Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Gameharbor cmd prompt help please!


  • This topic is locked This topic is locked
4 replies to this topic

#1 LilMuz

LilMuz

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:12:04 PM

Posted 10 September 2014 - 10:53 AM

I saw a thread earlier about the gameharbor.org loading up on startup due to a command prompt, I tried following the other thread but to no luck.

 

Any help would be appreciated,

 

Thanks.



BC AdBot (Login to Remove)

 


#2 aharonov

aharonov

  • Malware Response Team
  • 2,441 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:01:04 PM

Posted 10 September 2014 - 01:29 PM

Hi,

please run a FRST scan:


Please download Farbar Recovery Scan Tool and save it to your Desktop.
(If you are not sure which version (32-/64-bit) applies to your system, download and try to start both of them as just the right one will run.)
  • Start FRST with administator privileges.
  • Make sure the option Addition.txt is checked and press the Scan button.
  • When finished, FRST will produce two logs (FRST.txt and Addition.txt) in the same directory the tool was run from.
  • Please copy and paste these logs in your next reply.


#3 LilMuz

LilMuz
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:12:04 PM

Posted 10 September 2014 - 01:38 PM

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 10-09-2014
Ran by James at 2014-09-10 19:37:19
Running from D:\Downloads
Boot Mode: Normal
==========================================================
 
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 
==================== Installed Programs ======================
 
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
µTorrent (HKCU\...\uTorrent) (Version: 3.4.2.33394 - BitTorrent Inc.)
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.152 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.08) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.08 - Adobe Systems Incorporated)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Battlefield 4™ (HKLM-x32\...\{ABADE36E-EC37-413B-8179-B432AD3FACE7}) (Version: 1.3.2.3825 - Electronic Arts)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.3.0 - EA Digital Illusions CE AB)
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version:  - Valve)
CPUID HWMonitor Pro 1.17 (HKLM\...\CPUID HWMonitorPro_is1) (Version:  - )
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Pro Advanced (HKLM-x32\...\DAEMON Tools Pro Advanced) (Version:  - DT Soft Ltd.)
Dead Rising 3 (HKLM-x32\...\Dead Rising 3_is1) (Version: 1.0 - Релиз от R.G. Steamgames)
Diablo III (HKLM-x32\...\Diablo III) (Version:  - Blizzard Entertainment)
Dota 2 (HKLM-x32\...\Steam App 570) (Version:  - Valve)
ESN Sonar (HKLM-x32\...\ESN Sonar-0.70.4) (Version: 0.70.4 - ESN Social Software AB)
FIFA 13 (HKLM-x32\...\{A29E18C2-7AB1-4b6b-848C-5D5E2C85F0C0}) (Version: 1.8.0.0 - Electronic Arts)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 36.0.1985.125 - Google Inc.)
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
Hearthstone (HKLM-x32\...\Hearthstone) (Version:  - Blizzard Entertainment)
Intel® Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 10.0.0.1204 - Intel Corporation)
Intel® Management Engine Components (Version: 1.0.0.0 - Intel Corporation) Hidden
Intel® Management Engine Components (Version: 10.0.0.1204 - Intel Corporation) Hidden
Intel® Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 13.0.3.1001 - Intel Corporation)
Intel® Rapid Storage Technology (Version: 13.0.3.1001 - Intel Corporation) Hidden
Intel® Trusted Connect Service Client (Version: 1.35.127.1 - Intel Corporation) Hidden
Java 7 Update 67 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217067FF}) (Version: 7.0.670 - Oracle)
Java Auto Updater (x32 Version: 2.1.67.1 - Oracle, Inc.) Hidden
Logitech Gaming Software (Version: 8.45.88 - Logitech Inc.) Hidden
Logitech Gaming Software 8.53 (HKLM\...\Logitech Gaming Software) (Version: 8.53.186 - Logitech Inc.)
Malwarebytes Anti-Malware version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office 365 - en-us (HKLM\...\O365HomePremRetail - en-us) (Version: 15.0.4641.1003 - Microsoft Corporation)
Microsoft OneDrive (HKCU\...\OneDriveSetup.exe) (Version: 17.3.1171.0714 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (x32 Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (x32 Version: 11.0.61030 - Microsoft Corporation) Hidden
Movie Maker (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden
MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden
Mumble 1.2.7 (HKLM-x32\...\{CF8BBFA2-5502-4904-A9E9-8D5CAA8DF785}) (Version: 1.2.7 - Thorvald Natvig)
NirSoft BlueScreenView (HKLM-x32\...\NirSoft BlueScreenView) (Version:  - )
Nosgoth (HKLM-x32\...\Steam App 200110) (Version: 140819.91216 - Square Enix Ltd)
NVIDIA Control Panel 337.88 (Version: 337.88 - NVIDIA Corporation) Hidden
NVIDIA Graphics Driver 337.88 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 337.88 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.154.1168 - NVIDIA Corporation) Hidden
NVIDIA PhysX (HKLM-x32\...\{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}) (Version: 9.12.1031 - NVIDIA Corporation)
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4641.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4641.1003 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4641.1003 - Microsoft Corporation) Hidden
Omerta - City of Gangsters (HKLM-x32\...\Steam App 208520) (Version:  - Haemimont Games)
Open Broadcaster Software (HKLM-x32\...\Open Broadcaster Software) (Version:  - )
OpenOffice 4.1.0 (HKLM-x32\...\{28B88897-774A-4005-BBFF-663B1F8EAA5A}) (Version: 4.10.9764 - Apache Software Foundation)
Origin (HKLM-x32\...\Origin) (Version: 9.4.12.2807 - Electronic Arts, Inc.)
PAYDAY 2 (HKLM-x32\...\Steam App 218620) (Version:  - OVERKILL - a Starbreeze Studio.)
Photo Gallery (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.)
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.1.314 - Qualcomm Atheros Communications)
Qualcomm Atheros WLAN and Bluetooth Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 12.23 - Qualcomm Atheros)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7246 - Realtek Semiconductor Corp.)
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
Steam (HKLM-x32\...\Steam) (Version:  - Valve Corporation)
Strife (HKLM-x32\...\strife) (Version: 0.0.1 - S2 Games)
System Requirements Lab CYRI (HKLM-x32\...\{19B0831B-0C18-4103-86E4-90FCD04CD3B9}) (Version: 6.0.12.5 - Husdawg, LLC)
The Golf Club (HKLM-x32\...\Steam App 269730) (Version:  - HB Studios)
VLC media player 2.1.3 (HKLM\...\VLC media player) (Version: 2.1.3 - VideoLAN)
Windows Live Communications Platform (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3522.0110 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
WinRAR 5.10 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.10.0 - win.rar GmbH)
World of Warcraft (HKLM-x32\...\World of Warcraft) (Version:  - Blizzard Entertainment)
Ys Origin (HKLM-x32\...\Steam App 207350) (Version:  - Nihon Falcom)
 
==================== Custom CLSID (selected items): ==========================
 
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
 
CustomCLSID: HKU\S-1-5-21-3974639238-3188545945-4294417750-1001_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\James\AppData\Local\Microsoft\SkyDrive\17.3.1171.0714\amd64\FileSyncApi64.dll (Microsoft Corporation)
 
==================== Restore Points  =========================
 
24-08-2014 23:51:38 Installed DirectX
27-08-2014 00:21:24 Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030
03-09-2014 15:00:35 Installed DirectX
05-09-2014 01:59:34 Installed DirectX
07-09-2014 02:09:50 Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005
10-09-2014 00:15:49 Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005
 
==================== Hosts content: ==========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2013-08-22 14:25 - 2013-08-22 14:25 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
 
==================== Scheduled Tasks (whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
 
Task: {05293577-D647-4185-B859-C94839A0B2E3} - System32\Tasks\Microsoft\Windows\SettingSync\NetworkStateChangeTask
Task: {0B545118-B563-42FC-8D07-B78F602FCF34} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {2085BF56-520D-4951-B7C0-DF34AF90CC6A} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {281CC0BE-41CC-4F2D-AC5E-E3FBC8B0EB99} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyUpload
Task: {2C9C0C6C-2A74-46F2-858A-4389D253EAD0} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCachePrepopulate
Task: {31EB10ED-7990-4EF3-B029-DE690D23622A} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2014-08-28] (Microsoft Corporation)
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\Windows\System32\AutoWorkplace.exe [2013-08-22] (Microsoft Corporation)
Task: {3B6D8A73-F20B-4C93-B8FB-56A154F172D2} - System32\Tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone => C:\Windows\system32\tzsync.exe [2013-08-22] (Microsoft Corporation)
Task: {49754026-21E1-41FC-94FD-727AFE414FE7} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCacheRebalance
Task: {4DDBDF17-98CB-44D4-9FC8-A081D6D71812} - System32\Tasks\Microsoft OneDrive Auto Update Task-S-1-5-21-3974639238-3188545945-4294417750-1001 => %localappdata%\Microsoft\SkyDrive\SkyDrive.exe
Task: {583A66E7-E948-4A85-93F5-FD19E5D26DE0} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: {60CBC0FD-C9BD-445C-9CF3-0310A9EC0265} - \Microsoft OneDrive Auto Update Task-S-1-5-21-3974639238-3188545945-4294417750-500 No Task File <==== ATTENTION
Task: {6AA91E8C-DDBD-4979-8464-4062F7681A19} - System32\Tasks\Microsoft\Windows\Plug and Play\Plug and Play Cleanup
Task: {6B672EB9-349C-490C-AD46-A357860857AA} - System32\Tasks\Microsoft\Windows\WindowsUpdate\Scheduled Start With Network => Sc.exe start wuauserv
Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task
Task: {73B1B253-CE67-4501-AE1A-377DD1D68B65} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
Task: {77F1D869-6E65-4079-A2A0-E2023408EF97} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task
Task: {89604536-FDE3-4A41-968C-5568FD58085F} - System32\Tasks\Core Temp Autostart James => C:\Program Files\Core Temp\Core Temp.exe
Task: {8CC813C9-712A-41EF-9512-B233444FC669} - System32\Tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup => Rundll32.exe %windir%\system32\AppxDeploymentClient.dll,AppxPreStageCleanupRunTask
Task: {8D187A3E-F9CB-45B7-B5CB-BC2C26A707BE} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2014-09-10] (Microsoft Corporation)
Task: {9656EDC4-EF82-4239-8B75-5D4A72AAA3B4} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Validation
Task: {970427D9-C88E-491E-89B6-0244B1DD0C7A} - System32\Tasks\Microsoft\Windows\DiskCleanup\SilentCleanup => C:\Windows\system32\cleanmgr.exe [2014-03-18] (Microsoft Corporation)
Task: {988D5CB5-0B89-486D-AA49-977D96D17C24} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-09-09] (Adobe Systems Incorporated)
Task: {9FF4C139-5234-410C-B7FA-23EE2FD2AB53} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Maintenance Work
Task: {B73DD647-332A-4818-BF00-914D71D004B2} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: {BB539ADE-6878-4821-ABF7-53D03E55EF50} - System32\Tasks\Microsoft\Windows\DiskFootprint\Diagnostics
Task: {BCDC18B9-0429-4036-922B-C605BC1FF2A7} - System32\Tasks\Microsoft Office 15 Sync Maintenance for MUZ-James Muz => C:\Program Files\Microsoft Office 15\Root\Office15\MsoSync.exe [2014-08-28] (Microsoft Corporation)
Task: {C82EF18A-C469-4A70-B583-36569C982710} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Management
Task: {CFD7C21A-808B-487B-A6EC-8A10E44E8360} - System32\Tasks\Microsoft\Windows\SettingSync\BackupTask
Task: {D88FEC9E-A82A-46F9-87E2-B6B97B301C1A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {DA46820F-FF8A-4B5E-A6B2-B12185DCFFFB} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Logon Synchronization
Task: {E6D378FA-E068-4BCB-80DE-56D43A249507} - System32\Tasks\Microsoft\Windows\RecoveryEnvironment\VerifyWinRE
Task: {FC2CE283-7ACD-401D-8449-AD8FCB9D2C7D} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2014-08-01] (Microsoft Corporation)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
 
