Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

iexplore.exe malware creating copy of shortcuts on USBs


  • This topic is locked This topic is locked
14 replies to this topic

#1 reece159

reece159

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:07:39 PM

Posted 27 August 2014 - 01:56 PM

For a while now I've had a problem with rogue iexplore.exe processes. Malwarebytes has told me for a while that the process has tried to open malicious websites (one was named supnewdwm.com), but i never really managed to remove it despite many efforts, so I simply ended the process, and that usually stopped it for a while. However, recently it has become more agressive; there has been multiple instances of the process, and it has created a RECYCLER folder and 4 "Copy of Shortcut" links on USB sticks, infecting them with something. I removed these USB infections with USBfix, but avast continues to tell me the process is meddling with things. I've removed several files that seem to relate to the malware, but eventually it just seems to resurface. Any help would be appreciated :)

 

DDS (Ver_2012-11-20.01) - NTFS_AMD64 
Internet Explorer: 10.0.9200.17054  BrowserJavaVersion: 10.65.2
Run by Reece at 19:53:19 on 2014-08-27
Microsoft Windows 7 Ultimate   6.1.7601.1.1252.44.1033.18.8141.3481 [GMT 1:00]
.
AV: avast! Antivirus *Enabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: avast! Antivirus *Enabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
FW: avast! Antivirus *Disabled* {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\Windows\system32\WLANExt.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
C:\Program Files\AVAST Software\Avast\afwServ.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files\Intel\WiFi\bin\EvtEng.exe
C:\Program Files (x86)\MSI\MSI Gaming APP\GamingApp_Service.exe
C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
C:\Program Files (x86)\MSI\Fast Boot\FastBootService.exe
C:\Program Files (x86)\MSI\Live Update\MSI_LiveUpdate_Service.exe
C:\Program Files (x86)\MSI\Super Charger\ChargeService.exe
C:\Program Files (x86)\MSI\MSITrigger\MSI_Trigger_Service.exe
C:\Windows\SysWOW64\NLSSRV32.EXE
C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
C:\Windows\SysWOW64\PnkBstrA.exe
C:\Program Files\Qualcomm Atheros\Network Manager\KillerService.exe
C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\MSI\Smart Utilities\SuperRAIDSvc.exe
C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Windows\System32\rundll32.exe
C:\Program Files (x86)\Intel\Bluetooth\BleServicesCtrl.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
C:\Windows\System32\rundll32.exe
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files\Logitech\SetPointP\SetPoint.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.EXE
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Users\Reece\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
C:\Windows\System32\StikyNot.exe
C:\Program Files (x86)\Creative\Sound Blaster Cinema 2\Sound Blaster Cinema 2\SBCinema2.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\Program Files (x86)\MSI\Super Charger\Super Charger.exe
C:\Program Files (x86)\MSI\Fast Boot\FastBoot.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\SYSTEM32\WISPTIS.EXE
C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files (x86)\Steam\Steam.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Users\Reece\AppData\Roaming\Spotify\spotify.exe
C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
C:\Program Files (x86)\Common Files\Steam\SteamService.exe
C:\Users\Reece\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
C:\Users\Reece\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
C:\Users\Reece\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
C:\Users\Reece\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\Uplay.exe
C:\Users\Reece\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
C:\Users\Reece\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
C:\Users\Reece\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
C:\Program Files (x86)\Internet Explorer\iexplore.exe
C:\Users\Reece\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\SysWOW64\NOTEPAD.EXE
C:\Windows\SysWOW64\NOTEPAD.EXE
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
C:\Windows\system32\taskmgr.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = www.google.com
mWinlogon: Userinit = userinit.exe,
BHO: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
BHO: Adobe PDF Conversion Toolbar Helper: {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
BHO: Logitech SetPoint: {AF949550-9094-4807-95EC-D1C317803333} - C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll
BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
BHO: SmartSelect Class: {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
TB: Adobe PDF: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
uRun: [AdobeBridge] <no file>
mRun: [Sound Blaster Cinema 2] "C:\Program Files (x86)\Creative\Sound Blaster Cinema 2\Sound Blaster Cinema 2\SBCinema2.exe" /r
mRun: [UpdReg] C:\Windows\UpdReg.EXE
mRun: [USB3MON] "C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
mRun: [Fast Boot] C:\Program Files (x86)\MSI\Fast Boot\StartFastBoot.exe
mRun: [Command Center] C:\Program Files (x86)\MSI\Command Center\StartCommandCenter.exe
mRun: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
mRun: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
mRun: [Super Charger] C:\Program Files (x86)\MSI\Super Charger\Super Charger.exe
dRunOnce: [{80655FC2-A38F-4B8C-8775-9A3C68A6C305}] "C:\Program Files (x86)\MSI\Live Update\LU5\DL_FILE\Killer_Network_Drivers_1.1.42.1045\Setup.exe" /silent
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-Windows\System: UseOEMBackground = dword:1
Trusted Zone: clonewarsadventures.com
Trusted Zone: freerealms.com
Trusted Zone: soe.com
Trusted Zone: sony.com
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
DPF: {D4B68B83-8710-488B-A692-D74B50BA558E} - hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab
DPF: {F6ACF75C-C32C-447B-9BEF-46B766368D29} - hxxp://ccfiles.creative.com/Web/softwareupdate/ocx/130321/CTPID.cab
TCP: NameServer = 192.168.1.1
TCP: Interfaces\{CA2A24E3-8934-4440-8197-8FE9BFB4CCC5} : DHCPNameServer = 192.168.1.1
SSODL: WebCheck - <orphaned>
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.59\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-BHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll
x64-BHO: Logitech SetPoint: {AF949550-9094-4807-95EC-D1C317803333} - C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll
x64-Run: [BLEServicesCtrl] C:\Program Files (x86)\Intel\Bluetooth\BleServicesCtrl.exe
x64-Run: [BTMTrayAgent] rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll",TrayApp
x64-Run: [RTHDVCPL] "C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s
x64-Run: [MBCfg64] C:\Windows\System32\RunDLL32.exe C:\Windows\System32\MBCfg64.dll,RunDLLEntry MBCfg64
x64-Run: [NvBackend] "C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
x64-Run: [ShadowPlay] C:\Windows\System32\rundll32.exe C:\Windows\System32\nvspcap64.dll,ShadowPlayOnSystemStart
x64-Run: [AdobeAAMUpdater-1.0] "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
x64-Run: [EvtMgr6] C:\Program Files\Logitech\SetPointP\SetPoint.exe /launchGaming
x64-Notify: igfxcui - igfxdev.dll
x64-Notify: LBTWlgn - c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll
x64-SSODL: WebCheck - <orphaned>
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Reece\AppData\Roaming\Mozilla\Firefox\Profiles\q0jqedg5.default\
FF - plugin: C:\Program Files (x86)\Battlelog Web Plugins\2.4.0\npbattlelog.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll
FF - plugin: C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll
.
============= SERVICES / DRIVERS ===============
.
R0 aswNdisFlt;Avast! Firewall Driver;C:\Windows\System32\drivers\aswNdisFlt.sys [2014-8-26 448400]
R0 aswRvrt;avast! Revert;C:\Windows\System32\drivers\aswRvrt.sys [2014-8-26 65776]
R0 aswVmm;avast! VM Monitor;C:\Windows\System32\drivers\aswVmm.sys [2014-8-26 224896]
R0 iusb3hcs;Intel® USB 3.0 Host Controller Switch Driver;C:\Windows\System32\drivers\iusb3hcs.sys [2014-8-27 20464]
R0 PxHlpa64;PxHlpa64;C:\Windows\System32\drivers\PxHlpa64.sys [2014-8-4 56208]
R1 aswKbd;aswKbd;C:\Windows\System32\drivers\aswKbd.sys [2014-8-26 28184]
R1 aswSnx;aswSnx;C:\Windows\System32\drivers\aswSnx.sys [2014-8-26 1041168]
R1 aswSP;aswSP;C:\Windows\System32\drivers\aswsp.sys [2014-8-26 427360]
R1 BfLwf;Qualcomm Atheros Bandwidth Control;C:\Windows\System32\drivers\bflwfx64.sys [2014-4-10 82096]
R2 aswHwid;avast! HardwareID;C:\Windows\System32\drivers\aswHwid.sys [2014-8-26 29208]
R2 aswMonFlt;aswMonFlt;C:\Windows\System32\drivers\aswMonFlt.sys [2014-8-26 79184]
R2 aswStm;aswStm;C:\Windows\System32\drivers\aswStm.sys [2014-8-26 92008]
R2 avast! Antivirus;avast! Antivirus;C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2014-8-26 50344]
R2 avast! Firewall;avast! Firewall;C:\Program Files\AVAST Software\Avast\afwServ.exe [2014-8-26 106488]
R2 Bluetooth Device Monitor;Bluetooth Device Monitor;C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe [2013-11-7 1186168]
R2 Bluetooth Media Service;Bluetooth Media Service;C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe [2013-11-21 1689976]
R2 Bluetooth OBEX Service;Bluetooth OBEX Service;C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe [2013-11-7 1161592]
R2 GamingApp_Service;GamingApp_Service;C:\Program Files (x86)\MSI\MSI Gaming APP\GamingApp_Service.exe [2014-7-22 20512]
R2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe [2014-7-21 2544976]
R2 jhi_service;Intel® Dynamic Application Loader Host Interface Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [2014-2-19 154584]
R2 LMIGuardianSvc;LMIGuardianSvc;C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [2014-7-16 377616]
R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [2014-7-22 1809720]
R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [2014-7-22 860472]
R2 MSI_FastBoot;MSI_FastBoot;C:\Program Files (x86)\MSI\Fast Boot\FastBootService.exe [2014-7-23 103992]
R2 MSI_LiveUpdate_Service;MSI_LiveUpdate_Service;C:\Program Files (x86)\MSI\Live Update\MSI_LiveUpdate_Service.exe [2014-7-22 84432]
R2 MSI_SuperCharger;MSI_SuperCharger;C:\Program Files (x86)\MSI\Super Charger\ChargeService.exe [2014-7-21 162800]
R2 MSI_Trigger_Service;MSI_Trigger_Service;C:\Program Files (x86)\MSI\MSITrigger\MSI_Trigger_Service.exe [2014-7-21 30240]
R2 nlsX86cc;Nalpeiron Licensing Service;C:\Windows\SysWOW64\NLSSRV32.EXE [2014-8-1 69640]
R2 NvNetworkService;NVIDIA Network Service;C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2014-7-22 1720792]
R2 NvStreamSvc;NVIDIA Streamer Service;C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2014-7-22 18973144]
R2 Qualcomm Atheros Killer Service V2;Qualcomm Atheros Killer Service V2;C:\Program Files\Qualcomm Atheros\Network Manager\KillerService.exe [2014-4-17 344576]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2014-8-4 411936]
R2 SuperRAIDSvc;SuperRAIDSvc;C:\MSI\Smart Utilities\SuperRAIDSvc.exe [2014-7-19 27632]
R2 ZeroConfigService;Intel® PROSet/Wireless Zero Configuration Service;C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [2014-1-17 3816176]
R3 btmaux;Intel Bluetooth Auxiliary Service;C:\Windows\System32\drivers\btmaux.sys [2013-11-7 140600]
R3 btmhsf;btmhsf;C:\Windows\System32\drivers\btmhsf.sys [2013-11-7 1411384]
R3 ibtusb;Intel® Wireless Bluetooth® 4.0 + HS Adapter;C:\Windows\System32\drivers\ibtusb.sys [2013-11-6 149448]
R3 ISCT;Intel® Smart Connect Technology Device Driver;C:\Windows\System32\drivers\ISCTD64.sys [2013-1-19 46568]
R3 iusb3hub;Intel® USB 3.0 Hub Driver;C:\Windows\System32\drivers\iusb3hub.sys [2014-8-27 383472]
R3 iusb3xhc;Intel® USB 3.0 eXtensible Host Controller Driver;C:\Windows\System32\drivers\iusb3xhc.sys [2014-8-27 795120]
R3 iwdbus;IWD Bus Enumerator;C:\Windows\System32\drivers\iwdbus.sys [2013-11-11 25528]
R3 Ke2200;NDIS Miniport Driver for Killer e2201/e2202 PCI-E Ethernet Controller;C:\Windows\System32\drivers\e22w7x64.sys [2014-3-27 129200]
R3 LEqdUsb;Logitech SetPoint Unifying KMDF USB Filter;C:\Windows\System32\drivers\LEqdUsb.sys [2014-3-19 77592]
R3 LHidEqd;Logitech SetPoint Unifying KMDF HID Filter;C:\Windows\System32\drivers\LHidEqd.sys [2014-3-19 13080]
R3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2014-7-22 25816]
R3 MBAMSwissArmy;MBAMSwissArmy;C:\Windows\System32\drivers\MBAMSwissArmy.sys [2014-7-22 122584]
R3 MBAMWebAccessControl;MBAMWebAccessControl;C:\Windows\System32\drivers\mwac.sys [2014-7-22 63704]
R3 MBfilt;MBfilt;C:\Windows\System32\drivers\MBfilt64.sys [2014-7-21 32344]
R3 NTIOLib_1_0_3;NTIOLib_1_0_3;C:\Program Files (x86)\MSI\Super Charger\NTIOLib_X64.sys [2014-7-21 13368]
R3 NTIOLib_FastBoot;NTIOLib_FastBoot;C:\Program Files (x86)\MSI\Fast Boot\NTIOLib_X64.sys [2014-7-23 13368]
R3 NTIOLib_MSI_RAID;NTIOLib_MSI_RAID;C:\MSI\Smart Utilities\NTIOLib_X64.sys [2014-7-19 13808]
R3 NvStreamKms;NvStreamKms;C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2014-7-22 20440]
R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);C:\Windows\System32\drivers\nvvad64v.sys [2014-7-22 40392]
R3 SbieDrv;SbieDrv;C:\Program Files\Sandboxie\SbieDrv.sys [2014-5-29 185352]
R3 usb3Hub;UoIP Hub;C:\Windows\System32\drivers\usb3Hub.sys [2013-6-20 206744]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2014-4-11 103608]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2014-4-11 124088]
S2 igfxCUIService1.0.0.0;Intel® HD Graphics Control Panel Service;C:\Windows\System32\igfxCUIService.exe [2014-5-21 314696]
S2 NitroDriverReadSpool9;NitroPDFDriverCreatorReadSpool9;C:\Program Files\Nitro\Pro 9\NitroPDFDriverService9x64.exe [2014-8-1 230920]
S2 NitroUpdateService;NitroUpdateService;C:\Program Files\Nitro\Pro 9\Nitro_UpdateService.exe [2014-8-1 418312]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2014-4-3 315008]
S3 AcpiCtlDrv;AcpiCtlDrv;C:\Windows\System32\drivers\AcpiCtlDrv.sys [2012-7-17 25880]
S3 asmthub3;ASMedia USB3 Hub Service;C:\Windows\System32\drivers\asmthub3.sys [2013-4-12 139592]
S3 asmtxhci;ASMEDIA XHCI Service;C:\Windows\System32\drivers\asmtxhci.sys [2013-4-12 418632]
S3 b06diag;Broadcom NetXtreme II Diag Driver;C:\Windows\System32\drivers\bxdiaga.sys [2013-3-14 88104]
S3 BFN7x64;Bigfoot Networks Killer Gaming Service;C:\Windows\System32\drivers\Xeno7x64.sys [2013-3-14 157288]
S3 bxfcoe;bxfcoe;C:\Windows\System32\drivers\bxfcoe.sys [2013-3-14 178216]
S3 bxois;bxois;C:\Windows\System32\drivers\bxois.sys [2013-3-14 539176]
S3 dmvsc;dmvsc;C:\Windows\System32\drivers\dmvsc.sys [2011-4-12 71168]
S3 EtronHub3;Etron USB 3.0 Extensible Hub Driver;C:\Windows\System32\drivers\EtronHub3.sys [2013-2-27 65152]
S3 EtronSTOR;Etron Enhance USB BOT/UASP Mass Storage Driver;C:\Windows\System32\drivers\EtronSTOR.sys [2013-2-27 32512]
S3 EtronXHCI;Etron USB 3.0 Extensible Host Controller Driver;C:\Windows\System32\drivers\EtronXHCI.sys [2013-2-27 88832]
S3 hitmanpro37;HitmanPro 3.7 Support Driver;C:\Windows\System32\drivers\hitmanpro37.sys [2014-7-23 32512]
S3 ICCS;Intel® Integrated Clock Controller Service - Intel® ICCS;C:\Program Files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe [2014-7-22 171632]
S3 ICCWDT;Intel® Watchdog Timer Driver (Intel® WDT);C:\Windows\System32\drivers\ICCWDT.sys [2013-8-13 27608]
S3 intaud_WaveExtensible;Intel WiDi Audio Device;C:\Windows\System32\drivers\intelaud.sys [2013-11-11 35256]
S3 IntcDAud;Intel® Display Audio;C:\Windows\System32\drivers\IntcDAud.sys [2014-7-21 450520]
S3 Intel® Capability Licensing Service TCP IP Interface;Intel® Capability Licensing Service TCP IP Interface;C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2014-1-31 887232]
S3 ioatdma1;ioatdma1;C:\Windows\System32\drivers\qd162x64.sys [2013-3-14 40144]
S3 ioatdma2;Intel® QuickData Technology device ver.2;C:\Windows\System32\drivers\qd262x64.sys [2013-3-14 42192]
S3 iumsvc;Intel® Update Manager;C:\Program Files (x86)\Intel\Intel® Update Manager\bin\iumsvc.exe [2014-2-28 174368]
S3 MotioninJoyXFilter;MotioninJoy Virtual Xinput device Filter Driver;C:\Windows\System32\drivers\MijXfilt.sys [2014-7-23 121416]
S3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2014-1-17 284912]
S3 NTIOLib_1_0_4;NTIOLib_1_0_4;C:\Program Files (x86)\MSI\Live Update\NTIOLib_X64.sys [2014-7-23 14136]
S3 NTIOLib_MB;NTIOLib_MB;C:\Program Files (x86)\MSI\MSI Gaming APP\Lib\NTIOLib_X64.sys [2014-7-23 13808]
S3 NTIOLib_MSIClock_CC;NTIOLib_MSIClock_CC;C:\Program Files (x86)\MSI\Command Center\ClockGen\NTIOLib_X64.sys [2014-7-23 13368]
S3 NTIOLib_MSICOMM_CC;NTIOLib_MSICOMM_CC;C:\Program Files (x86)\MSI\Command Center\NTIOLib_X64.sys [2014-7-22 13368]
S3 NTIOLib_MSICPU_CC;NTIOLib_MSICPU_CC;C:\Program Files (x86)\MSI\Command Center\CPU\NTIOLib_X64.sys [2014-7-23 13368]
S3 NTIOLib_MSIDDR_CC;NTIOLib_MSIDDR_CC;C:\Program Files (x86)\MSI\Command Center\DDR\NTIOLib_X64.sys [2014-7-23 13368]
S3 NTIOLib_MSIRatio_CC;NTIOLib_MSIRatio_CC;C:\Program Files (x86)\MSI\Command Center\CPU\CPU_Ratio\NTIOLib_X64.sys [2014-7-23 13368]
S3 NTIOLib_MSISMB_CC;NTIOLib_MSISMB_CC;C:\Program Files (x86)\MSI\Command Center\SMBus\NTIOLib_X64.sys [2014-7-23 13368]
S3 NTIOLib_MSISuperIO_CC;NTIOLib_MSISuperIO_CC;C:\Program Files (x86)\MSI\Command Center\SuperIO\NTIOLib_X64.sys [2014-7-23 13368]
S3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;C:\Windows\System32\drivers\nusb3hub.sys [2013-2-27 96768]
S3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;C:\Windows\System32\drivers\nusb3xhc.sys [2013-2-27 213504]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2013-6-17 19456]
S3 SwitchBoard;SwitchBoard;C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-2-19 517096]
S3 Synth3dVsc;Synth3dVsc;C:\Windows\System32\drivers\Synth3dVsc.sys [2011-4-12 88960]
S3 terminpt;Microsoft Remote Desktop Input Driver;C:\Windows\System32\drivers\terminpt.sys [2013-6-17 29696]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2014-7-21 56832]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2013-6-17 30208]
S3 tsusbhub;tsusbhub;C:\Windows\System32\drivers\tsusbhub.sys [2011-4-12 117248]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2013-6-17 1255736]
.
=============== File Associations ===============
.
FileExt: .ini: Applications\notepad++.exe="C:\Program Files (x86)\Notepad++\notepad++.exe" "%1" [UserChoice]
ShellExec: dreamweaver.exe: Open="C:\Program Files (x86)\Adobe\Adobe Dreamweaver CS6\dreamweaver.exe", "%1"
.
=============== Created Last 30 ================
.
2014-08-27 17:23:09 -------- d-----w- C:\Users\Reece\AppData\Local\Ubisoft Game Launcher
2014-08-27 15:54:45 -------- d-----w- C:\Users\Reece\Usrcheat
2014-08-27 15:52:26 -------- d-----w- C:\Program Files (x86)\Syntechx.com
2014-08-27 09:04:55 7062 ----a-w- C:\Windows\SysWow64\audiopid.vxd
2014-08-27 08:38:56 -------- d-----w- C:\SuperChargerProfile
2014-08-27 08:21:01 795120 ----a-w- C:\Windows\System32\drivers\iusb3xhc.sys
2014-08-27 08:21:01 383472 ----a-w- C:\Windows\System32\drivers\iusb3hub.sys
2014-08-27 08:21:01 20464 ----a-w- C:\Windows\System32\drivers\iusb3hcs.sys
2014-08-26 15:51:01 -------- d-----w- C:\Program Files (x86)\SDA
2014-08-26 15:23:15 -------- d-----w- C:\Program Files (x86)\LSoft Technologies
2014-08-26 13:03:14 28184 ----a-w- C:\Windows\System32\drivers\aswKbd.sys
2014-08-26 13:03:01 448400 ----a-w- C:\Windows\System32\drivers\aswNdisFlt.sys
2014-08-26 12:53:15 -------- d-----w- C:\Users\Reece\AppData\Roaming\AVAST Software
2014-08-26 12:51:33 93568 ----a-w- C:\Windows\System32\drivers\aswRdr2.sys
2014-08-26 12:51:33 92008 ----a-w- C:\Windows\System32\drivers\aswStm.sys
2014-08-26 12:51:33 79184 ----a-w- C:\Windows\System32\drivers\aswMonFlt.sys
2014-08-26 12:51:33 65776 ----a-w- C:\Windows\System32\drivers\aswRvrt.sys
2014-08-26 12:51:33 29208 ----a-w- C:\Windows\System32\drivers\aswHwid.sys
2014-08-26 12:51:33 224896 ----a-w- C:\Windows\System32\drivers\aswVmm.sys
2014-08-26 12:51:33 1041168 ----a-w- C:\Windows\System32\drivers\aswSnx.sys
2014-08-26 12:51:29 43152 ----a-w- C:\Windows\avastSS.scr
2014-08-26 12:48:42 -------- d-----w- C:\Program Files\AVAST Software
2014-08-26 12:47:07 -------- d-----w- C:\ProgramData\AVAST Software
2014-08-26 10:32:52 -------- d-----w- C:\UsbFix
2014-08-26 10:26:50 -------- d-----w- C:\Users\Reece\AppData\Local\Blizzard Entertainment
2014-08-26 10:26:44 -------- d-----w- C:\Users\Reece\AppData\Roaming\Battle.net
2014-08-26 10:26:44 -------- d-----w- C:\Users\Reece\AppData\Local\Battle.net
2014-08-26 10:26:39 -------- d-----w- C:\ProgramData\Blizzard Entertainment
2014-08-26 10:26:39 -------- d-----w- C:\Program Files (x86)\Common Files\Blizzard Entertainment
2014-08-26 10:26:39 -------- d-----w- C:\Program Files (x86)\Battle.net
2014-08-26 10:22:42 -------- d-----w- C:\ProgramData\Battle.net
2014-08-26 10:00:18 11319192 ------w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{DD7EE3D5-3283-4596-A7CE-71586BA7DB4D}\mpengine.dll
2014-08-25 21:44:14 -------- d-----r- C:\Sandbox
2014-08-25 21:38:53 -------- d-----w- C:\Program Files\Sandboxie
2014-08-23 09:35:38 -------- d-----w- C:\Program Files (x86)\PCSX2 1.2.1
2014-08-20 19:55:41 -------- d-----w- C:\Program Files (x86)\Guild Wars 2
2014-08-20 19:03:20 -------- d-----w- C:\Users\Reece\AppData\Roaming\Guild Wars 2
2014-08-19 19:29:41 -------- d-----w- C:\Program Files (x86)\EA Games
2014-08-18 20:16:16 -------- d-----w- C:\Users\Reece\AppData\Roaming\Nitro
2014-08-18 20:15:35 29704 ----a-w- C:\Windows\System32\nitrolocalmon9.dll
2014-08-18 20:15:35 17928 ----a-w- C:\Windows\System32\nitrolocalui9.dll
2014-08-18 20:15:05 -------- d-----w- C:\Program Files (x86)\Nitro
2014-08-18 20:15:03 -------- d-----w- C:\ProgramData\Nitro
2014-08-18 20:15:03 -------- d-----w- C:\Program Files\Nitro
2014-08-18 20:15:03 -------- d-----w- C:\Program Files\Common Files\Nitro
2014-08-18 20:13:08 -------- d-----w- C:\Users\Reece\AppData\Roaming\Downloaded Installations
2014-08-18 19:18:12 -------- d-----w- C:\ProgramData\regid.1986-12.com.adobe
2014-08-18 19:18:02 -------- d-----w- C:\Users\Reece\AppData\Local\Adobe
2014-08-18 09:29:32 -------- d-----w- C:\Users\Reece\AppData\Roaming\LolClient
2014-08-17 18:49:08 -------- d-----w- C:\ProgramData\Riot Games
2014-08-17 18:45:04 467984 ----a-w- C:\Windows\SysWow64\d3dx10_39.dll
2014-08-17 18:45:04 1493528 ----a-w- C:\Windows\SysWow64\D3DCompiler_39.dll
2014-08-17 18:45:03 3851784 ----a-w- C:\Windows\SysWow64\D3DX9_39.dll
2014-08-17 18:44:46 -------- d-sh--w- C:\Windows\SysWow64\AI_RecycleBin
2014-08-17 18:44:42 -------- d-----w- C:\Riot Games
2014-08-17 18:42:35 -------- d-----w- C:\Program Files (x86)\Pando Networks
2014-08-17 18:41:20 -------- d-----w- C:\Users\Reece\AppData\Roaming\Riot Games
2014-08-15 15:03:15 -------- d-----w- C:\Users\Reece\AppData\Local\Microsoft Games
2014-08-13 20:57:58 99480 ----a-w- C:\Windows\SysWow64\infocardapi.dll
2014-08-13 20:57:58 8856 ----a-w- C:\Windows\SysWow64\icardres.dll
2014-08-13 20:57:58 8856 ----a-w- C:\Windows\System32\icardres.dll
2014-08-13 20:57:58 619672 ----a-w- C:\Windows\SysWow64\icardagt.exe
2014-08-13 20:57:58 171160 ----a-w- C:\Windows\System32\infocardapi.dll
2014-08-13 20:57:58 1389208 ----a-w- C:\Windows\System32\icardagt.exe
2014-08-13 20:57:53 35480 ----a-w- C:\Windows\SysWow64\TsWpfWrp.exe
2014-08-13 20:57:53 35480 ----a-w- C:\Windows\System32\TsWpfWrp.exe
2014-08-13 07:39:00 2048 ----a-w- C:\Windows\SysWow64\tzres.dll
2014-08-13 07:39:00 2048 ----a-w- C:\Windows\System32\tzres.dll
2014-08-09 10:56:47 -------- d-----w- C:\Users\Reece\AppData\Roaming\The Creative Assembly
2014-08-09 09:39:45 -------- d-----w- C:\Users\Reece\AppData\Local\SCE
2014-08-09 08:25:25 76152 ----a-w- C:\Windows\System32\PnkBstrA.exe
2014-08-07 19:27:33 2601752 ----a-w- C:\Windows\SysWow64\pbsvc_moh.exe
2014-08-07 19:26:41 -------- d-----w- C:\Windows\1C4551A64743409391E41477CD655043.TMP
2014-08-07 19:26:40 -------- d-----w- C:\Program Files (x86)\Common Files\Wise Installation Wizard
2014-08-07 11:43:49 18960 ----a-w- C:\Windows\System32\drivers\LNonPnP.sys
2014-08-07 11:21:13 -------- d-----w- C:\Users\Reece\AppData\Roaming\Logishrd
2014-08-06 09:05:33 -------- d-----w- C:\Users\Reece\AppData\Roaming\Rainmeter
2014-08-06 09:05:31 -------- d-----w- C:\Program Files\Rainmeter
2014-08-05 10:34:30 -------- d-----w- C:\Users\Reece\AppData\Local\My Games
2014-08-04 13:52:14 609240 ----a-w- C:\Windows\SysWow64\nvStreaming.exe
2014-08-04 13:09:51 -------- d-----w- C:\Users\Reece\AppData\Local\Apple
2014-08-04 12:43:52 -------- d-----w- C:\Users\Reece\AppData\Local\MediaMonkey
2014-08-04 12:43:49 -------- d-----w- C:\Users\Reece\AppData\Roaming\MediaMonkey
2014-08-04 12:43:48 -------- d-----w- C:\ProgramData\MediaMonkey
2014-08-04 12:43:47 -------- d-----w- C:\Program Files (x86)\MediaMonkey
2014-08-04 11:14:06 -------- d-----w- C:\ProgramData\ALM
2014-08-04 11:11:56 -------- d-----w- C:\Users\Reece\Adobe Flash Builder 4.6
2014-08-04 11:05:36 56208 ------w- C:\Windows\System32\drivers\PxHlpa64.sys
2014-08-04 11:05:36 10224 ------w- C:\Windows\System32\drivers\cdralw2k.sys
2014-08-04 11:05:36 10224 ------w- C:\Windows\System32\drivers\cdr4_xp.sys
2014-08-04 11:05:36 -------- d-----w- C:\Program Files (x86)\Common Files\Sonic Shared
2014-08-04 11:05:36 -------- d-----w- C:\Program Files (x86)\Common Files\PX Storage Engine
2014-08-04 11:05:31 -------- d-----w- C:\Program Files (x86)\My Company Name
2014-08-04 09:51:29 -------- d-----w- C:\Users\Reece\AppData\Local\http___www.julien-manici
2014-08-04 08:43:26 -------- d-----w- C:\Program Files\CCleaner
2014-08-04 08:40:38 -------- d-----w- C:\Program Files\Defraggler
2014-08-02 20:12:09 -------- d-----w- C:\Windows\System32\appmgmt
2014-08-02 20:11:01 -------- d-----w- C:\Users\Reece\AppData\Roaming\Unity
2014-08-02 20:02:40 -------- d-----w- C:\Users\Reece\AppData\Local\Unity
2014-08-02 19:59:07 -------- d-----w- C:\Users\Reece\AppData\Local\Downloaded Installations
2014-08-01 13:23:04 69640 ----a-w- C:\Windows\SysWow64\NLSSRV32.EXE
.
==================== Find3M  ====================
.
2014-08-27 18:44:46 122584 ----a-w- C:\Windows\System32\drivers\MBAMSwissArmy.sys
2014-08-26 13:38:44 699568 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2014-08-26 13:38:43 71344 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2014-08-26 11:22:05 215416 ----a-w- C:\Windows\SysWow64\PnkBstrB.exe
2014-08-25 18:21:11 282296 ----a-w- C:\Windows\SysWow64\PnkBstrB.xtr
2014-08-25 18:21:11 282296 ----a-w- C:\Windows\SysWow64\PnkBstrB.ex0
2014-08-20 10:09:04 76152 ----a-w- C:\Windows\SysWow64\PnkBstrA.exe
2014-08-09 00:22:16 1291280 ----a-w- C:\Windows\SysWow64\nvspbridge.dll
2014-08-09 00:22:16 1126480 ----a-w- C:\Windows\SysWow64\nvspcap.dll
2014-08-09 00:22:05 1715224 ----a-w- C:\Windows\System32\nvspbridge64.dll
2014-08-09 00:22:05 1283136 ----a-w- C:\Windows\System32\nvspcap64.dll
2014-08-05 08:20:00 270496 ------w- C:\Windows\System32\MpSigStub.exe
2014-07-24 12:10:54 2240000 ----a-w- C:\Windows\System32\wininet.dll
2014-07-24 12:09:37 3959296 ----a-w- C:\Windows\System32\jscript9.dll
2014-07-24 12:09:33 67072 ----a-w- C:\Windows\System32\iesetup.dll
2014-07-24 12:09:33 136704 ----a-w- C:\Windows\System32\iesysprep.dll
2014-07-24 12:09:00 1508864 ----a-w- C:\Windows\System32\inetcpl.cpl
2014-07-24 10:52:27 1766400 ----a-w- C:\Windows\SysWow64\wininet.dll
2014-07-24 10:51:27 2861568 ----a-w- C:\Windows\SysWow64\jscript9.dll
2014-07-24 10:51:22 61440 ----a-w- C:\Windows\SysWow64\iesetup.dll
2014-07-24 10:51:22 109056 ----a-w- C:\Windows\SysWow64\iesysprep.dll
2014-07-24 10:51:02 1440768 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2014-07-24 10:33:52 2706432 ----a-w- C:\Windows\System32\mshtml.tlb
2014-07-24 10:29:20 2706432 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2014-07-24 09:37:18 89600 ----a-w- C:\Windows\System32\RegisterIEPKEYs.exe
2014-07-24 09:32:28 71680 ----a-w- C:\Windows\SysWow64\RegisterIEPKEYs.exe
2014-07-23 16:11:34 32512 ----a-w- C:\Windows\System32\drivers\hitmanpro37.sys
2014-07-22 13:27:35 144 ----a-w- C:\Windows\System32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2014-07-22 07:15:44 451 ----a-w- C:\Windows\System32\{F33C3B9B-72AF-418A-B3FD-560646F7CDA2}.bat
2014-07-21 20:10:50 98216 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
2014-07-16 03:25:04 404480 ----a-w- C:\Windows\System32\gdi32.dll
2014-07-16 02:46:24 311808 ----a-w- C:\Windows\SysWow64\gdi32.dll
2014-07-16 02:12:11 3163648 ----a-w- C:\Windows\System32\win32k.sys
2014-07-14 02:02:45 1216000 ----a-w- C:\Windows\System32\rpcrt4.dll
2014-07-14 01:40:58 664064 ----a-w- C:\Windows\SysWow64\rpcrt4.dll
2014-07-09 02:03:23 7168 ----a-w- C:\Windows\System32\KBDYAK.DLL
2014-07-09 02:03:22 7168 ----a-w- C:\Windows\System32\KBDBASH.DLL
2014-07-09 01:31:42 7168 ----a-w- C:\Windows\SysWow64\KBDYAK.DLL
2014-07-09 01:31:41 6656 ----a-w- C:\Windows\SysWow64\KBDBASH.DLL
2014-07-02 18:55:43 6783776 ----a-w- C:\Windows\System32\nvcpl.dll
2014-07-02 18:55:43 3522392 ----a-w- C:\Windows\System32\nvsvc64.dll
2014-07-02 18:55:41 935368 ----a-w- C:\Windows\System32\nvvsvc.exe
2014-07-02 18:55:41 62808 ----a-w- C:\Windows\System32\nvshext.dll
2014-07-02 18:55:41 386520 ----a-w- C:\Windows\System32\nvmctray.dll
2014-07-02 10:14:12 3826628 ----a-w- C:\Windows\System32\nvcoproc.bin
2014-06-27 10:30:48 41984 ----a-w- C:\Windows\System32\drivers\USB3Ver.dll
2014-06-18 02:18:30 692736 ----a-w- C:\Windows\System32\osk.exe
2014-06-18 01:51:32 646144 ----a-w- C:\Windows\SysWow64\osk.exe
2014-06-16 02:10:19 985536 ----a-w- C:\Windows\System32\drivers\dxgkrnl.sys
2014-06-06 10:10:34 624128 ----a-w- C:\Windows\System32\qedit.dll
2014-06-06 09:44:17 509440 ----a-w- C:\Windows\SysWow64\qedit.dll
2014-06-05 14:45:15 1460736 ----a-w- C:\Windows\System32\lsasrv.dll
2014-06-05 14:26:58 22016 ----a-w- C:\Windows\SysWow64\secur32.dll
2014-06-05 14:25:49 96768 ----a-w- C:\Windows\SysWow64\sspicli.dll
2014-06-03 10:02:37 112064 ----a-w- C:\Windows\System32\consent.exe
2014-06-03 10:02:21 504320 ----a-w- C:\Windows\System32\msihnd.dll
2014-06-03 10:02:21 3241984 ----a-w- C:\Windows\System32\msi.dll
2014-06-03 10:02:12 1941504 ----a-w- C:\Windows\System32\authui.dll
2014-06-03 09:29:50 337408 ----a-w- C:\Windows\SysWow64\msihnd.dll
2014-06-03 09:29:50 2363392 ----a-w- C:\Windows\SysWow64\msi.dll
2014-06-03 09:29:40 1805824 ----a-w- C:\Windows\SysWow64\authui.dll
2014-05-30 08:08:52 210944 ----a-w- C:\Windows\System32\wdigest.dll
2014-05-30 08:08:49 86528 ----a-w- C:\Windows\System32\TSpkg.dll
2014-05-30 08:08:47 340992 ----a-w- C:\Windows\System32\schannel.dll
2014-05-30 08:08:41 314880 ----a-w- C:\Windows\System32\msv1_0.dll
2014-05-30 08:08:41 307200 ----a-w- C:\Windows\System32\ncrypt.dll
2014-05-30 08:08:36 728064 ----a-w- C:\Windows\System32\kerberos.dll
2014-05-30 08:08:31 22016 ----a-w- C:\Windows\System32\credssp.dll
2014-05-30 07:52:51 172032 ----a-w- C:\Windows\SysWow64\wdigest.dll
2014-05-30 07:52:49 65536 ----a-w- C:\Windows\SysWow64\TSpkg.dll
2014-05-30 07:52:45 247808 ----a-w- C:\Windows\SysWow64\schannel.dll
2014-05-30 07:52:41 220160 ----a-w- C:\Windows\SysWow64\ncrypt.dll
2014-05-30 07:52:40 259584 ----a-w- C:\Windows\SysWow64\msv1_0.dll
2014-05-30 07:52:36 550912 ----a-w- C:\Windows\SysWow64\kerberos.dll
2014-05-30 07:52:30 17408 ----a-w- C:\Windows\SysWow64\credssp.dll
2014-05-30 06:45:52 497152 ----a-w- C:\Windows\System32\drivers\afd.sys
.
============= FINISH: 19:53:32.39 ===============

Attached Files



BC AdBot (Login to Remove)

 


m

#2 aharonov

aharonov

  • Malware Response Team
  • 2,441 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:08:39 PM

Posted 27 August 2014 - 02:06 PM

Hi there,

please run the following scans:


Step 1

Please download TDSSKiller and save it to your Desktop.
  • Start tdsskiller.exe with administrator privileges.
  • Accept the EULA and the KSN Statement.
  • Click on Change parameters.
  • Make sure that all available options (except "Loaded modules") are checked and click OK.
  • Click on Start scan.
  • If any threats are found don't delete them but choose the Skip option for all of them.
  • Click on Report to open the log file. (It is also saved at C:\TDSSKiller.<version_date_time>_log.txt).
    Copy and paste its contents in your next reply.


Step 2

Please download Farbar Recovery Scan Tool and save it to your Desktop.
  • Start FRST with administator privileges.
  • Make sure the option Addition.txt is checked and press the Scan button.
  • When finished, FRST will produce two logs (FRST.txt and Addition.txt) in the same directory the tool was run from.
  • Please copy and paste these logs in your next reply.


#3 reece159

reece159
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:07:39 PM

Posted 27 August 2014 - 02:20 PM

TDSSKiller only found 1 object, and that's the Creative soundblaster software i use. I'm pretty sure its safe, unless it's been infected somehow. All sorts of its files get flagged by antivirus software.
 
\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
20:13:47.0061 0x1fbc  USB3MON - ok
20:13:47.0077 0x1fbc  [ 6143A70622AD25BD935BDC717ECADB9B, 2CEF01C7AFDF11A82179E7D0365659435F59C5B59B71475B0DA2B056B818AC3A ] C:\Program Files (x86)\MSI\Fast Boot\StartFastBoot.exe
20:13:47.0093 0x1fbc  Fast Boot - ok
20:13:47.0118 0x1fbc  [ 3EE85D5D4319D0929D8F23253A244C23, 0583E756C9FBDCAEC2CBEEA59BBB9253CDB3956AD536F0D5CA0519188A67F64B ] C:\Program Files (x86)\MSI\Command Center\StartCommandCenter.exe
20:13:47.0137 0x1fbc  Command Center - ok
20:13:47.0148 0x1fbc  [ F577910A133A592234EBAAD3F3AFA258, 36F514740EE2D2B2F7ABFFFA13D575233EC4CE774EB58BF889C09930FEF1F443 ] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
20:13:47.0161 0x1fbc  SwitchBoard - detected UnsignedFile.Multi.Generic ( 1 )
20:13:47.0161 0x1fbc  Detect skipped due to KSN trusted
20:13:47.0161 0x1fbc  SwitchBoard - ok
20:13:47.0196 0x1fbc  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
20:13:47.0242 0x1fbc  Sidebar - ok
20:13:47.0247 0x1fbc  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
20:13:47.0268 0x1fbc  mctadmin - ok
20:13:47.0286 0x1fbc  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
20:13:47.0312 0x1fbc  Sidebar - ok
20:13:47.0316 0x1fbc  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
20:13:47.0328 0x1fbc  mctadmin - ok
20:13:47.0358 0x1fbc  [ 7A6A4EDC0CEF9DE9CAFFDFE36D991FD4, 29078B41C8E977E06D925936325B1BE41F478CE53B1F5D2408A7C414240DC0B2 ] C:\Users\Reece\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
20:13:47.0385 0x1fbc  Spotify Web Helper - ok
20:13:47.0397 0x1fbc  [ B22CB67919EBAD88B0E8BB9CDA446010, 2F744FEAC48EDE7D6B6D2727F7DDFA80B26D9E3B0009741B00992B19AD85E128 ] C:\Windows\System32\StikyNot.exe
20:13:47.0424 0x1fbc  RESTART_STICKY_NOTES - ok
20:13:47.0426 0x1fbc  Usrcheat Downloader - ok
20:13:47.0427 0x1fbc  Waiting for KSN requests completion. In queue: 9
20:13:48.0427 0x1fbc  Waiting for KSN requests completion. In queue: 9
20:13:49.0427 0x1fbc  Waiting for KSN requests completion. In queue: 9
20:13:50.0442 0x1fbc  AV detected via SS2: avast! Antivirus, C:\Program Files\AVAST Software\Avast\VisthAux.exe ( 9.0.2021.515 ), 0x41000 ( enabled : updated )
20:13:50.0443 0x1fbc  FW detected via SS2: avast! Antivirus, C:\Program Files\AVAST Software\Avast\VisthAux.exe ( 9.0.2021.515 ), 0x40010 ( disabled )
20:13:50.0457 0x1fbc  Win FW state via NFP2: enabled
20:13:52.0820 0x1fbc  ============================================================
20:13:52.0820 0x1fbc  Scan finished
20:13:52.0820 0x1fbc  ============================================================
20:13:52.0824 0x1f54  Detected object count: 1
20:13:52.0824 0x1f54  Actual detected object count: 1
20:14:09.0606 0x1f54  Sound Blaster Cinema 2 ( UnsignedFile.Multi.Generic ) - skipped by user
20:14:09.0606 0x1f54  Sound Blaster Cinema 2 ( UnsignedFile.Multi.Generic ) - User select action: Skip 
 
 
 
 
 
FRST Log
 
 
 
 
 
 
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 25-08-2014
Ran by Reece (administrator) on REECE-PC on 27-08-2014 20:17:09
Running from C:\Users\Reece\Downloads
Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 10
Boot Mode: Normal
 
The only official download link for FRST:
Download link from any site other than Bleeping Computer is unpermitted or outdated.
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\afwServ.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Micro-Star Int'l Co., Ltd.) C:\Program Files (x86)\MSI\MSI Gaming APP\GamingApp_Service.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
(MSI) C:\Program Files (x86)\MSI\Fast Boot\FastBootService.exe
(Micro-Star International) C:\Program Files (x86)\MSI\Live Update\MSI_LiveUpdate_Service.exe
(MSI) C:\Program Files (x86)\MSI\Super Charger\ChargeService.exe
(MICRO-STAR INTERNATIONAL CO., LTD.) C:\Program Files (x86)\MSI\MSITrigger\MSI_Trigger_Service.exe
(Nalpeiron Ltd.) C:\Windows\SysWOW64\NLSSRV32.EXE
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Qualcomm Atheros) C:\Program Files\Qualcomm Atheros\Network Manager\KillerService.exe
(Intel® Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Micro-Star International) C:\MSI\Smart Utilities\SuperRAIDSvc.exe
(Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\BleServicesCtrl.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Logitech, Inc.) C:\Program Files\Logitech\SetPointP\SetPoint.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Logitech, Inc.) C:\Program Files\Common Files\Logishrd\KHAL3\KHALMNPR.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Spotify Ltd) C:\Users\Reece\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(Microsoft Corporation) C:\Windows\System32\StikyNot.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\Sound Blaster Cinema 2\Sound Blaster Cinema 2\SBCinema2.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(MSI) C:\Program Files (x86)\MSI\Super Charger\Super Charger.exe
(Micro-Star INT'L CO.,LTD.) C:\Program Files (x86)\MSI\Fast Boot\FastBoot.exe
(Microsoft Corporation) C:\Windows\System32\wisptis.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Spotify Ltd) C:\Users\Reece\AppData\Roaming\Spotify\spotify.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
() C:\Users\Reece\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\Reece\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\Reece\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\Reece\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
() C:\Users\Reece\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\Reece\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
() C:\Users\Reece\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
() C:\Users\Reece\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Kaspersky Lab ZAO) C:\Users\Reece\Desktop\tdsskiller.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [BLEServicesCtrl] => C:\Program Files (x86)\Intel\Bluetooth\BleServicesCtrl.exe [184632 2013-11-13] (Motorola Solutions, Inc.)
HKLM\...\Run: [BTMTrayAgent] => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll",TrayApp
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7543000 2014-03-04] (Realtek Semiconductor)
HKLM\...\Run: [MBCfg64] => C:\Windows\system32\RunDLL32.exe C:\Windows\system32\MBCfg64.dll,RunDLLEntry MBCfg64
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2403288 2014-08-09] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [EvtMgr6] => C:\Program Files\Logitech\SetPointP\SetPoint.exe [3100440 2014-05-19] (Logitech, Inc.)
HKLM-x32\...\Run: [Sound Blaster Cinema 2] => C:\Program Files (x86)\Creative\Sound Blaster Cinema 2\Sound Blaster Cinema 2\SBCinema2.exe [1440768 2014-02-24] (Creative Technology Ltd)
HKLM-x32\...\Run: [UpdReg] => C:\Windows\UpdReg.EXE [90112 2000-05-11] (Creative Technology Ltd.)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292848 2014-06-27] (Intel Corporation)
HKLM-x32\...\Run: [Fast Boot] => C:\Program Files (x86)\MSI\Fast Boot\StartFastBoot.exe [764472 2012-09-19] ()
HKLM-x32\...\Run: [Command Center] => C:\Program Files (x86)\MSI\Command Center\StartCommandCenter.exe [796328 2014-06-06] ()
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [4085896 2014-08-26] (AVAST Software)
HKLM-x32\...\Run: [Super Charger] => C:\Program Files (x86)\MSI\Super Charger\Super Charger.exe [1047536 2014-04-08] (MSI)
Winlogon\Notify\igfxcui: igfxdev.dll [X]
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
HKU\.DEFAULT\...\RunOnce: [{80655FC2-A38F-4B8C-8775-9A3C68A6C305}] => C:\Program Files (x86)\MSI\Live Update\LU5\DL_FILE\Killer_Network_Drivers_1.1.42.1045\Setup.exe [126154328 2014-04-17] (Qualcomm Atheros)
HKU\S-1-5-21-3935737622-925899942-76902763-1000\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-3935737622-925899942-76902763-1000\...\Run: [Spotify Web Helper] => C:\Users\Reece\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1245752 2014-08-26] (Spotify Ltd)
HKU\S-1-5-21-3935737622-925899942-76902763-1000\...\Run: [RESTART_STICKY_NOTES] => C:\Windows\System32\StikyNot.exe [427520 2009-07-14] (Microsoft Corporation)
HKU\S-1-5-21-3935737622-925899942-76902763-1000\...\Run: [Usrcheat Downloader] => C:\Program Files\Syntechx.com\Usrcheat Downloader\usrcheat_downloader.exe
HKU\S-1-5-21-3935737622-925899942-76902763-1000\...\MountPoints2: {1a7212c5-10eb-11e4-8136-806e6f6e6963} - F:\DVDSetup.exe
ShellIconOverlayIdentifiers: 00avast -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll (Logitech, Inc.)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Adobe PDF Conversion Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
BHO-x32: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll (Logitech, Inc.)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: SmartSelect Class -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll (Adobe Systems Incorporated)
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
DPF: HKLM-x32 {D4B68B83-8710-488B-A692-D74B50BA558E} http://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab
DPF: HKLM-x32 {F6ACF75C-C32C-447B-9BEF-46B766368D29} http://ccfiles.creative.com/Web/softwareupdate/ocx/130321/CTPID.cab
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
 
