Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Looking for help cleaning out my computer from any malware


  • This topic is locked This topic is locked
14 replies to this topic

#1 CBermudez0415

CBermudez0415

  • Members
  • 55 posts
  • OFFLINE
  •  
  • Local time:10:53 AM

Posted 15 September 2014 - 06:19 PM

I have malwarebytes installed in my computer and I keep getting a notification that xmlclick-g.com is getting blocked. I've run a scan and it doesn't find anything but it keeps happening I'm wondering if I can get help cleaning it out all together. Thanks.



BC AdBot (Login to Remove)

 


#2 CBermudez0415

CBermudez0415
  • Topic Starter

  • Members
  • 55 posts
  • OFFLINE
  •  
  • Local time:10:53 AM

Posted 15 September 2014 - 07:27 PM

Update: I found the path to where the popup is coming from it's C:\Users\Cristian\AppData\LocalLow\{7757EA05-3AA4-42F4-1684-B9C6693E0C79} And all the folders and files are titled with gibberish but upon looking through them there's a rundll32.exe in one of the folders and I feel like that's gonna ruin my computer more cause I know that's a damn dll rewrite

 

Edit: The whole folder is full of dll processes and I can't get rid of them manually this is annoying. 


Edited by CBermudez0415, 15 September 2014 - 07:37 PM.


#3 aharonov

aharonov

  • Malware Response Team
  • 2,441 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:04:53 PM

Posted 18 September 2014 - 09:56 AM

Hi there,

please run a FRST scan:


Please download Farbar Recovery Scan Tool and save it to your Desktop.
(If you are not sure which version (32-/64-bit) applies to your system, download and try to start both of them as just the right one will run.)
  • Start FRST with administator privileges.
  • Make sure the option Addition.txt is checked and press the Scan button.
  • When finished, FRST will produce two logs (FRST.txt and Addition.txt) in the same directory the tool was run from.
  • Please copy and paste these logs in your next reply.


#4 CBermudez0415

CBermudez0415
  • Topic Starter

  • Members
  • 55 posts
  • OFFLINE
  •  
  • Local time:10:53 AM

Posted 18 September 2014 - 05:30 PM

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 12-09-2014
Ran by Cristian (administrator) on SEXYPANTS on 18-09-2014 18:27:53
Running from C:\Users\Cristian\Downloads
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(Microsoft Corporation) C:\WINDOWS\System32\wlanext.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
() C:\WINDOWS\SysWOW64\PnkBstrA.exe
() C:\WINDOWS\SysWOW64\PnkBstrB.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Intel Corporation) C:\WINDOWS\System32\hkcmd.exe
(Intel Corporation) C:\WINDOWS\System32\igfxpers.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Google Inc.) C:\Users\Cristian\AppData\Local\Google\Update\1.3.24.15\GoogleCrashHandler.exe
(Google Inc.) C:\Users\Cristian\AppData\Local\Google\Update\1.3.24.15\GoogleCrashHandler64.exe
(Alienware Corp) C:\Program Files\Alienware\Command Center\AWCCServiceController.exe
(Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Alienware Corporation) C:\Program Files\Alienware\Command Center\AlienwareAlienFXController.exe
(Alienware) C:\Program Files\Alienware\Command Center\AWCCApplicationWatcher32.exe
(Alienware) C:\Program Files\Alienware\Command Center\AWCCApplicationWatcher64.exe
(DT Soft Ltd) C:\Program Files (x86)\DAEMON Tools Pro\DTShellHlp.exe
(Google Inc.) C:\Users\Cristian\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Cristian\AppData\Local\Google\Chrome\Application\chrome.exe
(ooVoo LLC) C:\Program Files (x86)\ooVoo\ooVoo.exe
(Blizzard Entertainment) C:\Program Files (x86)\Battle.net\Battle.net.5011\Battle.net.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
(Google Inc.) C:\Users\Cristian\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Cristian\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Cristian\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Cristian\AppData\Local\Google\Chrome\Application\chrome.exe
(Blizzard Entertainment) C:\ProgramData\Battle.net\Agent\Agent.3372\Agent.exe
(Microsoft Corporation) C:\WINDOWS\SysWOW64\svchost.exe
 
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1331288 2014-08-22] (Microsoft Corporation)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2392872 2011-02-22] (Synaptics Incorporated)
HKLM\...\Run: [Command Center Controllers] => C:\Program Files\Alienware\Command Center\AWCCStartupOrchestrator.exe [13256 2011-01-13] (Microsoft)
HKLM-x32\...\Run: [NUSB3MON] => C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [113288 2011-02-01] (Renesas Electronics Corporation)
HKLM-x32\...\Run: [VolPanel] => C:\Program Files (x86)\Creative\SB X-Fi MB\Volume Panel\VolPanlu.exe [241789 2009-05-04] (Creative Technology Ltd)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [283160 2010-11-06] (Intel Corporation)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-09-01] (Apple Inc.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\.DEFAULT\...\RunOnce: [FlashPlayerUpdate] => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_7_700_224_ActiveX.exe -update activex
HKU\S-1-5-21-354275357-2975866954-2258388748-1002\...\Run: [Google Update] => C:\Users\Cristian\AppData\Local\Google\Update\GoogleUpdate.exe [136176 2012-01-05] (Google Inc.)
HKU\S-1-5-21-354275357-2975866954-2258388748-1002\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [6462744 2014-08-21] (Piriform Ltd)
AppInit_DLLs: C:\WINDOWS\System32\nvinitx.dll => C:\WINDOWS\System32\nvinitx.dll [166568 2014-07-02] (NVIDIA Corporation)
AppInit_DLLs: , C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [166568 2014-07-02] (NVIDIA Corporation)
AppInit_DLLs-x32: c:\WINDOWS\SysWOW64\nvinit.dll => c:\WINDOWS\SysWOW64\nvinit.dll [146480 2014-07-02] (NVIDIA Corporation)
AppInit_DLLs-x32:  c:\WINDOWS\SysWOW64\nvinit.dll => c:\WINDOWS\SysWOW64\nvinit.dll [146480 2014-07-02] (NVIDIA Corporation)
AppInit_DLLs-x32:  C:\WINDOWS\SysWOW64\nvinit.dll => C:\WINDOWS\SysWOW64\nvinit.dll [146480 2014-07-02] (NVIDIA Corporation)
AppInit_DLLs-x32: , C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [146480 2014-07-02] (NVIDIA Corporation)
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
DPF: HKLM-x32 {6C269571-C6D7-4818-BCA4-32A035E8C884} http://ccfiles.creative.com/Web/softwareupdate/su/ocx/15102/CTSUEng.cab
DPF: HKLM-x32 {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab
DPF: HKLM-x32 {D4B68B83-8710-488B-A692-D74B50BA558E} http://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab
DPF: HKLM-x32 {F6ACF75C-C32C-447B-9BEF-46B766368D29} http://ccfiles.creative.com/Web/softwareupdate/ocx/130321/CTPID.cab
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} -  No File
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} -  No File
Handler-x32: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} -  No File
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
 
FireFox:
========
FF ProfilePath: C:\Users\Cristian\AppData\Roaming\Mozilla\Firefox\Profiles\x6gkd8m2.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_214.dll ()
FF Plugin: @java.com/JavaPlugin -> C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1202122.dll (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll No File
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 -> C:\Users\Cristian\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 -> C:\Users\Cristian\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF user.js: detected! => C:\Users\Cristian\AppData\Roaming\Mozilla\Firefox\Profiles\x6gkd8m2.default\user.js
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\NPcol400.dll (Catalina Marketing Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\NPOFF12.DLL (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2012-02-27]
 
Chrome: 
=======
CHR HomePage: Default -> B9DE5F6E6AF1413747E8DD46A9AC07EB43FA88FACBB40893F485447154E1F6A1
CHR DefaultSearchKeyword: Default -> B36A327B715E6A15C8348F5070D815CC9D3BA30E46551C68CB5E4D6DC2291609
CHR DefaultSearchProvider: Default -> B3984FEDC724AD2F10209C9294269B52AB8806FB3480AB9C5C06AF8112D56EB6
CHR DefaultSearchURL: Default -> 210D1FD8A866383AEF256EA84725ED52745921A243098A81FBF51BDFCAC049A5
CHR Profile: C:\Users\Cristian\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Cristian\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-09-10]
CHR Extension: (Google Docs) - C:\Users\Cristian\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-08-24]
CHR Extension: (Google Drive) - C:\Users\Cristian\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-08-24]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Cristian\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-09-11]
CHR Extension: (YouTube) - C:\Users\Cristian\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-08-24]
CHR Extension: (Google Search) - C:\Users\Cristian\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-08-24]
CHR Extension: (Google Sheets) - C:\Users\Cristian\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-09-10]
CHR Extension: (Google Wallet) - C:\Users\Cristian\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-21]
CHR Extension: (Gmail) - C:\Users\Cristian\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-08-24]
CHR HKLM-x32\...\Chrome\Extension: [bejbohlohkkgompgecdcbbglkpjfjgdj] - C:\Users\Cristian\AppData\Local\Temp\ccex.crx []
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx []
CHR StartMenuInternet: Google Chrome - C:\Users\Cristian\AppData\Local\Google\Chrome\Application\chrome.exe
 
==================== Services (Whitelisted) =================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
S4 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [440400 2014-02-25] (Avira Operations GmbH & Co. KG)
S4 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [440400 2014-02-25] (Avira Operations GmbH & Co. KG)
S4 BRSptSvc; C:\ProgramData\BitRaider\BRSptSvc.exe [477960 2013-11-27] (BitRaider, LLC)
S4 Creative ALchemy AL6 Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [79360 2011-10-06] (Creative Labs) [File not signed]
S4 Creative Audio Engine Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [79360 2011-10-06] (Creative Labs) [File not signed]
S4 CTAudSvcService; C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe [307200 2009-02-23] (Creative Technology Ltd) [File not signed]
S4 HiPatchService; C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [9216 2014-08-22] (Hi-Rez Studios) [File not signed]
S4 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [73728 2004-10-22] (Macrovision Corporation) [File not signed]
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23784 2014-08-22] (Microsoft Corporation)
S4 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [284912 2013-11-20] ()
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [368624 2014-08-22] (Microsoft Corporation)
S4 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1720608 2014-07-25] (NVIDIA Corporation)
S4 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [18956064 2014-07-25] (NVIDIA Corporation)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [75136 2014-06-01] ()
R2 PnkBstrB; C:\Windows\SysWOW64\PnkBstrB.exe [189248 2014-06-01] ()
S4 Sound Blaster X-Fi MB Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\XMBLicensing.exe [79360 2011-10-06] (Creative Labs) [File not signed]
S4 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
S4 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3674864 2013-11-20] (Intel® Corporation)
 
==================== Drivers (Whitelisted) ====================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-13] (Microsoft Corporation)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [108440 2014-02-25] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [131576 2014-02-25] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2014-02-25] (Avira Operations GmbH & Co. KG)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2012-07-01] (DT Soft Ltd)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-05-12] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [122584 2014-09-18] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-05-12] (Malwarebytes Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [269008 2014-07-17] (Microsoft Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [125584 2014-07-17] (Microsoft Corporation)
R1 nvkflt; C:\Windows\System32\DRIVERS\nvkflt.sys [299352 2014-07-02] (NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [20256 2014-07-25] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [40392 2014-03-31] (NVIDIA Corporation)
S3 RimUsb; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [27520 2007-05-14] (Research In Motion Limited)
R3 RzDxgk; C:\Windows\system32\drivers\RzDxgk.sys [129472 2014-04-10] (Razer, Inc.)
R1 RzFilter; C:\Windows\system32\drivers\RzFilter.sys [74432 2014-04-10] (Razer, Inc.)
S3 RzSynapse; C:\Windows\System32\DRIVERS\RzSynapse.sys [126464 2010-12-16] (Razer USA Ltd) [File not signed]
S3 Serial; C:\Windows\system32\drivers\serial.sys [94208 2009-07-13] (Brother Industries Ltd.)
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2012-12-13] (Apple, Inc.) [File not signed]
S3 digitalpower; system32\drivers\digitalpower.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
 
 
==================== One Month Created Files and Folders ========
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2014-09-18 18:27 - 2014-09-18 18:28 - 00019447 _____ () C:\Users\Cristian\Downloads\FRST.txt
2014-09-18 18:27 - 2014-09-18 18:27 - 02105856 _____ (Farbar) C:\Users\Cristian\Downloads\FRST64.exe
2014-09-16 00:00 - 2014-09-16 00:00 - 00079872 _____ () C:\Windows\system32\yosbiva.dll
2014-09-16 00:00 - 2014-09-16 00:00 - 00003860 _____ () C:\Windows\System32\Tasks\{C1BB9BB2-DB17-77CC-E708-BA35256B92ED}
2014-09-16 00:00 - 2014-09-16 00:00 - 00000000 _____ () C:\Windows\system32\hwfhm.dll
2014-09-15 19:08 - 2014-09-15 19:08 - 00001785 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-09-15 19:08 - 2014-09-15 19:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-09-15 19:07 - 2014-09-15 19:08 - 00000000 ___DC () C:\Program Files\iTunes
2014-09-15 19:07 - 2014-09-15 19:08 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-09-15 19:07 - 2014-09-15 19:07 - 00000000 ___DC () C:\Program Files\iPod
2014-09-14 13:35 - 2014-08-19 14:05 - 00374968 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-09-14 13:35 - 2014-08-19 13:39 - 00327872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-09-14 13:35 - 2014-08-18 19:01 - 23591424 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-09-14 13:35 - 2014-08-18 18:29 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-09-14 13:35 - 2014-08-18 18:29 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-09-14 13:35 - 2014-08-18 18:26 - 17455104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-09-14 13:35 - 2014-08-18 18:20 - 02793984 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-09-14 13:35 - 2014-08-18 18:19 - 05833728 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-09-14 13:35 - 2014-08-18 18:15 - 00547328 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-09-14 13:35 - 2014-08-18 18:15 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-09-14 13:35 - 2014-08-18 18:14 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-09-14 13:35 - 2014-08-18 18:14 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-09-14 13:35 - 2014-08-18 18:08 - 04232704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-09-14 13:35 - 2014-08-18 18:08 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-09-14 13:35 - 2014-08-18 18:08 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-09-14 13:35 - 2014-08-18 18:05 - 00596480 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-09-14 13:35 - 2014-08-18 18:03 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-09-14 13:35 - 2014-08-18 18:03 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-09-14 13:35 - 2014-08-18 18:03 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-09-14 13:35 - 2014-08-18 17:57 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-09-14 13:35 - 2014-08-18 17:56 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-09-14 13:35 - 2014-08-18 17:51 - 00446464 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-09-14 13:35 - 2014-08-18 17:46 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-09-14 13:35 - 2014-08-18 17:45 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-09-14 13:35 - 2014-08-18 17:45 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-09-14 13:35 - 2014-08-18 17:44 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-09-14 13:35 - 2014-08-18 17:44 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-09-14 13:35 - 2014-08-18 17:42 - 02185728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-09-14 13:35 - 2014-08-18 17:40 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-09-14 13:35 - 2014-08-18 17:39 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-09-14 13:35 - 2014-08-18 17:39 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-09-14 13:35 - 2014-08-18 17:39 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-09-14 13:35 - 2014-08-18 17:38 - 00289280 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-09-14 13:35 - 2014-08-18 17:37 - 00440320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-09-14 13:35 - 2014-08-18 17:36 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-09-14 13:35 - 2014-08-18 17:35 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-09-14 13:35 - 2014-08-18 17:27 - 00365056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-09-14 13:35 - 2014-08-18 17:25 - 00727040 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-09-14 13:35 - 2014-08-18 17:25 - 00707072 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-09-14 13:35 - 2014-08-18 17:23 - 02104832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-09-14 13:35 - 2014-08-18 17:23 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-09-14 13:35 - 2014-08-18 17:22 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-09-14 13:35 - 2014-08-18 17:19 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-09-14 13:35 - 2014-08-18 17:17 - 00243200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-09-14 13:35 - 2014-08-18 17:17 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-09-14 13:35 - 2014-08-18 17:16 - 13588480 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-09-14 13:35 - 2014-08-18 17:15 - 11769856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-09-14 13:35 - 2014-08-18 17:15 - 02310656 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-09-14 13:35 - 2014-08-18 17:09 - 00603136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-09-14 13:35 - 2014-08-18 17:08 - 02014208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-09-14 13:35 - 2014-08-18 17:07 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-09-14 13:35 - 2014-08-18 16:55 - 01447424 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-09-14 13:35 - 2014-08-18 16:46 - 01812992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-09-14 13:35 - 2014-08-18 16:38 - 01190400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-09-14 13:35 - 2014-08-18 16:38 - 00775168 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-09-14 13:35 - 2014-08-18 16:36 - 00678400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-09-14 13:16 - 2014-07-06 22:06 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-09-14 13:16 - 2014-07-06 22:06 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-09-14 13:16 - 2014-07-06 21:40 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-09-14 13:16 - 2014-07-06 21:40 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-09-14 13:16 - 2014-07-06 21:39 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-09-11 18:14 - 2014-09-11 18:14 - 00066056 _____ () C:\Users\Cristian\AppData\Local\GDIPFONTCACHEV1.DAT
2014-09-11 18:13 - 2014-09-16 11:57 - 00000504 _____ () C:\Windows\setupact.log
2014-09-11 18:13 - 2014-09-11 18:14 - 04854936 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-09-11 18:13 - 2014-09-11 18:13 - 00000000 _____ () C:\Windows\setuperr.log
2014-09-11 16:31 - 2014-09-11 16:32 - 00047626 _____ () C:\Users\Cristian\Documents\cc_20140911_163055.reg
2014-09-11 15:33 - 2014-09-11 15:34 - 04902336 _____ (Piriform Ltd) C:\Users\Cristian\Downloads\ccsetup417pro.exe
2014-09-11 14:13 - 2014-09-18 18:13 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-09-11 14:13 - 2014-09-11 14:13 - 00001104 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-09-11 14:13 - 2014-09-11 14:13 - 00000000 ___DC () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-09-11 14:13 - 2014-09-11 14:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-09-11 14:13 - 2014-09-11 14:13 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-09-11 14:13 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-09-11 14:13 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-09-11 14:13 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-09-11 14:12 - 2014-09-11 14:12 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Cristian\Downloads\mbam-setup-2.0.2.1012 (1).exe
2014-09-11 14:08 - 2014-09-11 14:08 - 00321848 _____ (Malwarebytes Corporation) C:\Users\Cristian\Downloads\mbam-clean-2.1.1.1001.exe
2014-09-11 13:36 - 2014-09-11 13:36 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Cristian\Downloads\mbam-setup-2.0.2.1012.exe
2014-09-10 01:13 - 2014-09-10 01:13 - 02184800 _____ () C:\Users\Cristian\Downloads\1410325461004.webm
2014-09-08 23:50 - 2014-09-08 23:50 - 00002771 _____ () C:\Users\Public\Desktop\Desktop Weather.lnk
2014-09-08 23:50 - 2014-09-08 23:50 - 00000000 ___DC () C:\Program Files (x86)\The Weather Channel
2014-09-08 23:50 - 2014-09-08 23:50 - 00000000 ____D () C:\Users\Cristian\AppData\Local\Downloaded Installations
2014-09-08 23:50 - 2014-09-08 23:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The Weather Channel
2014-09-04 19:08 - 2014-09-04 19:08 - 14887549 _____ () C:\Users\Cristian\Downloads\ZygorGuidesWOW-v4.0.9307.zip
2014-08-28 13:46 - 2014-08-22 22:07 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-08-28 13:46 - 2014-08-22 21:45 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-08-28 13:46 - 2014-08-22 20:59 - 03163648 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-08-28 13:39 - 2014-05-14 12:23 - 02477536 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2014-08-28 13:39 - 2014-05-14 12:23 - 00058336 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2014-08-28 13:39 - 2014-05-14 12:23 - 00044512 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2014-08-28 13:39 - 2014-05-14 12:21 - 02620928 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2014-08-28 13:38 - 2014-05-14 12:23 - 00700384 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2014-08-28 13:38 - 2014-05-14 12:23 - 00581600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2014-08-28 13:38 - 2014-05-14 12:23 - 00038880 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2014-08-28 13:38 - 2014-05-14 12:23 - 00036320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2014-08-28 13:38 - 2014-05-14 12:20 - 00097792 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2014-08-28 13:38 - 2014-05-14 12:17 - 00092672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2014-08-28 13:38 - 2014-05-14 09:23 - 00198600 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2014-08-28 13:38 - 2014-05-14 09:23 - 00179656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2014-08-28 13:38 - 2014-05-14 09:20 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2014-08-28 13:38 - 2014-05-14 09:17 - 00033792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2014-08-26 23:46 - 2014-08-26 23:46 - 00371821 _____ () C:\Users\Cristian\Downloads\AdiBags-v1.6.16.zip
2014-08-26 18:58 - 2014-08-26 18:58 - 00010139 _____ () C:\Users\Cristian\Downloads\SnowfallKeyPress_1.4.zip
2014-08-26 18:57 - 2014-08-26 18:57 - 00152613 _____ () C:\Users\Cristian\Downloads\Reforgenator-v2.4.3.zip
2014-08-26 18:56 - 2014-08-26 18:56 - 00141820 _____ () C:\Users\Cristian\Downloads\Bagnon_5.4.15.zip
2014-08-26 18:55 - 2014-08-26 18:55 - 00576660 _____ () C:\Users\Cristian\Downloads\Archy-1.8.44.zip
2014-08-26 18:55 - 2014-08-26 18:55 - 00246174 _____ () C:\Users\Cristian\Downloads\Auctionator_v0315.zip
2014-08-26 18:54 - 2014-08-26 18:54 - 00431914 _____ () C:\Users\Cristian\Downloads\TomTom-v50400-1.0.0.zip
2014-08-26 18:54 - 2014-08-26 18:54 - 00078297 _____ () C:\Users\Cristian\Downloads\Postal-v3.5.1 (1).zip
2014-08-26 18:53 - 2014-08-26 18:53 - 00078297 _____ () C:\Users\Cristian\Downloads\Postal-v3.5.1.zip
2014-08-26 18:52 - 2014-08-26 18:52 - 00299562 _____ () C:\Users\Cristian\Downloads\Bartender4-4.5.13.2.zip
2014-08-26 18:51 - 2014-08-26 18:51 - 00206661 _____ () C:\Users\Cristian\Downloads\_NPCScan.Overlay-5.4.8.3.zip
2014-08-26 18:50 - 2014-08-26 18:50 - 00381825 _____ () C:\Users\Cristian\Downloads\Recount-r1262.zip
2014-08-26 18:50 - 2014-08-26 18:50 - 00229180 _____ () C:\Users\Cristian\Downloads\_NPCScan-5.4.8.4.zip
2014-08-26 18:47 - 2014-08-26 18:47 - 01784075 _____ () C:\Users\Cristian\Downloads\DBM-Core-5.4.18.zip
2014-08-26 18:15 - 2014-08-26 18:15 - 01058200 _____ (Adobe) C:\Users\Cristian\Downloads\install_flashplayer14x32au_mssd_aaa_aih.exe
2014-08-26 15:15 - 2014-08-26 15:15 - 00001238 _____ () C:\Users\Public\Desktop\World of Warcraft.lnk
2014-08-26 15:14 - 2014-08-26 15:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\World of Warcraft
2014-08-26 15:10 - 2014-08-26 15:10 - 02942368 _____ (Blizzard Entertainment) C:\Users\Cristian\Downloads\World-of-Warcraft-Setup-enUS.exe
2014-08-25 20:47 - 2014-08-25 21:26 - 00000000 ____D () C:\Users\Cristian\AppData\Local\AOL
2014-08-24 10:13 - 2014-08-24 10:14 - 00000000 ____D () C:\Users\Cristian\Downloads\spacesniffer_1_1_4_0
2014-08-24 10:13 - 2014-08-24 10:13 - 01536858 _____ () C:\Users\Cristian\Downloads\spacesniffer_1_1_4_0.zip
2014-08-24 10:06 - 2014-08-24 10:12 - 00000000 ____D () C:\Users\Cristian\Downloads\myuninst
2014-08-24 10:05 - 2014-08-24 10:05 - 00046124 _____ () C:\Users\Cristian\Downloads\myuninst.zip
2014-08-24 01:57 - 2014-06-30 18:24 - 00008856 _____ (Microsoft Corporation) C:\Windows\system32\icardres.dll
2014-08-24 01:57 - 2014-06-30 18:14 - 00008856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardres.dll
2014-08-24 01:57 - 2014-03-09 17:48 - 01389208 _____ (Microsoft Corporation) C:\Windows\system32\icardagt.exe
2014-08-24 01:57 - 2014-03-09 17:48 - 00171160 _____ (Microsoft Corporation) C:\Windows\system32\infocardapi.dll
2014-08-24 01:57 - 2014-03-09 17:47 - 00619672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardagt.exe
2014-08-24 01:57 - 2014-03-09 17:47 - 00099480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\infocardapi.dll
2014-08-24 01:56 - 2014-06-06 02:16 - 00035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe
2014-08-24 01:56 - 2014-06-06 02:12 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2014-08-24 01:55 - 2014-07-25 12:55 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-08-24 01:55 - 2014-07-25 12:49 - 00272808 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-08-24 01:55 - 2014-07-25 12:49 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-08-24 01:55 - 2014-07-25 12:49 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-08-24 01:50 - 2014-08-24 01:50 - 00000003 _____ () C:\Windows\system32\HRUPPROG.EXIT
2014-08-24 01:32 - 2014-07-15 23:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-08-24 01:32 - 2014-07-15 22:46 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-08-24 01:31 - 2014-06-15 22:10 - 00985536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2014-08-24 01:31 - 2014-06-03 06:02 - 03241984 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-08-24 01:31 - 2014-06-03 06:02 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2014-08-24 01:31 - 2014-06-03 06:02 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2014-08-24 01:31 - 2014-06-03 06:02 - 00112064 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2014-08-24 01:31 - 2014-06-03 05:29 - 02363392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-08-24 01:31 - 2014-06-03 05:29 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2014-08-24 01:31 - 2014-06-03 05:29 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2014-08-24 01:30 - 2014-07-13 22:02 - 01216000 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2014-08-24 01:30 - 2014-07-13 21:40 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
 
