Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Google chrome virus.


  • This topic is locked This topic is locked
6 replies to this topic

#1 Fexhie

Fexhie

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:11:21 AM

Posted 31 October 2014 - 11:38 PM

So I am not very computer savvy and have no idea what to do with this virus,  My anti-virus did not work on it, and deleting infected folders while in safe mode just causes the it to move somewhere else.  It always associates itself with chrome no matter what it actually calls itself.  I saw other posts with the same virus/problem and it looked like all the fixes were designed for those specific users so I have not attempted to fix it based on those posts.  This is a personal pc that I use for work when I am at home.



BC AdBot (Login to Remove)

 


m

#2 Fexhie

Fexhie
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:11:21 AM

Posted 01 November 2014 - 05:14 AM

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 30-10-2014 01
Ran by Eli at 2014-11-01 05:10:12
Running from C:\Users\Eli\Downloads
Boot Mode: Normal
==========================================================
 
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Emsisoft Anti-Malware (Enabled - Up to date) {8504DEEF-CC04-1F76-2137-F1A5F4A659DA}
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Emsisoft Anti-Malware (Enabled - Up to date) {3E653F0B-EA3E-10F8-1B87-CAD78F211367}
 
==================== Installed Programs ======================
 
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
@BIOS (HKLM-x32\...\{B2DC3F08-2EB2-49A5-AA24-15DFC8B1CB83}) (Version: 2.23 - GIGABYTE)
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
7-Zip 9.22beta (HKLM-x32\...\7-Zip) (Version:  - )
AC3Filter 1.63b (HKLM-x32\...\AC3Filter_is1) (Version: 1.63b - Alexander Vigovsky)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.5.0.600 - Adobe Systems Incorporated)
Adobe Flash Player 15 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 15.0.0.167 - Adobe Systems Incorporated)
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.152 - Adobe Systems Incorporated)
Adobe Reader X (10.1.1) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AA1000000001}) (Version: 10.1.1 - Adobe Systems Incorporated)
Alice: Madness Returns (HKLM-x32\...\Steam App 19680) (Version:  - Spicy Horse Games)
Amazon Kindle (HKCU\...\Amazon Kindle) (Version:  - Amazon)
AMD Catalyst Install Manager (HKLM\...\{120EC191-78F8-CA89-3511-7E90C23F5261}) (Version: 8.0.881.0 - Advanced Micro Devices, Inc.)
Audio Tuner (remove only) (HKLM-x32\...\Audio Tuner) (Version:  - )
Back to the Future The Game - Episode 1 (HKLM-x32\...\Episode 1) (Version: 1.0.0.0 - Telltale Games)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
BioShock 2 (x32 Version: 1.0.0005.131 - Take-Two Interactive Software) Hidden
BitRaider Web Client (HKLM-x32\...\BitRaider Web Client) (Version: 1.1.3.1 - BitRaider, LLC)
BitTorrent (HKCU\...\BitTorrent) (Version: 7.9.0.30659 - BitTorrent Inc.)
Borderlands The Pre-Sequel, âåðñèÿ 1.0.0.0 (HKLM-x32\...\Borderlands The Pre-Sequel_is1) (Version: 1.0.0.0 - RePack by SEYTER)
Broken Age (HKLM-x32\...\QnJva2VuQWdl_is1) (Version: 1 - )
calibre (HKLM-x32\...\{B652DD9C-F162-4B40-B38F-A1D0F866CAFA}) (Version: 0.9.41 - Kovid Goyal)
CCleaner (HKLM\...\CCleaner) (Version: 4.13 - Piriform)
CDisplay 1.8 (HKLM-x32\...\CDisplay_is1) (Version:  - dvd8n)
Comical 0.8 (HKLM-x32\...\Comical_is1) (Version:  - James Athey)
Core Temp 1.0 RC3 (HKLM\...\{086D343F-8E78-4AFC-81AC-D6D414AFD8AC}_is1) (Version: 1.0 - Alcpu)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.46.1.0328 - DT Soft Ltd)
Dark Souls 2 (HKLM-x32\...\RGFya1NvdWxzMg==_is1) (Version: 1 - )
Deadly Premonition: The Director's Cut (HKLM-x32\...\Deadly Premonition: The Director's Cut_is1) (Version:  - Rising Star Games)
Deponia (HKLM-x32\...\Steam App 214340) (Version:  - Daedalic Entertainment)
Diablo III (HKLM-x32\...\Diablo III) (Version:  - Blizzard Entertainment)
DivX Setup (HKLM-x32\...\DivX Setup) (Version: 2.6.1.90 - DivX, LLC)
DMC Devi May Cry © Capcom version 1 (HKLM-x32\...\DMC Devi May Cry © Capcom_is1) (Version: 1 - )
Dragon Age 2 (HKLM-x32\...\{94C4C4F4-56FB-4032-908D-826220CBB97F}_is1) (Version: 1.04 - Bioware)
Driver Fusion (HKLM-x32\...\Steam App 233570) (Version:  - )
DVD Power Burner (HKLM-x32\...\InstallShield_{22B63674-C542-4CE0-8016-A1FE3C919B82}) (Version: 2.7.1.13 - TradeTouch)
DVD Power Burner (x32 Version: 2.7.1.13 - TradeTouch) Hidden
Edge of Space (HKLM-x32\...\Steam App 238240) (Version:  - Handyman Studios)
Emsisoft Anti-Malware (HKLM-x32\...\{BC30E5E7-047D-4232-A7E8-F2CB7CC7B2E0}_is1) (Version: 6.0 - Emsi Software GmbH)
Etron USB3.0 Host Controller (HKLM-x32\...\InstallShield_{DFBB738C-71D8-4DC5-B8D2-D65C37680E27}) (Version: 0.104 - Etron Technology)
Etron USB3.0 Host Controller (x32 Version: 0.104 - Etron Technology) Hidden
Final Fantasy III (HKLM-x32\...\RmluYWxGYW50YXN5SUlJ_is1) (Version: 1 - )
FINAL FANTASY XIV - A Realm Reborn (HKLM-x32\...\{2B41E132-07DF-4925-A3D3-F2D1765CCDFE}) (Version: 1.0.0000 - SQUARE ENIX CO., LTD.)
gamelauncher-code4344-beta (HKCU\...\SOE-C:/Users/Public/Sony Online Entertainment/Installed Games/PlanetSide 2 Beta) (Version:  - Sony Online Entertainment)
gamelauncher-wiz-live (HKCU\...\SOE-C:/Users/Public/Sony Online Entertainment/Installed Games/Wizardry Online) (Version:  - Sony Online Entertainment)
Gauntlet (HKLM-x32\...\Gauntlet_is1) (Version: 1.0 - Релиз от R.G. Steamgames)
Google Chrome (HKCU\...\Google Chrome) (Version: 38.0.2125.111 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.5 - Google Inc.) Hidden
GunZ 2: The Second Duel (HKLM-x32\...\Steam App 242720) (Version:  - MAIET Entertainment)
ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.7.0 - LIGHTNING UK!)
Java 7 Update 71 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217071FF}) (Version: 7.0.710 - Oracle)
JavaFX 2.1.1 (HKLM-x32\...\{1111706F-666A-4037-7777-211328764D10}) (Version: 2.1.1 - Oracle Corporation)
Landmark Beta (HKCU\...\SOE-Landmark Beta) (Version: 1.0.3.183 - Sony Online Entertainment)
Legend of Dungeon (HKLM-x32\...\Steam App 238280) (Version:  - )
