Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

gameharbor.org Popup window during startup


  • This topic is locked This topic is locked
8 replies to this topic

#1 hello6921

hello6921

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:02:15 PM

Posted 12 September 2014 - 12:35 AM

Hello and thanks for helping me. Basically when I get to desktop screen after boot up, a CMD window appears and then causes Mozilla firefox to open a window that redirects me to gameharbor.org. My computer has no performance issues but the popup is just annoying. Tried to get rid of it using Norton and Malwarebytes but it's not working. Also looked in the programs list to see if I could uninstall something but nothing looked suspicious. Any and all help would be much appreciated!

 

 

 

 

DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 11.0.9600.17280  BrowserJavaVersion: 10.67.2
Run by Thomas at 0:25:46 on 2014-09-12
Microsoft Windows 7 Ultimate   6.1.7601.1.1252.1.1033.18.8136.2469 [GMT -5:00]
.
AV: Norton 360 *Enabled/Updated* {63DF5164-9100-186D-2187-8DC619EFD8BF}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Norton 360 *Enabled/Updated* {D8BEB080-B73A-17E3-1B37-B6B462689202}
FW: Norton 360 *Enabled* {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\nvvsvc.exe
A:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
A:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Windows\Explorer.EXE
A:\Program Files\Bonjour\mDNSResponder.exe
C:\Windows\system32\taskeng.exe
A:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
C:\Program Files (x86)\PCMeterV4\PCMeterV0.4.exe
A:\Program Files\Core Temp\Core Temp.exe
A:\Program Files (x86)\EVGA Precision X\EVGAPrecision.exe
A:\Program Files (x86)\Corsair\CorsairLink 2\Sierra2.GPU.exe
A:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
C:\Program Files (x86)\MSI\MSITrigger\MSI_Trigger_Service.exe
A:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
A:\Program Files (x86)\Norton 360\Engine\5.2.2.3\ccSvcHst.exe
A:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
A:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
A:\Program Files (x86)\Samsung\RAPID\CacheFilter\SamsungRapidApp.exe
C:\Program Files\Windows Sidebar\sidebar.exe
A:\Program Files (x86)\Corsair\CorsairLink 2\Sierra2.exe
A:\Program Files\NVIDIA Corporation\Display\nvtray.exe
A:\Program Files (x86)\Samsung\Kies\Kies.exe
A:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
A:\Program Files\Qualcomm Atheros\Network Manager\NetworkManager.exe
A:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
C:\Users\Thomas\AppData\Roaming\Dropbox\bin\Dropbox.exe
A:\Program Files\Rainmeter\Rainmeter.exe
C:\Program Files (x86)\Common Files\Apple\Internet Services\APSDaemon.exe
A:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
A:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
A:\Program Files (x86)\DFX\DFX.exe
A:\Program Files (x86)\Common Files\Aimersoft\Aimersoft Helper Compact\ASHelper.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
A:\Program Files (x86)\Samsung\Samsung Magician\Samsung Magician.exe
A:\Program Files (x86)\DFX\Universal\Apps\DfxSharedApp32.exe
A:\Program Files (x86)\DFX\Universal\Apps\DfxSharedApp64.exe
A:\Program Files (x86)\DFX\Universal\Apps\dfxItunesSong.exe
C:\Windows\SysWOW64\PnkBstrA.exe
A:\Program Files\Qualcomm Atheros\Network Manager\KillerService.exe
C:\Windows\system32\RAPID\SamsungRapidSvc.exe
A:\Program Files (x86)\Corsair\CorsairLink 2\SierraService.exe
C:\Windows\system32\svchost.exe -k imgsvc
A:\Program Files (x86)\Popcorn Time\Updater.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\SearchIndexer.exe
A:\Program Files (x86)\Norton 360\Engine\5.2.2.3\ccSvcHst.exe
A:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
A:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
A:\Program Files (x86)\Nero\Update\NASvc.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\TEMP\set5AAC.tmp.exe
A:\Program Files (x86)\Steam\Steam.exe
A:\Program Files (x86)\Steam\bin\steamwebhelper.exe
A:\Program Files (x86)\Steam\bin\steamwebhelper.exe
A:\Program Files (x86)\Mozilla Firefox\firefox.exe
A:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_14_0_0_179.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_14_0_0_179.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uSearch Bar = Preserve
BHO: Symantec NCO BHO: {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - A:\Program Files (x86)\Norton 360\Engine\5.2.2.3\coieplg.dll
BHO: Symantec Intrusion Prevention: {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - A:\Program Files (x86)\Norton 360\Engine\5.2.2.3\ips\ipsbho.dll
BHO: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - A:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - A:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL
BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - A:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
TB: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - A:\Program Files (x86)\Norton 360\Engine\5.2.2.3\coieplg.dll
uRun: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
uRun: [DAEMON Tools Lite] "A:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
uRun: [Steam] "A:\Program Files (x86)\Steam\steam.exe" -silent
uRun: [CorsairLINK 2] A:\Program Files (x86)\Corsair\CorsairLink 2\Sierra2.exe
uRun: [EADM] A:\Program Files (x86)\Origin\Origin.exe -AutoStart
uRun: [KiesPreload] A:\Program Files (x86)\Samsung\Kies\Kies.exe /preload
uRun: [KiesAirMessage] A:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe -startup
uRun: [PC-NVR.exe] A:\Program Files (x86)\Smart Professional Surveillance System\PC-NVR\PC-NVR.exe
uRun: [ApplePhotoStreams] C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
uRun: [CMD] cmd.exe /c start http://extendedunlimited.org && exit
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [BrStsMon00] A:\Program Files (x86)\Browny02\Brother\BrStMonW.exe /AUTORUN
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [USB3MON] "A:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
mRun: [QuickTime Task] "A:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
mRun: [KiesTrayAgent] A:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
mRun: [Smart-PSS] A:/Program Files (x86)/Smart Professional Surveillance System/SmartPSS/SmartPSS.exe
mRun: [DFX] A:\Program Files (x86)\DFX\DFX.exe -startup
mRun: [Aimersoft Helper Compact.exe] A:\Program Files (x86)\Common Files\Aimersoft\Aimersoft Helper Compact\ASHelper.exe
mRun: [DelaypluginInstall] C:\ProgramData\Aimersoft\Video Converter Ultimate\DelayPluginI.exe
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
StartupFolder: C:\Users\Thomas\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\Dropbox.lnk - C:\Users\Thomas\AppData\Roaming\Dropbox\bin\Dropbox.exe
StartupFolder: C:\Users\Thomas\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\RAINME~1.LNK - A:\Program Files\Rainmeter\Rainmeter.exe
StartupFolder: C:\Users\Thomas\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\SAMSUN~2.LNK - C:\Windows\System32\schtasks.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\KILLER~1.LNK - C:\Windows\Installer\{4692B750-DE88-4DCF-9163-745AF5604B24}\NetworkManager.exe_130C27D738F34C89BDDF21BCFD74B56D.exe
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:0
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableLUA = dword:0
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-System: PromptOnSecureDesktop = dword:0
TCP: NameServer = 8.8.8.8 192.168.1.1
TCP: Interfaces\{822A1F5E-ACEB-4072-9E20-F796580E2ACF} : DHCPNameServer = 8.8.8.8 192.168.1.1
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - A:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
Handler: WSAMVCUchrome - <Clsid value has no data>
SSODL: WebCheck - <orphaned>
x64-BHO: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - A:\Program Files\Java\jre7\bin\ssv.dll
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL
x64-BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - A:\Program Files\Java\jre7\bin\jp2ssv.dll
x64-Run: [RTHDVCPL] "A:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s
x64-Run: [BCSSync] "C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices
x64-Run: [NvBackend] "A:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
x64-Run: [ShadowPlay] C:\Windows\System32\rundll32.exe C:\Windows\System32\nvspcap64.dll,ShadowPlayOnSystemStart
x64-Run: [SamsungRapidApp] A:\Program Files (x86)\Samsung\RAPID\CacheFilter\SamsungRapidApp.exe
x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - A:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-Handler: WSAMVCUchrome - <Clsid value has no data>
x64-SSODL: WebCheck - <orphaned>
.
============= SERVICES / DRIVERS ===============
.
R0 iusb3hcs;Intel® USB 3.0 Host Controller Switch Driver;C:\Windows\System32\drivers\iusb3hcs.sys [2014-2-28 20464]
R0 NBVol;Nero Backup Volume Filter Driver;C:\Windows\System32\drivers\NBVol.sys [2010-3-2 72240]
R0 NBVolUp;Nero Backup Volume Upper Filter Driver;C:\Windows\System32\drivers\NBVolUp.sys [2010-3-2 15920]
R0 SamsungRapidDiskFltr;SAMSUNG RAPID Mode Disk Filter Driver;C:\Windows\System32\drivers\SamsungRapidDiskFltr.sys [2014-7-1 265952]
R0 SamsungRapidFSFltr;SamsungRapidFSFltr;C:\Windows\System32\drivers\SamsungRapidFSFltr.sys [2014-5-19 111328]
R0 SymDS;Symantec Data Store;C:\Windows\System32\drivers\N360x64\0502020.003\symds64.sys [2014-8-27 450680]
R0 SymEFA;Symantec Extended File Attributes;C:\Windows\System32\drivers\N360x64\0502020.003\symefa64.sys [2014-8-27 912504]
R1 BfLwf;Qualcomm Atheros Bandwidth Control;C:\Windows\System32\drivers\bflwfx64.sys [2014-4-10 82096]
R1 BHDrvx64;BHDrvx64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\BASHDefs\20140821.007\BHDrvx64.sys [2014-8-21 1588016]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;C:\Windows\System32\drivers\dtsoftbus01.sys [2014-2-27 283064]
R1 IDSVia64;IDSVia64;C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\IPSDefs\20140911.001\IDSviA64.sys [2014-9-11 633560]
R1 SymIRON;Symantec Iron Driver;C:\Windows\System32\drivers\N360x64\0502020.003\ironx64.sys [2014-8-27 171128]
R1 SymNetS;Symantec Network Security WFP Driver;C:\Windows\System32\drivers\N360x64\0502020.003\symnets.sys [2014-8-27 386168]
R2 MBAMScheduler;MBAMScheduler;A:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [2014-9-10 1809720]
R2 MBAMService;MBAMService;A:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [2014-9-10 860472]
R2 MSI_Trigger_Service;MSI_Trigger_Service;C:\Program Files (x86)\MSI\MSITrigger\MSI_Trigger_Service.exe [2014-2-27 29728]
R2 N360;Norton 360;A:\Program Files (x86)\Norton 360\Engine\5.2.2.3\ccsvchst.exe [2014-8-27 130008]
R2 NAUpdate;Nero Update;A:\Program Files (x86)\Nero\Update\NASvc.exe [2012-7-13 769432]
R2 NvNetworkService;NVIDIA Network Service;A:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2014-3-6 1721800]
R2 NvStreamSvc;NVIDIA Streamer Service;A:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2014-3-6 18974152]
R2 Qualcomm Atheros Killer Service V2;Qualcomm Atheros Killer Service V2;A:\Program Files\Qualcomm Atheros\Network Manager\KillerService.exe [2014-4-17 344576]
R2 SamsungRapidSvc;Samsung RAPID Mode Service;system32\RAPID\SamsungRapidSvc.exe --> system32\RAPID\SamsungRapidSvc.exe [?]
R2 Sierra2Service;Sierra2Service;A:\Program Files (x86)\Corsair\CorsairLink 2\SierraService.exe [2012-11-20 15872]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;A:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2014-7-29 411936]
R2 Update service;Update service;A:\Program Files (x86)\Popcorn Time\Updater.exe [2014-9-11 179200]
R3 DFX11_1;DFX Audio Enhancer 11.1;C:\Windows\System32\drivers\dfx11_1x64.sys [2012-12-13 28008]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2014-9-10 142640]
R3 iusb3hub;Intel® USB 3.0 Hub Driver;C:\Windows\System32\drivers\iusb3hub.sys [2014-8-26 383472]
R3 iusb3xhc;Intel® USB 3.0 eXtensible Host Controller Driver;C:\Windows\System32\drivers\iusb3xhc.sys [2014-2-28 786416]
R3 Ke2200;NDIS Miniport Driver for Killer e2201/e2202 PCI-E Ethernet Controller;C:\Windows\System32\drivers\e22w7x64.sys [2014-3-27 129200]
R3 MBAMProtector;MBAMProtector;C:\Windows\System32\drivers\mbam.sys [2014-9-10 25816]
R3 MBAMSwissArmy;MBAMSwissArmy;C:\Windows\System32\drivers\MBAMSwissArmy.sys [2014-9-10 122584]
R3 MBAMWebAccessControl;MBAMWebAccessControl;C:\Windows\System32\drivers\mwac.sys [2014-9-10 63704]
R3 MBfilt;MBfilt;C:\Windows\System32\drivers\MBfilt64.sys [2014-2-27 32344]
R3 NvStreamKms;NvStreamKms;A:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2014-5-10 21448]
R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);C:\Windows\System32\drivers\nvvad64v.sys [2014-5-10 40392]
R3 RTCore64;RTCore64;A:\Program Files (x86)\EVGA Precision X\RTCore64.sys [2013-7-17 15176]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-9-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-9-11 124088]
S3 BrYNSvc;BrYNSvc;A:\Program Files (x86)\Browny02\BrYNSvc.exe [2014-2-27 245760]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);C:\Windows\System32\drivers\ssudbus.sys [2014-4-6 108856]
S3 dmvsc;dmvsc;C:\Windows\System32\drivers\dmvsc.sys [2010-11-21 71168]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2014-9-10 111616]
S3 ISCT;Intel® Smart Connect Technology Device Driver;C:\Windows\System32\drivers\ISCTD64.sys [2013-1-19 46568]
