Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Cannot Remove GameHarbor


  • This topic is locked This topic is locked
4 replies to this topic

#1 MiaRoseblood

MiaRoseblood

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:08:03 AM

Posted 15 September 2014 - 12:29 AM

Hi,

This is my first post and I see that several folks are having the same problem as I am with gameharbor poping up in my internet browser on start up. I have tried a lot of different things but nothing seems to remove it.

 

Here is the scan from FRST:

 
 
 
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 12-09-2014
Ran by MiMi (administrator) on MISHKA on 14-09-2014 21:34:48
Running from C:\Users\MiMi\Desktop\FRST
Platform: Windows 8.1 (X64) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
() C:\Program Files\Intel\Intel® Smart Connect Technology Agent\iSCTAgent.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
(Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\21.5.0.19\n360.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.6.15\nst.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\21.5.0.19\n360.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.6.15\nst.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\ismagent.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
() C:\Program Files (x86)\Intel\Intel® ME FW Recovery Agent\bin\updateui.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Spotify Ltd) C:\Users\MiMi\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(BitTorrent Inc.) C:\Users\MiMi\AppData\Roaming\uTorrent\uTorrent.exe
(Intel Corporation) C:\Program Files\Intel\Intel® Smart Connect Technology Agent\iSCTsysTray.exe
(FNet Co., Ltd.) C:\Program Files (x86)\XFastUSB\XFastUsb.exe
(PowerISO Computing, Inc.) E:\Program Files (86x)\PowerISO\PWRISOVM.EXE
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe
() C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\HEX\Adobe CEF Helper.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE15\CSISYNCCLIENT.EXE
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20605_x64__8wekyb3d8bbwe\livecomm.exe
(Microsoft Corporation) C:\Windows\System32\prevhost.exe
 
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13191312 2012-08-06] (Realtek Semiconductor)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM\...\Run: [Nvtmru] => "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe"
HKLM\...\Run: [ShadowPlay] => C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2403288 2014-08-08] (NVIDIA Corporation)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [472984 2013-12-10] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [285240 2012-11-19] (Intel Corporation)
HKLM-x32\...\Run: [XFastUSB] => C:\Program Files (x86)\XFastUSB\XFastUsb.exe [5021448 2013-07-09] (FNet Co., Ltd.)
HKLM-x32\...\Run: [PWRISOVM.EXE] => E:\Program Files (86x)\PowerISO\PWRISOVM.EXE [307200 2011-06-14] (PowerISO Computing, Inc.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Razer Synapse] => C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe [442200 2013-09-28] (Razer Inc.)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2239376 2013-12-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1075296 2013-04-25] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS5.5ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe [1523360 2011-01-12] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [3816784 2014-07-21] (LogMeIn Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-07-25] (Oracle Corporation)
Winlogon\Notify\igfxcui: igfxdev.dll [X]
HKU\S-1-5-21-4121855776-77438116-1890811781-1001\...\Run: [Steam] => E:\Program Files (86x)\Steam\steam.exe [1939136 2014-08-28] (Valve Corporation)
HKU\S-1-5-21-4121855776-77438116-1890811781-1001\...\Run: [Spotify Web Helper] => C:\Users\MiMi\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1245752 2014-08-28] (Spotify Ltd)
HKU\S-1-5-21-4121855776-77438116-1890811781-1001\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [22734160 2014-08-08] (Google)
HKU\S-1-5-21-4121855776-77438116-1890811781-1001\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-4121855776-77438116-1890811781-1001\...\Run: [uTorrent] => C:\Users\MiMi\AppData\Roaming\uTorrent\uTorrent.exe [1329744 2014-08-09] (BitTorrent Inc.)
HKU\S-1-5-21-4121855776-77438116-1890811781-1001\...\Run: [CMD] => cmd.exe /c start http://extendedunlimited.org && exit <===== ATTENTION
HKU\S-1-5-21-4121855776-77438116-1890811781-1001\...\MountPoints2: F - "F:\setup.exe" 
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [166568 2014-05-19] (NVIDIA Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\iSCTsysTray.lnk
ShortcutTarget: iSCTsysTray.lnk -> C:\Program Files\Intel\Intel® Smart Connect Technology Agent\iSCTsysTray.exe (Intel Corporation)
ShellIconOverlayIdentifiers:  AccExtIco1 -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll ()
ShellIconOverlayIdentifiers:  AccExtIco2 -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll ()
ShellIconOverlayIdentifiers:  AccExtIco3 -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync_x64.dll ()
ShellIconOverlayIdentifiers: OverlayExcluded -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files (x86)\Norton 360\Engine64\21.5.0.19\buShell.dll (Symantec Corporation)
ShellIconOverlayIdentifiers: OverlayPending -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files (x86)\Norton 360\Engine64\21.5.0.19\buShell.dll (Symantec Corporation)
ShellIconOverlayIdentifiers: OverlayProtected -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files (x86)\Norton 360\Engine64\21.5.0.19\buShell.dll (Symantec Corporation)
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton 360\Engine64\21.5.0.19\coIEPlg.dll (Symantec Corporation)
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Norton Identity Protection -> {AB4C7833-A6EC-433f-B9FE-6B14B1A2F836} -> C:\Program Files (x86)\Norton Identity Safe\Engine64\2014.7.6.15\coIEPlg.dll (Symantec Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton 360\Engine\21.5.0.19\coIEPlg.dll (Symantec Corporation)
BHO-x32: Norton Vulnerability Protection -> {6D53EC84-6AAE-4787-AEEE-F4628F01010C} -> C:\Program Files (x86)\Norton 360\Engine\21.5.0.19\IPS\IPSBHO.DLL (Symantec Corporation)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Norton Identity Safe Toolbar - {A13C2648-91D4-4bf3-BC6D-0079707C4389} - C:\Program Files (x86)\Norton Identity Safe\Engine64\2014.7.6.15\coIEPlg.dll (Symantec Corporation)
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine64\21.5.0.19\coIEPlg.dll (Symantec Corporation)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\21.5.0.19\coIEPlg.dll (Symantec Corporation)
Toolbar: HKCU - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine64\21.5.0.19\coIEPlg.dll (Symantec Corporation)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 75.75.75.75 75.75.76.76
Tcpip\..\Interfaces\{A06D718A-3DBC-4BD1-85C6-F91B12CDDCBA}: [NameServer] 8.8.8.8,8.8.4.4,4.2.2.1,4.2.2.2,208.67.222.222,208.67.220.220,8.26.56.26,8.20.247.20,156.154.70.1,156.154.71.1
 
FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll ()
FF Plugin: @java.com/DTPlugin,version=10.25.2 -> C:\WINDOWS\system32\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.25.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect_x86_64 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
FF Plugin: adobe.com/AdobeExManDetect -> E:\Program Files (86x)\Adobe\Adobe Extension Manager CS6\Win64Plugin\npAdobeExManDetectX64.dll (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll (Adobe Systems)
FF Plugin-x32: adobe.com/AdobeExManDetect -> E:\Program Files (86x)\Adobe\Adobe Extension Manager CS6\npAdobeExManDetectX86.dll (Adobe Systems)
FF HKLM-x32\...\Firefox\Extensions: [{F04D2D30-776C-4d02-8627-8E4385ECA58D}] - C:\ProgramData\Norton\{92622AAD-05E8-4459-B256-765CE1E929FB}\NST_2014.7.3.12\coFFPlgn
FF HKLM-x32\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.4.0.13\IPSFF
FF Extension: Norton Vulnerability Protection - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.4.0.13\IPSFF [2014-07-12]
FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.4.0.13\coFFPlgn
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.4.0.13\coFFPlgn [2014-09-14]
 
Chrome: 
=======
CHR HomePage: Default -> 
CHR StartupUrls: Default -> "hxxp://www.google.com"
CHR DefaultSearchKeyword: Default -> B03A864AE204ADC180E94B0C9FD91CECE6C7D3A200393E8E4EA54871BAC895F8
CHR DefaultSearchURL: Default -> A4614FE7452FEF84EA9469654D87B4A6FEF1D137A164DA57C999F70CF052AD4A
CHR Profile: C:\Users\MiMi\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Translate) - C:\Users\MiMi\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2014-01-24]
CHR Extension: (Gojee Food) - C:\Users\MiMi\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajebcmdcgoggdncokkbdifohckmfpgnb [2014-01-24]
CHR Extension: (Google) - C:\Users\MiMi\AppData\Local\Google\Chrome\User Data\Default\Extensions\akadbbccfpogllggihohbkgjmgpdhdia [2013-07-19]
CHR Extension: (Google Drive) - C:\Users\MiMi\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-07-11]
CHR Extension: (Last.fm free music player) - C:\Users\MiMi\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbncpldmanoknoahidbgmkgobgmhnafh [2014-09-11]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\MiMi\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-05-21]
CHR Extension: (Spotify - Music for every moment) - C:\Users\MiMi\AppData\Local\Google\Chrome\User Data\Default\Extensions\cnkjkdjlofllcpbemipjbcpfnglbgieh [2014-01-24]
CHR Extension: (Home - KNIGHTS OF OMEN) - C:\Users\MiMi\AppData\Local\Google\Chrome\User Data\Default\Extensions\dncdlifeodennmhpggdomjfaiaigmjko [2013-07-19]
CHR Extension: (AdBlock) - C:\Users\MiMi\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2013-07-20]
CHR Extension: (YouTube) - C:\Users\MiMi\AppData\Local\Google\Chrome\User Data\Default\Extensions\gljmkepedihfojjfmjambblgjemocehi [2013-07-19]
CHR Extension: (Kindle Cloud Reader) - C:\Users\MiMi\AppData\Local\Google\Chrome\User Data\Default\Extensions\icdipabjmbhpdkjaihfjoikhjjeneebd [2014-01-24]
CHR Extension: (Google Dictionary (by Google)) - C:\Users\MiMi\AppData\Local\Google\Chrome\User Data\Default\Extensions\mgijmajocgfcbeboacabfgobmjgjcoja [2014-01-24]
CHR Extension: (Google Mail Checker) - C:\Users\MiMi\AppData\Local\Google\Chrome\User Data\Default\Extensions\mihcahmgecmbnbcchbopgniflfhgnkff [2014-01-24]
CHR Extension: (Google Wallet) - C:\Users\MiMi\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-22]
CHR Extension: (Gmail) - C:\Users\MiMi\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-07-09]
CHR HKCU\...\Chrome\Extension: [apdfllckaahabafndbhieahigkjlhalf] - C:\Users\MiMi\AppData\Local\Google\Drive\apdfllckaahabafndbhieahigkjlhalf_live.crx [2013-07-11]
 
==================== Services (Whitelisted) =================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2369720 2014-08-01] (Microsoft Corporation)
R2 Intel® ME Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe [129856 2012-07-05] (Intel Corporation)
R2 ISCTAgent; C:\Program Files\Intel\Intel® Smart Connect Technology Agent\iSCTAgent.exe [149032 2012-08-16] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [166720 2012-08-21] (Intel Corporation)
S3 KeyIso; C:\Windows\SysWOW64\keyiso.dll [44032 2013-08-21] (Microsoft Corporation)
S3 lfsvc; C:\Windows\SysWOW64\GeofenceMonitorService.dll [357376 2014-03-13] (Microsoft Corporation)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [377616 2014-07-16] (LogMeIn, Inc.)
R2 N360; C:\Program Files (x86)\Norton 360\Engine\21.5.0.19\N360.exe [265040 2014-07-31] (Symantec Corporation)
R2 NCO; C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.6.15\NST.exe [130104 2014-07-30] (Symantec Corporation)
S3 Netlogon; C:\Windows\SysWOW64\netlogon.dll [688640 2014-03-05] (Microsoft Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1720792 2014-08-08] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [18973144 2014-08-08] (NVIDIA Corporation)
R2 PnkBstrA; C:\WINDOWS\SysWOW64\PnkBstrA.exe [76888 2014-02-27] ()
S3 smphost; C:\Windows\SysWOW64\smphost.dll [11776 2013-08-21] (Microsoft Corporation)
S3 StorSvc; C:\Windows\SysWOW64\storsvc.dll [18944 2013-08-21] (Microsoft Corporation)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347880 2014-03-23] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2014-03-23] (Microsoft Corporation)
 