==================== One Month Modified Files and Folders =======
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2014-09-18 18:28 - 2014-09-18 18:27 - 00019447 _____ () C:\Users\Cristian\Downloads\FRST.txt
2014-09-18 18:27 - 2014-09-18 18:27 - 02105856 _____ (Farbar) C:\Users\Cristian\Downloads\FRST64.exe
2014-09-18 18:27 - 2014-06-13 15:15 - 00000000 ___DC () C:\FRST
2014-09-18 18:27 - 2014-01-30 02:31 - 00000000 ____D () C:\Users\Cristian\AppData\Local\Battle.net
2014-09-18 18:25 - 2011-10-06 02:45 - 01567569 _____ () C:\Windows\WindowsUpdate.log
2014-09-18 18:13 - 2014-09-11 14:13 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-09-18 18:13 - 2012-05-02 21:08 - 00000902 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-09-18 18:13 - 2012-04-09 08:11 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-09-18 18:13 - 2012-01-05 21:08 - 00000920 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-354275357-2975866954-2258388748-1002UA.job
2014-09-17 23:02 - 2012-05-02 21:08 - 00000898 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-09-17 23:00 - 2012-01-05 21:08 - 00000868 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-354275357-2975866954-2258388748-1002Core.job
2014-09-16 12:05 - 2009-07-14 00:45 - 00028352 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-09-16 12:05 - 2009-07-14 00:45 - 00028352 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-09-16 11:57 - 2014-09-11 18:13 - 00000504 _____ () C:\Windows\setupact.log
2014-09-16 11:57 - 2009-07-14 01:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-09-16 10:15 - 2012-04-09 08:11 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-09-16 10:15 - 2012-04-09 08:11 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-09-16 10:15 - 2011-10-06 00:55 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-09-16 07:31 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\rescache
2014-09-16 00:00 - 2014-09-16 00:00 - 00079872 _____ () C:\Windows\system32\yosbiva.dll
2014-09-16 00:00 - 2014-09-16 00:00 - 00003860 _____ () C:\Windows\System32\Tasks\{C1BB9BB2-DB17-77CC-E708-BA35256B92ED}
2014-09-16 00:00 - 2014-09-16 00:00 - 00000000 _____ () C:\Windows\system32\hwfhm.dll
2014-09-16 00:00 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system32\sysprep
2014-09-15 19:35 - 2011-12-07 13:53 - 00000000 ____D () C:\Users\Cristian\AppData\Local\uTorrent
2014-09-15 19:08 - 2014-09-15 19:08 - 00001785 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-09-15 19:08 - 2014-09-15 19:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-09-15 19:08 - 2014-09-15 19:07 - 00000000 ___DC () C:\Program Files\iTunes
2014-09-15 19:08 - 2014-09-15 19:07 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-09-15 19:07 - 2014-09-15 19:07 - 00000000 ___DC () C:\Program Files\iPod
2014-09-15 19:07 - 2011-12-07 13:46 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-09-14 22:14 - 2011-12-07 19:36 - 00000000 ____D () C:\Users\Cristian\AppData\Local\Apple
2014-09-14 22:10 - 2014-01-02 02:17 - 00002322 _____ () C:\Users\Public\Desktop\HP Officejet 6500 E710n-z.lnk
2014-09-14 13:33 - 2011-02-10 12:10 - 00775084 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-09-14 13:33 - 2009-07-14 01:13 - 00775084 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-09-14 13:32 - 2014-04-21 12:01 - 00002079 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
2014-09-14 13:32 - 2014-04-21 12:01 - 00001945 _____ () C:\Windows\epplauncher.mif
2014-09-14 13:32 - 2014-04-21 12:01 - 00000000 ____D () C:\Program Files\Microsoft Security Client
2014-09-14 13:32 - 2014-04-21 12:01 - 00000000 ____D () C:\Program Files (x86)\Microsoft Security Client
2014-09-14 13:31 - 2013-08-15 08:30 - 00000000 ____D () C:\Windows\system32\MRT
2014-09-14 13:26 - 2011-12-08 07:30 - 101694776 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-09-12 22:06 - 2011-12-07 12:50 - 00000000 ____D () C:\Users\Cristian
2014-09-12 20:37 - 2014-01-30 02:31 - 00000000 ___DC () C:\Program Files (x86)\Battle.net
2014-09-12 00:36 - 2014-02-12 10:04 - 00000000 ____D () C:\Users\Cristian\AppData\Local\CrashDumps
2014-09-11 23:09 - 2011-12-07 14:06 - 00000000 ____D () C:\Users\Cristian\Steam
2014-09-11 18:25 - 2011-12-31 15:44 - 00000000 ____D () C:\Users\Cristian\AppData\Roaming\vlc
2014-09-11 18:14 - 2014-09-11 18:14 - 00066056 _____ () C:\Users\Cristian\AppData\Local\GDIPFONTCACHEV1.DAT
2014-09-11 18:14 - 2014-09-11 18:13 - 04854936 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-09-11 18:13 - 2014-09-11 18:13 - 00000000 _____ () C:\Windows\setuperr.log
2014-09-11 16:32 - 2014-09-11 16:31 - 00047626 _____ () C:\Users\Cristian\Documents\cc_20140911_163055.reg
2014-09-11 15:59 - 2013-11-04 11:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java Development Kit
2014-09-11 15:55 - 2012-04-19 14:21 - 00000000 ____D () C:\Windows\Minidump
2014-09-11 15:34 - 2014-09-11 15:33 - 04902336 _____ (Piriform Ltd) C:\Users\Cristian\Downloads\ccsetup417pro.exe
2014-09-11 15:34 - 2014-04-20 19:46 - 00000784 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-09-11 15:34 - 2014-04-20 19:46 - 00000000 ___DC () C:\Program Files\CCleaner
2014-09-11 14:27 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\L2Schemas
2014-09-11 14:13 - 2014-09-11 14:13 - 00001104 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-09-11 14:13 - 2014-09-11 14:13 - 00000000 ___DC () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-09-11 14:13 - 2014-09-11 14:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-09-11 14:13 - 2014-09-11 14:13 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-09-11 14:12 - 2014-09-11 14:12 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Cristian\Downloads\mbam-setup-2.0.2.1012 (1).exe
2014-09-11 14:08 - 2014-09-11 14:08 - 00321848 _____ (Malwarebytes Corporation) C:\Users\Cristian\Downloads\mbam-clean-2.1.1.1001.exe
2014-09-11 14:07 - 2011-12-17 12:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Razer
2014-09-11 13:40 - 2012-04-13 10:23 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-09-11 13:36 - 2014-09-11 13:36 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Cristian\Downloads\mbam-setup-2.0.2.1012.exe
2014-09-10 16:31 - 2012-01-31 14:54 - 00000436 _____ () C:\Windows\system32\Drivers\etc\hosts.ics
2014-09-10 15:44 - 2013-04-06 13:48 - 00001087 _____ () C:\Users\Cristian\Desktop\Cheat Engine.lnk
2014-09-10 01:13 - 2014-09-10 01:13 - 02184800 _____ () C:\Users\Cristian\Downloads\1410325461004.webm
2014-09-09 17:03 - 2012-01-05 21:09 - 00002384 _____ () C:\Users\Cristian\Desktop\Google Chrome.lnk
2014-09-08 23:50 - 2014-09-08 23:50 - 00002771 _____ () C:\Users\Public\Desktop\Desktop Weather.lnk
2014-09-08 23:50 - 2014-09-08 23:50 - 00000000 ___DC () C:\Program Files (x86)\The Weather Channel
2014-09-08 23:50 - 2014-09-08 23:50 - 00000000 ____D () C:\Users\Cristian\AppData\Local\Downloaded Installations
2014-09-08 23:50 - 2014-09-08 23:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The Weather Channel
2014-09-08 23:50 - 2012-01-28 04:35 - 00001859 _____ () C:\Users\Public\Desktop\ooVoo.lnk
2014-09-08 23:50 - 2012-01-28 04:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ooVoo
2014-09-08 23:50 - 2012-01-28 04:35 - 00000000 ____D () C:\Program Files (x86)\ooVoo
2014-09-04 19:08 - 2014-09-04 19:08 - 14887549 _____ () C:\Users\Cristian\Downloads\ZygorGuidesWOW-v4.0.9307.zip
2014-08-26 23:46 - 2014-08-26 23:46 - 00371821 _____ () C:\Users\Cristian\Downloads\AdiBags-v1.6.16.zip
2014-08-26 18:58 - 2014-08-26 18:58 - 00010139 _____ () C:\Users\Cristian\Downloads\SnowfallKeyPress_1.4.zip
2014-08-26 18:57 - 2014-08-26 18:57 - 00152613 _____ () C:\Users\Cristian\Downloads\Reforgenator-v2.4.3.zip
2014-08-26 18:56 - 2014-08-26 18:56 - 00141820 _____ () C:\Users\Cristian\Downloads\Bagnon_5.4.15.zip
2014-08-26 18:55 - 2014-08-26 18:55 - 00576660 _____ () C:\Users\Cristian\Downloads\Archy-1.8.44.zip
2014-08-26 18:55 - 2014-08-26 18:55 - 00246174 _____ () C:\Users\Cristian\Downloads\Auctionator_v0315.zip
2014-08-26 18:54 - 2014-08-26 18:54 - 00431914 _____ () C:\Users\Cristian\Downloads\TomTom-v50400-1.0.0.zip
2014-08-26 18:54 - 2014-08-26 18:54 - 00078297 _____ () C:\Users\Cristian\Downloads\Postal-v3.5.1 (1).zip
2014-08-26 18:53 - 2014-08-26 18:53 - 00078297 _____ () C:\Users\Cristian\Downloads\Postal-v3.5.1.zip
2014-08-26 18:52 - 2014-08-26 18:52 - 00299562 _____ () C:\Users\Cristian\Downloads\Bartender4-4.5.13.2.zip
2014-08-26 18:51 - 2014-08-26 18:51 - 00206661 _____ () C:\Users\Cristian\Downloads\_NPCScan.Overlay-5.4.8.3.zip
2014-08-26 18:50 - 2014-08-26 18:50 - 00381825 _____ () C:\Users\Cristian\Downloads\Recount-r1262.zip
2014-08-26 18:50 - 2014-08-26 18:50 - 00229180 _____ () C:\Users\Cristian\Downloads\_NPCScan-5.4.8.4.zip
2014-08-26 18:47 - 2014-08-26 18:47 - 01784075 _____ () C:\Users\Cristian\Downloads\DBM-Core-5.4.18.zip
2014-08-26 18:24 - 2013-06-29 20:34 - 00000000 ____D () C:\Program Files (x86)\World of Warcraft
2014-08-26 18:15 - 2014-08-26 18:15 - 01058200 _____ (Adobe) C:\Users\Cristian\Downloads\install_flashplayer14x32au_mssd_aaa_aih.exe
2014-08-26 17:47 - 2014-01-30 02:33 - 00000000 ___DC () C:\Program Files (x86)\Hearthstone
2014-08-26 15:15 - 2014-08-26 15:15 - 00001238 _____ () C:\Users\Public\Desktop\World of Warcraft.lnk
2014-08-26 15:15 - 2014-08-26 15:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\World of Warcraft
2014-08-26 15:10 - 2014-08-26 15:10 - 02942368 _____ (Blizzard Entertainment) C:\Users\Cristian\Downloads\World-of-Warcraft-Setup-enUS.exe
2014-08-25 21:26 - 2014-08-25 20:47 - 00000000 ____D () C:\Users\Cristian\AppData\Local\AOL
2014-08-24 10:21 - 2013-11-11 18:25 - 00000000 ____D () C:\ProgramData\GFACE
2014-08-24 10:21 - 2013-05-05 05:22 - 00000000 ____D () C:\Program Files (x86)\Secret Identity Studios
2014-08-24 10:20 - 2013-09-05 19:47 - 00000000 ____D () C:\Program Files (x86)\Zenimax Online
2014-08-24 10:14 - 2014-08-24 10:13 - 00000000 ____D () C:\Users\Cristian\Downloads\spacesniffer_1_1_4_0
2014-08-24 10:13 - 2014-08-24 10:13 - 01536858 _____ () C:\Users\Cristian\Downloads\spacesniffer_1_1_4_0.zip
2014-08-24 10:12 - 2014-08-24 10:06 - 00000000 ____D () C:\Users\Cristian\Downloads\myuninst
2014-08-24 10:05 - 2014-08-24 10:05 - 00046124 _____ () C:\Users\Cristian\Downloads\myuninst.zip
2014-08-24 02:19 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-08-24 01:55 - 2013-11-04 11:32 - 00000000 ____D () C:\ProgramData\Oracle
2014-08-24 01:55 - 2011-10-06 01:02 - 00000000 ____D () C:\Program Files (x86)\Java
2014-08-24 01:50 - 2014-08-24 01:50 - 00000003 _____ () C:\Windows\system32\HRUPPROG.EXIT
2014-08-24 01:50 - 2013-08-06 10:51 - 00000003 _____ () C:\Windows\system32\HRUPPROG.TXT
2014-08-22 22:07 - 2014-08-28 13:46 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-08-22 21:45 - 2014-08-28 13:46 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-08-22 20:59 - 2014-08-28 13:46 - 03163648 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-08-19 14:05 - 2014-09-14 13:35 - 00374968 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-08-19 13:39 - 2014-09-14 13:35 - 00327872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
 