S3 ose64;Office 64 Source Engine;C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-1-9 174440]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2014-2-27 19456]
S3 ScpVBus;Scp Virtual Bus Driver;C:\Windows\System32\drivers\ScpVBus.sys [2014-9-9 39168]
S3 ssudmdm;SAMSUNG  Mobile USB Modem Drivers (DEVGURU Ver.);C:\Windows\System32\drivers\ssudmdm.sys [2014-4-6 206136]
S3 Synth3dVsc;Synth3dVsc;C:\Windows\System32\drivers\Synth3dVsc.sys [2010-11-21 88960]
S3 terminpt;Microsoft Remote Desktop Input Driver;C:\Windows\System32\drivers\terminpt.sys [2014-2-27 29696]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2014-2-27 56832]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2014-2-27 30208]
S3 tsusbhub;tsusbhub;C:\Windows\System32\drivers\tsusbhub.sys [2010-11-21 117248]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2014-2-27 1255736]
.
=============== Created Last 30 ================
.
2014-09-11 06:36:20    --------    d-----w-    C:\ProgramData\HitmanPro
2014-09-11 05:27:55    11319192    ----a-w-    C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{FD0E90DA-9909-4A02-BC5D-FE31133AF6F8}\mpengine.dll
2014-09-10 23:17:43    --------    d-----w-    C:\Windows\ERUNT
2014-09-10 23:11:34    --------    d-----w-    C:\AdwCleaner
2014-09-10 21:33:31    122584    ----a-w-    C:\Windows\System32\drivers\MBAMSwissArmy.sys
2014-09-10 21:33:25    91352    ----a-w-    C:\Windows\System32\drivers\mbamchameleon.sys
2014-09-10 21:33:25    63704    ----a-w-    C:\Windows\System32\drivers\mwac.sys
2014-09-10 21:33:25    25816    ----a-w-    C:\Windows\System32\drivers\mbam.sys
2014-09-10 21:33:25    --------    d-----w-    C:\ProgramData\Malwarebytes
2014-09-10 21:33:25    --------    d-----w-    A:\Program Files (x86)\Malwarebytes Anti-Malware
2014-09-10 21:22:26    2777088    ----a-w-    C:\Windows\System32\msmpeg2vdec.dll
2014-09-10 21:22:26    2285056    ----a-w-    C:\Windows\SysWow64\msmpeg2vdec.dll
2014-09-10 21:05:09    793600    ----a-w-    C:\Windows\SysWow64\TSWorkspace.dll
2014-09-10 21:05:09    1031168    ----a-w-    C:\Windows\System32\TSWorkspace.dll
2014-09-10 21:05:05    2565120    ----a-w-    C:\Windows\System32\d3d10warp.dll
2014-09-10 21:05:05    1987584    ----a-w-    C:\Windows\SysWow64\d3d10warp.dll
2014-09-10 21:04:58    96768    ----a-w-    C:\Windows\SysWow64\sspicli.dll
2014-09-10 21:04:58    728064    ----a-w-    C:\Windows\System32\kerberos.dll
2014-09-10 21:04:58    550912    ----a-w-    C:\Windows\SysWow64\kerberos.dll
2014-09-10 21:04:58    22016    ----a-w-    C:\Windows\SysWow64\secur32.dll
2014-09-10 21:04:58    1460736    ----a-w-    C:\Windows\System32\lsasrv.dll
2014-09-10 00:16:22    39168    ----a-w-    C:\Windows\System32\drivers\ScpVBus.sys
2014-09-09 03:11:36    --------    d-----w-    C:\Games
2014-09-07 02:12:24    98216    ----a-w-    C:\Windows\SysWow64\WindowsAccessBridge-32.dll
2014-09-06 01:48:49    2434856    ----a-w-    C:\Windows\SysWow64\pbsvc_bc2.exe
2014-09-05 09:33:22    812216    ----a-w-    A:\Program Files (x86)\Internet Explorer\iexplore.exe
2014-09-05 09:28:49    --------    d-sh--w-    C:\Users\Thomas\AppData\Local\EmieUserList
2014-09-05 09:28:49    --------    d-sh--w-    C:\Users\Thomas\AppData\Local\EmieSiteList
2014-09-05 01:22:44    447752    ----a-w-    C:\Windows\SysWow64\vp6vfw.dll
2014-09-04 08:07:05    33240    ----a-w-    C:\Windows\System32\drivers\GEARAspiWDM.sys
2014-09-04 08:07:01    --------    d-----w-    C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-09-04 02:51:01    --------    d-----w-    C:\ProgramData\Aiseesoft Studio
2014-09-04 02:51:01    --------    d-----w-    A:\Program Files (x86)\Aiseesoft Studio
2014-09-04 01:26:11    --------    d-----w-    C:\Users\Thomas\AppData\Local\Aiseesoft Studio
2014-09-03 02:52:05    --------    d-----w-    C:\Users\Thomas\AppData\Roaming\{950EB46C-6AC7-4ACC-AB36-9A6A77C08B6A}
2014-09-03 02:50:55    --------    d-----w-    C:\ProgramData\Aimersoft
2014-09-03 02:50:55    --------    d-----w-    A:\Program Files (x86)\Aimersoft
2014-09-03 02:18:46    --------    d--h--w-    C:\$WINDOWS.~BT
2014-08-29 23:13:12    --------    d-----w-    C:\Users\Thomas\AppData\Local\4A Games
2014-08-28 10:49:00    --------    d-----w-    C:\Program Files\Common Files\Apple
2014-08-28 03:38:51    912504    ----a-w-    C:\Windows\System32\drivers\N360x64\0502020.003\symefa64.sys
2014-08-28 03:38:51    744568    ----a-w-    C:\Windows\System32\drivers\N360x64\0502020.003\srtsp64.sys
2014-08-28 03:38:51    450680    ----a-w-    C:\Windows\System32\drivers\N360x64\0502020.003\symds64.sys
2014-08-28 03:38:51    40568    ----a-w-    C:\Windows\System32\drivers\N360x64\0502020.003\srtspx64.sys
2014-08-28 03:38:51    386168    ----a-w-    C:\Windows\System32\drivers\N360x64\0502020.003\symnets.sys
2014-08-28 03:38:51    171128    ----a-r-    C:\Windows\System32\drivers\N360x64\0502020.003\ironx64.sys
2014-08-28 03:38:45    --------    d-----w-    C:\Windows\System32\drivers\N360x64\0502020.003
2014-08-27 20:22:05    --------    d-----w-    C:\Windows\System32\wbem\Framework\root\AddGadgets
2014-08-27 20:22:05    --------    d-----w-    C:\Windows\System32\wbem\Framework\root
2014-08-27 20:22:05    --------    d-----w-    C:\Windows\System32\wbem\Framework
2014-08-27 19:43:34    404480    ----a-w-    C:\Windows\System32\gdi32.dll
2014-08-27 19:43:34    3163648    ----a-w-    C:\Windows\System32\win32k.sys
2014-08-27 19:43:34    311808    ----a-w-    C:\Windows\SysWow64\gdi32.dll
2014-08-27 05:28:31    174200    ----a-w-    C:\Windows\System32\drivers\SYMEVENT64x86.SYS
2014-08-27 05:28:31    --------    d-----w-    C:\Program Files\Common Files\Symantec Shared
2014-08-27 05:28:28    125872    ----a-w-    C:\Windows\System32\GEARAspi64.dll
2014-08-27 05:28:28    106928    ----a-w-    C:\Windows\SysWow64\GEARAspi.dll
2014-08-27 05:28:21    --------    d-----w-    C:\Windows\System32\drivers\N360x64
2014-08-27 05:28:18    --------    d-----w-    C:\ProgramData\Norton
2014-08-27 05:28:18    --------    d-----w-    A:\Program Files (x86)\Norton 360
2014-08-27 05:28:14    --------    d-----w-    C:\ProgramData\NortonInstaller
2014-08-27 05:28:14    --------    d-----w-    A:\Program Files (x86)\NortonInstaller
2014-08-27 04:12:02    --------    d-----w-    C:\Users\Thomas\Intel
2014-08-27 04:10:25    383472    ----a-w-    C:\Windows\System32\drivers\iusb3hub.sys
2014-08-27 04:09:07    --------    d-----w-    C:\ProgramData\Qualcomm
2014-08-27 04:08:47    --------    d-----w-    C:\ProgramData\Downloaded Installations
2014-08-24 22:02:14    --------    d-----w-    C:\Program Files (x86)\Common Files\DFX
2014-08-24 22:02:14    --------    d-----w-    A:\Program Files (x86)\DFX
2014-08-19 10:24:35    --------    d-----w-    C:\Users\Thomas\AppData\Roaming\PopcornTime
2014-08-15 18:16:22    --------    d-----w-    C:\Users\Thomas\AppData\Local\Adobe
2014-08-15 08:00:21    99480    ----a-w-    C:\Windows\SysWow64\infocardapi.dll
2014-08-15 08:00:21    8856    ----a-w-    C:\Windows\SysWow64\icardres.dll
2014-08-15 08:00:21    8856    ----a-w-    C:\Windows\System32\icardres.dll
2014-08-15 08:00:21    619672    ----a-w-    C:\Windows\SysWow64\icardagt.exe
2014-08-15 08:00:21    171160    ----a-w-    C:\Windows\System32\infocardapi.dll
2014-08-15 08:00:21    1389208    ----a-w-    C:\Windows\System32\icardagt.exe
2014-08-15 08:00:19    35480    ----a-w-    C:\Windows\SysWow64\TsWpfWrp.exe
2014-08-15 08:00:19    35480    ----a-w-    C:\Windows\System32\TsWpfWrp.exe
2014-08-15 06:52:29    --------    d-----w-    C:\Users\Thomas\AppData\Local\Vitalwerks
2014-08-15 06:36:26    664064    ----a-w-    C:\Windows\SysWow64\rpcrt4.dll
2014-08-15 06:36:26    1216000    ----a-w-    C:\Windows\System32\rpcrt4.dll
.
==================== Find3M  ====================
.
2014-09-06 18:33:24    282296    ----a-w-    C:\Windows\SysWow64\PnkBstrB.xtr
2014-09-06 18:33:24    282296    ----a-w-    C:\Windows\SysWow64\PnkBstrB.exe
2014-09-06 18:30:25    215128    ----a-w-    C:\Windows\SysWow64\PnkBstrB.ex0
2014-09-06 02:03:09    76888    ----a-w-    C:\Windows\SysWow64\PnkBstrA.exe
2014-08-25 11:53:42    270496    ------w-    C:\Windows\System32\MpSigStub.exe
2014-08-18 22:29:49    2724864    ----a-w-    C:\Windows\System32\mshtml.tlb
2014-08-18 22:29:35    4096    ----a-w-    C:\Windows\System32\ieetwcollectorres.dll
2014-08-18 22:19:53    5833728    ----a-w-    C:\Windows\System32\jscript9.dll
2014-08-18 22:15:34    547328    ----a-w-    C:\Windows\System32\vbscript.dll
2014-08-18 22:15:09    66048    ----a-w-    C:\Windows\System32\iesetup.dll
2014-08-18 22:14:38    48640    ----a-w-    C:\Windows\System32\ieetwproxystub.dll
2014-08-18 22:14:10    83968    ----a-w-    C:\Windows\System32\MshtmlDac.dll
2014-08-18 22:08:55    4232704    ----a-w-    C:\Windows\SysWow64\jscript9.dll
2014-08-18 22:03:47    139264    ----a-w-    C:\Windows\System32\ieUnatt.exe
2014-08-18 22:03:37    111616    ----a-w-    C:\Windows\System32\ieetwcollector.exe
2014-08-18 22:03:01    758272    ----a-w-    C:\Windows\System32\jscript9diag.dll
2014-08-18 21:57:44    2724864    ----a-w-    C:\Windows\SysWow64\mshtml.tlb
2014-08-18 21:56:17    940032    ----a-w-    C:\Windows\System32\MsSpellCheckingFacility.exe
2014-08-18 21:46:26    454656    ----a-w-    C:\Windows\SysWow64\vbscript.dll
2014-08-18 21:45:23    61952    ----a-w-    C:\Windows\SysWow64\iesetup.dll
2014-08-18 21:45:12    72704    ----a-w-    C:\Windows\System32\JavaScriptCollectionAgent.dll
2014-08-18 21:44:44    51200    ----a-w-    C:\Windows\SysWow64\ieetwproxystub.dll
2014-08-18 21:44:09    61952    ----a-w-    C:\Windows\SysWow64\MshtmlDac.dll
2014-08-18 21:36:07    112128    ----a-w-    C:\Windows\SysWow64\ieUnatt.exe
2014-08-18 21:35:24    597504    ----a-w-    C:\Windows\SysWow64\jscript9diag.dll
2014-08-18 21:23:17    2104832    ----a-w-    C:\Windows\System32\inetcpl.cpl
2014-08-18 21:23:16    1249280    ----a-w-    C:\Windows\System32\mshtmlmedia.dll
2014-08-18 21:22:48    60416    ----a-w-    C:\Windows\SysWow64\JavaScriptCollectionAgent.dll
2014-08-18 21:15:13    2310656    ----a-w-    C:\Windows\System32\wininet.dll
2014-08-18 21:08:54    2014208    ----a-w-    C:\Windows\SysWow64\inetcpl.cpl
2014-08-18 21:07:44    1068032    ----a-w-    C:\Windows\SysWow64\mshtmlmedia.dll
2014-08-18 20:46:48    1812992    ----a-w-    C:\Windows\SysWow64\wininet.dll
2014-08-15 17:57:59    71344    ----a-w-    C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2014-08-15 17:57:59    699568    ----a-w-    C:\Windows\SysWow64\FlashPlayerApp.exe
2014-08-09 00:28:49    1291280    ----a-w-    C:\Windows\SysWow64\nvspbridge.dll
2014-08-09 00:28:49    1126480    ----a-w-    C:\Windows\SysWow64\nvspcap.dll
2014-08-09 00:28:35    1715224    ----a-w-    C:\Windows\System32\nvspbridge64.dll
2014-08-09 00:28:35    1283136    ----a-w-    C:\Windows\System32\nvspcap64.dll
2014-07-25 07:35:46    875688    ----a-w-    C:\Windows\SysWow64\msvcr120_clr0400.dll
2014-07-25 04:47:06    869544    ----a-w-    C:\Windows\System32\msvcr120_clr0400.dll
2014-07-22 08:45:26    76152    ----a-w-    C:\Windows\System32\PnkBstrA.exe
2014-07-16 03:23:41    2048    ----a-w-    C:\Windows\System32\tzres.dll
2014-07-16 02:46:02    2048    ----a-w-    C:\Windows\SysWow64\tzres.dll
2014-07-15 11:01:14    4012632    ----a-w-    C:\Windows\System32\drivers\RTKVHD64.sys
2014-07-15 07:30:32    950488    ----a-w-    C:\Windows\System32\RCoInstII64.dll
2014-07-11 07:10:24    2000152    ----a-w-    C:\Windows\System32\MBAPO264.dll
2014-07-11 07:10:20    1728792    ----a-w-    C:\Windows\SysWow64\MBAPO232.dll
2014-07-09 08:57:18    2808024    ----a-w-    C:\Windows\System32\RltkAPO64.dll
2014-07-09 02:03:23    7168    ----a-w-    C:\Windows\System32\KBDYAK.DLL
2014-07-09 02:03:22    7168    ----a-w-    C:\Windows\System32\KBDBASH.DLL
2014-07-09 01:31:42    7168    ----a-w-    C:\Windows\SysWow64\KBDYAK.DLL
2014-07-09 01:31:41    6656    ----a-w-    C:\Windows\SysWow64\KBDBASH.DLL
2014-07-07 06:07:00    2860760    ----a-w-    C:\Windows\System32\RtPgEx64.dll
2014-07-04 03:07:24    1024728    ----a-w-    C:\Windows\System32\RtkApi64.dll
2014-07-02 18:55:43    6783776    ----a-w-    C:\Windows\System32\nvcpl.dll
2014-07-02 18:55:43    3522392    ----a-w-    C:\Windows\System32\nvsvc64.dll
2014-07-02 18:55:41    935368    ----a-w-    C:\Windows\System32\nvvsvc.exe
2014-07-02 18:55:41    62808    ----a-w-    C:\Windows\System32\nvshext.dll
2014-07-02 18:55:41    386520    ----a-w-    C:\Windows\System32\nvmctray.dll
2014-07-02 17:44:45    609240    ----a-w-    C:\Windows\SysWow64\nvStreaming.exe
2014-07-02 10:14:12    3826628    ----a-w-    C:\Windows\System32\nvcoproc.bin
2014-06-18 02:18:30    692736    ----a-w-    C:\Windows\System32\osk.exe
2014-06-18 01:51:32    646144    ----a-w-    C:\Windows\SysWow64\osk.exe
2014-06-17 05:32:10    1286872    ----a-w-    C:\Windows\System32\RTCOM64.dll
2014-06-16 02:10:19    985536    ----a-w-    C:\Windows\System32\drivers\dxgkrnl.sys
2014-06-14 14:03:42    260696    ----a-w-    C:\Windows\System32\unrar64.dll
2014-06-14 14:03:42    218200    ----a-w-    C:\Windows\SysWow64\unrar.dll
2013-05-07 16:26:16    97856    ----a-w-    A:\Program Files (x86)\lol.launcher.admin.exe
2013-05-07 16:26:06    97856    ----a-w-    A:\Program Files (x86)\lol.launcher.exe
.
============= FINISH:  0:25:54.37 ===============
 

