TechSpot

Zekon Malware

Inactive-A
By Jim recardo
Apr 24, 2014
  1. Help me get rid of this. I was playing rs and my comp just reset. then ads were playing in the back ground and my malebytes went haywire picking up trojan.zekon.patched any help? Thanks.
     
  2. Broni

    Broni Malware Annihilator Posts: 47,078   +258

    Welcome aboard [​IMG]

    Please, complete all steps listed here: http://www.techspot.com/vb/topic58138.html
    Make sure, you PASTE all logs. If some log exceeds 50,000 characters post limit, split it between couple of replies.
    Attached logs won't be reviewed.

    Please, observe following rules:
    • Read all of my instructions very carefully. Your mistakes during cleaning process may have very serious consequences, like unbootable computer.
    • If you're stuck, or you're not sure about certain step, always ask before doing anything else.
    • Please refrain from running any tools, fixes or applying any changes to your computer other than those I suggest.
    • Never run more than one scan at a time.
    • Keep updating me regarding your computer behavior, good, or bad.
    • The cleaning process, once started, has to be completed. Even if your computer appears to act better, it may still be infected. Once the computer is totally clean, I'll certainly let you know.
    • If you leave the topic without explanation in the middle of a cleaning process, you may not be eligible to receive any more help in malware removal forum.
    • I close my topics if you have not replied in 5 days. If you need more time, simply let me know. If I closed your topic and you need it to be reopened, simply PM me.
     
  3. Jim recardo

    Jim recardo TS Rookie Topic Starter Posts: 29

    My mbam wont work bc my trojan disabled it.
    DDS (Ver_2012-11-20.01) - NTFS_AMD64
    Internet Explorer: 11.0.9600.17041 BrowserJavaVersion: 10.51.2
    Run by Tyler at 16:02:15 on 2014-04-24
    Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.5617.1456 [GMT -5:00]
    .
    AV: AVG AntiVirus Free Edition 2013 *Enabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
    SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    SP: AVG AntiVirus Free Edition 2013 *Enabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664}
    .
    ============== Running Processes ===============
    .
    c:\PROGRA~2\AVG\AVG2014\avgrsa.exe
    C:\Program Files (x86)\AVG\AVG2014\avgcsrva.exe
    C:\Windows\system32\lsm.exe
    C:\Windows\system32\svchost.exe -k DcomLaunch
    C:\Windows\system32\svchost.exe -k RPCSS
    svchost.exe
    C:\Windows\system32\atiesrxx.exe
    C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
    C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
    C:\Windows\system32\svchost.exe -k LocalService
    C:\Windows\system32\svchost.exe -k netsvcs
    C:\Windows\system32\svchost.exe -k NetworkService
    C:\Windows\system32\atieclxx.exe
    C:\Windows\System32\spoolsv.exe
    C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
    C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe
    C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe
    C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
    C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe
    C:\Windows\System32\svchost.exe -k LocalServiceNoNetwork
    C:\Program Files (x86)\GameTracker\GSInGameService.exe
    C:\Windows\system32\taskhost.exe
    C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
    C:\Windows\system32\Dwm.exe
    C:\Windows\Explorer.EXE
    C:\Windows\system32\taskeng.exe
    C:\Windows\SysWOW64\Rundll32.exe
    C:\Program Files (x86)\AVG\AVG2014\avgnsa.exe
    C:\Program Files (x86)\AVG\AVG2014\avgemca.exe
    C:\Windows\SysWOW64\PnkBstrA.exe
    C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
    C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRService.exe
    C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRServer.exe
    C:\Program Files (x86)\Splashtop\Splashtop Software Updater\SSUService.exe
    C:\Windows\system32\svchost.exe -k imgsvc
    C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe
    C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.2.0\ToolbarUpdater.exe
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
    C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
    C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
    C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesApp64.exe
    C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRFeature.exe
    C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
    C:\Windows\system32\SearchIndexer.exe
    C:\Windows\System32\WUDFHost.exe
    C:\Program Files\Logitech\Gaming Software\LWEMon.exe
    C:\Program Files (x86)\Java\jre7\bin\javaw.exe
    C:\Program Files (x86)\ooVoo\ooVoo.exe
    C:\Program Files (x86)\GameTracker\GTLite.exe
    C:\Program Files (x86)\Optimizer Pro\OptProSmartScan.exe
    C:\Program Files (x86)\Optimizer Pro\OptProReminder.exe
    C:\Program Files (x86)\AVG\AVG2014\avgui.exe
    C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
    C:\Program Files (x86)\BlueStacks\HD-Agent.exe
    C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
    C:\Program Files\Windows Media Player\wmpnetwk.exe
    C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
    C:\Windows\SysWOW64\ctfmon.exe
    C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
    C:\Program Files (x86)\AVG\AVG2014\avgcsrva.exe
    C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Windows\system32\taskeng.exe
    C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe
    C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
    C:\Windows\system32\svchost.exe -k SDRSVC
    C:\Users\Tyler\jagexcache\jagexlauncher\bin\JagexLauncher.exe
    C:\Program Files (x86)\WinRAR\WinRAR.exe
    C:\Users\Tyler\AppData\Local\Temp\Rar$EXa0.284\TDSSKiller\TDSSKiller.exe
    svchost.exe
    C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    C:\Windows\system32\SearchProtocolHost.exe
    C:\Windows\system32\SearchFilterHost.exe
    C:\Windows\system32\RunDll32.exe
    C:\Windows\system32\wbem\wmiprvse.exe
    C:\Windows\System32\cscript.exe
    .
    ============== Pseudo HJT Report ===============
    .
    mStart Page = hxxp://www.google.com
    uProxyOverride = <local>
    mWinlogon: Userinit = userinit.exe,
    BHO: Linksicle: {2AD2D8CA-D24D-40D2-A8FC-46952409BA9A} - C:\Program Files (x86)\Linksicle\IE\LinksicleClientIE.dll
    BHO: SteadyVideoBHO Class: {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} - C:\Program Files (x86)\AMD\SteadyVideo\SteadyVideo.dll
    BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
    BHO: ArcPluginIEBHO Class: {84BFE29A-8139-402a-B2A4-C23AE9E1A75F} - C:\Program Files (x86)\Perfect World Entertainment\Arc\plugins\ArcPluginIE.dll
    BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL
    BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
    BHO: HP Network Check Helper: {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll
    uRun: [Server] C:\Program Files (x86)\Java\jre7\bin\javaw -jar "C:\Users\Tyler\AppData\RoamingServer-109215895.jar"
    uRun: [ooVoo.exe] C:\Program Files (x86)\ooVoo\oovoo.exe /minimized
    uRun: [Pando Media Booster] C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
    uRun: [audios] C:\Users\Tyler\AppData\Roaming\Microsoft\audios.exe
    uRun: [BackgroundContainer] "C:\Windows\SysWOW64\Rundll32.exe" "C:\Users\Tyler\AppData\Local\Conduit\BackgroundContainer\BackgroundContainer.dll",DllRun
    uRun: [GameTracker] C:\Program Files (x86)\GameTracker\GTLite.exe
    uRun: [Optimizer Pro] C:\Program Files (x86)\Optimizer Pro\OptProLauncher.exe
    uRun: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
    mRun: [AVG_UI] "C:\Program Files (x86)\AVG\AVG2014\avgui.exe" /TRAYONLY
    mRun: [Arc] C:\Program Files (x86)\Perfect World Entertainment\Arc\ArcLauncher.exe /autorun
    mRun: [vProt] "C:\Program Files (x86)\AVG Secure Search\vprot.exe"
    mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
    mRun: [BlueStacks Agent] C:\Program Files (x86)\BlueStacks\HD-Agent.exe
    mRun: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun
    dRun: [SearchProtect] \SearchProtect\bin\cltmng.exe
    mPolicies-Explorer: NoActiveDesktop = dword:1
    mPolicies-Explorer: NoActiveDesktopChanges = dword:1
    mPolicies-System: ConsentPromptBehaviorAdmin = dword:0
    mPolicies-System: ConsentPromptBehaviorUser = dword:3
    mPolicies-System: EnableUIADesktopToggle = dword:0
    mPolicies-System: PromptOnSecureDesktop = dword:0
    IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
    IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
    IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
    IE: {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
    IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
    IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
    Trusted Zone: clonewarsadventures.com
    Trusted Zone: freerealms.com
    Trusted Zone: soe.com
    Trusted Zone: sony.com
    DPF: {233C1507-6A77-46A4-9443-F871F945D258} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
    DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
    DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab
    DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
    DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
    TCP: NameServer = 10.0.1.1
    TCP: Interfaces\{ECA38290-460A-4417-BFDD-96FAE02317A1} : DHCPNameServer = 10.0.1.1
    TCP: Interfaces\{ECA38290-460A-4417-BFDD-96FAE02317A1}\D696E656 : DHCPNameServer = 209.18.47.61 209.18.47.62
    Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
    Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\AMD\SteadyVideo\VideoMIMEFilter.dll
    Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\AMD\SteadyVideo\VideoMIMEFilter.dll
    Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - <orphaned>
    Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
    Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
    AppInit_DLLs= c:\progra~2\optimi~1\optpro~1.dll
    SSODL: WebCheck - <orphaned>
    mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.116\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
    x64-BHO: Linksicle: {2AD2D8CA-D24D-40D2-A8FC-46952409BA9A} - C:\Program Files\Linksicle\IE\LinksicleClientIE.dll
    x64-BHO: SteadyVideoBHO Class: {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} - C:\Program Files\AMD\SteadyVideo\SteadyVideo.dll
    x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
    x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL
    x64-BHO: HP Network Check Helper: {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll
    x64-Run: [Start WingMan Profiler] C:\Program Files\Logitech\Gaming Software\LWEMon.exe /noui
    x64-Run: [Logitech Download Assistant] C:\Windows\System32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
    x64-Run: [XboxStat] "C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe" silentrun
    x64-RunOnce: [NCPluginUpdater] "C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe" Update
    x64-IE: {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
    x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
    x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
    x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
    x64-Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll
    x64-Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll
    x64-Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - <orphaned>
    x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
    x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
    x64-SSODL: WebCheck - <orphaned>
    .
    ================= FIREFOX ===================
    .
    FF - ProfilePath - C:\Users\Tyler\AppData\Roaming\Mozilla\Firefox\Profiles\6ya8ibqn.default\
    FF - prefs.js: browser.search.selectedEngine - Conduit Search
    FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL
    FF - plugin: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
    FF - plugin: C:\Program Files (x86)\Battlelog Web Plugins\2.1.3\npesnlaunch.dll
    FF - plugin: C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll
    FF - plugin: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npdeployJava1.dll
    FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
    FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrlui.dll
    FF - plugin: C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll
    FF - plugin: C:\Program Files (x86)\Perfect World Entertainment\Arc\Plugins\npArcPluginFF.dll
    FF - plugin: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll
    FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
    FF - plugin: C:\ProgramData\HappyCloud\Application\npHappyCloudPlugin.dll
    FF - plugin: C:\Users\Tyler\AppData\Local\Google\Update\1.3.22.3\npGoogleUpdate3.dll
    FF - plugin: C:\Users\Tyler\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll
    FF - plugin: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1165635.dll
    FF - plugin: C:\Windows\SysWOW64\Adobe\Director\np32dsw_1207148.dll
    FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_168.dll
    FF - ExtSQL: !HIDDEN! 2013-12-18 20:45; linksicle@linksicle.com; C:\Program Files (x86)\Mozilla Firefox\extensions\linksicle@linksicle.com
    .
    ============= SERVICES / DRIVERS ===============
    .
    R0 amd_sata;amd_sata;C:\Windows\System32\drivers\amd_sata.sys [2011-12-5 78976]
    R0 amd_xata;amd_xata;C:\Windows\System32\drivers\amd_xata.sys [2011-12-5 38528]
    R0 AVGIDSHA;AVGIDSHA;C:\Windows\System32\drivers\avgidsha.sys [2014-3-27 192792]
    R0 Avgloga;AVG Logging Driver;C:\Windows\System32\drivers\avgloga.sys [2014-3-27 324376]
    R0 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;C:\Windows\System32\drivers\avgmfx64.sys [2014-3-31 130840]
    R0 Avgrkx64;AVG Anti-Rootkit Driver;C:\Windows\System32\drivers\avgrkx64.sys [2014-3-27 32536]
    R1 Avgdiska;AVG Disk Driver;C:\Windows\System32\drivers\avgdiska.sys [2014-3-27 153368]
    R1 AVGIDSDriver;AVGIDSDriver;C:\Windows\System32\drivers\avgidsdrivera.sys [2014-4-18 237336]
    R1 Avgldx64;AVG AVI Loader Driver;C:\Windows\System32\drivers\avgldx64.sys [2014-3-27 236824]
    R1 Avgtdia;AVG TDI Driver;C:\Windows\System32\drivers\avgtdia.sys [2014-3-31 274200]
    R1 avgtp;avgtp;C:\Windows\System32\drivers\avgtpx64.sys [2012-7-22 46368]
    R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\System32\atiesrxx.exe [2013-12-6 239616]
    R2 AMD FUEL Service;AMD FUEL Service;C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2013-12-6 344064]
    R2 AODDriver4.2.0;AODDriver4.2.0;C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys [2013-9-19 59648]
    R2 AVGIDSAgent;AVGIDSAgent;C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe [2014-4-18 3645456]
    R2 avgwd;AVG WatchDog;C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe [2014-3-27 291912]
    R2 BstHdDrv;BlueStacks Hypervisor;C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [2014-2-18 122128]
    R2 BstHdLogRotatorSvc;BlueStacks Log Rotator Service;C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [2014-2-18 385808]
    R2 BstHdUpdaterSvc;BlueStacks Updater Service;C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe [2014-2-18 766736]
    R2 cvhsvc;Client Virtualization Handler;C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE [2013-4-22 822504]
    R2 GS In-Game Service;GS In-Game Service;C:\Program Files (x86)\GameTracker\GSInGameService.exe [2013-11-18 1677080]
    R2 HiPatchService;Hi-Rez Studios Authenticate and Update Service;C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [2013-7-17 9216]
    R2 HP Support Assistant Service;HP Support Assistant Service;C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe [2013-11-4 92160]
    R2 sftlist;Application Virtualization Client;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2013-6-26 523944]
    R2 SplashtopRemoteService;Splashtop® Remote Service;C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRService.exe [2013-1-28 551264]
    R2 SSUService;Splashtop Software Updater Service;C:\Program Files (x86)\Splashtop\Splashtop Software Updater\SSUService.exe [2013-8-7 609056]
    R2 TuneUp.UtilitiesSvc;AVG PC TuneUp Service;C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe [2013-10-31 2148664]
    R2 vToolbarUpdater17.2.0;vToolbarUpdater17.2.0;C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.2.0\ToolbarUpdater.exe [2013-12-8 1771544]
    R3 amdhub30;AMD USB 3.0 Hub Driver;C:\Windows\System32\drivers\amdhub30.sys [2011-12-5 87168]
    R3 amdxhc;AMD USB 3.0 Host Controller Driver;C:\Windows\System32\drivers\amdxhc.sys [2011-12-5 188544]
    R3 netr28x;Ralink 802.11n Extensible Wireless Driver;C:\Windows\System32\drivers\netr28x.sys [2011-12-5 1360960]
    R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2011-12-5 471144]
    R3 Sftfs;Sftfs;C:\Windows\System32\drivers\Sftfslh.sys [2013-6-26 767144]
    R3 Sftplay;Sftplay;C:\Windows\System32\drivers\Sftplaylh.sys [2013-6-26 273576]
    R3 Sftredir;Sftredir;C:\Windows\System32\drivers\Sftredirlh.sys [2013-6-26 28840]
    R3 Sftvol;Sftvol;C:\Windows\System32\drivers\Sftvollh.sys [2013-6-26 23208]
    R3 sftvsa;Application Virtualization Service Agent;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2013-6-26 207528]
    R3 TuneUpUtilitiesDrv;TuneUpUtilitiesDrv;C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver64.sys [2012-7-4 11880]
    R3 usbfilter;AMD USB Filter Driver;C:\Windows\System32\drivers\usbfilter.sys [2011-12-5 47232]
    S2 70e6ca8c;Optimizer Pro Crash Monitor;C:\Windows\System32\rundll32.exe [2009-7-13 45568]
    S2 BstHdAndroidSvc;BlueStacks Android Service;C:\Program Files (x86)\BlueStacks\HD-Service.exe [2014-2-18 402192]
    S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-9-11 105144]
    S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-9-11 124088]
    S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-10-23 172192]
    S3 ArcService;Arc Service;C:\Program Files (x86)\Perfect World Entertainment\Arc\ArcService.exe [2014-4-11 88400]
    S3 BEService;BattlEye Service;C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [2013-2-7 49152]
    S3 GamesAppService;GamesAppService;C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]
    S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2014-4-22 111616]
    S3 OverwolfUpdaterService;Overwolf Updater Service;C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [2013-9-10 18360]
    S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2010-11-20 59392]
    S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2010-11-20 31232]
    S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2012-7-9 52736]
    S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2011-12-27 1255736]
    S4 AESTFilters;Andrea ST Filters Service;C:\Program Files\IDT\WDM\AESTSr64.exe [2011-12-5 89600]
    S4 HPClientSvc;HP Client Services;C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe [2010-10-11 346168]
    S4 pdfcDispatcher;PDF Document Manager;C:\Program Files (x86)\PDF Complete\pdfsvc.exe [2011-12-5 1128952]
    S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]
    .
    =============== Created Last 30 ================
    .
    2014-04-24 02:13:32 -------- d-----w- C:\tmp
    2014-04-23 02:54:25 -------- d-----w- C:\Users\Tyler\AppData\Roaming\Craften Terminal
    2014-04-23 02:54:15 -------- d-----w- C:\Program Files (x86)\Craften Terminal
    2014-04-22 08:01:02 359936 ----a-w- C:\Program Files\Internet Explorer\IEShims.dll
    2014-04-22 08:01:02 257536 ----a-w- C:\Program Files (x86)\Internet Explorer\IEShims.dll
    2014-04-22 08:01:00 548352 ----a-w- C:\Windows\System32\vbscript.dll
    2014-04-22 08:01:00 455168 ----a-w- C:\Windows\SysWow64\vbscript.dll
    2014-04-18 21:23:50 14100640 ----a-w- C:\Program Files\Windows Defender\en-US\systemprofile\AppData\Local\Avg2014\update\backup\Launcher.exe
    2014-04-18 20:01:56 237336 ----a-w- C:\Windows\System32\drivers\avgidsdrivera.sys
    2014-04-13 13:47:26 503312 ----a-w- C:\Program Files\Windows Defender\en-US\systemprofile\AppData\Local\Avg2014\update\backup\avgmfarx.dll
    2014-04-13 13:47:26 2917904 ----a-w- C:\Program Files\Windows Defender\en-US\systemprofile\AppData\Local\Avg2014\update\backup\avgupdx.dll
    2014-03-31 21:20:54 274200 ----a-w- C:\Windows\System32\drivers\avgtdia.sys
    2014-03-31 21:06:26 130840 ----a-w- C:\Windows\System32\drivers\avgmfx64.sys
    2014-03-31 14:36:01 6089216 ----a-w- C:\Program Files\Windows Defender\en-US\systemprofile\AppData\Local\Avg2014\update\backup\avgmfapx.exe
    2014-03-28 03:14:26 192792 ----a-w- C:\Windows\System32\drivers\avgidsha.sys
    2014-03-28 03:14:24 153368 ----a-w- C:\Windows\System32\drivers\avgdiska.sys
    2014-03-28 03:07:10 236824 ----a-w- C:\Windows\System32\drivers\avgldx64.sys
    2014-03-28 03:05:02 324376 ----a-w- C:\Windows\System32\drivers\avgloga.sys
    2014-03-28 03:03:16 32536 ----a-w- C:\Windows\System32\drivers\avgrkx64.sys
    .
    ==================== Find3M ====================
    .
    2014-03-27 01:37:26 71048 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
    2014-03-27 01:37:26 692616 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
    2014-03-06 09:32:16 2724864 ----a-w- C:\Windows\System32\mshtml.tlb
    2014-03-06 09:31:33 4096 ----a-w- C:\Windows\System32\ieetwcollectorres.dll
    2014-03-06 08:59:04 66048 ----a-w- C:\Windows\System32\iesetup.dll
    2014-03-06 08:57:20 48640 ----a-w- C:\Windows\System32\ieetwproxystub.dll
    2014-03-06 08:32:07 2724864 ----a-w- C:\Windows\SysWow64\mshtml.tlb
    2014-03-06 08:29:40 139264 ----a-w- C:\Windows\System32\ieUnatt.exe
    2014-03-06 08:29:14 111616 ----a-w- C:\Windows\System32\ieetwcollector.exe
    2014-03-06 08:28:15 752640 ----a-w- C:\Windows\System32\jscript9diag.dll
    2014-03-06 08:15:54 940032 ----a-w- C:\Windows\System32\MsSpellCheckingFacility.exe
    2014-03-06 08:11:41 5784064 ----a-w- C:\Windows\System32\jscript9.dll
    2014-03-06 08:02:34 61952 ----a-w- C:\Windows\SysWow64\iesetup.dll
    2014-03-06 08:01:01 51200 ----a-w- C:\Windows\SysWow64\ieetwproxystub.dll
    2014-03-06 07:56:43 38400 ----a-w- C:\Windows\System32\JavaScriptCollectionAgent.dll
    2014-03-06 07:46:36 4254720 ----a-w- C:\Windows\SysWow64\jscript9.dll
    2014-03-06 07:38:13 112128 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
    2014-03-06 07:36:40 592896 ----a-w- C:\Windows\SysWow64\jscript9diag.dll
    2014-03-06 07:13:43 32256 ----a-w- C:\Windows\SysWow64\JavaScriptCollectionAgent.dll
    2014-03-06 07:11:15 2043904 ----a-w- C:\Windows\System32\inetcpl.cpl
    2014-03-06 06:40:39 1967104 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
    2014-03-06 06:22:40 2260480 ----a-w- C:\Windows\System32\wininet.dll
    2014-03-06 05:41:49 1789440 ----a-w- C:\Windows\SysWow64\wininet.dll
    2014-03-04 09:44:21 362496 ----a-w- C:\Windows\System32\wow64win.dll
    2014-03-04 09:44:21 243712 ----a-w- C:\Windows\System32\wow64.dll
    2014-03-04 09:44:21 13312 ----a-w- C:\Windows\System32\wow64cpu.dll
    2014-03-04 09:44:03 16384 ----a-w- C:\Windows\System32\ntvdm64.dll
    2014-03-04 09:17:19 14336 ----a-w- C:\Windows\SysWow64\ntvdm64.dll
    2014-03-04 09:17:05 44032 ----a-w- C:\Windows\apppatch\acwow64.dll
    2014-03-04 09:16:54 25600 ----a-w- C:\Windows\SysWow64\setup16.exe
    2014-03-04 09:16:18 5120 ----a-w- C:\Windows\SysWow64\wow32.dll
    2014-03-04 08:09:30 7680 ----a-w- C:\Windows\SysWow64\instnm.exe
    2014-03-04 08:09:29 2048 ----a-w- C:\Windows\SysWow64\user.exe
    2014-02-07 01:23:30 3156480 ----a-w- C:\Windows\System32\win32k.sys
    2014-02-04 02:35:56 190912 ----a-w- C:\Windows\System32\drivers\storport.sys
    2014-02-04 02:35:49 274880 ----a-w- C:\Windows\System32\drivers\msiscsi.sys
    2014-02-04 02:35:35 27584 ----a-w- C:\Windows\System32\drivers\Diskdump.sys
    2014-02-04 02:32:22 1424384 ----a-w- C:\Windows\System32\WindowsCodecs.dll
    2014-02-04 02:32:12 624128 ----a-w- C:\Windows\System32\qedit.dll
    2014-02-04 02:28:36 2048 ----a-w- C:\Windows\System32\iologmsg.dll
    2014-02-04 02:04:22 1230336 ----a-w- C:\Windows\SysWow64\WindowsCodecs.dll
    2014-02-04 02:04:11 509440 ----a-w- C:\Windows\SysWow64\qedit.dll
    2014-02-04 02:00:39 2048 ----a-w- C:\Windows\SysWow64\iologmsg.dll
    2014-01-29 02:32:18 484864 ----a-w- C:\Windows\System32\wer.dll
    2014-01-29 02:06:47 381440 ----a-w- C:\Windows\SysWow64\wer.dll
    2014-01-28 02:32:46 228864 ----a-w- C:\Windows\System32\wwansvc.dll
    .
    ============= FINISH: 16:06:31.17 ===============
     
  4. Jim recardo

    Jim recardo TS Rookie Topic Starter Posts: 29

    .
    UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
    IF REQUESTED, ZIP IT UP & ATTACH IT
    .
    DDS (Ver_2012-11-20.01)
    .
    Microsoft Windows 7 Home Premium
    Boot Device: \Device\HarddiskVolume1
    Install Date: 12/25/2011 10:12:15 AM
    System Uptime: 4/24/2014 3:47:42 PM (1 hours ago)
    .
    Motherboard: PEGATRON CORPORATION | | 2ACD
    Processor: AMD A6-3600 APU with Radeon(tm) HD Graphics | P0 | 2100/100mhz
    .
    ==== Disk Partitions =========================
    .
    C: is FIXED (NTFS) - 1851 GiB total, 1287.076 GiB free.
    D: is FIXED (NTFS) - 12 GiB total, 1.427 GiB free.
    E: is CDROM ()
    F: is Removable
    G: is Removable
    H: is Removable
    I: is Removable
    .
    ==== Disabled Device Manager Items =============
    .
    ==== System Restore Points ===================
    .
    RP316: 4/20/2014 7:00:04 PM - Windows Backup
    RP317: 4/22/2014 3:00:14 AM - Windows Update
    .
    ==== Installed Programs ======================
    .
    802.11n Wireless LAN Card
    8BitMMO
    Adobe AIR
    Adobe Download Assistant
    Adobe Flash Player 11 ActiveX
    Adobe Flash Player 12 Plugin
    Adobe Shockwave Player 12.1
    Agatha Christie - Peril at End House
    Allods Online 4.0.03.42
    AMD Accelerated Video Transcoding
    AMD APP SDK Runtime
    AMD Catalyst Control Center
    AMD Catalyst Install Manager
    AMD Drag and Drop Transcoding
    AMD Fuel
    AMD Media Foundation Decoders
    AMD Steady Video Plug-In
    AMD Wireless Display v3.0
    APB Reloaded
    Apple Application Support
    Apple Mobile Device Support
    Apple Software Update
    Arc
    Arma 2: DayZ Mod
    AVG 2014
    AVG PC TuneUp
    AVG PC TuneUp Language Pack (en-US)
    Bandicam
    Bandisoft MPEG-1 Decoder
    Battle.net
    Battlefield 3™
    BattlEye for OA Uninstall
    BattlEye Uninstall
    Bejeweled 3
    Blackhawk Striker 2
    Blasterball 3
    Blender
    BlueStacks App Player
    BlueStacks Notification Center
    Borderlands 2
    Bounce Symphony
    Bundled software uninstaller
    Cake Mania
    Call of Duty 4: Modern Warfare
    Catalyst Control Center - Branding
    Catalyst Control Center Graphics Previews Common
    Catalyst Control Center InstallProxy
    Catalyst Control Center Localization All
    ccc-utility64
    CCC Help Chinese Standard
    CCC Help Chinese Traditional
    CCC Help Czech
    CCC Help Danish
    CCC Help Dutch
    CCC Help English
    CCC Help Finnish
    CCC Help French
    CCC Help German
    CCC Help Greek
    CCC Help Hungarian
    CCC Help Italian
    CCC Help Japanese
    CCC Help Korean
    CCC Help Norwegian
    CCC Help Polish
    CCC Help Portuguese
    CCC Help Russian
    CCC Help Spanish
    CCC Help Swedish
    CCC Help Thai
    CCC Help Turkish
    Chivalry: Medieval Warfare
    Chronicles of Albian
    Chuzzle Deluxe
    Combat Arms
    Cradle of Rome 2
    Craften Terminal 3.5.5
    Creation Kit
    CrimeCraft GangWars
    D3DX10
    DayZ
    DayZ Commander
    DC Universe Online
    Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
    Demolition, Inc.
    Diablo III
    Dota 2
    Dragons Prophet
    Dungeons & Dragons Online®
    Empire: Total War Demo
    ESN Sonar
    EverQuest II
    Farm Frenzy
    FATE
    Football Superstars
    Fraps
    Gameforge Live 1.7.0 "Legend"
    GameSalad Creator
    GameTracker Lite
    Garry's Mod
    Google Chrome
    Google Update Helper
    Gotham City Impostors: Free To Play
    Governor of Poker 2 Premium Edition
    Guild Wars 2
    Gyazo 1.0.1
    Happy Cloud Client
    Hearthstone
    Hewlett-Packard ACLM.NET v1.2.2.3
    Hi-Rez Studios Authenticate and Update Service
    HP Auto
    HP Client Services
    HP Customer Experience Enhancements
    HP Games
    HP LinkUp
    HP Odometer
    HP Product Detection
    HP Setup
    HP Setup Manager
    HP Support Assistant
    HP Support Information
    HP Update
    HP Vision Hardware Diagnostics
    HTML5 Video Player 1.2.5
    iCloud
    IDT Audio
    InfoSeeker
    iTunes
    Java 7 Update 51
    Java Auto Updater
    Java(TM) 6 Update 22
    Java(TM) 6 Update 31
    JavaFX 2.1.0
    Jewel Quest: The Sleepless Star - Collector's Edition
    Junk Mail filter update
    Just Cause 2
    League of Legends
    Linksicle
    Loadout
    Logitech Gaming Software 5.10
    Mah Jong Medley
    Manic Digger
    MapleStory
    Mesh Runtime
    Microsoft .NET Framework 1.1
    Microsoft .NET Framework 4.5.1
    Microsoft Application Error Reporting
    Microsoft Games for Windows - LIVE Redistributable
    Microsoft Games for Windows Marketplace
    Microsoft IntelliPoint 8.2
    Microsoft Mathematics
    Microsoft Office 2010
    Microsoft Office Access MUI (English) 2010
    Microsoft Office Access Setup Metadata MUI (English) 2010
    Microsoft Office Click-to-Run 2010
    Microsoft Office Excel MUI (English) 2010
    Microsoft Office Office 64-bit Components 2010
    Microsoft Office OneNote MUI (English) 2010
    Microsoft Office Outlook MUI (English) 2010
    Microsoft Office PowerPoint MUI (English) 2010
    Microsoft Office Professional 2010
    Microsoft Office Proof (English) 2010
    Microsoft Office Proof (French) 2010
    Microsoft Office Proof (Spanish) 2010
    Microsoft Office Proofing (English) 2010
    Microsoft Office Publisher MUI (English) 2010
    Microsoft Office Shared 64-bit MUI (English) 2010
    Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010
    Microsoft Office Shared MUI (English) 2010
    Microsoft Office Shared Setup Metadata MUI (English) 2010
    Microsoft Office Single Image 2010
    Microsoft Office Starter 2010 - English
    Microsoft Office Word MUI (English) 2010
    Microsoft Silverlight
    Microsoft SQL Server 2005 Compact Edition [ENU]
    Microsoft Visual C++ 2005 Redistributable
    Microsoft Visual C++ 2005 Redistributable (x64)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
    Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
    Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
    Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727
    Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727
    Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106
    Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727
    Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727
    Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.50727
    Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.51106
    Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.50727
    Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.51106
    Microsoft WSE 3.0 Runtime
    Microsoft Xbox 360 Accessories 1.2
    Microsoft XNA Framework Redistributable 4.0
    Mozilla Firefox 17.0.1 (x86 en-US)
    Mozilla Maintenance Service
    MSVCRT
    MSVCRT_amd64
    MSXML 4.0 SP2 (KB954430)
    MSXML 4.0 SP2 (KB973688)
    Mystery of Mortlake Mansion
    Namco All-Stars: PAC-MAN
    No-IP DUC
    NVIDIA PhysX
    ooVoo
    Open Broadcaster Software
    OpenOffice.org 3.3
    Optimizer Pro v3.2
    Orcs Must Die!
    Origin
    Overwolf
    Paint.NET v3.5.10
    PaintTool SAI Ver.1
    Panda3D 1.8.1
    Pando Media Booster
    PDF Complete Special Edition
    Penguins!
    Pirate101
    PlanetSide 2
    Plants vs. Zombies - Game of the Year
    Play withSIX
    Poker Superstars III
    Polar Bowler
    Polar Golfer
    Poniga2Image
    PressReader
    PunkBuster Services
    Ravaged
    Recovery Manager
    Remote Graphics Receiver
    ROBLOX Studio for Tyler
    Runes of Magic
    Runescape Item Spawner
    RuneScape Launcher 1.2.3
    Rust
    Security Update for Microsoft .NET Framework 4.5.1 (KB2898869)
    Security Update for Microsoft .NET Framework 4.5.1 (KB2901126)
    Security Update for Microsoft Excel 2010 (KB2826033) 32-Bit Edition
    Security Update for Microsoft Office 2010 (KB2553284) 32-Bit Edition
    Security Update for Microsoft Office 2010 (KB2687423) 32-Bit Edition
    Security Update for Microsoft Office 2010 (KB2826023) 32-Bit Edition
    Security Update for Microsoft Office 2010 (KB2826035) 32-Bit Edition
    Security Update for Microsoft Office 2010 (KB2850016) 32-Bit Edition
    Security Update for Microsoft Word 2010 (KB2863926) 32-Bit Edition
    Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition
    SketchUp 2013
    Skype™ 6.14
    Slingo Supreme
    Smite
    Source Filmmaker
    Splashtop Software Updater
    Splashtop Streamer
    Star Trek Online
    Star Wars The Old Republic
    Star Wars: The Old Republic
    Steam
    SwitchBlade
    swMSM
    System Requirements Lab CYRI
    TeamSpeak 3 Client
    Terraria
    The Elder Scrolls V: Skyrim
    The Lord of the Rings Online
    The Mighty Quest For Epic Loot
    The Sims™ 3
    The Sims™ 3 Pets Create A Pet Demo
    The War Z version 1.0
    topdeAl
    Unity Web Player
    Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition
    Update for Microsoft Filter Pack 2.0 (KB2837594) 32-Bit Edition
    Update for Microsoft InfoPath 2010 (KB2817369) 32-Bit Edition
    Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition
    Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition
    Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition
    Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition
    Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition
    Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition
    Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition
    Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition
    Update for Microsoft Office 2010 (KB2863818) 32-Bit Edition
    Update for Microsoft Office 2010 (KB2878225) 32-Bit Edition
    Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition
    Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition
    Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition
    Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition
    Update for Microsoft Visio 2010 (KB2553444) 32-Bit Edition
    Update for Microsoft Visio Viewer 2010 (KB2810066) 32-Bit Edition
    Update Installer for WildTangent Games App
    Vacation Quest - The Hawaiian Islands
    Virtual Villagers 5 - New Believers
    Visual Studio 2008 x64 Redistributables
    Visual Studio 2010 x64 Redistributables
    Visual Studio 2012 x64 Redistributables
    Visual Studio 2012 x86 Redistributables
    VisualBee for Microsoft PowerPoint
    War Thunder Launcher 1.0.1.252
    WebCake 3.00
    WildTangent Games App (HP Games)
    Windows Live Communications Platform
    Windows Live Essentials
    Windows Live ID Sign-in Assistant
    Windows Live Installer
    Windows Live Language Selector
    Windows Live Mail
    Windows Live Mesh
    Windows Live Mesh ActiveX Control for Remote Connections
    Windows Live Messenger
    Windows Live MIME IFilter
    Windows Live Movie Maker
    Windows Live Photo Common
    Windows Live Photo Gallery
    Windows Live PIMT Platform
    Windows Live Remote Client
    Windows Live Remote Client Resources
    Windows Live Remote Service
    Windows Live Remote Service Resources
    Windows Live SOXE
    Windows Live SOXE Definitions
    Windows Live UX Platform
    Windows Live UX Platform Language Pack
    Windows Live Writer
    Windows Live Writer Resources
    WinRAR 4.20 beta 1 (32-bit)
    World of Warcraft
    World of Warcraft Public Test
    WOwiCoupon
    XSplit
    Youbooster Pro Edition 2.1
    Zuma Deluxe
    .
    ==== Event Viewer Messages From Past Week ========
    .
    4/24/2014 3:49:01 PM, Error: Service Control Manager [7023] - The Function Discovery Resource Publication service terminated with the following error: %%-2147024891
    4/24/2014 3:49:01 PM, Error: Service Control Manager [7001] - The HomeGroup Provider service depends on the Function Discovery Resource Publication service which failed to start because of the following error: %%-2147024891
    4/24/2014 3:48:35 PM, Error: Service Control Manager [7023] - The BlueStacks Android Service service terminated with the following error: An exception occurred in the service when handling the control request.
    4/24/2014 3:48:30 PM, Error: Service Control Manager [7003] - The IPsec Policy Agent service depends the following service: BFE. This service might not be installed.
    4/24/2014 3:48:30 PM, Error: Service Control Manager [7003] - The IKE and AuthIP IPsec Keying Modules service depends the following service: BFE. This service might not be installed.
    4/24/2014 3:48:15 PM, Error: Service Control Manager [7023] - The Computer Browser service terminated with the following error: The specified service does not exist as an installed service.
    4/24/2014 12:06:48 PM, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Steam Client Service service to connect.
    4/24/2014 12:06:48 PM, Error: Service Control Manager [7000] - The Steam Client Service service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
    .
    ==== End Of File ===========================
     
  5. Jim recardo

    Jim recardo TS Rookie Topic Starter Posts: 29

    Pardon, the virus is called.. --- Trojan.Zekos.Patched
     
  6. Jim recardo

    Jim recardo TS Rookie Topic Starter Posts: 29

    And it replaced my temp file recently and now I have a non genuine version of windows. goodie.
     
