Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Extendedunlimited


  • This topic is locked This topic is locked
3 replies to this topic

#1 Skelzoo

Skelzoo

  • Members
  • 10 posts
  • OFFLINE
  •  
  • Local time:04:36 AM

Posted 12 September 2014 - 11:59 AM

Hello again,

 

It seems i got the extendedunlimited malware again.

Im fairly sure i got it from downloading something on cnet.

I ran FRST, here is the log.

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 10-09-2014
Ran by Robbie (administrator) on ROBBIE-PC on 12-09-2014 18:58:08
Running from C:\Users\Robbie\Downloads
Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: Engels (Verenigde Staten)
Internet Explorer Version 11
Boot Mode: Normal
 
The only official download link for FRST:
Download link from any site other than Bleeping Computer is unpermitted or outdated.
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(AMD) C:\Windows\System32\atiesrxx.exe
(Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\SbieSvc.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
() C:\Program Files (x86)\Garena Plus\ggdllhost.exe
() C:\Program Files (x86)\MSI Afterburner\Bundle\OSDServer\RTSS.exe
() C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
() C:\Program Files\Intel\Intel® Smart Connect Technology Agent\iSCTAgent.exe
() C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareService.exe
(MSI) C:\Program Files (x86)\MSI\Fast Boot\FastBootService.exe
(MSI) C:\Program Files (x86)\MSI\Super-Charger\ChargeService.exe
(PACE Anti-Piracy, Inc.) C:\Program Files (x86)\Common Files\PACE\Services\LicenseServices\LDSvc.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Mr. John aka japamd) C:\Program Files (x86)\RadeonPro\RadeonProSupport.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
() C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareTray.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Intel Corporation) C:\Program Files\Intel\Intel® Smart Connect Technology Agent\iSCTsysTray.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Splashtop Inc.) C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRService.exe
(Splashtop Inc.) C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRServer.exe
(Splashtop Inc.) C:\Program Files (x86)\Splashtop\Splashtop Software Updater\SSUService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Splashtop Inc.) C:\Program Files (x86)\Splashtop\Splashtop Remote\Server\SRFeature.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [7477016 2013-04-25] (Logitech Inc.)
HKLM\...\Run: [] => [X]
HKLM\...\Run: [AdAwareTray] => C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareTray.exe [8886592 2014-08-27] ()
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [766208 2013-12-06] (Advanced Micro Devices, Inc.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-3878905871-1587395954-2043364719-1000\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [1939136 2014-08-28] (Valve Corporation)
HKU\S-1-5-21-3878905871-1587395954-2043364719-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3672640 2013-03-14] (Disc Soft Ltd)
HKU\S-1-5-21-3878905871-1587395954-2043364719-1000\...\Run: [PC_GIZMOS] => "C:\Users\Robbie\AppData\Roaming\PC-Gizmos\SoundcloudDLD-PC_136528.en_88.exe" --update
HKU\S-1-5-21-3878905871-1587395954-2043364719-1000\...\Run: [CMD] => cmd.exe /c start http://extendedunlimited.org && exit <===== ATTENTION
HKU\S-1-5-21-3878905871-1587395954-2043364719-1000\...\Policies\system: [DisableLockWorkstation] 0
HKU\S-1-5-21-3878905871-1587395954-2043364719-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [1939136 2014-08-28] (Valve Corporation)
HKU\S-1-5-21-3878905871-1587395954-2043364719-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3672640 2013-03-14] (Disc Soft Ltd)
HKU\S-1-5-21-3878905871-1587395954-2043364719-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [PC_GIZMOS] => "C:\Users\Robbie\AppData\Roaming\PC-Gizmos\SoundcloudDLD-PC_136528.en_88.exe" --update
HKU\S-1-5-21-3878905871-1587395954-2043364719-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [CMD] => cmd.exe /c start http://extendedunlimited.org && exit <===== ATTENTION
HKU\S-1-5-21-3878905871-1587395954-2043364719-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Policies\system: [DisableLockWorkstation] 0
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\iSCTsysTray.lnk
ShortcutTarget: iSCTsysTray.lnk -> C:\Program Files\Intel\Intel® Smart Connect Technology Agent\iSCTsysTray.exe (Intel Corporation)
ShellIconOverlayIdentifiers: 00avast -> {472083B0-C522-11CF-8763-00608CC02F24} =>  No File
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x9CE571E0D959CE01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: SoundCloud Downloader -> {A817C286-3D6B-4ECD-A99C-E44E50DBC523} -> C:\Users\Robbie\AppData\Roaming\PC-Gizmos\PCGizmosBHO.dll (PC Gizmos)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} -  No File
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
DPF: HKLM-x32 {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
 
FireFox:
========
FF ProfilePath: C:\Users\Robbie\AppData\Roaming\Mozilla\Firefox\Profiles\77wbqhdm.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_12_0_0_70.dll ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @java.com/DTPlugin,version=10.25.2 -> C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.25.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_70.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll (DivX, LLC)
FF Plugin-x32: @esn/esnlaunch,version=2.1.7 -> C:\Program Files (x86)\Battlelog Web Plugins\2.1.7\npesnlaunch.dll (ESN Social Software AB)
FF Plugin-x32: @idsoftware.com/QuakeLive -> C:\ProgramData\id Software\QuakeLive\npquakezero.dll (id Software Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.0.72 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.55.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.55.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MIF5BA~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MIF5BA~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @nexon.net/NxGame -> C:\ProgramData\NexonUS\NGM\npNxGameUS.dll (Nexon)
FF Plugin-x32: @ngm.nexoneu.com/NxGame -> C:\ProgramData\NexonEU\NGM\npNxGameEU.dll (Nexon)
FF Plugin-x32: @raidcall.en/RCplugin -> C:\Users\Robbie\AppData\Roaming\raidcall\plugins\nprcplugin.dll (Raidcall)
FF Plugin-x32: @t.garena.com/garenatalk -> C:\Program Files (x86)\Garena Plus\bbtalk\plugins\npPlugin\npGarenaTalkPlugin.dll ( Garena)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @Webzen.com/NPBrowserExt -> C:\Program Files (x86)\WEBZEN\BrowserExtension\NPWZCmnCtrl.dll (WEBZEN)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Robbie\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin HKCU: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\The Settlers 7 - Paths to a Kingdom\Data\Base\_Dbg\Bin\Release\orbit\npuplaypc.dll No File
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\bolcom-nl.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\marktplaats-nl.xml
FF Extension: No Name - C:\Users\Robbie\AppData\Roaming\Mozilla\Firefox\Profiles\77wbqhdm.default\Extensions\staged [2014-09-10]
FF Extension: SoundCloud Downloader - C:\Users\Robbie\AppData\Roaming\Mozilla\Firefox\Profiles\77wbqhdm.default\Extensions\{2b55ea1c-5d12-4fb5-bb9b-2067f8eda4ca}.xpi [2014-09-10]
FF Extension: Download YouTube Videos as MP4 - C:\Users\Robbie\AppData\Roaming\Mozilla\Firefox\Profiles\77wbqhdm.default\Extensions\{b9bfaf1c-a63f-47cd-8b9a-29526ced9060}.xpi [2014-04-03]
FF Extension: Adblock Plus - C:\Users\Robbie\AppData\Roaming\Mozilla\Firefox\Profiles\77wbqhdm.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-04-03]
 