Attached Files



BC AdBot (Login to Remove)

 


#2 aharonov

aharonov

  • Malware Response Team
  • 2,441 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:09:15 PM

Posted 12 September 2014 - 05:09 AM

Hello,

please run a FRST scan:


Please download Farbar Recovery Scan Tool and save it to your Desktop.
(If you are not sure which version (32-/64-bit) applies to your system, download and try to start both of them as just the right one will run.)
  • Start FRST with administator privileges.
  • Make sure the option Addition.txt is checked and press the Scan button.
  • When finished, FRST will produce two logs (FRST.txt and Addition.txt) in the same directory the tool was run from.
  • Please copy and paste these logs in your next reply.


#3 hello6921

hello6921
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:02:15 PM

Posted 12 September 2014 - 05:42 AM

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 10-09-2014
Ran by Thomas (administrator) on THOMAS-PC on 12-09-2014 05:40:32
Running from A:\Downloads
Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) A:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) A:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Apple Inc.) A:\Program Files\Bonjour\mDNSResponder.exe
(Malwarebytes Corporation) A:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(AddGadgets) C:\Program Files (x86)\PCMeterV4\PCMeterV0.4.exe
() A:\Program Files\Core Temp\Core Temp.exe
() A:\Program Files (x86)\EVGA Precision X\EVGAPrecision.exe
() A:\Program Files (x86)\Corsair\CorsairLink 2\Sierra2.GPU.exe
(Malwarebytes Corporation) A:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(MICRO-STAR INTERNATIONAL CO., LTD.) C:\Program Files (x86)\MSI\MSITrigger\MSI_Trigger_Service.exe
(Realtek Semiconductor) A:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Symantec Corporation) A:\Program Files (x86)\Norton 360\Engine\5.2.2.3\ccsvchst.exe
(NVIDIA Corporation) A:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Malwarebytes Corporation) A:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Samsung Electronics Co., Ltd.) A:\Program Files (x86)\Samsung\RAPID\CacheFilter\SamsungRapidApp.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
() A:\Program Files (x86)\Corsair\CorsairLink 2\Sierra2.exe
(NVIDIA Corporation) A:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Samsung) A:\Program Files (x86)\Samsung\Kies\Kies.exe
(NVIDIA Corporation) A:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
() A:\Program Files\Qualcomm Atheros\Network Manager\NetworkManager.exe
(Intel Corporation) A:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Dropbox, Inc.) C:\Users\Thomas\AppData\Roaming\Dropbox\bin\Dropbox.exe
() A:\Program Files\Rainmeter\Rainmeter.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\APSDaemon.exe
(Samsung Electronics Co., Ltd.) A:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
(NVIDIA Corporation) A:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() A:\Program Files (x86)\DFX\DFX.exe
(AimerSoft) A:\Program Files (x86)\Common Files\Aimersoft\Aimersoft Helper Compact\ASHelper.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Samsung Electronics.) A:\Program Files (x86)\Samsung\Samsung Magician\Samsung Magician.exe
() A:\Program Files (x86)\DFX\Universal\Apps\DfxSharedApp32.exe
() A:\Program Files (x86)\DFX\Universal\Apps\DfxSharedApp64.exe
() A:\Program Files (x86)\DFX\Universal\Apps\dfxItunesSong.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Qualcomm Atheros) A:\Program Files\Qualcomm Atheros\Network Manager\KillerService.exe
(Samsung Electronics Co., Ltd.) C:\Windows\System32\RAPID\SamsungRapidSvc.exe
(CIS) A:\Program Files (x86)\Corsair\CorsairLink 2\SierraService.exe
(Company) A:\Program Files (x86)\Popcorn Time\Updater.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Symantec Corporation) A:\Program Files (x86)\Norton 360\Engine\5.2.2.3\ccsvchst.exe
(NVIDIA Corporation) A:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) A:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Nero AG) A:\Program Files (x86)\Nero\Update\NASvc.exe
(Popcorn Time                                                ) C:\Windows\Temp\set5AAC.tmp.exe
(Valve Corporation) A:\Program Files (x86)\Steam\Steam.exe
(Valve Corporation) A:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Valve Corporation) A:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Firaxis Games) C:\SteamLibrary\SteamApps\common\Sid Meier's Civilization V\CivilizationV_DX11.exe
(Valve Corporation) A:\Program Files (x86)\Steam\GameOverlayUI.exe
(Nullsoft, Inc.) A:\Program Files (x86)\Winamp\winamp.exe
(Mozilla Corporation) A:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) A:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_14_0_0_179.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_14_0_0_179.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => "A:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s
HKLM\...\Run: [BCSSync] => C:\Program Files\Microsoft Office\Office14\BCSSync.exe [112512 2010-01-21] (Microsoft Corporation)
HKLM\...\Run: [NvBackend] => A:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2404296 2014-08-08] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [SamsungRapidApp] => A:\Program Files (x86)\Samsung\RAPID\CacheFilter\SamsungRapidApp.exe [281312 2014-05-19] (Samsung Electronics Co., Ltd.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-12-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [BrStsMon00] => A:\Program Files (x86)\Browny02\Brother\BrStMonW.exe /AUTORUN
HKLM-x32\...\Run: [APSDaemon] => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
HKLM-x32\...\Run: [USB3MON] => A:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292848 2013-04-25] (Intel Corporation)
HKLM-x32\...\Run: [QuickTime Task] => "A:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
HKLM-x32\...\Run: [KiesTrayAgent] => A:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe [311616 2014-02-14] (Samsung Electronics Co., Ltd.)
HKLM-x32\...\Run: [Smart-PSS] => A:/Program Files (x86)/Smart Professional Surveillance System/SmartPSS/SmartPSS.exe
HKLM-x32\...\Run: [DFX] => A:\Program Files (x86)\DFX\DFX.exe -startup
HKLM-x32\...\Run: [Aimersoft Helper Compact.exe] => A:\Program Files (x86)\Common Files\Aimersoft\Aimersoft Helper Compact\ASHelper.exe [2014720 2014-08-05] (AimerSoft)
HKLM-x32\...\Run: [DelaypluginInstall] => C:\ProgramData\Aimersoft\Video Converter Ultimate\DelayPluginI.exe
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-07-25] (Oracle Corporation)
HKU\S-1-5-21-2359203629-830623999-1722430269-1000\...\Run: [DAEMON Tools Lite] => "A:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
HKU\S-1-5-21-2359203629-830623999-1722430269-1000\...\Run: [Steam] => "A:\Program Files (x86)\Steam\steam.exe" -silent
HKU\S-1-5-21-2359203629-830623999-1722430269-1000\...\Run: [CorsairLINK 2] => A:\Program Files (x86)\Corsair\CorsairLink 2\Sierra2.exe [1115136 2012-11-20] ()
HKU\S-1-5-21-2359203629-830623999-1722430269-1000\...\Run: [EADM] => A:\Program Files (x86)\Origin\Origin.exe -AutoStart
HKU\S-1-5-21-2359203629-830623999-1722430269-1000\...\Run: [KiesPreload] => A:\Program Files (x86)\Samsung\Kies\Kies.exe /preload
HKU\S-1-5-21-2359203629-830623999-1722430269-1000\...\Run: [KiesAirMessage] => A:\Program Files (x86)\Samsung\Kies\KiesAirMessage.exe -startup
HKU\S-1-5-21-2359203629-830623999-1722430269-1000\...\Run: [PC-NVR.exe] => A:\Program Files (x86)\Smart Professional Surveillance System\PC-NVR\PC-NVR.exe
HKU\S-1-5-21-2359203629-830623999-1722430269-1000\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [59720 2013-11-20] (Apple Inc.)
HKU\S-1-5-21-2359203629-830623999-1722430269-1000\...\Run: [CMD] => cmd.exe /c start http://extendedunlimited.org && exit <===== ATTENTION
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Killer Network Manager.lnk
ShortcutTarget: Killer Network Manager.lnk -> C:\Windows\Installer\{4692B750-DE88-4DCF-9163-745AF5604B24}\NetworkManager.exe_130C27D738F34C89BDDF21BCFD74B56D.exe (Flexera Software LLC)
Startup: C:\Users\Thomas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Thomas\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\Thomas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Rainmeter.lnk
ShortcutTarget: Rainmeter.lnk -> A:\Program Files\Rainmeter\Rainmeter.exe ()
Startup: C:\Users\Thomas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Samsung Magician.lnk
ShortcutTarget: Samsung Magician.lnk -> C:\Windows\System32\schtasks.exe (Microsoft Corporation)
ShellIconOverlayIdentifiers: OverlayExcluded -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => A:\Program Files (x86)\Norton 360\Engine64\5.2.2.3\buShell.dll (Symantec Corporation)
ShellIconOverlayIdentifiers: OverlayPending -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => A:\Program Files (x86)\Norton 360\Engine64\5.2.2.3\buShell.dll (Symantec Corporation)
ShellIconOverlayIdentifiers: OverlayProtected -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => A:\Program Files (x86)\Norton 360\Engine64\5.2.2.3\buShell.dll (Symantec Corporation)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> A:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> A:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Symantec NCO BHO -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> A:\Program Files (x86)\Norton 360\Engine\5.2.2.3\coIEPlg.dll (Symantec Corporation)
BHO-x32: Symantec Intrusion Prevention -> {6D53EC84-6AAE-4787-AEEE-F4628F01010C} -> A:\Program Files (x86)\Norton 360\Engine\5.2.2.3\IPS\IPSBHO.DLL (Symantec Corporation)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> A:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> A:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> A:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - A:\Program Files (x86)\Norton 360\Engine\5.2.2.3\coIEPlg.dll (Symantec Corporation)
Handler: WSAMVCUchrome - No CLSID Value -
Handler-x32: WSAMVCUchrome - No CLSID Value -
Tcpip\Parameters: [DhcpNameServer] 8.8.8.8 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\Thomas\AppData\Roaming\Mozilla\Firefox\Profiles\ah8y6jqb.default
FF Homepage: google.com
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_179.dll ()
FF Plugin: @java.com/DTPlugin,version=10.55.2 -> A:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.55.2 -> A:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> a:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_179.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1165635.dll (Adobe Systems, Inc.)
FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 -> A:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)
FF Plugin-x32: @esn/esnlaunch,version=2.3.0 -> A:\Program Files (x86)\Battlelog Web Plugins\2.3.0\npesnlaunch.dll (ESN Social Software AB)
FF Plugin-x32: @esn/npbattlelog,version=2.4.0 -> A:\Program Files (x86)\Battlelog Web Plugins\2.4.0\npbattlelog.dll (EA Digital Illusions CE AB)
FF Plugin-x32: @java.com/DTPlugin,version=10.67.2 -> A:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.67.2 -> A:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> a:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> A:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> A:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> A:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @Nero.com/KM -> C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL (Nero AG)
FF Plugin-x32: @nvidia.com/3DVision -> A:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> A:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @raidcall.en/RCplugin -> C:\Users\Thomas\AppData\Roaming\raidcall\plugins\nprcplugin.dll (Raidcall)
FF Plugin-x32: Adobe Reader -> A:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Thomas\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Extension: ImageHost Grabber - C:\Users\Thomas\AppData\Roaming\Mozilla\Firefox\Profiles\ah8y6jqb.default\Extensions\{E4091D66-127C-11DB-903A-DE80D2EFDFE8} [2014-05-28]
FF Extension: MEGA - C:\Users\Thomas\AppData\Roaming\Mozilla\Firefox\Profiles\ah8y6jqb.default\Extensions\firefox@mega.co.nz.xpi [2014-08-26]
FF Extension: Google Translator for Firefox - C:\Users\Thomas\AppData\Roaming\Mozilla\Firefox\Profiles\ah8y6jqb.default\Extensions\translator@zoli.bod.xpi [2014-03-09]
FF Extension: Password Exporter - C:\Users\Thomas\AppData\Roaming\Mozilla\Firefox\Profiles\ah8y6jqb.default\Extensions\{B17C1C5A-04B1-11DB-9804-B622A1EF5492}.xpi [2014-03-05]
FF Extension: Download YouTube Videos as MP4 - C:\Users\Thomas\AppData\Roaming\Mozilla\Firefox\Profiles\ah8y6jqb.default\Extensions\{b9bfaf1c-a63f-47cd-8b9a-29526ced9060}.xpi [2014-08-14]
FF Extension: Adblock Plus - C:\Users\Thomas\AppData\Roaming\Mozilla\Firefox\Profiles\ah8y6jqb.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-03-05]
FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\coFFPlgn_2011_7_13_2
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\coFFPlgn_2011_7_13_2 [2014-09-11]

