla Client 3.8.1 (HKLM-x32\...\FileZilla Client) (Version: 3.8.1 - Tim Kosse)
Firefighters 2014 (HKLM-x32\...\Steam App 291910) (Version: - VIS - Visual Imagination Software)
FlatOut (HKLM-x32\...\Steam App 6220) (Version: - Bugbear Entertainment)
FlatOut 2 (HKLM-x32\...\Steam App 2990) (Version: - Bugbear Entertainment)
Flatout 3 (HKLM-x32\...\Steam App 201510) (Version: - Team 6 Studios)
FlatOut: Ultimate Carnage (HKLM-x32\...\Steam App 12360) (Version: - Bugbear Entertainment)
Floe IRC Client (HKLM-x32\...\{CE55233D-8991-4C5B-A710-877154C8F66F}) (Version: 1.0.0.0 - Floe)
Folk Tale (HKLM-x32\...\Steam App 224440) (Version: - )
Foreign Legion: Buckets of Blood (HKLM-x32\...\Steam App 36000) (Version: - Sakari Indie)
Foxit Cloud (HKLM-x32\...\{41914D8B-9D6E-4764-A1F9-BC43FB6782C1}_is1) (Version: 1.3.99.311 - Foxit Corporation)
Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 6.2.0.429 - Foxit Corporation)
Franchise Hockey Manager 2014 (HKLM-x32\...\Steam App 299890) (Version: - Out of the Park Developments)
Fraps (remove only) (HKLM-x32\...\Fraps) (Version: - )
Freedom Fall (HKLM-x32\...\Steam App 262770) (Version: - Stirfire Studios)
Freespace 2 (HKLM-x32\...\Steam App 273620) (Version: - Volition Inc)
FX Football - The Manager for Every Football Fan (HKLM-x32\...\Steam App 265400) (Version: - FX Interactive)
Galactic Arms Race (HKLM-x32\...\Steam App 249610) (Version: - Evolutionary Games)
Galactic Civilizations II: Ultimate Edition (HKLM-x32\...\Steam App 202200) (Version: - Stardock Entertainment)
Galaxy on Fire 2™ Full HD (HKLM-x32\...\Steam App 212010) (Version: - Fishlabs Entertainment GmbH)
Game Dev Tycoon (HKLM-x32\...\Steam App 239820) (Version: - Greenheart Games)
Ghostbusters: The Video Game (HKLM-x32\...\Steam App 9870) (Version: - Terminal Reality)
Gizmo Central (HKLM-x32\...\Gizmo Central) (Version: v2.7.9 - Arainia Solutions, LLC)
Glyph (HKLM-x32\...\Glyph) (Version: - Trion Worlds, Inc.)
Gnomoria (HKLM-x32\...\Steam App 224500) (Version: - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 39.0.2171.95 - Google Inc.)
Google Drive (HKLM-x32\...\{C60F3836-333A-4AE2-B526-CFDBA143A9BA}) (Version: 1.18.7821.2489 - Google, Inc.)
Google Earth Plug-in (HKLM-x32\...\{4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Talk Plugin (HKLM-x32\...\{0C5C1177-94C5-3EFB-A8BE-3F6AF1AF887F}) (Version: 5.38.6.0 - Google)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
GoToAssist Expert 2.2.0.758 (HKU\S-1-5-21-2305213872-2505911372-3816809497-1000\...\GoToAssist Remote Support Expert) (Version: 2.2.0.758 - Citrix Online)
GoToMeeting 7.0.5.2130 (HKU\S-1-5-21-2305213872-2505911372-3816809497-1000\...\GoToMeeting) (Version: 7.0.5.2130 - CitrixOnline)
GPBaseService2 (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
Grand Theft Auto IV (HKLM-x32\...\Steam App 12210) (Version: - Rockstar North)
Grand Theft Auto V - The Manual (HKLM-x32\...\{752EBD91-8B95-42B5-8692-A7243A6EEEA9}) (Version: 1.0.0 - Rockstar Games)
Gunpoint (HKLM-x32\...\Steam App 206190) (Version: - )
Gunship! (HKLM-x32\...\Steam App 286730) (Version: - Microprose)
Hack 'n' Slash (HKLM-x32\...\Steam App 246070) (Version: - Double Fine Productions)
HAL 9000 [Console] Advanced Flat Screen Saver (HKLM-x32\...\HAL 9000 [Console] Advanced Flat) (Version: - )
HAL 9000 [Console] Advanced Shaded Screen Saver (HKLM-x32\...\HAL 9000 [Console] Advanced Shaded) (Version: - )
HAL 9000 [Full Screen] Advanced Flat Screen Saver (HKLM-x32\...\HAL 9000 [Full Screen] Advanced Flat) (Version: - )
HAL 9000 [Full Screen] Advanced Screen Saver (HKLM-x32\...\HAL 9000 [Full Screen] Advanced) (Version: - )
HAL 9000 [Full Screen] Advanced Shaded Screen Saver (HKLM-x32\...\HAL 9000 [Full Screen] Advanced Shaded) (Version: - )
HandBrake 0.9.9.1 (HKLM-x32\...\HandBrake) (Version: 0.9.9.1 - )
Hard Truck Apocalypse / Ex Machina (HKLM-x32\...\Steam App 285500) (Version: - Targem Games)
HD Tune Pro 5.50 (HKLM-x32\...\HD Tune Pro_is1) (Version: - EFD Software)
HE Auto Launcher (HKLM-x32\...\HE Auto Launcher) (Version: - )
Heavy Fire: Afghanistan (HKLM-x32\...\Steam App 305980) (Version: - Teyon)
Hector: Ep 1 (HKLM-x32\...\Steam App 94600) (Version: - Straandlooper)
Hector: Ep 2 (HKLM-x32\...\Steam App 94610) (Version: - Straandlooper)
Hector: Ep 3 (HKLM-x32\...\Steam App 94620) (Version: - Straandlooper)
Heli Heroes (HKLM-x32\...\Steam App 259320) (Version: - Reality Pump)
Helicopter Simulator 2014: Search and Rescue (HKLM-x32\...\Steam App 266290) (Version: - PlayWay S.A.)
Hi-Rez Studios Authenticate and Update Service (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF1FC}) (Version: 3.0.0.0 - Hi-Rez Studios)
Hitman 2: Silent Assassin (HKLM-x32\...\Steam App 6850) (Version: - Eidos)
Hitman: Absolution (HKLM-x32\...\Steam App 203140) (Version: - Square Enix)
Hitman: Blood Money (HKLM-x32\...\Steam App 6860) (Version: - Eidos)
Hitman: Codename 47 (HKLM-x32\...\Steam App 6900) (Version: - Eidos)
Hospital Tycoon (HKLM-x32\...\Steam App 11590) (Version: - Deep Red Limited)
Hotel Collectors Edition (HKLM-x32\...\Steam App 288750) (Version: - Cateia Games)
HP Customer Participation Program 13.0 (HKLM\...\HPExtendedCapabilities) (Version: 13.0 - HP)
HP Document Manager 2.0 (HKLM\...\HP Document Manager) (Version: 2.0 - HP)
HP Imaging Device Functions 13.0 (HKLM\...\HP Imaging Device Functions) (Version: 13.0 - HP)
HP Photosmart Essential 3.5 (HKLM\...\HP Photosmart Essential) (Version: 3.5 - HP)
HP Smart Web Printing 4.51 (HKLM\...\HP Smart Web Printing) (Version: 4.51 - HP)
HP Solution Center 13.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 13.0 - HP)
HP Update (HKLM-x32\...\{97486FBE-A3FC-4783-8D55-EA37E9D171CC}) (Version: 5.005.000.002 - Hewlett-Packard)
HPDiagnosticAlert (x32 Version: 1.00.0000 - Microsoft) Hidden
HPPhotoSmartDiscLabelContent1 (x32 Version: 2.04.0000 - Hewlett-Packard) Hidden
HPPhotosmartEssential (x32 Version: 2.04.0000 - Hewlett-Packard) Hidden
HPProductAssistant (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
HPSSupply (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
Hydrophobia: Prophecy (HKLM-x32\...\Steam App 92000) (Version: - Dark Energy Digital Ltd.)
I Shall Remain (HKLM-x32\...\Steam App 293460) (Version: - Scorpius Games)
Icewind Dale Complete (HKLM-x32\...\Icewind Dale Complete_is1) (Version: - GOG.com)
iCloud (HKLM\...\{6096C0CC-7E19-4355-87F0-627EC5AA146D}) (Version: 4.0.3.56 - Apple Inc.)
IndieVolume 3.5.99.171 (HKLM-x32\...\IndieVolume_is1) (Version: 3.5.99.171 - GerixSoft)
Influent (HKLM-x32\...\Steam App 274980) (Version: - Rob Howland)
Injustice: Gods Among Us Ultimate Edition (HKLM-x32\...\Steam App 242700) (Version: - NetherRealm Studios)
Installer (x32 Version: 1.0.0 - Sierra Entertainment, Inc.) Hidden
Intel(R) Network Connections 19.0.27.0 (HKLM\...\PROSetDX) (Version: 19.0.27.0 - Intel)
Intel® Watchdog Timer Driver (Intel® WDT) (HKLM-x32\...\{3FD0C489-0F02-481a-A3E1-9754CD396761}) (Version: - Intel Corporation)
International Snooker (HKLM-x32\...\Steam App 299500) (Version: - Big Head Games)
Internet Explorer Proxy Monitor 1.0 (HKLM-x32\...\Internet Explorer Proxy Monitor_is1) (Version: - )
Invisible, Inc. (HKLM-x32\...\Steam App 243970) (Version: - )
IP Camera Viewer 1.0 (HKLM-x32\...\IP Camera Viewer_is1) (Version: - DeskShare Inc.)
Iron Grip: Warlord (HKLM-x32\...\Steam App 31700) (Version: - ISOTX)
Iron Sky Invasion (HKLM-x32\...\Steam App 224900) (Version: - Reality Pump)
iTunes (HKLM\...\{2ABBBD91-91E5-4AD7-929A-FE15D1DC0576}) (Version: 12.0.1.26 - Apple Inc.)
iZotope Vinyl (HKLM-x32\...\iZotope Vinyl_is1) (Version: 1.61 - iZotope, Inc.)
J4500 (x32 Version: 50.0.165.000 - Hewlett-Packard) Hidden
Jack Keane (HKLM-x32\...\Steam App 12340) (Version: - Deck 13)
Jagged Alliance - Back in Action (HKLM-x32\...\Steam App 57740) (Version: - Coreplay GmbH)
Jagged Alliance Gold (HKLM-x32\...\Steam App 283270) (Version: - Sir-Tech)
Java 7 Update 67 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F06417067FF}) (Version: 7.0.670 - Oracle)
Java 7 Update 67 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217067FF}) (Version: 7.0.670 - Oracle)
Java SE Development Kit 7 Update 67 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0170670}) (Version: 1.7.0.670 - Oracle)
Jet Car Stunts (HKLM-x32\...\Steam App 274880) (Version: - GRIP Digital s.r.o.)
join.me (HKU\S-1-5-21-2305213872-2505911372-3816809497-1000\...\JoinMe) (Version: 1.15.0.136 - LogMeIn, Inc.)
Joint Task Force (HKLM-x32\...\Steam App 6400) (Version: - Most Wanted Entertainment)
Jurassic Park: The Game (HKLM-x32\...\Steam App 201830) (Version: - Telltale Games)
Kane & Lynch 2: Dog Days (HKLM-x32\...\Steam App 28000) (Version: - IO Interactive)
Kane & Lynch: Dead Men (HKLM-x32\...\Steam App 8080) (Version: - IO Interactive)
Kaptain Brawe (HKLM-x32\...\Steam App 65080) (Version: - Cateia Games)
Keeper Password & Data Vault (HKLM-x32\...\Keeper Password & Data Vault) (Version: 6 - Keeper Security, Inc.)
Kenshi (HKLM-x32\...\Steam App 233860) (Version: - )
Kerbal Space Program (HKLM-x32\...\Steam App 220200) (Version: - Squad)
Killer is Dead (HKLM-x32\...\Steam App 261110) (Version: - KADOKAWA GAMES / GRASSHOPPER MANUFACTURE)
Killing Floor (HKLM-x32\...\Steam App 1250) (Version: - Tripwire Interactive)
Killing Floor Mod: Defence Alliance 2 (HKLM-x32\...\Steam App 35420) (Version: - )
Kinetic Void (HKLM-x32\...\Steam App 227160) (Version: - )
King Arthur II - The Role-playing Wargame (HKLM-x32\...\Steam App 24480) (Version: - NEOCORE GAMES)
Knytt Underground (HKLM-x32\...\Steam App 248190) (Version: - Nifflas' Games)
Kung Fu Strike: The Warrior's Rise (HKLM-x32\...\Steam App 212030) (Version: - Qooc Software )
L.A. Noire (HKLM-x32\...\Steam App 110800) (Version: - Rockstar)
Law & Order: Legacies (HKLM-x32\...\Steam App 205330) (Version: - Telltale Games)
League of Legends (HKLM-x32\...\League of Legends 3.0.0) (Version: 3.0.0 - Riot Games)
League of Legends (x32 Version: 3.0.0 - Riot Games) Hidden
LEGO - The Hobbit (HKLM-x32\...\Steam App 285160) (Version: - Traveller's Tales)
LEGO Batman 2 (HKLM-x32\...\Steam App 213330) (Version: - TT Games)
LEGO Batman: The Videogame (HKLM-x32\...\Steam App 21000) (Version: - Traveller's Tales)
LEGO Lord of the Rings (HKLM-x32\...\Steam App 214510) (Version: - Traveller's Tales)
LEGO MARVEL Super Heroes (HKLM-x32\...\Steam App 249130) (Version: - Traveller's Tales)
Lego Star Wars Saga (HKLM-x32\...\Steam App 32440) (Version: - Traveller's Tales )
LEGO® Pirates of the Caribbean The Video Game (HKLM-x32\...\Steam App 311770) (Version: - Traveller's Tales)
LG Tool Kit (HKLM-x32\...\{6179550A-3E7C-499E-BCC9-9E8113E0A285}) (Version: 10.01.0712.01 - )
LG USB Modem driver (HKLM-x32\...\{C3ABE126-2BB2-4246-BFE1-6797679B3579}) (Version: - )
Lichdom: Battlemage (HKLM-x32\...\Steam App 261760) (Version: - Xaviant)
Life is Feudal: Your Own (HKLM-x32\...\Steam App 290080) (Version: - Bitbox Ltd.)
Lifeless Planet (HKLM-x32\...\Steam App 261530) (Version: - Stage 2 Studios)
LightScribe System Software (HKLM-x32\...\{705B639E-FAAF-40D7-AD58-C445321C7C3F}) (Version: 1.18.18.1 - LightScribe)
Logitech Gaming Software 8.57 (HKLM\...\Logitech Gaming Software) (Version: 8.57.145 - Logitech Inc.)
LogMeIn Rescue Technician Console (HKLM-x32\...\{7730D2E4-A46A-4984-8503-EC1B4E8934A3}) (Version: 7.3.1444 - LogMeIn, Inc.)
Lost Planet 3 (HKLM-x32\...\Steam App 226720) (Version: - Spark Unlimited)
m05 SurveillanceSaver 1.0 (HKLM-x32\...\m05 SurveillanceSaver) (Version: 1.0 - m05)
Maelstrom (HKLM-x32\...\Steam App 11560) (Version: - KDV Games)
Mafia (HKLM-x32\...\Steam App 40990) (Version: - 2K Games)
Mafia II (HKLM-x32\...\Steam App 50130) (Version: - 2K Czech)
Magic ISO Maker v5.5 (build 0281) (HKLM-x32\...\Magic ISO Maker v5.5 (build 0281)) (Version: - )
MakeMKV v1.8.9 (HKLM-x32\...\MakeMKV) (Version: v1.8.9 - GuinpinSoft inc)
Malwarebytes Anti-Malware version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
Mare Nostrum (HKLM-x32\...\Steam App 1230) (Version: - Sandstorm Productions)
Mark of the Ninja (HKLM-x32\...\Steam App 214560) (Version: - )
MarketResearch (x32 Version: 130.0.374.000 - Hewlett-Packard) Hidden
Mars: War Logs (HKLM-x32\...\Steam App 232750) (Version: - Spiders)
Marvel Heroes (HKLM-x32\...\marvelheroesbeta) (Version: 1.9.0.422 - Gazillion Entertainment)
marvell 91xx driver (HKLM-x32\...\MagniDriver) (Version: 1.0.0.1036 - Marvell)
MechWarrior Online (HKU\S-1-5-21-2305213872-2505911372-3816809497-1000\...\{74d11f91-05cc-44f6-8e49-94fe7f33c79b}) (Version: 1.2.0.0 - Piranha Games Inc.)
MechWarrior Online (x32 Version: 1.2.0.0 - Piranha Games Inc.) Hidden
Medal of Honor: Airborne (HKLM-x32\...\Steam App 24840) (Version: - EA Los Angeles)
MediaCoder x64 0.8.30.5622 (HKLM\...\MediaCoder x64) (Version: 0.8.30.5622 - Mediatronic)
Mercenaries 2 World in Flames™ (HKLM-x32\...\{26FDF89A-FA65-4FA2-8522-37CC84DFDCEE}) (Version: 2.0.1.0 - Electronic Arts)
METAL GEAR RISING: REVENGEANCE (HKLM-x32\...\Steam App 235460) (Version: - PlatinumGames)
Metro 2033 Redux (HKLM-x32\...\Steam App 286690) (Version: - 4A GAMES)
Metro: Last Light (HKLM-x32\...\Steam App 43160) (Version: - 4A Games)
Metro: Last Light Redux (HKLM-x32\...\Steam App 287390) (Version: - 4A Games)
Microsoft .NET Framework 1.1 (HKLM-x32\...\Microsoft .NET Framework 1.1 (1033)) (Version: - )
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{42AA4CA8-DCD8-4308-BCAB-0B6D75856A9D}) (Version: 3.5.95.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{67F42018-F647-4D3C-BE62-F8CB4FE2FCD5}) (Version: 3.5.67.0 - Microsoft Corporation)
Microsoft Garage Mouse without Borders (HKLM-x32\...\{D3BC954F-D661-474C-B367-30EB6E56542E}) (Version: 2.1.2.1212 - Microsoft Garage)
Microsoft Lync 2010 (HKLM\...\{11849FBC-C416-4742-8279-17C3A2C85F72}) (Version: 4.0.7577.4446 - Microsoft Corporation)
Microsoft Office 365 ProPlus - en-us (HKLM\...\O365ProPlusRetail - en-us) (Version: 15.0.4667.1002 - Microsoft Corporation)
Microsoft OneDrive for Business 2013 - en-us (HKLM\...\GrooveRetail - en-us) (Version: 15.0.4667.1002 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Virtual PC 2007 (HKLM\...\{8A7CAA24-7B23-410B-A7C3-F994B0944160}) (Version: 6.0.156.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106 (HKLM-x32\...\{8e70e4e1-06d7-470b-9f74-a51bef21088e}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{a55ac379-46b0-461a-95b1-fef5c08443f2}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50701 - Microsoft Corporation)
Microsoft Xbox 360 Accessories 1.2 (HKLM\...\{D9C50188-12D5-4D3E-8F00-682346C2AA5F}) (Version: 1.20.146.0 - Microsoft)
Microsoft XNA Framework Redistributable 3.1 (HKLM-x32\...\{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}) (Version: 3.1.10527.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Middle-earth: Shadow of Mordor (HKLM-x32\...\Steam App 241930) (Version: - Monolith Productions, Inc.)
Minion (HKU\S-1-5-21-2305213872-2505911372-3816809497-1000\...\{Minion}}_is1) (Version: 2.0 - ZAM Network LLC)
mIRC (HKLM-x32\...\mIRC) (Version: 7.32 - mIRC Co. Ltd.)
MKVToolNix 7.0.0 (64bit) (HKLM-x32\...\MKVToolNix) (Version: 7.0.0 - Moritz Bunkus)
Monaco (HKLM-x32\...\Steam App 113020) (Version: - Pocketwatch Games)
Monday Night Combat (HKLM-x32\...\Steam App 63200) (Version: - Uber Entertainment)
MotoCast (HKLM-x32\...\{5401CEE8-3C2D-4835-A802-213306537FF4}) (Version: 2.0.31 - Motorola Mobility)
MOTOROLA MEDIA LINK (x32 Version: 1.9.0002.0 - Motorola) Hidden
Mount & Blade: Warband (HKLM-x32\...\Steam App 48700) (Version: - Taleworlds Entertainment)
Movie Maker (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Mozilla Firefox 32.0.2 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 32.0.2 (x86 en-US)) (Version: 32.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
MSI Afterburner 4.0.0 (HKLM-x32\...\Afterburner) (Version: 4.0.0 - MSI Co., LTD)
MSI Kombustor 2.5.0 (HKLM-x32\...\{0B7C79A5-5CB2-4ABD-A9C1-92A6213CE8DD}_is1) (Version: - MSI Co., LTD)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
Multi Timer 3.6 (HKLM-x32\...\Multi Timer_is1) (Version: - Johannes Wallroth)
MURDERED: SOUL SUSPECT™ (HKLM-x32\...\Steam App 233290) (Version: - Airtight Games)
MuseScore 1.3 (HKLM-x32\...\MuseScore) (Version: 1.3.0 - Werner Schweer and Others)
MyFreeCodec (HKU\S-1-5-21-2305213872-2505911372-3816809497-1000\...\MyFreeCodec) (Version: - )
Natural Selection 2 (HKLM-x32\...\Steam App 4920) (Version: - Unknown Worlds Entertainment)
Nether (HKLM-x32\...\Steam App 247730) (Version: - Phosphor Games)
Nikopol: Secrets of the Immortals (HKLM-x32\...\Steam App 11370) (Version: - White Birds Productions)
NirSoft ShellExView (HKLM-x32\...\NirSoft ShellExView) (Version: - )
Nosgoth (HKLM-x32\...\Steam App 200110) (Version: 140617.86661 - Square Enix Ltd)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.6.9 - Notepad++ Team)
NVIDIA 3D Vision Controller Driver 344.75 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 344.75 - NVIDIA Corporation)
NVIDIA 3D Vision Driver 344.75 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 344.75 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.1.4 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1.4 - NVIDIA Corporation)
NVIDIA Graphics Driver 344.75 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 344.75 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.32.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.32.1 - NVIDIA Corporation)
NVIDIA PhysX (Legacy) (HKLM-x32\...\{6F9D5A0B-202C-4161-BC7F-0664EA39E7E7}) (Version: 9.12.1031 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.14.0702 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.14.0702 - NVIDIA Corporation)
NVMS5 Standard Edition (HKLM-x32\...\{F011CDD5-87D2-4873-8EE3-FA95B1FEAED9}) (Version: 5.2 - NVMS)
OCR Software by I.R.I.S. 13.0 (HKLM\...\HPOCR) (Version: 13.0 - HP)
Office 15 Click-to-Run Extensibility Component (Version: 15.0.4667.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4667.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (Version: 15.0.4667.1002 - Microsoft Corporation) Hidden
Officejet J4500 Series (HKLM\...\{E11448F2-0B44-4239-B04E-D88FE743E929}) (Version: 13.0 - HP)
Omerta - City of Gangsters (HKLM-x32\...\Steam App 208520) (Version: - Haemimont Games)
Only If (HKLM-x32\...\Steam App 298260) (Version: - Creability)
OnTopReplica (HKU\S-1-5-21-2305213872-2505911372-3816809497-1000\...\OnTopReplica) (Version: 3.4 - Lorenz Cuno Klopfenstein)
Open Broadcaster Software (HKLM-x32\...\Open Broadcaster Software) (Version: - )
Open DVD Ripper 3.30 Build 507 (HKLM-x32\...\Open DVD Ripper 3_is1) (Version: 3.30.0.507 - OpenCloner Inc.)
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
Orbital Gear (HKLM-x32\...\Steam App 298520) (Version: - Night Node)
Orborun (HKLM-x32\...\Steam App 308580) (Version: - Tiny Lab Productions)
Origin (HKLM-x32\...\Origin) (Version: 9.3.6.4643 - Electronic Arts, Inc.)
Out of the Park Baseball 14 (HKLM-x32\...\Steam App 263840) (Version: - Out of the Park Developments)
Pando Media Booster (HKLM-x32\...\{980A182F-E0A2-4A40-94C1-AE0C1235902E}) (Version: 2.6.0.7 - Pando Networks Inc.)
Pandora (HKLM-x32\...\com.pandora.desktop.E7C14276FFE9EEF0BC7DCE654C467D9A299EFD21.1) (Version: 2.0.8 - PANDORA MEDIA, INC.)
Pandora (x32 Version: 2.0.8 - PANDORA MEDIA, INC.) Hidden
Papers, Please (HKLM-x32\...\Steam App 239030) (Version: - 3909)
Path of Exile (HKLM-x32\...\Steam App 238960) (Version: - Grinding Gear Games)
Patrician III (HKLM-x32\...\Steam App 33570) (Version: - Ascaron Entertainment ltd.)
PAYDAY 2 (HKLM-x32\...\Steam App 218620) (Version: - OVERKILL - a Starbreeze Studio.)
PDF Settings CS5 (x32 Version: 10.0 - Adobe Systems Incorporated) Hidden
PeerBlock 1.2 (r693) (HKLM\...\{015C5B35-B678-451C-9AEE-821E8D69621C}_is1) (Version: 1.2.0.693 - PeerBlock, LLC)
Pepakura Designer 3 (HKLM-x32\...\pepakura_designer3en) (Version: - TamaSoftware)
Pepakura Viewer 3 (HKLM-x32\...\pepakura_viewer3en) (Version: - TamaSoftware)
Pirates Of The Burning Sea (HKLM-x32\...\potbs) (Version: 1.0.0.1 - )
Pirates of the Caribbean - At Worlds End (HKLM-x32\...\Steam App 301980) (Version: - Eurocom Entertainment Software)
Pirates! Gold Plus (Classic) (HKLM-x32\...\Steam App 327380) (Version: - MicroProse Software, Inc)
Plague Inc: Evolved (HKLM-x32\...\Steam App 246620) (Version: - Ndemic Creations)
Planet Explorers (HKLM-x32\...\Steam App 237870) (Version: - Pathea Games)
Planet Stronghold (HKLM-x32\...\Steam App 291050) (Version: - Winter Wolves)
Planetary Annihilation (HKLM-x32\...\Steam App 233250) (Version: - Uber Entertainment)
PlanetSide 2 (HKU\S-1-5-21-2305213872-2505911372-3816809497-1000\...\SOE-PlanetSide 2) (Version: 1.0.3.183 - Sony Online Entertainment)
PlayLater (HKLM-x32\...\{132FA3A5-4645-4E5E-BC66-4055F5D1C44C}) (Version: 1.6.9 - MediaMall Technologies, Inc.)
PlayOn (HKLM-x32\...\{332917AC-ACF7-4619-B5A4-AB722FB6B2F8}) (Version: 3.10.9 - MediaMall Technologies, Inc.)
Plex Home Theater (HKLM-x32\...\Plex Home Theater) (Version: 1.0.9 - Plex inc)
Plex Media Server (HKLM-x32\...\{e9921c42-812d-4b39-9c02-612724349e82}) (Version: 0.9.907 - Plex, Inc.)
Plex Media Server (x32 Version: 0.9.907 - Plex, Inc.) Hidden
Poker Night 2 (HKLM-x32\...\Steam App 234710) (Version: - Telltale Games)
Poker Night at the Inventory (HKLM-x32\...\Steam App 31280) (Version: - Telltale Games)
Police Destruction Street (HKLM-x32\...\Police Destruction Street_is1) (Version: - Play sp. z o. o.)
Police Simulator 2 (HKLM-x32\...\Police Simulator 2) (Version: - )
Pool Nation (HKLM-x32\...\Steam App 254440) (Version: - Cherry Pop Games)
Post Mortem (HKLM-x32\...\Steam App 46550) (Version: - Anuman / Microids)
Power CD+G Burner 2 (HKLM-x32\...\{62622BDC-D42B-4ABE-869A-C197694E8BD0}_is1) (Version: - Doblon)
Power SCDG Ripper (HKLM-x32\...\{52CF5B3E-1572-4EDD-AD47-589FF73E372D}_is1) (Version: - Doblon)
Praetorians (HKLM-x32\...\Steam App 277460) (Version: - Pyro Studios)
Pressure (HKLM-x32\...\Steam App 224220) (Version: - Chasing Carrots)
Prison Architect (HKLM-x32\...\Steam App 233450) (Version: - Introversion Software)
ProductContext (x32 Version: 50.0.165.000 - Hewlett-Packard) Hidden
Proxy Switcher (HKLM-x32\...\{BD85CEE1-BFBA-4FDB-A0FB-F8FE4938CCB0}) (Version: 3.6.1 - Marco Wiedemeyer)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.986 - Even Balance, Inc.)
Puzzle Agent (HKLM-x32\...\Steam App 31270) (Version: - Telltale Games)
Puzzle Agent 2 (HKLM-x32\...\Steam App 94590) (Version: - Telltale Games)
PxMergeModule (x32 Version: 1.00.0000 - Your Company Name) Hidden
Quantum Conundrum (HKLM-x32\...\Steam App 200010) (Version: - Airtight Games)
QuickTime 7 (HKLM-x32\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.)
 