==================== Loaded Modules (whitelisted) =============
 
2014-07-03 07:21 - 2014-05-20 02:25 - 00116568 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2014-08-28 15:20 - 2014-08-28 15:20 - 08892576 _____ () C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\1033\GrooveIntlResource.dll
2014-08-01 11:02 - 2014-05-20 09:19 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2014-07-26 21:29 - 2014-07-26 21:29 - 00076888 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2013-12-24 02:22 - 2013-12-24 02:22 - 00011264 _____ () C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\ActivateDesktopDebugger\ActivateDesktopDebugger.dll
2013-12-24 02:20 - 2013-12-24 02:20 - 00086016 _____ () C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\Map\MAP.dll
2013-12-24 02:26 - 2013-12-24 02:26 - 00012928 _____ () C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ActivateDesktop.exe
2014-07-02 22:54 - 2014-07-02 22:54 - 00866584 _____ () C:\Program Files\Logitech Gaming Software\libGLESv2.dll
2014-07-02 22:59 - 2014-07-02 22:59 - 01050904 _____ () C:\Program Files\Logitech Gaming Software\platforms\qwindows.dll
2014-07-02 22:54 - 2014-07-02 22:54 - 00059160 _____ () C:\Program Files\Logitech Gaming Software\libEGL.dll
2014-07-02 22:59 - 2014-07-02 22:59 - 00242456 _____ () C:\Program Files\Logitech Gaming Software\imageformats\qjpeg.dll
2014-07-28 18:40 - 2014-07-28 18:40 - 00103424 _____ () D:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
2014-03-17 02:23 - 2014-03-17 02:23 - 00003132 _____ () D:\Program Files (x86)\DAEMON Tools Pro Advanced\MSIMG32.dll
2014-08-08 11:30 - 2014-08-08 11:30 - 00316584 _____ () C:\Program Files\Microsoft Office 15\Root\VFS\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\AppVIsvStream32.dll
2014-08-29 14:48 - 2014-08-21 19:15 - 01171456 _____ () D:\Program Files (x86)\Steam\libavcodec-56.dll
2014-08-29 14:48 - 2014-08-21 19:15 - 00332800 _____ () D:\Program Files (x86)\Steam\libavresample-2.dll
2014-08-29 14:48 - 2014-08-21 19:15 - 00442368 _____ () D:\Program Files (x86)\Steam\libavutil-54.dll
2014-08-29 14:48 - 2014-08-20 23:38 - 00774656 _____ () D:\Program Files (x86)\Steam\SDL2.dll
2014-08-29 14:48 - 2014-08-28 12:48 - 02224320 _____ () D:\Program Files (x86)\Steam\video.dll
2014-08-29 14:48 - 2014-08-21 19:15 - 00403968 _____ () D:\Program Files (x86)\Steam\libavformat-56.dll
2014-08-29 14:48 - 2014-08-21 19:15 - 00485888 _____ () D:\Program Files (x86)\Steam\libswscale-3.dll
2014-08-29 14:48 - 2014-08-28 12:48 - 00678080 _____ () D:\Program Files (x86)\Steam\bin\chromehtml.DLL
2014-09-10 18:52 - 2014-09-10 18:52 - 00155232 ___HT () C:\Users\James\AppData\Local\Temp\~D18D.tmp
2014-06-14 11:30 - 2014-06-14 11:30 - 00220816 _____ () D:\Program Files (x86)\Mumble\opus.dll
2011-07-13 22:27 - 2011-07-13 22:27 - 02304512 _____ () D:\Program Files (x86)\Mumble\libsndfile-1.dll
2014-01-30 00:00 - 2014-01-30 00:00 - 04469248 _____ () D:\Program Files (x86)\Mumble\libmysql.dll
2014-06-14 11:30 - 2014-06-14 11:30 - 00115344 _____ () D:\Program Files (x86)\Mumble\ZLIB1.dll
2014-06-14 11:30 - 2014-06-14 11:30 - 00169104 _____ () D:\Program Files (x86)\Mumble\speex.dll
2014-06-14 11:30 - 2014-06-14 11:30 - 00074384 _____ () D:\Program Files (x86)\Mumble\celt0.0.7.0.sse2.dll
2014-06-14 11:30 - 2014-06-14 11:30 - 00090256 _____ () D:\Program Files (x86)\Mumble\celt0.0.11.0.sse2.dll
2014-06-14 11:30 - 2014-06-14 11:30 - 00135312 _____ () D:\Program Files (x86)\Mumble\mumble_ol.dll
2014-06-14 11:30 - 2014-08-09 17:07 - 00046912 _____ () D:\Program Files (x86)\Mumble\plugins\aoc.dll
2014-06-14 11:30 - 2014-08-09 17:07 - 00030528 _____ () D:\Program Files (x86)\Mumble\plugins\arma2.dll
2014-06-14 11:30 - 2014-08-09 17:07 - 00030528 _____ () D:\Program Files (x86)\Mumble\plugins\bf1942.dll
2014-06-14 11:30 - 2014-08-09 17:07 - 00048960 _____ () D:\Program Files (x86)\Mumble\plugins\bf2.dll
2014-06-14 11:30 - 2014-08-09 17:07 - 00032064 _____ () D:\Program Files (x86)\Mumble\plugins\bf2142.dll
2014-06-14 11:30 - 2014-08-09 17:07 - 00048960 _____ () D:\Program Files (x86)\Mumble\plugins\bf3.dll
2014-06-14 11:30 - 2014-08-09 17:07 - 00030528 _____ () D:\Program Files (x86)\Mumble\plugins\bfbc2.dll
2014-06-14 11:30 - 2014-08-09 17:07 - 00030528 _____ () D:\Program Files (x86)\Mumble\plugins\bfheroes.dll
2014-06-14 11:30 - 2014-08-09 17:07 - 00032064 _____ () D:\Program Files (x86)\Mumble\plugins\blacklight.dll
2014-06-14 11:30 - 2014-08-09 17:07 - 00033600 _____ () D:\Program Files (x86)\Mumble\plugins\borderlands.dll
2014-06-14 11:30 - 2014-08-09 17:07 - 00032064 _____ () D:\Program Files (x86)\Mumble\plugins\borderlands2.dll
2014-06-14 11:30 - 2014-08-09 17:07 - 00030528 _____ () D:\Program Files (x86)\Mumble\plugins\breach.dll
2014-06-14 11:30 - 2014-08-09 17:07 - 00030528 _____ () D:\Program Files (x86)\Mumble\plugins\cod2.dll
2014-06-14 11:30 - 2014-08-09 17:07 - 00032576 _____ () D:\Program Files (x86)\Mumble\plugins\cod4.dll
2014-06-14 11:30 - 2014-08-09 17:07 - 00030528 _____ () D:\Program Files (x86)\Mumble\plugins\cod5.dll
2014-06-14 11:30 - 2014-08-09 17:07 - 00030528 _____ () D:\Program Files (x86)\Mumble\plugins\codmw2.dll
2014-06-14 11:30 - 2014-08-09 17:07 - 00030528 _____ () D:\Program Files (x86)\Mumble\plugins\codmw2so.dll
2014-06-14 11:30 - 2014-08-09 17:07 - 00032064 _____ () D:\Program Files (x86)\Mumble\plugins\cs.dll
2014-06-14 11:30 - 2014-08-09 17:07 - 00047424 _____ () D:\Program Files (x86)\Mumble\plugins\dys.dll
2014-06-14 11:30 - 2014-08-09 17:07 - 00032576 _____ () D:\Program Files (x86)\Mumble\plugins\etqw.dll
2014-06-14 11:30 - 2014-08-09 17:07 - 00047424 _____ () D:\Program Files (x86)\Mumble\plugins\gmod.dll
2014-06-14 11:30 - 2014-08-09 17:07 - 00031040 _____ () D:\Program Files (x86)\Mumble\plugins\gtaiv.dll
2014-06-14 11:30 - 2014-08-09 17:07 - 00032576 _____ () D:\Program Files (x86)\Mumble\plugins\gw.dll
2014-06-14 11:30 - 2014-08-09 17:07 - 00047424 _____ () D:\Program Files (x86)\Mumble\plugins\insurgency.dll
2014-06-14 11:30 - 2014-08-09 17:07 - 00030528 _____ () D:\Program Files (x86)\Mumble\plugins\jc2.dll
2014-06-14 11:30 - 2014-08-09 17:07 - 00032576 _____ () D:\Program Files (x86)\Mumble\plugins\l4d.dll
2014-06-14 11:30 - 2014-08-09 17:07 - 00041792 _____ () D:\Program Files (x86)\Mumble\plugins\l4d2.dll
2014-06-14 11:30 - 2014-08-09 17:07 - 00028992 _____ () D:\Program Files (x86)\Mumble\plugins\link.dll
2014-06-14 11:30 - 2014-08-09 17:07 - 00032576 _____ () D:\Program Files (x86)\Mumble\plugins\lol.dll
2014-06-14 11:30 - 2014-08-09 17:07 - 00032576 _____ () D:\Program Files (x86)\Mumble\plugins\lotro.dll
2014-06-14 11:30 - 2014-08-09 17:07 - 00081216 _____ () D:\Program Files (x86)\Mumble\plugins\manual.dll
2014-06-14 11:30 - 2014-08-09 17:07 - 00033088 _____ () D:\Program Files (x86)\Mumble\plugins\sto.dll
2014-06-14 11:30 - 2014-08-09 17:07 - 00030528 _____ () D:\Program Files (x86)\Mumble\plugins\ut2004.dll
2014-06-14 11:30 - 2014-08-09 17:07 - 00030528 _____ () D:\Program Files (x86)\Mumble\plugins\ut3.dll
2014-06-14 11:30 - 2014-08-09 17:07 - 00042304 _____ () D:\Program Files (x86)\Mumble\plugins\ut99.dll
2014-06-14 11:30 - 2014-08-09 17:07 - 00034624 _____ () D:\Program Files (x86)\Mumble\plugins\wolfet.dll
2014-06-14 11:30 - 2014-08-09 17:07 - 00041792 _____ () D:\Program Files (x86)\Mumble\plugins\wow.dll
2014-08-29 14:48 - 2014-08-20 23:38 - 34589376 _____ () D:\Program Files (x86)\Steam\bin\libcef.dll
2014-03-20 11:43 - 2014-03-20 11:43 - 01241560 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\ACE.dll
2014-08-29 14:48 - 2014-08-20 23:38 - 00837824 _____ () D:\Program Files (x86)\Steam\bin\ffmpegsumo.dll
2014-09-03 01:04 - 2014-09-03 01:04 - 00198144 _____ () D:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\bin\launcher.dll
2014-08-01 23:32 - 2014-08-01 23:32 - 00308224 _____ () D:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\bin\tier0.dll
2014-09-03 01:04 - 2014-09-03 01:04 - 00203776 _____ () D:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\bin\vstdlib.dll
2014-09-03 01:04 - 2014-09-03 01:04 - 00387072 _____ () D:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\bin\filesystem_stdio.dll
2014-09-03 01:04 - 2014-09-03 01:04 - 05838848 _____ () d:\program files (x86)\steam\steamapps\common\counter-strike global offensive\bin\engine.dll
2014-09-03 01:04 - 2014-09-03 01:04 - 00155648 _____ () d:\program files (x86)\steam\steamapps\common\counter-strike global offensive\bin\inputsystem.dll
2014-09-03 01:04 - 2014-09-03 01:04 - 01174528 _____ () d:\program files (x86)\steam\steamapps\common\counter-strike global offensive\bin\vphysics.dll
2014-09-03 01:04 - 2014-09-03 01:04 - 01240064 _____ () d:\program files (x86)\steam\steamapps\common\counter-strike global offensive\bin\materialsystem.dll
2014-09-03 01:04 - 2014-09-03 01:04 - 00352256 _____ () d:\program files (x86)\steam\steamapps\common\counter-strike global offensive\bin\datacache.dll
2014-09-03 01:04 - 2014-09-03 01:04 - 00608256 _____ () d:\program files (x86)\steam\steamapps\common\counter-strike global offensive\bin\studiorender.dll
2014-09-03 01:04 - 2014-09-03 01:04 - 00164864 _____ () d:\program files (x86)\steam\steamapps\common\counter-strike global offensive\bin\soundemittersystem.dll
2014-09-03 01:04 - 2014-09-03 01:04 - 00708096 _____ () d:\program files (x86)\steam\steamapps\common\counter-strike global offensive\bin\vscript.dll
2014-09-03 01:04 - 2014-09-03 01:04 - 00134656 _____ () d:\program files (x86)\steam\steamapps\common\counter-strike global offensive\bin\valve_avi.dll
2014-09-03 01:04 - 2014-09-03 01:04 - 01338880 _____ () d:\program files (x86)\steam\steamapps\common\counter-strike global offensive\bin\vguimatsurface.dll
2014-09-03 01:04 - 2014-09-03 01:04 - 00397312 _____ () d:\program files (x86)\steam\steamapps\common\counter-strike global offensive\bin\vgui2.dll
2014-09-03 01:04 - 2014-09-03 01:04 - 03186176 _____ () d:\program files (x86)\steam\steamapps\common\counter-strike global offensive\bin\scaleformui.dll
2014-09-03 01:04 - 2014-09-03 01:04 - 01763328 _____ () D:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\bin\shaderapidx9.dll
2014-09-03 01:04 - 2014-09-03 01:04 - 00143872 _____ () d:\program files (x86)\steam\steamapps\common\counter-strike global offensive\bin\localize.dll
2014-09-03 01:04 - 2014-09-03 01:04 - 00231424 _____ () d:\program files (x86)\steam\steamapps\common\counter-strike global offensive\bin\stdshader_dbg.dll
2014-09-03 01:04 - 2014-09-03 01:04 - 00987648 _____ () d:\program files (x86)\steam\steamapps\common\counter-strike global offensive\bin\stdshader_dx9.dll
2014-09-03 01:04 - 2014-09-03 01:04 - 01059840 _____ () D:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\bin\chromehtml.dll
2014-07-28 18:40 - 2014-07-28 18:40 - 20625832 _____ () D:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\bin\libcef.dll
2014-07-28 18:40 - 2014-07-28 18:40 - 01099616 _____ () D:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\bin\avcodec-53.dll
2014-07-28 18:40 - 2014-07-28 18:40 - 00123232 _____ () D:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\bin\avutil-51.dll
2014-07-28 18:40 - 2014-07-28 18:40 - 00190816 _____ () D:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\bin\avformat-53.dll
2014-09-03 01:04 - 2014-09-03 01:04 - 00583680 _____ () d:\program files (x86)\steam\steamapps\common\counter-strike global offensive\csgo\bin\matchmaking.dll
2014-09-03 01:04 - 2014-09-03 01:04 - 11924992 _____ () d:\program files (x86)\steam\steamapps\common\counter-strike global offensive\csgo\bin\client.dll
2014-09-03 01:04 - 2014-09-03 01:04 - 09738240 _____ () d:\program files (x86)\steam\steamapps\common\counter-strike global offensive\csgo\bin\server.dll
2014-09-03 01:04 - 2014-09-03 01:04 - 00094720 _____ () D:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\bin\scenefilecache.dll
2014-07-28 18:40 - 2014-07-28 18:40 - 00068096 _____ () d:\program files (x86)\steam\steamapps\common\counter-strike global offensive\bin\vaudio_miles.dll
2014-07-28 18:40 - 2014-07-28 18:40 - 00095744 _____ () d:\program files (x86)\steam\steamapps\common\counter-strike global offensive\bin\mssmp3.asi
2014-07-28 18:40 - 2014-07-28 18:40 - 00153600 _____ () d:\program files (x86)\steam\steamapps\common\counter-strike global offensive\bin\mssvoice.asi
2014-07-28 18:40 - 2014-07-28 18:40 - 00013312 _____ () d:\program files (x86)\steam\steamapps\common\counter-strike global offensive\bin\mssds3d.flt
2014-07-28 18:40 - 2014-07-28 18:40 - 00060416 _____ () d:\program files (x86)\steam\steamapps\common\counter-strike global offensive\bin\msseax.flt
2014-09-03 01:04 - 2014-09-03 01:04 - 00969216 _____ () d:\program files (x86)\steam\steamapps\common\counter-strike global offensive\bin\serverbrowser.dll
2014-09-03 01:04 - 2014-09-03 01:04 - 00176128 _____ () d:\program files (x86)\steam\steamapps\common\counter-strike global offensive\bin\vaudio_speex.dll
2014-07-25 20:21 - 2014-07-15 10:24 - 00718664 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.125\libglesv2.dll
2014-07-25 20:21 - 2014-07-15 10:24 - 00126280 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.125\libegl.dll
2014-07-25 20:21 - 2014-07-15 10:24 - 08537928 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.125\pdf.dll
2014-07-25 20:21 - 2014-07-15 10:24 - 00353096 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.125\ppGoogleNaClPluginChrome.dll
2014-07-25 20:21 - 2014-07-15 10:24 - 01732936 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.125\ffmpegsumo.dll
2014-07-25 20:21 - 2014-07-15 10:24 - 14664008 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.125\PepperFlash\pepflashplayer.dll
 