Some content of TEMP:
====================
C:\Users\Cristian\AppData\Local\Temp\kxrcezm.dll
C:\Users\Cristian\AppData\Local\Temp\ocutlkm.dll
C:\Users\Cristian\AppData\Local\Temp\rwklffc.dll
 
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2014-09-16 07:23
 
==================== End Of Log ============================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 12-09-2014
Ran by Cristian at 2014-09-18 18:28:34
Running from C:\Users\Cristian\Downloads
Boot Mode: Normal
==========================================================
 
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Microsoft Security Essentials (Enabled - Up to date) {4F35CFC4-45A3-FC37-EF17-759A02E39AB1}
AS: Microsoft Security Essentials (Enabled - Up to date) {F4542E20-6399-F3B9-D5A7-4EE87964D00C}
 
==================== Installed Programs ======================
 
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
Accidental Damage Services Agreement (HKLM-x32\...\{330B7AAD-B2FE-4989-B02A-DDA5A174FCDF}) (Version: 2.0.0 - Dell Inc.)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 2.5.1.17730 - Adobe Systems Inc.)
Adobe AIR (x32 Version: 2.5.1.17730 - Adobe Systems Inc.) Hidden
Adobe Community Help (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.4.980 - Adobe Systems Incorporated.)
Adobe Community Help (x32 Version: 3.4.980 - Adobe Systems Incorporated.) Hidden
Adobe Flash Player 13 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 13.0.0.214 - Adobe Systems Incorporated)
Adobe Flash Player 15 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 15.0.0.152 - Adobe Systems Incorporated)
Adobe Photoshop CS5.1 (HKLM-x32\...\{9158FF30-78D7-40EF-B83E-451AC5334640}) (Version: 12.1 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.08) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.08 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.0 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.0.2.122 - Adobe Systems, Inc.)
Advanced Audio FX Engine (HKLM-x32\...\Advanced Audio FX Engine) (Version: 1.12.05 - Creative Technology Ltd)
Alienware M14x Manual (HKLM-x32\...\InstallShield_{B90A9452-2233-4B2A-8277-5DC4FEC239CB}) (Version: 1.0.1.0 - Alienware Corp.)
Alienware M14x Manual (Version: 1.0.1.0 - Alienware Corp.) Hidden
Apple Application Support (HKLM-x32\...\{78002155-F025-4070-85B3-7C0453561701}) (Version: 3.0.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{B678797F-DF38-4556-8A31-8B818E261868}) (Version: 8.0.0.23 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Banctec Service Agreement (HKLM-x32\...\{BD4B02C1-0271-4D7D-A850-19DE2E5CDF83}) (Version: 2.0.0 - Dell Inc.)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
BitRaider Web Client (HKLM-x32\...\BitRaider Web Client) (Version: 1.1.9.4 - BitRaider, LLC)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Borderlands 2 OST Sample (HKLM-x32\...\Borderlands 2 OST Sample) (Version:  - GameStop)
CCleaner (HKLM\...\CCleaner) (Version: 4.17 - Piriform)
Cheat Engine 6.2 (HKLM-x32\...\Cheat Engine 6.2_is1) (Version:  - Dark Byte)
Command Center (HKLM-x32\...\InstallShield_{A3A06A93-1106-4110-AE11-F9EC3A33322F}) (Version: 2.6.8.0 - Alienware Corp.)
Command Center (Version: 2.6.8.0 - Alienware Corp.) Hidden
DAEMON Tools Pro (HKLM-x32\...\DAEMON Tools Pro) (Version: 5.1.0.0333 - DT Soft Ltd)
Dell System Detect (HKCU\...\9204f5692a8faf3b) (Version: 3.3.2.1 - Dell)
Download Updater (AOL Inc.) (HKLM-x32\...\SoftwareUpdUtility) (Version:  - AOL Inc.) <==== ATTENTION
EMSC (x32 Version: 0.0.0.22C - Compal Electronics, Inc.) Hidden
Google Chrome (HKCU\...\Google Chrome) (Version: 37.0.2062.120 - Google Inc.)
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
Hearthstone (HKLM-x32\...\Hearthstone) (Version:  - Blizzard Entertainment)
Hi-Rez Studios Authenticate and Update Service (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF1FC}) (Version: 3.0.0.0 - Hi-Rez Studios)
HP Officejet 6500 E710n-z Basic Device Software (HKLM\...\{D79A5962-7305-41B9-A39E-A98AB598F372}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Officejet 6500 E710n-z Help (HKLM-x32\...\{130E5108-547F-4482-91EE-F45C784E08C7}) (Version: 140.0.2.2 - Hewlett Packard)
HP Officejet 6500 E710n-z Product Improvement Study (HKLM\...\{4207BD5E-6F51-4C57-BC86-A0EBE9088A30}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.9572 - HP)
HP Update (HKLM-x32\...\{97486FBE-A3FC-4783-8D55-EA37E9D171CC}) (Version: 5.005.000.002 - Hewlett-Packard)
HWiNFO64 Version 3.94 (HKLM\...\HWiNFO64_is1) (Version: 3.94 - Martin Malík - REALiX)
I.R.I.S. OCR (HKLM-x32\...\{CA6BCA2F-EDEB-408F-850B-31404BE16A61}) (Version: 12.3.4.0 - HP)
iCloud (HKLM\...\{81E20D41-C277-4526-934D-F2380AF91B78}) (Version: 3.1.0.40 - Apple Inc.)
Integrated Webcam Live! Central (HKLM-x32\...\Integrated Webcam Live! Central) (Version: 2.00.46 - Creative Technology Ltd)
Intel PROSet Wireless (Version:  - ) Hidden
Intel® Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel® PRO/Wireless Driver (Version: 16.07.0000.0730 - Intel Corporation) Hidden
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.3347 - Intel Corporation)
Intel® PROSet/Wireless for Bluetooth® + High Speed (Version: 16.6.0.0128 - Intel Corporation) Hidden
Intel® Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.1.0.1008 - Intel Corporation)
Intel® SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
Intel® Wireless Display (HKLM-x32\...\{F84906ED-BB54-4889-B131-FED9C9056FC8}) (Version: 2.0.27.0 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{440d014b-4444-4533-b96d-2910e1ca2bcf}) (Version: 16.7.0 - Intel Corporation)
Intel® PROSet/Wireless WiFi Software (Version: 16.7.0.0297 - Intel Corporation) Hidden
iTunes (HKLM\...\{F46AA0F1-E284-4878-A462-5F11B9166C0E}) (Version: 11.4.0.18 - Apple Inc.)
Java 7 Update 67 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.670 - Oracle)
Java Auto Updater (x32 Version: 2.1.67.1 - Oracle, Inc.) Hidden
Java™ 6 Update 31 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86416031FF}) (Version: 6.0.310 - Oracle)
Java™ SE Development Kit 6 Update 31 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0160310}) (Version: 1.6.0.310 - Oracle)
Malwarebytes Anti-Malware version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Games for Windows - LIVE (HKLM-x32\...\{F112F66E-25CA-42DD-983C-6118EB38F606}) (Version: 3.0.89.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{2E660A2A-A55F-43CD-9F73-CAD7382EEB78}) (Version: 3.0.19.0 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-001B-0000-0000-0000000FF1CE}_WORD_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden
Microsoft Office Shared 64-bit MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word 2007 (HKLM-x32\...\WORD) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Word 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Security Client (Version: 4.6.0305.0 - Microsoft Corporation) Hidden
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.6.305.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{820B6609-4C97-3A2B-B644-573B06A0F0CC}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
Microsoft_VC80_ATL_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_ATL_x86_x64 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_CRT_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_CRT_x86_x64 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFC_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFC_x86_x64 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFCLOC_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFCLOC_x86_x64 (Version: 80.50727.4053 - Adobe) Hidden
Microsoft_VC90_ATL_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_ATL_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_CRT_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_CRT_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFC_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFC_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFCLOC_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFCLOC_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
Mozilla Firefox 9.0.1 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 9.0.1 (x86 en-US)) (Version: 9.0.1 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Naga Firmware Updater 1.13 (HKLM-x32\...\{5A336D74-E680-4986-96F4-E9CEBC784F56}) (Version: 1.13.01 - Razer)
NVIDIA 3D Vision Driver 340.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 340.52 - NVIDIA Corporation)
NVIDIA Control Panel 340.52 (Version: 340.52 - NVIDIA Corporation) Hidden
NVIDIA GeForce Experience 2.1.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1.1 - NVIDIA Corporation)
NVIDIA Graphics Driver 340.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 340.52 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.30.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.30.1 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.157.1165 - NVIDIA Corporation) Hidden
NVIDIA LED Visualizer 1.0 (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA Network Service (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA Optimus Update 15.3.33 (Version: 15.3.33 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.13.1220 - NVIDIA Corporation) Hidden
NVIDIA PhysX System Software 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)
NVIDIA ShadowPlay 15.3.33 (Version: 15.3.33 - NVIDIA Corporation) Hidden
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.12.6514 - NVIDIA Corporation) Hidden
NVIDIA Update 15.3.33 (Version: 15.3.33 - NVIDIA Corporation) Hidden
NVIDIA Update Core (Version: 15.3.33 - NVIDIA Corporation) Hidden
NVIDIA Virtual Audio 1.2.23 (Version: 1.2.23 - NVIDIA Corporation) Hidden
ooVoo (HKLM-x32\...\{FAA7F8FF-3C05-4A61-8F14-D8A6E9ED6623}) (Version: 3.6.5001 - ooVoo LLC.)
Origin (HKLM-x32\...\Origin) (Version: 9.4.7.2799 - Electronic Arts, Inc.)
PDF Settings CS5 (x32 Version: 10.0 - Adobe Systems Incorporated) Hidden
QuickTime 7 (HKLM-x32\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)
Razer Core (HKLM-x32\...\Razer Core) (Version: 1.0.1.66 - Razer Inc)
Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.1.7601.28099 - Realtek Semiconductor Corp.)
Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.0.32.0 - Renesas Electronics Corporation)
Renesas Electronics USB 3.0 Host Controller Driver (x32 Version: 2.0.32.0 - Renesas Electronics Corporation) Hidden
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Rosetta Stone Version 3 (HKLM-x32\...\{99011A6E-5200-11DE-BDB8-7ACD56D89593}) (Version: 3.4.5.0 - Rosetta Stone Ltd.)
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.3.2300.0 - SAMSUNG Electronics Co., Ltd.)
SHIELD Streaming (Version: 3.1.100 - NVIDIA Corporation) Hidden
Skype Click to Call (HKLM-x32\...\{B6CF2967-C81E-40C0-9815-C05774FEF120}) (Version: 5.9.9216 - Skype Technologies S.A.)
Skype™ 6.11 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.)
Smite (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF017}) (Version: 1.0.2268.2 - Hi-Rez Studios)
Snagit 11 (HKLM-x32\...\{44BD21C2-9132-48DB-B65B-23817E4C6F4B}) (Version: 11.2.0 - TechSmith Corporation)
Sound Blaster X-Fi MB (HKLM-x32\...\{75CE8AF5-0A5E-4A42-BC67-F83591DA9A7D}) (Version: 1.0 - Creative Technology Limited)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.1.19.0 - Synaptics Incorporated)
System Requirements Lab for Intel (HKLM-x32\...\{1EBDF6D2-CEA0-484C-A23E-2DDAD7FD0DD0}) (Version: 4.5.22.0 - Husdawg, LLC)
Team Fortress 2 (HKLM-x32\...\Steam App 440) (Version:  - Valve)
TeamSpeak 3 Client (HKLM-x32\...\TeamSpeak 3 Client) (Version:  - TeamSpeak Systems GmbH)
The Weather Channel App (HKLM-x32\...\{167158CE-1637-4167-8A1C-C2549EEA966A}) (Version: 1.00.0000 - The Weather Channel)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-001B-0000-0000-0000000FF1CE}_WORD_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update for Microsoft Office 2007 Help for Common Features (KB963673) (HKLM-x32\...\{90120000-006E-0409-0000-0000000FF1CE}_WORD_{AB365889-0395-4FAD-B702-CA5985D53D42}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (HKLM-x32\...\{90120000-001B-0000-0000-0000000FF1CE}_WORD_{A024FC7B-77DE-45DE-A058-1C049A17BFB3}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-001B-0000-0000-0000000FF1CE}_WORD_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-002A-0000-1000-0000000FF1CE}_WORD_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (HKLM-x32\...\{90120000-001B-0000-0000-0000000FF1CE}_WORD_{E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}) (Version:  - Microsoft)
Update for Microsoft Office Script Editor Help (KB963671) (HKLM-x32\...\{90120000-006E-0409-0000-0000000FF1CE}_WORD_{CD11C6A2-FFC6-4271-8EAB-79C3582F505C}) (Version:  - Microsoft)
Update for Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0409-0000-0000000FF1CE}_WORD_{80E762AA-C921-4839-9D7D-DB62A72C0726}) (Version:  - Microsoft)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.1.5 - VideoLAN)
WinPatrol (HKLM\...\{84481A87-2316-4923-8FAB-3BA8CA29323D}) (Version: 30.5.2014.1 - BillP Studios)
World of Warcraft (HKLM-x32\...\World of Warcraft) (Version:  - Blizzard Entertainment)
Zipeg (HKCU\...\Zipeg) (Version: 2.9.3.1316 - http://zipeg.com)
 
==================== Custom CLSID (selected items): ==========================
 
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
 
 
==================== Restore Points  =========================
 
11-09-2014 17:27:57 Revo Uninstaller's restore point - Malwarebytes Anti-Malware version 2.0.2.1012
11-09-2014 17:56:56 Revo Uninstaller's restore point - Malwarebytes Anti-Malware version 2.0.2.1012
11-09-2014 18:06:49 Revo Uninstaller's restore point - Razer Synapse 2.0
14-09-2014 17:07:15 Windows Update
14-09-2014 17:25:21 Windows Update
15-09-2014 23:19:31 Revo Uninstaller's restore point - µTorrent
18-09-2014 01:56:58 Windows Update
 
==================== Hosts content: ==========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2009-07-13 22:34 - 2014-04-19 23:08 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1       localhost
 
==================== Scheduled Tasks (whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
 
Task: {0F94B938-BAEE-44A5-B6FB-6A2FBBD6EDA9} - System32\Tasks\Google Updater and Installer => C:\Users\Cristian\AppData\Local\Google\Update\GoogleUpdate.exe [2012-01-05] (Google Inc.)
Task: {1AF25842-6B7B-4AED-9A3F-D8D0ACDCDA06} - System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-354275357-2975866954-2258388748-1002 => C:\Program Files (x86)\RealNetworks\RealDownloader\realupgrade.exe
Task: {3E0AA2E2-C7E8-4C1D-90E6-26A4536DA190} - System32\Tasks\Apple Diagnostics => C:\Program Files (x86)\Common Files\Apple\Internet Services\EReporter.exe [2013-11-20] (Apple Inc.)
Task: {415DF69F-EEB1-4F12-B9F8-0E9CE7A5FA23} - System32\Tasks\RealDownloaderDownloaderScheduledTaskS-1-5-21-354275357-2975866954-2258388748-1002 => C:\Program Files (x86)\RealNetworks\RealDownloader\recordingmanager.exe
Task: {42C3D3ED-843D-4054-B7DA-3CA6A791CF79} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-05-02] (Google Inc.)
Task: {486E94E7-B192-4309-8964-E381C2493047} - System32\Tasks\Razer_Game_Booster_AutoUpdate => C:\Program Files (x86)\Razer\Razer Game Booster\AutoUpdate.exe
Task: {68FF2F2A-997B-4843-8D9B-8C61EE9565E3} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-08-21] (Piriform Ltd)
Task: {7B378915-855F-46A4-BFF8-80A48D9C487F} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-354275357-2975866954-2258388748-1002Core => C:\Users\Cristian\AppData\Local\Google\Update\GoogleUpdate.exe [2012-01-05] (Google Inc.)
Task: {7E893B3C-D7E2-431B-932F-12023238523F} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2014-07-25] (Oracle Corporation)
Task: {80A89EA9-F2E9-4FF3-A32D-4C0D86307738} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {82651804-EEEE-4D8F-BB16-D11151983824} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-05-02] (Google Inc.)
Task: {A4D864B0-4E95-4103-9921-3BA12E46C3A7} - System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-354275357-2975866954-2258388748-1002 => C:\Program Files (x86)\RealNetworks\RealDownloader\realupgrade.exe
Task: {B8F5D65F-C934-4F0D-88EE-3BEDEF347244} - System32\Tasks\{C1BB9BB2-DB17-77CC-E708-BA35256B92ED} => C:\Windows\system32\yosbiva.dll [2014-09-16] ()
Task: {D99E1302-037E-45ED-9901-50DB3DFCB83A} - System32\Tasks\AdobeAAMUpdater-1.0-SexyPants-Cristian => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2011-03-15] (Adobe Systems Incorporated)
Task: {D9A5AF7F-9695-4FCC-99E4-2F52CDE0B74A} - System32\Tasks\HPCustParticipation HP Officejet 6500 E710n-z => C:\Program Files\HP\HP Officejet 6500 E710n-z\Bin\HPCustPartic.exe [2012-10-17] (Hewlett-Packard Co.)
Task: {E5AA9BD5-0BF0-4978-8D50-CB419E806DFF} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-354275357-2975866954-2258388748-1002UA => C:\Users\Cristian\AppData\Local\Google\Update\GoogleUpdate.exe [2012-01-05] (Google Inc.)
Task: {F0240E36-CAC0-476F-B6B9-8CAA33CAB5C8} - System32\Tasks\Adobe online update program => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-12-21] (Adobe Systems Incorporated)
Task: {F1E9F17D-79B9-4B77-9E08-A0237AC34707} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-09-16] (Adobe Systems Incorporated)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-354275357-2975866954-2258388748-1002Core.job => C:\Users\Cristian\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-354275357-2975866954-2258388748-1002UA.job => C:\Users\Cristian\AppData\Local\Google\Update\GoogleUpdate.exe
 
==================== Loaded Modules (whitelisted) =============
 
2014-06-01 20:45 - 2014-06-01 20:45 - 00075136 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2014-06-01 20:45 - 2014-06-01 20:45 - 00189248 _____ () C:\Windows\SysWOW64\PnkBstrB.exe
2011-10-06 02:31 - 2011-05-03 22:33 - 00094208 _____ () C:\WINDOWS\System32\IccLibDll_x64.dll
2014-04-14 15:41 - 2014-04-14 15:41 - 00039192 ____C () C:\Program Files\CCleaner\branding.dll
2011-10-06 01:17 - 2011-10-06 01:20 - 00085944 _____ () C:\Windows\Microsoft.Net\assembly\GAC_MSIL\AlienLabsTools\v4.0_2.6.8.0__bebb3c8816410241\AlienLabsTools.dll
2011-10-06 01:20 - 2011-10-06 01:20 - 00037840 _____ () C:\Windows\Microsoft.Net\assembly\GAC_MSIL\Alienlabs.CommandCenter.Tools\v4.0_2.6.8.0__bebb3c8816410241\Alienlabs.CommandCenter.Tools.dll
2014-01-20 14:17 - 2014-01-20 14:17 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-01-20 14:16 - 2014-01-20 14:16 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2012-04-13 10:18 - 2014-07-02 16:48 - 00013272 _____ () C:\Program Files (x86)\NVIDIA Corporation\CoProcManager\detoured.dll
2014-09-09 17:03 - 2014-09-03 23:01 - 01098056 _____ () C:\Users\Cristian\AppData\Local\Google\Chrome\Application\37.0.2062.120\libglesv2.dll
2014-09-09 17:03 - 2014-09-03 23:01 - 00174408 _____ () C:\Users\Cristian\AppData\Local\Google\Chrome\Application\37.0.2062.120\libegl.dll
2014-09-12 20:19 - 2014-09-12 20:19 - 26065408 ____C () C:\Program Files (x86)\Battle.net\Battle.net.5011\libcef.dll
2014-09-12 20:19 - 2014-09-12 20:19 - 00739840 ____C () C:\Program Files (x86)\Battle.net\Battle.net.5011\libglesv2.dll
2014-09-12 20:19 - 2014-09-12 20:19 - 00130048 ____C () C:\Program Files (x86)\Battle.net\Battle.net.5011\libegl.dll
2014-09-09 17:03 - 2014-09-03 23:01 - 08577864 _____ () C:\Users\Cristian\AppData\Local\Google\Chrome\Application\37.0.2062.120\pdf.dll
2014-09-09 17:03 - 2014-09-03 23:01 - 00331592 _____ () C:\Users\Cristian\AppData\Local\Google\Chrome\Application\37.0.2062.120\ppGoogleNaClPluginChrome.dll
2014-09-09 17:03 - 2014-09-03 23:01 - 01660232 _____ () C:\Users\Cristian\AppData\Local\Google\Chrome\Application\37.0.2062.120\ffmpegsumo.dll
2014-09-09 17:03 - 2014-09-03 23:01 - 14891848 _____ () C:\Users\Cristian\AppData\Local\Google\Chrome\Application\37.0.2062.120\PepperFlash\pepflashplayer.dll
 
==================== Alternate Data Streams (whitelisted) =========
 
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
 
 
==================== Safe Mode (whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
 
==================== EXE Association (whitelisted) =============
 
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
 
 
==================== MSCONFIG/TASK MANAGER disabled items =========
 
(Currently there is no automatic fix for this section.)
 
MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3
MSCONFIG\Services: AlienFusionService => 2
MSCONFIG\Services: Apple Mobile Device => 2
MSCONFIG\Services: Bonjour Service => 2
MSCONFIG\Services: BRSptSvc => 3
MSCONFIG\Services: FLEXnet Licensing Service => 3
MSCONFIG\Services: iPod Service => 3
MSCONFIG\Services: MBAMScheduler => 2
MSCONFIG\Services: MBAMService => 2
MSCONFIG\Services: SkypeUpdate => 2
MSCONFIG\Services: Steam Client Service => 3
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: AdobeCS5.5ServiceManager => "C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" -launchedbylogin
MSCONFIG\startupreg: ApnTBMon => "C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe"
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: AVG_UI => "C:\Program Files (x86)\AVG\AVG2013\avgui.exe" /TRAYONLY
MSCONFIG\startupreg: CTMasterOnOffMonitor => Rundll32.exe CTMWatch.dll StartCTMasterOnOffWatch
MSCONFIG\startupreg: DAEMON Tools Pro Agent => "C:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe" -autorun
MSCONFIG\startupreg: Desktop Disc Tool => "C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe"
MSCONFIG\startupreg: HP Software Update => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
MSCONFIG\startupreg: Integrated Webcam Live! Central => "C:\Program Files (x86)\Integrated Webcam\Live! Central\WebcamInt.exe" /mode2
MSCONFIG\startupreg: NvBackend => "C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
MSCONFIG\startupreg: Nvtmru => "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe"  -f "C:\ProgramData\NVIDIA\Updatus\NvTmru\nvtmru.dat"
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: RoxWatchTray => "C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe"
MSCONFIG\startupreg: RunDLLEntry => C:\Windows\system32\RunDLL32.exe C:\Windows\system32\AmbRunE.dll,RunDLLEntry
MSCONFIG\startupreg: ShadowPlay => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
MSCONFIG\startupreg: Steam => "C:\Users\Cristian\Steam\Steam.exe" -silent
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: SwitchBoard => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
MSCONFIG\startupreg: VNT => C:\Program Files (x86)\VNT\vntldr.exe
 
==================== Faulty Device Manager Devices =============
 
Name: 
Description: 
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (09/16/2014 07:31:14 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "36.0.1985.143,language="&#x2a;",type="win32",version="36.0.1985.143"1".
Dependent Assembly 36.0.1985.143,language="&#x2a;",type="win32",version="36.0.1985.143" could not be found.
Please use sxstrace.exe for detailed diagnosis.
 
Error: (09/15/2014 08:11:05 PM) (Source: Chrome) (EventID: 1) (User: SexyPants)
Description: Chrome has encountered a fatal error.
ver=36.0.1985.143;lang=;guid=;is_machine=0;oop=1;upload=1;minidump=C:\Users\Cristian\AppData\Local\Google\CrashReports\6ae31939-1f10-49d2-bfcc-d5f7f6114eb3.dmp
 
Error: (09/14/2014 05:37:05 AM) (Source: ESENT) (EventID: 455) (User: )
Description: wuaueng.dll (944) SUS20ClientDataStore: Error -1022 (0xfffffc02) occurred while opening logfile C:\Windows\SoftwareDistribution\DataStore\Logs\edb.log.
 
Error: (09/14/2014 05:37:05 AM) (Source: ESENT) (EventID: 489) (User: )
Description: wuaueng.dll (944) SUS20ClientDataStore: An attempt to open the file "C:\Windows\SoftwareDistribution\DataStore\Logs\edb.log" for read only access failed with system error 1392 (0x00000570): "The file or directory is corrupted and unreadable. ".  The open file operation will fail with error -1022 (0xfffffc02).
 
Error: (09/14/2014 05:37:05 AM) (Source: ESENT) (EventID: 455) (User: )
Description: wuaueng.dll (944) SUS20ClientDataStore: Error -1022 (0xfffffc02) occurred while opening logfile C:\Windows\SoftwareDistribution\DataStore\Logs\edb.log.
 
Error: (09/14/2014 05:37:05 AM) (Source: ESENT) (EventID: 489) (User: )
Description: wuaueng.dll (944) SUS20ClientDataStore: An attempt to open the file "C:\Windows\SoftwareDistribution\DataStore\Logs\edb.log" for read only access failed with system error 1392 (0x00000570): "The file or directory is corrupted and unreadable. ".  The open file operation will fail with error -1022 (0xfffffc02).
 
Error: (09/14/2014 05:37:05 AM) (Source: ESENT) (EventID: 490) (User: )
Description: wuaueng.dll (944) SUS20ClientDataStore: An attempt to open the file "C:\Windows\SoftwareDistribution\DataStore\Logs\edb.chk" for read / write access failed with system error 1392 (0x00000570): "The file or directory is corrupted and unreadable. ".  The open file operation will fail with error -1022 (0xfffffc02).
 
Error: (09/14/2014 05:37:05 AM) (Source: ESENT) (EventID: 455) (User: )
Description: wuaueng.dll (944) SUS20ClientDataStore: Error -1022 (0xfffffc02) occurred while opening logfile C:\Windows\SoftwareDistribution\DataStore\Logs\edb.log.
 
Error: (09/14/2014 05:37:05 AM) (Source: ESENT) (EventID: 489) (User: )
Description: wuaueng.dll (944) SUS20ClientDataStore: An attempt to open the file "C:\Windows\SoftwareDistribution\DataStore\Logs\edb.log" for read only access failed with system error 1392 (0x00000570): "The file or directory is corrupted and unreadable. ".  The open file operation will fail with error -1022 (0xfffffc02).
 
Error: (09/14/2014 05:37:05 AM) (Source: ESENT) (EventID: 455) (User: )
Description: wuaueng.dll (944) SUS20ClientDataStore: Error -1022 (0xfffffc02) occurred while opening logfile C:\Windows\SoftwareDistribution\DataStore\Logs\edb.log.
 
 
System errors:
=============
Error: (09/18/2014 06:27:55 PM) (Source: Ntfs) (EventID: 55) (User: )
Description: The file system structure on the disk is corrupt and unusable.
Please run the chkdsk utility on the volume OS.
 
Error: (09/18/2014 06:12:57 PM) (Source: Ntfs) (EventID: 55) (User: )
Description: The file system structure on the disk is corrupt and unusable.
Please run the chkdsk utility on the volume OS.
 
Error: (09/18/2014 08:26:25 AM) (Source: Ntfs) (EventID: 55) (User: )
Description: The file system structure on the disk is corrupt and unusable.
Please run the chkdsk utility on the volume C:.
 
Error: (09/18/2014 08:26:25 AM) (Source: Ntfs) (EventID: 55) (User: )
Description: The file system structure on the disk is corrupt and unusable.
Please run the chkdsk utility on the volume OS.
 
Error: (09/18/2014 08:08:41 AM) (Source: Ntfs) (EventID: 55) (User: )
Description: The file system structure on the disk is corrupt and unusable.
Please run the chkdsk utility on the volume OS.
 
Error: (09/18/2014 08:08:05 AM) (Source: Ntfs) (EventID: 55) (User: )
Description: The file system structure on the disk is corrupt and unusable.
Please run the chkdsk utility on the volume OS.
 
Error: (09/18/2014 08:08:05 AM) (Source: Ntfs) (EventID: 55) (User: )
Description: The file system structure on the disk is corrupt and unusable.
Please run the chkdsk utility on the volume C:.
 
Error: (09/18/2014 08:08:01 AM) (Source: Ntfs) (EventID: 55) (User: )
Description: The file system structure on the disk is corrupt and unusable.
Please run the chkdsk utility on the volume OS.
 
Error: (09/18/2014 08:08:01 AM) (Source: Ntfs) (EventID: 55) (User: )
Description: The file system structure on the disk is corrupt and unusable.
Please run the chkdsk utility on the volume C:.
 
Error: (09/18/2014 08:07:54 AM) (Source: Ntfs) (EventID: 55) (User: )
Description: The file system structure on the disk is corrupt and unusable.
Please run the chkdsk utility on the volume OS.
 
 
Microsoft Office Sessions:
=========================
 
CodeIntegrity Errors:
===================================
  Date: 2014-05-25 12:21:29.250
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\WINDOWS\System32\drivers\nusb3xhc.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2014-05-25 12:21:29.141
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\WINDOWS\System32\drivers\nusb3xhc.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2014-04-20 10:39:30.066
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2014-04-20 10:39:29.996
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2014-04-20 10:39:29.925
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2014-04-20 10:39:29.855
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2014-04-19 23:08:25.976
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2014-04-19 23:08:25.911
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2014-04-19 23:08:25.844
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2014-04-19 23:08:25.778
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
 
==================== Memory info =========================== 
 
Processor: Intel® Core™ i7-2670QM CPU @ 2.20GHz
Percentage of memory in use: 50%
Total physical RAM: 8139.86 MB
Available physical RAM: 4010.53 MB
Total Pagefile: 16277.9 MB
Available Pagefile: 11904.69 MB
Total Virtual: 8192 MB
Available Virtual: 8191.85 MB
 
==================== Drives ================================
 
Drive c: (OS) (Fixed) (Total:445.99 GB) (Free:125.24 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 465.8 GB) (Disk ID: 0C2C8A01)
Partition 1: (Not Active) - (Size=39 MB) - (Type=DE)
Partition 2: (Active) - (Size=19.7 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=446 GB) - (Type=07 NTFS)
 
==================== End Of Log ============================


#5 aharonov

aharonov

  • Malware Response Team
  • 2,441 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:04:53 PM

Posted 18 September 2014 - 05:52 PM

Ok, please continue with this:


Step 1

Please download this attached Attached File  fixlist.txt   356bytes   3 downloads and save it in the same directory as FRST.
  • Start FRST with Administrator privileges.
  • Press the Fix button.
  • When finished, a log file (Fixlog.txt) pops up and is saved to the same location the tool was run from.
    Please copy and paste its contents in your next reply.


Step 2

Please download the ESET Online Scanner and save it to your Desktop.
  • Disable the realtime-protection of your antivirus and anti-malware programs because they might interfere with the scan.
  • Start esetsmartinstaller_enu.exe with administartor privileges.
  • Select the option Yes, I accept the Terms of Use and click on Start.
  • Make sure that the option Remove found threats is NOT checked, and the option Scan archives is checked.
  • Now click on Advanced Settings and select the following:
    • Scan for potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth Technology
  • Click on Start. The virus signature database will begin to download. This may take some time.
  • When completed the Online Scan will begin automatically.
    Note: This scan might take a long time! Please be patient.
  • When completed select Uninstall application on close if you so wish, but make sure you copy the logfile first!
  • Now click on Finish
  • A log file is created at C:\Program Files\ESET\EsetOnlineScanner\log.txt.
    Copy and paste the content of this log file in your next reply.
Note: Do not forget to re-enable your antivirus application after running the above scan!



Step 3

Start FRST with administator privileges.
  • Make sure the option Addition.txt (under Optional Scan) is checked.
  • Press the Scan button.
  • When finished, FRST will produce two logs (FRST.txt and Addition.txt) in the same directory the tool was run from.
    Please copy and paste these logs in your next reply.


#6 CBermudez0415

CBermudez0415
  • Topic Starter

  • Members
  • 55 posts
  • OFFLINE
  •  
  • Local time:10:53 AM

Posted 18 September 2014 - 06:51 PM

In the middle of my fix it my pc bluescreened with a kernel error


Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 12-09-2014
Ran by Cristian at 2014-09-18 19:24:43 Run:3
Running from C:\Users\Cristian\Downloads
Boot Mode: Normal
==============================================
 
Content of fixlist:
*****************
CloseProcesses:
2014-09-16 00:00 - 2014-09-16 00:00 - 00079872 _____ () C:\Windows\system32\yosbiva.dll
2014-09-16 00:00 - 2014-09-16 00:00 - 00000000 _____ () C:\Windows\system32\hwfhm.dll
Task: {B8F5D65F-C934-4F0D-88EE-3BEDEF347244} - System32\Tasks\{C1BB9BB2-DB17-77CC-E708-BA35256B92ED} => C:\Windows\system32\yosbiva.dll [2014-09-16] ()
EmptyTemp:
*****************
 
Processes closed successfully.
C:\Windows\system32\yosbiva.dll => Moved successfully.
Could not move "C:\Windows\system32\hwfhm.dll" => Scheduled to move on reboot.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{B8F5D65F-C934-4F0D-88EE-3BEDEF347244}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B8F5D65F-C934-4F0D-88EE-3BEDEF347244}" => Key deleted successfully.
C:\Windows\System32\Tasks\{C1BB9BB2-DB17-77CC-E708-BA35256B92ED} => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{C1BB9BB2-DB17-77CC-E708-BA35256B92ED}" => Key deleted successfully.
 
=> Result of Scheduled Files to move (Boot Mode: Normal) (Date&Time: 2014-09-18 19:50:38)<=
 
==> ATTENTION: System is not rebooted.
C:\Windows\system32\hwfhm.dll => Is moved successfully.
 
==== End of Fixlog ====

I rebooted the computer and when I reopened FRST it gave me that log, I don't know if it's truly complete or not.



#7 CBermudez0415

CBermudez0415
  • Topic Starter

  • Members
  • 55 posts
  • OFFLINE
  •  
  • Local time:10:53 AM

Posted 18 September 2014 - 07:03 PM

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 12-09-2014
Ran by Cristian at 2014-09-18 19:24:43 Run:3
Running from C:\Users\Cristian\Downloads
Boot Mode: Normal
==============================================
 
Content of fixlist:
*****************
CloseProcesses:
2014-09-16 00:00 - 2014-09-16 00:00 - 00079872 _____ () C:\Windows\system32\yosbiva.dll
2014-09-16 00:00 - 2014-09-16 00:00 - 00000000 _____ () C:\Windows\system32\hwfhm.dll
Task: {B8F5D65F-C934-4F0D-88EE-3BEDEF347244} - System32\Tasks\{C1BB9BB2-DB17-77CC-E708-BA35256B92ED} => C:\Windows\system32\yosbiva.dll [2014-09-16] ()
EmptyTemp:
*****************
 
Processes closed successfully.
C:\Windows\system32\yosbiva.dll => Moved successfully.
Could not move "C:\Windows\system32\hwfhm.dll" => Scheduled to move on reboot.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{B8F5D65F-C934-4F0D-88EE-3BEDEF347244}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B8F5D65F-C934-4F0D-88EE-3BEDEF347244}" => Key deleted successfully.
C:\Windows\System32\Tasks\{C1BB9BB2-DB17-77CC-E708-BA35256B92ED} => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{C1BB9BB2-DB17-77CC-E708-BA35256B92ED}" => Key deleted successfully.
 
=> Result of Scheduled Files to move (Boot Mode: Normal) (Date&Time: 2014-09-18 19:50:38)<=
 
==> ATTENTION: System is not rebooted.
C:\Windows\system32\hwfhm.dll => Is moved successfully.
 
==== End of Fixlog ====


#8 CBermudez0415

CBermudez0415
  • Topic Starter

  • Members
  • 55 posts
  • OFFLINE
  •  
  • Local time:10:53 AM

Posted 18 September 2014 - 07:06 PM

That wasn't complete I stopped it cause I didn't read the instructions correctly I'm re doing it now



#9 aharonov

aharonov

  • Malware Response Team
  • 2,441 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:04:53 PM

Posted 18 September 2014 - 08:20 PM

It's ok, you can continue with step 2 from above instructions.