FireFox:
========
FF ProfilePath: C:\Users\Reece\AppData\Roaming\Mozilla\Firefox\Profiles\q0jqedg5.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_179.dll ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_179.dll ()
FF Plugin-x32: @esn/npbattlelog,version=2.4.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.4.0\npbattlelog.dll (EA Digital Illusions CE AB)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.65.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.65.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @nitropdf.com/NitroPDF -> C:\Program Files (x86)\Nitro\Pro 9\npnitromozilla.dll (Nitro PDF)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Air\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Reece\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension@web2pdf.adobedotcom] - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn
FF Extension: Adobe Acrobat - Create PDF - C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Browser\WCFirefoxExtn [2014-08-04]
FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt
FF Extension: Logitech SetPoint - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2014-08-07]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-08-26]
 
Chrome: 
=======
CHR HomePage: Default -> hxxp://www.google.co.uk/
CHR RestoreOnStartup: Default -> "hxxp://www.google.co.uk/"
CHR NewTab: Default -> "chrome-extension://laookkfknpbbblfpciffpaejjkokdgca/dashboard.html"
CHR DefaultSearchKeyword: Default -> google.co.uk
CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter}
CHR Profile: C:\Users\Reece\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Angry Birds) - C:\Users\Reece\AppData\Local\Google\Chrome\User Data\Default\Extensions\aknpkdffaafgjchaibgeefbgmgeghloj [2014-07-21]
CHR Extension: (Google Docs) - C:\Users\Reece\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-07-21]
CHR Extension: (Google Drive) - C:\Users\Reece\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-07-21]
CHR Extension: (Turn Off the Lights) - C:\Users\Reece\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfbmjmiodbnnpllbbbfblcplfjjepjdn [2014-07-21]
CHR Extension: (YouTube) - C:\Users\Reece\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-07-21]
CHR Extension: (Battlefield Heroes) - C:\Users\Reece\AppData\Local\Google\Chrome\User Data\Default\Extensions\cehdakiococlfmjcbebbkjkfjhbieknh [2014-08-19]
CHR Extension: (Adblock Plus) - C:\Users\Reece\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-07-21]
CHR Extension: (Google Search) - C:\Users\Reece\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-07-21]
CHR Extension: (Tampermonkey) - C:\Users\Reece\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2014-07-21]
CHR Extension: (Save my Tabs) - C:\Users\Reece\AppData\Local\Google\Chrome\User Data\Default\Extensions\djadfifncobffjpicnkiegahdiobpaap [2014-07-21]
CHR Extension: (Logitech Smooth Scrolling) - C:\Users\Reece\AppData\Local\Google\Chrome\User Data\Default\Extensions\dkpejdfnpdkhifgbancbammdijojoffk [2014-07-21]
CHR Extension: (MagicSel) - C:\Users\Reece\AppData\Local\Google\Chrome\User Data\Default\Extensions\dmobhfhmcgcceenmkcpckkffmfkkmkbf [2014-07-21]
CHR Extension: (MaskMe) - C:\Users\Reece\AppData\Local\Google\Chrome\User Data\Default\Extensions\dpkiidbpeijnaaacjlfnijncdlkicejg [2014-07-21]
CHR Extension: (DoNotTrackMe: Online Privacy Protection) - C:\Users\Reece\AppData\Local\Google\Chrome\User Data\Default\Extensions\epanfjkfahimkgomnigadpkobaefekcd [2014-07-21]
CHR Extension: (Heroes & Generals) - C:\Users\Reece\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbophcdhblbipoaacgchllkobdaolpge [2014-07-21]
CHR Extension: (HTTPS Everywhere) - C:\Users\Reece\AppData\Local\Google\Chrome\User Data\Default\Extensions\gcbommkclmclpchllfjekcdonpmejbdp [2014-07-21]
CHR Extension: (avast! Online Security) - C:\Users\Reece\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2014-08-26]
CHR Extension: (Bookmark Search) - C:\Users\Reece\AppData\Local\Google\Chrome\User Data\Default\Extensions\hhmokalkpaiacdofbcddkogifepbaijk [2014-07-21]
CHR Extension: (Feedly - News, Blogs and Youtube) - C:\Users\Reece\AppData\Local\Google\Chrome\User Data\Default\Extensions\hipbfijinpcgfogaopmgehiegacbhmob [2014-07-21]
CHR Extension: (nCage) - C:\Users\Reece\AppData\Local\Google\Chrome\User Data\Default\Extensions\hnbmfljfohghaepamnfokgggaejlmfol [2014-07-22]
CHR Extension: (Google Play Music) - C:\Users\Reece\AppData\Local\Google\Chrome\User Data\Default\Extensions\icppfcnhkcmnfdhfhphakoifcfokfdhg [2014-07-21]
CHR Extension: (Chrome to Mobile) - C:\Users\Reece\AppData\Local\Google\Chrome\User Data\Default\Extensions\idknbmbdnapjicclomlijcgfpikmndhd [2014-08-02]
CHR Extension: (Any.do Extension) - C:\Users\Reece\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdadialhpiikehpdeejjeiikopddkjem [2014-07-21]
CHR Extension: (Better Battlelog (BBLog)) - C:\Users\Reece\AppData\Local\Google\Chrome\User Data\Default\Extensions\kjlfnjepjdmlppapoikepbaabbghofma [2014-08-12]
CHR Extension: (Divvr) - C:\Users\Reece\AppData\Local\Google\Chrome\User Data\Default\Extensions\lackkieddhpmioebogincgkkcagabhgm [2014-08-02]
CHR Extension: (Momentum) - C:\Users\Reece\AppData\Local\Google\Chrome\User Data\Default\Extensions\laookkfknpbbblfpciffpaejjkokdgca [2014-07-21]
CHR Extension: (Northern Lights) - C:\Users\Reece\AppData\Local\Google\Chrome\User Data\Default\Extensions\lbnkklencjcmkepldaineciclcheaoef [2014-07-21]
CHR Extension: (Steambirds: Survival) - C:\Users\Reece\AppData\Local\Google\Chrome\User Data\Default\Extensions\lcdhpokmalcfjnfkjlfncgekebcojinn [2014-07-21]
CHR Extension: (Silencer) - C:\Users\Reece\AppData\Local\Google\Chrome\User Data\Default\Extensions\liddmepmaofgllnbdbepbcgfgclcelno [2014-07-21]
CHR Extension: (Extension Defender) - C:\Users\Reece\AppData\Local\Google\Chrome\User Data\Default\Extensions\lkakdehcmmnojcdalpkfgmhphnicaonm [2014-07-21]
CHR Extension: (Shiny Reddit) - C:\Users\Reece\AppData\Local\Google\Chrome\User Data\Default\Extensions\nihdcibdbpkakpaolelklbgckofeaofp [2014-08-04]
CHR Extension: (Jiffy: The GIF Creating Plugin) - C:\Users\Reece\AppData\Local\Google\Chrome\User Data\Default\Extensions\nlcjegmhpnnlbkpcfbechbjicnakhben [2014-07-21]
CHR Extension: (Google Wallet) - C:\Users\Reece\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-07-21]
CHR Extension: (Prime Player for Google Play Music™) - C:\Users\Reece\AppData\Local\Google\Chrome\User Data\Default\Extensions\npngaakpdgeaajbnidkkginekmnaejbi [2014-07-21]
CHR Extension: (Any.do) - C:\Users\Reece\AppData\Local\Google\Chrome\User Data\Default\Extensions\ocgddccilgpeepgglnlpchkpgamkgmld [2014-07-21]
CHR Extension: (Enhanced Steam) - C:\Users\Reece\AppData\Local\Google\Chrome\User Data\Default\Extensions\okadibdjfemgnhjiembecghcbfknbfhg [2014-07-21]
CHR Extension: (Gmail) - C:\Users\Reece\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-07-21]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-08-26]
 
==================== Services (Whitelisted) =================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-08-26] (AVAST Software)
R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [106488 2014-08-26] (AVAST Software)
R2 GamingApp_Service; C:\Program Files (x86)\MSI\MSI Gaming APP\GamingApp_Service.exe [20512 2014-03-13] (Micro-Star Int'l Co., Ltd.)
S2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [314696 2014-05-21] (Intel Corporation)
S3 Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [887232 2014-01-31] (Intel® Corporation)
S3 iumsvc; C:\Program Files (x86)\Intel\Intel® Update Manager\bin\iumsvc.exe [174368 2014-02-28] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [154584 2014-02-19] (Intel Corporation)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [377616 2014-07-16] (LogMeIn, Inc.)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation)
R2 MSI_FastBoot; C:\Program Files (x86)\MSI\Fast Boot\FastBootService.exe [103992 2012-10-26] (MSI)
R2 MSI_LiveUpdate_Service; C:\Program Files (x86)\MSI\Live Update\MSI_LiveUpdate_Service.exe [84432 2014-07-01] (Micro-Star International)
R2 MSI_SuperCharger; C:\Program Files (x86)\MSI\Super Charger\ChargeService.exe [162800 2014-03-17] (MSI)
R2 MSI_Trigger_Service; C:\Program Files (x86)\MSI\MSITrigger\MSI_Trigger_Service.exe [30240 2013-09-26] (MICRO-STAR INTERNATIONAL CO., LTD.)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [284912 2014-01-17] ()
S2 NitroDriverReadSpool9; C:\Program Files\Nitro\Pro 9\NitroPDFDriverService9x64.exe [230920 2014-08-01] (Nitro PDF Software)
S2 NitroUpdateService; C:\Program Files\Nitro\Pro 9\Nitro_UpdateService.exe [418312 2014-08-01] ()
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1720792 2014-08-09] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [18973144 2014-08-09] (NVIDIA Corporation)
R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [76152 2014-08-09] ()
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76152 2014-08-20] ()
R2 Qualcomm Atheros Killer Service V2; C:\Program Files\Qualcomm Atheros\Network Manager\KillerService.exe [344576 2014-04-17] (Qualcomm Atheros) [File not signed]
S2 SbieSvc; C:\Program Files\Sandboxie\SbieSvc.exe [174088 2014-05-29] (Sandboxie Holdings, LLC)
R2 SuperRAIDSvc; C:\MSI\Smart Utilities\SuperRAIDSvc.exe [27632 2014-04-30] (Micro-Star International)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3816176 2014-01-17] (Intel® Corporation)
 
==================== Drivers (Whitelisted) ====================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
S3 AcpiCtlDrv; C:\Windows\System32\DRIVERS\AcpiCtlDrv.sys [25880 2012-07-17] (Intel Corporation)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-08-26] ()
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [28184 2014-08-26] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-08-26] (AVAST Software)
R0 aswNdisFlt; C:\Windows\System32\DRIVERS\aswNdisFlt.sys [448400 2014-08-26] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-08-26] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-08-26] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1041168 2014-08-26] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [427360 2014-08-26] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [92008 2014-08-26] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [224896 2014-08-26] ()
S3 b06diag; C:\Windows\system32\drivers\bxdiaga.sys [88104 2012-03-08] (Broadcom Corporation)
R1 BfLwf; C:\Windows\System32\DRIVERS\bflwfx64.sys [82096 2014-04-10] (Qualcomm Atheros, Inc.)
S3 BFN7x64; C:\Windows\system32\drivers\Xeno7x64.sys [157288 2012-02-22] (Bigfoot Networks, Inc.)
R3 btmaux; C:\Windows\System32\DRIVERS\btmaux.sys [140600 2013-11-07] (Motorola Solutions, Inc.)
R3 btmhsf; C:\Windows\System32\DRIVERS\btmhsf.sys [1411384 2013-11-07] (Motorola Solutions, Inc.)
S3 bxfcoe; C:\Windows\system32\drivers\bxfcoe.sys [178216 2012-02-22] (Broadcom Corporation)
S3 bxois; C:\Windows\system32\drivers\bxois.sys [539176 2012-02-22] (Broadcom Corporation)
S3 EtronSTOR; C:\Windows\System32\Drivers\EtronSTOR.sys [32512 2012-07-24] (Etron Technology Inc)
S3 hitmanpro37; C:\Windows\system32\drivers\hitmanpro37.sys [32512 2014-07-23] ()
R3 ibtusb; C:\Windows\System32\DRIVERS\ibtusb.sys [149448 2014-01-22] (Intel Corporation)
R3 ISCT; C:\Windows\System32\DRIVERS\ISCTD64.sys [46568 2013-01-19] ()
R3 Ke2200; C:\Windows\System32\DRIVERS\e22w7x64.sys [129200 2014-03-27] (Qualcomm Atheros, Inc.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-05-12] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [122584 2014-08-27] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-05-12] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [116736 2014-02-19] (Intel Corporation)
R3 NETwNs64; C:\Windows\System32\DRIVERS\Netwsw02.sys [3429344 2014-02-18] (Intel Corporation)
R3 NTIOLib_1_0_3; C:\Program Files (x86)\MSI\Super Charger\NTIOLib_X64.sys [13368 2012-10-25] (MSI)
S3 NTIOLib_1_0_4; C:\Program Files (x86)\MSI\Live Update\NTIOLib_X64.sys [14136 2010-10-22] (MSI)
R3 NTIOLib_FastBoot; C:\Program Files (x86)\MSI\Fast Boot\NTIOLib_X64.sys [13368 2012-10-26] (MSI)
S3 NTIOLib_MB; C:\Program Files (x86)\MSI\MSI Gaming APP\Lib\NTIOLib_X64.sys [13808 2014-03-13] (MSI)
S3 NTIOLib_MSIClock_CC; C:\Program Files (x86)\MSI\Command Center\ClockGen\NTIOLib_X64.sys [13368 2012-11-20] (MSI)
S3 NTIOLib_MSICOMM_CC; C:\Program Files (x86)\MSI\Command Center\NTIOLib_X64.sys [13368 2012-11-19] (MSI)
S3 NTIOLib_MSICPU_CC; C:\Program Files (x86)\MSI\Command Center\CPU\NTIOLib_X64.sys [13368 2012-11-20] (MSI)
S3 NTIOLib_MSIDDR_CC; C:\Program Files (x86)\MSI\Command Center\DDR\NTIOLib_X64.sys [13368 2012-11-26] (MSI)
S3 NTIOLib_MSIRatio_CC; C:\Program Files (x86)\MSI\Command Center\CPU\CPU_Ratio\NTIOLib_X64.sys [13368 2012-11-20] (MSI)
S3 NTIOLib_MSISMB_CC; C:\Program Files (x86)\MSI\Command Center\SMBus\NTIOLib_X64.sys [13368 2012-11-19] (MSI)
S3 NTIOLib_MSISuperIO_CC; C:\Program Files (x86)\MSI\Command Center\SuperIO\NTIOLib_X64.sys [13368 2012-11-19] (MSI)
R3 NTIOLib_MSI_RAID; C:\MSI\Smart Utilities\NTIOLib_X64.sys [13808 2014-03-17] (MSI)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [20440 2014-08-09] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [40392 2014-03-31] (NVIDIA Corporation)
R3 SbieDrv; C:\Program Files\Sandboxie\SbieDrv.sys [185352 2014-05-29] (Sandboxie Holdings, LLC)
S3 Serial; C:\Windows\system32\drivers\serial.sys [94208 2009-07-14] (Brother Industries Ltd.)
R3 usb3Hub; C:\Windows\System32\DRIVERS\usb3Hub.sys [206744 2013-06-20] (Windows ® Win 7 DDK provider)
S3 MSICDSetup; \??\F:\CDriver64.sys [X]
S3 NTIOLib_1_0_C; \??\F:\NTIOLib_X64.sys [X]
S4 NVHDA; system32\drivers\nvhda64v.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
S1 zffjtkth; \??\C:\Windows\system32\drivers\zffjtkth.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
 
 
==================== One Month Created Files and Folders ========
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2014-08-27 20:17 - 2014-08-27 20:17 - 00030644 _____ () C:\Users\Reece\Downloads\FRST.txt
2014-08-27 20:16 - 2014-08-27 20:17 - 00000000 ____D () C:\FRST
2014-08-27 20:16 - 2014-08-27 20:16 - 02103296 _____ (Farbar) C:\Users\Reece\Downloads\FRST64.exe
2014-08-27 20:12 - 2014-08-27 20:12 - 04181856 _____ (Kaspersky Lab ZAO) C:\Users\Reece\Desktop\tdsskiller.exe
2014-08-27 20:11 - 2014-08-27 20:12 - 04181856 _____ (Kaspersky Lab ZAO) C:\Users\Reece\Downloads\tdsskiller (1).exe
2014-08-27 19:33 - 2014-08-27 19:54 - 00037012 _____ () C:\Users\Reece\Desktop\dds.txt
2014-08-27 19:33 - 2014-08-27 19:54 - 00021022 _____ () C:\Users\Reece\Desktop\attach.txt
2014-08-27 19:33 - 2014-08-27 19:33 - 00688992 ____R (Swearware) C:\Users\Reece\Downloads\dds.com
2014-08-27 18:23 - 2014-08-27 18:24 - 00000000 ____D () C:\Users\Reece\AppData\Local\Ubisoft Game Launcher
2014-08-27 18:23 - 2014-08-27 18:23 - 00001197 _____ () C:\Users\Reece\Desktop\Uplay.lnk
2014-08-27 18:23 - 2014-08-27 18:23 - 00000000 ____D () C:\Users\Reece\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft
2014-08-27 18:23 - 2014-08-27 18:23 - 00000000 ____D () C:\Program Files (x86)\Ubisoft
2014-08-27 18:19 - 2014-08-27 18:19 - 00000106 _____ () C:\Users\Reece\Desktop\infected with iexplore.exe virus - Virus, Trojan, Spyware, and Malware Removal Logs.url
2014-08-27 18:18 - 2014-08-27 18:20 - 78471096 _____ (Ubisoft) C:\Users\Reece\Downloads\UplayInstaller.exe
2014-08-27 16:55 - 2014-08-15 22:09 - 13889948 _____ () C:\Users\Reece\Desktop\usrcheat.dat
2014-08-27 16:54 - 2014-08-27 16:54 - 01280565 _____ () C:\Users\Reece\Documents\usrcheat.rar
2014-08-27 16:54 - 2014-08-27 16:54 - 00000000 ____D () C:\Users\Reece\Usrcheat
2014-08-27 16:52 - 2014-08-27 16:52 - 00003073 _____ () C:\Users\Reece\Desktop\Usrcheat Downloader.lnk
2014-08-27 16:52 - 2014-08-27 16:52 - 00000000 ____D () C:\Users\Reece\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Usrcheat Downloader
2014-08-27 16:52 - 2014-08-27 16:52 - 00000000 ____D () C:\Program Files (x86)\Syntechx.com
2014-08-27 16:51 - 2013-03-22 17:47 - 00542208 _____ () C:\Users\Reece\Desktop\setup.msi
2014-08-27 10:51 - 2014-08-27 10:51 - 00338436 _____ () C:\Users\Reece\Downloads\31814-usrcheat_downloader.rar
2014-08-27 10:34 - 2014-08-27 10:34 - 00015211 _____ () C:\Users\Reece\Desktop\UsbFix_Report.txt
2014-08-27 10:31 - 2014-08-27 10:31 - 00001448 _____ () C:\Users\Reece\Desktop\UsbFix.lnk
2014-08-27 10:04 - 2003-06-12 23:25 - 00007062 _____ () C:\Windows\SysWOW64\audiopid.vxd
2014-08-27 09:38 - 2014-08-27 09:38 - 00000000 ____D () C:\SuperChargerProfile
2014-08-27 09:21 - 2014-06-27 11:30 - 00795120 _____ (Intel Corporation) C:\Windows\system32\Drivers\iusb3xhc.sys
2014-08-27 09:21 - 2014-06-27 11:30 - 00383472 _____ (Intel Corporation) C:\Windows\system32\Drivers\iusb3hub.sys
2014-08-27 09:21 - 2014-06-27 11:30 - 00020464 _____ (Intel Corporation) C:\Windows\system32\Drivers\iusb3hcs.sys
2014-08-26 22:14 - 2014-08-26 22:14 - 00000146 _____ () C:\Users\Reece\Desktop\Sound - Shortcut.lnk
2014-08-26 20:53 - 2014-08-27 16:51 - 00000000 ____D () C:\Users\Reece\Desktop\DS2 SKinedit
2014-08-26 20:51 - 2014-08-26 20:52 - 00420193 _____ () C:\Users\Reece\Downloads\DSTWO Skineditor v0.100609.zip
2014-08-26 17:48 - 2014-08-26 17:48 - 02398884 _____ () C:\Users\Reece\Downloads\32346-tempgba.zip
2014-08-26 17:47 - 2014-08-26 17:48 - 02963232 _____ () C:\Users\Reece\Downloads\NDSGBA_for_DSTWO_v1.30.zip
2014-08-26 17:42 - 2014-08-26 17:42 - 00000000 ____D () C:\Users\Reece\Desktop\dstwo
2014-08-26 17:42 - 2014-08-26 17:42 - 00000000 ____D () C:\Users\Reece\Desktop\_dstwo
2014-08-26 17:19 - 2014-08-26 17:19 - 01707534 _____ () C:\Users\Reece\Downloads\Firmware_v1.25_eng.zip
2014-08-26 16:58 - 2012-12-05 09:33 - 00008453 _____ () C:\Users\Reece\Desktop\readme-eng.txt
2014-08-26 16:58 - 2012-12-05 08:51 - 01699328 _____ () C:\Users\Reece\Desktop\dstwoupdate.dat
2014-08-26 16:53 - 2014-08-26 16:52 - 07254160 _____ () C:\Users\Reece\Desktop\DSTWO_v1.11_2012_1224_eng.zip
2014-08-26 16:53 - 2014-08-26 16:52 - 01703347 _____ () C:\Users\Reece\Desktop\Firmware_v1.19_eng.zip
2014-08-26 16:52 - 2014-08-26 16:52 - 07254160 _____ () C:\Users\Reece\Downloads\DSTWO_v1.11_2012_1224_eng.zip
2014-08-26 16:52 - 2014-08-26 16:52 - 01703347 _____ () C:\Users\Reece\Downloads\Firmware_v1.19_eng.zip
2014-08-26 16:51 - 2014-08-26 16:51 - 00002086 _____ () C:\Users\Public\Desktop\SDFormatter.lnk
2014-08-26 16:51 - 2014-08-26 16:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SDFormatter
2014-08-26 16:51 - 2014-08-26 16:51 - 00000000 ____D () C:\Program Files (x86)\SDA
2014-08-26 16:23 - 2014-08-26 16:23 - 00000000 ____D () C:\ProgramData\TEMP
2014-08-26 16:23 - 2014-08-26 16:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Active@ KillDisk 7.1
2014-08-26 16:23 - 2014-08-26 16:23 - 00000000 ____D () C:\Program Files (x86)\LSoft Technologies
2014-08-26 16:22 - 2014-08-26 16:19 - 06286748 _____ () C:\Users\Reece\Desktop\SDFormatterv4 (1).zip
2014-08-26 16:20 - 2012-10-31 12:08 - 06786320 ____N (SD Association ) C:\Users\Reece\Desktop\setup.exe
2014-08-26 16:19 - 2014-08-26 16:19 - 06286748 _____ () C:\Users\Reece\Downloads\SDFormatterv4 (1).zip
2014-08-26 16:16 - 2014-08-26 16:17 - 16778856 _____ (LSoft Technologies Inc ) C:\Users\Reece\Downloads\KillDiskSuite7-Beta.exe
2014-08-26 16:14 - 2014-08-26 16:14 - 00000000 ____D () C:\Users\Reece\Desktop\DS2
2014-08-26 14:03 - 2014-08-26 14:03 - 00448400 _____ (AVAST Software) C:\Windows\system32\Drivers\aswNdisFlt.sys
2014-08-26 14:03 - 2014-08-26 14:03 - 00028184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2014-08-26 14:03 - 2014-08-26 14:03 - 00001972 _____ () C:\Users\Public\Desktop\avast! Internet Security.lnk
2014-08-26 13:53 - 2014-08-26 13:53 - 00000000 ____D () C:\Users\Reece\AppData\Roaming\AVAST Software
2014-08-26 13:52 - 2014-08-26 14:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast
2014-08-26 13:51 - 2014-08-26 14:03 - 00003924 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-08-26 13:51 - 2014-08-26 13:52 - 00427360 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2014-08-26 13:51 - 2014-08-26 13:51 - 01041168 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2014-08-26 13:51 - 2014-08-26 13:51 - 00307344 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-08-26 13:51 - 2014-08-26 13:51 - 00224896 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2014-08-26 13:51 - 2014-08-26 13:51 - 00093568 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2014-08-26 13:51 - 2014-08-26 13:51 - 00092008 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2014-08-26 13:51 - 2014-08-26 13:51 - 00079184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-08-26 13:51 - 2014-08-26 13:51 - 00065776 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2014-08-26 13:51 - 2014-08-26 13:51 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-08-26 13:51 - 2014-08-26 13:51 - 00029208 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2014-08-26 13:48 - 2014-08-26 13:48 - 00000000 ____D () C:\Program Files\AVAST Software
2014-08-26 13:47 - 2014-08-26 13:48 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-08-26 13:45 - 2014-08-26 13:45 - 04862664 _____ (AVAST Software) C:\Users\Reece\Downloads\avast_free_antivirus_setup_online.exe
2014-08-26 13:38 - 2014-08-26 13:38 - 00002452 _____ () C:\Users\Reece\Desktop\New Text Document.txt
2014-08-26 11:32 - 2014-08-27 10:34 - 00000000 ____D () C:\UsbFix
2014-08-26 11:32 - 2014-08-26 11:32 - 03863617 _____ (El Desaparecido - SosVirus.net - UsbFix.net) C:\Users\Reece\Downloads\UsbFix.exe
2014-08-26 11:26 - 2014-08-26 11:27 - 00000000 ____D () C:\Users\Reece\AppData\Local\Battle.net
2014-08-26 11:26 - 2014-08-26 11:26 - 00000000 ____D () C:\Users\Reece\AppData\Roaming\Battle.net
2014-08-26 11:26 - 2014-08-26 11:26 - 00000000 ____D () C:\Users\Reece\AppData\Local\Blizzard Entertainment
2014-08-26 11:26 - 2014-08-26 11:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battle.net
2014-08-26 11:26 - 2014-08-26 11:26 - 00000000 ____D () C:\ProgramData\Blizzard Entertainment
2014-08-26 11:26 - 2014-08-26 11:26 - 00000000 ____D () C:\Program Files (x86)\Battle.net
2014-08-26 11:22 - 2014-08-26 11:22 - 03099552 _____ (Blizzard Entertainment) C:\Users\Reece\Downloads\Hearthstone-Setup-enUS.exe
2014-08-26 11:22 - 2014-08-26 11:22 - 00000000 ____D () C:\ProgramData\Battle.net
2014-08-25 22:51 - 2014-08-25 22:52 - 00294232 _____ () C:\Windows\Minidump\082514-24008-01.dmp
2014-08-25 22:50 - 2014-08-25 22:50 - 116695840 ____N (Oracle Corporation) C:\Users\Reece\Desktop\VirtualBox-4.3.14-95030-Win.exe
2014-08-25 22:47 - 2014-08-25 22:50 - 116695840 _____ (Oracle Corporation) C:\Users\Reece\Downloads\VirtualBox-4.3.14-95030-Win.exe
2014-08-25 22:44 - 2014-08-25 22:44 - 00000000 ___RD () C:\Sandbox
2014-08-25 22:40 - 2014-08-26 13:01 - 00001002 _____ () C:\Users\Reece\Desktop\Sandboxed Web Browser.lnk
2014-08-25 22:40 - 2014-08-26 11:11 - 00001602 _____ () C:\Windows\Sandboxie.ini
2014-08-25 22:40 - 2014-08-25 22:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sandboxie
2014-08-25 22:38 - 2014-08-25 22:38 - 02656264 _____ (Sandboxie Holdings, LLC) C:\Users\Reece\Downloads\SandboxieInstall.exe
2014-08-25 22:38 - 2014-08-25 22:38 - 00000000 ____D () C:\Program Files\Sandboxie
2014-08-25 22:35 - 2014-08-25 22:51 - 815674967 _____ () C:\Windows\MEMORY.DMP
2014-08-25 22:35 - 2014-08-25 22:36 - 00295656 _____ () C:\Windows\Minidump\082514-30186-01.dmp
2014-08-25 09:25 - 2014-08-25 09:25 - 00000000 ____D () C:\Users\Reece\Desktop\SSF2
2014-08-24 22:30 - 2014-08-24 22:30 - 190701930 _____ () C:\Users\Reece\Desktop\SSF2DemoV0_9b1748.zip
2014-08-24 22:18 - 2014-08-24 22:18 - 01454781 _____ () C:\Users\Reece\Downloads\metro_for_steam___3_8___beta_6_by_boneyardbrew-d4u3kjv.zip
2014-08-24 22:10 - 2014-08-24 22:30 - 190701930 _____ () C:\Users\Reece\Downloads\SSF2DemoV0_9b1748.zip
2014-08-23 10:39 - 2014-08-23 10:41 - 47783931 _____ () C:\Users\Reece\Downloads\Golden Age of Racing (Europe).7z
2014-08-23 10:38 - 2014-08-23 10:38 - 02211051 _____ () C:\Users\Reece\Downloads\Ps2 bios.zip
2014-08-23 10:37 - 2014-08-23 10:37 - 00000000 ____D () C:\Users\Reece\Documents\PCSX2
2014-08-23 10:35 - 2014-08-23 10:36 - 00000000 ____D () C:\Program Files (x86)\PCSX2 1.2.1
2014-08-23 10:35 - 2014-08-23 10:35 - 00001981 _____ () C:\Users\Public\Desktop\PCSX2 1.2.1 (r5875).lnk
2014-08-23 10:35 - 2014-08-23 10:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PCSX2
2014-08-23 10:34 - 2014-08-23 10:35 - 10658408 _____ () C:\Users\Reece\Downloads\pcsx2-1.2.1-r5875-setup.exe
2014-08-23 10:32 - 2014-08-23 10:32 - 00000088 _____ () C:\Users\Reece\Desktop\Scythe Kama Bay Amp Mini Pro PLUS [SCKCM-2000P-B].url
2014-08-23 09:35 - 2014-05-14 17:23 - 02477536 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2014-08-23 09:35 - 2014-05-14 17:23 - 00700384 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2014-08-23 09:35 - 2014-05-14 17:23 - 00581600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2014-08-23 09:35 - 2014-05-14 17:23 - 00058336 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2014-08-23 09:35 - 2014-05-14 17:23 - 00044512 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2014-08-23 09:35 - 2014-05-14 17:23 - 00038880 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2014-08-23 09:35 - 2014-05-14 17:23 - 00036320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2014-08-23 09:35 - 2014-05-14 17:21 - 02620928 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2014-08-23 09:35 - 2014-05-14 17:20 - 00097792 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2014-08-23 09:35 - 2014-05-14 17:17 - 00092672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2014-08-23 09:35 - 2014-05-14 09:23 - 00198600 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2014-08-23 09:35 - 2014-05-14 09:23 - 00179656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2014-08-23 09:35 - 2014-05-14 09:20 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2014-08-23 09:35 - 2014-05-14 09:17 - 00033792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2014-08-22 12:51 - 2014-08-22 12:51 - 01364531 _____ () C:\Users\Reece\Downloads\adwcleaner_3.308.exe
2014-08-21 08:39 - 2014-08-21 08:40 - 00000000 ____D () C:\Users\Reece\Documents\House concept pdfs
2014-08-20 20:55 - 2014-08-20 20:56 - 00000000 ____D () C:\Program Files (x86)\Guild Wars 2
2014-08-20 20:55 - 2014-08-20 20:55 - 00000928 _____ () C:\Users\Public\Desktop\Guild Wars 2.lnk
2014-08-20 20:55 - 2014-08-20 20:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Guild Wars 2
2014-08-20 20:03 - 2014-08-21 00:57 - 00000000 ____D () C:\Users\Reece\AppData\Roaming\Guild Wars 2
2014-08-20 20:01 - 2014-08-20 20:02 - 23301624 _____ (ArenaNet) C:\Users\Reece\Downloads\Gw2Setup.exe
2014-08-19 21:16 - 2014-08-20 16:40 - 00000000 ____D () C:\Users\Reece\Documents\Battlefield Heroes
2014-08-19 21:08 - 2014-08-19 21:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EA Games
2014-08-19 20:29 - 2014-08-19 20:29 - 00000000 ____D () C:\Program Files (x86)\EA Games
2014-08-18 22:19 - 2014-08-27 09:20 - 00016456 _____ () C:\Windows\IE9_main.log
2014-08-18 21:16 - 2014-08-18 21:16 - 00000000 ____D () C:\Users\Reece\AppData\Roaming\Nitro
2014-08-18 21:15 - 2014-08-18 21:15 - 00001932 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nitro Pro 9.lnk
2014-08-18 21:15 - 2014-08-18 21:15 - 00001920 _____ () C:\Users\Public\Desktop\Nitro Pro 9.lnk
2014-08-18 21:15 - 2014-08-18 21:15 - 00000000 ____D () C:\ProgramData\Nitro
2014-08-18 21:15 - 2014-08-18 21:15 - 00000000 ____D () C:\Program Files\Nitro
2014-08-18 21:15 - 2014-08-18 21:15 - 00000000 ____D () C:\Program Files\Common Files\Nitro
2014-08-18 21:15 - 2014-08-18 21:15 - 00000000 ____D () C:\Program Files (x86)\Nitro
2014-08-18 21:15 - 2014-08-01 14:22 - 00029704 _____ (Nitro PDF Software) C:\Windows\system32\nitrolocalmon9.dll
2014-08-18 21:15 - 2014-08-01 14:22 - 00017928 _____ (Nitro PDF Software) C:\Windows\system32\nitrolocalui9.dll
2014-08-18 21:13 - 2014-08-18 21:13 - 00000000 ____D () C:\Users\Reece\AppData\Roaming\Downloaded Installations
2014-08-18 20:18 - 2014-08-26 14:38 - 00000000 ____D () C:\Users\Reece\AppData\Local\Adobe
2014-08-18 20:18 - 2014-08-18 20:18 - 00000000 ____D () C:\ProgramData\regid.1986-12.com.adobe
2014-08-18 10:29 - 2014-08-18 10:29 - 00000000 ____D () C:\Users\Reece\AppData\Roaming\LolClient
2014-08-18 10:04 - 2014-08-27 17:54 - 00030640 _____ () C:\Windows\PFRO.log
2014-08-17 19:49 - 2014-08-17 19:49 - 00000000 ____D () C:\ProgramData\Riot Games
2014-08-17 19:45 - 2008-07-12 08:18 - 03851784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_39.dll
2014-08-17 19:45 - 2008-07-12 08:18 - 01493528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_39.dll
2014-08-17 19:45 - 2008-07-12 08:18 - 00467984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_39.dll
2014-08-17 19:44 - 2014-08-17 19:44 - 00001613 _____ () C:\Users\Public\Desktop\Play League of Legends.lnk
2014-08-17 19:44 - 2014-08-17 19:44 - 00000000 __SHD () C:\Windows\SysWOW64\AI_RecycleBin
2014-08-17 19:44 - 2014-08-17 19:44 - 00000000 ____D () C:\Riot Games
2014-08-17 19:44 - 2014-08-17 19:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\League of Legends
2014-08-17 19:42 - 2014-08-17 19:42 - 00000000 ____D () C:\Program Files (x86)\Pando Networks
2014-08-17 19:41 - 2014-08-17 19:45 - 00000000 ____D () C:\Users\Reece\AppData\Roaming\Riot Games
2014-08-17 19:40 - 2014-08-17 19:41 - 34888568 _____ (Riot Games) C:\Users\Reece\Downloads\LeagueofLegends_EUW_Installer_06_12_13.exe
2014-08-16 19:47 - 2014-08-16 19:47 - 00017513 _____ () C:\Windows\DirectX.log
2014-08-16 13:09 - 2014-08-27 19:15 - 00010252 _____ () C:\Windows\setupact.log
2014-08-16 13:09 - 2014-08-16 13:09 - 00000000 _____ () C:\Windows\setuperr.log
2014-08-16 11:40 - 2014-08-16 11:40 - 00000308 _____ () C:\Users\Reece\Downloads\60fps.rar
2014-08-16 11:29 - 2014-08-16 11:29 - 01118920 ____N (Microsoft Corporation) C:\Users\Reece\Downloads\NDP452-KB2901954-Web.exe
2014-08-16 11:29 - 2014-08-16 11:29 - 01005568 _____ (Microsoft Corporation) C:\Users\Reece\Downloads\dotNetFx45_Full_setup.exe
2014-08-16 11:16 - 2014-02-20 03:12 - 00535040 ____N (CoderBag) C:\Users\Reece\Desktop\CoreParkingManager45.exe
2014-08-16 11:15 - 2014-08-16 11:15 - 00624000 _____ () C:\Users\Reece\Downloads\CoreParkingManager.zip
2014-08-15 16:03 - 2014-08-15 16:03 - 00000000 ____D () C:\Users\Reece\AppData\Local\Microsoft Games
2014-08-14 11:46 - 2014-08-14 11:47 - 01276504 _____ () C:\Users\Reece\Downloads\metro_for_steam___3_8___beta_5_by_boneyardbrew-d4u3kjv.zip
2014-08-13 21:57 - 2014-06-30 23:24 - 00008856 _____ (Microsoft Corporation) C:\Windows\system32\icardres.dll
2014-08-13 21:57 - 2014-06-30 23:14 - 00008856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardres.dll
2014-08-13 21:57 - 2014-06-06 07:16 - 00035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe
2014-08-13 21:57 - 2014-06-06 07:12 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2014-08-13 21:57 - 2014-03-09 22:48 - 01389208 _____ (Microsoft Corporation) C:\Windows\system32\icardagt.exe
2014-08-13 21:57 - 2014-03-09 22:48 - 00171160 _____ (Microsoft Corporation) C:\Windows\system32\infocardapi.dll
2014-08-13 21:57 - 2014-03-09 22:47 - 00619672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardagt.exe
2014-08-13 21:57 - 2014-03-09 22:47 - 00099480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\infocardapi.dll
2014-08-13 08:40 - 2014-07-24 13:11 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-08-13 08:40 - 2014-07-24 13:10 - 02240000 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-08-13 08:40 - 2014-07-24 13:10 - 01407488 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-08-13 08:40 - 2014-07-24 13:09 - 19279872 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-08-13 08:40 - 2014-07-24 13:09 - 15399936 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-08-13 08:40 - 2014-07-24 13:09 - 03959296 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-08-13 08:40 - 2014-07-24 13:09 - 02655232 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-08-13 08:40 - 2014-07-24 13:09 - 01508864 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-08-13 08:40 - 2014-07-24 13:09 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2014-08-13 08:40 - 2014-07-24 13:09 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-08-13 08:40 - 2014-07-24 13:09 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-08-13 08:40 - 2014-07-24 13:09 - 00451584 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-08-13 08:40 - 2014-07-24 13:09 - 00281600 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-08-13 08:40 - 2014-07-24 13:09 - 00255488 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-08-13 08:40 - 2014-07-24 13:09 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-08-13 08:40 - 2014-07-24 13:09 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
2014-08-13 08:40 - 2014-07-24 13:09 - 00097280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-08-13 08:40 - 2014-07-24 13:09 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-08-13 08:40 - 2014-07-24 13:09 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-08-13 08:40 - 2014-07-24 13:09 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-08-13 08:40 - 2014-07-24 11:52 - 01766400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-08-13 08:40 - 2014-07-24 11:52 - 01180672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-08-13 08:40 - 2014-07-24 11:51 - 14371328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-08-13 08:40 - 2014-07-24 11:51 - 13757440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-08-13 08:40 - 2014-07-24 11:51 - 02861568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-08-13 08:40 - 2014-07-24 11:51 - 02054656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-08-13 08:40 - 2014-07-24 11:51 - 01440768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-08-13 08:40 - 2014-07-24 11:51 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2014-08-13 08:40 - 2014-07-24 11:51 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-08-13 08:40 - 2014-07-24 11:51 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-08-13 08:40 - 2014-07-24 11:51 - 00357888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-08-13 08:40 - 2014-07-24 11:51 - 00226816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-08-13 08:40 - 2014-07-24 11:51 - 00226816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-08-13 08:40 - 2014-07-24 11:51 - 00163840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-08-13 08:40 - 2014-07-24 11:51 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
2014-08-13 08:40 - 2014-07-24 11:51 - 00080384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-08-13 08:40 - 2014-07-24 11:51 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-08-13 08:40 - 2014-07-24 11:51 - 00039936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-08-13 08:40 - 2014-07-24 11:51 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-08-13 08:40 - 2014-07-24 11:33 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-08-13 08:40 - 2014-07-24 11:29 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-08-13 08:40 - 2014-07-24 10:37 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
2014-08-13 08:40 - 2014-07-24 10:32 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
2014-08-13 08:40 - 2014-07-09 03:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDYAK.DLL
2014-08-13 08:40 - 2014-07-09 03:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDTAT.DLL
2014-08-13 08:40 - 2014-07-09 03:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU1.DLL
2014-08-13 08:40 - 2014-07-09 03:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDBASH.DLL
2014-08-13 08:40 - 2014-07-09 03:03 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU.DLL
2014-08-13 08:40 - 2014-07-09 02:31 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDYAK.DLL
2014-08-13 08:40 - 2014-07-09 02:31 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDTAT.DLL
2014-08-13 08:40 - 2014-07-09 02:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU1.DLL
2014-08-13 08:40 - 2014-07-09 02:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU.DLL
2014-08-13 08:40 - 2014-07-09 02:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDBASH.DLL
2014-08-13 08:40 - 2014-07-08 23:38 - 00419992 _____ () C:\Windows\system32\locale.nls
2014-08-13 08:40 - 2014-07-08 23:30 - 00419992 _____ () C:\Windows\SysWOW64\locale.nls
2014-08-13 08:39 - 2014-07-16 04:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-08-13 08:39 - 2014-07-16 03:46 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-08-13 08:38 - 2014-07-16 04:25 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-08-13 08:38 - 2014-07-16 03:46 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-08-13 08:38 - 2014-07-16 03:12 - 03163648 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-08-13 08:38 - 2014-07-14 03:02 - 01216000 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2014-08-13 08:38 - 2014-07-14 02:40 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2014-08-13 08:38 - 2014-06-25 03:05 - 14175744 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-08-13 08:38 - 2014-06-25 02:41 - 12874240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-08-13 08:38 - 2014-06-16 03:10 - 00985536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2014-08-13 08:38 - 2014-06-03 11:02 - 03241984 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-08-13 08:38 - 2014-06-03 11:02 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2014-08-13 08:38 - 2014-06-03 11:02 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2014-08-13 08:38 - 2014-06-03 11:02 - 00112064 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2014-08-13 08:38 - 2014-06-03 10:29 - 02363392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-08-13 08:38 - 2014-06-03 10:29 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2014-08-13 08:38 - 2014-06-03 10:29 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2014-08-10 21:23 - 2014-08-10 21:23 - 00000132 _____ () C:\Users\Reece\AppData\Roaming\Adobe PNG Format CS6 Prefs
2014-08-09 10:39 - 2014-08-09 10:39 - 00000000 ____D () C:\Users\Reece\AppData\Local\SCE
2014-08-09 09:25 - 2014-08-09 09:25 - 00076152 _____ () C:\Windows\system32\PnkBstrA.exe
2014-08-09 09:12 - 2014-08-09 09:16 - 00000000 ____D () C:\Users\Reece\Documents\Battlefield 4
2014-08-09 09:12 - 2014-08-09 09:12 - 02247960 _____ () C:\Users\Reece\Downloads\battlelog-web-plugins_2.4.0_141 (1).exe
2014-08-09 07:09 - 2014-08-09 07:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wing Commander III
2014-08-09 05:55 - 2014-08-09 05:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battlefield 4
2014-08-08 22:46 - 2014-08-08 22:46 - 00000107 _____ () C:\Users\Reece\Desktop\Should I Stay Or Should I Go Tab (ver 2) by Clash @ Ultimate-Guitar.Com.url
2014-08-08 09:24 - 2014-08-25 22:51 - 00000000 ____D () C:\Windows\Minidump
2014-08-07 20:27 - 2014-08-07 20:09 - 02601752 _____ () C:\Windows\SysWOW64\pbsvc_moh.exe
2014-08-07 20:26 - 2014-08-07 20:26 - 00000000 ____D () C:\Windows\1C4551A64743409391E41477CD655043.TMP
2014-08-07 19:14 - 2014-08-07 19:14 - 00000113 _____ () C:\Users\Reece\Desktop\GPO Jive 3 Speed Record Player with CD and MP3 - White- Amazon.co.uk- TV.url
2014-08-07 19:13 - 2014-08-07 19:13 - 00000133 _____ () C:\Users\Reece\Desktop\Steepletone SRP025 3 Speed Record Player with Detachable Speaker - Orange- Amazon.co.uk- TV.url
2014-08-07 17:33 - 2014-08-07 17:33 - 00000088 _____ () C:\Users\Reece\Desktop\Corsair Flash Voyager Go 16GB OTG Flash Drive (CMFVG-16GB-EU) [CMFVG-16GB-EU].url
2014-08-07 12:52 - 2014-08-07 12:52 - 00000000 ____D () C:\Users\Public\Documents\Logishrd
2014-08-07 12:52 - 2014-08-07 12:52 - 00000000 ____D () C:\ProgramData\Logitech
2014-08-07 12:43 - 2014-08-07 12:52 - 00000000 ____D () C:\ProgramData\Logishrd
2014-08-07 12:43 - 2014-08-07 12:43 - 00018960 _____ (Logitech, Inc.) C:\Windows\system32\Drivers\LNonPnP.sys
2014-08-07 12:43 - 2014-08-07 12:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logitech
2014-08-07 12:43 - 2014-08-07 12:43 - 00000000 ____D () C:\Program Files\Logitech
2014-08-07 12:42 - 2014-08-07 12:43 - 00000000 ____D () C:\Program Files\Common Files\Logishrd
2014-08-07 12:21 - 2014-08-07 12:51 - 00000000 ____D () C:\Users\Reece\AppData\Roaming\Logitech
2014-08-07 12:21 - 2014-08-07 12:21 - 00000000 ____D () C:\Users\Reece\AppData\Roaming\Logishrd
2014-08-07 12:18 - 2014-08-07 12:23 - 18225160 _____ (Logitech Inc.) C:\Users\Reece\Downloads\scroll_app_4.00.33.exe
2014-08-07 12:18 - 2014-08-07 12:20 - 04147600 _____ ($Co_Name Inc.) C:\Users\Reece\Downloads\unifying250.exe
2014-08-07 12:18 - 2014-08-07 12:20 - 03677488 _____ (Logitech Inc.) C:\Users\Reece\Downloads\SetPoint6.65.62_smart.exe
2014-08-06 15:25 - 2014-08-06 16:47 - 00003718 _____ () C:\Windows\System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473
2014-08-06 15:25 - 2014-08-06 15:25 - 00003476 _____ () C:\Windows\System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon
2014-08-06 15:25 - 2014-08-06 15:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
2014-08-06 14:20 - 2014-08-06 14:20 - 00004103 _____ () C:\Users\Reece\Downloads\EWIs Ultra SkyrimPrefs and inis v03d-51033-v03d.rar
2014-08-06 14:19 - 2014-08-06 14:19 - 00060838 _____ () C:\Users\Reece\Downloads\SafetyLoad 1_2-46465-1-2.zip
2014-08-06 14:19 - 2014-08-06 14:19 - 00014171 _____ () C:\Users\Reece\Downloads\ENBoost 5_0-38649-5-0.zip
2014-08-06 12:24 - 2014-08-06 12:24 - 00000122 _____ () C:\Users\Reece\Documents\LEL.txt
2014-08-06 10:23 - 2014-08-06 10:23 - 00559704 _____ () C:\Users\Reece\Downloads\cln_by_toastbrotpascal-d3l6ln2.rmskin
2014-08-06 10:23 - 2014-08-06 10:23 - 00422297 _____ () C:\Users\Reece\Downloads\novella_1_1_rainmeter_music_player__by_jlynnxx-d5rg9im.rmskin
2014-08-06 10:20 - 2014-08-06 10:20 - 02568843 _____ () C:\Users\Reece\Downloads\soul_by_bradd9-d5cpk9b.rmskin
2014-08-06 10:20 - 2014-08-06 10:20 - 00433220 _____ () C:\Users\Reece\Downloads\volume_slider_v2_0_by_fbed-d3huyzu.rmskin
2014-08-06 10:19 - 2014-08-06 10:20 - 00979434 _____ () C:\Users\Reece\Downloads\the_maelstrom_by_tobimccan-d4e8nmd.rmskin
2014-08-06 10:15 - 2014-08-06 10:17 - 06105697 _____ () C:\Users\Reece\Downloads\MoonGlow_by_minhtrimatrix.zip
2014-08-06 10:05 - 2014-08-06 10:20 - 00000000 ____D () C:\Users\Reece\AppData\Roaming\Rainmeter
2014-08-06 10:05 - 2014-08-06 10:05 - 00001706 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rainmeter.lnk
2014-08-06 10:05 - 2014-08-06 10:05 - 00000000 ____D () C:\Program Files\Rainmeter
2014-08-06 10:02 - 2014-08-06 10:04 - 02293760 _____ () C:\Users\Reece\Downloads\Rainmeter-3.2-r2302-beta.exe
2014-08-05 11:34 - 2014-08-05 11:34 - 00000000 ____D () C:\Users\Reece\AppData\Local\My Games
2014-08-05 11:00 - 2014-08-05 11:05 - 00000000 ____D () C:\Users\Reece\Desktop\tes5edit
2014-08-05 10:59 - 2014-08-05 10:59 - 02348352 _____ () C:\Users\Reece\Downloads\TES5Edit_3_0_32_EXPERIMENTAL-25859-3-0-32EXP.7z
2014-08-05 07:48 - 2014-08-05 07:48 - 01239708 _____ () C:\Users\Reece\Downloads\metro_for_steam___3_8___beta_3_by_boneyardbrew-d4u3kjv.zip
2014-08-04 19:12 - 2014-08-04 19:12 - 00048285 _____ () C:\Users\Reece\Downloads\Savetool-52363-1-13beta.zip
2014-08-04 16:05 - 2014-08-04 16:05 - 00000000 ____D () C:\Users\Reece\AppData\Roaming\Apple Computer
2014-08-04 15:53 - 2014-08-04 15:53 - 00313875 _____ () C:\Users\Reece\Downloads\skse_1_07_01_installer.exe
2014-08-04 14:52 - 2014-07-02 18:44 - 00609240 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2014-08-04 14:50 - 2014-07-02 21:48 - 31512520 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2014-08-04 14:50 - 2014-07-02 21:48 - 24196896 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2014-08-04 14:50 - 2014-07-02 21:48 - 22994208 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2014-08-04 14:50 - 2014-07-02 21:48 - 17555104 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2014-08-04 14:50 - 2014-07-02 21:48 - 16122344 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2014-08-04 14:50 - 2014-07-02 21:48 - 15294296 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2014-08-04 14:50 - 2014-07-02 21:48 - 13922752 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2014-08-04 14:50 - 2014-07-02 21:48 - 13835208 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2014-08-04 14:50 - 2014-07-02 21:48 - 12866008 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2014-08-04 14:50 - 2014-07-02 21:48 - 11283344 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2014-08-04 14:50 - 2014-07-02 21:48 - 11222048 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2014-08-04 14:50 - 2014-07-02 21:48 - 04247000 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2014-08-04 14:50 - 2014-07-02 21:48 - 03989960 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2014-08-04 14:50 - 2014-07-02 21:48 - 01890080 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6434052.dll
2014-08-04 14:50 - 2014-07-02 21:48 - 01539928 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6434052.dll
2014-08-04 14:50 - 2014-07-02 21:48 - 00944928 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2014-08-04 14:50 - 2014-07-02 21:48 - 00907096 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2014-08-04 14:50 - 2014-07-02 21:48 - 00903624 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2014-08-04 14:50 - 2014-07-02 21:48 - 00869152 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2014-08-04 14:50 - 2014-07-02 21:48 - 00846832 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2014-08-04 14:50 - 2014-07-02 21:48 - 00502232 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2014-08-04 14:50 - 2014-07-02 21:48 - 00418760 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2014-08-04 14:50 - 2014-07-02 21:48 - 00391640 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2014-08-04 14:50 - 2014-07-02 21:48 - 00354016 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2014-08-04 14:50 - 2014-07-02 21:48 - 00348120 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2014-08-04 14:50 - 2014-07-02 21:48 - 00305600 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2014-08-04 14:50 - 2014-07-02 21:48 - 00166568 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2014-08-04 14:50 - 2014-07-02 21:48 - 00146480 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2014-08-04 14:13 - 2014-08-04 14:19 - 179766994 _____ () C:\Users\Reece\Downloads\01 Main File - UNP - Hmm What To Wear-22168-3-2 (1).rar
2014-08-04 14:10 - 2014-08-26 17:29 - 00000000 ____D () C:\Program Files (x86)\QuickTime
2014-08-04 14:10 - 2014-08-04 14:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
2014-08-04 14:10 - 2014-08-04 14:10 - 00000000 ____D () C:\ProgramData\Apple Computer
2014-08-04 14:09 - 2014-08-04 14:09 - 00002519 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
2014-08-04 14:09 - 2014-08-04 14:09 - 00000000 ____D () C:\Users\Reece\AppData\Local\Apple
2014-08-04 14:09 - 2014-08-04 14:09 - 00000000 ____D () C:\ProgramData\Apple
2014-08-04 14:09 - 2014-08-04 14:09 - 00000000 ____D () C:\Program Files (x86)\Apple Software Update
2014-08-04 14:05 - 2014-08-04 14:07 - 41945432 _____ (Apple Inc.) C:\Users\Reece\Downloads\QuickTimeInstaller.exe
2014-08-04 13:56 - 2014-08-04 13:56 - 00083125 _____ () C:\Users\Reece\Downloads\The Dance of Death 4-0 Beta - Ultimate Edition-10906-4-0.7z
2014-08-04 13:54 - 2014-08-04 13:54 - 00001494 _____ () C:\Users\Reece\Downloads\Merged-17214-1-1.rar
2014-08-04 13:52 - 2014-08-04 14:06 - 85096286 _____ () C:\Users\Reece\Downloads\Radiant and Unique Potions Poisons and BOOZE v2 GLOWING VERSION-18799-2-0.rar
2014-08-04 13:43 - 2014-08-11 22:42 - 00000000 ____D () C:\Users\Reece\AppData\Roaming\MediaMonkey
2014-08-04 13:43 - 2014-08-04 13:43 - 00001039 _____ () C:\Users\Public\Desktop\MediaMonkey.lnk
2014-08-04 13:43 - 2014-08-04 13:43 - 00000000 ____D () C:\Users\Reece\AppData\Local\MediaMonkey
2014-08-04 13:43 - 2014-08-04 13:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MediaMonkey
2014-08-04 13:43 - 2014-08-04 13:43 - 00000000 ____D () C:\ProgramData\MediaMonkey
2014-08-04 13:43 - 2014-08-04 13:43 - 00000000 ____D () C:\Program Files (x86)\MediaMonkey
2014-08-04 13:41 - 2014-08-04 13:41 - 15197736 _____ (Ventis Media Inc. ) C:\Users\Reece\Downloads\MediaMonkey_4.1.3.1708.exe
2014-08-04 12:14 - 2014-08-04 12:14 - 00000000 ____D () C:\ProgramData\ALM
2014-08-04 12:11 - 2014-08-04 12:11 - 00000000 ____D () C:\Users\Reece\Adobe Flash Builder 4.6
2014-08-04 12:09 - 2014-08-18 21:03 - 00002465 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat Distiller X.lnk
2014-08-04 12:09 - 2014-08-18 21:03 - 00002453 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat X Pro.lnk
2014-08-04 12:09 - 2014-08-18 21:03 - 00002026 _____ () C:\Users\Public\Desktop\Adobe Acrobat X Pro.lnk
2014-08-04 12:09 - 2014-08-18 21:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe LiveCycle ES2
2014-08-04 12:06 - 2014-08-04 12:06 - 00001097 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Widget Browser.lnk
2014-08-04 12:05 - 2014-08-04 12:05 - 00000000 ____D () C:\Program Files (x86)\My Company Name
2014-08-04 12:05 - 2011-11-03 03:01 - 00056208 ____N (Rovi Corporation) C:\Windows\system32\Drivers\PxHlpa64.sys
2014-08-04 12:05 - 2011-10-17 03:00 - 00010224 ____N (Sonic Solutions) C:\Windows\system32\Drivers\cdralw2k.sys
2014-08-04 12:05 - 2011-10-17 03:00 - 00010224 ____N (Sonic Solutions) C:\Windows\system32\Drivers\cdr4_xp.sys
2014-08-04 12:02 - 2014-08-04 12:02 - 00000997 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Help.lnk
2014-08-04 12:02 - 2014-08-04 12:02 - 00000000 ____D () C:\Users\Default\AppData\Roaming\Macromedia
2014-08-04 12:02 - 2014-08-04 12:02 - 00000000 ____D () C:\Users\Default User\AppData\Roaming\Macromedia
2014-08-04 11:59 - 2014-08-04 12:17 - 00000000 ____D () C:\Program Files (x86)\Adobe
2014-08-04 11:57 - 2014-08-04 12:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Master Collection CS6
2014-08-04 11:57 - 2014-08-04 12:17 - 00000000 ____D () C:\Program Files\Common Files\Adobe
2014-08-04 11:57 - 2014-08-04 12:17 - 00000000 ____D () C:\Program Files\Adobe
2014-08-04 11:53 - 2014-08-18 20:20 - 00000000 ____D () C:\ProgramData\Adobe
2014-08-04 11:09 - 2014-08-04 11:09 - 00001011 _____ () C:\Program Files (x86)\Nexus Mod Manager.lnk
2014-08-04 10:51 - 2014-08-04 10:53 - 00799476 _____ () C:\Users\Reece\Downloads\Win7LogonBackgroundChanger_1_5_2.zip
2014-08-04 10:51 - 2014-08-04 10:51 - 00000000 ____D () C:\Users\Reece\AppData\Local\http___www.julien-manici
2014-08-04 10:38 - 2014-08-04 10:38 - 00000402 __RSH () C:\ProgramData\ntuser.pol
2014-08-04 10:29 - 2014-08-04 10:29 - 00170775 _____ () C:\Users\Reece\Downloads\Hidden Blade Sound FX-24977-1-0.7z
2014-08-04 10:27 - 2014-08-04 10:48 - 147645334 _____ () C:\Users\Reece\Downloads\JaySuS Swords V13C-1002-13C.rar
2014-08-04 10:18 - 2014-08-04 10:18 - 00048912 _____ () C:\Users\Reece\Downloads\Personalized Music v 5_0-13286-5-0.zip
2014-08-04 10:18 - 2014-08-04 10:18 - 00012531 _____ () C:\Users\Reece\Downloads\Personalized Music - Player Homes Music v 1_1-13286-1-1.zip
2014-08-04 09:56 - 2014-08-04 10:09 - 49217780 _____ () C:\Users\Reece\Downloads\Breezehome Fully Upgradable Dawnguard and Hearthfires v1_7_7-11158-1-7-7.zip
2014-08-04 09:54 - 2014-08-04 10:00 - 21056666 _____ () C:\Users\Reece\Downloads\Designs of The Nords Banners-13429-1-5.zip
2014-08-04 09:43 - 2014-08-04 09:43 - 00002772 _____ () C:\Windows\System32\Tasks\CCleanerSkipUAC
2014-08-04 09:43 - 2014-08-04 09:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2014-08-04 09:43 - 2014-08-04 09:43 - 00000000 ____D () C:\Program Files\CCleaner
2014-08-04 09:41 - 2014-08-04 09:42 - 04813544 _____ (Piriform Ltd) C:\Users\Reece\Downloads\ccsetup416.exe
2014-08-04 09:40 - 2014-08-04 09:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Defraggler
2014-08-04 09:40 - 2014-08-04 09:40 - 00000000 ____D () C:\Program Files\Defraggler
2014-08-04 09:38 - 2014-08-04 09:39 - 04362512 _____ (Piriform Ltd) C:\Users\Reece\Downloads\dfsetup218.exe
2014-08-03 21:40 - 2014-08-03 21:47 - 258817180 _____ () C:\Users\Reece\Downloads\NMM Installer-56588-v1-2.7z
2014-08-03 14:23 - 2014-08-03 14:23 - 04154233 _____ () C:\Users\Reece\Downloads\Ver 0.1-56393-0-1.zip
2014-08-03 14:22 - 2014-08-03 14:36 - 97711094 _____ () C:\Users\Reece\Downloads\West Wind Misfit Mage v1-36780-1.rar
2014-08-03 14:22 - 2014-08-03 14:29 - 42526144 _____ () C:\Users\Reece\Downloads\Wild Huntress Top Model with TBBP-53494-1-0.7z
2014-08-03 14:22 - 2014-08-03 14:28 - 08939856 _____ () C:\Users\Reece\Downloads\02 Dawn Guard Dissassembled-22168-3-1.rar
2014-08-03 14:21 - 2014-08-03 14:41 - 179766994 _____ () C:\Users\Reece\Downloads\01 Main File - UNP - Hmm What To Wear-22168-3-2.rar
2014-08-03 14:20 - 2014-08-03 14:43 - 235701929 _____ () C:\Users\Reece\Downloads\UNP Mashup Compilation v1-20415-1.rar
2014-08-03 14:19 - 2014-08-03 14:21 - 26222551 _____ () C:\Users\Reece\Downloads\Anya-55473-1-1.zip
2014-08-03 14:18 - 2014-08-03 14:46 - 122006254 _____ () C:\Users\Reece\Downloads\Improved Bard Girl - All-in-one-56599-1-1.zip
2014-08-03 14:15 - 2014-08-03 14:34 - 69908174 _____ () C:\Users\Reece\Downloads\MBWS Followers II Fomod Installer-56564-1-1.7z
2014-08-03 14:14 - 2014-08-03 14:21 - 114006593 _____ () C:\Users\Reece\Downloads\zzjays wardrobe-53442-1-3.7z
2014-08-03 14:10 - 2014-08-03 14:11 - 20366281 _____ () C:\Users\Reece\Downloads\OK_Lunetta-56595-1-0.7z
2014-08-03 14:10 - 2014-08-03 14:11 - 08945551 _____ () C:\Users\Reece\Downloads\Osare Maid Outfit 1_2-13569-1-2.7z
2014-08-03 14:06 - 2014-08-03 14:10 - 105728246 _____ () C:\Users\Reece\Downloads\Ethereal Elven Overhaul-24273-1-1-1.zip
2014-08-03 14:01 - 2014-08-03 14:02 - 23617240 _____ () C:\Users\Reece\Downloads\yurica_chevaleresse armor v2.0-56475-v2-0.rar
2014-08-02 21:12 - 2014-08-02 21:12 - 00000000 ____D () C:\Windows\system32\appmgmt
2014-08-02 21:11 - 2014-08-02 21:11 - 00000000 ____D () C:\Users\Reece\AppData\Roaming\Unity
2014-08-02 21:05 - 2014-08-02 21:05 - 00000168 _____ () C:\Users\Reece\Desktop\SanDisk SDDD-032G-G46 32 GB Ultra Dual USB Drive - Standard Packaging- Amazon.co.uk- Computers & Accessories.url
2014-08-02 21:05 - 2014-08-02 21:05 - 00000168 _____ () C:\Users\Reece\Desktop\Kingston 32GB Micro USB 2.0 DataTraveler Flash Drive- Amazon.co.uk- Computers & Accessories.url
2014-08-02 21:02 - 2014-08-02 21:02 - 01080480 _____ (Unity Technologies ApS) C:\Users\Reece\Downloads\UnityWebPlayer (2).exe
2014-08-02 21:02 - 2014-08-02 21:02 - 01080480 _____ (Unity Technologies ApS) C:\Users\Reece\Downloads\UnityWebPlayer (1).exe
2014-08-02 21:02 - 2014-08-02 21:02 - 00000000 ____D () C:\Users\Reece\AppData\Local\Unity
2014-08-02 20:59 - 2014-08-02 20:59 - 01080480 _____ (Unity Technologies ApS) C:\Users\Reece\Downloads\UnityWebPlayer.exe
2014-08-02 20:59 - 2014-08-02 20:59 - 00000000 ____D () C:\Users\Reece\AppData\Local\Downloaded Installations
2014-08-02 20:57 - 2014-08-02 20:59 - 06286748 _____ () C:\Users\Reece\Downloads\SDFormatterv4.zip
2014-08-02 19:31 - 2014-08-02 19:31 - 00000109 _____ () C:\Users\Reece\Desktop\Take a Look at Young Rewired State if Your Kids Like to Code - Lifehacker UK.url
2014-08-02 16:50 - 2014-08-02 16:50 - 00000000 ____D () C:\Users\Reece\Desktop\MODS
2014-08-02 16:01 - 2014-08-02 16:01 - 27239623 _____ () C:\Users\Reece\Downloads\torbrowser-install-3.6.3_en-US.exe
2014-08-02 16:01 - 2014-08-02 16:01 - 00000000 ____D () C:\Users\Reece\Desktop\Tor Browser
2014-08-02 15:52 - 2014-08-02 15:52 - 00000098 _____ () C:\Users\Reece\Desktop\Universal Portable USB Charger.url
2014-08-01 14:23 - 2014-08-01 14:23 - 00069640 _____ (Nalpeiron Ltd.) C:\Windows\SysWOW64\NLSSRV32.EXE
 