Chrome: 
=======
CHR HomePage: Default -> 
CHR DefaultSearchKeyword: Default -> 593135D7EC24C7F56723562F2B019E598400E2472609E317D45CAB5FCBA26C40
CHR DefaultSearchURL: Default -> 1A7CB8F76275CC232B7BE1BB05B4EDB947BC50DF23E35635925707474D3A69B1
CHR Profile: C:\Users\Robbie\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Heroes & Generals) - C:\Users\Robbie\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbophcdhblbipoaacgchllkobdaolpge [2014-07-22]
CHR Extension: (AdBlock) - C:\Users\Robbie\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-03-24]
CHR Extension: (Skype Click to Call) - C:\Users\Robbie\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2014-03-24]
CHR Extension: (Morpheon Dark) - C:\Users\Robbie\AppData\Local\Google\Chrome\User Data\Default\Extensions\mafbdhjdkjnoafhfelkjpchpaepjknad [2014-04-09]
CHR Extension: (Google Wallet) - C:\Users\Robbie\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-03-24]
CHR Extension: (Lounge Companion (Dota 2 & CS:GO)) - C:\Users\Robbie\AppData\Local\Google\Chrome\User Data\Default\Extensions\pokidbfaabncipciiigfhncfmgmdjdaj [2014-05-25]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-07-14]
 
==================== Services (Whitelisted) =================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [73728 2004-10-22] (Macrovision Corporation) [File not signed]
R2 Intel® Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [732160 2012-12-10] (Intel® Corporation) [File not signed]
S3 Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [803872 2012-12-10] (Intel® Corporation)
R2 ISCTAgent; C:\Program Files\Intel\Intel® Smart Connect Technology Agent\iSCTAgent.exe [149032 2012-10-22] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [169432 2013-05-14] (Intel Corporation)
R2 LavasoftAdAwareService11; C:\Program Files\Lavasoft\Ad-Aware Antivirus\Ad-Aware Antivirus\11.3.6321.0\AdAwareService.exe [706864 2014-08-27] ()
R2 MSI_FastBoot; C:\Program Files (x86)\MSI\Fast Boot\FastBootService.exe [103992 2012-10-26] (MSI)
R2 MSI_SuperCharger; C:\Program Files (x86)\MSI\Super-Charger\ChargeService.exe [143416 2012-10-25] (MSI)
R2 PaceLicenseDServices; C:\Program Files (x86)\Common Files\PACE\Services\LicenseServices\LDSvc.exe [2928128 2012-11-19] (PACE Anti-Piracy, Inc.) [File not signed]
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2013-08-25] ()
R2 RadeonPro Support Service; C:\Program Files (x86)\RadeonPro\RadeonProSupport.exe [20608 2013-11-04] (Mr. John aka japamd)
R2 SbieSvc; C:\Program Files\Sandboxie\SbieSvc.exe [174088 2014-05-29] (Sandboxie Holdings, LLC)
R2 Themes; C:\Windows\system32\themeservice.dll [44544 2013-08-26] (Microsoft Corporation) [File not signed]
S2 Software Updater Service; "C:\Users\Robbie\AppData\Roaming\Software Updater\SoftwareUpdate.exe" /run "/aff_id=1000" "/app_id=136528" [X]
 
==================== Drivers (Whitelisted) ====================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2013-05-26] (DT Soft Ltd)
R3 gzflt; C:\Program Files\Lavasoft\Ad-Aware Antivirus\Antimalware Engine\3.0.0.56\gzflt.sys [150256 2014-04-22] (BitDefender LLC)
R3 ikbevent; C:\Windows\System32\DRIVERS\ikbevent.sys [20968 2012-10-22] ()
R3 imsevent; C:\Windows\System32\DRIVERS\imsevent.sys [19944 2012-10-22] ()
S3 ipadtst; C:\Program Files (x86)\MSI\Super-Charger\ipadtst_64.sys [19000 2012-07-27] (Windows ® Win 7 DDK provider)
R3 ISCT; C:\Windows\System32\DRIVERS\ISCTD64.sys [46016 2012-08-16] ()
S3 LGDDCDevice; C:\Windows\SysWOW64\LGI2CDriver.sys [16384 2012-02-16] (LG Soft India) [File not signed]
S3 LGII2CDevice; C:\Windows\SysWOW64\LGPII2CDriver.sys [10240 2012-05-23] (LG Soft India) [File not signed]
R3 LGSHidFilt; C:\Windows\System32\DRIVERS\LGSHidFilt.Sys [66800 2013-01-17] (Logitech Inc.)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [122584 2014-09-12] (Malwarebytes Corporation)
R3 NTIOLib_1_0_3; C:\Program Files (x86)\MSI\Super-Charger\NTIOLib_X64.sys [13368 2012-10-25] (MSI)
S3 NTIOLib_1_0_4; C:\Program Files (x86)\MSI\Live Update 5\NTIOLib_X64.sys [14136 2010-10-22] (MSI)
R3 NTIOLib_FastBoot; C:\Program Files (x86)\MSI\Fast Boot\NTIOLib_X64.sys [13368 2012-10-26] (MSI)
R3 RTCore64; C:\Program Files (x86)\MSI Afterburner\RTCore64.sys [13368 2013-01-23] ()
R3 SbieDrv; C:\Program Files\Sandboxie\SbieDrv.sys [185352 2014-05-29] (Sandboxie Holdings, LLC)
S3 Trufos; C:\Windows\System32\DRIVERS\Trufos.sys [389240 2014-04-22] (BitDefender S.R.L.)
R3 voxaldriver; C:\Windows\System32\DRIVERS\voxaldriverx64.sys [34512 2014-07-11] ()
R3 WPRO_41_2001; C:\Windows\System32\drivers\WPRO_41_2001.sys [34752 2014-09-12] ()
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
S3 GGSAFERDriver; \??\C:\Program Files (x86)\Garena Plus\Room\safedrv.sys [X]
S3 hxsyol; \??\C:\AeriaGames\AuraKingdom\avital\hxsy64.sys [X]
S3 MSICDSetup; \??\D:\CDriver64.sys [X]
S3 NTIOLib_1_0_C; \??\D:\NTIOLib_X64.sys [X]
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
S3 X6va015; \??\C:\Windows\SysWOW64\Drivers\X6va015 [X]
S3 X6va017; \??\C:\Windows\SysWOW64\Drivers\X6va017 [X]
S3 xhunter1; \??\C:\Windows\xhunter1.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
 