==================== Alternate Data Streams (whitelisted) =========
 
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
 
AlternateDataStreams: C:\Users\James\OneDrive:ms-properties
AlternateDataStreams: C:\Users\James\OneDrive.old:ms-properties
 
==================== Safe Mode (whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\McMPFSvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
 
==================== EXE Association (whitelisted) =============
 
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
 
 
==================== MSCONFIG/TASK MANAGER disabled items =========
 
(Currently there is no automatic fix for this section.)
 
HKCU\...\StartupApproved\Run: => "CMD"
 
==================== Faulty Device Manager Devices =============
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (09/10/2014 06:51:29 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: vlc.exe, version: 2.1.3.0, time stamp: 0x00000000
Faulting module name: vlc.exe, version: 2.1.3.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x00000000000019a8
Faulting process ID: 0x14d0
Faulting application start time: 0xvlc.exe0
Faulting application path: vlc.exe1
Faulting module path: vlc.exe2
Report ID: vlc.exe3
Faulting package full name: vlc.exe4
Faulting package-relative application ID: vlc.exe5
 
Error: (09/10/2014 04:49:39 PM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: )
Description: Subscription licensing service failed: -1073415161
 
Error: (09/10/2014 04:34:31 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: chromeinstall-7u67.exe, version: 7.0.670.1, time stamp: 0x53d2c4f9
Faulting module name: chromeinstall-7u67.exe, version: 7.0.670.1, time stamp: 0x53d2c4f9
Exception code: 0xc0000409
Fault offset: 0x00012635
Faulting process ID: 0x460
Faulting application start time: 0xchromeinstall-7u67.exe0
Faulting application path: chromeinstall-7u67.exe1
Faulting module path: chromeinstall-7u67.exe2
Report ID: chromeinstall-7u67.exe3
Faulting package full name: chromeinstall-7u67.exe4
Faulting package-relative application ID: chromeinstall-7u67.exe5
 
Error: (09/09/2014 04:49:39 PM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: )
Description: Subscription licensing service failed: -1073415161
 
