• Announcements

    • Budfred

      IE 11 copy/paste problem

      It has come to our attention that people using Internet Explorer 11 (IE 11) are having trouble with copy/paste to the forum. If you encounter this problem, using a different browser like Firefox or Chrome seems to get around the problem. We do not know what the problem is, but it seems to be specific to IE 11 and we are hopeful that Microsoft will eventually fix it.
    • Budfred

      UPDATE on Upgrade   02/07/2017

      We were somewhat delayed on getting the upgrade done, but it looks like it will now be done in the next few days or possibly even later today.   There is one change coming with the new upgrade that may affect people when they log in. There will no longer be separate Usernames and Display Names. Your Display Name will now be the only name you have for the forum and, if you used your Username to log in, you will now need to use your Display Name. It is likely that everyone who visits after the upgrade will need to log in again, so please keep this in mind.   Update again - Feb 7 - We have completed the main part of the upgrade and we are working to tweak settings for the site.  It will probably take us a while, but we will eventually settle down to the way we want it.  In the meanwhile, your posts should be secure, but the look of the forum and some functions may change over time.
    • cnm

      We backup daily at 9:00 PM Pacific Time   02/13/2017

      You may notice the forum being unresponsive for a few minutes around 9:00 PM PST (11:00 PM CST, 5:00 AM GMT) while we back up the database.
    • cnm

      Notifications blocked by Outlook.com, Hotmail, Live, etc   02/14/2017

      Our notifications are blocked by those mail servers. If you have email address at Hotmail, Hotmail.uk, etc etc then you will not get notifications and need to manually check for new replies. We recommend Gmail.   The notifications won't even be in your Spam folder - they just go down a black hole.
    • Budfred

      PLEASE READ - Reversing upgrade   02/23/2017

      We have found that this new upgrade is somewhat of a disaster.  We are finding lots of glitches in being able to post and administer the forum.  Additionally, there are new costs associated with the upgrade that we simply cannot afford.  As a result, we have decided to reverse course and go back to the previous version of our software.  Since this will involve restoring it from a backup, we will lose posts that have been added since January 30 or possibly even some before that.    If you started a topic during that time, we urge you to make backups of your posts and you will need to start the topics over again after the change.  You can simply paste the copies of your posts that you created at that point.    If you joined the forum this month, you will need to re-register since your membership will be lost along with the posts.  Since you have a concealed password, we cannot simply restore your membership for you.   We are going to backup as much as we can so that it will reduce inconvenience for our members.  Unfortunately we cannot back everything up since much will be incompatible with the old version of our software.  We apologize for the confusion and regret the need to do this even though it is not viable to continue with this version of the software.   We plan to begin the process tomorrow evening and, if it goes smoothly, we shouldn't be offline for very long.  However, since we have not done this before, we are not sure how smoothly it will go.  We ask your patience as we proceed.   EDIT: I have asked our hosting service to do the restore at 9 PM Central time and it looks like it will go forward at that time.  Please prepare whatever you need to prepare so that we can restore your topics when the forum is stable again.
JGroomes

Laptop 'Locks-up' Until I Ctrl+Alt+Del

21 posts in this topic

So this all started yesterday (Friday) morning, I believe. My laptop will suddenly/randomly lock-up and I am unable to click anything on the taskbar and occasionally can't click anything on the desktop. I've been unable to click & drag icons on my desktop as well. Occasionally my mouse will make a single-click on its own, and sometimes (only while using Firefox so far) the cursor will change to the scrolling icon while on a website. I've also noticed that while using Google Chrome, clicking on a tab will close it (without clicking the tiny 'x'), and I'm unable to click Chromes settings/options button. The keyboard is working perfectly fine, so I am still able to use hotkey shortcuts. (No mouse/cursor issues seem to occur in games that require a mouse, but window/icon lock-ups outside of the game window still occur and require the task manager temp-fix)

 

The only thing that seems to fix a majority of these issues (except for the ones involving Chrome and clicking & draging icons on my desktop) is when I ctrl+alt+del and open the task manager. After closing task manager almost everything will be working normally, but the problems return only seconds/minutes later.

 

So far I've tried restarting my laptop three times, unplugged my mouse and plugged it back in, and none of it has worked.

I'm using an Acer Aspire laptop with a Logitech USB Optical Mouse, running Windows 7.

I'll provide all of my logs below as instructed in the "Instructions for posting requested logs" topic. (I hope I'm doing this right..)

 

 

Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 8/22/2015
Scan Time: 2:39 PM
Logfile:
Administrator: Yes

Version: 2.1.8.1057
Malware Database: v2015.08.22.03
Rootkit Database: v2015.08.16.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled

OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: Chaotic Lawliet

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 383164
Time Elapsed: 1 hr, 1 min, 47 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 1
PUP.Optional.WebAssistant.A, C:\Program Files\Web Assistant\ExtensionUpdaterService.exe, 3364, , [f8e348c3355690a69f1642dea360a25e]

Modules: 0
(No malicious items detected)

Registry Keys: 170
PUP.Optional.StartPage.A, HKLM\SOFTWARE\CLASSES\CLSID\{336D0C35-8A85-403a-B9D2-65C292C39087}, , [dffc010ad9b2a88e498aebaf79894cb4],
PUP.Optional.StartPage.A, HKLM\SOFTWARE\CLASSES\CLSID\{336D0C35-8A85-403A-B9D2-65C292C39087}\INPROCSERVER32, , [dffc010ad9b2a88e498aebaf79894cb4],
PUP.Optional.StartPage.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{336D0C35-8A85-403a-B9D2-65C292C39087}, , [dffc010ad9b2a88e498aebaf79894cb4],
PUP.Optional.StartPage.A, HKLM\SOFTWARE\CLASSES\TYPELIB\{1D5A4199-956E-49BC-B89F-6A35C57C0D13}, , [dffc010ad9b2a88e498aebaf79894cb4],
PUP.Optional.StartPage.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{A36867C6-302D-49FC-9D8E-1EB037B5F1AB}, , [dffc010ad9b2a88e498aebaf79894cb4],
PUP.Optional.StartPage.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{A36867C6-302D-49FC-9D8E-1EB037B5F1AB}, , [dffc010ad9b2a88e498aebaf79894cb4],
PUP.Optional.StartPage.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{A36867C6-302D-49FC-9D8E-1EB037B5F1AB}, , [dffc010ad9b2a88e498aebaf79894cb4],
PUP.Optional.StartPage.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{1D5A4199-956E-49BC-B89F-6A35C57C0D13}, , [dffc010ad9b2a88e498aebaf79894cb4],
PUP.Optional.StartPage.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\TYPELIB\{1D5A4199-956E-49BC-B89F-6A35C57C0D13}, , [dffc010ad9b2a88e498aebaf79894cb4],
PUP.Optional.StartPage.A, HKLM\SOFTWARE\CLASSES\Extension.ExtensionHelperObject.1, , [dffc010ad9b2a88e498aebaf79894cb4],
PUP.Optional.StartPage.A, HKLM\SOFTWARE\CLASSES\Extension.ExtensionHelperObject, , [dffc010ad9b2a88e498aebaf79894cb4],
PUP.Optional.StartPage.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\Extension.ExtensionHelperObject, , [dffc010ad9b2a88e498aebaf79894cb4],
PUP.Optional.StartPage.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\Extension.ExtensionHelperObject, , [dffc010ad9b2a88e498aebaf79894cb4],
PUP.Optional.StartPage.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{336D0C35-8A85-403A-B9D2-65C292C39087}, , [dffc010ad9b2a88e498aebaf79894cb4],
PUP.Optional.StartPage.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{336D0C35-8A85-403A-B9D2-65C292C39087}, , [dffc010ad9b2a88e498aebaf79894cb4],
PUP.Optional.StartPage.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\Extension.ExtensionHelperObject.1, , [dffc010ad9b2a88e498aebaf79894cb4],
PUP.Optional.StartPage.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\Extension.ExtensionHelperObject.1, , [dffc010ad9b2a88e498aebaf79894cb4],
PUP.Optional.StartPage.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{336D0C35-8A85-403A-B9D2-65C292C39087}, , [dffc010ad9b2a88e498aebaf79894cb4],
PUP.Optional.StartPage.A, HKU\S-1-5-21-2505415791-2747731311-3398940262-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{336D0C35-8A85-403A-B9D2-65C292C39087}, , [dffc010ad9b2a88e498aebaf79894cb4],
PUP.Optional.StartPage.A, HKU\S-1-5-21-2505415791-2747731311-3398940262-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{336D0C35-8A85-403A-B9D2-65C292C39087}, , [dffc010ad9b2a88e498aebaf79894cb4],
PUP.Optional.UTorrentControl.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{7473B6BD-4691-4744-A82B-7854EB3D70B6}, , [e3f845c6a8e333034d35811c9c664bb5],
PUP.Optional.UTorrentControl.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{537F4F0B-3542-4C7D-A3E5-CF121482696C}, , [e3f845c6a8e333034d35811c9c664bb5],
PUP.Optional.UTorrentControl.A, HKLM\SOFTWARE\CLASSES\Toolbar.CT3220468, , [e3f845c6a8e333034d35811c9c664bb5],
PUP.Optional.UTorrentControl.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\Toolbar.CT3220468, , [e3f845c6a8e333034d35811c9c664bb5],
PUP.Optional.UTorrentControl.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\Toolbar.CT3220468, , [e3f845c6a8e333034d35811c9c664bb5],
PUP.Optional.UTorrentControl.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{537F4F0B-3542-4C7D-A3E5-CF121482696C}, , [e3f845c6a8e333034d35811c9c664bb5],
PUP.Optional.UTorrentControl.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\PREAPPROVED\{537F4F0B-3542-4C7D-A3E5-CF121482696C}, , [e3f845c6a8e333034d35811c9c664bb5],
PUP.Optional.UTorrentControl.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{7473B6BD-4691-4744-A82B-7854EB3D70B6}, , [e3f845c6a8e333034d35811c9c664bb5],
PUP.Optional.UTorrentControl.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{7473B6BD-4691-4744-A82B-7854EB3D70B6}, , [e3f845c6a8e333034d35811c9c664bb5],
PUP.Optional.UTorrentControl.A, HKU\S-1-5-21-2505415791-2747731311-3398940262-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{7473B6BD-4691-4744-A82B-7854EB3D70B6}, , [e3f845c6a8e333034d35811c9c664bb5],
PUP.Optional.UTorrentControl.A, HKU\S-1-5-21-2505415791-2747731311-3398940262-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{7473B6BD-4691-4744-A82B-7854EB3D70B6}, , [e3f845c6a8e333034d35811c9c664bb5],
PUP.Optional.DogPile.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{BFE4B5CB-63F7-4A51-9266-6167655D5B4F}, , [b9222ae17615a98d012b6d30d52d5ca4],
PUP.Optional.DogPile.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{C329777A-0CD1-4A76-92A7-65867073661E}, , [b9222ae17615a98d012b6d30d52d5ca4],
PUP.Optional.DogPile.A, HKLM\SOFTWARE\CLASSES\TYPELIB\{CCBDEEA9-517A-4862-B0A1-862AE9532228}, , [b9222ae17615a98d012b6d30d52d5ca4],
PUP.Optional.DogPile.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{7FFBAC79-9683-4C7D-9B08-7637FC3A6748}, , [b9222ae17615a98d012b6d30d52d5ca4],
PUP.Optional.DogPile.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{A11BC516-01FE-4AD3-8D5B-876439AF1870}, , [b9222ae17615a98d012b6d30d52d5ca4],
PUP.Optional.DogPile.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{FF7FA134-575D-4E60-8DBA-6090D2A1E162}, , [b9222ae17615a98d012b6d30d52d5ca4],
PUP.Optional.DogPile.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{7FFBAC79-9683-4C7D-9B08-7637FC3A6748}, , [b9222ae17615a98d012b6d30d52d5ca4],
PUP.Optional.DogPile.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{A11BC516-01FE-4AD3-8D5B-876439AF1870}, , [b9222ae17615a98d012b6d30d52d5ca4],
PUP.Optional.DogPile.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{FF7FA134-575D-4E60-8DBA-6090D2A1E162}, , [b9222ae17615a98d012b6d30d52d5ca4],
PUP.Optional.DogPile.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{7FFBAC79-9683-4C7D-9B08-7637FC3A6748}, , [b9222ae17615a98d012b6d30d52d5ca4],
PUP.Optional.DogPile.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{A11BC516-01FE-4AD3-8D5B-876439AF1870}, , [b9222ae17615a98d012b6d30d52d5ca4],
PUP.Optional.DogPile.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{FF7FA134-575D-4E60-8DBA-6090D2A1E162}, , [b9222ae17615a98d012b6d30d52d5ca4],
PUP.Optional.DogPile.A, HKU\S-1-5-21-2505415791-2747731311-3398940262-1000_Classes\TYPELIB\{CCBDEEA9-517A-4862-B0A1-862AE9532228}, , [b9222ae17615a98d012b6d30d52d5ca4],
PUP.Optional.DogPile.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{CCBDEEA9-517A-4862-B0A1-862AE9532228}, , [b9222ae17615a98d012b6d30d52d5ca4],
PUP.Optional.DogPile.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\TYPELIB\{CCBDEEA9-517A-4862-B0A1-862AE9532228}, , [b9222ae17615a98d012b6d30d52d5ca4],
PUP.Optional.DogPile.A, HKLM\SOFTWARE\CLASSES\FCTB000060231.JSOptionsImpl.1, , [b9222ae17615a98d012b6d30d52d5ca4],
PUP.Optional.DogPile.A, HKLM\SOFTWARE\CLASSES\FCTB000060231.JSOptionsImpl, , [b9222ae17615a98d012b6d30d52d5ca4],
PUP.Optional.DogPile.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\FCTB000060231.JSOptionsImpl, , [b9222ae17615a98d012b6d30d52d5ca4],
PUP.Optional.DogPile.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\FCTB000060231.JSOptionsImpl, , [b9222ae17615a98d012b6d30d52d5ca4],
PUP.Optional.DogPile.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\FCTB000060231.JSOptionsImpl.1, , [b9222ae17615a98d012b6d30d52d5ca4],
PUP.Optional.DogPile.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\FCTB000060231.JSOptionsImpl.1, , [b9222ae17615a98d012b6d30d52d5ca4],
PUP.Optional.DogPile.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{C329777A-0CD1-4A76-92A7-65867073661E}, , [b9222ae17615a98d012b6d30d52d5ca4],
PUP.Optional.DogPile.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{C80BDEB2-8735-44C6-BD55-A1CCD555667A}, , [b9222ae17615a98d012b6d30d52d5ca4],
PUP.Optional.DogPile.A, HKLM\SOFTWARE\CLASSES\FCTB000060231.IEToolbar.1, , [b9222ae17615a98d012b6d30d52d5ca4],
PUP.Optional.DogPile.A, HKLM\SOFTWARE\CLASSES\FCTB000060231.IEToolbar, , [b9222ae17615a98d012b6d30d52d5ca4],
PUP.Optional.DogPile.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\FCTB000060231.IEToolbar, , [b9222ae17615a98d012b6d30d52d5ca4],
PUP.Optional.DogPile.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\FCTB000060231.IEToolbar, , [b9222ae17615a98d012b6d30d52d5ca4],
PUP.Optional.DogPile.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\FCTB000060231.IEToolbar.1, , [b9222ae17615a98d012b6d30d52d5ca4],
PUP.Optional.DogPile.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\FCTB000060231.IEToolbar.1, , [b9222ae17615a98d012b6d30d52d5ca4],
PUP.Optional.DogPile.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{C80BDEB2-8735-44C6-BD55-A1CCD555667A}, , [b9222ae17615a98d012b6d30d52d5ca4],
PUP.Optional.DogPile.A, HKU\S-1-5-21-2505415791-2747731311-3398940262-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{C80BDEB2-8735-44C6-BD55-A1CCD555667A}, , [b9222ae17615a98d012b6d30d52d5ca4],
PUP.Optional.DogPile.A, HKU\S-1-5-21-2505415791-2747731311-3398940262-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{C80BDEB2-8735-44C6-BD55-A1CCD555667A}, , [b9222ae17615a98d012b6d30d52d5ca4],
PUP.Optional.DogPile.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{BFE4B5CB-63F7-4A51-9266-6167655D5B4F}, , [b9222ae17615a98d012b6d30d52d5ca4],
PUP.Optional.DogPile.A, HKLM\SOFTWARE\CLASSES\FCTB000060231.FCTB000060231Pos.1, , [b9222ae17615a98d012b6d30d52d5ca4],
PUP.Optional.DogPile.A, HKLM\SOFTWARE\CLASSES\FCTB000060231.FCTB000060231Pos, , [b9222ae17615a98d012b6d30d52d5ca4],
PUP.Optional.DogPile.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\FCTB000060231.FCTB000060231Pos, , [b9222ae17615a98d012b6d30d52d5ca4],
PUP.Optional.DogPile.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\FCTB000060231.FCTB000060231Pos, , [b9222ae17615a98d012b6d30d52d5ca4],
PUP.Optional.DogPile.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{BFE4B5CB-63F7-4A51-9266-6167655D5B4F}, , [b9222ae17615a98d012b6d30d52d5ca4],
PUP.Optional.DogPile.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\FCTB000060231.FCTB000060231Pos.1, , [b9222ae17615a98d012b6d30d52d5ca4],
PUP.Optional.DogPile.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\FCTB000060231.FCTB000060231Pos.1, , [b9222ae17615a98d012b6d30d52d5ca4],
PUP.Optional.DogPile.A, HKU\S-1-5-21-2505415791-2747731311-3398940262-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{BFE4B5CB-63F7-4A51-9266-6167655D5B4F}, , [b9222ae17615a98d012b6d30d52d5ca4],
PUP.Optional.DogPile.A, HKU\S-1-5-21-2505415791-2747731311-3398940262-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{BFE4B5CB-63F7-4A51-9266-6167655D5B4F}, , [b9222ae17615a98d012b6d30d52d5ca4],
PUP.Optional.TheSeaApp, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{C585D593-E7F3-4852-A200-561686EE02E4}, , [e7f42be0b2d9c6703b8e0d8df40e9070],
PUP.Optional.TheSeaApp, HKLM\SOFTWARE\CLASSES\TheSeaApp.Plugin, , [e7f42be0b2d9c6703b8e0d8df40e9070],
PUP.Optional.TheSeaApp, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{C585D593-E7F3-4852-A200-561686EE02E4}, , [e7f42be0b2d9c6703b8e0d8df40e9070],
PUP.Optional.TheSeaApp, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TheSeaApp.Plugin, , [e7f42be0b2d9c6703b8e0d8df40e9070],
PUP.Optional.TheSeaApp, HKLM\SOFTWARE\CLASSES\WOW6432NODE\TheSeaApp.Plugin, , [e7f42be0b2d9c6703b8e0d8df40e9070],
PUP.Optional.TheSeaApp, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{C585D593-E7F3-4852-A200-561686EE02E4}, , [e7f42be0b2d9c6703b8e0d8df40e9070],
PUP.Optional.TheSeaApp, HKU\S-1-5-21-2505415791-2747731311-3398940262-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{C585D593-E7F3-4852-A200-561686EE02E4}, , [e7f42be0b2d9c6703b8e0d8df40e9070],
PUP.Optional.TheSeaApp, HKU\S-1-5-21-2505415791-2747731311-3398940262-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{C585D593-E7F3-4852-A200-561686EE02E4}, , [e7f42be0b2d9c6703b8e0d8df40e9070],
PUP.Optional.Yontoo.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}, , [01dada318407ce689044f0ab4fb3a35d],
PUP.Optional.Yontoo.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}, , [01dada318407ce689044f0ab4fb3a35d],
PUP.Optional.Yontoo.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}, , [01dada318407ce689044f0ab4fb3a35d],
PUP.Optional.Yontoo.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}, , [01dada318407ce689044f0ab4fb3a35d],
PUP.Optional.Yontoo.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}, , [01dada318407ce689044f0ab4fb3a35d],
PUP.Optional.Yontoo.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}, , [01dada318407ce689044f0ab4fb3a35d],
PUP.Optional.Yontoo.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}, , [01dada318407ce689044f0ab4fb3a35d],
PUP.Optional.Yontoo.A, HKLM\SOFTWARE\CLASSES\TYPELIB\{D372567D-67C1-4B29-B3F0-159B52B3E967}, , [01dada318407ce689044f0ab4fb3a35d],
PUP.Optional.Yontoo.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{1AD27395-1659-4DFF-A319-2CFA243861A5}, , [01dada318407ce689044f0ab4fb3a35d],
PUP.Optional.Yontoo.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{1AD27395-1659-4DFF-A319-2CFA243861A5}, , [01dada318407ce689044f0ab4fb3a35d],
PUP.Optional.Yontoo.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{1AD27395-1659-4DFF-A319-2CFA243861A5}, , [01dada318407ce689044f0ab4fb3a35d],
PUP.Optional.Yontoo.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{D372567D-67C1-4B29-B3F0-159B52B3E967}, , [01dada318407ce689044f0ab4fb3a35d],
PUP.Optional.Yontoo.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\TYPELIB\{D372567D-67C1-4B29-B3F0-159B52B3E967}, , [01dada318407ce689044f0ab4fb3a35d],
PUP.Optional.Yontoo.A, HKLM\SOFTWARE\CLASSES\YontooIEClient.Api.1, , [01dada318407ce689044f0ab4fb3a35d],
PUP.Optional.Yontoo.A, HKLM\SOFTWARE\CLASSES\YontooIEClient.Api, , [01dada318407ce689044f0ab4fb3a35d],
PUP.Optional.Yontoo.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\YontooIEClient.Api, , [01dada318407ce689044f0ab4fb3a35d],
PUP.Optional.Yontoo.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\YontooIEClient.Api, , [01dada318407ce689044f0ab4fb3a35d],
PUP.Optional.Yontoo.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\YontooIEClient.Api.1, , [01dada318407ce689044f0ab4fb3a35d],
PUP.Optional.Yontoo.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\YontooIEClient.Api.1, , [01dada318407ce689044f0ab4fb3a35d],
PUP.Optional.Yontoo.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}, , [01dada318407ce689044f0ab4fb3a35d],
PUP.Optional.Yontoo.A, HKU\S-1-5-21-2505415791-2747731311-3398940262-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}, , [01dada318407ce689044f0ab4fb3a35d],
PUP.Optional.Yontoo.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\PREAPPROVED\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}, , [01dada318407ce689044f0ab4fb3a35d],
PUP.Optional.Yontoo.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}, , [01dada318407ce689044f0ab4fb3a35d],
PUP.Optional.Yontoo.A, HKLM\SOFTWARE\CLASSES\YontooIEClient.Layers.1, , [01dada318407ce689044f0ab4fb3a35d],
PUP.Optional.Yontoo.A, HKLM\SOFTWARE\CLASSES\YontooIEClient.Layers, , [01dada318407ce689044f0ab4fb3a35d],
PUP.Optional.Yontoo.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\YontooIEClient.Layers, , [01dada318407ce689044f0ab4fb3a35d],
PUP.Optional.Yontoo.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\YontooIEClient.Layers, , [01dada318407ce689044f0ab4fb3a35d],
PUP.Optional.Yontoo.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}, , [01dada318407ce689044f0ab4fb3a35d],
PUP.Optional.Yontoo.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\YontooIEClient.Layers.1, , [01dada318407ce689044f0ab4fb3a35d],
PUP.Optional.Yontoo.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\YontooIEClient.Layers.1, , [01dada318407ce689044f0ab4fb3a35d],
PUP.Optional.Yontoo.A, HKU\S-1-5-21-2505415791-2747731311-3398940262-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}, , [01dada318407ce689044f0ab4fb3a35d],
PUP.Optional.Yontoo.A, HKU\S-1-5-21-2505415791-2747731311-3398940262-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}, , [01dada318407ce689044f0ab4fb3a35d],
Adware.Zwangi, HKU\S-1-5-18\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{33524C00-63FB-43DB-A6BF-0A4E14B24649}, , [c615f219a9e28aac3832c5ebba4818e8],
PUP.Optional.InfoAtoms, HKU\S-1-5-21-2505415791-2747731311-3398940262-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{103089DA-0F31-4A8B-843F-7D24A7FE8345}, , [67744dbe2863e45265e5dacb16ec5aa6],
PUP.Optional.InfoAtoms, HKU\S-1-5-21-2505415791-2747731311-3398940262-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{103089DA-0F31-4A8B-843F-7D24A7FE8345}, , [67744dbe2863e45265e5dacb16ec5aa6],
PUP.Optional.WebAssistant.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\Web Assistant Updater, , [f8e348c3355690a69f1642dea360a25e],
PUP.Optional.WebAssistant.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{336D0C35-8A85-403a-B9D2-65C292C39087}_is1, , [f8e348c3355690a69f1642dea360a25e],
PUP.Optional.TheSeaApp.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\The Sea App, , [64773dce305b1b1b08c695d554aff010],
PUP.Optional.ConduitTB.Gen.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{3c471948-f874-49f5-b338-4f214a2ee0b1}, , [6f6c769592f967cf23cf892000049d63],
PUP.Optional.ConduitTB.Gen.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}, , [6f6c769592f967cf23cf892000049d63],
PUP.Optional.BetterSurf.A, HKLM\SOFTWARE\CLASSES\APPID\YontooIEClient.DLL, , [b4273ecd266590a647f79eb232d107f9],
PUP.Optional.BetterSurf.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\APPID\YontooIEClient.DLL, , [21ba1cef8dfeb383cb738cc453b01ae6],
PUP.Optional.Incredibar.A, HKLM\SOFTWARE\GOOGLE\CHROME\EXTENSIONS\dlnembnfbcpjnepmfjmngjenhhajpdfd, , [20bba26904875bdbb83938221fe4817f],
PUP.Optional.Yontoo.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}, , [06d5ec1f4f3ca0962faeac06a85c7d83],
PUP.Optional.InstallBrain.A, HKLM\SOFTWARE\WOW6432NODE\InstallIQ, , [b12a31da8407c86e7c6965feff04b44c],
PUP.Optional.uTorrentControl.A, HKLM\SOFTWARE\WOW6432NODE\uTorrentControl_v2, , [3d9ea16a127990a646fb2a3410f3c33d],
PUP.Optional.BetterSurf.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\APPID\YontooIEClient.DLL, , [18c3a06bbad167cff44ab29eb3502fd1],
PUP.Optional.Incredibar.A, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\dlnembnfbcpjnepmfjmngjenhhajpdfd, , [fedde823216a50e6757cc09a4cb741bf],
PUP.Optional.Yontoo.A, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\niapdbllcanepiiimjjndipklodoedlc, , [a03bdb3033587bbba8583c1c9c67d927],
PUP.Optional.ConduitTB.Gen, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\BCFJEHBFANFHGOEHOGMBIEBEDKIDEDJB, , [a43794776b204de952e3d15225de29d7],
PUP.Optional.ConduitTB.Gen, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\EJPBBHJLBIPNCJKLFJJAEDAIEIMBMDDA, , [66757f8c672448eeb580f82b8b78af51],
PUP.Optional.ConduitTB.Gen, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\HAPJCFHLHBIDAFLNBNNHKOJDPEIOOOGL, , [ae2d9f6cf19a2a0cb77eb96a12f137c9],
PUP.Optional.ConduitTB.Gen, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\HHFONPMGPHIGEPLCEBCIGHENGMGIHNKH, , [f9e214f77219eb4bde5725fe946fed13],
PUP.Optional.ConduitTB.Gen.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{7C83D032-AF25-4B6B-889D-794A6508628B}, , [499249c2afdcb284c034f3b6996b44bc],
PUP.Optional.Conduit.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}, , [6c6fba511b7036003e9c75b0a261946c],
PUP.Optional.RegCleanPro.A, HKLM\SOFTWARE\WOW6432NODE\SYSTWEAK\RegClean Pro, , [7b60010a4f3cac8a443b8cc1ad560af6],
PUP.Optional.InstallCore.C, HKU\S-1-5-21-2505415791-2747731311-3398940262-1000\SOFTWARE\InstallCore, , [a734a2698902bd792535208ccd379b65],
PUP.Optional.Conduit.A, HKU\S-1-5-21-2505415791-2747731311-3398940262-1000\SOFTWARE\Tbccint_HKLM, , [2cafad5e4f3c89ad52ea2684dd27f60a],
PUP.Optional.uTorrentControl.A, HKU\S-1-5-21-2505415791-2747731311-3398940262-1000\SOFTWARE\uTorrentControl_v2, , [875444c76427a29442002737e221659b],
PUP.Optional.WeDownLoadManager.A, HKU\S-1-5-21-2505415791-2747731311-3398940262-1000\SOFTWARE\WEDLMNGR, , [d90215f6593283b3add79dacd132aa56],
PUP.Optional.Conduit.A, HKU\S-1-5-21-2505415791-2747731311-3398940262-1000\SOFTWARE\APPDATALOW\SOFTWARE\ConduitSearchScopes, , [e1fa0506ed9e5cda8ef8f1487e8555ab],
PUP.Optional.PriceGong.A, HKU\S-1-5-21-2505415791-2747731311-3398940262-1000\SOFTWARE\APPDATALOW\SOFTWARE\PriceGong, , [439832d9860595a1a46e6fcb15ee53ad],
PUP.Optional.FreeCauseTB.A, HKU\S-1-5-21-2505415791-2747731311-3398940262-1000\SOFTWARE\APPDATALOW\SOFTWARE\FREECAUSE\Toolbars, , [c9127794ff8ca0967d8bf270ba497b85],
PUP.Optional.ConduitTB.Gen, HKU\S-1-5-21-2505415791-2747731311-3398940262-1000\SOFTWARE\CONDUIT\DistributionEngine, , [607bf01b4b402b0b2987802ab94b6f91],
PUP.Optional.Conduit.A, HKU\S-1-5-21-2505415791-2747731311-3398940262-1000\SOFTWARE\CONDUIT\FF, , [f0ebcd3eddae8aac7d99ceb1689c46ba],
PUP.Optional.ConduitTB.Gen, HKU\S-1-5-21-2505415791-2747731311-3398940262-1000\SOFTWARE\GOOGLE\CHROME\EXTENSIONS\BCFJEHBFANFHGOEHOGMBIEBEDKIDEDJB, , [56854ebd6a2135018fa7b66d32d1936d],
PUP.Optional.ConduitTB.Gen, HKU\S-1-5-21-2505415791-2747731311-3398940262-1000\SOFTWARE\GOOGLE\CHROME\EXTENSIONS\EJPBBHJLBIPNCJKLFJJAEDAIEIMBMDDA, , [12c9f11adead3bfbf83ed251f80b0000],
PUP.Optional.ConduitTB.Gen, HKU\S-1-5-21-2505415791-2747731311-3398940262-1000\SOFTWARE\GOOGLE\CHROME\EXTENSIONS\HAPJCFHLHBIDAFLNBNNHKOJDPEIOOOGL, , [d209b754206ba591e84e4ad9f80b1ae6],
PUP.Optional.ConduitTB.Gen, HKU\S-1-5-21-2505415791-2747731311-3398940262-1000\SOFTWARE\GOOGLE\CHROME\EXTENSIONS\HHFONPMGPHIGEPLCEBCIGHENGMGIHNKH, , [87544cbfb6d53ff72e088a99a95a7f81],
PUP.Optional.ConduitTB.Gen.A, HKU\S-1-5-21-2505415791-2747731311-3398940262-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{7C83D032-AF25-4B6B-889D-794A6508628B}, , [f7e4f2198209cd69c62d7237bb49c63a],
PUP.Optional.ConduitTB.Gen.A, HKU\S-1-5-21-2505415791-2747731311-3398940262-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{84248DD2-05A5-442F-A34C-BEFF208545E8}, , [30ab2edd6d1eea4c7b78961353b14fb1],
PUP.Optional.Conduit.A, HKU\S-1-5-21-2505415791-2747731311-3398940262-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}, , [13c832d99cef90a6f9e26db8679ce21e],
PUP.Optional.uTorrentControl.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\uTorrentControl_v2 Toolbar, , [c219898294f7da5c63a28e5ec9398c74],
PUP.Optional.DogPile.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{F78BF7A8-CF12-4DE7-A6DA-C463D1B539A7}, , [12c97992a4e7e45298b7549ae1214cb4],
PUP.Optional.DogPile.A, HKLM\SOFTWARE\CLASSES\TYPELIB\{C766F9AD-E91E-43DE-91DC-D007680ED4AF}, , [12c97992a4e7e45298b7549ae1214cb4],
PUP.Optional.DogPile.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{A4D7890D-2FC4-4B51-A4DA-19B4F07B3B57}, , [12c97992a4e7e45298b7549ae1214cb4],
PUP.Optional.DogPile.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{A4D7890D-2FC4-4B51-A4DA-19B4F07B3B57}, , [12c97992a4e7e45298b7549ae1214cb4],
PUP.Optional.DogPile.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{A4D7890D-2FC4-4B51-A4DA-19B4F07B3B57}, , [12c97992a4e7e45298b7549ae1214cb4],
PUP.Optional.DogPile.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{C766F9AD-E91E-43DE-91DC-D007680ED4AF}, , [12c97992a4e7e45298b7549ae1214cb4],
PUP.Optional.DogPile.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\TYPELIB\{C766F9AD-E91E-43DE-91DC-D007680ED4AF}, , [12c97992a4e7e45298b7549ae1214cb4],
PUP.Optional.DogPile.A, HKLM\SOFTWARE\CLASSES\FreeCauseURLSearchHook.FCToolbarURLSearchHook.1, , [12c97992a4e7e45298b7549ae1214cb4],
PUP.Optional.DogPile.A, HKLM\SOFTWARE\CLASSES\FreeCauseURLSearchHook.FCToolbarURLSearchHook, , [12c97992a4e7e45298b7549ae1214cb4],
PUP.Optional.DogPile.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\FreeCauseURLSearchHook.FCToolbarURLSearchHook, , [12c97992a4e7e45298b7549ae1214cb4],
PUP.Optional.DogPile.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\FreeCauseURLSearchHook.FCToolbarURLSearchHook, , [12c97992a4e7e45298b7549ae1214cb4],
PUP.Optional.DogPile.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\FreeCauseURLSearchHook.FCToolbarURLSearchHook.1, , [12c97992a4e7e45298b7549ae1214cb4],
PUP.Optional.DogPile.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\FreeCauseURLSearchHook.FCToolbarURLSearchHook.1, , [12c97992a4e7e45298b7549ae1214cb4],
PUP.Optional.DogPile.A, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{F78BF7A8-CF12-4DE7-A6DA-C463D1B539A7}, , [12c97992a4e7e45298b7549ae1214cb4],
PUP.Optional.DogPile.A, HKU\S-1-5-21-2505415791-2747731311-3398940262-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{F78BF7A8-CF12-4DE7-A6DA-C463D1B539A7}, , [12c97992a4e7e45298b7549ae1214cb4],
PUP.Optional.DogPile.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\Dogpile Bundle Toolbar, , [12c97992a4e7e45298b7549ae1214cb4],

Registry Values: 31
PUP.Optional.StartPage.A, HKLM\SOFTWARE\MOZILLA\FIREFOX\EXTENSIONS|{336D0C35-8A85-403A-B9D2-65C292C39087}, C:\Program Files\Web Assistant\Firefox, , [dffc010ad9b2a88e498aebaf79894cb4]
PUP.Optional.StartPage.A, HKLM\SOFTWARE\WOW6432NODE\MOZILLA\FIREFOX\EXTENSIONS|{336D0C35-8A85-403A-B9D2-65C292C39087}, C:\Program Files\Web Assistant\Firefox, , [dffc010ad9b2a88e498aebaf79894cb4]
PUP.Optional.UTorrentControl.A, HKU\S-1-5-21-2505415791-2747731311-3398940262-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\TOOLBAR\WEBBROWSER|{7473B6BD-4691-4744-A82B-7854EB3D70B6}, ½¶st‘FDG¨+xTë=p¶, , [e3f845c6a8e333034d35811c9c664bb5]
PUP.Optional.UTorrentControl.A, HKU\S-1-5-21-2505415791-2747731311-3398940262-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\URLSEARCHHOOKS|{7473B6BD-4691-4744-A82B-7854EB3D70B6}, , [e3f845c6a8e333034d35811c9c664bb5],
PUP.Optional.UTorrentControl.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\TOOLBAR|{7473B6BD-4691-4744-A82B-7854EB3D70B6}, uTorrentControl_v2 Toolbar, , [e3f845c6a8e333034d35811c9c664bb5]
PUP.Optional.UTorrentControl.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\URLSEARCHHOOKS|{7473B6BD-4691-4744-A82B-7854EB3D70B6}, , [e3f845c6a8e333034d35811c9c664bb5],
PUP.Optional.DogPile.A, HKU\S-1-5-21-2505415791-2747731311-3398940262-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\TOOLBAR\WEBBROWSER|{C80BDEB2-8735-44C6-BD55-A1CCD555667A}, ²Þ È5‡ÆD½U¡ÌÕUfz, , [b9222ae17615a98d012b6d30d52d5ca4]
PUP.Optional.DogPile.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\TOOLBAR|{C80BDEB2-8735-44C6-BD55-A1CCD555667A}, , [b9222ae17615a98d012b6d30d52d5ca4],
PUP.Optional.UTorrentControl.A, HKU\S-1-5-21-2505415791-2747731311-3398940262-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\TOOLBAR\WEBBROWSER\{7473B6BD-4691-4744-A82B-7854EB3D70B6}, , [b5264ac18b00f83edca62e6fcc363bc5],
PUP.Optional.UTorrentControl.A, HKU\S-1-5-21-2505415791-2747731311-3398940262-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\URLSEARCHHOOKS\{7473b6bd-4691-4744-a82b-7854eb3d70b6}, , [dcffc24967244de96a18663741c108f8],
PUP.Optional.UTorrentControl.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\TOOLBAR\{7473b6bd-4691-4744-a82b-7854eb3d70b6}, , [607bf912a7e445f10f73a4f953af6799],
PUP.Optional.UTorrentControl.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\URLSEARCHHOOKS\{7473b6bd-4691-4744-a82b-7854eb3d70b6}, , [7c5f9774afdca3935929326b788a728e],
PUP.Optional.StartPage.A, HKLM\SOFTWARE\MOZILLA\FIREFOX\EXTENSIONS\{336D0C35-8A85-403a-B9D2-65C292C39087}, , [c4178d7e7516f1459c37a1f944be28d8],
PUP.Optional.StartPage.A, HKLM\SOFTWARE\WOW6432NODE\MOZILLA\FIREFOX\EXTENSIONS\{336D0C35-8A85-403a-B9D2-65C292C39087}, , [b3287d8e078456e00ec5edad5da5af51],
PUP.Optional.Yontoo.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}|Contact, support@yontoo.com, , [06d5ec1f4f3ca0962faeac06a85c7d83]
PUP.Optional.ConduitTB.Gen, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\bcfjehbfanfhgoehogmbiebedkidedjb|path, C:\Users\Chaotic Lawliet\AppData\Local\CRE\bcfjehbfanfhgoehogmbiebedkidedjb.crx, , [a43794776b204de952e3d15225de29d7]
PUP.Optional.ConduitTB.Gen, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\ejpbbhjlbipncjklfjjaedaieimbmdda|path, C:\Users\Chaotic Lawliet\AppData\Local\CRE\ejpbbhjlbipncjklfjjaedaieimbmdda.crx, , [66757f8c672448eeb580f82b8b78af51]
PUP.Optional.ConduitTB.Gen, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\hapjcfhlhbidaflnbnnhkojdpeiooogl|path, C:\Users\Chaotic Lawliet\AppData\Local\CRE\hapjcfhlhbidaflnbnnhkojdpeiooogl.crx, , [ae2d9f6cf19a2a0cb77eb96a12f137c9]
PUP.Optional.ConduitTB.Gen, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\hhfonpmgphigeplcebcighengmgihnkh|path, C:\Users\Chaotic Lawliet\AppData\Local\CRE\hhfonpmgphigeplcebcighengmgihnkh.crx, , [f9e214f77219eb4bde5725fe946fed13]
PUP.Optional.ConduitTB.Gen.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{7C83D032-AF25-4B6B-889D-794A6508628B}|AppPath, C:\Users\Chaotic Lawliet\AppData\Local\Conduit\CT3220468, , [499249c2afdcb284c034f3b6996b44bc]
PUP.Optional.Conduit.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{afdbddaa-5d3f-42ee-b79c-185a7020515b}|URL, http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3220468,, [6c6fba511b7036003e9c75b0a261946c]
PUP.Optional.ConduitTB.Gen, HKU\S-1-5-21-2505415791-2747731311-3398940262-1000\SOFTWARE\GOOGLE\CHROME\EXTENSIONS\bcfjehbfanfhgoehogmbiebedkidedjb|path, C:\Users\Chaotic Lawliet\AppData\Local\CRE\bcfjehbfanfhgoehogmbiebedkidedjb.crx, , [56854ebd6a2135018fa7b66d32d1936d]
PUP.Optional.ConduitTB.Gen, HKU\S-1-5-21-2505415791-2747731311-3398940262-1000\SOFTWARE\GOOGLE\CHROME\EXTENSIONS\ejpbbhjlbipncjklfjjaedaieimbmdda|path, C:\Users\Chaotic Lawliet\AppData\Local\CRE\ejpbbhjlbipncjklfjjaedaieimbmdda.crx, , [12c9f11adead3bfbf83ed251f80b0000]
PUP.Optional.ConduitTB.Gen, HKU\S-1-5-21-2505415791-2747731311-3398940262-1000\SOFTWARE\GOOGLE\CHROME\EXTENSIONS\hapjcfhlhbidaflnbnnhkojdpeiooogl|path, C:\Users\Chaotic Lawliet\AppData\Local\CRE\hapjcfhlhbidaflnbnnhkojdpeiooogl.crx, , [d209b754206ba591e84e4ad9f80b1ae6]
PUP.Optional.ConduitTB.Gen, HKU\S-1-5-21-2505415791-2747731311-3398940262-1000\SOFTWARE\GOOGLE\CHROME\EXTENSIONS\hhfonpmgphigeplcebcighengmgihnkh|path, C:\Users\Chaotic Lawliet\AppData\Local\CRE\hhfonpmgphigeplcebcighengmgihnkh.crx, , [87544cbfb6d53ff72e088a99a95a7f81]
PUP.Optional.ConduitTB.Gen.A, HKU\S-1-5-21-2505415791-2747731311-3398940262-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{7C83D032-AF25-4B6B-889D-794A6508628B}|AppPath, C:\Users\Chaotic Lawliet\AppData\Local\Conduit\CT3220468, , [f7e4f2198209cd69c62d7237bb49c63a]
PUP.Optional.ConduitTB.Gen.A, HKU\S-1-5-21-2505415791-2747731311-3398940262-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{84248DD2-05A5-442F-A34C-BEFF208545E8}|AppPath, C:\Users\Chaotic Lawliet\AppData\Local\Conduit\CT3220468, , [30ab2edd6d1eea4c7b78961353b14fb1]
PUP.Optional.Conduit.A, HKU\S-1-5-21-2505415791-2747731311-3398940262-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{afdbddaa-5d3f-42ee-b79c-185a7020515b}|URL, http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3220468,, [13c832d99cef90a6f9e26db8679ce21e]
PUP.Optional.Conduit.A, HKU\S-1-5-21-2505415791-2747731311-3398940262-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{afdbddaa-5d3f-42ee-b79c-185a7020515b}|SuggestionsURL_JSON, http://suggest.search.conduit.com/CSuggestJson.ashx?prefix={searchTerms},, [36a55bb0553638fe99429f86b152857b]
PUP.Optional.Conduit.A, HKU\S-1-5-21-2505415791-2747731311-3398940262-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{afdbddaa-5d3f-42ee-b79c-185a7020515b}|FaviconURL, http://search.conduit.com/favicon.ico, , [26b586858209fe382daefa2bb94a8f71]
PUP.Optional.DogPile.A, HKU\S-1-5-21-2505415791-2747731311-3398940262-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\URLSEARCHHOOKS|{F78BF7A8-CF12-4DE7-A6DA-C463D1B539A7}, , [12c97992a4e7e45298b7549ae1214cb4],