#10 CBermudez0415

CBermudez0415
  • Topic Starter

  • Members
  • 55 posts
  • OFFLINE
  •  
  • Local time:10:53 AM

Posted 19 September 2014 - 10:34 PM

ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=993a5aeb1ffba0409773d89cc71c5ed3
# engine=20223
# end=stopped
# remove_checked=false
# archives_checked=false
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2014-09-19 12:00:06
# local_time=2014-09-18 08:00:06 (-0500, Eastern Daylight Time)
# country="United States"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1='Microsoft Security Essentials'
# compatibility_mode=5895 16777213 100 100 0 33960800 0 0
# scanned=11520
# found=1
# cleaned=0
# scan_time=385
sh=CE42872F946A44C8FEF3077D29B40E7F216C1FED ft=1 fh=7d66009eb0ae002c vn="a variant of MSIL/Injector.FIP trojan" ac=I fn="C:\FRST\Quarantine\C\Windows\system32\yosbiva.dll.xBAD"
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=993a5aeb1ffba0409773d89cc71c5ed3
# engine=20223
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2014-09-19 06:16:44
# local_time=2014-09-19 02:16:44 (-0500, Eastern Daylight Time)
# country="United States"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1='Microsoft Security Essentials'
# compatibility_mode=5895 16777213 100 100 0 33983398 0 0
# scanned=678810
# found=15
# cleaned=0
# scan_time=22289
sh=CE42872F946A44C8FEF3077D29B40E7F216C1FED ft=1 fh=7d66009eb0ae002c vn="a variant of MSIL/Injector.FIP trojan" ac=I fn="C:\FRST\Quarantine\C\Windows\system32\yosbiva.dll.xBAD"
sh=88F07DB216F388A603179649D83BF1FC9AC8CB06 ft=1 fh=b538b1f51b2210a0 vn="a variant of Win32/HackTool.CheatEngine.AB potentially unsafe application" ac=I fn="C:\Program Files (x86)\Cheat Engine 6.2\cheatengine-i386.exe"
sh=CA3F51EC1897756636232998193325B830F22F26 ft=1 fh=3702c3e3af3ccb17 vn="a variant of Win32/HackTool.CheatEngine.AF potentially unsafe application" ac=I fn="C:\Program Files (x86)\Cheat Engine 6.2\standalonephase1.dat"
sh=C0E04188C23EF8CE174BA56046BB65E48C470FED ft=1 fh=1519a01afff08836 vn="Win32/TrojanDownloader.Tracur.AL trojan" ac=I fn="C:\Users\Cristian\AppData\Local\Apple\oydvmumfvp.dll"
sh=0A2C87785190AD74FFEA731BCF59529E92C3F576 ft=0 fh=0000000000000000 vn="a variant of Win32/Bundled.Toolbar.Ask.D potentially unsafe application" ac=I fn="C:\Users\Cristian\AppData\Local\Downloaded Installations\{E1193CB6-C71A-4F0E-B9AC-01A5FBCB9883}\The Weather Channel App.msi"
sh=C0E04188C23EF8CE174BA56046BB65E48C470FED ft=1 fh=1519a01afff08836 vn="Win32/TrojanDownloader.Tracur.AL trojan" ac=I fn="C:\Users\Cristian\AppData\Local\Temp\kxrcezm.dll"
sh=353AAC3ED2CE659FF86A5CD4AD2191300F71CD55 ft=0 fh=0000000000000000 vn="multiple threats" ac=I fn="C:\Users\Cristian\AppData\Roaming\AVG\Rescue\PC Tuneup 2011\121122043540846.rsc"
sh=D312220A6D6D3818C59DDB39E359CEEF6E39D7EB ft=0 fh=0000000000000000 vn="Win32/Toolbar.Conduit potentially unwanted application" ac=I fn="C:\Users\Cristian\AppData\Roaming\Mozilla\Firefox\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\chrome\utorrentbar.jar"
sh=91346F94961B30BFBAF1CF7C0F96486605278421 ft=1 fh=0f75797c496062a2 vn="Win32/Bundled.Toolbar.Google.D potentially unsafe application" ac=I fn="C:\Users\Cristian\Downloads\ccsetup417pro.exe"
sh=DA0FB77CECB4247F067294DA5E54E0020844FECE ft=1 fh=96c9faddf1c23368 vn="Win32/Bundled.Toolbar.Google.D potentially unsafe application" ac=I fn="C:\Users\Cristian\Downloads\CCleaner_TSV18G9MU\55bc08e32879a3de7386a2695d668304_ccsetup413.exe"
sh=0A2C87785190AD74FFEA731BCF59529E92C3F576 ft=0 fh=0000000000000000 vn="a variant of Win32/Bundled.Toolbar.Ask.D potentially unsafe application" ac=I fn="C:\WINDOWS\Installer\26c2456.msi"
sh=C70872D7B4F48D529A179C0FA54AB65FB1B982F4 ft=1 fh=f2e2b15faf5e28f3 vn="a variant of Win32/Bundled.Toolbar.Ask.F potentially unsafe application" ac=I fn="C:\WINDOWS\Installer\MSIB2C7.tmp"
sh=DC3C29A963871A9FF0613FFEC4FC39AB04760924 ft=1 fh=aa8756f8c51680cf vn="a variant of Win32/Bundled.Toolbar.Ask.F potentially unsafe application" ac=I fn="C:\WINDOWS\Installer\MSIEDBB.tmp"
sh=B5B41E946960F17050C00A4891CFF46B08486A4D ft=1 fh=79895fd74f1827db vn="Win32/Bundled.Toolbar.Google.D potentially unsafe application" ac=I fn="C:\WINDOWS\System32\Adobe\Shockwave 12\gt.exe"
sh=B5B41E946960F17050C00A4891CFF46B08486A4D ft=1 fh=79895fd74f1827db vn="Win32/Bundled.Toolbar.Google.D potentially unsafe application" ac=I fn="C:\WINDOWS\SysWOW64\Adobe\Shockwave 12\gt.exe"
ESETSmartInstaller@High as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7623
# api_version=3.0.2
# EOSSerial=993a5aeb1ffba0409773d89cc71c5ed3
# engine=20232
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2014-09-20 03:25:59
# local_time=2014-09-19 11:25:59 (-0500, Eastern Daylight Time)
# country="United States"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1='Microsoft Security Essentials'
# compatibility_mode=5895 16777213 100 100 0 34059553 0 0
# scanned=678496
# found=15
# cleaned=0
# scan_time=22306
sh=CE42872F946A44C8FEF3077D29B40E7F216C1FED ft=1 fh=7d66009eb0ae002c vn="a variant of MSIL/Injector.FIP trojan" ac=I fn="C:\FRST\Quarantine\C\Windows\system32\yosbiva.dll.xBAD"
sh=88F07DB216F388A603179649D83BF1FC9AC8CB06 ft=1 fh=b538b1f51b2210a0 vn="a variant of Win32/HackTool.CheatEngine.AB potentially unsafe application" ac=I fn="C:\Program Files (x86)\Cheat Engine 6.2\cheatengine-i386.exe"
sh=CA3F51EC1897756636232998193325B830F22F26 ft=1 fh=3702c3e3af3ccb17 vn="a variant of Win32/HackTool.CheatEngine.AF potentially unsafe application" ac=I fn="C:\Program Files (x86)\Cheat Engine 6.2\standalonephase1.dat"
sh=C0E04188C23EF8CE174BA56046BB65E48C470FED ft=1 fh=1519a01afff08836 vn="Win32/TrojanDownloader.Tracur.AL trojan" ac=I fn="C:\Users\Cristian\AppData\Local\Apple\oydvmumfvp.dll"
sh=0A2C87785190AD74FFEA731BCF59529E92C3F576 ft=0 fh=0000000000000000 vn="a variant of Win32/Bundled.Toolbar.Ask.D potentially unsafe application" ac=I fn="C:\Users\Cristian\AppData\Local\Downloaded Installations\{E1193CB6-C71A-4F0E-B9AC-01A5FBCB9883}\The Weather Channel App.msi"
sh=C0E04188C23EF8CE174BA56046BB65E48C470FED ft=1 fh=1519a01afff08836 vn="Win32/TrojanDownloader.Tracur.AL trojan" ac=I fn="C:\Users\Cristian\AppData\Local\Temp\kxrcezm.dll"
sh=353AAC3ED2CE659FF86A5CD4AD2191300F71CD55 ft=0 fh=0000000000000000 vn="multiple threats" ac=I fn="C:\Users\Cristian\AppData\Roaming\AVG\Rescue\PC Tuneup 2011\121122043540846.rsc"
sh=D312220A6D6D3818C59DDB39E359CEEF6E39D7EB ft=0 fh=0000000000000000 vn="Win32/Toolbar.Conduit potentially unwanted application" ac=I fn="C:\Users\Cristian\AppData\Roaming\Mozilla\Firefox\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\chrome\utorrentbar.jar"
sh=91346F94961B30BFBAF1CF7C0F96486605278421 ft=1 fh=0f75797c496062a2 vn="Win32/Bundled.Toolbar.Google.D potentially unsafe application" ac=I fn="C:\Users\Cristian\Downloads\ccsetup417pro.exe"
sh=DA0FB77CECB4247F067294DA5E54E0020844FECE ft=1 fh=96c9faddf1c23368 vn="Win32/Bundled.Toolbar.Google.D potentially unsafe application" ac=I fn="C:\Users\Cristian\Downloads\CCleaner_TSV18G9MU\55bc08e32879a3de7386a2695d668304_ccsetup413.exe"
sh=0A2C87785190AD74FFEA731BCF59529E92C3F576 ft=0 fh=0000000000000000 vn="a variant of Win32/Bundled.Toolbar.Ask.D potentially unsafe application" ac=I fn="C:\WINDOWS\Installer\26c2456.msi"
sh=C70872D7B4F48D529A179C0FA54AB65FB1B982F4 ft=1 fh=f2e2b15faf5e28f3 vn="a variant of Win32/Bundled.Toolbar.Ask.F potentially unsafe application" ac=I fn="C:\WINDOWS\Installer\MSIB2C7.tmp"
sh=DC3C29A963871A9FF0613FFEC4FC39AB04760924 ft=1 fh=aa8756f8c51680cf vn="a variant of Win32/Bundled.Toolbar.Ask.F potentially unsafe application" ac=I fn="C:\WINDOWS\Installer\MSIEDBB.tmp"
sh=B5B41E946960F17050C00A4891CFF46B08486A4D ft=1 fh=79895fd74f1827db vn="Win32/Bundled.Toolbar.Google.D potentially unsafe application" ac=I fn="C:\WINDOWS\System32\Adobe\Shockwave 12\gt.exe"
sh=B5B41E946960F17050C00A4891CFF46B08486A4D ft=1 fh=79895fd74f1827db vn="Win32/Bundled.Toolbar.Google.D potentially unsafe application" ac=I fn="C:\WINDOWS\SysWOW64\Adobe\Shockwave 12\gt.exe"
 


#11 CBermudez0415

CBermudez0415
  • Topic Starter

  • Members
  • 55 posts
  • OFFLINE
  •  
  • Local time:10:53 AM

Posted 19 September 2014 - 10:37 PM

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 12-09-2014
Ran by Cristian (administrator) on SEXYPANTS on 19-09-2014 23:35:25
Running from C:\Users\Cristian\Desktop
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(Microsoft Corporation) C:\WINDOWS\System32\wlanext.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Intel Corporation) C:\WINDOWS\System32\hkcmd.exe
(Intel Corporation) C:\WINDOWS\System32\igfxpers.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(DT Soft Ltd) C:\Program Files (x86)\DAEMON Tools Pro\DTShellHlp.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Google Inc.) C:\Users\Cristian\AppData\Local\Google\Update\1.3.24.15\GoogleCrashHandler.exe
(Google Inc.) C:\Users\Cristian\AppData\Local\Google\Update\1.3.24.15\GoogleCrashHandler64.exe
(Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
() C:\WINDOWS\SysWOW64\PnkBstrA.exe
() C:\WINDOWS\SysWOW64\PnkBstrB.exe
(Alienware Corp) C:\Program Files\Alienware\Command Center\AWCCServiceController.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Alienware Corporation) C:\Program Files\Alienware\Command Center\AlienwareAlienFXController.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Alienware) C:\Program Files\Alienware\Command Center\AWCCApplicationWatcher32.exe
(Alienware) C:\Program Files\Alienware\Command Center\AWCCApplicationWatcher64.exe
(Google Inc.) C:\Users\Cristian\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Cristian\AppData\Local\Google\Chrome\Application\chrome.exe
(Blizzard Entertainment) C:\ProgramData\Battle.net\Agent\Agent.3372\Agent.exe
(Blizzard Entertainment) C:\Program Files (x86)\Battle.net\Battle.net.5011\Battle.net.exe
(Google Inc.) C:\Users\Cristian\AppData\Local\Google\Chrome\Application\chrome.exe
(Blizzard Entertainment) C:\Program Files (x86)\World of Warcraft\Wow-64.exe
(ooVoo LLC) C:\Program Files (x86)\ooVoo\ooVoo.exe
(Blizzard Entertainment) C:\Program Files (x86)\World of Warcraft\Utils\WowBrowserProxy.exe
(Google Inc.) C:\Users\Cristian\AppData\Local\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\WINDOWS\System32\dllhost.exe
 
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1331288 2014-08-22] (Microsoft Corporation)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2392872 2011-02-22] (Synaptics Incorporated)
HKLM\...\Run: [Command Center Controllers] => C:\Program Files\Alienware\Command Center\AWCCStartupOrchestrator.exe [13256 2011-01-13] (Microsoft)
HKLM-x32\...\Run: [NUSB3MON] => C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [113288 2011-02-01] (Renesas Electronics Corporation)
HKLM-x32\...\Run: [VolPanel] => C:\Program Files (x86)\Creative\SB X-Fi MB\Volume Panel\VolPanlu.exe [241789 2009-05-04] (Creative Technology Ltd)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [283160 2010-11-06] (Intel Corporation)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-09-01] (Apple Inc.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\.DEFAULT\...\RunOnce: [FlashPlayerUpdate] => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_7_700_224_ActiveX.exe -update activex
HKU\S-1-5-21-354275357-2975866954-2258388748-1002\...\Run: [Google Update] => C:\Users\Cristian\AppData\Local\Google\Update\GoogleUpdate.exe [136176 2012-01-05] (Google Inc.)
HKU\S-1-5-21-354275357-2975866954-2258388748-1002\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [6462744 2014-08-21] (Piriform Ltd)
AppInit_DLLs: C:\WINDOWS\System32\nvinitx.dll => C:\WINDOWS\System32\nvinitx.dll [166568 2014-07-02] (NVIDIA Corporation)
AppInit_DLLs: , C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [166568 2014-07-02] (NVIDIA Corporation)
AppInit_DLLs-x32: c:\WINDOWS\SysWOW64\nvinit.dll => c:\WINDOWS\SysWOW64\nvinit.dll [146480 2014-07-02] (NVIDIA Corporation)
AppInit_DLLs-x32:  c:\WINDOWS\SysWOW64\nvinit.dll => c:\WINDOWS\SysWOW64\nvinit.dll [146480 2014-07-02] (NVIDIA Corporation)
AppInit_DLLs-x32:  C:\WINDOWS\SysWOW64\nvinit.dll => C:\WINDOWS\SysWOW64\nvinit.dll [146480 2014-07-02] (NVIDIA Corporation)
AppInit_DLLs-x32: , C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [146480 2014-07-02] (NVIDIA Corporation)
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre6\bin\ssv.dll (Sun Microsystems, Inc.)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
DPF: HKLM-x32 {6C269571-C6D7-4818-BCA4-32A035E8C884} http://ccfiles.creative.com/Web/softwareupdate/su/ocx/15102/CTSUEng.cab
DPF: HKLM-x32 {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab
DPF: HKLM-x32 {D4B68B83-8710-488B-A692-D74B50BA558E} http://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab
DPF: HKLM-x32 {F6ACF75C-C32C-447B-9BEF-46B766368D29} http://ccfiles.creative.com/Web/softwareupdate/ocx/130321/CTPID.cab
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} -  No File
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} -  No File
Handler-x32: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} -  No File
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
 
FireFox:
========
FF ProfilePath: C:\Users\Cristian\AppData\Roaming\Mozilla\Firefox\Profiles\x6gkd8m2.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_214.dll ()
FF Plugin: @java.com/JavaPlugin -> C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll (Sun Microsystems, Inc.)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1202122.dll (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll No File
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 -> C:\Users\Cristian\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 -> C:\Users\Cristian\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF user.js: detected! => C:\Users\Cristian\AppData\Roaming\Mozilla\Firefox\Profiles\x6gkd8m2.default\user.js
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\NPcol400.dll (Catalina Marketing Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\NPOFF12.DLL (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2012-02-27]
 
Chrome: 
=======
CHR HomePage: Default -> B9DE5F6E6AF1413747E8DD46A9AC07EB43FA88FACBB40893F485447154E1F6A1
CHR DefaultSearchKeyword: Default -> B36A327B715E6A15C8348F5070D815CC9D3BA30E46551C68CB5E4D6DC2291609
CHR DefaultSearchProvider: Default -> B3984FEDC724AD2F10209C9294269B52AB8806FB3480AB9C5C06AF8112D56EB6
CHR DefaultSearchURL: Default -> 210D1FD8A866383AEF256EA84725ED52745921A243098A81FBF51BDFCAC049A5
CHR Profile: C:\Users\Cristian\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\Cristian\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-09-10]
CHR Extension: (Google Docs) - C:\Users\Cristian\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-08-24]
CHR Extension: (Google Drive) - C:\Users\Cristian\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-08-24]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Cristian\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-09-11]
CHR Extension: (YouTube) - C:\Users\Cristian\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-08-24]
CHR Extension: (Google Search) - C:\Users\Cristian\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-08-24]
CHR Extension: (Google Sheets) - C:\Users\Cristian\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-09-10]
CHR Extension: (Google Wallet) - C:\Users\Cristian\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-21]
CHR Extension: (Gmail) - C:\Users\Cristian\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-08-24]
CHR HKLM-x32\...\Chrome\Extension: [bejbohlohkkgompgecdcbbglkpjfjgdj] - C:\Users\Cristian\AppData\Local\Temp\ccex.crx []
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx []
CHR StartMenuInternet: Google Chrome - C:\Users\Cristian\AppData\Local\Google\Chrome\Application\chrome.exe
 
==================== Services (Whitelisted) =================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
S4 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [440400 2014-02-25] (Avira Operations GmbH & Co. KG)
S4 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [440400 2014-02-25] (Avira Operations GmbH & Co. KG)
S4 BRSptSvc; C:\ProgramData\BitRaider\BRSptSvc.exe [477960 2013-11-27] (BitRaider, LLC)
S4 Creative ALchemy AL6 Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [79360 2011-10-06] (Creative Labs) [File not signed]
S4 Creative Audio Engine Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [79360 2011-10-06] (Creative Labs) [File not signed]
S4 CTAudSvcService; C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe [307200 2009-02-23] (Creative Technology Ltd) [File not signed]
S4 HiPatchService; C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [9216 2014-08-22] (Hi-Rez Studios) [File not signed]
S4 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [73728 2004-10-22] (Macrovision Corporation) [File not signed]
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23784 2014-08-22] (Microsoft Corporation)
S4 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [284912 2013-11-20] ()
S3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [368624 2014-08-22] (Microsoft Corporation)
S4 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1720608 2014-07-25] (NVIDIA Corporation)
S4 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [18956064 2014-07-25] (NVIDIA Corporation)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [75136 2014-06-01] ()
R2 PnkBstrB; C:\Windows\SysWOW64\PnkBstrB.exe [189248 2014-06-01] ()
S4 Sound Blaster X-Fi MB Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\XMBLicensing.exe [79360 2011-10-06] (Creative Labs) [File not signed]
S4 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
S4 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3674864 2013-11-20] (Intel® Corporation)
 
==================== Drivers (Whitelisted) ====================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-13] (Microsoft Corporation)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [108440 2014-02-25] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [131576 2014-02-25] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2014-02-25] (Avira Operations GmbH & Co. KG)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2012-07-01] (DT Soft Ltd)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-05-12] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [122584 2014-09-19] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-05-12] (Malwarebytes Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [269008 2014-07-17] (Microsoft Corporation)
S3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [125584 2014-07-17] (Microsoft Corporation)
R1 nvkflt; C:\Windows\System32\DRIVERS\nvkflt.sys [299352 2014-07-02] (NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [20256 2014-07-25] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [40392 2014-03-31] (NVIDIA Corporation)
S3 RimUsb; C:\Windows\System32\Drivers\RimUsb_AMD64.sys [27520 2007-05-14] (Research In Motion Limited)
R3 RzDxgk; C:\Windows\system32\drivers\RzDxgk.sys [129472 2014-04-10] (Razer, Inc.)
R1 RzFilter; C:\Windows\system32\drivers\RzFilter.sys [74432 2014-04-10] (Razer, Inc.)
S3 RzSynapse; C:\Windows\System32\DRIVERS\RzSynapse.sys [126464 2010-12-16] (Razer USA Ltd) [File not signed]
S3 Serial; C:\Windows\system32\drivers\serial.sys [94208 2009-07-13] (Brother Industries Ltd.)
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2012-12-13] (Apple, Inc.) [File not signed]
S3 digitalpower; system32\drivers\digitalpower.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
 