==================== Drivers (Whitelisted) ====================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R0 asahci64; C:\Windows\System32\drivers\asahci64.sys [49048 2012-07-18] (Asmedia Technology)
R0 AsrRamDisk; C:\Windows\System32\drivers\AsrRamDisk.sys [31016 2012-01-13] (ASRock Inc.)
R1 BHDrvx64; C:\Program Files (x86)\Norton 360\NortonData\21.4.0.13\Definitions\BASHDefs\20140821.007\BHDrvx64.sys [1588016 2014-08-18] (Symantec Corporation)
R1 ccSet_N360; C:\Windows\system32\drivers\N360x64\1505000.013\ccSetx64.sys [162392 2014-02-20] (Symantec Corporation)
R1 ccSet_NST; C:\Windows\system32\drivers\NSTx64\7DE07060.00F\ccSetx64.sys [162392 2013-09-27] (Symantec Corporation)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [487216 2014-09-09] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [142640 2014-09-09] (Symantec Corporation)
S3 FNETTBOH_305; C:\Windows\System32\drivers\FNETTBOH_305.SYS [32320 2014-09-11] (FNet Co., Ltd.)
R1 FNETURPX; C:\Windows\System32\drivers\FNETURPX.SYS [16648 2013-07-09] (FNet Co., Ltd.)
R3 hamachi; C:\Windows\system32\DRIVERS\Hamdrv.sys [46136 2014-07-21] (LogMeIn Inc.)
R1 IDSVia64; C:\Program Files (x86)\Norton 360\NortonData\21.4.0.13\Definitions\IPSDefs\20140912.001\IDSvia64.sys [633560 2014-08-29] (Symantec Corporation)
R3 ikbevent; C:\Windows\system32\DRIVERS\ikbevent.sys [20968 2012-08-16] ()
R3 imsevent; C:\Windows\system32\DRIVERS\imsevent.sys [19944 2012-08-16] ()
R3 ISCT; C:\Windows\System32\drivers\ISCTD64.sys [46016 2012-08-16] ()
S3 L6UX2; C:\Windows\System32\Drivers\L6UX264.sys [772864 2014-02-28] (Line 6)
R3 NAVENG; C:\Program Files (x86)\Norton 360\NortonData\21.4.0.13\Definitions\VirusDefs\20140913.021\ENG64.SYS [129752 2014-09-13] (Symantec Corporation)
R3 NAVEX15; C:\Program Files (x86)\Norton 360\NortonData\21.4.0.13\Definitions\VirusDefs\20140913.021\EX64.SYS [2137304 2014-09-13] (Symantec Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [20440 2014-08-08] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [40392 2014-03-31] (NVIDIA Corporation)
R3 RtlWlanu; C:\Windows\system32\DRIVERS\rtwlanu.sys [1975000 2013-07-31] (Realtek Semiconductor Corporation                           )
R1 SRTSP; C:\Windows\System32\Drivers\N360x64\1505000.013\SRTSP64.SYS [875736 2014-02-12] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\N360x64\1505000.013\SRTSPX64.SYS [36952 2013-10-29] (Symantec Corporation)
R0 SymDS; C:\Windows\System32\drivers\N360x64\1505000.013\SYMDS64.SYS [493656 2013-10-30] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\N360x64\1505000.013\SYMEFA64.SYS [1148120 2014-03-03] (Symantec Corporation)
S0 SymELAM; C:\Windows\System32\drivers\N360x64\1505000.013\SymELAM.sys [23568 2013-10-30] (Symantec Corporation)
R3 SymEvent; C:\WINDOWS\system32\Drivers\SYMEVENT64x86.SYS [177752 2014-07-12] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\N360x64\1505000.013\Ironx64.SYS [264280 2013-10-29] (Symantec Corporation)
R1 SymNetS; C:\Windows\System32\Drivers\N360x64\1505000.013\SYMNETS.SYS [593112 2014-02-17] (Symantec Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123224 2014-03-23] (Microsoft Corporation)
R3 WPRO_41_2001; C:\Windows\System32\drivers\WPRO_41_2001.sys [34752 2014-09-14] ()
S3 xusb22; C:\Windows\System32\drivers\xusb22.sys [87040 2014-03-18] (Microsoft Corporation)
S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [X]
S3 MREMP50; \??\C:\Program Files (x86)\Common Files\Motive\MREMP50.sys [X]
S3 MREMP50a64; \??\C:\Program Files\Common Files\Motive\MREMP50a64.sys [X]
S3 MRESP50; \??\C:\Program Files (x86)\Common Files\Motive\MRESP50.sys [X]
S3 MRESP50a64; \??\C:\Program Files\Common Files\Motive\MRESP50a64.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
 