Registry Data: 0
(No malicious items detected)

Folders: 195
PUP.Optional.WebAssistant.A, C:\Program Files\Web Assistant\Firefox, , [f8e348c3355690a69f1642dea360a25e],
PUP.Optional.WebAssistant.A, C:\Program Files\Web Assistant\Firefox\chrome, , [f8e348c3355690a69f1642dea360a25e],
PUP.Optional.WebAssistant.A, C:\Program Files\Web Assistant\Firefox\chrome\content, , [f8e348c3355690a69f1642dea360a25e],
PUP.Optional.WebAssistant.A, C:\Program Files\Web Assistant\Firefox\chrome\content\libraries, , [f8e348c3355690a69f1642dea360a25e],
PUP.Optional.WebAssistant.A, C:\Program Files\Web Assistant\Firefox\chrome\content\resources, , [f8e348c3355690a69f1642dea360a25e],
PUP.Optional.WebAssistant.A, C:\Program Files\Web Assistant\Firefox\chrome\locale, , [f8e348c3355690a69f1642dea360a25e],
PUP.Optional.WebAssistant.A, C:\Program Files\Web Assistant\Firefox\chrome\locale\en-US, , [f8e348c3355690a69f1642dea360a25e],
PUP.Optional.WebAssistant.A, C:\Program Files\Web Assistant\Firefox\chrome\skin, , [f8e348c3355690a69f1642dea360a25e],
PUP.Optional.WebAssistant.A, C:\Program Files\Web Assistant\Firefox\defaults, , [f8e348c3355690a69f1642dea360a25e],
PUP.Optional.WebAssistant.A, C:\Program Files\Web Assistant\Firefox\defaults\preferences, , [f8e348c3355690a69f1642dea360a25e],
PUP.Optional.WebAssistant.A, C:\Program Files\Web Assistant, , [f8e348c3355690a69f1642dea360a25e],
PUP.Optional.WebAssistant.A, C:\Program Files\Web Assistant\libraries, , [f8e348c3355690a69f1642dea360a25e],
PUP.Optional.WebAssistant.A, C:\Program Files\Web Assistant\resources, , [f8e348c3355690a69f1642dea360a25e],
PUP.Optional.ConduitTB.Gen.A, C:\Users\Chaotic Lawliet\AppData\Local\Conduit\CT3220468, , [1fbc8289513aa6905348bf621ee5ff01],
PUP.Optional.ConduitTB.Gen.A, C:\Users\Chaotic Lawliet\AppData\Local\Conduit, , [1fbc8289513aa6905348bf621ee5ff01],
PUP.Optional.ConduitTB.Gen.A, C:\Users\Chaotic Lawliet\AppData\Local\Conduit\BackgroundContainer, , [1fbc8289513aa6905348bf621ee5ff01],
PUP.Optional.ConduitTB.Gen.A, C:\Users\Chaotic Lawliet\AppData\Local\Conduit\Community Alerts, , [1fbc8289513aa6905348bf621ee5ff01],
PUP.Optional.ConduitTB.Gen, C:\Users\Chaotic Lawliet\AppData\Local\CRE, , [84578487ddae9f972b09f132db28659b],
PUP.Optional.ConduitTB.Gen, C:\Users\Chaotic Lawliet\AppData\Local\Temp\CT3251747, , [f2e9c3483a516dc9a3952bf8e02343bd],
PUP.Optional.TheSeaApp.A, C:\Program Files (x86)\The Sea App (Internet Explorer), , [64773dce305b1b1b08c695d554aff010],
PUP.Optional.ConduitTB.Gen.A, C:\Program Files (x86)\Conduit\Community Alerts, , [6f6c769592f967cf23cf892000049d63],
PUP.Optional.ConduitTB.Gen.A, C:\Program Files (x86)\Conduit, , [6f6c769592f967cf23cf892000049d63],
PUP.Optional.OpenCandy, C:\Users\Chaotic Lawliet\AppData\Roaming\OpenCandy, , [84571af1cac1a393faaa14d3867ca35d],
PUP.Optional.OpenCandy, C:\Users\Chaotic Lawliet\AppData\Roaming\OpenCandy\4292690E61CB461AB33BCBC67A298AB8, , [84571af1cac1a393faaa14d3867ca35d],
PUP.Optional.OpenCandy, C:\Users\Chaotic Lawliet\AppData\Roaming\OpenCandy\7E982355B6EB430F85BD017E6E24ADF5, , [84571af1cac1a393faaa14d3867ca35d],
PUP.Optional.OpenCandy, C:\Users\Chaotic Lawliet\AppData\Roaming\OpenCandy\OpenCandy_DD347F8D86084ABAAEC50FDC35F6620B, , [84571af1cac1a393faaa14d3867ca35d],
PUP.Optional.PriceGong.A, C:\Users\Chaotic Lawliet\AppData\LocalLow\PriceGong, , [9d3ec74487042b0b583ece1ccf3326da],
PUP.Optional.PriceGong.A, C:\Users\Chaotic Lawliet\AppData\LocalLow\PriceGong\Data, , [9d3ec74487042b0b583ece1ccf3326da],
PUP.Optional.PriceGong.A, C:\Users\Chaotic Lawliet\AppData\LocalLow\PriceGong\tmp, , [9d3ec74487042b0b583ece1ccf3326da],
PUP.Optional.uTorrentControl.A, C:\Program Files (x86)\uTorrentControl_v2, , [c219898294f7da5c63a28e5ec9398c74],
PUP.Optional.UTorrentControl.A, C:\Users\Chaotic Lawliet\AppData\Roaming\Mozilla\Firefox\Profiles\cyrlrzfw.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}, , [7d5e9e6de0abc86e7de327c6e61c8b75],
PUP.Optional.UTorrentControl.A, C:\Users\Chaotic Lawliet\AppData\Roaming\Mozilla\Firefox\Profiles\cyrlrzfw.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\Chrome, , [7d5e9e6de0abc86e7de327c6e61c8b75],
PUP.Optional.UTorrentControl.A, C:\Users\Chaotic Lawliet\AppData\Roaming\Mozilla\Firefox\Profiles\cyrlrzfw.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\Chrome\CT3220468, , [7d5e9e6de0abc86e7de327c6e61c8b75],
PUP.Optional.UTorrentControl.A, C:\Users\Chaotic Lawliet\AppData\Roaming\Mozilla\Firefox\Profiles\cyrlrzfw.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\Chrome\CT3220468\content, , [7d5e9e6de0abc86e7de327c6e61c8b75],
PUP.Optional.UTorrentControl.A, C:\Users\Chaotic Lawliet\AppData\Roaming\Mozilla\Firefox\Profiles\cyrlrzfw.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\Chrome\CT3220468\content\logic, , [7d5e9e6de0abc86e7de327c6e61c8b75],
PUP.Optional.UTorrentControl.A, C:\Users\Chaotic Lawliet\AppData\Roaming\Mozilla\Firefox\Profiles\cyrlrzfw.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\Chrome\CT3220468\content\logic\uninstall, , [7d5e9e6de0abc86e7de327c6e61c8b75],
PUP.Optional.UTorrentControl.A, C:\Users\Chaotic Lawliet\AppData\Roaming\Mozilla\Firefox\Profiles\cyrlrzfw.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\Chrome\CT3220468\content\logic\uninstall\dialog, , [7d5e9e6de0abc86e7de327c6e61c8b75],
PUP.Optional.UTorrentControl.A, C:\Users\Chaotic Lawliet\AppData\Roaming\Mozilla\Firefox\Profiles\cyrlrzfw.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\Chrome\CT3220468\content\logic\uninstall\dialog\css, , [7d5e9e6de0abc86e7de327c6e61c8b75],
PUP.Optional.UTorrentControl.A, C:\Users\Chaotic Lawliet\AppData\Roaming\Mozilla\Firefox\Profiles\cyrlrzfw.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\Chrome\CT3220468\content\logic\uninstall\dialog\images, , [7d5e9e6de0abc86e7de327c6e61c8b75],
PUP.Optional.UTorrentControl.A, C:\Users\Chaotic Lawliet\AppData\Roaming\Mozilla\Firefox\Profiles\cyrlrzfw.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\Chrome\CT3220468\content\logic\uninstall\dialog\js, , [7d5e9e6de0abc86e7de327c6e61c8b75],
PUP.Optional.UTorrentControl.A, C:\Users\Chaotic Lawliet\AppData\Roaming\Mozilla\Firefox\Profiles\cyrlrzfw.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\Chrome\CT3220468\content\tb, , [7d5e9e6de0abc86e7de327c6e61c8b75],
PUP.Optional.UTorrentControl.A, C:\Users\Chaotic Lawliet\AppData\Roaming\Mozilla\Firefox\Profiles\cyrlrzfw.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\Chrome\CT3220468\content\tb\al, , [7d5e9e6de0abc86e7de327c6e61c8b75],
PUP.Optional.UTorrentControl.A, C:\Users\Chaotic Lawliet\AppData\Roaming\Mozilla\Firefox\Profiles\cyrlrzfw.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\Chrome\CT3220468\content\tb\al\aboutBox, , [7d5e9e6de0abc86e7de327c6e61c8b75],
PUP.Optional.UTorrentControl.A, C:\Users\Chaotic Lawliet\AppData\Roaming\Mozilla\Firefox\Profiles\cyrlrzfw.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\Chrome\CT3220468\content\tb\al\aboutBox\images, , [7d5e9e6de0abc86e7de327c6e61c8b75],
PUP.Optional.UTorrentControl.A, C:\Users\Chaotic Lawliet\AppData\Roaming\Mozilla\Firefox\Profiles\cyrlrzfw.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\Chrome\CT3220468\content\tb\al\aboutBox\js, , [7d5e9e6de0abc86e7de327c6e61c8b75],
PUP.Optional.UTorrentControl.A, C:\Users\Chaotic Lawliet\AppData\Roaming\Mozilla\Firefox\Profiles\cyrlrzfw.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\Chrome\CT3220468\content\tb\al\ac, , [7d5e9e6de0abc86e7de327c6e61c8b75],
PUP.Optional.UTorrentControl.A, C:\Users\Chaotic Lawliet\AppData\Roaming\Mozilla\Firefox\Profiles\cyrlrzfw.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\Chrome\CT3220468\content\tb\al\ac\css, , [7d5e9e6de0abc86e7de327c6e61c8b75],
PUP.Optional.UTorrentControl.A, C:\Users\Chaotic Lawliet\AppData\Roaming\Mozilla\Firefox\Profiles\cyrlrzfw.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\Chrome\CT3220468\content\tb\al\ac\img, , [7d5e9e6de0abc86e7de327c6e61c8b75],
PUP.Optional.UTorrentControl.A, C:\Users\Chaotic Lawliet\AppData\Roaming\Mozilla\Firefox\Profiles\cyrlrzfw.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\Chrome\CT3220468\content\tb\al\ac\res, , [7d5e9e6de0abc86e7de327c6e61c8b75],
PUP.Optional.UTorrentControl.A, C:\Users\Chaotic Lawliet\AppData\Roaming\Mozilla\Firefox\Profiles\cyrlrzfw.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\Chrome\CT3220468\content\tb\al\api, , [7d5e9e6de0abc86e7de327c6e61c8b75],
PUP.Optional.UTorrentControl.A, C:\Users\Chaotic Lawliet\AppData\Roaming\Mozilla\Firefox\Profiles\cyrlrzfw.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\Chrome\CT3220468\content\tb\al\msd, , [7d5e9e6de0abc86e7de327c6e61c8b75],
PUP.Optional.UTorrentControl.A, C:\Users\Chaotic Lawliet\AppData\Roaming\Mozilla\Firefox\Profiles\cyrlrzfw.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\Chrome\CT3220468\content\tb\al\options, , [7d5e9e6de0abc86e7de327c6e61c8b75],
PUP.Optional.UTorrentControl.A, C:\Users\Chaotic Lawliet\AppData\Roaming\Mozilla\Firefox\Profiles\cyrlrzfw.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\Chrome\CT3220468\content\tb\al\options\css, , [7d5e9e6de0abc86e7de327c6e61c8b75],
PUP.Optional.UTorrentControl.A, C:\Users\Chaotic Lawliet\AppData\Roaming\Mozilla\Firefox\Profiles\cyrlrzfw.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\Chrome\CT3220468\content\tb\al\options\images, , [7d5e9e6de0abc86e7de327c6e61c8b75],
PUP.Optional.UTorrentControl.A, C:\Users\Chaotic Lawliet\AppData\Roaming\Mozilla\Firefox\Profiles\cyrlrzfw.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\Chrome\CT3220468\content\tb\al\options\js, , [7d5e9e6de0abc86e7de327c6e61c8b75],
PUP.Optional.UTorrentControl.A, C:\Users\Chaotic Lawliet\AppData\Roaming\Mozilla\Firefox\Profiles\cyrlrzfw.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\Chrome\CT3220468\content\tb\al\options\js\resources, , [7d5e9e6de0abc86e7de327c6e61c8b75],
PUP.Optional.UTorrentControl.A, C:\Users\Chaotic Lawliet\AppData\Roaming\Mozilla\Firefox\Profiles\cyrlrzfw.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\Chrome\CT3220468\content\tb\al\sp, , [7d5e9e6de0abc86e7de327c6e61c8b75],
PUP.Optional.UTorrentControl.A, C:\Users\Chaotic Lawliet\AppData\Roaming\Mozilla\Firefox\Profiles\cyrlrzfw.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\Chrome\CT3220468\content\tb\al\sp\js, , [7d5e9e6de0abc86e7de327c6e61c8b75],
PUP.Optional.UTorrentControl.A, C:\Users\Chaotic Lawliet\AppData\Roaming\Mozilla\Firefox\Profiles\cyrlrzfw.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\Chrome\CT3220468\content\tb\al\sp\spbd, , [7d5e9e6de0abc86e7de327c6e61c8b75],
PUP.Optional.UTorrentControl.A, C:\Users\Chaotic Lawliet\AppData\Roaming\Mozilla\Firefox\Profiles\cyrlrzfw.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\Chrome\CT3220468\content\tb\al\sp\spbd\images, , [7d5e9e6de0abc86e7de327c6e61c8b75],
PUP.Optional.UTorrentControl.A, C:\Users\Chaotic Lawliet\AppData\Roaming\Mozilla\Firefox\Profiles\cyrlrzfw.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\Chrome\CT3220468\content\tb\al\sp\spsd, , [7d5e9e6de0abc86e7de327c6e61c8b75],
PUP.Optional.UTorrentControl.A, C:\Users\Chaotic Lawliet\AppData\Roaming\Mozilla\Firefox\Profiles\cyrlrzfw.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\Chrome\CT3220468\content\tb\al\sp\spsd\images, , [7d5e9e6de0abc86e7de327c6e61c8b75],
PUP.Optional.UTorrentControl.A, C:\Users\Chaotic Lawliet\AppData\Roaming\Mozilla\Firefox\Profiles\cyrlrzfw.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\Chrome\CT3220468\content\tb\al\ui, , [7d5e9e6de0abc86e7de327c6e61c8b75],
PUP.Optional.UTorrentControl.A, C:\Users\Chaotic Lawliet\AppData\Roaming\Mozilla\Firefox\Profiles\cyrlrzfw.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\Chrome\CT3220468\content\tb\al\ui\dlg, , [7d5e9e6de0abc86e7de327c6e61c8b75],
PUP.Optional.UTorrentControl.A, C:\Users\Chaotic Lawliet\AppData\Roaming\Mozilla\Firefox\Profiles\cyrlrzfw.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\Chrome\CT3220468\content\tb\al\ui\dlg\ftd, , [7d5e9e6de0abc86e7de327c6e61c8b75],
PUP.Optional.UTorrentControl.A, C:\Users\Chaotic Lawliet\AppData\Roaming\Mozilla\Firefox\Profiles\cyrlrzfw.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\Chrome\CT3220468\content\tb\al\ui\dlg\ftd\images, , [7d5e9e6de0abc86e7de327c6e61c8b75],
PUP.Optional.UTorrentControl.A, C:\Users\Chaotic Lawliet\AppData\Roaming\Mozilla\Firefox\Profiles\cyrlrzfw.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\Chrome\CT3220468\content\tb\al\ui\gadgetFrame, , [7d5e9e6de0abc86e7de327c6e61c8b75],
PUP.Optional.UTorrentControl.A, C:\Users\Chaotic Lawliet\AppData\Roaming\Mozilla\Firefox\Profiles\cyrlrzfw.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\Chrome\CT3220468\content\tb\al\ui\gf, , [7d5e9e6de0abc86e7de327c6e61c8b75],
PUP.Optional.UTorrentControl.A, C:\Users\Chaotic Lawliet\AppData\Roaming\Mozilla\Firefox\Profiles\cyrlrzfw.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\Chrome\CT3220468\content\tb\al\ui\gf\css, , [7d5e9e6de0abc86e7de327c6e61c8b75],
PUP.Optional.UTorrentControl.A, C:\Users\Chaotic Lawliet\AppData\Roaming\Mozilla\Firefox\Profiles\cyrlrzfw.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\Chrome\CT3220468\content\tb\al\ui\gf\img, , [7d5e9e6de0abc86e7de327c6e61c8b75],
PUP.Optional.UTorrentControl.A, C:\Users\Chaotic Lawliet\AppData\Roaming\Mozilla\Firefox\Profiles\cyrlrzfw.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\Chrome\CT3220468\content\tb\al\ui\gf\js, , [7d5e9e6de0abc86e7de327c6e61c8b75],
PUP.Optional.UTorrentControl.A, C:\Users\Chaotic Lawliet\AppData\Roaming\Mozilla\Firefox\Profiles\cyrlrzfw.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\Chrome\CT3220468\content\tb\al\ui\menu, , [7d5e9e6de0abc86e7de327c6e61c8b75],
PUP.Optional.UTorrentControl.A, C:\Users\Chaotic Lawliet\AppData\Roaming\Mozilla\Firefox\Profiles\cyrlrzfw.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\Chrome\CT3220468\content\tb\al\ui\menu\css, , [7d5e9e6de0abc86e7de327c6e61c8b75],
PUP.Optional.UTorrentControl.A, C:\Users\Chaotic Lawliet\AppData\Roaming\Mozilla\Firefox\Profiles\cyrlrzfw.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\Chrome\CT3220468\content\tb\al\ui\menu\img, , [7d5e9e6de0abc86e7de327c6e61c8b75],
PUP.Optional.UTorrentControl.A, C:\Users\Chaotic Lawliet\AppData\Roaming\Mozilla\Firefox\Profiles\cyrlrzfw.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\Chrome\CT3220468\content\tb\al\ui\menu\js, , [7d5e9e6de0abc86e7de327c6e61c8b75],
PUP.Optional.UTorrentControl.A, C:\Users\Chaotic Lawliet\AppData\Roaming\Mozilla\Firefox\Profiles\cyrlrzfw.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\Chrome\CT3220468\content\tb\al\wa, , [7d5e9e6de0abc86e7de327c6e61c8b75],
PUP.Optional.UTorrentControl.A, C:\Users\Chaotic Lawliet\AppData\Roaming\Mozilla\Firefox\Profiles\cyrlrzfw.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\Chrome\CT3220468\content\tb\al\wa\APPLICATION_BUTTON, , [7d5e9e6de0abc86e7de327c6e61c8b75],
PUP.Optional.UTorrentControl.A, C:\Users\Chaotic Lawliet\AppData\Roaming\Mozilla\Firefox\Profiles\cyrlrzfw.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\Chrome\CT3220468\content\tb\al\wa\APPLICATION_BUTTON\Js, , [7d5e9e6de0abc86e7de327c6e61c8b75],
PUP.Optional.UTorrentControl.A, C:\Users\Chaotic Lawliet\AppData\Roaming\Mozilla\Firefox\Profiles\cyrlrzfw.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\Chrome\CT3220468\content\tb\al\wa\APPLICATION_BUTTON\resources, , [7d5e9e6de0abc86e7de327c6e61c8b75],
PUP.Optional.UTorrentControl.A, C:\Users\Chaotic Lawliet\AppData\Roaming\Mozilla\Firefox\Profiles\cyrlrzfw.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\Chrome\CT3220468\content\tb\al\wa\EMAIL_NOTIFIER, , [7d5e9e6de0abc86e7de327c6e61c8b75],
PUP.Optional.UTorrentControl.A, C:\Users\Chaotic Lawliet\AppData\Roaming\Mozilla\Firefox\Profiles\cyrlrzfw.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\Chrome\CT3220468\content\tb\al\wa\EMAIL_NOTIFIER\css, , [7d5e9e6de0abc86e7de327c6e61c8b75],
PUP.Optional.UTorrentControl.A, C:\Users\Chaotic Lawliet\AppData\Roaming\Mozilla\Firefox\Profiles\cyrlrzfw.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\Chrome\CT3220468\content\tb\al\wa\EMAIL_NOTIFIER\js, , [7d5e9e6de0abc86e7de327c6e61c8b75],
PUP.Optional.UTorrentControl.A, C:\Users\Chaotic Lawliet\AppData\Roaming\Mozilla\Firefox\Profiles\cyrlrzfw.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\Chrome\CT3220468\content\tb\al\wa\HIGHLIGHTER, , [7d5e9e6de0abc86e7de327c6e61c8b75],
PUP.Optional.UTorrentControl.A, C:\Users\Chaotic Lawliet\AppData\Roaming\Mozilla\Firefox\Profiles\cyrlrzfw.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\Chrome\CT3220468\content\tb\al\wa\HIGHLIGHTER\css, , [7d5e9e6de0abc86e7de327c6e61c8b75],
PUP.Optional.UTorrentControl.A, C:\Users\Chaotic Lawliet\AppData\Roaming\Mozilla\Firefox\Profiles\cyrlrzfw.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\Chrome\CT3220468\content\tb\al\wa\HIGHLIGHTER\js, , [7d5e9e6de0abc86e7de327c6e61c8b75],
PUP.Optional.UTorrentControl.A, C:\Users\Chaotic Lawliet\AppData\Roaming\Mozilla\Firefox\Profiles\cyrlrzfw.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\Chrome\CT3220468\content\tb\al\wa\MULTI_RSS, , [7d5e9e6de0abc86e7de327c6e61c8b75],
PUP.Optional.UTorrentControl.A, C:\Users\Chaotic Lawliet\AppData\Roaming\Mozilla\Firefox\Profiles\cyrlrzfw.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\Chrome\CT3220468\content\tb\al\wa\MULTI_RSS\css, , [7d5e9e6de0abc86e7de327c6e61c8b75],
PUP.Optional.UTorrentControl.A, C:\Users\Chaotic Lawliet\AppData\Roaming\Mozilla\Firefox\Profiles\cyrlrzfw.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\Chrome\CT3220468\content\tb\al\wa\MULTI_RSS\img, , [7d5e9e6de0abc86e7de327c6e61c8b75],
PUP.Optional.UTorrentControl.A, C:\Users\Chaotic Lawliet\AppData\Roaming\Mozilla\Firefox\Profiles\cyrlrzfw.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\Chrome\CT3220468\content\tb\al\wa\MULTI_RSS\js, , [7d5e9e6de0abc86e7de327c6e61c8b75],
PUP.Optional.UTorrentControl.A, C:\Users\Chaotic Lawliet\AppData\Roaming\Mozilla\Firefox\Profiles\cyrlrzfw.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\Chrome\CT3220468\content\tb\al\wa\MULTI_RSS\js\resources, , [7d5e9e6de0abc86e7de327c6e61c8b75],
PUP.Optional.UTorrentControl.A, C:\Users\Chaotic Lawliet\AppData\Roaming\Mozilla\Firefox\Profiles\cyrlrzfw.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\Chrome\CT3220468\content\tb\al\wa\NOTIFICATION, , [7d5e9e6de0abc86e7de327c6e61c8b75],
PUP.Optional.UTorrentControl.A, C:\Users\Chaotic Lawliet\AppData\Roaming\Mozilla\Firefox\Profiles\cyrlrzfw.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\Chrome\CT3220468\content\tb\al\wa\NOTIFICATION\css, , [7d5e9e6de0abc86e7de327c6e61c8b75],
PUP.Optional.UTorrentControl.A, C:\Users\Chaotic Lawliet\AppData\Roaming\Mozilla\Firefox\Profiles\cyrlrzfw.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\Chrome\CT3220468\content\tb\al\wa\NOTIFICATION\images, , [7d5e9e6de0abc86e7de327c6e61c8b75],
PUP.Optional.UTorrentControl.A, C:\Users\Chaotic Lawliet\AppData\Roaming\Mozilla\Firefox\Profiles\cyrlrzfw.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\Chrome\CT3220468\content\tb\al\wa\NOTIFICATION\images\dark, , [7d5e9e6de0abc86e7de327c6e61c8b75],
PUP.Optional.UTorrentControl.A, C:\Users\Chaotic Lawliet\AppData\Roaming\Mozilla\Firefox\Profiles\cyrlrzfw.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\Chrome\CT3220468\content\tb\al\wa\NOTIFICATION\images\light, , [7d5e9e6de0abc86e7de327c6e61c8b75],
PUP.Optional.UTorrentControl.A, C:\Users\Chaotic Lawliet\AppData\Roaming\Mozilla\Firefox\Profiles\cyrlrzfw.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\Chrome\CT3220468\content\tb\al\wa\NOTIFICATION\js, , [7d5e9e6de0abc86e7de327c6e61c8b75],
PUP.Optional.UTorrentControl.A, C:\Users\Chaotic Lawliet\AppData\Roaming\Mozilla\Firefox\Profiles\cyrlrzfw.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\Chrome\CT3220468\content\tb\al\wa\Optimizer, , [7d5e9e6de0abc86e7de327c6e61c8b75],
PUP.Optional.UTorrentControl.A, C:\Users\Chaotic Lawliet\AppData\Roaming\Mozilla\Firefox\Profiles\cyrlrzfw.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\Chrome\CT3220468\content\tb\al\wa\Optimizer\js, , [7d5e9e6de0abc86e7de327c6e61c8b75],
PUP.Optional.UTorrentControl.A, C:\Users\Chaotic Lawliet\AppData\Roaming\Mozilla\Firefox\Profiles\cyrlrzfw.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\Chrome\CT3220468\content\tb\al\wa\PRICE_GONG, , [7d5e9e6de0abc86e7de327c6e61c8b75],
PUP.Optional.UTorrentControl.A, C:\Users\Chaotic Lawliet\AppData\Roaming\Mozilla\Firefox\Profiles\cyrlrzfw.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\Chrome\CT3220468\content\tb\al\wa\PRICE_GONG\agreement, , [7d5e9e6de0abc86e7de327c6e61c8b75],
PUP.Optional.UTorrentControl.A, C:\Users\Chaotic Lawliet\AppData\Roaming\Mozilla\Firefox\Profiles\cyrlrzfw.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\Chrome\CT3220468\content\tb\al\wa\PRICE_GONG\css, , [7d5e9e6de0abc86e7de327c6e61c8b75],
PUP.Optional.UTorrentControl.A, C:\Users\Chaotic Lawliet\AppData\Roaming\Mozilla\Firefox\Profiles\cyrlrzfw.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\Chrome\CT3220468\content\tb\al\wa\PRICE_GONG\css\custom-theme, , [7d5e9e6de0abc86e7de327c6e61c8b75],
PUP.Optional.UTorrentControl.A, C:\Users\Chaotic Lawliet\AppData\Roaming\Mozilla\Firefox\Profiles\cyrlrzfw.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\Chrome\CT3220468\content\tb\al\wa\PRICE_GONG\images, , [7d5e9e6de0abc86e7de327c6e61c8b75],
PUP.Optional.UTorrentControl.A, C:\Users\Chaotic Lawliet\AppData\Roaming\Mozilla\Firefox\Profiles\cyrlrzfw.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\Chrome\CT3220468\content\tb\al\wa\RADIO_PLAYER, , [7d5e9e6de0abc86e7de327c6e61c8b75],
PUP.Optional.UTorrentControl.A, C:\Users\Chaotic Lawliet\AppData\Roaming\Mozilla\Firefox\Profiles\cyrlrzfw.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\Chrome\CT3220468\content\tb\al\wa\RADIO_PLAYER\css, , [7d5e9e6de0abc86e7de327c6e61c8b75],
PUP.Optional.UTorrentControl.A, C:\Users\Chaotic Lawliet\AppData\Roaming\Mozilla\Firefox\Profiles\cyrlrzfw.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\Chrome\CT3220468\content\tb\al\wa\RADIO_PLAYER\css\custom-theme, , [7d5e9e6de0abc86e7de327c6e61c8b75],
PUP.Optional.UTorrentControl.A, C:\Users\Chaotic Lawliet\AppData\Roaming\Mozilla\Firefox\Profiles\cyrlrzfw.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\Chrome\CT3220468\content\tb\al\wa\RADIO_PLAYER\js, , [7d5e9e6de0abc86e7de327c6e61c8b75],
PUP.Optional.UTorrentControl.A, C:\Users\Chaotic Lawliet\AppData\Roaming\Mozilla\Firefox\Profiles\cyrlrzfw.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\Chrome\CT3220468\content\tb\al\wa\RADIO_PLAYER\js\resources, , [7d5e9e6de0abc86e7de327c6e61c8b75],
PUP.Optional.UTorrentControl.A, C:\Users\Chaotic Lawliet\AppData\Roaming\Mozilla\Firefox\Profiles\cyrlrzfw.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\Chrome\CT3220468\content\tb\al\wa\SEARCH, , [7d5e9e6de0abc86e7de327c6e61c8b75],
PUP.Optional.UTorrentControl.A, C:\Users\Chaotic Lawliet\AppData\Roaming\Mozilla\Firefox\Profiles\cyrlrzfw.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\Chrome\CT3220468\content\tb\al\wa\SEARCH\buildSettings, , [7d5e9e6de0abc86e7de327c6e61c8b75],
PUP.Optional.UTorrentControl.A, C:\Users\Chaotic Lawliet\AppData\Roaming\Mozilla\Firefox\Profiles\cyrlrzfw.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\Chrome\CT3220468\content\tb\al\wa\SEARCH\Css, , [7d5e9e6de0abc86e7de327c6e61c8b75],
PUP.Optional.UTorrentControl.A, C:\Users\Chaotic Lawliet\AppData\Roaming\Mozilla\Firefox\Profiles\cyrlrzfw.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\Chrome\CT3220468\content\tb\al\wa\SEARCH\js, , [7d5e9e6de0abc86e7de327c6e61c8b75],
PUP.Optional.UTorrentControl.A, C:\Users\Chaotic Lawliet\AppData\Roaming\Mozilla\Firefox\Profiles\cyrlrzfw.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\Chrome\CT3220468\content\tb\al\wa\SEARCH\resources, , [7d5e9e6de0abc86e7de327c6e61c8b75],
PUP.Optional.UTorrentControl.A, C:\Users\Chaotic Lawliet\AppData\Roaming\Mozilla\Firefox\Profiles\cyrlrzfw.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\Chrome\CT3220468\content\tb\al\wa\SEARCH\view, , [7d5e9e6de0abc86e7de327c6e61c8b75],
PUP.Optional.UTorrentControl.A, C:\Users\Chaotic Lawliet\AppData\Roaming\Mozilla\Firefox\Profiles\cyrlrzfw.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\Chrome\CT3220468\content\tb\al\wa\SEARCH\view\script, , [7d5e9e6de0abc86e7de327c6e61c8b75],
PUP.Optional.UTorrentControl.A, C:\Users\Chaotic Lawliet\AppData\Roaming\Mozilla\Firefox\Profiles\cyrlrzfw.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\Chrome\CT3220468\content\tb\al\wa\SEARCH\view\style, , [7d5e9e6de0abc86e7de327c6e61c8b75],
PUP.Optional.UTorrentControl.A, C:\Users\Chaotic Lawliet\AppData\Roaming\Mozilla\Firefox\Profiles\cyrlrzfw.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\Chrome\CT3220468\content\tb\al\wa\SEARCH\view\style\rsx, , [7d5e9e6de0abc86e7de327c6e61c8b75],
PUP.Optional.UTorrentControl.A, C:\Users\Chaotic Lawliet\AppData\Roaming\Mozilla\Firefox\Profiles\cyrlrzfw.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\Chrome\CT3220468\content\tb\al\wa\TWITTER, , [7d5e9e6de0abc86e7de327c6e61c8b75],
PUP.Optional.UTorrentControl.A, C:\Users\Chaotic Lawliet\AppData\Roaming\Mozilla\Firefox\Profiles\cyrlrzfw.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\Chrome\CT3220468\content\tb\al\wa\TWITTER\img, , [7d5e9e6de0abc86e7de327c6e61c8b75],
PUP.Optional.UTorrentControl.A, C:\Users\Chaotic Lawliet\AppData\Roaming\Mozilla\Firefox\Profiles\cyrlrzfw.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\Chrome\CT3220468\content\tb\al\wa\TWITTER\js, , [7d5e9e6de0abc86e7de327c6e61c8b75],
PUP.Optional.UTorrentControl.A, C:\Users\Chaotic Lawliet\AppData\Roaming\Mozilla\Firefox\Profiles\cyrlrzfw.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\Chrome\CT3220468\content\tb\al\wa\WEATHER, , [7d5e9e6de0abc86e7de327c6e61c8b75],
PUP.Optional.UTorrentControl.A, C:\Users\Chaotic Lawliet\AppData\Roaming\Mozilla\Firefox\Profiles\cyrlrzfw.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\Chrome\CT3220468\content\tb\al\wa\WEATHER\css, , [7d5e9e6de0abc86e7de327c6e61c8b75],
PUP.Optional.UTorrentControl.A, C:\Users\Chaotic Lawliet\AppData\Roaming\Mozilla\Firefox\Profiles\cyrlrzfw.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\Chrome\CT3220468\content\tb\al\wa\WEATHER\js, , [7d5e9e6de0abc86e7de327c6e61c8b75],
PUP.Optional.UTorrentControl.A, C:\Users\Chaotic Lawliet\AppData\Roaming\Mozilla\Firefox\Profiles\cyrlrzfw.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\Chrome\CT3220468\content\tb\core, , [7d5e9e6de0abc86e7de327c6e61c8b75],
PUP.Optional.UTorrentControl.A, C:\Users\Chaotic Lawliet\AppData\Roaming\Mozilla\Firefox\Profiles\cyrlrzfw.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\Chrome\CT3220468\content\tb\lib, , [7d5e9e6de0abc86e7de327c6e61c8b75],
PUP.Optional.UTorrentControl.A, C:\Users\Chaotic Lawliet\AppData\Roaming\Mozilla\Firefox\Profiles\cyrlrzfw.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\Chrome\CT3220468\content\tb\lib\jquery.alerts, , [7d5e9e6de0abc86e7de327c6e61c8b75],
PUP.Optional.UTorrentControl.A, C:\Users\Chaotic Lawliet\AppData\Roaming\Mozilla\Firefox\Profiles\cyrlrzfw.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\Chrome\CT3220468\content\tb\lib\jquery.alerts\images, , [7d5e9e6de0abc86e7de327c6e61c8b75],
PUP.Optional.UTorrentControl.A, C:\Users\Chaotic Lawliet\AppData\Roaming\Mozilla\Firefox\Profiles\cyrlrzfw.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\Chrome\CT3220468\content\tb\lib\jquery.jscrollpane, , [7d5e9e6de0abc86e7de327c6e61c8b75],
PUP.Optional.UTorrentControl.A, C:\Users\Chaotic Lawliet\AppData\Roaming\Mozilla\Firefox\Profiles\cyrlrzfw.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\Chrome\CT3220468\content\tb\sl, , [7d5e9e6de0abc86e7de327c6e61c8b75],
PUP.Optional.UTorrentControl.A, C:\Users\Chaotic Lawliet\AppData\Roaming\Mozilla\Firefox\Profiles\cyrlrzfw.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\components, , [7d5e9e6de0abc86e7de327c6e61c8b75],
PUP.Optional.UTorrentControl.A, C:\Users\Chaotic Lawliet\AppData\Roaming\Mozilla\Firefox\Profiles\cyrlrzfw.default\extensions\{7473b6bd-4691-4744-a82b-7854eb3d70b6}\defaults, , [7d5e9e6de0abc86e7de327c6e61c8b75],
PUP.Optional.UTorrentControl.A, C:\Users\Chaotic Lawliet\AppData\Roaming\Mozilla

Share this post


Link to post
Share on other sites

Suddenly my laptop is working properly and all of the issues seem to be gone now, not sure why or how.
I'm going to give it 24 hours to see if the issues return, if they do I will be sure to return here.

Share this post


Link to post
Share on other sites

Hi JGroomes, and welcome to SWI.

You had quite a bit of potentially unwanted programs that Malwarebytes AntiMalware found, but the log doesn't show that it was removed.

Start MBAM.
To the right of Database Version, click Update Now
Click on the Settings tab and in the left column click on Detection and Protection.
Place a checkmark in the option to Scan for rootkits.
At the top of of the Windows click the Scan tab.
If not selected, select Threat Scan and click the Start Scan button.
When finished, be sure to delete everything found, and post the new log.

 

Download TFC by OldTimer to your Desktop.

  • Please double-click TFC.exe to run it.
  • It will close all programs when run, so make sure you have saved all your work before you begin.
  • Click the Start button to begin the process. Depending on how often you clean temp files, execution time should be anywhere from a few seconds to a minute or two.
    Let it run uninterrupted untill it has finished.
  • Once it's finished it should reboot your machine. If it does not, please manually reboot the machine to ensure a complete clean.

 

Please download AdwCleaner by Xplode onto your Desktop.

  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click the Scan button and wait for the process to complete.
  • Click the Report button and the report will open in Notepad.
  • NOTE: If you get an error message, it means that nothing was found. Exit from AdwCleaner.
  • Click on the Clean button follow the prompts.
  • A log file will automatically open after the scan has finished and the PC has rebooted.
  • Please post the content of that log file with your next answer.
  • You can find the log file at C:\AdwCleaner[sn].txt (n is a number).

 

Please scan your system with ESET Online Scanner

  • Click the "Run ESET Online Scanner" button.
    • For browsers other than Internet Explorer such as Firefox, Chrome, or Opera (Microsoft Internet Explorer users can skip this step) another page will open to download the ESET Smart Installer
    • Click on esetsmartinstaller_enu.exe
    • Save it to your desktop, and double-click to run it.
  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under scan settings, check "Scan Archives" and "Remove found threats"
  • Click Advanced settings and select the following:
    • Scan potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Click the Back button.
  • Click the Finish button.

 

Download the below tool
Farbar Recovery Scan Tool (64 bit)
and save it to a folder on your computer's Desktop.
Double-click to run it. When the tool opens click Yes to disclaimer.
Press the Scan button.
It will create a log (FRST.txt) in the same directory the tool is run.
The first time the tool is run, it makes creates another log (Addition.txt).
Please post the contents of both, each in their own reply.

 

 

Please post the new log from MBAM, log from AdwCleaner, the log from ESET Online Scanner, and then each in their own reply (so nothing is cut off by the maximum post length), the two logs from FRST (FRST.txt and Addition.txt), and note any errors encountered. If any log is cut off by the maximum post length, please check to see where it cut off, and post the remainder of the log in an additional reply.

Share this post


Link to post
Share on other sites

Thank you for the quick reply, Joker.
When I turned my laptop on today, the issues have returned. After ESET Online Scanner finished, the issues seem to have disappeared once more. For good or not, I'm not entirely sure. And there were no errors with any of the scans. Logs are below.