 
==================== One Month Created Files and Folders ========
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2014-09-12 18:58 - 2014-09-12 18:58 - 00023256 _____ () C:\Users\Robbie\Downloads\FRST.txt
2014-09-12 18:54 - 2014-09-12 18:54 - 02105856 _____ (Farbar) C:\Users\Robbie\Downloads\FRST64.exe
2014-09-12 18:38 - 2014-09-12 18:38 - 00094656 _____ (CACE Technologies) C:\Windows\system32\WPRO_41_2001woem.tmp
2014-09-12 18:33 - 2014-09-12 18:33 - 01016261 _____ (Thisisu) C:\Users\Robbie\Downloads\JRT.exe
2014-09-12 18:28 - 2014-09-12 18:28 - 01373475 _____ () C:\Users\Robbie\Downloads\AdwCleaner.exe
2014-09-11 21:13 - 2014-08-19 20:05 - 00374968 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-09-11 21:13 - 2014-08-19 19:39 - 00327872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-09-11 21:13 - 2014-08-19 01:01 - 23591424 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-09-11 21:13 - 2014-08-19 00:29 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-09-11 21:13 - 2014-08-19 00:29 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-09-11 21:13 - 2014-08-19 00:26 - 17455104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-09-11 21:13 - 2014-08-19 00:20 - 02793984 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-09-11 21:13 - 2014-08-19 00:19 - 05833728 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-09-11 21:13 - 2014-08-19 00:15 - 00547328 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-09-11 21:13 - 2014-08-19 00:15 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-09-11 21:13 - 2014-08-19 00:14 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-09-11 21:13 - 2014-08-19 00:14 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-09-11 21:13 - 2014-08-19 00:08 - 04232704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-09-11 21:13 - 2014-08-19 00:08 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-09-11 21:13 - 2014-08-19 00:08 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-09-11 21:13 - 2014-08-19 00:05 - 00596480 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-09-11 21:13 - 2014-08-19 00:03 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-09-11 21:13 - 2014-08-19 00:03 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-09-11 21:13 - 2014-08-19 00:03 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-09-11 21:13 - 2014-08-18 23:57 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-09-11 21:13 - 2014-08-18 23:56 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-09-11 21:13 - 2014-08-18 23:51 - 00446464 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-09-11 21:13 - 2014-08-18 23:46 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-09-11 21:13 - 2014-08-18 23:45 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-09-11 21:13 - 2014-08-18 23:45 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-09-11 21:13 - 2014-08-18 23:44 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-09-11 21:13 - 2014-08-18 23:44 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-09-11 21:13 - 2014-08-18 23:42 - 02185728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-09-11 21:13 - 2014-08-18 23:40 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-09-11 21:13 - 2014-08-18 23:39 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-09-11 21:13 - 2014-08-18 23:39 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-09-11 21:13 - 2014-08-18 23:39 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-09-11 21:13 - 2014-08-18 23:38 - 00289280 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-09-11 21:13 - 2014-08-18 23:37 - 00440320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-09-11 21:13 - 2014-08-18 23:36 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-09-11 21:13 - 2014-08-18 23:35 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-09-11 21:13 - 2014-08-18 23:27 - 00365056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-09-11 21:13 - 2014-08-18 23:25 - 00727040 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-09-11 21:13 - 2014-08-18 23:25 - 00707072 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-09-11 21:13 - 2014-08-18 23:23 - 02104832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-09-11 21:13 - 2014-08-18 23:23 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-09-11 21:13 - 2014-08-18 23:22 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-09-11 21:13 - 2014-08-18 23:19 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-09-11 21:13 - 2014-08-18 23:17 - 00243200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-09-11 21:13 - 2014-08-18 23:17 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-09-11 21:13 - 2014-08-18 23:16 - 13588480 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-09-11 21:13 - 2014-08-18 23:15 - 11769856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-09-11 21:13 - 2014-08-18 23:15 - 02310656 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-09-11 21:13 - 2014-08-18 23:09 - 00603136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-09-11 21:13 - 2014-08-18 23:08 - 02014208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-09-11 21:13 - 2014-08-18 23:07 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-09-11 21:13 - 2014-08-18 22:55 - 01447424 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-09-11 21:13 - 2014-08-18 22:46 - 01812992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-09-11 21:13 - 2014-08-18 22:38 - 01190400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-09-11 21:13 - 2014-08-18 22:38 - 00775168 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-09-11 21:13 - 2014-08-18 22:36 - 00678400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-09-11 21:01 - 2014-06-27 04:08 - 02777088 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2014-09-11 21:01 - 2014-06-27 03:45 - 02285056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2014-09-11 18:11 - 2014-09-05 04:10 - 00578048 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-09-11 18:11 - 2014-09-05 04:05 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-09-11 18:11 - 2014-08-01 13:53 - 01031168 _____ (Microsoft Corporation) C:\Windows\system32\TSWorkspace.dll
2014-09-11 18:11 - 2014-08-01 13:35 - 00793600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSWorkspace.dll
2014-09-11 18:11 - 2014-07-07 04:06 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-09-11 18:11 - 2014-07-07 04:06 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-09-11 18:11 - 2014-07-07 03:40 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-09-11 18:11 - 2014-07-07 03:40 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-09-11 18:11 - 2014-07-07 03:39 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-09-11 18:11 - 2014-06-24 05:29 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2014-09-11 18:11 - 2014-06-24 04:59 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2014-09-10 16:10 - 2014-09-10 16:12 - 124804264 _____ () C:\Users\Robbie\Desktop\Ace.mp4