Error: (09/09/2014 00:31:33 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: deadrising3.exe, version: 1.0.0.0, time stamp: 0x53fe8cba
Faulting module name: deadrising3.exe, version: 1.0.0.0, time stamp: 0x53fe8cba
Exception code: 0xc0000005
Fault offset: 0x0000000000b90082
Faulting process ID: 0x1044
Faulting application start time: 0xdeadrising3.exe0
Faulting application path: deadrising3.exe1
Faulting module path: deadrising3.exe2
Report ID: deadrising3.exe3
Faulting package full name: deadrising3.exe4
Faulting package-relative application ID: deadrising3.exe5
 
Error: (09/08/2014 10:32:51 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: vlc.exe, version: 2.1.3.0, time stamp: 0x00000000
Faulting module name: vlc.exe, version: 2.1.3.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x00000000000019a8
Faulting process ID: 0x378
Faulting application start time: 0xvlc.exe0
Faulting application path: vlc.exe1
Faulting module path: vlc.exe2
Report ID: vlc.exe3
Faulting package full name: vlc.exe4
Faulting package-relative application ID: vlc.exe5
 
Error: (09/08/2014 08:59:12 PM) (Source: Microsoft-Windows-Defrag) (EventID: 257) (User: )
Description: The volume WINRE was not optimised because an error was encountered: The parameter is incorrect. (0x80070057)
 
Error: (09/08/2014 04:49:39 PM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: )
Description: Subscription licensing service failed: -1073415161
 
Error: (09/08/2014 00:48:13 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: TS4.exe, version: 1.0.671.10, time stamp: 0x54096859
Faulting module name: TS4.exe, version: 1.0.671.10, time stamp: 0x54096859
Exception code: 0xc0000005
Fault offset: 0x002a9b60
Faulting process ID: 0x17d8
Faulting application start time: 0xTS4.exe0
Faulting application path: TS4.exe1
Faulting module path: TS4.exe2
Report ID: TS4.exe3
Faulting package full name: TS4.exe4
Faulting package-relative application ID: TS4.exe5
 
Error: (09/08/2014 00:30:08 AM) (Source: Application Error) (EventID: 1005) (User: )
Description: Windows cannot access the file  for one of the following reasons:
there is a problem with the network connection, the disk that the file is stored on, or the storage
drivers installed on this computer; or the disk is missing.
Windows closed the program The Sims™ 4 because of this error.
 
Program: The Sims™ 4
File: 
 
The error value is listed in the Additional Data section.
User Action
1. Open the file again.
This situation might be a temporary problem that corrects itself when the program runs again.
2.
If the file still cannot be accessed and
- It is on the network,
your network administrator should verify that there is not a problem with the network and that the server can be contacted.
- It is on a removable disk, for example, a floppy disk or CD-ROM, verify that the disk is fully inserted into the computer.
3. Check and repair the file system by running CHKDSK. To run CHKDSK, click Start, click Run, type CMD, and then click OK. At the command prompt, type CHKDSK /F, and then press ENTER.
4. If the problem persists, restore the file from a backup copy.
5. Determine whether other files on the same disk can be opened. If not, the disk might be damaged. If it is a hard disk, contact your administrator or computer hardware vendor for
further assistance.
 
Additional Data
Error value: 00000000
Disk type: 0
 
 
System errors:
=============
Error: (09/10/2014 05:17:21 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Google Update Service (gupdate) service failed to start due to the following error: 
%%2
 
Error: (09/10/2014 05:15:22 PM) (Source: DCOM) (EventID: 10016) (User: MUZ)
Description: application-specificLocalLaunch{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}MuzJamesS-1-5-21-3974639238-3188545945-4294417750-1001LocalHost (Using LRPC)UnavailableUnavailable
 
Error: (09/10/2014 05:15:22 PM) (Source: DCOM) (EventID: 10016) (User: MUZ)
Description: application-specificLocalLaunch{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}MuzJamesS-1-5-21-3974639238-3188545945-4294417750-1001LocalHost (Using LRPC)UnavailableUnavailable
 
Error: (09/10/2014 05:15:21 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The McAfee OOBE Service2 service failed to start due to the following error: 
%%2
 
Error: (09/10/2014 04:49:31 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Google Update Service (gupdate) service failed to start due to the following error: 
%%2
 
Error: (09/10/2014 04:47:30 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The McAfee OOBE Service2 service failed to start due to the following error: 
%%2
 
Error: (09/10/2014 04:39:44 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Google Update Service (gupdate) service failed to start due to the following error: 
%%2
 
Error: (09/10/2014 04:37:44 PM) (Source: DCOM) (EventID: 10016) (User: MUZ)
Description: application-specificLocalLaunch{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}MuzJamesS-1-5-21-3974639238-3188545945-4294417750-1001LocalHost (Using LRPC)UnavailableUnavailable
 
Error: (09/10/2014 04:37:44 PM) (Source: DCOM) (EventID: 10016) (User: MUZ)
Description: application-specificLocalLaunch{7022A3B3-D004-4F52-AF11-E9E987FEE25F}{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}MuzJamesS-1-5-21-3974639238-3188545945-4294417750-1001LocalHost (Using LRPC)UnavailableUnavailable
 
Error: (09/10/2014 04:37:44 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The McAfee OOBE Service2 service failed to start due to the following error: 
%%2
 
 
Microsoft Office Sessions:
=========================
Error: (09/10/2014 06:51:29 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: vlc.exe2.1.3.000000000vlc.exe2.1.3.000000000c000000500000000000019a814d001cfcd1d2b4b66f6D:\Program Files (x86)\VLC\vlc.exeD:\Program Files (x86)\VLC\vlc.exe17445ead-3913-11e4-828a-74d43588ab6b
 
Error: (09/10/2014 04:49:39 PM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: )
Description: Subscription licensing service failed: -1073415161
 
Error: (09/10/2014 04:34:31 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: chromeinstall-7u67.exe7.0.670.153d2c4f9chromeinstall-7u67.exe7.0.670.153d2c4f9c00004090001263546001cfcd0ca9071628D:\Downloads\chromeinstall-7u67.exeD:\Downloads\chromeinstall-7u67.exef507254c-38ff-11e4-8287-74d43588ab6b
 
Error: (09/09/2014 04:49:39 PM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: )
Description: Subscription licensing service failed: -1073415161
 
Error: (09/09/2014 00:31:33 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: deadrising3.exe1.0.0.053fe8cbadeadrising3.exe1.0.0.053fe8cbac00000050000000000b90082104401cfcbbd000c9cafD:\Program Files (x86)\Dead Rising 3\deadrising3.exeD:\Program Files (x86)\Dead Rising 3\deadrising3.exe4433a2eb-37b0-11e4-8284-74d43588ab6b
 
Error: (09/08/2014 10:32:51 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: vlc.exe2.1.3.000000000vlc.exe2.1.3.000000000c000000500000000000019a837801cfcba88f0b80d5D:\Program Files (x86)\VLC\vlc.exeD:\Program Files (x86)\VLC\vlc.exeaf3925aa-379f-11e4-8284-74d43588ab6b
 
Error: (09/08/2014 08:59:12 PM) (Source: Microsoft-Windows-Defrag) (EventID: 257) (User: )
Description: WINREThe parameter is incorrect. (0x80070057)
 
Error: (09/08/2014 04:49:39 PM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: )
Description: Subscription licensing service failed: -1073415161
 
Error: (09/08/2014 00:48:13 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: TS4.exe1.0.671.1054096859TS4.exe1.0.671.1054096859c0000005002a9b6017d801cfcaf3a70f20b1D:\Downloads\The SIMS 4-Deluxe Edition-SKIDROWCRACK\Game\Bin\TS4.exeD:\Downloads\The SIMS 4-Deluxe Edition-SKIDROWCRACK\Game\Bin\TS4.exe6e0f4dae-36e9-11e4-8284-74d43588ab6b
 
Error: (09/08/2014 00:30:08 AM) (Source: Application Error) (EventID: 1005) (User: )
Description: The Sims™ 4000000000
 
 
==================== Memory info =========================== 
 
Processor: Intel® Core™ i7-4790K CPU @ 4.00GHz
Percentage of memory in use: 20%
Total physical RAM: 16244.64 MB
Available physical RAM: 12876.1 MB
Total Pagefile: 18676.64 MB
Available Pagefile: 14712.54 MB
Total Virtual: 131072 MB
Available Virtual: 131071.84 MB
 
==================== Drives ================================
 
Drive c: (WINDOWS) (Fixed) (Total:108.07 GB) (Free:63.31 GB) NTFS
Drive d: (DATA) (Fixed) (Total:1863.02 GB) (Free:1552.89 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (Size: 119.2 GB) (Disk ID: 27035B65)
 
Partition: GPT Partition Type.
 
========================================================
Disk: 1 (Size: 1863 GB) (Disk ID: 27035B43)
 
Partition: GPT Partition Type.
 
==================== End Of Log ============================
 
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 10-09-2014
Ran by James (administrator) on MUZ on 10-09-2014 19:37:04
Running from D:\Downloads
Platform: Windows 8.1 (X64) OS Language: English (United Kingdom)
Internet Explorer Version 11
Boot Mode: Normal
 