 

 

Malwarebytes Anti-Malware
www.malwarebytes.org
Scan Date: 8/23/2015
Scan Time: 12:37 PM
Logfile: MBAM 8.23.15.txt
Administrator: Yes
Version: 2.1.8.1057
Malware Database: v2015.08.23.04
Rootkit Database: v2015.08.16.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled
OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: Chaotic Lawliet
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 414759
Time Elapsed: 1 hr, 37 min, 26 sec
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled
Processes: 0
(No malicious items detected)
Modules: 0
(No malicious items detected)
Registry Keys: 0
(No malicious items detected)
Registry Values: 0
(No malicious items detected)
Registry Data: 0
(No malicious items detected)
Folders: 0
(No malicious items detected)
Files: 3
PUP.Optional.ELEX, C:\Users\Chaotic Lawliet\Desktop\Games\Starbound\win32\sblclfx.dll, , [c67ae22a0f7c999dec5420afcf32a45c],
PUP.Optional.Softonic.A, C:\Users\Chaotic Lawliet\AppData\Roaming\Mozilla\Firefox\Profiles\cyrlrzfw.default\prefs.js, Good: (), Bad: (user_pref("{336D0C35-8A85-403a-B9D2-65C292C39087}.ScriptData_WSG_whiteList", "{\"search.babylon.com\":\"q\",\"search.sweetim.com\":\"q\",\"search.imesh.net\":\"q\",\"www.search-results.com\":\"q\",\"home.mywebsearch.com\":\"searchfor\",\"search.mywebsearch.com\":\"searchfor\",\"search.mindspark.com\":\"searchfor\",\"search.conduit.com\":\"q\",\"search.zugo.com\":\"p\",\"www2.mystart.com\":\"q\",\"www.mystart.com\":\"q\",\"www.bigseekpro.com\":\"q\",\"bigseekpro.com\":\"q\",\"bigspeedpro.com\":\"q\",\"search.esnips.com\":\"searchQuery\",\"search.foxtab.com\":\"q\",\"search.brothersoft.com\":\"keyword\",\"search.softonic.com\":\"q\",\"www.dogpile.com\":\"q\",\"search.infospace.com\":\"q\",\"search.iobit.com\":\"q\",\"search.iminent.com\":\"\",\"search.facemoods.com\":\"s\",\"www.plusnetwork.com\":\"q\",\"www.alothome.com\":\"q\",\"alothome.com\":\"q\",\"search.alothome.com\":\"q\",\"search.chatvibes.com\":\"q\",\"search.blekko.com\":\"\",\"www.searchnu.com\":\"q\",\"searchnu.com\":\"q\",\"search.icq.com\":\"q\",\"search.etype.com\":\"query\",\"isearch.babylon.com\":\"q\",\"search.utorrent.com\":\"\",\"search.bittorrent.com\":\"\",\"search.bearshare.com\":\"q\",\"search.bearshare.net\":\"q\",\"searchya.com\":\"q\",\"int.search-results.com\":\"q\",\"search.searchcompletion.com\":\"q\",\"www.adoresearch.com\":\"q\",\"www.searchcore.net\":\"q\",\"googosearch.info\":\"terms\",\"bar.searchqu.com\":\"q\",\"search.speedbit.com\":\"q\",\"search.toggle.com\":\"q\",\"click.searchnation.net\":\"query\",\"isearch.whitesmoke.com\":\"q\",\"search.handycafe.com\":\"q\",\"searchassist.babylon.com\":\"q\",\"searchnation.net\":\"query\",\"video.searchcompletion.com\":\"q\",\"www.searchbrowsing.com\":\"q\",\"search.anchorfree.net\":\"q\",\"search.hotspotshield.com\":\"q\",\"dts.search-results.com\":\"q\",\"uk.search-results.com\":\"q\",\"search.chatzum.com\":\"q\",\"search.phpnuke.org\":\"q\",\"www.i-mysearch.com\":\"q\",\"search.smartaddressbar.com\":\"q\",\"www.search-guru.com\":\"q\",\"mysearch.sweetim.com\":\"q\",\"searchgby.com\":\"\",\"thespecialsearch.com\":\"q\",\"search.bpath.com\":\"q\",\"start.funmoods.com\":\"q\",\"fr.search-results.com\":\"q\",\"de.search-results.com\":\"q\",\"it.search-results.com\":\"q\",\"es.search-results.com\":\"q\",\"search.imesh.com\":\"q\",\"search.swagbucks.com\":\"q\",\"isearch.avg.com\":\"q\",\"search.avg.com\":\"q\",\"search.yippy.com\":\"query\",\"cludr.com\":\"q\",\"search.vmn.net\":\"q\",\"www.gigablast.com\":\"q\",\"www.metacrawler.com\":\"q\",\"www.webcrawler.com\":\"q\",\"www.ixquick.com\":\"\",\"www.search.com\":\"q\",\"www.excite.com\":\"q\",\"duckduckgo.com\":\"q\",\"search.lycos.com\":\"q\",\"webfetch.com\":\"q\",\"monstercrawler.com\":\"q\",\"go.com\":\"p\",\"hotbot.com\":\"keyword\",\"home.myplaycity.com\":\"s\",\"www.findamo.com\":\"q\",\"search.gboxapp.com\":\"q\",\"start.iplay.com\":\"q\",\"home.speedbit.com\":\"q\",\"home.sweetim.com\":\"q\",\"search.alot.com\":\"q\",\"search.searchplusnetwork.com\":\"q\",\"www.searchqu.net\":\"\",\"us.yhs4.search.yahoo.com\":\"p\",\"search.insiteapp.com\":\"q\",\"somoto.com\":\"q\",\"blekko.com\":\"\",\"uk.yhs4.search.yahoo.com\":\"p\",\"fr.yhs4.search.yahoo.com\":\"p\",\"suggestor.netliker.com\":\"\",\"search.netliker.com\":\"\",\"insta-search.com\":\"q\",\"www.fast-search.biz\":\"q\",\"start.facemoods.com\":\"s\",\"search.coolnovo.com\":\"\",\"chromeplus.info\":\"q\",\"in.yhs4.search.yahoo.com\":\"p\",\"in.yhs.search.yahoo.com\":\"p\",\"www.searchble.com\":\"keyword\",\"home.allgameshome.com\":\"s\",\"forsearch.net\":\"q\",\"allssearch.com\":\"q\",\"search.snap.do\":\"q\",\"us.yhs.search.yahoo.com\":\"p\",\"uk.yhs.search.yahoo.com\":\"p\",\"fr.yhs.search.yahoo.com\":\"p\",\"search.smartsearchbox.net\":\"\",\"search.seznam.cz\":\"q\",\"search.funmoods.com\":\"s\",\"search.avira.com\":\"q\",\"search.jzip.com\":\"q\",\"search.findeer.com\":\"\",\"search-faster.com\":\"\",\"dnssearch.rr.com\":\"search\",\"search.rr.com\":\"q\",\"search.kalloutsearch4.com\":\"q\",\"kalloutsearch4.com\":\"Keywords\",\"search.rapidns.net\":\"SearchQuery\",\"websearch.4shared.com\":\"q\",\"images.search.conduit.com\":\"q\",\"search.cpchero.biz\":\"q\",\"search.kikin.com\":\"q\",\"www.engine-search.biz\":\"q\",\"www.mysearchresults.com\":\"q\",\"search.vdc.com.vn\":\"SearchQuery\",\"search.charter.net\":\"search\",\"search-vbc.com\":\"keywords\",\"search.pch.com\":\"q\",\"search.pantip.com\":\"\",\"www.startsearcher.com\":\"q\",\"search.icafemanager.com\":\"q\",\"aolsearcht10.search.aol.com\":\"q\",\"search.free.fr\":\"\",\"www.similarsitesearch.com\":\"URL\",\"qoqole.com\":\"q\",\"www.claro-search.com\":\"q\",\"isearch.claro-search.com\":\"q\",\"www.uncoverthenet.com/search\":\"q\",\"www.searchcanvas.com\":\"q\",\"search.etoolkit.com\":\"q\",\"www.searchalgo.com\":\"q\",\"bestsearchall.com\":\"q\",\"bestorganicsearch.com\":\"q\",\"mysearchproperties.com\":\"q\",\"search.treasuretrooper.com\":\"q\",\"btsearch.name\":\"q\",\"optu.search-help.net\":\"search\",\"search.clinck.in\":\"q\",\"search.shareazaweb.net\":\"q\",\"search.solarmash.com\":\"q\",\"search.surfcanyon.com\":\"q\",\"search.tedata.net\":\"SearchQuery\",\"www.gooofullsearch.com\":\"keywords\",\"www.alnaddy.com\":\"q\"}|||8641354563111193");), ,[4000cc40e0ab7eb875b894ffe81dd62a]
PUP.Optional.Conduit.A, C:\Users\Chaotic Lawliet\AppData\Roaming\Mozilla\Firefox\Profiles\cyrlrzfw.default\prefs.js, Good: (), Bad: (user_pref("CT3220468.lastNewTabSettings", "{\"isEnabled\":false,\"newTabUrl\":\"http://search.conduit.com/?gd=&ctid=CT3220468&octid=CT3220468&ISID=ISID_ID&SearchSource=15&CUI=UN07666358455992717&SSPV=&Lay=1&UM=&D=IN_DA\"}");),,[c47cf8141f6cba7ca9a95f34050016ea]
Physical Sectors: 0
(No malicious items detected)
(end)
# AdwCleaner v5.003 - Logfile created 23/08/2015 at 16:01:07
# Updated 20/08/2015 by Xplode
# Database : 2015-08-23.3 [server]
# Operating system : Windows 7 Home Premium Service Pack 1 (x64)
# Username : Chaotic Lawliet - TEMPEST
# Running from : C:\Users\Chaotic Lawliet\Desktop\adwcleaner_5.003.exe
# Option : Scan
***** [ Services ] *****
Service Found : YahooAUService
***** [ Folders ] *****
Folder Found : C:\Program Files\Babylon
Folder Found : C:\Program Files (x86)\Babylon
Folder Found : C:\ProgramData\apn
Folder Found : C:\ProgramData\AVG Security Toolbar
Folder Found : C:\ProgramData\Partner
Folder Found : C:\ProgramData\Tarma Installer
Folder Found : C:\ProgramData\Yahoo! Companion
Folder Found : C:\Users\Chaotic Lawliet\AppData\Local\apn
Folder Found : C:\Users\Chaotic Lawliet\AppData\Local\GigglingGamesSA
Folder Found : C:\Users\Chaotic Lawliet\AppData\Local\OpenCandy
Folder Found : C:\Users\Chaotic Lawliet\AppData\LocalLow\Conduit
Folder Found : C:\Users\Chaotic Lawliet\AppData\LocalLow\Yahoo! Companion
Folder Found : C:\Users\Chaotic Lawliet\AppData\Roaming\SearchProtect
Folder Found : C:\Users\Chaotic Lawliet\AppData\Roaming\Mozilla\Firefox\Profiles\cyrlrzfw.default\Smartbar
***** [ Files ] *****
***** [ Shortcuts ] *****
***** [ Scheduled tasks ] *****
Task Found : RunAsStdUser Task
Task Found : update-sys
Task Found : update-S-1-5-21-2505415791-2747731311-3398940262-1000
Task Found : update-sys
Task Found : update-S-1-5-21-2505415791-2747731311-3398940262-1000
Task Found : update-sys
***** [ Registry ] *****
Key Found : HKCU\Software\Classes\VirtualStore\MACHINE\SOFTWARE\Wow6432Node\BabylonToolbar
Key Found : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\conduitapps.com
Key Found : HKLM\SOFTWARE\Classes\AppID\BabylonHelper.EXE
Key Found : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\Extension.DLL
Key Found : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE
Key Found : HKLM\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr
Key Found : HKLM\SOFTWARE\Classes\bbylntlbr.bbylntlbrHlpr.1
Key Found : HKLM\SOFTWARE\Classes\Prod.cap
Key Found : HKLM\SOFTWARE\Classes\protector_dll.protectorbho
Key Found : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Key Found : HKLM\SOFTWARE\Classes\AppID\{6536801B-F50C-449B-9476-093DFD3789E3}
Key Found : HKLM\SOFTWARE\Classes\AppID\{B302A1BD-0157-49FA-90F1-4E94F22C7B4B}
Key Found : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}
Key Found : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Key Found : HKLM\SOFTWARE\Classes\AppID\{CFDAFE39-20CE-451D-BD45-A37452F39CF0}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{058F0E48-61CA-4964-9FBA-1978A1BB060D}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{18F33C35-8EF2-40D7-8BA4-932B0121B472}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{2EECD738-5844-4A99-B4B6-146BF802613B}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{408CFAD9-8F13-4747-8EC7-770A339C7237}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{E46C8196-B634-44A1-AF6E-957C64278AB1}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{FE9271F2-6EFD-44B0-A826-84C829536E93}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{81017EA9-9AA8-4A6A-9734-7AF40E7D593F}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{FDAD4DA1-61A2-4FD8-9C17-86F7AC245081}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FDAD4DA1-61A2-4FD8-9C17-86F7AC245081}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{81017EA9-9AA8-4A6A-9734-7AF40E7D593F}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FDAD4DA1-61A2-4FD8-9C17-86F7AC245081}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FDAD4DA1-61A2-4FD8-9C17-86F7AC245081}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{EF99BD32-C1FB-11D2-892F-0090271D4F88}]
Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}]
Value Found : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{81017EA9-9AA8-4A6A-9734-7AF40E7D593F}]
Key Found : HKU\.DEFAULT\Software\AVG SafeGuard toolbar
Key Found : HKU\.DEFAULT\Software\Avg Secure Update
Key Found : HKCU\Software\APN PIP
Key Found : HKCU\Software\Conduit
Key Found : HKCU\Software\IM
Key Found : HKCU\Software\ImInstaller
Key Found : HKCU\Software\Softonic
Key Found : HKCU\Software\YahooPartnerToolbar
Key Found : HKCU\Software\Avg Secure Update
Key Found : HKCU\Software\AppDataLow\Toolbar
Key Found : HKCU\Software\AppDataLow\Software\adawarebp
Key Found : HKCU\Software\AppDataLow\Software\Conduit
Key Found : HKCU\Software\AppDataLow\Software\Freecause
Key Found : HKCU\Software\AppDataLow\Software\BackgroundContainerV2
Key Found : HKLM\SOFTWARE\Conduit
Key Found : HKLM\SOFTWARE\InfoAtoms
Key Found : HKLM\SOFTWARE\Web Assistant
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Yahoo! Toolbar
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Yahoo! Companion
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{EE171732-BEB4-4576-887D-CB62727F01CA}
Key Found : [x64] HKCU\Software\APN PIP
Key Found : [x64] HKCU\Software\Conduit
Key Found : [x64] HKCU\Software\IM
Key Found : [x64] HKCU\Software\ImInstaller
Key Found : [x64] HKCU\Software\Softonic
Key Found : [x64] HKCU\Software\YahooPartnerToolbar
Key Found : [x64] HKCU\Software\Avg Secure Update
Key Found : [x64] HKLM\SOFTWARE\Tarma Installer
Key Found : [x64] HKLM\SOFTWARE\Web Assistant
Data Found : HKCU\Software\Microsoft\Internet Explorer\Main [start Page] - hxxp://www.ask.com/?l=dis&o=14196
Data Found : HKU\S-1-5-21-2505415791-2747731311-3398940262-1000\Software\Microsoft\Internet Explorer\Main [start Page] - hxxp://www.ask.com/?l=dis&o=14196
***** [ Web browsers ] *****
[C:\Users\Chaotic Lawliet\AppData\Roaming\Mozilla\Firefox\Profiles\cyrlrzfw.default\prefs.js] [Preference] Found : user_pref("CT3220468.ENABLE_RETURN_WEB_SEARCH_ON_THE_PAGE", "{\"dataType\":\"string\",\"data\":\"true\"}");
[C:\Users\Chaotic Lawliet\AppData\Roaming\Mozilla\Firefox\Profiles\cyrlrzfw.default\prefs.js] [Preference] Found : user_pref("CT3220468.isPerformedSmartBarTransition", "true");
[C:\Users\Chaotic Lawliet\AppData\Roaming\Mozilla\Firefox\Profiles\cyrlrzfw.default\prefs.js] [Preference] Found : user_pref("CT3220468.lastNewTabSettings", "{\"isEnabled\":false,\"newTabUrl\":\"hxxp://search.conduit.com/?gd=&ctid=CT3220468&octid=CT3220468&ISID=ISID_ID&SearchSource=15&CUI=UN07666358455992717&SSPV=[...]
[C:\Users\Chaotic Lawliet\AppData\Roaming\Mozilla\Firefox\Profiles\cyrlrzfw.default\prefs.js] [Preference] Found : user_pref("CT3220468.smartbar.CTID", "CT3220468");
[C:\Users\Chaotic Lawliet\AppData\Roaming\Mozilla\Firefox\Profiles\cyrlrzfw.default\prefs.js] [Preference] Found : user_pref("CT3220468.smartbar.Uninstall", "0");
[C:\Users\Chaotic Lawliet\AppData\Roaming\Mozilla\Firefox\Profiles\cyrlrzfw.default\prefs.js] [Preference] Found : user_pref("CT3220468.smartbar.isHidden", true);
[C:\Users\Chaotic Lawliet\AppData\Roaming\Mozilla\Firefox\Profiles\cyrlrzfw.default\prefs.js] [Preference] Found : user_pref("CT3220468.smartbar.toolbarName", "uTorrentControl_v2 ");
[C:\Users\Chaotic Lawliet\AppData\Roaming\Mozilla\Firefox\Profiles\cyrlrzfw.default\prefs.js] [Preference] Found : user_pref("browser.search.selectedEngine", "AVG Secure Search");
[C:\Users\Chaotic Lawliet\AppData\Roaming\Mozilla\Firefox\Profiles\cyrlrzfw.default\prefs.js] [Preference] Found : user_pref("plugin.state.npconduitfirefoxplugin", 2);
[C:\Users\Chaotic Lawliet\AppData\Roaming\Mozilla\Firefox\Profiles\cyrlrzfw.default\prefs.js] [Preference] Found : user_pref("smartbar.machineId", "KNO38NB9Y+S/PRZJSR/YEKEIII6W0J72HYGJIF43LASAA1XQDSTQR43THW6WHWAFNWCJWXRVAIV6LOHC70YT8W");
[C:\Users\Chaotic Lawliet\AppData\Roaming\Mozilla\Firefox\Profiles\cyrlrzfw.default\prefs.js] [Preference] Found : user_pref("{336D0C35-8A85-403a-B9D2-65C292C39087}.ScriptData_WSG_whiteList", "{\"search.babylon.com\":\"q\",\"search.sweetim.com\":\"q\",\"search.imesh.net\":\"q\",\"www.search-results.com\":\"q\",\"h[...]
[C:\Users\Chaotic Lawliet\AppData\Local\Google\Chrome\User Data\Default\Web data] [search Provider] Found : websearch.ask.com
[C:\Users\Chaotic Lawliet\AppData\Local\Google\Chrome\User Data\Default\Web data] [search Provider] Found : aol.com
[C:\Users\Chaotic Lawliet\AppData\Local\Google\Chrome\User Data\Default\Web data] [search Provider] Found : ask.com
########## EOF - C:\AdwCleaner\AdwCleaner[s1].txt - [9872 bytes] ##########
C:\AdwCleaner\Quarantine\C\Users\Chaotic Lawliet\AppData\Local\GigglingGamesSA\bin\1.0.6.0\gigglinggamesSAHook.dll.vir a variant of Win32/Adware.HotBar.S application cleaned by deleting - quarantined
C:\Program Files (x86)\Cheat Engine 6.2\cheatengine-i386.exe a variant of Win32/HackTool.CheatEngine.AB potentially unsafe application cleaned by deleting - quarantined
C:\Program Files (x86)\Cheat Engine 6.2\standalonephase1.dat a variant of Win32/HackTool.CheatEngine.AF potentially unsafe application cleaned by deleting - quarantined
C:\Program Files (x86)\uTorrent\uTorrent.exe a variant of Win32/Bunndle potentially unsafe application cleaned by deleting - quarantined
C:\Users\Chaotic Lawliet\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\13.00\agent\stub_data\askrt_en.cab a variant of Win32/Bundled.Toolbar.Ask.G potentially unsafe application deleted - quarantined
C:\Users\Chaotic Lawliet\Desktop\Crap\uTorrent.exe a variant of Win32/Bunndle potentially unsafe application cleaned by deleting - quarantined
C:\Users\Chaotic Lawliet\Downloads\CheatEngine62.exe Win32/OpenCandy potentially unsafe application deleted - quarantined

Share this post


Link to post
Share on other sites
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:23-08-2015

Ran by Chaotic Lawliet (administrator) on TEMPEST (23-08-2015 21:09:12)

Running from C:\Users\Chaotic Lawliet\Desktop

Loaded Profiles: Chaotic Lawliet (Available Profiles: Chaotic Lawliet)

Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: English (United States)

Internet Explorer Version 11 (Default browser: Chrome)

Boot Mode: Normal



==================== Processes (Whitelisted) =================


(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)


(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgrsa.exe

(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgcsrva.exe

(Microsoft Corporation) C:\Windows\System32\wlanext.exe

(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe

(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe

(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe

(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe

(Acer Incorporated) C:\Program Files (x86)\Acer\Registration\GREGsvc.exe

(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe

(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgemca.exe

(Symantec Corporation) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe

(NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe

(NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe

(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe

(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe

(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe

(Alcor Micro Corp.) C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe

(Egis Technology Inc.) C:\Program Files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe

(Intel Corporation) C:\Windows\System32\igfxtray.exe

(Intel Corporation) C:\Windows\System32\hkcmd.exe

(Intel Corporation) C:\Windows\System32\igfxpers.exe

(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe

(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe

(AVG Technologies) C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe

(Akamai Technologies, Inc.) C:\Users\Chaotic Lawliet\AppData\Local\Akamai\netsession_win.exe

(Akamai Technologies, Inc.) C:\Users\Chaotic Lawliet\AppData\Local\Akamai\netsession_win.exe

(NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe

(Acer Group) C:\Program Files\Acer\Acer Updater\UpdaterService.exe

(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe

(Egis Technology Inc.) C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe

(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe

() C:\Program Files (x86)\USB Optical Mouse\USB Optical Mouse\MouseHid.exe

(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgui.exe

(Skillbrains) C:\Program Files (x86)\Skillbrains\lightshot\5.2.1.1\Lightshot.exe

(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe

(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe

(Egis Technology Inc.) C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe

(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMworker.exe

(Intel Corporation) C:\Windows\System32\igfxext.exe

(Intel Corporation) C:\Windows\System32\igfxsrvc.exe

(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE

(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe

(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe

(AVG Technologies) C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesApp64.exe

(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Microsoft Corporation) C:\Windows\System32\StikyNot.exe



==================== Registry (Whitelisted) ===========================


(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)


HKLM\...\Run: [AmIcoSinglun64] => C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [323584 2009-09-22] (Alcor Micro Corp.)

HKLM\...\Run: [mwlDaemon] => C:\Program Files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe [349552 2010-05-26] (Egis Technology Inc.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [9643552 2009-12-10] (Realtek Semiconductor)

HKLM\...\Run: [synTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1842472 2009-09-18] (Synaptics Incorporated)

HKLM\...\Run: [Acer ePower Management] => C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [861216 2010-04-23] (Acer Incorporated)

HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated)

HKLM-x32\...\Run: [backupManagerTray] => C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe [260608 2010-03-08] (NewTech Infosystems, Inc.)

HKLM-x32\...\Run: [Norton Online Backup] => C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe [1155928 2010-06-01] (Symantec Corporation)

HKLM-x32\...\Run: [suiteTray] => C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe [337264 2010-05-26] (Egis Technology Inc.)

HKLM-x32\...\Run: [EgisUpdate] => C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe [201584 2010-03-11] (Egis Technology Inc.)

HKLM-x32\...\Run: [EgisTecPMMUpdate] => C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe [407920 2010-03-11] (Egis Technology Inc.)

HKLM-x32\...\Run: [LManager] => C:\Program Files (x86)\Launch Manager\LManager.exe [968272 2010-06-22] (Dritek System Inc.)

HKLM-x32\...\Run: [uSB Optical Mouse] => C:\Program Files (x86)\USB Optical Mouse\USB Optical Mouse\MouseHid.exe [245248 2010-03-30] ()

HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\AVG2015\avgui.exe [3730344 2015-07-07] (AVG Technologies CZ, s.r.o.)

HKLM-x32\...\Run: [Lightshot] => C:\Program Files (x86)\Skillbrains\lightshot\Lightshot.exe [226560 2014-11-18] ()

HKLM-x32\...\Run: [switchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)

HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)

HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [5579624 2015-08-03] (LogMeIn Inc.)

Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)

HKU\S-1-5-21-2505415791-2747731311-3398940262-1000\...\Run: [msnmsgr] => C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe [3872080 2010-04-17] (Microsoft Corporation)

HKU\S-1-5-21-2505415791-2747731311-3398940262-1000\...\Run: [Akamai NetSession Interface] => C:\Users\Chaotic Lawliet\AppData\Local\Akamai\netsession_win.exe [4691384 2015-07-23] (Akamai Technologies, Inc.)

HKU\S-1-5-21-2505415791-2747731311-3398940262-1000\...\Run: [swg] => C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2010-07-14] (Google Inc.)

HKU\S-1-5-21-2505415791-2747731311-3398940262-1000\...\Run: [LightShot] => C:\Users\Chaotic Lawliet\AppData\Local\Skillbrains\lightshot\Lightshot.exe

HKU\S-1-5-21-2505415791-2747731311-3398940262-1000\...\Run: [ROC_ROC_APR2013_AV] => C:\Users\Chaotic Lawliet\AppData\Roaming\AVG April 2013 Campaign\AVG-Secure-Search-Update.exe /PROMPT --mid 2daa7ced2f2547d1baa9f123ccf0ca55-d54ae5b4a42adb13fe8cade7cdf5e2a8b35ad24d --CMPID ROC_APR201 (the data entry has 22 more characters).

HKU\S-1-5-21-2505415791-2747731311-3398940262-1000\...\Run: [RESTART_STICKY_NOTES] => C:\Windows\system32\StikyNot.exe [427520 2009-07-13] (Microsoft Corporation)

HKU\S-1-5-18\...\RunOnce: [sPReview] => C:\Windows\System32\SPReview\SPReview.exe [301568 2014-12-17] (Microsoft Corporation)

ShellIconOverlayIdentifiers: [egisPSDP] -> {30A0A3F6-38AC-4C53-BB8B-0D95238E25BA} => C:\Program Files (x86)\EgisTec MyWinLocker\x64\psdprotect.dll [2010-05-26] (Egis Technology Inc.)

ShellIconOverlayIdentifiers-x32: [egisPSDP] -> {30A0A3F6-38AC-4C53-BB8B-0D95238E25BA} => C:\Program Files (x86)\EgisTec MyWinLocker\x86\psdprotect.dll [2010-05-26] (Egis Technology Inc.)

CHR HKU\S-1-5-21-2505415791-2747731311-3398940262-1000\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION


==================== Internet (Whitelisted) ====================


(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)


HKU\S-1-5-21-2505415791-2747731311-3398940262-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0409&m=aspire_7741&r=273601115516l0438z115t47n1p586

URLSearchHook: HKU\S-1-5-21-2505415791-2747731311-3398940262-1000 - (No Name) - {03f38c00-dda9-46bf-9475-c6997746c740} - No File

SearchScopes: HKLM-x32 -> DefaultScope {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW

SearchScopes: HKLM-x32 -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW

SearchScopes: HKU\S-1-5-21-2505415791-2747731311-3398940262-1000 -> {225C4492-3857-42F3-9D50-97A47D1AF763} URL = hxxp://ws.infospace.com/playsushi_tbar/ws/redir?_iceUrl=true& user_id=%userid&tool_id=60231&qkw={searchTerms}

SearchScopes: HKU\S-1-5-21-2505415791-2747731311-3398940262-1000 -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW_enUS416

SearchScopes: HKU\S-1-5-21-2505415791-2747731311-3398940262-1000 -> {E8984107-C1A3-4E7A-B45D-96DF0168DDAF} URL = hxxp://websearch.ask.com/redirect?client=ie&tb=FWV5&o=14193&src=crm&q={searchTerms}&locale=&apn_ptnrs=FM&apn_dtid=YYYYYYURUS&apn_uid=f44b21fc-f465-45b9-a417-bc4a3921bffa&apn_sauid=299683DA-6A75-4BBC-8BE3-2F0703436E8E

BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-07-15] (Google Inc.)

BHO: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_51\bin\jp2ssv.dll [2015-08-21] (Oracle Corporation)

BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> c:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27] (Adobe Systems Incorporated)

BHO-x32: RealPlayer Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll [2012-08-30] (RealPlayer)

BHO-x32: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\ssv.dll [2015-08-21] (Oracle Corporation)

BHO-x32: Windows Live Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22] (Microsoft Corporation)

BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-07-15] (Google Inc.)

BHO-x32: Free Download Manager -> {CC59E0F9-7E43-44FA-9FAA-8377850BF205} -> C:\Program Files (x86)\Free Download Manager\iefdm2.dll [2013-03-11] (FreeDownloadManager.ORG)

BHO-x32: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\jp2ssv.dll [2015-08-21] (Oracle Corporation)

Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-07-15] (Google Inc.)

Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-07-15] (Google Inc.)

Toolbar: HKU\S-1-5-21-2505415791-2747731311-3398940262-1000 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-07-15] (Google Inc.)

Toolbar: HKU\S-1-5-21-2505415791-2747731311-3398940262-1000 -> No Name - {03F38C00-DDA9-46BF-9475-C6997746C740} - No File

Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll [2010-04-17] (Microsoft Corporation)

Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll [2010-04-17] (Microsoft Corporation)

Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)

Tcpip\..\Interfaces\{96381102-A251-4052-AB1E-ADFA4BE8D1BC}: [DhcpNameServer] 192.168.1.254


FireFox:

========

FF ProfilePath: C:\Users\Chaotic Lawliet\AppData\Roaming\Mozilla\Firefox\Profiles\cyrlrzfw.default

FF DefaultSearchEngine.US: Google

FF NetworkProxy: "http", "195.246.54.202"

FF NetworkProxy: "http_port", 8080

FF NetworkProxy: "no_proxies_on", ""

FF NetworkProxy: "socks_version", 4

FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_18_0_0_232.dll [2015-08-12] ()

FF Plugin: @java.com/DTPlugin,version=11.51.2 -> C:\Program Files\Java\jre1.8.0_51\bin\dtplugin\npDeployJava1.dll [2015-08-21] (Oracle Corporation)

FF Plugin: @java.com/JavaPlugin -> C:\Program Files\Java\jre1.8.0_51\bin\new_plugin\npjp2.dll [No File]

FF Plugin: @java.com/JavaPlugin,version=11.51.2 -> C:\Program Files\Java\jre1.8.0_51\bin\plugin2\npjp2.dll [2015-08-21] (Oracle Corporation)

FF Plugin: @microsoft.com/GENUINE -> disabled [No File]

FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)

FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_232.dll [2015-08-12] ()

FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1210150.dll [2014-03-11] (Adobe Systems, Inc.)

FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google)

FF Plugin-x32: @java.com/DTPlugin,version=11.51.2 -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\dtplugin\npDeployJava1.dll [2015-08-21] (Oracle Corporation)

FF Plugin-x32: @java.com/JavaPlugin,version=11.51.2 -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\plugin2\npjp2.dll [2015-08-21] (Oracle Corporation)

FF Plugin-x32: @messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6 -> C:\Program Files (x86)\Yahoo!\Shared\npYState.dll [2010-06-01] (Yahoo! Inc.)

FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]

FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)

FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)

FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8117.0416 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-04-17] (Microsoft Corporation)

FF Plugin-x32: @nexon.net/NxGame -> C:\ProgramData\NexonUS\NGM\npNxGameUS.dll [2012-12-04] (Nexon)

FF Plugin-x32: @ogplanet.com/npOGPPlugin -> C:\Windows\system32\npOGPPlugin.dll [No File]

FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll [No File]

FF Plugin-x32: @real.com/nppl3260;version=15.0.6.14 -> c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll [2012-08-30] (RealNetworks, Inc.)

FF Plugin-x32: @real.com/nprjplug;version=15.0.6.14 -> c:\program files (x86)\real\realplayer\Netscape6\nprjplug.dll [2012-08-30] (RealNetworks, Inc.)

FF Plugin-x32: @real.com/nprpchromebrowserrecordext;version=15.0.4.53 -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll [2012-08-30] (RealNetworks, Inc.)

FF Plugin-x32: @real.com/nprphtml5videoshim;version=15.0.6.14 -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll [2012-08-30] (RealNetworks, Inc.)

FF Plugin-x32: @real.com/nprpplugin;version=15.0.6.14 -> c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll [2012-08-30] (RealPlayer)

FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-15] (Google Inc.)

FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-15] (Google Inc.)

FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\1\NP_wtapp.dll [2012-05-31] ()

FF Plugin-x32: BYOND -> C:\Program Files (x86)\BYOND\bin\npbyond.dll [2012-07-15] (BYOND)

FF Plugin HKU\S-1-5-21-2505415791-2747731311-3398940262-1000: @g2.com/iggweb3dupdater -> C:\Users\Chaotic Lawliet\AppData\Roaming\IGG\Web3D\1.0.0.38\NPIGGWeb3DUpdater.dll [2012-04-19] (IGG)

FF Plugin HKU\S-1-5-21-2505415791-2747731311-3398940262-1000: @g2.com/joyconnectshell -> C:\Users\Chaotic Lawliet\AppData\Roaming\IGG\Web3D\1.0.0.38\NPJoyConnectShell.dll [2012-04-19] (IGG)

FF Plugin HKU\S-1-5-21-2505415791-2747731311-3398940262-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Chaotic Lawliet\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2014-04-23] (Unity Technologies ApS)

FF Plugin HKU\S-1-5-21-2505415791-2747731311-3398940262-1000: thehappycloud.com/HappyCloudPlugin -> C:\ProgramData\HappyCloud\Application\npHappyCloudPlugin.dll [2013-11-17] (The Happy Cloud)

FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npbyond.dll [2012-07-15] (BYOND)

FF Extension: Bitdefender QuickScan - C:\Users\Chaotic Lawliet\AppData\Roaming\Mozilla\Firefox\Profiles\cyrlrzfw.default\Extensions\{e001c731-5e37-4538-a5cb-8168736a2360} [2015-08-22]

FF Extension: Greasemonkey - C:\Users\Chaotic Lawliet\AppData\Roaming\Mozilla\Firefox\Profiles\cyrlrzfw.default\Extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi [2013-03-23]

FF HKLM-x32\...\Firefox\Extensions: [{97E22097-9A2F-45b1-8DAF-36AD648C7EF4}] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext

FF Extension: RealPlayer Browser Record Plugin - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2012-05-26]

FF HKLM-x32\...\Firefox\Extensions: [{0153E448-190B-4987-BDE1-F256CADA672F}] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext


Chrome:

=======

CHR Profile: C:\Users\Chaotic Lawliet\AppData\Local\Google\Chrome\User Data\Default

CHR Extension: (WOT: Web of Trust, Website Reputation Ratings) - C:\Users\Chaotic Lawliet\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhmmomiinigofkjcapegjjndpbikblnp [2011-01-29]

CHR Extension: (Tampermonkey) - C:\Users\Chaotic Lawliet\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2015-04-03]

CHR Extension: (AdBlock) - C:\Users\Chaotic Lawliet\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2013-12-15]

CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Chaotic Lawliet\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-14]

CHR Extension: (LoL - Jinx) - C:\Users\Chaotic Lawliet\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndbciboanpmkpbeanbjdcneplghndhcp [2014-05-31]

CHR Extension: (Mahjong Solitaire) - C:\Users\Chaotic Lawliet\AppData\Local\Google\Chrome\User Data\Default\Extensions\neojceinbonpjjcokpokpeobkhcpiloc [2015-02-09]

CHR Extension: (Chrome Web Store Payments) - C:\Users\Chaotic Lawliet\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-23]

CHR Extension: (My Chrome Theme) - C:\Users\Chaotic Lawliet\AppData\Local\Google\Chrome\User Data\Default\Extensions\oehpjpccmlcalbenfhnacjeocbjdonic [2012-04-07]

CHR HKLM\...\Chrome\Extension: [eogikidelleflpkolmiiaeibjbaepila] - C:\Users\CHAOTI~1\AppData\Local\chrome_6486.crx [2014-01-25]

CHR HKU\S-1-5-21-2505415791-2747731311-3398940262-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [eogikidelleflpkolmiiaeibjbaepila] - C:\Users\CHAOTI~1\AppData\Local\chrome_6486.crx [2014-01-25]

CHR HKLM-x32\...\Chrome\Extension: [bpegkgagfojjbcpkihigfmkojdmmimdf] - <no Path/update_url>

CHR HKLM-x32\...\Chrome\Extension: [ehgldbbpchgpcfagfpfjgoomddhccfgh] - <no Path/update_url>

CHR HKLM-x32\...\Chrome\Extension: [eogikidelleflpkolmiiaeibjbaepila] - C:\Users\CHAOTI~1\AppData\Local\chrome_6486.crx [2014-01-25]

CHR HKLM-x32\...\Chrome\Extension: [jfmjfhklogoienhpfnppmbcbjfjnkonk] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Chrome\Ext\rphtml5video.crx [2012-05-26]


==================== Services (Whitelisted) ========================


(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


R2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe [3518376 2015-07-07] (AVG Technologies CZ, s.r.o.)

R2 avgwd; C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe [314304 2015-07-07] (AVG Technologies CZ, s.r.o.)

R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [417552 2015-08-03] (LogMeIn, Inc.)

S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)

S3 MWLService; C:\Program Files (x86)\EgisTec MyWinLocker\x86\MWLService.exe [305520 2010-05-26] (Egis Technology Inc.)

R2 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2804568 2010-06-01] (Symantec Corporation)

S3 npggsvc; C:\Windows\SysWOW64\GameMon.des [5312448 2014-03-19] (INCA Internet Co., Ltd.)

R2 NTI IScheduleSvc; C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe [250368 2010-03-08] (NewTech Infosystems, Inc.) [File not signed]

S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]

R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe [2973400 2015-08-04] (AVG Technologies)

R2 UxTuneUp; C:\Windows\System32\uxtuneup.dll [44760 2015-08-04] (AVG Technologies)

R2 UxTuneUp; C:\Windows\SysWOW64\uxtuneup.dll [36568 2015-08-04] (AVG Technologies)

S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)


===================== Drivers (Whitelisted) ==========================


(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


S3 ASPI; C:\Windows\SysWOW64\DRIVERS\ASPI32.sys [84832 2002-07-17] (Adaptec) [File not signed]

R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [162784 2015-03-11] (AVG Technologies CZ, s.r.o.)

R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [293296 2015-06-26] (AVG Technologies CZ, s.r.o.)

R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [253408 2015-05-12] (AVG Technologies CZ, s.r.o.)

R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [259040 2015-06-16] (AVG Technologies CZ, s.r.o.)

R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [378336 2015-05-07] (AVG Technologies CZ, s.r.o.)

R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [226784 2015-06-10] (AVG Technologies CZ, s.r.o.)

R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [40928 2015-03-20] (AVG Technologies CZ, s.r.o.)

R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [281568 2015-05-12] (AVG Technologies CZ, s.r.o.)

S3 GunBod; C:\Game\SoftnyxGame\GunBoundIS\avital\gunbod64.sys [86352 2014-11-28] ()

R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation)

S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-06-18] (Malwarebytes Corporation)

S3 NMgamingmsFltr; C:\Windows\System32\drivers\NMgamingms.sys [11264 2009-07-24] (Primax Ltd)

S3 NPPTNT2; C:\Windows\SysWOW64\npptNT2.sys [4682 2005-01-01] (INCA Internet Co., Ltd.) [File not signed]

S3 sscdserd; C:\Windows\System32\DRIVERS\sscdserd.sys [141384 2010-04-26] (MCCI Corporation)

R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver64.sys [31144 2015-06-25] (TuneUp Software)

S3 CaptureFileMonitor; system32\DRIVERS\CaptureFileMonitor64.sys [X]

S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]

S3 ProcObsrv; \??\C:\Windows\SysWOW64\ProcObsrv64.sys [X]

S3 WinRing0_1_2_0; \??\C:\Program Files (x86)\Razer\Razer Game Booster\Driver\WinRing0x64.sys [X]

S3 X6va001; \??\C:\Users\CHAOTI~1\AppData\Local\Temp\001BEDC.tmp [X]

S3 X6va005; \??\C:\Users\CHAOTI~1\AppData\Local\Temp\0051E8B.tmp [X]

S3 X6va006; \??\C:\Users\CHAOTI~1\AppData\Local\Temp\006561B.tmp [X]

S3 X6va008; \??\C:\Windows\SysWOW64\Drivers\X6va008 [X]

S3 X6va009; \??\C:\Windows\SysWOW64\Drivers\X6va009 [X]

S3 X6va011; \??\C:\Windows\SysWOW64\Drivers\X6va011 [X]

S3 X6va012; \??\C:\Windows\SysWOW64\Drivers\X6va012 [X]

S3 X6va015; \??\C:\Windows\SysWOW64\Drivers\X6va015 [X]

S3 X6va016; \??\C:\Windows\SysWOW64\Drivers\X6va016 [X]

S3 X6va017; \??\C:\Windows\SysWOW64\Drivers\X6va017 [X]

S3 X6va021; \??\C:\Windows\SysWOW64\Drivers\X6va021 [X]

S3 X6va022; \??\C:\Windows\SysWOW64\Drivers\X6va022 [X]

S3 X6va025; \??\C:\Windows\SysWOW64\Drivers\X6va025 [X]

S3 X6va027; \??\C:\Windows\SysWOW64\Drivers\X6va027 [X]

S3 X6va028; \??\C:\Windows\SysWOW64\Drivers\X6va028 [X]

S3 X6va029; \??\C:\Windows\SysWOW64\Drivers\X6va029 [X]


==================== NetSvcs (Whitelisted) ===================


(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)



==================== One Month Created files and folders ========


(If an entry is included in the fixlist, the file/folder will be moved.)