Chrome:
=======

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 Bonjour Service; A:\Program Files\Bonjour\mDNSResponder.exe [462184 2011-08-31] (Apple Inc.)
S3 BrYNSvc; A:\Program Files (x86)\Browny02\BrYNSvc.exe [245760 2010-01-25] (Brother Industries, Ltd.) [File not signed]
R2 MBAMScheduler; A:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation)
R2 MBAMService; A:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation)
S3 MozillaMaintenance; A:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [119408 2014-07-29] (Mozilla Foundation)
R2 MSI_Trigger_Service; C:\Program Files (x86)\MSI\MSITrigger\MSI_Trigger_Service.exe [29728 2013-05-28] (MICRO-STAR INTERNATIONAL CO., LTD.)
R2 NAUpdate; A:\Program Files (x86)\Nero\Update\NASvc.exe [769432 2012-07-13] (Nero AG)
R2 NvNetworkService; A:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1721800 2014-08-08] (NVIDIA Corporation)
R2 NvStreamSvc; A:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [18974152 2014-08-08] (NVIDIA Corporation)
S3 osppsvc; A:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [4925184 2010-01-09] (Microsoft Corporation)
R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [76152 2014-07-22] ()
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2014-09-05] ()
R2 Qualcomm Atheros Killer Service V2; A:\Program Files\Qualcomm Atheros\Network Manager\KillerService.exe [344576 2014-04-17] (Qualcomm Atheros) [File not signed]
R2 SamsungRapidSvc; C:\Windows\System32\RAPID\SamsungRapidSvc.exe [27872 2014-05-19] (Samsung Electronics Co., Ltd.)
R2 Sierra2Service; A:\Program Files (x86)\Corsair\CorsairLink 2\SierraService.exe [15872 2012-11-20] (CIS) [File not signed]
R2 Stereo Service; A:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [411936 2014-07-02] (NVIDIA Corporation)
R2 Update service; A:\Program Files (x86)\Popcorn Time\Updater.exe [179200 2014-09-10] (Company) [File not signed]
R2 N360; "A:\Program Files (x86)\Norton 360\Engine\5.2.2.3\ccSvcHst.exe" /s "N360" /m "A:\Program Files (x86)\Norton 360\Engine\5.2.2.3\diMaster.dll" /prefetch:1 [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R1 BfLwf; C:\Windows\System32\DRIVERS\bflwfx64.sys [82096 2014-04-10] (Qualcomm Atheros, Inc.)
R1 BHDrvx64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\BASHDefs\20140821.007\BHDrvx64.sys [1588016 2014-08-21] (Symantec Corporation)
R3 DFX11_1; C:\Windows\System32\drivers\dfx11_1x64.sys [28008 2012-12-13] (Windows ® Win 7 DDK provider)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2014-02-27] (Disc Soft Ltd)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [487216 2014-09-09] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [142640 2014-09-09] (Symantec Corporation)
R1 IDSVia64; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\IPSDefs\20140911.001\IDSvia64.sys [633560 2014-08-22] (Symantec Corporation)
S3 ISCT; C:\Windows\System32\DRIVERS\ISCTD64.sys [46568 2013-01-19] ()
R3 Ke2200; C:\Windows\System32\DRIVERS\e22w7x64.sys [129200 2014-03-27] (Qualcomm Atheros, Inc.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-05-12] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [122584 2014-09-11] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-05-12] (Malwarebytes Corporation)
R3 NAVENG; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\VirusDefs\20140910.002\ENG64.SYS [129752 2014-08-27] (Symantec Corporation)
R3 NAVEX15; C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_5.0.0.125\Definitions\VirusDefs\20140910.002\EX64.SYS [2137304 2014-08-27] (Symantec Corporation)
R3 NvStreamKms; \??\A:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [21448 2014-08-08] ()
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [40392 2014-03-31] (NVIDIA Corporation)
R3 RTCore64; \??\A:\Program Files (x86)\EVGA Precision X\RTCore64.sys [15176 2013-07-17] ()
R0 SamsungRapidDiskFltr; C:\Windows\System32\DRIVERS\SamsungRapidDiskFltr.sys [265952 2014-05-19] (Samsung Electronics Co., Ltd.)
R0 SamsungRapidFSFltr; C:\Windows\System32\DRIVERS\SamsungRapidFSFltr.sys [111328 2014-05-19] (Samsung Electronics Co., Ltd.)
S3 ScpVBus; C:\Windows\System32\DRIVERS\ScpVBus.sys [39168 2013-05-05] (Scarlet.Crush Productions)
R3 SRTSP; C:\Windows\System32\Drivers\N360x64\0502020.003\SRTSP64.SYS [744568 2011-03-30] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\N360x64\0502020.003\SRTSPX64.SYS [40568 2011-03-30] (Symantec Corporation)
R0 SymDS; C:\Windows\System32\drivers\N360x64\0502020.003\SYMDS64.SYS [450680 2011-01-27] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\N360x64\0502020.003\SYMEFA64.SYS [912504 2011-03-14] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [174200 2014-08-27] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\N360x64\0502020.003\Ironx64.SYS [171128 2010-11-15] (Symantec Corporation)
R1 SymNetS; C:\Windows\System32\Drivers\N360x64\0502020.003\SYMNETS.SYS [386168 2011-04-20] (Symantec Corporation)
R3 ALSysIO; \??\C:\Users\Thomas\AppData\Local\Temp\ALSysIO64.sys [X]
S3 MSICDSetup; \??\D:\CDriver64.sys [X]
S3 NTIOLib_1_0_3; \??\C:\Program Files (x86)\MSI\Super-Charger\NTIOLib_X64.sys [X]
S3 NTIOLib_1_0_C; \??\D:\NTIOLib_X64.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
R3 WinRing0_1_2_0; \??\C:\Users\Thomas\AppData\Local\Temp\tmp46BF.tmp [X]
S3 XFDriver64; \??\A:\Program Files (x86)\Xfire2\XFDriver64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-12 05:40 - 2014-09-12 05:40 - 00000000 ____D () C:\FRST
2014-09-11 01:36 - 2014-09-11 01:50 - 00000000 ____D () C:\ProgramData\HitmanPro
2014-09-11 01:36 - 2014-09-11 01:36 - 00000000 ____D () A:\Program Files\HitmanPro
2014-09-10 18:17 - 2014-09-10 18:17 - 00000000 ____D () C:\Windows\ERUNT
2014-09-10 18:11 - 2014-09-11 02:52 - 00000000 ____D () C:\AdwCleaner
2014-09-10 16:33 - 2014-09-11 16:53 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-09-10 16:33 - 2014-09-10 16:33 - 00000941 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-09-10 16:33 - 2014-09-10 16:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-09-10 16:33 - 2014-09-10 16:33 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-09-10 16:33 - 2014-09-10 16:33 - 00000000 ____D () A:\Program Files (x86)\Malwarebytes Anti-Malware
2014-09-10 16:33 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-09-10 16:33 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-09-10 16:33 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-09-10 16:24 - 2014-08-19 13:05 - 00374968 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-09-10 16:24 - 2014-08-19 12:39 - 00327872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-09-10 16:24 - 2014-08-18 18:01 - 23591424 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-09-10 16:24 - 2014-08-18 17:29 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-09-10 16:24 - 2014-08-18 17:29 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-09-10 16:24 - 2014-08-18 17:26 - 17455104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-09-10 16:24 - 2014-08-18 17:20 - 02793984 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-09-10 16:24 - 2014-08-18 17:19 - 05833728 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-09-10 16:24 - 2014-08-18 17:15 - 00547328 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-09-10 16:24 - 2014-08-18 17:15 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-09-10 16:24 - 2014-08-18 17:14 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-09-10 16:24 - 2014-08-18 17:14 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-09-10 16:24 - 2014-08-18 17:08 - 04232704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-09-10 16:24 - 2014-08-18 17:08 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-09-10 16:24 - 2014-08-18 17:08 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-09-10 16:24 - 2014-08-18 17:05 - 00596480 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-09-10 16:24 - 2014-08-18 17:03 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-09-10 16:24 - 2014-08-18 17:03 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-09-10 16:24 - 2014-08-18 17:03 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-09-10 16:24 - 2014-08-18 16:57 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-09-10 16:24 - 2014-08-18 16:56 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-09-10 16:24 - 2014-08-18 16:51 - 00446464 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-09-10 16:24 - 2014-08-18 16:46 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-09-10 16:24 - 2014-08-18 16:45 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-09-10 16:24 - 2014-08-18 16:45 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-09-10 16:24 - 2014-08-18 16:44 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-09-10 16:24 - 2014-08-18 16:44 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-09-10 16:24 - 2014-08-18 16:42 - 02185728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-09-10 16:24 - 2014-08-18 16:40 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-09-10 16:24 - 2014-08-18 16:39 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-09-10 16:24 - 2014-08-18 16:39 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-09-10 16:24 - 2014-08-18 16:39 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-09-10 16:24 - 2014-08-18 16:38 - 00289280 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-09-10 16:24 - 2014-08-18 16:37 - 00440320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-09-10 16:24 - 2014-08-18 16:36 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-09-10 16:24 - 2014-08-18 16:35 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-09-10 16:24 - 2014-08-18 16:27 - 00365056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-09-10 16:24 - 2014-08-18 16:25 - 00727040 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-09-10 16:24 - 2014-08-18 16:25 - 00707072 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-09-10 16:24 - 2014-08-18 16:23 - 02104832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-09-10 16:24 - 2014-08-18 16:23 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-09-10 16:24 - 2014-08-18 16:22 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-09-10 16:24 - 2014-08-18 16:19 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-09-10 16:24 - 2014-08-18 16:17 - 00243200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-09-10 16:24 - 2014-08-18 16:17 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-09-10 16:24 - 2014-08-18 16:16 - 13588480 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-09-10 16:24 - 2014-08-18 16:15 - 11769856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-09-10 16:24 - 2014-08-18 16:15 - 02310656 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-09-10 16:24 - 2014-08-18 16:09 - 00603136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-09-10 16:24 - 2014-08-18 16:08 - 02014208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-09-10 16:24 - 2014-08-18 16:07 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-09-10 16:24 - 2014-08-18 15:55 - 01447424 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-09-10 16:24 - 2014-08-18 15:46 - 01812992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-09-10 16:24 - 2014-08-18 15:38 - 01190400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-09-10 16:24 - 2014-08-18 15:38 - 00775168 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-09-10 16:24 - 2014-08-18 15:36 - 00678400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-09-10 16:22 - 2014-06-26 21:08 - 02777088 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2014-09-10 16:22 - 2014-06-26 20:45 - 02285056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2014-09-10 16:05 - 2014-08-01 06:53 - 01031168 _____ (Microsoft Corporation) C:\Windows\system32\TSWorkspace.dll
2014-09-10 16:05 - 2014-08-01 06:35 - 00793600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSWorkspace.dll
2014-09-10 16:05 - 2014-06-23 22:29 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2014-09-10 16:05 - 2014-06-23 21:59 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2014-09-10 16:04 - 2014-07-06 21:06 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-09-10 16:04 - 2014-07-06 21:06 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-09-10 16:04 - 2014-07-06 20:40 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-09-10 16:04 - 2014-07-06 20:40 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-09-10 16:04 - 2014-07-06 20:39 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-09-09 19:17 - 2014-09-09 19:29 - 00000000 ____D () C:\Users\Thomas\Documents\FIFA 15 Demo
2014-09-09 19:16 - 2013-05-05 16:32 - 00039168 _____ (Scarlet.Crush Productions) C:\Windows\system32\Drivers\ScpVBus.sys
2014-09-09 19:15 - 2014-09-09 19:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MPC-HC x64
2014-09-09 19:15 - 2014-09-09 19:15 - 00000000 ____D () A:\Program Files\MPC-HC
2014-09-09 12:51 - 2014-09-11 03:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack
2014-09-08 22:11 - 2014-09-08 22:42 - 00000000 ____D () C:\Games
2014-09-08 19:49 - 2014-09-08 19:51 - 00000000 ____D () C:\Users\Thomas\Desktop\The SIMS 4-Deluxe Edition-SKIDROWCRACK
2014-09-07 03:14 - 2014-09-07 03:18 - 00011502 _____ () C:\Users\Thomas\Desktop\ELECTRO.m3u8
2014-09-06 21:12 - 2014-09-06 21:12 - 00272808 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-09-06 21:12 - 2014-09-06 21:12 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-09-06 21:12 - 2014-09-06 21:12 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-09-06 21:12 - 2014-09-06 21:12 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-09-06 21:12 - 2014-09-06 21:12 - 00000000 ____D () A:\Program Files (x86)\Java
2014-09-06 14:58 - 2014-09-06 14:58 - 00292904 _____ () C:\Windows\Minidump\090614-6505-01.dmp
2014-09-05 20:49 - 2014-09-05 21:55 - 00000000 ____D () C:\Users\Thomas\Documents\BFBC2
2014-09-05 20:48 - 2014-09-05 20:48 - 02434856 _____ () C:\Windows\SysWOW64\pbsvc_bc2.exe
2014-09-05 04:34 - 2014-09-05 04:34 - 00001242 _____ () C:\Users\Thomas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-09-05 04:28 - 2014-09-05 04:28 - 00000000 __SHD () C:\Users\Thomas\AppData\Local\EmieUserList
2014-09-05 04:28 - 2014-09-05 04:28 - 00000000 __SHD () C:\Users\Thomas\AppData\Local\EmieSiteList
2014-09-04 20:22 - 2014-08-29 22:45 - 00447752 _____ (On2.com) C:\Windows\SysWOW64\vp6vfw.dll
2014-09-04 03:07 - 2014-09-04 03:08 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-09-04 03:07 - 2012-08-21 13:01 - 00033240 _____ (GEAR Software Inc.) C:\Windows\system32\Drivers\GEARAspiWDM.sys
2014-09-03 21:53 - 2014-09-03 21:53 - 00000000 ____D () C:\Users\Thomas\Documents\Aiseesoft Studio
2014-09-03 21:51 - 2014-09-03 21:51 - 00001119 _____ () C:\Users\Public\Desktop\FoneLab.lnk