==================== One Month Modified Files and Folders =======
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2014-08-27 20:17 - 2014-08-27 20:17 - 00030644 _____ () C:\Users\Reece\Downloads\FRST.txt
2014-08-27 20:17 - 2014-08-27 20:16 - 00000000 ____D () C:\FRST
2014-08-27 20:16 - 2014-08-27 20:16 - 02103296 _____ (Farbar) C:\Users\Reece\Downloads\FRST64.exe
2014-08-27 20:16 - 2014-07-21 19:50 - 00000000 ____D () C:\Users\Reece\AppData\Roaming\Skype
2014-08-27 20:12 - 2014-08-27 20:12 - 04181856 _____ (Kaspersky Lab ZAO) C:\Users\Reece\Desktop\tdsskiller.exe
2014-08-27 20:12 - 2014-08-27 20:11 - 04181856 _____ (Kaspersky Lab ZAO) C:\Users\Reece\Downloads\tdsskiller (1).exe
2014-08-27 20:09 - 2014-07-22 18:13 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-08-27 19:54 - 2014-08-27 19:33 - 00037012 _____ () C:\Users\Reece\Desktop\dds.txt
2014-08-27 19:54 - 2014-08-27 19:33 - 00021022 _____ () C:\Users\Reece\Desktop\attach.txt
2014-08-27 19:41 - 2014-07-21 17:36 - 00000896 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-08-27 19:33 - 2014-08-27 19:33 - 00688992 ____R (Swearware) C:\Users\Reece\Downloads\dds.com
2014-08-27 19:30 - 2014-07-21 21:10 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-08-27 19:15 - 2014-08-16 13:09 - 00010252 _____ () C:\Windows\setupact.log
2014-08-27 18:36 - 2014-07-21 20:02 - 00000000 ____D () C:\Users\Reece\AppData\Roaming\Spotify
2014-08-27 18:33 - 2014-07-21 19:33 - 00000000 ____D () C:\Users\Reece\AppData\Local\LogMeIn Hamachi
2014-08-27 18:24 - 2014-08-27 18:23 - 00000000 ____D () C:\Users\Reece\AppData\Local\Ubisoft Game Launcher
2014-08-27 18:23 - 2014-08-27 18:23 - 00001197 _____ () C:\Users\Reece\Desktop\Uplay.lnk
2014-08-27 18:23 - 2014-08-27 18:23 - 00000000 ____D () C:\Users\Reece\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft
2014-08-27 18:23 - 2014-08-27 18:23 - 00000000 ____D () C:\Program Files (x86)\Ubisoft
2014-08-27 18:20 - 2014-08-27 18:18 - 78471096 _____ (Ubisoft) C:\Users\Reece\Downloads\UplayInstaller.exe
2014-08-27 18:19 - 2014-08-27 18:19 - 00000106 _____ () C:\Users\Reece\Desktop\infected with iexplore.exe virus - Virus, Trojan, Spyware, and Malware Removal Logs.url
2014-08-27 18:16 - 2014-07-21 18:43 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-08-27 18:02 - 2009-07-14 05:45 - 00029200 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-08-27 18:02 - 2009-07-14 05:45 - 00029200 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-08-27 17:59 - 2014-07-21 11:47 - 02084385 _____ () C:\Windows\WindowsUpdate.log
2014-08-27 17:57 - 2014-07-21 17:48 - 00006464 _____ () C:\Windows\SysWOW64\Gms.log
2014-08-27 17:54 - 2014-08-18 10:04 - 00030640 _____ () C:\Windows\PFRO.log
2014-08-27 17:54 - 2014-07-22 14:33 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-08-27 17:54 - 2014-07-21 17:36 - 00000892 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-08-27 17:54 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-08-27 17:53 - 2014-07-22 18:23 - 00000000 ____D () C:\AdwCleaner
2014-08-27 16:54 - 2014-08-27 16:54 - 01280565 _____ () C:\Users\Reece\Documents\usrcheat.rar
2014-08-27 16:54 - 2014-08-27 16:54 - 00000000 ____D () C:\Users\Reece\Usrcheat
2014-08-27 16:54 - 2014-07-21 11:57 - 00000000 ____D () C:\Users\Reece
2014-08-27 16:52 - 2014-08-27 16:52 - 00003073 _____ () C:\Users\Reece\Desktop\Usrcheat Downloader.lnk
2014-08-27 16:52 - 2014-08-27 16:52 - 00000000 ____D () C:\Users\Reece\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Usrcheat Downloader
2014-08-27 16:52 - 2014-08-27 16:52 - 00000000 ____D () C:\Program Files (x86)\Syntechx.com
2014-08-27 16:51 - 2014-08-26 20:53 - 00000000 ____D () C:\Users\Reece\Desktop\DS2 SKinedit
2014-08-27 10:51 - 2014-08-27 10:51 - 00338436 _____ () C:\Users\Reece\Downloads\31814-usrcheat_downloader.rar
2014-08-27 10:34 - 2014-08-27 10:34 - 00015211 _____ () C:\Users\Reece\Desktop\UsbFix_Report.txt
2014-08-27 10:34 - 2014-08-26 11:32 - 00000000 ____D () C:\UsbFix
2014-08-27 10:31 - 2014-08-27 10:31 - 00001448 _____ () C:\Users\Reece\Desktop\UsbFix.lnk
2014-08-27 10:10 - 2014-07-21 16:58 - 00000000 ____D () C:\Program Files (x86)\Intel
2014-08-27 10:10 - 2014-07-21 16:56 - 00000000 ____D () C:\ProgramData\Package Cache
2014-08-27 10:10 - 2014-07-19 12:17 - 00000000 ____D () C:\uninstall
2014-08-27 10:04 - 2014-07-21 17:40 - 00000000 ____D () C:\ProgramData\Creative
2014-08-27 09:49 - 2014-07-22 21:04 - 00011711 _____ () C:\Windows\SysWOW64\Utility.xml
2014-08-27 09:46 - 2009-07-14 05:45 - 04913224 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-08-27 09:41 - 2014-07-23 17:37 - 00000000 ____D () C:\Program Files (x86)\Origin
2014-08-27 09:38 - 2014-08-27 09:38 - 00000000 ____D () C:\SuperChargerProfile
2014-08-27 09:38 - 2014-07-21 17:42 - 00002059 _____ () C:\Users\Public\Desktop\MSI Super Charger.lnk
2014-08-27 09:38 - 2014-07-21 17:42 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MSI
2014-08-27 09:38 - 2014-07-21 17:40 - 00000159 ___RH () C:\Windows\ctfile.rfc
2014-08-27 09:38 - 2014-07-18 22:01 - 00000181 _____ () C:\SBC2setup.log
2014-08-27 09:36 - 2014-07-22 18:10 - 00000000 ____D () C:\Program Files\MSI Kombustor 3.0
2014-08-27 09:36 - 2014-07-21 18:53 - 00000000 ____D () C:\Program Files (x86)\HD Tune Pro
2014-08-27 09:20 - 2014-08-18 22:19 - 00016456 _____ () C:\Windows\IE9_main.log
2014-08-26 22:21 - 2014-07-23 16:08 - 00000000 ____D () C:\Users\Reece\AppData\Roaming\uTorrent
2014-08-26 22:14 - 2014-08-26 22:14 - 00000146 _____ () C:\Users\Reece\Desktop\Sound - Shortcut.lnk
2014-08-26 20:52 - 2014-08-26 20:51 - 00420193 _____ () C:\Users\Reece\Downloads\DSTWO Skineditor v0.100609.zip
2014-08-26 18:43 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache
2014-08-26 17:48 - 2014-08-26 17:48 - 02398884 _____ () C:\Users\Reece\Downloads\32346-tempgba.zip
2014-08-26 17:48 - 2014-08-26 17:47 - 02963232 _____ () C:\Users\Reece\Downloads\NDSGBA_for_DSTWO_v1.30.zip
2014-08-26 17:42 - 2014-08-26 17:42 - 00000000 ____D () C:\Users\Reece\Desktop\dstwo
2014-08-26 17:42 - 2014-08-26 17:42 - 00000000 ____D () C:\Users\Reece\Desktop\_dstwo
2014-08-26 17:29 - 2014-08-04 14:10 - 00000000 ____D () C:\Program Files (x86)\QuickTime
2014-08-26 17:29 - 2014-07-25 10:05 - 00000000 ____D () C:\Program Files (x86)\Notepad++
2014-08-26 17:28 - 2014-07-23 12:10 - 00000000 ____D () C:\Users\Reece\Desktop\hide
2014-08-26 17:28 - 2014-07-23 10:03 - 00000000 ____D () C:\Users\Reece\Documents\Benchmarks
2014-08-26 17:27 - 2014-07-22 13:57 - 00000000 ____D () C:\Program Files\WinRAR
2014-08-26 17:19 - 2014-08-26 17:19 - 01707534 _____ () C:\Users\Reece\Downloads\Firmware_v1.25_eng.zip
2014-08-26 16:52 - 2014-08-26 16:53 - 07254160 _____ () C:\Users\Reece\Desktop\DSTWO_v1.11_2012_1224_eng.zip
2014-08-26 16:52 - 2014-08-26 16:53 - 01703347 _____ () C:\Users\Reece\Desktop\Firmware_v1.19_eng.zip
2014-08-26 16:52 - 2014-08-26 16:52 - 07254160 _____ () C:\Users\Reece\Downloads\DSTWO_v1.11_2012_1224_eng.zip
2014-08-26 16:52 - 2014-08-26 16:52 - 01703347 _____ () C:\Users\Reece\Downloads\Firmware_v1.19_eng.zip
2014-08-26 16:51 - 2014-08-26 16:51 - 00002086 _____ () C:\Users\Public\Desktop\SDFormatter.lnk
2014-08-26 16:51 - 2014-08-26 16:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SDFormatter
2014-08-26 16:51 - 2014-08-26 16:51 - 00000000 ____D () C:\Program Files (x86)\SDA
2014-08-26 16:23 - 2014-08-26 16:23 - 00000000 ____D () C:\ProgramData\TEMP
2014-08-26 16:23 - 2014-08-26 16:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Active@ KillDisk 7.1
2014-08-26 16:23 - 2014-08-26 16:23 - 00000000 ____D () C:\Program Files (x86)\LSoft Technologies
2014-08-26 16:19 - 2014-08-26 16:22 - 06286748 _____ () C:\Users\Reece\Desktop\SDFormatterv4 (1).zip
2014-08-26 16:19 - 2014-08-26 16:19 - 06286748 _____ () C:\Users\Reece\Downloads\SDFormatterv4 (1).zip
2014-08-26 16:17 - 2014-08-26 16:16 - 16778856 _____ (LSoft Technologies Inc ) C:\Users\Reece\Downloads\KillDiskSuite7-Beta.exe
2014-08-26 16:14 - 2014-08-26 16:14 - 00000000 ____D () C:\Users\Reece\Desktop\DS2
2014-08-26 14:38 - 2014-08-18 20:18 - 00000000 ____D () C:\Users\Reece\AppData\Local\Adobe
2014-08-26 14:38 - 2014-07-21 21:10 - 00699568 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-08-26 14:38 - 2014-07-21 21:10 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-08-26 14:38 - 2014-07-21 21:10 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-08-26 14:23 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\AppCompat
2014-08-26 14:03 - 2014-08-26 14:03 - 00448400 _____ (AVAST Software) C:\Windows\system32\Drivers\aswNdisFlt.sys
2014-08-26 14:03 - 2014-08-26 14:03 - 00028184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2014-08-26 14:03 - 2014-08-26 14:03 - 00001972 _____ () C:\Users\Public\Desktop\avast! Internet Security.lnk
2014-08-26 14:03 - 2014-08-26 13:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast
2014-08-26 14:03 - 2014-08-26 13:51 - 00003924 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-08-26 13:53 - 2014-08-26 13:53 - 00000000 ____D () C:\Users\Reece\AppData\Roaming\AVAST Software
2014-08-26 13:52 - 2014-08-26 13:51 - 00427360 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2014-08-26 13:51 - 2014-08-26 13:51 - 01041168 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2014-08-26 13:51 - 2014-08-26 13:51 - 00307344 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2014-08-26 13:51 - 2014-08-26 13:51 - 00224896 _____ () C:\Windows\system32\Drivers\aswVmm.sys
2014-08-26 13:51 - 2014-08-26 13:51 - 00093568 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2014-08-26 13:51 - 2014-08-26 13:51 - 00092008 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2014-08-26 13:51 - 2014-08-26 13:51 - 00079184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2014-08-26 13:51 - 2014-08-26 13:51 - 00065776 _____ () C:\Windows\system32\Drivers\aswRvrt.sys
2014-08-26 13:51 - 2014-08-26 13:51 - 00043152 _____ (AVAST Software) C:\Windows\avastSS.scr
2014-08-26 13:51 - 2014-08-26 13:51 - 00029208 _____ () C:\Windows\system32\Drivers\aswHwid.sys
2014-08-26 13:48 - 2014-08-26 13:48 - 00000000 ____D () C:\Program Files\AVAST Software
2014-08-26 13:48 - 2014-08-26 13:47 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-08-26 13:45 - 2014-08-26 13:45 - 04862664 _____ (AVAST Software) C:\Users\Reece\Downloads\avast_free_antivirus_setup_online.exe
2014-08-26 13:38 - 2014-08-26 13:38 - 00002452 _____ () C:\Users\Reece\Desktop\New Text Document.txt
2014-08-26 13:01 - 2014-08-25 22:40 - 00001002 _____ () C:\Users\Reece\Desktop\Sandboxed Web Browser.lnk
2014-08-26 13:01 - 2014-07-21 18:27 - 00001702 _____ () C:\Users\Public\Desktop\Recuva.lnk
2014-08-26 12:22 - 2014-07-22 20:25 - 00215416 _____ () C:\Windows\SysWOW64\PnkBstrB.exe
2014-08-26 12:17 - 2014-07-23 17:37 - 00000000 ____D () C:\ProgramData\Origin
2014-08-26 12:09 - 2009-07-14 06:13 - 00782470 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-08-26 11:32 - 2014-08-26 11:32 - 03863617 _____ (El Desaparecido - SosVirus.net - UsbFix.net) C:\Users\Reece\Downloads\UsbFix.exe
2014-08-26 11:27 - 2014-08-26 11:26 - 00000000 ____D () C:\Users\Reece\AppData\Local\Battle.net
2014-08-26 11:26 - 2014-08-26 11:26 - 00000000 ____D () C:\Users\Reece\AppData\Roaming\Battle.net
2014-08-26 11:26 - 2014-08-26 11:26 - 00000000 ____D () C:\Users\Reece\AppData\Local\Blizzard Entertainment
2014-08-26 11:26 - 2014-08-26 11:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battle.net
2014-08-26 11:26 - 2014-08-26 11:26 - 00000000 ____D () C:\ProgramData\Blizzard Entertainment
2014-08-26 11:26 - 2014-08-26 11:26 - 00000000 ____D () C:\Program Files (x86)\Battle.net
2014-08-26 11:22 - 2014-08-26 11:22 - 03099552 _____ (Blizzard Entertainment) C:\Users\Reece\Downloads\Hearthstone-Setup-enUS.exe
2014-08-26 11:22 - 2014-08-26 11:22 - 00000000 ____D () C:\ProgramData\Battle.net
2014-08-26 11:14 - 2014-07-21 20:03 - 00000000 ____D () C:\Users\Reece\AppData\Local\Spotify
2014-08-26 11:11 - 2014-08-25 22:40 - 00001602 _____ () C:\Windows\Sandboxie.ini
2014-08-26 11:11 - 2014-07-21 20:47 - 00000000 ____D () C:\Windows\pss
2014-08-25 22:52 - 2014-08-25 22:51 - 00294232 _____ () C:\Windows\Minidump\082514-24008-01.dmp
2014-08-25 22:51 - 2014-08-25 22:35 - 815674967 _____ () C:\Windows\MEMORY.DMP
2014-08-25 22:51 - 2014-08-08 09:24 - 00000000 ____D () C:\Windows\Minidump
2014-08-25 22:50 - 2014-08-25 22:50 - 116695840 ____N (Oracle Corporation) C:\Users\Reece\Desktop\VirtualBox-4.3.14-95030-Win.exe
2014-08-25 22:50 - 2014-08-25 22:47 - 116695840 _____ (Oracle Corporation) C:\Users\Reece\Downloads\VirtualBox-4.3.14-95030-Win.exe
2014-08-25 22:44 - 2014-08-25 22:44 - 00000000 ___RD () C:\Sandbox
2014-08-25 22:40 - 2014-08-25 22:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sandboxie
2014-08-25 22:38 - 2014-08-25 22:38 - 02656264 _____ (Sandboxie Holdings, LLC) C:\Users\Reece\Downloads\SandboxieInstall.exe
2014-08-25 22:38 - 2014-08-25 22:38 - 00000000 ____D () C:\Program Files\Sandboxie
2014-08-25 22:36 - 2014-08-25 22:35 - 00295656 _____ () C:\Windows\Minidump\082514-30186-01.dmp
2014-08-25 19:21 - 2014-07-22 20:26 - 00282296 _____ () C:\Windows\SysWOW64\PnkBstrB.xtr
2014-08-25 19:21 - 2014-07-22 20:25 - 00282296 _____ () C:\Windows\SysWOW64\PnkBstrB.ex0
2014-08-25 09:25 - 2014-08-25 09:25 - 00000000 ____D () C:\Users\Reece\Desktop\SSF2
2014-08-24 22:30 - 2014-08-24 22:30 - 190701930 _____ () C:\Users\Reece\Desktop\SSF2DemoV0_9b1748.zip
2014-08-24 22:30 - 2014-08-24 22:10 - 190701930 _____ () C:\Users\Reece\Downloads\SSF2DemoV0_9b1748.zip
2014-08-24 22:18 - 2014-08-24 22:18 - 01454781 _____ () C:\Users\Reece\Downloads\metro_for_steam___3_8___beta_6_by_boneyardbrew-d4u3kjv.zip
2014-08-24 15:56 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\security
2014-08-24 15:55 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\LiveKernelReports
2014-08-23 16:20 - 2014-07-22 20:26 - 00000000 ____D () C:\Users\Reece\AppData\Local\PunkBuster
2014-08-23 10:41 - 2014-08-23 10:39 - 47783931 _____ () C:\Users\Reece\Downloads\Golden Age of Racing (Europe).7z
2014-08-23 10:38 - 2014-08-23 10:38 - 02211051 _____ () C:\Users\Reece\Downloads\Ps2 bios.zip
2014-08-23 10:37 - 2014-08-23 10:37 - 00000000 ____D () C:\Users\Reece\Documents\PCSX2
2014-08-23 10:36 - 2014-08-23 10:35 - 00000000 ____D () C:\Program Files (x86)\PCSX2 1.2.1
2014-08-23 10:36 - 2014-07-22 18:33 - 00000000 ____D () C:\Windows\SysWOW64\directx
2014-08-23 10:35 - 2014-08-23 10:35 - 00001981 _____ () C:\Users\Public\Desktop\PCSX2 1.2.1 (r5875).lnk
2014-08-23 10:35 - 2014-08-23 10:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PCSX2
2014-08-23 10:35 - 2014-08-23 10:34 - 10658408 _____ () C:\Users\Reece\Downloads\pcsx2-1.2.1-r5875-setup.exe
2014-08-23 10:32 - 2014-08-23 10:32 - 00000088 _____ () C:\Users\Reece\Desktop\Scythe Kama Bay Amp Mini Pro PLUS [SCKCM-2000P-B].url
2014-08-22 12:51 - 2014-08-22 12:51 - 01364531 _____ () C:\Users\Reece\Downloads\adwcleaner_3.308.exe
2014-08-22 09:44 - 2014-07-21 17:28 - 00058800 _____ () C:\Users\Reece\AppData\Local\GDIPFONTCACHEV1.DAT
2014-08-22 09:43 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\Resources
2014-08-21 08:41 - 2014-07-21 19:50 - 00000000 ____D () C:\ProgramData\Skype
2014-08-21 08:40 - 2014-08-21 08:39 - 00000000 ____D () C:\Users\Reece\Documents\House concept pdfs
2014-08-21 00:57 - 2014-08-20 20:03 - 00000000 ____D () C:\Users\Reece\AppData\Roaming\Guild Wars 2
2014-08-20 20:56 - 2014-08-20 20:55 - 00000000 ____D () C:\Program Files (x86)\Guild Wars 2
2014-08-20 20:55 - 2014-08-20 20:55 - 00000928 _____ () C:\Users\Public\Desktop\Guild Wars 2.lnk
2014-08-20 20:55 - 2014-08-20 20:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Guild Wars 2
2014-08-20 20:02 - 2014-08-20 20:01 - 23301624 _____ (ArenaNet) C:\Users\Reece\Downloads\Gw2Setup.exe
2014-08-20 16:40 - 2014-08-19 21:16 - 00000000 ____D () C:\Users\Reece\Documents\Battlefield Heroes
2014-08-20 11:09 - 2014-07-22 20:25 - 00076152 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2014-08-20 09:39 - 2011-04-12 09:28 - 00000000 __SHD () C:\Windows\BitLockerDiscoveryVolumeContents
2014-08-19 21:08 - 2014-08-19 21:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EA Games
2014-08-19 20:29 - 2014-08-19 20:29 - 00000000 ____D () C:\Program Files (x86)\EA Games
2014-08-19 10:47 - 2014-07-21 11:57 - 00000000 ____D () C:\Users\Reece\AppData\Local\VirtualStore
2014-08-18 21:16 - 2014-08-18 21:16 - 00000000 ____D () C:\Users\Reece\AppData\Roaming\Nitro
2014-08-18 21:15 - 2014-08-18 21:15 - 00001932 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nitro Pro 9.lnk
2014-08-18 21:15 - 2014-08-18 21:15 - 00001920 _____ () C:\Users\Public\Desktop\Nitro Pro 9.lnk
2014-08-18 21:15 - 2014-08-18 21:15 - 00000000 ____D () C:\ProgramData\Nitro
2014-08-18 21:15 - 2014-08-18 21:15 - 00000000 ____D () C:\Program Files\Nitro
2014-08-18 21:15 - 2014-08-18 21:15 - 00000000 ____D () C:\Program Files\Common Files\Nitro
2014-08-18 21:15 - 2014-08-18 21:15 - 00000000 ____D () C:\Program Files (x86)\Nitro
2014-08-18 21:13 - 2014-08-18 21:13 - 00000000 ____D () C:\Users\Reece\AppData\Roaming\Downloaded Installations
2014-08-18 21:03 - 2014-08-04 12:09 - 00002465 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat Distiller X.lnk
2014-08-18 21:03 - 2014-08-04 12:09 - 00002453 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat X Pro.lnk
2014-08-18 21:03 - 2014-08-04 12:09 - 00002026 _____ () C:\Users\Public\Desktop\Adobe Acrobat X Pro.lnk
2014-08-18 21:03 - 2014-08-04 12:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe LiveCycle ES2
2014-08-18 20:51 - 2014-07-21 11:59 - 00000000 ____D () C:\Users\Reece\AppData\Roaming\Adobe
2014-08-18 20:20 - 2014-08-04 11:53 - 00000000 ____D () C:\ProgramData\Adobe
2014-08-18 20:18 - 2014-08-18 20:18 - 00000000 ____D () C:\ProgramData\regid.1986-12.com.adobe
2014-08-18 10:29 - 2014-08-18 10:29 - 00000000 ____D () C:\Users\Reece\AppData\Roaming\LolClient
2014-08-18 10:04 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-08-17 19:49 - 2014-08-17 19:49 - 00000000 ____D () C:\ProgramData\Riot Games
2014-08-17 19:45 - 2014-08-17 19:41 - 00000000 ____D () C:\Users\Reece\AppData\Roaming\Riot Games
2014-08-17 19:44 - 2014-08-17 19:44 - 00001613 _____ () C:\Users\Public\Desktop\Play League of Legends.lnk
2014-08-17 19:44 - 2014-08-17 19:44 - 00000000 __SHD () C:\Windows\SysWOW64\AI_RecycleBin
2014-08-17 19:44 - 2014-08-17 19:44 - 00000000 ____D () C:\Riot Games
2014-08-17 19:44 - 2014-08-17 19:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\League of Legends
2014-08-17 19:42 - 2014-08-17 19:42 - 00000000 ____D () C:\Program Files (x86)\Pando Networks
2014-08-17 19:41 - 2014-08-17 19:40 - 34888568 _____ (Riot Games) C:\Users\Reece\Downloads\LeagueofLegends_EUW_Installer_06_12_13.exe
2014-08-16 19:47 - 2014-08-16 19:47 - 00017513 _____ () C:\Windows\DirectX.log
2014-08-16 13:09 - 2014-08-16 13:09 - 00000000 _____ () C:\Windows\setuperr.log
2014-08-16 11:53 - 2014-07-21 20:42 - 00000000 ____D () C:\Windows\Panther
2014-08-16 11:41 - 2014-07-21 16:56 - 00766336 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-08-16 11:40 - 2014-08-16 11:40 - 00000308 _____ () C:\Users\Reece\Downloads\60fps.rar
2014-08-16 11:31 - 2014-07-24 11:00 - 00007645 _____ () C:\Users\Reece\AppData\Local\resmon.resmoncfg
2014-08-16 11:29 - 2014-08-16 11:29 - 01118920 ____N (Microsoft Corporation) C:\Users\Reece\Downloads\NDP452-KB2901954-Web.exe
2014-08-16 11:29 - 2014-08-16 11:29 - 01005568 _____ (Microsoft Corporation) C:\Users\Reece\Downloads\dotNetFx45_Full_setup.exe
2014-08-16 11:15 - 2014-08-16 11:15 - 00624000 _____ () C:\Users\Reece\Downloads\CoreParkingManager.zip
2014-08-15 22:09 - 2014-08-27 16:55 - 13889948 _____ () C:\Users\Reece\Desktop\usrcheat.dat
2014-08-15 16:03 - 2014-08-15 16:03 - 00000000 ____D () C:\Users\Reece\AppData\Local\Microsoft Games
2014-08-14 16:32 - 2014-07-21 18:35 - 00000000 ____D () C:\Windows\system32\MRT
2014-08-14 15:38 - 2014-07-25 10:56 - 00000000 ____D () C:\Program Files (x86)\LOOT
2014-08-14 15:38 - 2014-07-23 14:00 - 00000000 ____D () C:\MSIServiceCfg_CC
2014-08-14 15:38 - 2014-07-22 22:04 - 00000000 ____D () C:\Users\Reece\Documents\Grand Theft Auto San Andreas
2014-08-14 11:47 - 2014-08-14 11:46 - 01276504 _____ () C:\Users\Reece\Downloads\metro_for_steam___3_8___beta_5_by_boneyardbrew-d4u3kjv.zip
2014-08-13 21:59 - 2014-07-21 11:56 - 99218768 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-08-11 22:42 - 2014-08-04 13:43 - 00000000 ____D () C:\Users\Reece\AppData\Roaming\MediaMonkey
2014-08-11 09:48 - 2014-07-23 18:54 - 00000000 ____D () C:\Program Files (x86)\Battlelog Web Plugins
2014-08-10 21:23 - 2014-08-10 21:23 - 00000132 _____ () C:\Users\Reece\AppData\Roaming\Adobe PNG Format CS6 Prefs
2014-08-09 10:39 - 2014-08-09 10:39 - 00000000 ____D () C:\Users\Reece\AppData\Local\SCE
2014-08-09 09:25 - 2014-08-09 09:25 - 00076152 _____ () C:\Windows\system32\PnkBstrA.exe
2014-08-09 09:16 - 2014-08-09 09:12 - 00000000 ____D () C:\Users\Reece\Documents\Battlefield 4
2014-08-09 09:12 - 2014-08-09 09:12 - 02247960 _____ () C:\Users\Reece\Downloads\battlelog-web-plugins_2.4.0_141 (1).exe
2014-08-09 07:09 - 2014-08-09 07:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wing Commander III
2014-08-09 07:09 - 2009-07-14 06:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-08-09 05:55 - 2014-08-09 05:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battlefield 4
2014-08-09 01:22 - 2014-07-22 19:17 - 01715224 _____ (NVIDIA Corporation) C:\Windows\system32\nvspbridge64.dll
2014-08-09 01:22 - 2014-07-22 19:17 - 01291280 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspbridge.dll
2014-08-09 01:22 - 2014-07-22 18:39 - 01283136 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2014-08-09 01:22 - 2014-07-22 18:39 - 01126480 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2014-08-08 22:46 - 2014-08-08 22:46 - 00000107 _____ () C:\Users\Reece\Desktop\Should I Stay Or Should I Go Tab (ver 2) by Clash @ Ultimate-Guitar.Com.url
2014-08-07 20:28 - 2014-07-23 09:57 - 00000000 ____D () C:\Users\Reece\Documents\EA Games
2014-08-07 20:26 - 2014-08-07 20:26 - 00000000 ____D () C:\Windows\1C4551A64743409391E41477CD655043.TMP
2014-08-07 20:09 - 2014-08-07 20:27 - 02601752 _____ () C:\Windows\SysWOW64\pbsvc_moh.exe
2014-08-07 19:14 - 2014-08-07 19:14 - 00000113 _____ () C:\Users\Reece\Desktop\GPO Jive 3 Speed Record Player with CD and MP3 - White- Amazon.co.uk- TV.url
2014-08-07 19:13 - 2014-08-07 19:13 - 00000133 _____ () C:\Users\Reece\Desktop\Steepletone SRP025 3 Speed Record Player with Detachable Speaker - Orange- Amazon.co.uk- TV.url
2014-08-07 17:33 - 2014-08-07 17:33 - 00000088 _____ () C:\Users\Reece\Desktop\Corsair Flash Voyager Go 16GB OTG Flash Drive (CMFVG-16GB-EU) [CMFVG-16GB-EU].url
2014-08-07 12:52 - 2014-08-07 12:52 - 00000000 ____D () C:\Users\Public\Documents\Logishrd
2014-08-07 12:52 - 2014-08-07 12:52 - 00000000 ____D () C:\ProgramData\Logitech
2014-08-07 12:52 - 2014-08-07 12:43 - 00000000 ____D () C:\ProgramData\Logishrd
2014-08-07 12:51 - 2014-08-07 12:21 - 00000000 ____D () C:\Users\Reece\AppData\Roaming\Logitech
2014-08-07 12:43 - 2014-08-07 12:43 - 00018960 _____ (Logitech, Inc.) C:\Windows\system32\Drivers\LNonPnP.sys
2014-08-07 12:43 - 2014-08-07 12:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Logitech
2014-08-07 12:43 - 2014-08-07 12:43 - 00000000 ____D () C:\Program Files\Logitech
2014-08-07 12:43 - 2014-08-07 12:42 - 00000000 ____D () C:\Program Files\Common Files\Logishrd
2014-08-07 12:23 - 2014-08-07 12:18 - 18225160 _____ (Logitech Inc.) C:\Users\Reece\Downloads\scroll_app_4.00.33.exe
2014-08-07 12:21 - 2014-08-07 12:21 - 00000000 ____D () C:\Users\Reece\AppData\Roaming\Logishrd
2014-08-07 12:20 - 2014-08-07 12:18 - 04147600 _____ ($Co_Name Inc.) C:\Users\Reece\Downloads\unifying250.exe
2014-08-07 12:20 - 2014-08-07 12:18 - 03677488 _____ (Logitech Inc.) C:\Users\Reece\Downloads\SetPoint6.65.62_smart.exe
2014-08-06 16:47 - 2014-08-06 15:25 - 00003718 _____ () C:\Windows\System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473
2014-08-06 15:25 - 2014-08-06 15:25 - 00003476 _____ () C:\Windows\System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon
2014-08-06 15:25 - 2014-08-06 15:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
2014-08-06 14:20 - 2014-08-06 14:20 - 00004103 _____ () C:\Users\Reece\Downloads\EWIs Ultra SkyrimPrefs and inis v03d-51033-v03d.rar
2014-08-06 14:19 - 2014-08-06 14:19 - 00060838 _____ () C:\Users\Reece\Downloads\SafetyLoad 1_2-46465-1-2.zip
2014-08-06 14:19 - 2014-08-06 14:19 - 00014171 _____ () C:\Users\Reece\Downloads\ENBoost 5_0-38649-5-0.zip
2014-08-06 12:24 - 2014-08-06 12:24 - 00000122 _____ () C:\Users\Reece\Documents\LEL.txt
2014-08-06 12:05 - 2014-07-22 19:42 - 00000000 ____D () C:\Users\Reece\AppData\Local\Skyrim
2014-08-06 10:23 - 2014-08-06 10:23 - 00559704 _____ () C:\Users\Reece\Downloads\cln_by_toastbrotpascal-d3l6ln2.rmskin
2014-08-06 10:23 - 2014-08-06 10:23 - 00422297 _____ () C:\Users\Reece\Downloads\novella_1_1_rainmeter_music_player__by_jlynnxx-d5rg9im.rmskin
2014-08-06 10:20 - 2014-08-06 10:20 - 02568843 _____ () C:\Users\Reece\Downloads\soul_by_bradd9-d5cpk9b.rmskin
2014-08-06 10:20 - 2014-08-06 10:20 - 00433220 _____ () C:\Users\Reece\Downloads\volume_slider_v2_0_by_fbed-d3huyzu.rmskin
2014-08-06 10:20 - 2014-08-06 10:19 - 00979434 _____ () C:\Users\Reece\Downloads\the_maelstrom_by_tobimccan-d4e8nmd.rmskin
2014-08-06 10:20 - 2014-08-06 10:05 - 00000000 ____D () C:\Users\Reece\AppData\Roaming\Rainmeter
2014-08-06 10:17 - 2014-08-06 10:15 - 06105697 _____ () C:\Users\Reece\Downloads\MoonGlow_by_minhtrimatrix.zip
2014-08-06 10:05 - 2014-08-06 10:05 - 00001706 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rainmeter.lnk
2014-08-06 10:05 - 2014-08-06 10:05 - 00000000 ____D () C:\Program Files\Rainmeter
2014-08-06 10:04 - 2014-08-06 10:02 - 02293760 _____ () C:\Users\Reece\Downloads\Rainmeter-3.2-r2302-beta.exe
2014-08-05 11:34 - 2014-08-05 11:34 - 00000000 ____D () C:\Users\Reece\AppData\Local\My Games
2014-08-05 11:05 - 2014-08-05 11:00 - 00000000 ____D () C:\Users\Reece\Desktop\tes5edit
2014-08-05 10:59 - 2014-08-05 10:59 - 02348352 _____ () C:\Users\Reece\Downloads\TES5Edit_3_0_32_EXPERIMENTAL-25859-3-0-32EXP.7z
2014-08-05 09:20 - 2010-11-21 04:27 - 00270496 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-08-05 07:48 - 2014-08-05 07:48 - 01239708 _____ () C:\Users\Reece\Downloads\metro_for_steam___3_8___beta_3_by_boneyardbrew-d4u3kjv.zip
2014-08-04 19:12 - 2014-08-04 19:12 - 00048285 _____ () C:\Users\Reece\Downloads\Savetool-52363-1-13beta.zip
2014-08-04 16:05 - 2014-08-04 16:05 - 00000000 ____D () C:\Users\Reece\AppData\Roaming\Apple Computer
2014-08-04 15:53 - 2014-08-04 15:53 - 00313875 _____ () C:\Users\Reece\Downloads\skse_1_07_01_installer.exe
2014-08-04 14:52 - 2014-07-22 18:38 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2014-08-04 14:52 - 2014-07-22 18:37 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2014-08-04 14:51 - 2014-07-22 14:29 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2014-08-04 14:40 - 2014-07-22 18:39 - 00000000 ____D () C:\Users\Reece\AppData\Local\NVIDIA Corporation
2014-08-04 14:19 - 2014-08-04 14:13 - 179766994 _____ () C:\Users\Reece\Downloads\01 Main File - UNP - Hmm What To Wear-22168-3-2 (1).rar
2014-08-04 14:10 - 2014-08-04 14:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
2014-08-04 14:10 - 2014-08-04 14:10 - 00000000 ____D () C:\ProgramData\Apple Computer
2014-08-04 14:09 - 2014-08-04 14:09 - 00002519 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
2014-08-04 14:09 - 2014-08-04 14:09 - 00000000 ____D () C:\Users\Reece\AppData\Local\Apple
2014-08-04 14:09 - 2014-08-04 14:09 - 00000000 ____D () C:\ProgramData\Apple
2014-08-04 14:09 - 2014-08-04 14:09 - 00000000 ____D () C:\Program Files (x86)\Apple Software Update
2014-08-04 14:07 - 2014-08-04 14:05 - 41945432 _____ (Apple Inc.) C:\Users\Reece\Downloads\QuickTimeInstaller.exe
2014-08-04 14:06 - 2014-08-04 13:52 - 85096286 _____ () C:\Users\Reece\Downloads\Radiant and Unique Potions Poisons and BOOZE v2 GLOWING VERSION-18799-2-0.rar
2014-08-04 13:56 - 2014-08-04 13:56 - 00083125 _____ () C:\Users\Reece\Downloads\The Dance of Death 4-0 Beta - Ultimate Edition-10906-4-0.7z
2014-08-04 13:54 - 2014-08-04 13:54 - 00001494 _____ () C:\Users\Reece\Downloads\Merged-17214-1-1.rar
2014-08-04 13:43 - 2014-08-04 13:43 - 00001039 _____ () C:\Users\Public\Desktop\MediaMonkey.lnk
2014-08-04 13:43 - 2014-08-04 13:43 - 00000000 ____D () C:\Users\Reece\AppData\Local\MediaMonkey
2014-08-04 13:43 - 2014-08-04 13:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MediaMonkey
2014-08-04 13:43 - 2014-08-04 13:43 - 00000000 ____D () C:\ProgramData\MediaMonkey
2014-08-04 13:43 - 2014-08-04 13:43 - 00000000 ____D () C:\Program Files (x86)\MediaMonkey
2014-08-04 13:41 - 2014-08-04 13:41 - 15197736 _____ (Ventis Media Inc. ) C:\Users\Reece\Downloads\MediaMonkey_4.1.3.1708.exe
2014-08-04 12:18 - 2014-08-04 11:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Master Collection CS6
2014-08-04 12:17 - 2014-08-04 11:59 - 00000000 ____D () C:\Program Files (x86)\Adobe
2014-08-04 12:17 - 2014-08-04 11:57 - 00000000 ____D () C:\Program Files\Common Files\Adobe
2014-08-04 12:17 - 2014-08-04 11:57 - 00000000 ____D () C:\Program Files\Adobe
2014-08-04 12:14 - 2014-08-04 12:14 - 00000000 ____D () C:\ProgramData\ALM
2014-08-04 12:11 - 2014-08-04 12:11 - 00000000 ____D () C:\Users\Reece\Adobe Flash Builder 4.6
2014-08-04 12:06 - 2014-08-04 12:06 - 00001097 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Widget Browser.lnk
2014-08-04 12:05 - 2014-08-04 12:05 - 00000000 ____D () C:\Program Files (x86)\My Company Name
2014-08-04 12:02 - 2014-08-04 12:02 - 00000997 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Help.lnk
2014-08-04 12:02 - 2014-08-04 12:02 - 00000000 ____D () C:\Users\Default\AppData\Roaming\Macromedia
2014-08-04 12:02 - 2014-08-04 12:02 - 00000000 ____D () C:\Users\Default User\AppData\Roaming\Macromedia
2014-08-04 11:09 - 2014-08-04 11:09 - 00001011 _____ () C:\Program Files (x86)\Nexus Mod Manager.lnk
2014-08-04 10:53 - 2014-08-04 10:51 - 00799476 _____ () C:\Users\Reece\Downloads\Win7LogonBackgroundChanger_1_5_2.zip
2014-08-04 10:51 - 2014-08-04 10:51 - 00000000 ____D () C:\Users\Reece\AppData\Local\http___www.julien-manici
2014-08-04 10:48 - 2014-08-04 10:27 - 147645334 _____ () C:\Users\Reece\Downloads\JaySuS Swords V13C-1002-13C.rar
2014-08-04 10:38 - 2014-08-04 10:38 - 00000402 __RSH () C:\ProgramData\ntuser.pol
2014-08-04 10:38 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\system32\oobe
2014-08-04 10:37 - 2009-07-14 04:20 - 00000000 ___HD () C:\Windows\system32\GroupPolicy
2014-08-04 10:29 - 2014-08-04 10:29 - 00170775 _____ () C:\Users\Reece\Downloads\Hidden Blade Sound FX-24977-1-0.7z
2014-08-04 10:18 - 2014-08-04 10:18 - 00048912 _____ () C:\Users\Reece\Downloads\Personalized Music v 5_0-13286-5-0.zip
2014-08-04 10:18 - 2014-08-04 10:18 - 00012531 _____ () C:\Users\Reece\Downloads\Personalized Music - Player Homes Music v 1_1-13286-1-1.zip
2014-08-04 10:09 - 2014-08-04 09:56 - 49217780 _____ () C:\Users\Reece\Downloads\Breezehome Fully Upgradable Dawnguard and Hearthfires v1_7_7-11158-1-7-7.zip
2014-08-04 10:00 - 2014-08-04 09:54 - 21056666 _____ () C:\Users\Reece\Downloads\Designs of The Nords Banners-13429-1-5.zip
2014-08-04 09:43 - 2014-08-04 09:43 - 00002772 _____ () C:\Windows\System32\Tasks\CCleanerSkipUAC
2014-08-04 09:43 - 2014-08-04 09:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2014-08-04 09:43 - 2014-08-04 09:43 - 00000000 ____D () C:\Program Files\CCleaner
2014-08-04 09:42 - 2014-08-04 09:41 - 04813544 _____ (Piriform Ltd) C:\Users\Reece\Downloads\ccsetup416.exe
2014-08-04 09:40 - 2014-08-04 09:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Defraggler
2014-08-04 09:40 - 2014-08-04 09:40 - 00000000 ____D () C:\Program Files\Defraggler
2014-08-04 09:39 - 2014-08-04 09:38 - 04362512 _____ (Piriform Ltd) C:\Users\Reece\Downloads\dfsetup218.exe
2014-08-03 21:47 - 2014-08-03 21:40 - 258817180 _____ () C:\Users\Reece\Downloads\NMM Installer-56588-v1-2.7z
2014-08-03 14:46 - 2014-08-03 14:18 - 122006254 _____ () C:\Users\Reece\Downloads\Improved Bard Girl - All-in-one-56599-1-1.zip
2014-08-03 14:43 - 2014-08-03 14:20 - 235701929 _____ () C:\Users\Reece\Downloads\UNP Mashup Compilation v1-20415-1.rar
2014-08-03 14:41 - 2014-08-03 14:21 - 179766994 _____ () C:\Users\Reece\Downloads\01 Main File - UNP - Hmm What To Wear-22168-3-2.rar
2014-08-03 14:36 - 2014-08-03 14:22 - 97711094 _____ () C:\Users\Reece\Downloads\West Wind Misfit Mage v1-36780-1.rar
2014-08-03 14:34 - 2014-08-03 14:15 - 69908174 _____ () C:\Users\Reece\Downloads\MBWS Followers II Fomod Installer-56564-1-1.7z
2014-08-03 14:29 - 2014-08-03 14:22 - 42526144 _____ () C:\Users\Reece\Downloads\Wild Huntress Top Model with TBBP-53494-1-0.7z
2014-08-03 14:28 - 2014-08-03 14:22 - 08939856 _____ () C:\Users\Reece\Downloads\02 Dawn Guard Dissassembled-22168-3-1.rar
2014-08-03 14:23 - 2014-08-03 14:23 - 04154233 _____ () C:\Users\Reece\Downloads\Ver 0.1-56393-0-1.zip
2014-08-03 14:21 - 2014-08-03 14:19 - 26222551 _____ () C:\Users\Reece\Downloads\Anya-55473-1-1.zip
2014-08-03 14:21 - 2014-08-03 14:14 - 114006593 _____ () C:\Users\Reece\Downloads\zzjays wardrobe-53442-1-3.7z
2014-08-03 14:11 - 2014-08-03 14:10 - 20366281 _____ () C:\Users\Reece\Downloads\OK_Lunetta-56595-1-0.7z
2014-08-03 14:11 - 2014-08-03 14:10 - 08945551 _____ () C:\Users\Reece\Downloads\Osare Maid Outfit 1_2-13569-1-2.7z
2014-08-03 14:10 - 2014-08-03 14:06 - 105728246 _____ () C:\Users\Reece\Downloads\Ethereal Elven Overhaul-24273-1-1-1.zip
2014-08-03 14:02 - 2014-08-03 14:01 - 23617240 _____ () C:\Users\Reece\Downloads\yurica_chevaleresse armor v2.0-56475-v2-0.rar
2014-08-02 21:12 - 2014-08-02 21:12 - 00000000 ____D () C:\Windows\system32\appmgmt
2014-08-02 21:11 - 2014-08-02 21:11 - 00000000 ____D () C:\Users\Reece\AppData\Roaming\Unity
2014-08-02 21:05 - 2014-08-02 21:05 - 00000168 _____ () C:\Users\Reece\Desktop\SanDisk SDDD-032G-G46 32 GB Ultra Dual USB Drive - Standard Packaging- Amazon.co.uk- Computers & Accessories.url
2014-08-02 21:05 - 2014-08-02 21:05 - 00000168 _____ () C:\Users\Reece\Desktop\Kingston 32GB Micro USB 2.0 DataTraveler Flash Drive- Amazon.co.uk- Computers & Accessories.url
2014-08-02 21:02 - 2014-08-02 21:02 - 01080480 _____ (Unity Technologies ApS) C:\Users\Reece\Downloads\UnityWebPlayer (2).exe
2014-08-02 21:02 - 2014-08-02 21:02 - 01080480 _____ (Unity Technologies ApS) C:\Users\Reece\Downloads\UnityWebPlayer (1).exe
2014-08-02 21:02 - 2014-08-02 21:02 - 00000000 ____D () C:\Users\Reece\AppData\Local\Unity
2014-08-02 20:59 - 2014-08-02 20:59 - 01080480 _____ (Unity Technologies ApS) C:\Users\Reece\Downloads\UnityWebPlayer.exe
2014-08-02 20:59 - 2014-08-02 20:59 - 00000000 ____D () C:\Users\Reece\AppData\Local\Downloaded Installations
2014-08-02 20:59 - 2014-08-02 20:57 - 06286748 _____ () C:\Users\Reece\Downloads\SDFormatterv4.zip
2014-08-02 19:31 - 2014-08-02 19:31 - 00000109 _____ () C:\Users\Reece\Desktop\Take a Look at Young Rewired State if Your Kids Like to Code - Lifehacker UK.url
2014-08-02 16:50 - 2014-08-02 16:50 - 00000000 ____D () C:\Users\Reece\Desktop\MODS
2014-08-02 16:01 - 2014-08-02 16:01 - 27239623 _____ () C:\Users\Reece\Downloads\torbrowser-install-3.6.3_en-US.exe
2014-08-02 16:01 - 2014-08-02 16:01 - 00000000 ____D () C:\Users\Reece\Desktop\Tor Browser
2014-08-02 15:52 - 2014-08-02 15:52 - 00000098 _____ () C:\Users\Reece\Desktop\Universal Portable USB Charger.url
2014-08-02 15:29 - 2009-07-14 04:20 - 00000000 __RHD () C:\Users\Public\Libraries
2014-08-01 14:23 - 2014-08-01 14:23 - 00069640 _____ (Nalpeiron Ltd.) C:\Windows\SysWOW64\NLSSRV32.EXE
2014-08-01 14:22 - 2014-08-18 21:15 - 00029704 _____ (Nitro PDF Software) C:\Windows\system32\nitrolocalmon9.dll
2014-08-01 14:22 - 2014-08-18 21:15 - 00017928 _____ (Nitro PDF Software) C:\Windows\system32\nitrolocalui9.dll
 