2015-08-23 21:09 - 2015-08-23 21:11 - 00027946 _____ C:\Users\Chaotic Lawliet\Desktop\FRST.txt

2015-08-23 21:08 - 2015-08-23 21:09 - 00000000 ____D C:\FRST

2015-08-23 21:07 - 2015-08-23 21:07 - 02173952 _____ (Farbar) C:\Users\Chaotic Lawliet\Desktop\FRST64.exe

2015-08-23 16:23 - 2015-08-23 16:23 - 00000000 ____D C:\Program Files (x86)\ESET

2015-08-23 16:22 - 2015-08-23 16:22 - 02870984 _____ (ESET) C:\Users\Chaotic Lawliet\Desktop\esetsmartinstaller_enu.exe

2015-08-23 16:15 - 2015-08-23 16:15 - 00010749 _____ C:\Users\Chaotic Lawliet\Desktop\AdwCleaner[C1].txt

2015-08-23 16:06 - 2015-08-23 16:06 - 00009987 _____ C:\Users\Chaotic Lawliet\Desktop\AdwCleaner[s1].txt

2015-08-23 16:01 - 2015-08-23 16:06 - 00000000 ____D C:\AdwCleaner

2015-08-23 15:56 - 2015-08-23 15:56 - 01605632 _____ C:\Users\Chaotic Lawliet\Desktop\adwcleaner_5.003.exe

2015-08-23 15:20 - 2015-08-23 15:20 - 00448512 _____ (OldTimer Tools) C:\Users\Chaotic Lawliet\Desktop\TFC.exe

2015-08-23 14:16 - 2015-08-23 14:16 - 00006990 _____ C:\Users\Chaotic Lawliet\Desktop\MBAM 8.23.15.txt

2015-08-23 09:00 - 2015-08-23 09:00 - 00002762 _____ C:\Windows\System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013

2015-08-22 17:35 - 2015-08-22 17:35 - 00000000 ____D C:\Users\Chaotic Lawliet\Desktop\Spyware Forum

2015-08-22 16:41 - 2015-08-23 12:24 - 00000000 ____D C:\Users\Chaotic Lawliet\AppData\Roaming\QuickScan

2015-08-22 14:34 - 2015-08-23 12:37 - 00113880 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys

2015-08-22 14:16 - 2015-08-22 14:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware

2015-08-22 14:16 - 2015-08-22 14:16 - 00000000 ____D C:\ProgramData\Malwarebytes

2015-08-22 14:16 - 2015-08-22 14:16 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware

2015-08-22 14:16 - 2015-06-18 08:41 - 00109272 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys

2015-08-22 14:16 - 2015-06-18 08:41 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys

2015-08-22 14:16 - 2015-06-18 08:41 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys

2015-08-22 12:58 - 2015-08-22 13:17 - 00000000 ____D C:\Windows\system32\MRT

2015-08-22 12:58 - 2015-07-28 10:59 - 132483416 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe

2015-08-22 11:59 - 2015-08-22 11:59 - 00000000 _____ C:\Windows\setuperr.log

2015-08-22 11:47 - 2015-08-22 11:47 - 00003704 _____ C:\Windows\System32\Tasks\Java Platform SE Auto Updater

2015-08-22 11:05 - 2015-08-04 08:25 - 00044760 _____ (AVG Technologies) C:\Windows\system32\uxtuneup.dll

2015-08-22 11:05 - 2015-08-04 08:25 - 00036568 _____ (AVG Technologies) C:\Windows\SysWOW64\uxtuneup.dll

2015-08-22 11:05 - 2015-08-04 08:25 - 00030424 _____ (AVG Technologies) C:\Windows\system32\authuitu.dll

2015-08-22 11:05 - 2015-08-04 08:25 - 00025816 _____ (AVG Technologies) C:\Windows\SysWOW64\authuitu.dll

2015-08-22 11:00 - 2015-08-22 11:00 - 00002179 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG PC TuneUp 2015.lnk

2015-08-22 11:00 - 2015-08-22 11:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG PC TuneUp 2015

2015-08-22 11:00 - 2015-08-04 08:25 - 00041688 _____ (AVG Technologies) C:\Windows\system32\TURegOpt.exe

2015-08-22 10:59 - 2015-08-22 10:59 - 00000000 ____D C:\Users\Chaotic Lawliet\AppData\Roaming\AVG

2015-08-22 10:57 - 2015-08-22 11:00 - 00000000 ____D C:\ProgramData\AVG

2015-08-21 21:09 - 2015-08-21 21:09 - 00002223 _____ C:\Users\Public\Desktop\Google Chrome.lnk

2015-08-21 21:09 - 2015-08-21 21:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome

2015-08-21 14:05 - 2015-08-21 14:05 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox

2015-08-21 11:51 - 2015-08-21 11:51 - 00000000 ___RD C:\Program Files (x86)\Skype

2015-08-21 11:51 - 2015-08-21 11:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype

2015-08-21 10:31 - 2015-08-21 10:30 - 00110688 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll

2015-08-20 03:04 - 2015-08-10 21:20 - 25191936 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll

2015-08-20 03:04 - 2015-08-10 21:14 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb

2015-08-20 03:04 - 2015-08-10 20:33 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb

2015-08-20 03:04 - 2015-08-10 20:20 - 19871232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll

2015-08-15 12:22 - 2015-08-17 18:32 - 00003152 _____ C:\Users\Chaotic Lawliet\Desktop\Destoka's Pokemon Needs!.txt

2015-08-13 08:09 - 2015-07-30 09:13 - 00124624 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll

2015-08-13 08:09 - 2015-07-30 09:13 - 00103120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll

2015-08-12 07:52 - 2015-07-20 20:39 - 00389840 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll

2015-08-12 07:52 - 2015-07-20 20:12 - 00342736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll

2015-08-12 07:52 - 2015-07-16 16:54 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll

2015-08-12 07:52 - 2015-07-16 16:37 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll

2015-08-12 07:52 - 2015-07-16 16:36 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll

2015-08-12 07:52 - 2015-07-16 16:36 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll

2015-08-12 07:52 - 2015-07-16 16:35 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll

2015-08-12 07:52 - 2015-07-16 16:27 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll

2015-08-12 07:52 - 2015-07-16 16:26 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll

2015-08-12 07:52 - 2015-07-16 16:21 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe

2015-08-12 07:52 - 2015-07-16 16:21 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe

2015-08-12 07:52 - 2015-07-16 16:12 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe

2015-08-12 07:52 - 2015-07-16 16:00 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll

2015-08-12 07:52 - 2015-07-16 15:51 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll

2015-08-12 07:52 - 2015-07-16 15:51 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll

2015-08-12 07:52 - 2015-07-16 15:51 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll

2015-08-12 07:52 - 2015-07-16 15:50 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec

2015-08-12 07:52 - 2015-07-16 15:50 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll

2015-08-12 07:52 - 2015-07-16 15:49 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll

2015-08-12 07:52 - 2015-07-16 15:45 - 02279424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll

2015-08-12 07:52 - 2015-07-16 15:43 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll

2015-08-12 07:52 - 2015-07-16 15:43 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll

2015-08-12 07:52 - 2015-07-16 15:41 - 00479232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll

2015-08-12 07:52 - 2015-07-16 15:39 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll

2015-08-12 07:52 - 2015-07-16 15:39 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe

2015-08-12 07:52 - 2015-07-16 15:38 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll

2015-08-12 07:52 - 2015-07-16 15:36 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll

2015-08-12 07:52 - 2015-07-16 15:35 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe

2015-08-12 07:52 - 2015-07-16 15:32 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl

2015-08-12 07:52 - 2015-07-16 15:29 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll

2015-08-12 07:52 - 2015-07-16 15:24 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll

2015-08-12 07:52 - 2015-07-16 15:20 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll

2015-08-12 07:52 - 2015-07-16 15:19 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll

2015-08-12 07:52 - 2015-07-16 15:17 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll

2015-08-12 07:52 - 2015-07-16 15:12 - 04520448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll

2015-08-12 07:52 - 2015-07-16 15:10 - 12856832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll

2015-08-12 07:52 - 2015-07-16 15:06 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl

2015-08-12 07:52 - 2015-07-16 15:06 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll

2015-08-12 07:52 - 2015-07-16 15:05 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll

2015-08-12 07:52 - 2015-07-16 15:01 - 01545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll

2015-08-12 07:52 - 2015-07-16 14:49 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll

2015-08-12 07:52 - 2015-07-16 14:42 - 01951232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll

2015-08-12 07:52 - 2015-07-16 14:38 - 01310720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll

2015-08-12 07:52 - 2015-07-16 14:37 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll

2015-08-12 07:51 - 2015-07-30 14:06 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll

2015-08-12 07:51 - 2015-07-30 14:06 - 01648128 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll

2015-08-12 07:51 - 2015-07-30 14:06 - 01180160 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll

2015-08-12 07:51 - 2015-07-30 14:06 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll

2015-08-12 07:51 - 2015-07-30 14:06 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll

2015-08-12 07:51 - 2015-07-30 14:06 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll

2015-08-12 07:51 - 2015-07-30 14:06 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll

2015-08-12 07:51 - 2015-07-30 13:57 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll

2015-08-12 07:51 - 2015-07-30 13:57 - 01251328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll

2015-08-12 07:51 - 2015-07-30 13:57 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll

2015-08-12 07:51 - 2015-07-30 13:57 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll

2015-08-12 07:51 - 2015-07-30 13:57 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll

2015-08-12 07:51 - 2015-07-30 13:55 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll

2015-08-12 07:51 - 2015-07-30 12:56 - 03208192 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys

2015-08-12 07:51 - 2015-07-30 12:52 - 00372736 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll

2015-08-12 07:51 - 2015-07-30 12:49 - 00299520 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll

2015-08-12 07:51 - 2015-07-28 16:09 - 00017344 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe

2015-08-12 07:51 - 2015-07-28 16:05 - 01116672 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll

2015-08-12 07:51 - 2015-07-28 16:05 - 00774656 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll

2015-08-12 07:51 - 2015-07-28 16:05 - 00743424 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll

2015-08-12 07:51 - 2015-07-28 16:05 - 00437760 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll

2015-08-12 07:51 - 2015-07-28 16:05 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll

2015-08-12 07:51 - 2015-07-28 16:05 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll

2015-08-12 07:51 - 2015-07-28 15:55 - 01148416 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll

2015-08-12 07:51 - 2015-07-16 16:36 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec

2015-08-12 07:51 - 2015-07-16 16:35 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll

2015-08-12 07:51 - 2015-07-16 16:26 - 05923328 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll

2015-08-12 07:51 - 2015-07-16 16:23 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll

2015-08-12 07:51 - 2015-07-16 16:21 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll

2015-08-12 07:51 - 2015-07-16 16:21 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll

2015-08-12 07:51 - 2015-07-16 16:08 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll

2015-08-12 07:51 - 2015-07-16 15:55 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll

2015-08-12 07:51 - 2015-07-16 15:54 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll

2015-08-12 07:51 - 2015-07-16 15:34 - 14451200 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll

2015-08-12 07:51 - 2015-07-16 15:33 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll

2015-08-12 07:51 - 2015-07-16 15:12 - 02427904 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll

2015-08-12 07:51 - 2015-07-15 14:15 - 05568960 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe

2015-08-12 07:51 - 2015-07-15 14:12 - 01730496 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll

2015-08-12 07:51 - 2015-07-15 14:10 - 01743360 _____ (Microsoft Corporation) C:\Windows\system32\sysmain.dll

2015-08-12 07:51 - 2015-07-15 14:10 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll

2015-08-12 07:51 - 2015-07-15 13:59 - 03934656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe

2015-08-12 07:51 - 2015-07-15 13:56 - 01311768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll

2015-08-12 07:50 - 2015-07-15 14:15 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys

2015-08-12 07:50 - 2015-07-15 14:15 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys

2015-08-12 07:50 - 2015-07-15 14:15 - 00094656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys

2015-08-12 07:50 - 2015-07-15 14:11 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll

2015-08-12 07:50 - 2015-07-15 14:11 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll

2015-08-12 07:50 - 2015-07-15 14:11 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll

2015-08-12 07:50 - 2015-07-15 14:11 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll

2015-08-12 07:50 - 2015-07-15 14:11 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll

2015-08-12 07:50 - 2015-07-15 14:10 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll

2015-08-12 07:50 - 2015-07-15 14:10 - 01216512 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll

2015-08-12 07:50 - 2015-07-15 14:10 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll

2015-08-12 07:50 - 2015-07-15 14:10 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll

2015-08-12 07:50 - 2015-07-15 14:10 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll

2015-08-12 07:50 - 2015-07-15 14:10 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll

2015-08-12 07:50 - 2015-07-15 14:10 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll

2015-08-12 07:50 - 2015-07-15 14:10 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll

2015-08-12 07:50 - 2015-07-15 14:10 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe

2015-08-12 07:50 - 2015-07-15 14:10 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll

2015-08-12 07:50 - 2015-07-15 14:10 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe

2015-08-12 07:50 - 2015-07-15 14:10 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll

2015-08-12 07:50 - 2015-07-15 14:10 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll

2015-08-12 07:50 - 2015-07-15 14:10 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll

2015-08-12 07:50 - 2015-07-15 14:10 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll

2015-08-12 07:50 - 2015-07-15 14:10 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe

2015-08-12 07:50 - 2015-07-15 14:10 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll

2015-08-12 07:50 - 2015-07-15 14:10 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll

2015-08-12 07:50 - 2015-07-15 14:10 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll

2015-08-12 07:50 - 2015-07-15 14:10 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll

2015-08-12 07:50 - 2015-07-15 14:10 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\msmmsp.dll

2015-08-12 07:50 - 2015-07-15 14:09 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe

2015-08-12 07:50 - 2015-07-15 14:09 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe

2015-08-12 07:50 - 2015-07-15 14:05 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll

2015-08-12 07:50 - 2015-07-15 14:05 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll

2015-08-12 07:50 - 2015-07-15 14:00 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll

2015-08-12 07:50 - 2015-07-15 14:00 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll

2015-08-12 07:50 - 2015-07-15 14:00 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll

2015-08-12 07:50 - 2015-07-15 14:00 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll

2015-08-12 07:50 - 2015-07-15 14:00 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll

2015-08-12 07:50 - 2015-07-15 14:00 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll

2015-08-12 07:50 - 2015-07-15 14:00 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll

2015-08-12 07:50 - 2015-07-15 14:00 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll

2015-08-12 07:50 - 2015-07-15 14:00 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll

2015-08-12 07:50 - 2015-07-15 14:00 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll

2015-08-12 07:50 - 2015-07-15 14:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll

2015-08-12 07:50 - 2015-07-15 14:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll

2015-08-12 07:50 - 2015-07-15 14:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll

2015-08-12 07:50 - 2015-07-15 14:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll

2015-08-12 07:50 - 2015-07-15 14:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll

2015-08-12 07:50 - 2015-07-15 14:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll

2015-08-12 07:50 - 2015-07-15 14:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll

2015-08-12 07:50 - 2015-07-15 14:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll

2015-08-12 07:50 - 2015-07-15 14:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll

2015-08-12 07:50 - 2015-07-15 14:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll

2015-08-12 07:50 - 2015-07-15 14:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll

2015-08-12 07:50 - 2015-07-15 14:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll

2015-08-12 07:50 - 2015-07-15 14:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll

2015-08-12 07:50 - 2015-07-15 14:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll

2015-08-12 07:50 - 2015-07-15 14:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll

2015-08-12 07:50 - 2015-07-15 14:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll

2015-08-12 07:50 - 2015-07-15 14:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll

2015-08-12 07:50 - 2015-07-15 14:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll

2015-08-12 07:50 - 2015-07-15 14:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll

2015-08-12 07:50 - 2015-07-15 14:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll

2015-08-12 07:50 - 2015-07-15 13:59 - 03989952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe

2015-08-12 07:50 - 2015-07-15 13:55 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll

2015-08-12 07:50 - 2015-07-15 13:55 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll

2015-08-12 07:50 - 2015-07-15 13:55 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll

2015-08-12 07:50 - 2015-07-15 13:55 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll

2015-08-12 07:50 - 2015-07-15 13:55 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll

2015-08-12 07:50 - 2015-07-15 13:54 - 00552960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll

2015-08-12 07:50 - 2015-07-15 13:54 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll

2015-08-12 07:50 - 2015-07-15 13:54 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll

2015-08-12 07:50 - 2015-07-15 13:54 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll

2015-08-12 07:50 - 2015-07-15 13:54 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe

2015-08-12 07:50 - 2015-07-15 13:54 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll

2015-08-12 07:50 - 2015-07-15 13:54 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll

2015-08-12 07:50 - 2015-07-15 13:53 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll

2015-08-12 07:50 - 2015-07-15 13:53 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll

2015-08-12 07:50 - 2015-07-15 13:53 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll

2015-08-12 07:50 - 2015-07-15 13:53 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll

2015-08-12 07:50 - 2015-07-15 13:53 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe

2015-08-12 07:50 - 2015-07-15 13:53 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll

2015-08-12 07:50 - 2015-07-15 13:49 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll

2015-08-12 07:50 - 2015-07-15 13:48 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll

2015-08-12 07:50 - 2015-07-15 13:44 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll

2015-08-12 07:50 - 2015-07-15 13:44 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll

2015-08-12 07:50 - 2015-07-15 13:44 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll

2015-08-12 07:50 - 2015-07-15 13:44 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll

2015-08-12 07:50 - 2015-07-15 13:44 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll

2015-08-12 07:50 - 2015-07-15 13:44 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll

2015-08-12 07:50 - 2015-07-15 13:44 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll

2015-08-12 07:50 - 2015-07-15 13:44 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll

2015-08-12 07:50 - 2015-07-15 13:44 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll

2015-08-12 07:50 - 2015-07-15 13:44 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll

2015-08-12 07:50 - 2015-07-15 13:44 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll

2015-08-12 07:50 - 2015-07-15 13:44 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll

2015-08-12 07:50 - 2015-07-15 13:44 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll

2015-08-12 07:50 - 2015-07-15 13:44 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll

2015-08-12 07:50 - 2015-07-15 13:44 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll

2015-08-12 07:50 - 2015-07-15 13:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll

2015-08-12 07:50 - 2015-07-15 13:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll

2015-08-12 07:50 - 2015-07-15 13:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll

2015-08-12 07:50 - 2015-07-15 13:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll

2015-08-12 07:50 - 2015-07-15 13:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll

2015-08-12 07:50 - 2015-07-15 13:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll

2015-08-12 07:50 - 2015-07-15 13:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll

2015-08-12 07:50 - 2015-07-15 13:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll

2015-08-12 07:50 - 2015-07-15 13:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll

2015-08-12 07:50 - 2015-07-15 13:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll

2015-08-12 07:50 - 2015-07-15 13:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll

2015-08-12 07:50 - 2015-07-15 12:46 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys

2015-08-12 07:50 - 2015-07-15 12:46 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys

2015-08-12 07:50 - 2015-07-15 12:46 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys

2015-08-12 07:50 - 2015-07-15 12:37 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe

2015-08-12 07:50 - 2015-07-15 12:37 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe

2015-08-12 07:50 - 2015-07-15 12:34 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll

2015-08-12 07:50 - 2015-07-15 12:34 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll

2015-08-12 07:50 - 2015-07-15 12:34 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll

2015-08-12 07:50 - 2015-07-15 12:34 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll

2015-08-12 07:50 - 2015-07-10 13:51 - 03722752 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll

2015-08-12 07:50 - 2015-07-10 13:34 - 03221504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll

2015-08-12 07:49 - 2015-07-14 23:19 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\basesrv.dll

2015-08-12 07:49 - 2015-07-10 13:51 - 00158720 _____ (Microsoft Corporation) C:\Windows\system32\aaclient.dll

2015-08-12 07:49 - 2015-07-10 13:51 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll

2015-08-12 07:49 - 2015-07-10 13:34 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll

2015-08-12 07:49 - 2015-07-10 13:33 - 00131584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aaclient.dll

2015-08-12 07:44 - 2015-07-14 23:19 - 02004992 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll

2015-08-12 07:44 - 2015-07-14 23:19 - 01887232 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll

2015-08-12 07:44 - 2015-07-14 22:55 - 01241088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll

2015-08-12 07:44 - 2015-07-01 16:49 - 00260096 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll

2015-08-12 07:44 - 2015-07-01 16:48 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll

2015-08-12 07:44 - 2015-07-01 16:30 - 00206848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll

2015-08-12 07:44 - 2015-07-01 16:30 - 00082432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll

2015-08-12 07:43 - 2015-07-20 14:12 - 03154944 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll

2015-08-12 07:43 - 2015-07-20 14:12 - 02606080 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll

2015-08-12 07:43 - 2015-07-20 14:12 - 00696320 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll

2015-08-12 07:43 - 2015-07-20 14:12 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll

2015-08-12 07:43 - 2015-07-20 14:12 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe

2015-08-12 07:43 - 2015-07-20 14:12 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
Edited by JGroomes

Share this post


Link to post
Share on other sites
2015-08-12 07:43 - 2015-07-20 14:12 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll

2015-08-12 07:43 - 2015-07-20 14:12 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll

2015-08-12 07:43 - 2015-07-20 14:12 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe

2015-08-12 07:43 - 2015-07-20 14:12 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll

2015-08-12 07:43 - 2015-07-20 14:12 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll

2015-08-12 07:43 - 2015-07-20 13:56 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll

2015-08-12 07:43 - 2015-07-20 13:56 - 00173056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll

2015-08-12 07:43 - 2015-07-20 13:56 - 00093184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll

2015-08-12 07:43 - 2015-07-20 13:56 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe

2015-08-12 07:43 - 2015-07-20 13:56 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll

2015-08-12 07:43 - 2015-07-14 23:14 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll

2015-08-12 07:43 - 2015-07-14 23:13 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll

2015-08-12 07:43 - 2015-07-14 22:55 - 01390592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll

2015-08-12 07:43 - 2015-07-14 22:51 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll

2015-08-12 07:43 - 2015-07-14 22:51 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll

2015-08-12 07:43 - 2015-07-10 13:51 - 14177280 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll

2015-08-12 07:43 - 2015-07-10 13:34 - 12875776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll

2015-08-12 07:43 - 2015-07-09 13:57 - 00193536 _____ (Microsoft Corporation) C:\Windows\system32\notepad.exe

2015-08-12 07:43 - 2015-07-09 13:57 - 00193536 _____ (Microsoft Corporation) C:\Windows\notepad.exe

2015-08-12 07:43 - 2015-07-09 13:42 - 00179712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe

2015-08-12 07:42 - 2015-05-09 14:26 - 00493504 _____ (Microsoft Corporation) C:\Windows\system32\mcupdate_GenuineIntel.dll

2015-08-03 09:06 - 2015-08-03 09:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi

2015-08-03 09:06 - 2015-08-03 09:06 - 00000000 ____D C:\Program Files (x86)\LogMeIn Hamachi

2015-07-25 17:33 - 2015-07-25 17:33 - 00000000 ____D C:\Nexon

2015-07-25 17:32 - 2015-08-18 14:13 - 00000000 ____D C:\Users\Chaotic Lawliet\AppData\Local\NexonLauncher

2015-07-25 17:32 - 2015-07-25 17:33 - 00000000 ____D C:\Users\Chaotic Lawliet\AppData\Roaming\NexonLauncher

2015-07-25 16:59 - 2015-07-26 10:09 - 00000000 ____D C:\Users\Chaotic Lawliet\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Nexon

2015-07-25 16:59 - 2015-07-25 17:06 - 00002047 _____ C:\Users\Chaotic Lawliet\Desktop\Nexon Launcher.lnk

2015-07-25 16:59 - 2015-07-25 16:59 - 00000000 ____D C:\Program Files (x86)\Nexon

2015-07-25 11:29 - 2015-06-01 20:07 - 00254976 _____ (Microsoft Corporation) C:\Windows\system32\cewmdm.dll

2015-07-25 11:29 - 2015-06-01 19:47 - 00210432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cewmdm.dll

2015-07-25 11:28 - 2015-06-17 13:47 - 00404992 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll

2015-07-25 11:28 - 2015-06-17 13:37 - 00312320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll

2015-07-25 11:20 - 2015-07-04 14:07 - 02087424 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll

2015-07-25 11:20 - 2015-07-04 13:48 - 01414656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll

2015-07-25 11:20 - 2015-04-27 15:23 - 01480192 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll

2015-07-25 11:20 - 2015-04-27 15:23 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll

2015-07-25 11:20 - 2015-04-27 15:23 - 00188416 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll

2015-07-25 11:20 - 2015-04-27 15:23 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll

2015-07-25 11:20 - 2015-04-27 15:05 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll

2015-07-25 11:20 - 2015-04-27 15:04 - 01174528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll

2015-07-25 11:20 - 2015-04-27 15:04 - 00143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll

2015-07-25 11:20 - 2015-04-27 15:04 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll

2015-07-25 11:11 - 2015-06-15 17:50 - 00112064 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe

2015-07-25 11:11 - 2015-06-15 17:45 - 03242496 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll

2015-07-25 11:11 - 2015-06-15 17:45 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll

2015-07-25 11:11 - 2015-06-15 17:45 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll

2015-07-25 11:11 - 2015-06-15 17:45 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll

2015-07-25 11:11 - 2015-06-15 17:44 - 00128000 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe

2015-07-25 11:11 - 2015-06-15 17:43 - 02364416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll

2015-07-25 11:11 - 2015-06-15 17:43 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll

2015-07-25 11:11 - 2015-06-15 17:43 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll

2015-07-25 11:11 - 2015-06-15 17:42 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msiexec.exe

2015-07-25 11:11 - 2015-06-15 17:42 - 00025088 _____ (Microsoft Corporation) C:\Windows\system32\msimsg.dll

2015-07-25 11:11 - 2015-06-15 17:37 - 00025088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msimsg.dll


==================== One Month Modified files and folders ========


(If an entry is included in the fixlist, the file/folder will be moved.)


2015-08-23 21:08 - 2011-01-29 03:20 - 00000898 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job

2015-08-23 20:51 - 2012-08-12 18:56 - 00000000 ____D C:\Users\Chaotic Lawliet\AppData\Roaming\Skype

2015-08-23 20:49 - 2013-06-05 19:36 - 00000000 ____D C:\Program Files (x86)\Cheat Engine 6.2

2015-08-23 20:49 - 2013-01-28 06:48 - 00000000 ____D C:\Program Files (x86)\uTorrent

2015-08-23 20:49 - 2011-02-09 01:14 - 00000000 ___RD C:\Users\Chaotic Lawliet\Desktop\Crap

2015-08-23 20:23 - 2012-08-16 21:15 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job

2015-08-23 19:39 - 2010-09-11 17:55 - 01691303 _____ C:\Windows\WindowsUpdate.log

2015-08-23 16:24 - 2009-07-14 00:45 - 00022896 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

2015-08-23 16:24 - 2009-07-14 00:45 - 00022896 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

2015-08-23 16:15 - 2012-09-13 01:47 - 00000000 ____D C:\Users\Chaotic Lawliet\AppData\Local\LogMeIn Hamachi

2015-08-23 16:14 - 2011-06-19 14:04 - 00000000 ____D C:\Users\Chaotic Lawliet\Tracing

2015-08-23 16:13 - 2011-01-29 03:20 - 00000894 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job

2015-08-23 16:12 - 2009-07-14 01:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT

2015-08-23 16:12 - 2009-07-14 00:51 - 00657923 _____ C:\Windows\setupact.log

2015-08-23 15:10 - 2010-07-14 18:44 - 05576412 _____ C:\Windows\PFRO.log

2015-08-23 14:10 - 2011-01-28 20:54 - 00000000 ____D C:\ProgramData\MFAData

2015-08-22 18:02 - 2011-11-19 11:26 - 00000000 ____D C:\Users\Chaotic Lawliet\Desktop\Games

2015-08-22 17:14 - 2015-05-13 22:54 - 00000000 ____D C:\Users\Chaotic Lawliet\Desktop\Facebook Comment Pics

2015-08-22 11:49 - 2014-07-21 13:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\En Masse Entertainment

2015-08-22 11:47 - 2012-04-29 02:28 - 00000000 ____D C:\Users\Chaotic Lawliet\.thumbnails

2015-08-22 11:47 - 2012-04-04 18:53 - 00000000 ____D C:\Users\Chaotic Lawliet\AppData\Roaming\IMVU

2015-08-22 11:47 - 2012-02-03 01:26 - 00000000 ____D C:\Program Files (x86)\Steam

2015-08-22 11:47 - 2011-01-29 02:24 - 00000000 ____D C:\Users\Chaotic Lawliet\AppData\Roaming\.minecraft

2015-08-22 11:47 - 2010-09-11 17:56 - 00000000 ____D C:\ProgramData\Temp

2015-08-22 11:46 - 2009-07-27 16:41 - 00000000 ____D C:\Windows\Panther

2015-08-22 11:45 - 2015-07-10 09:39 - 00000000 ___HD C:\$Windows.~BT

2015-08-22 11:27 - 2011-01-29 02:54 - 00000000 ____D C:\Users\Chaotic Lawliet\AppData\Local\VirtualStore

2015-08-22 11:09 - 2012-09-17 18:39 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service

2015-08-22 10:59 - 2011-10-17 20:19 - 00000000 ____D C:\Program Files (x86)\AVG

2015-08-22 10:58 - 2015-06-29 12:37 - 00000000 ____D C:\Users\Chaotic Lawliet\AppData\Local\Avg

2015-08-22 10:47 - 2014-11-24 16:41 - 00001804 _____ C:\Users\Chaotic Lawliet\AppData\Roaming\Microsoft\Windows\Start Menu\Infinity Wars.lnk

2015-08-21 21:08 - 2010-07-14 18:40 - 00000000 ____D C:\Program Files (x86)\Google

2015-08-21 21:00 - 2011-01-29 03:14 - 00000000 ____D C:\Users\Chaotic Lawliet\AppData\Local\Google

2015-08-21 11:51 - 2012-08-12 18:55 - 00000000 ____D C:\ProgramData\Skype

2015-08-21 10:34 - 2013-11-20 03:20 - 00000000 ____D C:\ProgramData\Oracle

2015-08-21 10:32 - 2011-09-09 11:29 - 00000000 ____D C:\Program Files\Java

2015-08-21 10:30 - 2011-09-09 11:29 - 00321632 _____ (Oracle Corporation) C:\Windows\system32\javaws.exe

2015-08-21 10:30 - 2011-09-09 11:29 - 00206944 _____ (Oracle Corporation) C:\Windows\system32\javaw.exe

2015-08-21 10:30 - 2011-09-09 11:29 - 00206432 _____ (Oracle Corporation) C:\Windows\system32\java.exe

2015-08-21 10:28 - 2014-02-13 01:38 - 00097888 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll

2015-08-21 10:28 - 2013-08-21 16:39 - 00000000 ____D C:\Program Files (x86)\Java

2015-08-18 21:44 - 2015-05-17 17:39 - 00000000 ____D C:\ProgramData\Riot Games

2015-08-14 14:35 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\rescache

2015-08-13 23:16 - 2009-07-14 00:45 - 04890528 _____ C:\Windows\system32\FNTCACHE.DAT

2015-08-13 23:12 - 2014-12-13 23:46 - 00000000 ____D C:\Windows\system32\appraiser

2015-08-13 23:12 - 2014-07-10 03:03 - 00000000 ___SD C:\Windows\system32\CompatTel

2015-08-13 08:07 - 2014-05-24 03:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight

2015-08-13 03:18 - 2014-05-24 03:38 - 00000000 ____D C:\Program Files\Microsoft Silverlight

2015-08-13 03:18 - 2014-05-24 03:38 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight

2015-08-12 12:24 - 2012-08-16 21:15 - 00778440 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe

2015-08-12 12:24 - 2012-08-16 21:15 - 00003768 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater

2015-08-12 12:24 - 2011-12-14 16:31 - 00142536 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl

2015-08-11 17:31 - 2011-11-03 23:56 - 00000000 ____D C:\Users\Chaotic Lawliet\AppData\Local\Akamai

2015-08-10 12:04 - 2011-04-28 09:47 - 00000000 ____D C:\Users\Chaotic Lawliet\Desktop\Awesomeness in a Folder

2015-08-03 12:12 - 2012-11-25 17:23 - 00033856 ____H (LogMeIn, Inc.) C:\Windows\system32\hamachi.sys

2015-07-30 08:23 - 2015-06-29 12:51 - 00000615 _____ C:\Windows\SysWOW64\userawacs.cfg

2015-07-30 08:23 - 2015-06-29 12:50 - 00000140 _____ C:\Windows\SysWOW64\usergui.cfg

2015-07-30 08:22 - 2015-06-09 02:51 - 00000848 _____ C:\Users\Public\Desktop\AVG 2015.lnk

2015-07-30 08:22 - 2014-05-23 03:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG

2015-07-26 12:55 - 2015-04-05 03:01 - 00000000 ___SD C:\Windows\system32\GWX

2015-07-26 12:40 - 2015-04-05 03:01 - 00000000 ___SD C:\Windows\SysWOW64\GWX

2015-07-26 12:40 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\PolicyDefinitions

2015-07-25 16:44 - 2013-06-06 00:39 - 00000000 ___SD C:\Users\Chaotic Lawliet\Documents\Mabinogi

2015-07-25 14:03 - 2011-02-05 06:30 - 00000000 ____D C:\Users\Chaotic Lawliet\AppData\Roaming\vlc

2015-07-25 14:03 - 2011-02-02 00:39 - 00000000 ____D C:\Users\Public\CyberLink

2015-07-25 14:03 - 2010-07-14 19:20 - 00000000 ___RD C:\Users\Public\Recorded TV

2015-07-25 14:03 - 2009-07-13 23:20 - 00000000 __RHD C:\Users\Public\Libraries

2015-07-25 14:03 - 2009-07-13 23:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared

2015-07-25 14:02 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\registration

2015-07-25 14:00 - 2011-07-29 07:35 - 00000000 ____D C:\ProgramData\Real

2015-07-25 10:28 - 2011-01-29 02:53 - 00000000 ____D C:\Users\Chaotic Lawliet


==================== Files in the root of some directories =======


2013-05-04 16:08 - 2013-05-04 16:08 - 0000052 _____ () C:\Users\Chaotic Lawliet\AppData\Local\3883170B-3F35-4EA0-B02E-71898AC21CDB.INI

2014-01-25 19:09 - 2013-11-11 11:31 - 0091109 _____ () C:\Users\Chaotic Lawliet\AppData\Local\chrome_6486.crx

2013-03-24 04:41 - 2013-03-24 04:41 - 0000003 _____ () C:\Users\Chaotic Lawliet\AppData\Local\updater.log

2013-03-24 04:41 - 2015-04-23 08:56 - 0000424 _____ () C:\Users\Chaotic Lawliet\AppData\Local\UserProducts.xml

2012-08-28 23:11 - 2012-08-28 23:11 - 0000000 _____ () C:\ProgramData\ffabb5e26a6003591549831a2b1c583e_c


Files to move or delete:

====================

C:\Users\Chaotic Lawliet\jagex_runescape_preferences.dat

C:\Users\Chaotic Lawliet\jagex_runescape_preferences2.dat

C:\Users\Public\DynamicInstaller.exe



Some files in TEMP:

====================

C:\Users\Chaotic Lawliet\AppData\Local\Temp\sqlite3.dll



==================== Bamital & volsnap =================


(There is no automatic fix for files that do not pass verification.)


C:\Windows\system32\winlogon.exe => File is digitally signed

C:\Windows\system32\wininit.exe => File is digitally signed

C:\Windows\SysWOW64\wininit.exe => File is digitally signed

C:\Windows\explorer.exe => File is digitally signed

C:\Windows\SysWOW64\explorer.exe => File is digitally signed

C:\Windows\system32\svchost.exe => File is digitally signed

C:\Windows\SysWOW64\svchost.exe => File is digitally signed

C:\Windows\system32\services.exe => File is digitally signed

C:\Windows\system32\User32.dll => File is digitally signed

C:\Windows\SysWOW64\User32.dll => File is digitally signed

C:\Windows\system32\userinit.exe => File is digitally signed

C:\Windows\SysWOW64\userinit.exe => File is digitally signed

C:\Windows\system32\rpcss.dll => File is digitally signed

C:\Windows\system32\dnsapi.dll => File is digitally signed

C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed

C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed



LastRegBack: 2015-08-22 06:52


==================== End of log ============================

Edited by JGroomes

Share this post


Link to post
Share on other sites
Additional scan result of Farbar Recovery Scan Tool (x64) Version:23-08-2015

Ran by Chaotic Lawliet (2015-08-23 21:12:30)

Running from C:\Users\Chaotic Lawliet\Desktop

Boot Mode: Normal

==========================================================



==================== Accounts: =============================


Administrator (S-1-5-21-2505415791-2747731311-3398940262-500 - Administrator - Disabled)

Chaotic Lawliet (S-1-5-21-2505415791-2747731311-3398940262-1000 - Administrator - Enabled) => C:\Users\Chaotic Lawliet

Guest (S-1-5-21-2505415791-2747731311-3398940262-501 - Limited - Disabled)

HomeGroupUser$ (S-1-5-21-2505415791-2747731311-3398940262-1002 - Limited - Enabled)


==================== Security Center ========================


(If an entry is included in the fixlist, it will be removed.)


AV: AVG AntiVirus Free Edition 2015 (Enabled - Up to date) {4D41356F-32AD-7C42-C820-63775EE4F413}

AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

AS: AVG AntiVirus Free Edition 2015 (Enabled - Up to date) {F620D48B-1497-73CC-F290-58052563BEAE}


==================== Installed Programs ======================


(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)


µTorrent (HKLM-x32\...\uTorrent) (Version: 3.2.3.28705 - BitTorrent Inc.)

18 Wheels of Steel - American Long Haul (x32 Version: 2.2.0.95 - WildTangent) Hidden

Acer Backup Manager (HKLM-x32\...\InstallShield_{72B776E5-4530-4C4B-9453-751DF87D9D93}) (Version: 2.0.0.60 - NewTech Infosystems)

Acer Crystal Eye webcam (HKLM-x32\...\{51F026FA-5146-4232-A8BA-1364740BD053}) (Version: 1.0.3.5 - liteon)

Acer ePower Management (HKLM-x32\...\{3DB0448D-AD82-4923-B305-D001E521A964}) (Version: 5.00.3004 - Acer Incorporated)

Acer eRecovery Management (HKLM-x32\...\{7F811A54-5A09-4579-90E1-C93498E230D9}) (Version: 4.05.3011 - Acer Incorporated)

Acer Games (HKLM-x32\...\WildTangent acer Master Uninstall) (Version: 1.0.1.3 - WildTangent)

Acer Registration (HKLM-x32\...\Acer Registration) (Version: 1.03.3003 - Acer Incorporated)

Acer ScreenSaver (HKLM-x32\...\Acer Screensaver) (Version: 1.1.0423.2010 - Acer Incorporated)

Acrobat.com (HKLM-x32\...\{287ECFA4-719A-2143-A09B-D6A12DE54E40}) (Version: 1.6.65 - Adobe Systems Incorporated)

Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.2.0.2070 - Adobe Systems Incorporated)

Adobe Flash Player 18 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 18.0.0.232 - Adobe Systems Incorporated)

Adobe Flash Player 18 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 18.0.0.232 - Adobe Systems Incorporated)

Adobe Photoshop CS6 (HKLM-x32\...\{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}) (Version: 13.0 - Adobe Systems Incorporated)

Adobe Reader 9.1 MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-A91000000001}) (Version: 9.1.0 - Adobe Systems Incorporated)

Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.1.0.150 - Adobe Systems, Inc.)

Agatha Christie - Death on the Nile (x32 Version: 2.2.0.95 - WildTangent) Hidden

Akamai NetSession Interface (HKU\S-1-5-21-2505415791-2747731311-3398940262-1000\...\Akamai) (Version: - Akamai Technologies, Inc)

Alcor Micro USB Card Reader (HKLM-x32\...\InstallShield_{6030FCD7-8F1A-427D-AF05-8DD1A2EA2ABA}) (Version: 1.5.17.05094 - Alcor Micro Corp.)

Alcor Micro USB Card Reader (x32 Version: 1.5.17.05094 - Alcor Micro Corp.) Hidden

APB Reloaded (HKLM-x32\...\Steam App 113400) (Version: - )

Audacity 1.3.13 (Unicode) (HKLM-x32\...\Audacity 1.3 Beta (Unicode)_is1) (Version: - Audacity Team)

AVG 2015 (HKLM\...\AVG) (Version: 2015.0.6086 - AVG Technologies)

AVG 2015 (Version: 15.0.4409 - AVG Technologies) Hidden

AVG 2015 (Version: 15.0.6086 - AVG Technologies) Hidden

AVG PC TuneUp 2015 (en-US) (x32 Version: 15.0.1001.638 - AVG Technologies) Hidden

AVG PC TuneUp 2015 (HKLM-x32\...\AVG PC TuneUp) (Version: 15.0.1001.638 - AVG Technologies)

AVG PC TuneUp 2015 (x32 Version: 15.0.1001.638 - AVG Technologies) Hidden

Backup Manager Basic (x32 Version: 2.0.0.60 - NewTech Infosystems) Hidden

Bejeweled 2 Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden

Blackhawk Striker 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden

Broadcom Gigabit NetLink Controller (HKLM\...\{A84DB02B-9C2B-4272-9D2D-A80E00A56513}) (Version: 12.52.03 - Broadcom Corporation)

Bruteforce Save Data (HKLM-x32\...\Bruteforce Save Data) (Version: - )

Build-a-lot 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden

BYOND (HKLM-x32\...\BYOND) (Version: 498.1163 - BYOND)

Cheat Engine 6.2 (HKLM-x32\...\Cheat Engine 6.2_is1) (Version: - Dark Byte)

Chuzzle Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden

CyberLink PowerDVD 9 (HKLM-x32\...\InstallShield_{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}) (Version: 9.0.2829.50 - CyberLink Corp.)

Diner Dash 2 Restaurant Rescue (x32 Version: 2.2.0.95 - WildTangent) Hidden

Dora's Carnival Adventure (x32 Version: 2.2.0.95 - WildTangent) Hidden

Dropbox (HKU\S-1-5-21-2505415791-2747731311-3398940262-1000\...\Dropbox) (Version: 3.0.3 - Dropbox, Inc.)

Easy Auto Clicker (HKLM-x32\...\Easy Auto Clicker_is1) (Version: V2.0 - easyautoclicker.com)

eBay Worldwide (HKLM-x32\...\{E0B19DF7-B1C7-4937-82C4-0E4B1E346965}) (Version: 2.1.0901 - OEM)

Elsword version 1.11 (HKLM-x32\...\{E655DDFC-24DB-4FC3-8474-271E911309B4}_is1) (Version: 1.11 - Kill3rCombo)

ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version: - )

eSobi v2 (HKLM-x32\...\InstallShield_{15D967B5-A4BE-42AE-9E84-64CD062B25AA}) (Version: 2.0.4.000274 - esobi Inc.)

eSobi v2 (x32 Version: 2.0.4.000274 - esobi Inc.) Hidden

FATE (x32 Version: 2.2.0.95 - WildTangent) Hidden

Free Download Manager 3.9.2 (HKLM-x32\...\Free Download Manager_is1) (Version: - FreeDownloadManager.ORG)

Google Chrome (HKLM-x32\...\Google Chrome) (Version: 44.0.2403.157 - Google Inc.)

Google Earth Plug-in (HKLM-x32\...\{4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)

Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.6710.2136 - Google Inc.)

Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden

Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden

Google Update Helper (x32 Version: 1.3.28.1 - Google Inc.) Hidden

Grand Chase version 1.0.0.1 (HKLM-x32\...\{FF222EB6-6FE1-486E-A9E8-93B5D5D72A8C}_is1) (Version: 1.0.0.1 - SG Interactive)

Grand Fantasia (HKLM-x32\...\Grand Fantasia) (Version: - )

Happy Cloud Client (HKU\S-1-5-21-2505415791-2747731311-3398940262-1000\...\HappyCloud) (Version: 4.54 - Happy Cloud, Inc.)

Identity Card (HKLM-x32\...\Identity Card) (Version: 1.00.3003 - Acer Incorporated)

IGG Web3D Player version 1.0.0.38 (HKU\S-1-5-21-2505415791-2747731311-3398940262-1000\...\IGG Web3D Player_is1) (Version: 1.0.0.38 - IGG, Inc.)

IMVU Avatar Chat Software (HKU\S-1-5-21-2505415791-2747731311-3398940262-1000\...\IMVU Avatar chat client software BETA) (Version: - )

Infinity Wars (HKLM-x32\...\Infinity Wars) (Version: - )

Intel® Graphics Media Accelerator Driver (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2119 - Intel Corporation)

Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 6.0.0.1179 - Intel Corporation)

Intel® Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 9.6.0.1014 - Intel Corporation)

Java 8 Update 51 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86418051F0}) (Version: 8.0.510 - Oracle Corporation)

Java 8 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218051F0}) (Version: 8.0.510 - Oracle Corporation)

Jewel Quest - Heritage (x32 Version: 2.2.0.95 - WildTangent) Hidden

Jewel Quest Solitaire 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden

John Deere Drive Green (x32 Version: 2.2.0.95 - WildTangent) Hidden

Junk Mail filter update (x32 Version: 14.0.8117.416 - Microsoft Corporation) Hidden

Katawa Shoujo (HKLM-x32\...\Katawa Shoujo) (Version: - )

LAME v3.98.3 for Audacity (HKLM-x32\...\LAME for Audacity_is1) (Version: - )

Launch Manager (HKLM-x32\...\LManager) (Version: 4.0.12 - Acer Inc.)

League of Legends (HKLM-x32\...\League of Legends 3.0.0) (Version: 3.0.0 - Riot Games)

League of Legends (x32 Version: 3.0.0 - Riot Games) Hidden

Lightshot-5.2.1.1 (HKLM-x32\...\{30A5B3C9-2084-4063-A32A-628A98DE512B}_is1) (Version: 5.2.1.1 - Skillbrains)

Livestream for Producers (HKLM-x32\...\{524A9978-8E2A-487F-A50B-E71D72F2EDDE}) (Version: 0.0.42 - Livestream)

LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.383 - LogMeIn, Inc.)

LogMeIn Hamachi (x32 Version: 2.2.0.383 - LogMeIn, Inc.) Hidden

Malwarebytes Anti-Malware version 2.1.8.1057 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.8.1057 - Malwarebytes Corporation)

MapleStory (HKLM-x32\...\MapleStory) (Version: - )

Media Player Classic - Home Cinema v1.5.2.3456 (HKLM-x32\...\{2624B969-7135-4EB1-B0F6-2D8C397B45F7}_is1) (Version: 1.5.2.3456 - MPC-HC Team)

Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)

Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)

Microsoft Office Click-to-Run 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)

Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40728.0 - Microsoft Corporation)

Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)

Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)

Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (HKLM-x32\...\{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}) (Version: 9.0.30729.4148 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)

Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)

Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)

Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)

Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)

Mozilla Firefox 40.0.2 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 40.0.2 (x86 en-US)) (Version: 40.0.2 - Mozilla)

Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 40.0.2.5702 - Mozilla)

MyWinLocker (x32 Version: 3.1.212.0 - Egis Technology Inc.) Hidden

MyWinLocker Suite (HKLM-x32\...\InstallShield_{738BF5C3-AF7B-4BB0-B7EF-E505EFC756BE}) (Version: 3.1.212.0 - Egis Technology Inc.)