  7. Broni

    Broni Malware Annihilator Posts: 47,078   +258

    [​IMG] Please download Farbar Recovery Scan Tool and save it to your Desktop.

    Note: You need to run the version compatibale with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.
    • Double-click to run it. When the tool opens click Yes to disclaimer.[/*]
    • Press Scan button.[/*]
    • It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.[/*]
    • The first time the tool is run, it makes also another log (Addition.txt). Please copy and paste it to your reply.[/*]

    [​IMG]
    Re-run FRST again.
    Type the following in the edit box after "Search:".

    rpcss.dll

    Click Search button and post the log (Search.txt) it makes in your reply.
     
  8. Jim recardo

    Jim recardo TS Rookie Topic Starter Posts: 29

    Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 27-04-2014
    Ran by Tyler (administrator) on BOB on 27-04-2014 21:02:56
    Running from C:\Users\Tyler\Downloads
    Windows 7 Home Premium Service Pack 1 (X64) OS Language: English(US)
    Internet Explorer Version 11
    Boot Mode: Safe Mode (with Networking)

    The only official download link for FRST:
    Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
    Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
    Download link from any site other than Bleeping Computer is unpermitted or outdated.
    See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

    ==================== Processes (Whitelisted) =================

    (Microsoft Corporation) C:\Windows\helppane.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Farbar) C:\Users\Tyler\Downloads\FRST64 (1).exe


    ==================== Registry (Whitelisted) ==================

    HKLM\...\Run: [Start WingMan Profiler] => C:\Program Files\Logitech\Gaming Software\LWEMon.exe [190536 2010-06-14] (Logitech Inc.)
    HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\System32\LogiLDA.dll [1832760 2012-09-20] (Logitech, Inc.)
    HKLM\...\Run: [XboxStat] => C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe [825184 2009-09-30] (Microsoft Corporation)
    HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\AVG2014\avgui.exe [5180432 2014-04-06] (AVG Technologies CZ, s.r.o.)
    HKLM-x32\...\Run: [Arc] => C:\Program Files (x86)\Perfect World Entertainment\Arc\ArcLauncher.exe [129360 2014-04-18] (Perfect World Entertainment)
    HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
    HKLM-x32\...\Run: [BlueStacks Agent] => C:\Program Files (x86)\BlueStacks\HD-Agent.exe
    HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766208 2013-12-06] (Advanced Micro Devices, Inc.)
    HKLM\...\RunOnce: [NCPluginUpdater] - "C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe" Update [21720 2014-04-08] (Hewlett-Packard)
    HKLM\...D6A79037F57F\InprocServer32: [Default-fastprox] fastprox.dll ATTENTION! ====> ZeroAccess?
    HKLM\...\Policies\Explorer: [NoControlPanel] 0
    HKU\S-1-5-21-2418007413-1503170158-2542834103-1001\...\Run: [Pando Media Booster] => C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe [3093624 2013-03-07] ()
    HKU\S-1-5-21-2418007413-1503170158-2542834103-1001\...\Run: [GameTracker] => C:\Program Files (x86)\GameTracker\GTLite.exe [4019992 2013-11-18] (ClanServers Hosting LLC)
    HKU\S-1-5-21-2418007413-1503170158-2542834103-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [20922016 2014-02-10] (Skype Technologies S.A.)
    HKU\S-1-5-21-2418007413-1503170158-2542834103-1001\...409d6c4515e9\InprocServer32: [Default-shell32] C:\$Recycle.Bin\S-1-5-21-2418007413-1503170158-2542834103-1001\$491bf2fdbe13adfc8b32742857159ae4\n. ATTENTION! ====> ZeroAccess?

    ==================== Internet (Whitelisted) ====================

    HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
    HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPDSK/1
    HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/
    HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x675DCD856149CF01
    HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-US
    StartMenuInternet: IEXPLORE.EXE - iexplore.exe
    SearchScopes: HKLM - DefaultScope value is missing.
    SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    SearchScopes: HKLM - {CBEB412B-2CEC-4768-AE16-CAB01B7B3AA0} URL = http://www.amazon.com/s/ref=azs_osd...ode=qs&index=aps&field-keywords={searchTerms}
    SearchScopes: HKLM - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = http://rover.ebay.com/rover/1/711-30572-11896-1/4?mpre=http://shop.ebay.com/?_nkw={searchTerms}
    SearchScopes: HKLM-x32 - {CBEB412B-2CEC-4768-AE16-CAB01B7B3AA0} URL = http://www.amazon.com/s/ref=azs_osd...ode=qs&index=aps&field-keywords={searchTerms}
    SearchScopes: HKLM-x32 - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = http://rover.ebay.com/rover/1/711-30572-11896-1/4?mpre=http://shop.ebay.com/?_nkw={searchTerms}
    SearchScopes: HKCU - AAB99EDB2D994BAE83DCD24F75CDC133 URL = http://proxy.allsearchapp.com/s.php?q={searchTerms}
    SearchScopes: HKCU - {9884A007-7EB5-4565-B4C2-F0C57AD6E22F} URL = http://websearch.ask.com/redirect?c...pn_sauid=99F05861-74A0-4BD8-9AC6-DD86D85C7891
    SearchScopes: HKCU - {CBEB412B-2CEC-4768-AE16-CAB01B7B3AA0} URL = http://www.amazon.com/s/ref=azs_osd...ode=qs&index=aps&field-keywords={searchTerms}
    SearchScopes: HKCU - {D90A9632-F4CB-4CAC-9964-B53156F01449} URL = http://search.conduit.com/ResultsEx...4&ctid=CT3311875&CUI=UN35094517031218317&UM=2
    SearchScopes: HKCU - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = http://rover.ebay.com/rover/1/711-30572-11896-1/4?mpre=http://shop.ebay.com/?_nkw={searchTerms}
    BHO: SteadyVideoBHO Class - {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} - C:\Program Files\AMD\SteadyVideo\SteadyVideo.dll (Advanced Micro Devices)
    BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
    BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
    BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll (Hewlett-Packard)
    BHO-x32: SteadyVideoBHO Class - {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} - C:\Program Files (x86)\amd\SteadyVideo\SteadyVideo.dll (Advanced Micro Devices)
    BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
    BHO-x32: ArcPluginIEBHO Class - {84BFE29A-8139-402a-B2A4-C23AE9E1A75F} - C:\Program Files (x86)\Perfect World Entertainment\Arc\Plugins\ArcPluginIE.dll (Perfect World Entertainment Inc)
    BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
    BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
    BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
    BHO-x32: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
    Toolbar: HKLM - No Name - !{95B7759C-8C7F-4BF1-B163-73684A933233} - No File
    Toolbar: HKLM-x32 - No Name - !{95B7759C-8C7F-4BF1-B163-73684A933233} - No File
    Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
    DPF: HKLM-x32 {233C1507-6A77-46A4-9443-F871F945D258} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
    Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - No File
    Handler-x32: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - No File
    Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
    Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
    Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
    Filter-x32: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
    Filter-x32: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
    Tcpip\Parameters: [DhcpNameServer] 10.0.1.1

    FireFox:
    ========
    FF ProfilePath: C:\Users\Tyler\AppData\Roaming\Mozilla\Firefox\Profiles\6ya8ibqn.default
    FF SearchEngineOrder.3: Bing
    FF SelectedSearchEngine: Google
    FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_77.dll ()
    FF Plugin: @microsoft.com/GENUINE - disabled No File
    FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
    FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
    FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_77.dll ()
    FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\system32\Adobe\Director\np32dsw_1210150.dll No File
    FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
    FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 - C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
    FF Plugin-x32: @esn/esnlaunch,version=2.1.3 - C:\Program Files (x86)\Battlelog Web Plugins\2.1.3\npesnlaunch.dll (ESN Social Software AB)
    FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
    FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
    FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
    FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
    FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
    FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
    FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
    FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
    FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
    FF Plugin-x32: @perfectworld.com/npArcPlayNowPlugin - C:\Program Files (x86)\Perfect World Entertainment\Arc\Plugins\npArcPluginFF.dll (Perfect World Entertainment Inc)
    FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
    FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
    FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 - C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()
    FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\Tyler\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
    FF Plugin HKCU: pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
    FF Plugin HKCU: thehappycloud.com/HappyCloudPlugin - C:\ProgramData\HappyCloud\Application\npHappyCloudPlugin.dll (The Happy Cloud)
    FF SearchPlugin: C:\Users\Tyler\AppData\Roaming\Mozilla\Firefox\Profiles\6ya8ibqn.default\searchplugins\all search.xml
    FF Extension: No Name - C:\Users\Tyler\AppData\Roaming\Mozilla\Firefox\Profiles\6ya8ibqn.default\Extensions\staged [2014-01-30]
    FF Extension: InfoSeeker - C:\Users\Tyler\AppData\Roaming\Mozilla\Firefox\Profiles\6ya8ibqn.default\Extensions\support@infoseekerapp.com [2013-07-07]
    FF Extension: topdeAl - C:\Users\Tyler\AppData\Roaming\Mozilla\Firefox\Profiles\6ya8ibqn.default\Extensions\yyeye@bfxse.edu [2014-01-24]
    FF Extension: Youtube High Definition - C:\Users\Tyler\AppData\Roaming\Mozilla\Firefox\Profiles\6ya8ibqn.default\Extensions\{7b1bf0b6-a1b9-42b0-b75d-252036438bdc} [2013-05-10]
    FF Extension: Personas Plus - C:\Users\Tyler\AppData\Roaming\Mozilla\Firefox\Profiles\6ya8ibqn.default\Extensions\personas@christopher.beard.xpi [2011-12-25]
    FF Extension: ReloadEvery - C:\Users\Tyler\AppData\Roaming\Mozilla\Firefox\Profiles\6ya8ibqn.default\Extensions\{888d99e7-e8b5-46a3-851e-1ec45da1e644}.xpi [2013-05-10]
    FF StartMenuInternet: FIREFOX.EXE - firefox.exe

    Chrome:
    =======
    CHR HomePage:
    CHR Extension: (Google Docs) - C:\Users\Tyler\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-03-26]
    CHR Extension: (Google Drive) - C:\Users\Tyler\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-03-26]
    CHR Extension: (YouTube) - C:\Users\Tyler\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-03-03]
    CHR Extension: (Google Search) - C:\Users\Tyler\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-03-03]
    CHR Extension: (AdBlock) - C:\Users\Tyler\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-03-26]
    CHR Extension: (Google Wallet) - C:\Users\Tyler\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-22]
    CHR Extension: (Gmail) - C:\Users\Tyler\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-03-03]
    CHR HKCU\...\Chrome\Extension: [blklojfklgnogjaijkibhfjepakiocng] - C:\Users\Tyler\AppData\Local\CRE\blklojfklgnogjaijkibhfjepakiocng.crx [2012-03-03]
    CHR HKCU\...\Chrome\Extension: [jfjbflachhjbdbhfgknpgcgpchaikkok] - C:\Users\Tyler\AppData\Local\CRE\jfjbflachhjbdbhfgknpgcgpchaikkok.crx [2012-03-03]
    CHR HKLM-x32\...\Chrome\Extension: [blklojfklgnogjaijkibhfjepakiocng] - C:\Users\Tyler\AppData\Local\CRE\blklojfklgnogjaijkibhfjepakiocng.crx [2012-03-03]
    CHR HKLM-x32\...\Chrome\Extension: [jfjbflachhjbdbhfgknpgcgpchaikkok] - C:\Users\Tyler\AppData\Local\CRE\jfjbflachhjbdbhfgknpgcgpchaikkok.crx [2012-03-03]
    CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

    ==================== Services (Whitelisted) =================

    S2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2013-12-06] (Advanced Micro Devices, Inc.)
    S3 ArcService; C:\Program Files (x86)\Perfect World Entertainment\Arc\ArcService.exe [88400 2014-04-18] (Perfect World Entertainment Inc)
    S2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe [3645456 2014-04-18] (AVG Technologies CZ, s.r.o.)
    S2 avgwd; C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe [291912 2014-03-27] (AVG Technologies CZ, s.r.o.)
    S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [49152 2013-02-07] ()
    S3 OverwolfUpdaterService; C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [18360 2013-06-11] (Overwolf Ltd)
    S4 pdfcDispatcher; C:\Program Files (x86)\PDF Complete\pdfsvc.exe [1128952 2011-05-05] (PDF Complete Inc)
    S2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2013-12-10] ()
    S2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe [2148664 2013-10-31] (AVG)
    S2 UxTuneUp; C:\Windows\System32\uxtuneup.dll [36664 2013-10-31] (AVG)
    S2 BstHdAndroidSvc; "C:\Program Files (x86)\BlueStacks\HD-Service.exe" BstHdAndroidSvc Android [X]
    S2 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [X]
    S2 BstHdUpdaterSvc; C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe [X]
    S2 vToolbarUpdater17.2.0; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.2.0\ToolbarUpdater.exe [X]

    ==================== Drivers (Whitelisted) ====================

    S2 AODDriver4.2.0; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [59648 2013-09-19] (Advanced Micro Devices)
    S1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [153368 2014-03-27] (AVG Technologies CZ, s.r.o.)
    S1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [237336 2014-04-18] (AVG Technologies CZ, s.r.o.)
    R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [192792 2014-03-27] (AVG Technologies CZ, s.r.o.)
    S1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [236824 2014-03-27] (AVG Technologies CZ, s.r.o.)
    R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [324376 2014-03-27] (AVG Technologies CZ, s.r.o.)
    R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [130840 2014-03-31] (AVG Technologies
     
  9. Jim recardo

    Jim recardo TS Rookie Topic Starter Posts: 29

    CZ, s.r.o.)
    R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [32536 2014-03-27] (AVG Technologies CZ, s.r.o.)
    R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [274200 2014-03-31] (AVG Technologies CZ, s.r.o.)
    R1 avgtp; C:\Windows\system32\drivers\avgtpx64.sys [46368 2013-11-11] (AVG Technologies)
    U0 Partizan; C:\Windows\SysWOW64\drivers\Partizan.sys [35816 2014-04-24] (Greatis Software)
    S3 TuneUpUtilitiesDrv; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver64.sys [11880 2012-07-04] (TuneUp Software)
    S2 BstHdDrv; \??\C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [X]
    S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]

    ==================== NetSvcs (Whitelisted) ===================


    ==================== One Month Created Files and Folders ========

    2014-04-27 21:02 - 2014-04-27 21:02 - 02061824 _____ (Farbar) C:\Users\Tyler\Downloads\FRST64 (1).exe
    2014-04-27 21:02 - 2014-04-27 21:02 - 00000000 _____ () C:\Users\Tyler\Downloads\FRST.txt
    2014-04-27 21:00 - 2014-04-27 21:00 - 00000000 _____ () C:\Users\Tyler\Downloads\Unconfirmed 252223.crdownload
    2014-04-25 22:08 - 2014-04-25 22:08 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\Tyler\Downloads\mbam-setup-2.0.1.1004 (1).exe
    2014-04-25 20:37 - 2014-04-25 20:37 - 00002709 _____ () C:\Users\Tyler\Downloads\legitcheck.hta
    2014-04-25 20:36 - 2014-04-25 22:48 - 00001184 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
    2014-04-25 20:36 - 2014-04-25 22:48 - 00001184 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
    2014-04-25 20:36 - 2014-04-25 20:36 - 00000552 _____ () C:\Windows\system32\spsys.log
    2014-04-25 20:33 - 2014-04-25 20:33 - 00000064 _____ () C:\Windows\system32\ahxv.iay
    2014-04-25 20:30 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll
    2014-04-25 20:29 - 2014-04-25 20:32 - 00000000 ____D () C:\AdwCleaner
    2014-04-25 20:29 - 2014-04-25 20:30 - 03972608 _____ () C:\Users\Tyler\Downloads\RogueKiller (1).exe
    2014-04-25 20:28 - 2014-04-25 20:28 - 01365865 _____ () C:\Users\Tyler\Downloads\adwcleaner.exe
    2014-04-25 19:20 - 2014-04-25 22:58 - 00000080 _____ () C:\Windows\system32\qutwe.enh
    2014-04-25 16:14 - 2014-04-25 17:08 - 00000000 ____D () C:\ProgramData\SecTaskMan
    2014-04-25 16:14 - 2014-04-25 17:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Security Task Manager
    2014-04-25 16:14 - 2014-04-25 17:08 - 00000000 ____D () C:\Program Files (x86)\Security Task Manager
    2014-04-25 16:13 - 2014-04-25 16:13 - 02365840 _____ () C:\Users\Tyler\Downloads\SecurityTaskManager_Setup.exe
    2014-04-25 15:54 - 2014-04-27 20:57 - 00000248 _____ () C:\Windows\SysWOW64\PARTIZAN.TXT
    2014-04-24 21:38 - 2014-04-24 21:38 - 00040720 _____ (Greatis Software) C:\Windows\system32\Partizan.exe
    2014-04-24 21:38 - 2014-04-24 21:38 - 00000081 _____ () C:\Windows\system32\Partizan.RRI
    2014-04-24 21:01 - 2014-04-25 17:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UnHackMe
    2014-04-24 21:01 - 2014-04-25 17:07 - 00000000 ____D () C:\Users\Tyler\Documents\RegRun2
    2014-04-24 21:01 - 2014-04-24 21:07 - 00000000 ____D () C:\Users\Public\Documents\regruninfo
    2014-04-24 21:01 - 2014-04-24 21:01 - 00035816 _____ (Greatis Software) C:\Windows\SysWOW64\Drivers\Partizan.sys
    2014-04-24 21:01 - 2014-04-24 21:01 - 00003314 _____ () C:\Windows\System32\Tasks\UnHackMe Task Scheduler
    2014-04-24 21:01 - 2014-04-24 21:01 - 00000973 _____ () C:\Users\Tyler\Desktop\UnHackMe.lnk
    2014-04-24 21:01 - 2014-04-24 21:01 - 00000002 RSHOT () C:\Windows\winstart.bat
    2014-04-24 21:01 - 2014-04-24 21:01 - 00000002 RSHOT () C:\Windows\SysWOW64\CONFIG.NT
    2014-04-24 21:01 - 2014-04-24 21:01 - 00000002 RSHOT () C:\Windows\SysWOW64\AUTOEXEC.NT
    2014-04-24 21:01 - 2014-03-28 13:01 - 00012800 _____ (Greatis Software, LLC.) C:\Windows\SysWOW64\Drivers\UnHackMeDrv.sys
    2014-04-24 21:00 - 2014-04-25 17:08 - 00000000 ____D () C:\Program Files (x86)\UnHackMe
    2014-04-24 20:59 - 2014-04-24 21:00 - 15295838 _____ () C:\Users\Tyler\Downloads\unhackme.zip
    2014-04-24 16:52 - 2014-04-24 16:52 - 00000000 _____ () C:\autoexec.bat
    2014-04-24 16:51 - 2014-04-25 17:07 - 00000000 ____D () C:\Users\Tyler\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpyHunter
    2014-04-24 16:51 - 2014-04-24 16:51 - 00002260 _____ () C:\Users\Tyler\Desktop\SpyHunter.lnk
    2014-04-24 16:51 - 2014-04-24 16:51 - 00000000 ____D () C:\sh4ldr
    2014-04-24 16:51 - 2014-04-24 16:51 - 00000000 ____D () C:\Program Files\Enigma Software Group
    2014-04-24 16:50 - 2014-04-24 16:50 - 00000859 _____ () C:\Users\Public\Desktop\Resume Reimage Repair Installation.lnk
    2014-04-24 16:49 - 2014-04-24 16:50 - 00000099 _____ () C:\Windows\Reimage.ini
    2014-04-24 16:49 - 2014-04-24 16:49 - 00797552 _____ (Reimage®) C:\Users\Tyler\Downloads\ReimageRepair.exe
    2014-04-24 16:42 - 2014-04-24 16:42 - 00728960 _____ (Enigma Software Group USA, LLC.) C:\Users\Tyler\Downloads\SpyHunter-Installer (2).exe
    2014-04-24 16:41 - 2014-04-24 16:43 - 00058230 _____ () C:\Users\Tyler\Desktop\Addition.txt
    2014-04-24 16:38 - 2014-04-27 21:02 - 00000000 ____D () C:\FRST
    2014-04-24 16:38 - 2014-04-24 16:43 - 00075834 _____ () C:\Users\Tyler\Desktop\FRST.txt
    2014-04-24 16:37 - 2014-04-24 16:37 - 02061824 _____ (Farbar) C:\Users\Tyler\Desktop\FRST64.exe
    2014-04-24 16:36 - 2014-04-24 16:37 - 02061824 _____ (Farbar) C:\Users\Tyler\Downloads\FRST64.exe
    2014-04-24 16:22 - 2014-04-25 20:48 - 00000494 _____ () C:\Windows\Tasks\ParetoLogic Update Version3 Startup Task.job
    2014-04-24 16:22 - 2014-04-25 20:48 - 00000460 _____ () C:\Windows\Tasks\RegCure Pro Startup.job
    2014-04-24 16:22 - 2014-04-25 16:03 - 00000563 _____ () C:\Windows\Tasks\RegCure Pro_sch_98CD0C73-CBF6-11E3-9F42-3860770FA3CC.job
    2014-04-24 16:22 - 2014-04-24 16:23 - 00002920 _____ () C:\Windows\System32\Tasks\ParetoLogic Update Version3 Startup Task
    2014-04-24 16:22 - 2014-04-24 16:23 - 00002614 _____ () C:\Windows\System32\Tasks\RegCure Pro Startup
    2014-04-24 16:22 - 2014-04-24 16:22 - 00003986 _____ () C:\Windows\System32\Tasks\RegCure Pro_sch_98CD0C73-CBF6-11E3-9F42-3860770FA3CC
    2014-04-24 16:22 - 2014-04-24 16:22 - 00001156 _____ () C:\Users\Tyler\Desktop\RegCure Pro.lnk
    2014-04-24 16:21 - 2014-04-24 16:22 - 06742552 _____ (ParetoLogic, Inc.) C:\Users\Tyler\Downloads\RegCureProSetup.exe
    2014-04-24 16:21 - 2014-04-24 16:21 - 00728960 _____ (Enigma Software Group USA, LLC.) C:\Users\Tyler\Downloads\SpyHunter-Installer (1).exe
    2014-04-24 16:20 - 2014-04-24 16:20 - 00001205 _____ () C:\Users\Tyler\Downloads\FixNCR.reg
    2014-04-24 16:18 - 2014-04-25 17:07 - 00000000 ____D () C:\Users\Tyler\Desktop\RK_Quarantine
    2014-04-24 16:16 - 2014-04-24 16:16 - 00000000 ____D () C:\ProgramData\HitmanPro
    2014-04-24 16:15 - 2014-04-24 16:16 - 07302320 _____ () C:\Users\Tyler\Downloads\bitdefender_tsecurity.exe
    2014-04-24 16:14 - 2014-04-24 16:14 - 03972608 _____ () C:\Users\Tyler\Downloads\RogueKiller.exe
    2014-04-24 16:13 - 2014-04-24 16:22 - 10971424 _____ (SurfRight B.V.) C:\Users\Tyler\Downloads\HitmanPro_x64.exe
    2014-04-24 16:13 - 2014-04-24 16:14 - 10094400 _____ (SurfRight B.V.) C:\Users\Tyler\Downloads\HitmanPro.exe
    2014-04-24 16:06 - 2014-04-25 22:10 - 00001068 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
    2014-04-24 16:06 - 2014-04-25 22:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
    2014-04-24 16:06 - 2014-04-25 22:10 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
    2014-04-24 16:06 - 2014-04-24 16:07 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
    2014-04-24 16:06 - 2014-04-24 16:06 - 00025815 _____ () C:\Users\Tyler\Desktop\dds.txt
    2014-04-24 16:06 - 2014-04-24 16:06 - 00012514 _____ () C:\Users\Tyler\Desktop\attach.txt
    2014-04-24 16:06 - 2014-04-03 09:51 - 00088280 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
    2014-04-24 16:06 - 2014-04-03 09:51 - 00063192 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
    2014-04-24 16:06 - 2014-04-03 09:50 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
    2014-04-24 16:01 - 2014-04-24 16:01 - 00688992 ____R (Swearware) C:\Users\Tyler\Downloads\dds.com
    2014-04-24 16:00 - 2014-04-24 16:04 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\Tyler\Downloads\mbam-setup-2.0.1.1004.exe
    2014-04-24 15:56 - 2014-04-24 15:57 - 04143738 _____ () C:\Users\Tyler\Downloads\tdsskiller.zip
    2014-04-24 15:54 - 2014-04-24 15:55 - 02237968 _____ (Kaspersky Lab ZAO) C:\Users\Tyler\Downloads\tdsskiller.exe
    2014-04-24 15:48 - 2014-04-25 16:29 - 00000109 _____ () C:\Windows\system32\ftsjl.hkb
    2014-04-24 15:32 - 2014-04-24 15:32 - 00301959 ____S () C:\Windows\system32\wauwbt.wgd
    2014-04-24 11:26 - 2014-04-24 11:26 - 00000384 _____ () C:\Users\Tyler\Desktop\Retexture.txt
    2014-04-24 10:35 - 2014-04-25 17:07 - 00000000 ____D () C:\Users\Tyler\Desktop\.minecraft
    2014-04-24 10:31 - 2014-01-31 19:12 - 00000000 ____D () C:\Users\Tyler\Desktop\huzuni
    2014-04-24 10:29 - 2014-04-24 14:40 - 00000000 ____D () C:\Users\Tyler\Desktop\Skins And Edits
    2014-04-24 10:24 - 2014-04-24 10:24 - 06007183 _____ () C:\Users\Tyler\Downloads\huzuni (1).zip
    2014-04-24 10:04 - 2014-04-24 10:04 - 00000000 ____D () C:\Users\Tyler\Desktop\Steve rig
    2014-04-24 10:02 - 2014-04-24 10:02 - 00329420 _____ () C:\Users\Tyler\Downloads\Steve rig.rar
    2014-04-24 09:21 - 2014-04-24 09:21 - 00061440 _____ (Gary's Hood) C:\Users\Tyler\Downloads\rsclient (1).exe
    2014-04-23 23:01 - 2014-04-23 23:01 - 00426754 _____ () C:\Users\Tyler\Downloads\67974_fancyfeet.zip
    2014-04-23 23:01 - 2014-04-23 23:01 - 00426754 _____ () C:\Users\Tyler\Desktop\67974_fancyfeet.zip
    2014-04-23 23:01 - 2013-05-06 18:59 - 02387336 _____ () C:\Users\Tyler\Desktop\fancyFeet.blend
    2014-04-23 22:51 - 2014-04-23 22:50 - 00380128 _____ () C:\Users\Tyler\Desktop\Diamond sword.blend
    2014-04-23 22:50 - 2014-04-23 22:50 - 00380128 _____ () C:\Users\Tyler\Downloads\Diamond sword.blend
    2014-04-23 22:48 - 2013-09-21 16:15 - 38369008 _____ () C:\Users\Tyler\Desktop\the forest with house.blend
    2014-04-23 22:47 - 2014-04-23 22:48 - 11823614 _____ () C:\Users\Tyler\Downloads\70243_the_forest_with_house_2.zip
    2014-04-23 22:45 - 2014-04-23 22:45 - 00124496 _____ () C:\Users\Tyler\Downloads\69856_horse.zip
    2014-04-23 22:45 - 2013-08-24 04:26 - 00615852 _____ () C:\Users\Tyler\Desktop\Horse.blend
    2014-04-23 21:13 - 2014-04-23 21:19 - 00000000 ____D () C:\tmp
    2014-04-23 21:13 - 2014-04-23 21:13 - 00865648 _____ () C:\Users\Tyler\Desktop\girl finished rig.blend
    2014-04-23 20:53 - 2014-04-23 20:53 - 00428924 _____ () C:\Users\Tyler\Desktop\TORCH TREE.blend
    2014-04-23 20:17 - 2014-04-23 20:17 - 00459784 _____ () C:\Users\Tyler\Desktop\Torch tree grass .blend
    2014-04-23 20:12 - 2010-09-04 13:40 - 00408220 _____ () C:\Users\Tyler\Desktop\MinecraftBody_bend.blend
    2014-04-23 20:11 - 2014-04-23 20:11 - 00768255 _____ () C:\Users\Tyler\Downloads\minecraft_blocks.zip
    2014-04-23 20:11 - 2011-12-17 10:28 - 04599992 _____ () C:\Users\Tyler\Desktop\minecraft.blend
    2014-04-23 18:01 - 2014-04-23 18:01 - 02241720 _____ () C:\Users\Tyler\Desktop\Not done.blend
    2014-04-23 17:14 - 2014-04-23 17:14 - 01423652 _____ () C:\Users\Tyler\Desktop\RIG WITH MOVIE MOUFE.blend
    2014-04-23 17:08 - 2014-04-22 16:10 - 00599112 _____ () C:\Users\Tyler\Desktop\Minecraft Rig By Ruffles.blend
    2014-04-23 17:08 - 2014-03-09 10:59 - 01526344 _____ () C:\Users\Tyler\Desktop\Minecraft_Character_Rig - Copy.blend
    2014-04-23 16:40 - 2014-04-23 16:40 - 00655736 _____ () C:\Users\Tyler\Desktop\Girl rig.blend
    2014-04-23 16:05 - 2014-04-23 16:05 - 02472531 _____ () C:\Users\Tyler\Downloads\Rig Pack (Small).zip
    2014-04-22 21:54 - 2014-04-25 17:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Craften Terminal
    2014-04-22 21:54 - 2014-04-25 17:08 - 00000000 ____D () C:\Program Files (x86)\Craften Terminal
    2014-04-22 21:54 - 2014-04-22 22:00 - 00000000 ____D () C:\Users\Tyler\AppData\Roaming\Craften Terminal
    2014-04-22 21:50 - 2014-04-22 21:51 - 16905694 _____ (Craften.de ) C:\Users\Tyler\Downloads\craftenterminal.exe
    2014-04-22 21:49 - 2014-04-22 21:50 - 03090499 _____ () C:\Users\Tyler\Downloads\shaderpacks.rar
    2014-04-22 21:21 - 2014-04-22 21:21 - 02723814 _____ () C:\Users\Tyler\Downloads\forge-1.7.2-10.12.1.1061-installer.jar
    2014-04-22 21:21 - 2014-04-22 21:21 - 02723814 _____ () C:\Users\Tyler\Downloads\forge-1.7.2-10.12.1.1061-installer (1).jar
    2014-04-22 21:19 - 2014-04-22 21:20 - 00058478 _____ () C:\Users\Tyler\Downloads\SEUS_v10.1_preview1.zip
    2014-04-22 21:18 - 2014-04-22 21:18 - 00031109 _____ () C:\Users\Tyler\Downloads\SEUS v10.0 Lite.zip
    2014-04-22 21:16 - 2014-04-22 21:16 - 00390198 _____ () C:\Users\Tyler\Downloads\ShadersMod-v2.3.13mc1.7.4-installer (1).jar
    2014-04-22 21:13 - 2014-04-22 21:13 - 00065038 _____ () C:\Users\Tyler\Downloads\seus-v10.1-Preview2.zip
    2014-04-22 20:44 - 2014-04-22 20:44 - 00040663 _____ () C:\Users\Tyler\Downloads\SEUS v10.0 Ultra DOF.zip
    2014-04-22 19:57 - 2014-04-22 19:57 - 00390198 _____ () C:\Users\Tyler\Downloads\ShadersMod-v2.3.13mc1.7.4-installer.jar
    2014-04-22 18:27 - 2014-04-22 18:27 - 00638748 _____ () C:\Users\Tyler\Desktop\first animation2.blend
    2014-04-22 18:07 - 2014-04-22 18:07 - 00079569 _____ () C:\Users\Tyler\Downloads\MinecraftPlayer.zip
    2014-04-22 17:17 - 2014-03-09 10:59 - 01526344 _____ () C:\Users\Tyler\Desktop\Minecraft_Character_Rig.blend
    2014-04-22 16:47 - 2014-04-22 16:49 - 40220683 _____ () C:\Users\Tyler\Downloads\world1.rar
    2014-04-22 16:43 - 2014-04-22 16:43 - 05301903 _____ () C:\Users\Tyler\Downloads\mineways.zip
    2014-04-22 16:10 - 2014-04-22 16:10 - 00599112 _____ () C:\Users\Tyler\Downloads\Minecraft Rig By Ruffles.blend
    2014-04-22 16:03 - 2014-04-22 16:03 - 00120162 _____ () C:\Users\Tyler\Downloads\MinecraftBody.blend.zip
    2014-04-22 16:01 - 2014-04-22 16:02 - 09469166 _____ () C:\Users\Tyler\Downloads\Blender_Minecraft_Rig.zip
    2014-04-22 03:01 - 2014-03-06 03:57 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
    2014-04-22 03:01 - 2014-03-06 03:32 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
    2014-04-22 03:01 - 2014-03-06 03:02 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
    2014-04-22 03:01 - 2014-03-06 02:40 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
    2014-04-22 03:00 - 2014-03-06 05:21 - 23549440 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
    2014-04-22 03:00 - 2014-03-06 04:32 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
    2014-04-22 03:00 - 2014-03-06 04:31 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
    2014-04-22 03:00 - 2014-03-06 04:19 - 17387008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
    2014-04-22 03:00 - 2014-03-06 03:59 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
    2014-04-22 03:00 - 2014-03-06 03:57 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
    2014-04-22 03:00 - 2014-03-06 03:53 - 02767360 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
    2014-04-22 03:00 - 2014-03-06 03:40 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
    2014-04-22 03:00 - 2014-03-06 03:39 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
    2014-04-22 03:00 - 2014-03-06 03:32 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
    2014-04-22 03:00 - 2014-03-06 03:29 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
    2014-04-22 03:00 - 2014-03-06 03:29 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
    2014-04-22 03:00 - 2014-03-06 03:28 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
    2014-04-22 03:00 - 2014-03-06 03:15 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
    2014-04-22 03:00 - 2014-03-06 03:11 - 05784064 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
    2014-04-22 03:00 - 2014-03-06 03:09 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
    2014-04-22 03:00 - 2014-03-06 03:03 - 00586240 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
    2014-04-22 03:00 - 2014-03-06 03:02 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
    2014-04-22 03:00 - 2014-03-06 03:01 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
    2014-04-22 03:00 - 2014-03-06 02:56 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
    2014-04-22 03:00 - 2014-03-06 02:48 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
    2014-04-22 03:00 - 2014-03-06 02:47 - 02178048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
    2014-04-22 03:00 - 2014-03-06 02:46 - 04254720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
    2014-04-22 03:00 - 2014-03-06 02:46 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
    2014-04-22 03:00 - 2014-03-06 02:45 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
    2014-04-22 03:00 - 2014-03-06 02:42 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
    2014-04-22 03:00 - 2014-03-06 02:38 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
    2014-04-22 03:00 - 2014-03-06 02:36 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
    2014-04-22 03:00 - 2014-03-06 02:22 - 00367616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
    2014-04-22 03:00 - 2014-03-06 02:21 - 00628736 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
    2014-04-22 03:00 - 2014-03-06 02:13 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
    2014-04-22 03:00 - 2014-03-06 02:11 - 02043904 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
    2014-04-22 03:00 - 2014-03-06 02:07 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
    2014-04-22 03:00 - 2014-03-06 02:01 - 00244224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
    2014-04-22 03:00 - 2014-03-06 01:53 - 13551104 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
    2014-04-22 03:00 - 2014-03-06 01:46 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
    2014-04-22 03:00 - 2014-03-06 01:40 - 01967104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
    2014-04-22 03:00 - 2014-03-06 01:36 - 11745792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
    2014-04-22 03:00 - 2014-03-06 01:22 - 02260480 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
    2014-04-22 03:00 - 2014-03-06 00:58 - 01400832 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
    2014-04-22 03:00 - 2014-03-06 00:50 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
    2014-04-22 03:00 - 2014-03-06 00:43 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
    2014-04-22 03:00 - 2014-03-06 00:41 - 01789440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
    2014-04-22 03:00 - 2014-03-06 00:36 - 01143808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
    2014-04-19 02:59 - 2014-04-19 02:59 - 00000220 _____ () C:\Users\Tyler\Desktop\Garry's Mod.url
    2014-04-18 15:01 - 2014-04-18 15:01 - 00237336 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgidsdrivera.sys
    2014-04-15 17:02 - 2014-04-15 17:02 - 00450470 _____ () C:\Users\Tyler\Downloads\Claw_v5.4.7-1.zip
    2014-04-15 16:56 - 2014-04-15 16:56 - 00299562 _____ () C:\Users\Tyler\Downloads\Bartender4-4.5.13.2.zip
    2014-04-14 22:25 - 2014-04-14 22:25 - 00000222 _____ () C:\Users\Tyler\Desktop\Loadout.url
    2014-04-14 22:24 - 2014-04-14 22:24 - 00000222 _____ () C:\Users\Tyler\Desktop\The Mighty Quest For Epic Loot.url
    2014-04-09 16:47 - 2014-03-04 04:44 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
    2014-04-09 16:47 - 2014-03-04 04:44 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
    2014-04-09 16:47 - 2014-03-04 04:44 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
    2014-04-09 16:47 - 2014-03-04 04:44 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
    2014-04-09 16:47 - 2014-03-04 04:44 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
    2014-04-09 16:47 - 2014-03-04 04:17 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
    2014-04-09 16:47 - 2014-03-04 04:16 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
    2014-04-09 16:47 - 2014-03-04 04:16 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
    2014-04-09 16:47 - 2014-03-04 04:16 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
    2014-04-09 16:47 - 2014-03-04 03:09 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
    2014-04-09 16:47 - 2014-03-04 03:09 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
    2014-04-09 16:47 - 2014-02-03 21:35 - 00274880 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys
    2014-04-09 16:47 - 2014-02-03 21:35 - 00190912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
    2014-04-09 16:47 - 2014-02-03 21:35 - 00027584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Diskdump.sys
    2014-04-09 16:47 - 2014-02-03 21:28 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\iologmsg.dll
    2014-04-09 16:47 - 2014-02-03 21:00 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iologmsg.dll
    2014-04-09 16:47 - 2014-01-23 21:37 - 01684928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
    2014-04-07 10:07 - 2014-04-25 16:30 - 00003186 _____ () C:\Windows\System32\Tasks\HPCeeScheduleForTyler
    2014-04-07 10:07 - 2014-04-25 16:30 - 00000332 _____ () C:\Windows\Tasks\HPCeeScheduleForTyler.job
    2014-04-02 17:12 - 2014-04-02 17:13 - 752450561 _____ () C:\Users\Tyler\Downloads\CSS Content Addon (1).zip
    2014-04-02 16:49 - 2014-04-02 17:39 - 752450561 _____ () C:\Users\Tyler\Downloads\CSS Content Addon.zip
    2014-03-31 16:20 - 2014-03-31 16:20 - 00274200 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgtdia.sys
    2014-03-31 16:06 - 2014-03-31 16:06 - 00130840 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgmfx64.sys
    2014-03-31 09:37 - 2014-04-25 17:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG

    ==================== One Month Modified Files and Folders =======

    2014-04-27 21:02 - 2014-04-27 21:02 - 02061824 _____ (Farbar) C:\Users\Tyler\Downloads\FRST64 (1).exe
    2014-04-27 21:02 - 2014-04-27 21:02 - 00000000 _____ () C:\Users\Tyler\Downloads\FRST.txt
    2014-04-27 21:02 - 2014-04-24 16:38 - 00000000 ____D () C:\FRST
    2014-04-27 21:01 - 2011-12-27 21:43 - 00000000 ____D () C:\Users\Tyler\AppData\Local\CrashDumps
    2014-04-27 21:00 - 2014-04-27 21:00 - 00000000 _____ () C:\Users\Tyler\Downloads\Unconfirmed 252223.crdownload
    2014-04-27 20:57 - 2014-04-25 15:54 - 00000248 _____ () C:\Windows\SysWOW64\PARTIZAN.TXT
    2014-04-25 22:58 - 2014-04-25 19:20 - 00000080 _____ () C:\Windows\system32\qutwe.enh
    2014-04-25 22:50 - 2013-02-19 18:37 - 00000000 ____D () C:\Users\Tyler\AppData\Roaming\Skype
    2014-04-25 22:48 - 2014-04-25 20:36 - 00001184 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
    2014-04-25 22:48 - 2014-04-25 20:36 - 00001184 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
    2014-04-25 22:23 - 2012-12-27 17:32 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
    2014-04-25 22:20 - 2014-03-26 21:09 - 00000896 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
    2014-04-25 22:10 - 2014-04-24 16:06 - 00001068 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
    2014-04-25 22:10 - 2014-04-24 16:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
    2014-04-25 22:10 - 2014-04-24 16:06 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
    2014-04-25 22:08 - 2014-04-25 22:08 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\Tyler\Downloads\mbam-setup-2.0.1.1004 (1).exe
    2014-04-25 22:00 - 2011-12-05 15:09 - 01984858 _____ () C:\Windows\WindowsUpdate.log
    2014-04-25 21:19 - 2012-01-12 17:13 - 00000000 ____D () C:\Users\Tyler\AppData\Local\PMB Files
    2014-04-25 20:49 - 2013-12-11 20:31 - 00000000 ____D () C:\Users\Tyler\AppData\Roaming\GameTracker
    2014-04-25 20:48 - 2014-04-24 16:22 - 00000494 _____ () C:\Windows\Tasks\ParetoLogic Update Version3 Startup Task.job
    2014-04-25 20:48 - 2014-04-24 16:22 - 00000460 _____ () C:\Windows\Tasks\RegCure Pro Startup.job
    2014-04-25 20:48 - 2014-03-26 21:09 - 00000892 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
    2014-04-25 20:48 - 2009-07-14 00:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
    2014-04-25 20:48 - 2009-07-13 23:51 - 00058408 _____ () C:\Windows\setupact.log
    2014-04-25 20:37 - 2014-04-25 20:37 - 00002709 _____ () C:\Users\Tyler\Downloads\legitcheck.hta
    2014-04-25 20:36 - 2014-04-25 20:36 - 00000552 _____ () C:\Windows\system32\spsys.log
    2014-04-25 20:33 - 2014-04-25 20:33 - 00000064 _____ () C:\Windows\system32\ahxv.iay
    2014-04-25 20:32 - 2014-04-25 20:29 - 00000000 ____D () C:\AdwCleaner
    2014-04-25 20:30 - 2014-04-25 20:29 - 03972608 _____ () C:\Users\Tyler\Downloads\RogueKiller (1).exe
    2014-04-25 20:28 - 2014-04-25 20:28 - 01365865 _____ () C:\Users\Tyler\Downloads\adwcleaner.exe
    2014-04-25 19:26 - 2011-12-25 23:18 - 00000000 ____D () C:\Program Files (x86)\Steam
    2014-04-25 18:00 - 2012-07-22 13:24 - 00000000 ____D () C:\ProgramData\MFAData
    2014-04-25 17:33 - 2011-12-25 12:07 - 00003906 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{9A999F69-E7F5-46AE-BABB-6D4D37850F74}
    2014-04-25 17:12 - 2013-08-23 14:11 - 00000000 ____D () C:\Users\Tyler\AppData\Roaming\Arc
    2014-04-25 17:08 - 2014-04-25 16:14 - 00000000 ____D () C:\ProgramData\SecTaskMan
    2014-04-25 17:08 - 2014-04-25 16:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Security Task Manager
    2014-04-25 17:08 - 2014-04-25 16:14 - 00000000 ____D () C:\Program Files (x86)\Security Task Manager
    2014-04-25 17:08 - 2014-04-24 21:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UnHackMe
    2014-04-25 17:08 - 2014-04-24 21:00 - 00000000 ____D () C:\Program Files (x86)\UnHackMe
    2014-04-25 17:08 - 2014-04-22 21:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Craften Terminal
    2014-04-25 17:08 - 2014-04-22 21:54 - 00000000 ____D () C:\Program Files (x86)\Craften Terminal
    2014-04-25 17:08 - 2014-03-31 09:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
    2014-04-25 17:08 - 2014-03-12 03:25 - 00000000 ___RD () C:\Program Files (x86)\Skype
    2014-04-25 17:08 - 2012-03-22 20:42 - 00000000 ____D () C:\.jagex_cache_32
    2014-04-25 17:08 - 2012-01-12 17:13 - 00000000 ____D () C:\ProgramData\PMB Files
    2014-04-25 17:08 - 2009-07-14 00:32 - 00000000 ____D () C:\Program Files\Windows Defender
    2014-04-25 17:07 - 2014-04-24 21:01 - 00000000 ____D () C:\Users\Tyler\Documents\RegRun2
    2014-04-25 17:07 - 2014-04-24 16:51 - 00000000 ____D () C:\Users\Tyler\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpyHunter
    2014-04-25 17:07 - 2014-04-24 16:18 - 00000000 ____D () C:\Users\Tyler\Desktop\RK_Quarantine
    2014-04-25 17:07 - 2014-04-24 10:35 - 00000000 ____D () C:\Users\Tyler\Desktop\.minecraft
    2014-04-25 17:07 - 2013-03-13 15:27 - 00000000 ____D () C:\Users\Tyler\AppData\Roaming\.minecraft
    2014-04-25 17:07 - 2011-12-25 11:12 - 00000000 ____D () C:\Users\Tyler
    2014-04-25 17:07 - 2010-11-21 02:16 - 00000000 ___RD () C:\Users\Public\Recorded TV
    2014-04-25 17:07 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\system32\sysprep
    2014-04-25 17:07 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\rescache
    2014-04-25 17:07 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\registration
    2014-04-25 17:07 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
    2014-04-25 17:07 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\AppCompat
    2014-04-25 16:30 - 2014-04-07 10:07 - 00003186 _____ () C:\Windows\System32\Tasks\HPCeeScheduleForTyler
    2014-04-25 16:30 - 2014-04-07 10:07 - 00000332 _____ () C:\Windows\Tasks\HPCeeScheduleForTyler.job
    2014-04-25 16:29 - 2014-04-24 15:48 - 00000109 _____ () C:\Windows\system32\ftsjl.hkb
    2014-04-25 16:13 - 2014-04-25 16:13 - 02365840 _____ () C:\Users\Tyler\Downloads\SecurityTaskManager_Setup.exe
    2014-04-25 16:03 - 2014-04-24 16:22 - 00000563 _____ () C:\Windows\Tasks\RegCure Pro_sch_98CD0C73-CBF6-11E3-9F42-3860770FA3CC.job
    2014-04-25 15:54 - 2010-11-20 22:47 - 01014184 _____ () C:\Windows\PFRO.log
    2014-04-24 21:38 - 2014-04-24 21:38 - 00040720 _____ (Greatis Software) C:\Windows\system32\Partizan.exe
    2014-04-24 21:38 - 2014-04-24 21:38 - 00000081 _____ () C:\Windows\system32\Partizan.RRI
    2014-04-24 21:07 - 2014-04-24 21:01 - 00000000 ____D () C:\Users\Public\Documents\regruninfo
    2014-04-24 21:01 - 2014-04-24 21:01 - 00035816 _____ (Greatis Software) C:\Windows\SysWOW64\Drivers\Partizan.sys
    2014-04-24 21:01 - 2014-04-24 21:01 - 00003314 _____ () C:\Windows\System32\Tasks\UnHackMe Task Scheduler
    2014-04-24 21:01 - 2014-04-24 21:01 - 00000973 _____ () C:\Users\Tyler\Desktop\UnHackMe.lnk
    2014-04-24 21:01 - 2014-04-24 21:01 - 00000002 RSHOT () C:\Windows\winstart.bat
    2014-04-24 21:01 - 2014-04-24 21:01 - 00000002 RSHOT () C:\Windows\SysWOW64\CONFIG.NT
    2014-04-24 21:01 - 2014-04-24 21:01 - 00000002 RSHOT () C:\Windows\SysWOW64\AUTOEXEC.NT
    2014-04-24 21:00 - 2014-04-24 20:59 - 15295838 _____ () C:\Users\Tyler\Downloads\unhackme.zip
    2014-04-24 20:19 - 2014-01-30 18:51 - 00000258 __RSH () C:\ProgramData\ntuser.pol
    2014-04-24 17:20 - 2009-07-14 00:32 - 00000000 ____D () C:\Windows\Performance
    2014-04-24 16:52 - 2014-04-24 16:52 - 00000000 _____ () C:\autoexec.bat
    2014-04-24 16:51 - 2014-04-24 16:51 - 00002260 _____ () C:\Users\Tyler\Desktop\SpyHunter.lnk
    2014-04-24 16:51 - 2014-04-24 16:51 - 00000000 ____D () C:\sh4ldr
    2014-04-24 16:51 - 2014-04-24 16:51 - 00000000 ____D () C:\Program Files\Enigma Software Group
    2014-04-24 16:50 - 2014-04-24 16:50 - 00000859 _____ () C:\Users\Public\Desktop\Resume Reimage Repair Installation.lnk
    2014-04-24 16:50 - 2014-04-24 16:49 - 00000099 _____ () C:\Windows\Reimage.ini
    2014-04-24 16:49 - 2014-04-24 16:49 - 00797552 _____ (Reimage®) C:\Users\Tyler\Downloads\ReimageRepair.exe
    2014-04-24 16:43 - 2014-04-24 16:41 - 00058230 _____ () C:\Users\Tyler\Desktop\Addition.txt
    2014-04-24 16:43 - 2014-04-24 16:38 - 00075834 _____ () C:\Users\Tyler\Desktop\FRST.txt
    2014-04-24 16:42 - 2014-04-24 16:42 - 00728960 _____ (Enigma Software Group USA, LLC.) C:\Users\Tyler\Downloads\SpyHunter-Installer (2).exe
    2014-04-24 16:37 - 2014-04-24 16:37 - 02061824 _____ (Farbar) C:\Users\Tyler\Desktop\FRST64.exe
    2014-04-24 16:37 - 2014-04-24 16:36 - 02061824 _____ (Farbar) C:\Users\Tyler\Downloads\FRST64.exe
    2014-04-24 16:23 - 2014-04-24 16:22 - 00002920 _____ () C:\Windows\System32\Tasks\ParetoLogic Update Version3 Startup Task
    2014-04-24 16:23 - 2014-04-24 16:22 - 00002614 _____ () C:\Windows\System32\Tasks\RegCure Pro Startup
    2014-04-24 16:22 - 2014-04-24 16:22 - 00003986 _____ () C:\Windows\System32\Tasks\RegCure Pro_sch_98CD0C73-CBF6-11E3-9F42-3860770FA3CC
    2014-04-24 16:22 - 2014-04-24 16:22 - 00001156 _____ () C:\Users\Tyler\Desktop\RegCure Pro.lnk
    2014-04-24 16:22 - 2014-04-24 16:21 - 06742552 _____ (ParetoLogic, Inc.) C:\Users\Tyler\Downloads\RegCureProSetup.exe
    2014-04-24 16:22 - 2014-04-24 16:13 - 10971424 _____ (SurfRight B.V.) C:\Users\Tyler\Downloads\HitmanPro_x64.exe
    2014-04-24 16:21 - 2014-04-24 16:21 - 00728960 _____ (Enigma Software Group USA, LLC.) C:\Users\Tyler\Downloads\SpyHunter-Installer (1).exe
    2014-04-24 16:20 - 2014-04-24 16:20 - 00001205 _____ () C:\Users\Tyler\Downloads\FixNCR.reg
    2014-04-24 16:16 - 2014-04-24 16:16 - 00000000 ____D () C:\ProgramData\HitmanPro
    2014-04-24 16:16 - 2014-04-24 16:15 - 07302320 _____ () C:\Users\Tyler\Downloads\bitdefender_tsecurity.exe
    2014-04-24 16:14 - 2014-04-24 16:14 - 03972608 _____ () C:\Users\Tyler\Downloads\RogueKiller.exe
    2014-04-24 16:14 - 2014-04-24 16:13 - 10094400 _____ (SurfRight B.V.) C:\Users\Tyler\Downloads\HitmanPro.exe
    2014-04-24 16:07 - 2014-04-24 16:06 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
    2014-04-24 16:06 - 2014-04-24 16:06 - 00025815 _____ () C:\Users\Tyler\Desktop\dds.txt
    2014-04-24 16:06 - 2014-04-24 16:06 - 00012514 _____ () C:\Users\Tyler\Desktop\attach.txt
    2014-04-24 16:06 - 2013-11-05 17:36 - 00000000 ____D () C:\ProgramData\Malwarebytes
    2014-04-24 16:04 - 2014-04-24 16:00 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\Tyler\Downloads\mbam-setup-2.0.1.1004.exe
    2014-04-24 16:03 - 2013-03-17 13:50 - 00000023 _____ () C:\Users\Tyler\jagexappletviewer.preferences
    2014-04-24 16:01 - 2014-04-24 16:01 - 00688992 ____R (Swearware) C:\Users\Tyler\Downloads\dds.com
    2014-04-24 15:57 - 2014-04-24 15:56 - 04143738 _____ () C:\Users\Tyler\Downloads\tdsskiller.zip
    2014-04-24 15:56 - 2011-12-25 12:23 - 00000044 _____ () C:\Users\Tyler\jagex_cl_runescape_LIVE.dat
    2014-04-24 15:55 - 2014-04-24 15:54 - 02237968 _____ (Kaspersky Lab ZAO) C:\Users\Tyler\Downloads\tdsskiller.exe
    2014-04-24 15:32 - 2014-04-24 15:32 - 00301959 ____S () C:\Windows\system32\wauwbt.wgd
    2014-04-24 14:40 - 2014-04-24 10:29 - 00000000 ____D () C:\Users\Tyler\Desktop\Skins And Edits
    2014-04-24 11:26 - 2014-04-24 11:26 - 00000384 _____ () C:\Users\Tyler\Desktop\Retexture.txt
    2014-04-24 10:24 - 2014-04-24 10:24 - 06007183 _____ () C:\Users\Tyler\Downloads\huzuni (1).zip
    2014-04-24 10:04 - 2014-04-24 10:04 - 00000000 ____D () C:\Users\Tyler\Desktop\Steve rig
    2014-04-24 10:02 - 2014-04-24 10:02 - 00329420 _____ () C:\Users\Tyler\Downloads\Steve rig.rar
    2014-04-24 09:31 - 2013-09-20 13:10 - 00000927 _____ () C:\Users\Public\Desktop\AVG 2014.lnk
    2014-04-24 09:21 - 2014-04-24 09:21 - 00061440 _____ (Gary's Hood) C:\Users\Tyler\Downloads\rsclient (1).exe
    2014-04-24 08:41 - 2012-03-17 11:16 - 00000045 _____ () C:\Users\Tyler\jagex_cl_runescape_LIVE1.dat
    2014-04-23 23:01 - 2014-04-23 23:01 - 00426754 _____ () C:\Users\Tyler\Downloads\67974_fancyfeet.zip
    2014-04-23 23:01 - 2014-04-23 23:01 - 00426754 _____ () C:\Users\Tyler\Desktop\67974_fancyfeet.zip
    2014-04-23 22:50 - 2014-04-23 22:51 - 00380128 _____ () C:\Users\Tyler\Desktop\Diamond sword.blend
    2014-04-23 22:50 - 2014-04-23 22:50 - 00380128 _____ () C:\Users\Tyler\Downloads\Diamond sword.blend
    2014-04-23 22:48 - 2014-04-23 22:47 - 11823614 _____ () C:\Users\Tyler\Downloads\70243_the_forest_with_house_2.zip
    2014-04-23 22:45 - 2014-04-23 22:45 - 00124496 _____ () C:\Users\Tyler\Downloads\69856_horse.zip
    2014-04-23 21:19 - 2014-04-23 21:13 - 00000000 ____D () C:\tmp
    2014-04-23 21:13 - 2014-04-23 21:13 - 00865648 _____ () C:\Users\Tyler\Desktop\girl finished rig.blend
    2014-04-23 20:53 - 2014-04-23 20:53 - 00428924 _____ () C:\Users\Tyler\Desktop\TORCH TREE.blend
    2014-04-23 20:17 - 2014-04-23 20:17 - 00459784 _____ () C:\Users\Tyler\Desktop\Torch tree grass .blend
    2014-04-23 20:11 - 2014-04-23 20:11 - 00768255 _____ () C:\Users\Tyler\Downloads\minecraft_blocks.zip
    2014-04-23 18:01 - 2014-04-23 18:01 - 02241720 _____ () C:\Users\Tyler\Desktop\Not done.blend
    2014-04-23 17:14 - 2014-04-23 17:14 - 01423652 _____ () C:\Users\Tyler\Desktop\RIG WITH MOVIE MOUFE.blend
    2014-04-23 16:40 - 2014-04-23 16:40 - 00655736 _____ () C:\Users\Tyler\Desktop\Girl rig.blend
    2014-04-23 16:05 - 2014-04-23 16:05 - 02472531 _____ () C:\Users\Tyler\Downloads\Rig Pack (Small).zip
    2014-04-22 22:00 - 2014-04-22 21:54 - 00000000 ____D () C:\Users\Tyler\AppData\Roaming\Craften Terminal
    2014-04-22 21:51 - 2014-04-22 21:50 - 16905694 _____ (Craften.de ) C:\Users\Tyler\Downloads\craftenterminal.exe
    2014-04-22 21:50 - 2014-04-22 21:49 - 03090499 _____ () C:\Users\Tyler\Downloads\shaderpacks.rar
    2014-04-22 21:21 - 2014-04-22 21:21 - 02723814 _____ () C:\Users\Tyler\Downloads\forge-1.7.2-10.12.1.1061-installer.jar
    2014-04-22 21:21 - 2014-04-22 21:21 - 02723814 _____ () C:\Users\Tyler\Downloads\forge-1.7.2-10.12.1.1061-installer (1).jar
    2014-04-22 21:20 - 2014-04-22 21:19 - 00058478 _____ () C:\Users\Tyler\Downloads\SEUS_v10.1_preview1.zip
    2014-04-22 21:18 - 2014-04-22 21:18 - 00031109 _____ () C:\Users\Tyler\Downloads\SEUS v10.0 Lite.zip
    2014-04-22 21:16 - 2014-04-22 21:16 - 00390198 _____ () C:\Users\Tyler\Downloads\ShadersMod-v2.3.13mc1.7.4-installer (1).jar
    2014-04-22 21:13 - 2014-04-22 21:13 - 00065038 _____ () C:\Users\Tyler\Downloads\seus-v10.1-Preview2.zip
    2014-04-22 20:44 - 2014-04-22 20:44 - 00040663 _____ () C:\Users\Tyler\Downloads\SEUS v10.0 Ultra DOF.zip
    2014-04-22 19:57 - 2014-04-22 19:57 - 00390198 _____ () C:\Users\Tyler\Downloads\ShadersMod-v2.3.13mc1.7.4-installer.jar
    2014-04-22 18:27 - 2014-04-22 18:27 - 00638748 _____ () C:\Users\Tyler\Desktop\first animation2.blend
    2014-04-22 18:07 - 2014-04-22 18:07 - 00079569 _____ () C:\Users\Tyler\Downloads\MinecraftPlayer.zip
    2014-04-22 16:49 - 2014-04-22 16:47 - 40220683 _____ () C:\Users\Tyler\Downloads\world1.rar
    2014-04-22 16:43 - 2014-04-22 16:43 - 05301903 _____ () C:\Users\Tyler\Downloads\mineways.zip
    2014-04-22 16:10 - 2014-04-23 17:08 - 00599112 _____ () C:\Users\Tyler\Desktop\Minecraft Rig By Ruffles.blend
    2014-04-22 16:10 - 2014-04-22 16:10 - 00599112 _____ () C:\Users\Tyler\Downloads\Minecraft Rig By Ruffles.blend
    2014-04-22 16:03 - 2014-04-22 16:03 - 00120162 _____ () C:\Users\Tyler\Downloads\MinecraftBody.blend.zip
    2014-04-22 16:02 - 2014-04-22 16:01 - 09469166 _____ () C:\Users\Tyler\Downloads\Blender_Minecraft_Rig.zip
    2014-04-21 10:29 - 2012-01-02 17:28 - 00000000 _____ () C:\Windows\system32\HP_ActiveX_Patch_NOT_DETECTED.txt
    2014-04-21 10:29 - 2011-12-26 17:25 - 00000052 _____ () C:\Windows\SysWOW64\DOErrors.log
    2014-04-19 02:59 - 2014-04-19 02:59 - 00000220 _____ () C:\Users\Tyler\Desktop\Garry's Mod.url
    2014-04-19 02:59 - 2011-12-25 23:57 - 00000000 ____D () C:\Users\Tyler\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
    2014-04-19 02:53 - 2011-12-25 23:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
    2014-04-18 15:01 - 2014-04-18 15:01 - 00237336 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgidsdrivera.sys
    2014-04-16 19:36 - 2013-07-29 12:26 - 00000000 ____D () C:\Users\Tyler\AppData\Local\Paint.NET
    2014-04-15 17:02 - 2014-04-15 17:02 - 00450470 _____ () C:\Users\Tyler\Downloads\Claw_v5.4.7-1.zip
    2014-04-15 17:01 - 2012-03-12 20:17 - 00000000 ____D () C:\Program Files (x86)\World of Warcraft
    2014-04-15 16:56 - 2014-04-15 16:56 - 00299562 _____ () C:\Users\Tyler\Downloads\Bartender4-4.5.13.2.zip
    2014-04-14 22:25 - 2014-04-14 22:25 - 00000222 _____ () C:\Users\Tyler\Desktop\Loadout.url
    2014-04-14 22:24 - 2014-04-14 22:24 - 00000222 _____ () C:\Users\Tyler\Desktop\The Mighty Quest For Epic Loot.url
    2014-04-14 21:46 - 2012-07-06 19:12 - 00000049 _____ () C:\Users\Tyler\jagex_cl_runescape_LIVE_BETA.dat
    2014-04-10 07:03 - 2009-07-14 00:13 - 00797760 _____ () C:\Windows\system32\PerfStringBackup.INI
    2014-04-10 03:04 - 2013-01-12 15:19 - 00000000 ____D () C:\ProgramData\Microsoft Help
    2014-04-10 03:03 - 2013-07-23 03:04 - 00000000 ____D () C:\Windows\system32\MRT
    2014-04-10 03:01 - 2012-05-16 19:52 - 90655440 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
    2014-04-09 20:23 - 2014-03-26 21:11 - 00002145 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
    2014-04-03 09:51 - 2014-04-24 16:06 - 00088280 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
    2014-04-03 09:51 - 2014-04-24 16:06 - 00063192 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
    2014-04-03 09:50 - 2014-04-24 16:06 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
    2014-04-02 17:39 - 2014-04-02 16:49 - 752450561 _____ () C:\Users\Tyler\Downloads\CSS Content Addon.zip
    2014-04-02 17:13 - 2014-04-02 17:12 - 752450561 _____ () C:\Users\Tyler\Downloads\CSS Content Addon (1).zip
    2014-03-31 22:26 - 2013-12-17 21:50 - 00000000 ____D () C:\Users\Tyler\AppData\Roaming\TS3Client
    2014-03-31 16:20 - 2014-03-31 16:20 - 00274200 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgtdia.sys
    2014-03-31 16:06 - 2014-03-31 16:06 - 00130840 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgmfx64.sys
    2014-03-28 15:52 - 2014-03-26 21:11 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
    2014-03-28 15:52 - 2014-03-26 20:48 - 00000000 ____D () C:\Users\Tyler\Downloads\DuckLife 4 - PrimaryGames - Play Free Kids Games Online_files
    2014-03-28 15:52 - 2014-03-25 08:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KingsIsle Entertainment
    2014-03-28 15:52 - 2013-07-17 01:47 - 00000000 ____D () C:\Program Files (x86)\Hi-Rez Studios
    2014-03-28 14:15 - 2014-03-26 21:09 - 00003892 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
    2014-03-28 14:15 - 2014-03-26 21:09 - 00003640 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
    2014-03-28 13:01 - 2014-04-24 21:01 - 00012800 _____ (Greatis Software, LLC.) C:\Windows\SysWOW64\Drivers\UnHackMeDrv.sys

    ZeroAccess:
    C:\$Recycle.Bin\S-1-5-21-2418007413-1503170158-2542834103-1001\$491bf2fdbe13adfc8b32742857159ae4

    ZeroAccess:
    C:\$Recycle.Bin\S-1-5-18\$491bf2fdbe13adfc8b32742857159ae4

    Files to move or delete:
    ====================
    C:\Users\Tyler\arvast_cl_arvast_LIVE.dat
    C:\Users\Tyler\cache.dat
    C:\Users\Tyler\citellum_cl_citellum_Core.dat
    C:\Users\Tyler\dementhium_runescape_preferences.dat
    C:\Users\Tyler\dementhium_runescape_preferences2.dat
    C:\Users\Tyler\dementhium__preferences3.dat
    C:\Users\Tyler\DustScape_cl_DustScape_LIVE.dat
    C:\Users\Tyler\DustScape_cl_DustScape_LIVE1.dat
    C:\Users\Tyler\faem_runescape_preferences.dat
    C:\Users\Tyler\faem_runescape_preferences2.dat
    C:\Users\Tyler\hectate_cl_hectate_LIVE.dat
    C:\Users\Tyler\jagex_cl_loginapplet_LIVE.dat
    C:\Users\Tyler\jagex_cl_oldschool_LIVE.dat
    C:\Users\Tyler\jagex_cl_runescape_LIVE.dat
    C:\Users\Tyler\jagex_cl_runescape_LIVE1.dat
    C:\Users\Tyler\jagex_cl_runescape_LIVE2.dat
    C:\Users\Tyler\jagex_cl_runescape_LIVE_BETA.dat
    C:\Users\Tyler\jagex_Runescape_preferences.dat
    C:\Users\Tyler\jagex_runescape_preferences2.dat
    C:\Users\Tyler\jagex__preferences3.dat
    C:\Users\Tyler\matrixii_cl_matrix_LIVE.dat
    C:\Users\Tyler\matrix_cl_matrix_LIVE.dat
    C:\Users\Tyler\matrix_cl_ProjectPk's_LIVE.dat
    C:\Users\Tyler\noregret_cl_obscurescape_LIVE.dat
    C:\Users\Tyler\novatier_cl_novatier_LIVE.dat
    C:\Users\Tyler\novatier_cl_novatier_LIVE1.dat
    C:\Users\Tyler\NT742evolution_cache.dat
    C:\Users\Tyler\PlayWorldF2P_cl_PlayWorld_Core.dat
    C:\Users\Tyler\random.dat
    C:\Users\Tyler\rb_cl_runerebellion_LIVE.dat
    C:\Users\Tyler\runelovepk_runescape_preferences.dat
    C:\Users\Tyler\runelovepk_runescape_preferences2.dat
    C:\Users\Tyler\runez_cl_runez_LIVE.dat
    C:\Users\Tyler\rune_evo_evolution_cache.dat
    C:\Users\Tyler\sevador_cl_sevador_LIVE.dat
    C:\Users\Tyler\siriusxcacheSiriusX_LIVE.dat
    C:\Users\Tyler\systemid.dat
    C:\Users\Tyler\varcus_cl_varcus_LIVE.dat


    Some content of TEMP:
    ====================
    C:\Users\Tyler\AppData\Local\Temp\13-4_win7_win8_64_dd_ccc_whql.exe
    C:\Users\Tyler\AppData\Local\Temp\BackupSetup.exe
    C:\Users\Tyler\AppData\Local\Temp\bdfilters.dll
    C:\Users\Tyler\AppData\Local\Temp\BRSVC_735530190_hlp.exe
    C:\Users\Tyler\AppData\Local\Temp\FastFreeConverterUpdt_v5.5.exe
    C:\Users\Tyler\AppData\Local\Temp\helper.exe
    C:\Users\Tyler\AppData\Local\Temp\hpmon.exe
    C:\Users\Tyler\AppData\Local\Temp\jre-7u13-windows-i586-iftw.exe
    C:\Users\Tyler\AppData\Local\Temp\jre-7u17-windows-i586-iftw.exe
    C:\Users\Tyler\AppData\Local\Temp\jre-7u21-windows-i586-iftw.exe
    C:\Users\Tyler\AppData\Local\Temp\jre-7u25-windows-i586-iftw.exe
    C:\Users\Tyler\AppData\Local\Temp\oi_{9D82B000-28E5-4080-B521-C9C46C6413EC}.exe
    C:\Users\Tyler\AppData\Local\Temp\oi_{AD4A7C81-7A9D-4276-9E8D-9C73AC39C221}.exe
    C:\Users\Tyler\AppData\Local\Temp\PreferencesJson.exe
    C:\Users\Tyler\AppData\Local\Temp\Quarantine.exe
    C:\Users\Tyler\AppData\Local\Temp\SHSetup.exe
    C:\Users\Tyler\AppData\Local\Temp\SkypeSetup.exe
    C:\Users\Tyler\AppData\Local\Temp\sonarinst.exe
    C:\Users\Tyler\AppData\Local\Temp\sp64126.exe
    C:\Users\Tyler\AppData\Local\Temp\sqlite-3.7.2-sqlitejdbc.dll
    C:\Users\Tyler\AppData\Local\Temp\sqlite3.exe
    C:\Users\Tyler\AppData\Local\Temp\SRLDetectionLibrary4001278945192002940.dll
    C:\Users\Tyler\AppData\Local\Temp\swt-win32-3740.dll
    C:\Users\Tyler\AppData\Local\Temp\uninst1.exe
    C:\Users\Tyler\AppData\Local\Temp\UninstallHPSA.exe
    C:\Users\Tyler\AppData\Local\Temp\WSSetup.exe


    ==================== Bamital & volsnap Check =================

    C:\Windows\System32\winlogon.exe => MD5 is legit
    C:\Windows\System32\wininit.exe => MD5 is legit
    C:\Windows\SysWOW64\wininit.exe => MD5 is legit
    C:\Windows\explorer.exe => MD5 is legit
    C:\Windows\SysWOW64\explorer.exe => MD5 is legit
    C:\Windows\System32\svchost.exe => MD5 is legit
    C:\Windows\SysWOW64\svchost.exe => MD5 is legit
    C:\Windows\System32\services.exe => MD5 is legit
    C:\Windows\System32\User32.dll => MD5 is legit
    C:\Windows\SysWOW64\User32.dll => MD5 is legit
    C:\Windows\System32\userinit.exe => MD5 is legit
    C:\Windows\SysWOW64\userinit.exe => MD5 is legit
    C:\Windows\System32\rpcss.dll
    [2010-11-20 22:24] - [2010-11-20 22:24] - 0515072 ____N (Microsoft Corporation) 6A6DA0BB30BC658D308F7715DCBE062D