 
==================== One Month Created Files and Folders ========
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2014-09-14 13:25 - 2014-09-14 21:34 - 00000000 ____D () C:\Users\MiMi\Desktop\FRST
2014-09-14 12:00 - 2014-09-14 12:00 - 00000000 ____D () C:\Program Files\Enigma Software Group
2014-09-14 12:00 - 2014-09-14 12:00 - 00000000 _____ () C:\autoexec.bat
2014-09-14 11:59 - 2014-09-14 13:14 - 00000000 ____D () C:\WINDOWS\ACF5FE1B377240688B872D2A6EFD0A05.TMP
2014-09-14 11:55 - 2014-09-14 11:55 - 00000000 __SHD () C:\Users\MiMi\AppData\Local\EmieUserList
2014-09-14 11:55 - 2014-09-14 11:55 - 00000000 __SHD () C:\Users\MiMi\AppData\Local\EmieSiteList
2014-09-14 11:40 - 2014-09-14 11:40 - 00854417 _____ () C:\Users\MiMi\Desktop\SecurityCheck.exe
2014-09-14 11:36 - 2014-09-14 21:34 - 00000000 ____D () C:\FRST
2014-09-14 11:07 - 2014-09-14 11:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-09-14 11:06 - 2014-09-14 11:10 - 00122584 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2014-09-14 11:06 - 2014-09-14 11:07 - 00001114 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-09-14 11:06 - 2014-09-14 11:07 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-09-14 11:06 - 2014-09-14 11:06 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-09-14 11:06 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2014-09-14 11:06 - 2014-05-12 07:26 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2014-09-14 11:06 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
2014-09-14 11:05 - 2014-09-14 11:05 - 17523384 _____ (Malwarebytes Corporation ) C:\Users\MiMi\Desktop\mb3-setup-1878.1878-3.5.1.2522.exe
2014-09-14 10:19 - 2014-09-14 10:19 - 00000000 ____D () C:\WINDOWS\ERUNT
2014-09-14 10:14 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\WINDOWS\SysWOW64\sqlite3.dll
2014-09-14 10:12 - 2014-09-14 13:23 - 00000000 ____D () C:\AdwCleaner
2014-09-14 10:11 - 2014-09-14 10:11 - 01373475 _____ () C:\Users\MiMi\Desktop\adwcleaner_3.310.exe
2014-09-12 10:31 - 2014-09-12 10:31 - 00002077 _____ () C:\Users\Public\Desktop\3D Vision Photo Viewer.lnk
2014-09-11 13:03 - 2014-05-19 16:10 - 00601432 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvStreaming.exe
2014-09-11 13:02 - 2014-09-11 13:02 - 00000000 ____D () C:\WINDOWS\LastGood.Tmp
2014-09-10 10:31 - 2014-08-15 19:40 - 23591424 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-09-10 10:31 - 2014-08-15 19:04 - 17455104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-09-10 10:31 - 2014-08-15 19:00 - 05833728 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2014-09-10 10:31 - 2014-08-15 19:00 - 02793984 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2014-09-10 10:31 - 2014-08-15 18:56 - 00547328 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2014-09-10 10:31 - 2014-08-15 18:54 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
2014-09-10 10:31 - 2014-08-15 18:45 - 04232704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2014-09-10 10:31 - 2014-08-15 18:43 - 00758272 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2014-09-10 10:31 - 2014-08-15 18:32 - 00446464 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtmsft.dll
2014-09-10 10:31 - 2014-08-15 18:25 - 00072704 _____ (Microsoft Corporation) C:\WINDOWS\system32\JavaScriptCollectionAgent.dll
2014-09-10 10:31 - 2014-08-15 18:22 - 00454656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2014-09-10 10:31 - 2014-08-15 18:20 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll
2014-09-10 10:31 - 2014-08-15 18:19 - 00085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2014-09-10 10:31 - 2014-08-15 18:18 - 02185728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2014-09-10 10:31 - 2014-08-15 18:18 - 00289280 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2014-09-10 10:31 - 2014-08-15 18:11 - 00597504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2014-09-10 10:31 - 2014-08-15 18:06 - 00359424 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2014-09-10 10:31 - 2014-08-15 18:05 - 00727040 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2014-09-10 10:31 - 2014-08-15 18:05 - 00707072 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2014-09-10 10:31 - 2014-08-15 18:03 - 02104832 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2014-09-10 10:31 - 2014-08-15 18:03 - 00365056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtmsft.dll
2014-09-10 10:31 - 2014-08-15 17:58 - 00060416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JavaScriptCollectionAgent.dll
2014-09-10 10:31 - 2014-08-15 17:56 - 02310656 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2014-09-10 10:31 - 2014-08-15 17:53 - 13588480 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2014-09-10 10:31 - 2014-08-15 17:53 - 00243200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2014-09-10 10:31 - 2014-08-15 17:53 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2014-09-10 10:31 - 2014-08-15 17:51 - 11769856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2014-09-10 10:31 - 2014-08-15 17:45 - 00603136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2014-09-10 10:31 - 2014-08-15 17:44 - 02014208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2014-09-10 10:31 - 2014-08-15 17:44 - 00312320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2014-09-10 10:31 - 2014-08-15 17:34 - 01447424 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2014-09-10 10:31 - 2014-08-15 17:20 - 01812992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2014-09-10 10:31 - 2014-08-15 17:18 - 00775168 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2014-09-10 10:31 - 2014-08-15 17:14 - 01190400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2014-09-10 10:31 - 2014-08-15 17:12 - 00678400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2014-09-10 10:21 - 2014-09-04 19:36 - 00097280 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2014-09-10 10:21 - 2014-09-04 19:31 - 00527360 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2014-09-10 10:21 - 2014-09-04 17:48 - 00738816 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepdu.dll
2014-09-10 10:20 - 2014-08-01 17:18 - 01212928 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2014-09-10 10:19 - 2014-07-23 20:20 - 00875688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcr120_clr0400.dll
2014-09-10 10:19 - 2014-07-23 20:20 - 00869544 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcr120_clr0400.dll
2014-09-10 00:00 - 2014-09-10 00:11 - 00000000 ____D () C:\Users\MiMi\Desktop\Broadcasts Video
2014-09-09 23:32 - 2014-09-09 23:32 - 00000000 ____D () C:\Users\MiMi\AppData\Roaming\Steam
2014-09-09 14:15 - 2014-09-09 14:17 - 232480872 _____ (NVIDIA Corporation) C:\Users\MiMi\Desktop\335.23-desktop-win8-win7-winvista-64bit-english-whql.exe
2014-09-03 21:59 - 2014-09-03 21:59 - 00000000 ____D () C:\Users\MiMi\Desktop\Bin 2 - Copy
2014-09-03 21:58 - 2014-09-03 21:59 - 01210873 _____ () C:\Users\MiMi\Desktop\SC-TS-748741-C.rar
2014-09-02 20:55 - 2014-09-02 20:55 - 00000000 ____D () C:\Users\MiMi\AppData\Local\Electronic Arts
2014-09-02 03:45 - 2014-09-02 03:46 - 00000000 ____D () C:\Users\MiMi\Desktop\drawing stuff
2014-08-29 22:05 - 2014-08-29 22:05 - 00001028 _____ () C:\Users\Public\Desktop\Mass Effect.lnk
2014-08-28 10:46 - 2014-08-22 17:42 - 04148224 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2014-08-28 10:46 - 2014-08-06 19:12 - 01336624 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2014-08-28 10:46 - 2014-08-01 20:56 - 01064448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2014-08-26 00:55 - 2014-08-26 21:25 - 00000000 ____D () C:\Users\MiMi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2014-08-23 20:43 - 2014-08-23 20:41 - 00001877 _____ () C:\Users\MiMi\Desktop\nvse_loader.exe - Shortcut.lnk
2014-08-23 20:38 - 2014-08-23 20:38 - 00611648 _____ () C:\Users\MiMi\Desktop\nvse_4_2_beta4.7z
2014-08-18 01:55 - 2014-08-18 01:55 - 00002284 _____ () C:\Users\MiMi\Desktop\FNVEdit.exe - Shortcut.lnk
2014-08-18 01:54 - 2014-08-18 01:54 - 00000000 ____D () C:\Users\MiMi\Desktop\FNVEdit_3_0_32_EXPERIMENTAL-34703-3-0-32EXP
2014-08-18 01:52 - 2014-08-18 01:52 - 02350277 _____ () C:\Users\MiMi\Desktop\FNVEdit_3_0_32_EXPERIMENTAL-34703-3-0-32EXP.7z
2014-08-18 01:20 - 2014-08-19 18:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LOOT
2014-08-18 01:20 - 2014-08-18 01:20 - 00000981 _____ () C:\Users\MiMi\Desktop\LOOT.lnk
2014-08-18 01:20 - 2014-08-18 01:20 - 00000000 ____D () C:\Users\MiMi\AppData\Local\LOOT
2014-08-18 01:20 - 2014-08-18 01:20 - 00000000 ____D () C:\Program Files (x86)\LOOT
2014-08-18 01:19 - 2014-08-18 01:19 - 02500213 _____ (LOOT Team) C:\Users\MiMi\Desktop\LOOT.Installer.exe
2014-08-17 15:26 - 2014-08-17 15:26 - 00272808 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\javaws.exe
2014-08-17 15:26 - 2014-08-17 15:26 - 00175528 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\javaw.exe
2014-08-17 15:26 - 2014-08-17 15:26 - 00175528 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\java.exe
2014-08-17 15:26 - 2014-08-17 15:26 - 00098216 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2014-08-17 15:17 - 2014-08-17 15:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-08-15 20:14 - 2014-08-15 20:13 - 00001782 _____ () C:\Users\MiMi\Desktop\fnv4gb.exe - Shortcut.lnk