2014-09-10 13:22 - 2014-09-10 19:59 - 00000000 ____D () C:\Users\Robbie\AppData\Roaming\PC-Gizmos
2014-09-10 13:22 - 2014-09-10 13:25 - 00000215 _____ () C:\Users\Robbie\AppData\Roaming\uninstall.bat
2014-09-10 13:21 - 2014-09-10 13:21 - 02153472 _____ (PC Gizmos) C:\Users\Robbie\Downloads\SoundcloudDLD-PC_136528.en_83.exe
2014-09-09 18:10 - 2014-09-09 18:10 - 00034279 _____ () C:\Users\Robbie\Downloads\30e2469df3cee62ef5771b2d489ea2c9a752de89.zip
2014-09-09 18:08 - 2014-09-09 18:08 - 00032229 _____ () C:\Users\Robbie\Downloads\xmen.days.of.future.past.(2014).dut.1cd.(5798517).zip
2014-09-09 16:35 - 2014-09-09 17:36 - 00000000 ____D () C:\Users\Robbie\Downloads\Rio 2 (2014) [1080p]
2014-09-09 16:35 - 2014-09-09 16:35 - 00017402 _____ () C:\Users\Robbie\Downloads\[kickass.to]rio.2.2014.1080p.brrip.x264.yify.torrent
2014-09-09 16:34 - 2014-09-09 16:35 - 00000000 ____D () C:\Users\Robbie\Downloads\X-Men.Days.of.Future.Past.2014.HDRip.XViD.AC3-juggs[ETRG]
2014-09-09 16:34 - 2014-09-09 16:34 - 00115072 _____ () C:\Users\Robbie\Downloads\[kickass.to]x.men.days.of.future.past.2014.hdrip.xvid.ac3.juggs.etrg.torrent
2014-09-09 15:27 - 2014-09-10 18:32 - 00000000 ____D () C:\Users\Robbie\Downloads\The.Sims.4.Crack.v4.And.Update.1
2014-09-09 15:26 - 2014-09-09 15:26 - 27513084 _____ () C:\Users\Robbie\Downloads\3DMGAME-The.Sims.4.Update.1.and.Crack-3DM.7z
2014-09-09 15:26 - 2014-09-09 15:26 - 00013243 _____ () C:\Users\Robbie\Downloads\[kickass.to]the.sims.4.crack.v4.and.update.1.3dmgame.torrent
2014-09-09 15:26 - 2014-09-09 15:26 - 00013243 _____ () C:\Users\Robbie\Downloads\[kickass.to]the.sims.4.crack.v4.and.update.1.3dmgame (1).torrent
2014-09-09 15:25 - 2014-09-09 15:25 - 00017475 _____ () C:\Users\Robbie\Downloads\[kickass.to]the.sims.4.update.1.and.crack.3dm.torrent
2014-09-09 15:15 - 2014-09-09 15:59 - 2307790848 _____ () C:\Users\Robbie\Downloads\Bully. Scholarship Edition [R.G. Механики].iso
2014-09-09 15:14 - 2014-09-09 15:14 - 00011644 _____ () C:\Users\Robbie\Downloads\[kickass.to]bully.scholarship.edition.rus.eng.repack.by.rg.mechanics.torrent
2014-09-07 11:45 - 2014-09-07 11:45 - 00001217 _____ () C:\Users\Robbie\Desktop\MM Server Picker.lnk
2014-09-07 11:45 - 2014-09-07 11:45 - 00000000 ____D () C:\Program Files (x86)\Matchmaking Server Picker
2014-09-07 11:44 - 2014-09-07 11:45 - 00861717 _____ () C:\Users\Robbie\Downloads\mmserverpicker1_5a.zip
2014-09-07 11:12 - 2014-09-07 11:12 - 00003596 _____ () C:\Users\Robbie\Downloads\8733061_06-07-2014_03-09-2014.txt
2014-09-07 11:11 - 2014-09-07 11:11 - 00003596 _____ () C:\Users\Robbie\Downloads\8733061_08-07-2014_03-09-2014.csv
2014-09-07 10:03 - 2014-09-07 19:12 - 00000000 ____D () C:\Users\Robbie\Documents\Electronic Arts
2014-09-07 09:50 - 2014-09-07 09:59 - 28075703 _____ () C:\Users\Robbie\Downloads\SC-TS-41974-V-3.rar
2014-09-07 09:42 - 2014-09-12 18:25 - 00000000 ____D () C:\Program Files (x86)\The SIMS 4 Deluxe Edition
2014-09-06 18:20 - 2014-09-06 18:20 - 00023726 _____ () C:\Users\Robbie\Downloads\d9a955e29d601603a04183cb41bd087366194c23.zip
2014-09-06 17:01 - 2014-09-06 18:30 - 00000000 ____D () C:\Users\Robbie\Downloads\Noah (2014) [1080p]
2014-09-06 17:01 - 2014-09-06 17:33 - 00000000 ____D () C:\Users\Robbie\Downloads\47 Ronin (2013) [1080p]
2014-09-06 17:00 - 2014-09-06 17:00 - 00021797 _____ () C:\Users\Robbie\Downloads\[kickass.to]noah.2014.1080p.brrip.x264.yify.torrent
2014-09-06 17:00 - 2014-09-06 17:00 - 00019667 _____ () C:\Users\Robbie\Downloads\[kickass.to]47.ronin.2013.1080p.brrip.x264.yify.torrent
2014-09-06 16:32 - 2014-09-06 16:32 - 00045189 _____ () C:\Users\Robbie\Downloads\[kickass.to]the.sims.4.deluxe.edition.cracked.3dm.torrent
2014-09-06 11:34 - 2014-09-06 11:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RadeonPro
2014-09-03 19:27 - 2014-09-03 19:27 - 00000000 ____D () C:\Windows\SysWOW64\RTCOM
2014-09-03 19:27 - 2014-09-03 19:27 - 00000000 ____D () C:\Program Files\Realtek
2014-09-03 19:27 - 2014-05-14 18:37 - 03962840 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RTKVHD64.sys
2014-09-03 19:27 - 2014-05-14 16:00 - 01099203 _____ () C:\Windows\system32\Drivers\RTAIODAT.DAT
2014-09-03 19:27 - 2014-05-09 11:17 - 00628952 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtDataProc64.dll
2014-09-03 19:27 - 2014-04-28 15:48 - 02800344 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RltkAPO64.dll
2014-09-03 19:27 - 2014-04-25 13:51 - 02834648 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtPgEx64.dll
2014-09-03 19:27 - 2014-04-25 13:23 - 01022168 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkApi64.dll
2014-09-03 19:27 - 2014-04-10 12:19 - 02101848 _____ (Waves Audio Ltd.) C:\Windows\system32\WavesGUILib64.dll
2014-09-03 19:27 - 2014-03-06 16:35 - 01959128 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTSnMg64.cpl
2014-09-03 19:27 - 2014-01-28 11:48 - 01286872 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTCOM64.dll
2014-09-03 19:27 - 2011-12-20 15:32 - 00331880 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtlCPAPI64.dll
2014-09-03 19:27 - 2011-11-22 16:28 - 00014952 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCoLDR64.dll
2014-09-03 19:27 - 2010-11-08 07:31 - 00375128 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEP64A.dll
2014-09-03 19:27 - 2010-11-08 07:31 - 00310104 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DHT64.dll
2014-09-03 19:27 - 2010-11-08 07:31 - 00310104 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DAA64.dll
2014-09-03 19:27 - 2010-11-08 07:31 - 00204120 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEED64A.dll
2014-09-03 19:27 - 2010-11-08 07:31 - 00101208 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEL64A.dll
2014-09-03 19:27 - 2010-11-08 07:31 - 00078680 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEG64A.dll
2014-09-03 19:27 - 2010-11-03 18:30 - 00149608 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCfg64.dll
2014-09-03 19:27 - 2009-11-24 09:55 - 00518896 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSX64.dll
2014-09-03 19:27 - 2009-11-24 09:55 - 00211184 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSH64.dll
2014-09-03 19:27 - 2009-11-24 09:55 - 00198896 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSHP64.dll
2014-09-03 19:27 - 2009-11-24 09:55 - 00155888 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSWOW64.dll
2014-09-03 19:26 - 2014-04-30 11:34 - 00948952 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoInstII64.dll
2014-09-03 19:26 - 2014-04-10 12:19 - 02041432 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioEQ64.dll