Mark of the Ninja (HKLM-x32\...\Steam App 214560) (Version:  - Klei Entertainment)
Marvel Puzzle Quest: Dark Reign (HKLM-x32\...\Steam App 234330) (Version:  - )
Mass Effect 3 (HKLM-x32\...\{CA46EF60-44A0-4BD5-9D97-E6CBB10FDA9A}_is1) (Version:  - )
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}) (Version: 3.5.92.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.20913.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{887868A2-D6DE-3255-AA92-AA0B5A59B874}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 3.1 (HKLM-x32\...\{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}) (Version: 3.1.10527.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Middle Earth Shadow of Mordor (HKLM-x32\...\Middle Earth Shadow of Mordor_is1) (Version:  - )
MotioninJoy ds3 driver version 0.5.0002 (HKLM\...\{330DAC67-5B62-452A-A0E4-6B4A5923940F}_is1) (Version: 0.5.0002 - www.motioninjoy.com)
Mozilla Firefox 33.0.2 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 33.0.2 (x86 en-US)) (Version: 33.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0 - Mozilla)
Mozilla Thunderbird 12.0.1 (x86 en-US) (HKLM-x32\...\Mozilla Thunderbird 12.0.1 (x86 en-US)) (Version: 12.0.1 - Mozilla)
MSI Afterburner 2.3.1 (HKLM-x32\...\Afterburner) (Version: 2.3.1 - MSI Co., LTD)
Mumble 1.2.5 (HKLM-x32\...\{C7BC557D-8C8B-4F5F-83AB-D20C58CF4575}) (Version: 1.2.5 - Thorvald Natvig)
Nexon Game Manager (HKLM-x32\...\{EA2DB6E0-72C5-4ef9-A3A0-E6705F4A6A9E}) (Version:  - )
Nihilumbra (HKLM-x32\...\Steam App 252670) (Version:  - Beautifun Games)
NVIDIA 3D Vision Controller Driver 340.50 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 340.50 - NVIDIA Corporation)
NVIDIA 3D Vision Driver 340.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 340.52 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.1.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1.1 - NVIDIA Corporation)
NVIDIA Graphics Driver 340.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 340.52 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.30.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.30.1 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)
ON_OFF Charge B11.0110.1 (HKLM-x32\...\{3DECD372-76A1-4483-BF10-B547790A3261}) (Version: 1.00.0001 - GIGABYTE)
Online Armor 5.5 (HKLM-x32\...\OnlineArmor_is1) (Version: 5.5 - Emsi Software GmbH)
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
Pando Media Booster (HKLM-x32\...\{980A182F-E0A2-4A40-94C1-AE0C1235902E}) (Version: 2.6.0.8 - Pando Networks Inc.)
PHANTASY STAR ONLINE 2 (HKLM-x32\...\http://pso2.jp/appid/release_is1) (Version:  - SEGA)
Poker Night 2 (HKLM-x32\...\Steam App 234710) (Version:  - )
PokerStars.net (HKLM-x32\...\PokerStars.net) (Version:  - PokerStars.net)
Portal 2 (HKLM-x32\...\Postal 2_is1) (Version:  - )
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.991 - Even Balance, Inc.)
RaidCall (HKLM-x32\...\RaidCall) (Version: 7.2.4-1.0.7299.14 - raidcall.com)
RealNetworks - Microsoft Visual C++ 2008 Runtime (x32 Version: 9.0 - RealNetworks, Inc) Hidden
RealPlayer (HKLM-x32\...\RealPlayer 15.0) (Version:  - RealNetworks)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.38.113.2011 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6662 - Realtek Semiconductor Corp.)
RealUpgrade 1.1 (x32 Version: 1.1.0 - RealNetworks, Inc.) Hidden
Rosetta Stone Version 3 (HKLM-x32\...\{80F7CA44-F3A5-4853-8BA6-DDF57CD4F078}) (Version: 3.4.7.0 - Rosetta Stone Ltd.)
Science Girls (HKLM-x32\...\Steam App 269010) (Version:  - Spiky Caterpillar)
Shadowgate (HKLM-x32\...\Shadowgate_is1) (Version:  - Reverb Triple XP)
Shadowrun Returns (HKLM-x32\...\Steam App 234650) (Version:  - Harebrained Schemes)
SHIELD Streaming (Version: 3.1.100 - NVIDIA Corporation) Hidden
Sid Meiers Civilization Beyond Earth (HKLM-x32\...\U2lkTWVpZXJzQ2l2aWxpemF0aW9uQmV5b25kRWFydGg=_is1) (Version: 1 - )
SiSoftware Sandra Lite 2012.SP2 (HKLM\...\{C3113E55-7BCB-4de3-8EBF-60E6CE6B2396}_is1) (Version: 18.30.2012.2 - SiSoftware)
Sleeping Dogs (HKLM-x32\...\{BE7143AF-A62A-44A6-9814-BEA66E811E7F}_is1) (Version:  - )
Star Wars: The Old Republic (HKLM-x32\...\{3B11D799-48E0-48ED-BFD7-EA655676D8BB}) (Version: 1.00 - Electronic Arts, Inc.)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
Sword of the Stars: The Pit (HKLM-x32\...\Steam App 233700) (Version:  - Kerberos Productions)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.11.1 - TeamSpeak Systems GmbH)
The Bureau: XCOM Declassified (HKLM-x32\...\VGhlQnVyZWF1WENPTURlY2xhc3NpZmllZA==_is1) (Version: 1 - )
The Secret World (HKLM-x32\...\The Secret World_is1) (Version: 1.0.0 - Funcom)
The Witcher 2: Bonus Content (HKLM-x32\...\Steam App 20930) (Version:  - )
Tropico 4 (HKLM-x32\...\Steam App 57690) (Version:  - )
Tropico 4 1.00 (HKCU\...\Tropico 4) (Version: 1.00 - Kalypso Media)
Tropico 5 (HKLM-x32\...\Tropico 5_is1) (Version:  - )
TSEV Skyrim LE (HKLM-x32\...\TSEV Skyrim LE_is1) (Version: 2.0.0.0 - )
Ubisoft Game Launcher (HKLM-x32\...\{888F1505-C2B3-4FDE-835D-36353EBD4754}) (Version: 1.0.0.0 - UBISOFT)
Uninstall TrianglePlayer (HKLM-x32\...\TrianglePlayer_is1) (Version: 2012 - Fuzhou Zhuo Yue Wu Xian Software Development Company Limited)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
Ventrilo Client for Windows x64 (HKLM\...\{EEB3F6BB-318D-4CE5-989F-8191FCBFB578}) (Version: 3.0.8.0 - Flagship Industries, Inc.)
VLC media player 1.1.11 (HKLM-x32\...\VLC media player) (Version: 1.1.11 - VideoLAN)
Wasteland 2 (HKLM-x32\...\1207665783_is1) (Version: 2.0.0.8 - GOG.com)
WEBZEN Browser Extension (HKLM-x32\...\{95723791-2C44-454B-9220-C65D47D70E9C}) (Version: 1.01.020 - WEBZEN)
WildStar (HKLM-x32\...\WildStar) (Version:  - NCSOFT)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3538.0513 - Microsoft Corporation)
WinRAR 4.01 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 4.01.0 - win.rar GmbH)
x64 Components v3.7.1 (HKLM\...\x64 Components_is1) (Version: 3.7.1 - Shark007)
XCOM: Enemy Unknown - Update 1 (HKLM-x32\...\XCOM: Enemy Unknown_is1) (Version:  - )
Xiph.Org Open Codecs 0.85.17777 (HKLM-x32\...\Open Codecs) (Version: 0.85.17777 - Xiph.Org)
 