Some content of TEMP:
====================
C:\Users\Reece\AppData\Local\Temp\Quarantine.exe
 
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2014-08-27 12:26
 
==================== End Of Log ============================
 
 
 
 
Addition Log
 
 
 
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 25-08-2014
Ran by Reece at 2014-08-27 20:17:33
Running from C:\Users\Reece\Downloads
Boot Mode: Normal
==========================================================
 
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
FW: avast! Antivirus (Enabled) {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}
 
==================== Installed Programs ======================
 
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
µTorrent (HKCU\...\uTorrent) (Version: 3.4.2.32534 - BitTorrent Inc.)
Active@ KillDisk 7.1 (HKLM-x32\...\{3F36F1F6-D55E-4C60-A9DD-809FED24CED7}_is1) (Version: 7.1 - LSoft Technologies Inc)
Adobe Acrobat X Pro - English, Français, Deutsch (HKLM-x32\...\{AC76BA86-1033-F400-7760-000000000005}) (Version: 10.1.11 - Adobe Systems)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 14.0.0.178 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 14.0.0.178 - Adobe Systems Incorporated) Hidden
Adobe Creative Suite 6 Master Collection (HKLM-x32\...\{E8AD3069-9EB7-4BA8-8BFE-83F4E69355C0}) (Version: 6 - Adobe Systems Incorporated)
Adobe Flash Player 14 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 14.0.0.176 - Adobe Systems Incorporated)
Adobe Flash Player 14 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 14.0.0.179 - Adobe Systems Incorporated)
Adobe Help Manager (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 4.0.244 - Adobe Systems Incorporated)
Adobe Help Manager (x32 Version: 4.0.244 - Adobe Systems Incorporated) Hidden
Adobe Widget Browser (HKLM-x32\...\com.adobe.WidgetBrowser) (Version: 2.0 Build 348 - Adobe Systems Incorporated.)
Adobe Widget Browser (x32 Version: 2.0.348 - Adobe Systems Incorporated.) Hidden
Apple Application Support (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Audiosurf (HKLM-x32\...\Steam App 12900) (Version:  - Dylan Fitterer)
avast! Internet Security (HKLM-x32\...\Avast) (Version: 9.0.2021 - AVAST Software)
Awesomenauts (HKLM-x32\...\Steam App 204300) (Version:  - Ronimo Games)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Battlefield 3™ (HKLM-x32\...\{76285C16-411A-488A-BCE3-C83CB933D8CF}) (Version: 1.6.0.0 - Electronic Arts)
Battlefield 4™ (HKLM-x32\...\{ABADE36E-EC37-413B-8179-B432AD3FACE7}) (Version: 1.3.2.3825 - Electronic Arts)
Battlefield Heroes (HKLM-x32\...\{8DC910CD-8EE3-4ffc-A4EB-9B02701059C4}) (Version:  - EA Digital illusions)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.4.0 - EA Digital Illusions CE AB)
bl (x32 Version: 1.0.0 - Your Company Name) Hidden
Call of Duty: World at War (HKLM-x32\...\Steam App 10090) (Version:  - Treyarch)
CCleaner (HKLM\...\CCleaner) (Version: 4.16 - Piriform)
Counter-Strike (HKLM-x32\...\Steam App 10) (Version:  - Valve)
Counter-Strike: Condition Zero (HKLM-x32\...\Steam App 80) (Version:  - Valve)
Counter-Strike: Condition Zero Deleted Scenes (HKLM-x32\...\Steam App 100) (Version:  - Valve)
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version:  - Valve)
Counter-Strike: Source (HKLM-x32\...\Steam App 240) (Version:  - Valve)
Defraggler (HKLM\...\Defraggler) (Version: 2.18 - Piriform)
DiRT 3 (HKLM-x32\...\Steam App 44320) (Version:  - Codemasters Racing Studio)
EaseUS Data Recovery Wizard 8.0 (HKLM-x32\...\EaseUS Data Recovery Wizard 8.0_is1) (Version:  - EaseUS)
f.lux (HKCU\...\Flux) (Version:  - )
Geeks3D FurMark 1.13.0 (HKLM-x32\...\{2397CAD4-2263-4CD0-96BE-E43A980B9C9A}_is1) (Version:  - Geeks3D)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 31.0.1650.59 - Google Inc.)
Google Update Helper (x32 Version: 1.3.21.115 - Google Inc.) Hidden
GTR Evolution (HKLM-x32\...\Steam App 8660) (Version:  - SimBin)
Guild Wars 2 (HKLM-x32\...\Guild Wars 2) (Version:  - NCsoft Corporation, Ltd.)
HD Tune Pro 5.50 (HKLM-x32\...\HD Tune Pro_is1) (Version:  - EFD Software)
Intel® Chipset Device Software (Version: 10.0.17 - Intel Corporation) Hidden
Intel® Chipset Device Software (x32 Version: 10.0.17 - Intel® Corporation) Hidden
Intel® Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 10.0.0.1168 - Intel Corporation)
Intel® Management Engine Components (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel® Management Engine Components (Version: 10.0.0.1168 - Intel Corporation) Hidden
Intel® PRO/Wireless Driver (Version: 17.00.0000.1347 - Intel Corporation) Hidden
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3621 - Intel Corporation)
Intel® PROSet/Wireless Software for Bluetooth® Technology(patch version 17.0.1347.2) (HKLM\...\{302600C1-6BDF-4FD1-1312-148929CC1385}) (Version: 17.0.1312.0414 - Intel Corporation)
Intel® Update Manager (HKLM-x32\...\{12914061-EB9B-4AE7-AC7E-0B8A607C7DF4}) (Version: 2.3.1338 - Intel Corporation)
Intel® USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 3.0.0.34 - Intel Corporation)
Intel® WiDi (HKLM\...\{F949AE30-83D1-41B2-92D2-F44478DD058A}) (Version: 4.2.24.0 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{7e493493-a430-4b7b-b8a2-48d61599e220}) (Version: 17.0.0 - Intel Corporation)
Intel® PROSet/Wireless WiFi Software (Version: 17.0.0.0332 - Intel Corporation) Hidden
Intel® Trusted Connect Service Client (Version: 1.35.127.1 - Intel Corporation) Hidden
Java 7 Update 65 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217065FF}) (Version: 7.0.650 - Oracle)
Java Auto Updater (x32 Version: 2.1.65.20 - Oracle, Inc.) Hidden
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games)
League of Legends (x32 Version: 3.0.1 - Riot Games) Hidden
Logitech SetPoint 6.65 (HKLM\...\sp6) (Version: 6.65.62 - Logitech)
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.227 - LogMeIn, Inc.)
LogMeIn Hamachi (x32 Version: 2.2.0.227 - LogMeIn, Inc.) Hidden
LOOT (HKLM-x32\...\LOOT) (Version: 0.6.0 - LOOT Development Team)
Malwarebytes Anti-Malware version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Medal of Honor™ Multiplayer (HKLM-x32\...\Steam App 47830) (Version:  - Electronic Arts)
MediaMonkey 4.1 (HKLM-x32\...\MediaMonkey_is1) (Version: 4.1 - Ventis Media Inc.)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (Version: 4.5.51209 - Microsoft Corporation) Hidden
Microsoft Chart Controls for Microsoft .NET Framework 3.5 (KB2500170) (HKLM-x32\...\{41785C66-90F2-40CE-8CB5-1C94BFC97280}) (Version: 3.5.30730.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 ENU (x32 Version: 3.5.8080.0 - Microsoft Corporation) Hidden
Microsoft SQL Server Compact 3.5 SP2 x64 ENU (Version: 3.5.8080.0 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Microsoft_VC80_CRT_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC90_CRT_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFC_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFCLOC_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Mozilla Firefox 31.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 31.0 (x86 en-US)) (Version: 31.0 - Mozilla)
MSI Afterburner 2.3.1 (HKLM-x32\...\Afterburner) (Version: 2.3.1 - MSI Co., LTD)
MSI Command Center (HKLM-x32\...\{85A2564E-9ED9-448A-91E4-B9211EE58A08}_is1) (Version: 1.0.0.68 - MSI)
MSI Fast Boot (HKLM-x32\...\{0F212E7A-65EB-4668-A8D7-749026A64F8E}_is1) (Version: 1.0.1.3 - MSI)
MSI Gaming APP (HKLM-x32\...\{E0229316-E73B-484B-B9E0-45098AB38D8C}}_is1) (Version: 2.0.0.12 - MSI)
MSI Kombustor 3.3.0 (HKLM\...\{9598DA62-2AE8-426D-9C86-BEA96AC6721E}_is1) (Version:  - MSI Co., LTD)
MSI Live Update (HKLM-x32\...\{4F46CF54-47D2-41F4-B230-B0954C544420}}_is1) (Version: 6.0.006 - MSI)
MSI Smart Utilities (HKLM-x32\...\{009E5DF2-3F97-480B-89DA-F2D5E672E14A}_is1) (Version: 2.0.0.06 - MSI)
MSI Super Charger (HKLM-x32\...\{7CDF10DD-A9B5-4DA3-AB95-E193248D4369}_is1) (Version: 1.2.025 - MSI)
Nitro Pro 9 (HKLM\...\{BAEC0BFE-B056-40A6-A8EC-12BFAE6025CD}) (Version: 9.5.3.8 - Nitro)
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.6.8 - Notepad++ Team)
NVIDIA 3D Vision Controller Driver 340.50 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 340.50 - NVIDIA Corporation)
NVIDIA 3D Vision Driver 340.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 340.52 - NVIDIA Corporation)
NVIDIA Control Panel 340.52 (Version: 340.52 - NVIDIA Corporation) Hidden
NVIDIA GeForce Experience 2.1.1.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1.1.1 - NVIDIA Corporation)
NVIDIA Graphics Driver 340.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 340.52 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.160.1244 - NVIDIA Corporation) Hidden
NVIDIA LED Visualizer 1.0 (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA Network Service (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.13.1220 - NVIDIA Corporation) Hidden
NVIDIA PhysX System Software 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)
NVIDIA ShadowPlay 15.3.36 (Version: 15.3.36 - NVIDIA Corporation) Hidden
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.12.6514 - NVIDIA Corporation) Hidden
NVIDIA Update 15.3.36 (Version: 15.3.36 - NVIDIA Corporation) Hidden
NVIDIA Update Core (Version: 15.3.36 - NVIDIA Corporation) Hidden
NVIDIA Virtual Audio 1.2.23 (Version: 1.2.23 - NVIDIA Corporation) Hidden
Origin (HKLM-x32\...\Origin) (Version: 9.4.11.2806 - Electronic Arts, Inc.)
PCSX2 - Playstation 2 Emulator (HKLM-x32\...\pcsx2-r5875) (Version:  - )
PDF Settings CS6 (x32 Version: 11.0 - Adobe Systems Incorporated) Hidden
ph (x32 Version: 1.0.0 - Your Company Name) Hidden
PlanetSide 2 (HKCU\...\SOE-PlanetSide 2) (Version:  - Sony Online Entertainment)
PlanetSide 2 (HKLM-x32\...\Steam App 218230) (Version:  - Sony Online Entertainment)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.990 - Even Balance, Inc.)
Qualcomm Atheros Bandwidth Control Filter Driver (Version: 1.1.42.1045 - Qualcomm Atheros) Hidden
Qualcomm Atheros Killer E220x Drivers (Version: 1.1.42.1045 - Qualcomm Atheros) Hidden
Qualcomm Atheros Killer Network Manager Suite (HKLM-x32\...\{E70DB50B-10B4-46BC-9DE2-AB8B49E061EE}) (Version: 1.1.42.1045 - Qualcomm Atheros)
Qualcomm Atheros Network Manager (Version: 1.1.42.1045 - Qualcomm Atheros) Hidden
QuickTime 7 (HKLM-x32\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)
RACE 07 (HKLM-x32\...\Steam App 8600) (Version:  - SimBin)
Rainmeter (HKLM-x32\...\Rainmeter) (Version: 3.2 beta r2302 - )
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7245 - Realtek Semiconductor Corp.)
Recuva (HKLM\...\Recuva) (Version: 1.51 - Piriform)
Rome: Total War (HKLM-x32\...\Steam App 4760) (Version:  - The Creative Assembly)
Sandboxie 4.12 (64-bit) (HKLM\...\Sandboxie) (Version: 4.12 - Sandboxie Holdings, LLC)
SDFormatter (HKLM-x32\...\{179324FF-7B16-4BA8-9836-055CAAEE4F08}) (Version: 4.0.0 - SD Association)
SHIELD Streaming (Version: 3.1.100 - NVIDIA Corporation) Hidden
Sid Meier's Civilization V (HKLM-x32\...\Steam App 8930) (Version:  - 2K Games, Inc.)
Skype™ 6.18 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.18.106 - Skype Technologies S.A.)
Sound Blaster Cinema 2 (HKLM-x32\...\{B4F6F8CC-2C61-42CC-A4CC-76621F25BDC7}) (Version: 1.00.06 - Creative Technology Limited)
Spotify (HKCU\...\Spotify) (Version: 0.9.12.10.g89b2a4fc - Spotify AB)
Star Wars - Battlefront II (HKLM-x32\...\Steam App 6060) (Version:  - Pandemic Studios)
Steam (HKLM-x32\...\Steam) (Version:  - Valve Corporation)
Team Fortress 2 (HKLM-x32\...\Steam App 440) (Version:  - Valve)
The Crew (Beta) (HKLM-x32\...\Uplay Install 750) (Version:  - Ubisoft)
Total War: SHOGUN 2 (HKLM-x32\...\Steam App 34330) (Version:  - The Creative Assembly)
Unity Web Player (HKCU\...\UnityWebPlayer) (Version: 4.5.2f1 - Unity Technologies ApS)
Unturned (HKLM-x32\...\Steam App 304930) (Version:  - Nelson Sexton)
Uplay (HKLM-x32\...\Uplay) (Version: 4.7 - Ubisoft)
UsbFix (HKLM-x32\...\Usbfix) (Version: 7.178 - El Desaparecido - www.usbfix.net - www.sosvirus.net)
Usrcheat Downloader (HKLM-x32\...\{EC60A68E-C082-45B1-9A2F-606860EE0E75}) (Version: 1.0.0 - Syntechx.com)
VGA Boost (HKLM-x32\...\{809ACFAE-9A4D-4C60-9223-D8B615CD8CBA}}_is1) (Version: 1.0.0.7 - MSI)
Wing Commander III (HKLM-x32\...\{F96B9930-E22A-44D6-81B5-6C8E92C21B4B}) (Version: 2.0.0.2 - Electronic Arts)
WinRAR 5.10 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.10.0 - win.rar GmbH)
 
==================== Custom CLSID (selected items): ==========================
 
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
 
CustomCLSID: HKU\S-1-5-21-3935737622-925899942-76902763-1000_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\Windows\system32\igfxEM.exe (Intel Corporation)
 
==================== Restore Points  =========================
 
26-08-2014 12:48:19 avast! antivirus system restore point
26-08-2014 12:57:37 avast! antivirus system restore point
26-08-2014 13:03:26 Device Driver Package Install: Avast Network Service
26-08-2014 15:50:34 Installed SDFormatter.
26-08-2014 21:22:13 Windows Update
27-08-2014 08:19:22 Windows Update
27-08-2014 08:19:52 Windows Update
27-08-2014 08:20:08 Windows Update
27-08-2014 08:38:35 Configured Sound Blaster Cinema 2
27-08-2014 08:39:47 MSI Intel Extreme Tuning Utility
27-08-2014 09:10:10 MSI Intel Extreme Tuning Utility
27-08-2014 15:52:10 Installed Usrcheat Downloader
 
==================== Hosts content: ==========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
 
==================== Scheduled Tasks (whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
 
Task: {02001B94-F4BB-4634-8F69-196049DFB845} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-07-21] (Google Inc.)
Task: {21612140-71C4-4393-8DCB-C01E0E10FC1F} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-07-23] (Piriform Ltd)
Task: {231D8E7E-0F51-4F25-90D4-3744987328C1} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-08-26] (AVAST Software)
Task: {464BF0E9-AD7A-468B-A387-3C847C32A428} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-07-21] (Google Inc.)
Task: {50414D6A-F2D7-4D09-85B4-7ED0A981B5FE} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-08-26] (Adobe Systems Incorporated)
Task: {7D65EB2C-F1F7-4E78-936B-C3C5B1373210} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon => C:\Program Files (x86)\Intel\Intel® Update Manager\bin\iumsvc.exe [2014-02-28] ()
Task: {B89B296E-A92D-470B-A902-FCC655634DCA} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel® Update Manager\bin\iumsvc.exe [2014-02-28] ()
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
 
==================== Loaded Modules (whitelisted) =============
 
2014-07-22 18:37 - 2014-07-02 19:55 - 00116568 ____N () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2014-05-12 10:49 - 2014-05-12 10:49 - 00222720 ____N () C:\Program Files (x86)\Notepad++\NppShell_06.dll
2014-07-22 20:25 - 2014-08-20 11:09 - 00076152 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2014-07-21 17:40 - 2014-02-21 11:21 - 00089600 _____ () C:\Windows\SYSTEM32\CmdRtr64.DLL
2014-07-21 17:40 - 2014-02-21 11:19 - 00366080 _____ () C:\Windows\SYSTEM32\APOMgr64.DLL
2014-07-21 20:03 - 2014-08-26 11:14 - 00610872 ____N () C:\Users\Reece\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
2014-08-26 13:51 - 2014-08-26 13:51 - 00301152 ____N () C:\Program Files\AVAST Software\Avast\aswProperty.dll
2014-08-27 09:47 - 2014-08-27 09:47 - 02801152 ____N () C:\Program Files\AVAST Software\Avast\defs\14082700\algo.dll
2014-08-27 20:15 - 2014-08-27 20:15 - 02801152 _____ () C:\Program Files\AVAST Software\Avast\defs\14082701\algo.dll
2014-07-19 12:15 - 2014-04-30 10:15 - 01723888 ____N () C:\MSI\Smart Utilities\SuperRAIDExt.DLL
2014-07-21 17:40 - 2014-02-21 11:20 - 00074240 _____ () C:\Windows\SysWOW64\CmdRtr.DLL
2014-07-21 17:40 - 2014-02-21 11:17 - 00274944 _____ () C:\Windows\SysWOW64\APOMngr.DLL
2014-08-26 13:51 - 2014-08-26 13:51 - 19329904 ____N () C:\Program Files\AVAST Software\Avast\libcef.dll
2014-02-19 18:51 - 2014-02-19 18:51 - 01241560 ____N () C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\ACE.dll
2014-08-22 09:47 - 2014-08-21 19:15 - 01171456 _____ () C:\Program Files (x86)\Steam\libavcodec-56.dll
2014-08-22 09:47 - 2014-08-21 19:15 - 00442368 _____ () C:\Program Files (x86)\Steam\libavutil-54.dll
2014-08-22 09:47 - 2014-08-21 19:15 - 00332800 _____ () C:\Program Files (x86)\Steam\libavresample-2.dll
2014-07-21 18:46 - 2014-08-20 23:38 - 00774656 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2014-07-21 18:46 - 2014-08-27 10:13 - 02224320 _____ () C:\Program Files (x86)\Steam\video.dll
2014-08-22 09:47 - 2014-08-21 19:15 - 00403968 _____ () C:\Program Files (x86)\Steam\libavformat-56.dll
2014-08-22 09:47 - 2014-08-21 19:15 - 00485888 _____ () C:\Program Files (x86)\Steam\libswscale-3.dll
2014-07-21 18:46 - 2014-08-27 10:13 - 00678080 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2014-07-21 20:03 - 2014-08-26 11:14 - 36966968 ____N () C:\Users\Reece\AppData\Roaming\Spotify\Data\libcef.dll
2014-08-02 15:30 - 2014-08-20 23:38 - 34589376 _____ () C:\Program Files (x86)\Steam\bin\libcef.dll
2014-07-21 20:03 - 2014-08-26 11:14 - 00867896 ____N () C:\Users\Reece\AppData\Roaming\Spotify\Data\ffmpegsumo.dll
2014-07-21 20:03 - 2014-08-26 11:14 - 00886840 ____N () C:\Users\Reece\AppData\Roaming\Spotify\Data\libglesv2.dll
2014-07-21 20:03 - 2014-08-26 11:14 - 00108600 ____N () C:\Users\Reece\AppData\Roaming\Spotify\Data\libegl.dll
2014-07-23 22:31 - 2014-08-20 23:38 - 00837824 _____ () C:\Program Files (x86)\Steam\bin\ffmpegsumo.dll
2014-07-21 17:36 - 2013-11-14 22:07 - 00702416 ____N () C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.59\libglesv2.dll
2014-07-21 17:36 - 2013-11-14 22:07 - 00099792 ____N () C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.59\libegl.dll
2014-07-21 17:36 - 2013-11-14 22:08 - 04055504 ____N () C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.59\pdf.dll
2014-07-21 17:36 - 2013-11-14 22:08 - 00399312 ____N () C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.59\ppGoogleNaClPluginChrome.dll
2014-07-21 17:36 - 2013-11-14 22:07 - 01619408 ____N () C:\Program Files (x86)\Google\Chrome\Application\31.0.1650.59\ffmpegsumo.dll
 
==================== Alternate Data Streams (whitelisted) =========
 
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
 
AlternateDataStreams: C:\Windows:nlsPreferences
 
==================== Safe Mode (whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"
 
==================== EXE Association (whitelisted) =============
 
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
 
 
==================== MSCONFIG/TASK MANAGER disabled items =========
 
(Currently there is no automatic fix for this section.)
 
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Killer Network Manager.lnk => C:\Windows\pss\Killer Network Manager.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^Reece^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Rainmeter.lnk => C:\Windows\pss\Rainmeter.lnk.Startup
MSCONFIG\startupreg: Acrobat Assistant 8.0 => "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrotray.exe"
MSCONFIG\startupreg: Adobe Acrobat Speed Launcher => "C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\Acrobat_sl.exe"
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: AdobeCS6ServiceManager => "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: f.lux => "C:\Users\Reece\AppData\Local\FluxSoftware\Flux\flux.exe" /noshow
MSCONFIG\startupreg: Live Update => C:\Program Files (x86)\MSI\Live Update\StartLiveUpdate.exe /REMINDER
MSCONFIG\startupreg: Logitech Download Assistant => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
MSCONFIG\startupreg: LogMeIn Hamachi Ui => "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
MSCONFIG\startupreg: SandboxieControl => "C:\Program Files\Sandboxie\SbieCtrl.exe"
MSCONFIG\startupreg: Spotify => "C:\Users\Reece\AppData\Roaming\Spotify\Spotify.exe" /uri spotify:autostart
MSCONFIG\startupreg: Spotify Web Helper => "C:\Users\Reece\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: Super Charger => C:\Program Files (x86)\MSI\Super Charger\Super Charger.exe
 
==================== Faulty Device Manager Devices =============
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (08/27/2014 05:55:10 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: igfxCUIService.exe, version: 6.15.10.3621, time stamp: 0x5376e21a
Faulting module name: igfxCUIService.exe, version: 6.15.10.3621, time stamp: 0x5376e21a
Exception code: 0xc0000005
Fault offset: 0x000000000001116c
Faulting process id: 0x508
Faulting application start time: 0xigfxCUIService.exe0
Faulting application path: igfxCUIService.exe1
Faulting module path: igfxCUIService.exe2
Report Id: igfxCUIService.exe3
 
Error: (08/27/2014 05:54:58 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (08/27/2014 09:49:42 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: CommandCenter.exe, version: 1.0.0.68, time stamp: 0x539fafa0
Faulting module name: KERNELBASE.dll, version: 6.1.7601.18409, time stamp: 0x53159a86
Exception code: 0xe0434352
Fault offset: 0x0000c42d
Faulting process id: 0x1708
Faulting application start time: 0xCommandCenter.exe0
Faulting application path: CommandCenter.exe1
Faulting module path: CommandCenter.exe2
Report Id: CommandCenter.exe3
 
Error: (08/27/2014 09:49:41 AM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: CommandCenter.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.Reflection.TargetInvocationException
Stack:
   at System.Windows.Markup.WpfXamlLoader.Load(System.Xaml.XamlReader, System.Xaml.IXamlObjectWriterFactory, Boolean, System.Object, System.Xaml.XamlObjectWriterSettings, System.Uri)
   at System.Windows.Markup.WpfXamlLoader.LoadBaml(System.Xaml.XamlReader, Boolean, System.Object, System.Xaml.Permissions.XamlAccessLevel, System.Uri)
   at System.Windows.Markup.XamlReader.LoadBaml(System.IO.Stream, System.Windows.Markup.ParserContext, System.Object, Boolean)
   at System.Windows.Application.LoadBamlStreamWithSyncInfo(System.IO.Stream, System.Windows.Markup.ParserContext)
   at System.Windows.Application.LoadComponent(System.Uri, Boolean)
   at System.Windows.Application.DoStartup()
   at System.Windows.Application.<.ctor>b__1(System.Object)
   at System.Windows.Threading.ExceptionWrapper.InternalRealCall(System.Delegate, System.Object, Int32)
   at MS.Internal.Threading.ExceptionFilterHelper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate)
   at System.Windows.Threading.DispatcherOperation.InvokeImpl()
   at System.Windows.Threading.DispatcherOperation.InvokeInSecurityContext(System.Object)
   at System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object)
   at System.Windows.Threading.DispatcherOperation.Invoke()
   at System.Windows.Threading.Dispatcher.ProcessQueue()
   at System.Windows.Threading.Dispatcher.WndProcHook(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
   at MS.Win32.HwndWrapper.WndProc(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
   at MS.Win32.HwndSubclass.DispatcherCallbackOperation(System.Object)
   at System.Windows.Threading.ExceptionWrapper.InternalRealCall(System.Delegate, System.Object, Int32)
   at MS.Internal.Threading.ExceptionFilterHelper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate)
   at System.Windows.Threading.Dispatcher.LegacyInvokeImpl(System.Windows.Threading.DispatcherPriority, System.TimeSpan, System.Delegate, System.Object, Int32)
   at MS.Win32.HwndSubclass.SubclassWndProc(IntPtr, Int32, IntPtr, IntPtr)
   at MS.Win32.UnsafeNativeMethods.DispatchMessage(System.Windows.Interop.MSG ByRef)
   at System.Windows.Threading.Dispatcher.PushFrameImpl(System.Windows.Threading.DispatcherFrame)
   at System.Windows.Threading.Dispatcher.PushFrame(System.Windows.Threading.DispatcherFrame)
   at System.Windows.Threading.Dispatcher.Run()
   at System.Windows.Application.RunDispatcher(System.Object)
   at System.Windows.Application.RunInternal(System.Windows.Window)
   at System.Windows.Application.Run(System.Windows.Window)
   at CommandCenter.App.Main()
 
Error: (08/27/2014 09:46:41 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: igfxCUIService.exe, version: 6.15.10.3621, time stamp: 0x5376e21a
Faulting module name: igfxCUIService.exe, version: 6.15.10.3621, time stamp: 0x5376e21a
Exception code: 0xc0000005
Fault offset: 0x000000000001116c
Faulting process id: 0x548
Faulting application start time: 0xigfxCUIService.exe0
Faulting application path: igfxCUIService.exe1
Faulting module path: igfxCUIService.exe2
Report Id: igfxCUIService.exe3
 
Error: (08/27/2014 09:46:30 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (08/27/2014 09:44:40 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: CommandCenter.exe, version: 1.0.0.68, time stamp: 0x539fafa0
Faulting module name: KERNELBASE.dll, version: 6.1.7601.18409, time stamp: 0x53159a86
Exception code: 0xe0434352
Fault offset: 0x0000c42d
Faulting process id: 0x201c
Faulting application start time: 0xCommandCenter.exe0
Faulting application path: CommandCenter.exe1
Faulting module path: CommandCenter.exe2
Report Id: CommandCenter.exe3
 
Error: (08/27/2014 09:44:39 AM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: CommandCenter.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.Reflection.TargetInvocationException
Stack:
   at System.Windows.Markup.WpfXamlLoader.Load(System.Xaml.XamlReader, System.Xaml.IXamlObjectWriterFactory, Boolean, System.Object, System.Xaml.XamlObjectWriterSettings, System.Uri)
   at System.Windows.Markup.WpfXamlLoader.LoadBaml(System.Xaml.XamlReader, Boolean, System.Object, System.Xaml.Permissions.XamlAccessLevel, System.Uri)
   at System.Windows.Markup.XamlReader.LoadBaml(System.IO.Stream, System.Windows.Markup.ParserContext, System.Object, Boolean)
   at System.Windows.Application.LoadBamlStreamWithSyncInfo(System.IO.Stream, System.Windows.Markup.ParserContext)
   at System.Windows.Application.LoadComponent(System.Uri, Boolean)
   at System.Windows.Application.DoStartup()
   at System.Windows.Application.<.ctor>b__1(System.Object)
   at System.Windows.Threading.ExceptionWrapper.InternalRealCall(System.Delegate, System.Object, Int32)
   at MS.Internal.Threading.ExceptionFilterHelper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate)
   at System.Windows.Threading.DispatcherOperation.InvokeImpl()
   at System.Windows.Threading.DispatcherOperation.InvokeInSecurityContext(System.Object)
   at System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object)
   at System.Windows.Threading.DispatcherOperation.Invoke()
   at System.Windows.Threading.Dispatcher.ProcessQueue()
   at System.Windows.Threading.Dispatcher.WndProcHook(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
   at MS.Win32.HwndWrapper.WndProc(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
   at MS.Win32.HwndSubclass.DispatcherCallbackOperation(System.Object)
   at System.Windows.Threading.ExceptionWrapper.InternalRealCall(System.Delegate, System.Object, Int32)
   at MS.Internal.Threading.ExceptionFilterHelper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate)
   at System.Windows.Threading.Dispatcher.LegacyInvokeImpl(System.Windows.Threading.DispatcherPriority, System.TimeSpan, System.Delegate, System.Object, Int32)
   at MS.Win32.HwndSubclass.SubclassWndProc(IntPtr, Int32, IntPtr, IntPtr)
   at MS.Win32.UnsafeNativeMethods.DispatchMessage(System.Windows.Interop.MSG ByRef)
   at System.Windows.Threading.Dispatcher.PushFrameImpl(System.Windows.Threading.DispatcherFrame)
   at System.Windows.Threading.Dispatcher.PushFrame(System.Windows.Threading.DispatcherFrame)
   at System.Windows.Threading.Dispatcher.Run()
   at System.Windows.Application.RunDispatcher(System.Object)
   at System.Windows.Application.RunInternal(System.Windows.Window)
   at System.Windows.Application.Run(System.Windows.Window)
   at CommandCenter.App.Main()
 
Error: (08/27/2014 09:40:40 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: CommandCenter.exe, version: 1.0.0.68, time stamp: 0x539fafa0
Faulting module name: KERNELBASE.dll, version: 6.1.7601.18409, time stamp: 0x53159a86
Exception code: 0xe0434352
Fault offset: 0x0000c42d
Faulting process id: 0xdb0
Faulting application start time: 0xCommandCenter.exe0
Faulting application path: CommandCenter.exe1
Faulting module path: CommandCenter.exe2
Report Id: CommandCenter.exe3
 
Error: (08/27/2014 09:40:38 AM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: CommandCenter.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.Reflection.TargetInvocationException
Stack:
   at System.Windows.Markup.WpfXamlLoader.Load(System.Xaml.XamlReader, System.Xaml.IXamlObjectWriterFactory, Boolean, System.Object, System.Xaml.XamlObjectWriterSettings, System.Uri)
   at System.Windows.Markup.WpfXamlLoader.LoadBaml(System.Xaml.XamlReader, Boolean, System.Object, System.Xaml.Permissions.XamlAccessLevel, System.Uri)
   at System.Windows.Markup.XamlReader.LoadBaml(System.IO.Stream, System.Windows.Markup.ParserContext, System.Object, Boolean)
   at System.Windows.Application.LoadBamlStreamWithSyncInfo(System.IO.Stream, System.Windows.Markup.ParserContext)
   at System.Windows.Application.LoadComponent(System.Uri, Boolean)
   at System.Windows.Application.DoStartup()
   at System.Windows.Application.<.ctor>b__1(System.Object)
   at System.Windows.Threading.ExceptionWrapper.InternalRealCall(System.Delegate, System.Object, Int32)
   at MS.Internal.Threading.ExceptionFilterHelper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate)
   at System.Windows.Threading.DispatcherOperation.InvokeImpl()
   at System.Windows.Threading.DispatcherOperation.InvokeInSecurityContext(System.Object)
   at System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object)
   at System.Windows.Threading.DispatcherOperation.Invoke()
   at System.Windows.Threading.Dispatcher.ProcessQueue()
   at System.Windows.Threading.Dispatcher.WndProcHook(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
   at MS.Win32.HwndWrapper.WndProc(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
   at MS.Win32.HwndSubclass.DispatcherCallbackOperation(System.Object)
   at System.Windows.Threading.ExceptionWrapper.InternalRealCall(System.Delegate, System.Object, Int32)
   at MS.Internal.Threading.ExceptionFilterHelper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate)
   at System.Windows.Threading.Dispatcher.LegacyInvokeImpl(System.Windows.Threading.DispatcherPriority, System.TimeSpan, System.Delegate, System.Object, Int32)
   at MS.Win32.HwndSubclass.SubclassWndProc(IntPtr, Int32, IntPtr, IntPtr)
   at MS.Win32.UnsafeNativeMethods.DispatchMessage(System.Windows.Interop.MSG ByRef)
   at System.Windows.Threading.Dispatcher.PushFrameImpl(System.Windows.Threading.DispatcherFrame)
   at System.Windows.Threading.Dispatcher.PushFrame(System.Windows.Threading.DispatcherFrame)
   at System.Windows.Threading.Dispatcher.Run()
   at System.Windows.Application.RunDispatcher(System.Object)
   at System.Windows.Application.RunInternal(System.Windows.Window)
   at System.Windows.Application.Run(System.Windows.Window)
   at CommandCenter.App.Main()
 
 
System errors:
=============
Error: (08/27/2014 06:43:47 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The NitroUpdateService service terminated unexpectedly.  It has done this 1 time(s).
 