2014-09-03 19:26 - 2014-04-10 12:19 - 01063512 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPOShell64.dll
2014-09-03 19:26 - 2014-02-18 17:04 - 02770976 _____ (Fortemedia Corporation) C:\Windows\system32\FMAPO64.dll
2014-09-03 19:26 - 2014-01-08 15:25 - 00397592 _____ (Creative Technology Ltd.) C:\Windows\system32\MBWrp64.dll
2014-09-03 19:26 - 2013-10-16 03:43 - 00209096 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAC64.dll
2014-09-03 19:26 - 2013-10-11 12:47 - 00113576 _____ (Real Sound Lab SIA) C:\Windows\system32\CONEQMSAPOGUILibrary.dll
2014-09-03 19:26 - 2013-01-11 16:27 - 00628504 _____ (Creative Technology Ltd.) C:\Windows\system32\MBTHX64.dll
2014-09-03 19:26 - 2013-01-11 16:27 - 00563992 _____ (Creative Technology Ltd.) C:\Windows\SysWOW64\MBTHX32.dll
2014-09-03 19:26 - 2012-03-08 11:47 - 00108640 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAR64.dll
2014-09-03 19:26 - 2010-09-27 09:34 - 00318808 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO20.dll
2014-09-03 19:26 - 2009-11-18 07:12 - 00032344 _____ (Creative Technology Ltd.) C:\Windows\system32\Drivers\MBfilt64.sys
2014-09-03 19:15 - 2014-09-03 19:21 - 125683715 _____ (Realtek Semiconductor Corp.) C:\Users\Robbie\Downloads\64bit_Win7_Win8_Win81_R275 (1).exe
2014-09-01 11:38 - 2014-09-01 11:38 - 00000000 ____D () C:\Users\Robbie\Desktop\svg
2014-09-01 11:34 - 2014-09-01 11:36 - 77378504 _____ () C:\Users\Robbie\Downloads\S.V.G (ADJE x BLAKE x CHO x JOWY ROSÉ) - S.V.G (PRESENTED BY ENCORE & PUNA).zip
2014-08-31 22:27 - 2014-08-31 22:27 - 00000316 _____ () C:\Users\Robbie\Desktop\asd.txt
2014-08-30 09:57 - 2014-08-30 09:57 - 00272097 _____ () C:\Users\Robbie\Downloads\ExileHUD-Steam (1).zip
2014-08-28 10:26 - 2014-09-12 18:39 - 00002305 _____ () C:\Users\Public\Desktop\Ad-Aware Antivirus.lnk
2014-08-28 10:26 - 2014-08-28 10:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft
2014-08-28 10:25 - 2014-08-28 10:25 - 00000000 ____D () C:\Program Files\Common Files\Lavasoft
2014-08-28 10:24 - 2014-08-28 10:24 - 02806920 _____ () C:\Users\Robbie\Downloads\Adaware_Installer.exe
2014-08-28 10:19 - 2014-08-23 04:07 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-08-28 10:19 - 2014-08-23 03:45 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-08-28 10:19 - 2014-08-23 02:59 - 03163648 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-08-27 20:09 - 2014-08-27 20:09 - 05500928 _____ () C:\Users\Robbie\Downloads\SlimDX Runtime .NET 4.0 x86 (January 2012).msi
2014-08-27 20:03 - 2014-08-30 09:57 - 00000000 ____D () C:\Users\Robbie\Desktop\ExileHUD-Steam
2014-08-27 20:03 - 2014-08-27 20:03 - 00271903 _____ () C:\Users\Robbie\Downloads\ExileHUD-Steam.zip
2014-08-27 16:12 - 2014-08-27 16:12 - 00001911 _____ () C:\Users\Robbie\Desktop\screenshots - Snelkoppeling.lnk
2014-08-24 18:27 - 2014-08-24 18:27 - 00018473 _____ () C:\Users\Robbie\Downloads\maleficent_dutch-965614.zip
2014-08-24 17:32 - 2014-08-24 18:26 - 00000000 ____D () C:\Users\Robbie\Downloads\Maleficent 2014 DVDRip x264 AAC-JYK
2014-08-24 17:30 - 2014-08-24 17:30 - 00017015 _____ () C:\Users\Robbie\Downloads\[kickass.to]maleficent.2014.dvdrip.x264.aac.jyk.torrent
2014-08-23 23:58 - 2014-08-23 23:58 - 00000222 _____ () C:\Users\Robbie\Desktop\Path of Exile.url
2014-08-23 13:48 - 2014-08-23 13:48 - 00000000 ____D () C:\Users\Robbie\AppData\Local\Skype
2014-08-23 13:48 - 2014-08-23 13:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2014-08-14 19:39 - 2014-08-15 09:37 - 00000000 ____D () C:\Users\Robbie\Documents\ArcheAge
2014-08-14 19:39 - 2014-08-14 19:39 - 00000000 ____D () C:\ArcheAge
2014-08-14 03:01 - 2014-07-01 00:24 - 00008856 _____ (Microsoft Corporation) C:\Windows\system32\icardres.dll
2014-08-14 03:01 - 2014-07-01 00:14 - 00008856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardres.dll
2014-08-14 03:01 - 2014-06-06 08:16 - 00035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe
2014-08-14 03:01 - 2014-06-06 08:12 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2014-08-14 03:01 - 2014-03-09 23:48 - 01389208 _____ (Microsoft Corporation) C:\Windows\system32\icardagt.exe
2014-08-14 03:01 - 2014-03-09 23:48 - 00171160 _____ (Microsoft Corporation) C:\Windows\system32\infocardapi.dll
2014-08-14 03:01 - 2014-03-09 23:47 - 00619672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardagt.exe
2014-08-14 03:01 - 2014-03-09 23:47 - 00099480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\infocardapi.dll
2014-08-13 09:47 - 2014-07-16 05:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-08-13 09:47 - 2014-07-16 04:46 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-08-13 09:47 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDYAK.DLL
2014-08-13 09:47 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDTAT.DLL
2014-08-13 09:47 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU1.DLL
2014-08-13 09:47 - 2014-07-09 04:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDBASH.DLL
2014-08-13 09:47 - 2014-07-09 04:03 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU.DLL
2014-08-13 09:47 - 2014-07-09 03:31 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDYAK.DLL
2014-08-13 09:47 - 2014-07-09 03:31 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDTAT.DLL
2014-08-13 09:47 - 2014-07-09 03:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU1.DLL
2014-08-13 09:47 - 2014-07-09 03:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU.DLL
2014-08-13 09:47 - 2014-07-09 03:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDBASH.DLL
2014-08-13 09:47 - 2014-07-09 00:38 - 00419992 _____ () C:\Windows\system32\locale.nls
2014-08-13 09:47 - 2014-07-09 00:30 - 00419992 _____ () C:\Windows\SysWOW64\locale.nls
2014-08-13 09:47 - 2014-06-25 04:05 - 14175744 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-08-13 09:47 - 2014-06-25 03:41 - 12874240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-08-13 09:47 - 2014-06-16 04:10 - 00985536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2014-08-13 09:47 - 2014-06-03 12:02 - 03241984 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-08-13 09:47 - 2014-06-03 12:02 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2014-08-13 09:47 - 2014-06-03 12:02 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2014-08-13 09:47 - 2014-06-03 12:02 - 00112064 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2014-08-13 09:47 - 2014-06-03 11:29 - 02363392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-08-13 09:47 - 2014-06-03 11:29 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2014-08-13 09:47 - 2014-06-03 11:29 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2014-08-13 09:46 - 2014-07-14 04:02 - 01216000 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2014-08-13 09:46 - 2014-07-14 03:40 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
 