==================== Custom CLSID (selected items): ==========================
 
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
 
CustomCLSID: HKU\S-1-5-21-1157633437-3435439162-184462557-1000_Classes\CLSID\{0F22A205-CFB0-4679-8499-A6F44A80A208}\InprocServer32 -> C:\Users\Eli\AppData\Local\Google\Update\1.3.25.5\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1157633437-3435439162-184462557-1000_Classes\CLSID\{90B3DFBF-AF6A-4EA0-8899-F332194690F8}\InprocServer32 -> C:\Users\Eli\AppData\Local\Google\Update\1.3.24.15\psuser_64.dll No File
CustomCLSID: HKU\S-1-5-21-1157633437-3435439162-184462557-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Eli\AppData\Local\Google\Update\1.3.25.5\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1157633437-3435439162-184462557-1000_Classes\CLSID\{fbf7e94d-7910-4d27-bf14-da0b1b4cf66a}\InprocServer32 -> C:\Windows\system32\dfshim.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1157633437-3435439162-184462557-1000_Classes\CLSID\{FE498BAB-CB4C-4F88-AC3F-3641AAAF5E9E}\InprocServer32 -> C:\Users\Eli\AppData\Local\Google\Update\1.3.24.7\psuser_64.dll No File
 
==================== Restore Points  =========================
 
 
==================== Hosts content: ==========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2009-07-13 21:34 - 2009-06-10 16:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
 
==================== Scheduled Tasks (whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
 
Task: {0617E1C1-6408-434C-8C40-ABB36E62D9E3} - System32\Tasks\ReclaimerUpdateXML_Eli => C:\Users\Eli\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\11.02\agent\rnupgagent.exe [2014-09-12] (RealNetworks, Inc.)
Task: {2165BE62-29AB-4B1D-9122-E1D51242DF71} - System32\Tasks\ErrorEND => C:\Program Files\ErrorEND\ERROREND.exe <==== ATTENTION
Task: {367FEA39-6737-45AA-9843-96718C45384B} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-20] (Google Inc.)
Task: {62197DEF-94FC-418E-A324-ED2A1ECD61FC} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1157633437-3435439162-184462557-1000Core => C:\Users\Eli\AppData\Local\Google\Update\GoogleUpdate.exe [2014-10-24] (Google Inc.)
Task: {6A4E2683-5672-49CA-A5D6-35215F32D353} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-20] (Google Inc.)
Task: {6F1E138E-709D-4415-BB4B-A20157C6FE55} - System32\Tasks\ReclaimerUpdateFiles_Eli => C:\Users\Eli\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\11.02\agent\rnupgagent.exe [2014-09-12] (RealNetworks, Inc.)
Task: {7DFA6770-38CD-4111-922C-FF93A6CBBD73} - System32\Tasks\SymInstallStub => C:\ProgramData\DivX\Symantec\SymInstallStub.exe
Task: {B8200421-153B-461D-954E-42A7E0A87887} - System32\Tasks\RealUpgradeScheduledTaskS-1-5-21-1157633437-3435439162-184462557-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2012-01-30] (RealNetworks, Inc.)
Task: {BB493B32-A12A-4DE8-B81C-422F042AB3B2} - System32\Tasks\RealUpgradeLogonTaskS-1-5-21-1157633437-3435439162-184462557-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe [2012-01-30] (RealNetworks, Inc.)
Task: {C863FC4F-A340-4754-BE70-07749D71FFEB} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-09-23] (Adobe Systems Incorporated)
Task: {D8FB1940-F104-4773-B5B9-2EB048080595} - System32\Tasks\RNUpgradeHelperLogonPrompt_Eli => C:\Users\Eli\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\11.02\agent\rnupgagent.exe [2014-09-12] (RealNetworks, Inc.)
Task: {EDAED83E-3847-4264-B3C3-9765E3C08CD9} - System32\Tasks\{BA6F6AF5-00D7-484A-B545-81780DB780A6} => C:\Program Files (x86)\RIFT Game\riftpatchlive.exe
Task: {F36DBB83-5788-4460-984B-FEEB14077B3B} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1157633437-3435439162-184462557-1000UA => C:\Users\Eli\AppData\Local\Google\Update\GoogleUpdate.exe [2014-10-24] (Google Inc.)
Task: {F955E2AC-22E5-4E72-8809-47E3ECD1C20E} - System32\Tasks\RNUpgradeHelperResumePrompt_Eli => C:\Users\Eli\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\11.02\agent\rnupgagent.exe [2014-09-12] (RealNetworks, Inc.)
Task: {FCBE0DF9-1ECF-4933-873A-D007979F9113} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-04-17] (Piriform Ltd)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\ErrorEND.job => C:\Program Files\ErrorEND\ErrorEND.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1157633437-3435439162-184462557-1000Core.job => C:\Users\Eli\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1157633437-3435439162-184462557-1000UA.job => C:\Users\Eli\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\ReclaimerUpdateFiles_Eli.job => C:\Users\Eli\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\11.02\agent\rnupgagent.exe
Task: C:\Windows\Tasks\ReclaimerUpdateXML_Eli.job => C:\Users\Eli\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\11.02\agent\rnupgagent.exe
Task: C:\Windows\Tasks\RNUpgradeHelperLogonPrompt_Eli.job => C:\Users\Eli\AppData\Roaming\Real\Update\UpgradeHelper\RealPlayer\11.02\agent\rnupgagent.exe
Task: C:\Windows\Tasks\SymInstallStub.job => C:\ProgramData\DivX\Symantec\SymInstallStub.exe
 