    ATTENTION ======> If the system is having audio adware rpcss.dll is patched. Google the MD5, if the MD5 is unique the file is infected.
    C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


    LastRegBack: 2014-04-19 05:18

    ==================== End Of Log ============================
     
  10. Jim recardo

    Jim recardo TS Rookie Topic Starter Posts: 29

    Additional scan result of Farbar Recovery Scan Tool (x64) Version: 24-04-2014
    Ran by Tyler at 2014-04-27 16:41:31
    Running from C:\Users\Tyler\Desktop
    Boot Mode: Normal
    ==========================================================


    ==================== Security Center ========================

    AV: AVG AntiVirus Free Edition 2013 (Enabled - Up to date) {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
    AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    AS: AVG AntiVirus Free Edition 2013 (Enabled - Up to date) {B5F5C120-2089-702E-0001-553BB0D5A664}

    ==================== Installed Programs ======================

    802.11n Wireless LAN Card (HKLM-x32\...\{8FC4F1DD-F7FD-4766-804D-3C8FF1D309AF}) (Version: 3.01.18.0 - Ralink)
    8BitMMO (HKLM-x32\...\Steam App 250420) (Version: - Archive Entertainment)
    Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.1.0.4880 - Adobe Systems Incorporated)
    Adobe AIR (x32 Version: 3.1.0.4880 - Adobe Systems Incorporated) Hidden
    Adobe Download Assistant (HKLM-x32\...\com.adobe.downloadassistant.AdobeDownloadAssistant) (Version: 1.2.3 - Adobe Systems Incorporated)
    Adobe Download Assistant (x32 Version: 1.2.3 - Adobe Systems Incorporated) Hidden
    Adobe Flash Player 11 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 11.5.502.146 - Adobe Systems Incorporated)
    Adobe Flash Player 12 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 12.0.0.77 - Adobe Systems Incorporated)
    Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.1.0.150 - Adobe Systems, Inc.)
    Agatha Christie - Peril at End House (x32 Version: 2.2.0.95 - WildTangent) Hidden
    Allods Online 4.0.03.42 (HKLM-x32\...\AstrumNival Allods) (Version: 4.0.03.42 - gPotato)
    AMD Accelerated Video Transcoding (Version: 13.20.100.31206 - Advanced Micro Devices, Inc.) Hidden
    AMD APP SDK Runtime (Version: 2.4.650.9 - Advanced Micro Devices Inc.) Hidden
    AMD Catalyst Control Center (x32 Version: 2013.1206.1603.28764 - Advanced Micro Devices, Inc.) Hidden
    AMD Catalyst Install Manager (HKLM\...\{308051DA-0048-7A07-FE8B-9B6EC119A9E8}) (Version: 8.0.915.0 - Advanced Micro Devices, Inc.)
    AMD Drag and Drop Transcoding (Version: 2.00.0000 - Advanced Micro Devices, Inc.) Hidden
    AMD Fuel (Version: 2013.1206.1603.28764 - Advanced Micro Devices, Inc.) Hidden
    AMD Media Foundation Decoders (Version: 1.0.81206.1620 - Advanced Micro Devices, Inc.) Hidden
    AMD Steady Video Plug-In (Version: 2.06.0000 - AMD) Hidden
    AMD Wireless Display v3.0 (Version: 1.0.0.14 - Advanced Micro Devices, Inc.) Hidden
    APB Reloaded (HKLM-x32\...\APB Reloaded) (Version: 1.6.1.603578 - )
    Apple Application Support (HKLM-x32\...\{63EC2120-1742-4625-AA47-C6A8AEC9C64C}) (Version: 2.2.2 - Apple Inc.)
    Apple Mobile Device Support (HKLM\...\{7446FE8D-C1F9-4D42-AAAE-5DBCE58605A6}) (Version: 6.0.0.59 - Apple Inc.)
    Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
    Arc (HKLM-x32\...\{CED8E25B-122A-4E80-B612-7F99B93284B3}) (Version: 1.0.0.5510 - Perfect World Entertainment)
    Arma 2: DayZ Mod (HKLM-x32\...\Steam App 224580) (Version: - Bohemia Interactive)
    AVG 2014 (HKLM\...\AVG) (Version: 2014.0.4570 - AVG Technologies)
    AVG 2014 (Version: 14.0.3920 - AVG Technologies) Hidden
    AVG 2014 (Version: 14.0.4570 - AVG Technologies) Hidden
    AVG PC TuneUp (HKLM-x32\...\AVG PC TuneUp) (Version: 12.0.4020.9 - AVG Technologies)
    AVG PC TuneUp (x32 Version: 12.0.4020.9 - AVG Technologies) Hidden
    AVG PC TuneUp Language Pack (en-US) (x32 Version: 12.0.4020.9 - AVG Technologies) Hidden
    Bandicam (HKLM-x32\...\Bandicam) (Version: 1.9.3.492 - Bandisoft.com)
    Bandisoft MPEG-1 Decoder (HKLM-x32\...\BandiMPEG1) (Version: - Bandisoft.com)
    Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
    Battlefield 3™ (HKLM-x32\...\{76285C16-411A-488A-BCE3-C83CB933D8CF}) (Version: 1.6.0.0 - Electronic Arts)
    BattlEye for OA Uninstall (HKLM-x32\...\BattlEye for OA) (Version: - )
    BattlEye Uninstall (HKLM-x32\...\BattlEye for A2) (Version: - )
    Bejeweled 3 (x32 Version: 2.2.0.97 - WildTangent) Hidden
    Blackhawk Striker 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden
    Blasterball 3 (x32 Version: 2.2.0.97 - WildTangent) Hidden
    Blender (HKLM\...\Blender) (Version: 2.67b - Blender Foundation)
    BlueStacks App Player (HKLM-x32\...\BlueStacks App Player) (Version: 0.8.6.3059 - BlueStack Systems, Inc.)
    BlueStacks Notification Center (HKLM-x32\...\{62763BAD-53A8-4C9F-B4CF-7CCABFEFD725}) (Version: 0.8.6.3059 - BlueStack Systems, Inc.)
    Borderlands 2 (HKLM-x32\...\Steam App 49520) (Version: - Gearbox Software)
    Bounce Symphony (x32 Version: 2.2.0.97 - WildTangent) Hidden
    Bundled software uninstaller (HKLM-x32\...\bi_uninstaller) (Version: - ) <==== ATTENTION
    Cake Mania (x32 Version: 2.2.0.95 - WildTangent) Hidden
    Call of Duty 4: Modern Warfare (HKLM-x32\...\Steam App 7940) (Version: - Infinity Ward)
    Catalyst Control Center - Branding (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Graphics Previews Common (x32 Version: 2013.1206.1603.28764 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center InstallProxy (x32 Version: 2013.1206.1603.28764 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Localization All (x32 Version: 2013.1206.1603.28764 - Advanced Micro Devices, Inc.) Hidden
    CCC Help Chinese Standard (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
    CCC Help Chinese Traditional (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
    CCC Help Czech (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
    CCC Help Danish (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
    CCC Help Dutch (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
    CCC Help English (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
    CCC Help Finnish (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
    CCC Help French (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
    CCC Help German (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
    CCC Help Greek (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
    CCC Help Hungarian (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
    CCC Help Italian (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
    CCC Help Japanese (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
    CCC Help Korean (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
    CCC Help Norwegian (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
    CCC Help Polish (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
    CCC Help Portuguese (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
    CCC Help Russian (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
    CCC Help Spanish (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
    CCC Help Swedish (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
    CCC Help Thai (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
    CCC Help Turkish (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
    ccc-utility64 (Version: 2013.1206.1603.28764 - Advanced Micro Devices, Inc.) Hidden
    Chivalry: Medieval Warfare (HKLM-x32\...\Steam App 219640) (Version: - )
    Chronicles of Albian (x32 Version: 2.2.0.95 - WildTangent) Hidden
    Chuzzle Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
    Combat Arms (HKLM-x32\...\Steam App 212180) (Version: - )
    Cradle of Rome 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden
    Craften Terminal 3.5.5 (HKLM-x32\...\{4e7c3936-7c06-4ef0-928b-c5d92f372578}_is1) (Version: 3.5.5 - Craften.de)
    Creation Kit (HKLM-x32\...\Steam App 202480) (Version: - bgs.bethsoft.com)
    CrimeCraft GangWars (HKLM-x32\...\Steam App 38830) (Version: - Vogster Entertainment)
    D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
    DayZ (HKLM-x32\...\Steam App 221100) (Version: - Bohemia Interactive)
    DayZ Commander (HKLM-x32\...\{790412BB-B6CE-459B-9E17-7DA7C20FC98C}) (Version: 0.9.124 - Dotjosh Studios)
    DC Universe Online (HKLM-x32\...\Steam App 24200) (Version: - Sony Online Entertainment)
    Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{5971CA1F-6BDE-498F-952C-9F2BF94070A4}) (Version: - Microsoft)
    Demolition, Inc. (HKLM-x32\...\Steam App 98600) (Version: - )
    Diablo III (HKLM-x32\...\Diablo III) (Version: - Blizzard Entertainment)
    Dota 2 (HKLM-x32\...\Steam App 570) (Version: - Valve)
    Dragons Prophet (HKCU\...\SOE-Dragons Prophet) (Version: 1.0.3.183 - Sony Online Entertainment)
    Dungeons & Dragons Online® (HKLM-x32\...\Steam App 206480) (Version: - Turbine, Inc)
    Empire: Total War Demo (HKLM-x32\...\Steam App 10620) (Version: - The Creative Assembly)
    ESN Sonar (HKLM-x32\...\ESN Sonar-0.70.4) (Version: 0.70.4 - ESN Social Software AB)
    EverQuest II (HKCU\...\SOE-EverQuest II) (Version: - Sony Online Entertainment)
    EverQuest II (HKLM-x32\...\Steam App 201230) (Version: - Sony Online Entertainment)
    Farm Frenzy (x32 Version: 2.2.0.95 - WildTangent) Hidden
    FATE (x32 Version: 2.2.0.97 - WildTangent) Hidden
    Football Superstars (HKLM-x32\...\Steam App 219870) (Version: - CyberSports Ltd.)
    Fraps (HKLM-x32\...\Fraps) (Version: - )
    Gameforge Live 1.7.0 "Legend" (HKLM-x32\...\{9C98989A-3A15-42DA-A3B9-D20331437D67}}_is1) (Version: 1.7.0 - Gameforge)
    GameSalad Creator (HKLM-x32\...\{16FCB53A-0DAF-43CC-A51F-1A0685BCC407}) (Version: 0.10.00 - GameSalad)
    GameTracker Lite (HKLM-x32\...\GameTracker Lite) (Version: - ClanServers Hosting LLC.)
    Garry's Mod (HKLM-x32\...\Steam App 4000) (Version: - Facepunch Studios)
    Google Chrome (HKLM-x32\...\Google Chrome) (Version: 34.0.1847.116 - Google Inc.)
    Google Update Helper (x32 Version: 1.3.23.0 - DealPly Technologies Ltd) Hidden <==== ATTENTION
    Gotham City Impostors: Free To Play (HKLM-x32\...\Steam App 206210) (Version: - )
    Governor of Poker 2 Premium Edition (x32 Version: 2.2.0.95 - WildTangent) Hidden
    Guild Wars 2 (HKLM-x32\...\Guild Wars 2) (Version: - NCsoft Corporation, Ltd.)
    Gyazo 1.0.1 (HKLM-x32\...\{6DB8C365-E719-4BA5-9594-10DFC244D3FD}_is1) (Version: - Nota Inc. & Toshiyuki Masui)
    Happy Cloud Client (HKCU\...\HappyCloud) (Version: 3.41 - Happy Cloud, Inc.)
    Hearthstone (HKLM-x32\...\Hearthstone) (Version: - Blizzard Entertainment)
    Hewlett-Packard ACLM.NET v1.2.2.3 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
    Hi-Rez Studios Authenticate and Update Service (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF1FC}) (Version: 3.0.0.0 - Hi-Rez Studios)
    HP Auto (Version: 1.0.12935.3667 - Hewlett-Packard Company) Hidden
    HP Client Services (Version: 1.1.12938.3539 - Hewlett-Packard) Hidden
    HP Customer Experience Enhancements (x32 Version: 6.0.1.8 - Hewlett-Packard) Hidden
    HP Games (HKLM-x32\...\WildTangent hp Master Uninstall) (Version: 1.0.2.5 - WildTangent)
    HP LinkUp (HKLM-x32\...\{DB3147AB-4024-4773-8EC0-A1FE5B44933D}) (Version: 2.01.028 - Hewlett-Packard)
    HP Odometer (HKLM-x32\...\{B8AC1A89-FFD1-4F97-8051-E505A160F562}) (Version: 2.10.0000 - Hewlett-Packard)
    HP Product Detection (HKLM-x32\...\{A436F67F-687E-4736-BD2B-537121A804CF}) (Version: 11.14.0001 - HP)
    HP Setup (HKLM-x32\...\{D35B72B6-F0E4-462B-BDEB-E08032B3B681}) (Version: 8.7.4747.3786 - Hewlett-Packard Company)
    HP Setup Manager (HKLM-x32\...\{AE856388-AFAD-4753-81DF-D96B19D0A17C}) (Version: 1.1.13880.3792 - Hewlett-Packard Company)
    HP Support Assistant (HKLM-x32\...\{E35A3B13-78CD-4967-8AC8-AA9FDA693EDE}) (Version: 7.4.45.4 - Hewlett-Packard Company)
    HP Support Information (HKLM-x32\...\{7F2A11F4-EAE8-4325-83EC-E3E99F85169E}) (Version: 10.1.1000 - Hewlett-Packard)
    HP Update (HKLM-x32\...\{DE77FE3F-A33D-499A-87AD-5FC406617B40}) (Version: 5.002.003.003 - Hewlett-Packard)
    HP Vision Hardware Diagnostics (HKLM\...\{D79A02E9-6713-4335-9668-AAC7474C0C0E}) (Version: 2.9.0.0 - Hewlett-Packard)
    HTML5 Video Player 1.2.5 (HKLM\...\HTML5 Video Player_is1) (Version: 1.2.5 - SocuSoft Co.,Ltd)
    iCloud (HKLM\...\{8B485965-8EFE-464A-842F-CF8F18C3DFD7}) (Version: 1.1.0.40 - Apple Inc.)
    IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6349.0 - IDT)
    InfoSeeker (HKLM-x32\...\InfoSeeker) (Version: 2.6.17 - Big Water Applications, LLC)
    iTunes (HKLM\...\{1493B2AE-0261-47D2-B1AA-F4DAD0F6C48B}) (Version: 10.7.0.21 - Apple Inc.)
    Java 7 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217045FF}) (Version: 7.0.510 - Oracle)
    Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
    Java(TM) 6 Update 22 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216022F0}) (Version: 6.0.220 - Oracle)
    Java(TM) 6 Update 31 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216031FF}) (Version: 6.0.310 - Oracle)
    JavaFX 2.1.0 (HKLM-x32\...\{1111706F-666A-4037-7777-210328764D10}) (Version: 2.1.0 - Oracle Corporation)
    Jewel Quest: The Sleepless Star - Collector's Edition (x32 Version: 2.2.0.95 - WildTangent) Hidden
    Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
    Just Cause 2 (HKLM-x32\...\Steam App 8190) (Version: - Avalanche)
    League of Legends (HKLM-x32\...\{92606477-9366-4D3B-8AE3-6BE4B29727AB}) (Version: 1.3 - Riot Games)
    Linksicle (HKLM-x32\...\Linksicle) (Version: 1.8.2.0 - Linksicle)
    Loadout (HKLM-x32\...\Steam App 208090) (Version: - Edge of Reality)
    Logitech Gaming Software 5.10 (HKLM\...\{1444D2EE-C7AD-44A8-844F-2634B49353D1}) (Version: 5.10.127 - Logitech)
    Mah Jong Medley (x32 Version: 2.2.0.95 - WildTangent) Hidden
    Malwarebytes Anti-Malware version 2.0.1.1004 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.1.1004 - Malwarebytes Corporation)
    Manic Digger (HKLM-x32\...\{119E2FCB-5CDD-4C24-BCB2-56A824E2BF0A}_is1) (Version: - )
    MapleStory (HKLM-x32\...\Steam App 216150) (Version: - Nexon)
    Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
    Microsoft .NET Framework 1.1 (HKLM-x32\...\{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}) (Version: 1.1.4322 - Microsoft)
    Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
    Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
    Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
    Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}) (Version: 3.5.92.0 - Microsoft Corporation)
    Microsoft Games for Windows Marketplace (HKLM-x32\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)
    Microsoft IntelliPoint 8.2 (HKLM\...\Microsoft IntelliPoint 8.2) (Version: 8.20.468.0 - Microsoft Corporation)
    Microsoft IntelliPoint 8.2 (Version: 8.20.468.0 - Microsoft Corporation) Hidden
    Microsoft Mathematics (HKLM-x32\...\{4D090F70-6F08-4B60-9357-A1DFD4458F09}) (Version: 4.0 - Microsoft Corporation)
    Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
    Microsoft Office Access MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
    Microsoft Office Access Setup Metadata MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
    Microsoft Office Click-to-Run 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
    Microsoft Office Click-to-Run 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
    Microsoft Office Excel MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
    Microsoft Office Office 64-bit Components 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
    Microsoft Office OneNote MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
    Microsoft Office Outlook MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
    Microsoft Office PowerPoint MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
    Microsoft Office Professional 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
    Microsoft Office Proof (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
    Microsoft Office Proof (French) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
    Microsoft Office Proof (Spanish) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
    Microsoft Office Proofing (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
    Microsoft Office Publisher MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
    Microsoft Office Shared 64-bit MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
    Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
    Microsoft Office Shared MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
    Microsoft Office Shared Setup Metadata MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
    Microsoft Office Single Image 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
    Microsoft Office Starter 2010 - English (HKLM-x32\...\{90140011-0066-0409-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
    Microsoft Office Word MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
    Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
    Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
    Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
    Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
    Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
    Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
    Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106 (HKLM-x32\...\{8e70e4e1-06d7-470b-9f74-a51bef21088e}) (Version: 11.0.51106.1 - Microsoft Corporation)
    Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden
    Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden
    Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.50727 (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
    Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.51106 (x32 Version: 11.0.51106 - Microsoft Corporation) Hidden
    Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.50727 (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
    Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.51106 (x32 Version: 11.0.51106 - Microsoft Corporation) Hidden
    Microsoft WSE 3.0 Runtime (x32 Version: 3.0.5305.0 - Microsoft Corp.) Hidden
    Microsoft Xbox 360 Accessories 1.2 (HKLM\...\{D9C50188-12D5-4D3E-8F00-682346C2AA5F}) (Version: 1.20.146.0 - Microsoft)
    Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
    Mozilla Firefox 17.0.1 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 17.0.1 (x86 en-US)) (Version: 17.0.1 - Mozilla)
    Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 17.0.1 - Mozilla)
    MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
    MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
    MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
    MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
    Mystery of Mortlake Mansion (x32 Version: 2.2.0.97 - WildTangent) Hidden
    Namco All-Stars: PAC-MAN (x32 Version: 2.2.0.95 - WildTangent) Hidden
    No-IP DUC (HKLM-x32\...\NoIPDUC) (Version: 4.0.1 - Vitalwerks Internet Solutions LLC)
    NVIDIA PhysX (HKLM-x32\...\{DEA314C4-0929-4250-BC92-98E4C105F28D}) (Version: 9.10.0129 - NVIDIA Corporation)
    ooVoo (HKLM-x32\...\{FAA7F8FF-3C05-4A61-8F14-D8A6E9ED6623}) (Version: 3.5.6046 - ooVoo LLC.)
    Open Broadcaster Software (HKLM-x32\...\Open Broadcaster Software) (Version: - )
    OpenOffice.org 3.3 (HKLM-x32\...\{3E171899-0175-47CC-84C4-562ACDD4C021}) (Version: 3.3.9567 - OpenOffice.org)
    Optimizer Pro v3.2 (HKLM-x32\...\Optimizer Pro_is1) (Version: - PC Utilities Software Limited) <==== ATTENTION
    Orcs Must Die! (HKLM-x32\...\Steam App 102600) (Version: - )
    Origin (HKLM-x32\...\Origin) (Version: 9.0.15.65 - Electronic Arts, Inc.)
    Overwolf (HKLM-x32\...\{8CD3A2A9-B25E-4D5D-8D12-724493A45C1A}) (Version: 0.42.248 - Overwolf)
    Paint.NET v3.5.10 (HKLM\...\{529125EF-E3AC-4B74-97E6-F688A7C0F1C0}) (Version: 3.60.0 - dotPDN LLC)
    PaintTool SAI Ver.1 (HKLM-x32\...\PaintToolSAI) (Version: - )
    Panda3D 1.8.1 (HKLM-x32\...\Panda3D 1.8.1) (Version: - )
    Pando Media Booster (HKLM-x32\...\{980A182F-E0A2-4A40-94C1-AE0C1235902E}) (Version: 2.6.0.8 - Pando Networks Inc.)
    PDF Complete Special Edition (HKLM-x32\...\PDF Complete) (Version: 4.0.54 - PDF Complete, Inc)
    Penguins! (x32 Version: 2.2.0.95 - WildTangent) Hidden
    Pirate101 (HKLM-x32\...\{662140BE-138C-4DC1-B4CD-B62C6C855A25}) (Version: 1.0.0 - KingsIsle Entertainment, Inc.)
    PlanetSide 2 (HKCU\...\SOE-PlanetSide 2) (Version: 1.0.3.183 - Sony Online Entertainment)
    Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.95 - WildTangent) Hidden
    Play withSIX (HKLM-x32\...\{D7F3EEAD-183C-47DE-BDC5-593539573F97}) (Version: 1.30.0476 - SIX Networks)
    Poker Superstars III (x32 Version: 2.2.0.95 - WildTangent) Hidden
    Polar Bowler (x32 Version: 2.2.0.97 - WildTangent) Hidden
    Polar Golfer (x32 Version: 2.2.0.95 - WildTangent) Hidden
    Poniga2Image (HKLM-x32\...\{B33E3FB7-D5B3-39EE-9E65-6D3B38978A48}) (Version: - Pnug2IMage)
    PressReader (HKLM-x32\...\{912CED74-88D3-4C5B-ACB0-132318649765}) (Version: 5.10.1217.0 - NewspaperDirect Inc.)
    PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.)
    Ravaged (HKLM-x32\...\Steam App 96300) (Version: - )
    Recovery Manager (x32 Version: 5.5.0.4320 - CyberLink Corp.) Hidden
    RegCure Pro (HKLM-x32\...\{C547F361-5750-4CD1-9FB6-BC93827CB6C1}) (Version: 3.2.1.0 - ParetoLogic, Inc.)
    Remote Graphics Receiver (HKLM-x32\...\{16FC3056-90C0-4757-8A68-64D8DA846ADA}) (Version: 5.4.5 - Hewlett-Packard)
    ROBLOX Studio for Tyler (HKCU\...\{B805FF17-92FE-4757-8142-F0A2850DFE03}) (Version: - ROBLOX Corporation)
    Runes of Magic (HKLM-x32\...\{A2F166A0-F031-4E27-A057-C69733219434}_is1) (Version: 6.0.0.2647 - Gameforge Productions GmbH)
    Runescape Item Spawner (HKCU\...\79741dd164692124) (Version: 1.0.0.1 - Microsoft)
    RuneScape Launcher 1.2.3 (HKLM-x32\...\{FAE99C85-073
     
  11. Jim recardo

    Jim recardo TS Rookie Topic Starter Posts: 29

    2-4C58-9C6B-10B5B12FA2E9}) (Version: 1.2.3 - Jagex Ltd)
    Rust (HKLM-x32\...\Steam App 252490) (Version: - Facepunch Studios)
    Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
    Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (x32 Version: - Microsoft) Hidden
    SketchUp 2013 (HKLM-x32\...\{E74C0D09-8730-4714-8C6F-019FBF7F1B42}) (Version: 13.0.3689 - Trimble Navigation Limited)
    Skype™ 6.14 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.14.104 - Skype Technologies S.A.)
    Slingo Supreme (x32 Version: 2.2.0.97 - WildTangent) Hidden
    Smite (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF017}) (Version: 0.1.1629.0 - Hi-Rez Studios)
    Source Filmmaker (HKLM-x32\...\Steam App 1840) (Version: - )
    Splashtop Software Updater (HKLM-x32\...\Splashtop Software Updater) (Version: 1.5.6.14 - Splashtop Inc.)
    Splashtop Streamer (HKLM-x32\...\InstallShield_{2EFEAD58-3311-4B2B-9D8A-8D663581D109}) (Version: 2.2.5.1 - Splashtop Inc.)
    Splashtop Streamer (x32 Version: 2.2.5.1 - Splashtop Inc.) Hidden
    Star Trek Online (HKLM-x32\...\Star Trek Online) (Version: - Cryptic Studios)
    Star Wars The Old Republic (HKLM-x32\...\swtor_swtor) (Version: 7.0.0.12 - Bioware/EA)
    Star Wars: The Old Republic (HKLM-x32\...\{3B11D799-48E0-48ED-BFD7-EA655676D8BB}) (Version: 1.00 - Electronic Arts, Inc.)
    Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
    SwitchBlade (HKLM-x32\...\{9AC703BB-9E97-4888-BF76-4A9809017FC7}) (Version: 3.0.2 - Blue Orb, Inc.)
    swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
    System Requirements Lab CYRI (HKLM-x32\...\{E77DA909-3532-4C95-AFEB-06310E88462A}) (Version: 6.0.3.0 - Husdawg, LLC)
    TeamSpeak 3 Client (HKLM-x32\...\TeamSpeak 3 Client) (Version: 3.0.13 - TeamSpeak Systems GmbH)
    Terraria (HKLM-x32\...\Steam App 105600) (Version: - )
    The Elder Scrolls V: Skyrim (HKLM-x32\...\Steam App 72850) (Version: - Bethesda Game Studios)
    The Lord of the Rings Online (HKCU\...\LOTROen) (Version: - )
    The Mighty Quest For Epic Loot (HKLM-x32\...\Steam App 239220) (Version: - Ubisoft Montreal)
    The Sims™ 3 (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}) (Version: 1.66.2 - Electronic Arts)
    The Sims™ 3 Pets Create A Pet Demo (HKLM-x32\...\{F617CEFF-8242-42AF-95BE-2545DB029A0C}) (Version: 1.0.49 - Electronic Arts)
    The War Z version 1.0 (HKLM-x32\...\{BC3051A7-1021-4B57-A3DA-AAC24566FAE7}_is1) (Version: 1.0 - Arktos Entertainment Group LLC)
    topdeAl (HKLM-x32\...\{9B149088-3FB6-875E-C1A4-A25A6E9D278D}) (Version: - topdeal)
    Unity Web Player (HKCU\...\UnityWebPlayer) (Version: - Unity Technologies ApS)
    Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{B4A38370-2ADB-46B0-A1B0-0C4A2F7DCA31}) (Version: - Microsoft)
    Update for Microsoft Filter Pack 2.0 (KB2837594) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{D3C85176-ACCC-4AF0-817D-1BC803303B74}) (Version: - Microsoft)
    Update for Microsoft Filter Pack 2.0 (KB2837594) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{D3C85176-ACCC-4AF0-817D-1BC803303B74}) (Version: - Microsoft)
    Update for Microsoft InfoPath 2010 (KB2817369) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{4EEA3D3E-989C-4DF4-AB0A-3042C0C12AA3}) (Version: - Microsoft)
    Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DADF7E25-FFA4-4D02-BE84-1DAE62C18516}) (Version: - Microsoft)
    Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version: - Microsoft)
    Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version: - Microsoft)
    Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{287A1E92-9E41-4BC1-8920-B3D0E9220800}) (Version: - Microsoft)
    Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{9D69691D-823D-4C3E-9B12-563A3F520366}) (Version: - Microsoft)
    Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version: - Microsoft)
    Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version: - Microsoft)
    Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{35698CB7-AAA2-4577-B505-DBFF504AEF23}) (Version: - Microsoft)
    Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{5AA578BB-759C-40FD-9661-A737C0884541}) (Version: - Microsoft)
    Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition (HKLM-x32\...\{90140000-001F-040C-0000-0000000FF1CE}_Office14.SingleImage_{82F87E28-B18E-46D6-A399-E2F19CF5949B}) (Version: - Microsoft)
    Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0C0A-0000-0000000FF1CE}_Office14.SingleImage_{5E8EB600-8B94-429E-873E-98369C6DC1BC}) (Version: - Microsoft)
    Update for Microsoft Office 2010 (KB2863818) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0409-0000-0000000FF1CE}_Office14.SingleImage_{83B1B530-7D9E-4C6A-907F-E979CEE9C295}) (Version: - Microsoft)
    Update for Microsoft Office 2010 (KB2878225) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{EFF5EBA3-40AD-4859-85E7-3C1CF4F297EB}) (Version: - Microsoft)
    Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version: - Microsoft)
    Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version: - Microsoft)
    Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM-x32\...\{90140000-001A-0409-0000-0000000FF1CE}_Office14.SingleImage_{DCE104A1-1875-4469-A83D-A5BFA6C4640F}) (Version: - Microsoft)
    Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{2AB483F1-C86E-427A-83B4-23889B03512D}) (Version: - Microsoft)
    Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition (HKLM-x32\...\{90140000-0018-0409-0000-0000000FF1CE}_Office14.SingleImage_{334AA0A1-2BB1-4D74-B66A-2B2C4D9C2C87}) (Version: - Microsoft)
    Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{2BA40F82-F3A4-441C-BF1A-ED4C42FF4872}) (Version: - Microsoft)
    Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{F9F5A080-AF38-4966-9A6B-C43DCA465035}) (Version: - Microsoft)
    Update for Microsoft Visio 2010 (KB2553444) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{799005D3-9B70-4219-AFE0-BC479614CC4D}) (Version: - Microsoft)
    Update for Microsoft Visio Viewer 2010 (KB2810066) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{8C55AA83-54C2-4236-A622-78440A411DC5}) (Version: - Microsoft)
    Update Installer for WildTangent Games App (x32 Version: - WildTangent) Hidden
    Vacation Quest - The Hawaiian Islands (x32 Version: 2.2.0.97 - WildTangent) Hidden
    Virtual Villagers 5 - New Believers (x32 Version: 2.2.0.97 - WildTangent) Hidden
    Visual Studio 2008 x64 Redistributables (HKLM-x32\...\{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}) (Version: 10.0.0.2 - AVG Technologies)
    Visual Studio 2010 x64 Redistributables (HKLM\...\{21B133D6-5979-47F0-BE1C-F6A6B304693F}) (Version: 13.0.0.1 - AVG Technologies)
    Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
    Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
    VisualBee for Microsoft PowerPoint (HKCU\...\VisualBee for Microsoft PowerPoint) (Version: V3.6 - VisualBee.com)
    War Thunder Launcher 1.0.1.252 (HKLM-x32\...\{ed8deea4-29fa-3932-9612-e2122d8a62d9}}_is1) (Version: - 2013 Gaijin Entertainment Corporation)
    WebCake 3.00 (HKLM\...\{C4ED781C-7394-4906-AAFF-D6AB64FF7C38}) (Version: 3.00 - WebCake LLC) <==== ATTENTION
    WildTangent Games App (HP Games) (x32 Version: 4.0.10.17 - WildTangent) Hidden
    Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
    Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation)
    Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
    Windows Live ID Sign-in Assistant (Version: 7.250.4225.0 - Microsoft Corporation) Hidden
    Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
    Windows Live Language Selector (Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
    Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
    Windows Live Mesh (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
    Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
    Windows Live Messenger (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
    Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
    Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
    Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
    Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
    Windows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
    Windows Live Remote Client (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
    Windows Live Remote Client Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
    Windows Live Remote Service (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
    Windows Live Remote Service Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
    Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
    Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
    Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
    Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
    Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
    Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
    WinRAR 4.20 beta 1 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 4.20.1 - win.rar GmbH)
    World of Warcraft (HKLM-x32\...\World of Warcraft) (Version: - Blizzard Entertainment)
    World of Warcraft Public Test (HKLM-x32\...\World of Warcraft Public Test) (Version: - Blizzard Entertainment)
    WOwiCoupon (HKLM-x32\...\{1B8A71D1-31D4-EE6A-C32F-836E0BFFA6D3}) (Version: - WeOwaCouPone) <==== ATTENTION
    XSplit (HKLM-x32\...\{1D1D81AD-E6B1-497D-8419-7D2E5DDC124D}) (Version: 1.2.1301.2501 - SplitMediaLabs)
    Youbooster Pro Edition 2.1 (HKLM-x32\...\Youbooster Pro Edition) (Version: 2.1 - Youtube bots)
    Zuma Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden

    ==================== Restore Points =========================

    21-04-2014 00:00:04 Windows Backup
    22-04-2014 08:00:14 Windows Update

    ==================== Hosts content: ==========================

    2009-07-13 21:34 - 2009-06-10 16:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