R.I.P.D.: The Game (HKLM-x32\...\Steam App 237590) (Version: - Old School Games)
Rage Runner (HKLM-x32\...\Steam App 279520) (Version: - Hypercane Studios)
Raptr (HKLM-x32\...\Raptr) (Version: - )
Rapture3D 2.4.8 Game (HKLM-x32\...\{D2FCA41E-AC01-4DCD-B3A7-DC9E32363065}}_is1) (Version: - Blue Ripple Sound)
Real Heroes Firefighter (HKLM-x32\...\Real Heroes Firefighter_is1) (Version: - )
RealDownloader (x32 Version: 17.0.10 - RealNetworks, Inc.) Hidden
Realms of Arkania: Blade of Destiny (HKLM-x32\...\Steam App 237550) (Version: - Crafty Studios)
RealNetworks - Microsoft Visual C++ 2008 Runtime (x32 Version: 9.0 - RealNetworks, Inc) Hidden
RealNetworks - Microsoft Visual C++ 2010 Runtime (Version: 10.0 - RealNetworks, Inc) Hidden
RealNetworks - Microsoft Visual C++ 2010 Runtime (x32 Version: 10.0 - RealNetworks, Inc) Hidden
RealPlayer Cloud (HKLM-x32\...\RealPlayer 17.0) (Version: 17.0.10 - RealNetworks)
RealUpgrade 1.1 (x32 Version: 1.1.0 - RealNetworks, Inc.) Hidden
Recovery Search and Rescue Simulation (HKLM-x32\...\Steam App 262870) (Version: - Excalibur Publishing)
Red Orchestra 2: Heroes of Stalingrad (HKLM-x32\...\Steam App 35450) (Version: - Tripwire)
Red Orchestra 2: Heroes of Stalingrad Beta (HKLM-x32\...\Steam App 104320) (Version: - )
Red Orchestra: Ostfront 41-45 (HKLM-x32\...\Steam App 1200) (Version: - Tripwire Interactive)
Rescue: Everyday Heroes (HKLM-x32\...\Steam App 253130) (Version: - Fragment Production Ltd)
Residue: Final Cut (HKLM-x32\...\Steam App 265790) (Version: - The Working Parts)
Return to Mysterious Island (HKLM-x32\...\Steam App 277110) (Version: - Anuman)
Return to Mysterious Island 2 (HKLM-x32\...\Steam App 277270) (Version: - Anuman)
Rex Nebular and the Cosmic Gender Bender (HKLM-x32\...\Steam App 328430) (Version: - MicroProse Software, Inc.)
Riot Police (HKLM-x32\...\Riot Police) (Version: - )
Risen 3 - Titan Lords (HKLM-x32\...\Steam App 249230) (Version: - Piranha Bytes)
RivaTuner Statistics Server 6.2.0 (HKLM-x32\...\RTSS) (Version: 6.2.0 - Unwinder)
RoboBasket3 (HKLM\...\RoboBasket_is1) (Version: 3.5.8 - ETUS)
Rocksmith 2014 (HKLM-x32\...\Steam App 221680) (Version: - Ubisoft - San Francisco)
Rome: Total War (HKLM-x32\...\Steam App 4760) (Version: - The Creative Assembly)
Rulers of Nations (HKLM-x32\...\Steam App 311040) (Version: - Eversim)
Rust (HKLM-x32\...\Steam App 252490) (Version: - Facepunch Studios)
Sacred 2 Gold (HKLM-x32\...\Steam App 225640) (Version: - Ascaron)
Sacred 3 (HKLM-x32\...\Steam App 247950) (Version: - Keen Games)
Saints Row IV (HKLM-x32\...\Steam App 206420) (Version: - Deep Silver Volition)
salesforce.com Data Loader (HKLM-x32\...\Data Loader) (Version: - )
Sam & Max 101: Culture Shock (HKLM-x32\...\Steam App 8200) (Version: - Telltale Games)
Sam & Max 102: Situation: Comedy (HKLM-x32\...\Steam App 8210) (Version: - Telltale Games)
Sam & Max 103: The Mole, the Mob and the Meatball (HKLM-x32\...\Steam App 8220) (Version: - Telltale Games)
Sam & Max 104: Abe Lincoln Must Die! (HKLM-x32\...\Steam App 8230) (Version: - Telltale Games)
Sam & Max 105: Reality 2.0 (HKLM-x32\...\Steam App 8240) (Version: - Telltale Games)
Sam & Max 106: Bright Side of the Moon (HKLM-x32\...\Steam App 8250) (Version: - Telltale Games)
Sam & Max 201: Ice Station Santa (HKLM-x32\...\Steam App 8260) (Version: - Telltale Games)
Sam & Max 202: Moai Better Blues (HKLM-x32\...\Steam App 8270) (Version: - Telltale Games)
Sam & Max 203: Night of the Raving Dead (HKLM-x32\...\Steam App 8280) (Version: - Telltale Games)
Sam & Max 204: Chariots of the Dogs (HKLM-x32\...\Steam App 8290) (Version: - Telltale Games)
Sam & Max 205: What's New Beelzebub? (HKLM-x32\...\Steam App 8300) (Version: - Telltale Games)
Sam & Max 301: The Penal Zone (HKLM-x32\...\Steam App 31220) (Version: - Telltale Games)
Sam & Max 302: The Tomb of Sammun-Mak (HKLM-x32\...\Steam App 31230) (Version: - Telltale Games)
Sam & Max 303: They Stole Max's Brain! (HKLM-x32\...\Steam App 31240) (Version: - Telltale Games)
Sam & Max 304: Beyond the Alley of the Dolls (HKLM-x32\...\Steam App 31250) (Version: - Telltale Games)
Sam & Max 305: The City that Dares not Sleep (HKLM-x32\...\Steam App 31260) (Version: - Telltale Games)
SamLogic USB Supervisor (HKLM-x32\...\SamLogic USB Supervisor) (Version: - )
Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.6.0.13064_2 - Samsung Electronics Co., Ltd.)
Samsung Kies (x32 Version: 2.6.0.13064_2 - Samsung Electronics Co., Ltd.) Hidden
Samsung Kies3 (HKLM-x32\...\InstallShield_{88547073-C566-4895-9005-EBE98EA3F7C7}) (Version: 3.2.14113.3 - Samsung Electronics Co., Ltd.)
Samsung Kies3 (x32 Version: 3.2.14113.3 - Samsung Electronics Co., Ltd.) Hidden
Samsung Story Album Viewer (HKLM-x32\...\InstallShield_{698BBAD8-B116-495D-B879-0F07A533E57F}) (Version: 1.0.0.13054_1 - Samsung Electronics Co., Ltd.)
Samsung Story Album Viewer (x32 Version: 1.0.0.13054_1 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.49.0 - SAMSUNG Electronics Co., Ltd.)
Saturday Morning RPG (HKLM-x32\...\Steam App 263320) (Version: - Mighty Rabbit Studios)
Scan (x32 Version: 13.0.0.0 - Hewlett-Packard) Hidden
Scania Truck Driving Simulator (HKLM-x32\...\Steam App 258760) (Version: - SCS Software)
Scratches: Director's Cut (HKLM-x32\...\Steam App 46460) (Version: - Nucleosys)
Sentinel 3: Homeworld (HKLM-x32\...\Steam App 275350) (Version: - Origin8)
Shadow Ops: Red Mercury (HKLM-x32\...\Steam App 286770) (Version: - Zombie Studios)
Shadowrun Online (HKLM-x32\...\Steam App 267750) (Version: - Cliffhanger Productions)
Shadowrun Returns (HKLM-x32\...\Steam App 234650) (Version: - Harebrained Schemes)
SHIELD Streaming (Version: 3.1.2000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 16.13.65 - NVIDIA Corporation) Hidden
Ship Simulator Extremes (HKLM-x32\...\Steam App 48800) (Version: - VStep)
Ship Simulator: Maritime Search and Rescue (HKLM-x32\...\Steam App 274010) (Version: - Reality Twist GmbH)
Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 13.0 - HP)
Sid Meier's Colonization (Classic) (HKLM-x32\...\Steam App 327400) (Version: - MicroProse Software, Inc)
Sid Meier's Covert Action (Classic) (HKLM-x32\...\Steam App 327390) (Version: - MicroProse Software, Inc)
Sine Mora (HKLM-x32\...\Steam App 207040) (Version: - Digital Reality)
Ski Region Simulator (HKLM-x32\...\Steam App 270950) (Version: - Giants Software)
Skyborn (HKLM-x32\...\Steam App 278460) (Version: - Dancing Dragon Games)
SkyDrift (HKLM-x32\...\Steam App 91100) (Version: - Digital Reality)
Skype Click to Call (HKLM-x32\...\{B6CF2967-C81E-40C0-9815-C05774FEF120}) (Version: 6.13.13771 - Skype Technologies S.A.)
Skype for Salesforce Basic Edition (HKLM-x32\...\{75BFCF2D-E0EE-4A22-85AB-78E9AEAE9563}_is1) (Version: 2.3.0.1 - PamConsult GmbH)
Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.100 - Skype Technologies S.A.)
Slave Zero (HKLM-x32\...\Steam App 328470) (Version: - Accolade, Inc.)
Smart Technology Programming Software 7.0.24.8 (HKLM\...\{AB98EBC0-1F36-4525-8CBE-E1C63700C7AD}) (Version: 7.0.24.8 - Mad Catz)
SmartWebPrinting (x32 Version: 130.0.457.000 - Hewlett-Packard) Hidden
Smite (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF017}) (Version: 0.1.1405.0 - Hi-Rez Studios)
Sniper Elite 3 (HKLM-x32\...\Steam App 238090) (Version: - Rebellion)
Sniper Ghost Warrior 2 (HKLM-x32\...\Steam App 34870) (Version: - City Interactive)
Sniper: Ghost Warrior (HKLM-x32\...\Steam App 34830) (Version: - City Interactive)
SolutionCenter (x32 Version: 130.0.373.000 - Hewlett-Packard) Hidden
Sound Blaster Audigy 5_Audigy Rx (HKLM-x32\...\{81440118-F1CE-4C87-BC8B-F1EB8D3FA190}) (Version: 1.0 - Creative Technology Limited)
Space Empires IV Deluxe (HKLM-x32\...\Steam App 1610) (Version: - Malfador Machinations)
Space Engineers (HKLM-x32\...\Steam App 244850) (Version: - )
Space Trader: Merchant Marine (HKLM-x32\...\Steam App 11240) (Version: - Hermitworks Entertainment )
Spacebase DF-9 (HKLM-x32\...\Steam App 246090) (Version: - Double Fine Productions)
Spec Ops: The Line (HKLM-x32\...\Steam App 50300) (Version: - YAGER)
Speccy (HKLM\...\Speccy) (Version: 1.23 - Piriform)
Speed Kills (HKLM-x32\...\Steam App 284930) (Version: - Holy Warp)
Speedball 2 HD (HKLM-x32\...\Steam App 251690) (Version: - Vivid Games)
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version: - )
Spelunky (HKLM-x32\...\Steam App 239350) (Version: - )
Spintires (HKLM-x32\...\Steam App 263280) (Version: - Oovee® Game Studios)
Splashtop Personal (HKLM-x32\...\{E7CF0F14-8C1D-41F3-85ED-579C108262C7}) (Version: 2.4.5.2 - Splashtop Inc.)
Splashtop Software Updater (HKLM-x32\...\Splashtop Software Updater) (Version: 1.5.6.15 - Splashtop Inc.)
Splashtop Streamer (HKLM-x32\...\{B7C5EA94-B96A-41F5-BE95-25D78B486678}) (Version: 2.6.2.4 - Splashtop Inc.)
Spore (HKLM-x32\...\Steam App 17390) (Version: - Maxis™)
Spore: Creepy & Cute Parts Pack (HKLM-x32\...\Steam App 17440) (Version: - Maxis™)
Spore: Galactic Adventures (HKLM-x32\...\Steam App 24720) (Version: - EA - Maxis)
Spotify (HKU\S-1-5-21-2305213872-2505911372-3816809497-1000\...\Spotify) (Version: 0.9.12.10.g89b2a4fc - Spotify AB)
Star Conflict (HKLM-x32\...\Steam App 212070) (Version: - )
StarDrive (HKLM-x32\...\Steam App 220660) (Version: - )
StarForge Alpha (HKLM-x32\...\Steam App 227680) (Version: - CodeHatch)
State of Decay (HKLM-x32\...\Steam App 241540) (Version: - Undead Labs)
Status (x32 Version: 130.0.469.000 - Hewlett-Packard) Hidden
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
Steel Storm: Burning Retribution (HKLM-x32\...\Steam App 96200) (Version: - Kot in Action Creative Artel)
Still Life (HKLM-x32\...\Steam App 46480) (Version: - Anuman / Microids)
Still Life 2 (HKLM-x32\...\Steam App 46490) (Version: - Anuman / Microids)
Strike Suit Infinity (HKLM-x32\...\Steam App 234160) (Version: - Born Ready Games Ltd.)
Strike Suit Zero (HKLM-x32\...\Steam App 209540) (Version: - Born Ready Games Ltd.)
Strong Bad Episode 1: Homestar Ruiner (HKLM-x32\...\Steam App 8340) (Version: - Telltale Games)
Strong Bad Episode 2: Strong Badia the Free (HKLM-x32\...\Steam App 8350) (Version: - Telltale Games)
Strong Bad Episode 3: Baddest of the Bands (HKLM-x32\...\Steam App 8360) (Version: - Telltale Games)
Strong Bad Episode 4: Dangeresque 3 (HKLM-x32\...\Steam App 8370) (Version: - Telltale Games)
Strong Bad Episode 5: 8-Bit Is Enough (HKLM-x32\...\Steam App 8380) (Version: - Telltale Games)
SUABnR (HKLM-x32\...\InstallShield_{2485354C-6B65-4978-BB91-CCE61442377B}) (Version: 1.1.0.13103_1 - Samsung Electronics Co., Ltd.)
SUABnR (x32 Version: 1.1.0.13103_1 - Samsung Electronics Co., Ltd.) Hidden
Super Monday Night Combat (HKLM-x32\...\Steam App 104700) (Version: - Uber Entertainment)
Supreme Commander (HKLM-x32\...\Steam App 9350) (Version: - Gas Powered Games)
Supreme Commander: Forged Alliance (HKLM-x32\...\Steam App 9420) (Version: - Gas Powered Games)
SWAT 4 - The Stetchkov Syndicate (HKLM-x32\...\InstallShield_{97E12F84-C033-4DA2-97D2-F540C3E292EA}) (Version: 1.0.0 - Sierra Entertainment, Inc.)
SWAT 4 (HKLM-x32\...\InstallShield_{8E1CCF20-9E12-4824-BD59-7AD9E0486DD8}) (Version: 1.0.31973 - Sierra Entertainment, Inc.)
SWAT 4 (x32 Version: 1.0.31973 - Sierra Entertainment, Inc.) Hidden
Swift Elite 1.0 Release 1.012 (HKLM-x32\...\SwiftElite10) (Version: - )
Sword of the Samurai (HKLM-x32\...\Steam App 327950) (Version: - MicroProse Software, Inc)
Syder Arcade (HKLM-x32\...\Steam App 252310) (Version: - Studio Evil)
System Requirements Lab for Intel (HKLM-x32\...\{1EBDF6D2-CEA0-484C-A23E-2DDAD7FD0DD0}) (Version: 4.5.22.0 - Husdawg, LLC)
Take On Helicopters (HKLM-x32\...\Steam App 65730) (Version: - Bohemia Interactive)
Taxi (HKLM-x32\...\Steam App 315550) (Version: - Excalibur)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.15 - TeamSpeak Systems GmbH)
TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.28223 - TeamViewer)
Telltale Texas Hold'Em (HKLM-x32\...\Steam App 8330) (Version: - Telltale Games)
Tesla Effect (HKLM-x32\...\Steam App 261510) (Version: - Big Finish Games)
The 39 Steps (HKLM-x32\...\Steam App 234940) (Version: - The Story Mechanics)
The Ball (HKLM-x32\...\Steam App 35460) (Version: - Teotl Studios)
The Cat Lady (HKLM-x32\...\Steam App 253110) (Version: - Harvester Games)
The Chronicles of Narnia - Prince Caspian (HKLM-x32\...\Steam App 320890) (Version: - Traveller's Tales)
The Crew (HKLM-x32\...\Steam App 241560) (Version: - Ivory Tower in collaboration with Ubisoft Reflections)
The Dark Eye: Chains of Satinav (HKLM-x32\...\Steam App 203830) (Version: - Daedalic Entertainment)
The Elder Scrolls Online (HKLM-x32\...\The Elder Scrolls Online) (Version: 1.0.0.0 - Zenimax Online Studios)
The Few (HKLM-x32\...\Steam App 300320) (Version: - BlackMoon Design)
The Incredible Adventures of Van Helsing (HKLM-x32\...\Steam App 215530) (Version: - NeocoreGames)
The LEGO® Movie - Videogame (HKLM-x32\...\Steam App 267530) (Version: - TT Fusion)
The Mighty Quest For Epic Loot (HKLM-x32\...\Steam App 239220) (Version: - Ubisoft Montreal)
The Red Solstice (HKLM-x32\...\Steam App 265590) (Version: - Ironward)
The Saboteur™ (HKLM-x32\...\{5C9A7E65-5B71-4C7F-876A-8C6AF9E9E23D}) (Version: 1.0.0.0 - Electronic Arts)
The Ship (HKLM-x32\...\Steam App 2400) (Version: - Outerlight)
The Ship Single Player (HKLM-x32\...\Steam App 2420) (Version: - Outerlight)
The Ship Tutorial (HKLM-x32\...\Steam App 2430) (Version: - Outerlight)
The Stanley Parable (HKLM-x32\...\Steam App 221910) (Version: - Galactic Cafe)
The Swapper (HKLM-x32\...\Steam App 231160) (Version: - Olli Harjola, Otto Hantula, Tom Jubert, Carlo Castellano)
The Testament of Sherlock Holmes (HKLM-x32\...\Steam App 205650) (Version: - Frogwares)
The Walking Dead (HKLM-x32\...\Steam App 207610) (Version: - )
The Walking Dead: Season Two (HKLM-x32\...\Steam App 261030) (Version: - Telltale Games)
The Witcher 2: Assassins of Kings Enhanced Edition (HKLM-x32\...\Steam App 20920) (Version: - CD Projekt RED)
The Wolf Among Us (HKLM-x32\...\Steam App 250320) (Version: - Telltale Games)
theHunter (HKLM-x32\...\Steam App 253710) (Version: - Expansive Worlds)
theRenamer 7.68 (HKLM-x32\...\{55B6344C-AE4F-4DA8-BF32-D7AE0CB4D2BE}_is1) (Version: - theRenamer)
Thief (HKLM-x32\...\Steam App 239160) (Version: - Eidos-Montréal)
This War of Mine (HKLM-x32\...\Steam App 282070) (Version: - 11 bit studios)
Thunder Wolves (HKLM-x32\...\Steam App 232970) (Version: - Most Wanted Entertainment)
Tidalis (HKLM-x32\...\Steam App 40420) (Version: - Arcen Games, LLC)
Time Gentlemen, Please! (HKLM-x32\...\Steam App 37400) (Version: - Size Five Games)
Titanfall™ (HKLM-x32\...\{347EE0C3-0690-48F6-A231-53853C2A80D6}) (Version: 1.0.8.10 - Electronic Arts)
Tixati (HKLM-x32\...\tixati) (Version: - )
Tom Clancy's Splinter Cell Blacklist (HKLM-x32\...\Steam App 235600) (Version: - Ubisoft Toronto)
Tom Clancy's Splinter Cell: Conviction (HKLM-x32\...\Steam App 33220) (Version: - Ubisoft Montreal)
Toolbox (x32 Version: 130.0.648.000 - Hewlett-Packard) Hidden
Total Pro Golf 3 (HKLM-x32\...\Steam App 308320) (Version: - Wolverine Studios)
Toy Story 3 (HKLM-x32\...\Steam App 300820) (Version: - Avalanche Software)
Toy Story Mania (HKLM-x32\...\Steam App 317580) (Version: - Papaya Studio)
TrayApp (x32 Version: 130.0.422.000 - Hewlett-Packard) Hidden
Trials Fusion (HKLM-x32\...\Steam App 245490) (Version: - RedLynx, in collaboration with Ubisoft Shanghai, Ubisoft Kiev)
Tron 2.0 (HKLM-x32\...\Steam App 327740) (Version: - Monolith Productions, Inc.)
TRON: Evolution (HKLM-x32\...\Steam App 315440) (Version: - GameStar)
Tropico 3 - Steam Special Edition (HKLM-x32\...\Steam App 23490) (Version: - Haemimont Games)
Tropico 4 (HKLM-x32\...\Steam App 57690) (Version: - Haemimont Games)
Trucks & Trailers (HKLM-x32\...\Steam App 302060) (Version: - SCS Software)
Under the Ocean (HKLM-x32\...\Steam App 227720) (Version: - )
Unity Web Player (HKU\S-1-5-21-2305213872-2505911372-3816809497-1000\...\UnityWebPlayer) (Version: - Unity Technologies ApS)
UpdateService (x32 Version: 1.0.0 - RealNetworks, Inc.) Hidden
Uplay (HKLM-x32\...\Uplay) (Version: 2.0 - Ubisoft)
Urban Trial Freestyle (HKLM-x32\...\Steam App 243450) (Version: - Tate Multimedia)
USB Multi-Channel Audio Device (HKLM\...\C-Media CM106 Like Sound Driver) (Version: - )
USBFast (HKLM-x32\...\{AED142A8-96EA-42DE-B212-60BFC98D6CC7}) (Version: 1.3.0.28 - Prolific Technology Inc.)
Vector (HKLM-x32\...\Steam App 248970) (Version: - )
Velvet Assassin (HKLM-x32\...\Steam App 16720) (Version: - Replay Studios)
Verizon Wireless Software Upgrade Assistant - Samsung(ar) (HKLM-x32\...\{267B6912-6F26-4FFD-9342-8E84A7B26151}) (Version: 2.13.1103 - Samsung Electronics Co., Ltd.)
Verizon Wireless Software Utility Application for Android - Samsung (HKLM-x32\...\{041E914E-7B73-4E8B-967F-B7FFC527FF80}) (Version: 2.14.0106 - Samsung Electronics Co., Ltd.)
Viking: Battle for Asgard (HKLM-x32\...\Steam App 211160) (Version: - Creative Assembly, PC Port - Hardlight)
VST Bridge 1.1 (HKLM-x32\...\VST Bridge_is1) (Version: - )
War Thunder (HKLM-x32\...\Steam App 236390) (Version: - Gaijin Entertainment)
Warframe (HKLM-x32\...\Steam App 230410) (Version: - Digital Extremes)
Wargame: AirLand Battle (HKLM-x32\...\Steam App 222750) (Version: - )
Warhammer 40,000 Space Marine (HKLM-x32\...\Steam App 55150) (Version: - Relic)
Wasteland 1 - The Original Classic (HKLM-x32\...\Steam App 259130) (Version: - inXile Entertainment)
Wasteland 2 (HKLM-x32\...\Steam App 240760) (Version: - inXile Entertainment)
Watchmen: The End Is Nigh (HKLM-x32\...\Steam App 21010) (Version: - Deadline Games)
Watchmen: The End Is Nigh Part 2 (HKLM-x32\...\Steam App 21030) (Version: - Deadline Games )
WebReg (x32 Version: 130.0.132.017 - Hewlett-Packard) Hidden
WinCDG Pro 3.0 Release 3.0 (HKLM-x32\...\WinCDGPro3) (Version: Release 3.0 - TriceraSoft)
Windows 7 Codec Pack 4.0.9 (HKLM-x32\...\Windows 7 - Codec Pack) (Version: 4.0.9 - Windows 7 Codec Pack)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3508.0205 - Microsoft Corporation)
Windows Mobile Device Center (HKLM\...\{626672CD-BFCF-49A9-AEFE-AB0FED3BFC5B}) (Version: 6.1.6965.0 - Microsoft Corporation)
Windows Mobile Device Center Driver Update (HKLM\...\{92DBCA36-9B41-4DD1-941A-AED149DD37F0}) (Version: 6.1.6965.0 - Microsoft Corporation)
Wing Commander III (HKLM-x32\...\{F96B9930-E22A-44D6-81B5-6C8E92C21B4B}) (Version: 2.0.0.2 - Electronic Arts)
WinPcap 4.0.2 (HKLM-x32\...\WinPcapInst) (Version: 4.0.0.1040 - CACE Technologies)
WinRAR archiver (HKLM-x32\...\WinRAR archiver) (Version: - )
Woodcutter Simulator 2013 (HKLM-x32\...\Steam App 267610) (Version: - United Independent Entertainment GmbH)
Workspace Desktop (HKU\S-1-5-21-2305213872-2505911372-3816809497-1000\...\workspacedesktop) (Version: - Starfield Technologies)
World Basketball Tycoon (HKLM-x32\...\Steam App 260510) (Version: - )
ZViewer version 1.0.1.31 (HKLM-x32\...\{1B00336F-393F-4DC7-9956-42C69ED6565E}_is1) (Version: 1.0.1.31 - ZMODO Technology Corporation)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-2305213872-2505911372-3816809497-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\KnightCat\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2305213872-2505911372-3816809497-1000_Classes\CLSID\{083f5ae0-2b0a-11dd-bd0b-0800200c9a66}\InprocServer32 -> C:\Windows\system32\mscoree.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2305213872-2505911372-3816809497-1000_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}\InprocServer32 -> C:\Users\KnightCat\AppData\Local\Google\Update\1.3.25.5\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-2305213872-2505911372-3816809497-1000_Classes\CLSID\{1BFB1268-6353-495A-AB78-97BF7CAB4D59}\InprocServer32 -> C:\Users\KnightCat\AppData\Local\Workspace\gdeditwrapperax64.dll (Starfield Technologies)
CustomCLSID: HKU\S-1-5-21-2305213872-2505911372-3816809497-1000_Classes\CLSID\{25815CC0-43F4-3C75-8C3A-A139D9ADE740}\InprocServer32 -> C:\Windows\system32\mscoree.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2305213872-2505911372-3816809497-1000_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users\KnightCat\AppData\Local\Google\Update\1.3.23.9\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-2305213872-2505911372-3816809497-1000_Classes\CLSID\{5b55a44a-d008-49aa-9234-86fb7709bc0a}\InprocServer32 -> C:\Windows\system32\mscoree.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2305213872-2505911372-3816809497-1000_Classes\CLSID\{84B5A313-CD5D-4904-8BA2-AFDC81C1B309}\InprocServer32 -> C:\Program Files (x86)\Citrix\GoToMeeting\1960\G2MOutlookAddin64.dll (Citrix Online, a division of Citrix Systems, Inc.)
CustomCLSID: HKU\S-1-5-21-2305213872-2505911372-3816809497-1000_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\KnightCat\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-2305213872-2505911372-3816809497-1000_Classes\CLSID\{B5B8593C-89BC-44a7-BCE3-32FE4FED7C5C}\InprocServer32 -> C:\Users\KnightCat\AppData\Local\Workspace\wbetoolsax64.dll (Starfield Technology, LLC)
CustomCLSID: HKU\S-1-5-21-2305213872-2505911372-3816809497-1000_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users\KnightCat\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-2305213872-2505911372-3816809497-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\KnightCat\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-2305213872-2505911372-3816809497-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\KnightCat\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2305213872-2505911372-3816809497-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\KnightCat\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2305213872-2505911372-3816809497-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\KnightCat\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2305213872-2505911372-3816809497-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\KnightCat\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2305213872-2505911372-3816809497-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\KnightCat\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2305213872-2505911372-3816809497-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\KnightCat\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2305213872-2505911372-3816809497-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\KnightCat\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2305213872-2505911372-3816809497-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\KnightCat\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2305213872-2505911372-3816809497-1000_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\KnightCat\AppData\Local\Google\Update\1.3.24.7\psuser_64.dll No File