2014-08-15 11:41 - 2014-08-01 20:11 - 00918528 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2014-08-15 11:41 - 2014-07-15 11:16 - 03048880 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcMon.exe
2014-08-15 11:41 - 2014-07-15 01:29 - 03118080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wpc.dll
2014-08-15 11:41 - 2014-07-15 01:22 - 02861056 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebSync.dll
2014-08-15 11:41 - 2014-07-15 01:03 - 02344448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Wpc.dll
2014-08-15 11:41 - 2014-07-11 21:17 - 00623616 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAgent.exe
2014-08-15 11:41 - 2014-07-09 21:16 - 00716800 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveTelemetry.dll
2014-08-15 11:41 - 2014-07-09 21:03 - 04756992 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncEngine.dll
2014-08-15 11:41 - 2014-07-09 20:33 - 01120256 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDrive.exe
2014-08-15 11:41 - 2014-06-19 18:48 - 01273184 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
2014-08-15 11:41 - 2014-06-19 16:52 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
2014-08-15 11:41 - 2014-06-12 18:15 - 00517528 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2014-08-15 11:41 - 2014-06-12 18:14 - 01557848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2014-08-15 11:41 - 2014-06-12 17:10 - 00406400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2014-08-15 11:41 - 2014-06-09 15:13 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2014-08-15 11:41 - 2014-06-09 15:13 - 00035480 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2014-08-15 11:41 - 2014-06-06 04:34 - 02133504 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2014-08-15 11:41 - 2014-06-05 07:13 - 00216368 _____ (Microsoft Corporation) C:\WINDOWS\system32\rsaenh.dll
2014-08-15 11:41 - 2014-06-05 06:14 - 00189016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rsaenh.dll
2014-08-15 11:41 - 2014-06-04 02:27 - 00114520 _____ (Microsoft Corporation) C:\WINDOWS\system32\consent.exe
2014-08-15 11:41 - 2014-06-03 22:31 - 00356352 _____ (Microsoft Corporation) C:\WINDOWS\system32\msihnd.dll
2014-08-15 11:41 - 2014-06-03 22:22 - 02790912 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2014-08-15 11:41 - 2014-06-03 21:43 - 00281088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msihnd.dll
2014-08-15 11:41 - 2014-06-03 21:38 - 03304448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2014-08-15 11:41 - 2014-06-03 19:15 - 02642944 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2014-08-15 11:41 - 2014-06-03 19:14 - 02318336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2014-08-15 11:41 - 2014-06-01 19:10 - 00423768 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2014-08-15 11:41 - 2014-05-31 03:07 - 00467800 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2014-08-15 11:41 - 2014-05-31 03:07 - 00440664 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbport.sys
2014-08-15 11:41 - 2014-05-31 03:07 - 00419672 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbhub.sys
2014-08-15 11:41 - 2014-05-31 03:07 - 00089944 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbehci.sys
2014-08-15 11:41 - 2014-05-31 03:07 - 00027480 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbd.sys
2014-08-15 11:41 - 2014-05-30 23:30 - 00037376 ____C (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbuhci.sys
2014-08-15 11:41 - 2014-05-30 23:27 - 00206848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2014-08-15 11:41 - 2014-05-30 23:27 - 00110592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WUDFPf.sys
2014-08-15 11:41 - 2014-05-30 23:26 - 00227840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WUDFRd.sys
2014-08-15 11:41 - 2014-05-30 21:01 - 00284672 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUDFHost.exe
2014-08-15 11:41 - 2014-05-30 21:01 - 00209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUDFPlatform.dll
2014-08-15 11:41 - 2014-05-30 21:01 - 00099840 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUDFSvc.dll
2014-08-15 11:41 - 2014-05-27 08:53 - 02518360 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2014-08-15 11:41 - 2014-05-27 02:56 - 00323584 _____ (Microsoft Corporation) C:\WINDOWS\system32\DaOtpCredentialProvider.dll
2014-08-15 11:41 - 2014-05-27 02:53 - 00270848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DaOtpCredentialProvider.dll
2014-08-15 11:41 - 2014-05-16 21:59 - 16871936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2014-08-15 11:41 - 2014-05-16 21:13 - 12711424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2014-08-15 11:41 - 2014-05-13 00:01 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\BulkOperationHost.exe
2014-08-15 11:41 - 2014-05-12 22:07 - 02844160 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2014-08-15 11:41 - 2014-05-12 21:41 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\winbici.dll
2014-08-15 11:41 - 2014-05-12 21:26 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\system32\SkyDriveShell.dll
2014-08-15 11:41 - 2014-05-12 20:59 - 01035264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2014-08-15 11:41 - 2014-05-12 20:31 - 00265216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SkyDriveShell.dll
2014-08-15 11:41 - 2014-05-03 04:29 - 01726224 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2014-08-15 11:41 - 2014-05-03 02:20 - 01473080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2014-08-15 11:41 - 2014-05-02 22:36 - 00997888 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2014-08-15 11:41 - 2014-05-02 22:19 - 00071168 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncobjapi.dll
2014-08-15 11:41 - 2014-05-02 22:08 - 00301056 _____ (Microsoft Corporation) C:\WINDOWS\system32\framedynos.dll
2014-08-15 11:41 - 2014-05-02 22:07 - 00262656 _____ (Microsoft Corporation) C:\WINDOWS\system32\framedyn.dll
2014-08-15 11:41 - 2014-05-02 21:46 - 00052736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncobjapi.dll
2014-08-15 11:41 - 2014-05-02 21:37 - 00235008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\framedynos.dll
2014-08-15 11:41 - 2014-05-02 21:37 - 00207360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\framedyn.dll
2014-08-15 11:41 - 2014-05-02 16:26 - 00050745 _____ () C:\WINDOWS\system32\srms.dat
2014-08-15 11:41 - 2014-04-30 22:44 - 01025536 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2014-08-15 11:41 - 2014-04-29 23:43 - 00071680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vwififlt.sys
2014-08-15 11:41 - 2014-04-29 23:41 - 00402432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2014-08-15 11:41 - 2014-04-29 23:41 - 00096768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\agilevpn.sys
2014-08-15 11:41 - 2014-04-29 23:41 - 00038912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vwifimp.sys
2014-08-15 11:41 - 2014-04-29 22:45 - 00123392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Robocopy.exe
2014-08-15 11:41 - 2014-04-29 21:48 - 00106496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Robocopy.exe
2014-08-15 11:41 - 2014-04-29 21:24 - 00065024 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcsvc6.dll
2014-08-15 11:41 - 2014-04-29 21:23 - 00353280 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore.dll
2014-08-15 11:41 - 2014-04-29 21:23 - 00271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore6.dll
2014-08-15 11:41 - 2014-04-29 21:23 - 00087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcsvc.dll
2014-08-15 11:41 - 2014-04-29 21:14 - 00827392 _____ (Microsoft Corporation) C:\WINDOWS\system32\BFE.DLL
2014-08-15 11:41 - 2014-04-29 20:59 - 01063424 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL
2014-08-15 11:41 - 2014-04-29 20:46 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore.dll
2014-08-15 11:41 - 2014-04-29 20:46 - 00229888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore6.dll
2014-08-15 11:41 - 2014-04-29 20:46 - 00056320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcsvc6.dll
2014-08-15 11:41 - 2014-04-29 20:45 - 00062976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcsvc.dll
2014-08-15 11:41 - 2014-04-29 20:42 - 00403968 _____ (Microsoft Corporation) C:\WINDOWS\system32\vpnike.dll
2014-08-15 11:41 - 2014-04-28 15:40 - 00721408 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2014-08-15 11:41 - 2014-04-26 15:03 - 02140888 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2014-08-15 11:41 - 2014-04-26 13:14 - 02144984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2014-08-15 11:41 - 2014-04-26 09:39 - 00339456 _____ (Microsoft Corporation) C:\WINDOWS\system32\bdesvc.dll
2014-08-15 11:41 - 2014-04-14 02:37 - 02125344 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d9.dll
2014-08-15 11:41 - 2014-04-14 01:08 - 01797896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d9.dll
2014-08-15 11:41 - 2014-04-13 22:18 - 00011776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d8thk.dll
2014-08-15 11:41 - 2014-04-08 23:11 - 00226816 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebClnt.dll
2014-08-15 11:41 - 2014-04-08 22:20 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WebClnt.dll
 