==================== One Month Modified Files and Folders =======
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2014-09-12 18:58 - 2014-09-12 18:58 - 00023256 _____ () C:\Users\Robbie\Downloads\FRST.txt
2014-09-12 18:58 - 2014-05-01 09:17 - 00000000 ____D () C:\FRST
2014-09-12 18:54 - 2014-09-12 18:54 - 02105856 _____ (Farbar) C:\Users\Robbie\Downloads\FRST64.exe
2014-09-12 18:51 - 2013-09-12 17:11 - 00000940 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-09-12 18:47 - 2014-08-01 09:52 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-09-12 18:45 - 2013-05-25 19:28 - 01668472 _____ () C:\Windows\WindowsUpdate.log
2014-09-12 18:45 - 2009-07-14 06:45 - 00019888 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-09-12 18:45 - 2009-07-14 06:45 - 00019888 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-09-12 18:39 - 2014-08-28 10:26 - 00002305 _____ () C:\Users\Public\Desktop\Ad-Aware Antivirus.lnk
2014-09-12 18:38 - 2014-09-12 18:38 - 00094656 _____ (CACE Technologies) C:\Windows\system32\WPRO_41_2001woem.tmp
2014-09-12 18:38 - 2014-08-08 13:53 - 00003496 _____ () C:\Windows\System32\Tasks\gg_uac_daemon_Robbie
2014-09-12 18:38 - 2013-12-26 15:56 - 00034752 _____ () C:\Windows\system32\Drivers\WPRO_41_2001.sys
2014-09-12 18:38 - 2013-05-25 20:45 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-09-12 18:38 - 2013-05-25 19:39 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-09-12 18:37 - 2014-04-10 07:00 - 00022256 _____ () C:\Windows\setupact.log
2014-09-12 18:37 - 2014-04-10 06:59 - 00542128 _____ () C:\Windows\PFRO.log
2014-09-12 18:37 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-09-12 18:36 - 2014-07-13 22:13 - 00003026 _____ () C:\Windows\System32\Tasks\MSIAfterburner
2014-09-12 18:33 - 2014-09-12 18:33 - 01016261 _____ (Thisisu) C:\Users\Robbie\Downloads\JRT.exe
2014-09-12 18:29 - 2013-09-27 17:29 - 00000000 ____D () C:\AdwCleaner
2014-09-12 18:28 - 2014-09-12 18:28 - 01373475 _____ () C:\Users\Robbie\Downloads\AdwCleaner.exe
2014-09-12 18:25 - 2014-09-07 09:42 - 00000000 ____D () C:\Program Files (x86)\The SIMS 4 Deluxe Edition
2014-09-12 06:05 - 2013-05-25 19:39 - 00000898 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-09-11 21:13 - 2013-07-22 09:55 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-09-11 21:12 - 2013-08-14 23:56 - 00000000 ____D () C:\Windows\system32\MRT
2014-09-11 21:12 - 2013-05-29 07:54 - 00746488 _____ () C:\Windows\system32\perfh013.dat
2014-09-11 21:12 - 2013-05-29 07:54 - 00154092 _____ () C:\Windows\system32\perfc013.dat
2014-09-11 21:12 - 2013-05-25 19:37 - 01658236 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-09-11 21:12 - 2009-07-14 07:13 - 01658236 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-09-11 21:01 - 2013-05-29 07:54 - 101694776 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-09-11 21:00 - 2014-05-06 22:27 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-09-10 20:17 - 2014-06-30 19:58 - 00000000 ____D () C:\Users\Robbie\AppData\Roaming\TS3Client
2014-09-10 19:59 - 2014-09-10 13:22 - 00000000 ____D () C:\Users\Robbie\AppData\Roaming\PC-Gizmos
2014-09-10 18:32 - 2014-09-09 15:27 - 00000000 ____D () C:\Users\Robbie\Downloads\The.Sims.4.Crack.v4.And.Update.1
2014-09-10 16:12 - 2014-09-10 16:10 - 124804264 _____ () C:\Users\Robbie\Desktop\Ace.mp4
2014-09-10 13:25 - 2014-09-10 13:22 - 00000215 _____ () C:\Users\Robbie\AppData\Roaming\uninstall.bat
2014-09-10 13:21 - 2014-09-10 13:21 - 02153472 _____ (PC Gizmos) C:\Users\Robbie\Downloads\SoundcloudDLD-PC_136528.en_83.exe
2014-09-09 18:48 - 2014-01-17 15:10 - 00000000 ____D () C:\Users\Robbie\Documents\ConvertXtoDVD
2014-09-09 18:37 - 2013-05-26 09:07 - 00000000 ____D () C:\Users\Robbie\AppData\Roaming\uTorrent
2014-09-09 18:10 - 2014-09-09 18:10 - 00034279 _____ () C:\Users\Robbie\Downloads\30e2469df3cee62ef5771b2d489ea2c9a752de89.zip
2014-09-09 18:10 - 2013-12-14 22:12 - 00000000 ____D () C:\Users\Robbie\Desktop\Films
2014-09-09 18:08 - 2014-09-09 18:08 - 00032229 _____ () C:\Users\Robbie\Downloads\xmen.days.of.future.past.(2014).dut.1cd.(5798517).zip
2014-09-09 17:36 - 2014-09-09 16:35 - 00000000 ____D () C:\Users\Robbie\Downloads\Rio 2 (2014) [1080p]
2014-09-09 16:35 - 2014-09-09 16:35 - 00017402 _____ () C:\Users\Robbie\Downloads\[kickass.to]rio.2.2014.1080p.brrip.x264.yify.torrent
2014-09-09 16:35 - 2014-09-09 16:34 - 00000000 ____D () C:\Users\Robbie\Downloads\X-Men.Days.of.Future.Past.2014.HDRip.XViD.AC3-juggs[ETRG]
2014-09-09 16:34 - 2014-09-09 16:34 - 00115072 _____ () C:\Users\Robbie\Downloads\[kickass.to]x.men.days.of.future.past.2014.hdrip.xvid.ac3.juggs.etrg.torrent
2014-09-09 15:59 - 2014-09-09 15:15 - 2307790848 _____ () C:\Users\Robbie\Downloads\Bully. Scholarship Edition [R.G. Механики].iso
2014-09-09 15:34 - 2013-08-24 09:15 - 00000000 ____D () C:\ProgramData\Origin
2014-09-09 15:34 - 2013-08-24 09:15 - 00000000 ____D () C:\Program Files (x86)\Origin
2014-09-09 15:26 - 2014-09-09 15:26 - 27513084 _____ () C:\Users\Robbie\Downloads\3DMGAME-The.Sims.4.Update.1.and.Crack-3DM.7z
2014-09-09 15:26 - 2014-09-09 15:26 - 00013243 _____ () C:\Users\Robbie\Downloads\[kickass.to]the.sims.4.crack.v4.and.update.1.3dmgame.torrent
2014-09-09 15:26 - 2014-09-09 15:26 - 00013243 _____ () C:\Users\Robbie\Downloads\[kickass.to]the.sims.4.crack.v4.and.update.1.3dmgame (1).torrent
2014-09-09 15:25 - 2014-09-09 15:25 - 00017475 _____ () C:\Users\Robbie\Downloads\[kickass.to]the.sims.4.update.1.and.crack.3dm.torrent
2014-09-09 15:17 - 2013-11-26 15:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gameforge Live
2014-09-09 15:16 - 2009-07-14 07:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-09-09 15:14 - 2014-09-09 15:14 - 00011644 _____ () C:\Users\Robbie\Downloads\[kickass.to]bully.scholarship.edition.rus.eng.repack.by.rg.mechanics.torrent
2014-09-08 15:55 - 2013-07-13 18:33 - 00000000 ____D () C:\Users\Robbie\AppData\Roaming\Skype
2014-09-07 19:12 - 2014-09-07 10:03 - 00000000 ____D () C:\Users\Robbie\Documents\Electronic Arts
2014-09-07 19:08 - 2013-05-28 14:32 - 00000000 ____D () C:\Users\Robbie\AppData\Local\CrashDumps
2014-09-07 16:19 - 2013-06-19 13:14 - 00000000 ____D () C:\Program Files (x86)\SpeedFan
2014-09-07 11:45 - 2014-09-07 11:45 - 00001217 _____ () C:\Users\Robbie\Desktop\MM Server Picker.lnk
2014-09-07 11:45 - 2014-09-07 11:45 - 00000000 ____D () C:\Program Files (x86)\Matchmaking Server Picker
2014-09-07 11:45 - 2014-09-07 11:44 - 00861717 _____ () C:\Users\Robbie\Downloads\mmserverpicker1_5a.zip
2014-09-07 11:12 - 2014-09-07 11:12 - 00003596 _____ () C:\Users\Robbie\Downloads\8733061_06-07-2014_03-09-2014.txt
2014-09-07 11:11 - 2014-09-07 11:11 - 00003596 _____ () C:\Users\Robbie\Downloads\8733061_08-07-2014_03-09-2014.csv
2014-09-07 09:59 - 2014-09-07 09:50 - 28075703 _____ () C:\Users\Robbie\Downloads\SC-TS-41974-V-3.rar
2014-09-07 09:53 - 2013-08-07 09:50 - 00000000 ____D () C:\ProgramData\Package Cache
2014-09-06 18:30 - 2014-09-06 17:01 - 00000000 ____D () C:\Users\Robbie\Downloads\Noah (2014) [1080p]
2014-09-06 18:20 - 2014-09-06 18:20 - 00023726 _____ () C:\Users\Robbie\Downloads\d9a955e29d601603a04183cb41bd087366194c23.zip
2014-09-06 17:33 - 2014-09-06 17:01 - 00000000 ____D () C:\Users\Robbie\Downloads\47 Ronin (2013) [1080p]
2014-09-06 17:00 - 2014-09-06 17:00 - 00021797 _____ () C:\Users\Robbie\Downloads\[kickass.to]noah.2014.1080p.brrip.x264.yify.torrent
2014-09-06 17:00 - 2014-09-06 17:00 - 00019667 _____ () C:\Users\Robbie\Downloads\[kickass.to]47.ronin.2013.1080p.brrip.x264.yify.torrent
2014-09-06 16:32 - 2014-09-06 16:32 - 00045189 _____ () C:\Users\Robbie\Downloads\[kickass.to]the.sims.4.deluxe.edition.cracked.3dm.torrent
2014-09-06 11:34 - 2014-09-06 11:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RadeonPro
2014-09-06 11:34 - 2014-08-10 09:45 - 00000000 ____D () C:\Program Files (x86)\RadeonPro
2014-09-06 09:48 - 2013-06-19 13:46 - 00000000 ____D () C:\Program Files (x86)\MSI Afterburner
2014-09-06 09:09 - 2013-05-25 19:39 - 00002183 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-09-05 04:10 - 2014-09-11 18:11 - 00578048 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-09-05 04:05 - 2014-09-11 18:11 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-09-03 19:28 - 2013-05-25 19:39 - 00000000 ___HD () C:\Program Files (x86)\Temp
2014-09-03 19:27 - 2014-09-03 19:27 - 00000000 ____D () C:\Windows\SysWOW64\RTCOM
2014-09-03 19:27 - 2014-09-03 19:27 - 00000000 ____D () C:\Program Files\Realtek