==================== Restore Points =========================

25-11-2014 12:36:41 avast! antivirus system restore point
25-11-2014 12:39:30 Device Driver Package Install: Avast Network Service
02-12-2014 16:05:05 Scheduled Checkpoint
06-12-2014 14:44:56 Installed Samsung Kies3
12-12-2014 17:56:02 Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030
18-12-2014 21:40:25 Pre Anti-Root Kit
19-12-2014 16:26:19 Installed DirectX

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-13 20:34 - 2014-12-19 18:15 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {02EA73A5-F8AB-4E8F-B866-2D2F16237A4A} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2305213872-2505911372-3816809497-1000Core => C:\Users\KnightCat\AppData\Local\Google\Update\GoogleUpdate.exe [2013-03-14] (Google Inc.)
Task: {21E21969-E586-4357-8991-5B0D79D6982F} - System32\Tasks\{9818FB97-0C4D-4EC5-9E1D-91F149DB3F28} => pcalua.exe -a C:\Users\KnightCat\Downloads\megamek-v0.35.43-windows\MegaMek.exe -d C:\Users\KnightCat\Downloads\megamek-v0.35.43-windows
Task: {24E7A6E2-278F-402F-96B0-B61C3BE24875} - System32\Tasks\SidebarExecute => C:\Program Files (x86)\Windows Sidebar\sidebar.exe
Task: {2621594D-6017-4D2B-A148-A70D62E00085} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-2305213872-2505911372-3816809497-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2014-05-23] (RealNetworks, Inc.)
Task: {2E276807-DDD2-4413-B52A-280B5340C332} - System32\Tasks\ASUS\USB 3.0 Boost Service => C:\Program Files (x86)\ASUS\AI Suite II\USB 3.0 Boost\U3BoostSvr.exe [2011-09-09] ()
Task: {3A52FCBF-36EF-4007-A34B-DA5D4E6549FC} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-2305213872-2505911372-3816809497-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2014-05-23] (RealNetworks, Inc.)
Task: {3F2AE84D-D731-44B6-B82D-D833DBBDBFCF} - System32\Tasks\{05340D2D-A4C0-407A-B76B-4E8AEA31629E} => pcalua.exe -a C:\Users\KnightCat\Downloads\megamek-0.36.0-windows\MegaMek.exe -d C:\Users\KnightCat\Downloads\megamek-0.36.0-windows
Task: {3F471A6C-E25F-447E-B661-6BE8A4BB5698} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-03-14] (Google Inc.)
Task: {404DD7D7-FDCA-430B-B574-0779876866A2} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-2305213872-2505911372-3816809497-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2014-05-23] (RealNetworks, Inc.)
Task: {43742458-783B-4A82-96CE-44F76ACFE4C4} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2014-10-07] (Microsoft Corporation)
Task: {5792406E-C6A6-4609-9749-B323DD25D643} - System32\Tasks\{E440BCE0-0E4F-4BD8-A1BD-8B1BBB496D1F} => pcalua.exe -a "C:\Program Files\WinCDG Pro\TyrannUnInst.exe" -c C:\Program Files\WinCDG Pro\
Task: {5A48F9CC-AEA4-4AFA-90E3-6D606351B075} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-12-10] (Adobe Systems Incorporated)
Task: {5E9AD048-F243-402D-B6EC-878C6988EA41} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [2014-10-07] (Microsoft Corporation)
Task: {620B6348-6382-4BF6-BEB3-41D7E9A847D0} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {66BFDB4A-A602-4F3C-9367-21034EA86C9E} - System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-2305213872-2505911372-3816809497-1000 => C:\Program Files (x86)\RealNetworks\RealDownloader\realupgrade.exe [2014-05-13] (RealNetworks, Inc.)
Task: {68835A6C-24F1-409C-96F4-51CAE81EFA26} - System32\Tasks\G2MUpdateTask-S-1-5-21-2305213872-2505911372-3816809497-1000 => C:\Program Files (x86)\Citrix\GoToMeeting\2130\g2mupdate.exe [2014-12-20] (Citrix Online, a division of Citrix Systems, Inc.)
Task: {6A81C897-A6D1-4128-BAF9-24366D3068D8} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-2305213872-2505911372-3816809497-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2014-05-23] (RealNetworks, Inc.)
Task: {6DC294C1-E3A9-4D4C-AC82-4F1623B9A87D} - System32\Tasks\{D2A8705C-388D-4822-8CCC-2A9FA10DA951} => pcalua.exe -a C:\Users\KnightCat\Downloads\vcredist_x86.exe -d C:\Users\KnightCat\Downloads
Task: {70EF2A1F-1F06-4A7D-96E6-6D9644CE58FD} - System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-2305213872-2505911372-3816809497-1000 => C:\Program Files (x86)\RealNetworks\RealDownloader\realupgrade.exe [2014-05-13] (RealNetworks, Inc.)
Task: {7676A1BB-871A-40BA-BD0C-03D953A89D49} - System32\Tasks\{CBEF3558-09BA-477C-9A09-456D8DE04CA4} => G:\Origin\The Saboteur\Saboteur.exe [2009-12-11] (Electronic Arts)
Task: {78CEC2C6-58EA-42BE-823C-FBF8B09C839C} - System32\Tasks\MotoCast Update => C:\Program Files (x86)\Motorola Mobility\MotoCast\LiveUpdate\MotoCastUpdate.exe [2012-07-24] ()
Task: {7C6BE817-1270-4ED0-A8B7-D1BFF9CD8D9C} - System32\Tasks\MSIAfterburner => C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe [2014-08-31] ()
Task: {7FA8B852-C46D-4547-85D9-4444DE6D1029} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2014-10-07] (Microsoft Corporation)
Task: {8944CA38-CCC6-4047-A468-2CDE0ECA0D39} - System32\Tasks\ASUS\ASUS AI Suite II Execute => C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe [2012-03-13] (ASUSTeK Computer Inc.)
Task: {8D11CC5E-D9BB-4D76-B29C-B28E1495EA58} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {93A1D1CD-24CD-4BCE-8E3D-6A5B139F376A} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx64\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2014-10-22] (Microsoft Corporation)
Task: {A06FCFDF-A9B9-447C-9693-C8C364AD856F} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-03-14] (Google Inc.)
Task: {B01E7EC8-9DCB-40E9-BBD2-DC55D0F03A24} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2305213872-2505911372-3816809497-1000UA => C:\Users\KnightCat\AppData\Local\Google\Update\GoogleUpdate.exe [2013-03-14] (Google Inc.)
Task: {BCB029C6-8EC0-4939-88E0-13FF842CB05C} - System32\Tasks\RTSS => C:\Program Files (x86)\RivaTuner Statistics Server\RTSS.exe [2014-08-30] ()
Task: {BD990D74-510E-4035-9503-793C3F1E3E27} - System32\Tasks\{2057093D-D359-4431-840A-CFE57C05A68E} => pcalua.exe -a C:\Users\KnightCat\Downloads\SForceOffice.exe -d C:\Users\KnightCat\Downloads
Task: {C291930A-41D4-453B-A5DD-45A502DAC5C7} - System32\Tasks\{AD5E976E-F00C-4CD7-8B87-3FB03A7B0E08} => pcalua.exe -a D:\Launch.exe -d D:\
Task: {C2C01B21-69AA-4A8A-B24B-F4B8C38AA681} - System32\Tasks\Microsoft Office 15 Sync Maintenance for KnightCat-PC-KnightCat KnightCat-PC => C:\Program Files\Microsoft Office 15\Root\Office15\MsoSync.exe [2014-10-07] (Microsoft Corporation)
Task: {C6603369-0267-450F-B841-B14F867D4990} - System32\Tasks\{51937AD9-B00C-459B-AE6A-77AC4DD1F0BE} => pcalua.exe -a C:\Users\KnightCat\Downloads\setup_en.exe -d C:\Users\KnightCat\Downloads
Task: {D3EE66AC-E8B8-4C2B-B540-AA22BAC5C742} - System32\Tasks\{6C587720-CE42-4823-A6B0-9DE9E61E5F67} => G:\Origin\The Saboteur\Saboteur.exe [2009-12-11] (Electronic Arts)
Task: {D9D4094E-F3FD-48BC-B282-EA4CFDA88576} - System32\Tasks\ASUS\ASUS DigiPowerControl Help => C:\Program Files (x86)\ASUS\AI Suite II\DIGI+ Power Control\PowerControlHelp.exe [2012-07-23] (ASUSTeK Computer Inc.)
Task: {DBBC874D-7491-4846-90AB-25BB3FDFC20E} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-11-25] (AVAST Software)
Task: {DEAAA5EB-60D2-417F-B9F9-42A0DCEAC707} - System32\Tasks\Core Temp Autostart => C:\Program Files\Core Temp\Core Temp.exe [2010-07-02] ()
Task: {E76DDA54-28AC-4076-BECF-BB58B3A3E6CB} - System32\Tasks\AdobeAAMUpdater-1.0-KnightCat-PC-KnightCat => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2012-09-20] (Adobe Systems Incorporated)
Task: {E82B465F-7E44-4825-8F95-5D1DE92D4CC5} - System32\Tasks\{F9DFB0E6-4136-42BD-ABBE-639D034A1BD5} => K:\SWAT 2 FE\SWAT2\AUTORUN.EXE
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\G2MUpdateTask-S-1-5-21-2305213872-2505911372-3816809497-1000.job => C:\Program Files (x86)\Citrix\GoToMeeting\2130\g2mupdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2305213872-2505911372-3816809497-1000Core.job => C:\Users\KnightCat\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2305213872-2505911372-3816809497-1000UA.job => C:\Users\KnightCat\AppData\Local\Google\Update\GoogleUpdate.exe
 