==================== One Month Modified Files and Folders =======
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2014-09-14 21:34 - 2014-09-14 13:25 - 00000000 ____D () C:\Users\MiMi\Desktop\FRST
2014-09-14 21:34 - 2014-09-14 11:36 - 00000000 ____D () C:\FRST
2014-09-14 21:33 - 2013-07-23 11:33 - 00000000 ____D () C:\Users\MiMi\AppData\Roaming\uTorrent
2014-09-14 21:31 - 2013-07-09 14:50 - 00000000 ____D () C:\Users\MiMi\AppData\Roaming\Skype
2014-09-14 21:00 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2014-09-14 20:57 - 2013-07-09 01:32 - 00000908 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-09-14 20:56 - 2013-07-09 18:47 - 00000000 ____D () C:\Users\MiMi\AppData\Local\CrashDumps
2014-09-14 20:41 - 2013-07-09 11:18 - 00000830 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2014-09-14 20:13 - 2013-10-24 11:18 - 01593708 _____ () C:\WINDOWS\WindowsUpdate.log
2014-09-14 18:38 - 2013-07-08 23:30 - 00000852 _____ () C:\WINDOWS\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job
2014-09-14 18:33 - 2013-07-25 18:29 - 00000400 _____ () C:\WINDOWS\Tasks\FreeFileViewerUpdateChecker.job
2014-09-14 16:27 - 2013-11-12 17:10 - 00003914 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{3C77E224-1C48-431C-8A1F-D3AA29232186}
2014-09-14 15:54 - 2014-02-28 20:32 - 00004960 _____ () C:\WINDOWS\System32\Tasks\Microsoft Office 15 Sync Maintenance for MISHKA-MiMi MIshkA
2014-09-14 15:39 - 2013-07-08 22:03 - 00003596 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-4121855776-77438116-1890811781-1001
2014-09-14 13:37 - 2013-09-29 21:04 - 00865408 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-09-14 13:35 - 2013-10-24 11:27 - 00000000 ___DO () C:\Users\MiMi\SkyDrive
2014-09-14 13:32 - 2013-07-10 15:18 - 00000000 ___RD () C:\Users\MiMi\Google Drive
2014-09-14 13:31 - 2014-06-15 20:52 - 00000000 ____D () C:\Users\MiMi\AppData\Local\LogMeIn Hamachi
2014-09-14 13:31 - 2013-10-24 11:18 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-09-14 13:31 - 2013-09-29 20:55 - 01401116 _____ () C:\WINDOWS\PFRO.log
2014-09-14 13:31 - 2013-08-22 07:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-09-14 13:31 - 2013-08-14 10:56 - 00094656 _____ (CACE Technologies) C:\WINDOWS\system32\WPRO_41_2001woem.tmp
2014-09-14 13:31 - 2013-07-09 01:32 - 00000904 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-09-14 13:31 - 2013-07-08 23:52 - 00034752 _____ () C:\WINDOWS\system32\Drivers\WPRO_41_2001.sys
2014-09-14 13:31 - 2013-07-08 23:30 - 00000850 _____ () C:\WINDOWS\Tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job
2014-09-14 13:30 - 2013-08-22 06:25 - 00262144 ___SH () C:\WINDOWS\system32\config\BBI
2014-09-14 13:23 - 2014-09-14 10:12 - 00000000 ____D () C:\AdwCleaner
2014-09-14 13:14 - 2014-09-14 11:59 - 00000000 ____D () C:\WINDOWS\ACF5FE1B377240688B872D2A6EFD0A05.TMP
2014-09-14 12:01 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2014-09-14 12:00 - 2014-09-14 12:00 - 00000000 ____D () C:\Program Files\Enigma Software Group
2014-09-14 12:00 - 2014-09-14 12:00 - 00000000 _____ () C:\autoexec.bat
2014-09-14 11:55 - 2014-09-14 11:55 - 00000000 __SHD () C:\Users\MiMi\AppData\Local\EmieUserList
2014-09-14 11:55 - 2014-09-14 11:55 - 00000000 __SHD () C:\Users\MiMi\AppData\Local\EmieSiteList
2014-09-14 11:40 - 2014-09-14 11:40 - 00854417 _____ () C:\Users\MiMi\Desktop\SecurityCheck.exe
2014-09-14 11:32 - 2013-08-22 06:25 - 00262144 ___SH () C:\WINDOWS\system32\config\ELAM
2014-09-14 11:18 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\Camera
2014-09-14 11:18 - 2013-07-09 10:30 - 00000000 ___RD () C:\Users\MiMi\Desktop\Utilites
2014-09-14 11:10 - 2014-09-14 11:06 - 00122584 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2014-09-14 11:07 - 2014-09-14 11:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-09-14 11:07 - 2014-09-14 11:06 - 00001114 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-09-14 11:07 - 2014-09-14 11:06 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-09-14 11:06 - 2014-09-14 11:06 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-09-14 11:05 - 2014-09-14 11:05 - 17523384 _____ (Malwarebytes Corporation ) C:\Users\MiMi\Desktop\mb3-setup-1878.1878-3.5.1.2522.exe
2014-09-14 10:19 - 2014-09-14 10:19 - 00000000 ____D () C:\WINDOWS\ERUNT
2014-09-14 10:11 - 2014-09-14 10:11 - 01373475 _____ () C:\Users\MiMi\Desktop\adwcleaner_3.310.exe
2014-09-14 03:02 - 2013-07-27 20:15 - 00000000 ____D () C:\ProgramData\Origin
2014-09-14 02:00 - 2014-01-09 22:23 - 00000000 ____D () C:\Users\MiMi\AppData\Local\Adobe
2014-09-12 13:44 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\rescache
2014-09-12 10:31 - 2014-09-12 10:31 - 00002077 _____ () C:\Users\Public\Desktop\3D Vision Photo Viewer.lnk
2014-09-12 10:31 - 2013-07-09 10:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2014-09-11 22:08 - 2013-07-09 09:43 - 00032320 _____ (FNet Co., Ltd.) C:\WINDOWS\system32\Drivers\FNETTBOH_305.SYS
2014-09-11 22:07 - 2013-08-22 07:46 - 00339956 _____ () C:\WINDOWS\setupact.log
2014-09-11 13:03 - 2013-10-24 11:18 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2014-09-11 13:02 - 2014-09-11 13:02 - 00000000 ____D () C:\WINDOWS\LastGood.Tmp
2014-09-11 13:02 - 2013-10-24 11:18 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2014-09-10 22:58 - 2014-07-08 23:04 - 00000000 ___SD () C:\WINDOWS\system32\CompatTel
2014-09-10 18:10 - 2013-07-09 12:01 - 00000000 ____D () C:\Users\MiMi\Documents\my games
2014-09-10 10:32 - 2014-06-11 14:43 - 00164864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrating.dll
2014-09-10 10:32 - 2014-06-11 14:43 - 00043008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2014-09-10 10:32 - 2012-07-26 00:59 - 00000000 ____D () C:\WINDOWS\CbsTemp
2014-09-10 10:31 - 2014-06-11 14:43 - 00195584 _____ (Microsoft Corporation) C:\WINDOWS\system32\msrating.dll
2014-09-10 10:31 - 2014-06-11 14:43 - 00139264 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieUnatt.exe
2014-09-10 10:31 - 2014-06-11 14:43 - 00112128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieUnatt.exe
2014-09-10 10:31 - 2014-06-11 14:43 - 00111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollector.exe
2014-09-10 10:31 - 2014-06-11 14:43 - 00066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll
2014-09-10 10:31 - 2014-06-11 14:43 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesetup.dll
2014-09-10 10:31 - 2014-06-11 14:43 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieetwproxystub.dll
2014-09-10 10:31 - 2014-06-11 14:43 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2014-09-10 10:31 - 2014-06-11 14:43 - 00048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwproxystub.dll
2014-09-10 10:31 - 2014-06-11 14:43 - 00033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll
2014-09-10 10:31 - 2014-06-11 14:43 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iernonce.dll
2014-09-10 10:31 - 2014-06-11 14:43 - 00004096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieetwcollectorres.dll
2014-09-10 10:31 - 2014-05-01 20:43 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2014-09-10 10:31 - 2014-05-01 20:43 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2014-09-10 10:25 - 2014-05-12 01:19 - 00000000 ____D () C:\Users\MiMi\AppData\Local\NPE
2014-09-10 10:16 - 2013-07-16 11:16 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-09-10 10:09 - 2013-07-09 09:10 - 101694776 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-09-10 03:05 - 2013-10-24 11:19 - 00000000 ____D () C:\Users\MiMi
2014-09-10 01:37 - 2013-07-09 15:43 - 00000000 ____D () C:\Users\MiMi\AppData\Roaming\OBS
2014-09-10 00:11 - 2014-09-10 00:00 - 00000000 ____D () C:\Users\MiMi\Desktop\Broadcasts Video
2014-09-09 23:32 - 2014-09-09 23:32 - 00000000 ____D () C:\Users\MiMi\AppData\Roaming\Steam
2014-09-09 19:59 - 2014-02-27 22:47 - 00000000 ____D () C:\ProgramData\Package Cache
2014-09-09 19:59 - 2014-01-14 22:27 - 00000000 ____D () C:\WINDOWS\SysWOW64\directx
2014-09-09 14:17 - 2014-09-09 14:15 - 232480872 _____ (NVIDIA Corporation) C:\Users\MiMi\Desktop\335.23-desktop-win8-win7-winvista-64bit-english-whql.exe
2014-09-09 12:41 - 2013-07-09 11:18 - 00003718 _____ () C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2014-09-08 19:19 - 2013-07-09 11:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2014-09-08 18:29 - 2013-07-09 14:41 - 00404302 _____ () C:\WINDOWS\DirectX.log