The only official download link for FRST:
Download link from any site other than Bleeping Computer is unpermitted or outdated.
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Windows ® Win 7 DDK provider) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\AdminService.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Malwarebytes Corporation) D:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) D:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Malwarebytes Corporation) D:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Disc Soft Ltd) D:\Program Files (x86)\DAEMON Tools Pro Advanced\DTShellHlp.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\CSISYNCCLIENT.EXE
(Qualcomm®Atheros®) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
() C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ActivateDesktop.exe
(Pixart Imaging Inc) C:\Windows\System32\TiltWheelMouse.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
(Valve Corporation) D:\Program Files (x86)\Steam\Steam.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Thorvald Natvig) D:\Program Files (x86)\Mumble\mumble.exe
(Mikkel Krautz) D:\Program Files (x86)\Mumble\mumble-g15-helper.exe
(Valve Corporation) D:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
(Intel Corporation) C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Valve Corporation) D:\Program Files (x86)\Steam\bin\steamwebhelper.exe
() D:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe
(Valve Corporation) D:\Program Files (x86)\Steam\GameOverlayUI.exe
(Valve Corporation) D:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7575768 2014-05-14] (Realtek Semiconductor)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [287592 2014-04-11] (Intel Corporation)
HKLM\...\Run: [MouseDriver] => C:\Windows\system32\TiltWheelMouse.exe [241152 2013-04-09] (Pixart Imaging Inc)
HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [10464536 2014-07-02] (Logitech Inc.)
HKLM-x32\...\Run: [ATLauncher] => "C:\Program Files\McAfee\MSC\OOBE\ATLauncher.exe" /createshortcuts:1
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-07-25] (Oracle Corporation)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2014-05-08] (Adobe Systems Incorporated)
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe [133760 2013-12-24] ( (Qualcomm®Atheros®))
HKU\S-1-5-21-3974639238-3188545945-4294417750-1001\...\Run: [Steam] => D:\Program Files (x86)\Steam\steam.exe [1939136 2014-08-28] (Valve Corporation)
HKU\S-1-5-21-3974639238-3188545945-4294417750-1001\...\Run: [DAEMON Tools Pro Agent] => D:\Program Files (x86)\DAEMON Tools Pro Advanced\DTAgent.exe [3127840 2014-02-19] (Disc Soft Ltd)
HKU\S-1-5-21-3974639238-3188545945-4294417750-1001\...\Run: [CMD] => cmd.exe /c start http://extendedunlimited.org && exit <===== ATTENTION
HKU\S-1-5-21-3974639238-3188545945-4294417750-1001\...\MountPoints2: {3c2d0a6a-1960-11e4-8275-74d43588ab6b} - "F:\SETUP.EXE" 
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://localoem.msn.com
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.google.com
SearchScopes: HKLM - {8B701AE8-873D-4DA4-8866-65C16FDD60A2} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MASBJS
SearchScopes: HKLM-x32 - {8B701AE8-873D-4DA4-8866-65C16FDD60A2} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MASBJS
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
 
FireFox:
========
FF ProfilePath: C:\Users\James\AppData\Roaming\Mozilla\Firefox\Profiles\52og8dxu.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll ()
FF Plugin: @videolan.org/vlc,version=2.1.3 -> D:\Program Files (x86)\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 -> C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF Plugin-x32: @esn/esnlaunch,version=2.3.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.3.0\npesnlaunch.dll (ESN Social Software AB)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3522.0110 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll No File
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Extension: No Name - C:\Users\James\AppData\Roaming\Mozilla\Firefox\Profiles\52og8dxu.default\Extensions\staged [2014-07-27]
FF Extension: Adblock Plus - C:\Users\James\AppData\Roaming\Mozilla\Firefox\Profiles\52og8dxu.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-07-26]
FF Extension: No Name - D:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} [Not Found]
 
Chrome: 
=======
CHR HomePage: Default -> https://www.google.co.uk/
CHR StartupUrls: Default -> "https://www.google.co.uk/"
CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter}
CHR Profile: C:\Users\James\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\James\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-07-25]
CHR Extension: (Google Drive) - C:\Users\James\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-07-25]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\James\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-07-25]
CHR Extension: (YouTube) - C:\Users\James\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-07-25]
CHR Extension: (Google Search) - C:\Users\James\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-07-25]
CHR Extension: (AdBlock) - C:\Users\James\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-07-25]
CHR Extension: (Google Wallet) - C:\Users\James\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-07-25]
CHR Extension: (Gmail) - C:\Users\James\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-07-25]
CHR HKLM\...\Chrome\Extension: [jeaohhlajejodfjadcponpnjgkiikocn] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx []
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
 
==================== Services (Whitelisted) =================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 AtherosSvc; C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe [318592 2013-12-24] (Windows ® Win 7 DDK provider)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2369720 2014-08-01] (Microsoft Corporation)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [16232 2014-04-11] (Intel Corporation)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [315352 2014-05-21] (Intel Corporation)
S3 Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [887232 2014-01-31] (Intel® Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [154584 2014-03-20] (Intel Corporation)
R3 KeyIso; C:\Windows\SysWOW64\keyiso.dll [44032 2013-08-22] (Microsoft Corporation)
S3 lfsvc; C:\Windows\SysWOW64\GeofenceMonitorService.dll [357376 2014-03-14] (Microsoft Corporation)
R2 MBAMScheduler; D:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation)
R2 MBAMService; D:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation)
S3 McAWFwk; c:\Program Files\McAfee\MSC\McAWFwk.exe [332080 2012-01-26] (McAfee, Inc.)
S3 Netlogon; C:\Windows\SysWOW64\netlogon.dll [688640 2014-03-06] (Microsoft Corporation)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2014-07-26] ()
S3 smphost; C:\Windows\SysWOW64\smphost.dll [11776 2013-08-22] (Microsoft Corporation)
S3 StorSvc; C:\Windows\SysWOW64\storsvc.dll [18944 2013-08-22] (Microsoft Corporation)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347880 2014-03-24] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2014-03-24] (Microsoft Corporation)
S2 gupdate; "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /svc [X]
S3 gupdatem; "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /medsvc [X]
S2 McOobeSv2; "C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe" /McCoreSvc [X]
 
==================== Drivers (Whitelisted) ====================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
S3 amdiommu; C:\Windows\System32\drivers\amdkiomd.sys [77312 2013-12-06] (Advanced Micro Devices, Inc.) [File not signed]
S0 amdkmafd; C:\Windows\System32\drivers\amdkmafd.sys [21160 2012-09-23] (Advanced Micro Devices, Inc.)
S0 amdkmpfd; C:\Windows\System32\drivers\amdkmpfd.sys [36096 2013-05-21] (Advanced Micro Devices, Inc.)
R1 dtsoftbus01; C:\Windows\System32\drivers\dtsoftbus01.sys [283064 2014-08-03] (Disc Soft Ltd)
R3 e1dexpress; C:\Windows\system32\DRIVERS\e1d64x64.sys [457496 2014-03-14] (Intel Corporation)
R3 LGSHidFilt; C:\Windows\system32\DRIVERS\LGSHidFilt.Sys [64280 2013-05-30] (Logitech Inc.)
R3 LGSUsbFilt; C:\Windows\system32\DRIVERS\LGSUsbFilt.Sys [41752 2013-05-30] (Logitech Inc.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-05-12] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [122584 2014-09-10] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64216 2014-05-12] (Malwarebytes Corporation)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [118272 2014-03-20] (Intel Corporation)
S3 NETwNe64; C:\Windows\system32\DRIVERS\NETwew00.sys [3344352 2013-07-08] (Intel Corporation)
S3 t_mouse.sys; C:\Windows\system32\DRIVERS\t_mouse.sys [6144 2013-04-09] ()
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123224 2014-03-24] (Microsoft Corporation)
R3 xusb22; C:\Windows\System32\drivers\xusb22.sys [87040 2014-03-18] (Microsoft Corporation)
S3 ALSysIO; \??\C:\Users\James\AppData\Local\Temp\ALSysIO64.sys [X]
S3 cpuz136; \??\C:\Users\James\AppData\Local\Temp\cpuz136\cpuz136_x64.sys [X]
S3 WinRing0_1_2_0; \??\C:\Users\James\AppData\Local\Temp\Rar$EXa0.920\WinRing0x64.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
 