==================== Loaded Modules (whitelisted) =============

2013-03-19 09:24 - 2014-11-12 15:56 - 00118080 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2013-08-25 09:12 - 2012-10-04 18:49 - 00087152 _____ () C:\Windows\System32\cpwmon64.dll
2013-03-14 12:20 - 2013-03-14 12:20 - 00920736 ____N () C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe
2014-09-22 09:33 - 2014-05-20 09:19 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2013-03-18 08:57 - 2013-03-18 08:57 - 00008192 _____ () C:\Windows\SysWOW64\srvany.exe
2013-03-18 08:57 - 2013-03-18 08:57 - 00151552 _____ () C:\Windows\KMService.exe
2014-05-17 15:08 - 2011-12-23 10:11 - 00155136 _____ () C:\Program Files (x86)\NVMS5 Standard Edition\bin\cms.exe
2014-05-17 15:08 - 2009-03-16 12:29 - 06562432 _____ () C:\Program Files (x86)\NVMS5 Standard Edition\data\bin\mysqld.exe
2014-05-17 15:08 - 2011-12-23 09:48 - 00176640 _____ () C:\Program Files (x86)\NVMS5 Standard Edition\bin\watch.exe
2013-04-11 15:14 - 2014-09-09 13:25 - 00066872 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2014-05-13 12:10 - 2014-05-13 12:10 - 00039568 _____ () C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
2014-05-23 00:34 - 2014-05-23 00:34 - 00023552 _____ () C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe
2014-11-25 12:38 - 2014-11-25 12:38 - 00388208 _____ () C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxDDU.dll
2014-11-25 12:38 - 2014-11-25 12:38 - 05851328 _____ () C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxRT.dll
2014-05-17 15:08 - 2011-12-23 10:12 - 00014848 _____ () C:\Program Files (x86)\NVMS5 Standard Edition\bin\vtdu.exe
2014-05-17 15:08 - 2011-12-23 10:12 - 00015872 _____ () C:\Program Files (x86)\NVMS5 Standard Edition\bin\nru.exe
2014-08-30 12:07 - 2014-08-30 12:07 - 00400384 _____ () C:\Program Files (x86)\RivaTuner Statistics Server\RTSSHooks64.dll
2014-08-31 07:00 - 2014-08-31 07:00 - 00512512 _____ () C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe
2014-08-30 12:07 - 2014-08-30 12:07 - 00195584 _____ () C:\Program Files (x86)\RivaTuner Statistics Server\RTSS.exe
2014-02-20 23:23 - 2010-07-02 13:52 - 00530448 _____ () C:\Program Files\Core Temp\Core Temp.exe
2014-09-18 01:23 - 2014-09-18 01:23 - 00866584 _____ () C:\Program Files\Logitech Gaming Software\libGLESv2.dll
2014-10-14 12:51 - 2014-10-14 12:51 - 01050904 _____ () C:\Program Files\Logitech Gaming Software\platforms\qwindows.dll
2014-09-18 01:23 - 2014-09-18 01:23 - 00059160 _____ () C:\Program Files\Logitech Gaming Software\libEGL.dll
2014-10-14 12:51 - 2014-10-14 12:51 - 00242456 _____ () C:\Program Files\Logitech Gaming Software\imageformats\qjpeg.dll
2014-10-16 08:46 - 2014-11-20 14:45 - 00393376 _____ () C:\Program Files\Microsoft Office 15\root\office15\AppVIsvStream64.dll
2014-10-16 08:46 - 2014-11-20 14:51 - 02210480 _____ () C:\Program Files\Microsoft Office 15\root\office15\tmpod.dll
2014-10-16 08:46 - 2014-10-16 08:48 - 00027304 _____ () C:\Program Files\Microsoft Office 15\root\office15\lynchtmlconvpxy.dll
2014-10-16 08:47 - 2014-09-23 07:36 - 08897696 _____ () C:\Program Files\Microsoft Office 15\root\Office15\1033\GrooveIntlResource.dll
2014-10-16 08:47 - 2014-09-23 07:36 - 08897696 _____ () C:\Program Files\Microsoft Office 15\root\office15\1033\GrooveIntlResource.dll
2014-10-16 08:46 - 2014-11-20 14:45 - 00393376 _____ () C:\Program Files\Microsoft Office 15\Root\Office15\AppVIsvStream64.dll
2014-08-30 12:07 - 2014-08-30 12:07 - 00026112 _____ () C:\Program Files (x86)\RivaTuner Statistics Server\EncoderServer.exe
2014-08-30 12:07 - 2014-08-30 12:07 - 00088576 _____ () C:\Program Files (x86)\RivaTuner Statistics Server\RTSSHooksLoader64.exe
2012-12-28 10:44 - 2012-12-28 10:44 - 00039648 _____ () C:\Program Files (x86)\Microsoft Garage\Mouse without Borders\MousewithoutBordersHelper.exe
2014-05-01 13:29 - 2014-05-01 13:29 - 00098304 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext_64.dll
2014-12-21 06:00 - 2014-12-21 06:00 - 02908160 _____ () C:\Program Files\AVAST Software\Avast\defs\14122100\algo.dll
2014-11-25 12:38 - 2014-11-25 12:38 - 04495336 _____ () C:\Program Files\AVAST Software\Avast\ng\vbox\x86\VBoxRT-x86.dll
2014-12-21 09:54 - 2014-12-21 09:54 - 02908160 _____ () C:\Program Files\AVAST Software\Avast\defs\14122101\algo.dll
2014-04-21 20:32 - 2009-10-23 11:31 - 00038912 _____ () C:\Program Files (x86)\Amazon\Amazon Games & Software Downloader\utility.dll
2014-10-11 12:06 - 2014-10-11 12:06 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-10-11 12:05 - 2014-10-11 12:05 - 01044776 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2013-03-14 12:20 - 2014-12-21 09:52 - 00029184 _____ () C:\Program Files (x86)\ASUS\AXSP\1.00.19\PEbiosinterface32.dll
2013-03-14 12:20 - 2013-03-14 12:20 - 00104448 ____N () C:\Program Files (x86)\ASUS\AXSP\1.00.19\ATKEX.dll
2012-09-07 20:35 - 2012-09-07 20:35 - 00128960 _____ () C:\Program Files (x86)\Motorola Media Link\Lite\liveupdatetactics.dll
2012-09-07 20:35 - 2012-09-07 20:35 - 00024496 _____ () C:\Program Files (x86)\Motorola Media Link\Lite\DbAccess.dll
2012-09-07 20:37 - 2012-09-07 20:37 - 00466256 _____ () C:\Program Files (x86)\Motorola Media Link\Lite\sqlite3.dll
2012-09-07 20:36 - 2012-09-07 20:36 - 00045992 _____ () C:\Program Files (x86)\Motorola Media Link\Lite\NAdvLog.dll
2012-09-07 20:36 - 2012-09-07 20:36 - 00034752 _____ () C:\Program Files (x86)\Motorola Media Link\Lite\NFileCacheDBAccess.dll
2013-12-17 03:42 - 2013-12-17 03:42 - 00335872 _____ () C:\Program Files (x86)\MediaMall\lua51a.dll
2014-05-17 15:08 - 2011-12-23 10:11 - 00176640 _____ () C:\Program Files (x86)\NVMS5 Standard Edition\bin\nmactionmgr.dll
2014-05-17 15:08 - 2011-12-23 09:47 - 00496640 _____ () C:\Program Files (x86)\NVMS5 Standard Edition\bin\sdp.dll
2014-05-17 15:08 - 2011-12-16 16:56 - 01318912 _____ () C:\Program Files (x86)\NVMS5 Standard Edition\bin\LIBMYSQL.dll
2014-05-17 15:08 - 2011-12-23 10:11 - 00116736 _____ () C:\Program Files (x86)\NVMS5 Standard Edition\bin\action.dll
2014-05-17 15:08 - 2011-12-23 10:11 - 00117248 _____ () C:\Program Files (x86)\NVMS5 Standard Edition\bin\adapter.dll
2014-05-17 15:08 - 2011-12-23 09:48 - 00118784 _____ () C:\Program Files (x86)\NVMS5 Standard Edition\bin\mitoid.dll
2014-05-17 15:08 - 2011-12-23 10:11 - 00159232 _____ () C:\Program Files (x86)\NVMS5 Standard Edition\bin\nmmitcore.dll
2014-05-17 15:08 - 2011-12-23 10:11 - 00179200 _____ () C:\Program Files (x86)\NVMS5 Standard Edition\bin\nmsecucore.dll
2014-05-17 15:08 - 2011-12-23 09:48 - 00128000 _____ () C:\Program Files (x86)\NVMS5 Standard Edition\bin\tdcne.dll
2014-05-17 15:08 - 2011-12-23 10:11 - 00139264 _____ () C:\Program Files (x86)\NVMS5 Standard Edition\bin\actionalarmout.dll
2014-05-17 15:08 - 2011-12-23 10:11 - 00142336 _____ () C:\Program Files (x86)\NVMS5 Standard Edition\bin\actioncupreview.dll
2014-05-17 15:08 - 2011-12-23 09:48 - 00193536 _____ () C:\Program Files (x86)\NVMS5 Standard Edition\bin\tdccms.dll
2014-05-17 15:08 - 2011-12-23 10:11 - 00169984 _____ () C:\Program Files (x86)\NVMS5 Standard Edition\bin\nmlogcore.dll
2014-05-17 15:08 - 2011-12-23 10:11 - 00138240 _____ () C:\Program Files (x86)\NVMS5 Standard Edition\bin\msgcenter.dll
2014-05-17 15:08 - 2011-12-23 10:11 - 00168448 _____ () C:\Program Files (x86)\NVMS5 Standard Edition\bin\adapter_nru.dll
2014-05-17 15:08 - 2011-12-23 10:11 - 00211456 _____ () C:\Program Files (x86)\NVMS5 Standard Edition\bin\nmmit.dll
2014-05-17 15:08 - 2011-12-23 09:47 - 00224768 _____ () C:\Program Files (x86)\NVMS5 Standard Edition\bin\license.dll
2014-05-17 15:08 - 2011-12-23 10:11 - 00130048 _____ () C:\Program Files (x86)\NVMS5 Standard Edition\bin\nmsecu.dll
2014-05-17 15:08 - 2011-12-23 10:11 - 00122368 _____ () C:\Program Files (x86)\NVMS5 Standard Edition\bin\nmfault.dll
2014-05-17 15:08 - 2011-12-23 10:11 - 00254464 _____ () C:\Program Files (x86)\NVMS5 Standard Edition\bin\nmfaultcore.dll
2014-05-17 15:08 - 2011-12-23 09:53 - 00070656 _____ () C:\Program Files (x86)\NVMS5 Standard Edition\bin\nmexport.dll
2014-05-17 15:08 - 2011-12-23 10:11 - 00291840 _____ () C:\Program Files (x86)\NVMS5 Standard Edition\bin\nmvtdumgr.dll
2014-05-17 15:08 - 2011-12-23 10:11 - 00128000 _____ () C:\Program Files (x86)\NVMS5 Standard Edition\bin\nmuserproperty.dll
2014-05-17 15:08 - 2011-12-23 10:11 - 00158208 _____ () C:\Program Files (x86)\NVMS5 Standard Edition\bin\adapter_vtdu.dll
2014-05-17 15:08 - 2011-12-23 10:11 - 00116736 _____ () C:\Program Files (x86)\NVMS5 Standard Edition\bin\nmlog.dll
2014-05-17 15:08 - 2011-12-23 10:11 - 00215040 _____ () C:\Program Files (x86)\NVMS5 Standard Edition\bin\adapter_dvrs.dll
2014-05-17 15:08 - 2011-12-16 16:56 - 01253376 _____ () C:\Program Files (x86)\NVMS5 Standard Edition\bin\HieClientUnit.dll
2014-05-17 15:08 - 2011-12-23 10:11 - 00250880 _____ () C:\Program Files (x86)\NVMS5 Standard Edition\bin\nmmap.dll
2014-05-17 15:08 - 2011-12-23 10:11 - 00156672 _____ () C:\Program Files (x86)\NVMS5 Standard Edition\bin\nmhydvrs.dll
2014-05-17 15:08 - 2011-12-23 10:11 - 00150528 _____ () C:\Program Files (x86)\NVMS5 Standard Edition\bin\nmnrumgr.dll
2014-05-17 15:08 - 2011-12-23 10:11 - 00137216 _____ () C:\Program Files (x86)\NVMS5 Standard Edition\bin\nmsys.dll
2014-05-17 15:08 - 2011-12-23 09:48 - 00117248 _____ () C:\Program Files (x86)\NVMS5 Standard Edition\bin\avadapter.dll
2014-05-17 15:08 - 2011-12-23 10:12 - 00031232 _____ () C:\Program Files (x86)\NVMS5 Standard Edition\bin\nesys.dll
2014-05-17 15:08 - 2011-12-23 09:49 - 00175616 _____ () C:\Program Files (x86)\NVMS5 Standard Edition\bin\avadapter_private.dll
2014-05-17 15:08 - 2011-12-23 10:12 - 00148992 _____ () C:\Program Files (x86)\NVMS5 Standard Edition\bin\avadapter_private_vtdu.dll
2014-05-17 15:08 - 2011-12-23 10:12 - 00133632 _____ () C:\Program Files (x86)\NVMS5 Standard Edition\bin\nevtdu.dll
2014-05-17 15:08 - 2011-12-23 09:49 - 00106496 _____ () C:\Program Files (x86)\NVMS5 Standard Edition\bin\avadapter_private_ex.dll
2014-05-17 15:08 - 2011-12-23 09:49 - 00080384 _____ () C:\Program Files (x86)\NVMS5 Standard Edition\bin\nenru_avr.dll
2014-05-17 15:08 - 2011-12-23 09:50 - 00163328 _____ () C:\Program Files (x86)\NVMS5 Standard Edition\bin\nenru.dll
2014-08-31 06:58 - 2014-08-31 06:58 - 00071680 _____ () C:\Program Files (x86)\MSI Afterburner\RTMUI.dll
2014-08-31 06:58 - 2014-08-31 06:58 - 00056832 _____ () C:\Program Files (x86)\MSI Afterburner\RTFC.dll
2014-08-31 06:59 - 2014-08-31 06:59 - 00217600 _____ () C:\Program Files (x86)\MSI Afterburner\RTCore.dll
2014-08-31 06:59 - 2014-08-31 06:59 - 00324608 _____ () C:\Program Files (x86)\MSI Afterburner\RTUI.dll
2014-08-31 07:00 - 2014-08-31 07:00 - 00648192 _____ () C:\Program Files (x86)\MSI Afterburner\RTHAL.dll
2014-08-30 12:07 - 2014-08-30 12:07 - 00354816 _____ () C:\Program Files (x86)\RivaTuner Statistics Server\RTSSHooks.dll
2013-02-27 08:21 - 2013-02-27 08:21 - 00141312 _____ () C:\Program Files (x86)\MSI Afterburner\LogitechLcd.dll
2014-08-30 12:07 - 2014-08-30 12:07 - 00056832 _____ () C:\Program Files (x86)\RivaTuner Statistics Server\RTFC.dll
2014-08-30 12:07 - 2014-08-30 12:07 - 00324608 _____ () C:\Program Files (x86)\RivaTuner Statistics Server\RTUI.dll
2014-08-30 12:07 - 2014-08-30 12:07 - 00071680 _____ () C:\Program Files (x86)\RivaTuner Statistics Server\RTMUI.dll
2014-10-16 08:50 - 2014-09-23 05:43 - 08897696 _____ () C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\1033\GrooveIntlResource.dll
2013-04-12 15:56 - 2012-05-17 17:57 - 00043520 ____N () C:\Program Files (x86)\ASUS\AI Suite II\TurboV EVO\HookKey32.dll
2013-04-12 15:55 - 2012-07-05 11:05 - 00253952 _____ () C:\Program Files (x86)\ASUS\AI Suite II\TurboV EVO\pngio.dll
2014-08-21 17:56 - 2014-12-01 15:31 - 02396672 _____ () F:\Games\Steam2\libavcodec-56.dll
2014-08-21 17:56 - 2014-12-01 15:31 - 00442880 _____ () F:\Games\Steam2\libavutil-54.dll
2014-08-21 17:56 - 2014-12-01 15:31 - 00479744 _____ () F:\Games\Steam2\libavformat-56.dll
2014-08-21 17:56 - 2014-12-01 15:31 - 00332800 _____ () F:\Games\Steam2\libavresample-2.dll
2013-03-12 16:10 - 2014-11-11 12:47 - 00774656 _____ () F:\Games\Steam2\SDL2.dll
2014-12-02 23:59 - 2014-12-01 18:29 - 05002752 _____ () F:\Games\Steam2\v8.dll
2014-12-02 23:59 - 2014-12-01 18:29 - 01612800 _____ () F:\Games\Steam2\icui18n.dll
2014-12-02 23:59 - 2014-12-01 18:29 - 01210368 _____ () F:\Games\Steam2\icuuc.dll
2014-05-21 13:30 - 2014-12-19 17:38 - 02226880 _____ () F:\Games\Steam2\video.dll
2014-08-21 17:56 - 2014-12-01 15:31 - 00485888 _____ () F:\Games\Steam2\libswscale-3.dll
2013-02-25 06:39 - 2014-12-19 17:38 - 00696000 _____ () F:\Games\Steam2\bin\chromehtml.DLL
2013-02-19 10:48 - 2014-12-19 17:38 - 34641288 _____ () F:\Games\Steam2\bin\libcef.dll
2014-02-12 10:20 - 2014-02-12 10:20 - 00166816 _____ () C:\Program Files (x86)\Gizmo\GImage.DLL
2014-02-12 10:20 - 2014-02-12 10:20 - 00315800 _____ () C:\Program Files (x86)\Gizmo\gmanager.DLL
2014-02-12 10:20 - 2014-02-12 10:20 - 00404384 _____ () C:\Program Files (x86)\Gizmo\gdatabase.dll
2014-02-12 10:20 - 2014-02-12 10:20 - 00394656 _____ () C:\Program Files (x86)\Gizmo\gdrive.dll
2014-02-12 10:20 - 2014-02-12 10:20 - 00339864 _____ () C:\Program Files (x86)\Gizmo\geditor.dll
2014-02-12 10:20 - 2014-02-12 10:20 - 00372632 _____ () C:\Program Files (x86)\Gizmo\ghash.dll
2014-02-12 10:20 - 2014-02-12 10:20 - 00339864 _____ () C:\Program Files (x86)\Gizmo\gscript.dll
2014-11-25 12:38 - 2014-11-25 12:38 - 38562088 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2013-03-14 12:21 - 2011-07-12 18:14 - 00147456 _____ () C:\Program Files (x86)\ASUS\AI Suite II\AssistFunc.dll
2013-03-14 12:21 - 2010-10-05 07:22 - 00253952 _____ () C:\Program Files (x86)\ASUS\AI Suite II\pngio.dll
2013-03-14 12:21 - 2012-03-21 11:07 - 00972288 _____ () C:\Program Files (x86)\ASUS\AI Suite II\BarGadget\BarGadget.dll
2013-04-12 15:55 - 2012-06-19 11:56 - 01305600 _____ () C:\Program Files (x86)\ASUS\AI Suite II\MyLogo\MyLogo.dll