 
==================== One Month Created Files and Folders ========
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2014-09-19 23:35 - 2014-09-19 23:36 - 00019257 _____ () C:\Users\Cristian\Desktop\FRST.txt
2014-09-18 19:52 - 2014-09-18 19:52 - 00000000 ___DC () C:\Program Files (x86)\ESET
2014-09-18 19:51 - 2014-09-18 19:51 - 02347384 _____ (ESET) C:\Users\Cristian\Downloads\esetsmartinstaller_enu.exe
2014-09-18 19:23 - 2014-09-18 19:23 - 00000356 _____ () C:\Users\Cristian\Downloads\fixlist.txt
2014-09-18 18:28 - 2014-09-18 18:28 - 00040458 _____ () C:\Users\Cristian\Downloads\Addition.txt
2014-09-18 18:27 - 2014-09-18 18:29 - 00050302 _____ () C:\Users\Cristian\Downloads\FRST.txt
2014-09-18 18:27 - 2014-09-18 18:27 - 02105856 _____ (Farbar) C:\Users\Cristian\Downloads\FRST64.exe
2014-09-15 19:08 - 2014-09-15 19:08 - 00001785 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-09-15 19:08 - 2014-09-15 19:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-09-15 19:07 - 2014-09-15 19:08 - 00000000 ___DC () C:\Program Files\iTunes
2014-09-15 19:07 - 2014-09-15 19:08 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-09-15 19:07 - 2014-09-15 19:07 - 00000000 ___DC () C:\Program Files\iPod
2014-09-14 13:35 - 2014-08-19 14:05 - 00374968 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-09-14 13:35 - 2014-08-19 13:39 - 00327872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-09-14 13:35 - 2014-08-18 19:01 - 23591424 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-09-14 13:35 - 2014-08-18 18:29 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-09-14 13:35 - 2014-08-18 18:29 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-09-14 13:35 - 2014-08-18 18:26 - 17455104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-09-14 13:35 - 2014-08-18 18:20 - 02793984 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-09-14 13:35 - 2014-08-18 18:19 - 05833728 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-09-14 13:35 - 2014-08-18 18:15 - 00547328 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-09-14 13:35 - 2014-08-18 18:15 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-09-14 13:35 - 2014-08-18 18:14 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-09-14 13:35 - 2014-08-18 18:14 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-09-14 13:35 - 2014-08-18 18:08 - 04232704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-09-14 13:35 - 2014-08-18 18:08 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-09-14 13:35 - 2014-08-18 18:08 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-09-14 13:35 - 2014-08-18 18:05 - 00596480 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-09-14 13:35 - 2014-08-18 18:03 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-09-14 13:35 - 2014-08-18 18:03 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-09-14 13:35 - 2014-08-18 18:03 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-09-14 13:35 - 2014-08-18 17:57 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-09-14 13:35 - 2014-08-18 17:56 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-09-14 13:35 - 2014-08-18 17:51 - 00446464 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-09-14 13:35 - 2014-08-18 17:46 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-09-14 13:35 - 2014-08-18 17:45 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-09-14 13:35 - 2014-08-18 17:45 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-09-14 13:35 - 2014-08-18 17:44 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-09-14 13:35 - 2014-08-18 17:44 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-09-14 13:35 - 2014-08-18 17:42 - 02185728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-09-14 13:35 - 2014-08-18 17:40 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-09-14 13:35 - 2014-08-18 17:39 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-09-14 13:35 - 2014-08-18 17:39 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-09-14 13:35 - 2014-08-18 17:39 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-09-14 13:35 - 2014-08-18 17:38 - 00289280 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-09-14 13:35 - 2014-08-18 17:37 - 00440320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-09-14 13:35 - 2014-08-18 17:36 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-09-14 13:35 - 2014-08-18 17:35 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-09-14 13:35 - 2014-08-18 17:27 - 00365056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-09-14 13:35 - 2014-08-18 17:25 - 00727040 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-09-14 13:35 - 2014-08-18 17:25 - 00707072 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-09-14 13:35 - 2014-08-18 17:23 - 02104832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-09-14 13:35 - 2014-08-18 17:23 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-09-14 13:35 - 2014-08-18 17:22 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-09-14 13:35 - 2014-08-18 17:19 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-09-14 13:35 - 2014-08-18 17:17 - 00243200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-09-14 13:35 - 2014-08-18 17:17 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-09-14 13:35 - 2014-08-18 17:16 - 13588480 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-09-14 13:35 - 2014-08-18 17:15 - 11769856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-09-14 13:35 - 2014-08-18 17:15 - 02310656 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-09-14 13:35 - 2014-08-18 17:09 - 00603136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-09-14 13:35 - 2014-08-18 17:08 - 02014208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-09-14 13:35 - 2014-08-18 17:07 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-09-14 13:35 - 2014-08-18 16:55 - 01447424 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-09-14 13:35 - 2014-08-18 16:46 - 01812992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-09-14 13:35 - 2014-08-18 16:38 - 01190400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-09-14 13:35 - 2014-08-18 16:38 - 00775168 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-09-14 13:35 - 2014-08-18 16:36 - 00678400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-09-14 13:16 - 2014-07-06 22:06 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-09-14 13:16 - 2014-07-06 22:06 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-09-14 13:16 - 2014-07-06 21:40 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-09-14 13:16 - 2014-07-06 21:40 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-09-14 13:16 - 2014-07-06 21:39 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-09-11 18:14 - 2014-09-11 18:14 - 00066056 _____ () C:\Users\Cristian\AppData\Local\GDIPFONTCACHEV1.DAT
2014-09-11 18:13 - 2014-09-19 17:10 - 00000616 _____ () C:\Windows\setupact.log
2014-09-11 18:13 - 2014-09-11 18:14 - 04854936 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-09-11 18:13 - 2014-09-11 18:13 - 00000000 _____ () C:\Windows\setuperr.log
2014-09-11 16:31 - 2014-09-11 16:32 - 00047626 _____ () C:\Users\Cristian\Documents\cc_20140911_163055.reg
2014-09-11 15:33 - 2014-09-11 15:34 - 04902336 _____ (Piriform Ltd) C:\Users\Cristian\Downloads\ccsetup417pro.exe
2014-09-11 14:13 - 2014-09-19 21:11 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-09-11 14:13 - 2014-09-11 14:13 - 00001104 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-09-11 14:13 - 2014-09-11 14:13 - 00000000 ___DC () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-09-11 14:13 - 2014-09-11 14:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-09-11 14:13 - 2014-09-11 14:13 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-09-11 14:13 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-09-11 14:13 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-09-11 14:13 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-09-11 14:12 - 2014-09-11 14:12 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Cristian\Downloads\mbam-setup-2.0.2.1012 (1).exe
2014-09-11 14:08 - 2014-09-11 14:08 - 00321848 _____ (Malwarebytes Corporation) C:\Users\Cristian\Downloads\mbam-clean-2.1.1.1001.exe
2014-09-11 13:36 - 2014-09-11 13:36 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Cristian\Downloads\mbam-setup-2.0.2.1012.exe
2014-09-10 01:13 - 2014-09-10 01:13 - 02184800 _____ () C:\Users\Cristian\Downloads\1410325461004.webm
2014-09-08 23:50 - 2014-09-08 23:50 - 00002771 _____ () C:\Users\Public\Desktop\Desktop Weather.lnk
2014-09-08 23:50 - 2014-09-08 23:50 - 00000000 ___DC () C:\Program Files (x86)\The Weather Channel
2014-09-08 23:50 - 2014-09-08 23:50 - 00000000 ____D () C:\Users\Cristian\AppData\Local\Downloaded Installations
2014-09-08 23:50 - 2014-09-08 23:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The Weather Channel
2014-09-04 19:08 - 2014-09-04 19:08 - 14887549 _____ () C:\Users\Cristian\Downloads\ZygorGuidesWOW-v4.0.9307.zip
2014-08-28 13:46 - 2014-08-22 22:07 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-08-28 13:46 - 2014-08-22 21:45 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-08-28 13:46 - 2014-08-22 20:59 - 03163648 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-08-28 13:39 - 2014-05-14 12:23 - 02477536 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2014-08-28 13:39 - 2014-05-14 12:23 - 00058336 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2014-08-28 13:39 - 2014-05-14 12:23 - 00044512 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2014-08-28 13:39 - 2014-05-14 12:21 - 02620928 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2014-08-28 13:38 - 2014-05-14 12:23 - 00700384 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2014-08-28 13:38 - 2014-05-14 12:23 - 00581600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2014-08-28 13:38 - 2014-05-14 12:23 - 00038880 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2014-08-28 13:38 - 2014-05-14 12:23 - 00036320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2014-08-28 13:38 - 2014-05-14 12:20 - 00097792 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2014-08-28 13:38 - 2014-05-14 12:17 - 00092672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2014-08-28 13:38 - 2014-05-14 09:23 - 00198600 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2014-08-28 13:38 - 2014-05-14 09:23 - 00179656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2014-08-28 13:38 - 2014-05-14 09:20 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2014-08-28 13:38 - 2014-05-14 09:17 - 00033792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2014-08-26 23:46 - 2014-08-26 23:46 - 00371821 _____ () C:\Users\Cristian\Downloads\AdiBags-v1.6.16.zip
2014-08-26 18:58 - 2014-08-26 18:58 - 00010139 _____ () C:\Users\Cristian\Downloads\SnowfallKeyPress_1.4.zip
2014-08-26 18:57 - 2014-08-26 18:57 - 00152613 _____ () C:\Users\Cristian\Downloads\Reforgenator-v2.4.3.zip
2014-08-26 18:56 - 2014-08-26 18:56 - 00141820 _____ () C:\Users\Cristian\Downloads\Bagnon_5.4.15.zip
2014-08-26 18:55 - 2014-08-26 18:55 - 00576660 _____ () C:\Users\Cristian\Downloads\Archy-1.8.44.zip
2014-08-26 18:55 - 2014-08-26 18:55 - 00246174 _____ () C:\Users\Cristian\Downloads\Auctionator_v0315.zip
2014-08-26 18:54 - 2014-08-26 18:54 - 00431914 _____ () C:\Users\Cristian\Downloads\TomTom-v50400-1.0.0.zip
2014-08-26 18:54 - 2014-08-26 18:54 - 00078297 _____ () C:\Users\Cristian\Downloads\Postal-v3.5.1 (1).zip
2014-08-26 18:53 - 2014-08-26 18:53 - 00078297 _____ () C:\Users\Cristian\Downloads\Postal-v3.5.1.zip
2014-08-26 18:52 - 2014-08-26 18:52 - 00299562 _____ () C:\Users\Cristian\Downloads\Bartender4-4.5.13.2.zip
2014-08-26 18:51 - 2014-08-26 18:51 - 00206661 _____ () C:\Users\Cristian\Downloads\_NPCScan.Overlay-5.4.8.3.zip
2014-08-26 18:50 - 2014-08-26 18:50 - 00381825 _____ () C:\Users\Cristian\Downloads\Recount-r1262.zip
2014-08-26 18:50 - 2014-08-26 18:50 - 00229180 _____ () C:\Users\Cristian\Downloads\_NPCScan-5.4.8.4.zip
2014-08-26 18:47 - 2014-08-26 18:47 - 01784075 _____ () C:\Users\Cristian\Downloads\DBM-Core-5.4.18.zip
2014-08-26 18:15 - 2014-08-26 18:15 - 01058200 _____ (Adobe) C:\Users\Cristian\Downloads\install_flashplayer14x32au_mssd_aaa_aih.exe
2014-08-26 15:15 - 2014-08-26 15:15 - 00001238 _____ () C:\Users\Public\Desktop\World of Warcraft.lnk
2014-08-26 15:14 - 2014-08-26 15:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\World of Warcraft
2014-08-26 15:10 - 2014-08-26 15:10 - 02942368 _____ (Blizzard Entertainment) C:\Users\Cristian\Downloads\World-of-Warcraft-Setup-enUS.exe
2014-08-25 20:47 - 2014-08-25 21:26 - 00000000 ____D () C:\Users\Cristian\AppData\Local\AOL
2014-08-24 10:13 - 2014-08-24 10:14 - 00000000 ____D () C:\Users\Cristian\Downloads\spacesniffer_1_1_4_0
2014-08-24 10:13 - 2014-08-24 10:13 - 01536858 _____ () C:\Users\Cristian\Downloads\spacesniffer_1_1_4_0.zip
2014-08-24 10:06 - 2014-08-24 10:12 - 00000000 ____D () C:\Users\Cristian\Downloads\myuninst
2014-08-24 10:05 - 2014-08-24 10:05 - 00046124 _____ () C:\Users\Cristian\Downloads\myuninst.zip
2014-08-24 01:57 - 2014-06-30 18:24 - 00008856 _____ (Microsoft Corporation) C:\Windows\system32\icardres.dll
2014-08-24 01:57 - 2014-06-30 18:14 - 00008856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardres.dll
2014-08-24 01:57 - 2014-03-09 17:48 - 01389208 _____ (Microsoft Corporation) C:\Windows\system32\icardagt.exe
2014-08-24 01:57 - 2014-03-09 17:48 - 00171160 _____ (Microsoft Corporation) C:\Windows\system32\infocardapi.dll
2014-08-24 01:57 - 2014-03-09 17:47 - 00619672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardagt.exe
2014-08-24 01:57 - 2014-03-09 17:47 - 00099480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\infocardapi.dll
2014-08-24 01:56 - 2014-06-06 02:16 - 00035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe
2014-08-24 01:56 - 2014-06-06 02:12 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2014-08-24 01:55 - 2014-07-25 12:55 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-08-24 01:55 - 2014-07-25 12:49 - 00272808 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-08-24 01:55 - 2014-07-25 12:49 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-08-24 01:55 - 2014-07-25 12:49 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-08-24 01:50 - 2014-08-24 01:50 - 00000003 _____ () C:\Windows\system32\HRUPPROG.EXIT
2014-08-24 01:32 - 2014-07-15 23:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-08-24 01:32 - 2014-07-15 22:46 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-08-24 01:31 - 2014-06-15 22:10 - 00985536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2014-08-24 01:31 - 2014-06-03 06:02 - 03241984 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-08-24 01:31 - 2014-06-03 06:02 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2014-08-24 01:31 - 2014-06-03 06:02 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2014-08-24 01:31 - 2014-06-03 06:02 - 00112064 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2014-08-24 01:31 - 2014-06-03 05:29 - 02363392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-08-24 01:31 - 2014-06-03 05:29 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2014-08-24 01:31 - 2014-06-03 05:29 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2014-08-24 01:30 - 2014-07-13 22:02 - 01216000 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2014-08-24 01:30 - 2014-07-13 21:40 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
 