Error: (08/27/2014 06:43:41 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Sandboxie Service service terminated unexpectedly.  It has done this 1 time(s).
 
Error: (08/27/2014 06:43:31 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The NitroPDFDriverCreatorReadSpool9 service terminated unexpectedly.  It has done this 1 time(s).
 
Error: (08/27/2014 06:16:29 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Steam Client Service service failed to start due to the following error: 
%%1053
 
Error: (08/27/2014 06:16:29 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Steam Client Service service to connect.
 
Error: (08/27/2014 05:55:09 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Intel® HD Graphics Control Panel Service service terminated with the following error: 
%%-2147467259
 
Error: (08/27/2014 05:55:00 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load: 
cdrom
 
Error: (08/27/2014 05:54:37 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 17:53:25 on ‎27/‎08/‎2014 was unexpected.
 
Error: (08/27/2014 05:53:42 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: WLAN Extensibility Module has stopped unexpectedly.
 
Module Path: C:\Windows\System32\IWMSSvc.dll
 
Error: (08/27/2014 05:53:28 PM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Windows Search service, but this action failed with the following error: 
%%1056
 
 
Microsoft Office Sessions:
=========================
Error: (08/27/2014 05:55:10 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: igfxCUIService.exe6.15.10.36215376e21aigfxCUIService.exe6.15.10.36215376e21ac0000005000000000001116c50801cfc21796e61a75C:\Windows\system32\igfxCUIService.exeC:\Windows\system32\igfxCUIService.exee79ba3d9-2e0a-11e4-8480-e82aea2b5f1f
 
Error: (08/27/2014 05:54:58 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (08/27/2014 09:49:42 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: CommandCenter.exe1.0.0.68539fafa0KERNELBASE.dll6.1.7601.1840953159a86e04343520000c42d170801cfc1d3d71112c4C:\Program Files (x86)\MSI\Command Center\CommandCenter.exeC:\Windows\syswow64\KERNELBASE.dll1611d098-2dc7-11e4-9344-e82aea2b5f1f
 
Error: (08/27/2014 09:49:41 AM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: CommandCenter.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.Reflection.TargetInvocationException
Stack:
   at System.Windows.Markup.WpfXamlLoader.Load(System.Xaml.XamlReader, System.Xaml.IXamlObjectWriterFactory, Boolean, System.Object, System.Xaml.XamlObjectWriterSettings, System.Uri)
   at System.Windows.Markup.WpfXamlLoader.LoadBaml(System.Xaml.XamlReader, Boolean, System.Object, System.Xaml.Permissions.XamlAccessLevel, System.Uri)
   at System.Windows.Markup.XamlReader.LoadBaml(System.IO.Stream, System.Windows.Markup.ParserContext, System.Object, Boolean)
   at System.Windows.Application.LoadBamlStreamWithSyncInfo(System.IO.Stream, System.Windows.Markup.ParserContext)
   at System.Windows.Application.LoadComponent(System.Uri, Boolean)
   at System.Windows.Application.DoStartup()
   at System.Windows.Application.<.ctor>b__1(System.Object)
   at System.Windows.Threading.ExceptionWrapper.InternalRealCall(System.Delegate, System.Object, Int32)
   at MS.Internal.Threading.ExceptionFilterHelper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate)
   at System.Windows.Threading.DispatcherOperation.InvokeImpl()
   at System.Windows.Threading.DispatcherOperation.InvokeInSecurityContext(System.Object)
   at System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object)
   at System.Windows.Threading.DispatcherOperation.Invoke()
   at System.Windows.Threading.Dispatcher.ProcessQueue()
   at System.Windows.Threading.Dispatcher.WndProcHook(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
   at MS.Win32.HwndWrapper.WndProc(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
   at MS.Win32.HwndSubclass.DispatcherCallbackOperation(System.Object)
   at System.Windows.Threading.ExceptionWrapper.InternalRealCall(System.Delegate, System.Object, Int32)
   at MS.Internal.Threading.ExceptionFilterHelper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate)
   at System.Windows.Threading.Dispatcher.LegacyInvokeImpl(System.Windows.Threading.DispatcherPriority, System.TimeSpan, System.Delegate, System.Object, Int32)
   at MS.Win32.HwndSubclass.SubclassWndProc(IntPtr, Int32, IntPtr, IntPtr)
   at MS.Win32.UnsafeNativeMethods.DispatchMessage(System.Windows.Interop.MSG ByRef)
   at System.Windows.Threading.Dispatcher.PushFrameImpl(System.Windows.Threading.DispatcherFrame)
   at System.Windows.Threading.Dispatcher.PushFrame(System.Windows.Threading.DispatcherFrame)
   at System.Windows.Threading.Dispatcher.Run()
   at System.Windows.Application.RunDispatcher(System.Object)
   at System.Windows.Application.RunInternal(System.Windows.Window)
   at System.Windows.Application.Run(System.Windows.Window)
   at CommandCenter.App.Main()
 
Error: (08/27/2014 09:46:41 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: igfxCUIService.exe6.15.10.36215376e21aigfxCUIService.exe6.15.10.36215376e21ac0000005000000000001116c54801cfc1d34ab622e1C:\Windows\system32\igfxCUIService.exeC:\Windows\system32\igfxCUIService.exeaa0715eb-2dc6-11e4-9344-e82aea2b5f1f
 
Error: (08/27/2014 09:46:30 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (08/27/2014 09:44:40 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: CommandCenter.exe1.0.0.68539fafa0KERNELBASE.dll6.1.7601.1840953159a86e04343520000c42d201c01cfc1d32332d6d0C:\Program Files (x86)\MSI\Command Center\CommandCenter.exeC:\Windows\syswow64\KERNELBASE.dll619a5fa6-2dc6-11e4-83e3-e82aea2b5f1f
 
Error: (08/27/2014 09:44:39 AM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: CommandCenter.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.Reflection.TargetInvocationException
Stack:
   at System.Windows.Markup.WpfXamlLoader.Load(System.Xaml.XamlReader, System.Xaml.IXamlObjectWriterFactory, Boolean, System.Object, System.Xaml.XamlObjectWriterSettings, System.Uri)
   at System.Windows.Markup.WpfXamlLoader.LoadBaml(System.Xaml.XamlReader, Boolean, System.Object, System.Xaml.Permissions.XamlAccessLevel, System.Uri)
   at System.Windows.Markup.XamlReader.LoadBaml(System.IO.Stream, System.Windows.Markup.ParserContext, System.Object, Boolean)
   at System.Windows.Application.LoadBamlStreamWithSyncInfo(System.IO.Stream, System.Windows.Markup.ParserContext)
   at System.Windows.Application.LoadComponent(System.Uri, Boolean)
   at System.Windows.Application.DoStartup()
   at System.Windows.Application.<.ctor>b__1(System.Object)
   at System.Windows.Threading.ExceptionWrapper.InternalRealCall(System.Delegate, System.Object, Int32)
   at MS.Internal.Threading.ExceptionFilterHelper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate)
   at System.Windows.Threading.DispatcherOperation.InvokeImpl()
   at System.Windows.Threading.DispatcherOperation.InvokeInSecurityContext(System.Object)
   at System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object)
   at System.Windows.Threading.DispatcherOperation.Invoke()
   at System.Windows.Threading.Dispatcher.ProcessQueue()
   at System.Windows.Threading.Dispatcher.WndProcHook(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
   at MS.Win32.HwndWrapper.WndProc(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
   at MS.Win32.HwndSubclass.DispatcherCallbackOperation(System.Object)
   at System.Windows.Threading.ExceptionWrapper.InternalRealCall(System.Delegate, System.Object, Int32)
   at MS.Internal.Threading.ExceptionFilterHelper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate)
   at System.Windows.Threading.Dispatcher.LegacyInvokeImpl(System.Windows.Threading.DispatcherPriority, System.TimeSpan, System.Delegate, System.Object, Int32)
   at MS.Win32.HwndSubclass.SubclassWndProc(IntPtr, Int32, IntPtr, IntPtr)
   at MS.Win32.UnsafeNativeMethods.DispatchMessage(System.Windows.Interop.MSG ByRef)
   at System.Windows.Threading.Dispatcher.PushFrameImpl(System.Windows.Threading.DispatcherFrame)
   at System.Windows.Threading.Dispatcher.PushFrame(System.Windows.Threading.DispatcherFrame)
   at System.Windows.Threading.Dispatcher.Run()
   at System.Windows.Application.RunDispatcher(System.Object)
   at System.Windows.Application.RunInternal(System.Windows.Window)
   at System.Windows.Application.Run(System.Windows.Window)
   at CommandCenter.App.Main()
 
Error: (08/27/2014 09:40:40 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: CommandCenter.exe1.0.0.68539fafa0KERNELBASE.dll6.1.7601.1840953159a86e04343520000c42ddb001cfc1d293c865daC:\Program Files (x86)\MSI\Command Center\CommandCenter.exeC:\Windows\syswow64\KERNELBASE.dlld2a101a8-2dc5-11e4-83e3-e82aea2b5f1f
 
Error: (08/27/2014 09:40:38 AM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Application: CommandCenter.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.Reflection.TargetInvocationException
Stack:
   at System.Windows.Markup.WpfXamlLoader.Load(System.Xaml.XamlReader, System.Xaml.IXamlObjectWriterFactory, Boolean, System.Object, System.Xaml.XamlObjectWriterSettings, System.Uri)
   at System.Windows.Markup.WpfXamlLoader.LoadBaml(System.Xaml.XamlReader, Boolean, System.Object, System.Xaml.Permissions.XamlAccessLevel, System.Uri)
   at System.Windows.Markup.XamlReader.LoadBaml(System.IO.Stream, System.Windows.Markup.ParserContext, System.Object, Boolean)
   at System.Windows.Application.LoadBamlStreamWithSyncInfo(System.IO.Stream, System.Windows.Markup.ParserContext)
   at System.Windows.Application.LoadComponent(System.Uri, Boolean)
   at System.Windows.Application.DoStartup()
   at System.Windows.Application.<.ctor>b__1(System.Object)
   at System.Windows.Threading.ExceptionWrapper.InternalRealCall(System.Delegate, System.Object, Int32)
   at MS.Internal.Threading.ExceptionFilterHelper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate)
   at System.Windows.Threading.DispatcherOperation.InvokeImpl()
   at System.Windows.Threading.DispatcherOperation.InvokeInSecurityContext(System.Object)
   at System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
   at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object)
   at System.Windows.Threading.DispatcherOperation.Invoke()
   at System.Windows.Threading.Dispatcher.ProcessQueue()
   at System.Windows.Threading.Dispatcher.WndProcHook(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
   at MS.Win32.HwndWrapper.WndProc(IntPtr, Int32, IntPtr, IntPtr, Boolean ByRef)
   at MS.Win32.HwndSubclass.DispatcherCallbackOperation(System.Object)
   at System.Windows.Threading.ExceptionWrapper.InternalRealCall(System.Delegate, System.Object, Int32)
   at MS.Internal.Threading.ExceptionFilterHelper.TryCatchWhen(System.Object, System.Delegate, System.Object, Int32, System.Delegate)
   at System.Windows.Threading.Dispatcher.LegacyInvokeImpl(System.Windows.Threading.DispatcherPriority, System.TimeSpan, System.Delegate, System.Object, Int32)
   at MS.Win32.HwndSubclass.SubclassWndProc(IntPtr, Int32, IntPtr, IntPtr)
   at MS.Win32.UnsafeNativeMethods.DispatchMessage(System.Windows.Interop.MSG ByRef)
   at System.Windows.Threading.Dispatcher.PushFrameImpl(System.Windows.Threading.DispatcherFrame)
   at System.Windows.Threading.Dispatcher.PushFrame(System.Windows.Threading.DispatcherFrame)
   at System.Windows.Threading.Dispatcher.Run()
   at System.Windows.Application.RunDispatcher(System.Object)
   at System.Windows.Application.RunInternal(System.Windows.Window)
   at System.Windows.Application.Run(System.Windows.Window)
   at CommandCenter.App.Main()
 
 
==================== Memory info =========================== 
 
Processor: Intel® Core™ i5-4690K CPU @ 3.50GHz
Percentage of memory in use: 54%
Total physical RAM: 8141.33 MB
Available physical RAM: 3702.34 MB
Total Pagefile: 16280.84 MB
Available Pagefile: 7711.89 MB
Total Virtual: 8192 MB
Available Virtual: 8191.81 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:292.97 GB) (Free:113.56 GB) NTFS
Drive d: (Hybrid HDD) (Fixed) (Total:638.54 GB) (Free:154.49 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive e: () (Fixed) (Total:465.66 GB) (Free:236.91 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 9150B0F4)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=465.7 GB) - (Type=07 NTFS)
 
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 4A524DB4)
Partition 1: (Active) - (Size=638.5 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=293 GB) - (Type=07 NTFS)
 
==================== End Of Log ============================


#4 aharonov

aharonov

  • Malware Response Team
  • 2,441 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:08:39 PM

Posted 27 August 2014 - 02:27 PM

Please download Combofix (by sUBs) and save it to your Desktop.
  • Disable the realtime-protection of your antivirus and anti-malware programs because they might interfere with the scan.
  • Start Combofix.exe and follow its instructions.
  • Do not use the computer while the scan is running. This may cause the program to stall.
  • When finished, a log file will be displayed (that can also be found at C:\Combofix.txt).
    Please copy and paste the contents of this file into your next post.
Note: If you receive an error "Illegal operation attempted on a registry key that has been marked for deletion." after the scan, just restart the computer.
(You can find more detailed instructions in this guide on using Combofix.)

#5 reece159

reece159
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:07:39 PM

Posted 27 August 2014 - 02:46 PM

Seemed to remove something relating to iexplorer, so hopefully that helped.

 

ComboFix 14-08-26.02 - Reece 27/08/2014  20:31:23.1.4 - x64

Microsoft Windows 7 Ultimate   6.1.7601.1.1252.44.1033.18.8141.4596 [GMT 1:00]
Running from: c:\users\Reece\Downloads\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
FW: avast! Antivirus *Disabled* {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}
SP: avast! Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
ADS - Windows: deleted 192 bytes in 1 streams.
.
(((((((((((((((((((((((((((((((((((((((   Other Deletions   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\program files (x86)\Internet Explorer\dmlconf.dat
c:\programdata\Roaming
c:\users\Reece\Desktop\Setup.exe
E:\install.exe
.
.
(((((((((((((((((((((((((   Files Created from 2014-07-27 to 2014-08-27  )))))))))))))))))))))))))))))))
.
.
2014-08-27 19:35 . 2014-08-27 19:35 -------- d-----w- c:\users\UpdatusUser\AppData\Local\temp
2014-08-27 19:35 . 2014-08-27 19:35 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-08-27 19:16 . 2014-08-27 19:17 -------- d-----w- C:\FRST
2014-08-27 17:23 . 2014-08-27 17:24 -------- d-----w- c:\users\Reece\AppData\Local\Ubisoft Game Launcher
2014-08-27 17:23 . 2014-08-27 17:23 -------- d-----w- c:\program files (x86)\Ubisoft
2014-08-27 15:54 . 2014-08-27 15:54 -------- d-----w- c:\users\Reece\Usrcheat
2014-08-27 15:52 . 2014-08-27 15:52 -------- d-----w- c:\program files (x86)\Syntechx.com
2014-08-27 09:04 . 2003-06-12 22:25 7062 ----a-w- c:\windows\SysWow64\audiopid.vxd
2014-08-27 08:38 . 2014-08-27 08:38 -------- d-----w- C:\SuperChargerProfile
2014-08-27 08:21 . 2014-06-27 10:30 20464 ----a-w- c:\windows\system32\drivers\iusb3hcs.sys
2014-08-27 08:21 . 2014-06-27 10:30 795120 ----a-w- c:\windows\system32\drivers\iusb3xhc.sys
2014-08-27 08:21 . 2014-06-27 10:30 383472 ----a-w- c:\windows\system32\drivers\iusb3hub.sys
2014-08-26 15:51 . 2014-08-26 15:51 -------- d-----w- c:\program files (x86)\SDA
2014-08-26 15:23 . 2014-08-26 15:23 -------- d-----w- c:\program files (x86)\LSoft Technologies
2014-08-26 13:03 . 2014-08-26 13:03 28184 ----a-w- c:\windows\system32\drivers\aswKbd.sys
2014-08-26 13:03 . 2014-08-26 13:03 448400 ----a-w- c:\windows\system32\drivers\aswNdisFlt.sys
2014-08-26 12:53 . 2014-08-26 12:53 -------- d-----w- c:\users\Reece\AppData\Roaming\AVAST Software
2014-08-26 12:51 . 2014-08-26 12:52 427360 ----a-w- c:\windows\system32\drivers\aswsp.sys
2014-08-26 12:51 . 2014-08-26 12:51 93568 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2014-08-26 12:51 . 2014-08-26 12:51 92008 ----a-w- c:\windows\system32\drivers\aswStm.sys
2014-08-26 12:51 . 2014-08-26 12:51 79184 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2014-08-26 12:51 . 2014-08-26 12:51 65776 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2014-08-26 12:51 . 2014-08-26 12:51 29208 ----a-w- c:\windows\system32\drivers\aswHwid.sys
2014-08-26 12:51 . 2014-08-26 12:51 224896 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2014-08-26 12:51 . 2014-08-26 12:51 1041168 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2014-08-26 12:51 . 2014-08-26 12:51 307344 ----a-w- c:\windows\system32\aswBoot.exe
2014-08-26 12:51 . 2014-08-26 12:51 43152 ----a-w- c:\windows\avastSS.scr
2014-08-26 12:48 . 2014-08-26 12:48 -------- d-----w- c:\program files\AVAST Software
2014-08-26 12:47 . 2014-08-26 12:48 -------- d-----w- c:\programdata\AVAST Software
2014-08-26 10:32 . 2014-08-27 09:34 -------- d-----w- C:\UsbFix
2014-08-26 10:26 . 2014-08-26 10:26 -------- d-----w- c:\users\Reece\AppData\Local\Blizzard Entertainment
2014-08-26 10:26 . 2014-08-26 10:27 -------- d-----w- c:\users\Reece\AppData\Local\Battle.net
2014-08-26 10:26 . 2014-08-26 10:26 -------- d-----w- c:\users\Reece\AppData\Roaming\Battle.net
2014-08-26 10:26 . 2014-08-26 10:26 -------- d-----w- c:\programdata\Blizzard Entertainment
2014-08-26 10:26 . 2014-08-26 10:26 -------- d-----w- c:\program files (x86)\Common Files\Blizzard Entertainment
2014-08-26 10:26 . 2014-08-26 10:26 -------- d-----w- c:\program files (x86)\Battle.net
2014-08-26 10:22 . 2014-08-26 10:22 -------- d-----w- c:\programdata\Battle.net
2014-08-26 10:00 . 2014-08-21 03:43 11319192 ------w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{DD7EE3D5-3283-4596-A7CE-71586BA7DB4D}\mpengine.dll
2014-08-25 21:44 . 2014-08-25 21:44 -------- d-----r- C:\Sandbox
2014-08-25 21:38 . 2014-08-25 21:38 -------- d-----w- c:\program files\Sandboxie
2014-08-23 09:35 . 2014-08-23 09:36 -------- d-----w- c:\program files (x86)\PCSX2 1.2.1
2014-08-20 19:55 . 2014-08-20 19:56 -------- d-----w- c:\program files (x86)\Guild Wars 2
2014-08-20 19:03 . 2014-08-20 23:57 -------- d-----w- c:\users\Reece\AppData\Roaming\Guild Wars 2
2014-08-19 19:29 . 2014-08-19 19:29 -------- d-----w- c:\program files (x86)\EA Games
2014-08-18 20:16 . 2014-08-18 20:16 -------- d-----w- c:\users\Reece\AppData\Roaming\Nitro
2014-08-18 20:15 . 2014-08-01 13:22 29704 ----a-w- c:\windows\system32\nitrolocalmon9.dll
2014-08-18 20:15 . 2014-08-01 13:22 17928 ----a-w- c:\windows\system32\nitrolocalui9.dll
2014-08-18 20:15 . 2014-08-18 20:15 -------- d-----w- c:\program files (x86)\Nitro
2014-08-18 20:15 . 2014-08-18 20:15 -------- d-----w- c:\programdata\Nitro
2014-08-18 20:15 . 2014-08-18 20:15 -------- d-----w- c:\program files\Nitro
2014-08-18 20:15 . 2014-08-18 20:15 -------- d-----w- c:\program files\Common Files\Nitro
2014-08-18 20:13 . 2014-08-18 20:13 -------- d-----w- c:\users\Reece\AppData\Roaming\Downloaded Installations
2014-08-18 19:18 . 2014-08-18 19:18 -------- d-----w- c:\programdata\regid.1986-12.com.adobe
2014-08-18 19:18 . 2014-08-26 13:38 -------- d-----w- c:\users\Reece\AppData\Local\Adobe
2014-08-18 09:29 . 2014-08-18 09:29 -------- d-----w- c:\users\Reece\AppData\Roaming\LolClient
2014-08-17 18:49 . 2014-08-17 18:49 -------- d-----w- c:\programdata\Riot Games
2014-08-17 18:45 . 2008-07-12 07:18 467984 ----a-w- c:\windows\SysWow64\d3dx10_39.dll
2014-08-17 18:45 . 2008-07-12 07:18 1493528 ----a-w- c:\windows\SysWow64\D3DCompiler_39.dll
2014-08-17 18:45 . 2008-07-12 07:18 3851784 ----a-w- c:\windows\SysWow64\D3DX9_39.dll
2014-08-17 18:44 . 2014-08-17 18:44 -------- d-sh--w- c:\windows\SysWow64\AI_RecycleBin
2014-08-17 18:44 . 2014-08-17 18:44 -------- d-----w- C:\Riot Games
2014-08-17 18:42 . 2014-08-17 18:42 -------- d-----w- c:\program files (x86)\Pando Networks
2014-08-17 18:41 . 2014-08-17 18:45 -------- d-----w- c:\users\Reece\AppData\Roaming\Riot Games
2014-08-15 15:03 . 2014-08-15 15:03 -------- d-----w- c:\users\Reece\AppData\Local\Microsoft Games
2014-08-13 20:57 . 2014-06-30 22:24 8856 ----a-w- c:\windows\system32\icardres.dll
2014-08-13 20:57 . 2014-06-30 22:14 8856 ----a-w- c:\windows\SysWow64\icardres.dll
2014-08-13 20:57 . 2014-03-09 21:48 171160 ----a-w- c:\windows\system32\infocardapi.dll
2014-08-13 20:57 . 2014-03-09 21:48 1389208 ----a-w- c:\windows\system32\icardagt.exe
2014-08-13 20:57 . 2014-03-09 21:47 99480 ----a-w- c:\windows\SysWow64\infocardapi.dll
2014-08-13 20:57 . 2014-03-09 21:47 619672 ----a-w- c:\windows\SysWow64\icardagt.exe
2014-08-13 20:57 . 2014-06-06 06:16 35480 ----a-w- c:\windows\SysWow64\TsWpfWrp.exe
2014-08-13 20:57 . 2014-06-06 06:12 35480 ----a-w- c:\windows\system32\TsWpfWrp.exe
2014-08-13 07:39 . 2014-07-16 03:23 2048 ----a-w- c:\windows\system32\tzres.dll
2014-08-13 07:39 . 2014-07-16 02:46 2048 ----a-w- c:\windows\SysWow64\tzres.dll
2014-08-09 10:56 . 2014-08-09 10:56 -------- d-----w- c:\users\Reece\AppData\Roaming\The Creative Assembly
2014-08-09 09:39 . 2014-08-09 09:39 -------- d-----w- c:\users\Reece\AppData\Local\SCE
2014-08-09 08:25 . 2014-08-09 08:25 76152 ----a-w- c:\windows\system32\PnkBstrA.exe
2014-08-07 19:27 . 2014-08-07 19:09 2601752 ----a-w- c:\windows\SysWow64\pbsvc_moh.exe
2014-08-07 19:26 . 2014-08-07 19:26 -------- d-----w- c:\windows\1C4551A64743409391E41477CD655043.TMP
2014-08-07 19:26 . 2014-08-07 19:26 -------- d-----w- c:\program files (x86)\Common Files\Wise Installation Wizard
2014-08-07 11:52 . 2014-08-07 11:52 -------- d-----w- c:\programdata\Logitech
2014-08-07 11:43 . 2014-08-07 11:43 18960 ----a-w- c:\windows\system32\drivers\LNonPnP.sys
2014-08-07 11:43 . 2014-08-07 11:52 -------- d-----w- c:\programdata\Logishrd
2014-08-07 11:43 . 2014-08-07 11:43 -------- d-----w- c:\program files\Logitech
2014-08-07 11:42 . 2014-08-07 11:43 -------- d-----w- c:\program files\Common Files\Logishrd
2014-08-07 11:21 . 2014-08-07 11:51 -------- d-----w- c:\users\Reece\AppData\Roaming\Logitech
2014-08-07 11:21 . 2014-08-07 11:21 -------- d-----w- c:\users\Reece\AppData\Roaming\Logishrd
2014-08-06 09:05 . 2014-08-06 09:20 -------- d-----w- c:\users\Reece\AppData\Roaming\Rainmeter
2014-08-06 09:05 . 2014-08-06 09:05 -------- d-----w- c:\program files\Rainmeter
2014-08-05 10:34 . 2014-08-05 10:34 -------- d-----w- c:\users\Reece\AppData\Local\My Games
2014-08-04 15:05 . 2014-08-04 15:05 -------- d-----w- c:\users\Reece\AppData\Roaming\Apple Computer
2014-08-04 13:52 . 2014-07-02 17:44 609240 ----a-w- c:\windows\SysWow64\nvStreaming.exe
2014-08-04 13:10 . 2014-08-26 16:29 -------- d-----w- c:\program files (x86)\QuickTime
2014-08-04 13:10 . 2014-08-04 13:10 -------- d-----w- c:\programdata\Apple Computer
2014-08-04 13:09 . 2014-08-04 13:09 -------- d-----w- c:\program files (x86)\Common Files\Apple
2014-08-04 13:09 . 2014-08-04 13:09 -------- d-----w- c:\users\Reece\AppData\Local\Apple
2014-08-04 13:09 . 2014-08-04 13:09 -------- d-----w- c:\programdata\Apple
2014-08-04 13:09 . 2014-08-04 13:09 -------- d-----w- c:\program files (x86)\Apple Software Update
2014-08-04 12:43 . 2014-08-04 12:43 -------- d-----w- c:\users\Reece\AppData\Local\MediaMonkey
2014-08-04 12:43 . 2014-08-11 21:42 -------- d-----w- c:\users\Reece\AppData\Roaming\MediaMonkey
2014-08-04 12:43 . 2014-08-04 12:43 -------- d-----w- c:\programdata\MediaMonkey
2014-08-04 12:43 . 2014-08-04 12:43 -------- d-----w- c:\program files (x86)\MediaMonkey
2014-08-04 11:14 . 2014-08-04 11:14 -------- d-----w- c:\programdata\ALM
2014-08-04 11:11 . 2014-08-04 11:11 -------- d-----w- c:\users\Reece\Adobe Flash Builder 4.6
2014-08-04 11:05 . 2014-08-04 11:05 -------- d-----w- c:\program files (x86)\Common Files\Sonic Shared
2014-08-04 11:05 . 2014-08-04 11:05 -------- d-----w- c:\program files (x86)\Common Files\PX Storage Engine
2014-08-04 11:05 . 2011-11-03 02:01 56208 ------w- c:\windows\system32\drivers\PxHlpa64.sys
2014-08-04 11:05 . 2011-10-17 02:00 10224 ------w- c:\windows\system32\drivers\cdralw2k.sys
2014-08-04 11:05 . 2011-10-17 02:00 10224 ------w- c:\windows\system32\drivers\cdr4_xp.sys
2014-08-04 11:05 . 2014-08-04 11:05 -------- d-----w- c:\program files (x86)\My Company Name
2014-08-04 11:02 . 2014-08-26 13:38 -------- d-----w- c:\program files (x86)\Common Files\Adobe AIR
2014-08-04 10:57 . 2014-08-04 11:17 -------- d-----w- c:\program files\Adobe
2014-08-04 10:57 . 2014-08-04 11:17 -------- d-----w- c:\program files\Common Files\Adobe
2014-08-04 10:54 . 2014-08-18 20:03 -------- d-----w- c:\program files (x86)\Common Files\Adobe
2014-08-04 09:51 . 2014-08-04 09:51 -------- d-----w- c:\users\Reece\AppData\Local\http___www.julien-manici
2014-08-04 08:43 . 2014-08-04 08:43 -------- d-----w- c:\program files\CCleaner
2014-08-04 08:40 . 2014-08-04 08:40 -------- d-----w- c:\program files\Defraggler
2014-08-02 20:12 . 2014-08-02 20:12 -------- d-----w- c:\windows\system32\appmgmt
2014-08-02 20:11 . 2014-08-02 20:11 -------- d-----w- c:\users\Reece\AppData\Roaming\Unity
2014-08-02 20:02 . 2014-08-02 20:02 -------- d-----w- c:\users\Reece\AppData\Local\Unity
2014-08-02 19:59 . 2014-08-02 19:59 -------- d-----w- c:\users\Reece\AppData\Local\Downloaded Installations
2014-08-01 13:23 . 2014-08-01 13:23 69640 ----a-w- c:\windows\SysWow64\NLSSRV32.EXE
.
.
.
((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-08-27 19:09 . 2014-07-22 17:13 122584 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2014-08-26 13:38 . 2014-07-21 20:10 699568 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2014-08-26 13:38 . 2014-07-21 20:10 71344 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-08-26 11:22 . 2014-07-22 19:25 215416 ----a-w- c:\windows\SysWow64\PnkBstrB.exe
2014-08-25 18:21 . 2014-07-22 19:26 282296 ----a-w- c:\windows\SysWow64\PnkBstrB.xtr
2014-08-25 18:21 . 2014-07-22 19:25 282296 ----a-w- c:\windows\SysWow64\PnkBstrB.ex0
2014-08-20 10:09 . 2014-07-22 19:25 76152 ----a-w- c:\windows\SysWow64\PnkBstrA.exe
2014-08-13 20:59 . 2014-07-21 10:56 99218768 ----a-w- c:\windows\system32\MRT.exe
2014-08-09 00:22 . 2014-07-22 18:17 1291280 ----a-w- c:\windows\SysWow64\nvspbridge.dll
2014-08-09 00:22 . 2014-07-22 17:39 1126480 ----a-w- c:\windows\SysWow64\nvspcap.dll
2014-08-09 00:22 . 2014-07-22 18:17 1715224 ----a-w- c:\windows\system32\nvspbridge64.dll
2014-08-09 00:22 . 2014-07-22 17:39 1283136 ----a-w- c:\windows\system32\nvspcap64.dll
2014-08-05 08:20 . 2010-11-21 03:27 270496 ------w- c:\windows\system32\MpSigStub.exe
2014-07-23 16:11 . 2014-07-23 16:11 32512 ----a-w- c:\windows\system32\drivers\hitmanpro37.sys
2014-07-22 13:27 . 2014-07-22 13:27 144 ----a-w- c:\windows\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2014-07-22 07:15 . 2014-07-22 07:15 451 ----a-w- c:\windows\system32\{F33C3B9B-72AF-418A-B3FD-560646F7CDA2}.bat
2014-07-21 20:10 . 2014-07-21 20:10 98216 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2014-07-02 20:48 . 2014-07-22 17:37 965312 ----a-w- c:\windows\system32\nvumdshimx.dll
2014-07-02 20:48 . 2014-07-22 17:37 18626304 ----a-w- c:\windows\system32\nvwgf2umx.dll
2014-07-02 20:48 . 2014-07-22 17:37 3196816 ----a-w- c:\windows\system32\nvapi64.dll
2014-07-02 20:48 . 2014-07-22 17:37 2814656 ----a-w- c:\windows\SysWow64\nvapi.dll
2014-07-02 20:48 . 2014-07-22 17:37 14498552 ----a-w- c:\windows\SysWow64\nvd3dum.dll
2014-07-02 18:55 . 2014-07-22 17:37 6783776 ----a-w- c:\windows\system32\nvcpl.dll
2014-07-02 18:55 . 2014-07-22 17:37 3522392 ----a-w- c:\windows\system32\nvsvc64.dll
2014-07-02 18:55 . 2014-07-22 17:37 935368 ----a-w- c:\windows\system32\nvvsvc.exe
2014-07-02 18:55 . 2014-07-22 17:37 62808 ----a-w- c:\windows\system32\nvshext.dll
2014-07-02 18:55 . 2014-07-22 17:37 386520 ----a-w- c:\windows\system32\nvmctray.dll
2014-07-02 10:14 . 2014-07-22 17:37 3826628 ----a-w- c:\windows\system32\nvcoproc.bin
2014-06-27 10:30 . 2014-02-21 05:56 41984 ----a-w- c:\windows\system32\drivers\USB3Ver.dll
2014-06-18 02:18 . 2014-07-21 16:59 692736 ----a-w- c:\windows\system32\osk.exe
2014-06-18 01:51 . 2014-07-21 16:59 646144 ----a-w- c:\windows\SysWow64\osk.exe
2014-06-06 10:10 . 2014-07-21 16:59 624128 ----a-w- c:\windows\system32\qedit.dll
2014-06-06 09:44 . 2014-07-21 16:59 509440 ----a-w- c:\windows\SysWow64\qedit.dll
2014-06-05 14:45 . 2014-07-21 17:00 1460736 ----a-w- c:\windows\system32\lsasrv.dll
2014-06-05 14:26 . 2014-07-21 17:00 22016 ----a-w- c:\windows\SysWow64\secur32.dll
2014-06-05 14:25 . 2014-07-21 17:00 96768 ----a-w- c:\windows\SysWow64\sspicli.dll
2014-05-30 08:08 . 2014-07-21 17:00 210944 ----a-w- c:\windows\system32\wdigest.dll
2014-05-30 08:08 . 2014-07-21 17:00 86528 ----a-w- c:\windows\system32\TSpkg.dll
2014-05-30 08:08 . 2014-07-21 17:00 340992 ----a-w- c:\windows\system32\schannel.dll
2014-05-30 08:08 . 2014-07-21 17:00 314880 ----a-w- c:\windows\system32\msv1_0.dll
2014-05-30 08:08 . 2014-07-21 17:00 307200 ----a-w- c:\windows\system32\ncrypt.dll
2014-05-30 08:08 . 2014-07-21 17:00 728064 ----a-w- c:\windows\system32\kerberos.dll
2014-05-30 08:08 . 2014-07-21 17:00 22016 ----a-w- c:\windows\system32\credssp.dll
2014-05-30 07:52 . 2014-07-21 17:00 172032 ----a-w- c:\windows\SysWow64\wdigest.dll
2014-05-30 07:52 . 2014-07-21 17:00 65536 ----a-w- c:\windows\SysWow64\TSpkg.dll
2014-05-30 07:52 . 2014-07-21 17:00 247808 ----a-w- c:\windows\SysWow64\schannel.dll
2014-05-30 07:52 . 2014-07-21 17:00 220160 ----a-w- c:\windows\SysWow64\ncrypt.dll
2014-05-30 07:52 . 2014-07-21 17:00 259584 ----a-w- c:\windows\SysWow64\msv1_0.dll
2014-05-30 07:52 . 2014-07-21 17:00 550912 ----a-w- c:\windows\SysWow64\kerberos.dll
2014-05-30 07:52 . 2014-07-21 17:00 17408 ----a-w- c:\windows\SysWow64\credssp.dll
2014-05-30 06:45 . 2014-07-21 16:59 497152 ----a-w- c:\windows\system32\drivers\afd.sys
.
.
(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown 
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Spotify Web Helper"="c:\users\Reece\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe" [2014-08-26 1245752]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"Sound Blaster Cinema 2"="c:\program files (x86)\Creative\Sound Blaster Cinema 2\Sound Blaster Cinema 2\SBCinema2.exe" [2014-02-24 1440768]
"UpdReg"="c:\windows\UpdReg.EXE" [2000-05-11 90112]
"USB3MON"="c:\program files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" [2014-06-27 292848]
"Fast Boot"="c:\program files (x86)\MSI\Fast Boot\StartFastBoot.exe" [2012-09-19 764472]
"Command Center"="c:\program files (x86)\MSI\Command Center\StartCommandCenter.exe" [2014-06-06 796328]
"SwitchBoard"="c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2014-08-26 4085896]
"Super Charger"="c:\program files (x86)\MSI\Super Charger\Super Charger.exe" [2014-04-08 1047536]
.
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"{80655FC2-A38F-4B8C-8775-9A3C68A6C305}"="c:\program files (x86)\MSI\Live Update\LU5\DL_FILE\Killer_Network_Drivers_1.1.42.1045\Setup.exe" [2014-04-17 126154328]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37.sys]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HitmanPro37Crusader]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HitmanPro37CrusaderBoot]
@=""
.
R1 zffjtkth;zffjtkth;c:\windows\system32\drivers\zffjtkth.sys;c:\windows\SYSNATIVE\drivers\zffjtkth.sys [x]
R2 aswStm;aswStm;c:\windows\system32\drivers\aswStm.sys;c:\windows\SYSNATIVE\drivers\aswStm.sys [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 igfxCUIService1.0.0.0;Intel® HD Graphics Control Panel Service;c:\windows\system32\igfxCUIService.exe;c:\windows\SYSNATIVE\igfxCUIService.exe [x]
R2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe;c:\program files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [x]
R2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [x]
R2 NitroDriverReadSpool9;NitroPDFDriverCreatorReadSpool9;c:\program files\Nitro\Pro 9\NitroPDFDriverService9x64.exe;c:\program files\Nitro\Pro 9\NitroPDFDriverService9x64.exe [x]
R2 NitroUpdateService;NitroUpdateService;c:\program files\Nitro\Pro 9\Nitro_UpdateService.exe;c:\program files\Nitro\Pro 9\Nitro_UpdateService.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 AcpiCtlDrv;AcpiCtlDrv;c:\windows\system32\DRIVERS\AcpiCtlDrv.sys;c:\windows\SYSNATIVE\DRIVERS\AcpiCtlDrv.sys [x]
R3 asmthub3;ASMedia USB3 Hub Service;c:\windows\system32\drivers\asmthub3.sys;c:\windows\SYSNATIVE\drivers\asmthub3.sys [x]
R3 asmtxhci;ASMEDIA XHCI Service;c:\windows\system32\drivers\asmtxhci.sys;c:\windows\SYSNATIVE\drivers\asmtxhci.sys [x]
R3 b06diag;Broadcom NetXtreme II Diag Driver;c:\windows\system32\drivers\bxdiaga.sys;c:\windows\SYSNATIVE\drivers\bxdiaga.sys [x]
R3 BFN7x64;Bigfoot Networks Killer Gaming Service;c:\windows\system32\drivers\Xeno7x64.sys;c:\windows\SYSNATIVE\drivers\Xeno7x64.sys [x]
R3 bxfcoe;bxfcoe;c:\windows\system32\drivers\bxfcoe.sys;c:\windows\SYSNATIVE\drivers\bxfcoe.sys [x]
R3 bxois;bxois;c:\windows\system32\drivers\bxois.sys;c:\windows\SYSNATIVE\drivers\bxois.sys [x]
R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys;c:\windows\SYSNATIVE\drivers\dmvsc.sys [x]
R3 EtronHub3;Etron USB 3.0 Extensible Hub Driver;c:\windows\System32\Drivers\EtronHub3.sys;c:\windows\SYSNATIVE\Drivers\EtronHub3.sys [x]
R3 EtronSTOR;Etron Enhance USB BOT/UASP Mass Storage Driver;c:\windows\System32\Drivers\EtronSTOR.sys;c:\windows\SYSNATIVE\Drivers\EtronSTOR.sys [x]
R3 EtronXHCI;Etron USB 3.0 Extensible Host Controller Driver;c:\windows\System32\Drivers\EtronXHCI.sys;c:\windows\SYSNATIVE\Drivers\EtronXHCI.sys [x]
R3 hitmanpro37;HitmanPro 3.7 Support Driver;c:\windows\system32\drivers\hitmanpro37.sys;c:\windows\SYSNATIVE\drivers\hitmanpro37.sys [x]
R3 ICCS;Intel® Integrated Clock Controller Service - Intel® ICCS;c:\program files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe;c:\program files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe [x]
R3 ICCWDT;Intel® Watchdog Timer Driver (Intel® WDT);c:\windows\system32\DRIVERS\ICCWDT.sys;c:\windows\SYSNATIVE\DRIVERS\ICCWDT.sys [x]
R3 intaud_WaveExtensible;Intel WiDi Audio Device;c:\windows\system32\drivers\intelaud.sys;c:\windows\SYSNATIVE\drivers\intelaud.sys [x]
R3 IntcDAud;Intel® Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]
R3 Intel® Capability Licensing Service TCP IP Interface;Intel® Capability Licensing Service TCP IP Interface;c:\program files\Intel\iCLS Client\SocketHeciServer.exe;c:\program files\Intel\iCLS Client\SocketHeciServer.exe [x]
R3 ioatdma1;ioatdma1;c:\windows\System32\Drivers\qd162x64.sys;c:\windows\SYSNATIVE\Drivers\qd162x64.sys [x]
R3 ioatdma2;Intel® QuickData Technology device ver.2;c:\windows\System32\Drivers\qd262x64.sys;c:\windows\SYSNATIVE\Drivers\qd262x64.sys [x]
R3 iumsvc;Intel® Update Manager;c:\program files (x86)\Intel\Intel® Update Manager\bin\iumsvc.exe;c:\program files (x86)\Intel\Intel® Update Manager\bin\iumsvc.exe [x]
R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
R3 MBAMWebAccessControl;MBAMWebAccessControl;c:\windows\system32\drivers\mwac.sys;c:\windows\SYSNATIVE\drivers\mwac.sys [x]
R3 MotioninJoyXFilter;MotioninJoy Virtual Xinput device Filter Driver;c:\windows\system32\DRIVERS\MijXfilt.sys;c:\windows\SYSNATIVE\DRIVERS\MijXfilt.sys [x]
R3 MSICDSetup;MSICDSetup;f:\cdriver64.sys;f:\CDriver64.sys [x]
R3 MyWiFiDHCPDNS;Wireless PAN DHCP Server;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe;c:\program files\Intel\WiFi\bin\PanDhcpDns.exe [x]
R3 NTIOLib_1_0_4;NTIOLib_1_0_4;c:\program files (x86)\MSI\Live Update\NTIOLib_X64.sys;c:\program files (x86)\MSI\Live Update\NTIOLib_X64.sys [x]
R3 NTIOLib_1_0_C;NTIOLib_1_0_C;f:\ntiolib_x64.sys;f:\NTIOLib_X64.sys [x]
R3 NTIOLib_MB;NTIOLib_MB;c:\program files (x86)\MSI\MSI Gaming APP\Lib\NTIOLib_X64.sys;c:\program files (x86)\MSI\MSI Gaming APP\Lib\NTIOLib_X64.sys [x]
R3 NTIOLib_MSIClock_CC;NTIOLib_MSIClock_CC;c:\program files (x86)\MSI\Command Center\ClockGen\NTIOLib_X64.sys;c:\program files (x86)\MSI\Command Center\ClockGen\NTIOLib_X64.sys [x]
R3 NTIOLib_MSICOMM_CC;NTIOLib_MSICOMM_CC;c:\program files (x86)\MSI\Command Center\NTIOLib_X64.sys;c:\program files (x86)\MSI\Command Center\NTIOLib_X64.sys [x]
R3 NTIOLib_MSICPU_CC;NTIOLib_MSICPU_CC;c:\program files (x86)\MSI\Command Center\CPU\NTIOLib_X64.sys;c:\program files (x86)\MSI\Command Center\CPU\NTIOLib_X64.sys [x]
R3 NTIOLib_MSIDDR_CC;NTIOLib_MSIDDR_CC;c:\program files (x86)\MSI\Command Center\DDR\NTIOLib_X64.sys;c:\program files (x86)\MSI\Command Center\DDR\NTIOLib_X64.sys [x]
R3 NTIOLib_MSIRatio_CC;NTIOLib_MSIRatio_CC;c:\program files (x86)\MSI\Command Center\CPU\CPU_Ratio\NTIOLib_X64.sys;c:\program files (x86)\MSI\Command Center\CPU\CPU_Ratio\NTIOLib_X64.sys [x]
R3 NTIOLib_MSISMB_CC;NTIOLib_MSISMB_CC;c:\program files (x86)\MSI\Command Center\SMBus\NTIOLib_X64.sys;c:\program files (x86)\MSI\Command Center\SMBus\NTIOLib_X64.sys [x]
R3 NTIOLib_MSISuperIO_CC;NTIOLib_MSISuperIO_CC;c:\program files (x86)\MSI\Command Center\SuperIO\NTIOLib_X64.sys;c:\program files (x86)\MSI\Command Center\SuperIO\NTIOLib_X64.sys [x]
R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;c:\windows\system32\drivers\nusb3hub.sys;c:\windows\SYSNATIVE\drivers\nusb3hub.sys [x]
R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;c:\windows\system32\drivers\nusb3xhc.sys;c:\windows\SYSNATIVE\drivers\nusb3xhc.sys [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [x]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys;c:\windows\SYSNATIVE\drivers\synth3dvsc.sys [x]
R3 terminpt;Microsoft Remote Desktop Input Driver;c:\windows\system32\drivers\terminpt.sys;c:\windows\SYSNATIVE\drivers\terminpt.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys;c:\windows\SYSNATIVE\drivers\tsusbhub.sys [x]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys;c:\windows\SYSNATIVE\drivers\rdvgkmd.sys [x]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
S0 aswNdisFlt;Avast! Firewall Driver;c:\windows\system32\DRIVERS\aswNdisFlt.sys;c:\windows\SYSNATIVE\DRIVERS\aswNdisFlt.sys [x]
S0 aswRvrt;avast! Revert; [x]
S0 aswVmm;avast! VM Monitor; [x]
S0 iusb3hcs;Intel® USB 3.0 Host Controller Switch Driver;c:\windows\system32\DRIVERS\iusb3hcs.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hcs.sys [x]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys;c:\windows\SYSNATIVE\Drivers\PxHlpa64.sys [x]
S1 aswKbd;aswKbd;c:\windows\system32\drivers\aswKbd.sys;c:\windows\SYSNATIVE\drivers\aswKbd.sys [x]
S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys;c:\windows\SYSNATIVE\drivers\aswSnx.sys [x]
S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys;c:\windows\SYSNATIVE\drivers\aswSP.sys [x]
S1 BfLwf;Qualcomm Atheros Bandwidth Control;c:\windows\system32\DRIVERS\bflwfx64.sys;c:\windows\SYSNATIVE\DRIVERS\bflwfx64.sys [x]
S2 aswHwid;avast! HardwareID;c:\windows\system32\drivers\aswHwid.sys;c:\windows\SYSNATIVE\drivers\aswHwid.sys [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]
S2 avast! Firewall;avast! Firewall;c:\program files\AVAST Software\Avast\afwServ.exe;c:\program files\AVAST Software\Avast\afwServ.exe [x]
S2 Bluetooth Device Monitor;Bluetooth Device Monitor;c:\program files (x86)\Intel\Bluetooth\devmonsrv.exe;c:\program files (x86)\Intel\Bluetooth\devmonsrv.exe [x]
S2 Bluetooth Media Service;Bluetooth Media Service;c:\program files (x86)\Intel\Bluetooth\mediasrv.exe;c:\program files (x86)\Intel\Bluetooth\mediasrv.exe [x]
S2 Bluetooth OBEX Service;Bluetooth OBEX Service;c:\program files (x86)\Intel\Bluetooth\obexsrv.exe;c:\program files (x86)\Intel\Bluetooth\obexsrv.exe [x]
S2 GamingApp_Service;GamingApp_Service;c:\program files (x86)\MSI\MSI Gaming APP\GamingApp_Service.exe;c:\program files (x86)\MSI\MSI Gaming APP\GamingApp_Service.exe [x]
S2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;c:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe;c:\program files (x86)\LogMeIn Hamachi\hamachi-2.exe [x]
S2 jhi_service;Intel® Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe;c:\program files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [x]
S2 LMIGuardianSvc;LMIGuardianSvc;c:\program files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe;c:\program files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [x]
S2 MSI_FastBoot;MSI_FastBoot;c:\program files (x86)\MSI\Fast Boot\FastBootService.exe;c:\program files (x86)\MSI\Fast Boot\FastBootService.exe [x]
S2 MSI_LiveUpdate_Service;MSI_LiveUpdate_Service;c:\program files (x86)\MSI\Live Update\MSI_LiveUpdate_Service.exe;c:\program files (x86)\MSI\Live Update\MSI_LiveUpdate_Service.exe [x]
S2 MSI_SuperCharger;MSI_SuperCharger;c:\program files (x86)\MSI\Super Charger\ChargeService.exe;c:\program files (x86)\MSI\Super Charger\ChargeService.exe [x]
S2 MSI_Trigger_Service;MSI_Trigger_Service;c:\program files (x86)\MSI\MSITrigger\MSI_Trigger_Service.exe;c:\program files (x86)\MSI\MSITrigger\MSI_Trigger_Service.exe [x]
S2 nlsX86cc;Nalpeiron Licensing Service;c:\windows\SysWOW64\NLSSRV32.EXE;c:\windows\SysWOW64\NLSSRV32.EXE [x]
S2 NvNetworkService;NVIDIA Network Service;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [x]
S2 NvStreamSvc;NVIDIA Streamer Service;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [x]
S2 Qualcomm Atheros Killer Service V2;Qualcomm Atheros Killer Service V2;c:\program files\Qualcomm Atheros\Network Manager\KillerService.exe;c:\program files\Qualcomm Atheros\Network Manager\KillerService.exe [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S2 SuperRAIDSvc;SuperRAIDSvc;c:\msi\Smart Utilities\SuperRAIDSvc.exe;c:\msi\Smart Utilities\SuperRAIDSvc.exe [x]
S2 ZeroConfigService;Intel® PROSet/Wireless Zero Configuration Service;c:\program files\Intel\WiFi\bin\ZeroConfigService.exe;c:\program files\Intel\WiFi\bin\ZeroConfigService.exe [x]
S3 btmaux;Intel Bluetooth Auxiliary Service;c:\windows\system32\DRIVERS\btmaux.sys;c:\windows\SYSNATIVE\DRIVERS\btmaux.sys [x]
S3 btmhsf;btmhsf;c:\windows\system32\DRIVERS\btmhsf.sys;c:\windows\SYSNATIVE\DRIVERS\btmhsf.sys [x]
S3 ibtusb;Intel® Wireless Bluetooth® 4.0 + HS Adapter;c:\windows\system32\DRIVERS\ibtusb.sys;c:\windows\SYSNATIVE\DRIVERS\ibtusb.sys [x]
S3 ISCT;Intel® Smart Connect Technology Device Driver;c:\windows\system32\DRIVERS\ISCTD64.sys;c:\windows\SYSNATIVE\DRIVERS\ISCTD64.sys [x]
S3 iusb3hub;Intel® USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\iusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hub.sys [x]
S3 iusb3xhc;Intel® USB 3.0 eXtensible Host Controller Driver;c:\windows\system32\DRIVERS\iusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3xhc.sys [x]
S3 iwdbus;IWD Bus Enumerator;c:\windows\system32\DRIVERS\iwdbus.sys;c:\windows\SYSNATIVE\DRIVERS\iwdbus.sys [x]
S3 Ke2200;NDIS Miniport Driver for Killer e2201/e2202 PCI-E Ethernet Controller;c:\windows\system32\DRIVERS\e22w7x64.sys;c:\windows\SYSNATIVE\DRIVERS\e22w7x64.sys [x]
S3 LEqdUsb;Logitech SetPoint Unifying KMDF USB Filter;c:\windows\system32\DRIVERS\LEqdUsb.Sys;c:\windows\SYSNATIVE\DRIVERS\LEqdUsb.Sys [x]
S3 LHidEqd;Logitech SetPoint Unifying KMDF HID Filter;c:\windows\system32\DRIVERS\LHidEqd.Sys;c:\windows\SYSNATIVE\DRIVERS\LHidEqd.Sys [x]
S3 MBfilt;MBfilt;c:\windows\system32\drivers\MBfilt64.sys;c:\windows\SYSNATIVE\drivers\MBfilt64.sys [x]
S3 NTIOLib_1_0_3;NTIOLib_1_0_3;c:\program files (x86)\MSI\Super Charger\NTIOLib_X64.sys;c:\program files (x86)\MSI\Super Charger\NTIOLib_X64.sys [x]
S3 NTIOLib_FastBoot;NTIOLib_FastBoot;c:\program files (x86)\MSI\Fast Boot\NTIOLib_X64.sys;c:\program files (x86)\MSI\Fast Boot\NTIOLib_X64.sys [x]
S3 NTIOLib_MSI_RAID;NTIOLib_MSI_RAID;c:\msi\Smart Utilities\NTIOLib_X64.sys;c:\msi\Smart Utilities\NTIOLib_X64.sys [x]
S3 NvStreamKms;NvStreamKms;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [x]
S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x]
S3 usb3Hub;UoIP Hub;c:\windows\system32\DRIVERS\usb3Hub.sys;c:\windows\SYSNATIVE\DRIVERS\usb3Hub.sys [x]
.
.
--- Other Services/Drivers In Memory ---
.
*NewlyCreated* - 70158001
*NewlyCreated* - NTIOLIB_MSI_RAID
*Deregistered* - 70158001
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2014-07-21 16:36 1210320 ------w- c:\program files (x86)\Google\Chrome\Application\31.0.1650.59\Installer\chrmstp.exe
.
Contents of the 'Scheduled Tasks' folder
.
2014-08-27 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-07-21 13:38]
.
2014-08-27 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-07-21 16:36]
.
2014-08-27 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2014-07-21 16:36]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2014-08-26 12:51 634872 ------w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"BLEServicesCtrl"="c:\program files (x86)\Intel\Bluetooth\BleServicesCtrl.exe" [2013-11-13 184632]
"BTMTrayAgent"="c:\program files (x86)\Intel\Bluetooth\btmshellex.dll" [2013-11-07 7818552]
"RTHDVCPL"="c:\program files\Realtek\Audio\HDA\RtkNGUI64.exe" [2014-03-04 7543000]
"MBCfg64"="c:\windows\system32\MBCfg64.dll" [2014-02-21 41088]
"NvBackend"="c:\program files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" [2014-08-09 2403288]
"ShadowPlay"="c:\windows\system32\nvspcap64.dll" [2014-08-09 1283136]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2012-04-04 446392]
"EvtMgr6"="c:\program files\Logitech\SetPointP\SetPoint.exe" [2014-05-19 3100440]
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = www.google.com
mLocal Page = c:\windows\SysWOW64\blank.htm
Trusted Zone: clonewarsadventures.com
Trusted Zone: freerealms.com
Trusted Zone: soe.com
Trusted Zone: sony.com
FF - ProfilePath - c:\users\Reece\AppData\Roaming\Mozilla\Firefox\Profiles\q0jqedg5.default\
.
- - - - ORPHANS REMOVED - - - -
.
Wow6432Node-HKCU-Run-AdobeBridge - (no file)
Wow6432Node-HKCU-Run-RESTART_STICKY_NOTES - c:\windows\System32\StikyNot.exe
Wow6432Node-HKCU-Run-Usrcheat Downloader - c:\program files\Syntechx.com\Usrcheat Downloader\usrcheat_downloader.exe
Wow6432Node-HKLM-Run-<NO NAME> - (no file)
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
AddRemove-Afterburner - e:\programs\MSI Afterburner\uninstall.exe
AddRemove-Battlelog Web Plugins - c:\program files (x86)\Battlelog Web Plugins\uninstall.exe
AddRemove-{2397CAD4-2263-4CD0-96BE-E43A980B9C9A}_is1 - e:\programs\FurMark_1.13.0\unins000.exe
AddRemove-{4F46CF54-47D2-41F4-B230-B0954C544420}}_is1 - c:\program files (x86)\MSI\Live Update\unins000.exe
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\Approved Extensions]
@Denied: (2) (LocalSystem)
"{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}"=hex:51,66,7a,6c,4c,1d,38,12,d5,94,07,
   72,c2,98,42,03,c9,fd,97,9a,f4,87,69,57
"{DBC80044-A445-435B-BC74-9C25C1C588A9}"=hex:51,66,7a,6c,4c,1d,38,12,2a,03,db,
   df,77,ea,35,06,c3,62,df,65,c4,9b,cc,bd
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_14_0_0_176_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_14_0_0_176_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_14_0_0_176_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_14_0_0_176_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_14_0_0_176.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.14"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_14_0_0_176.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_14_0_0_176.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_14_0_0_176.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2014-08-27  20:37:40
ComboFix-quarantined-files.txt  2014-08-27 19:37
.
Pre-Run: 121,819,062,272 bytes free
Post-Run: 121,747,058,688 bytes free
.
- - End Of File - - 12A855527C855BF83B9F4BC8082E4D4D
A36C5E4F47E84449FF07ED3517B43A31