2013-03-14 12:21 - 2012-05-25 09:33 - 00883712 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Sensor\Sensor.dll
2013-03-14 12:21 - 2012-05-28 20:27 - 01622528 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Sensor Graph\SensorGraph.dll
2013-03-14 12:21 - 2011-09-19 19:18 - 01243136 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Settings\Settings.dll
2013-03-14 12:21 - 2011-07-21 08:06 - 00846848 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Splitter\Splitter.dll
2013-03-14 12:21 - 2011-10-14 19:03 - 00885248 _____ () C:\Program Files (x86)\ASUS\AI Suite II\TabGadget\TabGadget.dll
2013-04-12 15:55 - 2011-06-08 10:15 - 00651264 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Thermal Radar\ThermalRadar.dll
2013-03-14 12:20 - 2013-03-14 12:20 - 00662016 _____ () C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMLib.dll
2013-03-14 12:21 - 2010-10-05 07:22 - 00208896 _____ () C:\Program Files (x86)\ASUS\AI Suite II\ImageHelper.dll
2014-12-21 09:56 - 2014-12-21 09:56 - 00098816 _____ () C:\Users\KnightCat\AppData\Local\Temp\_MEI86602\win32api.pyd
2014-12-21 09:56 - 2014-12-21 09:56 - 00110080 _____ () C:\Users\KnightCat\AppData\Local\Temp\_MEI86602\pywintypes27.dll
2014-12-21 09:56 - 2014-12-21 09:56 - 00364544 _____ () C:\Users\KnightCat\AppData\Local\Temp\_MEI86602\pythoncom27.dll
2014-12-21 09:56 - 2014-12-21 09:56 - 00045568 _____ () C:\Users\KnightCat\AppData\Local\Temp\_MEI86602\_socket.pyd
2014-12-21 09:56 - 2014-12-21 09:56 - 01160704 _____ () C:\Users\KnightCat\AppData\Local\Temp\_MEI86602\_ssl.pyd
2014-12-21 09:56 - 2014-12-21 09:56 - 00320512 _____ () C:\Users\KnightCat\AppData\Local\Temp\_MEI86602\win32com.shell.shell.pyd
2014-12-21 09:56 - 2014-12-21 09:56 - 00713216 _____ () C:\Users\KnightCat\AppData\Local\Temp\_MEI86602\_hashlib.pyd
2014-12-21 09:56 - 2014-12-21 09:56 - 01175040 _____ () C:\Users\KnightCat\AppData\Local\Temp\_MEI86602\wx._core_.pyd
2014-12-21 09:56 - 2014-12-21 09:56 - 00805888 _____ () C:\Users\KnightCat\AppData\Local\Temp\_MEI86602\wx._gdi_.pyd
2014-12-21 09:56 - 2014-12-21 09:56 - 00811008 _____ () C:\Users\KnightCat\AppData\Local\Temp\_MEI86602\wx._windows_.pyd
2014-12-21 09:56 - 2014-12-21 09:56 - 01062400 _____ () C:\Users\KnightCat\AppData\Local\Temp\_MEI86602\wx._controls_.pyd
2014-12-21 09:56 - 2014-12-21 09:56 - 00735232 _____ () C:\Users\KnightCat\AppData\Local\Temp\_MEI86602\wx._misc_.pyd
2014-12-21 09:56 - 2014-12-21 09:56 - 00128512 _____ () C:\Users\KnightCat\AppData\Local\Temp\_MEI86602\_elementtree.pyd
2014-12-21 09:56 - 2014-12-21 09:56 - 00127488 _____ () C:\Users\KnightCat\AppData\Local\Temp\_MEI86602\pyexpat.pyd
2014-12-21 09:56 - 2014-12-21 09:56 - 00557056 _____ () C:\Users\KnightCat\AppData\Local\Temp\_MEI86602\pysqlite2._sqlite.pyd
2014-12-21 09:56 - 2014-12-21 09:56 - 00087552 _____ () C:\Users\KnightCat\AppData\Local\Temp\_MEI86602\_ctypes.pyd
2014-12-21 09:56 - 2014-12-21 09:56 - 00119808 _____ () C:\Users\KnightCat\AppData\Local\Temp\_MEI86602\win32file.pyd
2014-12-21 09:56 - 2014-12-21 09:56 - 00108544 _____ () C:\Users\KnightCat\AppData\Local\Temp\_MEI86602\win32security.pyd
2014-12-21 09:56 - 2014-12-21 09:56 - 00007168 _____ () C:\Users\KnightCat\AppData\Local\Temp\_MEI86602\hashobjs_ext.pyd
2014-12-21 09:56 - 2014-12-21 09:56 - 00167936 _____ () C:\Users\KnightCat\AppData\Local\Temp\_MEI86602\win32gui.pyd
2014-12-21 09:56 - 2014-12-21 09:56 - 00018432 _____ () C:\Users\KnightCat\AppData\Local\Temp\_MEI86602\win32event.pyd
2014-12-21 09:56 - 2014-12-21 09:56 - 00038912 _____ () C:\Users\KnightCat\AppData\Local\Temp\_MEI86602\win32inet.pyd
2014-12-21 09:56 - 2014-12-21 09:56 - 00011264 _____ () C:\Users\KnightCat\AppData\Local\Temp\_MEI86602\win32crypt.pyd
2014-12-21 09:56 - 2014-12-21 09:56 - 00070656 _____ () C:\Users\KnightCat\AppData\Local\Temp\_MEI86602\wx._html2.pyd
2014-12-21 09:56 - 2014-12-21 09:56 - 00027136 _____ () C:\Users\KnightCat\AppData\Local\Temp\_MEI86602\_multiprocessing.pyd
2014-12-21 09:56 - 2014-12-21 09:56 - 00035840 _____ () C:\Users\KnightCat\AppData\Local\Temp\_MEI86602\win32process.pyd
2014-12-21 09:56 - 2014-12-21 09:56 - 00686080 _____ () C:\Users\KnightCat\AppData\Local\Temp\_MEI86602\unicodedata.pyd
2014-12-21 09:56 - 2014-12-21 09:56 - 00122368 _____ () C:\Users\KnightCat\AppData\Local\Temp\_MEI86602\wx._wizard.pyd
2014-12-21 09:56 - 2014-12-21 09:56 - 00024064 _____ () C:\Users\KnightCat\AppData\Local\Temp\_MEI86602\win32pipe.pyd
2014-12-21 09:56 - 2014-12-21 09:56 - 00025600 _____ () C:\Users\KnightCat\AppData\Local\Temp\_MEI86602\win32pdh.pyd
2014-12-21 09:56 - 2014-12-21 09:56 - 00525640 _____ () C:\Users\KnightCat\AppData\Local\Temp\_MEI86602\windows._lib_cacheinvalidation.pyd
2014-12-21 09:56 - 2014-12-21 09:56 - 00010240 _____ () C:\Users\KnightCat\AppData\Local\Temp\_MEI86602\select.pyd
2014-12-21 09:56 - 2014-12-21 09:56 - 00017408 _____ () C:\Users\KnightCat\AppData\Local\Temp\_MEI86602\win32profile.pyd
2014-12-21 09:56 - 2014-12-21 09:56 - 00022528 _____ () C:\Users\KnightCat\AppData\Local\Temp\_MEI86602\win32ts.pyd
2014-12-21 09:56 - 2014-12-21 09:56 - 00078336 _____ () C:\Users\KnightCat\AppData\Local\Temp\_MEI86602\wx._animate.pyd
2010-11-22 16:56 - 2010-11-22 16:56 - 00087040 _____ () C:\Program Files (x86)\Raptr\_ctypes.pyd
2010-11-22 16:56 - 2010-11-22 16:56 - 00043008 _____ () C:\Program Files (x86)\Raptr\_socket.pyd
2010-11-22 16:56 - 2010-11-22 16:56 - 00805376 _____ () C:\Program Files (x86)\Raptr\_ssl.pyd
2014-05-13 17:26 - 2014-05-13 17:26 - 05812736 _____ () C:\Program Files (x86)\Raptr\PyQt4.QtGui.pyd
2014-05-13 17:26 - 2014-05-13 17:26 - 00067584 _____ () C:\Program Files (x86)\Raptr\sip.pyd
2014-05-13 17:26 - 2014-05-13 17:26 - 01662464 _____ () C:\Program Files (x86)\Raptr\PyQt4.QtCore.pyd
2014-05-13 17:26 - 2014-05-13 17:26 - 00494592 _____ () C:\Program Files (x86)\Raptr\PyQt4.QtNetwork.pyd
2010-11-22 16:57 - 2010-11-22 16:57 - 00096256 _____ () C:\Program Files (x86)\Raptr\win32api.pyd
2010-11-22 16:56 - 2010-11-22 16:56 - 00110592 _____ () C:\Program Files (x86)\Raptr\pywintypes26.dll
2010-11-22 16:56 - 2010-11-22 16:56 - 00010240 _____ () C:\Program Files (x86)\Raptr\select.pyd
2010-11-22 16:56 - 2010-11-22 16:56 - 00356864 _____ () C:\Program Files (x86)\Raptr\_hashlib.pyd
2010-11-22 16:57 - 2010-11-22 16:57 - 00036352 _____ () C:\Program Files (x86)\Raptr\win32process.pyd
2010-11-22 16:57 - 2010-11-22 16:57 - 00111104 _____ () C:\Program Files (x86)\Raptr\win32file.pyd
2010-11-22 16:56 - 2010-11-22 16:56 - 00044544 _____ () C:\Program Files (x86)\Raptr\_sqlite3.pyd
2011-02-15 12:17 - 2011-02-15 12:17 - 00417501 _____ () C:\Program Files (x86)\Raptr\sqlite3.dll
2010-11-22 16:57 - 2010-11-22 16:57 - 00167936 _____ () C:\Program Files (x86)\Raptr\win32gui.pyd
2014-05-13 17:26 - 2014-05-13 17:26 - 00313856 _____ () C:\Program Files (x86)\Raptr\PyQt4.QtWebKit.pyd
2010-11-22 16:56 - 2010-11-22 16:56 - 00127488 _____ () C:\Program Files (x86)\Raptr\pyexpat.pyd
2010-11-22 16:56 - 2010-11-22 16:56 - 00009216 _____ () C:\Program Files (x86)\Raptr\winsound.pyd
2010-11-22 16:56 - 2010-11-22 16:56 - 00354304 _____ () C:\Program Files (x86)\Raptr\pythoncom26.dll
2010-11-22 16:57 - 2010-11-22 16:57 - 00016384 _____ () C:\Program Files (x86)\Raptr\win32trace.pyd
2014-08-13 18:37 - 2014-08-13 18:37 - 00113171 _____ () C:\Program Files (x86)\Raptr\libvlc.dll
2014-08-13 18:37 - 2014-08-13 18:37 - 02396691 _____ () C:\Program Files (x86)\Raptr\libvlccore.dll
2010-11-22 16:56 - 2010-11-22 16:56 - 00583680 _____ () C:\Program Files (x86)\Raptr\unicodedata.pyd
2010-11-22 16:57 - 2010-11-22 16:57 - 00263168 _____ () C:\Program Files (x86)\Raptr\win32com.shell.shell.pyd
2010-11-22 16:56 - 2010-11-22 16:56 - 00324608 _____ () C:\Program Files (x86)\Raptr\PIL._imaging.pyd
2013-11-20 18:05 - 2013-11-20 18:05 - 00256000 _____ () C:\Program Files (x86)\Raptr\amd_ags.dll
2014-10-21 18:22 - 2014-10-21 18:22 - 00750080 _____ () C:\Users\KnightCat\AppData\Roaming\Dropbox\bin\libGLESv2.dll
2014-12-21 09:59 - 2014-12-21 09:59 - 00043008 _____ () c:\Users\KnightCat\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpslfy67.dll
2014-10-21 18:22 - 2014-10-21 18:22 - 00047616 _____ () C:\Users\KnightCat\AppData\Roaming\Dropbox\bin\libEGL.dll
2014-10-21 18:22 - 2014-10-21 18:22 - 00863744 _____ () C:\Users\KnightCat\AppData\Roaming\Dropbox\bin\plugins\platforms\qwindows.dll
2014-10-21 18:22 - 2014-10-21 18:22 - 00200704 _____ () C:\Users\KnightCat\AppData\Roaming\Dropbox\bin\plugins\imageformats\qjpeg.dll
2013-03-14 12:21 - 2009-08-12 19:15 - 00253952 _____ () C:\Program Files (x86)\ASUS\AI Suite II\Sensor\AlertHelper\pngio.dll
2010-11-22 16:57 - 2010-11-22 16:57 - 00141312 _____ () C:\Program Files (x86)\Raptr\gobject._gobject.pyd
2014-06-17 18:56 - 2014-06-17 18:56 - 02717595 _____ () C:\Program Files (x86)\Raptr\heliotrope._purple.pyd
2011-02-15 12:17 - 2011-02-15 12:17 - 01213633 _____ () C:\Program Files (x86)\Raptr\libxml2-2.dll
2010-11-22 17:06 - 2010-11-22 17:06 - 00055808 _____ () C:\Program Files (x86)\Raptr\zlib1.dll
2013-05-09 17:52 - 2013-05-09 17:52 - 00495680 _____ () C:\Program Files (x86)\Raptr\plugins\libaim.dll
2013-05-09 17:52 - 2013-05-09 17:52 - 01183699 _____ () C:\Program Files (x86)\Raptr\liboscar.dll
2013-05-09 17:52 - 2013-05-09 17:52 - 00483306 _____ () C:\Program Files (x86)\Raptr\plugins\libicq.dll
2013-05-03 12:57 - 2013-05-03 12:57 - 00655356 _____ () C:\Program Files (x86)\Raptr\plugins\libirc.dll
2013-05-03 12:56 - 2013-05-03 12:56 - 01306387 _____ () C:\Program Files (x86)\Raptr\plugins\libmsn.dll
2013-05-03 12:56 - 2013-05-03 12:56 - 00565461 _____ () C:\Program Files (x86)\Raptr\plugins\libxmpp.dll
2013-05-03 12:57 - 2013-05-03 12:57 - 01640221 _____ () C:\Program Files (x86)\Raptr\libjabber.dll
2013-05-03 12:56 - 2013-05-03 12:56 - 00506276 _____ () C:\Program Files (x86)\Raptr\plugins\libyahoo.dll
2013-05-03 12:57 - 2013-05-03 12:57 - 01053730 _____ () C:\Program Files (x86)\Raptr\libymsg.dll
2013-05-03 12:57 - 2013-05-03 12:57 - 00497782 _____ () C:\Program Files (x86)\Raptr\plugins\libyahoojp.dll
2013-05-03 12:57 - 2013-05-03 12:57 - 00603326 _____ () C:\Program Files (x86)\Raptr\plugins\ssl-nss.dll
2013-05-03 12:57 - 2013-05-03 12:57 - 00474199 _____ () C:\Program Files (x86)\Raptr\plugins\ssl.dll
2014-06-01 03:08 - 2014-06-01 03:08 - 00035328 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext.dll
2014-05-24 10:41 - 2014-05-24 10:41 - 00091648 _____ () C:\Program Files (x86)\FileZilla FTP Client\libgcc_s_sjlj-1.dll
2014-05-24 10:41 - 2014-05-24 10:41 - 00892416 _____ () C:\Program Files (x86)\FileZilla FTP Client\libstdc++-6.dll
2014-12-11 07:32 - 2014-12-05 19:50 - 01077064 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\libglesv2.dll
2014-12-11 07:32 - 2014-12-05 19:50 - 00211272 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\libegl.dll
2014-12-11 07:32 - 2014-12-05 19:50 - 09009480 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\pdf.dll
2014-12-11 07:32 - 2014-12-05 19:50 - 01677128 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\ffmpegsumo.dll
2014-12-11 07:32 - 2014-12-05 19:50 - 14913352 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\PepperFlash\pepflashplayer.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\Program Files\Common Files\System:C2kJhahHhdkMjWM4eUH
AlternateDataStreams: C:\ProgramData\Microsoft:suUGX6bOPy75ftjjBpH1G3VMPl
AlternateDataStreams: C:\ProgramData\Microsoft:YUXqDiEEBhYVj2uBnu
AlternateDataStreams: C:\ProgramData\Temp:F2721624
AlternateDataStreams: C:\Users\KnightCat\Cookies:7kHVvuSbdjcBGtJGMQHGWky

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SplashtopRemoteService => ""="Service"

==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

MSCONFIG\startupfolder: C:^Users^KnightCat^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Salesforce.com Skype Adapter.lnk => C:\Windows\pss\Salesforce.com Skype Adapter.lnk.Startup
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: bitlord.exe => "C:\Program Files (x86)\BitLord 2\Bitlord files\bitlord.exe" -t
MSCONFIG\startupreg: KiesTrayAgent => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
MSCONFIG\startupreg: LogMeIn Hamachi Ui => "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
MSCONFIG\startupreg: PeerBlock => C:\Program Files\PeerBlock\peerblock.exe
MSCONFIG\startupreg: Spotify => "C:\Users\KnightCat\AppData\Roaming\Spotify\Spotify.exe" /uri spotify:autostart
MSCONFIG\startupreg: Spotify Web Helper => "C:\Users\KnightCat\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
MSCONFIG\startupreg: vProt => "C:\Program Files (x86)\AVG SafeGuard toolbar\vprot.exe"

========================= Accounts: ==========================

Administrator (S-1-5-21-2305213872-2505911372-3816809497-500 - Administrator - Disabled)
ASPNET (S-1-5-21-2305213872-2505911372-3816809497-1007 - Limited - Enabled)
Guest (S-1-5-21-2305213872-2505911372-3816809497-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2305213872-2505911372-3816809497-1016 - Limited - Enabled)
KnightCat (S-1-5-21-2305213872-2505911372-3816809497-1000 - Administrator - Enabled) => C:\Users\KnightCat

==================== Faulty Device Manager Devices =============

Name: PCI Simple Communications Controller
Description: PCI Simple Communications Controller
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Hook Test Driver
Description: Hook Test Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: SDHookDriver
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: Unknown Device
Description: Unknown Device
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: (Standard USB Host Controller)
Service:
Problem: : Windows has stopped this device because it has reported problems. (Code 43)
Resolution: One of the drivers controlling the device notified the operating system that the device failed in some manner. For more information about how to diagnose the problem, see the hardware documentation.