==================== Loaded Modules (whitelisted) =============
 
2011-10-30 05:13 - 2014-07-02 13:55 - 00116568 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2012-08-06 12:24 - 2012-08-06 12:24 - 00212480 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.PerformanceTuning.dll
2012-03-05 16:03 - 2012-03-05 16:03 - 00677376 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Device.dll
2012-02-16 14:53 - 2012-02-16 14:53 - 03642880 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Platform.dll
2011-10-31 18:58 - 2011-05-28 22:05 - 00164864 _____ () C:\Program Files (x86)\WinRAR\rarext64.dll
2011-12-07 14:59 - 2011-12-07 14:59 - 00075136 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2011-12-02 19:34 - 2012-10-24 18:33 - 03093624 _____ () C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
2013-11-14 19:48 - 2013-11-14 19:48 - 01861968 _____ () C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
2014-10-30 20:34 - 2014-10-30 20:22 - 00286720 _____ () C:\Users\Eli\AppData\Local\FLT\Ppkxyjjdpv.dll
2013-11-14 19:49 - 2013-11-14 19:49 - 00100688 _____ () C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll
2014-10-28 00:58 - 2014-10-21 23:04 - 01042760 _____ () C:\Users\Eli\AppData\Local\Google\Chrome\Application\38.0.2125.111\libglesv2.dll
2014-10-28 00:58 - 2014-10-21 23:04 - 00211272 _____ () C:\Users\Eli\AppData\Local\Google\Chrome\Application\38.0.2125.111\libegl.dll
2014-10-28 00:58 - 2014-10-21 23:04 - 08910664 _____ () C:\Users\Eli\AppData\Local\Google\Chrome\Application\38.0.2125.111\pdf.dll
2014-10-28 00:58 - 2014-10-21 23:04 - 01681224 _____ () C:\Users\Eli\AppData\Local\Google\Chrome\Application\38.0.2125.111\ffmpegsumo.dll
2014-10-28 00:58 - 2014-10-21 23:05 - 14902600 _____ () C:\Users\Eli\AppData\Local\Google\Chrome\Application\38.0.2125.111\PepperFlash\pepflashplayer.dll
2014-11-01 05:03 - 2014-11-01 05:03 - 00718152 _____ () C:\Users\Eli\AppData\LocalLow\Sun\byedavhiup\Voymjxvgoam\36.0.1985.143\libglesv2.dll
2014-11-01 05:03 - 2014-11-01 05:03 - 00126280 _____ () C:\Users\Eli\AppData\LocalLow\Sun\byedavhiup\Voymjxvgoam\36.0.1985.143\libegl.dll
2014-11-01 05:03 - 2014-11-01 05:03 - 08537928 _____ () C:\Users\Eli\AppData\LocalLow\Sun\byedavhiup\Voymjxvgoam\36.0.1985.143\pdf.dll
2014-11-01 05:03 - 2014-11-01 05:03 - 00353096 _____ () C:\Users\Eli\AppData\LocalLow\Sun\byedavhiup\Voymjxvgoam\36.0.1985.143\ppGoogleNaClPluginChrome.dll
2014-11-01 05:03 - 2014-11-01 05:03 - 01732936 _____ () C:\Users\Eli\AppData\LocalLow\Sun\byedavhiup\Voymjxvgoam\36.0.1985.143\ffmpegsumo.dll
2014-11-01 05:03 - 2014-11-01 05:03 - 14669128 _____ () C:\Users\Eli\AppData\LocalLow\Sun\byedavhiup\Voymjxvgoam\36.0.1985.143\PepperFlash\pepflashplayer.dll
2014-09-19 21:52 - 2014-10-31 06:31 - 03649648 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2014-09-10 07:47 - 2014-09-10 07:47 - 16825520 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll
 
==================== Alternate Data Streams (whitelisted) =========
 
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
 
AlternateDataStreams: C:\ProgramData\TEMP:05EE1EEF
 
==================== Safe Mode (whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CleanHlp => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CleanHlp.sys => ""="Driver"
 
==================== EXE Association (whitelisted) =============
 
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
 
 
==================== MSCONFIG/TASK MANAGER disabled items =========
 
(Currently there is no automatic fix for this section.)
 
 
========================= Accounts: ==========================
 
Administrator (S-1-5-21-1157633437-3435439162-184462557-500 - Administrator - Disabled)
Eli (S-1-5-21-1157633437-3435439162-184462557-1000 - Administrator - Enabled) => C:\Users\Eli
Guest (S-1-5-21-1157633437-3435439162-184462557-501 - Limited - Disabled)
 
==================== Faulty Device Manager Devices =============
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (11/01/2014 05:01:16 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (11/01/2014 04:55:04 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (11/01/2014 00:20:27 AM) (Source: VSS) (EventID: 13) (User: )
Description: Volume Shadow Copy Service information: The COM Server with CLSID {e579ab5f-1cc4-44b4-bed9-de0991ff0623} and name Coordinator cannot be started. [0x80070005, Access is denied.
]
 
Error: (11/01/2014 00:20:27 AM) (Source: VSS) (EventID: 13) (User: )
Description: Volume Shadow Copy Service information: The COM Server with CLSID {e579ab5f-1cc4-44b4-bed9-de0991ff0623} and name Coordinator cannot be started. [0x80070005, Access is denied.
]
 
Error: (11/01/2014 00:20:27 AM) (Source: VSS) (EventID: 13) (User: )
Description: Volume Shadow Copy Service information: The COM Server with CLSID {e579ab5f-1cc4-44b4-bed9-de0991ff0623} and name Coordinator cannot be started. [0x80070005, Access is denied.
]
 
Error: (11/01/2014 00:20:15 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (10/31/2014 11:57:41 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program a2start.exe version 6.5.0.8 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
 
Process ID: 180c
 
Start Time: 01cff58a4d95f20a
 
Termination Time: 22
 
Application Path: C:\PROGRAM FILES (X86)\EMSISOFT ANTI-MALWARE\a2start.exe
 
Report Id: 96eadcf7-6183-11e4-a959-50e549b92de1
 
Error: (10/31/2014 11:14:37 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: svchost.exe, version: 6.1.7600.16385, time stamp: 0x4a5bc100
Faulting module name: ntdll.dll, version: 6.1.7601.18247, time stamp: 0x521ea8e7
Exception code: 0xc0000374
Fault offset: 0x000ce753
Faulting process id: 0x123c
Faulting application start time: 0xsvchost.exe0
Faulting application path: svchost.exe1
Faulting module path: svchost.exe2
Report Id: svchost.exe3
 
Error: (10/31/2014 11:10:13 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (10/31/2014 11:09:11 PM) (Source: VSS) (EventID: 13) (User: )
Description: Volume Shadow Copy Service information: The COM Server with CLSID {e579ab5f-1cc4-44b4-bed9-de0991ff0623} and name Coordinator cannot be started. [0x80070005, Access is denied.
]
 
 
System errors:
=============
Error: (11/01/2014 05:00:48 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)
 
Error: (11/01/2014 04:59:20 AM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Windows\SysWow64\Drivers\Aldebaran.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.
 
Error: (11/01/2014 04:59:19 AM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Windows\SysWow64\Drivers\Aldebaran.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.
 
Error: (11/01/2014 04:59:19 AM) (Source: Application Popup) (EventID: 1060) (User: )
Description: \??\C:\Windows\SysWow64\Drivers\Aldebaran.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.
 