#6 aharonov

aharonov

  • Malware Response Team
  • 2,441 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:08:39 PM

Posted 27 August 2014 - 03:09 PM

What problems and symptoms are you still experiencing right now?

#7 reece159

reece159
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:07:39 PM

Posted 27 August 2014 - 03:11 PM

To be honest, its hard to say if it's really gone. Right now I have no issues, but I've gone several days without it resurfacing before, so its hard to say if its gone.



#8 aharonov

aharonov

  • Malware Response Team
  • 2,441 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:08:39 PM

Posted 27 August 2014 - 03:16 PM

Ok, keep observing carefully and report it when something appears. In the meantime we run a scan with ESET:


Please download the ESET Online Scanner and save it to your Desktop.
  • Disable the realtime-protection of your antivirus and anti-malware programs because they might interfere with the scan.
  • Start esetsmartinstaller_enu.exe with administartor privileges.
  • Select the option Yes, I accept the Terms of Use and click on Start.
  • Make sure that the option Remove found threats is NOT checked, and the option Scan archives is checked.
  • Now click on Advanced Settings and select the following:
    • Scan for potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth Technology
  • Click on Start. The virus signature database will begin to download. This may take some time.
  • When completed the Online Scan will begin automatically.
    Note: This scan might take a long time! Please be patient.
  • When completed select Uninstall application on close if you so wish, but make sure you copy the logfile first!
  • Now click on Finish
  • A log file is created at C:\Program Files\ESET\EsetOnlineScanner\log.txt.
    Copy and paste the content of this log file in your next reply.
Note: Do not forget to re-enable your antivirus application after running the above scan!

#9 reece159

reece159
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:07:39 PM

Posted 27 August 2014 - 04:17 PM

Scanning with eset now, but the malware does appear to still exist. Six processes of iexplore.exe were running. Also, i got a new tab saying some garbled extension (something like eyfewubfuyewfiuwe) could not be found. I deleted iexplore itself for now, so that those processes wont meddle with anything.



#10 aharonov

aharonov

  • Malware Response Team
  • 2,441 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:08:39 PM

Posted 27 August 2014 - 04:40 PM

Alright, let's see what ESET shows.