    ==================== Scheduled Tasks (whitelisted) =============

    Task: {16F9B043-0C76-4B9F-AB21-860E6AF5BE99} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2013-12-12] (Hewlett-Packard Company)
    Task: {17B5D867-B03C-40A1-AB53-58CF063E490C} - System32\Tasks\Microsoft_Hardware_Launch_IPoint_exe => c:\Program Files\Microsoft IntelliPoint\IPoint.exe [2011-08-01] (Microsoft Corporation)
    Task: {1AA13087-8262-417B-9709-7D1A7598A5F8} - System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2012 => C:\Program Files (x86)\AVG\AVG PC TuneUp\OneClick.exe [2013-10-31] (AVG)
    Task: {37E1B72B-B651-4735-8137-CE8D1F61FA59} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-03-26] (Google Inc.)
    Task: {38FB874B-96BC-4BBC-B7B2-5E08A2D6D4B3} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
    Task: {3A8C34FE-33C4-47B9-AA82-1391D3891A08} - System32\Tasks\BackgroundContainer Startup Task => Rundll32.exe "C:\Users\Tyler\AppData\Local\Conduit\BackgroundContainer\BackgroundContainer.dll",DllRun <==== ATTENTION
    Task: {3C537F7B-27C2-4993-B07E-2044988A0314} - System32\Tasks\HPCeeScheduleForTyler => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2011-07-15] (Hewlett-Packard)
    Task: {3DF98932-143C-41D4-BB5D-E6AD8F26DDD0} - System32\Tasks\ParetoLogic Update Version3 Startup Task => C:\Program Files (x86)\Common Files\ParetoLogic\UUS3\Pareto_Update3.exe [2014-03-31] ()
    Task: {5DF051D3-1BA2-4924-93BB-E797EBE6C7AD} - System32\Tasks\RMCreator => C:\Program Files (x86)\Hewlett-Packard\Recovery\Reminder.exe [2011-07-20] (CyberLink)
    Task: {5E0C6B05-1490-4EE6-BB0D-593A96659A1A} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-03-26] (Adobe Systems Incorporated)
    Task: {7A41FBE7-A9B0-4023-A9DB-18FBF212C42C} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2013-07-02] (Oracle Corporation)
    Task: {7B64FBFB-76E2-433E-BC96-E7CECFBBF7FA} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker_DeviceScan => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2014-03-21] (Hewlett-Packard)
    Task: {8ECF4308-527C-47D2-BF73-025A159F030F} - System32\Tasks\HP online update program => c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [2008-12-08] (Hewlett-Packard)
    Task: {8F4E4A1C-4DB7-4970-B388-6AE277EB475B} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Warranty Opt-In(Yes) => c:\program files (x86)\hewlett-packard\hp health check\activecheck\product_line\Detection_PostWarrantyAlert.exe [2014-01-14] (Hewlett-Packard)
    Task: {9C11D77B-C130-48EC-95A3-6BE58BEA6F93} - System32\Tasks\ParetoLogic Update Version3 => C:\Program Files (x86)\Common Files\ParetoLogic\UUS3\Pareto_Update3.exe [2014-03-31] ()
    Task: {9CCF4484-89B9-4031-984D-2F00B8C923C7} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-03-26] (Google Inc.)
    Task: {9F37D9E0-8FD1-49B2-9584-C32939C68D5C} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company)
    Task: {A2F2E66B-2527-4257-9E7F-20BEB04D9E55} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2013-11-04] (Hewlett-Packard Company)
    Task: {A9364937-0413-4471-A66C-155F45CFCC44} - System32\Tasks\VisualBeeRecovery => C:\Users\Tyler\AppData\Local\VisualBeeExe\VisualBeeRecovery.exe [2012-03-14] ()
    Task: {B6FE68FB-3979-418C-B34A-F58634FC7A65} - System32\Tasks\Google Updater and Installer => C:\Users\Tyler\AppData\Local\Google\Update\GoogleUpdate.exe
    Task: {B960375F-42A7-492E-9EF2-D7DCEC201B5D} - System32\Tasks\Hewlett-Packard\HP Support Assistant\WarrantyChecker => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPWarrantyCheck\HPWarrantyChecker.exe [2014-03-21] (Hewlett-Packard)
    Task: {B9BDDCCE-AC63-477F-B396-6B805353EA10} - System32\Tasks\RegCure Pro_sch_98CD0C73-CBF6-11E3-9F42-3860770FA3CC => C:\Program Files (x86)\ParetoLogic\RegCure Pro\RegCurePro.exe [2014-03-31] (ParetoLogic, Inc.)
    Task: {BDA05A37-95B1-4B24-B7E0-5B40A34D90EA} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Warranty Opt-In(No) => c:\program files (x86)\hewlett-packard\hp health check\activecheck\product_line\Detection_PostWarrantyAlert.exe [2014-01-14] (Hewlett-Packard)
    Task: {C53EC174-C35B-414D-B0C5-23062654F0D9} - System32\Tasks\RegCure Pro Startup => C:\Program Files (x86)\ParetoLogic\RegCure Pro\RegCurePro.exe [2014-03-31] (ParetoLogic, Inc.)
    Task: {D0709A89-5091-4A54-BC77-33CF705D607E} - System32\Tasks\Updater26278.exe => C:\Users\Tyler\AppData\Local\Updater26278\Updater26278.exe <==== ATTENTION
    Task: {E782BB2B-9E03-4D1A-95CF-2D60976E4633} - System32\Tasks\ParetoLogic Registration3 => Rundll32.exe "C:\Program Files (x86)\Common Files\ParetoLogic\UUS3\UUS3.dll" RunUns
    Task: {F7B5D72B-678D-41D0-8658-ACAE0FF20784} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
    Task: {F9D55B7F-1641-47E0-BA22-20AD103CCD71} - System32\Tasks\Dealply => C:\Users\Tyler\AppData\Roaming\Dealply\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
    Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
    Task: C:\Windows\Tasks\Dealply.job => C:\Users\Tyler\AppData\Roaming\Dealply\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
    Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    Task: C:\Windows\Tasks\HPCeeScheduleForTyler.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
    Task: C:\Windows\Tasks\ParetoLogic Registration3.job => C:\Program Files (x86)\Common Files\ParetoLogic\UUS3\UUS3.dll
    Task: C:\Windows\Tasks\ParetoLogic Update Version3 Startup Task.job => C:\Program Files (x86)\Common Files\ParetoLogic\UUS3\Pareto_Update3.exe
    Task: C:\Windows\Tasks\ParetoLogic Update Version3.job => C:\Program Files (x86)\Common Files\ParetoLogic\UUS3\Pareto_Update3.exe
    Task: C:\Windows\Tasks\RegCure Pro Startup.job => C:\Program Files (x86)\ParetoLogic\RegCure Pro\RegCurePro.exe
    Task: C:\Windows\Tasks\RegCure Pro_sch_98CD0C73-CBF6-11E3-9F42-3860770FA3CC.job => C:\Program Files (x86)\ParetoLogic\RegCure Pro\RegCurePro.exe

    ==================== Loaded Modules (whitelisted) =============

    2013-12-06 16:06 - 2013-12-06 16:06 - 00214528 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.PerformanceTuning.dll
    2013-07-26 05:59 - 2013-07-26 05:59 - 00814592 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Device.dll
    2013-07-26 05:59 - 2013-07-26 05:59 - 03650560 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Platform.dll
    2013-12-06 16:06 - 2013-12-06 16:06 - 00127488 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.Wlan.dll
    2012-10-28 14:50 - 2013-12-10 22:38 - 00076888 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
    2013-12-06 16:06 - 2013-12-06 16:06 - 00102400 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Proxy.Native.dll
    2014-04-24 16:14 - 2014-04-24 16:14 - 03972608 _____ () C:\Users\Tyler\Downloads\RogueKiller.exe
    2014-04-09 20:23 - 2014-04-01 20:57 - 00065352 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.116\chrome_elf.dll
    2014-04-09 20:23 - 2014-04-01 20:57 - 00674632 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.116\libglesv2.dll
    2014-04-09 20:23 - 2014-04-01 20:57 - 00093000 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.116\libegl.dll
    2014-04-09 20:23 - 2014-04-01 20:57 - 04081480 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.116\pdf.dll
    2014-04-09 20:23 - 2014-04-01 20:58 - 00390472 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.116\ppGoogleNaClPluginChrome.dll
    2014-04-09 20:23 - 2014-04-01 20:57 - 01647432 _____ () C:\Program Files (x86)\Google\Chrome\Application\34.0.1847.116\ffmpegsumo.dll
    2014-03-31 11:19 - 2014-03-31 11:19 - 00045680 _____ () C:\Program Files (x86)\ParetoLogic\RegCure Pro\LiteZip.dll
    2014-03-31 11:19 - 2014-03-31 11:19 - 00540784 _____ () C:\Program Files (x86)\ParetoLogic\RegCure Pro\7ZipDLL.dll
    2014-03-31 11:19 - 2014-03-31 11:19 - 00083568 _____ () C:\Program Files (x86)\ParetoLogic\RegCure Pro\ExtensionManager.dll
    2014-03-31 11:19 - 2014-03-31 11:19 - 00155248 _____ () C:\Program Files (x86)\ParetoLogic\RegCure Pro\CommonLoggingExtension.pxt
    2014-03-31 11:19 - 2014-03-31 11:19 - 00153712 _____ () C:\Program Files (x86)\ParetoLogic\RegCure Pro\CommonSpecialist.pxt
    2014-03-31 11:19 - 2014-03-31 11:19 - 00138864 _____ () C:\Program Files (x86)\ParetoLogic\RegCure Pro\RegHookSpecialist.pxt
    2014-03-31 11:19 - 2014-03-31 11:19 - 00925808 _____ () C:\Program Files (x86)\ParetoLogic\RegCure Pro\Utility.pxt
    2014-03-31 11:19 - 2014-03-31 11:19 - 00053360 _____ () C:\Program Files (x86)\ParetoLogic\RegCure Pro\LiteUnzip.dll

    ==================== Alternate Data Streams (whitelisted) =========

    AlternateDataStreams: C:\ProgramData\Temp:373E1720

    ==================== Safe Mode (whitelisted) ===================


    ==================== Disabled items from MSCONFIG ==============

    MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3
    MSCONFIG\Services: AESTFilters => 2
    MSCONFIG\Services: AMD External Events Utility => 2
    MSCONFIG\Services: Apple Mobile Device => 2
    MSCONFIG\Services: GamesAppService => 3
    MSCONFIG\Services: HP Support Assistant Service => 2
    MSCONFIG\Services: HPClientSvc => 2
    MSCONFIG\Services: hpqwmiex => 3
    MSCONFIG\Services: iPod Service => 3
    MSCONFIG\Services: MozillaMaintenance => 3
    MSCONFIG\Services: pdfcDispatcher => 2
    MSCONFIG\Services: RoxioNow Service => 2
    MSCONFIG\Services: STacSV => 2
    MSCONFIG\Services: Steam Client Service => 3
    MSCONFIG\Services: TuneUp.UtilitiesSvc => 2
    MSCONFIG\Services: vToolbarUpdater14.0.0 => 2
    MSCONFIG\startupfolder: C:^Users^Tyler^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.3.lnk => C:\Windows\pss\OpenOffice.org 3.3.lnk.Startup
    MSCONFIG\startupreg: Akamai NetSession Interface => "C:\Users\Tyler\AppData\Local\Akamai\netsession_win.exe"
    MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
    MSCONFIG\startupreg: AVG_UI => "C:\Program Files (x86)\AVG\AVG2013\avgui.exe" /TRAYONLY
    MSCONFIG\startupreg: BeatsOSDApp => C:\Program Files\IDT\WDM\beats64.exe
    MSCONFIG\startupreg: EADM => "C:\Program Files (x86)\Origin\Origin.exe" -AutoStart
    MSCONFIG\startupreg: hpsysdrv => c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe
    MSCONFIG\startupreg: iCloudServices => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
    MSCONFIG\startupreg: IntelliPoint => "c:\Program Files\Microsoft IntelliPoint\ipoint.exe"
    MSCONFIG\startupreg: MobileDocuments => C:\Program Files (x86)\Common Files\Apple\Internet Services\ubd.exe
    MSCONFIG\startupreg: PDF Complete => C:\Program Files (x86)\PDF Complete\pdfsty.exe
    MSCONFIG\startupreg: StartCCC => "c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
    MSCONFIG\startupreg: Steam => "C:\Program Files (x86)\Steam\Steam.exe" -silent
    MSCONFIG\startupreg: SysTrayApp => C:\Program Files\IDT\WDM\sttray64.exe
    MSCONFIG\startupreg: vProt => "C:\Program Files (x86)\AVG Secure Search\vprot.exe"

    ==================== Faulty Device Manager Devices =============


    ==================== Event log errors: =========================

    Application errors:
    ==================
    Error: (04/24/2014 04:20:08 PM) (Source: MsiInstaller) (User: NT AUTHORITY)
    Description: Product: Google Update Helper -- Error 1316. A network error occurred while attempting to read from the file: C:\Program Files (x86)\Google\Update\1.3.23.9\DealPlyLiveHelper.msi

    Error: (04/24/2014 03:50:53 PM) (Source: CVHSVC) (User: )
    Description: Information only.
    (Stream product id=0x0066): Streaming Failed

    Error: (04/24/2014 03:50:17 PM) (Source: CVHSVC) (User: )
    Description: Information only.
    Too many failures while downloading ranges: 2

    Error: (04/24/2014 03:48:35 PM) (Source: BstHdAndroidSvc) (User: )
    Description: Service cannot be started. System.ApplicationException: Cannot start service. Service did not stop gracefully the last time it was run.
    at BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
    at System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)

    Error: (04/24/2014 03:20:01 PM) (Source: MsiInstaller) (User: NT AUTHORITY)
    Description: Product: Google Update Helper -- Error 1316. A network error occurred while attempting to read from the file: C:\Program Files (x86)\Google\Update\1.3.23.9\DealPlyLiveHelper.msi

    Error: (04/24/2014 02:20:00 PM) (Source: MsiInstaller) (User: NT AUTHORITY)
    Description: Product: Google Update Helper -- Error 1316. A network error occurred while attempting to read from the file: C:\Program Files (x86)\Google\Update\1.3.23.9\DealPlyLiveHelper.msi

    Error: (04/24/2014 01:20:01 PM) (Source: MsiInstaller) (User: NT AUTHORITY)
    Description: Product: Google Update Helper -- Error 1316. A network error occurred while attempting to read from the file: C:\Program Files (x86)\Google\Update\1.3.23.9\DealPlyLiveHelper.msi

    Error: (04/24/2014 00:20:02 PM) (Source: MsiInstaller) (User: NT AUTHORITY)
    Description: Product: Google Update Helper -- Error 1316. A network error occurred while attempting to read from the file: C:\Program Files (x86)\Google\Update\1.3.23.9\DealPlyLiveHelper.msi

    Error: (04/24/2014 00:06:48 PM) (Source: Steam Client Service) (User: )
    Description: Error: Failed to add firewall exception for C:\Program Files (x86)\Steam\steam.exe

    Error: (04/24/2014 11:20:00 AM) (Source: MsiInstaller) (User: NT AUTHORITY)
    Description: Product: Google Update Helper -- Error 1316. A network error occurred while attempting to read from the file: C:\Program Files (x86)\Google\Update\1.3.23.9\DealPlyLiveHelper.msi


    System errors:
    =============
    Error: (04/24/2014 04:06:59 PM) (Source: Service Control Manager) (User: )
    Description: The MBAMWebAccessControl service depends the following service: BFE. This service might not be installed.

    Error: (04/24/2014 03:49:01 PM) (Source: Service Control Manager) (User: )
    Description: The HomeGroup Provider service depends on the Function Discovery Resource Publication service which failed to start because of the following error:
    %%-2147024891

    Error: (04/24/2014 03:49:01 PM) (Source: Service Control Manager) (User: )
    Description: The Function Discovery Resource Publication service terminated with the following error:
    %%-2147024891

    Error: (04/24/2014 03:48:35 PM) (Source: Service Control Manager) (User: )
    Description: The BlueStacks Android Service service terminated with the following error:
    %%1064

    Error: (04/24/2014 03:48:30 PM) (Source: Service Control Manager) (User: )
    Description: The IPsec Policy Agent service depends the following service: BFE. This service might not be installed.

    Error: (04/24/2014 03:48:30 PM) (Source: Service Control Manager) (User: )
    Description: The IKE and AuthIP IPsec Keying Modules service depends the following service: BFE. This service might not be installed.

    Error: (04/24/2014 03:48:17 PM) (Source: Service Control Manager) (User: )
    Description: The Function Discovery Resource Publication service terminated with the following error:
    %%-2147024891

    Error: (04/24/2014 03:48:15 PM) (Source: Service Control Manager) (User: )
    Description: The Computer Browser service terminated with the following error:
    %%1060

    Error: (04/24/2014 03:48:13 PM) (Source: EventLog) (User: )
    Description: The previous system shutdown at 3:46:59 PM on ‎4/‎24/‎2014 was unexpected.

    Error: (04/24/2014 00:06:48 PM) (Source: Service Control Manager) (User: )
    Description: The Steam Client Service service failed to start due to the following error:
    %%1053


    Microsoft Office Sessions:
    =========================
    Error: (04/24/2014 04:20:08 PM) (Source: MsiInstaller)(User: NT AUTHORITY)
    Description: Product: Google Update Helper -- Error 1316. A network error occurred while attempting to read from the file: C:\Program Files (x86)\Google\Update\1.3.23.9\DealPlyLiveHelper.msi(NULL)(NULL)(NULL)(NULL)(NULL)

    Error: (04/24/2014 03:50:53 PM) (Source: CVHSVC)(User: )
    Description: (Stream product id=0x0066): Streaming Failed

    Error: (04/24/2014 03:50:17 PM) (Source: CVHSVC)(User: )
    Description: Too many failures while downloading ranges: 2

    Error: (04/24/2014 03:48:35 PM) (Source: BstHdAndroidSvc)(User: )
    Description: Service cannot be started. System.ApplicationException: Cannot start service. Service did not stop gracefully the last time it was run.
    at BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
    at System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)

    Error: (04/24/2014 03:20:01 PM) (Source: MsiInstaller)(User: NT AUTHORITY)
    Description: Product: Google Update Helper -- Error 1316. A network error occurred while attempting to read from the file: C:\Program Files (x86)\Google\Update\1.3.23.9\DealPlyLiveHelper.msi(NULL)(NULL)(NULL)(NULL)(NULL)

    Error: (04/24/2014 02:20:00 PM) (Source: MsiInstaller)(User: NT AUTHORITY)
    Description: Product: Google Update Helper -- Error 1316. A network error occurred while attempting to read from the file: C:\Program Files (x86)\Google\Update\1.3.23.9\DealPlyLiveHelper.msi(NULL)(NULL)(NULL)(NULL)(NULL)

    Error: (04/24/2014 01:20:01 PM) (Source: MsiInstaller)(User: NT AUTHORITY)
    Description: Product: Google Update Helper -- Error 1316. A network error occurred while attempting to read from the file: C:\Program Files (x86)\Google\Update\1.3.23.9\DealPlyLiveHelper.msi(NULL)(NULL)(NULL)(NULL)(NULL)

    Error: (04/24/2014 00:20:02 PM) (Source: MsiInstaller)(User: NT AUTHORITY)
    Description: Product: Google Update Helper -- Error 1316. A network error occurred while attempting to read from the file: C:\Program Files (x86)\Google\Update\1.3.23.9\DealPlyLiveHelper.msi(NULL)(NULL)(NULL)(NULL)(NULL)

    Error: (04/24/2014 00:06:48 PM) (Source: Steam Client Service)(User: )
    Description: Failed to add firewall exception for C:\Program Files (x86)\Steam\steam.exe

    Error: (04/24/2014 11:20:00 AM) (Source: MsiInstaller)(User: NT AUTHORITY)
    Description: Product: Google Update Helper -- Error 1316. A network error occurred while attempting to read from the file: C:\Program Files (x86)\Google\Update\1.3.23.9\DealPlyLiveHelper.msi(NULL)(NULL)(NULL)(NULL)(NULL)


    ==================== Memory info ===========================

    Percentage of memory in use: 77%
    Total physical RAM: 5616.6 MB
    Available physical RAM: 1290.88 MB
    Total Pagefile: 11231.38 MB
    Available Pagefile: 6793.48 MB
    Total Virtual: 8192 MB
    Available Virtual: 8191.82 MB

    ==================== Drives ================================

    Drive c: (OS) (Fixed) (Total:1851.27 GB) (Free:1285.87 GB) NTFS
    Drive d: (HP_RECOVERY) (Fixed) (Total:11.65 GB) (Free:1.43 GB) NTFS ==>[System with boot components (obtained from reading drive)]

    ==================== MBR & Partition Table ==================

    ========================================================
    Disk: 0 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: 0E9FE267)
    Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
    Partition 2: (Not Active) - (Size=-211236683776) - (Type=07 NTFS)
    Partition 3: (Not Active) - (Size=12 GB) - (Type=07 NTFS)

    ==================== End Of Log ============================
     
     
  12. Jim recardo

    Jim recardo TS Rookie Topic Starter Posts: 29

    Farbar Recovery Scan Tool (x64) Version: 27-04-2014
    Ran by Tyler at 2014-04-27 21:12:20
    Running from C:\Users\Tyler\Downloads
    Boot Mode: Safe Mode (with Networking)

    ================== Search: "rpcss.dll" ===================

    C:\Windows\winsxs\amd64_microsoft-windows-com-base-qfe-rpcss_31bf3856ad364e35_6.1.7601.17514_none_c7f0e16b547f887d\rpcss.dll
    [2010-11-20 22:24] - [2010-11-20 22:24] - 0512000 ____A (Microsoft Corporation) 5C627D1B1138676C0A7AB2C2C190D123

    C:\Windows\System32\rpcss.dll
    [2010-11-20 22:24] - [2010-11-20 22:24] - 0515072 ____N (Microsoft Corporation) 6A6DA0BB30BC658D308F7715DCBE062D

    ====== End Of Search ======
     
  13. Jim recardo

    Jim recardo TS Rookie Topic Starter Posts: 29

    Status: BAD. deleted my copy of windows so now running unlegit copy of windows.
     
  14. Jim recardo

    Jim recardo TS Rookie Topic Starter Posts: 29

    Im going to donate to ya soon!
     
  15. Jim recardo

    Jim recardo TS Rookie Topic Starter Posts: 29

    Still with me?
     
  16. Jim recardo

    Jim recardo TS Rookie Topic Starter Posts: 29

  17. Jim recardo

    Jim recardo TS Rookie Topic Starter Posts: 29

    Lemmie know when your back!
     
  18. Broni

    Broni Malware Annihilator Posts: 47,078   +258

    Sorry...I've been very busy...

    Download attached fixlist.txt file and save it to the Desktop.
    NOTE. It's important that both files, FRST and fixlist.txt are in the same location or the fix will not work.

    NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system

    Run FRST(FRST64) and press the Fix button just once and wait.
    The tool will make a log on the Desktop (Fixlog.txt). Please post it to your reply.
     

    Attached Files:

  19. Jim recardo

    Jim recardo TS Rookie Topic Starter Posts: 29

    Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 24-04-2014
    Ran by Tyler at 2014-04-29 20:08:49 Run:1
    Running from C:\Users\Tyler\Desktop
    Boot Mode: Safe Mode (with Networking)
    ==============================================

    Content of fixlist:
    *****************
    HKLM\...D6A79037F57F\InprocServer32: [Default-fastprox] fastprox.dll ATTENTION! ====> ZeroAccess?
    HKU\S-1-5-21-2418007413-1503170158-2542834103-1001\...409d6c4515e9\InprocServer32: [Default-shell32] C:\$Recycle.Bin\S-1-5-21-2418007413-1503170158-2542834103-1001\$491bf2fdbe13adfc8b32742857159ae4\n. ATTENTION! ====> ZeroAccess?
    SearchScopes: HKCU - {D90A9632-F4CB-4CAC-9964-B53156F01449} URL = http://search.conduit.com/ResultsEx...4&ctid=CT3311875&CUI=UN35094517031218317&UM=2
    Toolbar: HKLM - No Name - !{95B7759C-8C7F-4BF1-B163-73684A933233} - No File
    Toolbar: HKLM-x32 - No Name - !{95B7759C-8C7F-4BF1-B163-73684A933233} - No File
    Toolbar: HKCU - No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
    Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - No File
    Handler-x32: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - No File
    FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\system32\Adobe\Director\np32dsw_1210150.dll No File
    CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
    S2 BstHdAndroidSvc; "C:\Program Files (x86)\BlueStacks\HD-Service.exe" BstHdAndroidSvc Android [X]
    S2 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [X]
    S2 BstHdUpdaterSvc; C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe [X]
    S2 vToolbarUpdater17.2.0; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.2.0\ToolbarUpdater.exe [X]
    S2 BstHdDrv; \??\C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [X]
    S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
    2014-04-25 20:36 - 2014-04-25 20:36 - 00000552 _____ () C:\Windows\system32\spsys.log
    2014-04-25 20:33 - 2014-04-25 20:33 - 00000064 _____ () C:\Windows\system32\ahxv.iay
    2014-04-25 19:20 - 2014-04-25 22:58 - 00000080 _____ () C:\Windows\system32\qutwe.enh
    2014-04-24 15:48 - 2014-04-25 16:29 - 00000109 _____ () C:\Windows\system32\ftsjl.hkb
    2014-04-24 15:32 - 2014-04-24 15:32 - 00301959 ____S () C:\Windows\system32\wauwbt.wgd
    C:\$Recycle.Bin\S-1-5-21-2418007413-1503170158-2542834103-1001\$491bf2fdbe13adfc8b32742857159ae4
    C:\$Recycle.Bin\S-1-5-18\$491bf2fdbe13adfc8b32742857159ae4
    C:\Users\Tyler\arvast_cl_arvast_LIVE.dat
    C:\Users\Tyler\cache.dat
    C:\Users\Tyler\citellum_cl_citellum_Core.dat
    C:\Users\Tyler\dementhium_runescape_preferences.dat
    C:\Users\Tyler\dementhium_runescape_preferences2.dat
    C:\Users\Tyler\dementhium__preferences3.dat
    C:\Users\Tyler\DustScape_cl_DustScape_LIVE.dat
    C:\Users\Tyler\DustScape_cl_DustScape_LIVE1.dat
    C:\Users\Tyler\faem_runescape_preferences.dat
    C:\Users\Tyler\faem_runescape_preferences2.dat
    C:\Users\Tyler\hectate_cl_hectate_LIVE.dat
    C:\Users\Tyler\jagex_cl_loginapplet_LIVE.dat
    C:\Users\Tyler\jagex_cl_oldschool_LIVE.dat
    C:\Users\Tyler\jagex_cl_runescape_LIVE.dat
    C:\Users\Tyler\jagex_cl_runescape_LIVE1.dat
    C:\Users\Tyler\jagex_cl_runescape_LIVE2.dat
    C:\Users\Tyler\jagex_cl_runescape_LIVE_BETA.dat
    C:\Users\Tyler\jagex_Runescape_preferences.dat
    C:\Users\Tyler\jagex_runescape_preferences2.dat
    C:\Users\Tyler\jagex__preferences3.dat
    C:\Users\Tyler\matrixii_cl_matrix_LIVE.dat
    C:\Users\Tyler\matrix_cl_matrix_LIVE.dat
    C:\Users\Tyler\matrix_cl_ProjectPk's_LIVE.dat
    C:\Users\Tyler\noregret_cl_obscurescape_LIVE.dat
    C:\Users\Tyler\novatier_cl_novatier_LIVE.dat
    C:\Users\Tyler\novatier_cl_novatier_LIVE1.dat
    C:\Users\Tyler\NT742evolution_cache.dat
    C:\Users\Tyler\PlayWorldF2P_cl_PlayWorld_Core.dat
    C:\Users\Tyler\random.dat
    C:\Users\Tyler\rb_cl_runerebellion_LIVE.dat
    C:\Users\Tyler\runelovepk_runescape_preferences.dat
    C:\Users\Tyler\runelovepk_runescape_preferences2.dat
    C:\Users\Tyler\runez_cl_runez_LIVE.dat
    C:\Users\Tyler\rune_evo_evolution_cache.dat
    C:\Users\Tyler\sevador_cl_sevador_LIVE.dat
    C:\Users\Tyler\siriusxcacheSiriusX_LIVE.dat
    C:\Users\Tyler\systemid.dat
    C:\Users\Tyler\varcus_cl_varcus_LIVE.dat
    C:\Users\Tyler\AppData\Local\Temp\13-4_win7_win8_64_dd_ccc_whql.exe
    C:\Users\Tyler\AppData\Local\Temp\BackupSetup.exe
    C:\Users\Tyler\AppData\Local\Temp\bdfilters.dll
    C:\Users\Tyler\AppData\Local\Temp\BRSVC_735530190_hlp.exe
    C:\Users\Tyler\AppData\Local\Temp\FastFreeConverterUpdt_v5.5.exe
    C:\Users\Tyler\AppData\Local\Temp\helper.exe
    C:\Users\Tyler\AppData\Local\Temp\hpmon.exe
    C:\Users\Tyler\AppData\Local\Temp\jre-7u13-windows-i586-iftw.exe
    C:\Users\Tyler\AppData\Local\Temp\jre-7u17-windows-i586-iftw.exe
    C:\Users\Tyler\AppData\Local\Temp\jre-7u21-windows-i586-iftw.exe
    C:\Users\Tyler\AppData\Local\Temp\jre-7u25-windows-i586-iftw.exe
    C:\Users\Tyler\AppData\Local\Temp\oi_{9D82B000-28E5-4080-B521-C9C46C6413EC}.exe
    C:\Users\Tyler\AppData\Local\Temp\oi_{AD4A7C81-7A9D-4276-9E8D-9C73AC39C221}.exe
    C:\Users\Tyler\AppData\Local\Temp\PreferencesJson.exe
    C:\Users\Tyler\AppData\Local\Temp\Quarantine.exe
    C:\Users\Tyler\AppData\Local\Temp\SHSetup.exe
    C:\Users\Tyler\AppData\Local\Temp\SkypeSetup.exe
    C:\Users\Tyler\AppData\Local\Temp\sonarinst.exe
    C:\Users\Tyler\AppData\Local\Temp\sp64126.exe
    C:\Users\Tyler\AppData\Local\Temp\sqlite-3.7.2-sqlitejdbc.dll
    C:\Users\Tyler\AppData\Local\Temp\sqlite3.exe
    C:\Users\Tyler\AppData\Local\Temp\SRLDetectionLibrary4001278945192002940.dll
    C:\Users\Tyler\AppData\Local\Temp\swt-win32-3740.dll
    C:\Users\Tyler\AppData\Local\Temp\uninst1.exe
    C:\Users\Tyler\AppData\Local\Temp\UninstallHPSA.exe
    C:\Users\Tyler\AppData\Local\Temp\WSSetup.exe
    Task: {D0709A89-5091-4A54-BC77-33CF705D607E} - System32\Tasks\Updater26278.exe => C:\Users\Tyler\AppData\Local\Updater26278\Updater26278.exe <==== ATTENTION
    Task: {F9D55B7F-1641-47E0-BA22-20AD103CCD71} - System32\Tasks\Dealply => C:\Users\Tyler\AppData\Roaming\Dealply\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
    Task: C:\Windows\Tasks\Dealply.job => C:\Users\Tyler\AppData\Roaming\Dealply\UPDATE~1\UPDATE~1.EXE <==== ATTENTION
    AlternateDataStreams: C:\ProgramData\Temp:373E1720
    Replace: C:\Windows\winsxs\amd64_microsoft-windows-com-base-qfe-rpcss_31bf3856ad364e35_6.1.7601.17514_none_c7f0e16b547f887d\rpcss.dll C:\Windows\System32\rpcss.dll


    *****************

    HKLM\Software\Classes\CLSID\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InprocServer32\\Default => Value was restored successfully.
    HKU\S-1-5-21-2418007413-1503170158-2542834103-1001\Software\Classes\CLSID\{fbeb8a05-beee-4442-804e-409d6c4515e9} => Key deleted successfully.
    HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{D90A9632-F4CB-4CAC-9964-B53156F01449} => Key deleted successfully.
    HKCR\CLSID\{D90A9632-F4CB-4CAC-9964-B53156F01449} => Key deleted successfully.
    HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\!{95B7759C-8C7F-4BF1-B163-73684A933233} => Value deleted successfully.
    HKCR\CLSID\!{95B7759C-8C7F-4BF1-B163-73684A933233} => Key deleted successfully.
    HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\!{95B7759C-8C7F-4BF1-B163-73684A933233} => Value deleted successfully.
    HKCR\Wow6432Node\CLSID\!{95B7759C-8C7F-4BF1-B163-73684A933233} => Key deleted successfully.
    HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} => Value deleted successfully.
    HKCR\CLSID\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} => Key deleted successfully.
    HKCR\PROTOCOLS\Handler\linkscanner => Key deleted successfully.
    HKCR\CLSID\{F274614C-63F8-47D5-A4D1-FBDDE494F8D1} => Key deleted successfully.
    HKCR\Wow6432Node\PROTOCOLS\Handler\linkscanner => Key deleted successfully.
    HKCR\Wow6432Node\CLSID\{F274614C-63F8-47D5-A4D1-FBDDE494F8D1} => Key deleted successfully.
    HKLM\Software\Wow6432Node\MozillaPlugins\@adobe.com/ShockwavePlayer => Key deleted successfully.
    C:\Windows\system32\Adobe\Director\np32dsw_1210150.dll not found.
    HKLM\SOFTWARE\Policies\Google => Key deleted successfully.
    BstHdAndroidSvc => Service deleted successfully.
    BstHdLogRotatorSvc => Service deleted successfully.
    BstHdUpdaterSvc => Service deleted successfully.
    vToolbarUpdater17.2.0 => Service deleted successfully.
    BstHdDrv => Service deleted successfully.
    EagleX64 => Service deleted successfully.
    C:\Windows\system32\spsys.log => Moved successfully.
    C:\Windows\system32\ahxv.iay => Moved successfully.
    C:\Windows\system32\qutwe.enh => Moved successfully.
    Could not move "C:\Windows\system32\ftsjl.hkb" => Scheduled to move on reboot.
    Could not move "C:\Windows\system32\wauwbt.wgd" => Scheduled to move on reboot.
    "C:\$Recycle.Bin\S-1-5-21-2418007413-1503170158-2542834103-1001\$491bf2fdbe13adfc8b32742857159ae4" => File/Directory not found.
    "C:\$Recycle.Bin\S-1-5-18\$491bf2fdbe13adfc8b32742857159ae4" => File/Directory not found.
    C:\Users\Tyler\arvast_cl_arvast_LIVE.dat => Moved successfully.
    C:\Users\Tyler\cache.dat => Moved successfully.
    C:\Users\Tyler\citellum_cl_citellum_Core.dat => Moved successfully.
    C:\Users\Tyler\dementhium_runescape_preferences.dat => Moved successfully.
    C:\Users\Tyler\dementhium_runescape_preferences2.dat => Moved successfully.
    C:\Users\Tyler\dementhium__preferences3.dat => Moved successfully.
    C:\Users\Tyler\DustScape_cl_DustScape_LIVE.dat => Moved successfully.
    C:\Users\Tyler\DustScape_cl_DustScape_LIVE1.dat => Moved successfully.
    C:\Users\Tyler\faem_runescape_preferences.dat => Moved successfully.
    C:\Users\Tyler\faem_runescape_preferences2.dat => Moved successfully.
    C:\Users\Tyler\hectate_cl_hectate_LIVE.dat => Moved successfully.
    C:\Users\Tyler\jagex_cl_loginapplet_LIVE.dat => Moved successfully.
    C:\Users\Tyler\jagex_cl_oldschool_LIVE.dat => Moved successfully.
    C:\Users\Tyler\jagex_cl_runescape_LIVE.dat => Moved successfully.
    C:\Users\Tyler\jagex_cl_runescape_LIVE1.dat => Moved successfully.
    C:\Users\Tyler\jagex_cl_runescape_LIVE2.dat => Moved successfully.
    C:\Users\Tyler\jagex_cl_runescape_LIVE_BETA.dat => Moved successfully.
    C:\Users\Tyler\jagex_Runescape_preferences.dat => Moved successfully.
    C:\Users\Tyler\jagex_runescape_preferences2.dat => Moved successfully.
    C:\Users\Tyler\jagex__preferences3.dat => Moved successfully.
    C:\Users\Tyler\matrixii_cl_matrix_LIVE.dat => Moved successfully.
    C:\Users\Tyler\matrix_cl_matrix_LIVE.dat => Moved successfully.
    C:\Users\Tyler\matrix_cl_ProjectPk's_LIVE.dat => Moved successfully.
    C:\Users\Tyler\noregret_cl_obscurescape_LIVE.dat => Moved successfully.
    C:\Users\Tyler\novatier_cl_novatier_LIVE.dat => Moved successfully.
    C:\Users\Tyler\novatier_cl_novatier_LIVE1.dat => Moved successfully.
    C:\Users\Tyler\NT742evolution_cache.dat => Moved successfully.
    C:\Users\Tyler\PlayWorldF2P_cl_PlayWorld_Core.dat => Moved successfully.
    C:\Users\Tyler\random.dat => Moved successfully.
    C:\Users\Tyler\rb_cl_runerebellion_LIVE.dat => Moved successfully.
    C:\Users\Tyler\runelovepk_runescape_preferences.dat => Moved successfully.
    C:\Users\Tyler\runelovepk_runescape_preferences2.dat => Moved successfully.
    C:\Users\Tyler\runez_cl_runez_LIVE.dat => Moved successfully.
    C:\Users\Tyler\rune_evo_evolution_cache.dat => Moved successfully.
    C:\Users\Tyler\sevador_cl_sevador_LIVE.dat => Moved successfully.
    C:\Users\Tyler\siriusxcacheSiriusX_LIVE.dat => Moved successfully.
    C:\Users\Tyler\systemid.dat => Moved successfully.
    C:\Users\Tyler\varcus_cl_varcus_LIVE.dat => Moved successfully.
    C:\Users\Tyler\AppData\Local\Temp\13-4_win7_win8_64_dd_ccc_whql.exe => Moved successfully.
    C:\Users\Tyler\AppData\Local\Temp\BackupSetup.exe => Moved successfully.
    C:\Users\Tyler\AppData\Local\Temp\bdfilters.dll => Moved successfully.
    C:\Users\Tyler\AppData\Local\Temp\BRSVC_735530190_hlp.exe => Moved successfully.
    C:\Users\Tyler\AppData\Local\Temp\FastFreeConverterUpdt_v5.5.exe => Moved successfully.
    C:\Users\Tyler\AppData\Local\Temp\helper.exe => Moved successfully.
    C:\Users\Tyler\AppData\Local\Temp\hpmon.exe => Moved successfully.
    C:\Users\Tyler\AppData\Local\Temp\jre-7u13-windows-i586-iftw.exe => Moved successfully.
    C:\Users\Tyler\AppData\Local\Temp\jre-7u17-windows-i586-iftw.exe => Moved successfully.
    C:\Users\Tyler\AppData\Local\Temp\jre-7u21-windows-i586-iftw.exe => Moved successfully.
    C:\Users\Tyler\AppData\Local\Temp\jre-7u25-windows-i586-iftw.exe => Moved successfully.
    C:\Users\Tyler\AppData\Local\Temp\oi_{9D82B000-28E5-4080-B521-C9C46C6413EC}.exe => Moved successfully.
    C:\Users\Tyler\AppData\Local\Temp\oi_{AD4A7C81-7A9D-4276-9E8D-9C73AC39C221}.exe => Moved successfully.
    C:\Users\Tyler\AppData\Local\Temp\PreferencesJson.exe => Moved successfully.
    C:\Users\Tyler\AppData\Local\Temp\Quarantine.exe => Moved successfully.
    C:\Users\Tyler\AppData\Local\Temp\SHSetup.exe => Moved successfully.
    C:\Users\Tyler\AppData\Local\Temp\SkypeSetup.exe => Moved successfully.
    C:\Users\Tyler\AppData\Local\Temp\sonarinst.exe => Moved successfully.
    C:\Users\Tyler\AppData\Local\Temp\sp64126.exe => Moved successfully.
    C:\Users\Tyler\AppData\Local\Temp\sqlite-3.7.2-sqlitejdbc.dll => Moved successfully.
    C:\Users\Tyler\AppData\Local\Temp\sqlite3.exe => Moved successfully.
    C:\Users\Tyler\AppData\Local\Temp\SRLDetectionLibrary4001278945192002940.dll => Moved successfully.
    C:\Users\Tyler\AppData\Local\Temp\swt-win32-3740.dll => Moved successfully.
    C:\Users\Tyler\AppData\Local\Temp\uninst1.exe => Moved successfully.
    C:\Users\Tyler\AppData\Local\Temp\UninstallHPSA.exe => Moved successfully.
    C:\Users\Tyler\AppData\Local\Temp\WSSetup.exe => Moved successfully.
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D0709A89-5091-4A54-BC77-33CF705D607E} => Key deleted successfully.
    C:\Windows\System32\Tasks\Updater26278.exe not found.
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Updater26278.exe => Key deleted successfully.
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{F9D55B7F-1641-47E0-BA22-20AD103CCD71} => Key deleted successfully.
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F9D55B7F-1641-47E0-BA22-20AD103CCD71} => Key deleted successfully.
    C:\Windows\System32\Tasks\Dealply not found.
    HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Dealply => Key deleted successfully.
    C:\Windows\Tasks\Dealply.job not found.
    C:\ProgramData\Temp => ":373E1720" ADS removed successfully.
    C:\Windows\System32\rpcss.dll => Moved successfully.
    C:\Windows\winsxs\amd64_microsoft-windows-com-base-qfe-rpcss_31bf3856ad364e35_6.1.7601.17514_none_c7f0e16b547f887d\rpcss.dll copied successfully to C:\Windows\System32\rpcss.dll

    => Result of Scheduled Files to move (Boot Mode: Normal) (Date&Time: 2014-04-29 20:10:48)<=

    C:\Windows\system32\ftsjl.hkb => Is moved successfully.
    C:\Windows\system32\wauwbt.wgd => Is moved successfully.