Error: (11/01/2014 04:55:37 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The PnP-X IP Bus Enumerator service depends on the Function Discovery Provider Host service which failed to start because of the following error: 
%%1068
 
Error: (11/01/2014 04:54:07 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: 
%%1068
 
Error: (11/01/2014 04:54:07 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: 
%%1068
 
Error: (11/01/2014 04:54:07 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: 
%%1068
 
Error: (11/01/2014 04:54:07 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: 
%%1068
 
Error: (11/01/2014 04:54:07 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: 
%%1068
 
 
Microsoft Office Sessions:
=========================
Error: (11/01/2014 05:01:16 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (11/01/2014 04:55:04 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (11/01/2014 00:20:27 AM) (Source: VSS) (EventID: 13) (User: )
Description: {e579ab5f-1cc4-44b4-bed9-de0991ff0623}Coordinator0x80070005, Access is denied.
 
Error: (11/01/2014 00:20:27 AM) (Source: VSS) (EventID: 13) (User: )
Description: {e579ab5f-1cc4-44b4-bed9-de0991ff0623}Coordinator0x80070005, Access is denied.
 
Error: (11/01/2014 00:20:27 AM) (Source: VSS) (EventID: 13) (User: )
Description: {e579ab5f-1cc4-44b4-bed9-de0991ff0623}Coordinator0x80070005, Access is denied.
 
Error: (11/01/2014 00:20:15 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (10/31/2014 11:57:41 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: a2start.exe6.5.0.8180c01cff58a4d95f20a22C:\PROGRAM FILES (X86)\EMSISOFT ANTI-MALWARE\a2start.exe96eadcf7-6183-11e4-a959-50e549b92de1
 
Error: (10/31/2014 11:14:37 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: svchost.exe6.1.7600.163854a5bc100ntdll.dll6.1.7601.18247521ea8e7c0000374000ce753123c01cff58997062151C:\Windows\syswow64\svchost.exeC:\Windows\SysWOW64\ntdll.dll972b9508-617d-11e4-a959-50e549b92de1
 
Error: (10/31/2014 11:10:13 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (10/31/2014 11:09:11 PM) (Source: VSS) (EventID: 13) (User: )
Description: {e579ab5f-1cc4-44b4-bed9-de0991ff0623}Coordinator0x80070005, Access is denied.
 
 
CodeIntegrity Errors:
===================================
  Date: 2012-03-26 04:08:03.677
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe because the set of per-page image hashes could not be found on the system.
 
 
==================== Memory info =========================== 
 
Processor: AMD FX™-6100 Six-Core Processor 
Percentage of memory in use: 78%
Total physical RAM: 8173.24 MB
Available physical RAM: 1725.78 MB
Total Pagefile: 16344.66 MB
Available Pagefile: 7743.16 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:931.41 GB) (Free:327.04 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 8DAB851F)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=931.4 GB) - (Type=07 NTFS)
 
==================== End Of Log ============================


#3 Fexhie

Fexhie
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:11:21 AM

Posted 01 November 2014 - 05:18 AM

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 30-10-2014 01
Ran by Eli (administrator) on ELI-PC on 01-11-2014 05:06:59
Running from C:\Users\Eli\Downloads
Loaded Profile: Eli (Available profiles: Eli)
Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 10
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(Emsisoft GmbH) C:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Emsi Software GmbH) C:\Program Files (x86)\Online Armor\oacat.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Scarlet.Crush Productions) C:\Program Files\PS3 Controller\ScpService.exe
(Hi-Rez Studios) C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
() C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
(Microsoft Corporation) C:\Windows\System32\regsvr32.exe
(Microsoft Corporation) C:\Windows\SysWOW64\regsvr32.exe
(RealNetworks, Inc.) C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe
(Emsisoft GmbH) C:\Program Files (x86)\Emsisoft Anti-Malware\a2guard.exe
() C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Google Inc.) C:\Users\Eli\AppData\Local\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\dfsvc.exe
(Google Inc.) C:\Users\Eli\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Eli\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Eli\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Eli\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Eli\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Eli\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Eli\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Eli\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Eli\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Eli\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Eli\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Eli\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Eli\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Eli\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Eli\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Eli\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Eli\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Eli\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Eli\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Eli\AppData\Local\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\taskmgr.exe
(Google Inc.) C:\Users\Eli\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Eli\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Eli\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Eli\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Eli\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Eli\AppData\Local\Google\Chrome\Application\chrome.exe
(Funcom) C:\Program Files (x86)\Funcom\The Secret World\TheSecretWorld.exe
(Google Inc.) C:\Users\Eli\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Eli\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Eli\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Eli\AppData\LocalLow\Sun\byedavhiup\Voymjxvgoam\edvqxekeepv.exe
(Google Inc.) C:\Users\Eli\AppData\LocalLow\Sun\byedavhiup\Voymjxvgoam\edvqxekeepv.exe
(Google Inc.) C:\Users\Eli\AppData\LocalLow\Sun\byedavhiup\Voymjxvgoam\edvqxekeepv.exe
(Google Inc.) C:\Users\Eli\AppData\LocalLow\Sun\byedavhiup\Voymjxvgoam\edvqxekeepv.exe
(Google Inc.) C:\Users\Eli\AppData\LocalLow\Sun\byedavhiup\Voymjxvgoam\edvqxekeepv.exe
(Google Inc.) C:\Users\Eli\AppData\LocalLow\Sun\byedavhiup\Voymjxvgoam\edvqxekeepv.exe
(Google Inc.) C:\Users\Eli\AppData\LocalLow\Sun\byedavhiup\Voymjxvgoam\edvqxekeepv.exe
(Google Inc.) C:\Users\Eli\AppData\LocalLow\Sun\byedavhiup\Voymjxvgoam\edvqxekeepv.exe
 
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12503184 2012-06-10] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1212560 2012-06-13] (Realtek Semiconductor)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2403104 2014-07-25] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [937920 2011-06-06] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [TkBellExe] => C:\Program Files (x86)\Real\RealPlayer\Update\realsched.exe [296056 2012-02-26] (RealNetworks, Inc.)
HKLM-x32\...\Run: [emsisoft anti-malware] => c:\program files (x86)\emsisoft anti-malware\a2guard.exe [4329408 2014-10-31] (Emsisoft GmbH)
HKLM-x32\...\Run: [DivXMediaServer] => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [450560 2013-12-22] (DivX, LLC)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642216 2012-08-06] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [DivXUpdate] => C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1861968 2013-11-14] ()
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [271744 2014-09-26] (Oracle Corporation)
HKLM-x32\...\RunOnce: [B Register C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll] => "C:\Windows\system32\rundll32.exe" "C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll",DllRegisterServer
HKLM Group Policy restriction on software: C:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware <====== ATTENTION
HKLM Group Policy restriction on software: C:\Documents and Settings\All Users\Application Data\McAfee <====== ATTENTION
HKLM Group Policy restriction on software: C:\Documents and Settings\All Users\Application Data\Symantec <====== ATTENTION
HKU\S-1-5-21-1157633437-3435439162-184462557-1000\...\Run: [Google Update] => C:\Users\Eli\AppData\Local\Google\Update\GoogleUpdate.exe [107912 2014-10-24] (Google Inc.)
HKU\S-1-5-21-1157633437-3435439162-184462557-1000\...\Run: [Steam] => C:\Program Files (x86)\Steam\Steam.exe [1938624 2014-10-21] (Valve Corporation)
HKU\S-1-5-21-1157633437-3435439162-184462557-1000\...\Run: [Pando Media Booster] => C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe [3093624 2012-10-24] ()
HKU\S-1-5-21-1157633437-3435439162-184462557-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3674320 2013-01-08] (DT Soft Ltd)
HKU\S-1-5-21-1157633437-3435439162-184462557-1000\...\Run: [Ppkxyjjdpv] => regsvr32.exe /s "C:\Users\Eli\AppData\Local\FLT\Ppkxyjjdpv.dll" <===== ATTENTION
HKU\S-1-5-21-1157633437-3435439162-184462557-1000\...\MountPoints2: {09a69848-1d55-11e1-9b57-50e549b92de1} - F:\setup.exe
HKU\S-1-5-21-1157633437-3435439162-184462557-1000\...\MountPoints2: {a55df843-917d-11e1-9d7b-50e549b92de1} - F:\setup.exe
Startup: C:\Users\Eli\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CurseClientStartup.ccip ()
Startup: C:\Users\Eli\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\DECRYPT_INSTRUCTION.HTML ()
Startup: C:\Users\Eli\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\DECRYPT_INSTRUCTION.TXT ()
InternetURL: C:\Users\Eli\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\INSTALL_TOR.URL -> https://paytordmbdekmizq.torsona.com/Yv6Y40
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x935BD27C262BCE01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: RealPlayer Download and Record Plugin for Internet Explorer -> {3049C3E9-B461-4BC5-8870-4C09146192CA} -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  No File
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
 