 
==================== One Month Created Files and Folders ========
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2014-09-10 16:45 - 2014-09-10 19:37 - 00000000 ____D () C:\FRST
2014-09-10 16:35 - 2014-09-10 16:38 - 00000000 ____D () C:\ProgramData\Adobe
2014-09-10 16:35 - 2014-09-10 16:36 - 00000000 ____D () C:\AdwCleaner
2014-09-10 16:35 - 2014-09-10 16:35 - 00002457 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-09-10 16:35 - 2014-09-10 16:35 - 00000000 ____D () C:\Program Files (x86)\Adobe
2014-09-10 16:35 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll
2014-09-10 16:34 - 2014-09-10 16:35 - 00000000 ____D () C:\Users\James\AppData\Local\Adobe
2014-09-10 16:25 - 2014-08-16 03:40 - 23591424 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-09-10 16:25 - 2014-08-16 03:04 - 17455104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-09-10 16:25 - 2014-08-16 03:00 - 05833728 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-09-10 16:25 - 2014-08-16 03:00 - 02793984 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-09-10 16:25 - 2014-08-16 02:56 - 00547328 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-09-10 16:25 - 2014-08-16 02:54 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-09-10 16:25 - 2014-08-16 02:45 - 04232704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-09-10 16:25 - 2014-08-16 02:43 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-09-10 16:25 - 2014-08-16 02:32 - 00446464 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-09-10 16:25 - 2014-08-16 02:25 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-09-10 16:25 - 2014-08-16 02:22 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-09-10 16:25 - 2014-08-16 02:20 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-09-10 16:25 - 2014-08-16 02:19 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-09-10 16:25 - 2014-08-16 02:18 - 02185728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-09-10 16:25 - 2014-08-16 02:18 - 00289280 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-09-10 16:25 - 2014-08-16 02:11 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-09-10 16:25 - 2014-08-16 02:06 - 00359424 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-09-10 16:25 - 2014-08-16 02:05 - 00727040 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-09-10 16:25 - 2014-08-16 02:05 - 00707072 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-09-10 16:25 - 2014-08-16 02:03 - 02104832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-09-10 16:25 - 2014-08-16 02:03 - 00365056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-09-10 16:25 - 2014-08-16 01:58 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-09-10 16:25 - 2014-08-16 01:56 - 02310656 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-09-10 16:25 - 2014-08-16 01:53 - 13588480 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-09-10 16:25 - 2014-08-16 01:53 - 00243200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-09-10 16:25 - 2014-08-16 01:53 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-09-10 16:25 - 2014-08-16 01:51 - 11769856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-09-10 16:25 - 2014-08-16 01:45 - 00603136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-09-10 16:25 - 2014-08-16 01:44 - 02014208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-09-10 16:25 - 2014-08-16 01:44 - 00312320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-09-10 16:25 - 2014-08-16 01:34 - 01447424 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-09-10 16:25 - 2014-08-16 01:20 - 01812992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-09-10 16:25 - 2014-08-16 01:18 - 00775168 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-09-10 16:25 - 2014-08-16 01:14 - 01190400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-09-10 16:25 - 2014-08-16 01:12 - 00678400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-09-10 16:13 - 2014-09-05 03:36 - 00097280 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2014-09-10 16:13 - 2014-09-05 03:31 - 00527360 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-09-10 16:13 - 2014-09-05 01:48 - 00738816 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-09-10 16:13 - 2014-08-02 01:18 - 01212928 _____ (Microsoft Corporation) C:\Windows\system32\schedsvc.dll
2014-09-10 16:13 - 2014-07-24 04:20 - 00875688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr120_clr0400.dll
2014-09-10 16:13 - 2014-07-24 04:20 - 00869544 _____ (Microsoft Corporation) C:\Windows\system32\msvcr120_clr0400.dll
2014-09-10 16:08 - 2014-09-10 17:57 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-09-10 16:08 - 2014-09-10 16:08 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-09-10 16:08 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-09-10 16:08 - 2014-05-12 07:26 - 00064216 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-09-10 16:08 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-09-10 01:22 - 2014-09-10 01:23 - 00000000 ____D () C:\ProgramData\Blizzard Entertainment
2014-09-10 01:22 - 2014-09-10 01:23 - 00000000 ____D () C:\ProgramData\Battle.net
2014-09-10 01:14 - 2014-09-10 01:14 - 00000859 _____ () C:\Users\Public\Desktop\Battle.net.lnk
2014-09-10 01:14 - 2014-09-10 01:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battle.net
2014-09-08 21:43 - 2014-09-08 21:43 - 00000000 ____D () C:\Users\James\AppData\Roaming\2K Sports
2014-09-07 05:00 - 2014-09-07 05:00 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2014-09-06 02:10 - 2014-09-06 16:00 - 00000000 ____D () C:\Program Files (x86)\Internet Download Manager
2014-09-06 02:10 - 2014-09-06 02:12 - 00000000 ____D () C:\Users\James\AppData\Roaming\IDM
2014-09-06 02:10 - 2014-09-06 02:10 - 00000000 ____D () C:\ProgramData\IDM
2014-09-05 02:59 - 2014-09-05 02:59 - 00000872 _____ () C:\Users\Public\Desktop\Dead Rising 3.lnk
2014-09-05 02:59 - 2014-09-05 02:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dead Rising 3
2014-09-04 21:28 - 2014-09-04 21:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Diablo III
2014-08-30 23:01 - 2014-09-02 23:45 - 00000000 ____D () C:\Users\James\AppData\Roaming\.minecraft
2014-08-28 18:44 - 2014-08-28 18:50 - 00000000 ____D () C:\Users\James\AppData\Local\DayZ
2014-08-28 15:06 - 2014-08-23 01:42 - 04148224 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-08-27 01:21 - 2014-08-27 01:21 - 00000000 ____D () C:\Users\James\AppData\Local\Ubisoft
2014-08-26 23:23 - 2014-08-29 14:53 - 00000000 ____D () C:\Users\James\AppData\Local\Ubisoft Game Launcher
2014-08-25 01:48 - 2014-08-25 01:48 - 00000000 ____D () C:\Users\James\AppData\Local\Blizzard
2014-08-22 22:15 - 2014-08-22 22:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPUID
2014-08-22 20:52 - 2014-08-22 20:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hearthstone
2014-08-21 01:26 - 2014-08-21 01:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\World of Warcraft
2014-08-20 18:12 - 2014-08-20 18:12 - 00000000 ____D () C:\Users\James\AppData\Roaming\TERA
2014-08-20 03:27 - 2014-09-04 02:52 - 00053760 ___SH () C:\Users\James\Desktop\Thumbs.db
2014-08-20 03:27 - 2014-08-20 03:27 - 00000000 ____D () C:\ProgramData\Blizzard
2014-08-17 14:39 - 2014-09-06 03:00 - 00000000 ____D () C:\Users\James\AppData\Roaming\DMCache
2014-08-16 23:36 - 2014-08-17 21:07 - 00000000 ____D () C:\Users\James\AppData\Roaming\Omerta
2014-08-16 23:33 - 2014-08-16 23:33 - 00000000 ____D () C:\Users\James\AppData\Roaming\Kalypso Media
2014-08-16 17:00 - 2014-08-16 17:00 - 00000000 ____D () C:\Users\James\AppData\Roaming\LolClient
2014-08-16 16:39 - 2014-08-16 16:39 - 00000000 ____D () C:\ProgramData\Riot Games
2014-08-16 16:38 - 2014-08-21 01:21 - 00000000 __SHD () C:\Windows\SysWOW64\AI_RecycleBin
2014-08-16 16:38 - 2014-08-16 16:38 - 00000000 ____D () C:\Users\James\AppData\Roaming\Riot Games
2014-08-16 16:38 - 2008-07-12 08:18 - 03851784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_39.dll
2014-08-16 16:38 - 2008-07-12 08:18 - 01493528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_39.dll
2014-08-16 16:38 - 2008-07-12 08:18 - 00467984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_39.dll
2014-08-14 21:06 - 2014-08-14 21:06 - 00000000 ____D () C:\Users\James\AppData\Roaming\.mono
2014-08-13 21:09 - 2014-08-13 21:09 - 00000886 _____ () C:\Users\James\Desktop\Strife.lnk
2014-08-13 21:09 - 2014-08-13 21:09 - 00000000 ____D () C:\Users\James\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Strife
2014-08-13 21:09 - 2014-08-13 21:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Strife
2014-08-13 13:40 - 2014-07-15 19:16 - 03048880 _____ (Microsoft Corporation) C:\Windows\system32\WpcMon.exe
2014-08-13 13:40 - 2014-07-15 09:29 - 03118080 _____ (Microsoft Corporation) C:\Windows\system32\Wpc.dll
2014-08-13 13:40 - 2014-07-15 09:22 - 02861056 _____ (Microsoft Corporation) C:\Windows\system32\WpcWebSync.dll
2014-08-13 13:40 - 2014-07-15 09:03 - 02344448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Wpc.dll
2014-08-13 13:40 - 2014-07-10 05:16 - 00716800 _____ (Microsoft Corporation) C:\Windows\system32\SkyDriveTelemetry.dll
2014-08-13 13:40 - 2014-07-10 05:03 - 04756992 _____ (Microsoft Corporation) C:\Windows\system32\SyncEngine.dll
2014-08-13 13:40 - 2014-07-10 04:33 - 01120256 _____ (Microsoft Corporation) C:\Windows\system32\SkyDrive.exe
2014-08-13 13:40 - 2014-06-20 02:48 - 01273184 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2014-08-13 13:40 - 2014-06-20 00:52 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2014-08-13 13:40 - 2014-06-13 02:15 - 00517528 _____ (Microsoft Corporation) C:\Windows\system32\dxgi.dll
2014-08-13 13:40 - 2014-06-13 02:14 - 01557848 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2014-08-13 13:40 - 2014-06-13 01:10 - 00406400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxgi.dll
2014-08-13 13:40 - 2014-06-09 23:13 - 00035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe
2014-08-13 13:40 - 2014-06-09 23:13 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2014-08-13 13:40 - 2014-06-06 12:34 - 02133504 _____ (Microsoft Corporation) C:\Windows\system32\dwmcore.dll
2014-08-13 13:40 - 2014-05-31 07:27 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2014-08-13 13:40 - 2014-05-17 05:59 - 16871936 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.dll
2014-08-13 13:40 - 2014-05-17 05:13 - 12711424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.dll
2014-08-13 13:40 - 2014-05-13 08:01 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\BulkOperationHost.exe
2014-08-13 13:40 - 2014-05-13 06:07 - 02844160 _____ (Microsoft Corporation) C:\Windows\system32\actxprxy.dll
2014-08-13 13:40 - 2014-05-13 05:41 - 00118272 _____ (Microsoft Corporation) C:\Windows\system32\winbici.dll
2014-08-13 13:40 - 2014-05-13 05:26 - 00285696 _____ (Microsoft Corporation) C:\Windows\system32\SkyDriveShell.dll
2014-08-13 13:40 - 2014-05-13 04:59 - 01035264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\actxprxy.dll
2014-08-13 13:40 - 2014-05-13 04:31 - 00265216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SkyDriveShell.dll
2014-08-13 13:40 - 2014-05-03 12:29 - 01726224 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2014-08-13 13:40 - 2014-05-03 10:20 - 01473080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2014-08-13 13:40 - 2014-05-03 06:36 - 00997888 _____ (Microsoft Corporation) C:\Windows\system32\reseteng.dll
2014-08-13 13:40 - 2014-05-03 06:19 - 00071168 _____ (Microsoft Corporation) C:\Windows\system32\ncobjapi.dll
2014-08-13 13:40 - 2014-05-03 06:08 - 00301056 _____ (Microsoft Corporation) C:\Windows\system32\framedynos.dll
2014-08-13 13:40 - 2014-05-03 06:07 - 00262656 _____ (Microsoft Corporation) C:\Windows\system32\framedyn.dll
2014-08-13 13:40 - 2014-05-03 05:46 - 00052736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncobjapi.dll
2014-08-13 13:40 - 2014-05-03 05:37 - 00235008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\framedynos.dll
2014-08-13 13:40 - 2014-05-03 05:37 - 00207360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\framedyn.dll
2014-08-13 13:40 - 2014-05-03 00:26 - 00050745 _____ () C:\Windows\system32\srms.dat
2014-08-13 13:40 - 2014-05-01 06:44 - 01025536 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2014-08-13 13:40 - 2014-04-30 07:43 - 00071680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vwififlt.sys
2014-08-13 13:40 - 2014-04-30 07:41 - 00402432 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2014-08-13 13:40 - 2014-04-30 07:41 - 00096768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\agilevpn.sys
2014-08-13 13:40 - 2014-04-30 07:41 - 00038912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vwifimp.sys
2014-08-13 13:40 - 2014-04-30 06:45 - 00123392 _____ (Microsoft Corporation) C:\Windows\system32\Robocopy.exe
2014-08-13 13:40 - 2014-04-30 05:48 - 00106496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Robocopy.exe
2014-08-13 13:40 - 2014-04-30 05:24 - 00065024 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcsvc6.dll
2014-08-13 13:40 - 2014-04-30 05:23 - 00353280 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcore.dll
2014-08-13 13:40 - 2014-04-30 05:23 - 00271872 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcore6.dll
2014-08-13 13:40 - 2014-04-30 05:23 - 00087552 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcsvc.dll
2014-08-13 13:40 - 2014-04-30 05:14 - 00827392 _____ (Microsoft Corporation) C:\Windows\system32\BFE.DLL
2014-08-13 13:40 - 2014-04-30 04:59 - 01063424 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2014-08-13 13:40 - 2014-04-30 04:46 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcore.dll
2014-08-13 13:40 - 2014-04-30 04:46 - 00229888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcore6.dll
2014-08-13 13:40 - 2014-04-30 04:46 - 00056320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcsvc6.dll
2014-08-13 13:40 - 2014-04-30 04:45 - 00062976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcsvc.dll
2014-08-13 13:40 - 2014-04-30 04:42 - 00403968 _____ (Microsoft Corporation) C:\Windows\system32\vpnike.dll
2014-08-13 13:40 - 2014-04-28 23:40 - 00721408 _____ (Microsoft Corporation) C:\Windows\system32\fveapi.dll
2014-08-13 13:40 - 2014-04-26 23:03 - 02140888 _____ (Microsoft Corporation) C:\Windows\system32\mfcore.dll
2014-08-13 13:40 - 2014-04-26 21:14 - 02144984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfcore.dll
2014-08-13 13:40 - 2014-04-26 17:39 - 00339456 _____ (Microsoft Corporation) C:\Windows\system32\bdesvc.dll
2014-08-13 13:40 - 2014-04-14 10:37 - 02125344 _____ (Microsoft Corporation) C:\Windows\system32\d3d9.dll
2014-08-13 13:40 - 2014-04-14 09:08 - 01797896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d9.dll
2014-08-13 13:40 - 2014-04-14 06:18 - 00011776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d8thk.dll
2014-08-13 13:40 - 2014-04-09 07:11 - 00226816 _____ (Microsoft Corporation) C:\Windows\system32\WebClnt.dll
2014-08-13 13:40 - 2014-04-09 06:20 - 00198656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebClnt.dll
2014-08-13 13:39 - 2014-08-07 03:12 - 01336624 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-08-13 13:39 - 2014-08-02 04:56 - 01064448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-08-13 13:39 - 2014-08-02 04:11 - 00918528 _____ (Microsoft Corporation) C:\Windows\system32\MrmCoreR.dll
2014-08-13 13:39 - 2014-07-12 05:17 - 00623616 _____ (Microsoft Corporation) C:\Windows\system32\MDMAgent.exe
2014-08-13 13:39 - 2014-06-05 15:13 - 00216368 _____ (Microsoft Corporation) C:\Windows\system32\rsaenh.dll
2014-08-13 13:39 - 2014-06-05 14:14 - 00189016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rsaenh.dll
2014-08-13 13:39 - 2014-06-04 10:27 - 00114520 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2014-08-13 13:39 - 2014-06-04 06:31 - 00356352 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2014-08-13 13:39 - 2014-06-04 06:22 - 02790912 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-08-13 13:39 - 2014-06-04 05:43 - 00281088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2014-08-13 13:39 - 2014-06-04 05:38 - 03304448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-08-13 13:39 - 2014-06-04 03:15 - 02642944 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2014-08-13 13:39 - 2014-06-04 03:14 - 02318336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2014-08-13 13:39 - 2014-06-02 03:10 - 00423768 _____ (Microsoft Corporation) C:\Windows\system32\hal.dll
2014-08-13 13:39 - 2014-05-31 11:07 - 00467800 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\USBHUB3.SYS
2014-08-13 13:39 - 2014-05-31 11:07 - 00440664 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2014-08-13 13:39 - 2014-05-31 11:07 - 00419672 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2014-08-13 13:39 - 2014-05-31 11:07 - 00089944 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2014-08-13 13:39 - 2014-05-31 11:07 - 00027480 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2014-08-13 13:39 - 2014-05-31 07:30 - 00037376 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2014-08-13 13:39 - 2014-05-31 07:27 - 00110592 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFPf.sys
2014-08-13 13:39 - 2014-05-31 07:26 - 00227840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFRd.sys
2014-08-13 13:39 - 2014-05-31 05:01 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\WUDFHost.exe
2014-08-13 13:39 - 2014-05-31 05:01 - 00209408 _____ (Microsoft Corporation) C:\Windows\system32\WUDFPlatform.dll
2014-08-13 13:39 - 2014-05-31 05:01 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\WUDFSvc.dll
2014-08-13 13:39 - 2014-05-27 16:53 - 02518360 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2014-08-13 13:39 - 2014-05-27 10:56 - 00323584 _____ (Microsoft Corporation) C:\Windows\system32\DaOtpCredentialProvider.dll
2014-08-13 13:39 - 2014-05-27 10:53 - 00270848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DaOtpCredentialProvider.dll
2014-08-12 22:35 - 2014-08-12 22:35 - 00000000 ____D () C:\Users\James\AppData\Local\Turbine
2014-08-11 15:39 - 2014-08-11 15:39 - 00001279 _____ () C:\Users\James\Desktop\OBS.lnk
 