MyWinLocker Suite (x32 Version: 3.1.212.0 - Egis Technology Inc.) Hidden

Nexon Game Manager (HKLM-x32\...\{EA2DB6E0-72C5-4ef9-A3A0-E6705F4A6A9E}) (Version: - )

Nexon Launcher (HKLM-x32\...\Nexon Nexon Launcher) (Version: 1.1.1 - Nexon)

Norton Online Backup (HKLM-x32\...\{40A66DF6-22D3-44B5-A7D3-83B118A2C0DC}) (Version: 2.1.17869 - Symantec Corporation)

NTI Backup Now 5 (HKLM-x32\...\InstallShield_{12EFA1A4-AC3B-443C-8143-237EDE760403}) (Version: 5.1.2.628 - NewTech Infosystems)

NTI Backup Now Standard (x32 Version: 5.1.2.628 - NewTech Infosystems) Hidden

NTI Media Maker 8 (HKLM-x32\...\InstallShield_{2413930C-8309-47A6-BC61-5EF27A4222BC}) (Version: 8.0.12.6630 - NewTech Infosystems)

NTI Media Maker 8 (x32 Version: 8.0.12.6630 - NewTech Infosystems) Hidden

NVIDIA PhysX (HKLM-x32\...\{DEA314C4-0929-4250-BC92-98E4C105F28D}) (Version: 9.10.0129 - NVIDIA Corporation)

OGPlanet Game Launcher (HKLM-x32\...\OGPlanet Game Launcher US) (Version: 1.0.0 - OGPlanet, Inc.)

OGPlanet Game Launcher (HKLM-x32\...\OGPlanet Game Launcher) (Version: 1.0.0 - OGPlanet, Inc.)

PDF Settings CS6 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden

Penguins! (x32 Version: 2.2.0.95 - WildTangent) Hidden

Plants vs. Zombies (x32 Version: 2.2.0.95 - WildTangent) Hidden

Polar Bowler (x32 Version: 2.2.0.95 - WildTangent) Hidden

Polar Golfer (x32 Version: 2.2.0.95 - WildTangent) Hidden

Raptr (HKLM-x32\...\Raptr) (Version: - )

RealNetworks - Microsoft Visual C++ 2008 Runtime (x32 Version: 9.0 - RealNetworks, Inc) Hidden

RealPlayer (HKLM-x32\...\RealPlayer 15.0) (Version: 15.0.6 - RealNetworks)

Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6000 - Realtek Semiconductor Corp.)

RealUpgrade 1.1 (x32 Version: 1.1.0 - RealNetworks, Inc.) Hidden

Rumble Fighter (HKLM-x32\...\RumbleFighter) (Version: - )

SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.3.550.0 - SAMSUNG Electronics Co., Ltd.)

Shredder (Version: 2.0.8.3 - Egis Technology Inc.) Hidden

Shredder (x32 Version: 2.0.8.3 - Egis Technology Inc.) Hidden

Skype™ 7.8 (HKLM-x32\...\{6A0549A9-1B96-498C-ACBC-3943001FEB19}) (Version: 7.8.102 - Skype Technologies S.A.)

Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)

SWF & FLV Player 3.0 (build 3.0.33.5106) (HKLM-x32\...\SWF & FLV Player_is1) (Version: 3.0.33.5106 - Eltima Software)

SWF Opener (HKLM-x32\...\{01386D1F-ADE7-43B4-A4E9-312FC5BC726F}_is1) (Version: 1.3 - UnH Solutions)

swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden

Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 14.0.6.0 - Synaptics Incorporated)

TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.24732 - TeamViewer)

TERA (HKU\S-1-5-21-2505415791-2747731311-3398940262-1000\...\teraenmasse) (Version: - )

Times Reader (HKLM-x32\...\com.nyt.timesreader.78C54164786ADE80CB31E1C5D95607D0938C987A.1) (Version: 2.055 - The New York Times Company)

Times Reader (x32 Version: 2.055 - The New York Times Company) Hidden

Unity Web Player (HKU\S-1-5-21-2505415791-2747731311-3398940262-1000\...\UnityWebPlayer) (Version: - Unity Technologies ApS)

Update Installer for WildTangent Games App (x32 Version: - WildTangent) Hidden

USB Optical Mouse (HKLM-x32\...\{EEAE45EB-C1E3-4CCD-930D-D7B40F810063}) (Version: 1.00.0000 - )

Verizon Wireless Software Upgrade Assistant - SAMSUNG (TL-PC) (HKLM-x32\...\{CDCAED05-7803-4713-9BA0-072BD1194B83}) (Version: 1.11.0402 - SAMSUNG)

Virtual Villagers 4 - The Tree of Life (x32 Version: 2.2.0.95 - WildTangent) Hidden

Visual Studio 2008 x64 Redistributables (HKLM-x32\...\{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}) (Version: 10.0.0.2 - AVG Technologies)

Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)

Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)

VLC media player 1.1.7 (HKLM-x32\...\VLC media player) (Version: 1.1.7 - VideoLAN)

Welcome Center (HKLM-x32\...\Acer Welcome Center) (Version: 1.02.3002 - Acer Incorporated)

WildTangent Games App (Acer Games) (HKLM-x32\...\{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-acer) (Version: 4.0.6.14 - WildTangent)

Windows Live Essentials (HKLM-x32\...\WinLiveSuite_Wave3) (Version: 14.0.8117.0416 - Microsoft Corporation)

Windows Live Sign-in Assistant (HKLM-x32\...\{45338B07-A236-4270-9A77-EBB4115517B5}) (Version: 5.000.818.5 - Microsoft Corporation)

Windows Live Sync (HKLM-x32\...\{B10914FD-8812-47A4-85A1-50FCDE7F1F33}) (Version: 14.0.8117.416 - Microsoft Corporation)

Windows Live Upload Tool (HKLM-x32\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)

WinRAR archiver (HKLM-x32\...\WinRAR archiver) (Version: - )

Xpadder version 5.7 (HKLM-x32\...\{0DCE54A9-7256-4132-9D4E-1A64AE35E9B1}_is1) (Version: 5.7 - Xpadder, Inc.)

Yahoo! Messenger (HKLM-x32\...\Yahoo! Messenger) (Version: - Yahoo! Inc.)

Yahoo! Software Update (HKLM-x32\...\Yahoo! Software Update) (Version: - )

Zuma's Revenge (x32 Version: 2.2.0.95 - WildTangent) Hidden


==================== Custom CLSID (Whitelisted): ==========================


(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


CustomCLSID: HKU\S-1-5-21-2505415791-2747731311-3398940262-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Chaotic Lawliet\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-2505415791-2747731311-3398940262-1000_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}\InprocServer32 -> C:\Users\Chaotic Lawliet\AppData\Local\Google\Update\1.3.25.5\psuser_64.dll No File

CustomCLSID: HKU\S-1-5-21-2505415791-2747731311-3398940262-1000_Classes\CLSID\{1423F872-3F7F-4E57-B621-8B1A9D49B448}\InprocServer32 -> C:\Users\Chaotic Lawliet\AppData\Local\Google\Update\1.3.27.5\psuser_64.dll No File

CustomCLSID: HKU\S-1-5-21-2505415791-2747731311-3398940262-1000_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users\Chaotic Lawliet\AppData\Local\Google\Update\1.3.23.9\psuser_64.dll No File

CustomCLSID: HKU\S-1-5-21-2505415791-2747731311-3398940262-1000_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\Chaotic Lawliet\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll No File

CustomCLSID: HKU\S-1-5-21-2505415791-2747731311-3398940262-1000_Classes\CLSID\{C3BC25C0-FCD3-4F01-AFDD-41373F017C9A}\InprocServer32 -> C:\Users\Chaotic Lawliet\AppData\Local\Google\Update\1.3.26.9\psuser_64.dll No File

CustomCLSID: HKU\S-1-5-21-2505415791-2747731311-3398940262-1000_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users\Chaotic Lawliet\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll No File

CustomCLSID: HKU\S-1-5-21-2505415791-2747731311-3398940262-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Chaotic Lawliet\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-2505415791-2747731311-3398940262-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Chaotic Lawliet\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-2505415791-2747731311-3398940262-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Chaotic Lawliet\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-2505415791-2747731311-3398940262-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Chaotic Lawliet\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-2505415791-2747731311-3398940262-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Chaotic Lawliet\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-2505415791-2747731311-3398940262-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Chaotic Lawliet\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-2505415791-2747731311-3398940262-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Chaotic Lawliet\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-2505415791-2747731311-3398940262-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Chaotic Lawliet\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-2505415791-2747731311-3398940262-1000_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\Chaotic Lawliet\AppData\Local\Google\Update\1.3.24.7\psuser_64.dll No File


==================== Restore Points =========================


17-08-2015 09:29:11 Windows Update

20-08-2015 03:01:06 Windows Update

22-08-2015 10:58:15 Installed AVG PC TuneUp 2015

22-08-2015 12:57:16 Windows Update


==================== Hosts content: ===============================


(If needed Hosts: directive could be included in the fixlist to reset Hosts.)


2009-07-13 22:34 - 2009-06-10 17:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts


==================== Scheduled Tasks (Whitelisted) =============


(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


Task: {20EF8B7E-05C3-4DFD-98E4-8174449F579E} - System32\Tasks\Razer_Game_Booster_AutoUpdate => C:\Program Files (x86)\Razer\Razer Game Booster\AutoUpdate.exe

Task: {2692640E-A97B-4C6B-8B4D-606E55563A3D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-18] (Google Inc.)

Task: {2F7782AF-B3B6-4D89-A942-466E9996CDCD} - System32\Tasks\{6EE2B446-6C62-410D-90E3-8B35FA4EB63C} => pcalua.exe -a "C:\Users\Chaotic Lawliet\Desktop\SCHTHACK PSOBB\data\data-fix.exe" -d "C:\Users\Chaotic Lawliet\Desktop\SCHTHACK PSOBB\data"

Task: {30A8D933-FB5F-4594-936B-B3BA788319E3} - System32\Tasks\{06B71EE2-9598-437A-B550-E5D719A4C07F} => pcalua.exe -a "C:\Users\Chaotic Lawliet\Desktop\Maple Story\MSSetupv83.exe" -d "C:\Users\Chaotic Lawliet\Desktop\Maple Story"

Task: {56551FC5-69CC-4AB4-A4AF-33C6BE69429F} - System32\Tasks\{73464F91-A401-4C86-84A8-C9918401783C} => pcalua.exe -a "C:\Users\Chaotic Lawliet\Desktop\iROSetupFv1.3.exe" -d "C:\Users\Chaotic Lawliet\Desktop"

Task: {62B6B644-CCA8-4E59-8281-7D5A1D2C087B} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-08-12] (Adobe Systems Incorporated)

Task: {62CA758A-340D-4C28-9735-04B650A36AF9} - System32\Tasks\{3FE0A132-4D64-4C54-A1D9-067C23066335} => pcalua.exe -a "C:\Users\Chaotic Lawliet\Desktop\Games\Maple Story\MSSetupv83.exe" -d "C:\Users\Chaotic Lawliet\Desktop\Games\Maple Story"

Task: {789916C1-99B4-4E8F-BD18-F37AF9DA3A51} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-2505415791-2747731311-3398940262-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2012-07-27] (RealNetworks, Inc.)

Task: {94AE92E0-D652-4DB8-B585-7D1D0B306CD9} - System32\Tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater => Rundll32.exe invagent.dll,RunUpdate -noappraiser

Task: {9C0D102B-C128-47AD-B511-2E94F693C113} - System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013 => C:\Program Files (x86)\AVG\AVG PC TuneUp\OneClick.exe [2015-08-04] (AVG Technologies)

Task: {A0FF3C3E-3E04-4AE9-9140-B1A4D029825B} - System32\Tasks\{6B09288F-2E0A-4793-BB35-03367B28EA4D} => pcalua.exe -a "C:\Users\Chaotic Lawliet\Desktop\MSSetupv83.exe" -d "C:\Users\Chaotic Lawliet\Desktop"

Task: {A5510CB8-43E4-42D0-A86D-BF6D8EADF322} - System32\Tasks\Java Platform SE Auto Updater => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2015-06-08] (Oracle Corporation)

Task: {A90F4D43-BDDB-4288-A179-198EE601D6B7} - System32\Tasks\{CC85C907-A2C0-499C-B57E-D6899D02BB6B} => pcalua.exe -a C:\Windows\SysWOW64\_online.exe

Task: {AF9AE99C-EA69-4BB8-8725-74214972AD3F} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-2505415791-2747731311-3398940262-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2012-07-27] (RealNetworks, Inc.)

Task: {B92FD3BB-E38F-4FD1-8A12-4821A56769CE} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-18] (Google Inc.)

Task: {CCF2005F-2BAC-4473-8ED6-599D764F25F5} - \RealPlayer (32-bit) -> No File <==== ATTENTION


(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe


==================== Loaded Modules (Whitelisted) ==============


2015-08-04 08:26 - 2015-08-04 08:26 - 00718040 _____ () C:\Program Files (x86)\AVG\AVG PC TuneUp\avgrepliba.dll

2013-05-06 19:10 - 2010-03-30 13:37 - 00245248 _____ () C:\Program Files (x86)\USB Optical Mouse\USB Optical Mouse\MouseHid.exe

2015-08-04 08:26 - 2015-08-04 08:26 - 00861912 _____ () C:\Program Files (x86)\AVG\AVG PC TuneUp\tulnga.dll

2010-03-08 20:18 - 2010-03-08 20:18 - 00465576 _____ () C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\sqlite3.dll

2010-03-08 20:13 - 2010-03-08 20:13 - 01081600 _____ () C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\ACE.dll

2010-09-11 18:40 - 2009-05-20 18:02 - 00072200 _____ () C:\Program Files (x86)\Launch Manager\CdDirIo.dll

2015-08-21 21:09 - 2015-08-18 01:23 - 01405768 _____ () C:\Program Files (x86)\Google\Chrome\Application\44.0.2403.157\libglesv2.dll

2015-08-21 21:09 - 2015-08-18 01:23 - 00081224 _____ () C:\Program Files (x86)\Google\Chrome\Application\44.0.2403.157\libegl.dll

2015-08-21 21:09 - 2015-08-18 01:23 - 16393032 _____ () C:\Program Files (x86)\Google\Chrome\Application\44.0.2403.157\PepperFlash\pepflashplayer.dll


==================== Alternate Data Streams (Whitelisted) =========


(If an entry is included in the fixlist, only the ADS will be removed.)



==================== Safe Mode (Whitelisted) ===================


(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\plsapp => ""="service"


==================== EXE Association (Whitelisted) ===============


(If an entry is included in the fixlist, the registry item will be restored to default or removed.)



==================== Internet Explorer trusted/restricted ===============


(If an entry is included in the fixlist, it will be removed from the registry.)


IE trusted site: HKU\S-1-5-21-2505415791-2747731311-3398940262-1000\...\aeriagames.com -> hxxps://aeriagames.com

IE trusted site: HKU\S-1-5-21-2505415791-2747731311-3398940262-1000\...\aeriagames.com -> hxxp://aeriagames.com



==================== Other Areas ============================


(Currently there is no automatic fix for this section.)


HKU\S-1-5-21-2505415791-2747731311-3398940262-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Chaotic Lawliet\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg

DNS Servers: 192.168.1.254

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)

Windows Firewall is enabled.


==================== MSCONFIG/TASK MANAGER disabled items ==


(Currently there is no automatic fix for this section.)


MSCONFIG\startupreg: BackgroundContainerV2 => "C:\Windows\SysWOW64\Rundll32.exe" "C:\Users\Chaotic Lawliet\AppData\Local\Conduit\BackgroundContainer\BackgroundContainer.dll",DllRun


==================== FirewallRules (Whitelisted) ===============


(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


FirewallRules: [{55FCE6FB-8477-4D17-88A4-243220923188}] => (Allow) C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe

FirewallRules: [{8E9364A9-4569-4D8E-AA27-D41B5302CE17}] => (Allow) C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe

FirewallRules: [{10AE076D-12C3-4FF7-ABCA-03E704C73A71}] => (Allow) C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe

FirewallRules: [{7D24D6B2-0ACD-49EF-8A3E-3B3BCCF37300}] => (Allow) C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe

FirewallRules: [{9BC864CD-20A3-4852-A035-B3A6FD6AFC65}] => (Allow) c:\Program Files (x86)\CyberLink\PowerDVD9\PowerDVD9.EXE

FirewallRules: [{50A266F2-A3C1-4C6C-BE59-EA589C0A8745}] => (Allow) C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe

FirewallRules: [{5B1DA6E7-EBAC-4868-95F8-86E548002DCE}] => (Allow) C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe

FirewallRules: [{E81BEC7D-C0A8-463C-8F41-717C23C0216F}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe

FirewallRules: [{D321272E-7ABA-4569-BC92-F6B8D73C943E}] => (Allow) C:\Program Files (x86)\Windows Live\Sync\WindowsLiveSync.exe

FirewallRules: [{13F89185-FEA3-4DA5-81C5-49DB3E5B0FFC}] => (Allow) C:\ProgramData\NexonUS\NGM\NGM.exe

FirewallRules: [{1B9494AC-4B95-495A-A13F-8B7A37E41067}] => (Allow) C:\ProgramData\NexonUS\NGM\NGM.exe

FirewallRules: [{10B0810A-7425-49FB-8412-3C5CBA72CB24}] => (Allow) C:\Program Files (x86)\Kill3rCombo\Elsword\data\x2.exe

FirewallRules: [{B45C9BB9-1E83-4DE7-B916-3B1EC7593FB6}] => (Allow) C:\Program Files (x86)\Kill3rCombo\Elsword\data\x2.exe

FirewallRules: [TCP Query User{8AF26A33-207F-41EB-AE32-705613D3DAFC}C:\program files (x86)\google\google earth\plugin\geplugin.exe] => (Allow) C:\program files (x86)\google\google earth\plugin\geplugin.exe

FirewallRules: [uDP Query User{36DE94A6-99AD-434B-8BC6-3B84DC06B87C}C:\program files (x86)\google\google earth\plugin\geplugin.exe] => (Allow) C:\program files (x86)\google\google earth\plugin\geplugin.exe

FirewallRules: [TCP Query User{73776358-88A5-41AE-8009-38DA2788A115}C:\users\chaotic lawliet\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\chaotic lawliet\appdata\local\akamai\netsession_win.exe

FirewallRules: [uDP Query User{5E83AF13-DFE5-4F5C-8E43-5D82A2C271E7}C:\users\chaotic lawliet\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\chaotic lawliet\appdata\local\akamai\netsession_win.exe

FirewallRules: [TCP Query User{CE49BB6E-96E0-4F62-B52E-E747F4749753}C:\users\chaotic lawliet\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\chaotic lawliet\appdata\local\akamai\netsession_win.exe

FirewallRules: [uDP Query User{0D25D765-88D7-4553-8289-03F030DFF3EC}C:\users\chaotic lawliet\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\chaotic lawliet\appdata\local\akamai\netsession_win.exe

FirewallRules: [{FDF61097-B724-4E93-B63E-8A32CDE8814E}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe

FirewallRules: [{7FBF2CEE-F072-4B3B-8ED2-2E029174C786}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe

FirewallRules: [TCP Query User{64E17647-807A-4702-8300-95058EA8E453}C:\program files (x86)\ogplanet\rumblefighter\gemdumploader.exe] => (Allow) C:\program files (x86)\ogplanet\rumblefighter\gemdumploader.exe

FirewallRules: [uDP Query User{DE39E9F9-677C-4774-8A7B-9B18B9E1F503}C:\program files (x86)\ogplanet\rumblefighter\gemdumploader.exe] => (Allow) C:\program files (x86)\ogplanet\rumblefighter\gemdumploader.exe

FirewallRules: [TCP Query User{A878EC8E-0678-4832-9C99-091921EAFDB9}C:\program files (x86)\byond\bin\byond.exe] => (Allow) C:\program files (x86)\byond\bin\byond.exe

FirewallRules: [uDP Query User{DB356D93-DBAF-45C3-9A2C-F43BB1907974}C:\program files (x86)\byond\bin\byond.exe] => (Allow) C:\program files (x86)\byond\bin\byond.exe

FirewallRules: [{84EDAFC1-2F58-4727-8B69-BE663724BF56}] => (Allow) LPort=443

FirewallRules: [{BEFC1A93-7C4F-4BC4-9F9E-A5D8EAF5B214}] => (Allow) LPort=443

FirewallRules: [{68E4EE2E-3122-49E5-83CB-00913C4FEEFA}] => (Allow) LPort=37674

FirewallRules: [{00054145-DF99-48CD-9AD3-77CAEAE365EA}] => (Allow) LPort=37674

FirewallRules: [{97C53A50-5FF0-4FD2-B7C9-ED7C8931C541}] => (Allow) LPort=37675

FirewallRules: [{11A3CD1A-6B16-4090-8A72-3A5819634CF3}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe

FirewallRules: [{D9E8FC75-4A49-469B-B9BB-8D38812D4425}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\apb reloaded\Launcher\APBLauncher.exe

FirewallRules: [{A4725AA6-0581-42F1-9E79-7F42834B2C44}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\apb reloaded\Launcher\APBLauncher.exe

FirewallRules: [{B90A66D5-1C6E-45A7-B82E-009A149C2B0E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\apb reloaded\Binaries\APB.exe

FirewallRules: [{6AC94A09-7700-4CBE-B621-F745BCC62E20}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\apb reloaded\Binaries\APB.exe

FirewallRules: [{55388482-86D5-4D98-8B1A-5B15F914BA4A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\apb reloaded\Binaries\VivoxVoiceService.exe

FirewallRules: [{A797FBB7-1D1F-45A4-BD61-7D7AE73CFCB8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\apb reloaded\Binaries\VivoxVoiceService.exe

FirewallRules: [{10522428-4248-4CBA-82B5-894EDFE3C2CA}] => (Allow) C:\Program Files (x86)\Kill3rCombo\Elsword\data\x2.exe

FirewallRules: [{DC9C618F-5FFC-432B-8DF6-17185CF392C1}] => (Allow) C:\Program Files (x86)\Kill3rCombo\Elsword\data\x2.exe

FirewallRules: [{7E8E3A8B-CA18-4B20-9E86-ED7E5DB5A1F3}] => (Allow) C:\ProgramData\NexonUS\NGM\NGM.exe

FirewallRules: [{2C521BB3-96A1-4B8A-8DF7-A07EB14EE8D8}] => (Allow) C:\ProgramData\NexonUS\NGM\NGM.exe

FirewallRules: [{21C6E670-2AC8-4D9F-A7D4-2A40AE777071}] => (Allow) C:\Program Files (x86)\uTorrent\uTorrent.exe

FirewallRules: [{E39AB1C7-3E54-4027-8B29-A84161424CBD}] => (Allow) C:\Program Files (x86)\uTorrent\uTorrent.exe

FirewallRules: [TCP Query User{E48A2E88-13C3-4DB5-9A62-E34D80ECEF0C}C:\users\chaotic lawliet\desktop\crap\utorrent.exe] => (Allow) C:\users\chaotic lawliet\desktop\crap\utorrent.exe

FirewallRules: [uDP Query User{D563F37E-5BC7-486F-90AA-1ABE0788A43C}C:\users\chaotic lawliet\desktop\crap\utorrent.exe] => (Allow) C:\users\chaotic lawliet\desktop\crap\utorrent.exe

FirewallRules: [{5F7D518C-3CF1-4130-A9D1-060DA48B7B53}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1544\Agent.exe

FirewallRules: [{548F6B95-CE41-4DD7-9C4F-6AF30253C958}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1544\Agent.exe

FirewallRules: [{A1FA0DF4-EC3A-4B51-9A7D-BEB1CA644190}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe

FirewallRules: [{EEF495F4-3D5A-48A1-8232-5EEAC38BD7B2}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe

FirewallRules: [{A0C0E061-9D32-4FA0-8570-C4360789B9F8}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe

FirewallRules: [{8EFE41C3-1F54-4297-92A9-48CA58A2F411}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe

FirewallRules: [{D32A7871-570E-4312-ACAE-346D7CA61843}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe

FirewallRules: [{968743AA-2F05-4748-AF87-D213CE86210B}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe

FirewallRules: [{615839B9-0BD3-459A-B502-3FD08465C86C}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe

FirewallRules: [{EDAE4316-3DE9-4704-B438-9AD26A377674}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe

FirewallRules: [{B3497598-6E3F-41EE-BB68-172F9A14F237}] => (Allow) C:\ProgramData\HappyCloud\Cache\TERA\TERA-Launcher.exe

FirewallRules: [{1680C3A4-807C-40DA-BC8F-9EE2712287A5}] => (Allow) C:\ProgramData\HappyCloud\Cache\TERA\TERA-Launcher.exe

FirewallRules: [{558496BB-4B2A-460D-BA9B-5262278A90CC}] => (Allow) C:\ProgramData\HappyCloud\Cache\TERA\Client\TL.exe

FirewallRules: [{DA1AC079-0954-4CAE-A9E0-85DB749B2D18}] => (Allow) C:\ProgramData\HappyCloud\Cache\TERA\Client\TL.exe

FirewallRules: [{2E313764-C6B9-434E-B3FB-B616246533DB}] => (Allow) C:\ProgramData\HappyCloud\Cache\TERA\Client\Binaries\TERA.exe

FirewallRules: [{818174F8-14EC-4346-AF7F-911973A1D31E}] => (Allow) C:\ProgramData\HappyCloud\Cache\TERA\Client\Binaries\TERA.exe

FirewallRules: [{AB419297-25C5-40DE-A309-1BF748B9C176}] => (Allow) C:\Users\Chaotic Lawliet\AppData\Roaming\Dropbox\bin\Dropbox.exe

FirewallRules: [{454A6046-436B-4164-98D3-2864B87D78D5}] => (Allow) C:\Users\Chaotic Lawliet\AppData\Roaming\Dropbox\bin\Dropbox.exe

FirewallRules: [{345488BB-7A1E-4F18-B57A-4A4044C29DFE}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe

FirewallRules: [{2DC26685-792F-42F8-99D0-9DA65B2F9C19}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe

FirewallRules: [{1AA65402-A94A-4AC7-A0EA-6943EDC28C48}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe

FirewallRules: [{069A686C-BD3C-40ED-9E99-D904E9F92DD8}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe

FirewallRules: [{59EE724B-E087-44B8-B9D9-4BFD4198FA10}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgdiagex.exe

FirewallRules: [{836CEE22-561C-4098-8680-AEB8191DADF6}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgdiagex.exe

FirewallRules: [{FD0539A9-20B9-41CC-91D7-473041DEDB87}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgemca.exe

FirewallRules: [{D3BC25F7-D016-4EEC-9715-B33A7CC05D2C}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgemca.exe

FirewallRules: [{6DE5B291-558C-4D52-B538-768AD1F52A07}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe

FirewallRules: [{C10250A8-FD4D-4FBF-A8CE-9334D1871B40}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe

FirewallRules: [{9844F91B-5EBF-4EBD-B9F9-B62DEC9C95D8}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Faulty Device Manager Devices =============



==================== Event log errors: =========================


Application errors:

==================

Error: (08/23/2015 08:52:19 PM) (Source: Application Hang) (EventID: 1002) (User: )

Description: The program Skype.exe version 7.8.64.102 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.


Process ID: a2c


Start Time: 01d0de066086b14c


Termination Time: 20


Application Path: C:\Program Files (x86)\Skype\Phone\Skype.exe


Report Id: 58811c65-49fa-11e5-854f-206a8a1423a6


Error: (08/23/2015 04:23:15 PM) (Source: SideBySide) (EventID: 80) (User: )

Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest3.

A component version required by the application conflicts with another component version already active.

Conflicting components are:.

Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.

Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.


Error: (08/23/2015 04:22:56 PM) (Source: SideBySide) (EventID: 80) (User: )

Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest3.

A component version required by the application conflicts with another component version already active.

Conflicting components are:.

Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.

Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.


Error: (08/23/2015 04:22:56 PM) (Source: SideBySide) (EventID: 80) (User: )

Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest3.

A component version required by the application conflicts with another component version already active.

Conflicting components are:.

Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.

Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.


Error: (08/23/2015 04:22:46 PM) (Source: SideBySide) (EventID: 80) (User: )

Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest3.

A component version required by the application conflicts with another component version already active.

Conflicting components are:.

Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.

Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.


Error: (08/23/2015 04:14:32 PM) (Source: CVHSVC) (EventID: 100) (User: )

Description: Information only.

Error: Cannot connect to SoftGrid Service Type: 95::SoftGridConfigurationFailure.


Error: (08/23/2015 03:33:29 PM) (Source: CVHSVC) (EventID: 100) (User: )

Description: Information only.

Error: Cannot connect to SoftGrid Service Type: 95::SoftGridConfigurationFailure.


Error: (08/23/2015 03:11:50 PM) (Source: CVHSVC) (EventID: 100) (User: )

Description: Information only.

Error: Cannot connect to SoftGrid Service Type: 95::SoftGridConfigurationFailure.


Error: (08/23/2015 03:06:01 PM) (Source: CVHSVC) (EventID: 100) (User: )

Description: Information only.

Error: Cannot connect to SoftGrid Service Type: 95::SoftGridConfigurationFailure.


Error: (08/22/2015 12:01:27 PM) (Source: CVHSVC) (EventID: 100) (User: )

Description: Information only.

Error: Cannot connect to SoftGrid Service Type: 95::SoftGridConfigurationFailure.



System errors:

=============

Error: (08/23/2015 08:52:12 PM) (Source: Service Control Manager) (EventID: 7000) (User: )

Description: The eapihdrv service failed to start due to the following error:

%%1275


Error: (08/23/2015 08:52:12 PM) (Source: Application Popup) (EventID: 1060) (User: )

Description: \??\C:\Users\CHAOTI~1\AppData\Local\Temp\ehdrv.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.


Error: (08/23/2015 08:52:12 PM) (Source: Service Control Manager) (EventID: 7000) (User: )

Description: The eapihdrv service failed to start due to the following error:

%%1275


Error: (08/23/2015 08:52:12 PM) (Source: Application Popup) (EventID: 1060) (User: )

Description: \??\C:\Users\CHAOTI~1\AppData\Local\Temp\ehdrv.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.


Error: (08/23/2015 08:52:12 PM) (Source: Service Control Manager) (EventID: 7000) (User: )

Description: The eapihdrv service failed to start due to the following error:

%%1275


Error: (08/23/2015 08:52:12 PM) (Source: Application Popup) (EventID: 1060) (User: )

Description: \??\C:\Users\CHAOTI~1\AppData\Local\Temp\ehdrv.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.


Error: (08/23/2015 08:52:11 PM) (Source: Service Control Manager) (EventID: 7000) (User: )

Description: The eapihdrv service failed to start due to the following error:

%%1275


Error: (08/23/2015 08:52:11 PM) (Source: Application Popup) (EventID: 1060) (User: )

Description: \??\C:\Users\CHAOTI~1\AppData\Local\Temp\ehdrv.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.


Error: (08/23/2015 08:52:11 PM) (Source: Service Control Manager) (EventID: 7000) (User: )

Description: The eapihdrv service failed to start due to the following error:

%%1275


Error: (08/23/2015 08:52:11 PM) (Source: Application Popup) (EventID: 1060) (User: )

Description: \??\C:\Users\CHAOTI~1\AppData\Local\Temp\ehdrv.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.



Microsoft Office:

=========================

Error: (08/23/2015 08:52:19 PM) (Source: Application Hang) (EventID: 1002) (User: )

Description: Skype.exe7.8.64.102a2c01d0de066086b14c20C:\Program Files (x86)\Skype\Phone\Skype.exe58811c65-49fa-11e5-854f-206a8a1423a6


Error: (08/23/2015 04:23:15 PM) (Source: SideBySide) (EventID: 80) (User: )

Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifestC:\Users\Chaotic Lawliet\Desktop\esetsmartinstaller_enu.exe


Error: (08/23/2015 04:22:56 PM) (Source: SideBySide) (EventID: 80) (User: )

Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifestC:\Users\Chaotic Lawliet\Desktop\esetsmartinstaller_enu.exe


Error: (08/23/2015 04:22:56 PM) (Source: SideBySide) (EventID: 80) (User: )

Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifestC:\Users\Chaotic Lawliet\Desktop\esetsmartinstaller_enu.exe


Error: (08/23/2015 04:22:46 PM) (Source: SideBySide) (EventID: 80) (User: )

Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifestC:\Users\Chaotic Lawliet\Desktop\esetsmartinstaller_enu.exe


Error: (08/23/2015 04:14:32 PM) (Source: CVHSVC) (EventID: 100) (User: )

Description: Error: Cannot connect to SoftGrid Service Type: 95::SoftGridConfigurationFailure.


Error: (08/23/2015 03:33:29 PM) (Source: CVHSVC) (EventID: 100) (User: )

Description: Error: Cannot connect to SoftGrid Service Type: 95::SoftGridConfigurationFailure.


Error: (08/23/2015 03:11:50 PM) (Source: CVHSVC) (EventID: 100) (User: )

Description: Error: Cannot connect to SoftGrid Service Type: 95::SoftGridConfigurationFailure.


Error: (08/23/2015 03:06:01 PM) (Source: CVHSVC) (EventID: 100) (User: )

Description: Error: Cannot connect to SoftGrid Service Type: 95::SoftGridConfigurationFailure.


Error: (08/22/2015 12:01:27 PM) (Source: CVHSVC) (EventID: 100) (User: )

Description: Error: Cannot connect to SoftGrid Service Type: 95::SoftGridConfigurationFailure.



CodeIntegrity:

===================================

Date: 2015-08-23 04:11:22.624

Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\AVG\AVG PC TuneUp\avgdumpx.exe because the set of per-page image hashes could not be found on the system.


Date: 2015-08-23 04:11:22.422

Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\AVG\AVG PC TuneUp\avgdumpx.exe because the set of per-page image hashes could not be found on the system.


Date: 2015-08-23 04:11:22.228

Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\AVG\AVG PC TuneUp\avgdumpx.exe because the set of per-page image hashes could not be found on the system.


Date: 2015-08-22 11:04:52.736

Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\AVG\AVG PC TuneUp\avgdumpx.exe because the set of per-page image hashes could not be found on the system.


Date: 2015-08-22 11:04:52.595

Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\AVG\AVG PC TuneUp\avgdumpx.exe because the set of per-page image hashes could not be found on the system.


Date: 2015-08-22 11:04:52.424

Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\AVG\AVG PC TuneUp\avgdumpa.exe because the set of per-page image hashes could not be found on the system.


Date: 2015-08-22 11:04:52.299

Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\AVG\AVG PC TuneUp\avgdumpa.exe because the set of per-page image hashes could not be found on the system.


Date: 2015-08-22 11:04:47.057

Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\AVG\AVG PC TuneUp\avgdumpx.exe because the set of per-page image hashes could not be found on the system.


Date: 2015-08-22 11:04:46.933

Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\AVG\AVG PC TuneUp\avgdumpx.exe because the set of per-page image hashes could not be found on the system.


Date: 2015-08-22 11:04:46.808

Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\AVG\AVG PC TuneUp\avgdumpx.exe because the set of per-page image hashes could not be found on the system.



==================== Memory info ===========================


Processor: Intel® Pentium® CPU P6100 @ 2.00GHz

Percentage of memory in use: 70%

Total physical RAM: 2804.5 MB

Available physical RAM: 833.25 MB

Total Virtual: 5607.2 MB

Available Virtual: 3286.65 MB


==================== Drives ================================


Drive c: (ACER) (Fixed) (Total:219.11 GB) (Free:62.4 GB) NTFS


==================== MBR & Partition Table ==================


========================================================

Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 232.9 GB) (Disk ID: C444C444)

Partition 1: (Not Active) - (Size=13.7 GB) - (Type=27)

Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)

Partition 3: (Not Active) - (Size=219.1 GB) - (Type=07 NTFS)


==================== End of log ============================

Share this post


Link to post
Share on other sites

Note that ESET Online Scanner said that copies of uTorrent and Cheat Engine 6.2. I recommend uninstalling both. P2P programs represent a security threat to the information on your system as they allow others to access your system. In many cases P2P programs also represent a risk of infection from the program itself, as some have installed adware/spyware, or other programs without consent. Even if the program itself is clean, many P2P networks are riddled with malware, and it's often the newest, most difficult to remove malware. There are many risks associated with P2P programs, none are worth the risks.

I see you just installed AVG PC TuneUp 2015. If this was not a paid version, I would recommend uninstalling it. It's not a program that I would recommend.

I see that you have TeamViewer installed. As the program allows remote access to your system, please be certain you use a strong password of at least 8 characters with a mix of upper cars, lower case, at least one number and at least one special character.

 

NOTICE: This script was written specifically for this user, for use on this particular machine. Running this on another machine may cause damage to your operating system.
Open notepad (Start =>All Programs => Accessories => Notepad). Please copy the entire contents of the code box below.

start

CHR HKU\S-1-5-21-2505415791-2747731311-3398940262-1000\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
URLSearchHook: HKU\S-1-5-21-2505415791-2747731311-3398940262-1000 - (No Name) - {03f38c00-dda9-46bf-9475-c6997746c740} - No File
SearchScopes: HKLM-x32 -> DefaultScope {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW
SearchScopes: HKLM-x32 -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW
SearchScopes: HKU\S-1-5-21-2505415791-2747731311-3398940262-1000 -> {225C4492-3857-42F3-9D50-97A47D1AF763} URL = hxxp://ws.infospace.com/playsushi_tbar/ws/redir?_iceUrl=true& user_id=%userid&tool_id=60231&qkw={searchTerms}
SearchScopes: HKU\S-1-5-21-2505415791-2747731311-3398940262-1000 -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW_enUS416
SearchScopes: HKU\S-1-5-21-2505415791-2747731311-3398940262-1000 -> {E8984107-C1A3-4E7A-B45D-96DF0168DDAF} URL = hxxp://websearch.ask.com/redirect?client=ie&tb=FWV5&o=14193&src=crm&q={searchTerms}&locale=&apn_ptnrs=FM&apn_dtid=YYYYYYURUS&apn_uid=f44b21fc-f465-45b9-a417-bc4a3921bffa&apn_sauid=299683DA-6A75-4BBC-8BE3-2F0703436E8E
Toolbar: HKU\S-1-5-21-2505415791-2747731311-3398940262-1000 -> No Name - {03F38C00-DDA9-46BF-9475-C6997746C740} -  No File
FF Plugin: @java.com/JavaPlugin -> C:\Program Files\Java\jre1.8.0_51\bin\new_plugin\npjp2.dll [No File]
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @ogplanet.com/npOGPPlugin -> C:\Windows\system32\npOGPPlugin.dll [No File]
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll [No File]
CHR HKLM\...\Chrome\Extension: [eogikidelleflpkolmiiaeibjbaepila] - C:\Users\CHAOTI~1\AppData\Local\chrome_6486.crx [2014-01-25]
CHR HKU\S-1-5-21-2505415791-2747731311-3398940262-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [eogikidelleflpkolmiiaeibjbaepila] - C:\Users\CHAOTI~1\AppData\Local\chrome_6486.crx [2014-01-25]
CHR HKLM-x32\...\Chrome\Extension: [bpegkgagfojjbcpkihigfmkojdmmimdf] - <no Path/update_url>
CHR HKLM-x32\...\Chrome\Extension: [ehgldbbpchgpcfagfpfjgoomddhccfgh] - <no Path/update_url>
CHR HKLM-x32\...\Chrome\Extension: [eogikidelleflpkolmiiaeibjbaepila] - C:\Users\CHAOTI~1\AppData\Local\chrome_6486.crx [2014-01-25]
S3 CaptureFileMonitor; system32\DRIVERS\CaptureFileMonitor64.sys [X]
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
S3 ProcObsrv; \??\C:\Windows\SysWOW64\ProcObsrv64.sys [X]
S3 WinRing0_1_2_0; \??\C:\Program Files (x86)\Razer\Razer Game Booster\Driver\WinRing0x64.sys [X]
S3 X6va001; \??\C:\Users\CHAOTI~1\AppData\Local\Temp\001BEDC.tmp [X]
S3 X6va005; \??\C:\Users\CHAOTI~1\AppData\Local\Temp\0051E8B.tmp [X]
S3 X6va006; \??\C:\Users\CHAOTI~1\AppData\Local\Temp\006561B.tmp [X]
S3 X6va008; \??\C:\Windows\SysWOW64\Drivers\X6va008 [X]
S3 X6va009; \??\C:\Windows\SysWOW64\Drivers\X6va009 [X]
S3 X6va011; \??\C:\Windows\SysWOW64\Drivers\X6va011 [X]
S3 X6va012; \??\C:\Windows\SysWOW64\Drivers\X6va012 [X]
S3 X6va015; \??\C:\Windows\SysWOW64\Drivers\X6va015 [X]
S3 X6va016; \??\C:\Windows\SysWOW64\Drivers\X6va016 [X]
S3 X6va017; \??\C:\Windows\SysWOW64\Drivers\X6va017 [X]
S3 X6va021; \??\C:\Windows\SysWOW64\Drivers\X6va021 [X]
S3 X6va022; \??\C:\Windows\SysWOW64\Drivers\X6va022 [X]
S3 X6va025; \??\C:\Windows\SysWOW64\Drivers\X6va025 [X]
S3 X6va027; \??\C:\Windows\SysWOW64\Drivers\X6va027 [X]
S3 X6va028; \??\C:\Windows\SysWOW64\Drivers\X6va028 [X]
S3 X6va029; \??\C:\Windows\SysWOW64\Drivers\X6va029 [X]
CustomCLSID: HKU\S-1-5-21-2505415791-2747731311-3398940262-1000_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}\InprocServer32 -> C:\Users\Chaotic Lawliet\AppData\Local\Google\Update\1.3.25.5\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-2505415791-2747731311-3398940262-1000_Classes\CLSID\{1423F872-3F7F-4E57-B621-8B1A9D49B448}\InprocServer32 -> C:\Users\Chaotic Lawliet\AppData\Local\Google\Update\1.3.27.5\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-2505415791-2747731311-3398940262-1000_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users\Chaotic Lawliet\AppData\Local\Google\Update\1.3.23.9\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-2505415791-2747731311-3398940262-1000_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\Chaotic Lawliet\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-2505415791-2747731311-3398940262-1000_Classes\CLSID\{C3BC25C0-FCD3-4F01-AFDD-41373F017C9A}\InprocServer32 -> C:\Users\Chaotic Lawliet\AppData\Local\Google\Update\1.3.26.9\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-2505415791-2747731311-3398940262-1000_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users\Chaotic Lawliet\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-2505415791-2747731311-3398940262-1000_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\Chaotic Lawliet\AppData\Local\Google\Update\1.3.24.7\psuser_64.dll No File
Task: {30A8D933-FB5F-4594-936B-B3BA788319E3} - System32\Tasks\{06B71EE2-9598-437A-B550-E5D719A4C07F} => pcalua.exe -a "C:\Users\Chaotic Lawliet\Desktop\Maple Story\MSSetupv83.exe" -d "C:\Users\Chaotic Lawliet\Desktop\Maple Story"
Task: {56551FC5-69CC-4AB4-A4AF-33C6BE69429F} - System32\Tasks\{73464F91-A401-4C86-84A8-C9918401783C} => pcalua.exe -a "C:\Users\Chaotic Lawliet\Desktop\iROSetupFv1.3.exe" -d "C:\Users\Chaotic Lawliet\Desktop"
Task: {62CA758A-340D-4C28-9735-04B650A36AF9} - System32\Tasks\{3FE0A132-4D64-4C54-A1D9-067C23066335} => pcalua.exe -a "C:\Users\Chaotic Lawliet\Desktop\Games\Maple Story\MSSetupv83.exe" -d "C:\Users\Chaotic Lawliet\Desktop\Games\Maple Story"
Task: {A0FF3C3E-3E04-4AE9-9140-B1A4D029825B} - System32\Tasks\{6B09288F-2E0A-4793-BB35-03367B28EA4D} => pcalua.exe -a "C:\Users\Chaotic Lawliet\Desktop\MSSetupv83.exe" -d "C:\Users\Chaotic Lawliet\Desktop"
Task: {CCF2005F-2BAC-4473-8ED6-599D764F25F5} - \RealPlayer (32-bit)  -> No File <==== ATTENTION

end

Save the file as fixlist.txt in to the same folder as FRST
Run FRST and click Fix only once and wait
If the tool needs a restart please make sure you let the system restart normally and let the tool complete its run after restart.
The tool will create a log on the Desktop (Fixlog.txt). Please attach or post it to your next reply.