FireFox:
========
FF ProfilePath: C:\Users\Eli\AppData\Roaming\Mozilla\Firefox\Profiles\j2lc29tt.default
FF DefaultSearchEngine: XfireXO Customized Web Search
FF DefaultSearchUrl: hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2304157&SearchSource=3&q={searchTerms}
FF SelectedSearchEngine: XfireXO Customized Web Search
FF Keyword.URL: hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2304157&q=
FF NetworkProxy: "backup.ftp", "94.76.250.215 "
FF NetworkProxy: "backup.ftp_port", 3128
FF NetworkProxy: "backup.gopher", "94.76.250.215 "
FF NetworkProxy: "backup.gopher_port", 3128
FF NetworkProxy: "backup.socks", "94.76.250.215 "
FF NetworkProxy: "backup.socks_port", 3128
FF NetworkProxy: "backup.ssl", "94.76.250.215 "
FF NetworkProxy: "backup.ssl_port", 3128
FF NetworkProxy: "ftp", "83.138.136.28"
FF NetworkProxy: "ftp_port", 80
FF NetworkProxy: "gopher", "83.138.136.28"
FF NetworkProxy: "gopher_port", 80
FF NetworkProxy: "http", "83.138.136.28"
FF NetworkProxy: "http_port", 80
FF NetworkProxy: "share_proxy_settings", true
FF NetworkProxy: "socks", "83.138.136.28"
FF NetworkProxy: "socks_port", 80
FF NetworkProxy: "ssl", "83.138.136.28"
FF NetworkProxy: "ssl_port", 80
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @divx.com/DivX Web Player Plug-In,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Web Player\npdivx32.dll (DivX, LLC)
FF Plugin-x32: @java.com/DTPlugin,version=10.71.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.71.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @nexon.net/NxGame -> C:\ProgramData\NexonUS\NGM\npNxGameUS.dll (Nexon)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin-x32: @raidcall.en/RCplugin -> C:\Users\Eli\AppData\Roaming\raidcall\plugins\nprcplugin.dll (Raidcall)
FF Plugin-x32: @real.com/nppl3260;version=15.0.2.72 -> C:\Program Files (x86)\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprjplug;version=15.0.2.72 -> C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpchromebrowserrecordext;version=15.0.2.72 -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprphtml5videoshim;version=15.0.2.72 -> C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpjplug;version=15.0.2.72 -> C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @Webzen.com/NPBrowserExt -> C:\Program Files (x86)\WEBZEN\BrowserExtension\NPWZCmnCtrl.dll (WEBZEN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: @soe.sony.com/installer,version=1.0.3 -> C:\Users\Eli\AppData\Local\Google\Chrome\User Data\Default\Extensions\dkfjadjghjpjodfhffafagnkbgbpiphf\1.0.3.143_0\npsoe.dll No File
FF Plugin HKCU: @tools.google.com/Google Update;version=3 -> C:\Users\Eli\AppData\Local\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 -> C:\Users\Eli\AppData\Local\Google\Update\1.3.25.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @TrianglePlayer -> C:\Users\Eli\AppData\Roaming\TrianglePlayer\NPTrianglePlayer.dll ()
FF Plugin HKCU: pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppl3260.dll (RealNetworks, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nprjplug.dll (RealNetworks, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nprpjplug.dll (RealNetworks, Inc.)
FF Extension: cacaoweb - C:\Users\Eli\AppData\Roaming\Mozilla\Firefox\Profiles\j2lc29tt.default\Extensions\cacaoweb@cacaoweb.org [2011-10-30]
FF Extension: GameTap - C:\Users\Eli\AppData\Roaming\Mozilla\Firefox\Profiles\j2lc29tt.default\Extensions\GameTapPlayer@gametap.com [2011-10-30]
FF Extension: Microsoft .NET Framework Assistant - C:\Users\Eli\AppData\Roaming\Mozilla\Firefox\Profiles\j2lc29tt.default\Extensions\{20a82645-c095-46ed-80e3-08825760534b} [2011-10-30]
FF Extension: Google Toolbar for Firefox - C:\Users\Eli\AppData\Roaming\Mozilla\Firefox\Profiles\j2lc29tt.default\Extensions\{3112ca9c-de6d-4884-a869-9855de68056c} [2011-10-30]
FF Extension: BrowseToolE0170  - C:\Users\Eli\AppData\Roaming\Mozilla\Firefox\Profiles\j2lc29tt.default\Extensions\{5e5ab302-7f65-44cd-8211-c1d4caaccea3} [2014-09-28]
FF Extension: DivX Web Player - C:\Users\Eli\AppData\Roaming\Mozilla\Firefox\Profiles\j2lc29tt.default\Extensions\DivXWebPlayer@divx.com.xpi [2011-11-01]
FF HKLM-x32\...\Firefox\Extensions: [{ABDE892B-13A8-4d1b-88E6-365A6E755758}] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext
FF Extension: RealPlayer Browser Record Plugin - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2011-10-30]
 
Chrome: 
=======
CHR HomePage: Default -> hxxp://www.google.com/
CHR StartupUrls: Default -> "https://www.google.com/"
CHR Profile: C:\Users\Eli\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Eli\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-05-30]
CHR Extension: (YouTube) - C:\Users\Eli\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2011-12-17]
CHR Extension: (Katekyo Hitman Reborn Theme2) - C:\Users\Eli\AppData\Local\Google\Chrome\User Data\Default\Extensions\ceogpcdigfifkcjhekbncbfbnhmlpkdd [2013-05-25]
CHR Extension: (Google Search) - C:\Users\Eli\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2011-12-17]
CHR Extension: (SOE Web Installer) - C:\Users\Eli\AppData\Local\Google\Chrome\User Data\Default\Extensions\dkfjadjghjpjodfhffafagnkbgbpiphf [2011-10-30]
CHR Extension: (Google Wallet) - C:\Users\Eli\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-26]
CHR Extension: (Gmail) - C:\Users\Eli\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2011-12-17]
CHR HKLM-x32\...\Chrome\Extension: [jfmjfhklogoienhpfnppmbcbjfjnkonk] - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Chrome\Ext\rphtml5video.crx [2011-10-30]
CHR StartMenuInternet: Google Chrome - C:\Users\Eli\AppData\Local\Google\Chrome\Application\chrome.exe
 