2014-09-03 21:51 - 2014-09-03 21:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Aiseesoft
2014-09-03 21:51 - 2014-09-03 21:51 - 00000000 ____D () C:\ProgramData\Aiseesoft Studio
2014-09-03 21:51 - 2014-09-03 21:51 - 00000000 ____D () A:\Program Files (x86)\Aiseesoft Studio
2014-09-03 20:26 - 2014-09-03 20:26 - 00000000 ____D () C:\Users\Thomas\AppData\Local\Aiseesoft Studio
2014-09-03 13:42 - 2014-09-03 04:51 - 93823958 _____ () C:\Users\Thomas\Desktop\TauDemNamCu_HoangThucLinh.rar
2014-09-02 21:59 - 2014-09-02 22:10 - 515812923 _____ () C:\Users\Thomas\Desktop\My Movie.mp4
2014-09-02 21:52 - 2014-09-02 21:52 - 00000000 ____D () C:\Users\Thomas\AppData\Roaming\{950EB46C-6AC7-4ACC-AB36-9A6A77C08B6A}
2014-09-02 21:50 - 2014-09-10 18:27 - 00000000 ____D () C:\ProgramData\Aimersoft
2014-09-02 21:50 - 2014-09-10 18:27 - 00000000 ____D () A:\Program Files (x86)\Aimersoft
2014-09-02 21:18 - 2014-09-02 21:19 - 00001908 _____ () C:\Windows\diagwrn.xml
2014-09-02 21:18 - 2014-09-02 21:19 - 00001908 _____ () C:\Windows\diagerr.xml
2014-09-02 21:18 - 2014-09-02 21:18 - 00000000 ___HD () C:\$WINDOWS.~BT
2014-09-02 18:19 - 2014-09-02 18:22 - 00000132 _____ () C:\Windows\winamp.ini
2014-08-31 15:33 - 2014-09-11 15:18 - 00003026 _____ () C:\Windows\System32\Tasks\EVGAPrecision
2014-08-29 18:13 - 2014-08-30 14:03 - 00000000 ____D () C:\Users\Thomas\AppData\Local\4A Games
2014-08-28 05:55 - 2014-08-28 05:55 - 00000000 ____D () C:\Windows\System32\Tasks\Symantec
2014-08-28 05:49 - 2014-09-04 03:08 - 00000000 ____D () C:\Program Files\Common Files\Apple
2014-08-28 05:49 - 2014-08-28 05:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud
2014-08-27 16:37 - 2014-08-27 16:37 - 00292888 _____ () C:\Windows\Minidump\082714-6505-01.dmp
2014-08-27 15:22 - 2014-08-27 15:22 - 00000000 ____D () C:\Windows\System32\Tasks\PCMeter
2014-08-27 14:43 - 2014-08-22 21:07 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-08-27 14:43 - 2014-08-22 20:45 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-08-27 14:43 - 2014-08-22 19:59 - 03163648 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-08-27 00:28 - 2014-08-28 05:50 - 00000000 ____D () C:\Windows\system32\Drivers\N360x64
2014-08-27 00:28 - 2014-08-28 05:49 - 00002212 _____ () C:\Users\Public\Desktop\Norton 360.lnk
2014-08-27 00:28 - 2014-08-28 05:49 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton 360
2014-08-27 00:28 - 2014-08-27 00:32 - 00174200 _____ (Symantec Corporation) C:\Windows\system32\Drivers\SYMEVENT64x86.SYS
2014-08-27 00:28 - 2014-08-27 00:32 - 00007488 _____ () C:\Windows\system32\Drivers\SYMEVENT64x86.CAT
2014-08-27 00:28 - 2014-08-27 00:32 - 00000000 ____D () A:\Program Files\Symantec
2014-08-27 00:28 - 2014-08-27 00:28 - 00000000 ____D () C:\ProgramData\Norton
2014-08-27 00:28 - 2014-08-27 00:28 - 00000000 ____D () C:\Program Files\Common Files\Symantec Shared
2014-08-27 00:28 - 2014-08-27 00:28 - 00000000 ____D () A:\Program Files (x86)\Norton 360
2014-08-27 00:28 - 2012-08-21 13:01 - 00125872 _____ (GEAR Software Inc.) C:\Windows\system32\GEARAspi64.dll
2014-08-27 00:28 - 2012-08-21 13:01 - 00106928 _____ (GEAR Software Inc.) C:\Windows\SysWOW64\GEARAspi.dll
2014-08-27 00:22 - 2014-09-06 14:58 - 1972572584 _____ () C:\Windows\MEMORY.DMP
2014-08-27 00:22 - 2014-08-27 00:22 - 00292856 _____ () C:\Windows\Minidump\082714-13821-01.dmp
2014-08-26 23:13 - 2014-08-26 23:13 - 00000000 ____D () A:\Program Files\Intel
2014-08-26 23:12 - 2014-08-26 23:12 - 00000000 ____D () C:\Users\Thomas\Intel
2014-08-26 23:10 - 2014-06-26 22:30 - 00383472 _____ (Intel Corporation) C:\Windows\system32\Drivers\iusb3hub.sys
2014-08-26 23:09 - 2014-08-26 23:09 - 00000000 ____D () C:\ProgramData\Qualcomm
2014-08-26 23:09 - 2014-08-26 23:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Qualcomm Atheros
2014-08-26 23:08 - 2014-08-26 23:08 - 00000000 ____D () C:\ProgramData\Downloaded Installations
2014-08-26 23:08 - 2014-08-26 23:08 - 00000000 ____D () A:\Program Files\Qualcomm Atheros
2014-08-26 23:05 - 2014-08-26 23:08 - 00000000 _____ () C:\Users\Thomas\AppData\Local\Driver_LOM_8161Present.flag
2014-08-26 23:04 - 2014-08-26 23:04 - 00000000 ____D () A:\Program Files\Realtek
2014-08-26 23:04 - 2014-07-15 06:01 - 04012632 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RTKVHD64.sys
2014-08-26 23:04 - 2014-07-15 02:30 - 00950488 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoInstII64.dll
2014-08-26 23:04 - 2014-07-14 22:14 - 01277681 _____ () C:\Windows\system32\Drivers\RTAIODAT.DAT
2014-08-26 23:04 - 2014-07-11 02:10 - 02000152 _____ (Creative Technology Ltd.) C:\Windows\system32\MBAPO264.dll
2014-08-26 23:04 - 2014-07-11 02:10 - 01728792 _____ (Creative Technology Ltd.) C:\Windows\SysWOW64\MBAPO232.dll
2014-08-26 23:04 - 2014-07-09 03:57 - 02808024 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RltkAPO64.dll
2014-08-26 23:04 - 2014-07-07 01:07 - 02860760 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtPgEx64.dll
2014-08-26 23:04 - 2014-07-03 22:07 - 01024728 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkApi64.dll
2014-08-26 23:04 - 2014-06-17 00:32 - 01286872 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTCOM64.dll
2014-08-26 23:04 - 2014-06-08 21:59 - 00560328 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAC64.dll
2014-08-26 23:04 - 2014-05-08 22:17 - 00628952 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtDataProc64.dll
2014-08-26 23:04 - 2014-04-09 23:19 - 02101848 _____ (Waves Audio Ltd.) C:\Windows\system32\WavesGUILib64.dll
2014-08-26 23:04 - 2014-04-09 23:19 - 02041432 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioEQ64.dll
2014-08-26 23:04 - 2014-04-09 23:19 - 01063512 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPOShell64.dll
2014-08-26 23:04 - 2014-03-06 03:35 - 01959128 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTSnMg64.cpl
2014-08-26 23:04 - 2014-02-18 04:04 - 02770976 _____ (Fortemedia Corporation) C:\Windows\system32\FMAPO64.dll
2014-08-26 23:04 - 2014-01-08 02:25 - 00397592 _____ (Creative Technology Ltd.) C:\Windows\system32\MBWrp64.dll
2014-08-26 23:04 - 2013-10-10 23:47 - 00113576 _____ (Real Sound Lab SIA) C:\Windows\system32\CONEQMSAPOGUILibrary.dll
2014-08-24 17:02 - 2014-08-24 17:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DFX Audio Enhancer
2014-08-24 17:02 - 2014-08-24 17:02 - 00000000 ____D () A:\Program Files (x86)\DFX
2014-08-20 13:17 - 2014-09-11 18:16 - 00007185 _____ () C:\Windows\setupact.log
2014-08-20 13:17 - 2014-09-02 21:18 - 00000000 _____ () C:\Windows\setuperr.log
2014-08-19 05:24 - 2014-08-19 05:24 - 00000000 ____D () C:\Users\Thomas\AppData\Roaming\PopcornTime
2014-08-16 03:21 - 2014-08-16 03:21 - 00000219 _____ () C:\Users\Thomas\Desktop\Counter-Strike Global Offensive.url
2014-08-15 13:16 - 2014-08-15 13:16 - 00000000 ____D () C:\Users\Thomas\AppData\Local\Adobe
2014-08-15 03:00 - 2014-06-30 17:24 - 00008856 _____ (Microsoft Corporation) C:\Windows\system32\icardres.dll
2014-08-15 03:00 - 2014-06-30 17:14 - 00008856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardres.dll
2014-08-15 03:00 - 2014-06-06 01:16 - 00035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe
2014-08-15 03:00 - 2014-06-06 01:12 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2014-08-15 03:00 - 2014-03-09 16:48 - 01389208 _____ (Microsoft Corporation) C:\Windows\system32\icardagt.exe
2014-08-15 03:00 - 2014-03-09 16:48 - 00171160 _____ (Microsoft Corporation) C:\Windows\system32\infocardapi.dll
2014-08-15 03:00 - 2014-03-09 16:47 - 00619672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardagt.exe
2014-08-15 03:00 - 2014-03-09 16:47 - 00099480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\infocardapi.dll
2014-08-15 01:52 - 2014-08-15 01:52 - 00000000 ____D () C:\Users\Thomas\AppData\Local\Vitalwerks
2014-08-15 01:37 - 2014-07-15 22:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-08-15 01:37 - 2014-07-15 21:46 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-08-15 01:37 - 2014-07-08 21:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDYAK.DLL
2014-08-15 01:37 - 2014-07-08 21:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDTAT.DLL
2014-08-15 01:37 - 2014-07-08 21:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU1.DLL
2014-08-15 01:37 - 2014-07-08 21:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDBASH.DLL
2014-08-15 01:37 - 2014-07-08 21:03 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU.DLL
2014-08-15 01:37 - 2014-07-08 20:31 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDYAK.DLL
2014-08-15 01:37 - 2014-07-08 20:31 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDTAT.DLL
2014-08-15 01:37 - 2014-07-08 20:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU1.DLL
2014-08-15 01:37 - 2014-07-08 20:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU.DLL
2014-08-15 01:37 - 2014-07-08 20:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDBASH.DLL
2014-08-15 01:37 - 2014-07-08 17:38 - 00419992 _____ () C:\Windows\system32\locale.nls
2014-08-15 01:37 - 2014-07-08 17:30 - 00419992 _____ () C:\Windows\SysWOW64\locale.nls
2014-08-15 01:37 - 2014-06-24 21:05 - 14175744 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-08-15 01:37 - 2014-06-24 20:41 - 12874240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-08-15 01:37 - 2014-06-15 21:10 - 00985536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2014-08-15 01:37 - 2014-06-03 05:02 - 03241984 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-08-15 01:37 - 2014-06-03 05:02 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2014-08-15 01:37 - 2014-06-03 05:02 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2014-08-15 01:37 - 2014-06-03 05:02 - 00112064 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2014-08-15 01:37 - 2014-06-03 04:29 - 02363392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-08-15 01:37 - 2014-06-03 04:29 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2014-08-15 01:37 - 2014-06-03 04:29 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2014-08-15 01:36 - 2014-07-13 21:02 - 01216000 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2014-08-15 01:36 - 2014-07-13 20:40 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-12 05:40 - 2014-09-12 05:40 - 00000000 ____D () C:\FRST
2014-09-12 03:00 - 2014-02-27 16:18 - 01216039 _____ () C:\Windows\WindowsUpdate.log
2014-09-12 00:45 - 2014-02-27 13:28 - 00000000 ____D () A:\Program Files (x86)\Steam
2014-09-12 00:10 - 2009-07-13 23:45 - 00028576 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-09-12 00:10 - 2009-07-13 23:45 - 00028576 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-09-11 23:56 - 2014-02-27 13:17 - 00000000 ____D () A:\Program Files (x86)\EVGA Precision X
2014-09-11 18:16 - 2014-08-20 13:17 - 00007185 _____ () C:\Windows\setupact.log
2014-09-11 16:53 - 2014-09-10 16:33 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-09-11 15:25 - 2009-07-14 00:13 - 00782470 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-09-11 15:24 - 2014-03-04 23:16 - 00000000 ____D () C:\ProgramData\Origin
2014-09-11 15:19 - 2014-03-04 23:16 - 00000000 ____D () A:\Program Files (x86)\Origin
2014-09-11 15:19 - 2014-02-27 15:41 - 00000266 _____ () C:\Windows\Tasks\AutoKMS.job
2014-09-11 15:19 - 2014-02-27 13:36 - 00000000 ___RD () C:\Users\Thomas\Dropbox
2014-09-11 15:19 - 2014-02-27 13:35 - 00000000 ____D () C:\Users\Thomas\AppData\Roaming\Dropbox
2014-09-11 15:19 - 2014-02-27 06:55 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-09-11 15:19 - 2009-07-14 00:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-09-11 15:18 - 2014-08-31 15:33 - 00003026 _____ () C:\Windows\System32\Tasks\EVGAPrecision
2014-09-11 15:15 - 2014-07-08 09:57 - 00000000 ____D () A:\Program Files (x86)\Popcorn Time
2014-09-11 08:05 - 2014-02-27 13:34 - 00000000 ____D () C:\Users\Thomas\AppData\Roaming\BitTorrent
2014-09-11 04:55 - 2014-03-04 04:56 - 00000000 ____D () C:\Users\Thomas\AppData\Local\CrashDumps
2014-09-11 03:15 - 2014-09-09 12:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack
2014-09-11 03:15 - 2014-07-08 09:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Popcorn Time
2014-09-11 03:15 - 2014-04-15 00:02 - 00000000 ____D () A:\Program Files (x86)\K-Lite Codec Pack
2014-09-11 02:53 - 2010-11-20 22:47 - 01343542 _____ () C:\Windows\PFRO.log
2014-09-11 02:52 - 2014-09-10 18:11 - 00000000 ____D () C:\AdwCleaner
2014-09-11 02:07 - 2014-07-01 13:47 - 00000000 ____D () C:\Users\Thomas\Desktop\Pics
2014-09-11 01:50 - 2014-09-11 01:36 - 00000000 ____D () C:\ProgramData\HitmanPro
2014-09-11 01:36 - 2014-09-11 01:36 - 00000000 ____D () A:\Program Files\HitmanPro
2014-09-10 18:47 - 2014-02-27 18:20 - 00000000 ____D () C:\MSI
2014-09-10 18:27 - 2014-09-02 21:50 - 00000000 ____D () C:\ProgramData\Aimersoft
2014-09-10 18:27 - 2014-09-02 21:50 - 00000000 ____D () A:\Program Files (x86)\Aimersoft
2014-09-10 18:17 - 2014-09-10 18:17 - 00000000 ____D () C:\Windows\ERUNT
2014-09-10 16:33 - 2014-09-10 16:33 - 00000941 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-09-10 16:33 - 2014-09-10 16:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-09-10 16:33 - 2014-09-10 16:33 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-09-10 16:33 - 2014-09-10 16:33 - 00000000 ____D () A:\Program Files (x86)\Malwarebytes Anti-Malware
2014-09-10 16:24 - 2014-02-27 21:21 - 00000000 ____D () C:\Windows\system32\MRT
2014-09-10 16:24 - 2014-02-27 18:35 - 00774592 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-09-10 16:24 - 2014-02-27 15:39 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-09-10 16:22 - 2014-02-27 21:21 - 101694776 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-09-10 01:54 - 2014-02-27 20:23 - 00000000 ____D () C:\Users\Thomas\AppData\Roaming\vlc
2014-09-09 22:09 - 2014-03-01 18:04 - 00000000 ____D () A:\Program Files (x86)\RADS
2014-09-09 19:31 - 2014-03-04 23:17 - 00000000 ____D () A:\Program Files (x86)\Origin Games
2014-09-09 19:31 - 2009-07-14 00:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-09-09 19:29 - 2014-09-09 19:17 - 00000000 ____D () C:\Users\Thomas\Documents\FIFA 15 Demo
2014-09-09 19:15 - 2014-09-09 19:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MPC-HC x64
2014-09-09 19:15 - 2014-09-09 19:15 - 00000000 ____D () A:\Program Files\MPC-HC
2014-09-08 22:42 - 2014-09-08 22:11 - 00000000 ____D () C:\Games
2014-09-08 19:51 - 2014-09-08 19:49 - 00000000 ____D () C:\Users\Thomas\Desktop\The SIMS 4-Deluxe Edition-SKIDROWCRACK
2014-09-08 15:02 - 2014-05-21 01:44 - 00000000 ____D () C:\Users\Thomas\AppData\Roaming\.minecraft
2014-09-08 15:01 - 2014-02-27 13:36 - 00001021 _____ () C:\Users\Thomas\Desktop\Dropbox.lnk