    ==== End of Fixlog ====
     
  20. Jim recardo

    Jim recardo TS Rookie Topic Starter Posts: 29

    Do you know how many more steps untill im clean? Tyvm!
     
  21. Broni

    Broni Malware Annihilator Posts: 47,078   +258

    You have to be patient. You had not Zekos only but ZeroAccess rootkit as well.

    I'll be back in an hour or so...

    Re-run FRST.
    Make sure you checkmark Addition.txt box so FRST will produce two logs again.
    Post both of them.

    Also let me know how computer is doing after the above fix.
     
  22. Jim recardo

    Jim recardo TS Rookie Topic Starter Posts: 29

    Yeah I saw :/ and I know :D and alrighty!
     
  23. Jim recardo

    Jim recardo TS Rookie Topic Starter Posts: 29

    Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 24-04-2014
    Ran by Tyler (administrator) on BOB on 29-04-2014 20:36:13
    Running from C:\Users\Tyler\Desktop
    Windows 7 Home Premium Service Pack 1 (X64) OS Language: English(US)
    Internet Explorer Version 11
    Boot Mode: Normal

    The only official download link for FRST:
    Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
    Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
    Download link from any site other than Bleeping Computer is unpermitted or outdated.
    See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

    ==================== Processes (Whitelisted) =================

    (AMD) C:\Windows\system32\atiesrxx.exe
    (AMD) C:\Windows\system32\atieclxx.exe
    (Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
    (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe
    (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe
    (ClanServers Hosting LLC) C:\Program Files (x86)\GameTracker\GSInGameService.exe
    (Hi-Rez Studios) C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
    () C:\Windows\SysWOW64\PnkBstrA.exe
    (Greatis Software) C:\Program Files (x86)\UnHackMe\hackmon.exe
    (Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
    (Splashtop Inc.) C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRService.exe
    (Splashtop Inc.) C:\Program Files (x86)\Splashtop\Splashtop Software Updater\SSUService.exe
    (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
    (Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
    (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgnsa.exe
    (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgemca.exe
    (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
    (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgrsa.exe
    (Splashtop Inc.) C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRServer.exe
    (Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
    (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgcsrva.exe
    (Splashtop Inc.) C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRFeature.exe
    (Logitech Inc.) C:\Program Files\Logitech\Gaming Software\LWEMon.exe
    (Microsoft Corporation) C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe
    () C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
    (ClanServers Hosting LLC) C:\Program Files (x86)\GameTracker\GTLite.exe
    (Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
    (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2014\avgui.exe
    (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
    (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
    (ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Alexander Roshal) C:\Program Files (x86)\WinRAR\WinRAR.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (NirSoft) C:\Users\Tyler\AppData\Local\Temp\Rar$EXa0.299\ProduKey.exe
    (Microsoft Corporation) C:\Windows\System32\WindowsAnytimeUpgradeui.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


    ==================== Registry (Whitelisted) ==================

    HKLM\...\Run: [Start WingMan Profiler] => C:\Program Files\Logitech\Gaming Software\LWEMon.exe [190536 2010-06-14] (Logitech Inc.)
    HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\System32\LogiLDA.dll [1832760 2012-09-20] (Logitech, Inc.)
    HKLM\...\Run: [XboxStat] => C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe [825184 2009-09-30] (Microsoft Corporation)
    HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\AVG2014\avgui.exe [5180432 2014-04-06] (AVG Technologies CZ, s.r.o.)
    HKLM-x32\...\Run: [Arc] => C:\Program Files (x86)\Perfect World Entertainment\Arc\ArcLauncher.exe [129360 2014-04-18] (Perfect World Entertainment)
    HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
    HKLM-x32\...\Run: [BlueStacks Agent] => C:\Program Files (x86)\BlueStacks\HD-Agent.exe
    HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766208 2013-12-06] (Advanced Micro Devices, Inc.)
    HKLM\...\RunOnce: [NCPluginUpdater] - "C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe" Update [21720 2014-04-08] (Hewlett-Packard)
    HKLM\...\Policies\Explorer: [NoControlPanel] 0
    HKU\S-1-5-21-2418007413-1503170158-2542834103-1001\...\Run: [Pando Media Booster] => C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe [3093624 2013-03-07] ()
    HKU\S-1-5-21-2418007413-1503170158-2542834103-1001\...\Run: [GameTracker] => C:\Program Files (x86)\GameTracker\GTLite.exe [4019992 2013-11-18] (ClanServers Hosting LLC)
    HKU\S-1-5-21-2418007413-1503170158-2542834103-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [20922016 2014-02-10] (Skype Technologies S.A.)

    ==================== Internet (Whitelisted) ====================

    HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
    HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPDSK/1
    HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/
    HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x675DCD856149CF01
    HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-US
    StartMenuInternet: IEXPLORE.EXE - iexplore.exe
    SearchScopes: HKLM - DefaultScope value is missing.
    SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    SearchScopes: HKLM - {CBEB412B-2CEC-4768-AE16-CAB01B7B3AA0} URL = http://www.amazon.com/s/ref=azs_osd...ode=qs&index=aps&field-keywords={searchTerms}
    SearchScopes: HKLM - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = http://rover.ebay.com/rover/1/711-30572-11896-1/4?mpre=http://shop.ebay.com/?_nkw={searchTerms}
    SearchScopes: HKLM-x32 - {CBEB412B-2CEC-4768-AE16-CAB01B7B3AA0} URL = http://www.amazon.com/s/ref=azs_osd...ode=qs&index=aps&field-keywords={searchTerms}
    SearchScopes: HKLM-x32 - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = http://rover.ebay.com/rover/1/711-30572-11896-1/4?mpre=http://shop.ebay.com/?_nkw={searchTerms}
    SearchScopes: HKCU - AAB99EDB2D994BAE83DCD24F75CDC133 URL = http://proxy.allsearchapp.com/s.php?q={searchTerms}
    SearchScopes: HKCU - {9884A007-7EB5-4565-B4C2-F0C57AD6E22F} URL = http://websearch.ask.com/redirect?c...pn_sauid=99F05861-74A0-4BD8-9AC6-DD86D85C7891
    SearchScopes: HKCU - {CBEB412B-2CEC-4768-AE16-CAB01B7B3AA0} URL = http://www.amazon.com/s/ref=azs_osd...ode=qs&index=aps&field-keywords={searchTerms}
    SearchScopes: HKCU - {D944BB61-2E34-4DBF-A683-47E505C587DC} URL = http://rover.ebay.com/rover/1/711-30572-11896-1/4?mpre=http://shop.ebay.com/?_nkw={searchTerms}
    BHO: SteadyVideoBHO Class - {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} - C:\Program Files\AMD\SteadyVideo\SteadyVideo.dll (Advanced Micro Devices)
    BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
    BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
    BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll (Hewlett-Packard)
    BHO-x32: SteadyVideoBHO Class - {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} - C:\Program Files (x86)\amd\SteadyVideo\SteadyVideo.dll (Advanced Micro Devices)
    BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
    BHO-x32: ArcPluginIEBHO Class - {84BFE29A-8139-402a-B2A4-C23AE9E1A75F} - C:\Program Files (x86)\Perfect World Entertainment\Arc\Plugins\ArcPluginIE.dll (Perfect World Entertainment Inc)
    BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
    BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
    BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
    BHO-x32: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
    DPF: HKLM-x32 {233C1507-6A77-46A4-9443-F871F945D258} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
    Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
    Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
    Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
    Filter-x32: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
    Filter-x32: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll (Advanced Micro Devices)
    Tcpip\Parameters: [DhcpNameServer] 10.0.1.1

    FireFox:
    ========
    FF ProfilePath: C:\Users\Tyler\AppData\Roaming\Mozilla\Firefox\Profiles\6ya8ibqn.default
    FF SearchEngineOrder.3: Bing
    FF SelectedSearchEngine: Google
    FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_77.dll ()
    FF Plugin: @microsoft.com/GENUINE - disabled No File
    FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
    FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
    FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_77.dll ()
    FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
    FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 - C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
    FF Plugin-x32: @esn/esnlaunch,version=2.1.3 - C:\Program Files (x86)\Battlelog Web Plugins\2.1.3\npesnlaunch.dll (ESN Social Software AB)
    FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
    FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
    FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
    FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
    FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
    FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
    FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
    FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
    FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
    FF Plugin-x32: @perfectworld.com/npArcPlayNowPlugin - C:\Program Files (x86)\Perfect World Entertainment\Arc\Plugins\npArcPluginFF.dll (Perfect World Entertainment Inc)
    FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
    FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
    FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 - C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()
    FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\Tyler\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
    FF Plugin HKCU: pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
    FF Plugin HKCU: thehappycloud.com/HappyCloudPlugin - C:\ProgramData\HappyCloud\Application\npHappyCloudPlugin.dll (The Happy Cloud)
    FF SearchPlugin: C:\Users\Tyler\AppData\Roaming\Mozilla\Firefox\Profiles\6ya8ibqn.default\searchplugins\all search.xml
    FF Extension: No Name - C:\Users\Tyler\AppData\Roaming\Mozilla\Firefox\Profiles\6ya8ibqn.default\Extensions\staged [2014-01-30]
    FF Extension: InfoSeeker - C:\Users\Tyler\AppData\Roaming\Mozilla\Firefox\Profiles\6ya8ibqn.default\Extensions\support@infoseekerapp.com [2013-07-07]
    FF Extension: topdeAl - C:\Users\Tyler\AppData\Roaming\Mozilla\Firefox\Profiles\6ya8ibqn.default\Extensions\yyeye@bfxse.edu [2014-01-24]
    FF Extension: Youtube High Definition - C:\Users\Tyler\AppData\Roaming\Mozilla\Firefox\Profiles\6ya8ibqn.default\Extensions\{7b1bf0b6-a1b9-42b0-b75d-252036438bdc} [2013-05-10]
    FF Extension: Personas Plus - C:\Users\Tyler\AppData\Roaming\Mozilla\Firefox\Profiles\6ya8ibqn.default\Extensions\personas@christopher.beard.xpi [2011-12-25]
    FF Extension: ReloadEvery - C:\Users\Tyler\AppData\Roaming\Mozilla\Firefox\Profiles\6ya8ibqn.default\Extensions\{888d99e7-e8b5-46a3-851e-1ec45da1e644}.xpi [2013-05-10]
    FF StartMenuInternet: FIREFOX.EXE - firefox.exe

    Chrome:
    =======
    CHR HomePage:
    CHR Extension: (Google Drive) - C:\Users\Tyler\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-03-26]
    CHR Extension: (YouTube) - C:\Users\Tyler\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-03-03]
    CHR Extension: (Google Search) - C:\Users\Tyler\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-03-03]
    CHR Extension: (AdBlock) - C:\Users\Tyler\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-03-26]
    CHR Extension: (Google Wallet) - C:\Users\Tyler\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-22]
    CHR Extension: (Gmail) - C:\Users\Tyler\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-03-03]
    CHR HKCU\...\Chrome\Extension: [blklojfklgnogjaijkibhfjepakiocng] - C:\Users\Tyler\AppData\Local\CRE\blklojfklgnogjaijkibhfjepakiocng.crx [2012-03-03]
    CHR HKCU\...\Chrome\Extension: [jfjbflachhjbdbhfgknpgcgpchaikkok] - C:\Users\Tyler\AppData\Local\CRE\jfjbflachhjbdbhfgknpgcgpchaikkok.crx [2012-03-03]
    CHR HKLM-x32\...\Chrome\Extension: [blklojfklgnogjaijkibhfjepakiocng] - C:\Users\Tyler\AppData\Local\CRE\blklojfklgnogjaijkibhfjepakiocng.crx [2012-03-03]
    CHR HKLM-x32\...\Chrome\Extension: [jfjbflachhjbdbhfgknpgcgpchaikkok] - C:\Users\Tyler\AppData\Local\CRE\jfjbflachhjbdbhfgknpgcgpchaikkok.crx [2012-03-03]

    ==================== Services (Whitelisted) =================

    R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [344064 2013-12-06] (Advanced Micro Devices, Inc.)
    S3 ArcService; C:\Program Files (x86)\Perfect World Entertainment\Arc\ArcService.exe [88400 2014-04-18] (Perfect World Entertainment Inc)
    R2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe [3645456 2014-04-18] (AVG Technologies CZ, s.r.o.)
    R2 avgwd; C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe [291912 2014-03-27] (AVG Technologies CZ, s.r.o.)
    S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [49152 2013-02-07] ()
    S3 OverwolfUpdaterService; C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [18360 2013-06-11] (Overwolf Ltd)
    S4 pdfcDispatcher; C:\Program Files (x86)\PDF Complete\pdfsvc.exe [1128952 2011-05-05] (PDF Complete Inc)
    R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2013-12-10] ()
    S2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe [2148664 2013-10-31] (AVG)
    R2 UxTuneUp; C:\Windows\System32\uxtuneup.dll [36664 2013-10-31] (AVG)

    ==================== Drivers (Whitelisted) ====================

    R2 AODDriver4.2.0; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [59648 2013-09-19] (Advanced Micro Devices)
    U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-13] (Microsoft Corporation)
    R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [153368 2014-03-27] (AVG Technologies CZ, s.r.o.)
    R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [237336 2014-04-18] (AVG Technologies CZ, s.r.o.)
    R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [192792 2014-03-27] (AVG Technologies CZ, s.r.o.)
    R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [236824 2014-03-27] (AVG Technologies CZ, s.r.o.)
    R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [324376 2014-03-27] (AVG Technologies CZ, s.r.o.)
    R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [130840 2014-03-31] (AVG Technologies CZ, s.r.o.)
    R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [32536 2014-03-27] (AVG Technologies CZ, s.r.o.)
    R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [274200 2014-03-31] (AVG Technologies CZ, s.r.o.)
    R1 avgtp; C:\Windows\system32\drivers\avgtpx64.sys [46368 2013-11-11] (AVG Technologies)
    R0 MBAMSwissArmy; C:\Windows\System32\drivers\MBAMSwissArmy.sys [119000 2014-04-29] (Malwarebytes Corporation)
    U0 Partizan; C:\Windows\SysWOW64\drivers\Partizan.sys [35816 2014-04-24] (Greatis Software)
    R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver64.sys [11880 2012-07-04] (TuneUp Software)

    ==================== NetSvcs (Whitelisted) ===================


    ==================== One Month Created Files and Folders ========

    2014-04-29 20:28 - 2014-04-29 20:28 - 00071621 _____ () C:\Users\Tyler\Downloads\produkey-x64.zip
    2014-04-29 20:07 - 2014-04-29 20:07 - 00006024 _____ () C:\Users\Tyler\Downloads\fixlist (1).txt
    2014-04-29 19:31 - 2014-04-29 19:31 - 00003102 _____ () C:\Users\Tyler\Desktop\RKreport[0]_S_04292014_193142.txt
    2014-04-29 19:22 - 2014-04-29 19:22 - 05197560 ____R (Swearware) C:\Users\Tyler\Desktop\ComboFix (1).exe
    2014-04-29 19:22 - 2014-04-29 19:22 - 05197560 _____ (Swearware) C:\Users\Tyler\Downloads\ComboFix (1).exe
    2014-04-29 19:20 - 2014-04-29 19:20 - 00003073 _____ () C:\Users\Tyler\Desktop\RKreport[0]_D_04292014_192025.txt
    2014-04-29 19:19 - 2014-04-29 19:19 - 00003033 _____ () C:\Users\Tyler\Desktop\RKreport[0]_S_04292014_191907.txt
    2014-04-29 19:01 - 2014-04-29 19:01 - 03250128 _____ () C:\Users\Tyler\Downloads\advisorinstaller.exe
    2014-04-29 18:54 - 2014-04-29 18:53 - 00002701 _____ () C:\Users\Tyler\Desktop\legitcheck (2).hta
    2014-04-29 18:53 - 2014-04-29 18:53 - 00002701 _____ () C:\Users\Tyler\Downloads\legitcheck (2).hta
    2014-04-29 18:53 - 2014-04-29 18:53 - 00002701 _____ () C:\Users\Tyler\Downloads\legitcheck (1).hta
    2014-04-29 18:39 - 2014-04-29 19:15 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
    2014-04-29 18:38 - 2014-04-29 18:38 - 00000000 ____D () C:\Users\Tyler\Desktop\New folder
    2014-04-29 18:37 - 2014-04-29 18:38 - 00000000 ____D () C:\Users\Tyler\Desktop\mbar
    2014-04-29 18:35 - 2014-04-29 18:36 - 12589848 _____ (Malwarebytes Corp.) C:\Users\Tyler\Downloads\mbar-1.07.0.1009.exe
    2014-04-29 17:59 - 2014-04-29 19:24 - 00000000 ___SD () C:\32788R22FWJFW
    2014-04-29 17:59 - 2014-04-29 17:59 - 00002930 _____ () C:\Users\Tyler\Desktop\RKreport[0]_S_04292014_175928.txt
    2014-04-29 17:59 - 2014-04-29 17:59 - 00000000 ____D () C:\Windows\erdnt
    2014-04-29 17:51 - 2014-04-29 17:51 - 00002899 _____ () C:\Users\Tyler\Desktop\RKreport[0]_D_04292014_175138.txt
    2014-04-29 17:50 - 2014-04-29 17:50 - 00002861 _____ () C:\Users\Tyler\Desktop\RKreport[0]_S_04292014_175042.txt
    2014-04-29 17:48 - 2014-04-29 17:48 - 00003158 _____ () C:\Users\Tyler\Desktop\RKreport[0]_D_04292014_174852.txt
    2014-04-29 17:47 - 2014-04-29 17:47 - 00003119 _____ () C:\Users\Tyler\Desktop\RKreport[0]_S_04292014_174759.txt
    2014-04-29 17:46 - 2014-04-29 17:46 - 05197560 _____ (Swearware) C:\Users\Tyler\Downloads\ComboFix.exe
    2014-04-29 17:44 - 2014-04-29 17:44 - 03972608 _____ () C:\Users\Tyler\Downloads\RogueKiller (3).exe
    2014-04-29 17:39 - 2014-04-29 17:39 - 00003591 _____ () C:\Users\Tyler\Desktop\RKreport[0]_D_04292014_173958.txt
    2014-04-29 17:24 - 2014-04-29 17:24 - 00003412 _____ () C:\Users\Tyler\Desktop\RKreport[0]_S_04292014_172411.txt
    2014-04-29 17:20 - 2014-04-29 17:20 - 00003379 _____ () C:\Users\Tyler\Desktop\RKreport[0]_S_04292014_172052.txt
    2014-04-29 17:17 - 2014-04-29 17:18 - 03972608 _____ () C:\Users\Tyler\Downloads\RogueKiller (2).exe
    2014-04-28 19:08 - 2014-04-28 19:08 - 02747238 _____ (Malwarebytes Corporation ) C:\Users\Tyler\Downloads\Unconfirmed 771190.crdownload
    2014-04-28 19:01 - 2014-04-28 19:01 - 01310621 _____ () C:\Users\Tyler\Downloads\adwcleaner (1).exe
    2014-04-28 19:01 - 2014-04-28 19:01 - 01310621 _____ () C:\Users\Tyler\Desktop\adwcleaner (1).exe
    2014-04-28 16:08 - 2014-04-28 19:04 - 01439756 _____ (Malwarebytes Corporation ) C:\Users\Tyler\Downloads\Unconfirmed 888419.crdownload
    2014-04-27 21:36 - 2014-04-27 21:36 - 00000875 _____ () C:\Users\Tyler\Downloads\fixlist.txt
    2014-04-27 21:12 - 2014-04-27 21:21 - 00000649 _____ () C:\Users\Tyler\Downloads\Search.txt
    2014-04-27 21:02 - 2014-04-27 21:12 - 00064387 _____ () C:\Users\Tyler\Downloads\FRST.txt
    2014-04-27 21:02 - 2014-04-27 21:02 - 02061824 _____ (Farbar) C:\Users\Tyler\Desktop\FRST64 (1).exe
    2014-04-27 21:00 - 2014-04-27 21:00 - 15692150 _____ (Malwarebytes Corporation ) C:\Users\Tyler\Downloads\Unconfirmed 252223.crdownload
    2014-04-25 22:08 - 2014-04-25 22:08 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\Tyler\Downloads\mbam-setup-2.0.1.1004 (1).exe
    2014-04-25 20:37 - 2014-04-25 20:37 - 00002709 _____ () C:\Users\Tyler\Downloads\legitcheck.hta
    2014-04-25 20:36 - 2014-04-29 19:52 - 00001184 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
    2014-04-25 20:36 - 2014-04-29 19:52 - 00001184 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
    2014-04-25 20:30 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll
    2014-04-25 20:29 - 2014-04-29 19:51 - 00000000 ____D () C:\AdwCleaner
    2014-04-25 20:29 - 2014-04-25 20:30 - 03972608 _____ () C:\Users\Tyler\Downloads\RogueKiller (1).exe
    2014-04-25 20:28 - 2014-04-25 20:28 - 01365865 _____ () C:\Users\Tyler\Downloads\adwcleaner.exe
    2014-04-25 16:14 - 2014-04-25 17:08 - 00000000 ____D () C:\ProgramData\SecTaskMan
    2014-04-25 16:14 - 2014-04-25 17:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Security Task Manager
    2014-04-25 16:14 - 2014-04-25 17:08 - 00000000 ____D () C:\Program Files (x86)\Security Task Manager
    2014-04-25 16:13 - 2014-04-25 16:13 - 02365840 _____ () C:\Users\Tyler\Downloads\SecurityTaskManager_Setup.exe
    2014-04-25 15:54 - 2014-04-29 20:06 - 00000246 _____ () C:\Windows\SysWOW64\PARTIZAN.TXT
    2014-04-24 21:38 - 2014-04-24 21:38 - 00040720 _____ (Greatis Software) C:\Windows\system32\Partizan.exe
    2014-04-24 21:38 - 2014-04-24 21:38 - 00000081 _____ () C:\Windows\system32\Partizan.RRI
    2014-04-24 21:01 - 2014-04-25 17:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UnHackMe
    2014-04-24 21:01 - 2014-04-25 17:07 - 00000000 ____D () C:\Users\Tyler\Documents\RegRun2
    2014-04-24 21:01 - 2014-04-24 21:07 - 00000000 ____D () C:\Users\Public\Documents\regruninfo
    2014-04-24 21:01 - 2014-04-24 21:01 - 00035816 _____ (Greatis Software) C:\Windows\SysWOW64\Drivers\Partizan.sys
    2014-04-24 21:01 - 2014-04-24 21:01 - 00003314 _____ () C:\Windows\System32\Tasks\UnHackMe Task Scheduler
    2014-04-24 21:01 - 2014-04-24 21:01 -
     