==================== One Month Modified Files and Folders =======
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2014-09-19 23:36 - 2014-09-19 23:35 - 00019257 _____ () C:\Users\Cristian\Desktop\FRST.txt
2014-09-19 23:36 - 2014-01-30 02:31 - 00000000 ____D () C:\Users\Cristian\AppData\Local\Battle.net
2014-09-19 23:35 - 2014-06-15 18:01 - 00000000 ____D () C:\Users\Cristian\Desktop\FRST-OlderVersion
2014-09-19 23:35 - 2014-06-13 15:15 - 00000000 ___DC () C:\FRST
2014-09-19 23:35 - 2014-06-13 15:13 - 02105856 ____C (Farbar) C:\Users\Cristian\Desktop\FRST64.exe
2014-09-19 23:16 - 2012-05-02 21:08 - 00000898 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-09-19 23:09 - 2012-04-09 08:11 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-09-19 23:03 - 2012-05-02 21:08 - 00000902 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-09-19 23:00 - 2012-01-05 21:08 - 00000920 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-354275357-2975866954-2258388748-1002UA.job
2014-09-19 23:00 - 2012-01-05 21:08 - 00000868 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-354275357-2975866954-2258388748-1002Core.job
2014-09-19 21:43 - 2011-10-06 02:45 - 01621149 _____ () C:\Windows\WindowsUpdate.log
2014-09-19 21:11 - 2014-09-11 14:13 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-09-19 17:19 - 2009-07-14 00:45 - 00028352 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-09-19 17:19 - 2009-07-14 00:45 - 00028352 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-09-19 17:11 - 2009-07-14 01:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-09-19 17:10 - 2014-09-11 18:13 - 00000616 _____ () C:\Windows\setupact.log
2014-09-18 19:52 - 2014-09-18 19:52 - 00000000 ___DC () C:\Program Files (x86)\ESET
2014-09-18 19:51 - 2014-09-18 19:51 - 02347384 _____ (ESET) C:\Users\Cristian\Downloads\esetsmartinstaller_enu.exe
2014-09-18 19:23 - 2014-09-18 19:23 - 00000356 _____ () C:\Users\Cristian\Downloads\fixlist.txt
2014-09-18 18:29 - 2014-09-18 18:27 - 00050302 _____ () C:\Users\Cristian\Downloads\FRST.txt
2014-09-18 18:28 - 2014-09-18 18:28 - 00040458 _____ () C:\Users\Cristian\Downloads\Addition.txt
2014-09-18 18:27 - 2014-09-18 18:27 - 02105856 _____ (Farbar) C:\Users\Cristian\Downloads\FRST64.exe
2014-09-16 10:15 - 2012-04-09 08:11 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-09-16 10:15 - 2012-04-09 08:11 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-09-16 10:15 - 2011-10-06 00:55 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-09-16 07:31 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\rescache
2014-09-16 00:00 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system32\sysprep
2014-09-15 19:35 - 2011-12-07 13:53 - 00000000 ____D () C:\Users\Cristian\AppData\Local\uTorrent
2014-09-15 19:08 - 2014-09-15 19:08 - 00001785 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-09-15 19:08 - 2014-09-15 19:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-09-15 19:08 - 2014-09-15 19:07 - 00000000 ___DC () C:\Program Files\iTunes
2014-09-15 19:08 - 2014-09-15 19:07 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-09-15 19:07 - 2014-09-15 19:07 - 00000000 ___DC () C:\Program Files\iPod
2014-09-15 19:07 - 2011-12-07 13:46 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-09-14 22:14 - 2011-12-07 19:36 - 00000000 ____D () C:\Users\Cristian\AppData\Local\Apple
2014-09-14 22:10 - 2014-01-02 02:17 - 00002322 _____ () C:\Users\Public\Desktop\HP Officejet 6500 E710n-z.lnk
2014-09-14 13:33 - 2011-02-10 12:10 - 00775084 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-09-14 13:33 - 2009-07-14 01:13 - 00775084 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-09-14 13:32 - 2014-04-21 12:01 - 00002079 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
2014-09-14 13:32 - 2014-04-21 12:01 - 00001945 _____ () C:\Windows\epplauncher.mif
2014-09-14 13:32 - 2014-04-21 12:01 - 00000000 ____D () C:\Program Files\Microsoft Security Client
2014-09-14 13:32 - 2014-04-21 12:01 - 00000000 ____D () C:\Program Files (x86)\Microsoft Security Client
2014-09-14 13:31 - 2013-08-15 08:30 - 00000000 ____D () C:\Windows\system32\MRT
2014-09-14 13:26 - 2011-12-08 07:30 - 101694776 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-09-12 22:06 - 2011-12-07 12:50 - 00000000 ____D () C:\Users\Cristian
2014-09-12 20:37 - 2014-01-30 02:31 - 00000000 ___DC () C:\Program Files (x86)\Battle.net
2014-09-12 00:36 - 2014-02-12 10:04 - 00000000 ____D () C:\Users\Cristian\AppData\Local\CrashDumps
2014-09-11 23:09 - 2011-12-07 14:06 - 00000000 ____D () C:\Users\Cristian\Steam
2014-09-11 18:25 - 2011-12-31 15:44 - 00000000 ____D () C:\Users\Cristian\AppData\Roaming\vlc
2014-09-11 18:14 - 2014-09-11 18:14 - 00066056 _____ () C:\Users\Cristian\AppData\Local\GDIPFONTCACHEV1.DAT
2014-09-11 18:14 - 2014-09-11 18:13 - 04854936 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-09-11 18:13 - 2014-09-11 18:13 - 00000000 _____ () C:\Windows\setuperr.log
2014-09-11 16:32 - 2014-09-11 16:31 - 00047626 _____ () C:\Users\Cristian\Documents\cc_20140911_163055.reg
2014-09-11 15:59 - 2013-11-04 11:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java Development Kit
2014-09-11 15:55 - 2012-04-19 14:21 - 00000000 ____D () C:\Windows\Minidump
2014-09-11 15:34 - 2014-09-11 15:33 - 04902336 _____ (Piriform Ltd) C:\Users\Cristian\Downloads\ccsetup417pro.exe
2014-09-11 15:34 - 2014-04-20 19:46 - 00000784 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-09-11 15:34 - 2014-04-20 19:46 - 00000000 ___DC () C:\Program Files\CCleaner
2014-09-11 14:27 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\L2Schemas
2014-09-11 14:13 - 2014-09-11 14:13 - 00001104 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-09-11 14:13 - 2014-09-11 14:13 - 00000000 ___DC () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-09-11 14:13 - 2014-09-11 14:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-09-11 14:13 - 2014-09-11 14:13 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-09-11 14:12 - 2014-09-11 14:12 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Cristian\Downloads\mbam-setup-2.0.2.1012 (1).exe
2014-09-11 14:08 - 2014-09-11 14:08 - 00321848 _____ (Malwarebytes Corporation) C:\Users\Cristian\Downloads\mbam-clean-2.1.1.1001.exe
2014-09-11 14:07 - 2011-12-17 12:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Razer
2014-09-11 13:40 - 2012-04-13 10:23 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-09-11 13:36 - 2014-09-11 13:36 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Cristian\Downloads\mbam-setup-2.0.2.1012.exe
2014-09-10 16:31 - 2012-01-31 14:54 - 00000436 _____ () C:\Windows\system32\Drivers\etc\hosts.ics
2014-09-10 15:44 - 2013-04-06 13:48 - 00001087 _____ () C:\Users\Cristian\Desktop\Cheat Engine.lnk
2014-09-10 01:13 - 2014-09-10 01:13 - 02184800 _____ () C:\Users\Cristian\Downloads\1410325461004.webm
2014-09-09 17:03 - 2012-01-05 21:09 - 00002384 _____ () C:\Users\Cristian\Desktop\Google Chrome.lnk
2014-09-08 23:50 - 2014-09-08 23:50 - 00002771 _____ () C:\Users\Public\Desktop\Desktop Weather.lnk
2014-09-08 23:50 - 2014-09-08 23:50 - 00000000 ___DC () C:\Program Files (x86)\The Weather Channel
2014-09-08 23:50 - 2014-09-08 23:50 - 00000000 ____D () C:\Users\Cristian\AppData\Local\Downloaded Installations
2014-09-08 23:50 - 2014-09-08 23:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The Weather Channel
2014-09-08 23:50 - 2012-01-28 04:35 - 00001859 _____ () C:\Users\Public\Desktop\ooVoo.lnk
2014-09-08 23:50 - 2012-01-28 04:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ooVoo
2014-09-08 23:50 - 2012-01-28 04:35 - 00000000 ____D () C:\Program Files (x86)\ooVoo
2014-09-04 19:08 - 2014-09-04 19:08 - 14887549 _____ () C:\Users\Cristian\Downloads\ZygorGuidesWOW-v4.0.9307.zip
2014-08-26 23:46 - 2014-08-26 23:46 - 00371821 _____ () C:\Users\Cristian\Downloads\AdiBags-v1.6.16.zip
2014-08-26 18:58 - 2014-08-26 18:58 - 00010139 _____ () C:\Users\Cristian\Downloads\SnowfallKeyPress_1.4.zip
2014-08-26 18:57 - 2014-08-26 18:57 - 00152613 _____ () C:\Users\Cristian\Downloads\Reforgenator-v2.4.3.zip
2014-08-26 18:56 - 2014-08-26 18:56 - 00141820 _____ () C:\Users\Cristian\Downloads\Bagnon_5.4.15.zip
2014-08-26 18:55 - 2014-08-26 18:55 - 00576660 _____ () C:\Users\Cristian\Downloads\Archy-1.8.44.zip
2014-08-26 18:55 - 2014-08-26 18:55 - 00246174 _____ () C:\Users\Cristian\Downloads\Auctionator_v0315.zip
2014-08-26 18:54 - 2014-08-26 18:54 - 00431914 _____ () C:\Users\Cristian\Downloads\TomTom-v50400-1.0.0.zip
2014-08-26 18:54 - 2014-08-26 18:54 - 00078297 _____ () C:\Users\Cristian\Downloads\Postal-v3.5.1 (1).zip
2014-08-26 18:53 - 2014-08-26 18:53 - 00078297 _____ () C:\Users\Cristian\Downloads\Postal-v3.5.1.zip
2014-08-26 18:52 - 2014-08-26 18:52 - 00299562 _____ () C:\Users\Cristian\Downloads\Bartender4-4.5.13.2.zip
2014-08-26 18:51 - 2014-08-26 18:51 - 00206661 _____ () C:\Users\Cristian\Downloads\_NPCScan.Overlay-5.4.8.3.zip
2014-08-26 18:50 - 2014-08-26 18:50 - 00381825 _____ () C:\Users\Cristian\Downloads\Recount-r1262.zip
2014-08-26 18:50 - 2014-08-26 18:50 - 00229180 _____ () C:\Users\Cristian\Downloads\_NPCScan-5.4.8.4.zip
2014-08-26 18:47 - 2014-08-26 18:47 - 01784075 _____ () C:\Users\Cristian\Downloads\DBM-Core-5.4.18.zip
2014-08-26 18:24 - 2013-06-29 20:34 - 00000000 ____D () C:\Program Files (x86)\World of Warcraft
2014-08-26 18:15 - 2014-08-26 18:15 - 01058200 _____ (Adobe) C:\Users\Cristian\Downloads\install_flashplayer14x32au_mssd_aaa_aih.exe
2014-08-26 17:47 - 2014-01-30 02:33 - 00000000 ___DC () C:\Program Files (x86)\Hearthstone
2014-08-26 15:15 - 2014-08-26 15:15 - 00001238 _____ () C:\Users\Public\Desktop\World of Warcraft.lnk
2014-08-26 15:15 - 2014-08-26 15:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\World of Warcraft
2014-08-26 15:10 - 2014-08-26 15:10 - 02942368 _____ (Blizzard Entertainment) C:\Users\Cristian\Downloads\World-of-Warcraft-Setup-enUS.exe
2014-08-25 21:26 - 2014-08-25 20:47 - 00000000 ____D () C:\Users\Cristian\AppData\Local\AOL
2014-08-24 10:21 - 2013-11-11 18:25 - 00000000 ____D () C:\ProgramData\GFACE
2014-08-24 10:21 - 2013-05-05 05:22 - 00000000 ____D () C:\Program Files (x86)\Secret Identity Studios
2014-08-24 10:20 - 2013-09-05 19:47 - 00000000 ____D () C:\Program Files (x86)\Zenimax Online
2014-08-24 10:14 - 2014-08-24 10:13 - 00000000 ____D () C:\Users\Cristian\Downloads\spacesniffer_1_1_4_0
2014-08-24 10:13 - 2014-08-24 10:13 - 01536858 _____ () C:\Users\Cristian\Downloads\spacesniffer_1_1_4_0.zip
2014-08-24 10:12 - 2014-08-24 10:06 - 00000000 ____D () C:\Users\Cristian\Downloads\myuninst
2014-08-24 10:05 - 2014-08-24 10:05 - 00046124 _____ () C:\Users\Cristian\Downloads\myuninst.zip
2014-08-24 02:19 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-08-24 01:55 - 2013-11-04 11:32 - 00000000 ____D () C:\ProgramData\Oracle
2014-08-24 01:55 - 2011-10-06 01:02 - 00000000 ____D () C:\Program Files (x86)\Java
2014-08-24 01:50 - 2014-08-24 01:50 - 00000003 _____ () C:\Windows\system32\HRUPPROG.EXIT
2014-08-24 01:50 - 2013-08-06 10:51 - 00000003 _____ () C:\Windows\system32\HRUPPROG.TXT
2014-08-22 22:07 - 2014-08-28 13:46 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-08-22 21:45 - 2014-08-28 13:46 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-08-22 20:59 - 2014-08-28 13:46 - 03163648 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
 
Some content of TEMP:
====================
C:\Users\Cristian\AppData\Local\Temp\kxrcezm.dll
C:\Users\Cristian\AppData\Local\Temp\ocutlkm.dll
C:\Users\Cristian\AppData\Local\Temp\rwklffc.dll
 
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2014-09-16 07:23
 
==================== End Of Log ============================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 12-09-2014
Ran by Cristian at 2014-09-19 23:36:22
Running from C:\Users\Cristian\Desktop
Boot Mode: Normal
==========================================================
 
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Microsoft Security Essentials (Disabled - Up to date) {4F35CFC4-45A3-FC37-EF17-759A02E39AB1}
AS: Microsoft Security Essentials (Disabled - Up to date) {F4542E20-6399-F3B9-D5A7-4EE87964D00C}
 
==================== Installed Programs ======================
 
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
Accidental Damage Services Agreement (HKLM-x32\...\{330B7AAD-B2FE-4989-B02A-DDA5A174FCDF}) (Version: 2.0.0 - Dell Inc.)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 2.5.1.17730 - Adobe Systems Inc.)
Adobe AIR (x32 Version: 2.5.1.17730 - Adobe Systems Inc.) Hidden
Adobe Community Help (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.4.980 - Adobe Systems Incorporated.)
Adobe Community Help (x32 Version: 3.4.980 - Adobe Systems Incorporated.) Hidden
Adobe Flash Player 13 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 13.0.0.214 - Adobe Systems Incorporated)
Adobe Flash Player 15 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 15.0.0.152 - Adobe Systems Incorporated)
Adobe Photoshop CS5.1 (HKLM-x32\...\{9158FF30-78D7-40EF-B83E-451AC5334640}) (Version: 12.1 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.08) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.08 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.0 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.0.2.122 - Adobe Systems, Inc.)
Advanced Audio FX Engine (HKLM-x32\...\Advanced Audio FX Engine) (Version: 1.12.05 - Creative Technology Ltd)
Alienware M14x Manual (HKLM-x32\...\InstallShield_{B90A9452-2233-4B2A-8277-5DC4FEC239CB}) (Version: 1.0.1.0 - Alienware Corp.)
Alienware M14x Manual (Version: 1.0.1.0 - Alienware Corp.) Hidden
Apple Application Support (HKLM-x32\...\{78002155-F025-4070-85B3-7C0453561701}) (Version: 3.0.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{B678797F-DF38-4556-8A31-8B818E261868}) (Version: 8.0.0.23 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Banctec Service Agreement (HKLM-x32\...\{BD4B02C1-0271-4D7D-A850-19DE2E5CDF83}) (Version: 2.0.0 - Dell Inc.)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
BitRaider Web Client (HKLM-x32\...\BitRaider Web Client) (Version: 1.1.9.4 - BitRaider, LLC)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Borderlands 2 OST Sample (HKLM-x32\...\Borderlands 2 OST Sample) (Version:  - GameStop)
CCleaner (HKLM\...\CCleaner) (Version: 4.17 - Piriform)
Cheat Engine 6.2 (HKLM-x32\...\Cheat Engine 6.2_is1) (Version:  - Dark Byte)
Command Center (HKLM-x32\...\InstallShield_{A3A06A93-1106-4110-AE11-F9EC3A33322F}) (Version: 2.6.8.0 - Alienware Corp.)
Command Center (Version: 2.6.8.0 - Alienware Corp.) Hidden
DAEMON Tools Pro (HKLM-x32\...\DAEMON Tools Pro) (Version: 5.1.0.0333 - DT Soft Ltd)
Dell System Detect (HKCU\...\9204f5692a8faf3b) (Version: 3.3.2.1 - Dell)
Download Updater (AOL Inc.) (HKLM-x32\...\SoftwareUpdUtility) (Version:  - AOL Inc.) <==== ATTENTION
EMSC (x32 Version: 0.0.0.22C - Compal Electronics, Inc.) Hidden
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version:  - )
Google Chrome (HKCU\...\Google Chrome) (Version: 37.0.2062.120 - Google Inc.)
Google Earth (HKLM-x32\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
Hearthstone (HKLM-x32\...\Hearthstone) (Version:  - Blizzard Entertainment)
Hi-Rez Studios Authenticate and Update Service (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF1FC}) (Version: 3.0.0.0 - Hi-Rez Studios)
HP Officejet 6500 E710n-z Basic Device Software (HKLM\...\{D79A5962-7305-41B9-A39E-A98AB598F372}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Officejet 6500 E710n-z Help (HKLM-x32\...\{130E5108-547F-4482-91EE-F45C784E08C7}) (Version: 140.0.2.2 - Hewlett Packard)
HP Officejet 6500 E710n-z Product Improvement Study (HKLM\...\{4207BD5E-6F51-4C57-BC86-A0EBE9088A30}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.9572 - HP)
HP Update (HKLM-x32\...\{97486FBE-A3FC-4783-8D55-EA37E9D171CC}) (Version: 5.005.000.002 - Hewlett-Packard)
HWiNFO64 Version 3.94 (HKLM\...\HWiNFO64_is1) (Version: 3.94 - Martin Malík - REALiX)
I.R.I.S. OCR (HKLM-x32\...\{CA6BCA2F-EDEB-408F-850B-31404BE16A61}) (Version: 12.3.4.0 - HP)
iCloud (HKLM\...\{81E20D41-C277-4526-934D-F2380AF91B78}) (Version: 3.1.0.40 - Apple Inc.)
Integrated Webcam Live! Central (HKLM-x32\...\Integrated Webcam Live! Central) (Version: 2.00.46 - Creative Technology Ltd)
Intel PROSet Wireless (Version:  - ) Hidden
Intel® Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel® PRO/Wireless Driver (Version: 16.07.0000.0730 - Intel Corporation) Hidden
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.3347 - Intel Corporation)
Intel® PROSet/Wireless for Bluetooth® + High Speed (Version: 16.6.0.0128 - Intel Corporation) Hidden
Intel® Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.1.0.1008 - Intel Corporation)
Intel® SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
Intel® Wireless Display (HKLM-x32\...\{F84906ED-BB54-4889-B131-FED9C9056FC8}) (Version: 2.0.27.0 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{440d014b-4444-4533-b96d-2910e1ca2bcf}) (Version: 16.7.0 - Intel Corporation)
Intel® PROSet/Wireless WiFi Software (Version: 16.7.0.0297 - Intel Corporation) Hidden
iTunes (HKLM\...\{F46AA0F1-E284-4878-A462-5F11B9166C0E}) (Version: 11.4.0.18 - Apple Inc.)
Java 7 Update 67 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.670 - Oracle)
Java Auto Updater (x32 Version: 2.1.67.1 - Oracle, Inc.) Hidden
Java™ 6 Update 31 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86416031FF}) (Version: 6.0.310 - Oracle)
Java™ SE Development Kit 6 Update 31 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0160310}) (Version: 1.6.0.310 - Oracle)
Malwarebytes Anti-Malware version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Games for Windows - LIVE (HKLM-x32\...\{F112F66E-25CA-42DD-983C-6118EB38F606}) (Version: 3.0.89.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{2E660A2A-A55F-43CD-9F73-CAD7382EEB78}) (Version: 3.0.19.0 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-001B-0000-0000-0000000FF1CE}_WORD_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden
Microsoft Office Shared 64-bit MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word 2007 (HKLM-x32\...\WORD) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Word 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Security Client (Version: 4.6.0305.0 - Microsoft Corporation) Hidden
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.6.305.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{820B6609-4C97-3A2B-B644-573B06A0F0CC}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (x32 Version: 9.0.30729 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
Microsoft_VC80_ATL_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_ATL_x86_x64 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_CRT_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_CRT_x86_x64 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFC_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFC_x86_x64 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFCLOC_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFCLOC_x86_x64 (Version: 80.50727.4053 - Adobe) Hidden
Microsoft_VC90_ATL_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_ATL_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_CRT_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_CRT_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFC_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFC_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFCLOC_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFCLOC_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
Mozilla Firefox 9.0.1 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 9.0.1 (x86 en-US)) (Version: 9.0.1 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Naga Firmware Updater 1.13 (HKLM-x32\...\{5A336D74-E680-4986-96F4-E9CEBC784F56}) (Version: 1.13.01 - Razer)
NVIDIA 3D Vision Driver 340.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 340.52 - NVIDIA Corporation)
NVIDIA Control Panel 340.52 (Version: 340.52 - NVIDIA Corporation) Hidden
NVIDIA GeForce Experience 2.1.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1.1 - NVIDIA Corporation)
NVIDIA Graphics Driver 340.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 340.52 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.30.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.30.1 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.157.1165 - NVIDIA Corporation) Hidden
NVIDIA LED Visualizer 1.0 (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA Network Service (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA Optimus Update 15.3.33 (Version: 15.3.33 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.13.1220 - NVIDIA Corporation) Hidden
NVIDIA PhysX System Software 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)
NVIDIA ShadowPlay 15.3.33 (Version: 15.3.33 - NVIDIA Corporation) Hidden
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.12.6514 - NVIDIA Corporation) Hidden
NVIDIA Update 15.3.33 (Version: 15.3.33 - NVIDIA Corporation) Hidden
NVIDIA Update Core (Version: 15.3.33 - NVIDIA Corporation) Hidden
NVIDIA Virtual Audio 1.2.23 (Version: 1.2.23 - NVIDIA Corporation) Hidden
ooVoo (HKLM-x32\...\{FAA7F8FF-3C05-4A61-8F14-D8A6E9ED6623}) (Version: 3.6.5001 - ooVoo LLC.)
Origin (HKLM-x32\...\Origin) (Version: 9.4.7.2799 - Electronic Arts, Inc.)
PDF Settings CS5 (x32 Version: 10.0 - Adobe Systems Incorporated) Hidden
QuickTime 7 (HKLM-x32\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)
Razer Core (HKLM-x32\...\Razer Core) (Version: 1.0.1.66 - Razer Inc)
Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.1.7601.28099 - Realtek Semiconductor Corp.)
Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.0.32.0 - Renesas Electronics Corporation)
Renesas Electronics USB 3.0 Host Controller Driver (x32 Version: 2.0.32.0 - Renesas Electronics Corporation) Hidden
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
Rosetta Stone Version 3 (HKLM-x32\...\{99011A6E-5200-11DE-BDB8-7ACD56D89593}) (Version: 3.4.5.0 - Rosetta Stone Ltd.)
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.3.2300.0 - SAMSUNG Electronics Co., Ltd.)
SHIELD Streaming (Version: 3.1.100 - NVIDIA Corporation) Hidden
Skype Click to Call (HKLM-x32\...\{B6CF2967-C81E-40C0-9815-C05774FEF120}) (Version: 5.9.9216 - Skype Technologies S.A.)
Skype™ 6.11 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.)
Smite (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF017}) (Version: 1.0.2268.2 - Hi-Rez Studios)
Snagit 11 (HKLM-x32\...\{44BD21C2-9132-48DB-B65B-23817E4C6F4B}) (Version: 11.2.0 - TechSmith Corporation)
Sound Blaster X-Fi MB (HKLM-x32\...\{75CE8AF5-0A5E-4A42-BC67-F83591DA9A7D}) (Version: 1.0 - Creative Technology Limited)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.1.19.0 - Synaptics Incorporated)
System Requirements Lab for Intel (HKLM-x32\...\{1EBDF6D2-CEA0-484C-A23E-2DDAD7FD0DD0}) (Version: 4.5.22.0 - Husdawg, LLC)
Team Fortress 2 (HKLM-x32\...\Steam App 440) (Version:  - Valve)
TeamSpeak 3 Client (HKLM-x32\...\TeamSpeak 3 Client) (Version:  - TeamSpeak Systems GmbH)
The Weather Channel App (HKLM-x32\...\{167158CE-1637-4167-8A1C-C2549EEA966A}) (Version: 1.00.0000 - The Weather Channel)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-001B-0000-0000-0000000FF1CE}_WORD_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update for Microsoft Office 2007 Help for Common Features (KB963673) (HKLM-x32\...\{90120000-006E-0409-0000-0000000FF1CE}_WORD_{AB365889-0395-4FAD-B702-CA5985D53D42}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (HKLM-x32\...\{90120000-001B-0000-0000-0000000FF1CE}_WORD_{A024FC7B-77DE-45DE-A058-1C049A17BFB3}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-001B-0000-0000-0000000FF1CE}_WORD_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-002A-0000-1000-0000000FF1CE}_WORD_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (HKLM-x32\...\{90120000-001B-0000-0000-0000000FF1CE}_WORD_{E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}) (Version:  - Microsoft)
Update for Microsoft Office Script Editor Help (KB963671) (HKLM-x32\...\{90120000-006E-0409-0000-0000000FF1CE}_WORD_{CD11C6A2-FFC6-4271-8EAB-79C3582F505C}) (Version:  - Microsoft)
Update for Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0409-0000-0000000FF1CE}_WORD_{80E762AA-C921-4839-9D7D-DB62A72C0726}) (Version:  - Microsoft)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.1.5 - VideoLAN)
WinPatrol (HKLM\...\{84481A87-2316-4923-8FAB-3BA8CA29323D}) (Version: 30.5.2014.1 - BillP Studios)
World of Warcraft (HKLM-x32\...\World of Warcraft) (Version:  - Blizzard Entertainment)
Zipeg (HKCU\...\Zipeg) (Version: 2.9.3.1316 - http://zipeg.com)
 