2014-09-08 15:01 - 2014-02-27 13:35 - 00000000 ____D () C:\Users\Thomas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-09-07 03:18 - 2014-09-07 03:14 - 00011502 _____ () C:\Users\Thomas\Desktop\ELECTRO.m3u8
2014-09-07 03:18 - 2014-03-01 02:04 - 00009817 _____ () C:\Users\Thomas\Desktop\MUSIC.m3u8
2014-09-06 21:12 - 2014-09-06 21:12 - 00272808 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-09-06 21:12 - 2014-09-06 21:12 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-09-06 21:12 - 2014-09-06 21:12 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-09-06 21:12 - 2014-09-06 21:12 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-09-06 21:12 - 2014-09-06 21:12 - 00000000 ____D () A:\Program Files (x86)\Java
2014-09-06 21:12 - 2014-02-27 13:37 - 00000000 ____D () C:\ProgramData\Oracle
2014-09-06 14:58 - 2014-09-06 14:58 - 00292904 _____ () C:\Windows\Minidump\090614-6505-01.dmp
2014-09-06 14:58 - 2014-08-27 00:22 - 1972572584 _____ () C:\Windows\MEMORY.DMP
2014-09-06 14:58 - 2014-03-01 01:30 - 00000000 ____D () C:\Windows\Minidump
2014-09-06 13:33 - 2014-04-21 21:56 - 00282296 _____ () C:\Windows\SysWOW64\PnkBstrB.xtr
2014-09-06 13:33 - 2014-03-05 02:35 - 00282296 _____ () C:\Windows\SysWOW64\PnkBstrB.exe
2014-09-06 13:30 - 2014-03-05 02:35 - 00215128 _____ () C:\Windows\SysWOW64\PnkBstrB.ex0
2014-09-05 21:55 - 2014-09-05 20:49 - 00000000 ____D () C:\Users\Thomas\Documents\BFBC2
2014-09-05 21:03 - 2014-03-05 02:35 - 00076888 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2014-09-05 20:49 - 2014-03-05 13:59 - 00000000 ____D () C:\Users\Thomas\AppData\Local\PunkBuster
2014-09-05 20:48 - 2014-09-05 20:48 - 02434856 _____ () C:\Windows\SysWOW64\pbsvc_bc2.exe
2014-09-05 20:48 - 2014-02-27 16:07 - 00452097 _____ () C:\Windows\DirectX.log
2014-09-05 04:34 - 2014-09-05 04:34 - 00001242 _____ () C:\Users\Thomas\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-09-05 04:28 - 2014-09-05 04:28 - 00000000 __SHD () C:\Users\Thomas\AppData\Local\EmieUserList
2014-09-05 04:28 - 2014-09-05 04:28 - 00000000 __SHD () C:\Users\Thomas\AppData\Local\EmieSiteList
2014-09-04 20:23 - 2014-03-05 02:35 - 00000000 ____D () C:\ProgramData\Package Cache
2014-09-04 03:08 - 2014-09-04 03:07 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-09-04 03:08 - 2014-08-28 05:49 - 00000000 ____D () C:\Program Files\Common Files\Apple
2014-09-04 03:08 - 2014-02-27 20:24 - 00000000 ____D () C:\ProgramData\Apple
2014-09-04 03:07 - 2014-02-27 22:23 - 00000000 ____D () C:\Users\Thomas\AppData\Roaming\Apple Computer
2014-09-04 03:07 - 2014-02-27 22:05 - 00000000 ____D () C:\Users\Thomas\AppData\Local\Apple Computer
2014-09-04 03:07 - 2014-02-27 22:04 - 00000000 ____D () C:\ProgramData\Apple Computer
2014-09-04 00:10 - 2014-02-27 16:08 - 00000000 ____D () C:\Users\Thomas\Documents\My Games
2014-09-03 22:44 - 2014-08-09 13:14 - 00000000 ____D () C:\Users\Thomas\Documents\Electronic Arts
2014-09-03 22:41 - 2014-03-04 23:17 - 00000000 ____D () C:\Users\Thomas\AppData\Roaming\Origin
2014-09-03 21:53 - 2014-09-03 21:53 - 00000000 ____D () C:\Users\Thomas\Documents\Aiseesoft Studio
2014-09-03 21:51 - 2014-09-03 21:51 - 00001119 _____ () C:\Users\Public\Desktop\FoneLab.lnk
2014-09-03 21:51 - 2014-09-03 21:51 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Aiseesoft
2014-09-03 21:51 - 2014-09-03 21:51 - 00000000 ____D () C:\ProgramData\Aiseesoft Studio
2014-09-03 21:51 - 2014-09-03 21:51 - 00000000 ____D () A:\Program Files (x86)\Aiseesoft Studio
2014-09-03 20:26 - 2014-09-03 20:26 - 00000000 ____D () C:\Users\Thomas\AppData\Local\Aiseesoft Studio
2014-09-03 04:51 - 2014-09-03 13:42 - 93823958 _____ () C:\Users\Thomas\Desktop\TauDemNamCu_HoangThucLinh.rar
2014-09-02 22:10 - 2014-09-02 21:59 - 515812923 _____ () C:\Users\Thomas\Desktop\My Movie.mp4
2014-09-02 21:52 - 2014-09-02 21:52 - 00000000 ____D () C:\Users\Thomas\AppData\Roaming\{950EB46C-6AC7-4ACC-AB36-9A6A77C08B6A}
2014-09-02 21:19 - 2014-09-02 21:18 - 00001908 _____ () C:\Windows\diagwrn.xml
2014-09-02 21:19 - 2014-09-02 21:18 - 00001908 _____ () C:\Windows\diagerr.xml
2014-09-02 21:18 - 2014-09-02 21:18 - 00000000 ___HD () C:\$WINDOWS.~BT
2014-09-02 21:18 - 2014-08-20 13:17 - 00000000 _____ () C:\Windows\setuperr.log
2014-09-02 18:54 - 2014-02-27 13:38 - 00000000 ____D () C:\Users\Thomas\AppData\Roaming\ImgBurn
2014-09-02 18:22 - 2014-09-02 18:19 - 00000132 _____ () C:\Windows\winamp.ini
2014-09-02 14:26 - 2014-02-27 21:05 - 00013249 _____ () C:\Windows\IE11_main.log
2014-08-30 14:03 - 2014-08-29 18:13 - 00000000 ____D () C:\Users\Thomas\AppData\Local\4A Games
2014-08-29 22:45 - 2014-09-04 20:22 - 00447752 _____ (On2.com) C:\Windows\SysWOW64\vp6vfw.dll
2014-08-28 05:55 - 2014-08-28 05:55 - 00000000 ____D () C:\Windows\System32\Tasks\Symantec
2014-08-28 05:50 - 2014-08-27 00:28 - 00000000 ____D () C:\Windows\system32\Drivers\N360x64
2014-08-28 05:49 - 2014-08-28 05:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud
2014-08-28 05:49 - 2014-08-27 00:28 - 00002212 _____ () C:\Users\Public\Desktop\Norton 360.lnk
2014-08-28 05:49 - 2014-08-27 00:28 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton 360
2014-08-28 02:02 - 2014-03-02 21:51 - 00000217 _____ () C:\Users\Thomas\Desktop\Sid Meier's Civilization V (DirectX 11).url
2014-08-27 16:37 - 2014-08-27 16:37 - 00292888 _____ () C:\Windows\Minidump\082714-6505-01.dmp
2014-08-27 15:32 - 2014-02-27 06:55 - 00000629 _____ () C:\Users\Thomas\AppData\Roaming\All CPU MeterV3_Settings.ini
2014-08-27 15:31 - 2014-02-27 13:23 - 00000299 _____ () C:\Users\Thomas\AppData\Roaming\GPU MeterV2_Settings.ini
2014-08-27 15:22 - 2014-08-27 15:22 - 00000000 ____D () C:\Windows\System32\Tasks\PCMeter
2014-08-27 14:55 - 2009-07-13 23:45 - 00413136 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-08-27 00:32 - 2014-08-27 00:28 - 00174200 _____ (Symantec Corporation) C:\Windows\system32\Drivers\SYMEVENT64x86.SYS
2014-08-27 00:32 - 2014-08-27 00:28 - 00007488 _____ () C:\Windows\system32\Drivers\SYMEVENT64x86.CAT
2014-08-27 00:32 - 2014-08-27 00:28 - 00000000 ____D () A:\Program Files\Symantec
2014-08-27 00:28 - 2014-08-27 00:28 - 00000000 ____D () C:\ProgramData\Norton
2014-08-27 00:28 - 2014-08-27 00:28 - 00000000 ____D () C:\Program Files\Common Files\Symantec Shared
2014-08-27 00:28 - 2014-08-27 00:28 - 00000000 ____D () A:\Program Files (x86)\Norton 360
2014-08-27 00:22 - 2014-08-27 00:22 - 00292856 _____ () C:\Windows\Minidump\082714-13821-01.dmp
2014-08-26 23:13 - 2014-08-26 23:13 - 00000000 ____D () A:\Program Files\Intel
2014-08-26 23:12 - 2014-08-26 23:12 - 00000000 ____D () C:\Users\Thomas\Intel
2014-08-26 23:12 - 2014-02-27 16:18 - 00000000 ____D () C:\Users\Thomas
2014-08-26 23:09 - 2014-08-26 23:09 - 00000000 ____D () C:\ProgramData\Qualcomm
2014-08-26 23:09 - 2014-08-26 23:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Qualcomm Atheros
2014-08-26 23:09 - 2014-02-27 16:29 - 00000000 ___HD () A:\Program Files (x86)\InstallShield Installation Information
2014-08-26 23:08 - 2014-08-26 23:08 - 00000000 ____D () C:\ProgramData\Downloaded Installations
2014-08-26 23:08 - 2014-08-26 23:08 - 00000000 ____D () A:\Program Files\Qualcomm Atheros
2014-08-26 23:08 - 2014-08-26 23:05 - 00000000 _____ () C:\Users\Thomas\AppData\Local\Driver_LOM_8161Present.flag
2014-08-26 23:06 - 2014-02-27 18:20 - 00002029 _____ () C:\Users\Thomas\AppData\Local\killertool.log
2014-08-26 23:04 - 2014-08-26 23:04 - 00000000 ____D () A:\Program Files\Realtek
2014-08-26 23:04 - 2014-02-27 18:37 - 00000000 ____D () C:\Windows\SysWOW64\RTCOM
2014-08-26 12:49 - 2014-03-17 00:00 - 00058880 _____ () C:\Users\Thomas\AppData\Local\N360
2014-08-26 12:49 - 2014-03-17 00:00 - 00054272 _____ () C:\Users\Thomas\AppData\Local\NIS
2014-08-26 12:49 - 2014-03-17 00:00 - 00054272 _____ () C:\Users\Thomas\AppData\Local\NAV
2014-08-25 06:53 - 2010-11-20 22:27 - 00270496 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-08-24 17:02 - 2014-08-24 17:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DFX Audio Enhancer
2014-08-24 17:02 - 2014-08-24 17:02 - 00000000 ____D () A:\Program Files (x86)\DFX
2014-08-24 05:03 - 2014-03-06 23:48 - 00000000 ____D () C:\Users\Thomas\AppData\Local\NVIDIA
2014-08-22 21:07 - 2014-08-27 14:43 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-08-22 20:45 - 2014-08-27 14:43 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-08-22 19:59 - 2014-08-27 14:43 - 03163648 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-08-19 13:05 - 2014-09-10 16:24 - 00374968 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-08-19 12:39 - 2014-09-10 16:24 - 00327872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-08-19 05:24 - 2014-08-19 05:24 - 00000000 ____D () C:\Users\Thomas\AppData\Roaming\PopcornTime
2014-08-19 00:35 - 2014-05-25 22:14 - 00000000 ____D () C:\Users\Thomas\AppData\Roaming\XnView
2014-08-18 18:01 - 2014-09-10 16:24 - 23591424 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-08-18 17:29 - 2014-09-10 16:24 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-08-18 17:29 - 2014-09-10 16:24 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-08-18 17:26 - 2014-09-10 16:24 - 17455104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-08-18 17:20 - 2014-09-10 16:24 - 02793984 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-08-18 17:19 - 2014-09-10 16:24 - 05833728 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-08-18 17:15 - 2014-09-10 16:24 - 00547328 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-08-18 17:15 - 2014-09-10 16:24 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-08-18 17:14 - 2014-09-10 16:24 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-08-18 17:14 - 2014-09-10 16:24 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-08-18 17:08 - 2014-09-10 16:24 - 04232704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-08-18 17:08 - 2014-09-10 16:24 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-08-18 17:08 - 2014-09-10 16:24 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-08-18 17:05 - 2014-09-10 16:24 - 00596480 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-08-18 17:03 - 2014-09-10 16:24 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-08-18 17:03 - 2014-09-10 16:24 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-08-18 17:03 - 2014-09-10 16:24 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-08-18 16:57 - 2014-09-10 16:24 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-08-18 16:56 - 2014-09-10 16:24 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-08-18 16:51 - 2014-09-10 16:24 - 00446464 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-08-18 16:46 - 2014-09-10 16:24 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-08-18 16:45 - 2014-09-10 16:24 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-08-18 16:45 - 2014-09-10 16:24 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-08-18 16:44 - 2014-09-10 16:24 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-08-18 16:44 - 2014-09-10 16:24 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-08-18 16:42 - 2014-09-10 16:24 - 02185728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-08-18 16:40 - 2014-09-10 16:24 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-08-18 16:39 - 2014-09-10 16:24 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-08-18 16:39 - 2014-09-10 16:24 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-08-18 16:39 - 2014-09-10 16:24 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-08-18 16:38 - 2014-09-10 16:24 - 00289280 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-08-18 16:37 - 2014-09-10 16:24 - 00440320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-08-18 16:36 - 2014-09-10 16:24 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-08-18 16:35 - 2014-09-10 16:24 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-08-18 16:27 - 2014-09-10 16:24 - 00365056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-08-18 16:25 - 2014-09-10 16:24 - 00727040 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-08-18 16:25 - 2014-09-10 16:24 - 00707072 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-08-18 16:23 - 2014-09-10 16:24 - 02104832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-08-18 16:23 - 2014-09-10 16:24 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-08-18 16:22 - 2014-09-10 16:24 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-08-18 16:19 - 2014-09-10 16:24 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-08-18 16:17 - 2014-09-10 16:24 - 00243200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-08-18 16:17 - 2014-09-10 16:24 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-08-18 16:16 - 2014-09-10 16:24 - 13588480 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-08-18 16:15 - 2014-09-10 16:24 - 11769856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-08-18 16:15 - 2014-09-10 16:24 - 02310656 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-08-18 16:09 - 2014-09-10 16:24 - 00603136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-08-18 16:08 - 2014-09-10 16:24 - 02014208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-08-18 16:07 - 2014-09-10 16:24 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-08-18 15:55 - 2014-09-10 16:24 - 01447424 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-08-18 15:46 - 2014-09-10 16:24 - 01812992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-08-18 15:38 - 2014-09-10 16:24 - 01190400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-08-18 15:38 - 2014-09-10 16:24 - 00775168 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-08-18 15:36 - 2014-09-10 16:24 - 00678400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-08-17 07:47 - 2014-07-17 01:18 - 00000000 _____ () C:\Windows\SysWOW64\filetrace.log
2014-08-16 03:21 - 2014-08-16 03:21 - 00000219 _____ () C:\Users\Thomas\Desktop\Counter-Strike Global Offensive.url
2014-08-15 23:18 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\rescache
2014-08-15 13:16 - 2014-08-15 13:16 - 00000000 ____D () C:\Users\Thomas\AppData\Local\Adobe
2014-08-15 12:57 - 2014-02-27 13:26 - 00699568 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-08-15 12:57 - 2014-02-27 13:26 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-08-15 03:31 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-08-15 01:52 - 2014-08-15 01:52 - 00000000 ____D () C:\Users\Thomas\AppData\Local\Vitalwerks
2014-08-14 03:10 - 2009-07-14 00:08 - 00032642 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-08-14 02:54 - 2014-07-02 15:00 - 00000000 ____D () C:\Users\Thomas\AppData\Local\Windows Live
2014-08-13 12:24 - 2014-02-27 18:16 - 00110632 _____ () C:\Users\Thomas\AppData\Local\GDIPFONTCACHEV1.DAT
2014-08-13 01:27 - 2014-07-08 09:58 - 00000886 _____ () C:\Users\Public\Desktop\Popcorn Time.lnk