==================== One Month Modified Files and Folders =======
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2014-09-10 19:37 - 2014-09-10 16:45 - 00000000 ____D () C:\FRST
2014-09-10 19:26 - 2014-07-25 20:21 - 00000904 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-09-10 19:00 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\sru
2014-09-10 18:51 - 2014-07-25 23:48 - 00000000 ____D () C:\Users\James\AppData\Local\CrashDumps
2014-09-10 18:51 - 2014-07-25 22:00 - 00000000 ____D () C:\Users\James\AppData\Roaming\vlc
2014-09-10 18:43 - 2014-07-26 17:12 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-09-10 18:42 - 2014-08-01 11:04 - 00004952 _____ () C:\Windows\System32\Tasks\Microsoft Office 15 Sync Maintenance for MUZ-James Muz
2014-09-10 18:40 - 2014-07-03 07:21 - 01625260 _____ () C:\Windows\WindowsUpdate.log
2014-09-10 17:57 - 2014-09-10 16:08 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-09-10 17:48 - 2014-07-25 17:51 - 00003600 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3974639238-3188545945-4294417750-1001
2014-09-10 17:21 - 2014-03-18 16:26 - 00865408 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-09-10 17:17 - 2014-07-03 08:23 - 00006462 _____ () C:\Windows\SysWOW64\Gms.log
2014-09-10 17:15 - 2014-07-26 00:52 - 00000000 __RDO () C:\Users\James\OneDrive
2014-09-10 17:15 - 2014-07-25 21:17 - 00000000 ____D () C:\Users\James\AppData\Roaming\Mumble
2014-09-10 17:15 - 2014-07-25 20:21 - 00000900 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-09-10 17:15 - 2013-08-22 15:45 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-09-10 16:47 - 2014-03-18 09:16 - 00060346 _____ () C:\Windows\PFRO.log
2014-09-10 16:47 - 2013-08-22 14:25 - 00262144 ___SH () C:\Windows\system32\config\BBI
2014-09-10 16:38 - 2014-09-10 16:35 - 00000000 ____D () C:\ProgramData\Adobe
2014-09-10 16:36 - 2014-09-10 16:35 - 00000000 ____D () C:\AdwCleaner
2014-09-10 16:35 - 2014-09-10 16:35 - 00002457 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-09-10 16:35 - 2014-09-10 16:35 - 00000000 ____D () C:\Program Files (x86)\Adobe
2014-09-10 16:35 - 2014-09-10 16:34 - 00000000 ____D () C:\Users\James\AppData\Local\Adobe
2014-09-10 16:31 - 2014-07-25 17:48 - 00003906 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{E2F072D0-7244-4B11-B8C9-D1F386B1A0AD}
2014-09-10 16:26 - 2014-07-26 19:10 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-09-10 16:26 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\SysWOW64\en-GB
2014-09-10 16:26 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\system32\en-GB
2014-09-10 16:26 - 2013-08-22 16:20 - 00000000 ____D () C:\Windows\CbsTemp
2014-09-10 16:25 - 2014-07-26 19:07 - 00000000 ____D () C:\Windows\system32\MRT
2014-09-10 16:25 - 2014-07-26 14:14 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-09-10 16:25 - 2014-07-26 14:14 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-09-10 16:25 - 2014-07-26 14:14 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-09-10 16:25 - 2014-07-26 14:14 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-09-10 16:25 - 2014-07-26 14:14 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-09-10 16:25 - 2014-07-26 14:14 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-09-10 16:25 - 2014-07-26 14:14 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-09-10 16:25 - 2014-07-26 14:14 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-09-10 16:25 - 2014-07-26 14:14 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-09-10 16:25 - 2014-07-26 14:14 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-09-10 16:25 - 2014-07-26 14:14 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-09-10 16:25 - 2014-07-26 14:14 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-09-10 16:25 - 2014-07-26 14:14 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-09-10 16:25 - 2014-07-26 14:14 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-09-10 16:25 - 2014-07-26 14:14 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-09-10 16:25 - 2014-07-26 14:14 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-09-10 16:24 - 2014-07-26 19:07 - 101694776 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-09-10 16:08 - 2014-09-10 16:08 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-09-10 03:19 - 2014-07-26 14:15 - 00006656 _____ () C:\Windows\system32\lpcio.dll
2014-09-10 03:19 - 2014-07-25 17:45 - 00000000 ____D () C:\Users\James
2014-09-10 03:17 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\AppReadiness
2014-09-10 02:03 - 2014-07-25 21:00 - 00000000 ____D () C:\Users\James\AppData\Roaming\OBS
2014-09-10 01:46 - 2014-08-06 22:54 - 00000000 ____D () C:\Users\James\AppData\Local\Battle.net
2014-09-10 01:23 - 2014-09-10 01:22 - 00000000 ____D () C:\ProgramData\Blizzard Entertainment
2014-09-10 01:23 - 2014-09-10 01:22 - 00000000 ____D () C:\ProgramData\Battle.net
2014-09-10 01:15 - 2014-07-25 21:25 - 00000000 ____D () C:\ProgramData\Package Cache
2014-09-10 01:14 - 2014-09-10 01:14 - 00000859 _____ () C:\Users\Public\Desktop\Battle.net.lnk
2014-09-10 01:14 - 2014-09-10 01:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battle.net
2014-09-09 18:43 - 2014-07-26 17:12 - 00003718 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-09-09 15:05 - 2014-07-25 17:45 - 00000000 ____D () C:\Users\James\AppData\Local\Packages
2014-09-08 21:43 - 2014-09-08 21:43 - 00000000 ____D () C:\Users\James\AppData\Roaming\2K Sports
2014-09-08 21:37 - 2014-07-25 21:00 - 00000000 ____D () C:\Program Files\OBS
2014-09-08 05:51 - 2014-07-26 19:53 - 00000000 ____D () C:\ProgramData\Origin
2014-09-08 01:09 - 2014-07-27 12:31 - 00000000 ____D () C:\Users\James\AppData\Roaming\uTorrent
2014-09-07 05:00 - 2014-09-07 05:00 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2014-09-07 05:00 - 2013-08-22 15:46 - 00029755 _____ () C:\Windows\setupact.log
2014-09-06 16:00 - 2014-09-06 02:10 - 00000000 ____D () C:\Program Files (x86)\Internet Download Manager
2014-09-06 03:00 - 2014-08-17 14:39 - 00000000 ____D () C:\Users\James\AppData\Roaming\DMCache
2014-09-06 02:12 - 2014-09-06 02:10 - 00000000 ____D () C:\Users\James\AppData\Roaming\IDM
2014-09-06 02:10 - 2014-09-06 02:10 - 00000000 ____D () C:\ProgramData\IDM
2014-09-05 03:36 - 2014-09-10 16:13 - 00097280 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2014-09-05 03:31 - 2014-09-10 16:13 - 00527360 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-09-05 02:59 - 2014-09-05 02:59 - 00000872 _____ () C:\Users\Public\Desktop\Dead Rising 3.lnk
2014-09-05 02:59 - 2014-09-05 02:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dead Rising 3
2014-09-05 01:48 - 2014-09-10 16:13 - 00738816 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-09-05 01:11 - 2014-07-26 19:54 - 00000000 ____D () C:\Users\James\AppData\Roaming\Origin
2014-09-04 21:28 - 2014-09-04 21:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Diablo III
2014-09-04 02:52 - 2014-08-20 03:27 - 00053760 ___SH () C:\Users\James\Desktop\Thumbs.db
2014-09-03 16:00 - 2014-04-10 09:02 - 00185142 _____ () C:\Windows\DirectX.log
2014-09-02 23:45 - 2014-08-30 23:01 - 00000000 ____D () C:\Users\James\AppData\Roaming\.minecraft
2014-09-02 21:06 - 2013-08-22 16:38 - 00706016 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-09-02 21:06 - 2013-08-22 16:38 - 00105440 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-08-29 14:53 - 2014-08-26 23:23 - 00000000 ____D () C:\Users\James\AppData\Local\Ubisoft Game Launcher
2014-08-29 14:47 - 2013-08-22 15:44 - 00510760 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-08-28 18:50 - 2014-08-28 18:44 - 00000000 ____D () C:\Users\James\AppData\Local\DayZ
2014-08-28 15:21 - 2014-08-01 11:02 - 00000000 ____D () C:\Program Files\Microsoft Office 15
2014-08-27 02:25 - 2014-07-26 19:53 - 00000000 ____D () C:\ProgramData\Electronic Arts
2014-08-27 01:21 - 2014-08-27 01:21 - 00000000 ____D () C:\Users\James\AppData\Local\Ubisoft
2014-08-25 01:48 - 2014-08-25 01:48 - 00000000 ____D () C:\Users\James\AppData\Local\Blizzard
2014-08-23 01:42 - 2014-08-28 15:06 - 04148224 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-08-22 22:15 - 2014-08-22 22:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPUID
2014-08-22 20:52 - 2014-08-22 20:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hearthstone
2014-08-21 01:26 - 2014-08-21 01:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\World of Warcraft
2014-08-21 01:21 - 2014-08-16 16:38 - 00000000 __SHD () C:\Windows\SysWOW64\AI_RecycleBin
2014-08-20 18:12 - 2014-08-20 18:12 - 00000000 ____D () C:\Users\James\AppData\Roaming\TERA
2014-08-20 03:27 - 2014-08-20 03:27 - 00000000 ____D () C:\ProgramData\Blizzard
2014-08-17 21:07 - 2014-08-16 23:36 - 00000000 ____D () C:\Users\James\AppData\Roaming\Omerta
2014-08-16 23:33 - 2014-08-16 23:33 - 00000000 ____D () C:\Users\James\AppData\Roaming\Kalypso Media
2014-08-16 17:00 - 2014-08-16 17:00 - 00000000 ____D () C:\Users\James\AppData\Roaming\LolClient
2014-08-16 16:39 - 2014-08-16 16:39 - 00000000 ____D () C:\ProgramData\Riot Games
2014-08-16 16:38 - 2014-08-16 16:38 - 00000000 ____D () C:\Users\James\AppData\Roaming\Riot Games
2014-08-16 03:40 - 2014-09-10 16:25 - 23591424 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-08-16 03:04 - 2014-09-10 16:25 - 17455104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-08-16 03:00 - 2014-09-10 16:25 - 05833728 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-08-16 03:00 - 2014-09-10 16:25 - 02793984 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-08-16 02:56 - 2014-09-10 16:25 - 00547328 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-08-16 02:54 - 2014-09-10 16:25 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-08-16 02:45 - 2014-09-10 16:25 - 04232704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-08-16 02:43 - 2014-09-10 16:25 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-08-16 02:32 - 2014-09-10 16:25 - 00446464 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-08-16 02:25 - 2014-09-10 16:25 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-08-16 02:22 - 2014-09-10 16:25 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-08-16 02:20 - 2014-09-10 16:25 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-08-16 02:19 - 2014-09-10 16:25 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-08-16 02:18 - 2014-09-10 16:25 - 02185728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-08-16 02:18 - 2014-09-10 16:25 - 00289280 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-08-16 02:11 - 2014-09-10 16:25 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-08-16 02:06 - 2014-09-10 16:25 - 00359424 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-08-16 02:05 - 2014-09-10 16:25 - 00727040 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-08-16 02:05 - 2014-09-10 16:25 - 00707072 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-08-16 02:03 - 2014-09-10 16:25 - 02104832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-08-16 02:03 - 2014-09-10 16:25 - 00365056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-08-16 01:58 - 2014-09-10 16:25 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-08-16 01:56 - 2014-09-10 16:25 - 02310656 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-08-16 01:53 - 2014-09-10 16:25 - 13588480 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-08-16 01:53 - 2014-09-10 16:25 - 00243200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-08-16 01:53 - 2014-09-10 16:25 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-08-16 01:51 - 2014-09-10 16:25 - 11769856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-08-16 01:45 - 2014-09-10 16:25 - 00603136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-08-16 01:44 - 2014-09-10 16:25 - 02014208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-08-16 01:44 - 2014-09-10 16:25 - 00312320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-08-16 01:34 - 2014-09-10 16:25 - 01447424 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-08-16 01:20 - 2014-09-10 16:25 - 01812992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-08-16 01:18 - 2014-09-10 16:25 - 00775168 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-08-16 01:14 - 2014-09-10 16:25 - 01190400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-08-16 01:12 - 2014-09-10 16:25 - 00678400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-08-15 20:10 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\rescache
2014-08-14 21:06 - 2014-08-14 21:06 - 00000000 ____D () C:\Users\James\AppData\Roaming\.mono
2014-08-14 04:57 - 2013-08-22 16:36 - 00000000 ___RD () C:\Windows\ToastData
2014-08-14 04:57 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-08-14 04:57 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\MediaViewer
2014-08-14 04:57 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\FileManager
2014-08-14 04:57 - 2013-08-22 16:36 - 00000000 ____D () C:\Windows\Camera
2014-08-13 21:09 - 2014-08-13 21:09 - 00000886 _____ () C:\Users\James\Desktop\Strife.lnk
2014-08-13 21:09 - 2014-08-13 21:09 - 00000000 ____D () C:\Users\James\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Strife
2014-08-13 21:09 - 2014-08-13 21:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Strife
2014-08-13 13:38 - 2014-07-26 14:14 - 00428888 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2014-08-13 13:38 - 2014-03-18 16:27 - 00233912 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2014-08-12 22:35 - 2014-08-12 22:35 - 00000000 ____D () C:\Users\James\AppData\Local\Turbine
2014-08-12 15:14 - 2014-07-26 02:37 - 00000000 ____D () C:\Users\James\AppData\Local\PAYDAY 2
2014-08-11 15:39 - 2014-08-11 15:39 - 00001279 _____ () C:\Users\James\Desktop\OBS.lnk
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2014-09-01 16:43
 