2014-09-03 19:26 - 2013-05-25 19:39 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-09-03 19:21 - 2014-09-03 19:15 - 125683715 _____ (Realtek Semiconductor Corp.) C:\Users\Robbie\Downloads\64bit_Win7_Win8_Win81_R275 (1).exe
2014-09-03 18:24 - 2013-08-25 08:42 - 00447752 _____ (On2.com) C:\Windows\SysWOW64\vp6vfw.dll
2014-09-01 11:38 - 2014-09-01 11:38 - 00000000 ____D () C:\Users\Robbie\Desktop\svg
2014-09-01 11:36 - 2014-09-01 11:34 - 77378504 _____ () C:\Users\Robbie\Downloads\S.V.G (ADJE x BLAKE x CHO x JOWY ROSÉ) - S.V.G (PRESENTED BY ENCORE & PUNA).zip
2014-08-31 22:27 - 2014-08-31 22:27 - 00000316 _____ () C:\Users\Robbie\Desktop\asd.txt
2014-08-30 09:57 - 2014-08-30 09:57 - 00272097 _____ () C:\Users\Robbie\Downloads\ExileHUD-Steam (1).zip
2014-08-30 09:57 - 2014-08-27 20:03 - 00000000 ____D () C:\Users\Robbie\Desktop\ExileHUD-Steam
2014-08-29 16:35 - 2009-07-14 06:45 - 00477408 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-08-28 14:54 - 2014-08-10 09:45 - 00000000 ____D () C:\Users\Robbie\AppData\Roaming\RadeonPro
2014-08-28 10:26 - 2014-08-28 10:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft
2014-08-28 10:25 - 2014-08-28 10:25 - 00000000 ____D () C:\Program Files\Common Files\Lavasoft
2014-08-28 10:24 - 2014-08-28 10:24 - 02806920 _____ () C:\Users\Robbie\Downloads\Adaware_Installer.exe
2014-08-27 20:09 - 2014-08-27 20:09 - 05500928 _____ () C:\Users\Robbie\Downloads\SlimDX Runtime .NET 4.0 x86 (January 2012).msi
2014-08-27 20:03 - 2014-08-27 20:03 - 00271903 _____ () C:\Users\Robbie\Downloads\ExileHUD-Steam.zip
2014-08-27 16:12 - 2014-08-27 16:12 - 00001911 _____ () C:\Users\Robbie\Desktop\screenshots - Snelkoppeling.lnk
2014-08-24 22:29 - 2014-01-17 15:02 - 00000000 ____D () C:\Users\Robbie\AppData\Roaming\Vso
2014-08-24 18:27 - 2014-08-24 18:27 - 00018473 _____ () C:\Users\Robbie\Downloads\maleficent_dutch-965614.zip
2014-08-24 18:26 - 2014-08-24 17:32 - 00000000 ____D () C:\Users\Robbie\Downloads\Maleficent 2014 DVDRip x264 AAC-JYK
2014-08-24 17:30 - 2014-08-24 17:30 - 00017015 _____ () C:\Users\Robbie\Downloads\[kickass.to]maleficent.2014.dvdrip.x264.aac.jyk.torrent
2014-08-23 23:58 - 2014-08-23 23:58 - 00000222 _____ () C:\Users\Robbie\Desktop\Path of Exile.url
2014-08-23 23:58 - 2013-05-25 23:50 - 00000000 ____D () C:\Users\Robbie\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2014-08-23 13:48 - 2014-08-23 13:48 - 00000000 ____D () C:\Users\Robbie\AppData\Local\Skype
2014-08-23 13:48 - 2014-08-23 13:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2014-08-23 13:48 - 2013-07-13 18:33 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-08-23 13:48 - 2013-07-13 18:33 - 00000000 ____D () C:\ProgramData\Skype
2014-08-23 04:07 - 2014-08-28 10:19 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-08-23 03:45 - 2014-08-28 10:19 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-08-23 02:59 - 2014-08-28 10:19 - 03163648 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-08-19 20:05 - 2014-09-11 21:13 - 00374968 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-08-19 19:39 - 2014-09-11 21:13 - 00327872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-08-19 01:01 - 2014-09-11 21:13 - 23591424 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-08-19 00:29 - 2014-09-11 21:13 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-08-19 00:29 - 2014-09-11 21:13 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-08-19 00:26 - 2014-09-11 21:13 - 17455104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-08-19 00:20 - 2014-09-11 21:13 - 02793984 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-08-19 00:19 - 2014-09-11 21:13 - 05833728 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-08-19 00:15 - 2014-09-11 21:13 - 00547328 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-08-19 00:15 - 2014-09-11 21:13 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-08-19 00:14 - 2014-09-11 21:13 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-08-19 00:14 - 2014-09-11 21:13 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-08-19 00:08 - 2014-09-11 21:13 - 04232704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-08-19 00:08 - 2014-09-11 21:13 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-08-19 00:08 - 2014-09-11 21:13 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-08-19 00:05 - 2014-09-11 21:13 - 00596480 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-08-19 00:03 - 2014-09-11 21:13 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-08-19 00:03 - 2014-09-11 21:13 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-08-19 00:03 - 2014-09-11 21:13 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-08-18 23:57 - 2014-09-11 21:13 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-08-18 23:56 - 2014-09-11 21:13 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-08-18 23:51 - 2014-09-11 21:13 - 00446464 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-08-18 23:46 - 2014-09-11 21:13 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-08-18 23:45 - 2014-09-11 21:13 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-08-18 23:45 - 2014-09-11 21:13 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-08-18 23:44 - 2014-09-11 21:13 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-08-18 23:44 - 2014-09-11 21:13 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-08-18 23:42 - 2014-09-11 21:13 - 02185728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-08-18 23:40 - 2014-09-11 21:13 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-08-18 23:39 - 2014-09-11 21:13 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-08-18 23:39 - 2014-09-11 21:13 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-08-18 23:39 - 2014-09-11 21:13 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-08-18 23:38 - 2014-09-11 21:13 - 00289280 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-08-18 23:37 - 2014-09-11 21:13 - 00440320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-08-18 23:36 - 2014-09-11 21:13 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-08-18 23:35 - 2014-09-11 21:13 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-08-18 23:27 - 2014-09-11 21:13 - 00365056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-08-18 23:25 - 2014-09-11 21:13 - 00727040 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-08-18 23:25 - 2014-09-11 21:13 - 00707072 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-08-18 23:23 - 2014-09-11 21:13 - 02104832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-08-18 23:23 - 2014-09-11 21:13 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-08-18 23:22 - 2014-09-11 21:13 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-08-18 23:19 - 2014-09-11 21:13 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-08-18 23:17 - 2014-09-11 21:13 - 00243200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-08-18 23:17 - 2014-09-11 21:13 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-08-18 23:16 - 2014-09-11 21:13 - 13588480 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-08-18 23:15 - 2014-09-11 21:13 - 11769856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-08-18 23:15 - 2014-09-11 21:13 - 02310656 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-08-18 23:09 - 2014-09-11 21:13 - 00603136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-08-18 23:08 - 2014-09-11 21:13 - 02014208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-08-18 23:07 - 2014-09-11 21:13 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-08-18 22:55 - 2014-09-11 21:13 - 01447424 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-08-18 22:46 - 2014-09-11 21:13 - 01812992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-08-18 22:38 - 2014-09-11 21:13 - 01190400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-08-18 22:38 - 2014-09-11 21:13 - 00775168 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-08-18 22:36 - 2014-09-11 21:13 - 00678400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-08-17 13:28 - 2013-06-28 10:37 - 00000000 ____D () C:\Users\Robbie\Desktop\Troep
2014-08-15 13:05 - 2014-08-06 11:38 - 00000000 ____D () C:\Program Files (x86)\WEBZEN
2014-08-15 09:37 - 2014-08-14 19:39 - 00000000 ____D () C:\Users\Robbie\Documents\ArcheAge
2014-08-14 19:39 - 2014-08-14 19:39 - 00000000 ____D () C:\ArcheAge
2014-08-14 10:38 - 2014-06-05 10:29 - 00000000 ____D () C:\Program Files (x86)\Glyph
2014-08-14 04:19 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache
2014-08-14 03:30 - 2009-07-14 07:08 - 00032648 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-08-14 03:28 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
 