Some content of TEMP:
====================
C:\Users\Thomas\AppData\Local\Temp\devcon64.exe
C:\Users\Thomas\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpxe5nlg.dll
C:\Users\Thomas\AppData\Local\Temp\ose00000.exe
C:\Users\Thomas\AppData\Local\Temp\Quarantine.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-09-06 01:59

==================== End Of Log ============================


Additional scan result of Farbar Recovery Scan Tool (x64) Version: 10-09-2014
Ran by Thomas at 2014-09-12 05:40:52
Running from A:\Downloads
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Norton 360 (Enabled - Up to date) {63DF5164-9100-186D-2187-8DC619EFD8BF}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Norton 360 (Enabled - Up to date) {D8BEB080-B73A-17E3-1B37-B6B462689202}
FW: Norton 360 (Enabled) {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Flash Player 11 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 11.0.1.152 - Adobe Systems Incorporated)
Adobe Flash Player 14 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 14.0.0.179 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.08) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.08 - Adobe Systems Incorporated)
Adobe Shockwave Player 11.6 (HKLM-x32\...\Adobe Shockwave Player) (Version: 11.6.5.635 - Adobe Systems, Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Battlefield 3™ (HKLM-x32\...\{76285C16-411A-488A-BCE3-C83CB933D8CF}) (Version: 1.6.0.0 - Electronic Arts)
Battlefield 4™ (HKLM-x32\...\{ABADE36E-EC37-413B-8179-B432AD3FACE7}) (Version: 1.3.2.3825 - Electronic Arts)
Battlefield: Bad Company 2 (HKLM-x32\...\Steam App 24960) (Version:  - DICE)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.3.0 - EA Digital Illusions CE AB)
BitTorrent (HKCU\...\BitTorrent) (Version: 7.9.2.32241 - BitTorrent Inc.)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Borderlands 2 (HKLM-x32\...\Steam App 49520) (Version:  - Gearbox Software)
calibre 64bit (HKLM\...\{573AFB32-7DDF-40CF-BF13-D6E10922EBBA}) (Version: 1.38.0 - Kovid Goyal)
ClassicPro© v2.01 (HKLM-x32\...\ClassicPro) (Version: 2.01 - Skin Consortium)
Core Temp 1.0 RC6 (HKLM\...\{086D343F-8E78-4AFC-81AC-D6D414AFD8AC}_is1) (Version: 1.0 - Alcpu)
Corsair Link™ USB Dongle (Driver Removal) (HKLM-x32\...\CMIUSB&1B1C&1C00) (Version:  - Corsair Memory, Inc.)
CorsairLink 2 (HKLM-x32\...\{B49A3A71-5D6D-4F56-A41B-5C40D8AC4701}) (Version: 2.2.0 - Corsair)
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version:  - Valve)
CPUID CPU-Z 1.70 (HKLM\...\CPUID CPU-Z_is1) (Version:  - )
CrystalDiskMark 3.0.3a (HKLM\...\CrystalDiskMark_is1) (Version: 3.0.3a - Crystal Dew World)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.48.1.0347 - Disc Soft Ltd)
Definition Update for Microsoft Office 2010 (KB982726) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{42CBCE27-DE9B-4094-B9EB-D4C4C135FFA8}) (Version:  - Microsoft)
DFX (HKLM-x32\...\DFX) (Version: 11.112.0.0 - Power Technology)
Dropbox (HKCU\...\Dropbox) (Version: 2.11.11 - Dropbox, Inc.)
ESN Sonar (HKLM-x32\...\ESN Sonar-0.70.4) (Version: 0.70.4 - ESN Social Software AB)
EVGA Precision X 4.2.1 (HKLM-x32\...\PrecisionX) (Version: 4.2.1 - EVGA Corporation)
FoneLab 8.0.18 (HKLM-x32\...\{CA7ED0B0-3CD4-4254-A9D2-2D7F78C5E3C5}_is1) (Version: 8.0.18 - Aiseesoft Studio)
HL-2270DW (HKLM-x32\...\{E2A97415-BD97-4867-B906-05E39E9EE51F}) (Version: 1.0.7.0 - Brother Industries, Ltd.)
iCloud (HKLM\...\{81E20D41-C277-4526-934D-F2380AF91B78}) (Version: 3.1.0.40 - Apple Inc.)
ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.8.0 - LIGHTNING UK!)
Intel® Chipset Device Software (Version: 10.0.17 - Intel Corporation) Hidden
Intel® Chipset Device Software (x32 Version: 10.0.17 - Intel® Corporation) Hidden
Intel® USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 2.5.0.19 - Intel Corporation)
Java 7 Update 55 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417055FF}) (Version: 7.0.550 - Oracle)
Java 7 Update 67 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217067FF}) (Version: 7.0.670 - Oracle)
Java Auto Updater (x32 Version: 2.1.67.1 - Oracle, Inc.) Hidden
K-Lite Codec Pack 10.6.5 Basic (HKLM-x32\...\KLiteCodecPack_is1) (Version: 10.6.5 - )
L.A. Noire (HKLM-x32\...\Steam App 110800) (Version:  - Team Bondi)
League of Legends (HKLM-x32\...\League of Legends 3.0.0) (Version: 3.0.0 - Riot Games)
League of Legends (x32 Version: 3.0.0 - Riot Games) Hidden
Malwarebytes Anti-Malware version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office Access MUI (English) 2010 (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Access Setup Metadata MUI (English) 2010 (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (English) 2010 (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Groove MUI (English) 2010 (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office InfoPath MUI (English) 2010 (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 32-bit Components 2010 (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (English) 2010 (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (English) 2010 (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (English) 2010 (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUS) (Version: 14.0.4734.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2010 (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2010 (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2010 (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (English) 2010 (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 32-bit MUI (English) 2010 (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2010 (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2010 (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (English) 2010 (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005 (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005 (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 31.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 31.0 (x86 en-US)) (Version: 31.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0 - Mozilla)
MPC-HC 1.7.6 (64-bit) (HKLM\...\{2ACBF1FA-F5C3-4B19-A774-B22A31F231B9}_is1) (Version: 1.7.6 - MPC-HC Team)
MSI Kombustor 3.3.0 (HKLM\...\{9598DA62-2AE8-426D-9C86-BEA96AC6721E}_is1) (Version:  - MSI Co., LTD)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden
MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Nero 12 (HKLM-x32\...\{560FC78C-A4B2-461D-9B47-820C1EEF87B8}) (Version: 12.0.02000 - )
Nero 12 (HKLM-x32\...\{80836C86-1305-40C9-B7C9-F3A75266070D}) (Version: 12.5.01900 - Nero AG)
Nero Audio Pack 1 (x32 Version: 11.0.11500.110.0 - Nero AG) Hidden
Nero BackItUp (x32 Version: 12.5.1000 - Nero AG) Hidden
Nero BackItUp Help (CHM) (x32 Version: 12.0.13000 - Nero AG) Hidden
Nero Backup Drivers (HKLM\...\{D600D357-5CB9-4DE9-8FD4-14E208BD1970}) (Version: 1.0.11100.8.0 - Nero AG)
Nero Blu-ray Player (x32 Version: 12.0.20014 - Nero AG) Hidden
Nero Blu-ray Player Help (CHM) (x32 Version: 12.0.9000 - Nero AG) Hidden
Nero Burning ROM (x32 Version: 12.5.5001 - Nero AG) Hidden
Nero Burning ROM Help (CHM) (x32 Version: 12.0.3000 - Nero AG) Hidden
Nero ControlCenter (x32 Version: 11.0.15600 - Nero AG) Hidden
Nero ControlCenter Help (CHM) (x32 Version: 12.0.12000 - Nero AG) Hidden
Nero Core Components (x32 Version: 11.0.20200 - Nero AG) Hidden
Nero Disc Menus Basic (x32 Version: 12.0.11500 - Nero AG) Hidden
Nero Effects Basic (x32 Version: 12.0.11500 - Nero AG) Hidden
Nero Express (x32 Version: 12.5.5002 - Nero AG) Hidden
Nero Express Help (CHM) (x32 Version: 12.0.13000 - Nero AG) Hidden
Nero Kwik Media (x32 Version: 1.18.20100 - Nero AG) Hidden
Nero Kwik Media Help (CHM) (x32 Version: 12.0.12000 - Nero AG) Hidden
Nero Kwik Themes Basic (x32 Version: 12.0.11500 - Nero AG) Hidden
Nero PiP Effects Basic (x32 Version: 12.0.11500 - Nero AG) Hidden
Nero Recode (x32 Version: 12.5.6000 - Nero AG) Hidden
Nero Recode Help (CHM) (x32 Version: 12.0.12000 - Nero AG) Hidden
Nero RescueAgent (x32 Version: 12.0.10002 - Nero AG) Hidden
Nero RescueAgent Help (CHM) (x32 Version: 12.0.7000 - Nero AG) Hidden
Nero SharedVideoCodecs (x32 Version: 1.0.12100.2.0 - Nero AG) Hidden
Nero Update (x32 Version: 11.0.11800.31.0 - Nero AG) Hidden
Nero Video (x32 Version: 12.5.2001 - Nero AG) Hidden
Nero Video Help (CHM) (x32 Version: 12.0.12000 - Nero AG) Hidden
neroxml (x32 Version: 1.0.0 - Nero AG) Hidden
Norton 360 (HKLM-x32\...\N360) (Version: 5.2.2.3 - Symantec Corporation)
NVIDIA 3D Vision Controller Driver 340.50 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 340.50 - NVIDIA Corporation)
NVIDIA 3D Vision Driver 340.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 340.52 - NVIDIA Corporation)
NVIDIA Control Panel 340.52 (Version: 340.52 - NVIDIA Corporation) Hidden
NVIDIA GeForce Experience 2.1.1.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1.1.1 - NVIDIA Corporation)
NVIDIA Graphics Driver 340.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 340.52 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.30.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.30.1 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.160.1244 - NVIDIA Corporation) Hidden
NVIDIA LED Visualizer 1.0 (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA Network Service (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.13.1220 - NVIDIA Corporation) Hidden
NVIDIA PhysX System Software 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)
NVIDIA ShadowPlay 15.3.36 (Version: 15.3.36 - NVIDIA Corporation) Hidden
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.12.6514 - NVIDIA Corporation) Hidden
NVIDIA Update 15.3.36 (Version: 15.3.36 - NVIDIA Corporation) Hidden
NVIDIA Update Core (Version: 15.3.36 - NVIDIA Corporation) Hidden
NVIDIA Virtual Audio 1.2.23 (Version: 1.2.23 - NVIDIA Corporation) Hidden
Origin (HKLM-x32\...\Origin) (Version: 9.4.5.195 - Electronic Arts, Inc.)
Photo Gallery (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Popcorn Time (HKLM-x32\...\Popcorn Time_is1) (Version: Beta 4.3 - Popcorn Time)
Prerequisite installer (x32 Version: 12.0.0003 - Nero AG) Hidden
Prison Architect (HKLM-x32\...\Steam App 233450) (Version:  - Introversion Software)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.988 - Even Balance, Inc.)
PVZ Garden Warfare (HKLM-x32\...\{A5AC7D7B-C1D5-4AF9-8829-993DA335BE1B}) (Version: 1.0.2.0 - Electronic Arts)
Qualcomm Atheros Bandwidth Control Filter Driver (Version: 1.1.42.1045 - Qualcomm Atheros) Hidden
Qualcomm Atheros Killer E220x Drivers (Version: 1.1.42.1045 - Qualcomm Atheros) Hidden
Qualcomm Atheros Killer Network Manager Suite (HKLM-x32\...\{E70DB50B-10B4-46BC-9DE2-AB8B49E061EE}) (Version: 1.1.42.1045 - Qualcomm Atheros)
Qualcomm Atheros Network Manager (Version: 1.1.42.1045 - Qualcomm Atheros) Hidden
QuickTime 7 (HKLM-x32\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)
RaidCall (HKLM-x32\...\RaidCall) (Version: 7.3.4-1.0.12786.82 - raidcall.com)
Rainmeter (HKLM-x32\...\Rainmeter) (Version: 3.1 r2290 - )
RAPID Mode (Version: 1.0.1.68 - Samsung Electronics Co., Ltd.) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.72.410.2013 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7293 - Realtek Semiconductor Corp.)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.1.0.6 - Rockstar Games)
Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.6.2.14014_7 - Samsung Electronics Co., Ltd.)
Samsung Kies (x32 Version: 2.6.2.14014_7 - Samsung Electronics Co., Ltd.) Hidden
Samsung Magician (HKLM-x32\...\{29AE3F9F-7158-4ca7-B1ED-28A73ECDB215}_is1) (Version: 4.4.0 - Samsung Electronics)
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.33.0 - SAMSUNG Electronics Co., Ltd.)
SHIELD Streaming (Version: 3.1.100 - NVIDIA Corporation) Hidden
Sid Meier's Civilization V (HKLM-x32\...\Steam App 8930) (Version:  - 2K Games, Inc.)
Steam (HKLM-x32\...\Steam) (Version:  - Valve Corporation)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
System Requirements Lab CYRI (HKLM-x32\...\{F3FCB08B-E752-444D-86A0-0634A4F3B23D}) (Version: 6.0.8.0 - Husdawg, LLC)
System Requirements Lab Detection (HKLM-x32\...\{6EE3943B-182A-4806-AFEE-65CB110DAD86}) (Version: 2.0.0.0 - Husdawg, LLC)
Team Fortress 2 (HKLM-x32\...\Steam App 440) (Version:  - Valve)
TechPowerUp GPU-Z (HKLM-x32\...\TechPowerUp GPU-Z) (Version:  - TechPowerUp)
Titanfall™ (HKLM-x32\...\{347EE0C3-0690-48F6-A231-53853C2A80D6}) (Version: 1.0.6.3 - Electronic Arts)
Unity Web Player (HKCU\...\UnityWebPlayer) (Version:  - Unity Technologies ApS)
Update for Microsoft Office 2010 (KB2494150) (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{428CB7A0-1068-4CE1-8835-39C7ECD297ED}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760631) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{B6AD7E27-012A-4B63-82BA-AF62893E5435}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2825640) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{43F59F4D-7179-497E-BE99-BC6F7D1DDCBA}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2825640) 64-Bit Edition (HKLM\...\{90140000-0044-0409-1000-0000000FF1CE}_Office14.PROPLUS_{43F59F4D-7179-497E-BE99-BC6F7D1DDCBA}) (Version:  - Microsoft)
VLC media player 2.1.3 (HKLM-x32\...\VLC media player) (Version: 2.1.3 - VideoLAN)
Welcome App (Start-up experience) (x32 Version: 12.0.15000 - Nero AG) Hidden
Winamp (HKLM-x32\...\Winamp) (Version: 5.666  - Nullsoft, Inc)
Windows Live Communications Platform (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live ID Sign-in Assistant (Version: 7.250.4311.0 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
WinRAR 5.01 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)
XnView 2.22 (HKLM-x32\...\XnView_is1) (Version: 2.22 - Gougelet Pierre-e)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-2359203629-830623999-1722430269-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Thomas\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2359203629-830623999-1722430269-1000_Classes\CLSID\{083f5ae0-2b0a-11dd-bd0b-0800200c9a66}\InprocServer32 -> C:\Windows\system32\mscoree.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2359203629-830623999-1722430269-1000_Classes\CLSID\{5b55a44a-d008-49aa-9234-86fb7709bc0a}\InprocServer32 -> C:\Windows\system32\mscoree.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-2359203629-830623999-1722430269-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Thomas\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2359203629-830623999-1722430269-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Thomas\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2359203629-830623999-1722430269-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Thomas\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2359203629-830623999-1722430269-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Thomas\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2359203629-830623999-1722430269-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Thomas\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2359203629-830623999-1722430269-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Thomas\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2359203629-830623999-1722430269-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Thomas\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2359203629-830623999-1722430269-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Thomas\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)

==================== Restore Points  =========================

07-09-2014 02:12:21 Installed Java 7 Update 67
08-09-2014 09:07:30 Removed QuickTime 7
10-09-2014 00:16:43 Device Driver Package Install: Scarlet.Crush Productions System devices
10-09-2014 21:22:24 Windows Update

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-13 21:34 - 2009-06-10 16:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {1B6D8A51-45CE-45DD-9412-5AA5673CC115} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS\AutoKMS.exe
Task: {397F86B7-3AB9-42D2-81CD-7B584C1F9838} - System32\Tasks\PCMeter\Startup => C:\Program Files (x86)\PCMeterV4\PCMeterV0.4.exe [2013-11-05] (AddGadgets)
Task: {3BC7234F-4275-4047-9AB2-AE302BF96FE3} - System32\Tasks\Sierra2.GPU => A:\Program Files (x86)\Corsair\CorsairLink 2\Sierra2.GPU.exe [2012-11-20] ()
Task: {48F7426A-6DE1-438C-966E-FC7EFBE940F6} - System32\Tasks\Core Temp Autostart Thomas => A:\Program Files\Core Temp\Core Temp.exe [2013-10-08] ()
Task: {5AF55F3B-9606-4172-9D25-C4A225106880} - System32\Tasks\Apple\AppleSoftwareUpdate => A:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {7F25519F-479B-4C8B-B33D-2EFB75DD3AD7} - System32\Tasks\Start Corsair Link => A:\Program Files (x86)\Corsair\Corsair Link\CorsairLINK.exe
Task: {A6AF3B50-9AAD-49D2-9DC3-39D9316331FC} - System32\Tasks\Symantec\Norton Error Analyzer 5.2.2.3 => A:\Program Files (x86)\Norton 360\Engine\5.2.2.3\SymErr.exe [2012-06-07] (Symantec Corporation)
Task: {B760F561-784E-4FA3-8ABC-01BDB82E0FC5} - System32\Tasks\Symantec\Norton Error Processor 5.2.2.3 => A:\Program Files (x86)\Norton 360\Engine\5.2.2.3\SymErr.exe [2012-06-07] (Symantec Corporation)
Task: {CBBFBD78-E7C1-4053-908E-C19D00218776} - System32\Tasks\EVGAPrecision => A:\Program Files (x86)\EVGA Precision X\EVGAPrecision.exe [2013-07-17] ()
Task: {FC6C2BB7-19D5-40FC-8002-2426ECBBE3D0} - System32\Tasks\SamsungMagician => A:\Program Files (x86)\Samsung\Samsung Magician\Samsung Magician.exe [2014-05-19] (Samsung Electronics.)
Task: C:\Windows\Tasks\AutoKMS.job => C:\Windows\AutoKMS\AutoKMS.exe