 

 

Please download Junkware Removal Tool to your Desktop.

  • Please close your security software to avoid potential conflicts.
  • Run the tool by double-clicking it.
  • If you are using Windows Vista or Windows 7, right-mouse click it and select Run as administrator.
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete, depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your Desktop and will automatically open.
  • Please post the contents of JRT.txt into your reply.

Your Java version is outdated and vulnerable.
Please go to Start > Control Panel > Programs and Features, and uninstall the following:
Java 8 Update 51
Java 8 Update 51 (64-bit)


Next, because Java has had so many vulnerabilities, if you don't have a program that requires Java, or a web site you visit that requires it, I recommend leaving it uninstalled. Your system will be more secure. If you decide to reinstall, or find that a program or website requires it, you can download the latest version from here:
http://java.com/en/download/manual.jsp
You should use the Offline version as it doesn't contain any additional unwanted toolbars.
If you reinstall it because a program requires Java, you can increase your security by going to the Java Control Panel (Start > Control Panel > Java), selecting the Security tab, and Unchecking "Enable Java content in the browser".

 

Download the Sophos Virus Removal Tool and save it to your desktop:

  • Be sure to view the 3 short How-to videos on that page.
  • Double-click Sophos Virus Removal Tool.exe. The installation files will extract and the installer will automatically run.
  • Follow the prompts to accept the license agreement, and accept the default location.
  • A message will appear "InstallShield Wizard Completed".
  • Click 'Finish' to start the program.
  • After it updates and a "Start Scanning" button appears in the lower right:
    • Disconnect from the Internet or physically unplug you Internet cable connection.
    • Close all open programs, scheduling/updating tasks and background processes that might activate during the scan including the screensaver.
    • Temporarily disable your anti-virus and real-time anti-spyware protection.
  • Click the "Start Scanning" button in the lower right to start the scan.
  • After starting the scan, do not use the computer until the scan has completed.
  • When finished, if it detected anything there will be a "Start Clean-up" button, click it and allow it to finish.
  • When finished, re-enable your anti-virus/anti-malware (or reboot) and then you can reconnect to the Internet.
  • A log will be in the following location:
  • Vista and above: C:\ProgramData\Sophos\Sophos Virus Removal Tool\Logs\SophosVirusRemovalTool.log
    --for 64-bit C:\Program Files (x86)\Sophos\Sophos Virus Removal Tool\Logs\SophosVirusRemovalTool.log
  • 2000/XP/Server 2003: C:\Documents and Settings\All Users\Application Data\Sophos\Sophos Virus Removal Tool\Logs\SophosVirusRemovalTool.log
  • Please post the log in your next reply and note any errors encountered.

 

Please post the log from FRST (Fixlog.txt), the log from Junkware Removal Tool, the log from Sophos Virus Removal Tool, and note any errors encountered.

Share this post


Link to post
Share on other sites

I have uninstalled uTorrent, Cheat Engine 6.2, AVG PC TuneUp 2015. As for TeamViewer, I do use a strong password, but I'll probably uninstall it later as I rarely use it anymore.

I've also uninstalled Java. Thank you for the advice.

 

I've downloaded, installed and used all tools listed. The logs are below.

 

 

Fix result of Farbar Recovery Scan Tool (x64) Version:24-08-2015
Ran by Chaotic Lawliet (2015-08-24 13:18:12) Run:1
Running from C:\Users\Chaotic Lawliet\Desktop\Spyware Forum
Loaded Profiles: Chaotic Lawliet (Available Profiles: Chaotic Lawliet)
Boot Mode: Normal
==============================================
fixlist content:
*****************
start
CHR HKU\S-1-5-21-2505415791-2747731311-3398940262-1000\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
URLSearchHook: HKU\S-1-5-21-2505415791-2747731311-3398940262-1000 - (No Name) - {03f38c00-dda9-46bf-9475-c6997746c740} - No File
SearchScopes: HKLM-x32 -> DefaultScope {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW
SearchScopes: HKLM-x32 -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW
SearchScopes: HKU\S-1-5-21-2505415791-2747731311-3398940262-1000 -> {225C4492-3857-42F3-9D50-97A47D1AF763} URL = hxxp://ws.infospace.com/playsushi_tbar/ws/redir?_iceUrl=true& user_id=%userid&tool_id=60231&qkw={searchTerms}
SearchScopes: HKU\S-1-5-21-2505415791-2747731311-3398940262-1000 -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7ACAW_enUS416
SearchScopes: HKU\S-1-5-21-2505415791-2747731311-3398940262-1000 -> {E8984107-C1A3-4E7A-B45D-96DF0168DDAF} URL = hxxp://websearch.ask.com/redirect?client=ie&tb=FWV5&o=14193&src=crm&q={searchTerms}&locale=&apn_ptnrs=FM&apn_dtid=YYYYYYURUS&apn_uid=f44b21fc-f465-45b9-a417-bc4a3921bffa&apn_sauid=299683DA-6A75-4BBC-8BE3-2F0703436E8E
Toolbar: HKU\S-1-5-21-2505415791-2747731311-3398940262-1000 -> No Name - {03F38C00-DDA9-46BF-9475-C6997746C740} - No File
FF Plugin: @java.com/JavaPlugin -> C:\Program Files\Java\jre1.8.0_51\bin\new_plugin\npjp2.dll [No File]
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @ogplanet.com/npOGPPlugin -> C:\Windows\system32\npOGPPlugin.dll [No File]
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll [No File]
CHR HKLM\...\Chrome\Extension: [eogikidelleflpkolmiiaeibjbaepila] - C:\Users\CHAOTI~1\AppData\Local\chrome_6486.crx [2014-01-25]
CHR HKU\S-1-5-21-2505415791-2747731311-3398940262-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [eogikidelleflpkolmiiaeibjbaepila] - C:\Users\CHAOTI~1\AppData\Local\chrome_6486.crx [2014-01-25]
CHR HKLM-x32\...\Chrome\Extension: [bpegkgagfojjbcpkihigfmkojdmmimdf] - <no Path/update_url>
CHR HKLM-x32\...\Chrome\Extension: [ehgldbbpchgpcfagfpfjgoomddhccfgh] - <no Path/update_url>
CHR HKLM-x32\...\Chrome\Extension: [eogikidelleflpkolmiiaeibjbaepila] - C:\Users\CHAOTI~1\AppData\Local\chrome_6486.crx [2014-01-25]
S3 CaptureFileMonitor; system32\DRIVERS\CaptureFileMonitor64.sys [X]
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
S3 ProcObsrv; \??\C:\Windows\SysWOW64\ProcObsrv64.sys [X]
S3 WinRing0_1_2_0; \??\C:\Program Files (x86)\Razer\Razer Game Booster\Driver\WinRing0x64.sys [X]
S3 X6va001; \??\C:\Users\CHAOTI~1\AppData\Local\Temp\001BEDC.tmp [X]
S3 X6va005; \??\C:\Users\CHAOTI~1\AppData\Local\Temp\0051E8B.tmp [X]
S3 X6va006; \??\C:\Users\CHAOTI~1\AppData\Local\Temp\006561B.tmp [X]
S3 X6va008; \??\C:\Windows\SysWOW64\Drivers\X6va008 [X]
S3 X6va009; \??\C:\Windows\SysWOW64\Drivers\X6va009 [X]
S3 X6va011; \??\C:\Windows\SysWOW64\Drivers\X6va011 [X]
S3 X6va012; \??\C:\Windows\SysWOW64\Drivers\X6va012 [X]
S3 X6va015; \??\C:\Windows\SysWOW64\Drivers\X6va015 [X]
S3 X6va016; \??\C:\Windows\SysWOW64\Drivers\X6va016 [X]
S3 X6va017; \??\C:\Windows\SysWOW64\Drivers\X6va017 [X]
S3 X6va021; \??\C:\Windows\SysWOW64\Drivers\X6va021 [X]
S3 X6va022; \??\C:\Windows\SysWOW64\Drivers\X6va022 [X]
S3 X6va025; \??\C:\Windows\SysWOW64\Drivers\X6va025 [X]
S3 X6va027; \??\C:\Windows\SysWOW64\Drivers\X6va027 [X]
S3 X6va028; \??\C:\Windows\SysWOW64\Drivers\X6va028 [X]
S3 X6va029; \??\C:\Windows\SysWOW64\Drivers\X6va029 [X]
CustomCLSID: HKU\S-1-5-21-2505415791-2747731311-3398940262-1000_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}\InprocServer32 -> C:\Users\Chaotic Lawliet\AppData\Local\Google\Update\1.3.25.5\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-2505415791-2747731311-3398940262-1000_Classes\CLSID\{1423F872-3F7F-4E57-B621-8B1A9D49B448}\InprocServer32 -> C:\Users\Chaotic Lawliet\AppData\Local\Google\Update\1.3.27.5\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-2505415791-2747731311-3398940262-1000_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}\InprocServer32 -> C:\Users\Chaotic Lawliet\AppData\Local\Google\Update\1.3.23.9\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-2505415791-2747731311-3398940262-1000_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\Chaotic Lawliet\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-2505415791-2747731311-3398940262-1000_Classes\CLSID\{C3BC25C0-FCD3-4F01-AFDD-41373F017C9A}\InprocServer32 -> C:\Users\Chaotic Lawliet\AppData\Local\Google\Update\1.3.26.9\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-2505415791-2747731311-3398940262-1000_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}\InprocServer32 -> C:\Users\Chaotic Lawliet\AppData\Local\Google\Update\1.3.25.11\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-2505415791-2747731311-3398940262-1000_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\Chaotic Lawliet\AppData\Local\Google\Update\1.3.24.7\psuser_64.dll No File
Task: {30A8D933-FB5F-4594-936B-B3BA788319E3} - System32\Tasks\{06B71EE2-9598-437A-B550-E5D719A4C07F} => pcalua.exe -a "C:\Users\Chaotic Lawliet\Desktop\Maple Story\MSSetupv83.exe" -d "C:\Users\Chaotic Lawliet\Desktop\Maple Story"
Task: {56551FC5-69CC-4AB4-A4AF-33C6BE69429F} - System32\Tasks\{73464F91-A401-4C86-84A8-C9918401783C} => pcalua.exe -a "C:\Users\Chaotic Lawliet\Desktop\iROSetupFv1.3.exe" -d "C:\Users\Chaotic Lawliet\Desktop"
Task: {62CA758A-340D-4C28-9735-04B650A36AF9} - System32\Tasks\{3FE0A132-4D64-4C54-A1D9-067C23066335} => pcalua.exe -a "C:\Users\Chaotic Lawliet\Desktop\Games\Maple Story\MSSetupv83.exe" -d "C:\Users\Chaotic Lawliet\Desktop\Games\Maple Story"
Task: {A0FF3C3E-3E04-4AE9-9140-B1A4D029825B} - System32\Tasks\{6B09288F-2E0A-4793-BB35-03367B28EA4D} => pcalua.exe -a "C:\Users\Chaotic Lawliet\Desktop\MSSetupv83.exe" -d "C:\Users\Chaotic Lawliet\Desktop"
Task: {CCF2005F-2BAC-4473-8ED6-599D764F25F5} - \RealPlayer (32-bit) -> No File <==== ATTENTION
end
*****************
"HKU\S-1-5-21-2505415791-2747731311-3398940262-1000\SOFTWARE\Policies\Google" => key removed successfully
HKU\S-1-5-21-2505415791-2747731311-3398940262-1000\Software\Microsoft\Internet Explorer\URLSearchHooks\\{03f38c00-dda9-46bf-9475-c6997746c740} => value removed successfully
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value restored successfully
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}" => key removed successfully
HKCR\Wow6432Node\CLSID\{67A2568C-7A0A-4EED-AECC-B5405DE63B64} => key not found.
"HKU\S-1-5-21-2505415791-2747731311-3398940262-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{225C4492-3857-42F3-9D50-97A47D1AF763}" => key removed successfully
HKCR\CLSID\{225C4492-3857-42F3-9D50-97A47D1AF763} => key not found.
"HKU\S-1-5-21-2505415791-2747731311-3398940262-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}" => key removed successfully
HKCR\CLSID\{67A2568C-7A0A-4EED-AECC-B5405DE63B64} => key not found.
"HKU\S-1-5-21-2505415791-2747731311-3398940262-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{E8984107-C1A3-4E7A-B45D-96DF0168DDAF}" => key removed successfully
HKCR\CLSID\{E8984107-C1A3-4E7A-B45D-96DF0168DDAF} => key not found.
HKU\S-1-5-21-2505415791-2747731311-3398940262-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{03F38C00-DDA9-46BF-9475-C6997746C740} => value removed successfully
HKCR\CLSID\{03F38C00-DDA9-46BF-9475-C6997746C740} => key not found.
"HKLM\Software\MozillaPlugins\@java.com/JavaPlugin" => key removed successfully
"HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE" => key removed successfully
"HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE" => key removed successfully
"HKLM\Software\Wow6432Node\MozillaPlugins\@ogplanet.com/npOGPPlugin" => key removed successfully
"HKLM\Software\Wow6432Node\MozillaPlugins\@pandonetworks.com/PandoWebPlugin" => key removed successfully
"HKLM\SOFTWARE\Google\Chrome\Extensions\eogikidelleflpkolmiiaeibjbaepila" => key removed successfully
C:\Users\CHAOTI~1\AppData\Local\chrome_6486.crx => moved successfully
"HKU\S-1-5-21-2505415791-2747731311-3398940262-1000\SOFTWARE\Google\Chrome\Extensions\eogikidelleflpkolmiiaeibjbaepila" => key removed successfully
"C:\Users\CHAOTI~1\AppData\Local\chrome_6486.crx" => File/Folder not found.
"HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\bpegkgagfojjbcpkihigfmkojdmmimdf" => key removed successfully
"HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\ehgldbbpchgpcfagfpfjgoomddhccfgh" => key removed successfully
"HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\eogikidelleflpkolmiiaeibjbaepila" => key removed successfully
"C:\Users\CHAOTI~1\AppData\Local\chrome_6486.crx" => File/Folder not found.
CaptureFileMonitor => service removed successfully
EagleX64 => service removed successfully
ProcObsrv => service removed successfully
WinRing0_1_2_0 => service removed successfully
X6va001 => service removed successfully
X6va005 => service removed successfully
X6va006 => service removed successfully
X6va008 => service removed successfully
X6va009 => service removed successfully
X6va011 => service removed successfully
X6va012 => service removed successfully
X6va015 => service removed successfully
X6va016 => service removed successfully
X6va017 => service removed successfully
X6va021 => service removed successfully
X6va022 => service removed successfully
X6va025 => service removed successfully
X6va027 => service removed successfully
X6va028 => service removed successfully
X6va029 => service removed successfully
"HKU\S-1-5-21-2505415791-2747731311-3398940262-1000_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}" => key removed successfully
"HKU\S-1-5-21-2505415791-2747731311-3398940262-1000_Classes\CLSID\{1423F872-3F7F-4E57-B621-8B1A9D49B448}" => key removed successfully
"HKU\S-1-5-21-2505415791-2747731311-3398940262-1000_Classes\CLSID\{355EC88A-02E2-4547-9DEE-F87426484BD1}" => key removed successfully
"HKU\S-1-5-21-2505415791-2747731311-3398940262-1000_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}" => key removed successfully
"HKU\S-1-5-21-2505415791-2747731311-3398940262-1000_Classes\CLSID\{C3BC25C0-FCD3-4F01-AFDD-41373F017C9A}" => key removed successfully
"HKU\S-1-5-21-2505415791-2747731311-3398940262-1000_Classes\CLSID\{D0336C0B-7919-4C04-8CCE-2EBAE2ECE8C9}" => key removed successfully
"HKU\S-1-5-21-2505415791-2747731311-3398940262-1000_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{30A8D933-FB5F-4594-936B-B3BA788319E3}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{30A8D933-FB5F-4594-936B-B3BA788319E3}" => key removed successfully
C:\Windows\System32\Tasks\{06B71EE2-9598-437A-B550-E5D719A4C07F} => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{06B71EE2-9598-437A-B550-E5D719A4C07F}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{56551FC5-69CC-4AB4-A4AF-33C6BE69429F}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{56551FC5-69CC-4AB4-A4AF-33C6BE69429F}" => key removed successfully
C:\Windows\System32\Tasks\{73464F91-A401-4C86-84A8-C9918401783C} => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{73464F91-A401-4C86-84A8-C9918401783C}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{62CA758A-340D-4C28-9735-04B650A36AF9}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{62CA758A-340D-4C28-9735-04B650A36AF9}" => key removed successfully
C:\Windows\System32\Tasks\{3FE0A132-4D64-4C54-A1D9-067C23066335} => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{3FE0A132-4D64-4C54-A1D9-067C23066335}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{A0FF3C3E-3E04-4AE9-9140-B1A4D029825B}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A0FF3C3E-3E04-4AE9-9140-B1A4D029825B}" => key removed successfully
C:\Windows\System32\Tasks\{6B09288F-2E0A-4793-BB35-03367B28EA4D} => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{6B09288F-2E0A-4793-BB35-03367B28EA4D}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{CCF2005F-2BAC-4473-8ED6-599D764F25F5}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CCF2005F-2BAC-4473-8ED6-599D764F25F5}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\RealPlayer (32-bit) " => key removed successfully
==== End of Fixlog 13:18:13 ====
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 7.5.7 (08.18.2015:1)
OS: Windows 7 Home Premium x64
Ran by Chaotic Lawliet on Mon 08/24/2015 at 13:21:35.01
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Tasks
~~~ Registry Values
~~~ Registry Keys
~~~ Files
~~~ Folders
Successfully deleted: [Folder] C:\ProgramData\google
Successfully deleted: [Folder] C:\Users\Chaotic Lawliet\Appdata\Local\crashrpt
Successfully deleted: [Folder] C:\Users\Chaotic Lawliet\AppData\Roaming\imvuclient
Successfully deleted: [Folder] C:\Windows\SysWOW64\ai_recyclebin
Successfully deleted: [Folder] C:\Users\Chaotic Lawliet\Appdata\LocalLow\FCTB000060231
~~~ FireFox
Successfully deleted: [File] C:\user.js
Successfully deleted the following from C:\Users\Chaotic Lawliet\AppData\Roaming\mozilla\firefox\profiles\cyrlrzfw.default\prefs.js
user_pref(CT3220468.BT_Stats.enc, eyJsYXN0X2xvZyI6MTM1OTU2ODI3NywidXVpZCI6NTk3NjQ1Nzg3NzkzMDk0LCJzZXFfaWQiOjEsInNzYiI6MTM1OTU2ODI3N30=);
user_pref(CT3220468.CBOpenMAMSettings.enc, MA==);
user_pref(CT3220468.ENABALE_HISTORY, {\dataType\:\string\,\data\:\true\});
user_pref(CT3220468.FirstTime, true);
user_pref(CT3220468.FirstTimeFF3, true);
user_pref(CT3220468.LoginRevertSettingsEnabled, true);
user_pref(CT3220468.RevertSettingsEnabled, true);
user_pref(CT3220468.UserID, UN07666358455992717);
user_pref(CT3220468.addressBarTakeOverEnabledInHidden, true);
user_pref(CT3220468.autoDisableScopes, 0);
user_pref(CT3220468.cbcountry_001.enc, VVM=);
user_pref(CT3220468.cbfirsttime.enc, V2VkIEphbiAzMCAyMDEzIDA5OjUxOjA5IEdNVC0wODAwIChQYWNpZmljIFN0YW5kYXJkIFRpbWUp);
user_pref(CT3220468.countryCode, US);
user_pref(CT3220468.defaultSearch, false);
user_pref(CT3220468.enableAlerts, always);
user_pref(CT3220468.enableFix404ByUser, FALSE);
user_pref(CT3220468.enableSearchFromAddressBar, false);
user_pref(CT3220468.firstTimeDialogOpened, true);
user_pref(CT3220468.fixPageNotFoundError, true);
user_pref(CT3220468.fixPageNotFoundErrorByUser, true);
user_pref(CT3220468.fixPageNotFoundErrorInHidden, true);
user_pref(CT3220468.fixUrls, true);
user_pref(CT3220468.fullUserID, UN07666358455992717.UP.20130702020005);
user_pref(CT3220468.installType, xpe);
user_pref(CT3220468.isCheckedStartAsHidden, true);
user_pref(CT3220468.isEnableAllDialogs, {\dataType\:\string\,\data\:\true\});
user_pref(CT3220468.isFirstTimeToolbarLoading, false);
user_pref(CT3220468.isNewTabEnabled, false);
user_pref(CT3220468.isToolbarShrinked, {\dataType\:\string\,\data\:\false\});
user_pref(CT3220468.isWelcomPage, {\dataType\:\boolean\,\data\:\true\});
user_pref(CT3220468.lastVersion, 10.22.3.518);
user_pref(CT3220468.migrateAppsAndComponents, true);
user_pref(CT3220468.navigationAliasesJson, {\EB_SEARCH_TERM\:\\,\EB_MAIN_FRAME_URL\:\hxxps%3A%2F%2Fwww.facebook.com%2F\,\EB_MAIN_FRAME_TITLE\:\Facebook\,\EB_TO
user_pref(CT3220468.newSettings, {\dataType\:\boolean\,\data\:\true\});
user_pref(CT3220468.openThankYouPage, true);
user_pref(CT3220468.openUninstallPage, false);
user_pref(CT3220468.revertSettingsEnabled, false);
user_pref(CT3220468.search.searchAppId, 129813684258939747);
user_pref(CT3220468.search.searchCount, 0);
user_pref(CT3220468.searchInNewTabEnabled, false);
user_pref(CT3220468.searchInNewTabEnabledByUser, false);
user_pref(CT3220468.searchInNewTabEnabledInHidden, true);
user_pref(CT3220468.searchSuggestEnabledByUser, false);
user_pref(CT3220468.selectToSearchBoxEnabled, {\dataType\:\string\,\data\:\true\});
user_pref(CT3220468.serviceLayer_service_login_isFirstLoginInvoked, {\dataType\:\boolean\,\data\:\true\});
user_pref(CT3220468.serviceLayer_service_login_loginCount, {\dataType\:\number\,\data\:\4\});
user_pref(CT3220468.serviceLayer_service_toolbarGrouping_activeCTID, {\dataType\:\string\,\data\:\CT3220468\});
user_pref(CT3220468.serviceLayer_service_toolbarGrouping_activeDownloadUrl, {\dataType\:\string\,\data\:\hxxp://uTorrentControlv2.OurToolbar.com//xpi\});
user_pref(CT3220468.serviceLayer_service_toolbarGrouping_activeToolbarName, {\dataType\:\string\,\data\:\uTorrentControl_v2 \});
user_pref(CT3220468.serviceLayer_service_toolbarGrouping_invoked, {\dataType\:\string\,\data\:\true\});
user_pref(CT3220468.serviceLayer_service_usage_toolbarUsageCount, {\dataType\:\number\,\data\:\2\});
user_pref(CT3220468.serviceLayer_services_Configuration_lastUpdate, 1440169276929);
user_pref(CT3220468.serviceLayer_services_appTrackingFirstTime_lastUpdate, 1359568267489);
user_pref(CT3220468.serviceLayer_services_appsMetadata_lastUpdate, 1359568267493);
user_pref(CT3220468.serviceLayer_services_gottenAppsContextMenu_lastUpdate, 1359568268317);
user_pref(CT3220468.serviceLayer_services_location_lastUpdate, 1372684606119);
user_pref(CT3220468.serviceLayer_services_login_10.13.40.15_lastUpdate, 1359972659493);
user_pref(CT3220468.serviceLayer_services_login_10.14.370.524_lastUpdate, 1364183654055);
user_pref(CT3220468.serviceLayer_services_login_10.14.42.7_lastUpdate, 1361186681633);
user_pref(CT3220468.serviceLayer_services_login_10.14.65.43_lastUpdate, 1363255098196);
user_pref(CT3220468.serviceLayer_services_login_10.15.0.562_lastUpdate, 1372707378757);
user_pref(CT3220468.serviceLayer_services_login_10.16.2.509_lastUpdate, 1372251048158);
user_pref(CT3220468.serviceLayer_services_login_10.16.4.519_lastUpdate, 1374941361051);
user_pref(CT3220468.serviceLayer_services_login_10.16.70.505_lastUpdate, 1379115072460);
user_pref(CT3220468.serviceLayer_services_login_10.22.3.518_lastUpdate, 1440169276119);
user_pref(CT3220468.serviceLayer_services_otherAppsContextMenu_lastUpdate, 1359568268417);
user_pref(CT3220468.serviceLayer_services_searchAPI_lastUpdate, 1440169276854);
user_pref(CT3220468.serviceLayer_services_serviceMap_lastUpdate, 1440169276660);
user_pref(CT3220468.serviceLayer_services_toolbarContextMenu_lastUpdate, 1359568268377);
user_pref(CT3220468.serviceLayer_services_toolbarSettings_lastUpdate, 1440176477490);
user_pref(CT3220468.serviceLayer_services_translation_lastUpdate, 1440169276588);
user_pref(CT3220468.settingsINI, true);
user_pref(CT3220468.shouldFirstTimeDialog, false);
user_pref(CT3220468.showToolbarPermission, false);
user_pref(CT3220468.startPage, false);
user_pref(CT3220468.toolbarBornServerTime, 30-1-2013);
user_pref(CT3220468.toolbarCurrentServerTime, 21-8-2015);
user_pref(CT3220468.toolbarLoginClientTime, Tue Mar 19 2013 15:28:42 GMT-0700 (Pacific Daylight Time));
user_pref(CT3220468.url_history0001.enc, aHR0cHM6Ly93d3cuZ29vZ2xlLmNvbTo6OmNsaWNraGFuZGxlcjo6OjEzNTk1NjgzNjA2NjYsLCxodHRwczovL3d3dy5nb29nbGUuY29tOjo6Y2xpY2toYW5kbGVyOjo6MTM
user_pref(CT3220468_Firefox.csv, [{\from\:\Abs Layer\,\action\:\loading toolbar\,\time\:1440263210667,\isWithState\:\\,\timeFromStart\:0,\timeFromPrev\:0}
Emptied folder: C:\Users\Chaotic Lawliet\AppData\Roaming\mozilla\firefox\profiles\cyrlrzfw.default\minidumps [244 files]
~~~ Chrome
[C:\Users\Chaotic Lawliet\Appdata\Local\Google\Chrome\User Data\Default\Preferences] - default search provider reset
[C:\Users\Chaotic Lawliet\Appdata\Local\Google\Chrome\User Data\Default\Preferences] - Extensions Deleted:
[C:\Users\Chaotic Lawliet\Appdata\Local\Google\Chrome\User Data\Default\Secure Preferences] - default search provider reset
[C:\Users\Chaotic Lawliet\Appdata\Local\Google\Chrome\User Data\Default\Secure Preferences] - Extensions Deleted:
[
aaaaaaooaijelonlmbcbjkocdnicdfmo,
bcfjehbfanfhgoehogmbiebedkidedjb,
booedmolknjekdopkepjjeckmjkdpfgl,
dlnembnfbcpjnepmfjmngjenhhajpdfd,
ehgldbbpchgpcfagfpfjgoomddhccfgh,
ejpbbhjlbipncjklfjjaedaieimbmdda,
flpcjncodpafbgdpnkljologafpionhb,
hapjcfhlhbidaflnbnnhkojdpeiooogl,
ndibdjnfmopecpmkdieinmbadjfpblof
]
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Mon 08/24/2015 at 13:38:20.27
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
2015-08-24 18:18:56.712 Sophos Virus Removal Tool version 2.5.4
2015-08-24 18:18:56.712 Copyright © 2009-2014 Sophos Limited. All rights reserved.
2015-08-24 18:18:56.712 This tool will scan your computer for viruses and other threats. If it finds any, it will give you the option to remove them.
2015-08-24 18:18:56.712 Windows version 6.1 SP 1.0 Service Pack 1 build 7601 SM=0x300 PT=0x1 WOW64
2015-08-24 18:18:56.714 Checking for updates...
2015-08-24 18:19:13.574 Update progress: proxy server not available
2015-08-24 18:19:19.789 Option all = no
2015-08-24 18:19:19.789 Option recurse = yes
2015-08-24 18:19:19.789 Option archive = no
2015-08-24 18:19:19.789 Option service = yes
2015-08-24 18:19:19.789 Option confirm = yes
2015-08-24 18:19:19.789 Option sxl = yes
2015-08-24 18:19:19.793 Option max-data-age = 35
2015-08-24 18:19:19.793 Option EnableSafeClean = yes
2015-08-24 18:19:21.350 Option vdl-logging = yes
2015-08-24 18:19:21.355 Customer ID: 094260ca9b3af99f9d4a3909fc47a743
2015-08-24 18:19:21.355 Machine ID: d4e5c7ddfac24ff2929e56c757718c98
2015-08-24 18:19:21.793 Component SVRTcli.exe version 2.5.4
2015-08-24 18:19:21.794 Component control.dll version 2.5.4
2015-08-24 18:19:21.794 Component SVRTservice.exe version 2.5.4
2015-08-24 18:19:21.795 Component engine\osdp.dll version 1.44.1.2210
2015-08-24 18:19:21.795 Component engine\veex.dll version 3.61.0.2210
2015-08-24 18:19:21.796 Component engine\savi.dll version 8.1.8.2210
2015-08-24 18:19:21.976 Component rkdisk.dll version 1.5.30.0
2015-08-24 18:19:22.024 Version info: Product version 2.5.4
2015-08-24 18:19:22.024 Version info: Detection engine 3.61.0
2015-08-24 18:19:22.024 Version info: Detection data 5.17
2015-08-24 18:19:22.025 Version info: Build date 7/21/2015
2015-08-24 18:19:22.025 Version info: Data files added 402
2015-08-24 18:19:22.025 Version info: Last successful update (not yet updated)
2015-08-24 18:19:40.922 Downloading updates...
2015-08-24 18:19:40.940 Update progress: [i96736] Looking for package C1A903B2-E63E-483b-982D-04BB9C457C60 1.0
2015-08-24 18:19:40.940 Update progress: [i49502] Found supplement SAVIW32 LATEST
2015-08-24 18:19:40.940 Update progress: [i49502] Found supplement IDE519 LATEST
2015-08-24 18:19:40.940 Update progress: [i49502] Found supplement IDE520 LATEST
2015-08-24 18:19:40.940 Update progress: [i49502] Found supplement IDE521 LATEST
2015-08-24 18:19:40.940 Update progress: [i19463] Syncing product C1A903B2-E63E-483b-982D-04BB9C457C60 1
2015-08-24 18:19:40.940 Update progress: [i19463] Syncing product SAVIW32 59
2015-08-24 18:20:32.415 Update progress: [i19463] Syncing product IDE519 196
2015-08-24 18:20:32.874 Installing updates...
2015-08-24 18:20:33.679 Error level 1
2015-08-24 18:20:34.002 Update progress: [i19463] Syncing product IDE520 38
2015-08-24 18:20:34.002 Update progress: [i19463] Syncing product IDE521 1
2015-08-24 18:20:46.841 Update successful
2015-08-24 18:21:13.624 Option all = no
2015-08-24 18:21:13.624 Option recurse = yes
2015-08-24 18:21:13.624 Option archive = no
2015-08-24 18:21:13.624 Option service = yes
2015-08-24 18:21:13.624 Option confirm = yes
2015-08-24 18:21:13.624 Option sxl = yes
2015-08-24 18:21:13.626 Option max-data-age = 35
2015-08-24 18:21:13.626 Option EnableSafeClean = yes
2015-08-24 18:21:14.065 Option vdl-logging = yes
2015-08-24 18:21:14.069 Customer ID: 094260ca9b3af99f9d4a3909fc47a743
2015-08-24 18:21:14.069 Machine ID: d4e5c7ddfac24ff2929e56c757718c98
2015-08-24 18:21:14.071 Component SVRTcli.exe version 2.5.4
2015-08-24 18:21:14.071 Component control.dll version 2.5.4
2015-08-24 18:21:14.071 Component SVRTservice.exe version 2.5.4
2015-08-24 18:21:14.071 Component engine\osdp.dll version 1.44.1.2210
2015-08-24 18:21:14.072 Component engine\veex.dll version 3.61.0.2210
2015-08-24 18:21:14.072 Component engine\savi.dll version 8.1.8.2210
2015-08-24 18:21:14.072 Component rkdisk.dll version 1.5.30.0
2015-08-24 18:21:14.072 Version info: Product version 2.5.4
2015-08-24 18:21:14.073 Version info: Detection engine 3.61.0
2015-08-24 18:21:14.073 Version info: Detection data 5.18G
2015-08-24 18:21:14.073 Version info: Build date 8/18/2015
2015-08-24 18:21:14.073 Version info: Data files added 232
2015-08-24 18:21:14.073 Version info: Last successful update 8/24/2015 2:20:46 PM
2015-08-24 18:23:29.326 Couldn't apply option 'SXLLiveProtection' to the detection engine.
2015-08-24 19:33:19.338 Warning: rootkit scan failed to open volume "\\?\Volume{95989338-ec3e-11e2-abbe-206a8a1423a6}" (5)
2015-08-24 19:37:17.051 Could not open C:\hiberfil.sys
2015-08-24 19:40:19.789 Could not open C:\pagefile.sys
2015-08-24 19:58:47.766 >>> Virus 'Mal/Behav-001' found in file C:\Program Files (x86)\Xtreme Jade\element\elementclient.exe
2015-08-24 20:06:21.165 Could not open C:\System Volume Information\{0f4b2452-48b9-11e5-bb29-206a8a1423a6}{3808876b-c176-4e48-b7ae-04046e6cc752}
2015-08-24 20:06:21.165 Could not open C:\System Volume Information\{3808876b-c176-4e48-b7ae-04046e6cc752}
2015-08-24 20:06:21.165 Could not open C:\System Volume Information\{aa9c0e27-48e6-11e5-9bd7-206a8a1423a6}{3808876b-c176-4e48-b7ae-04046e6cc752}
2015-08-24 20:06:21.165 Could not open C:\System Volume Information\{ec5abf7b-4a74-11e5-97ca-206a8a1423a6}{3808876b-c176-4e48-b7ae-04046e6cc752}
2015-08-24 20:06:21.165 Could not open C:\System Volume Information\{ec5abf7f-4a74-11e5-97ca-206a8a1423a6}{3808876b-c176-4e48-b7ae-04046e6cc752}
2015-08-24 20:06:21.165 Could not open C:\System Volume Information\{ec5abf83-4a74-11e5-97ca-206a8a1423a6}{3808876b-c176-4e48-b7ae-04046e6cc752}
2015-08-24 20:06:21.165 Could not open C:\System Volume Information\{ec5abf8d-4a74-11e5-97ca-206a8a1423a6}{3808876b-c176-4e48-b7ae-04046e6cc752}
2015-08-24 20:06:21.165 Could not open C:\System Volume Information\{ec5abf94-4a74-11e5-97ca-206a8a1423a6}{3808876b-c176-4e48-b7ae-04046e6cc752}
2015-08-24 20:06:21.165 Could not open C:\System Volume Information\{ec5abfc4-4a74-11e5-97ca-206a8a1423a6}{3808876b-c176-4e48-b7ae-04046e6cc752}
2015-08-24 20:06:21.165 Could not open C:\System Volume Information\{ec5abfc8-4a74-11e5-97ca-206a8a1423a6}{3808876b-c176-4e48-b7ae-04046e6cc752}
2015-08-24 20:06:21.165 Could not open C:\System Volume Information\{ec5abfcc-4a74-11e5-97ca-206a8a1423a6}{3808876b-c176-4e48-b7ae-04046e6cc752}
2015-08-24 20:37:38.129 >>> Virus 'Mal/VMProtBad-A' found in file C:\Users\Chaotic Lawliet\Desktop\Games\Starbound\win32\steam_api.dll
2015-08-24 20:39:02.073 >>> Virus 'Mal/VMProtBad-A' found in file C:\Users\Chaotic Lawliet\Desktop\Games\Terraria 1.2.4.1\steam_api.dll
2015-08-24 20:55:53.033 Could not open C:\Windows\System32\catroot2\{127D0A1D-4EF2-11D1-8608-00C04FC295EE}\catdb
2015-08-24 20:55:53.033 Could not open C:\Windows\System32\catroot2\{F750E6C3-38EE-11D1-85E5-00C04FC295EE}\catdb
2015-08-24 20:56:13.188 Could not open C:\Windows\System32\config\RegBack\DEFAULT
2015-08-24 20:56:13.188 Could not open C:\Windows\System32\config\RegBack\SAM
2015-08-24 20:56:13.188 Could not open C:\Windows\System32\config\RegBack\SECURITY
2015-08-24 20:56:13.235 Could not open C:\Windows\System32\config\RegBack\SOFTWARE
2015-08-24 20:56:13.235 Could not open C:\Windows\System32\config\RegBack\SYSTEM
2015-08-24 21:52:39.985 Could not open LOGICAL:0010:00000000
2015-08-24 21:52:39.985 Could not open Q:\
2015-08-24 21:52:40.391 The following items will be cleaned up:
2015-08-24 21:52:40.391 Mal/Behav-001
2015-08-24 21:52:40.391 Mal/VMProtBad-A
No errors encountered to my knowledge.

Although strangely the issue I've been having seems to "disappear" around 9pm and seems to be returning around 11am.
Not sure if it's coincidence or caused by anything specific, just thought I would mention it anyway.

Share this post


Link to post
Share on other sites

Let's see if disabling unnecessary programs you have running at startup prevents the problem. Malwarebytes makes a great utility for this, StartUpLite, available here:
http://www.malwareby...ts/startuplite/

Double click StartUpLite.exe to run the program.
Disable is checked by default for all unnecessary startups found.
Click Continue.
Reboot and see how the system is running.
If the problem does not re-occur (it could take a while to determine this), figuring out which item caused the problem will be trial and error.

Run StartUpLite, re-enable each item one at a time (Check 'No action'), restarting your system after enabling each item, and when the problem re-occurs, you have found the culprit.

 

Did that help?

I do expect that take some time as the problem is intermittent.

Share this post


Link to post
Share on other sites

I've downloaded and ran the program, but I'm getting this error for each of the startup items on the list:

"Error on value: (startup item name). There was an error creating a MSConfig key."

 

There's only two items on the list, MsnMsgr (Windows Live Messenger) and something called swg ("Part of Google Toolbar. Notifies you of newest toolbar versions." is its description). I've followed through and rebooted my laptop anyway just to be sure.

 

I've also noticed a problem today that occurs with the rest of the issues I've been having. When ever I right-click a bookmarked link in Google Chrome, it opens in a new tab as if I've clicked it with the middle button/scroll wheel on my mouse. And as I've mentioned previously, clicking a tab in Google Chrome will close the tab without clicking the tiny 'x', again something that would happen if I had clicked with the wheel button.

Could there possibly be a problem with my mouse and touchpad drivers? Or maybe a bad mouse? (even though the issues still occur while the mouse is unplugged, and I'm not sure it would explain everything on my screen locking up until I open the ctrl+alt+del screen).

 

None of these clicking issues seem to happen while I play games though, the mouse buttons function as they should..

Anyway, thought I would mention all of that while I still remember it all.
Thank you so much for the help you've provided so far. I'll check back sometime in the morning.

 

Update: Woke up with the issues still going on. I did notice though that while using Firefox, the scroll function activated by pressing the middle/scroll button will occasionally keep switching on and off without even pressing it, and would only stop after unplugging the mouse from my laptop.

 

Update #2: The problem seems to be getting a little worse now. Sometimes the cursor will click and hold onto a tab/file and not let go until I left-click with my mouse, and now it's gotten to where the ctrl+alt+del screen will lock up for around 10~20 seconds before closing after I click 'cancel'.

Edited by JGroomes

Share this post


Link to post
Share on other sites

Do you have a different mouse that you can swap to that system to see if that is the problem?

Share this post


Link to post
Share on other sites

I found an older USB mouse and just plugged it in and installed the driver. The mouse worked, but the same issues were there except for the random/constant scrolling as the mouse I tried lacks a scroll wheel.

Share this post


Link to post
Share on other sites

So, the day after my last post, at around 5pm, the issues went away and were completely gone, everything returned to normal.
But today, just 10 minutes ago, the same issues have returned after having been gone for 8 days straight.

You haven't replied since my last post, and that is fine.
I just thought I would update this post again anyway.

Share this post


Link to post
Share on other sites

Sorry, I missed the reply.

 

Download and save to your Desktop RogueKiller for 64bit

  • Quit all programs
  • Please disconnect any USB or external drives from the computer before you run this scan!
  • Right-click and select "Run as Administrator to start".
  • Start RogueKiller.exe
  • Wait until Prescan has finished
  • Click on Scan.
  • Wait until the Status box shows "Scan Finished"
  • Click on Delete
  • Wait unit the Status box shows Deleting Finished
  • Click on Report and copy/paste the content of the Notepad
  • The log should be found in RKreport[1].txt on your Desktop
  • Close RogueKiller

Please post the log from RogueKiller.

Share this post


Link to post
Share on other sites

Sorry for the late reply, was busy yesterday and most of today. I've finally run the scan, the log is below.