#11 reece159

reece159
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:07:39 PM

Posted 28 August 2014 - 02:05 AM

C:\MSIServiceCfg_CC\function.exe Win32/Ramnit.H virus
C:\Program Files\Adobe\Adobe After Effects CS6\Support Files\32\libmmd.dll Win32/Ramnit.H virus
C:\Program Files\Adobe\Adobe After Effects CS6\Support Files\32\mc_enc_dv.dll Win32/Ramnit.H virus
C:\Program Files\Adobe\Adobe After Effects CS6\Support Files\Plug-ins\Effects\mochaAE\(Mocha Support)\MediaIOServer\bin\CORE_RL_bzlib_.dll Win32/Ramnit.H virus
C:\Program Files\Adobe\Adobe After Effects CS6\Support Files\Plug-ins\Effects\mochaAE\(Mocha Support)\MediaIOServer\bin\CORE_RL_jbig_.dll Win32/Ramnit.H virus
C:\Program Files\Adobe\Adobe After Effects CS6\Support Files\Plug-ins\Effects\mochaAE\(Mocha Support)\MediaIOServer\bin\CORE_RL_jp2_.dll Win32/Ramnit.H virus
C:\Program Files\Adobe\Adobe After Effects CS6\Support Files\Plug-ins\Effects\mochaAE\(Mocha Support)\MediaIOServer\bin\CORE_RL_jpeg_.dll Win32/Ramnit.H virus
C:\Program Files\Adobe\Adobe After Effects CS6\Support Files\Plug-ins\Effects\mochaAE\(Mocha Support)\MediaIOServer\bin\CORE_RL_lcms_.dll Win32/Ramnit.H virus
C:\Program Files\Adobe\Adobe After Effects CS6\Support Files\Plug-ins\Effects\mochaAE\(Mocha Support)\MediaIOServer\bin\CORE_RL_libxml_.dll Win32/Ramnit.H virus
C:\Program Files\Adobe\Adobe After Effects CS6\Support Files\Plug-ins\Effects\mochaAE\(Mocha Support)\MediaIOServer\bin\CORE_RL_magick_.dll Win32/Ramnit.H virus
C:\Program Files\Adobe\Adobe After Effects CS6\Support Files\Plug-ins\Effects\mochaAE\(Mocha Support)\MediaIOServer\bin\CORE_RL_png_.dll Win32/Ramnit.H virus
C:\Program Files\Adobe\Adobe After Effects CS6\Support Files\Plug-ins\Effects\mochaAE\(Mocha Support)\MediaIOServer\bin\CORE_RL_tiff_.dll Win32/Ramnit.H virus
C:\Program Files\Adobe\Adobe After Effects CS6\Support Files\Plug-ins\Effects\mochaAE\(Mocha Support)\MediaIOServer\bin\CORE_RL_ttf_.dll Win32/Ramnit.H virus
C:\Program Files\Adobe\Adobe After Effects CS6\Support Files\Plug-ins\Effects\mochaAE\(Mocha Support)\MediaIOServer\bin\CORE_RL_wand_.dll Win32/Ramnit.H virus
C:\Program Files\Adobe\Adobe After Effects CS6\Support Files\Plug-ins\Effects\mochaAE\(Mocha Support)\MediaIOServer\bin\CORE_RL_xlib_.dll Win32/Ramnit.H virus
C:\Program Files\Adobe\Adobe After Effects CS6\Support Files\Plug-ins\Effects\mochaAE\(Mocha Support)\MediaIOServer\bin\CORE_RL_zlib_.dll Win32/Ramnit.H virus
C:\Program Files\Adobe\Adobe After Effects CS6\Support Files\Plug-ins\Effects\mochaAE\(Mocha Support)\MediaIOServer\bin\gandalf.dll Win32/Ramnit.H virus
C:\Program Files\Adobe\Adobe After Effects CS6\Support Files\Plug-ins\Effects\mochaAE\(Mocha Support)\MediaIOServer\bin\glew.dll Win32/Ramnit.H virus
C:\Program Files\Adobe\Adobe After Effects CS6\Support Files\Plug-ins\Effects\mochaAE\(Mocha Support)\MediaIOServer\bin\jpeg.dll Win32/Ramnit.H virus
C:\Program Files\Adobe\Adobe After Effects CS6\Support Files\Plug-ins\Effects\mochaAE\(Mocha Support)\MediaIOServer\bin\MediaIOServer.exe Win32/Ramnit.H virus
C:\Program Files\Adobe\Adobe After Effects CS6\Support Files\Plug-ins\Effects\mochaAE\(Mocha Support)\MediaIOServer\bin\png.dll Win32/Ramnit.H virus
C:\Program Files\Adobe\Adobe After Effects CS6\Support Files\Plug-ins\Effects\mochaAE\(Mocha Support)\MediaIOServer\bin\Qt3Support4.dll Win32/Ramnit.H virus
C:\Program Files\Adobe\Adobe After Effects CS6\Support Files\Plug-ins\Effects\mochaAE\(Mocha Support)\MediaIOServer\bin\QtAssistantClient4.dll Win32/Ramnit.H virus
C:\Program Files\Adobe\Adobe After Effects CS6\Support Files\Plug-ins\Effects\mochaAE\(Mocha Support)\MediaIOServer\bin\QtCLucene4.dll Win32/Ramnit.H virus
C:\Program Files\Adobe\Adobe After Effects CS6\Support Files\Plug-ins\Effects\mochaAE\(Mocha Support)\MediaIOServer\bin\QtCore4.dll Win32/Ramnit.H virus
C:\Program Files\Adobe\Adobe After Effects CS6\Support Files\Plug-ins\Effects\mochaAE\(Mocha Support)\MediaIOServer\bin\QtDesigner4.dll Win32/Ramnit.H virus
C:\Program Files\Adobe\Adobe After Effects CS6\Support Files\Plug-ins\Effects\mochaAE\(Mocha Support)\MediaIOServer\bin\QtDesignerComponents4.dll Win32/Ramnit.H virus
C:\Program Files\Adobe\Adobe After Effects CS6\Support Files\Plug-ins\Effects\mochaAE\(Mocha Support)\MediaIOServer\bin\QtGui4.dll Win32/Ramnit.H virus
C:\Program Files\Adobe\Adobe After Effects CS6\Support Files\Plug-ins\Effects\mochaAE\(Mocha Support)\MediaIOServer\bin\QtHelp4.dll Win32/Ramnit.H virus
C:\Program Files\Adobe\Adobe After Effects CS6\Support Files\Plug-ins\Effects\mochaAE\(Mocha Support)\MediaIOServer\bin\QtMultimedia4.dll Win32/Ramnit.H virus
C:\Program Files\Adobe\Adobe After Effects CS6\Support Files\Plug-ins\Effects\mochaAE\(Mocha Support)\MediaIOServer\bin\QtNetwork4.dll Win32/Ramnit.H virus
C:\Program Files\Adobe\Adobe After Effects CS6\Support Files\Plug-ins\Effects\mochaAE\(Mocha Support)\MediaIOServer\bin\QtOpenGL4.dll Win32/Ramnit.H virus
C:\Program Files\Adobe\Adobe After Effects CS6\Support Files\Plug-ins\Effects\mochaAE\(Mocha Support)\MediaIOServer\bin\QtScript4.dll Win32/Ramnit.H virus
C:\Program Files\Adobe\Adobe After Effects CS6\Support Files\Plug-ins\Effects\mochaAE\(Mocha Support)\MediaIOServer\bin\QtScriptTools4.dll Win32/Ramnit.H virus
C:\Program Files\Adobe\Adobe After Effects CS6\Support Files\Plug-ins\Effects\mochaAE\(Mocha Support)\MediaIOServer\bin\QtSql4.dll Win32/Ramnit.H virus
C:\Program Files\Adobe\Adobe After Effects CS6\Support Files\Plug-ins\Effects\mochaAE\(Mocha Support)\MediaIOServer\bin\QtSvg4.dll Win32/Ramnit.H virus
C:\Program Files\Adobe\Adobe After Effects CS6\Support Files\Plug-ins\Effects\mochaAE\(Mocha Support)\MediaIOServer\bin\QtTest4.dll Win32/Ramnit.H virus
C:\Program Files\Adobe\Adobe After Effects CS6\Support Files\Plug-ins\Effects\mochaAE\(Mocha Support)\MediaIOServer\bin\QtWebKit4.dll Win32/Ramnit.H virus
C:\Program Files\Adobe\Adobe After Effects CS6\Support Files\Plug-ins\Effects\mochaAE\(Mocha Support)\MediaIOServer\bin\QtXml4.dll Win32/Ramnit.H virus
C:\Program Files\Adobe\Adobe After Effects CS6\Support Files\Plug-ins\Effects\mochaAE\(Mocha Support)\MediaIOServer\bin\QtXmlPatterns4.dll Win32/Ramnit.H virus
C:\Program Files\Adobe\Adobe After Effects CS6\Support Files\Plug-ins\Effects\mochaAE\(Mocha Support)\MediaIOServer\bin\tiff.dll Win32/Ramnit.H virus
C:\Program Files\Adobe\Adobe After Effects CS6\Support Files\Plug-ins\Effects\mochaAE\(Mocha Support)\MediaIOServer\bin\zlib1.dll Win32/Ramnit.H virus
C:\Program Files\Adobe\Adobe After Effects CS6\Support Files\Plug-ins\Effects\Synthetic Aperture\(CF3 Support)\SA Color Finesse 3 UI.exe Win32/Ramnit.H virus
C:\Program Files\Adobe\Adobe After Effects CS6\Support Files\Plug-ins\Format\ProImport\Supporting Files\AAFCOAPI.dll Win32/Ramnit.H virus
C:\Program Files\Adobe\Adobe After Effects CS6\Support Files\Plug-ins\Format\ProImport\Supporting Files\Automatic Duck.exe Win32/Ramnit.H virus
C:\Program Files\Adobe\Adobe After Effects CS6\Support Files\Plug-ins\Format\ProImport\Supporting Files\aafext\AAFINTP.dll Win32/Ramnit.H virus
C:\Program Files\Adobe\Adobe After Effects CS6\Support Files\Plug-ins\Format\ProImport\Supporting Files\aafext\AAFPGAPI.dll Win32/Ramnit.H virus
C:\Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\Adobe3DAndVideoServer\glut32.dll Win32/Ramnit.H virus
C:\Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\Adobe3DAndVideoServer\msvcp80.dll Win32/Ramnit.H virus
C:\Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\Adobe3DAndVideoServer\msvcr80.dll Win32/Ramnit.H virus
C:\Program Files\Adobe\Adobe Bridge CS6 (64 Bit)\Adobe3DAndVideoServer\QuickTimeGlue.dll Win32/Ramnit.H virus
C:\Program Files\Adobe\Adobe Media Encoder CS6\32\libmmd.dll Win32/Ramnit.H virus
C:\Program Files\Adobe\Adobe Media Encoder CS6\32\mc_dec_dv.dll Win32/Ramnit.H virus
C:\Program Files\Adobe\Adobe Media Encoder CS6\32\mc_enc_dv.dll Win32/Ramnit.H virus
C:\Program Files\Adobe\Adobe Media Encoder CS6\Required\AdobeQTServer.exe Win32/Ramnit.H virus
C:\Program Files\Adobe\Adobe Photoshop CS6 (64 Bit)\Required\Droplet Template.exe Win32/Ramnit.H virus
C:\Program Files\Adobe\Adobe Premiere Pro CS6\32\libmmd.dll Win32/Ramnit.H virus
C:\Program Files\Adobe\Adobe Premiere Pro CS6\32\mc_enc_dv.dll Win32/Ramnit.H virus
C:\Program Files\Common Files\Logishrd\sp6_Uninstall\tools\Expr9_Dll.dll Win32/Ramnit.H virus
C:\Program Files\Intel\Media SDK\mfx_mft_h264vd_w7_32.dll Win32/Ramnit.H virus
C:\Program Files\Intel\Media SDK\mfx_mft_mjpgvd_w7_32.dll Win32/Ramnit.H virus
C:\Program Files\Intel\Media SDK\mfx_mft_mp2vd_w7_32.dll Win32/Ramnit.H virus
C:\Program Files\Intel\Media SDK\mfx_mft_vc1vd_w7_32.dll Win32/Ramnit.H virus
C:\Program Files\Intel\Media SDK\mfx_mft_vpp_w7_32.dll Win32/Ramnit.H virus
C:\Program Files\MSI Kombustor 3.0\CpuBurner.exe Win32/Ramnit.H virus
C:\Program Files\MSI Kombustor 3.0\gpushark.exe Win32/Ramnit.H virus
C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\ccme_base.dll Win32/Ramnit.H virus
C:\Program Files (x86)\Adobe\Acrobat 10.0\Acrobat\cryptocme2.dll Win32/Ramnit.H virus
C:\Program Files (x86)\Adobe\Adobe Dreamweaver CS6\configuration\Commands\XSLT_ConditionDialog.htm Win32/Ramnit.A virus
C:\Program Files (x86)\Adobe\Adobe Dreamweaver CS6\configuration\Commands\XSLT_EntityDecl.htm Win32/Ramnit.A virus
C:\Program Files (x86)\Adobe\Adobe Dreamweaver CS6\configuration\Commands\XSLT_MultiConditionDialog.htm Win32/Ramnit.A virus
C:\Program Files (x86)\Adobe\Adobe Dreamweaver CS6\configuration\Content\Reference\CFFunctions\cffn131.htm Win32/Ramnit.A virus
C:\Program Files (x86)\Adobe\Adobe Dreamweaver CS6\configuration\Content\Reference\CFFunctions\cffn132.htm Win32/Ramnit.A virus
C:\Program Files (x86)\Adobe\Adobe Dreamweaver CS6\configuration\Content\Reference\CFFunctions\cffn133.htm Win32/Ramnit.A virus
C:\Program Files (x86)\Adobe\Adobe Dreamweaver CS6\configuration\Content\Reference\CFFunctions\cffn134.htm Win32/Ramnit.A virus
C:\Program Files (x86)\Adobe\Adobe Dreamweaver CS6\configuration\Content\Reference\CFFunctions\cffn136.htm Win32/Ramnit.A virus
C:\Program Files (x86)\Adobe\Adobe Dreamweaver CS6\configuration\Content\Reference\CFFunctions\cffn137.htm Win32/Ramnit.A virus
C:\Program Files (x86)\Adobe\Adobe Dreamweaver CS6\configuration\Content\Reference\CFFunctions\cffn139.htm Win32/Ramnit.A virus
C:\Program Files (x86)\Adobe\Adobe Dreamweaver CS6\configuration\Content\Reference\CFFunctions\cffn14.htm Win32/Ramnit.A virus
C:\Program Files (x86)\Adobe\Adobe Dreamweaver CS6\configuration\Content\Reference\CFFunctions\cffn140.htm Win32/Ramnit.A virus
C:\Program Files (x86)\Adobe\Adobe Dreamweaver CS6\configuration\Content\Reference\CFFunctions\cffn141.htm Win32/Ramnit.A virus
C:\Program Files (x86)\Adobe\Adobe Dreamweaver CS6\configuration\Content\Reference\CFFunctions\cffn142.htm Win32/Ramnit.A virus
C:\Program Files (x86)\Adobe\Adobe Dreamweaver CS6\configuration\Content\Reference\CFFunctions\cffn143.htm Win32/Ramnit.A virus
C:\Program Files (x86)\Adobe\Adobe Dreamweaver CS6\configuration\Content\Reference\CFFunctions\cffn144.htm Win32/Ramnit.A virus
C:\Program Files (x86)\Adobe\Adobe Dreamweaver CS6\configuration\Content\Reference\CFFunctions\cffn145.htm Win32/Ramnit.A virus
C:\Program Files (x86)\Adobe\Adobe Dreamweaver CS6\configuration\Content\Reference\CFFunctions\cffn146.htm Win32/Ramnit.A virus
C:\Program Files (x86)\Adobe\Adobe Dreamweaver CS6\configuration\Content\Reference\CFFunctions\cffn148.htm Win32/Ramnit.A virus
C:\Program Files (x86)\Adobe\Adobe Dreamweaver CS6\configuration\Content\Reference\CFFunctions\cffn149.htm Win32/Ramnit.A virus
C:\Program Files (x86)\Adobe\Adobe Dreamweaver CS6\configuration\Content\Reference\CFFunctions\cffn15.htm Win32/Ramnit.A virus
C:\Program Files (x86)\Adobe\Adobe Dreamweaver CS6\configuration\Content\Reference\CFFunctions\cffn77.htm Win32/Ramnit.A virus
C:\Program Files (x86)\Adobe\Adobe Dreamweaver CS6\configuration\Content\Reference\CFFunctions\cffn78.htm Win32/Ramnit.A virus
C:\Program Files (x86)\Adobe\Adobe Dreamweaver CS6\configuration\Content\Reference\CFFunctions\cffn79.htm Win32/Ramnit.A virus
C:\Program Files (x86)\Adobe\Adobe Dreamweaver CS6\configuration\Content\Reference\CFFunctions\cffn8.htm Win32/Ramnit.A virus
C:\Program Files (x86)\Adobe\Adobe Dreamweaver CS6\configuration\Content\Reference\CFFunctions\cffn80.htm Win32/Ramnit.A virus
C:\Program Files (x86)\Adobe\Adobe Dreamweaver CS6\configuration\Content\Reference\CFML\cfml102.htm Win32/Ramnit.A virus
C:\Program Files (x86)\Adobe\Adobe Dreamweaver CS6\configuration\Content\Reference\CFML\cfml103.htm Win32/Ramnit.A virus
C:\Program Files (x86)\Adobe\Adobe Dreamweaver CS6\configuration\Content\Reference\CFML\cfml104.htm Win32/Ramnit.A virus
C:\Program Files (x86)\Adobe\Adobe Dreamweaver CS6\configuration\Content\Reference\CFML\cfml84.htm Win32/Ramnit.A virus
C:\Program Files (x86)\Adobe\Adobe Dreamweaver CS6\configuration\Content\Reference\CFML\cfml85.htm Win32/Ramnit.A virus
C:\Program Files (x86)\Adobe\Adobe Dreamweaver CS6\configuration\Content\Reference\CFML\cfml86.htm Win32/Ramnit.A virus
C:\Program Files (x86)\Adobe\Adobe Dreamweaver CS6\configuration\Content\Reference\CFML\cfml87.htm Win32/Ramnit.A virus
C:\Program Files (x86)\Adobe\Adobe Dreamweaver CS6\configuration\Content\Reference\CFML\cfml88.htm Win32/Ramnit.A virus
C:\Program Files (x86)\Adobe\Adobe Dreamweaver CS6\configuration\Content\Reference\CFML\cfml89.htm Win32/Ramnit.A virus
C:\Program Files (x86)\Adobe\Adobe Dreamweaver CS6\configuration\Content\Reference\CFML\cfml9.htm Win32/Ramnit.A virus
C:\Program Files (x86)\Adobe\Adobe Dreamweaver CS6\configuration\Content\Reference\CFML\cfml90.htm Win32/Ramnit.A virus
C:\Program Files (x86)\Adobe\Adobe Dreamweaver CS6\configuration\Content\Reference\CFML\cfml93.htm Win32/Ramnit.A virus
C:\Program Files (x86)\Adobe\Adobe Dreamweaver CS6\configuration\Content\Reference\CFML\cfml94.htm Win32/Ramnit.A virus
C:\Program Files (x86)\Adobe\Adobe Flash Builder 4.6\eclipse\plugins\org.eclipse.equinox.launcher.win32.win32.x86_1.1.100.v20110502\eclipse_1406.dll Win32/Ramnit.H virus
C:\Program Files (x86)\Adobe\Adobe Flash Builder 4.6\jre\bin\awt.dll Win32/Ramnit.H virus
C:\Program Files (x86)\Adobe\Adobe Flash Builder 4.6\jre\bin\axbridge.dll Win32/Ramnit.H virus
C:\Program Files (x86)\Adobe\Adobe Flash Builder 4.6\jre\bin\cmm.dll Win32/Ramnit.H virus
C:\Program Files (x86)\Adobe\Adobe Flash Builder 4.6\jre\bin\dcpr.dll Win32/Ramnit.H virus
C:\Program Files (x86)\Adobe\Adobe Flash Builder 4.6\jre\bin\deploy.dll Win32/Ramnit.H virus
C:\Program Files (x86)\Adobe\Adobe Flash Builder 4.6\jre\bin\dt_shmem.dll Win32/Ramnit.H virus
C:\Program Files (x86)\Adobe\Adobe Flash Builder 4.6\jre\bin\dt_socket.dll Win32/Ramnit.H virus
C:\Program Files (x86)\Adobe\Adobe Flash Builder 4.6\jre\bin\eula.dll Win32/Ramnit.H virus
C:\Program Files (x86)\Adobe\Adobe Flash Builder 4.6\jre\bin\fontmanager.dll Win32/Ramnit.H virus
C:\Program Files (x86)\Adobe\Adobe Flash Builder 4.6\jre\bin\hpi.dll Win32/Ramnit.H virus
C:\Program Files (x86)\Adobe\Adobe Flash Builder 4.6\jre\bin\hprof.dll Win32/Ramnit.H virus
C:\Program Files (x86)\Adobe\Adobe Flash Builder 4.6\jre\bin\instrument.dll Win32/Ramnit.H virus
C:\Program Files (x86)\Adobe\Adobe Flash Builder 4.6\jre\bin\ioser12.dll Win32/Ramnit.H virus
C:\Program Files (x86)\Adobe\Adobe Flash Builder 4.6\jre\bin\j2pcsc.dll Win32/Ramnit.H virus
C:\Program Files (x86)\Adobe\Adobe Flash Builder 4.6\jre\bin\j2pkcs11.dll Win32/Ramnit.H virus
C:\Program Files (x86)\Adobe\Adobe Flash Builder 4.6\jre\bin\jaas_nt.dll Win32/Ramnit.H virus
C:\Program Files (x86)\Adobe\Adobe Flash Builder 4.6\jre\bin\java.dll Win32/Ramnit.H virus
C:\Program Files (x86)\Adobe\Adobe Flash Builder 4.6\jre\bin\java_crw_demo.dll Win32/Ramnit.H virus
C:\Program Files (x86)\Adobe\Adobe Flash Builder 4.6\jre\bin\jawt.dll Win32/Ramnit.H virus
C:\Program Files (x86)\Adobe\Adobe Flash Builder 4.6\jre\bin\JdbcOdbc.dll Win32/Ramnit.H virus
C:\Program Files (x86)\Adobe\Adobe Flash Builder 4.6\jre\bin\jdwp.dll Win32/Ramnit.H virus
C:\Program Files (x86)\Adobe\Adobe Flash Builder 4.6\jre\bin\jkernel.dll Win32/Ramnit.H virus
C:\Program Files (x86)\Adobe\Adobe Flash Builder 4.6\jre\bin\jli.dll Win32/Ramnit.H virus
C:\Program Files (x86)\Adobe\Adobe Flash Builder 4.6\jre\bin\jp2native.dll Win32/Ramnit.H virus
C:\Program Files (x86)\Adobe\Adobe Flash Builder 4.6\jre\bin\jpeg.dll Win32/Ramnit.H virus
C:\Program Files (x86)\Adobe\Adobe Flash Builder 4.6\jre\bin\jpicom.dll Win32/Ramnit.H virus
C:\Program Files (x86)\Adobe\Adobe Flash Builder 4.6\jre\bin\jpiexp.dll Win32/Ramnit.H virus
C:\Program Files (x86)\Adobe\Adobe Flash Builder 4.6\jre\bin\jpinscp.dll Win32/Ramnit.H virus
C:\Program Files (x86)\Adobe\Adobe Flash Builder 4.6\jre\bin\jpioji.dll Win32/Ramnit.H virus
C:\Program Files (x86)\Adobe\Adobe Flash Builder 4.6\jre\bin\jpishare.dll Win32/Ramnit.H virus
C:\Program Files (x86)\Adobe\Adobe Flash Builder 4.6\jre\bin\jsound.dll Win32/Ramnit.H virus
C:\Program Files (x86)\Adobe\Adobe Flash Builder 4.6\jre\bin\jsoundds.dll Win32/Ramnit.H virus
C:\Program Files (x86)\Adobe\Adobe Flash Builder 4.6\jre\bin\management.dll Win32/Ramnit.H virus
C:\Program Files (x86)\Adobe\Adobe Flash Builder 4.6\jre\bin\mlib_image.dll Win32/Ramnit.H virus
C:\Program Files (x86)\Adobe\Adobe Flash Builder 4.6\jre\bin\msvcr71.dll Win32/Ramnit.H virus
C:\Program Files (x86)\Adobe\Adobe Flash Builder 4.6\jre\bin\net.dll Win32/Ramnit.H virus
C:\Program Files (x86)\Adobe\Adobe Flash Builder 4.6\jre\bin\nio.dll Win32/Ramnit.H virus
C:\Program Files (x86)\Adobe\Adobe Flash Builder 4.6\jre\bin\npoji610.dll Win32/Ramnit.H virus
C:\Program Files (x86)\Adobe\Adobe Flash Builder 4.6\jre\bin\npt.dll Win32/Ramnit.H virus
C:\Program Files (x86)\Adobe\Adobe Flash Builder 4.6\jre\bin\regutils.dll Win32/Ramnit.H virus
C:\Program Files (x86)\Adobe\Adobe Flash Builder 4.6\jre\bin\rmi.dll Win32/Ramnit.H virus
C:\Program Files (x86)\Adobe\Adobe Flash Builder 4.6\jre\bin\splashscreen.dll Win32/Ramnit.H virus
C:\Program Files (x86)\Adobe\Adobe Flash Builder 4.6\jre\bin\sunmscapi.dll Win32/Ramnit.H virus
C:\Program Files (x86)\Adobe\Adobe Flash Builder 4.6\jre\bin\unpack.dll Win32/Ramnit.H virus
C:\Program Files (x86)\Adobe\Adobe Flash Builder 4.6\jre\bin\verify.dll Win32/Ramnit.H virus
C:\Program Files (x86)\Adobe\Adobe Flash Builder 4.6\jre\bin\wsdetect.dll Win32/Ramnit.H virus
C:\Program Files (x86)\Adobe\Adobe Flash Builder 4.6\jre\bin\zip.dll Win32/Ramnit.H virus
C:\Program Files (x86)\Adobe\Adobe Flash Builder 4.6\jre\bin\client\jvm.dll Win32/Ramnit.H virus
C:\Program Files (x86)\Adobe\Adobe Flash Builder 4.6\jre\bin\new_plugin\msvcr71.dll Win32/Ramnit.H virus
C:\Program Files (x86)\Adobe\Adobe Flash Builder 4.6\jre\bin\new_plugin\npjp2.dll Win32/Ramnit.H virus
C:\Program Files (x86)\Adobe\Adobe Flash Builder 4.6\jre\lib\deploy\lzma.dll Win32/Ramnit.H virus
C:\Program Files (x86)\Adobe\Adobe Flash Builder 4.6\jre\lib\deploy\jqs\ie\jqs_plugin.dll Win32/Ramnit.H virus
C:\Program Files (x86)\Adobe\Adobe Flash Builder 4.6\sdks\3.6.0\bin\adl.exe Win32/Ramnit.H virus
C:\Program Files (x86)\Adobe\Adobe Flash Builder 4.6\sdks\3.6.0\bin\asdoc.exe Win32/Ramnit.H virus
C:\Program Files (x86)\Adobe\Adobe Flash Builder 4.6\sdks\3.6.0\bin\compc.exe Win32/Ramnit.H virus
C:\Program Files (x86)\Adobe\Adobe Flash Builder 4.6\sdks\3.6.0\bin\copylocale.exe Win32/Ramnit.H virus
C:\Program Files (x86)\Adobe\Adobe Flash Builder 4.6\sdks\3.6.0\bin\digest.exe Win32/Ramnit.H virus
C:\Program Files (x86)\Adobe\Adobe Flash Builder 4.6\sdks\3.6.0\bin\fcsh.exe Win32/Ramnit.H virus
C:\Program Files (x86)\Adobe\Adobe Flash Builder 4.6\sdks\3.6.0\bin\fdb.exe Win32/Ramnit.H virus
C:\Program Files (x86)\Adobe\Adobe Flash Builder 4.6\sdks\3.6.0\bin\mxmlc.exe Win32/Ramnit.H virus
C:\Program Files (x86)\Adobe\Adobe Flash Builder 4.6\sdks\3.6.0\bin\optimizer.exe Win32/Ramnit.H virus
C:\Program Files (x86)\Adobe\Adobe Flash Builder 4.6\sdks\4.6.0\bin\asdoc.exe Win32/Ramnit.H virus
C:\Program Files (x86)\Adobe\Adobe Flash Builder 4.6\sdks\4.6.0\bin\compc.exe Win32/Ramnit.H virus
C:\Program Files (x86)\Adobe\Adobe Flash Builder 4.6\sdks\4.6.0\bin\copylocale.exe Win32/Ramnit.H virus
C:\Program Files (x86)\Adobe\Adobe Flash Builder 4.6\sdks\4.6.0\bin\digest.exe Win32/Ramnit.H virus
C:\Program Files (x86)\Adobe\Adobe Flash Builder 4.6\sdks\4.6.0\bin\fcsh.exe Win32/Ramnit.H virus
C:\Program Files (x86)\Adobe\Adobe Flash Builder 4.6\sdks\4.6.0\bin\fdb.exe Win32/Ramnit.H virus
C:\Program Files (x86)\Adobe\Adobe Flash Builder 4.6\sdks\4.6.0\bin\mxmlc.exe Win32/Ramnit.H virus
C:\Program Files (x86)\Adobe\Adobe Flash Builder 4.6\sdks\4.6.0\bin\optimizer.exe Win32/Ramnit.H virus
C:\Program Files (x86)\Adobe\Adobe Flash Builder 4.6\sdks\4.6.0\bin\swcdepends.exe Win32/Ramnit.H virus
C:\Program Files (x86)\Adobe\Adobe Flash Builder 4.6\sdks\4.6.0\bin\swfdump.exe Win32/Ramnit.H virus
C:\Program Files (x86)\Adobe\Adobe Flash Builder 4.6\sdks\4.6.0\lib\nai\lib\sea.exe Win32/Ramnit.H virus
C:\Program Files (x86)\Adobe\Adobe Flash Builder 4.6\sdks\4.6.0\runtimes\air\win\Adobe AIR\Versions\1.0\Resources\CaptiveAppEntry.exe Win32/Ramnit.H virus
C:\Program Files (x86)\Adobe\Adobe Flash Builder 4.6\sdks\4.6.0\runtimes\air\win\Adobe AIR\Versions\1.0\Resources\Template.exe Win32/Ramnit.H virus
C:\Program Files (x86)\Adobe\Adobe Flash Builder 4.6\sdks\4.6.0\runtimes\air-captive\win\Adobe AIR\Versions\1.0\Resources\CaptiveAppEntry.exe Win32/Ramnit.H virus
C:\Program Files (x86)\Adobe\Adobe Flash CS6\AIR3.2\lib\nai\lib\sea.exe Win32/Ramnit.H virus
C:\Program Files (x86)\Adobe\Adobe Flash CS6\AIR3.2\runtimes\air\win\Adobe AIR\Versions\1.0\Resources\CaptiveAppEntry.exe Win32/Ramnit.H virus
C:\Program Files (x86)\Adobe\Adobe Flash CS6\AIR3.2\runtimes\air\win\Adobe AIR\Versions\1.0\Resources\Template.exe Win32/Ramnit.H virus
C:\Program Files (x86)\Adobe\Adobe Flash CS6\AIR3.2\runtimes\air-captive\win\Adobe AIR\Versions\1.0\Resources\CaptiveAppEntry.exe Win32/Ramnit.H virus
C:\Program Files (x86)\Adobe\Adobe Flash CS6\Common\Configuration\authplay.dll Win32/Ramnit.H virus
C:\Program Files (x86)\Adobe\Adobe Flash CS6\Common\Configuration\MMNotes.dll Win32/Ramnit.H virus
C:\Program Files (x86)\Adobe\Adobe Flash CS6\Common\Configuration\External Libraries\EnvBrush.dll Win32/Ramnit.H virus
C:\Program Files (x86)\Adobe\Adobe Flash CS6\Common\Configuration\External Libraries\EnvCollision.dll Win32/Ramnit.H virus
C:\Program Files (x86)\Adobe\Adobe Flash CS6\Common\Configuration\External Libraries\EnvPointGrid.dll Win32/Ramnit.H virus
C:\Program Files (x86)\Adobe\Adobe Flash CS6\Common\Configuration\External Libraries\EnvStroke.dll Win32/Ramnit.H virus
C:\Program Files (x86)\Adobe\Adobe Flash CS6\Common\Configuration\External Libraries\FLBridge.dll Win32/Ramnit.H virus
C:\Program Files (x86)\Adobe\Adobe Flash CS6\Common\Configuration\External Libraries\FLfile.dll Win32/Ramnit.H virus
C:\Program Files (x86)\Adobe\Adobe Flash CS6\Common\Configuration\Simulator\SimController.exe Win32/Ramnit.H virus
C:\Program Files (x86)\Adobe\Adobe Flash CS6\Common\Configuration\TestMovie\authplay.dll Win32/Ramnit.H virus
C:\Program Files (x86)\Adobe\Adobe Help\Adobe Help.exe Win32/Ramnit.H virus
C:\Program Files (x86)\Adobe\Adobe Photoshop CS6\A3DLIBS.dll Win32/Ramnit.H virus
C:\Program Files (x86)\Adobe\Adobe Photoshop CS6\libcurl.dll Win32/Ramnit.H virus
C:\Program Files (x86)\Adobe\Adobe Photoshop CS6\libeay32.dll Win32/Ramnit.H virus
C:\Program Files (x86)\Adobe\Adobe Photoshop CS6\libexpat.dll Win32/Ramnit.H virus
C:\Program Files (x86)\Adobe\Adobe Photoshop CS6\libifcoremd.dll Win32/Ramnit.H virus
C:\Program Files (x86)\Adobe\Adobe Photoshop CS6\libmmd.dll Win32/Ramnit.H virus
C:\Program Files (x86)\Adobe\Adobe Photoshop CS6\msvcp71.dll Win32/Ramnit.H virus
C:\Program Files (x86)\Adobe\Adobe Photoshop CS6\msvcp80.dll Win32/Ramnit.H virus
C:\Program Files (x86)\Adobe\Adobe Photoshop CS6\msvcr71.dll Win32/Ramnit.H virus
C:\Program Files (x86)\Adobe\Adobe Photoshop CS6\msvcr80.dll Win32/Ramnit.H virus
C:\Program Files (x86)\Adobe\Adobe Photoshop CS6\Required\Droplet Template.exe Win32/Ramnit.H virus
C:\Program Files (x86)\Adobe\Adobe Prelude CS6\AAFCOAPI.dll Win32/Ramnit.H virus
C:\Program Files (x86)\Adobe\Adobe Prelude CS6\authplay.dll Win32/Ramnit.H virus
C:\Program Files (x86)\Adobe\Adobe Prelude CS6\AVCIntraEncoder.dll Win32/Ramnit.H virus
C:\Program Files (x86)\Adobe\Adobe Prelude CS6\libmmd.dll Win32/Ramnit.H virus
C:\Program Files (x86)\Adobe\Adobe Prelude CS6\mc_bc_dec_avc.dll Win32/Ramnit.H virus
C:\Program Files (x86)\Adobe\Adobe Prelude CS6\mc_bc_enc_avc.dll Win32/Ramnit.H virus
C:\Program Files (x86)\Adobe\Adobe Prelude CS6\mc_config_avc.dll Win32/Ramnit.H virus
C:\Program Files (x86)\Adobe\Adobe Prelude CS6\mc_config_mp2m.dll Win32/Ramnit.H virus
C:\Program Files (x86)\Adobe\Adobe Prelude CS6\mc_config_mp2v.dll Win32/Ramnit.H virus
C:\Program Files (x86)\Adobe\Adobe Prelude CS6\mc_config_mp4v.dll Win32/Ramnit.H virus
C:\Program Files (x86)\Adobe\Adobe Prelude CS6\mc_config_mpa.dll Win32/Ramnit.H virus
C:\Program Files (x86)\Adobe\Adobe Prelude CS6\mc_config_pcm.dll Win32/Ramnit.H virus
C:\Program Files (x86)\Adobe\Adobe Prelude CS6\mc_dec_aac.dll Win32/Ramnit.H virus
C:\Program Files (x86)\Adobe\Adobe Prelude CS6\mc_dec_amr.dll Win32/Ramnit.H virus
C:\Program Files (x86)\Adobe\Adobe Prelude CS6\mc_dec_avc.dll Win32/Ramnit.H virus
C:\Program Files (x86)\Adobe\Adobe Prelude CS6\mc_dec_dd.dll Win32/Ramnit.H virus
C:\Program Files (x86)\Adobe\Adobe Prelude CS6\mc_dec_dv.dll Win32/Ramnit.H virus
C:\Program Files (x86)\Adobe\Adobe Prelude CS6\mc_dec_mp2v.dll Win32/Ramnit.H virus
C:\Program Files (x86)\Adobe\Adobe Prelude CS6\mc_dec_mp4v.dll Win32/Ramnit.H virus
C:\Program Files (x86)\Adobe\Adobe Prelude CS6\mc_dec_mpa.dll Win32/Ramnit.H virus
C:\Program Files (x86)\Adobe\Adobe Prelude CS6\mc_demux_dv.dll Win32/Ramnit.H virus
C:\Program Files (x86)\Adobe\Adobe Prelude CS6\mc_demux_mp2.dll Win32/Ramnit.H virus
C:\Program Files (x86)\Adobe\Adobe Prelude CS6\mc_demux_mp4.dll Win32/Ramnit.H virus
C:\Program Files (x86)\Adobe\Adobe Prelude CS6\mc_demux_mxf.dll Win32/Ramnit.H virus
C:\Program Files (x86)\Adobe\Adobe Prelude CS6\mc_enc_aac.dll Win32/Ramnit.H virus
C:\Program Files (x86)\Adobe\Adobe Prelude CS6\mc_enc_amr.dll Win32/Ramnit.H virus
C:\Program Files (x86)\Adobe\Adobe Prelude CS6\mc_enc_avc.dll Win32/Ramnit.H virus
C:\Program Files (x86)\Adobe\Adobe Prelude CS6\mc_enc_avcsr.dll Win32/Ramnit.H virus
C:\Program Files (x86)\Adobe\Adobe Prelude CS6\mc_enc_dv.dll Win32/Ramnit.H virus
C:\Program Files (x86)\Adobe\Adobe Prelude CS6\mc_enc_mp2sr.dll Win32/Ramnit.H virus
C:\Program Files (x86)\Adobe\Adobe Prelude CS6\mc_enc_mp2v.dll Win32/Ramnit.H virus
C:\Program Files (x86)\Adobe\Adobe Prelude CS6\mc_enc_mp4v.dll Win32/Ramnit.H virus
C:\Program Files (x86)\Adobe\Adobe Prelude CS6\mc_enc_mpa.dll Win32/Ramnit.H virus
C:\Program Files (x86)\Adobe\Adobe Prelude CS6\mc_enc_pcm.dll Win32/Ramnit.H virus
C:\Program Files (x86)\Adobe\Adobe Prelude CS6\mc_mfimport.dll Win32/Ramnit.H virus
C:\Program Files (x86)\Adobe\Adobe Prelude CS6\mc_mux_dv.dll Win32/Ramnit.H virus
C:\Program Files (x86)\Adobe\Adobe Prelude CS6\mc_mux_mp2.dll Win32/Ramnit.H virus
C:\Program Files (x86)\Adobe\Adobe Prelude CS6\mc_mux_mp4.dll Win32/Ramnit.H virus
C:\Program Files (x86)\Adobe\Adobe Prelude CS6\mc_mux_mxf.dll Win32/Ramnit.H virus
C:\Program Files (x86)\Adobe\Adobe Prelude CS6\mc_trans_video_colorspace.dll Win32/Ramnit.H virus
C:\Program Files (x86)\Adobe\Adobe Prelude CS6\mc_trans_video_imagescaler.dll Win32/Ramnit.H virus
C:\Program Files (x86)\Adobe\Adobe Prelude CS6\MOG_Framework_2.2.4.dll Win32/Ramnit.H virus
C:\Program Files (x86)\Adobe\Adobe Prelude CS6\mog_xerces-c_3_0.dll Win32/Ramnit.H virus
C:\Program Files (x86)\Adobe\Adobe Prelude CS6\mog_xqilla22.dll Win32/Ramnit.H virus
C:\Program Files (x86)\Adobe\Adobe Prelude CS6\MXF_SDK_4.4.3.dll Win32/Ramnit.H virus
C:\Program Files (x86)\Adobe\Adobe Prelude CS6\MXF_SDK_GenericContainer_AES3_4.4.3.dll Win32/Ramnit.H virus
C:\Program Files (x86)\Adobe\Adobe Prelude CS6\MXF_SDK_GenericContainer_AES3_S302M_4.4.3.dll Win32/Ramnit.H virus
C:\Program Files (x86)\Adobe\Adobe Prelude CS6\MXF_SDK_GenericContainer_AIFF_1.3.3.dll Win32/Ramnit.H virus
C:\Program Files (x86)\Adobe\Adobe Prelude CS6\MXF_SDK_GenericContainer_AVI_4.4.3.dll Win32/Ramnit.H virus
C:\Program Files (x86)\Adobe\Adobe Prelude CS6\MXF_SDK_GenericContainer_Binary_1.3.3.dll Win32/Ramnit.H virus
C:\Program Files (x86)\Adobe\Adobe Prelude CS6\MXF_SDK_GenericContainer_Blind_1.3.3.dll Win32/Ramnit.H virus
C:\Program Files (x86)\Adobe\Adobe Prelude CS6\MXF_SDK_GenericContainer_D10_4.4.3.dll Win32/Ramnit.H virus
C:\Program Files (x86)\Adobe\Adobe Prelude CS6\MXF_SDK_GenericContainer_DV_4.4.3.dll Win32/Ramnit.H virus
C:\Program Files (x86)\Adobe\Adobe Prelude CS6\MXF_SDK_GenericContainer_JPEG2000_4.4.3.dll Win32/Ramnit.H virus
C:\Program Files (x86)\Adobe\Adobe Prelude CS6\MXF_SDK_GenericContainer_MPEG_AVC_1.3.3.dll Win32/Ramnit.H virus
C:\Program Files (x86)\Adobe\Adobe Prelude CS6\MXF_SDK_GenericContainer_MPEG_ESAudio_4.4.3.dll Win32/Ramnit.H virus
C:\Program Files (x86)\Adobe\Adobe Prelude CS6\MXF_SDK_GenericContainer_MPEG_MP4_1.3.3.dll Win32/Ramnit.H virus
C:\Program Files (x86)\Adobe\Adobe Prelude CS6\MXF_SDK_GenericContainer_MPEG_MPEG2Video_4.4.3.dll Win32/Ramnit.H virus
C:\Program Files (x86)\Adobe\Adobe Prelude CS6\MXF_SDK_GenericContainer_MPEG_MPEG4_4.4.3.dll Win32/Ramnit.H virus
C:\Program Files (x86)\Adobe\Adobe Prelude CS6\MXF_SDK_GenericContainer_MPEG_MPEGPS_4.4.3.dll Win32/Ramnit.H virus
C:\Program Files (x86)\Adobe\Adobe Prelude CS6\MXF_SDK_GenericContainer_MPEG_MPEGTS_4.4.3.dll Win32/Ramnit.H virus
C:\Program Files (x86)\Adobe\Adobe Prelude CS6\MXF_SDK_GenericContainer_SystemScheme1_4.4.3.dll Win32/Ramnit.H virus
C:\Program Files (x86)\Adobe\Adobe Prelude CS6\MXF_SDK_GenericContainer_VC3_1.3.3.dll Win32/Ramnit.H virus
C:\Program Files (x86)\Adobe\Adobe Prelude CS6\MXF_SDK_GenericContainer_Wave_4.4.3.dll Win32/Ramnit.H virus
C:\Program Files (x86)\Adobe\Adobe Prelude CS6\MXF_SDK_Metadata_RP224_4.4.3.dll Win32/Ramnit.H virus
C:\Program Files (x86)\Adobe\Adobe Prelude CS6\MXF_SDK_MetaMetadata_BinaryLoader_4.4.3.dll Win32/Ramnit.H virus
C:\Program Files (x86)\Adobe\Adobe Prelude CS6\MXF_SDK_MetaMetadata_XSDLoader2_4.4.3.dll Win32/Ramnit.H virus
C:\Program Files (x86)\Adobe\Adobe Prelude CS6\MXF_SDK_MetaMetadata_XSDLoader_4.4.3.dll Win32/Ramnit.H virus
C:\Program Files (x86)\Adobe\Adobe Prelude CS6\MXF_SDK_Modules_DataIO_1.3.3.dll Win32/Ramnit.H virus
C:\Program Files (x86)\Adobe\Adobe Prelude CS6\MXF_SDK_XMLBuilder_1.3.3.dll Win32/Ramnit.H virus
C:\Program Files (x86)\Adobe\Adobe Prelude CS6\MXF_SDK_XMLUtils_4.4.3.dll Win32/Ramnit.H virus
C:\Program Files (x86)\Adobe\Adobe Prelude CS6\xerces-c_3_0.dll Win32/Ramnit.H virus
C:\Program Files (x86)\Adobe\Adobe Widget Browser\Adobe Widget Browser.exe Win32/Ramnit.H virus
C:\Program Files (x86)\Battle.net\Battle.net.4944\battle.net.dll Win32/Ramnit.H virus
C:\Program Files (x86)\Battle.net\Battle.net.4944\ffmpegsumo.dll Win32/Ramnit.H virus
C:\Program Files (x86)\Battle.net\Battle.net.4944\libcef.dll Win32/Ramnit.H virus
C:\Program Files (x86)\Battle.net\Battle.net.4944\libEGL.dll Win32/Ramnit.H virus
C:\Program Files (x86)\Battle.net\Battle.net.4944\libGLESv2.dll Win32/Ramnit.H virus
C:\Program Files (x86)\Battle.net\Battle.net.4944\QtCore4.dll Win32/Ramnit.H virus
C:\Program Files (x86)\Battle.net\Battle.net.4944\QtDeclarative4.dll Win32/Ramnit.H virus
C:\Program Files (x86)\Battle.net\Battle.net.4944\QtGui4.dll Win32/Ramnit.H virus
C:\Program Files (x86)\Battle.net\Battle.net.4944\QtNetwork4.dll Win32/Ramnit.H virus
C:\Program Files (x86)\Battle.net\Battle.net.4944\QtScript4.dll Win32/Ramnit.H virus
C:\Program Files (x86)\Battle.net\Battle.net.4944\QtSql4.dll Win32/Ramnit.H virus
C:\Program Files (x86)\Battle.net\Battle.net.4944\QtXml4.dll Win32/Ramnit.H virus
C:\Program Files (x86)\Battle.net\Battle.net.4944\QtXmlPatterns4.dll Win32/Ramnit.H virus
C:\Program Files (x86)\Battle.net\Battle.net.4944\imageformats\qgif4.dll Win32/Ramnit.H virus
C:\Program Files (x86)\Battle.net\Battle.net.4944\imageformats\qico4.dll Win32/Ramnit.H virus
C:\Program Files (x86)\Battle.net\Battle.net.4944\imageformats\qjpeg4.dll Win32/Ramnit.H virus
C:\Program Files (x86)\Battle.net\Battle.net.4944\imageformats\qmng4.dll Win32/Ramnit.H virus
C:\Program Files (x86)\Battle.net\Battle.net.4944\imageformats\qsvg4.dll Win32/Ramnit.H virus
C:\Program Files (x86)\Battle.net\Battle.net.4944\imageformats\qtiff4.dll Win32/Ramnit.H virus
C:\Program Files (x86)\Common Files\Adobe\Adobe Flash CS6\jre\bin\awt.dll Win32/Ramnit.H virus
C:\Program Files (x86)\Common Files\Adobe\Adobe Flash CS6\jre\bin\axbridge.dll Win32/Ramnit.H virus
C:\Program Files (x86)\Common Files\Adobe\Adobe Flash CS6\jre\bin\cmm.dll Win32/Ramnit.H virus
C:\Program Files (x86)\Common Files\Adobe\Adobe Flash CS6\jre\bin\dcpr.dll Win32/Ramnit.H virus
C:\Program Files (x86)\Common Files\Adobe\Adobe Flash CS6\jre\bin\deploy.dll Win32/Ramnit.H virus
C:\Program Files (x86)\Common Files\Adobe\Adobe Flash CS6\jre\bin\dt_shmem.dll Win32/Ramnit.H virus
C:\Program Files (x86)\Common Files\Adobe\Adobe Flash CS6\jre\bin\dt_socket.dll Win32/Ramnit.H virus
C:\Program Files (x86)\Common Files\Adobe\Adobe Flash CS6\jre\bin\eula.dll Win32/Ramnit.H virus
C:\Program Files (x86)\Common Files\Adobe\Adobe Flash CS6\jre\bin\fontmanager.dll Win32/Ramnit.H virus
C:\Program Files (x86)\Common Files\Adobe\Adobe Flash CS6\jre\bin\hpi.dll Win32/Ramnit.H virus
C:\Program Files (x86)\Common Files\Adobe\Adobe Flash CS6\jre\bin\hprof.dll Win32/Ramnit.H virus
C:\Program Files (x86)\Common Files\Adobe\Adobe Flash CS6\jre\bin\instrument.dll Win32/Ramnit.H virus
C:\Program Files (x86)\Common Files\Adobe\Adobe Flash CS6\jre\bin\ioser12.dll Win32/Ramnit.H virus
C:\Program Files (x86)\Common Files\Adobe\Adobe Flash CS6\jre\bin\j2pcsc.dll Win32/Ramnit.H virus
C:\Program Files (x86)\Common Files\Adobe\Adobe Flash CS6\jre\bin\j2pkcs11.dll Win32/Ramnit.H virus
C:\Program Files (x86)\Common Files\Adobe\Adobe Flash CS6\jre\bin\jaas_nt.dll Win32/Ramnit.H virus
C:\Program Files (x86)\Common Files\Adobe\Adobe Flash CS6\jre\bin\java.dll Win32/Ramnit.H virus
C:\Program Files (x86)\Common Files\Adobe\Adobe Flash CS6\jre\bin\java_crw_demo.dll Win32/Ramnit.H virus
C:\Program Files (x86)\Common Files\Adobe\Adobe Flash CS6\jre\bin\jawt.dll Win32/Ramnit.H virus
C:\Program Files (x86)\Common Files\Adobe\Adobe Flash CS6\jre\bin\JdbcOdbc.dll Win32/Ramnit.H virus
C:\Program Files (x86)\Common Files\Adobe\Adobe Flash CS6\jre\bin\jdwp.dll Win32/Ramnit.H virus
C:\Program Files (x86)\Common Files\Adobe\Adobe Flash CS6\jre\bin\jkernel.dll Win32/Ramnit.H virus
C:\Program Files (x86)\Common Files\Adobe\Adobe Flash CS6\jre\bin\jli.dll Win32/Ramnit.H virus
C:\Program Files (x86)\Common Files\Adobe\Adobe Flash CS6\jre\bin\jp2native.dll Win32/Ramnit.H virus
C:\Program Files (x86)\Common Files\Adobe\Adobe Flash CS6\jre\bin\jpeg.dll Win32/Ramnit.H virus
C:\Program Files (x86)\Common Files\Adobe\Adobe Flash CS6\jre\bin\jpicom.dll Win32/Ramnit.H virus
C:\Program Files (x86)\Common Files\Adobe\Adobe Flash CS6\jre\bin\jpiexp.dll Win32/Ramnit.H virus
C:\Program Files (x86)\Common Files\Adobe\Adobe Flash CS6\jre\bin\jpinscp.dll Win32/Ramnit.H virus
C:\Program Files (x86)\Common Files\Adobe\Adobe Flash CS6\jre\bin\jpioji.dll Win32/Ramnit.H virus
C:\Program Files (x86)\Common Files\Adobe\Adobe Flash CS6\jre\bin\jpishare.dll Win32/Ramnit.H virus
C:\Program Files (x86)\Common Files\Adobe\Adobe Flash CS6\jre\bin\jsound.dll Win32/Ramnit.H virus
C:\Program Files (x86)\Common Files\Adobe\Adobe Flash CS6\jre\bin\jsoundds.dll Win32/Ramnit.H virus
C:\Program Files (x86)\Common Files\Adobe\Adobe Flash CS6\jre\bin\management.dll Win32/Ramnit.H virus
C:\Program Files (x86)\Common Files\Adobe\Adobe Flash CS6\jre\bin\mlib_image.dll Win32/Ramnit.H virus
C:\Program Files (x86)\Common Files\Adobe\Adobe Flash CS6\jre\bin\msvcr71.dll Win32/Ramnit.H virus
C:\Program Files (x86)\Common Files\Adobe\Adobe Flash CS6\jre\bin\net.dll Win32/Ramnit.H virus
C:\Program Files (x86)\Common Files\Adobe\Adobe Flash CS6\jre\bin\nio.dll Win32/Ramnit.H virus
C:\Program Files (x86)\Common Files\Adobe\Adobe Flash CS6\jre\bin\npoji610.dll Win32/Ramnit.H virus
C:\Program Files (x86)\Common Files\Adobe\Adobe Flash CS6\jre\bin\npt.dll Win32/Ramnit.H virus
C:\Program Files (x86)\Common Files\Adobe\Adobe Flash CS6\jre\bin\regutils.dll Win32/Ramnit.H virus
C:\Program Files (x86)\Common Files\Adobe\Adobe Flash CS6\jre\bin\rmi.dll Win32/Ramnit.H virus
C:\Program Files (x86)\Common Files\Adobe\Adobe Flash CS6\jre\bin\splashscreen.dll Win32/Ramnit.H virus
C:\Program Files (x86)\Common Files\Adobe\Adobe Flash CS6\jre\bin\sunmscapi.dll Win32/Ramnit.H virus
C:\Program Files (x86)\Common Files\Adobe\Adobe Flash CS6\jre\bin\unpack.dll Win32/Ramnit.H virus
C:\Program Files (x86)\Common Files\Adobe\Adobe Flash CS6\jre\bin\verify.dll Win32/Ramnit.H virus
C:\Program Files (x86)\Common Files\Adobe\Adobe Flash CS6\jre\bin\w2k_lsa_auth.dll Win32/Ramnit.H virus
C:\Program Files (x86)\Common Files\Adobe\Adobe Flash CS6\jre\bin\zip.dll Win32/Ramnit.H virus
C:\Program Files (x86)\Common Files\Adobe\Adobe Flash CS6\jre\bin\client\jvm.dll Win32/Ramnit.H virus
C:\Program Files (x86)\Common Files\Adobe\Adobe Flash CS6\jre\bin\new_plugin\msvcr71.dll Win32/Ramnit.H virus
C:\Program Files (x86)\Common Files\Adobe\Adobe Flash CS6\jre\bin\new_plugin\npjp2.dll Win32/Ramnit.H virus
C:\Program Files (x86)\Common Files\Adobe\Adobe Flash CS6\jre\lib\deploy\lzma.dll Win32/Ramnit.H virus
C:\Program Files (x86)\Common Files\Adobe\Adobe Photoshop CS6\32 bit Photoshop dlls\libifcoremd.dll Win32/Ramnit.H virus
C:\Program Files (x86)\Common Files\Adobe\Adobe Photoshop CS6\32 bit Photoshop dlls\libmmd.dll Win32/Ramnit.H virus
C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\libcurl.dll Win32/Ramnit.H virus
C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\libeay32.dll Win32/Ramnit.H virus
C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\ssleay32.dll Win32/Ramnit.H virus
C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\lib\CSXS-Installer-Hook.dll Win32/Ramnit.H virus
C:\Program Files (x86)\Common Files\Adobe\dynamiclinkmediaserver\1.0\libmmd.dll Win32/Ramnit.H virus
C:\Program Files (x86)\Common Files\Adobe\dynamiclinkmediaserver\1.0\mc_bc_dec_avc.dll Win32/Ramnit.H virus
C:\Program Files (x86)\Common Files\Adobe\dynamiclinkmediaserver\1.0\mc_bc_enc_avc.dll Win32/Ramnit.H virus
C:\Program Files (x86)\Common Files\Adobe\dynamiclinkmediaserver\1.0\mc_config_avc.dll Win32/Ramnit.H virus
C:\Program Files (x86)\Common Files\Adobe\dynamiclinkmediaserver\1.0\mc_config_mp2m.dll Win32/Ramnit.H virus
C:\Program Files (x86)\Common Files\Adobe\dynamiclinkmediaserver\1.0\mc_config_mp2v.dll Win32/Ramnit.H virus
C:\Program Files (x86)\Common Files\Adobe\dynamiclinkmediaserver\1.0\mc_config_mp4v.dll Win32/Ramnit.H virus
C:\Program Files (x86)\Common Files\Adobe\dynamiclinkmediaserver\1.0\mc_config_mpa.dll Win32/Ramnit.H virus
C:\Program Files (x86)\Common Files\Adobe\dynamiclinkmediaserver\1.0\mc_config_pcm.dll Win32/Ramnit.H virus
C:\Program Files (x86)\Common Files\Adobe\dynamiclinkmediaserver\1.0\mc_dec_aac.dll Win32/Ramnit.H virus
C:\Program Files (x86)\Common Files\Adobe\dynamiclinkmediaserver\1.0\mc_dec_amr.dll Win32/Ramnit.H virus
C:\Program Files (x86)\Common Files\Adobe\dynamiclinkmediaserver\1.0\mc_dec_avc.dll Win32/Ramnit.H virus
C:\Program Files (x86)\Common Files\Adobe\dynamiclinkmediaserver\1.0\mc_dec_dv.dll Win32/Ramnit.H virus
C:\Program Files (x86)\Common Files\Adobe\dynamiclinkmediaserver\1.0\mc_dec_mp2v.dll Win32/Ramnit.H virus
C:\Program Files (x86)\Common Files\Adobe\dynamiclinkmediaserver\1.0\mc_dec_mp4v.dll Win32/Ramnit.H virus
C:\Program Files (x86)\Common Files\Adobe\dynamiclinkmediaserver\1.0\mc_dec_mpa.dll Win32/Ramnit.H virus
C:\Program Files (x86)\Common Files\Adobe\dynamiclinkmediaserver\1.0\mc_demux_dv.dll Win32/Ramnit.H virus
C:\Program Files (x86)\Common Files\Adobe\dynamiclinkmediaserver\1.0\mc_demux_mp2.dll Win32/Ramnit.H virus
C:\Program Files (x86)\Common Files\Adobe\dynamiclinkmediaserver\1.0\mc_demux_mp4.dll Win32/Ramnit.H virus
C:\Program Files (x86)\Common Files\Adobe\dynamiclinkmediaserver\1.0\mc_demux_mxf.dll Win32/Ramnit.H virus
C:\Program Files (x86)\Common Files\Adobe\dynamiclinkmediaserver\1.0\mc_enc_aac.dll Win32/Ramnit.H virus
C:\Program Files (x86)\Common Files\Adobe\dynamiclinkmediaserver\1.0\mc_enc_amr.dll Win32/Ramnit.H virus
C:\Program Files (x86)\Common Files\Adobe\dynamiclinkmediaserver\1.0\mc_enc_avc.dll Win32/Ramnit.H virus
C:\Program Files (x86)\Common Files\Adobe\dynamiclinkmediaserver\1.0\mc_enc_avcsr.dll Win32/Ramnit.H virus
C:\Program Files (x86)\Common Files\Adobe\dynamiclinkmediaserver\1.0\mc_enc_dv.dll Win32/Ramnit.H virus
C:\Program Files (x86)\Common Files\Adobe\dynamiclinkmediaserver\1.0\mc_enc_mp2sr.dll Win32/Ramnit.H virus
C:\Program Files (x86)\Common Files\Adobe\dynamiclinkmediaserver\1.0\mc_enc_mp2v.dll Win32/Ramnit.H virus
C:\Program Files (x86)\Common Files\Adobe\dynamiclinkmediaserver\1.0\mc_enc_mp4v.dll Win32/Ramnit.H virus
C:\Program Files (x86)\Common Files\Adobe\dynamiclinkmediaserver\1.0\mc_enc_mpa.dll Win32/Ramnit.H virus
C:\Program Files (x86)\Common Files\Adobe\dynamiclinkmediaserver\1.0\mc_enc_pcm.dll Win32/Ramnit.H virus
C:\Program Files (x86)\Common Files\Adobe\dynamiclinkmediaserver\1.0\mc_mfimport.dll Win32/Ramnit.H virus
C:\Program Files (x86)\Common Files\Adobe\dynamiclinkmediaserver\1.0\mc_mux_dv.dll Win32/Ramnit.H virus
C:\Program Files (x86)\Common Files\Adobe\dynamiclinkmediaserver\1.0\mc_mux_mp2.dll Win32/Ramnit.H virus
C:\Program Files (x86)\Common Files\Adobe\dynamiclinkmediaserver\1.0\mc_mux_mp4.dll Win32/Ramnit.H virus
C:\Program Files (x86)\Common Files\Adobe\dynamiclinkmediaserver\1.0\mc_mux_mxf.dll Win32/Ramnit.H virus
C:\Program Files (x86)\Common Files\Adobe\dynamiclinkmediaserver\1.0\mc_trans_video_colorspace.dll Win32/Ramnit.H virus
C:\Program Files (x86)\Common Files\Adobe\dynamiclinkmediaserver\1.0\mc_trans_video_imagescaler.dll Win32/Ramnit.H virus
C:\Program Files (x86)\Common Files\Adobe\dynamiclinkmediaserver\1.0\MOG_Framework_2.2.4.dll Win32/Ramnit.H virus
C:\Program Files (x86)\Common Files\Adobe\dynamiclinkmediaserver\1.0\mog_xerces-c_3_0.dll Win32/Ramnit.H virus
C:\Program Files (x86)\Common Files\Adobe\dynamiclinkmediaserver\1.0\mog_xqilla22.dll Win32/Ramnit.H virus
C:\Program Files (x86)\Common Files\Adobe\dynamiclinkmediaserver\1.0\MXF_SDK_4.4.3.dll Win32/Ramnit.H virus
C:\Program Files (x86)\Common Files\Adobe\dynamiclinkmediaserver\1.0\MXF_SDK_GenericContainer_AES3_4.4.3.dll Win32/Ramnit.H virus
C:\Program Files (x86)\Common Files\Adobe\dynamiclinkmediaserver\1.0\MXF_SDK_GenericContainer_AES3_S302M_4.4.3.dll Win32/Ramnit.H virus
C:\Program Files (x86)\Common Files\Adobe\dynamiclinkmediaserver\1.0\MXF_SDK_GenericContainer_AVI_4.4.3.dll Win32/Ramnit.H virus
C:\Program Files (x86)\Common Files\Adobe\dynamiclinkmediaserver\1.0\MXF_SDK_GenericContainer_D10_4.4.3.dll Win32/Ramnit.H virus
C:\Program Files (x86)\Common Files\Adobe\dynamiclinkmediaserver\1.0\MXF_SDK_GenericContainer_DV_4.4.3.dll Win32/Ramnit.H virus
C:\Program Files (x86)\Common Files\Adobe\dynamiclinkmediaserver\1.0\MXF_SDK_GenericContainer_JPEG2000_4.4.3.dll Win32/Ramnit.H virus
C:\Program Files (x86)\Common Files\Adobe\dynamiclinkmediaserver\1.0\MXF_SDK_GenericContainer_MPEG_ESAudio_4.4.3.dll Win32/Ramnit.H virus
C:\Program Files (x86)\Common Files\Adobe\dynamiclinkmediaserver\1.0\MXF_SDK_GenericContainer_MPEG_MPEG2Video_4.4.3.dll Win32/Ramnit.H virus
C:\Program Files (x86)\Common Files\Adobe\dynamiclinkmediaserver\1.0\MXF_SDK_GenericContainer_MPEG_MPEG4_4.4.3.dll Win32/Ramnit.H virus
C:\Program Files (x86)\Common Files\Adobe\dynamiclinkmediaserver\1.0\MXF_SDK_GenericContainer_MPEG_MPEGPS_4.4.3.dll Win32/Ramnit.H virus
C:\Program Files (x86)\Common Files\Adobe\dynamiclinkmediaserver\1.0\MXF_SDK_GenericContainer_MPEG_MPEGTS_4.4.3.dll Win32/Ramnit.H virus
C:\Program Files (x86)\Common Files\Adobe\dynamiclinkmediaserver\1.0\MXF_SDK_GenericContainer_SystemScheme1_4.4.3.dll Win32/Ramnit.H virus
C:\Program Files (x86)\Common Files\Adobe\dynamiclinkmediaserver\1.0\MXF_SDK_GenericContainer_Wave_4.4.3.dll Win32/Ramnit.H virus
C:\Program Files (x86)\Common Files\Adobe\dynamiclinkmediaserver\1.0\MXF_SDK_Metadata_RP224_4.4.3.dll Win32/Ramnit.H virus
C:\Program Files (x86)\Common Files\Adobe\dynamiclinkmediaserver\1.0\MXF_SDK_MetaMetadata_BinaryLoader_4.4.3.dll Win32/Ramnit.H virus
C:\Program Files (x86)\Common Files\Adobe\dynamiclinkmediaserver\1.0\MXF_SDK_MetaMetadata_XSDLoader2_4.4.3.dll Win32/Ramnit.H virus
C:\Program Files (x86)\Common Files\Adobe\dynamiclinkmediaserver\1.0\MXF_SDK_MetaMetadata_XSDLoader_4.4.3.dll Win32/Ramnit.H virus
C:\Program Files (x86)\Common Files\Adobe\dynamiclinkmediaserver\1.0\MXF_SDK_XMLUtils_4.4.3.dll Win32/Ramnit.H virus
C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Resources\Adobe AIR Updater.exe Win32/Ramnit.H virus
C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Resources\template.exe Win32/Ramnit.H virus
C:\Program Files (x86)\Common Files\Blizzard Entertainment\Battle.net\msvcr71.dll Win32/Ramnit.H virus
C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\11\50\Intel32\iscript.dll Win32/Ramnit.H virus
C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\11\50\Intel32\iuser.dll Win32/Ramnit.H virus
C:\Program Files (x86)\Common Files\Intel\OpenCL\bin\x86\clang_compiler32.dll Win32/Ramnit.H virus
C:\Program Files (x86)\Common Files\Intel\OpenCL\bin\x86\cpu_device32.dll Win32/Ramnit.H virus
C:\Program Files (x86)\Common Files\Intel\OpenCL\bin\x86\intelocl32.dll Win32/Ramnit.H virus
C:\Program Files (x86)\Common Files\Intel\OpenCL\bin\x86\OclCpuBackend32.dll Win32/Ramnit.H virus
C:\Program Files (x86)\Common Files\Intel\OpenCL\bin\x86\task_executor32.dll Win32/Ramnit.H virus
C:\Program Files (x86)\Common Files\Intel\OpenCL\bin\x86\__ocl_svml_g9.dll Win32/Ramnit.H virus
C:\Program Files (x86)\Common Files\Intel\OpenCL\bin\x86\__ocl_svml_n8.dll Win32/Ramnit.H virus
C:\Program Files (x86)\Common Files\Intel\OpenCL\bin\x86\__ocl_svml_s9.dll Win32/Ramnit.H virus
C:\Program Files (x86)\Common Files\microsoft shared\VC\msdia80.dll Win32/Ramnit.H virus
C:\Program Files (x86)\Creative\Shared Files\CTRegSvr.exe Win32/Ramnit.H virus
C:\Program Files (x86)\Creative\Shared Files\Software Update\CTCRC.dll Win32/Ramnit.H virus
C:\Program Files (x86)\Creative\Shared Files\Software Update\CTSURun.exe Win32/Ramnit.H virus
C:\Program Files (x86)\Creative\Shared Files\Software Update\CTXMLPsr.dll Win32/Ramnit.H virus
C:\Program Files (x86)\Creative\Shared Files\Software Update\HookWnd.dll Win32/Ramnit.H virus
C:\Program Files (x86)\Creative\Shared Files\Software Update\SUConnect.htm Win32/Ramnit.A virus
C:\Program Files (x86)\Creative\Sound Blaster Cinema 2\Sound Blaster Cinema 2\audfreq.dll Win32/Ramnit.H virus
C:\Program Files (x86)\Creative\Sound Blaster Cinema 2\Sound Blaster Cinema 2\audproc.dll Win32/Ramnit.H virus
C:\Program Files (x86)\Creative\Sound Blaster Cinema 2\Sound Blaster Cinema 2\audpzero.dll Win32/Ramnit.H virus
C:\Program Files (x86)\Creative\Sound Blaster Cinema 2\Sound Blaster Cinema 2\audzero.exe Win32/Ramnit.H virus
C:\Program Files (x86)\Creative\Sound Blaster Cinema 2\Sound Blaster Cinema 2\CTAudEp.dll Win32/Ramnit.H virus
C:\Program Files (x86)\Creative\Sound Blaster Cinema 2\Sound Blaster Cinema 2\CTGetPdt.dll Win32/Ramnit.H virus
C:\Program Files (x86)\Creative\Sound Blaster Cinema 2\Sound Blaster Cinema 2\CTGetPdt_bak.dll Win32/Ramnit.H virus
C:\Program Files (x86)\Creative\Sound Blaster Cinema 2\Sound Blaster Cinema 2\CTLoadRs.dll Win32/Ramnit.H virus
C:\Program Files (x86)\Creative\Sound Blaster Cinema 2\Sound Blaster Cinema 2\CTMFSess.dll Win32/Ramnit.H virus
C:\Program Files (x86)\Creative\Sound Blaster Cinema 2\Sound Blaster Cinema 2\CTSUSDKu.dll Win32/Ramnit.H virus
C:\Program Files (x86)\Creative\Sound Blaster Cinema 2\Sound Blaster Cinema 2\CTSUUtil.dll Win32/Ramnit.H virus
C:\Program Files (x86)\Creative\Sound Blaster Cinema 2\Sound Blaster Cinema 2\HKDetect.dll Win32/Ramnit.H virus
C:\Program Files (x86)\Creative\Sound Blaster Cinema 2\Sound Blaster Cinema 2\HookWndU.dll Win32/Ramnit.H virus
C:\Program Files (x86)\Creative\Sound Blaster Cinema 2\Sound Blaster Cinema 2\HWAboutU.DLL Win32/Ramnit.H virus
C:\Program Files (x86)\Creative\Sound Blaster Cinema 2\Sound Blaster Cinema 2\MalLgcy.dll Win32/Ramnit.H virus
C:\Program Files (x86)\EA Games\Battlefield Heroes\BF2OpenAL.dll Win32/Ramnit.H virus
C:\Program Files (x86)\EA Games\Battlefield Heroes\BFHeroes.exe Win32/Ramnit.H virus
C:\Program Files (x86)\EA Games\Battlefield Heroes\dbghelp.dll Win32/Ramnit.H virus
C:\Program Files (x86)\EA Games\Battlefield Heroes\dice_py.dll Win32/Ramnit.H virus
C:\Program Files (x86)\EA Games\Battlefield Heroes\EasyWeb.dll Win32/Ramnit.H virus
C:\Program Files (x86)\EA Games\Battlefield Heroes\MemoryDll.dll Win32/Ramnit.H virus
C:\Program Files (x86)\EA Games\Battlefield Heroes\mfc70.dll Win32/Ramnit.H virus
C:\Program Files (x86)\EA Games\Battlefield Heroes\MFC71.dll Win32/Ramnit.H virus
C:\Program Files (x86)\EA Games\Battlefield Heroes\mss32.dll Win32/Ramnit.H virus
C:\Program Files (x86)\EA Games\Battlefield Heroes\msvci70.dll Win32/Ramnit.H virus
C:\Program Files (x86)\EA Games\Battlefield Heroes\msvcp70.dll Win32/Ramnit.H virus
C:\Program Files (x86)\EA Games\Battlefield Heroes\msvcp71.dll Win32/Ramnit.H virus
C:\Program Files (x86)\EA Games\Battlefield Heroes\msvcp80.dll Win32/Ramnit.H virus
C:\Program Files (x86)\EA Games\Battlefield Heroes\msvcp80d.dll Win32/Ramnit.H virus
C:\Program Files (x86)\EA Games\Battlefield Heroes\msvcr70.dll Win32/Ramnit.H virus
C:\Program Files (x86)\EA Games\Battlefield Heroes\msvcr71.dll Win32/Ramnit.H virus
C:\Program Files (x86)\EA Games\Battlefield Heroes\msvcr80.dll Win32/Ramnit.H virus
C:\Program Files (x86)\EA Games\Battlefield Heroes\msvcr80d.dll Win32/Ramnit.H virus
C:\Program Files (x86)\EA Games\Battlefield Heroes\PCRegExp.dll Win32/Ramnit.H virus
C:\Program Files (x86)\EA Games\Battlefield Heroes\RendDX9.dll Win32/Ramnit.H virus
C:\Program Files (x86)\EA Games\Battlefield Heroes\SoundEngine.dll Win32/Ramnit.H virus
C:\Program Files (x86)\EA Games\Battlefield Heroes\SwiffPlayer.dll Win32/Ramnit.H virus
C:\Program Files (x86)\EA Games\Battlefield Heroes\Uninstaller.exe Win32/Ramnit.H virus
C:\Program Files (x86)\EA Games\Battlefield Heroes\zlib122.dll Win32/Ramnit.H virus
C:\Program Files (x86)\EA Games\Battlefield Heroes\pb\pbag.dll Win32/Ramnit.H virus
C:\Program Files (x86)\EA Games\Battlefield Heroes\pb\pbags.dll Win32/Ramnit.H virus
C:\Program Files (x86)\EA Games\Battlefield Heroes\pb\pbsv.dll Win32/Ramnit.H virus
C:\Program Files (x86)\EA Games\Battlefield Heroes\pb\dll\wa001376.dll Win32/Ramnit.H virus
C:\Program Files (x86)\EA Games\Battlefield Heroes\pb\dll\ws001821.dll Win32/Ramnit.H virus
C:\Program Files (x86)\EaseUS\EaseUS Data Recovery Wizard\dbghelp.dll Win32/Ramnit.H virus
C:\Program Files (x86)\EaseUS\EaseUS Data Recovery Wizard\EuActiveOnline.dll Win32/Ramnit.H virus
C:\Program Files (x86)\EaseUS\EaseUS Data Recovery Wizard\GDIPLUS.DLL Win32/Ramnit.H virus
C:\Program Files (x86)\EaseUS\EaseUS Data Recovery Wizard\INETWH32.dll Win32/Ramnit.H virus
C:\Program Files (x86)\EaseUS\EaseUS Data Recovery Wizard\ROBOEX32.DLL Win32/Ramnit.H virus
C:\Program Files (x86)\EaseUS\EaseUS Data Recovery Wizard\uexper.dll Win32/Ramnit.H virus
C:\Program Files (x86)\HD Tune Pro\HDTunePro.exe Win32/Ramnit.H virus
C:\Program Files (x86)\HD Tune Pro\HDTuneProDriveStatus.exe Win32/Ramnit.H virus
C:\Program Files (x86)\InstallShield Installation Information\{1F561AD0-55E0-4B00-9429-C727DD525977}\CTCABEX.DLL Win32/Ramnit.H virus
C:\Program Files (x86)\InstallShield Installation Information\{80D92E50-9674-44B6-8513-853AB60030A0}\CTCABEX.DLL Win32/Ramnit.H virus
C:\Program Files (x86)\InstallShield Installation Information\{88B1984E-36F0-47B8-B8DC-728966807A9C}\CTCABEX.DLL Win32/Ramnit.H virus
C:\Program Files (x86)\InstallShield Installation Information\{A11DFDF1-93CD-40DD-84AB-ECEB55A766F4}\CTCABEX.DLL Win32/Ramnit.H virus
C:\Program Files (x86)\InstallShield Installation Information\{B4F6F8CC-2C61-42CC-A4CC-76621F25BDC7}\CTCABEX.DLL Win32/Ramnit.H virus
C:\Program Files (x86)\Intel\iCLS Client\libeay32.dll Win32/Ramnit.H virus
C:\Program Files (x86)\Intel\iCLS Client\ssleay32.dll Win32/Ramnit.H virus
C:\Program Files (x86)\LOOT\LOOT.exe Win32/Ramnit.H virus
C:\Program Files (x86)\MediaMonkey\4gb_patch.exe Win32/Ramnit.H virus
C:\Program Files (x86)\MediaMonkey\iPhoneCalc.dll Win32/Ramnit.H virus
C:\Program Files (x86)\MediaMonkey\libeay32.dll Win32/Ramnit.H virus
C:\Program Files (x86)\MediaMonkey\ogg.dll Win32/Ramnit.H virus
C:\Program Files (x86)\MediaMonkey\SQLite3MM.dll Win32/Ramnit.H virus
C:\Program Files (x86)\MediaMonkey\ssleay32.dll Win32/Ramnit.H virus
C:\Program Files (x86)\MediaMonkey\vorbis.dll Win32/Ramnit.H virus
C:\Program Files (x86)\MediaMonkey\Plugins\dsp_DeFX.dll Win32/Ramnit.H virus
C:\Program Files (x86)\MediaMonkey\Plugins\in_ape.dll Win32/Ramnit.H virus
C:\Program Files (x86)\MediaMonkey\Plugins\in_mpc.dll Win32/Ramnit.H virus
C:\Program Files (x86)\MediaMonkey\Plugins\out_wave.dll Win32/Ramnit.H virus
C:\Program Files (x86)\MediaMonkey\Plugins\vis_milk.dll Win32/Ramnit.H virus
C:\Program Files (x86)\MediaMonkey\Plugins\vms_desktop.dll Win32/Ramnit.H virus
C:\Program Files (x86)\MediaMonkey\Plugins\DXFilters\QTSourcePXT.dll Win32/Ramnit.H virus
C:\Program Files (x86)\MediaMonkey\Plugins\DXFilters\WMFDemux.dll Win32/Ramnit.H virus
C:\Program Files (x86)\MSI\Command Center\MSIControlService.exe Win32/Ramnit.H virus
C:\Program Files (x86)\MSI\Command Center\MSISaveLoadAP.exe Win32/Ramnit.H virus
C:\Program Files (x86)\MSI\Command Center\Smbios.dll Win32/Ramnit.H virus
C:\Program Files (x86)\MSI\Command Center\WMIDLL.dll Win32/Ramnit.H virus
C:\Program Files (x86)\MSI\Command Center\BIOSData\SCEWIN.exe Win32/Ramnit.H virus
C:\Program Files (x86)\MSI\Command Center\ClockGen\IccLibDll.dll Win32/Ramnit.H virus
C:\Program Files (x86)\MSI\Command Center\ClockGen\CPU_Frequency\CPU_Frequency.exe Win32/Ramnit.H virus
C:\Program Files (x86)\MSI\Command Center\CPU\CPU_Ratio\CPU_Ratio.exe Win32/Ramnit.H virus
C:\Program Files (x86)\MSI\Command Center\Lib\WaitCursorDLL.dll Win32/Ramnit.H virus
C:\Program Files (x86)\MSI\Command Center\MSI_RAMDisk\MSIRAMImage.exe Win32/Ramnit.H virus
C:\Program Files (x86)\MSI\Command Center\MSI_RAMDisk\SetupRAMDisk\MSI_RAMDrive_Installer.exe Win32/Ramnit.H virus
C:\Program Files (x86)\MSI\Live Update\GLM7x.dll Win32/Ramnit.H virus
C:\Program Files (x86)\MSI\Live Update\Live Updatemgr.exe Win32/Ramnit.AY virus
C:\Program Files (x86)\MSI\Live Update\nvapi9x.dll Win32/Ramnit.H virus
C:\Program Files (x86)\MSI\Live Update\nvgpio.dll Win32/Ramnit.H virus
C:\Program Files (x86)\MSI\Live Update\Setupx32.exe Win32/Ramnit.H virus
C:\Program Files (x86)\MSI\Live Update\unrar.dll Win32/Ramnit.H virus
C:\Program Files (x86)\MSI\Live Update\ATI\ATIFlash.exe Win32/Ramnit.H virus
C:\Program Files (x86)\MSI\Live Update\ATI\ATIFLROM.dll Win32/Ramnit.H virus
C:\Program Files (x86)\MSI\Live Update\FlashUty\AMI\WinSFI.exe Win32/Ramnit.H virus
C:\Program Files (x86)\MSI\Live Update\FlashUty\AMI\WinSFI\WinSFI.exe Win32/Ramnit.H virus
C:\Program Files (x86)\MSI\Live Update\FlashUty\Atiflash\AtiFlash.exe Win32/Ramnit.H virus
C:\Program Files (x86)\MSI\Live Update\FlashUty\Atiflash\ATIWinflash.exe Win32/Ramnit.H virus
C:\Program Files (x86)\MSI\Live Update\FlashUty\Atiflash\ULPSCtrl.dll Win32/Ramnit.H virus
C:\Program Files (x86)\MSI\Live Update\FlashUty\Award\WinFlash.exe Win32/Ramnit.H virus
C:\Program Files (x86)\MSI\Live Update\FlashUty\NB\AFUWIN\UCOREDLL.DLL Win32/Ramnit.H virus
C:\Program Files (x86)\MSI\Live Update\FlashUty\Nvflash\nvflash.exe Win32/Ramnit.H virus
C:\Program Files (x86)\MSI\Live Update\LU5\DL_FILE\Intel_USB3.0_Drivers_3.0.0.34\USB3Ver.dll Win32/Ramnit.H virus
C:\Program Files (x86)\MSI\Live Update\LU5\DL_FILE\Intel_USB3.0_Drivers_3.0.0.34\apps\iusb3mon.dll Win32/Ramnit.H virus
C:\Program Files (x86)\MSI\Live Update\LU5\DL_FILE\Realtek_HD_Audio_Drivers_6.0.1.7245\Vista\CreateRtkToastLnk.exe Win32/Ramnit.H virus
C:\Program Files (x86)\MSI\Live Update\LU5\DL_FILE\Realtek_HD_Audio_Drivers_6.0.1.7245\Vista\WavesSysSvc.exe Win32/Ramnit.H virus
C:\Program Files (x86)\MSI\Live Update\LU5\DL_FILE\Realtek_HD_Audio_Drivers_6.0.1.7245\Vista64\CreateRtkToastLnk.exe Win32/Ramnit.H virus
C:\Program Files (x86)\MSI\MSI Gaming APP\GamingAppmgr.exe Win32/Ramnit.AY virus
C:\Program Files (x86)\MSI\MSI Gaming APP\Lib\NDA.dll Win32/Ramnit.H virus
C:\Program Files (x86)\Notepad++\updater\gpup.exe Win32/Ramnit.H virus
C:\Program Files (x86)\Notepad++\updater\GUP.exe Win32/Ramnit.H virus
C:\Program Files (x86)\Notepad++\updater\libcurl.dll Win32/Ramnit.H virus
C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvsttest.exe Win32/Ramnit.H virus
C:\Program Files (x86)\Origin\3RDPARTYLICENSES.HTML Win32/Ramnit.A virus
C:\Program Files (x86)\Origin\3RDPARTYLICENSES_FR.HTML Win32/Ramnit.A virus
C:\Program Files (x86)\Origin\icuin51.dll Win32/Ramnit.H virus
C:\Program Files (x86)\Origin\icuuc51.dll Win32/Ramnit.H virus
C:\Program Files (x86)\Origin\libeay32.dll Win32/Ramnit.H virus
C:\Program Files (x86)\Origin\Qt5Core.dll Win32/Ramnit.H virus
C:\Program Files (x86)\Origin\Qt5Gui.dll Win32/Ramnit.H virus
C:\Program Files (x86)\Origin\Qt5Multimedia.dll Win32/Ramnit.H virus
C:\Program Files (x86)\Origin\Qt5MultimediaWidgets.dll Win32/Ramnit.H virus
C:\Program Files (x86)\Origin\Qt5Network.dll Win32/Ramnit.H virus
C:\Program Files (x86)\Origin\Qt5OpenGL.dll Win32/Ramnit.H virus
C:\Program Files (x86)\Origin\Qt5PrintSupport.dll Win32/Ramnit.H virus
C:\Program Files (x86)\Origin\Qt5Qml.dll Win32/Ramnit.H virus
C:\Program Files (x86)\Origin\Qt5Quick.dll Win32/Ramnit.H virus
C:\Program Files (x86)\Origin\Qt5Sensors.dll Win32/Ramnit.H virus
C:\Program Files (x86)\Origin\Qt5Sql.dll Win32/Ramnit.H virus
C:\Program Files (x86)\Origin\Qt5V8.dll Win32/Ramnit.H virus
C:\Program Files (x86)\Origin\Qt5WebKit.dll Win32/Ramnit.H virus
C:\Program Files (x86)\Origin\Qt5WebKitWidgets.dll Win32/Ramnit.H virus
C:\Program Files (x86)\Origin\Qt5Widgets.dll Win32/Ramnit.H virus
C:\Program Files (x86)\Origin\Qt5Xml.dll Win32/Ramnit.H virus
C:\Program Files (x86)\Origin\Qt5XmlPatterns.dll Win32/Ramnit.H virus
C:\Program Files (x86)\Origin\ssleay32.dll Win32/Ramnit.H virus
C:\Program Files (x86)\Origin\twitchsdk_32_release.dll Win32/Ramnit.H virus
C:\Program Files (x86)\Origin\imageformats\qgif.dll Win32/Ramnit.H virus
C:\Program Files (x86)\Origin\imageformats\qico.dll Win32/Ramnit.H virus
C:\Program Files (x86)\Origin\imageformats\qjpeg.dll Win32/Ramnit.H virus
C:\Program Files (x86)\Origin\imageformats\qmng.dll Win32/Ramnit.H virus
C:\Program Files (x86)\Origin\imageformats\qsvg.dll Win32/Ramnit.H virus
C:\Program Files (x86)\Origin\imageformats\qtga.dll Win32/Ramnit.H virus
C:\Program Files (x86)\Origin\imageformats\qtiff.dll Win32/Ramnit.H virus
C:\Program Files (x86)\Origin\imageformats\qwbmp.dll Win32/Ramnit.H virus
C:\Program Files (x86)\Origin\legacyPM\QtCore4.dll Win32/Ramnit.H virus
C:\Program Files (x86)\Origin\legacyPM\QtGui4.dll Win32/Ramnit.H virus
C:\Program Files (x86)\Origin\mediaservice\dsengine.dll Win32/Ramnit.H virus
C:\Program Files (x86)\Origin\mediaservice\qtmedia_audioengine.dll Win32/Ramnit.H virus
C:\Program Files (x86)\Origin\mediaservice\wmfengine.dll Win32/Ramnit.H virus
C:\Program Files (x86)\Origin\platforms\qminimal.dll Win32/Ramnit.H virus
C:\Program Files (x86)\Origin\platforms\qwindows.dll Win32/Ramnit.H virus
C:\Program Files (x86)\Origin\printsupport\windowsprintersupport.dll Win32/Ramnit.H virus
C:\Program Files (x86)\PCSX2 1.2.1\w32pthreads.v3.dll Win32/Ramnit.H virus
C:\Program Files (x86)\PCSX2 1.2.1\w32pthreads.v4.dll Win32/Ramnit.H virus
C:\Program Files (x86)\PCSX2 1.2.1\Plugins\cdvdGigaherz.dll Win32/Ramnit.H virus
C:\Program Files (x86)\PCSX2 1.2.1\Plugins\cdvdiso-r5875.dll Win32/Ramnit.H virus
C:\Program Files (x86)\PCSX2 1.2.1\Plugins\CDVDnull.dll Win32/Ramnit.H virus
C:\Program Files (x86)\PCSX2 1.2.1\Plugins\DEV9null.dll Win32/Ramnit.H virus
C:\Program Files (x86)\PCSX2 1.2.1\Plugins\FWnull.dll Win32/Ramnit.H virus
C:\Program Files (x86)\PCSX2 1.2.1\Plugins\gsdx32-avx-r5875.dll Win32/Ramnit.H virus
C:\Program Files (x86)\PCSX2 1.2.1\Plugins\gsdx32-avx2-r5875.dll Win32/Ramnit.H virus
C:\Program Files (x86)\PCSX2 1.2.1\Plugins\gsdx32-sse2-r5875.dll Win32/Ramnit.H virus
C:\Program Files (x86)\PCSX2 1.2.1\Plugins\gsdx32-sse4-r5875.dll Win32/Ramnit.H virus
C:\Program Files (x86)\PCSX2 1.2.1\Plugins\gsdx32-ssse3-r5875.dll Win32/Ramnit.H virus
C:\Program Files (x86)\PCSX2 1.2.1\Plugins\GSnull.dll Win32/Ramnit.H virus
C:\Program Files (x86)\PCSX2 1.2.1\Plugins\lilypad-r5875.dll Win32/Ramnit.H virus
C:\Program Files (x86)\PCSX2 1.2.1\Plugins\padPokopom.dll Win32/Ramnit.H virus
C:\Program Files (x86)\PCSX2 1.2.1\Plugins\PadSSSPSX.dll Win32/Ramnit.H virus
C:\Program Files (x86)\PCSX2 1.2.1\Plugins\spu2-x-r5875.dll Win32/Ramnit.H virus
C:\Program Files (x86)\PCSX2 1.2.1\Plugins\USBnull.dll Win32/Ramnit.H virus
C:\Program Files (x86)\PCSX2 1.2.1\Plugins\zerogs-r5875.dll Win32/Ramnit.H virus
C:\Program Files (x86)\PCSX2 1.2.1\Plugins\zerospu2-r5875.dll Win32/Ramnit.H virus
C:\Program Files (x86)\QuickTime\QTSystem\ExportControllerPS.dll Win32/Ramnit.H virus
C:\Program Files (x86)\QuickTime\QTSystem\QuickTimeUpdateHelper.exe Win32/Ramnit.H virus
C:\Program Files (x86)\QuickTime\QTSystem\CoreVideo.Resources\en.lproj\CoreVideoLocalized.dll Win32/Ramnit.H virus
C:\Program Files (x86)\QuickTime\QTSystem\QuickTime.Resources\QuickTime.dll Win32/Ramnit.H virus
C:\Program Files (x86)\QuickTime\QTSystem\QuickTime.Resources\en.lproj\QuickTimeLocalized.dll Win32/Ramnit.H virus
C:\Program Files (x86)\QuickTime\QTSystem\QuickTimeAudioSupport.Resources\en.lproj\QuickTimeAudioSupportLocalized.dll Win32/Ramnit.H virus
C:\Program Files (x86)\QuickTime\QTSystem\QuickTimeAuthoring.Resources\en.lproj\QuickTimeAuthoringLocalized.dll Win32/Ramnit.H virus
C:\Program Files (x86)\QuickTime\QTSystem\QuickTimeStreaming.Resources\en.lproj\QuickTimeStreamingLocalized.dll Win32/Ramnit.H virus
C:\Program Files (x86)\QuickTime\QTSystem\QuickTimeWebHelper.Resources\QuickTimeWebHelper.dll Win32/Ramnit.H virus
C:\Program Files (x86)\QuickTime\QTSystem\QuickTimeWebHelper.Resources\en.lproj\QuickTimeWebHelperLocalized.dll Win32/Ramnit.H virus
C:\Program Files (x86)\Steam\libav_h264-55.dll Win32/Ramnit.H virus
C:\Program Files (x86)\Steam\Steammgr.exe Win32/Ramnit.AY virus
C:\Program Files (x86)\Steam\SteamApps\common\race 07\binkw32.dll Win32/Ramnit.H virus
C:\Program Files (x86)\Steam\SteamApps\common\race 07\Config.exe Win32/Ramnit.H virus
C:\Program Files (x86)\Steam\SteamApps\common\race 07\mss32.dll Win32/Ramnit.H virus
C:\Program Files (x86)\Steam\SteamApps\common\race 07\RaceDedicatedServer_Steam.exe Win32/Ramnit.H virus
C:\Program Files (x86)\Steam\SteamApps\common\race 07\Race_Steam.exe Win32/Ramnit.H virus
C:\Program Files (x86)\Steam\SteamApps\common\race 07\Registration_Steam.exe Win32/Ramnit.H virus
C:\Program Files (x86)\Steam\SteamApps\common\race 07\ResultReporter.exe Win32/Ramnit.H virus
C:\Program Files (x86)\Steam\SteamApps\common\race 07\SteamExpansionApp.exe Win32/Ramnit.H virus
C:\Program Files (x86)\Steam\SteamApps\common\race 07\SteamProxy.exe Win32/Ramnit.H virus
C:\Program Files (x86)\Steam\SteamApps\common\race 07\steam_api.dll Win32/Ramnit.H virus
C:\ProgramData\Intel\Package Cache\{1CEAC85D-2590-4760-800F-8DE5E91F3700}\Setup.exe Win32/Ramnit.H virus
C:\ProgramData\Logishrd\SetPointP\Devices\PointingDevice\100006C\air-zoom.html Win32/Ramnit.A virus
C:\ProgramData\Logishrd\SetPointP\Devices\PointingDevice\100006C\back-freeze.html Win32/Ramnit.A virus
C:\ProgramData\Logishrd\SetPointP\Devices\PointingDevice\100006C\menucast.html Win32/Ramnit.A virus
C:\ProgramData\Logishrd\SetPointP\Devices\PointingDevice\100006C\play-pause.html Win32/Ramnit.A virus
C:\ProgramData\Logishrd\SetPointP\Devices\PointingDevice\100006C\vol-mute.html Win32/Ramnit.A virus
C:\ProgramData\Logishrd\SetPointP\Devices\PointingDevice\100006D\autoscroll.html Win32/Ramnit.A virus
C:\ProgramData\Logishrd\SetPointP\Devices\PointingDevice\100006D\documentflip.html Win32/Ramnit.A virus
C:\ProgramData\Logishrd\SetPointP\Devices\PointingDevice\100006D\keystrokes.html Win32/Ramnit.A virus
C:\ProgramData\Logishrd\SetPointP\Devices\PointingDevice\100006D\media.html Win32/Ramnit.A virus
C:\Riot Games\League of Legends\RADS\projects\lol_air_client\releases\0.0.1.104\deploy\LolClient.exe Win32/Ramnit.H virus
C:\Riot Games\League of Legends\RADS\projects\lol_air_client\releases\0.0.1.104\deploy\Adobe AIR\Versions\1.0\Resources\CaptiveAppEntry.exe Win32/Ramnit.H virus
C:\UsbFix\Quarantine\C\Users\Reece\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\trzE72.tmp.vir Win32/Ramnit.AY virus
C:\UsbFix\Quarantine\G\Autorun.inf.vir Win32/Ramnit.A virus
C:\UsbFix\Quarantine\G\Copy of Shortcut to (1).lnk.vir LNK/Autostart.A trojan
C:\UsbFix\Quarantine\G\Copy of Shortcut to (2).lnk.vir LNK/Autostart.A trojan
C:\UsbFix\Quarantine\G\Copy of Shortcut to (3).lnk.vir LNK/Autostart.A trojan
C:\UsbFix\Quarantine\G\Copy of Shortcut to (4).lnk.vir LNK/Autostart.A trojan
C:\UsbFix\Quarantine\G\trz17C6.tmp.vir Win32/Ramnit.A virus
C:\UsbFix\Quarantine\G\trz1845.tmp.vir LNK/Autostart.A trojan
C:\UsbFix\Quarantine\G\trz1884.tmp.vir LNK/Autostart.A trojan
C:\UsbFix\Quarantine\G\trz18C4.tmp.vir LNK/Autostart.A trojan
C:\UsbFix\Quarantine\G\trz1903.tmp.vir LNK/Autostart.A trojan
C:\UsbFix\Quarantine\G\trz315E.tmp.vir Win32/Ramnit.A virus
C:\UsbFix\Quarantine\G\trz31ED.tmp.vir LNK/Autostart.A trojan
C:\UsbFix\Quarantine\G\trz322C.tmp.vir LNK/Autostart.A trojan
C:\UsbFix\Quarantine\G\trz326B.tmp.vir LNK/Autostart.A trojan
C:\UsbFix\Quarantine\G\trz329B.tmp.vir LNK/Autostart.A trojan
C:\UsbFix\Quarantine\G\trz362A.tmp.vir Win32/Ramnit.A virus
C:\UsbFix\Quarantine\G\trz36B8.tmp.vir LNK/Autostart.A trojan
C:\UsbFix\Quarantine\G\trz36F8.tmp.vir LNK/Autostart.A trojan
C:\UsbFix\Quarantine\G\trz3737.tmp.vir LNK/Autostart.A trojan
C:\UsbFix\Quarantine\G\trz3776.tmp.vir LNK/Autostart.A trojan
C:\UsbFix\Quarantine\G\trz4052.tmp.vir Win32/Ramnit.A virus
C:\UsbFix\Quarantine\G\trz40E1.tmp.vir LNK/Autostart.A trojan
C:\UsbFix\Quarantine\G\trz415E.tmp.vir LNK/Autostart.A trojan
C:\UsbFix\Quarantine\G\trz419E.tmp.vir LNK/Autostart.A trojan
C:\UsbFix\Quarantine\G\trz41ED.tmp.vir LNK/Autostart.A trojan
C:\UsbFix\Quarantine\G\trz59EA.tmp.vir Win32/Ramnit.A virus
C:\UsbFix\Quarantine\G\trz5A88.tmp.vir LNK/Autostart.A trojan
C:\UsbFix\Quarantine\G\trz5AC8.tmp.vir LNK/Autostart.A trojan
C:\UsbFix\Quarantine\G\trz5B07.tmp.vir LNK/Autostart.A trojan
C:\UsbFix\Quarantine\G\trz5B75.tmp.vir LNK/Autostart.A trojan
C:\UsbFix\Quarantine\G\trz5EE5.tmp.vir Win32/Ramnit.A virus
C:\UsbFix\Quarantine\G\trz6608.tmp.vir LNK/Autostart.A trojan
C:\UsbFix\Quarantine\G\trz6647.tmp.vir LNK/Autostart.A trojan
C:\UsbFix\Quarantine\G\trz694B.tmp.vir Win32/Ramnit.A virus
C:\UsbFix\Quarantine\G\trz69DA.tmp.vir LNK/Autostart.A trojan
C:\UsbFix\Quarantine\G\trz6A19.tmp.vir LNK/Autostart.A trojan
C:\UsbFix\Quarantine\G\trz6A59.tmp.vir LNK/Autostart.A trojan
C:\UsbFix\Quarantine\G\trz6A98.tmp.vir LNK/Autostart.A trojan
C:\UsbFix\Quarantine\G\trz82C4.tmp.vir Win32/Ramnit.A virus
C:\UsbFix\Quarantine\G\trz8362.tmp.vir LNK/Autostart.A trojan
C:\UsbFix\Quarantine\G\trz83A2.tmp.vir LNK/Autostart.A trojan
C:\UsbFix\Quarantine\G\trz83D2.tmp.vir LNK/Autostart.A trojan
C:\UsbFix\Quarantine\G\trz8411.tmp.vir LNK/Autostart.A trojan
C:\UsbFix\Quarantine\G\trz865.tmp.vir Win32/Ramnit.A virus
C:\UsbFix\Quarantine\G\trz8E25.tmp.vir Win32/Ramnit.A virus
C:\UsbFix\Quarantine\G\trz8F02.tmp.vir LNK/Autostart.A trojan
C:\UsbFix\Quarantine\G\trz903.tmp.vir LNK/Autostart.A trojan
C:\UsbFix\Quarantine\G\trz91E7.tmp.vir Win32/Ramnit.A virus
C:\UsbFix\Quarantine\G\trz9276.tmp.vir LNK/Autostart.A trojan
C:\UsbFix\Quarantine\G\trz92B5.tmp.vir LNK/Autostart.A trojan
C:\UsbFix\Quarantine\G\trz92F4.tmp.vir LNK/Autostart.A trojan
C:\UsbFix\Quarantine\G\trz9363.tmp.vir LNK/Autostart.A trojan
C:\UsbFix\Quarantine\G\trz952.tmp.vir LNK/Autostart.A trojan
C:\UsbFix\Quarantine\G\trz9D0.tmp.vir LNK/Autostart.A trojan
C:\UsbFix\Quarantine\G\trzA0F.tmp.vir LNK/Autostart.A trojan
C:\UsbFix\Quarantine\G\trzB6E0.tmp.vir Win32/Ramnit.A virus
C:\UsbFix\Quarantine\G\trzB7EC.tmp.vir LNK/Autostart.A trojan
C:\UsbFix\Quarantine\G\trzB86B.tmp.vir LNK/Autostart.A trojan
C:\UsbFix\Quarantine\G\trzBAD1.tmp.vir Win32/Ramnit.A virus
C:\UsbFix\Quarantine\G\trzBB5F.tmp.vir LNK/Autostart.A trojan
C:\UsbFix\Quarantine\G\trzBB9F.tmp.vir LNK/Autostart.A trojan
C:\UsbFix\Quarantine\G\trzBBDE.tmp.vir LNK/Autostart.A trojan
C:\UsbFix\Quarantine\G\trzBC1D.tmp.vir LNK/Autostart.A trojan
C:\UsbFix\Quarantine\G\trzD7F.tmp.vir Win32/Ramnit.A virus
C:\UsbFix\Quarantine\G\trzDFBA.tmp.vir Win32/Ramnit.A virus
C:\UsbFix\Quarantine\G\trzE058.tmp.vir LNK/Autostart.A trojan
C:\UsbFix\Quarantine\G\trzE097.tmp.vir LNK/Autostart.A trojan
C:\UsbFix\Quarantine\G\trzE0D7.tmp.vir LNK/Autostart.A trojan
C:\UsbFix\Quarantine\G\trzE116.tmp.vir LNK/Autostart.A trojan
C:\UsbFix\Quarantine\G\trzE1D.tmp.vir LNK/Autostart.A trojan
C:\UsbFix\Quarantine\G\trzE36C.tmp.vir Win32/Ramnit.A virus
C:\UsbFix\Quarantine\G\trzE571.tmp.vir LNK/Autostart.A trojan
C:\UsbFix\Quarantine\G\trzE5B1.tmp.vir LNK/Autostart.A trojan
C:\UsbFix\Quarantine\G\trzE5C.tmp.vir LNK/Autostart.A trojan
C:\UsbFix\Quarantine\G\trzE5F0.tmp.vir LNK/Autostart.A trojan
C:\UsbFix\Quarantine\G\trzE620.tmp.vir LNK/Autostart.A trojan
C:\UsbFix\Quarantine\G\trzE9B.tmp.vir LNK/Autostart.A trojan
C:\UsbFix\Quarantine\G\trzEDB.tmp.vir LNK/Autostart.A trojan
C:\UsbFix\Quarantine\G\Recycler\S-4-5-51-7750073878-3864275720-752088608-6838\qJXmjMyR.cpl.vir Win32/Ramnit.F virus
C:\UsbFix\Quarantine\G\Recycler\S-4-5-51-7750073878-3864275720-752088608-6838\trz1806.tmp.vir Win32/Ramnit.F virus
C:\UsbFix\Quarantine\G\Recycler\S-4-5-51-7750073878-3864275720-752088608-6838\trz31AD.tmp.vir Win32/Ramnit.F virus
C:\UsbFix\Quarantine\G\Recycler\S-4-5-51-7750073878-3864275720-752088608-6838\trz40A1.tmp.vir Win32/Ramnit.F virus
C:\UsbFix\Quarantine\G\Recycler\S-4-5-51-7750073878-3864275720-752088608-6838\trz5A59.tmp.vir Win32/Ramnit.F virus
C:\UsbFix\Quarantine\G\Recycler\S-4-5-51-7750073878-3864275720-752088608-6838\trz65C9.tmp.vir Win32/Ramnit.F virus
C:\UsbFix\Quarantine\G\Recycler\S-4-5-51-7750073878-3864275720-752088608-6838\trz699A.tmp.vir Win32/Ramnit.F virus
C:\UsbFix\Quarantine\G\Recycler\S-4-5-51-7750073878-3864275720-752088608-6838\trz8323.tmp.vir Win32/Ramnit.F virus
C:\UsbFix\Quarantine\G\Recycler\S-4-5-51-7750073878-3864275720-752088608-6838\trz8C4.tmp.vir Win32/Ramnit.F virus
C:\UsbFix\Quarantine\G\Recycler\S-4-5-51-7750073878-3864275720-752088608-6838\trz8E83.tmp.vir Win32/Ramnit.F virus
C:\UsbFix\Quarantine\G\Recycler\S-4-5-51-7750073878-3864275720-752088608-6838\trz9236.tmp.vir Win32/Ramnit.F virus
C:\UsbFix\Quarantine\G\Recycler\S-4-5-51-7750073878-3864275720-752088608-6838\trzB72F.tmp.vir Win32/Ramnit.F virus
C:\UsbFix\Quarantine\G\Recycler\S-4-5-51-7750073878-3864275720-752088608-6838\trzBB20.tmp.vir Win32/Ramnit.F virus
C:\UsbFix\Quarantine\G\Recycler\S-4-5-51-7750073878-3864275720-752088608-6838\trzDDD.tmp.vir Win32/Ramnit.F virus
C:\UsbFix\Quarantine\G\Recycler\S-4-5-51-7750073878-3864275720-752088608-6838\trzE018.tmp.vir Win32/Ramnit.F virus
C:\UsbFix\Quarantine\G\Recycler\S-4-5-51-7750073878-3864275720-752088608-6838\trzE532.tmp.vir Win32/Ramnit.F virus
C:\Users\All Users\Intel\Package Cache\{1CEAC85D-2590-4760-800F-8DE5E91F3700}\Setup.exe Win32/Ramnit.H virus
C:\Users\All Users\Logishrd\SetPointP\Devices\PointingDevice\100006C\air-zoom.html Win32/Ramnit.A virus
C:\Users\All Users\Logishrd\SetPointP\Devices\PointingDevice\100006C\back-freeze.html Win32/Ramnit.A virus
C:\Users\All Users\Logishrd\SetPointP\Devices\PointingDevice\100006C\menucast.html Win32/Ramnit.A virus
C:\Users\All Users\Logishrd\SetPointP\Devices\PointingDevice\100006C\play-pause.html Win32/Ramnit.A virus
C:\Users\All Users\Logishrd\SetPointP\Devices\PointingDevice\100006C\vol-mute.html Win32/Ramnit.A virus
C:\Users\All Users\Logishrd\SetPointP\Devices\PointingDevice\100006D\autoscroll.html Win32/Ramnit.A virus
C:\Users\All Users\Logishrd\SetPointP\Devices\PointingDevice\100006D\documentflip.html Win32/Ramnit.A virus
C:\Users\All Users\Logishrd\SetPointP\Devices\PointingDevice\100006D\keystrokes.html Win32/Ramnit.A virus
C:\Users\All Users\Logishrd\SetPointP\Devices\PointingDevice\100006D\media.html Win32/Ramnit.A virus
C:\Users\Reece\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\9.0.2021.112_0\trzE0AB.tmp Win32/Ramnit.A virus
C:\Users\Reece\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki\9.0.2022.121_0\trzE982.tmp Win32/Ramnit.A virus
C:\Users\Reece\AppData\Local\Google\Chrome\User Data\Default\File System\001\t\00\00000000 Win32/Somoto.G potentially unwanted application
C:\Users\Reece\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\PB0CKQ5Q\trz1EC6.tmp Win32/Ramnit.A virus
C:\Users\Reece\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\PB0CKQ5Q\trz1F63.tmp Win32/Ramnit.A virus
C:\Users\Reece\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\PB0CKQ5Q\trz1FA2.tmp Win32/Ramnit.A virus
C:\Users\Reece\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\WPJWU2EW\trz2010.tmp Win32/Ramnit.A virus
C:\Users\Reece\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\WSWPLAUD\trz207F.tmp Win32/Ramnit.A virus
C:\Users\Reece\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\WSWPLAUD\trz20A0.tmp Win32/Ramnit.A virus
C:\Users\Reece\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Z8SK4OLW\trz214D.tmp Win32/Ramnit.A virus
C:\Users\Reece\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Z8SK4OLW\trz218D.tmp Win32/Ramnit.A virus
C:\Users\Reece\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Z8SK4OLW\trz222B.tmp Win32/Ramnit.A virus
C:\Users\Reece\AppData\Local\PunkBuster\BF4\pb\htm\va001390.htm Win32/Ramnit.A virus
C:\Users\Reece\AppData\Local\PunkBuster\HEROES\pb\pbag.dll Win32/Ramnit.H virus
C:\Users\Reece\AppData\Local\Skype\Apps\login\trz6F23.tmp Win32/Ramnit.A virus
C:\Users\Reece\AppData\Local\VirtualStore\Program Files (x86)\MSI\Live Update\LU5\DL_FILE\Intel_Chipset_Drivers_10.0.14\ReleaseNotes10.0.17.htm Win32/Ramnit.A virus
C:\Users\Reece\AppData\Local\VirtualStore\Program Files (x86)\Notepad++\user.manual\user.html Win32/Ramnit.A virus
C:\Users\Reece\AppData\Local\VirtualStore\Program Files (x86)\Notepad++\user.manual\documentation\notepad-online-document.html Win32/Ramnit.A virus
C:\Users\Reece\AppData\Local\VirtualStore\Program Files (x86)\Notepad++\user.manual\documentation\document-properties\encoding.html Win32/Ramnit.A virus
C:\Users\Reece\AppData\Local\VirtualStore\Program Files (x86)\Notepad++\user.manual\documentation\notepad-user-manual\command-line.html Win32/Ramnit.A virus
C:\Users\Reece\AppData\Local\VirtualStore\Program Files (x86)\Notepad++\user.manual\documentation\notepad-user-manual\commands.html Win32/Ramnit.A virus
C:\Users\Reece\AppData\Local\VirtualStore\Program Files (x86)\Notepad++\user.manual\documentation\notepad-user-manual\control-files.html Win32/Ramnit.A virus
C:\Users\Reece\AppData\Local\VirtualStore\Program Files (x86)\Notepad++\user.manual\documentation\notepad-user-manual\credits.html Win32/Ramnit.A virus
C:\Users\Reece\AppData\Local\VirtualStore\Program Files (x86)\Notepad++\user.manual\documentation\notepad-user-manual\document-properties.html Win32/Ramnit.A virus
C:\Users\Reece\AppData\Local\VirtualStore\Program Files (x86)\Notepad++\user.manual\documentation\notepad-user-manual\editing.html Win32/Ramnit.A virus
C:\Users\Reece\AppData\Local\VirtualStore\Program Files (x86)\Notepad++\user.manual\documentation\notepad-user-manual\file-management.html Win32/Ramnit.A virus
C:\Users\Reece\AppData\Local\VirtualStore\Program Files (x86)\Notepad++\user.manual\documentation\notepad-user-manual\further-help.html Win32/Ramnit.A virus
C:\Users\Reece\AppData\Local\VirtualStore\Program Files (x86)\Notepad++\user.manual\documentation\notepad-user-manual\gui-elements.html Win32/Ramnit.A virus
C:\Users\Reece\AppData\Local\VirtualStore\Program Files (x86)\Notepad++\user.manual\documentation\notepad-user-manual\languages.html Win32/Ramnit.A virus
C:\Users\Reece\AppData\Local\VirtualStore\Program Files (x86)\Notepad++\user.manual\documentation\notepad-user-manual\macros.html Win32/Ramnit.A virus
C:\Users\Reece\AppData\Local\VirtualStore\Program Files (x86)\Notepad++\user.manual\documentation\notepad-user-manual\plugins.html Win32/Ramnit.A virus
C:\Users\Reece\AppData\Local\VirtualStore\Program Files (x86)\Notepad++\user.manual\documentation\notepad-user-manual\display\folding.html Win32/Ramnit.A virus
C:\Users\Reece\AppData\Local\VirtualStore\Program Files (x86)\Notepad++\user.manual\documentation\notepad-user-manual\display\hiding-lines.html Win32/Ramnit.A virus
C:\Users\Reece\AppData\Local\VirtualStore\Program Files (x86)\Notepad++\user.manual\documentation\notepad-user-manual\display\multi-view.html Win32/Ramnit.A virus
C:\Users\Reece\AppData\Local\VirtualStore\Program Files (x86)\Notepad++\user.manual\documentation\notepad-user-manual\display\right-left-rtl.html Win32/Ramnit.A virus
C:\Users\Reece\AppData\Local\VirtualStore\Program Files (x86)\Notepad++\user.manual\documentation\notepad-user-manual\display\shortcuts-view-menu.html Win32/Ramnit.A virus
C:\Users\Reece\AppData\Local\VirtualStore\Program Files (x86)\Notepad++\user.manual\documentation\notepad-user-manual\display\system-tray.html Win32/Ramnit.A virus
C:\Users\Reece\AppData\Local\VirtualStore\Program Files (x86)\Notepad++\user.manual\documentation\notepad-user-manual\display\unprintable-characters.html Win32/Ramnit.A virus
C:\Users\Reece\AppData\Local\VirtualStore\Program Files (x86)\Notepad++\user.manual\documentation\notepad-user-manual\display\viewing-modes.html Win32/Ramnit.A virus
C:\Users\Reece\AppData\Local\VirtualStore\Program Files (x86)\Notepad++\user.manual\documentation\notepad-user-manual\display\wrapping.html Win32/Ramnit.A virus
C:\Users\Reece\AppData\Local\VirtualStore\Program Files (x86)\Notepad++\user.manual\documentation\notepad-user-manual\editing\auto-completion.html Win32/Ramnit.A virus
C:\Users\Reece\AppData\Local\VirtualStore\Program Files (x86)\Notepad++\user.manual\documentation\notepad-user-manual\editing\commenting.html Win32/Ramnit.A virus
C:\Users\Reece\AppData\Local\VirtualStore\Program Files (x86)\Notepad++\user.manual\documentation\notepad-user-manual\editing\exiting-notepad.html Win32/Ramnit.A virus
C:\Users\Reece\AppData\Local\VirtualStore\Program Files (x86)\Notepad++\user.manual\documentation\notepad-user-manual\editing\indentation.html Win32/Ramnit.A virus
C:\Users\Reece\AppData\Local\VirtualStore\Program Files (x86)\Notepad++\user.manual\documentation\notepad-user-manual\editing\mouse-gestures.html Win32/Ramnit.A virus
C:\Users\Reece\AppData\Local\VirtualStore\Program Files (x86)\Notepad++\user.manual\documentation\notepad-user-manual\editing\other-editing-tools.html Win32/Ramnit.A virus
C:\Users\Reece\AppData\Local\VirtualStore\Program Files (x86)\Notepad++\user.manual\documentation\notepad-user-manual\editing\overtype.html Win32/Ramnit.A virus
C:\Users\Reece\AppData\Local\VirtualStore\Program Files (x86)\Notepad++\user.manual\documentation\notepad-user-manual\editing\printing.html Win32/Ramnit.A virus
C:\Users\Reece\AppData\Local\VirtualStore\Program Files (x86)\Notepad++\user.manual\documentation\notepad-user-manual\editing\selecting-text.html Win32/Ramnit.A virus
C:\Users\Reece\AppData\Local\VirtualStore\Program Files (x86)\Notepad++\user.manual\documentation\notepad-user-manual\editing\shortcuts-edit-menu.html Win32/Ramnit.A virus
C:\Users\Reece\AppData\Local\VirtualStore\Program Files (x86)\Notepad++\user.manual\documentation\notepad-user-manual\editing\standard-operations.html Win32/Ramnit.A virus
C:\Users\Reece\AppData\Local\VirtualStore\Program Files (x86)\Notepad++\user.manual\documentation\notepad-user-manual\file-management\activating-file.html Win32/Ramnit.A virus
C:\Users\Reece\AppData\Local\VirtualStore\Program Files (x86)\Notepad++\user.manual\documentation\notepad-user-manual\file-management\closing-files.html Win32/Ramnit.A virus
C:\Users\Reece\AppData\Local\VirtualStore\Program Files (x86)\Notepad++\user.manual\documentation\notepad-user-manual\file-management\creating-new-files.html Win32/Ramnit.A virus
C:\Users\Reece\AppData\Local\VirtualStore\Program Files (x86)\Notepad++\user.manual\documentation\notepad-user-manual\file-management\editing-files.html Win32/Ramnit.A virus
C:\Users\Reece\AppData\Local\VirtualStore\Program Files (x86)\Notepad++\user.manual\documentation\notepad-user-manual\file-management\opening-and-saving-files.html Win32/Ramnit.A virus
C:\Users\Reece\AppData\Local\VirtualStore\Program Files (x86)\Notepad++\user.manual\documentation\notepad-user-manual\file-management\read-only-files.html Win32/Ramnit.A virus
C:\Users\Reece\AppData\Local\VirtualStore\Program Files (x86)\Notepad++\user.manual\documentation\notepad-user-manual\file-management\shortcuts-file-menu.html Win32/Ramnit.A virus
C:\Users\Reece\AppData\Local\VirtualStore\Program Files (x86)\Notepad++\user.manual\documentation\notepad-user-manual\further-help\bug-reports.html Win32/Ramnit.A virus
C:\Users\Reece\AppData\Local\VirtualStore\Program Files (x86)\Notepad++\user.manual\documentation\notepad-user-manual\further-help\feature-requests.html Win32/Ramnit.A virus
C:\Users\Reece\AppData\Local\VirtualStore\Program Files (x86)\Notepad++\user.manual\documentation\notepad-user-manual\further-help\main-website-and-forums.html Win32/Ramnit.A virus
C:\Users\Reece\AppData\Local\VirtualStore\Program Files (x86)\Notepad++\user.manual\documentation\notepad-user-manual\further-help\patches.html Win32/Ramnit.A virus
C:\Users\Reece\AppData\Local\VirtualStore\Program Files (x86)\Notepad++\user.manual\documentation\notepad-user-manual\gui-elements\context-menu.html Win32/Ramnit.A virus
C:\Users\Reece\AppData\Local\VirtualStore\Program Files (x86)\Notepad++\user.manual\documentation\notepad-user-manual\gui-elements\dockable-windows.html Win32/Ramnit.A virus
C:\Users\Reece\AppData\Local\VirtualStore\Program Files (x86)\Notepad++\user.manual\documentation\notepad-user-manual\gui-elements\menu.html Win32/Ramnit.A virus
C:\Users\Reece\AppData\Local\VirtualStore\Program Files (x86)\Notepad++\user.manual\documentation\notepad-user-manual\gui-elements\status-bar.html Win32/Ramnit.A virus
C:\Users\Reece\AppData\Local\VirtualStore\Program Files (x86)\Notepad++\user.manual\documentation\notepad-user-manual\gui-elements\tab-bar.html Win32/Ramnit.A virus
C:\Users\Reece\AppData\Local\VirtualStore\Program Files (x86)\Notepad++\user.manual\documentation\notepad-user-manual\gui-elements\tool-bar.html Win32/Ramnit.A virus
C:\Users\Reece\AppData\Local\VirtualStore\Program Files (x86)\Notepad++\user.manual\documentation\notepad-user-manual\languages\built-languages.html Win32/Ramnit.A virus
C:\Users\Reece\AppData\Local\VirtualStore\Program Files (x86)\Notepad++\user.manual\documentation\notepad-user-manual\languages\external-lexers.html Win32/Ramnit.A virus
C:\Users\Reece\AppData\Local\VirtualStore\Program Files (x86)\Notepad++\user.manual\documentation\notepad-user-manual\languages\user-defined-languages.html Win32/Ramnit.A virus
C:\Users\Reece\AppData\Local\VirtualStore\Program Files (x86)\Notepad++\user.manual\documentation\notepad-user-manual\searching\bookmarks.html Win32/Ramnit.A virus
C:\Users\Reece\AppData\Local\VirtualStore\Program Files (x86)\Notepad++\user.manual\documentation\notepad-user-manual\searching\brace-matching.html Win32/Ramnit.A virus
C:\Users\Reece\AppData\Local\VirtualStore\Program Files (x86)\Notepad++\user.manual\documentation\notepad-user-manual\searching\dialog-free-search.html Win32/Ramnit.A virus
C:\Users\Reece\AppData\Local\VirtualStore\Program Files (x86)\Notepad++\user.manual\documentation\notepad-user-manual\searching\go-dialog.html Win32/Ramnit.A virus
C:\Users\Reece\AppData\Local\VirtualStore\Program Files (x86)\Notepad++\user.manual\documentation\notepad-user-manual\searching\marking-search-results.html Win32/Ramnit.A virus
C:\Users\Reece\AppData\Local\VirtualStore\Program Files (x86)\Notepad++\user.manual\documentation\notepad-user-manual\searching\normal-search.html Win32/Ramnit.A virus
C:\Users\Reece\AppData\Local\VirtualStore\Program Files (x86)\Notepad++\user.manual\documentation\notepad-user-manual\searching\replacing.html Win32/Ramnit.A virus
C:\Users\Reece\AppData\Local\VirtualStore\Program Files (x86)\Notepad++\user.manual\documentation\notepad-user-manual\searching\search-results.html Win32/Ramnit.A virus
C:\Users\Reece\AppData\Local\VirtualStore\Program Files (x86)\Notepad++\user.manual\documentation\notepad-user-manual\searching\searching-files.html Win32/Ramnit.A virus
C:\Users\Reece\AppData\Local\VirtualStore\Program Files (x86)\Notepad++\user.manual\documentation\notepad-user-manual\searching\shortcuts-search-menu.html Win32/Ramnit.A virus
C:\Users\Reece\AppData\Local\VirtualStore\Program Files (x86)\Notepad++\user.manual\documentation\notepad-user-manual\switching-between-documents\mru-most-recently-used-switching.html Win32/Ramnit.A virus
C:\Users\Reece\AppData\Local\VirtualStore\Program Files (x86)\Notepad++\user.manual\user\password.html Win32/Ramnit.A virus
C:\Users\Reece\AppData\Local\VirtualStore\Program Files (x86)\Notepad++\user.manual\user\register.html Win32/Ramnit.A virus
C:\Users\Reece\AppData\Local\VirtualStore\ProgramData\Nitro\Pro\9.0\Content\learning-center\en\learning-center.htm Win32/Ramnit.A virus
C:\Users\Reece\AppData\Local\VirtualStore\ProgramData\Nitro\Pro\9.0\Content\trial-notification\en\trial-notification.htm Win32/Ramnit.A virus
C:\Users\Reece\Downloads\ccsetup416.exe Win32/Bundled.Toolbar.Google.D potentially unsafe application
C:\Users\Reece\Downloads\dfsetup218.exe Win32/Bundled.Toolbar.Google.D potentially unsafe application
C:\Users\Reece\Downloads\rcsetup151.exe Win32/Bundled.Toolbar.Google.D potentially unsafe application
D:\Programs\MSI Afterburner\MSIAfterburnermgr.exe Win32/Ramnit.AY virus
D:\SteamLibrary\SteamApps\common\BioShock Infinite\Binaries\Win32\ApexFrameworkSHIPPING_x86.dll Win32/Ramnit.H virus
D:\SteamLibrary\SteamApps\common\BioShock Infinite\Binaries\Win32\APEX_ClothingSHIPPING_x86.dll Win32/Ramnit.H virus
D:\SteamLibrary\SteamApps\common\Rocksmith2014\D3DX9_42.dll Win32/Ramnit.H virus
D:\SteamLibrary\SteamApps\common\SteamVR\bin\vrserver.exe Win32/Ramnit.H virus
D:\SteamLibrary\SteamApps\common\SteamVR\drivers\oculus\bin\driver_oculus.dll Win32/Ramnit.H virus
D:\ZARRecovered\Recovered data 07-23-2014 at 12_10_52\NTFS 1\Users\Reeec\Desktop\Windows.7.Loader.v2.2.1-Daz\Windows Loader.exe Win32/HackTool.WinActivator.I potentially unsafe application
E:\SteamLibrary\SteamApps\common\Counter-Strike Global Offensive\csgo.exe Win32/Ramnit.H virus
E:\SteamLibrary\SteamApps\common\Counter-Strike Global Offensive\bin\bugreporter_public.dll Win32/Ramnit.H virus
E:\SteamLibrary\SteamApps\common\Counter-Strike Global Offensive\bin\datacache.dll Win32/Ramnit.H virus
E:\SteamLibrary\SteamApps\common\Counter-Strike Global Offensive\bin\engine.dll Win32/Ramnit.H virus
E:\SteamLibrary\SteamApps\common\Counter-Strike Global Offensive\bin\filesystemopendialog.dll Win32/Ramnit.H virus
E:\SteamLibrary\SteamApps\common\Counter-Strike Global Offensive\bin\filesystem_stdio.dll Win32/Ramnit.H virus
E:\SteamLibrary\SteamApps\common\Counter-Strike Global Offensive\bin\inputsystem.dll Win32/Ramnit.H virus
E:\SteamLibrary\SteamApps\common\Counter-Strike Global Offensive\bin\launcher.dll Win32/Ramnit.H virus
E:\SteamLibrary\SteamApps\common\Counter-Strike Global Offensive\bin\mdllib.dll Win32/Ramnit.H virus
E:\SteamLibrary\SteamApps\common\Counter-Strike Global Offensive\bin\scaleformui.dll Win32/Ramnit.H virus
E:\SteamLibrary\SteamApps\common\Counter-Strike Global Offensive\bin\scenefilecache.dll Win32/Ramnit.H virus
E:\SteamLibrary\SteamApps\common\Counter-Strike Global Offensive\bin\shaderapidx9.dll Win32/Ramnit.H virus
E:\SteamLibrary\SteamApps\common\Counter-Strike Global Offensive\bin\sixense_utils.dll Win32/Ramnit.H virus
E:\SteamLibrary\SteamApps\common\Counter-Strike Global Offensive\bin\soundemittersystem.dll Win32/Ramnit.H virus
E:\SteamLibrary\SteamApps\common\Counter-Strike Global Offensive\bin\stdshader_dbg.dll Win32/Ramnit.H virus
E:\SteamLibrary\SteamApps\common\Counter-Strike Global Offensive\bin\stdshader_dx9.dll Win32/Ramnit.H virus
E:\SteamLibrary\SteamApps\common\Counter-Strike Global Offensive\bin\texturecompile_dll.dll Win32/Ramnit.H virus
E:\SteamLibrary\SteamApps\common\Counter-Strike Global Offensive\bin\unitlib.dll Win32/Ramnit.H virus
E:\SteamLibrary\SteamApps\common\Counter-Strike Global Offensive\bin\vaudio_miles.dll Win32/Ramnit.H virus
E:\SteamLibrary\SteamApps\common\Counter-Strike Global Offensive\bin\vaudio_speex.dll Win32/Ramnit.H virus
E:\SteamLibrary\SteamApps\common\Counter-Strike Global Offensive\bin\vgui2.dll Win32/Ramnit.H virus
E:\SteamLibrary\SteamApps\common\Counter-Strike Global Offensive\bin\vscript.dll Win32/Ramnit.H virus
E:\SteamLibrary\SteamApps\common\Counter-Strike Global Offensive\bin\vstdlib.dll Win32/Ramnit.H virus
E:\SteamLibrary\SteamApps\common\Counter-Strike Global Offensive\bin\vtex_dll.dll Win32/Ramnit.H virus
E:\SteamLibrary\SteamApps\common\Counter-Strike Global Offensive\csgo\bin\client.dll Win32/Ramnit.H virus
E:\SteamLibrary\SteamApps\common\Counter-Strike Global Offensive\csgo\bin\matchmaking.dll Win32/Ramnit.H virus