Some content of TEMP:
====================
C:\Users\Robbie\AppData\Local\Temp\3dab0821bd2e750420130c0bef3fdfa6.dll
C:\Users\Robbie\AppData\Local\Temp\NGMDll.dll
C:\Users\Robbie\AppData\Local\Temp\NGMResource.dll
C:\Users\Robbie\AppData\Local\Temp\Quarantine.exe
C:\Users\Robbie\AppData\Local\Temp\sfamcc00001.dll
C:\Users\Robbie\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Robbie\AppData\Local\Temp\unicows.dll
C:\Users\Robbie\AppData\Local\Temp\vcredist_x64.exe
 
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2014-09-06 16:50
 
==================== End Of Log ============================
 
 
Thanks in advance, again :).


BC AdBot (Login to Remove)

 


#2 aharonov

aharonov

  • Malware Response Team
  • 2,441 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:04:36 AM

Posted 13 September 2014 - 07:26 AM

Hi,

Im fairly sure i got it from downloading something on cnet.

No, the origin is this cracked sh*t you downloaded via torrent.


Please download this attached Attached File  fixlist.txt   333bytes   2 downloads and save it in the same directory as FRST.
  • Start FRST with Administrator privileges.
  • Press the Fix button.
  • When finished, a log file (Fixlog.txt) pops up and is saved to the same location the tool was run from.
    Please copy and paste its contents in your next reply.

Edited by aharonov, 13 September 2014 - 07:26 AM.


#3 aharonov

aharonov

  • Malware Response Team
  • 2,441 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:04:36 AM

Posted 19 September 2014 - 03:25 PM

I haven't heard from you for some time.
Do you still need help?

#4 aharonov

aharonov

  • Malware Response Team
  • 2,441 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:04:36 AM

Posted 29 September 2014 - 09:19 AM

Due to the lack of feedback, this topic is now closed.

In the event you still have problems, please send me or any Moderator a Private Message and ask them to reopen this topic within the next 5 days.

Please include a link to your topic in the Private Message. Thank you.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users