==================== Services (Whitelisted) =================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 a2AntiMalware; C:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe [4162536 2014-10-31] (Emsisoft GmbH)
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [361984 2012-08-06] (Advanced Micro Devices, Inc.) [File not signed]
S3 AppleChargerSrv; C:\Windows\System32\AppleChargerSrv.exe [31272 2010-04-06] ()
S3 BRSptSvc; C:\programdata\bitraider\BRSptSvc.exe [915736 2013-06-09] (BitRaider, LLC)
R2 Ds3Service; C:\Program Files\PS3 Controller\ScpService.exe [388352 2013-05-05] (Scarlet.Crush Productions)
U2 HiPatchService; C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [8704 2012-08-30] (Hi-Rez Studios) [File not signed]
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [73728 2004-10-22] (Macrovision Corporation) [File not signed]
S3 npggsvc; C:\Windows\SysWOW64\GameMon.des [5204224 2013-11-06] (INCA Internet Co., Ltd.)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1720608 2014-07-25] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [18956064 2014-07-25] (NVIDIA Corporation)
R2 OAcat; C:\Program Files (x86)\Online Armor\OAcat.exe [208472 2012-02-10] (Emsi Software GmbH)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [75136 2011-12-07] ()
S3 SandraAgentSrv; C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2012.SP2\RpcAgentSrv.exe [95896 2009-02-04] (SiSoftware) [File not signed]
S3 SvcOnlineArmor; C:\Program Files (x86)\Online Armor\oasrv.exe [4369208 2012-02-10] (Emsi Software GmbH)
S3 xsherlock; C:\Windows\SysWOW64\xsherlock.xem [670816 2012-04-18] (Wellbia.com Co., Ltd.) [File not signed]
 
==================== Drivers (Whitelisted) ====================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R3 a2acc; C:\PROGRAM FILES (X86)\EMSISOFT ANTI-MALWARE\a2accx64.sys [71472 2014-10-31] (Emsisoft GmbH)
R1 A2DDA; C:\Program Files (x86)\Emsisoft Anti-Malware\a2ddax64.sys [26176 2014-10-31] (Emsisoft GmbH)
R1 a2injectiondriver; C:\Program Files (x86)\Emsisoft Anti-Malware\a2dix64.sys [45208 2014-10-31] (Emsisoft GmbH)
R1 a2util; C:\Program Files (x86)\Emsisoft Anti-Malware\a2util64.sys [23088 2014-10-31] (Emsisoft GmbH)
S0 Achernar; C:\Windows\SysWOW64\Drivers\Achernar.sys [16855 2012-08-18] (An Chen Computer Co., Ltd.) [File not signed]
S3 Aldebaran; C:\Windows\SysWOW64\Drivers\Aldebaran.sys [21808 2012-08-18] (An Chen Computer Co., Ltd.) [File not signed]
R2 AODDriver4.1; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [53888 2012-03-05] (Advanced Micro Devices)
R1 AppleCharger; C:\Windows\System32\DRIVERS\AppleCharger.sys [21104 2011-01-10] ()
S3 BRDriver64; C:\programdata\bitraider\BRDriver64.sys [74024 2013-04-17] (BitRaider)
R3 cleanhlp; C:\Program Files (x86)\Emsisoft Anti-Malware\cleanhlp64.sys [57024 2014-10-31] (Emsisoft GmbH)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2013-01-28] (DT Soft Ltd)
R3 NMgamingmsFltr; C:\Windows\System32\drivers\NMgamingms.sys [11264 2009-07-24] (Primax Ltd)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [20256 2014-07-25] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [40392 2014-03-31] (NVIDIA Corporation)
R1 OADevice; C:\Windows\SysWow64\Drivers\OADriver.sys [59176 2012-02-10] ()
R1 oahlpXX; C:\Windows\syswow64\drivers\oahlp64.sys [59176 2012-02-10] ()
R1 OAmon; C:\Windows\SysWOW64\Drivers\OAmon.sys [38064 2012-02-10] (Emsisoft)
R3 OAnet; C:\Windows\System32\DRIVERS\oanet.sys [32920 2012-02-10] (Emsisoft)
S3 SANDRA; C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2012.SP2\WNt500x64\Sandra.sys [23112 2009-08-07] (SiSoftware)
R3 ScpVBus; C:\Windows\System32\DRIVERS\ScpVBus.sys [39168 2013-05-05] (Scarlet.Crush Productions)
S3 ALSysIO; \??\C:\Users\Eli\AppData\Local\Temp\ALSysIO64.sys [X]
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
S3 EverestDriver; \??\C:\Program Files (x86)\Lavalys\EVEREST Ultimate Edition\kerneld.amd64 [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
S3 vtany; \??\C:\Windows\vtany.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
 