  24. Jim recardo

    Jim recardo TS Rookie Topic Starter Posts: 29

    00000973 _____ () C:\Users\Tyler\Desktop\UnHackMe.lnk
    2014-04-24 21:01 - 2014-04-24 21:01 - 00000002 RSHOT () C:\Windows\winstart.bat
    2014-04-24 21:01 - 2014-04-24 21:01 - 00000002 RSHOT () C:\Windows\SysWOW64\CONFIG.NT
    2014-04-24 21:01 - 2014-04-24 21:01 - 00000002 RSHOT () C:\Windows\SysWOW64\AUTOEXEC.NT
    2014-04-24 21:01 - 2014-03-28 13:01 - 00012800 _____ (Greatis Software, LLC.) C:\Windows\SysWOW64\Drivers\UnHackMeDrv.sys
    2014-04-24 21:00 - 2014-04-25 17:08 - 00000000 ____D () C:\Program Files (x86)\UnHackMe
    2014-04-24 20:59 - 2014-04-24 21:00 - 15295838 _____ () C:\Users\Tyler\Downloads\unhackme.zip
    2014-04-24 16:52 - 2014-04-24 16:52 - 00000000 _____ () C:\autoexec.bat
    2014-04-24 16:51 - 2014-04-25 17:07 - 00000000 ____D () C:\Users\Tyler\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpyHunter
    2014-04-24 16:51 - 2014-04-24 16:51 - 00002260 _____ () C:\Users\Tyler\Desktop\SpyHunter.lnk
    2014-04-24 16:51 - 2014-04-24 16:51 - 00000000 ____D () C:\sh4ldr
    2014-04-24 16:51 - 2014-04-24 16:51 - 00000000 ____D () C:\Program Files\Enigma Software Group
    2014-04-24 16:50 - 2014-04-24 16:50 - 00000859 _____ () C:\Users\Public\Desktop\Resume Reimage Repair Installation.lnk
    2014-04-24 16:49 - 2014-04-24 16:50 - 00000099 _____ () C:\Windows\Reimage.ini
    2014-04-24 16:49 - 2014-04-24 16:49 - 00797552 _____ (Reimage®) C:\Users\Tyler\Downloads\ReimageRepair.exe
    2014-04-24 16:42 - 2014-04-24 16:42 - 00728960 _____ (Enigma Software Group USA, LLC.) C:\Users\Tyler\Downloads\SpyHunter-Installer (2).exe
    2014-04-24 16:41 - 2014-04-24 16:43 - 00058230 _____ () C:\Users\Tyler\Desktop\Addition.txt
    2014-04-24 16:38 - 2014-04-29 20:36 - 00019781 _____ () C:\Users\Tyler\Desktop\FRST.txt
    2014-04-24 16:38 - 2014-04-29 20:36 - 00000000 ____D () C:\FRST
    2014-04-24 16:36 - 2014-04-24 16:37 - 02061824 _____ (Farbar) C:\Users\Tyler\Desktop\FRST64.exe
    2014-04-24 16:22 - 2014-04-29 20:09 - 00000494 _____ () C:\Windows\Tasks\ParetoLogic Update Version3 Startup Task.job
    2014-04-24 16:22 - 2014-04-29 20:09 - 00000460 _____ () C:\Windows\Tasks\RegCure Pro Startup.job
    2014-04-24 16:22 - 2014-04-25 16:03 - 00000563 _____ () C:\Windows\Tasks\RegCure Pro_sch_98CD0C73-CBF6-11E3-9F42-3860770FA3CC.job
    2014-04-24 16:22 - 2014-04-24 16:23 - 00002920 _____ () C:\Windows\System32\Tasks\ParetoLogic Update Version3 Startup Task
    2014-04-24 16:22 - 2014-04-24 16:23 - 00002614 _____ () C:\Windows\System32\Tasks\RegCure Pro Startup
    2014-04-24 16:22 - 2014-04-24 16:22 - 00003986 _____ () C:\Windows\System32\Tasks\RegCure Pro_sch_98CD0C73-CBF6-11E3-9F42-3860770FA3CC
    2014-04-24 16:22 - 2014-04-24 16:22 - 00001156 _____ () C:\Users\Tyler\Desktop\RegCure Pro.lnk
    2014-04-24 16:21 - 2014-04-24 16:22 - 06742552 _____ (ParetoLogic, Inc.) C:\Users\Tyler\Downloads\RegCureProSetup.exe
    2014-04-24 16:21 - 2014-04-24 16:21 - 00728960 _____ (Enigma Software Group USA, LLC.) C:\Users\Tyler\Downloads\SpyHunter-Installer (1).exe
    2014-04-24 16:20 - 2014-04-24 16:20 - 00001205 _____ () C:\Users\Tyler\Downloads\FixNCR.reg
    2014-04-24 16:18 - 2014-04-29 19:20 - 00000000 ____D () C:\Users\Tyler\Desktop\RK_Quarantine
    2014-04-24 16:16 - 2014-04-24 16:16 - 00000000 ____D () C:\ProgramData\HitmanPro
    2014-04-24 16:15 - 2014-04-24 16:16 - 07302320 _____ () C:\Users\Tyler\Downloads\bitdefender_tsecurity.exe
    2014-04-24 16:14 - 2014-04-24 16:14 - 03972608 _____ () C:\Users\Tyler\Desktop\RogueKiller.exe
    2014-04-24 16:13 - 2014-04-24 16:22 - 10971424 _____ (SurfRight B.V.) C:\Users\Tyler\Downloads\HitmanPro_x64.exe
    2014-04-24 16:13 - 2014-04-24 16:14 - 10094400 _____ (SurfRight B.V.) C:\Users\Tyler\Downloads\HitmanPro.exe
    2014-04-24 16:06 - 2014-04-29 18:39 - 00119000 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
    2014-04-24 16:06 - 2014-04-29 18:39 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
    2014-04-24 16:06 - 2014-04-25 22:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
    2014-04-24 16:06 - 2014-04-25 22:10 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
    2014-04-24 16:06 - 2014-04-24 16:06 - 00025815 _____ () C:\Users\Tyler\Desktop\dds.txt
    2014-04-24 16:06 - 2014-04-24 16:06 - 00012514 _____ () C:\Users\Tyler\Desktop\attach.txt
    2014-04-24 16:06 - 2014-04-03 09:51 - 00063192 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
    2014-04-24 16:06 - 2014-04-03 09:50 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
    2014-04-24 16:01 - 2014-04-24 16:01 - 00688992 ____R (Swearware) C:\Users\Tyler\Downloads\dds.com
    2014-04-24 16:00 - 2014-04-24 16:04 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\Tyler\Downloads\mbam-setup-2.0.1.1004.exe
    2014-04-24 15:56 - 2014-04-24 15:57 - 04143738 _____ () C:\Users\Tyler\Downloads\tdsskiller.zip
    2014-04-24 15:54 - 2014-04-24 15:55 - 02237968 _____ (Kaspersky Lab ZAO) C:\Users\Tyler\Downloads\tdsskiller.exe
    2014-04-24 11:26 - 2014-04-24 11:26 - 00000384 _____ () C:\Users\Tyler\Desktop\Retexture.txt
    2014-04-24 10:35 - 2014-04-25 17:07 - 00000000 ____D () C:\Users\Tyler\Desktop\.minecraft
    2014-04-24 10:31 - 2014-01-31 19:12 - 00000000 ____D () C:\Users\Tyler\Desktop\huzuni
    2014-04-24 10:29 - 2014-04-24 14:40 - 00000000 ____D () C:\Users\Tyler\Desktop\Skins And Edits
    2014-04-24 10:24 - 2014-04-24 10:24 - 06007183 _____ () C:\Users\Tyler\Downloads\huzuni (1).zip
    2014-04-24 10:04 - 2014-04-24 10:04 - 00000000 ____D () C:\Users\Tyler\Desktop\Steve rig
    2014-04-24 10:02 - 2014-04-24 10:02 - 00329420 _____ () C:\Users\Tyler\Downloads\Steve rig.rar
    2014-04-24 09:21 - 2014-04-24 09:21 - 00061440 _____ (Gary's Hood) C:\Users\Tyler\Downloads\rsclient (1).exe
    2014-04-23 23:01 - 2014-04-23 23:01 - 00426754 _____ () C:\Users\Tyler\Downloads\67974_fancyfeet.zip
    2014-04-23 23:01 - 2014-04-23 23:01 - 00426754 _____ () C:\Users\Tyler\Desktop\67974_fancyfeet.zip
    2014-04-23 23:01 - 2013-05-06 18:59 - 02387336 _____ () C:\Users\Tyler\Desktop\fancyFeet.blend
    2014-04-23 22:51 - 2014-04-23 22:50 - 00380128 _____ () C:\Users\Tyler\Desktop\Diamond sword.blend
    2014-04-23 22:50 - 2014-04-23 22:50 - 00380128 _____ () C:\Users\Tyler\Downloads\Diamond sword.blend
    2014-04-23 22:48 - 2013-09-21 16:15 - 38369008 _____ () C:\Users\Tyler\Desktop\the forest with house.blend
    2014-04-23 22:47 - 2014-04-23 22:48 - 11823614 _____ () C:\Users\Tyler\Downloads\70243_the_forest_with_house_2.zip
    2014-04-23 22:45 - 2014-04-23 22:45 - 00124496 _____ () C:\Users\Tyler\Downloads\69856_horse.zip
    2014-04-23 22:45 - 2013-08-24 04:26 - 00615852 _____ () C:\Users\Tyler\Desktop\Horse.blend
    2014-04-23 21:13 - 2014-04-23 21:19 - 00000000 ____D () C:\tmp
    2014-04-23 21:13 - 2014-04-23 21:13 - 00865648 _____ () C:\Users\Tyler\Desktop\girl finished rig.blend
    2014-04-23 20:53 - 2014-04-23 20:53 - 00428924 _____ () C:\Users\Tyler\Desktop\TORCH TREE.blend
    2014-04-23 20:17 - 2014-04-23 20:17 - 00459784 _____ () C:\Users\Tyler\Desktop\Torch tree grass .blend
    2014-04-23 20:12 - 2010-09-04 13:40 - 00408220 _____ () C:\Users\Tyler\Desktop\MinecraftBody_bend.blend
    2014-04-23 20:11 - 2014-04-23 20:11 - 00768255 _____ () C:\Users\Tyler\Downloads\minecraft_blocks.zip
    2014-04-23 20:11 - 2011-12-17 10:28 - 04599992 _____ () C:\Users\Tyler\Desktop\minecraft.blend
    2014-04-23 18:01 - 2014-04-23 18:01 - 02241720 _____ () C:\Users\Tyler\Desktop\Not done.blend
    2014-04-23 17:14 - 2014-04-23 17:14 - 01423652 _____ () C:\Users\Tyler\Desktop\RIG WITH MOVIE MOUFE.blend
    2014-04-23 17:08 - 2014-04-22 16:10 - 00599112 _____ () C:\Users\Tyler\Desktop\Minecraft Rig By Ruffles.blend
    2014-04-23 17:08 - 2014-03-09 10:59 - 01526344 _____ () C:\Users\Tyler\Desktop\Minecraft_Character_Rig - Copy.blend
    2014-04-23 16:40 - 2014-04-23 16:40 - 00655736 _____ () C:\Users\Tyler\Desktop\Girl rig.blend
    2014-04-23 16:05 - 2014-04-23 16:05 - 02472531 _____ () C:\Users\Tyler\Downloads\Rig Pack (Small).zip
    2014-04-22 21:54 - 2014-04-25 17:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Craften Terminal
    2014-04-22 21:54 - 2014-04-25 17:08 - 00000000 ____D () C:\Program Files (x86)\Craften Terminal
    2014-04-22 21:54 - 2014-04-22 22:00 - 00000000 ____D () C:\Users\Tyler\AppData\Roaming\Craften Terminal
    2014-04-22 21:50 - 2014-04-22 21:51 - 16905694 _____ (Craften.de ) C:\Users\Tyler\Downloads\craftenterminal.exe
    2014-04-22 21:49 - 2014-04-22 21:50 - 03090499 _____ () C:\Users\Tyler\Downloads\shaderpacks.rar
    2014-04-22 21:21 - 2014-04-22 21:21 - 02723814 _____ () C:\Users\Tyler\Downloads\forge-1.7.2-10.12.1.1061-installer.jar
    2014-04-22 21:21 - 2014-04-22 21:21 - 02723814 _____ () C:\Users\Tyler\Downloads\forge-1.7.2-10.12.1.1061-installer (1).jar
    2014-04-22 21:19 - 2014-04-22 21:20 - 00058478 _____ () C:\Users\Tyler\Downloads\SEUS_v10.1_preview1.zip
    2014-04-22 21:18 - 2014-04-22 21:18 - 00031109 _____ () C:\Users\Tyler\Downloads\SEUS v10.0 Lite.zip
    2014-04-22 21:16 - 2014-04-22 21:16 - 00390198 _____ () C:\Users\Tyler\Downloads\ShadersMod-v2.3.13mc1.7.4-installer (1).jar
    2014-04-22 21:13 - 2014-04-22 21:13 - 00065038 _____ () C:\Users\Tyler\Downloads\seus-v10.1-Preview2.zip
    2014-04-22 20:44 - 2014-04-22 20:44 - 00040663 _____ () C:\Users\Tyler\Downloads\SEUS v10.0 Ultra DOF.zip
    2014-04-22 19:57 - 2014-04-22 19:57 - 00390198 _____ () C:\Users\Tyler\Downloads\ShadersMod-v2.3.13mc1.7.4-installer.jar
    2014-04-22 18:27 - 2014-04-22 18:27 - 00638748 _____ () C:\Users\Tyler\Desktop\first animation2.blend
    2014-04-22 18:07 - 2014-04-22 18:07 - 00079569 _____ () C:\Users\Tyler\Downloads\MinecraftPlayer.zip
    2014-04-22 17:17 - 2014-03-09 10:59 - 01526344 _____ () C:\Users\Tyler\Desktop\Minecraft_Character_Rig.blend
    2014-04-22 16:47 - 2014-04-22 16:49 - 40220683 _____ () C:\Users\Tyler\Downloads\world1.rar
    2014-04-22 16:43 - 2014-04-22 16:43 - 05301903 _____ () C:\Users\Tyler\Downloads\mineways.zip
    2014-04-22 16:10 - 2014-04-22 16:10 - 00599112 _____ () C:\Users\Tyler\Downloads\Minecraft Rig By Ruffles.blend
    2014-04-22 16:03 - 2014-04-22 16:03 - 00120162 _____ () C:\Users\Tyler\Downloads\MinecraftBody.blend.zip
    2014-04-22 16:01 - 2014-04-22 16:02 - 09469166 _____ () C:\Users\Tyler\Downloads\Blender_Minecraft_Rig.zip
    2014-04-22 03:01 - 2014-03-06 03:57 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
    2014-04-22 03:01 - 2014-03-06 03:32 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
    2014-04-22 03:01 - 2014-03-06 03:02 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
    2014-04-22 03:01 - 2014-03-06 02:40 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
    2014-04-22 03:00 - 2014-03-06 05:21 - 23549440 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
    2014-04-22 03:00 - 2014-03-06 04:32 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
    2014-04-22 03:00 - 2014-03-06 04:31 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
    2014-04-22 03:00 - 2014-03-06 04:19 - 17387008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
    2014-04-22 03:00 - 2014-03-06 03:59 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
    2014-04-22 03:00 - 2014-03-06 03:57 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
    2014-04-22 03:00 - 2014-03-06 03:53 - 02767360 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
    2014-04-22 03:00 - 2014-03-06 03:40 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
    2014-04-22 03:00 - 2014-03-06 03:39 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
    2014-04-22 03:00 - 2014-03-06 03:32 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
    2014-04-22 03:00 - 2014-03-06 03:29 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
    2014-04-22 03:00 - 2014-03-06 03:29 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
    2014-04-22 03:00 - 2014-03-06 03:28 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
    2014-04-22 03:00 - 2014-03-06 03:15 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
    2014-04-22 03:00 - 2014-03-06 03:11 - 05784064 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
    2014-04-22 03:00 - 2014-03-06 03:09 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
    2014-04-22 03:00 - 2014-03-06 03:03 - 00586240 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
    2014-04-22 03:00 - 2014-03-06 03:02 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
    2014-04-22 03:00 - 2014-03-06 03:01 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
    2014-04-22 03:00 - 2014-03-06 02:56 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
    2014-04-22 03:00 - 2014-03-06 02:48 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
    2014-04-22 03:00 - 2014-03-06 02:47 - 02178048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
    2014-04-22 03:00 - 2014-03-06 02:46 - 04254720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
    2014-04-22 03:00 - 2014-03-06 02:46 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
    2014-04-22 03:00 - 2014-03-06 02:45 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
    2014-04-22 03:00 - 2014-03-06 02:42 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
    2014-04-22 03:00 - 2014-03-06 02:38 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
    2014-04-22 03:00 - 2014-03-06 02:36 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
    2014-04-22 03:00 - 2014-03-06 02:22 - 00367616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
    2014-04-22 03:00 - 2014-03-06 02:21 - 00628736 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
    2014-04-22 03:00 - 2014-03-06 02:13 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
    2014-04-22 03:00 - 2014-03-06 02:11 - 02043904 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
    2014-04-22 03:00 - 2014-03-06 02:07 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
    2014-04-22 03:00 - 2014-03-06 02:01 - 00244224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
    2014-04-22 03:00 - 2014-03-06 01:53 - 13551104 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
    2014-04-22 03:00 - 2014-03-06 01:46 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
    2014-04-22 03:00 - 2014-03-06 01:40 - 01967104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
    2014-04-22 03:00 - 2014-03-06 01:36 - 11745792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
    2014-04-22 03:00 - 2014-03-06 01:22 - 02260480 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
    2014-04-22 03:00 - 2014-03-06 00:58 - 01400832 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
    2014-04-22 03:00 - 2014-03-06 00:50 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
    2014-04-22 03:00 - 2014-03-06 00:43 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
    2014-04-22 03:00 - 2014-03-06 00:41 - 01789440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
    2014-04-22 03:00 - 2014-03-06 00:36 - 01143808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
    2014-04-19 02:59 - 2014-04-19 02:59 - 00000220 _____ () C:\Users\Tyler\Desktop\Garry's Mod.url
    2014-04-18 15:01 - 2014-04-18 15:01 - 00237336 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgidsdrivera.sys
    2014-04-15 17:02 - 2014-04-15 17:02 - 00450470 _____ () C:\Users\Tyler\Downloads\Claw_v5.4.7-1.zip
    2014-04-15 16:56 - 2014-04-15 16:56 - 00299562 _____ () C:\Users\Tyler\Downloads\Bartender4-4.5.13.2.zip
    2014-04-14 22:25 - 2014-04-14 22:25 - 00000222 _____ () C:\Users\Tyler\Desktop\Loadout.url
    2014-04-14 22:24 - 2014-04-14 22:24 - 00000222 _____ () C:\Users\Tyler\Desktop\The Mighty Quest For Epic Loot.url
    2014-04-09 16:47 - 2014-03-04 04:44 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
    2014-04-09 16:47 - 2014-03-04 04:44 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
    2014-04-09 16:47 - 2014-03-04 04:44 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
    2014-04-09 16:47 - 2014-03-04 04:44 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
    2014-04-09 16:47 - 2014-03-04 04:44 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
    2014-04-09 16:47 - 2014-03-04 04:17 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
    2014-04-09 16:47 - 2014-03-04 04:16 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
    2014-04-09 16:47 - 2014-03-04 04:16 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
    2014-04-09 16:47 - 2014-03-04 04:16 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
    2014-04-09 16:47 - 2014-03-04 03:09 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
    2014-04-09 16:47 - 2014-03-04 03:09 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
    2014-04-09 16:47 - 2014-02-03 21:35 - 00274880 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys
    2014-04-09 16:47 - 2014-02-03 21:35 - 00190912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\storport.sys
    2014-04-09 16:47 - 2014-02-03 21:35 - 00027584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Diskdump.sys
    2014-04-09 16:47 - 2014-02-03 21:28 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\iologmsg.dll
    2014-04-09 16:47 - 2014-02-03 21:00 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iologmsg.dll
    2014-04-09 16:47 - 2014-01-23 21:37 - 01684928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
    2014-04-07 10:07 - 2014-04-29 19:25 - 00000332 _____ () C:\Windows\Tasks\HPCeeScheduleForTyler.job
    2014-04-07 10:07 - 2014-04-29 18:11 - 00003186 _____ () C:\Windows\System32\Tasks\HPCeeScheduleForTyler
    2014-04-02 17:12 - 2014-04-02 17:13 - 752450561 _____ () C:\Users\Tyler\Downloads\CSS Content Addon (1).zip
    2014-04-02 16:49 - 2014-04-02 17:39 - 752450561 _____ () C:\Users\Tyler\Downloads\CSS Content Addon.zip
    2014-03-31 16:20 - 2014-03-31 16:20 - 00274200 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgtdia.sys
    2014-03-31 16:06 - 2014-03-31 16:06 - 00130840 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgmfx64.sys
    2014-03-31 09:37 - 2014-04-25 17:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG

    ==================== One Month Modified Files and Folders =======

    2014-04-29 20:37 - 2012-01-12 17:13 - 00000000 ____D () C:\Users\Tyler\AppData\Local\PMB Files
    2014-04-29 20:36 - 2014-04-24 16:38 - 00019781 _____ () C:\Users\Tyler\Desktop\FRST.txt
    2014-04-29 20:36 - 2014-04-24 16:38 - 00000000 ____D () C:\FRST
    2014-04-29 20:28 - 2014-04-29 20:28 - 00071621 _____ () C:\Users\Tyler\Downloads\produkey-x64.zip
    2014-04-29 20:23 - 2012-12-27 17:32 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
    2014-04-29 20:21 - 2013-02-19 18:37 - 00000000 ____D () C:\Users\Tyler\AppData\Roaming\Skype
    2014-04-29 20:20 - 2014-03-26 21:09 - 00000896 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
    2014-04-29 20:14 - 2011-12-05 15:09 - 02065454 _____ () C:\Windows\WindowsUpdate.log
    2014-04-29 20:12 - 2011-12-25 12:07 - 00003906 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{9A999F69-E7F5-46AE-BABB-6D4D37850F74}
    2014-04-29 20:11 - 2013-12-11 20:31 - 00000000 ____D () C:\Users\Tyler\AppData\Roaming\GameTracker
    2014-04-29 20:09 - 2014-04-24 16:22 - 00000494 _____ () C:\Windows\Tasks\ParetoLogic Update Version3 Startup Task.job
    2014-04-29 20:09 - 2014-04-24 16:22 - 00000460 _____ () C:\Windows\Tasks\RegCure Pro Startup.job
    2014-04-29 20:09 - 2014-03-26 21:09 - 00000892 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
    2014-04-29 20:09 - 2009-07-14 00:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
    2014-04-29 20:09 - 2009-07-13 23:51 - 00058800 _____ () C:\Windows\setupact.log
    2014-04-29 20:08 - 2011-12-25 11:12 - 00000000 ____D () C:\Users\Tyler
    2014-04-29 20:07 - 2014-04-29 20:07 - 00006024 _____ () C:\Users\Tyler\Downloads\fixlist (1).txt
    2014-04-29 20:06 - 2014-04-25 15:54 - 00000246 _____ () C:\Windows\SysWOW64\PARTIZAN.TXT
    2014-04-29 20:06 - 2010-11-20 22:47 - 01014800 _____ () C:\Windows\PFRO.log
    2014-04-29 19:52 - 2014-04-25 20:36 - 00001184 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
    2014-04-29 19:52 - 2014-04-25 20:36 - 00001184 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
    2014-04-29 19:51 - 2014-04-25 20:29 - 00000000 ____D () C:\AdwCleaner
    2014-04-29 19:51 - 2011-12-27 21:43 - 00000000 ____D () C:\Users\Tyler\AppData\Local\CrashDumps
    2014-04-29 19:31 - 2014-04-29 19:31 - 00003102 _____ () C:\Users\Tyler\Desktop\RKreport[0]_S_04292014_193142.txt
    2014-04-29 19:25 - 2014-04-07 10:07 - 00000332 _____ () C:\Windows\Tasks\HPCeeScheduleForTyler.job
    2014-04-29 19:24 - 2014-04-29 17:59 - 00000000 ___SD () C:\32788R22FWJFW
    2014-04-29 19:22 - 2014-04-29 19:22 - 05197560 ____R (Swearware) C:\Users\Tyler\Desktop\ComboFix (1).exe
    2014-04-29 19:22 - 2014-04-29 19:22 - 05197560 _____ (Swearware) C:\Users\Tyler\Downloads\ComboFix (1).exe
    2014-04-29 19:20 - 2014-04-29 19:20 - 00003073 _____ () C:\Users\Tyler\Desktop\RKreport[0]_D_04292014_192025.txt
    2014-04-29 19:20 - 2014-04-24 16:18 - 00000000 ____D () C:\Users\Tyler\Desktop\RK_Quarantine
    2014-04-29 19:19 - 2014-04-29 19:19 - 00003033 _____ () C:\Users\Tyler\Desktop\RKreport[0]_S_04292014_191907.txt
    2014-04-29 19:15 - 2014-04-29 18:39 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
    2014-04-29 19:01 - 2014-04-29 19:01 - 03250128 _____ () C:\Users\Tyler\Downloads\advisorinstaller.exe
    2014-04-29 18:53 - 2014-04-29 18:54 - 00002701 _____ () C:\Users\Tyler\Desktop\legitcheck (2).hta
    2014-04-29 18:53 - 2014-04-29 18:53 - 00002701 _____ () C:\Users\Tyler\Downloads\legitcheck (2).hta
    2014-04-29 18:53 - 2014-04-29 18:53 - 00002701 _____ () C:\Users\Tyler\Downloads\legitcheck (1).hta
    2014-04-29 18:39 - 2014-04-24 16:06 - 00119000 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
    2014-04-29 18:39 - 2014-04-24 16:06 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
    2014-04-29 18:38 - 2014-04-29 18:38 - 00000000 ____D () C:\Users\Tyler\Desktop\New folder
    2014-04-29 18:38 - 2014-04-29 18:37 - 00000000 ____D () C:\Users\Tyler\Desktop\mbar
    2014-04-29 18:36 - 2014-04-29 18:35 - 12589848 _____ (Malwarebytes Corp.) C:\Users\Tyler\Downloads\mbar-1.07.0.1009.exe
    2014-04-29 18:28 - 2014-03-26 21:11 - 00002145 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
    2014-04-29 18:11 - 2014-04-07 10:07 - 00003186 _____ () C:\Windows\System32\Tasks\HPCeeScheduleForTyler
    2014-04-29 17:59 - 2014-04-29 17:59 - 00002930 _____ () C:\Users\Tyler\Desktop\RKreport[0]_S_04292014_175928.txt
    2014-04-29 17:59 - 2014-04-29 17:59 - 00000000 ____D () C:\Windows\erdnt
    2014-04-29 17:51 - 2014-04-29 17:51 - 00002899 _____ () C:\Users\Tyler\Desktop\RKreport[0]_D_04292014_175138.txt
    2014-04-29 17:50 - 2014-04-29 17:50 - 00002861 _____ () C:\Users\Tyler\Desktop\RKreport[0]_S_04292014_175042.txt
    2014-04-29 17:48 - 2014-04-29 17:48 - 00003158 _____ () C:\Users\Tyler\Desktop\RKreport[0]_D_04292014_174852.txt
    2014-04-29 17:47 - 2014-04-29 17:47 - 00003119 _____ () C:\Users\Tyler\Desktop\RKreport[0]_S_04292014_174759.txt
    2014-04-29 17:46 - 2014-04-29 17:46 - 05197560 _____ (Swearware) C:\Users\Tyler\Downloads\ComboFix.exe
    2014-04-29 17:46 - 2012-07-22 13:24 - 00000000 ____D () C:\ProgramData\MFAData
    2014-04-29 17:44 - 2014-04-29 17:44 - 03972608 _____ () C:\Users\Tyler\Downloads\RogueKiller (3).exe
    2014-04-29 17:39 - 2014-04-29 17:39 - 00003591 _____ () C:\Users\Tyler\Desktop\RKreport[0]_D_04292014_173958.txt
    2014-04-29 17:24 - 2014-04-29 17:24 - 00003412 _____ () C:\Users\Tyler\Desktop\RKreport[0]_S_04292014_172411.txt
    2014-04-29 17:20 - 2014-04-29 17:20 - 00003379 _____ () C:\Users\Tyler\Desktop\RKreport[0]_S_04292014_172052.txt
    2014-04-29 17:18 - 2014-04-29 17:17 - 03972608 _____ () C:\Users\Tyler\Downloads\RogueKiller (2).exe
    2014-04-28 19:08 - 2014-04-28 19:08 - 02747238 _____ (Malwarebytes Corporation ) C:\Users\Tyler\Downloads\Unconfirmed 771190.crdownload
    2014-04-28 19:04 - 2014-04-28 16:08 - 01439756 _____ (Malwarebytes Corporation ) C:\Users\Tyler\Downloads\Unconfirmed 888419.crdownload
    2014-04-28 19:01 - 2014-04-28 19:01 - 01310621 _____ () C:\Users\Tyler\Downloads\adwcleaner (1).exe
    2014-04-28 19:01 - 2014-04-28 19:01 - 01310621 _____ () C:\Users\Tyler\Desktop\adwcleaner (1).exe
    2014-04-27 21:36 - 2014-04-27 21:36 - 00000875 _____ () C:\Users\Tyler\Downloads\fixlist.txt
    2014-04-27 21:21 - 2014-04-27 21:12 - 00000649 _____ () C:\Users\Tyler\Downloads\Search.txt
    2014-04-27 21:12 - 2014-04-27 21:02 - 00064387 _____ () C:\Users\Tyler\Downloads\FRST.txt
    2014-04-27 21:02 - 2014-04-27 21:02 - 02061824 _____ (Farbar) C:\Users\Tyler\Desktop\FRST64 (1).exe
    2014-04-27 21:00 - 2014-04-27 21:00 - 15692150 _____ (Malwarebytes Corporation ) C:\Users\Tyler\Downloads\Unconfirmed 252223.crdownload
    2014-04-25 22:10 - 2014-04-24 16:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
    2014-04-25 22:10 - 2014-04-24 16:06 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
    2014-04-25 22:08 - 2014-04-25 22:08 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\Tyler\Downloads\mbam-setup-2.0.1.1004 (1).exe
    2014-04-25 20:37 - 2014-04-25 20:37 - 00002709 _____ () C:\Users\Tyler\Downloads\legitcheck.hta
    2014-04-25 20:30 - 2014-04-25 20:29 - 03972608 _____ () C:\Users\Tyler\Downloads\RogueKiller (1).exe
    2014-04-25 20:28 - 2014-04-25 20:28 - 01365865 _____ () C:\Users\Tyler\Downloads\adwcleaner.exe
    2014-04-25 19:26 - 2011-12-25 23:18 - 00000000 ____D () C:\Program Files (x86)\Steam
    2014-04-25 17:12 - 2013-08-23 14:11 - 00000000 ____D () C:\Users\Tyler\AppData\Roaming\Arc
    2014-04-25 17:08 - 2014-04-25 16:14 - 00000000 ____D () C:\ProgramData\SecTaskMan
    2014-04-25 17:08 - 2014-04-25 16:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Security Task Manager
    2014-04-25 17:08 - 2014-04-25 16:14 - 00000000 ____D () C:\Program Files (x86)\Security Task Manager
    2014-04-25 17:08 - 2014-04-24 21:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UnHackMe
    2014-04-25 17:08 - 2014-04-24 21:00 - 00000000 ____D () C:\Program Files (x86)\UnHackMe
    2014-04-25 17:08 - 2014-04-22 21:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Craften Terminal
    2014-04-25 17:08 - 2014-04-22 21:54 - 00000000 ____D () C:\Program Files (x86)\Craften Terminal
    2014-04-25 17:08 - 2014-03-31 09:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
    2014-04-25 17:08 - 2014-03-12 03:25 - 00000000 ___RD () C:\Program Files (x86)\Skype
    2014-04-25 17:08 - 2012-03-22 20:42 - 00000000 ____D () C:\.jagex_cache_32
    2014-04-25 17:08 - 2012-01-12 17:13 - 00000000 ____D () C:\ProgramData\PMB Files
    2014-04-25 17:08 - 2009-07-14 00:32 - 00000000 ____D () C:\Program Files\Windows Defender
    2014-04-25 17:07 - 2014-04-24 21:01 - 00000000 ____D () C:\Users\Tyler\Documents\RegRun2
    2014-04-25 17:07 - 2014-04-24 16:51 - 00000000 ____D () C:\Users\Tyler\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpyHunter
    2014-04-25 17:07 - 2014-04-24 10:35 - 00000000 ____D () C:\Users\Tyler\Desktop\.minecraft
    2014-04-25 17:07 - 2013-03-13 15:27 - 00000000 ____D () C:\Users\Tyler\AppData\Roaming\.minecraft
    2014-04-25 17:07 - 2010-11-21 02:16 - 00000000 ___RD () C:\Users\Public\Recorded TV
    2014-04-25 17:07 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\system32\sysprep
    2014-04-25 17:07 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\rescache
    2014-04-25 17:07 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\registration
    2014-04-25 17:07 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
    2014-04-25 17:07 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\AppCompat
    2014-04-25 16:13 - 2014-04-25 16:13 - 02365840 _____ () C:\Users\Tyler\Downloads\SecurityTaskManager_Setup.exe
    2014-04-25 16:03 - 2014-04-24 16:22 - 00000563 _____ () C:\Windows\Tasks\RegCure Pro_sch_98CD0C73-CBF6-11E3-9F42-3860770FA3CC.job
    2014-04-24 21:38 - 2014-04-24 21:38 - 00040720 _____ (Greatis Software) C:\Windows\system32\Partizan.exe
    2014-04-24 21:38 - 2014-04-24 21:38 - 00000081 _____ () C:\Windows\system32\Partizan.RRI
    2014-04-24 21:07 - 2014-04-24 21:01 - 00000000 ____D () C:\Users\Public\Documents\regruninfo
    2014-04-24 21:01 - 2014-04-24 21:01 - 00035816 _____ (Greatis Software) C:\Windows\SysWOW64\Drivers\Partizan.sys
    2014-04-24 21:01 - 2014-04-24 21:01 - 00003314 _____ () C:\Windows\System32\Tasks\UnHackMe Task Scheduler
    2014-04-24 21:01 - 2014-04-24 21:01 - 00000973 _____ () C:\Users\Tyler\Desktop\UnHackMe.lnk
    2014-04-24 21:01 - 2014-04-24 21:01 - 00000002 RSHOT () C:\Windows\winstart.bat
    2014-04-24 21:01 - 2014-04-24 21:01 - 00000002 RSHOT () C:\Windows\SysWOW64\CONFIG.NT
    2014-04-24 21:01 - 2014-04-24 21:01 - 00000002 RSHOT () C:\Windows\SysWOW64\AUTOEXEC.NT
    2014-04-24 21:00 - 2014-04-24 20:59 - 15295838 _____ () C:\Users\Tyler\Downloads\unhackme.zip
    2014-04-24 20:19 - 2014-01-30 18:51 - 00000258 __RSH () C:\ProgramData\ntuser.pol
    2014-04-24 17:20 - 2009-07-14 00:32 - 00000000 ____D () C:\Windows\Performance
    2014-04-24 16:52 - 2014-04-24 16:52 - 00000000 _____ () C:\autoexec.bat
    2014-04-24 16:51 - 2014-04-24 16:51 - 00002260 _____ () C:\Users\Tyler\Desktop\SpyHunter.lnk
    2014-04-24 16:51 - 2014-04-24 16:51 - 00000000 ____D () C:\sh4ldr
    2014-04-24 16:51 - 2014-04-24 16:51 - 00000000 ____D () C:\Program Files\Enigma Software Group
    2014-04-24 16:50 - 2014-04-24 16:50 - 00000859 _____ () C:\Users\Public\Desktop\Resume Reimage Repair Installation.lnk
    2014-04-24 16:50 - 2014-04-24 16:49 - 00000099 _____ () C:\Windows\Reimage.ini
    2014-04-24 16:49 - 2014-04-24 16:49 - 00797552 _____ (Reimage®) C:\Users\Tyler\Downloads\ReimageRepair.exe
    2014-04-24 16:43 - 2014-04-24 16:41 - 00058230 _____ () C:\Users\Tyler\Desktop\Addition.txt
    2014-04-24 16:42 - 2014-04-24 16:42 - 00728960 _____ (Enigma Software Group USA, LLC.) C:\Users\Tyler\Downloads\SpyHunter-Installer (2).exe
    2014-04-24 16:37 - 2014-04-24 16:36 - 02061824 _____ (Farbar) C:\Users\Tyler\Desktop\FRST64.exe
    2014-04-24 16:23 - 2014-04-24 16:22 - 00002920 _____ () C:\Windows\System32\Tasks\ParetoLogic Update Version3 Startup Task
    2014-04-24 16:23 - 2014-04-24 16:22 - 00002614 _____ () C:\Windows\System32\Tasks\RegCure Pro Startup
    2014-04-24 16:22 - 2014-04-24 16:22 - 00003986 _____ () C:\Windows\System32\Tasks\RegCure Pro_sch_98CD0C73-CBF6-11E3-9F42-3860770FA3CC
    2014-04-24 16:22 - 2014-04-24 16:22 - 00001156 _____ () C:\Users\Tyler\Desktop\RegCure Pro.lnk
    2014-04-24 16:22 - 2014-04-24 16:21 - 06742552 _____ (ParetoLogic, Inc.) C:\Users\Tyler\Downloads\RegCureProSetup.exe
    2014-04-24 16:22 - 2014-04-24 16:13 - 10971424 _____ (SurfRight B.V.) C:\Users\Tyler\Downloads\HitmanPro_x64.exe
    2014-04-24 16:21 - 2014-04-24 16:21 - 00728960 _____ (Enigma Software Group USA, LLC.) C:\Users\Tyler\Downloads\SpyHunter-Installer (1).exe
    2014-04-24 16:20 - 2014-04-24 16:20 - 00001205 _____ () C:\Users\Tyler\Downloads\FixNCR.reg
    2014-04-24 16:16 - 2014-04-24 16:16 - 00000000 ____D () C:\ProgramData\HitmanPro
    2014-04-24 16:16 - 2014-04-24 16:15 - 07302320 _____ () C:\Users\Tyler\Downloads\bitdefender_tsecurity.exe
    2014-04-24 16:14 - 2014-04-24 16:14 - 03972608 _____ () C:\Users\Tyler\Desktop\RogueKiller.exe
    2014-04-24 16:14 - 2014-04-24 16:13 - 10094400 _____ (SurfRight B.V.) C:\Users\Tyler\Downloads\HitmanPro.exe
    2014-04-24 16:06 - 2014-04-24 16:06 - 00025815 _____ () C:\Users\Tyler\Desktop\dds.txt
    2014-04-24 16:06 - 2014-04-24 16:06 - 00012514 _____ () C:\Users\Tyler\Desktop\attach.txt
    2014-04-24 16:06 - 2013-11-05 17:36 - 00000000 ____D () C:\ProgramData\Malwarebytes
    2014-04-24 16:04 - 2014-04-24 16:00 - 17305616 _____ (Malwarebytes Corporation ) C:\Users\Tyler\Downloads\mbam-setup-2.0.1.1004.exe
    2014-04-24 16:03 - 2013-03-17 13:50 - 00000023 _____ () C:\Users\Tyler\jagexappletviewer.preferences
    2014-04-24 16:01 - 2014-04-24 16:01 - 00688992 ____R (Swearware) C:\Users\Tyler\Downloads\dds.com
    2014-04-24 15:57 - 2014-04-24 15:56 - 04143738 _____ () C:\Users\Tyler\Downloads\tdsskiller.zip
    2014-04-24 15:55 - 2014-04-24 15:54 - 02237968 _____ (Kaspersky Lab ZAO) C:\Users\Tyler\Downloads\tdsskiller.exe
    2014-04-24 14:40 - 2014-04-24 10:29 - 00000000 ____D () C:\Users\Tyler\Desktop\Skins And Edits
    2014-04-24 11:26 - 2014-04-24 11:26 - 00000384 _____ () C:\Users\Tyler\Desktop\Retexture.txt
    2014-04-24 10:24 - 2014-04-24 10:24 - 06007183 _____ () C:\Users\Tyler\Downloads\huzuni (1).zip
    2014-04-24 10:04 - 2014-04-24 10:04 - 00000000 ____D () C:\Users\Tyler\Desktop\Steve rig
    2014-04-24 10:02 - 2014-04-24 10:02 - 00329420 _____ () C:\Users\Tyler\Downloads\Steve rig.rar
    2014-04-24 09:31 - 2013-09-20 13:10 - 00000927 _____ () C:\Users\Public\Desktop\AVG 2014.lnk
    2014-04-24 09:21 - 2014-04-24 09:21 - 00061440 _____ (Gary's Hood) C:\Users\Tyler\Downloads\rsclient (1).exe
    2014-04-23 23:01 - 2014-04-23 23:01 - 00426754 _____ () C:\Users\Tyler\Downloads\67974_fancyfeet.zip
    2014-04-23 23:01 - 2014-04-23 23:01 - 00426754 _____ () C:\Users\Tyler\Desktop\67974_fancyfeet.zip
    2014-04-23 22:50 - 2014-04-23 22:51 - 00380128 _____ () C:\Users\Tyler\Desktop\Diamond sword.blend
    2014-04-23 22:50 - 2014-04-23 22:50 - 00380128 _____ () C:\Users\Tyler\Downloads\Diamond sword.blend
    2014-04-23 22:48 - 2014-04-23 22:47 - 11823614 _____ () C:\Users\Tyler\Downloads\70243_the_forest_with_house_2.zip
    2014-04-23 22:45 - 2014-04-23 22:45 - 00124496 _____ () C:\Users\Tyler\Downloads\69856_horse.zip
    2014-04-23 21:19 - 2014-04-23 21:13 - 00000000 ____D () C:\tmp
    2014-04-23 21:13 - 2014-04-23 21:13 - 00865648 _____ () C:\Users\Tyler\Desktop\girl finished rig.blend
    2014-04-23 20:53 - 2014-04-23 20:53 - 00428924 _____ () C:\Users\Tyler\Desktop\TORCH TREE.blend
    2014-04-23 20:17 - 2014-04-23 20:17 - 00459784 _____ () C:\Users\Tyler\Desktop\Torch tree grass .blend
    2014-04-23 20:11 - 2014-04-23 20:11 - 00768255 _____ () C:\Users\Tyler\Downloads\minecraft_blocks.zip
    2014-04-23 18:01 - 2014-04-23 18:01 - 02241720 _____ () C:\Users\Tyler\Desktop\Not done.blend
    2014-04-23 17:14 - 2014-04-23 17:14 - 01423652 _____ () C:\Users\Tyler\Desktop\RIG WITH MOVIE MOUFE.blend
    2014-04-23 16:40 - 2014-04-23 16:40 - 00655736 _____ () C:\Users\Tyler\Desktop\Girl rig.blend
    2014-04-23 16:05 - 2014-04-23 16:05 - 02472531 _____ () C:\Users\Tyler\Downloads\Rig Pack (Small).zip
    2014-04-22 22:00 - 2014-04-22 21:54 - 00000000 ____D () C:\Users\Tyler\AppData\Roaming\Craften Terminal
    2014-04-22 21:51 - 2014-04-22 21:50 - 16905694 _____ (Craften.de ) C:\Users\Tyler\Downloads\craftenterminal.exe
    2014-04-22 21:50 - 2014-04-22 21:49 - 03090499 _____ () C:\Users\Tyler\Downloads\shaderpacks.rar
    2014-04-22 21:21 - 2014-04-22 21:21 - 02723814 _____ () C:\Users\Tyler\Downloads\forge-1.7.2-10.12.1.1061-installer.jar
    2014-04-22 21:21 - 2014-04-22 21:21 - 02723814 _____ () C:\Users\Tyler\Downloads\forge-1.7.2-10.12.1.1061-installer (1).jar
    2014-04-22 21:20 - 2014-04-22 21:19 - 00058478 _____ () C:\Users\Tyler\Downloads\SEUS_v10.1_preview1.zip
    2014-04-22 21:18 - 2014-04-22 21:18 - 00031109 _____ () C:\Users\Tyler\Downloads\SEUS v10.0 Lite.zip
    2014-04-22 21:16 - 2014-04-22 21:16 - 00390198 _____ () C:\Users\Tyler\Downloads\ShadersMod-v2.3.13mc1.7.4-installer (1).jar
    2014-04-22 21:13 - 2014-04-22 21:13 - 00065038 _____ () C:\Users\Tyler\Downloads\seus-v10.1-Preview2.zip
    2014-04-22 20:44 - 2014-04-22 20:44 - 00040663 _____ () C:\Users\Tyler\Downloads\SEUS v10.0 Ultra DOF.zip
    2014-04-22 19:57 - 2014-04-22 19:57 - 00390198 _____ () C:\Users\Tyler\Downloads\ShadersMod-v2.3.13mc1.7.4-installer.jar
    2014-04-22 18:27 - 2014-04-22 18:27 - 00638748 _____ () C:\Users\Tyler\Desktop\first animation2.blend
    2014-04-22 18:07 - 2014-04-22 18:07 - 00079569 _____ () C:\Users\Tyler\Downloads\MinecraftPlayer.zip
    2014-04-22 16:49 - 2014-04-22 16:47 - 40220683 _____ () C:\Users\Tyler\Downloads\world1.rar
    2014-04-22 16:43 - 2014-04-22 16:43 - 05301903 _____ () C:\Users\Tyler\Downloads\mineways.zip
    2014-04-22 16:10 - 2014-04-23 17:08 - 00599112 _____ () C:\Users\Tyler\Desktop\Minecraft Rig By Ruffles.blend
    2014-04-22 16:10 - 2014-04-22 16:10 - 00599112 _____ () C:\Users\Tyler\Downloads\Minecraft Rig By Ruffles.blend
    2014-04-22 16:03 - 2014-04-22 16:03 - 00120162 _____ () C:\Users\Tyler\Downloads\MinecraftBody.blend.zip
    2014-04-22 16:02 - 2014-04-22 16:01 - 09469166 _____ () C:\Users\Tyler\Downloads\Blender_Minecraft_Rig.zip
    2014-04-21 10:29 - 2012-01-02 17:28 - 00000000 _____ () C:\Windows\system32\HP_ActiveX_Patch_NOT_DETECTED.txt
    2014-04-21 10:29 - 2011-12-26 17:25 - 00000052 _____ () C:\Windows\SysWOW64\DOErrors.log
    2014-04-19 02:59 - 2014-04-19 02:59 - 00000220 _____ () C:\Users\Tyler\Desktop\Garry's Mod.url
    2014-04-19 02:59 - 2011-12-25 23:57 - 00000000 ____D () C:\Users\Tyler\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
    2014-04-19 02:53 - 2011-12-25 23:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
    2014-04-18 15:01 - 2014-04-18 15:01 - 00237336 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgidsdrivera.sys
    2014-04-16 19:36 - 2013-07-29 12:26 - 00000000 ____D () C:\Users\Tyler\AppData\Local\Paint.NET
    2014-04-15 17:02 - 2014-04-15 17:02 - 00450470 _____ () C:\Users\Tyler\Downloads\Claw_v5.4.7-1.zip
    2014-04-15 17:01 - 2012-03-12 20:17 - 00000000 ____D () C:\Program Files (x86)\World of Warcraft
    2014-04-15 16:56 - 2014-04-15 16:56 - 00299562 _____ () C:\Users\Tyler\Downloads\Bartender4-4.5.13.2.zip
    2014-04-14 22:25 - 2014-04-14 22:25 - 00000222 _____ () C:\Users\Tyler\Desktop\Loadout.url
    2014-04-14 22:24 - 2014-04-14 22:24 - 00000222 _____ () C:\Users\Tyler\Desktop\The Mighty Quest For Epic Loot.url
    2014-04-10 07:03 - 2009-07-14 00:13 - 00797760 _____ () C:\Windows\system32\PerfStringBackup.INI
    2014-04-10 03:04 - 2013-01-12 15:19 - 00000000 ____D () C:\ProgramData\Microsoft Help
    2014-04-10 03:03 - 2013-07-23 03:04 - 00000000 ____D () C:\Windows\system32\MRT
    2014-04-10 03:01 - 2012-05-16 19:52 - 90655440 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
    2014-04-03 09:51 - 2014-04-24 16:06 - 00063192 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
    2014-04-03 09:50 - 2014-04-24 16:06 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
    2014-04-02 17:39 - 2014-04-02 16:49 - 752450561 _____ () C:\Users\Tyler\Downloads\CSS Content Addon.zip
    2014-04-02 17:13 - 2014-04-02 17:12 - 752450561 _____ () C:\Users\Tyler\Downloads\CSS Content Addon (1).zip
    2014-03-31 22:26 - 2013-12-17 21:50 - 00000000 ____D () C:\Users\Tyler\AppData\Roaming\TS3Client
    2014-03-31 16:20 - 2014-03-31 16:20 - 00274200 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgtdia.sys
    2014-03-31 16:06 - 2014-03-31 16:06 - 00130840 _____ (AVG Technologies CZ, s.r.o.) C:\Windows\system32\Drivers\avgmfx64.sys