==================== End Of Log ============================


#4 aharonov

aharonov

  • Malware Response Team
  • 2,441 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:01:04 PM

Posted 10 September 2014 - 01:46 PM

Is the problem gone after this?


Step 1

Please download this attached Attached File  fixlist.txt   151bytes   5 downloads and save it in the same directory as FRST.
  • Start FRST with Administrator privileges.
  • Press the Fix button.
  • When finished, a log file (Fixlog.txt) pops up and is saved to the same location the tool was run from.
    Please copy and paste its contents in your next reply.


Step 2

Please download the ESET Online Scanner and save it to your Desktop.
  • Disable the realtime-protection of your antivirus and anti-malware programs because they might interfere with the scan.
  • Start esetsmartinstaller_enu.exe with administartor privileges.
  • Select the option Yes, I accept the Terms of Use and click on Start.
  • Make sure that the option Remove found threats is NOT checked, and the option Scan archives is checked.
  • Now click on Advanced Settings and select the following:
    • Scan for potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth Technology
  • Click on Start. The virus signature database will begin to download. This may take some time.
  • When completed the Online Scan will begin automatically.
    Note: This scan might take a long time! Please be patient.
  • When completed select Uninstall application on close if you so wish, but make sure you copy the logfile first!
  • Now click on Finish
  • A log file is created at C:\Program Files\ESET\EsetOnlineScanner\log.txt.
    Copy and paste the content of this log file in your next reply.
Note: Do not forget to re-enable your antivirus application after running the above scan!

#5 LilMuz

LilMuz
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:12:04 PM

Posted 10 September 2014 - 01:51 PM

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 10-09-2014
Ran by James at 2014-09-10 19:48:31 Run:2
Running from D:\Downloads
Boot Mode: Normal
==============================================
 
Content of fixlist:
*****************
HKU\S-1-5-21-3974639238-3188545945-4294417750-1001\...\Run: [CMD] => cmd.exe /c start http://extendedunlimited.org && exit <===== ATTENTION
EmptyTemp:
*****************
 
HKU\S-1-5-21-3974639238-3188545945-4294417750-1001\Software\Microsoft\Windows\CurrentVersion\Run\\CMD => value deleted successfully.
EmptyTemp: => Removed 333.4 MB temporary data.
 
 
The system needed a reboot. 
 
==== End of Fixlog ====
 
I think its fixed, I dont see command prompt in start-up anymore, so I assume its fixed.
 
Step 2 Completed.
 
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=e37867d0df9f604dae5f4301cf0a4fcc
# engine=20094
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2014-09-10 07:19:58
# local_time=2014-09-10 08:19:58 (+0000, GMT Summer Time)
# country="United Kingdom"
# lang=1033
# osver=6.2.9200 NT 
# compatibility_mode_1=''
# compatibility_mode=5893 16776573 100 94 12936 14760319 0 0
# scanned=214629
# found=0
# cleaned=0
# scan_time=1397
 

Edited by LilMuz, 10 September 2014 - 02:21 PM.





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users