==================== Loaded Modules (whitelisted) =============

2014-03-06 23:48 - 2014-07-02 13:55 - 00116568 _____ () A:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2014-02-27 13:18 - 2013-10-08 14:23 - 00890016 _____ () A:\Program Files\Core Temp\Core Temp.exe
2013-07-17 19:28 - 2013-07-17 19:28 - 00627016 _____ () A:\Program Files (x86)\EVGA Precision X\EVGAPrecision.exe
2012-11-20 17:59 - 2012-11-20 17:59 - 00010752 _____ () A:\Program Files (x86)\Corsair\CorsairLink 2\Sierra2.GPU.exe
2014-02-27 06:54 - 2014-02-27 06:54 - 00012520 _____ () C:\Users\Thomas\AppData\Local\Microsoft\Windows Sidebar\Gadgets\All_CPU_Meter_V4.7.3.gadget\CoreTempReader.dll
2014-02-27 06:54 - 2014-02-27 06:54 - 00015080 _____ () C:\Users\Thomas\AppData\Local\Microsoft\Windows Sidebar\Gadgets\All_CPU_Meter_V4.7.3.gadget\GetCoreTempInfoNET.dll
2014-02-27 06:54 - 2014-02-27 06:54 - 00014056 _____ () C:\Users\Thomas\AppData\Local\Microsoft\Windows Sidebar\Gadgets\All_CPU_Meter_V4.7.3.gadget\SystemInfo.dll
2012-11-20 17:59 - 2012-11-20 17:59 - 01115136 _____ () A:\Program Files (x86)\Corsair\CorsairLink 2\Sierra2.exe
2014-04-17 11:02 - 2014-04-17 11:02 - 00300544 _____ () A:\Program Files\Qualcomm Atheros\Network Manager\NetworkManager.exe
2014-05-25 09:18 - 2014-05-25 09:18 - 00036536 _____ () A:\Program Files\Rainmeter\Rainmeter.exe
2014-05-25 09:18 - 2014-05-25 09:18 - 00747192 _____ () A:\Program Files\Rainmeter\Rainmeter.dll
2014-05-25 09:17 - 2014-05-25 09:17 - 00056832 _____ () A:\Program Files\Rainmeter\Plugins\WebParser.dll
2013-08-20 12:03 - 2014-02-24 00:16 - 01274840 ____R () A:\Program Files (x86)\DFX\DFX.exe
2013-08-20 12:12 - 2013-08-20 12:12 - 00130520 _____ () A:\Program Files (x86)\DFX\Universal\Apps\DfxSharedApp32.exe
2013-08-20 12:16 - 2013-08-20 12:16 - 00132056 _____ () A:\Program Files (x86)\DFX\Universal\Apps\DfxSharedApp64.exe
2013-08-20 12:35 - 2013-08-20 12:35 - 00048088 _____ () C:\Program Files (x86)\Common Files\DFX\Dlls\dfxShared64.dll
2013-08-20 12:06 - 2013-08-20 12:06 - 00167384 _____ () A:\Program Files (x86)\DFX\Universal\Apps\dfxItunesSong.exe
2014-03-05 02:35 - 2014-09-05 21:03 - 00076888 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2013-05-15 11:49 - 2013-05-15 11:49 - 00071680 _____ () A:\Program Files (x86)\EVGA Precision X\RTMUI.dll
2013-05-15 11:48 - 2013-05-15 11:48 - 00056832 _____ () A:\Program Files (x86)\EVGA Precision X\RTFC.dll
2013-05-15 11:49 - 2013-05-15 11:49 - 00216064 _____ () A:\Program Files (x86)\EVGA Precision X\RTCore.dll
2013-05-15 11:49 - 2013-05-15 11:49 - 00127488 _____ () A:\Program Files (x86)\EVGA Precision X\RTUI.dll
2013-05-15 11:49 - 2013-05-15 11:49 - 00587776 _____ () A:\Program Files (x86)\EVGA Precision X\RTHAL.dll
2012-11-20 17:59 - 2012-11-20 17:59 - 00068608 _____ () A:\Program Files (x86)\Corsair\CorsairLink 2\NvidiaLib.dll
2012-11-20 17:59 - 2012-11-20 17:59 - 00010752 _____ () A:\Program Files (x86)\Corsair\CorsairLink 2\AMDLib.dll
2012-10-22 15:15 - 2012-10-22 15:15 - 00152576 _____ () A:\Program Files (x86)\Corsair\CorsairLink 2\libzmq.DLL
2013-09-14 01:51 - 2013-09-14 01:51 - 00087952 _____ () C:\Program Files (x86)\Common Files\Apple\Internet Services\zlib1.dll
2013-09-14 01:50 - 2013-09-14 01:50 - 01242952 _____ () C:\Program Files (x86)\Common Files\Apple\Internet Services\libxml2.dll
2014-08-13 16:09 - 2014-08-13 16:09 - 00750080 _____ () C:\Users\Thomas\AppData\Roaming\Dropbox\bin\libGLESv2.dll
2014-09-11 15:19 - 2014-09-11 15:19 - 00043008 _____ () c:\users\thomas\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpxe5nlg.dll
2014-08-13 16:09 - 2014-08-13 16:09 - 00047616 _____ () C:\Users\Thomas\AppData\Roaming\Dropbox\bin\libEGL.dll
2014-08-13 16:09 - 2014-08-13 16:09 - 00863744 _____ () C:\Users\Thomas\AppData\Roaming\Dropbox\bin\plugins\platforms\qwindows.dll
2014-08-13 16:09 - 2014-08-13 16:09 - 00200704 _____ () C:\Users\Thomas\AppData\Roaming\Dropbox\bin\plugins\imageformats\qjpeg.dll
2013-08-20 12:31 - 2013-08-20 12:31 - 00049112 _____ () C:\Program Files (x86)\Common Files\DFX\Dlls\dfxShared32.dll
2014-09-02 21:51 - 2014-08-05 10:22 - 01489408 _____ () A:\Program Files (x86)\Common Files\Aimersoft\Aimersoft Helper Compact\DAQExp.dll
2014-09-02 21:51 - 2014-05-19 17:19 - 00137728 _____ () A:\Program Files (x86)\Common Files\Aimersoft\Aimersoft Helper Compact\CBSCreateVC.dll
2014-02-27 15:12 - 2014-05-06 11:24 - 00013824 _____ () A:\Program Files (x86)\Samsung\Samsung Magician\SAMSUNG_SSD.dll
2014-02-27 15:12 - 2014-05-19 20:20 - 00103424 _____ () A:\Program Files (x86)\Samsung\Samsung Magician\PAL.dll
2014-02-27 15:12 - 2014-05-19 20:20 - 00039424 _____ () A:\Program Files (x86)\Samsung\Samsung Magician\SATA.dll
2014-02-27 15:12 - 2014-05-19 20:19 - 00038400 _____ () A:\Program Files (x86)\Samsung\Samsung Magician\SAT.dll
2014-02-27 15:12 - 2014-05-19 20:20 - 00031232 _____ () A:\Program Files (x86)\Samsung\Samsung Magician\SMINI.dll
2014-02-27 15:12 - 2014-05-19 20:19 - 00029696 _____ () A:\Program Files (x86)\Samsung\Samsung Magician\SAS.dll
2012-11-20 17:59 - 2012-11-20 17:59 - 00007680 _____ () A:\Program Files (x86)\Corsair\CorsairLink 2\IntelLib.dll
2014-08-29 05:18 - 2014-08-21 13:15 - 01171456 _____ () A:\Program Files (x86)\Steam\libavcodec-56.dll
2014-08-29 05:18 - 2014-08-21 13:15 - 00442368 _____ () A:\Program Files (x86)\Steam\libavutil-54.dll
2014-08-29 05:18 - 2014-08-21 13:15 - 00332800 _____ () A:\Program Files (x86)\Steam\libavresample-2.dll
2014-02-27 13:28 - 2014-08-20 17:38 - 00774656 _____ () A:\Program Files (x86)\Steam\SDL2.dll
2014-05-22 12:57 - 2014-08-28 06:48 - 02224320 _____ () A:\Program Files (x86)\Steam\video.dll
2014-08-29 05:18 - 2014-08-21 13:15 - 00403968 _____ () A:\Program Files (x86)\Steam\libavformat-56.dll
2014-08-29 05:18 - 2014-08-21 13:15 - 00485888 _____ () A:\Program Files (x86)\Steam\libswscale-3.dll
2014-02-27 13:28 - 2014-08-28 06:48 - 00678080 _____ () A:\Program Files (x86)\Steam\bin\chromehtml.DLL
2014-02-27 13:28 - 2014-08-20 17:38 - 34589376 _____ () A:\Program Files (x86)\Steam\bin\libcef.dll
2014-08-14 12:05 - 2014-08-20 17:38 - 00837824 _____ () A:\Program Files (x86)\Steam\bin\ffmpegsumo.dll
2014-02-27 14:48 - 2014-02-27 14:48 - 00059904 _____ () C:\SteamLibrary\steamapps\common\Sid Meier's Civilization V\zlib1.dll
2014-02-27 13:32 - 2014-02-27 13:43 - 00822784 _____ () C:\SteamLibrary\steamapps\common\Sid Meier's Civilization V\CvLocalizationWin32Final Release.dll
2014-02-27 13:32 - 2014-02-27 13:43 - 00579584 _____ () C:\SteamLibrary\steamapps\common\Sid Meier's Civilization V\CvGameDatabaseWin32Final Release.dll
2014-02-27 14:44 - 2014-02-27 14:44 - 00151040 _____ () C:\SteamLibrary\steamapps\common\Sid Meier's Civilization V\lua51_Win32.dll
2014-02-27 13:28 - 2014-08-28 06:48 - 00350912 _____ () A:\Program Files (x86)\Steam\steam.dll
2014-02-27 14:44 - 2014-02-27 14:44 - 00047616 _____ () C:\SteamLibrary\steamapps\common\Sid Meier's Civilization V\Miles\win32\binkawin.asi
2014-02-27 14:44 - 2014-02-27 14:44 - 00078336 _____ () C:\SteamLibrary\steamapps\common\Sid Meier's Civilization V\Miles\win32\mssmp3.asi
2014-02-27 14:44 - 2014-02-27 14:44 - 00041472 _____ () C:\SteamLibrary\steamapps\common\Sid Meier's Civilization V\Miles\win32\mssogg.asi
2014-02-27 14:44 - 2014-02-27 14:44 - 00153600 _____ () C:\SteamLibrary\steamapps\common\Sid Meier's Civilization V\Miles\win32\mssvoice.asi
2014-02-27 14:44 - 2014-02-27 14:44 - 00013312 _____ () C:\SteamLibrary\steamapps\common\Sid Meier's Civilization V\Miles\win32\mssds3d.flt
2014-02-27 14:44 - 2014-02-27 14:44 - 00060416 _____ () C:\SteamLibrary\steamapps\common\Sid Meier's Civilization V\Miles\win32\msseax.flt
2013-08-20 12:42 - 2013-08-20 12:42 - 00388568 _____ () A:\Program Files (x86)\Winamp\Plugins\dsp_dfx.dll
2013-02-26 04:27 - 2013-02-26 04:27 - 00129536 _____ () A:\Program Files (x86)\Winamp\System\ClassicPro.w5s
2013-12-12 21:47 - 2013-12-12 21:47 - 00333824 _____ () A:\Program Files (x86)\Winamp\Plugins\freeform\wacs\freetype\freetype.wac
2014-07-29 15:30 - 2014-07-29 15:30 - 03800688 _____ () A:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2014-08-15 12:57 - 2014-08-15 12:57 - 17048240 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_179.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)


==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (09/11/2014 03:20:54 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (09/11/2014 03:17:48 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (09/11/2014 08:05:35 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (09/11/2014 04:55:22 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: FlashPlayerPlugin_14_0_0_179.exe, version: 14.0.0.179, time stamp: 0x53dc28d1
Faulting module name: FlashPlayerPlugin_14_0_0_179.exe, version: 14.0.0.179, time stamp: 0x53dc28d1
Exception code: 0x40000015
Fault offset: 0x00017710
Faulting process id: 0x1968
Faulting application start time: 0xFlashPlayerPlugin_14_0_0_179.exe0
Faulting application path: FlashPlayerPlugin_14_0_0_179.exe1
Faulting module path: FlashPlayerPlugin_14_0_0_179.exe2
Report Id: FlashPlayerPlugin_14_0_0_179.exe3

Error: (09/11/2014 02:55:01 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (09/11/2014 01:53:39 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (09/11/2014 01:32:44 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (09/11/2014 01:26:45 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (09/11/2014 00:05:58 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Error: (09/10/2014 06:30:57 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


System errors:
=============
Error: (09/11/2014 10:55:24 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Peer Networking Grouping service depends on the Peer Name Resolution Protocol service which failed to start because of the following error:
%%-2140993535

Error: (09/11/2014 10:55:24 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Peer Name Resolution Protocol service terminated with the following error:
%%-2140993535

Error: (09/11/2014 10:55:24 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Peer Networking Grouping service depends on the Peer Name Resolution Protocol service which failed to start because of the following error:
%%-2140993535

Error: (09/11/2014 10:55:24 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Peer Name Resolution Protocol service terminated with the following error:
%%-2140993535

Error: (09/11/2014 10:55:24 PM) (Source: PNRPSvc) (EventID: 102) (User: )
Description: 0x80630801

Error: (09/11/2014 10:55:24 PM) (Source: PNRPSvc) (EventID: 102) (User: )
Description: 0x80630801

Error: (09/11/2014 08:09:48 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Peer Networking Grouping service depends on the Peer Name Resolution Protocol service which failed to start because of the following error:
%%-2140993535

Error: (09/11/2014 08:09:48 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Peer Name Resolution Protocol service terminated with the following error:
%%-2140993535

Error: (09/11/2014 08:09:48 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Peer Networking Grouping service depends on the Peer Name Resolution Protocol service which failed to start because of the following error:
%%-2140993535

Error: (09/11/2014 08:09:48 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Peer Name Resolution Protocol service terminated with the following error:
%%-2140993535


Microsoft Office Sessions:
=========================
Error: (09/11/2014 03:20:54 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (09/11/2014 03:17:48 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (09/11/2014 08:05:35 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestA:\$RECYCLE.BIN\S-1-5-21-2359203629-830623999-1722430269-1000\$RVTFZNY.exe

Error: (09/11/2014 04:55:22 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: FlashPlayerPlugin_14_0_0_179.exe14.0.0.17953dc28d1FlashPlayerPlugin_14_0_0_179.exe14.0.0.17953dc28d14000001500017710196801cfcd957ebe41c3C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_14_0_0_179.exeC:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_14_0_0_179.exebe7e6330-3999-11e4-991b-d43d7ee17ed4

Error: (09/11/2014 02:55:01 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (09/11/2014 01:53:39 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (09/11/2014 01:32:44 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (09/11/2014 01:26:45 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestA:\Downloads\esetsmartinstaller_enu.exe

Error: (09/11/2014 00:05:58 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestA:\Downloads\esetsmartinstaller_enu.exe

Error: (09/10/2014 06:30:57 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003


==================== Memory info ===========================

Processor: Intel® Core™ i5-4670K CPU @ 3.40GHz
Percentage of memory in use: 88%
Total physical RAM: 8135.95 MB
Available physical RAM: 901.84 MB
Total Pagefile: 16270.09 MB
Available Pagefile: 7470.88 MB
Total Virtual: 8192 MB
Available Virtual: 8191.84 MB

==================== Drives ================================

Drive a: (Storage) (Fixed) (Total:931.51 GB) (Free:502.68 GB) NTFS
Drive c: () (Fixed) (Total:209.5 GB) (Free:135.67 GB) NTFS

==================== MBR & Partition Table ==================

==================== End Of Log ============================



#4 aharonov

aharonov

  • Malware Response Team
  • 2,441 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:09:15 PM

Posted 12 September 2014 - 05:46 AM

This fix should help:


Please download this attached Attached File  fixlist.txt   150bytes   17 downloads and save it in the same directory as FRST.
  • Start FRST with Administrator privileges.
  • Press the Fix button.
  • When finished, a log file (Fixlog.txt) pops up and is saved to the same location the tool was run from.
    Please copy and paste its contents in your next reply.


#5 hello6921

hello6921
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:02:15 PM

Posted 12 September 2014 - 08:51 AM

Thanks aharonov! Restarted the computer after pressing "fix", booted up to desktop screen, and no pop-up. Thanks again!

 

 

 

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 10-09-2014
Ran by Thomas at 2014-09-12 08:46:03 Run:1
Running from A:\Downloads
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
HKU\S-1-5-21-2359203629-830623999-1722430269-1000\...\Run: [CMD] => cmd.exe /c start http://extendedunlimited.org && exit <===== ATTENTION
EmptyTemp:
*****************

HKU\S-1-5-21-2359203629-830623999-1722430269-1000\Software\Microsoft\Windows\CurrentVersion\Run\\CMD => value deleted successfully.
 



#6 aharonov

aharonov

  • Malware Response Team
  • 2,441 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:09:15 PM

Posted 12 September 2014 - 08:58 AM

Ok. Uninstall the old Java version and that's it.

My help is free for everybody.
If you want to support me fighting against malware or buy me a beer for the assistance you received, then you can consider a donation: btn_donate_SM.gif.
Thank you!

#7 hello6921

hello6921
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:02:15 PM

Posted 12 September 2014 - 09:06 AM

Just unistalled it and also left a little donation to you. Thanks for all the help you provided me and others!



#8 aharonov

aharonov

  • Malware Response Team
  • 2,441 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:09:15 PM

Posted 12 September 2014 - 09:29 AM

Thank you. Take care.

#9 aharonov

aharonov

  • Malware Response Team
  • 2,441 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:09:15 PM

Posted 12 September 2014 - 09:29 AM

It appears that this issue is resolved, therefore I am closing the topic. If that is not the case and you need or wish to continue with this topic, please send me or any Moderator a Personal Message (PM) that you would like this topic re-opened.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users