 

 

RogueKiller V10.10.4.0 (x64) [sep 4 2015] by Adlice Software
Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Started in : Normal mode
User : Chaotic Lawliet [Administrator]
Started from : C:\Users\Chaotic Lawliet\Desktop\RogueKillerX64.exe
Mode : Delete -- Date : 09/05/2015 22:19:03
¤¤¤ Processes : 0 ¤¤¤
¤¤¤ Registry : 7 ¤¤¤
[PUP] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run | Lightshot : C:\Program Files (x86)\Skillbrains\lightshot\Lightshot.exe -> ERROR [0]
[PUP] (X64) HKEY_USERS\S-1-5-21-2505415791-2747731311-3398940262-1000\Software\Microsoft\Windows\CurrentVersion\Run | LightShot : C:\Users\Chaotic Lawliet\AppData\Local\Skillbrains\lightshot\Lightshot.exe -> ERROR [0]
[suspicious.Path] (X64) HKEY_USERS\S-1-5-21-2505415791-2747731311-3398940262-1000\Software\Microsoft\Windows\CurrentVersion\Run | ROC_ROC_APR2013_AV : C:\Users\Chaotic Lawliet\AppData\Roaming\AVG April 2013 Campaign\AVG-Secure-Search-Update.exe /PROMPT --mid 2daa7ced2f2547d1baa9f123ccf0ca55-d54ae5b4a42adb13fe8cade7cdf5e2a8b35ad24d --CMPID ROC_APR2013_AV --CMPIDEXTRA 2012 [-][x][x][x][x][x][x][x][x][x][x][x] -> ERROR [0]
[PUP] (X86) HKEY_USERS\S-1-5-21-2505415791-2747731311-3398940262-1000\Software\Microsoft\Windows\CurrentVersion\Run | LightShot : C:\Users\Chaotic Lawliet\AppData\Local\Skillbrains\lightshot\Lightshot.exe -> ERROR [2]
[suspicious.Path] (X86) HKEY_USERS\S-1-5-21-2505415791-2747731311-3398940262-1000\Software\Microsoft\Windows\CurrentVersion\Run | ROC_ROC_APR2013_AV : C:\Users\Chaotic Lawliet\AppData\Roaming\AVG April 2013 Campaign\AVG-Secure-Search-Update.exe /PROMPT --mid 2daa7ced2f2547d1baa9f123ccf0ca55-d54ae5b4a42adb13fe8cade7cdf5e2a8b35ad24d --CMPID ROC_APR2013_AV --CMPIDEXTRA 2012 [-][x][x][x][x][x][x][x][x][x][x][x] -> ERROR [2]
[PUM.HomePage] (X64) HKEY_USERS\S-1-5-21-2505415791-2747731311-3398940262-1000\Software\Microsoft\Internet Explorer\Main | Default_Page_URL : http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome -> Replaced (http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome)
[PUM.HomePage] (X86) HKEY_USERS\S-1-5-21-2505415791-2747731311-3398940262-1000\Software\Microsoft\Internet Explorer\Main | Default_Page_URL : http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome -> Replaced (http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome)
¤¤¤ Tasks : 0 ¤¤¤
¤¤¤ Files : 0 ¤¤¤
¤¤¤ Hosts File : 0 ¤¤¤
¤¤¤ Antirootkit : 0 (Driver: Loaded) ¤¤¤
¤¤¤ Web browsers : 6 ¤¤¤
[FIREFX:Addon] cyrlrzfw.default : Greasemonkey [{e4a8a97b-f2ed-450b-b12d-ee082ba24781}] -> Deleted
[FIREFX:Addon] cyrlrzfw.default : Bitdefender QuickScan [{e001c731-5e37-4538-a5cb-8168736a2360}] -> Deleted
[FIREFX:Addon] cyrlrzfw.default : RealPlayer Browser Record Plugin [{0153E448-190B-4987-BDE1-F256CADA672F}] -> Deleted
[FIREFX:Addon] cyrlrzfw.default : Free Download Manager plugin [fdm_ffext@freedownloadmanager.org] -> Deleted
[PUM.Proxy][FIREFX:Config] cyrlrzfw.default : user_pref("network.proxy.http", "195.246.54.202"); -> Deleted
[PUM.Proxy][FIREFX:Config] cyrlrzfw.default : user_pref("network.proxy.http_port", 8080); -> Deleted
¤¤¤ MBR Check : ¤¤¤
+++++ PhysicalDrive0: WDC WD2500BEVT-22A23T0 +++++
--- User ---
[MBR] 46fa17a72513fc2b9411ad36b4695dd2
[bSP] bc2cca40aef39d9c594f0026c645b67e : HP|VT.Unknown MBR Code
Partition table:
0 - [XXXXXX] ACER (0x27) [VISIBLE] Offset (sectors): 2048 | Size: 14000 MB
1 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 28674048 | Size: 100 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
2 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 28878848 | Size: 224373 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
User = LL1 ... OK
User = LL2 ... OK

Share this post


Link to post
Share on other sites

There were a few errors removing items.

 

Reboot to Safe mode.

http://windows.microsoft.com/en-us/windows/start-computer-safe-mode#start-computer-safe-mode=windows-7

 

Please rerun RogueKiller

  • Quit all programs
  • Please disconnect any USB or external drives from the computer before you run this scan!
  • Right-click and select "Run as Administrator to start".
  • Start RogueKiller
  • Wait until Prescan has finished
  • Click on Scan.
  • Wait until the Status box shows "Scan Finished"
  • Click on Delete
  • Wait unit the Status box shows Deleting Finished
  • Click on Report and copy/paste the content of the Notepad
  • The log should be found in RKreport[x].txt on your Desktop (where x is a number)
  • Close RogueKiller

Reboot your system.

 

Please post the new log from RogueKiller.

Share this post


Link to post
Share on other sites

Rebooted in safe mode and ran RogueKiller. Logs are below.

RogueKiller V10.10.4.0 (x64) [sep 4 2015] by Adlice Software
Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Started in : Safe mode
User : Chaotic Lawliet [Administrator]
Started from : C:\Users\Chaotic Lawliet\Desktop\RogueKillerX64.exe
Mode : Delete -- Date : 09/07/2015 13:31:09
¤¤¤ Processes : 0 ¤¤¤
¤¤¤ Registry : 0 ¤¤¤
¤¤¤ Tasks : 0 ¤¤¤
¤¤¤ Files : 0 ¤¤¤
¤¤¤ Hosts File : 0 ¤¤¤
¤¤¤ Antirootkit : 0 (Driver: Not loaded [0xc000035f]) ¤¤¤
¤¤¤ Web browsers : 0 ¤¤¤
¤¤¤ MBR Check : ¤¤¤
+++++ PhysicalDrive0: WDC WD2500BEVT-22A23T0 +++++
--- User ---
[MBR] 46fa17a72513fc2b9411ad36b4695dd2
[bSP] bc2cca40aef39d9c594f0026c645b67e : HP MBR Code
Partition table:
0 - [XXXXXX] ACER (0x27) [VISIBLE] Offset (sectors): 2048 | Size: 14000 MB
1 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 28674048 | Size: 100 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
2 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 28878848 | Size: 224373 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
User = LL1 ... OK
User = LL2 ... OK

Share this post


Link to post
Share on other sites

Using Windows Explorer, delete the following folder:
C:\Program Files (x86)\Razer

Delete your current copy of FRST.txt and Addition.txt
Rerun Farbar Recovery Scan Tool (64 bit)
Double-click to run it. When the tool opens click Yes to disclaimer.
Place a checkmark in the box for Addition.txt
Press the Scan button.
It will create two logs (FRST.txt and Addition.txt) in the same directory the tool is run.
Please post the contents of both, each in their own reply.

Share this post


Link to post
Share on other sites

Deleted the FRST.txt and Addition.txt files and ran FRST. Logs are below.

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:07-09-2015
Ran by Chaotic Lawliet (administrator) on TEMPEST (08-09-2015 15:30:58)
Running from C:\Users\Chaotic Lawliet\Desktop\Spyware Forum
Loaded Profiles: Chaotic Lawliet (Available Profiles: Chaotic Lawliet)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgrsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgcsrva.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\Registration\GREGsvc.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
(NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
(NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgemca.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(Acer Group) C:\Program Files\Acer\Acer Updater\UpdaterService.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(Alcor Micro Corp.) C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe
(Egis Technology Inc.) C:\Program Files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe
(Akamai Technologies, Inc.) C:\Users\Chaotic Lawliet\AppData\Local\Akamai\netsession_win.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Akamai Technologies, Inc.) C:\Users\Chaotic Lawliet\AppData\Local\Akamai\netsession_win.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(NewTech Infosystems, Inc.) C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe
(Egis Technology Inc.) C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LManager.exe
() C:\Program Files (x86)\USB Optical Mouse\USB Optical Mouse\MouseHid.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgui.exe
(Acer Incorporated) C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Dritek System Inc.) C:\Program Files (x86)\Launch Manager\LMworker.exe
(Egis Technology Inc.) C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [AmIcoSinglun64] => C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe [323584 2009-09-22] (Alcor Micro Corp.)
HKLM\...\Run: [mwlDaemon] => C:\Program Files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe [349552 2010-05-26] (Egis Technology Inc.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [9643552 2009-12-10] (Realtek Semiconductor)
HKLM\...\Run: [synTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1842472 2009-09-18] (Synaptics Incorporated)
HKLM\...\Run: [Acer ePower Management] => C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe [861216 2010-04-23] (Acer Incorporated)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [backupManagerTray] => C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe [260608 2010-03-08] (NewTech Infosystems, Inc.)
HKLM-x32\...\Run: [Norton Online Backup] => C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe [1155928 2010-06-01] (Symantec Corporation)
HKLM-x32\...\Run: [suiteTray] => C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe [337264 2010-05-26] (Egis Technology Inc.)
HKLM-x32\...\Run: [EgisUpdate] => C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe [201584 2010-03-11] (Egis Technology Inc.)
HKLM-x32\...\Run: [EgisTecPMMUpdate] => C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe [407920 2010-03-11] (Egis Technology Inc.)
HKLM-x32\...\Run: [LManager] => C:\Program Files (x86)\Launch Manager\LManager.exe [968272 2010-06-22] (Dritek System Inc.)
HKLM-x32\...\Run: [uSB Optical Mouse] => C:\Program Files (x86)\USB Optical Mouse\USB Optical Mouse\MouseHid.exe [245248 2010-03-30] ()
HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\AVG2015\avgui.exe [3730344 2015-07-07] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [switchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [5579624 2015-08-03] (LogMeIn Inc.)
HKLM-x32\...\Run: [sunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [597552 2015-08-04] (Oracle Corporation)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-2505415791-2747731311-3398940262-1000\...\Run: [msnmsgr] => "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
HKU\S-1-5-21-2505415791-2747731311-3398940262-1000\...\Run: [Akamai NetSession Interface] => C:\Users\Chaotic Lawliet\AppData\Local\Akamai\netsession_win.exe [4691384 2015-07-23] (Akamai Technologies, Inc.)
HKU\S-1-5-21-2505415791-2747731311-3398940262-1000\...\Run: [swg] => C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2010-07-14] (Google Inc.)
HKU\S-1-5-18\...\RunOnce: [sPReview] => C:\Windows\System32\SPReview\SPReview.exe [301568 2014-12-17] (Microsoft Corporation)
ShellIconOverlayIdentifiers: [egisPSDP] -> {30A0A3F6-38AC-4C53-BB8B-0D95238E25BA} => C:\Program Files (x86)\EgisTec MyWinLocker\x64\psdprotect.dll [2010-05-26] (Egis Technology Inc.)
ShellIconOverlayIdentifiers-x32: [egisPSDP] -> {30A0A3F6-38AC-4C53-BB8B-0D95238E25BA} => C:\Program Files (x86)\EgisTec MyWinLocker\x86\psdprotect.dll [2010-05-26] (Egis Technology Inc.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\..\Interfaces\{96381102-A251-4052-AB1E-ADFA4BE8D1BC}: [DhcpNameServer] 192.168.1.254
Internet Explorer:
==================
HKU\S-1-5-21-2505415791-2747731311-3398940262-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-07-15] (Google Inc.)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> c:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2009-02-27] (Adobe Systems Incorporated)
BHO-x32: RealPlayer Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll [2012-08-30] (RealPlayer)
BHO-x32: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\ssv.dll [2015-09-01] (Oracle Corporation)
BHO-x32: Windows Live Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22] (Microsoft Corporation)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-07-15] (Google Inc.)
BHO-x32: Free Download Manager -> {CC59E0F9-7E43-44FA-9FAA-8377850BF205} -> C:\Program Files (x86)\Free Download Manager\iefdm2.dll [2013-03-11] (FreeDownloadManager.ORG)
BHO-x32: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\jp2ssv.dll [2015-09-01] (Oracle Corporation)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-07-15] (Google Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2015-07-15] (Google Inc.)
Toolbar: HKU\S-1-5-21-2505415791-2747731311-3398940262-1000 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2015-07-15] (Google Inc.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
FireFox:
========
FF ProfilePath: C:\Users\Chaotic Lawliet\AppData\Roaming\Mozilla\Firefox\Profiles\cyrlrzfw.default
FF DefaultSearchEngine.US: Google
FF NetworkProxy: "no_proxies_on", ""
FF NetworkProxy: "socks_version", 4
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_18_0_0_232.dll [2015-08-12] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_232.dll [2015-08-12] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1210150.dll [2014-03-11] (Adobe Systems, Inc.)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google)
FF Plugin-x32: @java.com/DTPlugin,version=11.60.2 -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\dtplugin\npDeployJava1.dll [2015-09-01] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.60.2 -> C:\Program Files (x86)\Java\jre1.8.0_60\bin\plugin2\npjp2.dll [2015-09-01] (Oracle Corporation)
FF Plugin-x32: @messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6 -> C:\Program Files (x86)\Yahoo!\Shared\npYState.dll [2010-06-01] (Yahoo! Inc.)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~4\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8117.0416 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-04-17] (Microsoft Corporation)
FF Plugin-x32: @nexon.net/NxGame -> C:\ProgramData\NexonUS\NGM\npNxGameUS.dll [2012-12-04] (Nexon)
FF Plugin-x32: @real.com/nppl3260;version=15.0.6.14 -> c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll [2012-08-30] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprjplug;version=15.0.6.14 -> c:\program files (x86)\real\realplayer\Netscape6\nprjplug.dll [2012-08-30] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpchromebrowserrecordext;version=15.0.4.53 -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll [2012-08-30] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprphtml5videoshim;version=15.0.6.14 -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll [2012-08-30] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpplugin;version=15.0.6.14 -> c:\program files (x86)\real\realplayer\Netscape6\nprpplugin.dll [2012-08-30] (RealPlayer)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.13\npGoogleUpdate3.dll [2015-08-28] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.13\npGoogleUpdate3.dll [2015-08-28] (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\1\NP_wtapp.dll [2012-05-31] ()
FF Plugin-x32: BYOND -> C:\Program Files (x86)\BYOND\bin\npbyond.dll [2012-07-15] (BYOND)
FF Plugin HKU\S-1-5-21-2505415791-2747731311-3398940262-1000: @g2.com/iggweb3dupdater -> C:\Users\Chaotic Lawliet\AppData\Roaming\IGG\Web3D\1.0.0.38\NPIGGWeb3DUpdater.dll [2012-04-19] (IGG)
FF Plugin HKU\S-1-5-21-2505415791-2747731311-3398940262-1000: @g2.com/joyconnectshell -> C:\Users\Chaotic Lawliet\AppData\Roaming\IGG\Web3D\1.0.0.38\NPJoyConnectShell.dll [2012-04-19] (IGG)
FF Plugin HKU\S-1-5-21-2505415791-2747731311-3398940262-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Chaotic Lawliet\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2014-04-23] (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-2505415791-2747731311-3398940262-1000: thehappycloud.com/HappyCloudPlugin -> C:\ProgramData\HappyCloud\Application\npHappyCloudPlugin.dll [2013-11-17] (The Happy Cloud)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npbyond.dll [2012-07-15] (BYOND)
FF HKLM-x32\...\Firefox\Extensions: [{97E22097-9A2F-45b1-8DAF-36AD648C7EF4}] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
FF Extension: RealPlayer Browser Record Plugin - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2012-05-26]
FF HKLM-x32\...\Firefox\Extensions: [{0153E448-190B-4987-BDE1-F256CADA672F}] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
FF Extension: No Name - C:\Users\Chaotic Lawliet\AppData\Roaming\Mozilla\Firefox\Profiles\cyrlrzfw.default\extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi [not found]
FF Extension: No Name - C:\Users\Chaotic Lawliet\AppData\Roaming\Mozilla\Firefox\Profiles\cyrlrzfw.default\extensions\{e001c731-5e37-4538-a5cb-8168736a2360} [not found]
Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.com/
CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}{google:searchVersion}{google:sessionToken}{google:prefetchQuery}sugkey={google:suggestAPIKeyParameter}
CHR Plugin: (Mahjong Solitaire) - internal-remoting-viewer
CHR Plugin: (Remoting Viewer) - C:\Program Files (x86)\Google\Chrome\Application\45.0.2454.85\ppGoogleNaClPluginChrome.dll No File
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\45.0.2454.85\pdf.dll No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\45.0.2454.85\gcswf32.dll No File
CHR Plugin: (Flash) - C:\Users\Chaotic Lawliet\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\12.0.0.1901_0\plugins/avgnpss.dll No File
CHR Plugin: (AVG Internet Security) - c:\Program Files (x86)\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\BYOND\bin\npbyond.dll (BYOND)
CHR Plugin: (BYOND stub plugin for Mozilla) - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
CHR Plugin: (Google Earth Plugin) - C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll No File
CHR Plugin: (Google Update) - C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll No File
CHR Plugin: (Java) - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
CHR Plugin: (Pando Web Plugin) - C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll No File
CHR Plugin: (WildTangent Games App Presence Detector) - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
CHR Plugin: (Windows Live® Photo Gallery) - C:\ProgramData\NexonUS\NGM\npNxGameUS.dll (Nexon)
CHR Plugin: (Nexon Game Controller) - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
CHR Plugin: (RealNetworks Chrome Background Extension Plug-In (32-bit) ) - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
CHR Plugin: (RealPlayer G2 LiveConnect-Enabled Plug-In (32-bit) ) - c:\program files (x86)\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
CHR Plugin: (RealPlayer Version Plugin) - c:\program files (x86)\real\realplayer\Netscape6\nprpjplug.dll No File
CHR Plugin: (RealPlayer) - C:\Users\Chaotic Lawliet\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
CHR Plugin: (Unity Player) - C:\Windows\system32\npOGPPlugin.dll No File
CHR Plugin: (OGPlanet Game Plugin) - c:\Program Files (x86)\Microsoft Silverlight\4.1.10111.0\npctrl.dll No File
CHR Plugin: (Silverlight) - c:\program files (x86)\real\realplayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
CHR Profile: C:\Users\Chaotic Lawliet\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (WOT: Web of Trust, Website Reputation Ratings) - C:\Users\Chaotic Lawliet\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhmmomiinigofkjcapegjjndpbikblnp [2011-01-29]
CHR Extension: (Tampermonkey) - C:\Users\Chaotic Lawliet\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2015-04-03]
CHR Extension: (AdBlock) - C:\Users\Chaotic Lawliet\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2013-12-15]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\Chaotic Lawliet\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-14]
CHR Extension: (LoL - Jinx) - C:\Users\Chaotic Lawliet\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndbciboanpmkpbeanbjdcneplghndhcp [2014-05-31]
CHR Extension: (Mahjong Solitaire) - C:\Users\Chaotic Lawliet\AppData\Local\Google\Chrome\User Data\Default\Extensions\neojceinbonpjjcokpokpeobkhcpiloc [2015-02-09]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Chaotic Lawliet\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-23]
CHR Extension: (My Chrome Theme) - C:\Users\Chaotic Lawliet\AppData\Local\Google\Chrome\User Data\Default\Extensions\oehpjpccmlcalbenfhnacjeocbjdonic [2012-04-07]
CHR HKLM-x32\...\Chrome\Extension: [jfmjfhklogoienhpfnppmbcbjfjnkonk] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Chrome\Ext\rphtml5video.crx [2012-05-26]
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe [3518376 2015-07-07] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe [314304 2015-07-07] (AVG Technologies CZ, s.r.o.)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [417552 2015-08-03] (LogMeIn, Inc.)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)
S3 MWLService; C:\Program Files (x86)\EgisTec MyWinLocker\x86\MWLService.exe [305520 2010-05-26] (Egis Technology Inc.)
R2 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2804568 2010-06-01] (Symantec Corporation)
S3 npggsvc; C:\Windows\SysWOW64\GameMon.des [5312448 2014-03-19] (INCA Internet Co., Ltd.)
R2 NTI IScheduleSvc; C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe [250368 2010-03-08] (NewTech Infosystems, Inc.) [File not signed]
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 ASPI; C:\Windows\SysWOW64\DRIVERS\ASPI32.sys [84832 2002-07-17] (Adaptec) [File not signed]
R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [162784 2015-03-11] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [293296 2015-06-26] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [253408 2015-05-12] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [259040 2015-06-16] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [378336 2015-05-07] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [226784 2015-06-10] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [40928 2015-03-20] (AVG Technologies CZ, s.r.o.)
R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [281568 2015-05-12] (AVG Technologies CZ, s.r.o.)
S3 ebdrv; C:\Windows\system32\DRIVERS\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
S3 GunBod; C:\Game\SoftnyxGame\GunBoundIS\avital\gunbod64.sys [86352 2014-11-28] ()
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-06-18] (Malwarebytes Corporation)
S3 NMgamingmsFltr; C:\Windows\System32\drivers\NMgamingms.sys [11264 2009-07-24] (Primax Ltd)
S3 NPPTNT2; C:\Windows\SysWOW64\npptNT2.sys [4682 2005-01-01] (INCA Internet Co., Ltd.) [File not signed]
S3 sscdserd; C:\Windows\System32\DRIVERS\sscdserd.sys [141384 2010-04-26] (MCCI Corporation)
U3 TrueSight; C:\Windows\System32\drivers\TrueSight.sys [37624 2015-09-07] ()
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-09-05 01:19 - 2015-09-06 13:14 - 00000000 ____D C:\Users\Chaotic Lawliet\AppData\Local\CrashDumps
2015-09-04 17:53 - 2015-09-07 13:10 - 00037624 _____ C:\Windows\system32\Drivers\TrueSight.sys
2015-09-04 17:53 - 2015-09-05 22:20 - 00000000 ____D C:\ProgramData\RogueKiller
2015-09-03 17:56 - 2015-09-05 11:25 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-09-02 00:32 - 2015-09-02 00:35 - 00000000 ____D C:\Users\Chaotic Lawliet\AppData\Roaming\Tap_Dungeon
2015-09-01 22:18 - 2015-09-01 22:18 - 00000000 ____D C:\Users\Chaotic Lawliet\AppData\Roaming\com.bluemanchu.CardHunter
2015-09-01 20:15 - 2015-09-01 20:15 - 00000000 ____D C:\Users\Chaotic Lawliet\AppData\Local\Steam
2015-09-01 20:15 - 2015-09-01 20:15 - 00000000 ____D C:\Users\Chaotic Lawliet\AppData\Local\CEF
2015-09-01 02:16 - 2015-09-01 02:16 - 00000000 ____D C:\Users\Chaotic Lawliet\AppData\Roaming\Sun
2015-09-01 02:16 - 2015-09-01 02:16 - 00000000 ____D C:\Users\Chaotic Lawliet\.oracle_jre_usage
2015-09-01 02:16 - 2015-09-01 02:15 - 00097888 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2015-09-01 02:15 - 2015-09-01 02:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-08-25 00:22 - 2015-08-25 00:22 - 00003210 _____ C:\Windows\System32\Tasks\{B53F021A-4AC3-4754-BFA6-301A9C869B82}
2015-08-24 14:18 - 2015-08-24 14:19 - 00000000 ____D C:\ProgramData\Sophos
2015-08-24 14:18 - 2015-08-24 14:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sophos
2015-08-24 14:17 - 2015-08-24 14:17 - 00000000 ____D C:\Program Files (x86)\Sophos
2015-08-24 13:48 - 2015-08-24 13:48 - 00000000 _____ C:\Windows\SysWOW64\REN31E.tmp
2015-08-23 21:08 - 2015-09-08 15:31 - 00000000 ____D C:\FRST
2015-08-23 16:23 - 2015-08-23 16:23 - 00000000 ____D C:\Program Files (x86)\ESET
2015-08-23 16:01 - 2015-08-23 16:06 - 00000000 ____D C:\AdwCleaner
2015-08-22 17:35 - 2015-09-08 15:30 - 00000000 ____D C:\Users\Chaotic Lawliet\Desktop\Spyware Forum
2015-08-22 16:41 - 2015-08-23 12:24 - 00000000 ____D C:\Users\Chaotic Lawliet\AppData\Roaming\QuickScan
2015-08-22 14:34 - 2015-08-23 12:37 - 00113880 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-08-22 14:16 - 2015-08-22 14:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-08-22 14:16 - 2015-08-22 14:16 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-08-22 14:16 - 2015-08-22 14:16 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-08-22 14:16 - 2015-06-18 08:41 - 00109272 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-08-22 14:16 - 2015-06-18 08:41 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-08-22 14:16 - 2015-06-18 08:41 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-08-22 12:58 - 2015-08-22 13:17 - 00000000 ____D C:\Windows\system32\MRT
2015-08-22 12:58 - 2015-07-28 10:59 - 132483416 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-08-22 11:59 - 2015-08-22 11:59 - 00000000 _____ C:\Windows\setuperr.log
2015-08-22 11:47 - 2015-08-22 11:47 - 00003704 _____ C:\Windows\System32\Tasks\Java Platform SE Auto Updater
2015-08-22 10:59 - 2015-08-22 10:59 - 00000000 ____D C:\Users\Chaotic Lawliet\AppData\Roaming\AVG
2015-08-22 10:57 - 2015-08-22 11:00 - 00000000 ____D C:\ProgramData\AVG
2015-08-21 21:09 - 2015-09-03 23:26 - 00002066 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-08-21 21:09 - 2015-08-21 21:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-08-21 11:51 - 2015-08-21 11:51 - 00000000 ___RD C:\Program Files (x86)\Skype
2015-08-21 11:51 - 2015-08-21 11:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2015-08-20 03:04 - 2015-08-10 21:20 - 25191936 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-08-20 03:04 - 2015-08-10 21:14 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-08-20 03:04 - 2015-08-10 20:33 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-08-20 03:04 - 2015-08-10 20:20 - 19871232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-08-15 12:22 - 2015-08-17 18:32 - 00003152 _____ C:\Users\Chaotic Lawliet\Desktop\Destoka's Pokemon Needs!.txt
2015-08-13 08:09 - 2015-07-30 09:13 - 00124624 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-08-13 08:09 - 2015-07-30 09:13 - 00103120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-08-12 07:52 - 2015-07-20 20:39 - 00389840 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-08-12 07:52 - 2015-07-20 20:12 - 00342736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-08-12 07:52 - 2015-07-16 16:54 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-08-12 07:52 - 2015-07-16 16:37 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-08-12 07:52 - 2015-07-16 16:36 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-08-12 07:52 - 2015-07-16 16:36 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-08-12 07:52 - 2015-07-16 16:35 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-08-12 07:52 - 2015-07-16 16:27 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-08-12 07:52 - 2015-07-16 16:26 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-08-12 07:52 - 2015-07-16 16:21 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-08-12 07:52 - 2015-07-16 16:21 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-08-12 07:52 - 2015-07-16 16:12 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-08-12 07:52 - 2015-07-16 16:00 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-08-12 07:52 - 2015-07-16 15:51 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-08-12 07:52 - 2015-07-16 15:51 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-08-12 07:52 - 2015-07-16 15:51 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-08-12 07:52 - 2015-07-16 15:50 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-08-12 07:52 - 2015-07-16 15:50 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-08-12 07:52 - 2015-07-16 15:49 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-08-12 07:52 - 2015-07-16 15:45 - 02279424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-08-12 07:52 - 2015-07-16 15:43 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-08-12 07:52 - 2015-07-16 15:43 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-08-12 07:52 - 2015-07-16 15:41 - 00479232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-08-12 07:52 - 2015-07-16 15:39 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-08-12 07:52 - 2015-07-16 15:39 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-08-12 07:52 - 2015-07-16 15:38 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-08-12 07:52 - 2015-07-16 15:36 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-08-12 07:52 - 2015-07-16 15:35 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-08-12 07:52 - 2015-07-16 15:32 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-08-12 07:52 - 2015-07-16 15:29 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-08-12 07:52 - 2015-07-16 15:24 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-08-12 07:52 - 2015-07-16 15:20 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-08-12 07:52 - 2015-07-16 15:19 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-08-12 07:52 - 2015-07-16 15:17 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-08-12 07:52 - 2015-07-16 15:12 - 04520448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-08-12 07:52 - 2015-07-16 15:10 - 12856832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-08-12 07:52 - 2015-07-16 15:06 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-08-12 07:52 - 2015-07-16 15:06 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-08-12 07:52 - 2015-07-16 15:05 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-08-12 07:52 - 2015-07-16 15:01 - 01545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-08-12 07:52 - 2015-07-16 14:49 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-08-12 07:52 - 2015-07-16 14:42 - 01951232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-08-12 07:52 - 2015-07-16 14:38 - 01310720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-08-12 07:52 - 2015-07-16 14:37 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-08-12 07:51 - 2015-07-30 14:06 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2015-08-12 07:51 - 2015-07-30 14:06 - 01648128 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2015-08-12 07:51 - 2015-07-30 14:06 - 01180160 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2015-08-12 07:51 - 2015-07-30 14:06 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2015-08-12 07:51 - 2015-07-30 14:06 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-08-12 07:51 - 2015-07-30 14:06 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2015-08-12 07:51 - 2015-07-30 14:06 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2015-08-12 07:51 - 2015-07-30 13:57 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2015-08-12 07:51 - 2015-07-30 13:57 - 01251328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2015-08-12 07:51 - 2015-07-30 13:57 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2015-08-12 07:51 - 2015-07-30 13:57 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2015-08-12 07:51 - 2015-07-30 13:57 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2015-08-12 07:51 - 2015-07-30 13:55 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2015-08-12 07:51 - 2015-07-30 12:56 - 03208192 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-08-12 07:51 - 2015-07-30 12:52 - 00372736 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-08-12 07:51 - 2015-07-30 12:49 - 00299520 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2015-08-12 07:51 - 2015-07-28 16:09 - 00017344 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2015-08-12 07:51 - 2015-07-28 16:05 - 01116672 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-08-12 07:51 - 2015-07-28 16:05 - 00774656 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-08-12 07:51 - 2015-07-28 16:05 - 00743424 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-08-12 07:51 - 2015-07-28 16:05 - 00437760 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-08-12 07:51 - 2015-07-28 16:05 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-08-12 07:51 - 2015-07-28 16:05 - 00069120 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-08-12 07:51 - 2015-07-28 15:55 - 01148416 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-08-12 07:51 - 2015-07-16 16:36 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-08-12 07:51 - 2015-07-16 16:35 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-08-12 07:51 - 2015-07-16 16:26 - 05923328 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-08-12 07:51 - 2015-07-16 16:23 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-08-12 07:51 - 2015-07-16 16:21 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-08-12 07:51 - 2015-07-16 16:21 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-08-12 07:51 - 2015-07-16 16:08 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-08-12 07:51 - 2015-07-16 15:55 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-08-12 07:51 - 2015-07-16 15:54 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-08-12 07:51 - 2015-07-16 15:34 - 14451200 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-08-12 07:51 - 2015-07-16 15:33 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-08-12 07:51 - 2015-07-16 15:12 - 02427904 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-08-12 07:51 - 2015-07-15 14:15 - 05568960 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-08-12 07:51 - 2015-07-15 14:12 - 01730496 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-08-12 07:51 - 2015-07-15 14:10 - 01743360 _____ (Microsoft Corporation) C:\Windows\system32\sysmain.dll
2015-08-12 07:51 - 2015-07-15 14:10 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-08-12 07:51 - 2015-07-15 13:59 - 03934656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-08-12 07:51 - 2015-07-15 13:56 - 01311768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-08-12 07:50 - 2015-07-15 14:15 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-08-12 07:50 - 2015-07-15 14:15 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-08-12 07:50 - 2015-07-15 14:15 - 00094656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
2015-08-12 07:50 - 2015-07-15 14:11 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2015-08-12 07:50 - 2015-07-15 14:11 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-08-12 07:50 - 2015-07-15 14:11 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2015-08-12 07:50 - 2015-07-15 14:11 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-08-12 07:50 - 2015-07-15 14:11 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-08-12 07:50 - 2015-07-15 14:10 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-08-12 07:50 - 2015-07-15 14:10 - 01216512 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2015-08-12 07:50 - 2015-07-15 14:10 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-08-12 07:50 - 2015-07-15 14:10 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-08-12 07:50 - 2015-07-15 14:10 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-08-12 07:50 - 2015-07-15 14:10 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-08-12 07:50 - 2015-07-15 14:10 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-08-12 07:50 - 2015-07-15 14:10 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-08-12 07:50 - 2015-07-15 14:10 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-08-12 07:50 - 2015-07-15 14:10 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-08-12 07:50 - 2015-07-15 14:10 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-08-12 07:50 - 2015-07-15 14:10 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-08-12 07:50 - 2015-07-15 14:10 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-08-12 07:50 - 2015-07-15 14:10 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2015-08-12 07:50 - 2015-07-15 14:10 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-08-12 07:50 - 2015-07-15 14:10 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-08-12 07:50 - 2015-07-15 14:10 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-08-12 07:50 - 2015-07-15 14:10 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-08-12 07:50 - 2015-07-15 14:10 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-08-12 07:50 - 2015-07-15 14:10 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2015-08-12 07:50 - 2015-07-15 14:10 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\msmmsp.dll
2015-08-12 07:50 - 2015-07-15 14:09 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2015-08-12 07:50 - 2015-07-15 14:09 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-08-12 07:50 - 2015-07-15 14:05 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-08-12 07:50 - 2015-07-15 14:05 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-08-12 07:50 - 2015-07-15 14:00 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-08-12 07:50 - 2015-07-15 14:00 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-08-12 07:50 - 2015-07-15 14:00 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-08-12 07:50 - 2015-07-15 14:00 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-08-12 07:50 - 2015-07-15 14:00 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-08-12 07:50 - 2015-07-15 14:00 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-08-12 07:50 - 2015-07-15 14:00 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-08-12 07:50 - 2015-07-15 14:00 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-08-12 07:50 - 2015-07-15 14:00 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-08-12 07:50 - 2015-07-15 14:00 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-08-12 07:50 - 2015-07-15 14:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-08-12 07:50 - 2015-07-15 14:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-08-12 07:50 - 2015-07-15 14:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-08-12 07:50 - 2015-07-15 14:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-08-12 07:50 - 2015-07-15 14:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-08-12 07:50 - 2015-07-15 14:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-08-12 07:50 - 2015-07-15 14:00 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-08-12 07:50 - 2015-07-15 14:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-08-12 07:50 - 2015-07-15 14:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-08-12 07:50 - 2015-07-15 14:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-08-12 07:50 - 2015-07-15 14:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-08-12 07:50 - 2015-07-15 14:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-08-12 07:50 - 2015-07-15 14:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-08-12 07:50 - 2015-07-15 14:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-08-12 07:50 - 2015-07-15 14:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-08-12 07:50 - 2015-07-15 14:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-08-12 07:50 - 2015-07-15 14:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-08-12 07:50 - 2015-07-15 14:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-08-12 07:50 - 2015-07-15 14:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-08-12 07:50 - 2015-07-15 14:00 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-08-12 07:50 - 2015-07-15 13:59 - 03989952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-08-12 07:50 - 2015-07-15 13:55 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-08-12 07:50 - 2015-07-15 13:55 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-08-12 07:50 - 2015-07-15 13:55 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-08-12 07:50 - 2015-07-15 13:55 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-08-12 07:50 - 2015-07-15 13:55 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-08-12 07:50 - 2015-07-15 13:54 - 00552960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-08-12 07:50 - 2015-07-15 13:54 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-08-12 07:50 - 2015-07-15 13:54 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-08-12 07:50 - 2015-07-15 13:54 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2015-08-12 07:50 - 2015-07-15 13:54 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2015-08-12 07:50 - 2015-07-15 13:54 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-08-12 07:50 - 2015-07-15 13:54 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-08-12 07:50 - 2015-07-15 13:53 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2015-08-12 07:50 - 2015-07-15 13:53 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2015-08-12 07:50 - 2015-07-15 13:53 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-08-12 07:50 - 2015-07-15 13:53 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-08-12 07:50 - 2015-07-15 13:53 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-08-12 07:50 - 2015-07-15 13:53 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2015-08-12 07:50 - 2015-07-15 13:49 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-08-12 07:50 - 2015-07-15 13:48 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-08-12 07:50 - 2015-07-15 13:44 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-08-12 07:50 - 2015-07-15 13:44 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-08-12 07:50 - 2015-07-15 13:44 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-08-12 07:50 - 2015-07-15 13:44 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-08-12 07:50 - 2015-07-15 13:44 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-08-12 07:50 - 2015-07-15 13:44 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-08-12 07:50 - 2015-07-15 13:44 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-08-12 07:50 - 2015-07-15 13:44 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-08-12 07:50 - 2015-07-15 13:44 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-08-12 07:50 - 2015-07-15 13:44 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-08-12 07:50 - 2015-07-15 13:44 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-08-12 07:50 - 2015-07-15 13:44 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-08-12 07:50 - 2015-07-15 13:44 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-08-12 07:50 - 2015-07-15 13:44 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-08-12 07:50 - 2015-07-15 13:44 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-08-12 07:50 - 2015-07-15 13:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-08-12 07:50 - 2015-07-15 13:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-08-12 07:50 - 2015-07-15 13:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-08-12 07:50 - 2015-07-15 13:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-08-12 07:50 - 2015-07-15 13:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-08-12 07:50 - 2015-07-15 13:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-08-12 07:50 - 2015-07-15 13:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-08-12 07:50 - 2015-07-15 13:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-08-12 07:50 - 2015-07-15 13:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-08-12 07:50 - 2015-07-15 13:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-08-12 07:50 - 2015-07-15 13:44 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-08-12 07:50 - 2015-07-15 12:46 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2015-08-12 07:50 - 2015-07-15 12:46 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2015-08-12 07:50 - 2015-07-15 12:46 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2015-08-12 07:50 - 2015-07-15 12:37 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2015-08-12 07:50 - 2015-07-15 12:37 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2015-08-12 07:50 - 2015-07-15 12:34 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-08-12 07:50 - 2015-07-15 12:34 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-08-12 07:50 - 2015-07-15 12:34 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-08-12 07:50 - 2015-07-15 12:34 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-08-12 07:50 - 2015-07-10 13:51 - 03722752 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2015-08-12 07:50 - 2015-07-10 13:34 - 03221504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2015-08-12 07:49 - 2015-07-14 23:19 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\basesrv.dll
2015-08-12 07:49 - 2015-07-10 13:51 - 00158720 _____ (Microsoft Corporation) C:\Windows\system32\aaclient.dll
2015-08-12 07:49 - 2015-07-10 13:51 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2015-08-12 07:49 - 2015-07-10 13:34 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2015-08-12 07:49 - 2015-07-10 13:33 - 00131584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aaclient.dll
2015-08-12 07:44 - 2015-07-14 23:19 - 02004992 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2015-08-12 07:44 - 2015-07-14 23:19 - 01887232 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2015-08-12 07:44 - 2015-07-14 22:55 - 01241088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2015-08-12 07:44 - 2015-07-01 16:49 - 00260096 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2015-08-12 07:44 - 2015-07-01 16:48 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\davclnt.dll
2015-08-12 07:44 - 2015-07-01 16:30 - 00206848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll
2015-08-12 07:44 - 2015-07-01 16:30 - 00082432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\davclnt.dll
2015-08-12 07:43 - 2015-07-20 14:12 - 03154944 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-08-12 07:43 - 2015-07-20 14:12 - 02606080 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-08-12 07:43 - 2015-07-20 14:12 - 00696320 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-08-12 07:43 - 2015-07-20 14:12 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-08-12 07:43 - 2015-07-20 14:12 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-08-12 07:43 - 2015-07-20 14:12 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-08-12 07:43 - 2015-07-20 14:12 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-08-12 07:43 - 2015-07-20 14:12 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-08-12 07:43 - 2015-07-20 14:12 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-08-12 07:43 - 2015-07-20 14:12 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-08-12 07:43 - 2015-07-20 14:12 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-08-12 07:43 - 2015-07-20 13:56 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-08-12 07:43 - 2015-07-20 13:56 - 00173056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-08-12 07:43 - 2015-07-20 13:56 - 00093184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-08-12 07:43 - 2015-07-20 13:56 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-08-12 07:43 - 2015-07-20 13:56 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-08-12 07:43 - 2015-07-14 23:14 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2015-08-12 07:43 - 2015-07-14 23:13 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2015-08-12 07:43 - 2015-07-14 22:55 - 01390592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2015-08-12 07:43 - 2015-07-14 22:51 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll
2015-08-12 07:43 - 2015-07-14 22:51 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2015-08-12 07:43 - 2015-07-10 13:51 - 14177280 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2015-08-12 07:43 - 2015-07-10 13:34 - 12875776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2015-08-12 07:43 - 2015-07-09 13:57 - 00193536 _____ (Microsoft Corporation) C:\Windows\system32\notepad.exe
2015-08-12 07:43 - 2015-07-09 13:57 - 00193536 _____ (Microsoft Corporation) C:\Windows\notepad.exe
2015-08-12 07:43 - 2015-07-09 13:42 - 00179712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
2015-08-12 07:42 - 2015-05-09 14:26 - 00493504 _____ (Microsoft Corporation) C:\Windows\system32\mcupdate_GenuineIntel.dll
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2015-09-08 15:24 - 2012-08-12 18:56 - 00000000 ____D C:\Users\Chaotic Lawliet\AppData\Roaming\Skype
2015-09-08 15:24 - 2010-09-11 17:55 - 01261727 _____ C:\Windows\WindowsUpdate.log
2015-09-08 15:23 - 2012-08-16 21:15 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-09-08 15:14 - 2011-01-29 03:20 - 00000898 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-09-08 14:28 - 2009-07-14 00:51 - 00663165 _____ C:\Windows\setupact.log
2015-09-08 12:44 - 2009-07-14 00:45 - 00022896 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-09-08 12:44 - 2009-07-14 00:45 - 00022896 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-09-08 12:38 - 2012-09-13 01:47 - 00000000 ____D C:\Users\Chaotic Lawliet\AppData\Local\LogMeIn Hamachi
2015-09-08 12:36 - 2011-01-29 03:20 - 00000894 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-09-08 12:36 - 2011-01-28 20:54 - 00000000 ____D C:\ProgramData\MFAData
2015-09

Share this post


Link to post
Share on other sites
Additional scan result of Farbar Recovery Scan Tool (x64) Version:07-09-2015

Ran by Chaotic Lawliet (2015-09-08 15:34:15)

Running from C:\Users\Chaotic Lawliet\Desktop\Spyware Forum

Windows 7 Home Premium Service Pack 1 (X64) (2011-01-29 06:53:52)

Boot Mode: Normal

==========================================================



==================== Accounts: =============================


Administrator (S-1-5-21-2505415791-2747731311-3398940262-500 - Administrator - Disabled)

Chaotic Lawliet (S-1-5-21-2505415791-2747731311-3398940262-1000 - Administrator - Enabled) => C:\Users\Chaotic Lawliet

Guest (S-1-5-21-2505415791-2747731311-3398940262-501 - Limited - Disabled)

HomeGroupUser$ (S-1-5-21-2505415791-2747731311-3398940262-1002 - Limited - Enabled)


==================== Security Center ========================


(If an entry is included in the fixlist, it will be removed.)