==================== Event log errors: =========================

Application errors:
==================

System errors:
=============

Microsoft Office Sessions:
=========================

CodeIntegrity Errors:
===================================
Date: 2014-12-19 18:10:22.848
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2014-12-19 18:10:22.793
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2014-12-19 18:10:22.736
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2014-12-19 18:10:22.680
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2014-12-19 00:02:16.409
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2014-12-19 00:02:16.358
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2014-01-03 12:20:48.534
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume8\Windows\winsxs\wow64_microsoft-windows-appid_31bf3856ad364e35_6.1.7601.22280_none_c0008ddc1681bb4c\appidapi.dll because the set of per-page image hashes could not be found on the system.

Date: 2014-01-03 12:20:48.516
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume8\Windows\winsxs\wow64_microsoft-windows-appid_31bf3856ad364e35_6.1.7601.22280_none_c0008ddc1681bb4c\appidapi.dll because the set of per-page image hashes could not be found on the system.

Date: 2014-01-03 12:20:48.497
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume8\Windows\winsxs\wow64_microsoft-windows-appid_31bf3856ad364e35_6.1.7601.22280_none_c0008ddc1681bb4c\appidapi.dll because the set of per-page image hashes could not be found on the system.

Date: 2014-01-03 12:20:48.469
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume8\Windows\winsxs\wow64_microsoft-windows-appid_31bf3856ad364e35_6.1.7600.21490_none_be0f60ea19636b51\appidapi.dll because the set of per-page image hashes could not be found on the system.


==================== Memory info ===========================

Processor: Intel(R) Core(TM) i7-3960X CPU @ 3.30GHz
Percentage of memory in use: 25%
Total physical RAM: 32708.29 MB
Available physical RAM: 24455.04 MB
Total Pagefile: 65414.75 MB
Available Pagefile: 57074.21 MB
Total Virtual: 8192 MB
Available Virtual: 8191.8 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:465.66 GB) (Free:90.42 GB) NTFS
Drive d: (Verizon Mobile) (CDROM) (Total:0.03 GB) (Free:0 GB) CDFS
Drive f: (Steam) (Fixed) (Total:5588.79 GB) (Free:2989.85 GB) NTFS
Drive g: (Bulk Drive) (Fixed) (Total:3725.9 GB) (Free:3186.43 GB) NTFS
Drive I: (System Reserved) (Fixed) (Total:0.1 GB) (Free:0.03 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive m: (Home Theater (Movies)) (Network) (Total:7451.79 GB) (Free:2327.79 GB) NTFS
Drive t: (Home Theater (TV)) (Network) (Total:14903.59 GB) (Free:6711.73 GB) NTFS
Drive y: (JAG_SEASON_3) (Network) (Total:7.4 GB) (Free:0 GB) UDF

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: A60CB2D3)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=465.7 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 3726 GB) (Disk ID: 00000000)

Partition: GPT Partition Type.

========================================================
Disk: 2 (MBR Code: Windows 7 or 8) (Size: 3726 GB) (Disk ID: 00000000)

Partition: GPT Partition Type.

========================================================
Disk: 3 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: 00000000)

Partition: GPT Partition Type.

==================== End Of Log ============================
 
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 21-12-2014 01
Ran by KnightCat (administrator) on KNIGHTCAT-PC on 21-12-2014 11:30:12
Running from C:\Users\KnightCat\Downloads
Loaded Profile: KnightCat (Available profiles: KnightCat & DefaultAppPool)
Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool:

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\afwServ.exe
(ArcSoft, Inc.) C:\Program Files (x86)\Common Files\ArcSoft\esinter\Bin\eservutil.exe
(Amazon.com) C:\Program Files (x86)\Amazon\Amazon Games & Software Downloader\AmazonGSDownloaderService.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
() C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AsusFanControlService\1.01.14\AsusFanControlService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Nero AG) C:\Program Files (x86)\Motorola Media Link\Lite\NServiceEntry.exe
(Binary Fortress Software) C:\Program Files (x86)\DisplayFusion\DisplayFusionService.exe
(Starfield Technologies) C:\Program Files (x86)\Workspace\offSyncService.exe
(Foxit Corporation) C:\Program Files (x86)\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Arainia Solutions) C:\Program Files (x86)\Gizmo\gservice.exe
(Hi-Rez Studios) C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(GerixSoft) C:\Program Files (x86)\IndieVolume\IndieVolume.SVC.exe
(Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
() C:\Windows\SysWOW64\srvany.exe
() C:\Windows\KMService.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
(MediaMall Technologies, Inc.) C:\Program Files (x86)\MediaMall\MediaMallServer.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft) C:\Program Files (x86)\Microsoft Garage\Mouse without Borders\MouseWithoutBorders.exe
(Microsoft) C:\Program Files (x86)\Microsoft Garage\Mouse without Borders\MouseWithoutBorders.exe
() C:\Program Files (x86)\NVMS5 Standard Edition\bin\cms.exe
() C:\Program Files (x86)\NVMS5 Standard Edition\data\bin\mysqld.exe
() C:\Program Files (x86)\NVMS5 Standard Edition\bin\watch.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
() C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe
() C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Splashtop Inc.) C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRService.exe
(Splashtop Inc.) C:\Program Files (x86)\Splashtop\Splashtop Software Updater\SSUService.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Dyn, Inc.) C:\Program Files (x86)\Dyn Updater\DynUpSvc.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Avast Software) C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
() C:\Program Files (x86)\NVMS5 Standard Edition\bin\vtdu.exe
() C:\Program Files (x86)\NVMS5 Standard Edition\bin\nru.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\ng\ngservice.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\AsRoutineController.exe
() C:\Program Files (x86)\RivaTuner Statistics Server\RTSS.exe
() C:\Program Files\Core Temp\Core Temp.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\DIGI+ Power Control\PowerControlHelp.exe
(Splashtop Inc.) C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRServer.exe
(Splashtop Inc.) C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRFeature.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
(Microsoft Corporation) C:\Windows\WindowsMobile\wmdc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(GerixSoft) C:\Program Files (x86)\IndieVolume\IndieVolume.GUI.exe
(Spotify Ltd) C:\Users\KnightCat\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(Flux Software LLC) C:\Users\KnightCat\AppData\Local\FluxSoftware\Flux\flux.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\USB 3.0 Boost\U3BoostSvr64.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\office15\lync.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\TurboV EVO\TurboVHelp.exe
(Valve Corporation) F:\Games\Steam2\Steam.exe
(Binary Fortress Software) C:\Program Files (x86)\DisplayFusion\DisplayFusion.exe
(Valve Corporation) F:\Games\Steam2\bin\steamwebhelper.exe
(Citrix Online, LLC) C:\Program Files (x86)\Citrix\GoToAssist Remote Support Expert\758\g2ax_start.exe
(Arainia Solutions) C:\Program Files (x86)\Gizmo\gizmo.exe
(RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin64\rpsystray.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\Digital Imaging\bin\HpqSRmon.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-Agent.exe
(SamLogic Software) C:\Program Files (x86)\SamLogic\USB Supervisor\USBsupervisor.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\AI Suite II.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Citrix Online, LLC) C:\Program Files (x86)\Citrix\GoToAssist Remote Support Expert\758\g2ax_comm_expert.exe
(Citrix Online, LLC) C:\Program Files (x86)\Citrix\GoToAssist Remote Support Expert\758\g2ax_user_expert.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDPictureViewer.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDMovieViewer.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDClock.exe
(Raptr, Inc) C:\Program Files (x86)\Raptr\raptr.exe
(Binary Fortress Software) C:\Program Files (x86)\DisplayFusion\DisplayFusionHookAppWIN6032.exe
(Binary Fortress Software) C:\Program Files (x86)\DisplayFusion\DisplayFusionHookAppWIN6064.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDYT.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDMedia.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDCountdown.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDPOP3.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDWebCam.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Applets\LCDRSS.exe
(Dropbox, Inc.) C:\Users\KnightCat\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\office15\groove.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\office15\msosync.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AI Suite II\Sensor\AlertHelper\AlertHelper.exe
(Raptr, Inc) C:\Program Files (x86)\Raptr\raptr_im.exe
(Raptr Inc.) C:\Program Files (x86)\Raptr\raptr_ep64.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\office15\ucmapi.exe
() C:\Program Files (x86)\RivaTuner Statistics Server\EncoderServer.exe
() C:\Program Files (x86)\RivaTuner Statistics Server\RTSSHooksLoader64.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
() C:\Program Files (x86)\Microsoft Garage\Mouse without Borders\MouseWithoutBordersHelper.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google) C:\Users\KnightCat\AppData\Local\Google\Google Talk Plugin\googletalkplugin.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [12697368 2014-10-14] (Logitech Inc.)
HKLM\...\Run: [Windows Mobile Device Center] => C:\Windows\WindowsMobile\wmdc.exe [660360 2007-05-31] (Microsoft Corporation)
HKLM\...\Run: [Cm106Sound] => C:\Windows\syswow64\RunDll32.exe C:\Windows\Syswow64\cm106.dll,CMICtrlWnd
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2464072 2014-11-06] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [hpqSRMon] => C:\Program Files (x86)\HP\Digital Imaging\bin\hpqSRMon.exe [150528 2008-07-22] (Hewlett-Packard)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5227112 2014-12-11] (AVAST Software)
HKLM-x32\...\Run: [BlueStacks Agent] => C:\Program Files (x86)\BlueStacks\HD-Agent.exe [832272 2014-05-01] (BlueStack Systems, Inc.)
HKLM-x32\...\Run: [Communicator] => C:\Program Files (x86)\Microsoft Lync\communicator.exe [12117312 2014-05-01] (Microsoft Corporation)
HKLM-x32\...\Run: [USBsupervisor] => C:\Program Files (x86)\SamLogic\USB Supervisor\USBsupervisor.exe [1634928 2012-07-24] (SamLogic Software)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-07-25] (Oracle Corporation)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [157480 2014-10-15] (Apple Inc.)
HKLM-x32\...\Run: [AsioThk32Reg] => REGSVR32.EXE /S CTASIO.DLL
HKLM-x32\...\Run: [Raptr] => C:\Program Files (x86)\Raptr\raptrstub.exe [55568 2014-12-08] (Raptr, Inc)
HKU\S-1-5-21-2305213872-2505911372-3816809497-1000\...\Run: [Steam] => F:\Games\Steam2\steam.exe [1941696 2014-12-19] (Valve Corporation)
HKU\S-1-5-21-2305213872-2505911372-3816809497-1000\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [22869088 2014-10-21] (Google)
HKU\S-1-5-21-2305213872-2505911372-3816809497-1000\...\Run: [IndieVolume] => C:\Program Files (x86)\IndieVolume\IndieVolume.GUI.exe [3736576 2013-04-02] (GerixSoft)
HKU\S-1-5-21-2305213872-2505911372-3816809497-1000\...\Run: [Spotify Web Helper] => C:\Users\KnightCat\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1245752 2014-09-07] (Spotify Ltd)
HKU\S-1-5-21-2305213872-2505911372-3816809497-1000\...\Run: [f.lux] => C:\Users\KnightCat\AppData\Local\FluxSoftware\Flux\flux.exe [1017224 2013-10-23] (Flux Software LLC)
HKU\S-1-5-21-2305213872-2505911372-3816809497-1000\...\Run: [Lync] => C:\Program Files\Microsoft Office 15\root\office15\lync.exe [22672536 2014-10-14] (Microsoft Corporation)
HKU\S-1-5-21-2305213872-2505911372-3816809497-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [30872160 2014-12-03] (Skype Technologies S.A.)
HKU\S-1-5-21-2305213872-2505911372-3816809497-1000\...\Run: [DisplayFusion] => C:\Program Files (x86)\DisplayFusion\DisplayFusion.exe [6780256 2014-12-16] (Binary Fortress Software)
HKU\S-1-5-21-2305213872-2505911372-3816809497-1000\...\Run: [GoToAssist Remote Support Expert] => C:\Program Files (x86)\Citrix\GoToAssist Remote Support Expert\758\g2ax_start.exe [610888 2014-12-19] (Citrix Online, LLC)
HKU\S-1-5-21-2305213872-2505911372-3816809497-1000\...\Run: [GizmoDriveDelegate] => C:\Program Files (x86)\Gizmo\gizmo.exe [223640 2014-02-12] (Arainia Solutions)
HKU\S-1-5-21-2305213872-2505911372-3816809497-1000\...\Policies\Explorer: [NoInternetOpenWith] 1
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\CodecPackUpdateChecker.lnk
ShortcutTarget: CodecPackUpdateChecker.lnk -> C:\Windows\SysWOW64\C2MP\UpdateChecker.exe ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Gizmo.lnk
ShortcutTarget: Gizmo.lnk -> C:\Program Files (x86)\Gizmo\gizmo.exe (Arainia Solutions)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\RealPlayer Cloud Service UI.lnk
ShortcutTarget: RealPlayer Cloud Service UI.lnk -> C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin64\rpsystray.exe (RealNetworks, Inc.)
Startup: C:\Users\KnightCat\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\AutorunsDisabled ()
Startup: C:\Users\KnightCat\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\KnightCat\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\KnightCat\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneDrive for Business.lnk
ShortcutTarget: OneDrive for Business.lnk -> C:\Program Files\Microsoft Office 15\root\office15\groove.exe (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrivePro1 (ErrorConflict)] -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrivePro2 (SyncInProgress)] -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers: [ SkyDrivePro3 (InSync)] -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL (Microsoft Corporation)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
ShellIconOverlayIdentifiers: [off0] -> {8E33AEC3-C5F2-43C4-B048-9E3EB19B1DD5} => C:\Program Files (x86)\Workspace\offsyncext64.dll (Starfield Technologies, LLC)
ShellIconOverlayIdentifiers: [off1] -> {8E33AEC4-C5F2-43C4-B048-9E3EB19B1DD5} => C:\Program Files (x86)\Workspace\offsyncext64.dll (Starfield Technologies, LLC)
BootExecute: autocheck autochk * sdnclean64.exe
CHR HKU\S-1-5-21-2305213872-2505911372-3816809497-1000\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\S-1-5-21-2305213872-2505911372-3816809497-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-2305213872-2505911372-3816809497-1000\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: RealNetworks Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\Program Files (x86)\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin64.dll (RealDownloader)
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Skype4Salesforce.BrowserMonitor -> {090F4A60-3146-41b5-8584-297FBF7D5B59} -> C:\Windows\SysWOW64\mscoree.dll (Microsoft Corporation)
BHO-x32: RealNetworks Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\Program Files (x86)\RealNetworks\RealDownloader\BrowserPlugins\IE\rndlbrowserrecordplugin.dll No File
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll No File
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll No File
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No File
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No File
Toolbar: HKLM-x32 - No Name - {517BDDE4-E3A7-4570-B21E-2B52B6139FC7} - No File
Toolbar: HKLM-x32 - avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
Toolbar: HKU\S-1-5-21-2305213872-2505911372-3816809497-1000 -> No Name - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - No File
DPF: HKLM-x32 {0D41B8C5-2599-4893-8183-00195EC8D5F9} https://www.asus.com/support/asusTek_sys_ctrl3.cab
DPF: HKLM-x32 {688C8675-1834-48FA-9DEF-4755CEFB9EDE} http://192.168.1.101/EDVR.CAB
DPF: HKLM-x32 {A4150320-98EC-4DB6-9BFB-EBF4B6FBEB16} http://192.168.1.99:5050/codebase/DVM_IPCam2.cab
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\MSOSB.DLL (Microsoft Corporation)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\KnightCat\AppData\Roaming\Mozilla\Firefox\Profiles\ewzku24u.Seth
FF Keyword.URL:
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_246.dll ()
FF Plugin: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_246.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 -> C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF Plugin-x32: @esn/npbattlelog,version=2.3.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.3.1\npbattlelog.dll No File
FF Plugin-x32: @esn/npbattlelog,version=2.3.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.3.2\npbattlelog.dll (EA Digital Illusions CE AB)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @oberon-media.com/ONCAdapter -> C:\Program Files (x86)\Common Files\Oberon Media\NCAdapter\1.0.0.14\npapicomadapter.dll (Oberon-Media )
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin-x32: @playon.tv/PlayOnToolbar -> C:\Program Files (x86)\MediaMall\toolbar\npVT.dll (MediaMall Technologies, Inc.)
FF Plugin-x32: @real.com/nppl3260;version=17.0.10.8 -> C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlchromebrowserrecordext;version=17.0.10 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlhtml5videoshim;version=17.0.10 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprndlpepperflashvideoshim;version=17.0.10 -> C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpplugin;version=17.0.10.8 -> C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpplugin.dll (RealPlayer Cloud)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll (Adobe Systems)
FF Plugin HKU\S-1-5-21-2305213872-2505911372-3816809497-1000: @citrixonline.com/appdetectorplugin -> C:\Users\KnightCat\AppData\Local\Citrix\Plugins\104\npappdetector.dll (Citrix Online)
FF Plugin HKU\S-1-5-21-2305213872-2505911372-3816809497-1000: @starfield.com/off -> C:\Users\KnightCat\AppData\Roaming\Mozilla\Plugins\npoff.dll ( Starfield Technologies, LLC.)
FF Plugin HKU\S-1-5-21-2305213872-2505911372-3816809497-1000: @starfield.com/off64 -> C:\Users\KnightCat\AppData\Roaming\Mozilla\Plugins\npoff64.dll ( Starfield Technologies, LLC.)
FF Plugin HKU\S-1-5-21-2305213872-2505911372-3816809497-1000: @starfield.com/wbe -> C:\Users\KnightCat\AppData\Roaming\Mozilla\Plugins\npwbe.dll (Starfield Technology, LLC)
FF Plugin HKU\S-1-5-21-2305213872-2505911372-3816809497-1000: @starfield.com/wbe64 -> C:\Users\KnightCat\AppData\Roaming\Mozilla\Plugins\npwbe64.dll (Starfield Technology, LLC)
FF Plugin HKU\S-1-5-21-2305213872-2505911372-3816809497-1000: @talk.google.com/GoogleTalkPlugin -> C:\Users\KnightCat\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin HKU\S-1-5-21-2305213872-2505911372-3816809497-1000: @talk.google.com/O1DPlugin -> C:\Users\KnightCat\AppData\Roaming\Mozilla\plugins\npo1d.dll (Google)
FF Plugin HKU\S-1-5-21-2305213872-2505911372-3816809497-1000: @tools.google.com/Google Update;version=3 -> C:\Users\KnightCat\AppData\Local\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKU\S-1-5-21-2305213872-2505911372-3816809497-1000: @tools.google.com/Google Update;version=9 -> C:\Users\KnightCat\AppData\Local\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKU\S-1-5-21-2305213872-2505911372-3816809497-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\KnightCat\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-2305213872-2505911372-3816809497-1000: pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin HKU\S-1-5-21-2305213872-2505911372-3816809497-1000: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll ()
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll ()
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppl3260.dll (RealNetworks, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nprpplugin.dll (RealPlayer Cloud)
FF Plugin ProgramFiles/Appdata: C:\Users\KnightCat\AppData\Roaming\mozilla\plugins\npatgpc.dll (Cisco WebEx LLC)
FF Plugin ProgramFiles/Appdata: C:\Users\KnightCat\AppData\Roaming\mozilla\plugins\npgoogletalk.dll (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\KnightCat\AppData\Roaming\mozilla\plugins\npo1d.dll (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\KnightCat\AppData\Roaming\mozilla\plugins\npoff.dll ( Starfield Technologies, LLC.)
FF Plugin ProgramFiles/Appdata: C:\Users\KnightCat\AppData\Roaming\mozilla\plugins\npoff64.dll ( Starfield Technologies, LLC.)
FF Plugin ProgramFiles/Appdata: C:\Users\KnightCat\AppData\Roaming\mozilla\plugins\npwbe.dll (Starfield Technology, LLC)
FF Plugin ProgramFiles/Appdata: C:\Users\KnightCat\AppData\Roaming\mozilla\plugins\npwbe64.dll (Starfield Technology, LLC)
FF Extension: WBE Paste - C:\Users\KnightCat\AppData\Roaming\Mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}\wbepaste@starfield [2013-09-30]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2014-12-10]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2014-12-10]
FF HKLM-x32\...\Firefox\Extensions: [{01A8CA0A-4C96-465b-A49B-65C46FAD54F9}] - F:\Programs\Adobe Creative Suite\Adobe Contribute CS5\Plugins\FirefoxPlugin\{01A8CA0A-4C96-465b-A49B-65C46FAD54F9}
FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2013-03-18]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-03-12]
FF HKLM-x32\...\Firefox\Extensions: [{7ADCCCD0-FDEC-4A18-A329-550A87710223}] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext
FF Extension: RealDownloader - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Firefox\Ext [2014-06-06]
FF HKU\S-1-5-21-2305213872-2505911372-3816809497-1000\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3

Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.com/
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR Profile: C:\Users\KnightCat\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Easy Auto Refresh) - C:\Users\KnightCat\AppData\Local\Google\Chrome\User Data\Default\Extensions\aabcgdmkeabbnleenpncegpcngjpnjkc [2013-10-22]
CHR Extension: (BetterTTV) - C:\Users\KnightCat\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajopnjidmegmdimjlfnijceegpefgped [2014-09-07]
CHR Extension: (Awesome Screenshot: Capture & Annotate) - C:\Users\KnightCat\AppData\Local\Google\Chrome\User Data\Default\Extensions\alelhddbbhepgpmgidjdcjakblofbmce [2014-09-20]
CHR Extension: (Google Drive) - C:\Users\KnightCat\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-10-10]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\KnightCat\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-05-26]
CHR Extension: (Web Developer) - C:\Users\KnightCat\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfbameneiokkgbdmiekhjnmfkcnldhhm [2014-09-07]
CHR Extension: (Keeper Browser Extension) - C:\Users\KnightCat\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfogiafebfohielmmehodmfbbebbbpei [2014-09-20]
CHR Extension: (YouTube) - C:\Users\KnightCat\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-10-10]
CHR Extension: (Open Selected Links) - C:\Users\KnightCat\AppData\Local\Google\Chrome\User Data\Default\Extensions\cbmiafnaglmnkhnohfdkdgaohdhndkjp [2014-09-20]
CHR Extension: (Add to Amazon Wish List) - C:\Users\KnightCat\AppData\Local\Google\Chrome\User Data\Default\Extensions\ciagpekplgpbepdgggflgmahnjgiaced [2013-03-14]
CHR Extension: (Google Search) - C:\Users\KnightCat\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-10-10]
CHR Extension: (Kingdoms Of Camelot) - C:\Users\KnightCat\AppData\Local\Google\Chrome\User Data\Default\Extensions\dkadejngfdiifodimfhejphllfecigmm [2013-10-10]
CHR Extension: (MightyText - SMS Text Messaging ⟷ Computer) - C:\Users\KnightCat\AppData\Local\Google\Chrome\User Data\Default\Extensions\dkfhfaphfkopdgpbfkebjfcblcafcmpi [2014-09-20]
CHR Extension: (Grooveshark Downloader) - C:\Users\KnightCat\AppData\Local\Google\Chrome\User Data\Default\Extensions\eglmoaliddiejknfhdgicfdlaplbojem [2014-09-20]
CHR Extension: (Full Page Screen Capture) - C:\Users\KnightCat\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdpohaocaechififmbbbbbknoalclacl [2014-10-31]
CHR Extension: (AdBlock) - C:\Users\KnightCat\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-09-20]
CHR Extension: (Crimson: Steam Pirates) - C:\Users\KnightCat\AppData\Local\Google\Chrome\User Data\Default\Extensions\glfbkgkceahodalogdpenjoekbacjfcj [2014-09-20]
CHR Extension: (Avast Online Security) - C:\Users\KnightCat\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-07-24]
CHR Extension: (RealPlayer Downloader) - C:\Users\KnightCat\AppData\Local\Google\Chrome\User Data\Default\Extensions\idhngdhcfkoamngbedgpaokgjbnpdiji [2014-06-06]
CHR Extension: (colorPicker 0.9) - C:\Users\KnightCat\AppData\Local\Google\Chrome\User Data\Default\Extensions\jegimleidpfmpepbfajjlielaheedkdo [2014-09-20]
CHR Extension: (Fieldrunners) - C:\Users\KnightCat\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkpikhjbfbffdblahfidklcohlaeabak [2014-09-20]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\KnightCat\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2014-11-05]
CHR Extension: (Google Wallet) - C:\Users\KnightCat\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-09]
CHR Extension: (Black Black Chrome Theme Hot Pink Highlight) - C:\Users\KnightCat\AppData\Local\Google\Chrome\User Data\Default\Extensions\omdhfcagdlpjbpfldpabhkdibdcbaiih [2014-12-18]
CHR Extension: (Gmail) - C:\Users\KnightCat\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-09-20]
CHR HKU\S-1-5-21-2305213872-2505911372-3816809497-1000\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - No Path
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-11-25]
CHR HKLM-x32\...\Chrome\Extension: [idhngdhcfkoamngbedgpaokgjbnpdiji] - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx [2014-05-13]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 ADExchange; C:\Program Files (x86)\Common Files\ArcSoft\esinter\Bin\eservutil.exe [44736 2013-10-24] (ArcSoft, Inc.)
R2 Amazon Download Agent; C:\Program Files (x86)\Amazon\Amazon Games & Software Downloader\AmazonGSDownloaderService.exe [401920 2009-10-23] (Amazon.com) [File not signed]
R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe [920736 2013-03-14] ()
R2 asHmComSvc; C:\Program Files (x86)\ASUS\AAHM\1.00.20\aaHMSvc.exe [951936 2013-03-14] (ASUSTeK Computer Inc.)
R2 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.13\AsSysCtrlService.exe [149120 2013-03-14] (ASUSTeK Computer Inc.)
U2 AsusFanControlService; C:\Program Files (x86)\ASUS\AsusFanControlService\1.01.14\AsusFanControlService.exe [1457152 2012-06-13] (ASUSTeK Computer Inc.) [File not signed]
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-11-25] (AVAST Software)
R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [104416 2014-11-25] (AVAST Software)
R3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [4012248 2014-11-25] (Avast Software)
S3 BRSptSvc; C:\programdata\bitraider\BRSptSvc.exe [909592 2013-04-26] (BitRaider, LLC)
S4 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [402192 2014-05-01] (BlueStack Systems, Inc.)
S4 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [385808 2014-05-01] (BlueStack Systems, Inc.)
S4 BstHdUpdaterSvc; C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe [774928 2014-05-01] (BlueStack Systems, Inc.)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2443960 2014-10-30] (Microsoft Corporation)
R2 DisplayFusionService; C:\Program Files (x86)\DisplayFusion\DisplayFusionService.exe [3075440 2014-12-16] (Binary Fortress Software)
R2 Dyn Updater; C:\Program Files (x86)\Dyn Updater\DynUpSvc.exe [95608 2011-11-15] (Dyn, Inc.)
R2 File Backup; C:\Program Files (x86)\Workspace\offSyncService.exe [1187040 2013-07-22] (Starfield Technologies)
R2 FoxitCloudUpdateService; C:\Program Files (x86)\Foxit Software\Foxit Reader\Foxit Cloud\FCUpdateService.exe [241728 2014-03-11] (Foxit Corporation)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1148744 2014-11-06] (NVIDIA Corporation)
R2 Gizmo Central; C:\Program Files (x86)\Gizmo\gservice.exe [34728 2014-02-12] (Arainia Solutions)
U2 HiPatchService; C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [8704 2013-02-08] (Hi-Rez Studios) [File not signed]
R3 hpqcxs08; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll [249344 2009-09-23] (Hewlett-Packard Co.) [File not signed]
R2 hpqddsvc; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll [133120 2009-09-23] (Hewlett-Packard Co.) [File not signed]
R2 IndieVolumeService; C:\Program Files (x86)\IndieVolume\IndieVolume.SVC.exe [182248 2013-04-02] (GerixSoft)
R2 KMService; C:\Windows\SysWOW64\srvany.exe [8192 2013-03-18] () [File not signed]
R2 LightScribeService; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [73728 2010-08-16] (Hewlett-Packard Company) [File not signed]
R2 MediaMall Server; C:\Program Files (x86)\MediaMall\MediaMallServer.exe [5826352 2014-11-24] (MediaMall Technologies, Inc.)
S2 MouseWithoutBordersSvc; C:\Program Files (x86)\Microsoft Garage\Mouse without Borders\MouseWithoutBordersSvc.exe [27872 2012-12-28] (Microsoft)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed]
R2 NVMS-SRV-CMS; C:\Program Files (x86)\NVMS5 Standard Edition\bin\cms.exe [155136 2011-12-23] () [File not signed]
R2 NVMS-SRV-DB; C:\Program Files (x86)\NVMS5 Standard Edition\data\bin\mysqld.exe [6562432 2009-03-16] ()
R2 NVMS-SRV-NRU; C:\Program Files (x86)\NVMS5 Standard Edition\bin\nru.exe [15872 2011-12-23] () [File not signed]
R2 NVMS-SRV-VTDU; C:\Program Files (x86)\NVMS5 Standard Edition\bin\vtdu.exe [14848 2011-12-23] () [File not signed]
R2 NVMS-SRV-WATCH; C:\Program Files (x86)\NVMS5 Standard Edition\bin\watch.exe [176640 2011-12-23] () [File not signed]
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1795912 2014-11-06] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [19819848 2014-11-06] (NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [1903472 2014-12-19] (Electronic Arts)
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed]
R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [76888 2013-12-01] ()
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [66872 2014-09-09] ()
R2 RealNetworks Downloader Resolver Service; C:\Program Files (x86)\RealNetworks\RealDownloader\rndlresolversvc.exe [39568 2014-05-13] ()
S4 RealPlayer Cloud Service; C:\Program Files (x86)\Real\RealPlayer\RPDS\Bin\rpdsvc.exe [1141848 2014-06-06] (RealNetworks, Inc.)
R2 RealPlayerUpdateSvc; C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe [23552 2014-05-23] () [File not signed]
S3 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [244904 2009-07-02] () [File not signed]
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
R2 W3SVC; C:\Windows\system32\inetsrv\iisw3adm.dll [453120 2010-11-20] (Microsoft Corporation)
S3 rpcapd; "%ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini" [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S3 Alpham1; C:\Windows\System32\DRIVERS\Alpham164.sys [52992 2007-07-23] (Ideazon Corporation)
S3 Alpham2; C:\Windows\System32\DRIVERS\Alpham264.sys [21760 2007-03-20] (Ideazon Corporation)
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2013-03-14] ()
R1 AsUpIO; C:\Windows\SysWow64\drivers\AsUpIO.sys [14464 2013-03-14] ()
R3 ASUSFILTER; C:\Windows\SysWow64\drivers\ASUSFILTER.sys [46152 2011-09-20] (MCCI Corporation)
S3 ASUSstpt; C:\Windows\System32\DRIVERS\ASUSstpt.sys [24648 2011-09-15] (MCCI Corporation)
S3 ASUSumsc; C:\Windows\System32\DRIVERS\ASUSumsc.sys [141896 2011-09-15] (MCCI Corporation)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-11-25] ()
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [28184 2014-11-25] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [83280 2014-11-25] (AVAST Software)
R0 aswNdisFlt; C:\Windows\System32\DRIVERS\aswNdisFlt.sys [449936 2014-11-25] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-11-25] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-11-25] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1050432 2014-11-25] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [436624 2014-11-25] (AVAST Software)
S2 aswStm; C:\Windows\system32\drivers\aswStm.sys [116728 2014-11-25] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [267632 2014-11-25] ()
R1 avgtp; C:\Windows\system32\drivers\avgtpx64.sys [50976 2014-03-03] (AVG Technologies)
R2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [123152 2014-05-01] (BlueStack Systems)
S3 cpudrv64; C:\Program Files (x86)\SystemRequirementsLab\cpudrv64.sys [17864 2011-06-02] ()
S3 CrystalSysInfo; C:\Program Files\MediaCoder\SysInfoX64.sys [18128 2007-09-25] ()
R1 GizmoDrv; C:\Windows\System32\Drivers\GizmoDrv.sys [34704 2014-02-12] (Arainia Solutions LLC)
R3 LGPBTDD; C:\Windows\System32\Drivers\LGPBTDD.sys [30728 2009-07-01] (Logitech Inc.)
R3 msvad_simple; C:\Windows\System32\drivers\povrtdev.sys [28528 2013-12-17] (MediaMall Technologies, Inc.)
S3 NPF; C:\Windows\System32\drivers\npf.sys [40464 2007-11-06] (CACE Technologies)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19784 2014-11-06] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [38216 2014-10-03] (NVIDIA Corporation)
R3 RTCore64; C:\Program Files (x86)\MSI Afterburner\RTCore64.sys [13368 2013-03-11] ()
R3 SaiK1708; C:\Windows\System32\DRIVERS\SaiK1708.sys [180544 2012-09-20] (Saitek)
R3 SaiMini; C:\Windows\System32\DRIVERS\SaiMini.sys [25120 2013-02-01] (Saitek)
R3 SaiNtBus; C:\Windows\System32\drivers\SaiBus.sys [52640 2013-02-01] (Saitek)
R3 SaiU1708; C:\Windows\System32\DRIVERS\SaiU1708.sys [47168 2012-09-20] (Saitek)
U3 TrueSight; C:\Windows\System32\drivers\TrueSight.sys [35064 2014-12-18] ()
S3 usbbus; C:\Windows\System32\DRIVERS\lgx64bus.sys [17920 2008-11-11] (LG Electronics Inc.)
S3 UsbDiag; C:\Windows\System32\DRIVERS\lgx64diag.sys [27136 2008-11-11] (LG Electronics Inc.)
S3 USBModem; C:\Windows\System32\DRIVERS\lgx64modem.sys [33792 2008-11-11] (LG Electronics Inc.)
S3 USBMULCD; C:\Windows\System32\drivers\CM10664.sys [1310720 2010-08-12] (C-Media Electronics Inc)
R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [271752 2014-11-25] (Avast Software)
S3 vl810filter; C:\Windows\System32\DRIVERS\vl810filter.sys [17008 2011-11-17] (VIA Labs, Inc.)
R3 ALSysIO; \??\C:\Users\KNIGHT~1\AppData\Local\Temp\ALSysIO64.sys [X]
S3 BRDriver64; \??\C:\programdata\bitraider\BRDriver64.sys [X]
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 DisplayLinkUsbPort; system32\DRIVERS\DisplayLinkUsbPort_6.1.32700.0.sys [X]
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
S1 SDHookDriver; \??\C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHookDrv64.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
 