#12 aharonov

aharonov

  • Malware Response Team
  • 2,441 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:08:39 PM

Posted 28 August 2014 - 05:15 AM

I'm afraid I have very bad news.

Win32/Ramnit (and related variants) is a dangerous file infector with IRCBot functionality which infects .exe, and .HTML/HTM files, and opens a back door that compromises your computer. Using this backdoor, a remote attacker can access and instruct the infected computer to download and execute more malicious files. The infected .HTML or .HTM files may be detected as Virus:VBS/Ramnit.A or VBS/Generic. Win32/Ramnit.A!dll is a related file infector often seen with this infection. It too has IRCBot functionality which infects .exe, .dll and .HTML/HTM files and opens a back door that compromises your computer. This component is injected into the default web browser by Worm:Win32/Ramnit.A which is dropped by a Ramnit infected executable file.

-- Note: As with most malware infections, the threat name may be different depending on the anti-virus or anti-malware program which detected it. Each security vendor uses their own naming conventions to identify various types of malware.With this particular infection the safest solution and only sure way to remove it effectively is to reformat and reinstall the OS.

Why? The malware injects code in legitimate files similar to the Virut virus and in many cases the infected files (which could number in the thousands) cannot be disinfected properly by your anti-virus. When disinfection is attempted, the files often become corrupted and the system may become unstable or irreparable. The longer Ramnit.A remains on a computer, the more files it infects and corrupts so the degree of damage can vary.

Ramnit is commonly spread via a flash drive (usb, pen, thumb, jump) infection where it copies Worm:Win32/Ramnit.A with a random file name. The infection is often contracted by visiting remote, crack and keygen sites. These type of sites are infested with a smörgåsbord of malware and a major source of system infection. However, a variant called the Ramnit worm targets Facebook users....can bypass two-factor authentication and transaction signing systems, gain remote access to financial institutions and compromise online banking.

In my opinion, Ramnit is not effectively disinfectable, so your best option is to perform a full reformat as there is no guarantee this infection can be completely removed. In most instances it may have caused so much damage to your system files that it cannot be completely cleaned or repaired. Security vendors that claim to be able to remove file infectors cannot guarantee that all traces of it will be removed as they may not find all the remnants. If something goes awry during the malware removal process there is always a risk the computer may become unstable or unbootable and you could loose access to all your data.

Further, your machine has likely been compromised by the backdoor Trojan and there is no way to be sure the computer can ever be trusted again. It is dangerous and incorrect to assume the computer is secure even if your anti-virus reports that the malware appears to have been removed.

Many experts in the security community believe that once infected with this type of malware, the best course of action is to wipe the drive clean, reformat and reinstall the OS. Please read:

Whenever a system has been compromised by a backdoor payload, it is impossible to know if or how much the backdoor has been used to affect your system...There are only a few ways to return a compromised system to a confident security configuration. These include:
• Reimaging the system
• Restoring the entire system using a full system backup from before the backdoor infection
• Reformatting and reinstalling the system

Backdoors and What They Mean to You

This is what security expert miekiemoes has to say: Virut and other File infectors - Throwing in the Towel?

If I guide someone with Virut (or any other File Infector) present and their Antivirus cannot properly disinfect it, then I recommend a format and reinstall...dealing with such infections is a waste of time and that's why I prefer the fastest and safest solution - which is a format and reinstall...After all, I think it would be irresponsible to let the malware "stew" (download/spread/run more malware) for another couple of days/weeks if you already know it's a lost case.

This is what Jesper M. Johansson at Microsoft TechNet has to say: Help: I Got Hacked. Now What Do I Do?.

The only way to clean a compromised system is to flatten and rebuild. That’s right. If you have a system that has been completely compromised, the only thing you can do is to flatten the system (reformat the system disk) and rebuild it from scratch (reinstall Windows and your applications).



#13 reece159

reece159
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:07:39 PM

Posted 28 August 2014 - 07:18 AM

Alright. Thanks



#14 reece159

reece159
  • Topic Starter

  • Members
  • 8 posts
  • OFFLINE
  •  
  • Local time:07:39 PM

Posted 28 August 2014 - 07:26 AM

Can I assume personal files are secure then? Will the only possibly infected files be .exe, .html, and .dll files? Could I transfer files such as music, pictures, videos, documents?



#15 aharonov

aharonov

  • Malware Response Team
  • 2,441 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:08:39 PM

Posted 28 August 2014 - 11:49 AM

Yes, your personal files that have the formats you mention should be safe. If in doubt you can upload a file to virustotal.com to doublecheck that it is clean indeed.
Be very careful to only selectively transfer personal files and no executables as downloaded setups or the like. One with Ramnit infected executable that survives the format an re-install would be enough to bring the whole infection back.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users