    Some content of TEMP:
    ====================
    C:\Users\Tyler\AppData\Local\Temp\ntdll_dump.dll


    ==================== Bamital & volsnap Check =================

    C:\Windows\System32\winlogon.exe => MD5 is legit
    C:\Windows\System32\wininit.exe => MD5 is legit
    C:\Windows\SysWOW64\wininit.exe => MD5 is legit
    C:\Windows\explorer.exe => MD5 is legit
    C:\Windows\SysWOW64\explorer.exe => MD5 is legit
    C:\Windows\System32\svchost.exe => MD5 is legit
    C:\Windows\SysWOW64\svchost.exe => MD5 is legit
    C:\Windows\System32\services.exe => MD5 is legit
    C:\Windows\System32\User32.dll => MD5 is legit
    C:\Windows\SysWOW64\User32.dll => MD5 is legit
    C:\Windows\System32\userinit.exe => MD5 is legit
    C:\Windows\SysWOW64\userinit.exe => MD5 is legit
    C:\Windows\System32\rpcss.dll => MD5 is legit
    C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


    LastRegBack: 2014-04-19 05:18

    ==================== End Of Log ============================
     
  25. Jim recardo

    Jim recardo TS Rookie Topic Starter Posts: 29

    Additional scan result of Farbar Recovery Scan Tool (x64) Version: 24-04-2014
    Ran by Tyler at 2014-04-29 20:37:31
    Running from C:\Users\Tyler\Desktop
    Boot Mode: Normal
    ==========================================================


    ==================== Security Center ========================

    AV: AVG AntiVirus Free Edition 2014 (Enabled - Up to date) {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
    AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    AS: AVG AntiVirus Free Edition 2014 (Enabled - Up to date) {B5F5C120-2089-702E-0001-553BB0D5A664}

    ==================== Installed Programs ======================

    802.11n Wireless LAN Card (HKLM-x32\...\{8FC4F1DD-F7FD-4766-804D-3C8FF1D309AF}) (Version: 3.01.18.0 - Ralink)
    8BitMMO (HKLM-x32\...\Steam App 250420) (Version: - Archive Entertainment)
    Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.1.0.4880 - Adobe Systems Incorporated)
    Adobe AIR (x32 Version: 3.1.0.4880 - Adobe Systems Incorporated) Hidden
    Adobe Download Assistant (HKLM-x32\...\com.adobe.downloadassistant.AdobeDownloadAssistant) (Version: 1.2.3 - Adobe Systems Incorporated)
    Adobe Download Assistant (x32 Version: 1.2.3 - Adobe Systems Incorporated) Hidden
    Adobe Flash Player 11 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 11.5.502.146 - Adobe Systems Incorporated)
    Adobe Flash Player 12 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 12.0.0.77 - Adobe Systems Incorporated)
    Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.1.0.150 - Adobe Systems, Inc.)
    Agatha Christie - Peril at End House (x32 Version: 2.2.0.95 - WildTangent) Hidden
    Allods Online 4.0.03.42 (HKLM-x32\...\AstrumNival Allods) (Version: 4.0.03.42 - gPotato)
    AMD Accelerated Video Transcoding (Version: 13.20.100.31206 - Advanced Micro Devices, Inc.) Hidden
    AMD APP SDK Runtime (Version: 2.4.650.9 - Advanced Micro Devices Inc.) Hidden
    AMD Catalyst Control Center (x32 Version: 2013.1206.1603.28764 - Advanced Micro Devices, Inc.) Hidden
    AMD Catalyst Install Manager (HKLM\...\{308051DA-0048-7A07-FE8B-9B6EC119A9E8}) (Version: 8.0.915.0 - Advanced Micro Devices, Inc.)
    AMD Drag and Drop Transcoding (Version: 2.00.0000 - Advanced Micro Devices, Inc.) Hidden
    AMD Fuel (Version: 2013.1206.1603.28764 - Advanced Micro Devices, Inc.) Hidden
    AMD Media Foundation Decoders (Version: 1.0.81206.1620 - Advanced Micro Devices, Inc.) Hidden
    AMD Steady Video Plug-In (Version: 2.06.0000 - AMD) Hidden
    AMD Wireless Display v3.0 (Version: 1.0.0.14 - Advanced Micro Devices, Inc.) Hidden
    APB Reloaded (HKLM-x32\...\APB Reloaded) (Version: 1.6.1.603578 - )
    Apple Application Support (HKLM-x32\...\{63EC2120-1742-4625-AA47-C6A8AEC9C64C}) (Version: 2.2.2 - Apple Inc.)
    Apple Mobile Device Support (HKLM\...\{7446FE8D-C1F9-4D42-AAAE-5DBCE58605A6}) (Version: 6.0.0.59 - Apple Inc.)
    Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
    Arc (HKLM-x32\...\{CED8E25B-122A-4E80-B612-7F99B93284B3}) (Version: 1.0.0.5510 - Perfect World Entertainment)
    Arma 2: DayZ Mod (HKLM-x32\...\Steam App 224580) (Version: - Bohemia Interactive)
    AVG 2014 (HKLM\...\AVG) (Version: 2014.0.4570 - AVG Technologies)
    AVG 2014 (Version: 14.0.3931 - AVG Technologies) Hidden
    AVG 2014 (Version: 14.0.4570 - AVG Technologies) Hidden
    AVG PC TuneUp (HKLM-x32\...\AVG PC TuneUp) (Version: 12.0.4020.9 - AVG Technologies)
    AVG PC TuneUp (x32 Version: 12.0.4020.9 - AVG Technologies) Hidden
    AVG PC TuneUp Language Pack (en-US) (x32 Version: 12.0.4020.9 - AVG Technologies) Hidden
    Bandicam (HKLM-x32\...\Bandicam) (Version: 1.9.3.492 - Bandisoft.com)
    Bandisoft MPEG-1 Decoder (HKLM-x32\...\BandiMPEG1) (Version: - Bandisoft.com)
    Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
    Battlefield 3™ (HKLM-x32\...\{76285C16-411A-488A-BCE3-C83CB933D8CF}) (Version: 1.6.0.0 - Electronic Arts)
    BattlEye for OA Uninstall (HKLM-x32\...\BattlEye for OA) (Version: - )
    BattlEye Uninstall (HKLM-x32\...\BattlEye for A2) (Version: - )
    Bejeweled 3 (x32 Version: 2.2.0.97 - WildTangent) Hidden
    Blackhawk Striker 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden
    Blasterball 3 (x32 Version: 2.2.0.97 - WildTangent) Hidden
    Blender (HKLM\...\Blender) (Version: 2.67b - Blender Foundation)
    BlueStacks App Player (HKLM-x32\...\BlueStacks App Player) (Version: 0.8.6.3059 - BlueStack Systems, Inc.)
    BlueStacks Notification Center (HKLM-x32\...\{62763BAD-53A8-4C9F-B4CF-7CCABFEFD725}) (Version: 0.8.6.3059 - BlueStack Systems, Inc.)
    Borderlands 2 (HKLM-x32\...\Steam App 49520) (Version: - Gearbox Software)
    Bounce Symphony (x32 Version: 2.2.0.97 - WildTangent) Hidden
    Cake Mania (x32 Version: 2.2.0.95 - WildTangent) Hidden
    Call of Duty 4: Modern Warfare (HKLM-x32\...\Steam App 7940) (Version: - Infinity Ward)
    Catalyst Control Center - Branding (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Graphics Previews Common (x32 Version: 2013.1206.1603.28764 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center InstallProxy (x32 Version: 2013.1206.1603.28764 - Advanced Micro Devices, Inc.) Hidden
    Catalyst Control Center Localization All (x32 Version: 2013.1206.1603.28764 - Advanced Micro Devices, Inc.) Hidden
    CCC Help Chinese Standard (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
    CCC Help Chinese Traditional (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
    CCC Help Czech (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
    CCC Help Danish (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
    CCC Help Dutch (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
    CCC Help English (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
    CCC Help Finnish (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
    CCC Help French (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
    CCC Help German (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
    CCC Help Greek (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
    CCC Help Hungarian (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
    CCC Help Italian (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
    CCC Help Japanese (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
    CCC Help Korean (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
    CCC Help Norwegian (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
    CCC Help Polish (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
    CCC Help Portuguese (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
    CCC Help Russian (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
    CCC Help Spanish (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
    CCC Help Swedish (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
    CCC Help Thai (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
    CCC Help Turkish (x32 Version: 2013.1206.1602.28764 - Advanced Micro Devices, Inc.) Hidden
    ccc-utility64 (Version: 2013.1206.1603.28764 - Advanced Micro Devices, Inc.) Hidden
    Chivalry: Medieval Warfare (HKLM-x32\...\Steam App 219640) (Version: - )
    Chronicles of Albian (x32 Version: 2.2.0.95 - WildTangent) Hidden
    Chuzzle Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
    Combat Arms (HKLM-x32\...\Steam App 212180) (Version: - )
    Cradle of Rome 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden
    Craften Terminal 3.5.5 (HKLM-x32\...\{4e7c3936-7c06-4ef0-928b-c5d92f372578}_is1) (Version: 3.5.5 - Craften.de)
    Creation Kit (HKLM-x32\...\Steam App 202480) (Version: - bgs.bethsoft.com)
    CrimeCraft GangWars (HKLM-x32\...\Steam App 38830) (Version: - Vogster Entertainment)
    D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
    DayZ (HKLM-x32\...\Steam App 221100) (Version: - Bohemia Interactive)
    DayZ Commander (HKLM-x32\...\{790412BB-B6CE-459B-9E17-7DA7C20FC98C}) (Version: 0.9.124 - Dotjosh Studios)
    DC Universe Online (HKLM-x32\...\Steam App 24200) (Version: - Sony Online Entertainment)
    Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{5971CA1F-6BDE-498F-952C-9F2BF94070A4}) (Version: - Microsoft)
    Demolition, Inc. (HKLM-x32\...\Steam App 98600) (Version: - )
    Diablo III (HKLM-x32\...\Diablo III) (Version: - Blizzard Entertainment)
    Dota 2 (HKLM-x32\...\Steam App 570) (Version: - Valve)
    Dragons Prophet (HKCU\...\SOE-Dragons Prophet) (Version: 1.0.3.183 - Sony Online Entertainment)
    Dungeons & Dragons Online® (HKLM-x32\...\Steam App 206480) (Version: - Turbine, Inc)
    Empire: Total War Demo (HKLM-x32\...\Steam App 10620) (Version: - The Creative Assembly)
    ESN Sonar (HKLM-x32\...\ESN Sonar-0.70.4) (Version: 0.70.4 - ESN Social Software AB)
    EverQuest II (HKCU\...\SOE-EverQuest II) (Version: - Sony Online Entertainment)
    EverQuest II (HKLM-x32\...\Steam App 201230) (Version: - Sony Online Entertainment)
    Farm Frenzy (x32 Version: 2.2.0.95 - WildTangent) Hidden
    FATE (x32 Version: 2.2.0.97 - WildTangent) Hidden
    Football Superstars (HKLM-x32\...\Steam App 219870) (Version: - CyberSports Ltd.)
    Fraps (HKLM-x32\...\Fraps) (Version: - )
    Gameforge Live 1.7.0 "Legend" (HKLM-x32\...\{9C98989A-3A15-42DA-A3B9-D20331437D67}}_is1) (Version: 1.7.0 - Gameforge)
    GameSalad Creator (HKLM-x32\...\{16FCB53A-0DAF-43CC-A51F-1A0685BCC407}) (Version: 0.10.00 - GameSalad)
    GameTracker Lite (HKLM-x32\...\GameTracker Lite) (Version: - ClanServers Hosting LLC.)
    Garry's Mod (HKLM-x32\...\Steam App 4000) (Version: - Facepunch Studios)
    Google Chrome (HKLM-x32\...\Google Chrome) (Version: 34.0.1847.131 - Google Inc.)
    Google Update Helper (x32 Version: 1.3.23.0 - DealPly Technologies Ltd) Hidden <==== ATTENTION
    Gotham City Impostors: Free To Play (HKLM-x32\...\Steam App 206210) (Version: - )
    Governor of Poker 2 Premium Edition (x32 Version: 2.2.0.95 - WildTangent) Hidden
    Guild Wars 2 (HKLM-x32\...\Guild Wars 2) (Version: - NCsoft Corporation, Ltd.)
    Gyazo 1.0.1 (HKLM-x32\...\{6DB8C365-E719-4BA5-9594-10DFC244D3FD}_is1) (Version: - Nota Inc. & Toshiyuki Masui)
    Happy Cloud Client (HKCU\...\HappyCloud) (Version: 3.41 - Happy Cloud, Inc.)
    Hearthstone (HKLM-x32\...\Hearthstone) (Version: - Blizzard Entertainment)
    Hewlett-Packard ACLM.NET v1.2.2.3 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
    Hi-Rez Studios Authenticate and Update Service (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF1FC}) (Version: 3.0.0.0 - Hi-Rez Studios)
    HP Auto (Version: 1.0.12935.3667 - Hewlett-Packard Company) Hidden
    HP Client Services (Version: 1.1.12938.3539 - Hewlett-Packard) Hidden
    HP Customer Experience Enhancements (x32 Version: 6.0.1.8 - Hewlett-Packard) Hidden
    HP Games (HKLM-x32\...\WildTangent hp Master Uninstall) (Version: 1.0.2.5 - WildTangent)
    HP LinkUp (HKLM-x32\...\{DB3147AB-4024-4773-8EC0-A1FE5B44933D}) (Version: 2.01.028 - Hewlett-Packard)
    HP Odometer (HKLM-x32\...\{B8AC1A89-FFD1-4F97-8051-E505A160F562}) (Version: 2.10.0000 - Hewlett-Packard)
    HP Product Detection (HKLM-x32\...\{A436F67F-687E-4736-BD2B-537121A804CF}) (Version: 11.14.0001 - HP)
    HP Setup (HKLM-x32\...\{D35B72B6-F0E4-462B-BDEB-E08032B3B681}) (Version: 8.7.4747.3786 - Hewlett-Packard Company)
    HP Setup Manager (HKLM-x32\...\{AE856388-AFAD-4753-81DF-D96B19D0A17C}) (Version: 1.1.13880.3792 - Hewlett-Packard Company)
    HP Support Assistant (HKLM-x32\...\{E35A3B13-78CD-4967-8AC8-AA9FDA693EDE}) (Version: 7.4.45.4 - Hewlett-Packard Company)
    HP Support Information (HKLM-x32\...\{7F2A11F4-EAE8-4325-83EC-E3E99F85169E}) (Version: 10.1.1000 - Hewlett-Packard)
    HP Update (HKLM-x32\...\{DE77FE3F-A33D-499A-87AD-5FC406617B40}) (Version: 5.002.003.003 - Hewlett-Packard)
    HP Vision Hardware Diagnostics (HKLM\...\{D79A02E9-6713-4335-9668-AAC7474C0C0E}) (Version: 2.9.0.0 - Hewlett-Packard)
    HTML5 Video Player 1.2.5 (HKLM\...\HTML5 Video Player_is1) (Version: 1.2.5 - SocuSoft Co.,Ltd)
    iCloud (HKLM\...\{8B485965-8EFE-464A-842F-CF8F18C3DFD7}) (Version: 1.1.0.40 - Apple Inc.)
    IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6349.0 - IDT)
    InfoSeeker (HKLM-x32\...\InfoSeeker) (Version: 2.6.17 - Big Water Applications, LLC)
    iTunes (HKLM\...\{1493B2AE-0261-47D2-B1AA-F4DAD0F6C48B}) (Version: 10.7.0.21 - Apple Inc.)
    Java 7 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217045FF}) (Version: 7.0.510 - Oracle)
    Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
    Java(TM) 6 Update 22 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216022F0}) (Version: 6.0.220 - Oracle)
    Java(TM) 6 Update 31 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216031FF}) (Version: 6.0.310 - Oracle)
    JavaFX 2.1.0 (HKLM-x32\...\{1111706F-666A-4037-7777-210328764D10}) (Version: 2.1.0 - Oracle Corporation)
    Jewel Quest: The Sleepless Star - Collector's Edition (x32 Version: 2.2.0.95 - WildTangent) Hidden
    Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
    Just Cause 2 (HKLM-x32\...\Steam App 8190) (Version: - Avalanche)
    League of Legends (HKLM-x32\...\{92606477-9366-4D3B-8AE3-6BE4B29727AB}) (Version: 1.3 - Riot Games)
    Loadout (HKLM-x32\...\Steam App 208090) (Version: - Edge of Reality)
    Logitech Gaming Software 5.10 (HKLM\...\{1444D2EE-C7AD-44A8-844F-2634B49353D1}) (Version: 5.10.127 - Logitech)
    Mah Jong Medley (x32 Version: 2.2.0.95 - WildTangent) Hidden
    Malwarebytes Anti-Malware version 2.0.1.1004 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.1.1004 - Malwarebytes Corporation)
    Manic Digger (HKLM-x32\...\{119E2FCB-5CDD-4C24-BCB2-56A824E2BF0A}_is1) (Version: - )
    MapleStory (HKLM-x32\...\Steam App 216150) (Version: - Nexon)
    Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
    Microsoft .NET Framework 1.1 (HKLM-x32\...\{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}) (Version: 1.1.4322 - Microsoft)
    Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
    Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
    Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
    Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}) (Version: 3.5.92.0 - Microsoft Corporation)
    Microsoft Games for Windows Marketplace (HKLM-x32\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)
    Microsoft IntelliPoint 8.2 (HKLM\...\Microsoft IntelliPoint 8.2) (Version: 8.20.468.0 - Microsoft Corporation)
    Microsoft IntelliPoint 8.2 (Version: 8.20.468.0 - Microsoft Corporation) Hidden
    Microsoft Mathematics (HKLM-x32\...\{4D090F70-6F08-4B60-9357-A1DFD4458F09}) (Version: 4.0 - Microsoft Corporation)
    Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
    Microsoft Office Access MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
    Microsoft Office Access Setup Metadata MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
    Microsoft Office Click-to-Run 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
    Microsoft Office Click-to-Run 2010 (Version: 14.0.4763.1000 - Microsoft Corporation) Hidden
    Microsoft Office Excel MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
    Microsoft Office Office 64-bit Components 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
    Microsoft Office OneNote MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
    Microsoft Office Outlook MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
    Microsoft Office PowerPoint MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
    Microsoft Office Professional 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
    Microsoft Office Proof (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
    Microsoft Office Proof (French) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
    Microsoft Office Proof (Spanish) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
    Microsoft Office Proofing (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
    Microsoft Office Publisher MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
    Microsoft Office Shared 64-bit MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
    Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
    Microsoft Office Shared MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
    Microsoft Office Shared Setup Metadata MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
    Microsoft Office Single Image 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
    Microsoft Office Starter 2010 - English (HKLM-x32\...\{90140011-0066-0409-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
    Microsoft Office Word MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
    Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
    Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
    Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
    Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
    Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
    Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
    Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106 (HKLM-x32\...\{8e70e4e1-06d7-470b-9f74-a51bef21088e}) (Version: 11.0.51106.1 - Microsoft Corporation)
    Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden
    Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden
    Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.50727 (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
    Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.51106 (x32 Version: 11.0.51106 - Microsoft Corporation) Hidden
    Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.50727 (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
    Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.51106 (x32 Version: 11.0.51106 - Microsoft Corporation) Hidden
    Microsoft WSE 3.0 Runtime (x32 Version: 3.0.5305.0 - Microsoft Corp.) Hidden
    Microsoft Xbox 360 Accessories 1.2 (HKLM\...\{D9C50188-12D5-4D3E-8F00-682346C2AA5F}) (Version: 1.20.146.0 - Microsoft)
    Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
    Mozilla Firefox 17.0.1 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 17.0.1 (x86 en-US)) (Version: 17.0.1 - Mozilla)
    Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 17.0.1 - Mozilla)
    MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
    MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
    MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
    MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
    Mystery of Mortlake Mansion (x32 Version: 2.2.0.97 - WildTangent) Hidden
    Namco All-Stars: PAC-MAN (x32 Version: 2.2.0.95 - WildTangent) Hidden
    No-IP DUC (HKLM-x32\...\NoIPDUC) (Version: 4.0.1 - Vitalwerks Internet Solutions LLC)
    NVIDIA PhysX (HKLM-x32\...\{DEA314C4-0929-4250-BC92-98E4C105F28D}) (Version: 9.10.0129 - NVIDIA Corporation)
    Open Broadcaster Software (HKLM-x32\...\Open Broadcaster Software) (Version: - )
    OpenOffice.org 3.3 (HKLM-x32\...\{3E171899-0175-47CC-84C4-562ACDD4C021}) (Version: 3.3.9567 - OpenOffice.org)
    Orcs Must Die! (HKLM-x32\...\Steam App 102600) (Version: - )
    Origin (HKLM-x32\...\Origin) (Version: 9.0.15.65 - Electronic Arts, Inc.)
    Overwolf (HKLM-x32\...\{8CD3A2A9-B25E-4D5D-8D12-724493A45C1A}) (Version: 0.42.248 - Overwolf)
    Paint.NET v3.5.10 (HKLM\...\{529125EF-E3AC-4B74-97E6-F688A7C0F1C0}) (Version: 3.60.0 - dotPDN LLC)
    PaintTool SAI Ver.1 (HKLM-x32\...\PaintToolSAI) (Version: - )
    Panda3D 1.8.1 (HKLM-x32\...\Panda3D 1.8.1) (Version: - )
    Pando Media Booster (HKLM-x32\...\{980A182F-E0A2-4A40-94C1-AE0C1235902E}) (Version: 2.6.0.8 - Pando Networks Inc.)
    PDF Complete Special Edition (HKLM-x32\...\PDF Complete) (Version: 4.0.54 - PDF Complete, Inc)
    Penguins! (x32 Version: 2.2.0.95 - WildTangent) Hidden
    Pirate101 (HKLM-x32\...\{662140BE-138C-4DC1-B4CD-B62C6C855A25}) (Version: 1.0.0 - KingsIsle Entertainment, Inc.)
    PlanetSide 2 (HKCU\...\SOE-PlanetSide 2) (Version: 1.0.3.183 - Sony Online Entertainment)
    Plants vs. Zombies - Game of the Year (x32 Version: 2.2.0.95 - WildTangent) Hidden
    Play withSIX (HKLM-x32\...\{D7F3EEAD-183C-47DE-BDC5-593539573F97}) (Version: 1.30.0476 - SIX Networks)
    Poker Superstars III (x32 Version: 2.2.0.95 - WildTangent) Hidden
    Polar Bowler (x32 Version: 2.2.0.97 - WildTangent) Hidden
    Polar Golfer (x32 Version: 2.2.0.95 - WildTangent) Hidden
    PressReader (HKLM-x32\...\{912CED74-88D3-4C5B-ACB0-132318649765}) (Version: 5.10.1217.0 - NewspaperDirect Inc.)
    PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.)
    Ravaged (HKLM-x32\...\Steam App 96300) (Version: - )
    Recovery Manager (x32 Version: 5.5.0.4320 - CyberLink Corp.) Hidden
    RegCure Pro (HKLM-x32\...\{C547F361-5750-4CD1-9FB6-BC93827CB6C1}) (Version: 3.2.1.0 - ParetoLogic, Inc.)
    Remote Graphics Receiver (HKLM-x32\...\{16FC3056-90C0-4757-8A68-64D8DA846ADA}) (Version: 5.4.5 - Hewlett-Packard)
    ROBLOX Studio for Tyler (HKCU\...\{B805FF17-92FE-4757-8142-F0A2850DFE03}) (Version: - ROBLOX Corporation)
    Runes of Magic (HKLM-x32\...\{A2F166A0-F031-4E27-A057-C69733219434}_is1) (Version: 6.0.0.2647 - Gameforge Productions GmbH)
    Runescape Item Spawner (HKCU\...\79741dd164692124) (Version: 1.0.0.1 - Microsoft)
    RuneScape Launcher 1.2.3 (HKLM-x32\...\{FAE99C85-0732-4C58-9C6B-10B5B12FA2E9}) (Version: 1.2.3 - Jagex Ltd)
    Rust (HKLM-x32\...\Steam App 252490) (Version: - Facepunch Studios)
    Security Task Manager 1.8g (HKLM-x32\...\Security Task Manager) (Version: 1.8g - Neuber Software)
    Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
    Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (x32 Version: - Microsoft) Hidden
    SketchUp 2013 (HKLM-x32\...\{E74C0D09-8730-4714-8C6F-019FBF7F1B42}) (Version: 13.0.3689 - Trimble Navigation Limited)
    Skype™ 6.14 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.14.104 - Skype Technologies S.A.)
    Slingo Supreme (x32 Version: 2.2.0.97 - WildTangent) Hidden
    Smite (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF017}) (Version: 0.1.1629.0 - Hi-Rez Studios)
    Source Filmmaker (HKLM-x32\...\Steam App 1840) (Version: - )
    Splashtop Software Updater (HKLM-x32\...\Splashtop Software Updater) (Version: 1.5.6.14 - Splashtop Inc.)
    Splashtop Streamer (HKLM-x32\...\InstallShield_{2EFEAD58-3311-4B2B-9D8A-8D663581D109}) (Version: 2.2.5.1 - Splashtop Inc.)
    Splashtop Streamer (x32 Version: 2.2.5.1 - Splashtop Inc.) Hidden
    SpyHunter (HKLM\...\{ACF5FE1B-3772-4068-8B87-2D2A6EFD0A05}) (Version: 4.17.6.4336 - Enigma Software Group USA, LLC)
    Star Trek Online (HKLM-x32\...\Star Trek Online) (Version: - Cryptic Studios)
    Star Wars The Old Republic (HKLM-x32\...\swtor_swtor) (Version: 7.0.0.12 - Bioware/EA)
    Star Wars: The Old Republic (HKLM-x32\...\{3B11D799-48E0-48ED-BFD7-EA655676D8BB}) (Version: 1.00 - Electronic Arts, Inc.)
    Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
    SwitchBlade (HKLM-x32\...\{9AC703BB-9E97-4888-BF76-4A9809017FC7}) (Version: 3.0.2 - Blue Orb, Inc.)
    swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
    System Requirements Lab CYRI (HKLM-x32\...\{E77DA909-3532-4C95-AFEB-06310E88462A}) (Version: 6.0.3.0 - Husdawg, LLC)
    TeamSpeak 3 Client (HKLM-x32\...\TeamSpeak 3 Client) (Version: 3.0.13 - TeamSpeak Systems GmbH)
    Terraria (HKLM-x32\...\Steam App 105600) (Version: - )
    The Elder Scrolls V: Skyrim (HKLM-x32\...\Steam App 72850) (Version: - Bethesda Game Studios)
    The Lord of the Rings Online (HKCU\...\LOTROen) (Version: - )
    The Mighty Quest For Epic Loot (HKLM-x32\...\Steam App 239220) (Version: - Ubisoft Montreal)
    The Sims™ 3 (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}) (Version: 1.66.2 - Electronic Arts)
    The Sims™ 3 Pets Create A Pet Demo (HKLM-x32\...\{F617CEFF-8242-42AF-95BE-2545DB029A0C}) (Version: 1.0.49 - Electronic Arts)
    The War Z version 1.0 (HKLM-x32\...\{BC3051A7-1021-4B57-A3DA-AAC24566FAE7}_is1) (Version: 1.0 - Arktos Entertainment Group LLC)
    UnHackMe 7.11 release (HKLM-x32\...\UnHackMe_is1) (Version: - Greatis Software, LLC.)
    Unity Web Player (HKCU\...\UnityWebPlayer) (Version: - Unity Technologies ApS)
    Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{B4A38370-2ADB-46B0-A1B0-0C4A2F7DCA31}) (Version: - Microsoft)
    Update for Microsoft Filter Pack 2.0 (KB2837594) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{D3C85176-ACCC-4AF0-817D-1BC803303B74}) (Version: - Microsoft)
    Update for Microsoft Filter Pack 2.0 (KB2837594) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{D3C85176-ACCC-4AF0-817D-1BC803303B74}) (Version: - Microsoft)
    Update for Microsoft InfoPath 2010 (KB2817369) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{4EEA3D3E-989C-4DF4-AB0A-3042C0C12AA3}) (Version: - Microsoft)
    Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DADF7E25-FFA4-4D02-BE84-1DAE62C18516}) (Version: - Microsoft)
    Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version: - Microsoft)
    Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version: - Microsoft)
    Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{287A1E92-9E41-4BC1-8920-B3D0E9220800}) (Version: - Microsoft)
    Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{9D69691D-823D-4C3E-9B12-563A3F520366}) (Version: - Microsoft)
    Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version: - Microsoft)
    Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version: - Microsoft)
    Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{35698CB7-AAA2-4577-B505-DBFF504AEF23}) (Version: - Microsoft)
    Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{5AA578BB-759C-40FD-9661-A737C0884541}) (Version: - Microsoft)
    Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition (HKLM-x32\...\{90140000-001F-040C-0000-0000000FF1CE}_Office14.SingleImage_{82F87E28-B18E-46D6-A399-E2F19CF5949B}) (Version: - Microsoft)
    Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0C0A-0000-0000000FF1CE}_Office14.SingleImage_{5E8EB600-8B94-429E-873E-98369C6DC1BC}) (Version: - Microsoft)
    Update for Microsoft Office 2010 (KB2863818) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0409-0000-0000000FF1CE}_Office14.SingleImage_{83B1B530-7D9E-4C6A-907F-E979CEE9C295}) (Version: - Microsoft)
    Update for Microsoft Office 2010 (KB2878225) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{EFF5EBA3-40AD-4859-85E7-3C1CF4F297EB}) (Version: - Microsoft)
    Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version: - Microsoft)
    Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version: - Microsoft)
    Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM-x32\...\{90140000-001A-0409-0000-0000000FF1CE}_Office14.SingleImage_{DCE104A1-1875-4469-A83D-A5BFA6C4640F}) (Version: - Microsoft)
    Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{2AB483F1-C86E-427A-83B4-23889B03512D}) (Version: - Microsoft)
    Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition (HKLM-x32\...\{90140000-0018-0409-0000-0000000FF1CE}_Office14.SingleImage_{334AA0A1-2BB1-4D74-B66A-2B2C4D9C2C87}) (Version: - Microsoft)
    Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{2BA40F82-F3A4-441C-BF1A-ED4C42FF4872}) (Version: - Microsoft)
    Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{F9F5A080-AF38-4966-9A6B-C43DCA465035}) (Version: - Microsoft)
    Update for Microsoft Visio 2010 (KB2553444) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{799005D3-9B70-4219-AFE0-BC479614CC4D}) (Version: - Microsoft)
    Update for Microsoft Visio Viewer 2010 (KB2810066) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{8C55AA83-54C2-4236-A622-78440A411DC5}) (Version: - Microsoft)
    Update Installer for WildTangent Games App (x32 Version: - WildTangent) Hidden
    Vacation Quest - The Hawaiian Islands (x32 Version: 2.2.0.97 - WildTangent) Hidden
    Virtual Villagers 5 - New Believers (x32 Version: 2.2.0.97 - WildTangent) Hidden
    Visual Studio 2008 x64 Redistributables (HKLM-x32\...\{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}) (Version: 10.0.0.2 - AVG Technologies)
    Visual Studio 2010 x64 Redistributables (HKLM\...\{21B133D6-5979-47F0-BE1C-F6A6B304693F}) (Version: 13.0.0.1 - AVG Technologies)
    Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
    Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
    War Thunder Launcher 1.0.1.252 (HKLM-x32\...\{ed8deea4-29fa-3932-9612-e2122d8a62d9}}_is1) (Version: - 2013 Gaijin Entertainment Corporation)
    WildTangent Games App (HP Games) (x32 Version: 4.0.10.17 - WildTangent) Hidden
    Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
    Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation)
    Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
    Windows Live ID Sign-in Assistant (Version: 7.250.4225.0 - Microsoft Corporation) Hidden
    Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
    Windows Live Language Selector (Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
    Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
    Windows Live Mesh (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
    Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
    Windows Live Messenger (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
    Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
    Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
    Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
    Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
    Windows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
    Windows Live Remote Client (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
    Windows Live Remote Client Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
    Windows Live Remote Service (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
    Windows Live Remote Service Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
    Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
    Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
    Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
    Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden
    Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
    Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
    WinRAR 4.20 beta 1 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 4.20.1 - win.rar GmbH)
    World of Warcraft (HKLM-x32\...\World of Warcraft) (Version: - Blizzard Entertainment)
    World of Warcraft Public Test (HKLM-x32\...\World of Warcraft Public Test) (Version: - Blizzard Entertainment)
    XSplit (HKLM-x32\...\{1D1D81AD-E6B1-497D-8419-7D2E5DDC124D}) (Version: 1.2.1301.2501 - SplitMediaLabs)
    Youbooster Pro Edition 2.1 (HKLM-x32\...\Youbooster Pro Edition) (Version: 2.1 - Youtube bots)
     
Topic Status:
Not open for further replies.


Add New Comment

TechSpot Members
Login or sign up for free,
it takes about 30 seconds.
You may also...


Get complete access to the TechSpot community. Join thousands of technology enthusiasts that contribute and share knowledge in our forum. Get a private inbox, upload your own photo gallery and more.