==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-12-21 11:30 - 2014-12-21 11:30 - 00046791 _____ () C:\Users\KnightCat\Downloads\FRST.txt
2014-12-21 11:30 - 2014-12-21 11:30 - 00000000 ____D () C:\FRST
2014-12-21 11:29 - 2014-12-21 11:29 - 02122240 _____ (Farbar) C:\Users\KnightCat\Downloads\FRST64.exe
2014-12-21 10:38 - 2014-12-21 10:38 - 00002626 _____ () C:\Users\KnightCat\Desktop\JRT.txt
2014-12-21 10:04 - 2014-12-21 10:04 - 00000000 ____D () C:\Windows\ERUNT
2014-12-21 10:03 - 2014-12-21 10:03 - 01707646 _____ (Thisisu) C:\Users\KnightCat\Downloads\JRT.exe
2014-12-21 09:59 - 2014-12-21 09:59 - 00003378 _____ () C:\Windows\System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-2305213872-2505911372-3816809497-1000
2014-12-21 09:59 - 2014-12-21 09:59 - 00003252 _____ () C:\Windows\System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-2305213872-2505911372-3816809497-1000
2014-12-21 09:30 - 2014-12-21 09:33 - 00000000 ____D () C:\AdwCleaner
2014-12-21 09:25 - 2014-12-21 09:25 - 02166272 _____ () C:\Users\KnightCat\Downloads\adwcleaner_4.105.exe
2014-12-20 22:57 - 2014-12-20 22:57 - 00003356 _____ () C:\Windows\System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-2305213872-2505911372-3816809497-1000
2014-12-19 18:27 - 2014-12-19 18:27 - 00062153 _____ () C:\ComboFix.txt
2014-12-19 15:56 - 2014-12-19 15:57 - 07847342 _____ () C:\Users\KnightCat\Downloads\report1419026171640.csv
2014-12-19 09:04 - 2014-12-19 09:04 - 00001460 _____ () C:\Users\KnightCat\Desktop\GoToAssist Expert.lnk
2014-12-19 09:04 - 2014-12-19 09:04 - 00000000 ____D () C:\Users\KnightCat\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Citrix
2014-12-19 01:27 - 2014-12-21 11:23 - 00000000 ____D () C:\Users\KnightCat\AppData\Local\DisplayFusion
2014-12-19 01:04 - 2014-12-19 01:24 - 00000000 ____D () C:\Users\KnightCat\AppData\Roaming\DisplayFusion
2014-12-19 01:04 - 2014-12-19 01:04 - 00000000 ____D () C:\ProgramData\Binary Fortress Software
2014-12-19 00:59 - 2014-12-19 00:59 - 00001304 _____ () C:\Users\Public\Desktop\DisplayFusion.lnk
2014-12-19 00:59 - 2014-12-19 00:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DisplayFusion
2014-12-19 00:59 - 2014-12-19 00:59 - 00000000 ____D () C:\Program Files (x86)\DisplayFusion
2014-12-19 00:57 - 2014-12-19 00:57 - 13287584 _____ (Binary Fortress Software ) C:\Users\KnightCat\Downloads\DisplayFusionSetup-7.0.exe
2014-12-19 00:09 - 2014-12-20 22:57 - 00003230 _____ () C:\Windows\System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-2305213872-2505911372-3816809497-1000
2014-12-18 23:26 - 2014-12-19 18:27 - 00000000 ____D () C:\Qoobox
2014-12-18 23:26 - 2014-12-19 00:16 - 00000000 ____D () C:\Windows\erdnt
2014-12-18 23:26 - 2011-06-26 00:45 - 00256000 _____ () C:\Windows\PEV.exe
2014-12-18 23:26 - 2010-11-07 11:20 - 00208896 _____ () C:\Windows\MBR.exe
2014-12-18 23:26 - 2009-04-19 22:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-12-18 23:26 - 2000-08-30 18:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-12-18 23:26 - 2000-08-30 18:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-12-18 23:26 - 2000-08-30 18:00 - 00098816 _____ () C:\Windows\sed.exe
2014-12-18 23:26 - 2000-08-30 18:00 - 00080412 _____ () C:\Windows\grep.exe
2014-12-18 23:26 - 2000-08-30 18:00 - 00068096 _____ () C:\Windows\zip.exe
2014-12-18 23:21 - 2014-12-18 23:22 - 05601641 ____R (Swearware) C:\Users\KnightCat\Desktop\ComboFix.exe
2014-12-18 22:24 - 2014-12-18 22:24 - 00000000 ____D () C:\found.000
2014-12-18 21:42 - 2014-12-18 22:04 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2014-12-18 21:41 - 2014-12-18 22:04 - 00000000 ____D () C:\Users\KnightCat\Desktop\mbar
2014-12-18 21:41 - 2014-12-18 21:41 - 16448208 _____ (Malwarebytes Corp.) C:\Users\KnightCat\Downloads\mbar-1.08.2.1001.exe
2014-12-18 21:30 - 2014-12-18 21:30 - 00035064 _____ () C:\Windows\system32\Drivers\TrueSight.sys
2014-12-18 21:30 - 2014-12-18 21:30 - 00000000 ____D () C:\ProgramData\RogueKiller
2014-12-18 19:26 - 2014-12-18 19:27 - 15201368 _____ () C:\Users\KnightCat\Desktop\RogueKiller.exe
2014-12-18 18:31 - 2014-12-18 18:31 - 00149107 _____ () C:\Users\KnightCat\Downloads\report1418949121651.csv
2014-12-18 18:28 - 2014-12-18 18:28 - 00120525 _____ () C:\Users\KnightCat\Downloads\report1418948901904.csv
2014-12-18 18:27 - 2014-12-18 18:27 - 00452155 _____ () C:\Users\KnightCat\Downloads\report1418948879329.xls
2014-12-18 10:17 - 2014-12-18 10:17 - 00044008 _____ () C:\Users\KnightCat\Desktop\dds.txt
2014-12-18 10:17 - 2014-12-18 10:17 - 00024481 _____ () C:\Users\KnightCat\Desktop\attach.txt
2014-12-18 10:15 - 2014-12-18 10:15 - 00688992 ____R (Swearware) C:\Users\KnightCat\Desktop\dds.com
2014-12-17 07:24 - 2014-12-17 07:24 - 00262516 _____ () C:\Users\KnightCat\Downloads\report1418822671322.csv
2014-12-16 17:02 - 2014-12-16 17:02 - 00030263 _____ () C:\Users\KnightCat\Downloads\Pricebooks with Products.xlsx
2014-12-16 17:00 - 2014-12-16 17:00 - 00103289 _____ () C:\Users\KnightCat\Downloads\report1418770830522.xls
2014-12-16 16:49 - 2014-12-16 16:49 - 00005559 _____ () C:\Users\KnightCat\Downloads\report1418770189813.csv
2014-12-16 16:40 - 2014-12-16 16:40 - 00084709 _____ () C:\Users\KnightCat\Downloads\report1418769638817.csv
2014-12-16 16:38 - 2014-12-16 16:38 - 00352520 _____ () C:\Users\KnightCat\Downloads\report1418769528369.xls
2014-12-16 13:05 - 2014-12-16 13:05 - 00383614 _____ () C:\Users\KnightCat\Downloads\report1418756721846.csv
2014-12-16 11:24 - 2014-12-16 11:24 - 00395001 _____ () C:\Users\KnightCat\Downloads\report1418750706625.xls
2014-12-16 10:44 - 2014-12-16 10:44 - 00394971 _____ () C:\Users\KnightCat\Downloads\report1418748274496.xls
2014-12-15 13:04 - 2014-12-15 13:04 - 00360737 _____ () C:\Users\KnightCat\Downloads\SpecOps Patch logo CAT.psd
2014-12-15 12:12 - 2014-12-15 12:16 - 00349951 _____ () C:\Users\KnightCat\Downloads\SpecOps Patch logo.psd
2014-12-12 17:51 - 2014-12-12 17:52 - 67350808 _____ (Logitech Inc.) C:\Users\KnightCat\Downloads\LGS_8.57.145_x64_Logitech.exe
2014-12-12 09:20 - 2014-12-12 09:20 - 00017188 _____ () C:\Users\KnightCat\Downloads\report1418397613232.csv
2014-12-12 09:18 - 2014-12-12 09:18 - 00000924 _____ () C:\Users\KnightCat\Downloads\report1418397540009.csv
2014-12-12 09:16 - 2014-12-12 09:16 - 00035674 _____ () C:\Users\KnightCat\Downloads\report1418397385777.csv
2014-12-12 09:12 - 2014-12-12 09:12 - 00028742 _____ () C:\Users\KnightCat\Downloads\report1418397129224.csv
2014-12-11 18:20 - 2014-12-11 18:20 - 00000000 __SHD () C:\Users\KnightCat\AppData\Local\EmieBrowserModeList
2014-12-10 18:08 - 2014-12-10 18:08 - 00293744 _____ () C:\Users\KnightCat\Downloads\report1418256534284.csv
2014-12-10 14:56 - 2014-12-10 14:56 - 00017218 _____ () C:\Users\KnightCat\Downloads\report1418244975049.xls
2014-12-10 13:38 - 2014-12-10 13:38 - 00352398 _____ () C:\Users\KnightCat\Downloads\report1418240310841.xls
2014-12-10 12:53 - 2014-12-10 12:53 - 00352396 _____ () C:\Users\KnightCat\Downloads\report1418237631957.xls
2014-12-10 11:21 - 2014-12-10 11:21 - 01674572 _____ () C:\Users\KnightCat\Downloads\report1418232077889.xls
2014-12-10 11:16 - 2014-12-10 11:16 - 01556486 _____ () C:\Users\KnightCat\Downloads\report1418231809574.xls
2014-12-10 10:49 - 2014-12-10 10:49 - 00383121 _____ () C:\Users\KnightCat\Downloads\report1418230151336.xls
2014-12-10 10:39 - 2014-12-10 10:39 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-12-10 08:29 - 2014-12-10 08:29 - 00619870 _____ () C:\Users\KnightCat\Downloads\report1418221794988.csv
2014-12-09 17:09 - 2014-12-09 17:09 - 00136693 _____ () C:\Users\KnightCat\Downloads\DA Account List 12-5-14.xlsx
2014-12-09 13:52 - 2014-12-09 13:52 - 00231580 _____ () C:\Users\KnightCat\Downloads\report1418154726737.xls
2014-12-09 13:50 - 2014-12-09 13:50 - 00059103 _____ () C:\Users\KnightCat\Downloads\report1418154607510.xls
2014-12-09 12:53 - 2014-12-09 12:53 - 00379287 _____ () C:\Users\KnightCat\Downloads\report1418151233926.xls
2014-12-08 16:14 - 2014-12-08 16:14 - 00000000 ____D () C:\Users\KnightCat\AppData\OICE_15_974FA576_32C1D314_273D
2014-12-08 16:13 - 2014-12-08 16:13 - 00000000 ____D () C:\Program Files (x86)\AGEIA Technologies
2014-12-08 16:13 - 2014-11-12 14:46 - 00615624 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2014-12-08 16:12 - 2014-11-12 15:56 - 02559808 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2014-12-08 16:10 - 2014-11-17 16:18 - 00197408 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys
2014-12-08 16:10 - 2014-11-17 16:18 - 00031520 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll
2014-12-08 16:10 - 2014-11-12 18:20 - 24557712 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2014-12-08 16:10 - 2014-11-12 18:20 - 20922512 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2014-12-08 16:10 - 2014-11-12 18:20 - 19966344 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2014-12-08 16:10 - 2014-11-12 18:20 - 17259664 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2014-12-08 16:10 - 2014-11-12 18:20 - 14032984 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2014-12-08 16:10 - 2014-11-12 18:20 - 13944952 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2014-12-08 16:10 - 2014-11-12 18:20 - 13213512 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2014-12-08 16:10 - 2014-11-12 18:20 - 11397744 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2014-12-08 16:10 - 2014-11-12 18:20 - 04292416 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2014-12-08 16:10 - 2014-11-12 18:20 - 01876296 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6434475.dll
2014-12-08 16:10 - 2014-11-12 18:20 - 01540424 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6434475.dll
2014-12-08 16:10 - 2014-11-12 18:20 - 00964928 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2014-12-08 16:10 - 2014-11-12 18:20 - 00935240 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2014-12-08 16:10 - 2014-11-12 18:20 - 00923792 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2014-12-08 16:10 - 2014-11-12 18:20 - 00900928 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2014-12-08 16:10 - 2014-11-12 18:20 - 00871648 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2014-12-08 16:10 - 2014-11-12 18:20 - 00500880 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2014-12-08 16:10 - 2014-11-12 18:20 - 00393024 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2014-12-08 16:10 - 2014-11-12 18:20 - 00352016 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2014-12-08 16:10 - 2014-11-12 18:20 - 00348304 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2014-12-08 16:10 - 2014-11-12 18:20 - 00303600 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2014-12-08 16:10 - 2014-11-12 18:20 - 00174856 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2014-12-08 16:10 - 2014-11-12 18:20 - 00156840 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2014-12-08 15:09 - 2014-12-08 15:09 - 00004976 _____ () C:\Users\KnightCat\Downloads\report1418072957836.xls
2014-12-08 11:23 - 2014-12-08 11:23 - 00683753 _____ () C:\Users\KnightCat\Downloads\report1418059417843.xls
2014-12-08 10:47 - 2014-12-08 10:47 - 00684537 _____ () C:\Users\KnightCat\Downloads\report1418057227799.xls
2014-12-07 14:10 - 2014-12-14 13:53 - 00000000 ____D () C:\Users\KnightCat\Documents\ProfileCache
2014-12-07 14:10 - 2014-12-14 13:42 - 00000000 ____D () C:\Users\KnightCat\Documents\The Crew
2014-12-07 14:07 - 2014-12-07 14:07 - 00000000 ____D () C:\Users\KnightCat\AppData\Local\Ubisoft
2014-11-30 16:16 - 2014-11-30 16:17 - 00000000 ____D () C:\Windows\SysWOW64\vbox
2014-11-30 16:16 - 2014-11-30 16:17 - 00000000 ____D () C:\Windows\system32\vbox
2014-11-25 12:39 - 2014-11-25 12:39 - 00001970 _____ () C:\Users\Public\Desktop\Avast SafeZone.lnk
2014-11-25 12:39 - 2014-11-25 12:39 - 00001910 _____ () C:\Users\Public\Desktop\Avast Premier.lnk
2014-11-25 12:39 - 2014-11-25 12:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2014-11-25 12:38 - 2014-11-25 12:38 - 00449936 _____ (AVAST Software) C:\Windows\system32\Drivers\aswNdisFlt.sys
2014-11-25 12:38 - 2014-11-25 12:38 - 00364512 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-11-25 12:38 - 2014-11-25 12:38 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-11-21 18:06 - 2014-11-21 18:06 - 00562368 _____ () C:\Users\KnightCat\Downloads\report1416614782822.xls
2014-11-21 17:49 - 2014-11-21 17:49 - 00008631 _____ () C:\Users\KnightCat\Downloads\report1416613760998.xls
2014-11-21 17:40 - 2014-11-21 17:40 - 00022480 _____ () C:\Users\KnightCat\Downloads\report1416613256800.xls
2014-11-21 17:38 - 2014-11-21 17:38 - 00018229 _____ () C:\Users\KnightCat\Downloads\report1416613114855.xls
2014-11-21 11:00 - 2014-11-21 11:00 - 00014130 _____ () C:\Users\KnightCat\Downloads\report1416589249186.xls
2014-11-21 09:21 - 2014-11-21 09:21 - 00292674 _____ () C:\Users\KnightCat\Downloads\report1416583294340.xls

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-12-21 11:18 - 2013-03-19 20:39 - 00000924 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2305213872-2505911372-3816809497-1000UA.job
2014-12-21 11:17 - 2014-04-01 19:04 - 00000546 _____ () C:\Windows\Tasks\G2MUpdateTask-S-1-5-21-2305213872-2505911372-3816809497-1000.job
2014-12-21 10:59 - 2013-03-14 21:53 - 00000000 ____D () C:\Users\KnightCat\AppData\Roaming\Skype
2014-12-21 10:43 - 2013-04-08 16:40 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-12-21 10:31 - 2013-03-14 10:35 - 00000898 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-12-21 10:05 - 2009-07-13 22:45 - 00027184 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-12-21 10:05 - 2009-07-13 22:45 - 00027184 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-12-21 10:01 - 2013-03-14 10:28 - 01054043 _____ () C:\Windows\WindowsUpdate.log
2014-12-21 10:00 - 2013-04-29 08:30 - 00000000 ____D () C:\Users\KnightCat\AppData\Roaming\Raptr
2014-12-21 09:59 - 2014-10-16 08:32 - 00005006 _____ () C:\Windows\System32\Tasks\Microsoft Office 15 Sync Maintenance for KnightCat-PC-KnightCat KnightCat-PC
2014-12-21 09:59 - 2013-08-27 13:42 - 00000000 ____D () C:\Users\KnightCat\AppData\Roaming\Dropbox
2014-12-21 09:58 - 2014-06-23 11:33 - 00000000 ____D () C:\Users\KnightCat\AppData\Local\CrashDumps
2014-12-21 09:57 - 2013-03-14 10:35 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-12-21 09:54 - 2014-07-05 08:48 - 00000000 ____D () C:\ProgramData\MediaMall
2014-12-21 09:53 - 2009-07-13 22:51 - 00110463 _____ () C:\Windows\setupact.log
2014-12-21 09:51 - 2013-03-19 09:24 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-12-21 09:51 - 2010-11-20 21:47 - 00798872 _____ () C:\Windows\PFRO.log
2014-12-21 09:51 - 2009-07-13 23:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-12-21 09:24 - 2013-03-14 10:35 - 00000000 ____D () C:\Users\KnightCat\AppData\Local\Apps\2.0
2014-12-21 06:23 - 2014-03-26 08:53 - 00000000 ____D () C:\Program Files (x86)\SystemRequirementsLab
2014-12-21 02:00 - 2014-06-25 01:00 - 00000000 ____D () C:\Users\KnightCat\AppData\Local\Adobe
2014-12-20 21:55 - 2014-10-13 08:40 - 00003038 _____ () C:\Windows\System32\Tasks\MSIAfterburner
2014-12-20 18:53 - 2014-04-01 19:04 - 00003592 _____ () C:\Windows\System32\Tasks\G2MUpdateTask-S-1-5-21-2305213872-2505911372-3816809497-1000
2014-12-20 18:39 - 2014-11-15 09:01 - 00000000 ____D () C:\Users\KnightCat\Documents\Assassin's Creed Unity
2014-12-20 13:18 - 2013-03-19 20:39 - 00000872 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2305213872-2505911372-3816809497-1000Core.job
2014-12-19 18:18 - 2014-03-13 13:59 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-12-19 18:17 - 2009-07-13 20:34 - 00000215 _____ () C:\Windows\system.ini
2014-12-19 16:31 - 2013-09-16 20:12 - 00000000 ____D () C:\ProgramData\Origin
2014-12-19 16:30 - 2014-03-10 23:19 - 00000663 _____ () C:\Users\Public\Desktop\Titanfall.lnk
2014-12-19 16:27 - 2013-03-15 15:23 - 00714933 _____ () C:\Windows\DirectX.log
2014-12-19 16:13 - 2013-09-16 20:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin
2014-12-19 16:13 - 2013-09-16 20:12 - 00000000 ____D () C:\Program Files (x86)\Origin
2014-12-19 11:29 - 2013-03-20 17:07 - 00000000 ____D () C:\Users\KnightCat\DataLoader Results
2014-12-19 11:01 - 2013-03-14 21:30 - 00000000 ____D () C:\Users\KnightCat\AppData\Roaming\TS3Client
2014-12-19 09:16 - 2013-03-26 14:59 - 00000000 ____D () C:\Users\KnightCat\AppData\Local\Citrix
2014-12-19 09:03 - 2013-03-26 15:00 - 00000000 ____D () C:\Program Files (x86)\Citrix
2014-12-19 00:52 - 2014-05-08 08:54 - 00001122 _____ () C:\SSUUpdater.log
2014-12-19 00:19 - 2009-07-13 21:20 - 00000000 __RHD () C:\Users\Default
2014-12-19 00:02 - 2013-06-11 17:48 - 00000000 ____D () C:\Windows\SysWOW64\C2MP
2014-12-18 22:37 - 2014-10-13 08:58 - 00000000 ____D () C:\Program Files (x86)\RivaTuner Statistics Server
2014-12-18 22:37 - 2013-03-16 20:54 - 00000000 ____D () C:\Program Files (x86)\MSI Afterburner
2014-12-18 21:42 - 2014-09-23 08:26 - 00135384 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-12-18 21:41 - 2014-09-23 08:26 - 00096472 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-12-18 21:28 - 2014-10-14 12:25 - 00003042 _____ () C:\Windows\System32\Tasks\RTSS
2014-12-18 13:43 - 2014-04-25 13:57 - 00000000 ____D () C:\Users\DefaultAppPool
2014-12-18 13:43 - 2013-03-14 09:04 - 00000000 ____D () C:\Users\KnightCat
2014-12-18 13:41 - 2014-04-06 11:03 - 00000000 ____D () C:\Windows\jumpshot.com
2014-12-18 10:41 - 2014-11-07 17:47 - 04931577 _____ () C:\Windows\{00000006-00000000-00000000-00001102-00000008-10241102}.CDF
2014-12-18 10:41 - 2014-04-06 16:16 - 27787264 _____ () C:\Windows\system32\config\.ghost-ntfs-3g-00000000000000000003
2014-12-18 10:41 - 2014-04-06 16:16 - 15990784 _____ () C:\Users\KnightCat\.ghost-ntfs-3g-00000000000000000009
2014-12-18 10:41 - 2014-04-06 16:16 - 111673344 _____ () C:\Windows\system32\config\.ghost-ntfs-3g-00000000000000000001
2014-12-18 09:58 - 2013-04-08 16:51 - 00007597 _____ () C:\Users\KnightCat\AppData\Local\resmon.resmoncfg
2014-12-18 08:56 - 2014-09-23 08:26 - 00001106 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-12-18 08:56 - 2014-09-23 08:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-12-18 08:56 - 2014-09-23 08:26 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-12-18 08:49 - 2014-09-02 10:43 - 00001033 _____ () C:\Users\KnightCat\Desktop\Dropbox.lnk
2014-12-18 08:49 - 2014-09-02 10:41 - 00000000 ____D () C:\Users\KnightCat\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-12-18 08:48 - 2014-07-29 17:08 - 00000000 ____D () C:\Program Files (x86)\ControlCenter
2014-12-18 08:39 - 2013-08-13 14:31 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-12-18 04:42 - 2014-04-06 11:03 - 00000000 ____D () C:\Jumpshot
2014-12-17 12:14 - 2014-10-16 09:18 - 00000000 ___RD () C:\Users\KnightCat\OneDrive - Digital Air Strike
2014-12-15 13:07 - 2013-06-03 20:27 - 00000132 _____ () C:\Users\KnightCat\AppData\Roaming\Adobe PNG Format CS5 Prefs
2014-12-15 12:28 - 2014-10-13 08:34 - 00000000 ____D () C:\Program Files (x86)\SpeedFan
2014-12-14 11:37 - 2009-07-13 23:13 - 00903332 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-12-12 17:58 - 2013-03-16 20:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logitech
2014-12-12 17:58 - 2013-03-16 20:57 - 00000000 ____D () C:\Program Files\Logitech Gaming Software
2014-12-12 17:56 - 2014-02-12 10:37 - 00000000 ____D () C:\ProgramData\Package Cache
2014-12-11 07:32 - 2013-03-14 10:35 - 00002183 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-12-10 17:13 - 2013-03-14 21:53 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-12-10 17:13 - 2013-03-14 21:53 - 00000000 ____D () C:\ProgramData\Skype
2014-12-10 02:43 - 2013-04-08 16:40 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-12-10 02:43 - 2013-04-08 16:40 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-12-10 02:43 - 2013-04-08 16:40 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-12-08 16:30 - 2013-04-29 08:30 - 00000000 ____D () C:\Program Files (x86)\Raptr
2014-12-08 16:13 - 2014-10-11 11:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2014-12-08 16:13 - 2013-03-14 10:41 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2014-12-07 14:18 - 2014-04-25 13:57 - 00262144 ___SH () C:\Users\DefaultAppPool\.ghost-ntfs-3g-00000000000000000013
2014-12-07 14:08 - 2009-07-13 23:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-12-06 14:46 - 2014-11-15 12:57 - 00001973 _____ () C:\Users\Public\Desktop\Samsung Kies 3.lnk
2014-11-25 12:39 - 2014-03-12 14:59 - 01050432 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys
2014-11-25 12:38 - 2014-05-07 13:24 - 00029208 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2014-11-25 12:38 - 2014-03-13 13:35 - 00116728 _____ (AVAST Software) C:\Windows\system32\Drivers\aswstm.sys
2014-11-25 12:38 - 2014-03-13 13:32 - 00267632 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2014-11-25 12:38 - 2014-03-13 13:32 - 00065776 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2014-11-25 12:38 - 2014-03-12 15:00 - 00436624 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2014-11-25 12:38 - 2014-03-12 14:59 - 00093568 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2014-11-25 12:38 - 2014-03-12 14:59 - 00083280 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-11-25 12:38 - 2014-03-12 14:59 - 00028184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2014-11-24 15:17 - 2014-07-05 08:48 - 00000000 ____D () C:\Program Files (x86)\MediaMall
2014-11-22 20:19 - 2009-07-13 21:20 - 00000000 ____D () C:\Windows\rescache
2014-11-22 19:17 - 2014-09-22 09:33 - 00000000 ____D () C:\Program Files\Microsoft Office 15
2014-11-22 19:14 - 2009-07-13 22:45 - 05043888 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-11-21 23:19 - 2014-03-18 14:44 - 00000000 ____D () C:\Windows\system32\MRT
2014-11-21 23:13 - 2014-11-07 17:47 - 04931577 _____ () C:\Windows\{00000006-00000000-00000000-00001102-00000008-10241102}.BAK
2014-11-21 06:14 - 2014-09-23 08:26 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-11-21 06:14 - 2013-09-29 00:20 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys

Files to move or delete:
====================
C:\Users\KnightCat\IP_Log_Data.js
C:\Users\KnightCat\Network_Meter_Data.js
C:\Users\KnightCat\Swift Elite Setup.exe


Some content of TEMP:
====================
C:\Users\KnightCat\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpslfy67.dll
C:\Users\KnightCat\AppData\Local\Temp\Quarantine.exe
C:\Users\KnightCat\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


nointegritychecks: ==> Integrity Checks is disabled <===== ATTENTION!


LastRegBack: 2014-12-15 00:55

==================== End Of Log ============================
 
Download attached fixlist.txt file and save it to the Desktop.
NOTE. It's important that both files, FRST and fixlist.txt are in the same location or the fix will not work.

NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system

Run FRST(FRST64) and press the Fix button just once and wait.
The tool will make a log on the Desktop (Fixlog.txt). Please post it to your reply.
 

Attachments

  • fixlist.txt
    3.7 KB · Views: 2
Status
Not open for further replies.
Back