2014-09-08 17:58 - 2013-07-27 20:58 - 00000000 ____D () C:\Users\MiMi\Documents\Electronic Arts
2014-09-08 17:58 - 2013-07-08 23:26 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-09-08 17:52 - 2013-07-27 20:17 - 00000000 ____D () C:\Program Files (x86)\Origin Games
2014-09-08 17:36 - 2014-07-29 20:27 - 00000000 ___RD () C:\Users\MiMi\Desktop\Needed Stuff
2014-09-08 00:20 - 2013-07-09 20:56 - 00000000 ____D () C:\Users\MiMi\AppData\Local\Spotify
2014-09-08 00:20 - 2013-07-09 20:55 - 00000000 ____D () C:\Users\MiMi\AppData\Roaming\Spotify
2014-09-05 15:38 - 2013-07-08 21:57 - 00000000 ____D () C:\Users\MiMi\AppData\Local\Packages
2014-09-04 19:36 - 2014-09-10 10:21 - 00097280 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2014-09-04 19:31 - 2014-09-10 10:21 - 00527360 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2014-09-04 17:48 - 2014-09-10 10:21 - 00738816 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepdu.dll
2014-09-03 21:59 - 2014-09-03 21:59 - 00000000 ____D () C:\Users\MiMi\Desktop\Bin 2 - Copy
2014-09-03 21:59 - 2014-09-03 21:58 - 01210873 _____ () C:\Users\MiMi\Desktop\SC-TS-748741-C.rar
2014-09-02 20:55 - 2014-09-02 20:55 - 00000000 ____D () C:\Users\MiMi\AppData\Local\Electronic Arts
2014-09-02 13:06 - 2013-08-22 08:38 - 00706016 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2014-09-02 13:06 - 2013-08-22 08:38 - 00105440 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2014-09-02 03:46 - 2014-09-02 03:45 - 00000000 ____D () C:\Users\MiMi\Desktop\drawing stuff
2014-08-29 22:05 - 2014-08-29 22:05 - 00001028 _____ () C:\Users\Public\Desktop\Mass Effect.lnk
2014-08-29 11:37 - 2014-05-19 10:21 - 00000132 _____ () C:\Users\MiMi\AppData\Roaming\Adobe PNG Format CS6 Prefs
2014-08-29 09:05 - 2013-08-22 07:44 - 05127480 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2014-08-27 18:49 - 2014-07-29 15:41 - 00000000 ____D () C:\Users\MiMi\Documents\Max Payne 2 Savegames
2014-08-26 21:25 - 2014-08-26 00:55 - 00000000 ____D () C:\Users\MiMi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2014-08-25 14:27 - 2014-02-28 20:24 - 00000000 ____D () C:\Program Files\Microsoft Office 15
2014-08-23 20:41 - 2014-08-23 20:43 - 00001877 _____ () C:\Users\MiMi\Desktop\nvse_loader.exe - Shortcut.lnk
2014-08-23 20:38 - 2014-08-23 20:38 - 00611648 _____ () C:\Users\MiMi\Desktop\nvse_4_2_beta4.7z
2014-08-22 17:42 - 2014-08-28 10:46 - 04148224 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2014-08-19 23:58 - 2013-07-10 15:18 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2014-08-19 18:55 - 2014-08-18 01:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LOOT
2014-08-19 12:17 - 2013-07-12 01:13 - 00000000 ____D () C:\Users\MiMi\Documents\Nexus Mod Manager
2014-08-18 01:55 - 2014-08-18 01:55 - 00002284 _____ () C:\Users\MiMi\Desktop\FNVEdit.exe - Shortcut.lnk
2014-08-18 01:54 - 2014-08-18 01:54 - 00000000 ____D () C:\Users\MiMi\Desktop\FNVEdit_3_0_32_EXPERIMENTAL-34703-3-0-32EXP
2014-08-18 01:52 - 2014-08-18 01:52 - 02350277 _____ () C:\Users\MiMi\Desktop\FNVEdit_3_0_32_EXPERIMENTAL-34703-3-0-32EXP.7z
2014-08-18 01:20 - 2014-08-18 01:20 - 00000981 _____ () C:\Users\MiMi\Desktop\LOOT.lnk
2014-08-18 01:20 - 2014-08-18 01:20 - 00000000 ____D () C:\Users\MiMi\AppData\Local\LOOT
2014-08-18 01:20 - 2014-08-18 01:20 - 00000000 ____D () C:\Program Files (x86)\LOOT
2014-08-18 01:19 - 2014-08-18 01:19 - 02500213 _____ (LOOT Team) C:\Users\MiMi\Desktop\LOOT.Installer.exe
2014-08-17 15:26 - 2014-08-17 15:26 - 00272808 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\javaws.exe
2014-08-17 15:26 - 2014-08-17 15:26 - 00175528 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\javaw.exe
2014-08-17 15:26 - 2014-08-17 15:26 - 00175528 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\java.exe
2014-08-17 15:26 - 2014-08-17 15:26 - 00098216 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2014-08-17 15:26 - 2013-10-16 18:28 - 00000000 ____D () C:\ProgramData\Oracle
2014-08-17 15:17 - 2014-08-17 15:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-08-17 02:23 - 2013-08-22 08:36 - 00000000 ___RD () C:\WINDOWS\ToastData
2014-08-17 02:23 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\PolicyDefinitions
2014-08-17 02:23 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\MediaViewer
2014-08-17 02:23 - 2013-08-22 08:36 - 00000000 ____D () C:\WINDOWS\FileManager
2014-08-15 20:13 - 2014-08-15 20:14 - 00001782 _____ () C:\Users\MiMi\Desktop\fnv4gb.exe - Shortcut.lnk
2014-08-15 19:40 - 2014-09-10 10:31 - 23591424 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-08-15 19:04 - 2014-09-10 10:31 - 17455104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-08-15 19:00 - 2014-09-10 10:31 - 05833728 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2014-08-15 19:00 - 2014-09-10 10:31 - 02793984 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2014-08-15 18:56 - 2014-09-10 10:31 - 00547328 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2014-08-15 18:54 - 2014-09-10 10:31 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
2014-08-15 18:45 - 2014-09-10 10:31 - 04232704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2014-08-15 18:43 - 2014-09-10 10:31 - 00758272 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2014-08-15 18:32 - 2014-09-10 10:31 - 00446464 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtmsft.dll
2014-08-15 18:25 - 2014-09-10 10:31 - 00072704 _____ (Microsoft Corporation) C:\WINDOWS\system32\JavaScriptCollectionAgent.dll
2014-08-15 18:22 - 2014-09-10 10:31 - 00454656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2014-08-15 18:20 - 2014-09-10 10:31 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll
2014-08-15 18:19 - 2014-09-10 10:31 - 00085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2014-08-15 18:18 - 2014-09-10 10:31 - 02185728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2014-08-15 18:18 - 2014-09-10 10:31 - 00289280 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2014-08-15 18:11 - 2014-09-10 10:31 - 00597504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2014-08-15 18:06 - 2014-09-10 10:31 - 00359424 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2014-08-15 18:05 - 2014-09-10 10:31 - 00727040 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2014-08-15 18:05 - 2014-09-10 10:31 - 00707072 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2014-08-15 18:03 - 2014-09-10 10:31 - 02104832 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2014-08-15 18:03 - 2014-09-10 10:31 - 00365056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtmsft.dll
2014-08-15 17:58 - 2014-09-10 10:31 - 00060416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JavaScriptCollectionAgent.dll
2014-08-15 17:56 - 2014-09-10 10:31 - 02310656 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2014-08-15 17:53 - 2014-09-10 10:31 - 13588480 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2014-08-15 17:53 - 2014-09-10 10:31 - 00243200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2014-08-15 17:53 - 2014-09-10 10:31 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2014-08-15 17:51 - 2014-09-10 10:31 - 11769856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2014-08-15 17:45 - 2014-09-10 10:31 - 00603136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2014-08-15 17:44 - 2014-09-10 10:31 - 02014208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2014-08-15 17:44 - 2014-09-10 10:31 - 00312320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2014-08-15 17:34 - 2014-09-10 10:31 - 01447424 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2014-08-15 17:20 - 2014-09-10 10:31 - 01812992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2014-08-15 17:18 - 2014-09-10 10:31 - 00775168 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2014-08-15 17:14 - 2014-09-10 10:31 - 01190400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2014-08-15 17:12 - 2014-09-10 10:31 - 00678400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2014-08-15 11:41 - 2014-04-19 17:04 - 00233912 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2014-08-15 11:40 - 2014-06-11 14:43 - 00428888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2014-09-14 15:39
 