==================== Custom CLSID (selected items): ==========================
 
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
 
 
==================== Restore Points  =========================
 
11-09-2014 17:27:57 Revo Uninstaller's restore point - Malwarebytes Anti-Malware version 2.0.2.1012
11-09-2014 17:56:56 Revo Uninstaller's restore point - Malwarebytes Anti-Malware version 2.0.2.1012
11-09-2014 18:06:49 Revo Uninstaller's restore point - Razer Synapse 2.0
14-09-2014 17:07:15 Windows Update
14-09-2014 17:25:21 Windows Update
15-09-2014 23:19:31 Revo Uninstaller's restore point - µTorrent
18-09-2014 01:56:58 Windows Update
 
==================== Hosts content: ==========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2009-07-13 22:34 - 2014-04-19 23:08 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1       localhost
 
==================== Scheduled Tasks (whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
 
Task: {0F94B938-BAEE-44A5-B6FB-6A2FBBD6EDA9} - System32\Tasks\Google Updater and Installer => C:\Users\Cristian\AppData\Local\Google\Update\GoogleUpdate.exe [2012-01-05] (Google Inc.)
Task: {1AF25842-6B7B-4AED-9A3F-D8D0ACDCDA06} - System32\Tasks\RealDownloaderRealUpgradeLogonTaskS-1-5-21-354275357-2975866954-2258388748-1002 => C:\Program Files (x86)\RealNetworks\RealDownloader\realupgrade.exe
Task: {3E0AA2E2-C7E8-4C1D-90E6-26A4536DA190} - System32\Tasks\Apple Diagnostics => C:\Program Files (x86)\Common Files\Apple\Internet Services\EReporter.exe [2013-11-20] (Apple Inc.)
Task: {415DF69F-EEB1-4F12-B9F8-0E9CE7A5FA23} - System32\Tasks\RealDownloaderDownloaderScheduledTaskS-1-5-21-354275357-2975866954-2258388748-1002 => C:\Program Files (x86)\RealNetworks\RealDownloader\recordingmanager.exe
Task: {42C3D3ED-843D-4054-B7DA-3CA6A791CF79} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-05-02] (Google Inc.)
Task: {486E94E7-B192-4309-8964-E381C2493047} - System32\Tasks\Razer_Game_Booster_AutoUpdate => C:\Program Files (x86)\Razer\Razer Game Booster\AutoUpdate.exe
Task: {68FF2F2A-997B-4843-8D9B-8C61EE9565E3} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-08-21] (Piriform Ltd)
Task: {7B378915-855F-46A4-BFF8-80A48D9C487F} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-354275357-2975866954-2258388748-1002Core => C:\Users\Cristian\AppData\Local\Google\Update\GoogleUpdate.exe [2012-01-05] (Google Inc.)
Task: {7E893B3C-D7E2-431B-932F-12023238523F} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2014-07-25] (Oracle Corporation)
Task: {80A89EA9-F2E9-4FF3-A32D-4C0D86307738} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {82651804-EEEE-4D8F-BB16-D11151983824} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-05-02] (Google Inc.)
Task: {A4D864B0-4E95-4103-9921-3BA12E46C3A7} - System32\Tasks\RealDownloaderRealUpgradeScheduledTaskS-1-5-21-354275357-2975866954-2258388748-1002 => C:\Program Files (x86)\RealNetworks\RealDownloader\realupgrade.exe
Task: {D99E1302-037E-45ED-9901-50DB3DFCB83A} - System32\Tasks\AdobeAAMUpdater-1.0-SexyPants-Cristian => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2011-03-15] (Adobe Systems Incorporated)
Task: {D9A5AF7F-9695-4FCC-99E4-2F52CDE0B74A} - System32\Tasks\HPCustParticipation HP Officejet 6500 E710n-z => C:\Program Files\HP\HP Officejet 6500 E710n-z\Bin\HPCustPartic.exe [2012-10-17] (Hewlett-Packard Co.)
Task: {E5AA9BD5-0BF0-4978-8D50-CB419E806DFF} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-354275357-2975866954-2258388748-1002UA => C:\Users\Cristian\AppData\Local\Google\Update\GoogleUpdate.exe [2012-01-05] (Google Inc.)
Task: {F0240E36-CAC0-476F-B6B9-8CAA33CAB5C8} - System32\Tasks\Adobe online update program => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-12-21] (Adobe Systems Incorporated)
Task: {F1E9F17D-79B9-4B77-9E08-A0237AC34707} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-09-16] (Adobe Systems Incorporated)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-354275357-2975866954-2258388748-1002Core.job => C:\Users\Cristian\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-354275357-2975866954-2258388748-1002UA.job => C:\Users\Cristian\AppData\Local\Google\Update\GoogleUpdate.exe
 
==================== Loaded Modules (whitelisted) =============
 
2011-10-06 02:31 - 2011-05-03 22:33 - 00094208 _____ () C:\WINDOWS\System32\IccLibDll_x64.dll
2014-04-14 15:41 - 2014-04-14 15:41 - 00039192 ____C () C:\Program Files\CCleaner\branding.dll
2014-06-01 20:45 - 2014-06-01 20:45 - 00075136 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2014-06-01 20:45 - 2014-06-01 20:45 - 00189248 _____ () C:\Windows\SysWOW64\PnkBstrB.exe
2011-10-06 01:17 - 2011-10-06 01:20 - 00085944 _____ () C:\Windows\Microsoft.Net\assembly\GAC_MSIL\AlienLabsTools\v4.0_2.6.8.0__bebb3c8816410241\AlienLabsTools.dll
2011-10-06 01:20 - 2011-10-06 01:20 - 00037840 _____ () C:\Windows\Microsoft.Net\assembly\GAC_MSIL\Alienlabs.CommandCenter.Tools\v4.0_2.6.8.0__bebb3c8816410241\Alienlabs.CommandCenter.Tools.dll
2014-01-20 14:17 - 2014-01-20 14:17 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-01-20 14:16 - 2014-01-20 14:16 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2012-04-13 10:18 - 2014-07-02 16:48 - 00013272 _____ () C:\Program Files (x86)\NVIDIA Corporation\CoProcManager\detoured.dll
2014-09-09 17:03 - 2014-09-03 23:01 - 08577864 _____ () C:\Users\Cristian\AppData\Local\Google\Chrome\Application\37.0.2062.120\pdf.dll
2014-09-09 17:03 - 2014-09-03 23:01 - 00331592 _____ () C:\Users\Cristian\AppData\Local\Google\Chrome\Application\37.0.2062.120\ppGoogleNaClPluginChrome.dll
2014-09-09 17:03 - 2014-09-03 23:01 - 01660232 _____ () C:\Users\Cristian\AppData\Local\Google\Chrome\Application\37.0.2062.120\ffmpegsumo.dll
2014-09-12 20:19 - 2014-09-12 20:19 - 26065408 ____C () C:\Program Files (x86)\Battle.net\Battle.net.5011\libcef.dll
2014-09-12 20:19 - 2014-09-12 20:19 - 00739840 ____C () C:\Program Files (x86)\Battle.net\Battle.net.5011\libglesv2.dll
2014-09-12 20:19 - 2014-09-12 20:19 - 00130048 ____C () C:\Program Files (x86)\Battle.net\Battle.net.5011\libegl.dll
2014-09-09 17:03 - 2014-09-03 23:01 - 01098056 _____ () C:\Users\Cristian\AppData\Local\Google\Chrome\Application\37.0.2062.120\libglesv2.dll
2014-09-09 17:03 - 2014-09-03 23:01 - 00174408 _____ () C:\Users\Cristian\AppData\Local\Google\Chrome\Application\37.0.2062.120\libegl.dll
 
==================== Alternate Data Streams (whitelisted) =========
 
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
 
 
==================== Safe Mode (whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
 
==================== EXE Association (whitelisted) =============
 
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
 
 
==================== MSCONFIG/TASK MANAGER disabled items =========
 
(Currently there is no automatic fix for this section.)
 
MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3
MSCONFIG\Services: AlienFusionService => 2
MSCONFIG\Services: Apple Mobile Device => 2
MSCONFIG\Services: Bonjour Service => 2
MSCONFIG\Services: BRSptSvc => 3
MSCONFIG\Services: FLEXnet Licensing Service => 3
MSCONFIG\Services: iPod Service => 3
MSCONFIG\Services: MBAMScheduler => 2
MSCONFIG\Services: MBAMService => 2
MSCONFIG\Services: SkypeUpdate => 2
MSCONFIG\Services: Steam Client Service => 3
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: AdobeCS5.5ServiceManager => "C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" -launchedbylogin
MSCONFIG\startupreg: ApnTBMon => "C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe"
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: AVG_UI => "C:\Program Files (x86)\AVG\AVG2013\avgui.exe" /TRAYONLY
MSCONFIG\startupreg: CTMasterOnOffMonitor => Rundll32.exe CTMWatch.dll StartCTMasterOnOffWatch
MSCONFIG\startupreg: DAEMON Tools Pro Agent => "C:\Program Files (x86)\DAEMON Tools Pro\DTAgent.exe" -autorun
MSCONFIG\startupreg: Desktop Disc Tool => "C:\Program Files (x86)\Roxio\OEM\Roxio Burn\RoxioBurnLauncher.exe"
MSCONFIG\startupreg: HP Software Update => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
MSCONFIG\startupreg: Integrated Webcam Live! Central => "C:\Program Files (x86)\Integrated Webcam\Live! Central\WebcamInt.exe" /mode2
MSCONFIG\startupreg: NvBackend => "C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
MSCONFIG\startupreg: Nvtmru => "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe"  -f "C:\ProgramData\NVIDIA\Updatus\NvTmru\nvtmru.dat"
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: RoxWatchTray => "C:\Program Files (x86)\Common Files\Roxio Shared\OEM\12.0\SharedCOM\RoxWatchTray12OEM.exe"
MSCONFIG\startupreg: RunDLLEntry => C:\Windows\system32\RunDLL32.exe C:\Windows\system32\AmbRunE.dll,RunDLLEntry
MSCONFIG\startupreg: ShadowPlay => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
MSCONFIG\startupreg: Steam => "C:\Users\Cristian\Steam\Steam.exe" -silent
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: SwitchBoard => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
MSCONFIG\startupreg: VNT => C:\Program Files (x86)\VNT\vntldr.exe
 
==================== Faulty Device Manager Devices =============
 
Name: 
Description: 
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (09/19/2014 11:34:02 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
 
Error: (09/19/2014 05:13:28 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
 
Error: (09/19/2014 05:13:20 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
 
Error: (09/19/2014 03:55:59 AM) (Source: SideBySide) (EventID: 80) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
 
Error: (09/18/2014 08:02:16 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
 
Error: (09/18/2014 08:02:13 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
 
Error: (09/18/2014 08:02:13 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
 
Error: (09/18/2014 08:01:18 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
 
Error: (09/18/2014 07:51:59 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
 
Error: (09/18/2014 07:51:56 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
 
 
System errors:
=============
Error: (09/19/2014 11:35:27 PM) (Source: Ntfs) (EventID: 55) (User: )
Description: The file system structure on the disk is corrupt and unusable.
Please run the chkdsk utility on the volume OS.
 
Error: (09/19/2014 11:34:06 PM) (Source: Ntfs) (EventID: 55) (User: )
Description: The file system structure on the disk is corrupt and unusable.
Please run the chkdsk utility on the volume OS.
 
Error: (09/19/2014 10:52:48 PM) (Source: Ntfs) (EventID: 55) (User: )
Description: The file system structure on the disk is corrupt and unusable.
Please run the chkdsk utility on the volume OS.
 
Error: (09/19/2014 10:34:05 PM) (Source: Ntfs) (EventID: 55) (User: )
Description: The file system structure on the disk is corrupt and unusable.
Please run the chkdsk utility on the volume OS.
 
Error: (09/19/2014 10:24:35 PM) (Source: Ntfs) (EventID: 55) (User: )
Description: The file system structure on the disk is corrupt and unusable.
Please run the chkdsk utility on the volume OS.
 
Error: (09/19/2014 10:24:35 PM) (Source: Ntfs) (EventID: 55) (User: )
Description: The file system structure on the disk is corrupt and unusable.
Please run the chkdsk utility on the volume C:.
 
Error: (09/19/2014 10:24:35 PM) (Source: Ntfs) (EventID: 55) (User: )
Description: The file system structure on the disk is corrupt and unusable.
Please run the chkdsk utility on the volume OS.
 
Error: (09/19/2014 10:24:35 PM) (Source: Ntfs) (EventID: 55) (User: )
Description: The file system structure on the disk is corrupt and unusable.
Please run the chkdsk utility on the volume C:.
 
Error: (09/19/2014 10:24:35 PM) (Source: Ntfs) (EventID: 55) (User: )
Description: The file system structure on the disk is corrupt and unusable.
Please run the chkdsk utility on the volume OS.
 
Error: (09/19/2014 10:24:35 PM) (Source: Ntfs) (EventID: 55) (User: )
Description: The file system structure on the disk is corrupt and unusable.
Please run the chkdsk utility on the volume C:.
 
 
Microsoft Office Sessions:
=========================
 
CodeIntegrity Errors:
===================================
  Date: 2014-05-25 12:21:29.250
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\WINDOWS\System32\drivers\nusb3xhc.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2014-05-25 12:21:29.141
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\WINDOWS\System32\drivers\nusb3xhc.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2014-04-20 10:39:30.066
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2014-04-20 10:39:29.996
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2014-04-20 10:39:29.925
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2014-04-20 10:39:29.855
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2014-04-19 23:08:25.976
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2014-04-19 23:08:25.911
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2014-04-19 23:08:25.844
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2014-04-19 23:08:25.778
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
 
==================== Memory info =========================== 
 
Processor: Intel® Core™ i7-2670QM CPU @ 2.20GHz
Percentage of memory in use: 57%
Total physical RAM: 8139.86 MB
Available physical RAM: 3446.04 MB
Total Pagefile: 16277.9 MB
Available Pagefile: 11634.86 MB
Total Virtual: 8192 MB
Available Virtual: 8191.85 MB
 
==================== Drives ================================
 
Drive c: (OS) (Fixed) (Total:445.99 GB) (Free:135.44 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 465.8 GB) (Disk ID: 0C2C8A01)
Partition 1: (Not Active) - (Size=39 MB) - (Type=DE)
Partition 2: (Active) - (Size=19.7 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=446 GB) - (Type=07 NTFS)
 
==================== End Of Log ============================


#12 aharonov

aharonov

  • Malware Response Team
  • 2,441 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:04:53 PM

Posted 20 September 2014 - 06:31 AM

A few remnants only. How is your computer running? Does the initial problem still exist?


Please download this attached Attached File  fixlist.txt   219bytes   1 downloads and save it in the same directory as FRST.
  • Start FRST with Administrator privileges.
  • Press the Fix button.
  • When finished, a log file (Fixlog.txt) pops up and is saved to the same location the tool was run from.
    Please copy and paste its contents in your next reply.


#13 CBermudez0415

CBermudez0415
  • Topic Starter

  • Members
  • 55 posts
  • OFFLINE
  •  
  • Local time:10:53 AM

Posted 20 September 2014 - 07:51 PM

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 12-09-2014
Ran by Cristian at 2014-09-20 20:46:21 Run:4
Running from C:\Users\Cristian\Downloads
Boot Mode: Normal
==============================================
 
Content of fixlist:
*****************
CloseProcesses:
C:\Users\Cristian\AppData\Local\Apple\oydvmumfvp.dll
C:\Users\Cristian\AppData\Local\Temp\kxrcezm.dll
C:\Users\Cristian\AppData\Local\Temp\ocutlkm.dll
C:\Users\Cristian\AppData\Local\Temp\rwklffc.dll
*****************
 
Processes closed successfully.
C:\Users\Cristian\AppData\Local\Apple\oydvmumfvp.dll => Moved successfully.
C:\Users\Cristian\AppData\Local\Temp\kxrcezm.dll => Moved successfully.
C:\Users\Cristian\AppData\Local\Temp\ocutlkm.dll => Moved successfully.
C:\Users\Cristian\AppData\Local\Temp\rwklffc.dll => Moved successfully.
 
 
The system needed a reboot. 
 
==== End of Fixlog ====

It seems fine now, the popups stopped and my computer seems a lot faster



#14 aharonov

aharonov

  • Malware Response Team
  • 2,441 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:04:53 PM

Posted 21 September 2014 - 10:44 AM

That's it! Your logs look clean to me at the moment.
We're gonna clean up everything now, close security holes on your computer and in the end I'll provide you with a list of security tips so you hopefully will not need our help anymore in the future.


My help is free for everybody.
If you want to support me fighting against malware or buy me a beer for the assistance you received, then you can consider a donation: btn_donate_SM.gif.
Thank you!



Clean Up

Now we remove all the tools we used (including their logs and quarantine folders), restore your settings and delete old and infected system restorepoints:
  • You can uninstall programs that you had to install (e.g. MBAM or ESET Onlinescanner) in the control panel if you so wish.
  • Download DelFix (by Xplode) and save it to your Desktop.
    • Close all running programs and start delfix.exe.
    • Make sure that all available options are checked.
    • Click on Run
    • DelFix should remove all our tools and delete itself afterwards. I don't need the log file.
  • If there is still something left you can delete it manually.


Closing security holes

Many infections happen via drive-by downloads that run unnoticed in the background while the user visits an infected website. To achieve this malware exploits security holes in installed software (e.g. browser or its plugins). Older versions of such software often have lots of known exploitable holes. Therefore it's very important to always keep your software up-to-date.
The following software is outdated. Make sure you remove all old versions and install the current one instead if you need the program:

Adobe Flash Player 13 Plugin
Java™ 6 Update 31 (64-bit)




Tips

I recommend to read and follow the "16 simple and easy ways to keep your computer safe and secure on the Internet" (Link) by Lawrence Abrams.

#15 aharonov

aharonov

  • Malware Response Team
  • 2,441 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:04:53 PM

Posted 29 September 2014 - 09:21 AM

It appears that this issue is resolved, therefore I am closing the topic. If that is not the case and you need or wish to continue with this topic, please send me or any Moderator a Personal Message (PM) that you would like this topic re-opened.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users