AV: AVG AntiVirus Free Edition 2015 (Enabled - Up to date) {4D41356F-32AD-7C42-C820-63775EE4F413}

AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

AS: AVG AntiVirus Free Edition 2015 (Enabled - Up to date) {F620D48B-1497-73CC-F290-58052563BEAE}


==================== Installed Programs ======================


(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)


18 Wheels of Steel - American Long Haul (x32 Version: 2.2.0.95 - WildTangent) Hidden

Acer Backup Manager (HKLM-x32\...\InstallShield_{72B776E5-4530-4C4B-9453-751DF87D9D93}) (Version: 2.0.0.60 - NewTech Infosystems)

Acer Crystal Eye webcam (HKLM-x32\...\{51F026FA-5146-4232-A8BA-1364740BD053}) (Version: 1.0.3.5 - liteon)

Acer ePower Management (HKLM-x32\...\{3DB0448D-AD82-4923-B305-D001E521A964}) (Version: 5.00.3004 - Acer Incorporated)

Acer eRecovery Management (HKLM-x32\...\{7F811A54-5A09-4579-90E1-C93498E230D9}) (Version: 4.05.3011 - Acer Incorporated)

Acer Games (HKLM-x32\...\WildTangent acer Master Uninstall) (Version: 1.0.1.3 - WildTangent)

Acer Registration (HKLM-x32\...\Acer Registration) (Version: 1.03.3003 - Acer Incorporated)

Acer ScreenSaver (HKLM-x32\...\Acer Screensaver) (Version: 1.1.0423.2010 - Acer Incorporated)

Acrobat.com (HKLM-x32\...\{287ECFA4-719A-2143-A09B-D6A12DE54E40}) (Version: 1.6.65 - Adobe Systems Incorporated)

Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.2.0.2070 - Adobe Systems Incorporated)

Adobe Flash Player 18 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 18.0.0.232 - Adobe Systems Incorporated)

Adobe Flash Player 18 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 18.0.0.232 - Adobe Systems Incorporated)

Adobe Photoshop CS6 (HKLM-x32\...\{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}) (Version: 13.0 - Adobe Systems Incorporated)

Adobe Reader 9.1 MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-A91000000001}) (Version: 9.1.0 - Adobe Systems Incorporated)

Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.1.0.150 - Adobe Systems, Inc.)

Agatha Christie - Death on the Nile (x32 Version: 2.2.0.95 - WildTangent) Hidden

Akamai NetSession Interface (HKU\S-1-5-21-2505415791-2747731311-3398940262-1000\...\Akamai) (Version: - Akamai Technologies, Inc)

Alcor Micro USB Card Reader (HKLM-x32\...\InstallShield_{6030FCD7-8F1A-427D-AF05-8DD1A2EA2ABA}) (Version: 1.5.17.05094 - Alcor Micro Corp.)

Alcor Micro USB Card Reader (x32 Version: 1.5.17.05094 - Alcor Micro Corp.) Hidden

APB Reloaded (HKLM-x32\...\Steam App 113400) (Version: - )

Audacity 1.3.13 (Unicode) (HKLM-x32\...\Audacity 1.3 Beta (Unicode)_is1) (Version: - Audacity Team)

AVG 2015 (HKLM\...\AVG) (Version: 2015.0.6086 - AVG Technologies)

AVG 2015 (Version: 15.0.4409 - AVG Technologies) Hidden

AVG 2015 (Version: 15.0.6086 - AVG Technologies) Hidden

Backup Manager Basic (x32 Version: 2.0.0.60 - NewTech Infosystems) Hidden

Bejeweled 2 Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden

Blackhawk Striker 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden

Broadcom Gigabit NetLink Controller (HKLM\...\{A84DB02B-9C2B-4272-9D2D-A80E00A56513}) (Version: 12.52.03 - Broadcom Corporation)

Bruteforce Save Data (HKLM-x32\...\Bruteforce Save Data) (Version: - )

Build-a-lot 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden

BYOND (HKLM-x32\...\BYOND) (Version: 498.1163 - BYOND)

Card Hunter (HKLM-x32\...\Steam App 293260) (Version: - Blue Manchu)

Chuzzle Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden

CyberLink PowerDVD 9 (HKLM-x32\...\InstallShield_{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}) (Version: 9.0.2829.50 - CyberLink Corp.)

Diner Dash 2 Restaurant Rescue (x32 Version: 2.2.0.95 - WildTangent) Hidden

Dora's Carnival Adventure (x32 Version: 2.2.0.95 - WildTangent) Hidden

Dropbox (HKU\S-1-5-21-2505415791-2747731311-3398940262-1000\...\Dropbox) (Version: 3.0.3 - Dropbox, Inc.)

Easy Auto Clicker (HKLM-x32\...\Easy Auto Clicker_is1) (Version: V2.0 - easyautoclicker.com)

eBay Worldwide (HKLM-x32\...\{E0B19DF7-B1C7-4937-82C4-0E4B1E346965}) (Version: 2.1.0901 - OEM)

Elsword version 1.11 (HKLM-x32\...\{E655DDFC-24DB-4FC3-8474-271E911309B4}_is1) (Version: 1.11 - Kill3rCombo)

ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version: - )

eSobi v2 (HKLM-x32\...\InstallShield_{15D967B5-A4BE-42AE-9E84-64CD062B25AA}) (Version: 2.0.4.000274 - esobi Inc.)

eSobi v2 (x32 Version: 2.0.4.000274 - esobi Inc.) Hidden

FATE (x32 Version: 2.2.0.95 - WildTangent) Hidden

Free Download Manager 3.9.2 (HKLM-x32\...\Free Download Manager_is1) (Version: - FreeDownloadManager.ORG)

Google Chrome (HKLM-x32\...\Google Chrome) (Version: 45.0.2454.85 - Google Inc.)

Google Earth Plug-in (HKLM-x32\...\{4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)

Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.6710.2136 - Google Inc.)

Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden

Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden

Google Update Helper (x32 Version: 1.3.28.13 - Google Inc.) Hidden

Grand Chase version 1.0.0.1 (HKLM-x32\...\{FF222EB6-6FE1-486E-A9E8-93B5D5D72A8C}_is1) (Version: 1.0.0.1 - SG Interactive)

Grand Fantasia (HKLM-x32\...\Grand Fantasia) (Version: - )

Happy Cloud Client (HKU\S-1-5-21-2505415791-2747731311-3398940262-1000\...\HappyCloud) (Version: 4.54 - Happy Cloud, Inc.)

Identity Card (HKLM-x32\...\Identity Card) (Version: 1.00.3003 - Acer Incorporated)

IGG Web3D Player version 1.0.0.38 (HKU\S-1-5-21-2505415791-2747731311-3398940262-1000\...\IGG Web3D Player_is1) (Version: 1.0.0.38 - IGG, Inc.)

IMVU Avatar Chat Software (HKU\S-1-5-21-2505415791-2747731311-3398940262-1000\...\IMVU Avatar chat client software BETA) (Version: - )

Infinity Wars (HKLM-x32\...\Infinity Wars) (Version: - )

Intel® Graphics Media Accelerator Driver (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2119 - Intel Corporation)

Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 6.0.0.1179 - Intel Corporation)

Intel® Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 9.6.0.1014 - Intel Corporation)

Java 8 Update 60 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218060F0}) (Version: 8.0.600.27 - Oracle Corporation)

Jewel Quest - Heritage (x32 Version: 2.2.0.95 - WildTangent) Hidden

Jewel Quest Solitaire 2 (x32 Version: 2.2.0.95 - WildTangent) Hidden

John Deere Drive Green (x32 Version: 2.2.0.95 - WildTangent) Hidden

Junk Mail filter update (x32 Version: 14.0.8117.416 - Microsoft Corporation) Hidden

Katawa Shoujo (HKLM-x32\...\Katawa Shoujo) (Version: - )

LAME v3.98.3 for Audacity (HKLM-x32\...\LAME for Audacity_is1) (Version: - )

Launch Manager (HKLM-x32\...\LManager) (Version: 4.0.12 - Acer Inc.)

League of Legends (HKLM-x32\...\League of Legends 3.0.0) (Version: 3.0.0 - Riot Games)

League of Legends (x32 Version: 3.0.0 - Riot Games) Hidden

Lightshot-5.2.1.1 (HKLM-x32\...\{30A5B3C9-2084-4063-A32A-628A98DE512B}_is1) (Version: 5.2.1.1 - Skillbrains)

Livestream for Producers (HKLM-x32\...\{524A9978-8E2A-487F-A50B-E71D72F2EDDE}) (Version: 0.0.42 - Livestream)

LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.383 - LogMeIn, Inc.)

LogMeIn Hamachi (x32 Version: 2.2.0.383 - LogMeIn, Inc.) Hidden

Malwarebytes Anti-Malware version 2.1.8.1057 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.8.1057 - Malwarebytes Corporation)

MapleStory (HKLM-x32\...\MapleStory) (Version: - )

Media Player Classic - Home Cinema v1.5.2.3456 (HKLM-x32\...\{2624B969-7135-4EB1-B0F6-2D8C397B45F7}_is1) (Version: 1.5.2.3456 - MPC-HC Team)

Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)

Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)

Microsoft Office Click-to-Run 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)

Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40728.0 - Microsoft Corporation)

Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)

Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)

Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (HKLM-x32\...\{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}) (Version: 9.0.30729.4148 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)

Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)

Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)

Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)

Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)

Mozilla Firefox 40.0.3 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 40.0.3 (x86 en-US)) (Version: 40.0.3 - Mozilla)

Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 40.0.3.5716 - Mozilla)

MyWinLocker (x32 Version: 3.1.212.0 - Egis Technology Inc.) Hidden

MyWinLocker Suite (HKLM-x32\...\InstallShield_{738BF5C3-AF7B-4BB0-B7EF-E505EFC756BE}) (Version: 3.1.212.0 - Egis Technology Inc.)

MyWinLocker Suite (x32 Version: 3.1.212.0 - Egis Technology Inc.) Hidden

Nexon Game Manager (HKLM-x32\...\{EA2DB6E0-72C5-4ef9-A3A0-E6705F4A6A9E}) (Version: - )

Nexon Launcher (HKLM-x32\...\Nexon Nexon Launcher) (Version: 1.1.1 - Nexon)

Norton Online Backup (HKLM-x32\...\{40A66DF6-22D3-44B5-A7D3-83B118A2C0DC}) (Version: 2.1.17869 - Symantec Corporation)

NTI Backup Now 5 (HKLM-x32\...\InstallShield_{12EFA1A4-AC3B-443C-8143-237EDE760403}) (Version: 5.1.2.628 - NewTech Infosystems)

NTI Backup Now Standard (x32 Version: 5.1.2.628 - NewTech Infosystems) Hidden

NTI Media Maker 8 (HKLM-x32\...\InstallShield_{2413930C-8309-47A6-BC61-5EF27A4222BC}) (Version: 8.0.12.6630 - NewTech Infosystems)

NTI Media Maker 8 (x32 Version: 8.0.12.6630 - NewTech Infosystems) Hidden

NVIDIA PhysX (HKLM-x32\...\{DEA314C4-0929-4250-BC92-98E4C105F28D}) (Version: 9.10.0129 - NVIDIA Corporation)

OGPlanet Game Launcher (HKLM-x32\...\OGPlanet Game Launcher US) (Version: 1.0.0 - OGPlanet, Inc.)

OGPlanet Game Launcher (HKLM-x32\...\OGPlanet Game Launcher) (Version: 1.0.0 - OGPlanet, Inc.)

PDF Settings CS6 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden

Penguins! (x32 Version: 2.2.0.95 - WildTangent) Hidden

Plants vs. Zombies (x32 Version: 2.2.0.95 - WildTangent) Hidden

Polar Bowler (x32 Version: 2.2.0.95 - WildTangent) Hidden

Polar Golfer (x32 Version: 2.2.0.95 - WildTangent) Hidden

Raptr (HKLM-x32\...\Raptr) (Version: - )

RealNetworks - Microsoft Visual C++ 2008 Runtime (x32 Version: 9.0 - RealNetworks, Inc) Hidden

RealPlayer (HKLM-x32\...\RealPlayer 15.0) (Version: 15.0.6 - RealNetworks)

Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6000 - Realtek Semiconductor Corp.)

RealUpgrade 1.1 (x32 Version: 1.1.0 - RealNetworks, Inc.) Hidden

Rumble Fighter (HKLM-x32\...\RumbleFighter) (Version: - )

Sakura Clicker (HKLM-x32\...\Steam App 383080) (Version: - Winged Cloud)

SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.3.550.0 - SAMSUNG Electronics Co., Ltd.)

Shredder (Version: 2.0.8.3 - Egis Technology Inc.) Hidden

Shredder (x32 Version: 2.0.8.3 - Egis Technology Inc.) Hidden

Skype™ 7.8 (HKLM-x32\...\{6A0549A9-1B96-498C-ACBC-3943001FEB19}) (Version: 7.8.102 - Skype Technologies S.A.)

Sophos Virus Removal Tool (HKLM-x32\...\{B829E117-D072-41EA-9606-9826A38D34C1}) (Version: 2.5.4 - Sophos Limited)

Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)

SWF & FLV Player 3.0 (build 3.0.33.5106) (HKLM-x32\...\SWF & FLV Player_is1) (Version: 3.0.33.5106 - Eltima Software)

SWF Opener (HKLM-x32\...\{01386D1F-ADE7-43B4-A4E9-312FC5BC726F}_is1) (Version: 1.3 - UnH Solutions)

swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden

Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 14.0.6.0 - Synaptics Incorporated)

TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.24732 - TeamViewer)

TERA (HKU\S-1-5-21-2505415791-2747731311-3398940262-1000\...\teraenmasse) (Version: - )

Times Reader (HKLM-x32\...\com.nyt.timesreader.78C54164786ADE80CB31E1C5D95607D0938C987A.1) (Version: 2.055 - The New York Times Company)

Times Reader (x32 Version: 2.055 - The New York Times Company) Hidden

Unity Web Player (HKU\S-1-5-21-2505415791-2747731311-3398940262-1000\...\UnityWebPlayer) (Version: - Unity Technologies ApS)

Update Installer for WildTangent Games App (x32 Version: - WildTangent) Hidden

USB Optical Mouse (HKLM-x32\...\{EEAE45EB-C1E3-4CCD-930D-D7B40F810063}) (Version: 1.00.0000 - )

Verizon Wireless Software Upgrade Assistant - SAMSUNG (TL-PC) (HKLM-x32\...\{CDCAED05-7803-4713-9BA0-072BD1194B83}) (Version: 1.11.0402 - SAMSUNG)

Virtual Villagers 4 - The Tree of Life (x32 Version: 2.2.0.95 - WildTangent) Hidden

Visual Studio 2008 x64 Redistributables (HKLM-x32\...\{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}) (Version: 10.0.0.2 - AVG Technologies)

Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)

Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)

VLC media player 1.1.7 (HKLM-x32\...\VLC media player) (Version: 1.1.7 - VideoLAN)

Welcome Center (HKLM-x32\...\Acer Welcome Center) (Version: 1.02.3002 - Acer Incorporated)

WildTangent Games App (Acer Games) (HKLM-x32\...\{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-acer) (Version: 4.0.6.14 - WildTangent)

Windows Live Essentials (HKLM-x32\...\WinLiveSuite_Wave3) (Version: 14.0.8117.0416 - Microsoft Corporation)

Windows Live Sign-in Assistant (HKLM-x32\...\{45338B07-A236-4270-9A77-EBB4115517B5}) (Version: 5.000.818.5 - Microsoft Corporation)

Windows Live Sync (HKLM-x32\...\{B10914FD-8812-47A4-85A1-50FCDE7F1F33}) (Version: 14.0.8117.416 - Microsoft Corporation)

Windows Live Upload Tool (HKLM-x32\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)

WinRAR archiver (HKLM-x32\...\WinRAR archiver) (Version: - )

Xpadder version 5.7 (HKLM-x32\...\{0DCE54A9-7256-4132-9D4E-1A64AE35E9B1}_is1) (Version: 5.7 - Xpadder, Inc.)

Yahoo! Messenger (HKLM-x32\...\Yahoo! Messenger) (Version: - Yahoo! Inc.)

Yahoo! Software Update (HKLM-x32\...\Yahoo! Software Update) (Version: - )

Zuma's Revenge (x32 Version: 2.2.0.95 - WildTangent) Hidden


==================== Custom CLSID (Whitelisted): ==========================


(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


CustomCLSID: HKU\S-1-5-21-2505415791-2747731311-3398940262-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Chaotic Lawliet\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-2505415791-2747731311-3398940262-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Chaotic Lawliet\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-2505415791-2747731311-3398940262-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Chaotic Lawliet\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-2505415791-2747731311-3398940262-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Chaotic Lawliet\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-2505415791-2747731311-3398940262-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Chaotic Lawliet\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-2505415791-2747731311-3398940262-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Chaotic Lawliet\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-2505415791-2747731311-3398940262-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Chaotic Lawliet\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-2505415791-2747731311-3398940262-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Chaotic Lawliet\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-2505415791-2747731311-3398940262-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Chaotic Lawliet\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)


==================== Restore Points =========================


24-08-2015 13:02:22 Removed AVG PC TuneUp 2015 (en-US)

24-08-2015 13:21:36 JRT Pre-Junkware Removal

24-08-2015 13:47:12 Removed Java 8 Update 51

24-08-2015 13:54:14 Removed Java 8 Update 51 (64-bit)

24-08-2015 14:17:00 Installed Sophos Virus Removal Tool.

26-08-2015 16:41:35 Windows Update

30-08-2015 12:02:23 Windows Update

02-09-2015 12:26:09 Windows Update

05-09-2015 16:52:37 Windows Update


==================== Hosts content: ===============================


(If needed Hosts: directive could be included in the fixlist to reset Hosts.)


2009-07-13 22:34 - 2009-06-10 17:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts


==================== Scheduled Tasks (Whitelisted) =============


(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


Task: {20EF8B7E-05C3-4DFD-98E4-8174449F579E} - System32\Tasks\Razer_Game_Booster_AutoUpdate => C:\Program Files (x86)\Razer\Razer Game Booster\AutoUpdate.exe

Task: {2692640E-A97B-4C6B-8B4D-606E55563A3D} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)

Task: {2F7782AF-B3B6-4D89-A942-466E9996CDCD} - System32\Tasks\{6EE2B446-6C62-410D-90E3-8B35FA4EB63C} => pcalua.exe -a "C:\Users\Chaotic Lawliet\Desktop\SCHTHACK PSOBB\data\data-fix.exe" -d "C:\Users\Chaotic Lawliet\Desktop\SCHTHACK PSOBB\data"

Task: {56EA17E7-0C95-4F56-ACB9-A169F7E7E7E8} - System32\Tasks\{B53F021A-4AC3-4754-BFA6-301A9C869B82} => pcalua.exe -a "C:\Users\Chaotic Lawliet\Desktop\startuplite-setup-1.07.exe" -d "C:\Users\Chaotic Lawliet\Desktop"

Task: {62B6B644-CCA8-4E59-8281-7D5A1D2C087B} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-08-12] (Adobe Systems Incorporated)

Task: {789916C1-99B4-4E8F-BD18-F37AF9DA3A51} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-2505415791-2747731311-3398940262-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2012-07-27] (RealNetworks, Inc.)

Task: {94AE92E0-D652-4DB8-B585-7D1D0B306CD9} - System32\Tasks\Microsoft\Windows\Application Experience\ProgramDataUpdater => Rundll32.exe invagent.dll,RunUpdate -noappraiser

Task: {A5510CB8-43E4-42D0-A86D-BF6D8EADF322} - System32\Tasks\Java Platform SE Auto Updater => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2015-08-04] (Oracle Corporation)

Task: {A90F4D43-BDDB-4288-A179-198EE601D6B7} - System32\Tasks\{CC85C907-A2C0-499C-B57E-D6899D02BB6B} => pcalua.exe -a C:\Windows\SysWOW64\_online.exe

Task: {AF9AE99C-EA69-4BB8-8725-74214972AD3F} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-2505415791-2747731311-3398940262-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2012-07-27] (RealNetworks, Inc.)

Task: {B92FD3BB-E38F-4FD1-8A12-4821A56769CE} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)


(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe


==================== Loaded Modules (Whitelisted) ==============


2011-02-16 23:07 - 2010-03-15 15:28 - 00052224 _____ () C:\Program Files (x86)\WinRAR\rarext64.dll

2013-05-06 19:10 - 2010-03-30 13:37 - 00245248 _____ () C:\Program Files (x86)\USB Optical Mouse\USB Optical Mouse\MouseHid.exe

2010-03-08 20:18 - 2010-03-08 20:18 - 00465576 _____ () C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\sqlite3.dll

2010-03-08 20:13 - 2010-03-08 20:13 - 01081600 _____ () C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\ACE.dll

2010-09-11 18:40 - 2009-05-20 18:02 - 00072200 _____ () C:\Program Files (x86)\Launch Manager\CdDirIo.dll


==================== Alternate Data Streams (Whitelisted) =========


(If an entry is included in the fixlist, only the ADS will be removed.)



==================== Safe Mode (Whitelisted) ===================


(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\plsapp => ""="service"


==================== EXE Association (Whitelisted) ===============


(If an entry is included in the fixlist, the registry item will be restored to default or removed.)



==================== Internet Explorer trusted/restricted ===============


(If an entry is included in the fixlist, it will be removed from the registry.)


IE trusted site: HKU\S-1-5-21-2505415791-2747731311-3398940262-1000\...\aeriagames.com -> hxxps://aeriagames.com

IE trusted site: HKU\S-1-5-21-2505415791-2747731311-3398940262-1000\...\aeriagames.com -> hxxp://aeriagames.com



==================== Other Areas ============================


(Currently there is no automatic fix for this section.)


HKU\S-1-5-21-2505415791-2747731311-3398940262-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Chaotic Lawliet\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg

DNS Servers: 192.168.1.254

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)

Windows Firewall is enabled.


==================== MSCONFIG/TASK MANAGER disabled items ==


(Currently there is no automatic fix for this section.)


MSCONFIG\startupreg: BackgroundContainerV2 => "C:\Windows\SysWOW64\Rundll32.exe" "C:\Users\Chaotic Lawliet\AppData\Local\Conduit\BackgroundContainer\BackgroundContainer.dll",DllRun


==================== FirewallRules (Whitelisted) ===============


(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


FirewallRules: [{55FCE6FB-8477-4D17-88A4-243220923188}] => (Allow) C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe

FirewallRules: [{8E9364A9-4569-4D8E-AA27-D41B5302CE17}] => (Allow) C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe

FirewallRules: [{10AE076D-12C3-4FF7-ABCA-03E704C73A71}] => (Allow) C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\BackupSvc.exe

FirewallRules: [{7D24D6B2-0ACD-49EF-8A3E-3B3BCCF37300}] => (Allow) C:\Program Files (x86)\NewTech Infosystems\NTI Backup Now 5\SchedulerSvc.exe

FirewallRules: [{9BC864CD-20A3-4852-A035-B3A6FD6AFC65}] => (Allow) c:\Program Files (x86)\CyberLink\PowerDVD9\PowerDVD9.EXE

FirewallRules: [{50A266F2-A3C1-4C6C-BE59-EA589C0A8745}] => (Allow) C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe

FirewallRules: [{5B1DA6E7-EBAC-4868-95F8-86E548002DCE}] => (Allow) C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe

FirewallRules: [{D321272E-7ABA-4569-BC92-F6B8D73C943E}] => (Allow) C:\Program Files (x86)\Windows Live\Sync\WindowsLiveSync.exe

FirewallRules: [{13F89185-FEA3-4DA5-81C5-49DB3E5B0FFC}] => (Allow) C:\ProgramData\NexonUS\NGM\NGM.exe

FirewallRules: [{1B9494AC-4B95-495A-A13F-8B7A37E41067}] => (Allow) C:\ProgramData\NexonUS\NGM\NGM.exe

FirewallRules: [{10B0810A-7425-49FB-8412-3C5CBA72CB24}] => (Allow) C:\Program Files (x86)\Kill3rCombo\Elsword\data\x2.exe

FirewallRules: [{B45C9BB9-1E83-4DE7-B916-3B1EC7593FB6}] => (Allow) C:\Program Files (x86)\Kill3rCombo\Elsword\data\x2.exe

FirewallRules: [TCP Query User{8AF26A33-207F-41EB-AE32-705613D3DAFC}C:\program files (x86)\google\google earth\plugin\geplugin.exe] => (Allow) C:\program files (x86)\google\google earth\plugin\geplugin.exe

FirewallRules: [uDP Query User{36DE94A6-99AD-434B-8BC6-3B84DC06B87C}C:\program files (x86)\google\google earth\plugin\geplugin.exe] => (Allow) C:\program files (x86)\google\google earth\plugin\geplugin.exe

FirewallRules: [TCP Query User{73776358-88A5-41AE-8009-38DA2788A115}C:\users\chaotic lawliet\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\chaotic lawliet\appdata\local\akamai\netsession_win.exe

FirewallRules: [uDP Query User{5E83AF13-DFE5-4F5C-8E43-5D82A2C271E7}C:\users\chaotic lawliet\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\chaotic lawliet\appdata\local\akamai\netsession_win.exe

FirewallRules: [TCP Query User{CE49BB6E-96E0-4F62-B52E-E747F4749753}C:\users\chaotic lawliet\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\chaotic lawliet\appdata\local\akamai\netsession_win.exe

FirewallRules: [uDP Query User{0D25D765-88D7-4553-8289-03F030DFF3EC}C:\users\chaotic lawliet\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\chaotic lawliet\appdata\local\akamai\netsession_win.exe

FirewallRules: [{FDF61097-B724-4E93-B63E-8A32CDE8814E}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe

FirewallRules: [{7FBF2CEE-F072-4B3B-8ED2-2E029174C786}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe

FirewallRules: [TCP Query User{64E17647-807A-4702-8300-95058EA8E453}C:\program files (x86)\ogplanet\rumblefighter\gemdumploader.exe] => (Allow) C:\program files (x86)\ogplanet\rumblefighter\gemdumploader.exe

FirewallRules: [uDP Query User{DE39E9F9-677C-4774-8A7B-9B18B9E1F503}C:\program files (x86)\ogplanet\rumblefighter\gemdumploader.exe] => (Allow) C:\program files (x86)\ogplanet\rumblefighter\gemdumploader.exe

FirewallRules: [TCP Query User{A878EC8E-0678-4832-9C99-091921EAFDB9}C:\program files (x86)\byond\bin\byond.exe] => (Allow) C:\program files (x86)\byond\bin\byond.exe

FirewallRules: [uDP Query User{DB356D93-DBAF-45C3-9A2C-F43BB1907974}C:\program files (x86)\byond\bin\byond.exe] => (Allow) C:\program files (x86)\byond\bin\byond.exe

FirewallRules: [{84EDAFC1-2F58-4727-8B69-BE663724BF56}] => (Allow) LPort=443

FirewallRules: [{BEFC1A93-7C4F-4BC4-9F9E-A5D8EAF5B214}] => (Allow) LPort=443

FirewallRules: [{68E4EE2E-3122-49E5-83CB-00913C4FEEFA}] => (Allow) LPort=37674

FirewallRules: [{00054145-DF99-48CD-9AD3-77CAEAE365EA}] => (Allow) LPort=37674

FirewallRules: [{97C53A50-5FF0-4FD2-B7C9-ED7C8931C541}] => (Allow) LPort=37675

FirewallRules: [{11A3CD1A-6B16-4090-8A72-3A5819634CF3}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe

FirewallRules: [{D9E8FC75-4A49-469B-B9BB-8D38812D4425}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\apb reloaded\Launcher\APBLauncher.exe

FirewallRules: [{A4725AA6-0581-42F1-9E79-7F42834B2C44}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\apb reloaded\Launcher\APBLauncher.exe

FirewallRules: [{B90A66D5-1C6E-45A7-B82E-009A149C2B0E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\apb reloaded\Binaries\APB.exe

FirewallRules: [{6AC94A09-7700-4CBE-B621-F745BCC62E20}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\apb reloaded\Binaries\APB.exe

FirewallRules: [{55388482-86D5-4D98-8B1A-5B15F914BA4A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\apb reloaded\Binaries\VivoxVoiceService.exe

FirewallRules: [{A797FBB7-1D1F-45A4-BD61-7D7AE73CFCB8}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\apb reloaded\Binaries\VivoxVoiceService.exe

FirewallRules: [{10522428-4248-4CBA-82B5-894EDFE3C2CA}] => (Allow) C:\Program Files (x86)\Kill3rCombo\Elsword\data\x2.exe

FirewallRules: [{DC9C618F-5FFC-432B-8DF6-17185CF392C1}] => (Allow) C:\Program Files (x86)\Kill3rCombo\Elsword\data\x2.exe

FirewallRules: [{7E8E3A8B-CA18-4B20-9E86-ED7E5DB5A1F3}] => (Allow) C:\ProgramData\NexonUS\NGM\NGM.exe

FirewallRules: [{2C521BB3-96A1-4B8A-8DF7-A07EB14EE8D8}] => (Allow) C:\ProgramData\NexonUS\NGM\NGM.exe

FirewallRules: [{21C6E670-2AC8-4D9F-A7D4-2A40AE777071}] => (Allow) C:\Program Files (x86)\uTorrent\uTorrent.exe

FirewallRules: [{E39AB1C7-3E54-4027-8B29-A84161424CBD}] => (Allow) C:\Program Files (x86)\uTorrent\uTorrent.exe

FirewallRules: [TCP Query User{E48A2E88-13C3-4DB5-9A62-E34D80ECEF0C}C:\users\chaotic lawliet\desktop\crap\utorrent.exe] => (Allow) C:\users\chaotic lawliet\desktop\crap\utorrent.exe

FirewallRules: [uDP Query User{D563F37E-5BC7-486F-90AA-1ABE0788A43C}C:\users\chaotic lawliet\desktop\crap\utorrent.exe] => (Allow) C:\users\chaotic lawliet\desktop\crap\utorrent.exe

FirewallRules: [{5F7D518C-3CF1-4130-A9D1-060DA48B7B53}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1544\Agent.exe

FirewallRules: [{548F6B95-CE41-4DD7-9C4F-6AF30253C958}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.1544\Agent.exe

FirewallRules: [{A1FA0DF4-EC3A-4B51-9A7D-BEB1CA644190}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe

FirewallRules: [{EEF495F4-3D5A-48A1-8232-5EEAC38BD7B2}] => (Allow) C:\Program Files (x86)\Raptr\raptr.exe

FirewallRules: [{A0C0E061-9D32-4FA0-8570-C4360789B9F8}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe

FirewallRules: [{8EFE41C3-1F54-4297-92A9-48CA58A2F411}] => (Allow) C:\Program Files (x86)\Raptr\raptr_im.exe

FirewallRules: [{D32A7871-570E-4312-ACAE-346D7CA61843}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe

FirewallRules: [{968743AA-2F05-4748-AF87-D213CE86210B}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe

FirewallRules: [{615839B9-0BD3-459A-B502-3FD08465C86C}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe

FirewallRules: [{EDAE4316-3DE9-4704-B438-9AD26A377674}] => (Allow) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe

FirewallRules: [{B3497598-6E3F-41EE-BB68-172F9A14F237}] => (Allow) C:\ProgramData\HappyCloud\Cache\TERA\TERA-Launcher.exe

FirewallRules: [{1680C3A4-807C-40DA-BC8F-9EE2712287A5}] => (Allow) C:\ProgramData\HappyCloud\Cache\TERA\TERA-Launcher.exe

FirewallRules: [{558496BB-4B2A-460D-BA9B-5262278A90CC}] => (Allow) C:\ProgramData\HappyCloud\Cache\TERA\Client\TL.exe

FirewallRules: [{DA1AC079-0954-4CAE-A9E0-85DB749B2D18}] => (Allow) C:\ProgramData\HappyCloud\Cache\TERA\Client\TL.exe

FirewallRules: [{2E313764-C6B9-434E-B3FB-B616246533DB}] => (Allow) C:\ProgramData\HappyCloud\Cache\TERA\Client\Binaries\TERA.exe

FirewallRules: [{818174F8-14EC-4346-AF7F-911973A1D31E}] => (Allow) C:\ProgramData\HappyCloud\Cache\TERA\Client\Binaries\TERA.exe

FirewallRules: [{AB419297-25C5-40DE-A309-1BF748B9C176}] => (Allow) C:\Users\Chaotic Lawliet\AppData\Roaming\Dropbox\bin\Dropbox.exe

FirewallRules: [{454A6046-436B-4164-98D3-2864B87D78D5}] => (Allow) C:\Users\Chaotic Lawliet\AppData\Roaming\Dropbox\bin\Dropbox.exe

FirewallRules: [{345488BB-7A1E-4F18-B57A-4A4044C29DFE}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe

FirewallRules: [{2DC26685-792F-42F8-99D0-9DA65B2F9C19}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe

FirewallRules: [{1AA65402-A94A-4AC7-A0EA-6943EDC28C48}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe

FirewallRules: [{069A686C-BD3C-40ED-9E99-D904E9F92DD8}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe

FirewallRules: [{59EE724B-E087-44B8-B9D9-4BFD4198FA10}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgdiagex.exe

FirewallRules: [{836CEE22-561C-4098-8680-AEB8191DADF6}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgdiagex.exe

FirewallRules: [{FD0539A9-20B9-41CC-91D7-473041DEDB87}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgemca.exe

FirewallRules: [{D3BC25F7-D016-4EEC-9715-B33A7CC05D2C}] => (Allow) C:\Program Files (x86)\AVG\AVG2015\avgemca.exe

FirewallRules: [{6DE5B291-558C-4D52-B538-768AD1F52A07}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe

FirewallRules: [{C10250A8-FD4D-4FBF-A8CE-9334D1871B40}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe

FirewallRules: [{D0BD65AF-7467-47C1-BB99-78A3A57024EA}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe

FirewallRules: [{D606B4D6-7DE8-4350-8D02-C8399A21AC07}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe

FirewallRules: [{9D50AF93-3CFF-4A3B-B581-B029F79BCE12}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Sakura Clicker\Sakura Clicker.exe

FirewallRules: [{6591E03B-7E11-40B0-9F58-C028F8096BD6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Sakura Clicker\Sakura Clicker.exe

FirewallRules: [{CC12986C-7A81-4D27-8C95-7C30760F9F89}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\CardHunter\CardHunter.exe

FirewallRules: [{D11E464B-6E63-44BA-A6AB-06E52040093B}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\CardHunter\CardHunter.exe

FirewallRules: [{5C4DA899-251B-4C1E-9F04-2041B412FD88}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Faulty Device Manager Devices =============



==================== Event log errors: =========================


Application errors:

==================

Error: (09/08/2015 03:28:22 PM) (Source: SideBySide) (EventID: 80) (User: )

Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest3.

A component version required by the application conflicts with another component version already active.

Conflicting components are:.

Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.

Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.


Error: (09/08/2015 12:32:42 PM) (Source: CVHSVC) (EventID: 100) (User: )

Description: Information only.

Error: Cannot connect to SoftGrid Service Type: 95::SoftGridConfigurationFailure.


Error: (09/07/2015 01:34:19 PM) (Source: CVHSVC) (EventID: 100) (User: )

Description: Information only.

Error: Cannot connect to SoftGrid Service Type: 95::SoftGridConfigurationFailure.


Error: (09/07/2015 01:08:55 PM) (Source: SideBySide) (EventID: 80) (User: )

Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest3.

A component version required by the application conflicts with another component version already active.

Conflicting components are:.

Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifest.

Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifest.


Error: (09/07/2015 12:55:38 PM) (Source: CVHSVC) (EventID: 100) (User: )

Description: Information only.

Error: Cannot connect to SoftGrid Service Type: 95::SoftGridConfigurationFailure.


Error: (09/06/2015 01:13:56 PM) (Source: Application Error) (EventID: 1000) (User: )

Description: Faulting application name: jucheck.exe, version: 2.8.60.27, time stamp: 0x55c116b1

Faulting module name: jucheck.exe, version: 2.8.60.27, time stamp: 0x55c116b1

Exception code: 0x40000015

Fault offset: 0x00052d24

Faulting process id: 0x146c

Faulting application start time: 0xjucheck.exe0

Faulting application path: jucheck.exe1

Faulting module path: jucheck.exe2

Report Id: jucheck.exe3


Error: (09/06/2015 01:07:17 PM) (Source: CVHSVC) (EventID: 100) (User: )

Description: Information only.

Error: Cannot connect to SoftGrid Service Type: 95::SoftGridConfigurationFailure.


Error: (09/05/2015 11:52:58 AM) (Source: CVHSVC) (EventID: 100) (User: )

Description: Information only.

Error: Cannot connect to SoftGrid Service Type: 95::SoftGridConfigurationFailure.


Error: (09/05/2015 11:33:16 AM) (Source: Application Error) (EventID: 1000) (User: )

Description: Faulting application name: jucheck.exe, version: 2.8.60.27, time stamp: 0x55c116b1

Faulting module name: jucheck.exe, version: 2.8.60.27, time stamp: 0x55c116b1

Exception code: 0x40000015

Fault offset: 0x00052d24

Faulting process id: 0x16d4

Faulting application start time: 0xjucheck.exe0

Faulting application path: jucheck.exe1

Faulting module path: jucheck.exe2

Report Id: jucheck.exe3


Error: (09/05/2015 11:27:34 AM) (Source: CVHSVC) (EventID: 100) (User: )

Description: Information only.

Error: Cannot connect to SoftGrid Service Type: 95::SoftGridConfigurationFailure.



System errors:

=============

Error: (09/08/2015 12:35:25 PM) (Source: Service Control Manager) (EventID: 7022) (User: )

Description: The Client Virtualization Handler service hung on starting.


Error: (09/07/2015 09:06:49 PM) (Source: Service Control Manager) (EventID: 7011) (User: )

Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the TeamViewer9 service.


Error: (09/07/2015 04:10:19 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)

Description: Installation Failure: Windows failed to install the following update with error 0x80240020: Upgrade to Windows 10 Home.


Error: (09/07/2015 01:35:52 PM) (Source: Service Control Manager) (EventID: 7022) (User: )

Description: The Client Virtualization Handler service hung on starting.


Error: (09/07/2015 01:35:49 PM) (Source: Service Control Manager) (EventID: 7022) (User: )

Description: The AVGIDSAgent service hung on starting.


Error: (09/07/2015 01:09:22 PM) (Source: Service Control Manager) (EventID: 7001) (User: )

Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error:

%%1068


Error: (09/07/2015 01:08:31 PM) (Source: Service Control Manager) (EventID: 7001) (User: )

Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error:

%%1068


Error: (09/07/2015 01:08:31 PM) (Source: Service Control Manager) (EventID: 7001) (User: )

Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error:

%%1068


Error: (09/07/2015 01:08:31 PM) (Source: Service Control Manager) (EventID: 7001) (User: )

Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error:

%%1068


Error: (09/07/2015 01:08:31 PM) (Source: Service Control Manager) (EventID: 7001) (User: )

Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error:

%%1068



Microsoft Office:

=========================

Error: (09/08/2015 03:28:22 PM) (Source: SideBySide) (EventID: 80) (User: )

Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifestC:\Users\Chaotic Lawliet\Desktop\Spyware Forum\esetsmartinstaller_enu.exe


Error: (09/08/2015 12:32:42 PM) (Source: CVHSVC) (EventID: 100) (User: )

Description: Error: Cannot connect to SoftGrid Service Type: 95::SoftGridConfigurationFailure.


Error: (09/07/2015 01:34:19 PM) (Source: CVHSVC) (EventID: 100) (User: )

Description: Error: Cannot connect to SoftGrid Service Type: 95::SoftGridConfigurationFailure.


Error: (09/07/2015 01:08:55 PM) (Source: SideBySide) (EventID: 80) (User: )

Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d.manifestC:\Users\Chaotic Lawliet\Desktop\Spyware Forum\esetsmartinstaller_enu.exe


Error: (09/07/2015 12:55:38 PM) (Source: CVHSVC) (EventID: 100) (User: )

Description: Error: Cannot connect to SoftGrid Service Type: 95::SoftGridConfigurationFailure.


Error: (09/06/2015 01:13:56 PM) (Source: Application Error) (EventID: 1000) (User: )

Description: jucheck.exe2.8.60.2755c116b1jucheck.exe2.8.60.2755c116b14000001500052d24146c01d0e8c75bfcf756C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exeC:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exea73c18a1-54ba-11e5-98e4-206a8a1423a6


Error: (09/06/2015 01:07:17 PM) (Source: CVHSVC) (EventID: 100) (User: )

Description: Error: Cannot connect to SoftGrid Service Type: 95::SoftGridConfigurationFailure.


Error: (09/05/2015 11:52:58 AM) (Source: CVHSVC) (EventID: 100) (User: )

Description: Error: Cannot connect to SoftGrid Service Type: 95::SoftGridConfigurationFailure.


Error: (09/05/2015 11:33:16 AM) (Source: Application Error) (EventID: 1000) (User: )

Description: jucheck.exe2.8.60.2755c116b1jucheck.exe2.8.60.2755c116b14000001500052d2416d401d0e7f01deab3b6C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exeC:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe6cda22f6-53e3-11e5-bac7-206a8a1423a6


Error: (09/05/2015 11:27:34 AM) (Source: CVHSVC) (EventID: 100) (User: )

Description: Error: Cannot connect to SoftGrid Service Type: 95::SoftGridConfigurationFailure.



CodeIntegrity:

===================================

Date: 2015-08-23 04:11:22.624

Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\AVG\AVG PC TuneUp\avgdumpx.exe because the set of per-page image hashes could not be found on the system.


Date: 2015-08-23 04:11:22.422

Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\AVG\AVG PC TuneUp\avgdumpx.exe because the set of per-page image hashes could not be found on the system.


Date: 2015-08-23 04:11:22.228

Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\AVG\AVG PC TuneUp\avgdumpx.exe because the set of per-page image hashes could not be found on the system.


Date: 2015-08-22 11:04:52.736

Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\AVG\AVG PC TuneUp\avgdumpx.exe because the set of per-page image hashes could not be found on the system.


Date: 2015-08-22 11:04:52.595

Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\AVG\AVG PC TuneUp\avgdumpx.exe because the set of per-page image hashes could not be found on the system.


Date: 2015-08-22 11:04:52.424

Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\AVG\AVG PC TuneUp\avgdumpa.exe because the set of per-page image hashes could not be found on the system.


Date: 2015-08-22 11:04:52.299

Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\AVG\AVG PC TuneUp\avgdumpa.exe because the set of per-page image hashes could not be found on the system.


Date: 2015-08-22 11:04:47.057

Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\AVG\AVG PC TuneUp\avgdumpx.exe because the set of per-page image hashes could not be found on the system.


Date: 2015-08-22 11:04:46.933

Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\AVG\AVG PC TuneUp\avgdumpx.exe because the set of per-page image hashes could not be found on the system.


Date: 2015-08-22 11:04:46.808

Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\AVG\AVG PC TuneUp\avgdumpx.exe because the set of per-page image hashes could not be found on the system.



==================== Memory info ===========================


Processor: Intel® Pentium® CPU P6100 @ 2.00GHz

Percentage of memory in use: 43%

Total physical RAM: 2804.5 MB

Available physical RAM: 1593.56 MB

Total Virtual: 5607.2 MB

Available Virtual: 3852.56 MB


==================== Drives ================================


Drive c: (ACER) (Fixed) (Total:219.11 GB) (Free:56.92 GB) NTFS


==================== MBR & Partition Table ==================


========================================================

Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 232.9 GB) (Disk ID: C444C444)

Partition 1: (Not Active) - (Size=13.7 GB) - (Type=27)

Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)

Partition 3: (Not Active) - (Size=219.1 GB) - (Type=07 NTFS)


==================== End of Addition.txt ============================

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!


Register a new account

Sign in

Already have an account? Sign in here.


Sign In Now