==================== End Of Log ============================

 

Thanks.



BC AdBot (Login to Remove)

 


#2 aharonov

aharonov

  • Malware Response Team
  • 2,441 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:03 PM

Posted 15 September 2014 - 06:59 AM

Hi,

please try this:


Please download this attached Attached File  fixlist.txt   149bytes   38 downloads and save it in the same directory as FRST.
  • Start FRST with Administrator privileges.
  • Press the Fix button.
  • When finished, a log file (Fixlog.txt) pops up and is saved to the same location the tool was run from.
    Please copy and paste its contents in your next reply.


#3 MiaRoseblood

MiaRoseblood
  • Topic Starter

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Gender:Female
  • Local time:08:03 AM

Posted 15 September 2014 - 12:26 PM

Finally it is gone!...thank you so much.

 

Here's the log you asked for:

 

 

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 12-09-2014
Ran by MiMi at 2014-09-15 10:17:35 Run:2
Running from C:\Users\MiMi\Desktop\FRST
Boot Mode: Normal
==============================================
 
Content of fixlist:
*****************
HKU\S-1-5-21-4121855776-77438116-1890811781-1001\...\Run: [CMD] => cmd.exe /c start http://extendedunlimited.org && exit <===== ATTENTION
EmptyTemp:
*****************
 
HKU\S-1-5-21-4121855776-77438116-1890811781-1001\Software\Microsoft\Windows\CurrentVersion\Run\\CMD => value deleted successfully.
EmptyTemp: => Removed 457.6 MB temporary data.
 
 
The system needed a reboot. 
 
==== End of Fixlog ====


#4 aharonov

aharonov

  • Malware Response Team
  • 2,441 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:03 PM

Posted 15 September 2014 - 01:37 PM

You're welcome.

My help is free for everybody.
If you want to support me fighting against malware or buy me a beer for the assistance you received, then you can consider a donation: btn_donate_SM.gif.
Thank you!

#5 aharonov

aharonov

  • Malware Response Team
  • 2,441 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:05:03 PM

Posted 19 September 2014 - 03:41 PM

It appears that this issue is resolved, therefore I am closing the topic. If that is not the case and you need or wish to continue with this topic, please send me or any Moderator a Personal Message (PM) that you would like this topic re-opened.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users