 
==================== One Month Created Files and Folders ========
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2014-11-01 05:07 - 2014-11-01 05:07 - 00019271 _____ () C:\Users\Eli\Downloads\attach.txt
2014-11-01 05:06 - 2014-11-01 05:08 - 00024811 _____ () C:\Users\Eli\Downloads\FRST.txt
2014-11-01 05:06 - 2014-11-01 05:07 - 00000000 ____D () C:\FRST
2014-11-01 02:47 - 2014-11-01 02:47 - 00008538 _____ () C:\Users\Public\DECRYPT_INSTRUCTION.HTML
2014-11-01 02:47 - 2014-11-01 02:47 - 00008538 _____ () C:\Users\Eli\Desktop\DECRYPT_INSTRUCTION.HTML
2014-11-01 02:47 - 2014-11-01 02:47 - 00004210 _____ () C:\Users\Public\DECRYPT_INSTRUCTION.TXT
2014-11-01 02:47 - 2014-11-01 02:47 - 00004210 _____ () C:\Users\Eli\Desktop\DECRYPT_INSTRUCTION.TXT
2014-11-01 02:47 - 2014-11-01 02:47 - 00000274 _____ () C:\Users\Public\INSTALL_TOR.URL
2014-11-01 02:47 - 2014-11-01 02:47 - 00000274 _____ () C:\Users\Eli\Desktop\INSTALL_TOR.URL
2014-11-01 01:40 - 2014-11-01 01:40 - 00008538 _____ () C:\Users\Eli\DECRYPT_INSTRUCTION.HTML
2014-11-01 01:40 - 2014-11-01 01:40 - 00004210 _____ () C:\Users\Eli\DECRYPT_INSTRUCTION.TXT
2014-11-01 01:40 - 2014-11-01 01:40 - 00000274 _____ () C:\Users\Eli\INSTALL_TOR.URL
2014-11-01 01:32 - 2014-11-01 01:32 - 00008538 _____ () C:\Users\Eli\Downloads\DECRYPT_INSTRUCTION.HTML
2014-11-01 01:32 - 2014-11-01 01:32 - 00004210 _____ () C:\Users\Eli\Downloads\DECRYPT_INSTRUCTION.TXT
2014-11-01 01:32 - 2014-11-01 01:32 - 00000274 _____ () C:\Users\Eli\Downloads\INSTALL_TOR.URL
2014-11-01 00:58 - 2014-11-01 00:58 - 00008538 _____ () C:\Users\Eli\Documents\DECRYPT_INSTRUCTION.HTML
2014-11-01 00:58 - 2014-11-01 00:58 - 00004210 _____ () C:\Users\Eli\Documents\DECRYPT_INSTRUCTION.TXT
2014-11-01 00:58 - 2014-11-01 00:58 - 00000274 _____ () C:\Users\Eli\Documents\INSTALL_TOR.URL
2014-11-01 00:22 - 2014-11-01 00:22 - 00008538 _____ () C:\Users\Eli\AppData\Roaming\DECRYPT_INSTRUCTION.HTML
2014-11-01 00:22 - 2014-11-01 00:22 - 00008538 _____ () C:\Users\Eli\AppData\DECRYPT_INSTRUCTION.HTML
2014-11-01 00:22 - 2014-11-01 00:22 - 00004210 _____ () C:\Users\Eli\AppData\Roaming\DECRYPT_INSTRUCTION.TXT
2014-11-01 00:22 - 2014-11-01 00:22 - 00004210 _____ () C:\Users\Eli\AppData\DECRYPT_INSTRUCTION.TXT
2014-11-01 00:22 - 2014-11-01 00:22 - 00000274 _____ () C:\Users\Eli\AppData\Roaming\INSTALL_TOR.URL
2014-11-01 00:22 - 2014-11-01 00:22 - 00000274 _____ () C:\Users\Eli\AppData\INSTALL_TOR.URL
2014-10-31 23:32 - 2014-10-31 23:32 - 02113536 _____ (Farbar) C:\Users\Eli\Downloads\FRST64.exe
2014-10-31 23:23 - 2014-10-31 23:23 - 00001776 _____ () C:\Users\Eli\Desktop\fixlist.txt
2014-10-31 23:01 - 2014-10-31 23:01 - 00008536 _____ () C:\Users\Eli\AppData\Local\DECRYPT_INSTRUCTION.HTML
2014-10-31 23:01 - 2014-10-31 23:01 - 00004208 _____ () C:\Users\Eli\AppData\Local\DECRYPT_INSTRUCTION.TXT
2014-10-31 23:01 - 2014-10-31 23:01 - 00000272 _____ () C:\Users\Eli\AppData\Local\INSTALL_TOR.URL
2014-10-31 22:53 - 2014-10-31 22:54 - 00000000 ____D () C:\ProgramData\MFAData
2014-10-31 22:53 - 2014-10-31 22:53 - 00000000 ____D () C:\Users\Eli\AppData\Local\MFAData
2014-10-31 22:53 - 2014-10-31 22:53 - 00000000 ____D () C:\Users\Eli\AppData\Local\Avg2015
2014-10-31 22:50 - 2014-10-31 22:51 - 04637504 _____ (AVG Technologies) C:\Users\Eli\Downloads\avg_free_stb_all_2015_5557_cnet.exe
2014-10-31 22:48 - 2014-10-31 22:48 - 00008536 _____ () C:\ProgramData\DECRYPT_INSTRUCTION.HTML
2014-10-31 22:48 - 2014-10-31 22:48 - 00004208 _____ () C:\ProgramData\DECRYPT_INSTRUCTION.TXT
2014-10-31 22:48 - 2014-10-31 22:48 - 00000272 _____ () C:\ProgramData\INSTALL_TOR.URL
2014-10-31 22:34 - 2014-10-31 22:34 - 00000000 ____D () C:\Users\Eli\AppData\Roaming\FrameworkUpdate7
2014-10-31 22:34 - 2014-10-31 22:34 - 00000000 ____D () C:\ProgramData\Windows Genuine Advantage
2014-10-31 06:37 - 2014-10-31 06:37 - 00272808 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-10-31 06:37 - 2014-10-31 06:37 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-10-31 06:37 - 2014-10-31 06:37 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-10-31 06:37 - 2014-10-31 06:37 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-10-31 06:37 - 2014-10-31 06:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-10-31 06:37 - 2014-10-31 06:37 - 00000000 ____D () C:\Program Files (x86)\Java
2014-10-30 21:45 - 2014-10-30 21:45 - 00418460 _____ () C:\Users\Eli\Downloads\Blood Price - Tanya Huff.mobi
2014-10-30 21:41 - 2014-10-30 21:41 - 00700499 _____ () C:\Users\Eli\Downloads\Wild Ways, The - Tanya Huff.mobi
2014-10-30 21:38 - 2014-10-30 21:39 - 00687484 _____ () C:\Users\Eli\Downloads\Enchantment Emporium, The - Tanya Huff.mobi
2014-10-30 11:32 - 2014-10-30 11:38 - 00767302 _____ () C:\Users\Eli\Downloads\Shadow's Master - Jon Sprunk.epub
2014-10-30 11:18 - 2014-10-30 11:18 - 00001181 _____ () C:\Users\Eli\Downloads\[Limetorrents.cc]_Shadow's Master - Jon Sprunk epub.torrent
2014-10-30 08:33 - 2014-10-30 08:33 - 00228864 _____ () C:\Users\Eli\Downloads\LDatWE-KW.rar
2014-10-30 08:33 - 2014-10-24 21:55 - 00229000 _____ () C:\Users\Eli\Desktop\Legendary Detective at the Worl - Kaye Wagner.epub
2014-10-30 08:28 - 2014-10-30 08:28 - 00004067 _____ () C:\Users\Eli\Downloads\Shadow's Master - Jon Sprunk.opf
2014-10-30 08:25 - 2014-10-30 08:26 - 00526869 _____ () C:\Users\Eli\Downloads\Jon_Sprunk_-_Shadows_Son.epub
2014-10-29 12:25 - 2014-10-29 12:25 - 00622416 _____ () C:\Users\Eli\Downloads\ShadLure.epub
2014-10-28 19:38 - 2014-10-28 19:38 - 00526869 _____ () C:\Users\Eli\Downloads\ShadoSon.epub
2014-10-27 18:41 - 2014-10-27 18:41 - 01360704 _____ () C:\Users\Eli\Downloads\dead end.rar
2014-10-25 14:11 - 2014-10-25 14:11 - 06990064 _____ () C:\Users\Eli\Downloads\FelixC.rar
2014-10-25 08:49 - 2014-11-01 00:37 - 00000000 ____D () C:\Users\Eli\Desktop\Wizard Falling (Book 7)
2014-10-25 08:49 - 2014-11-01 00:37 - 00000000 ____D () C:\Users\Eli\Desktop\Evil Tide (Book 6)
2014-10-25 08:48 - 2014-10-25 08:49 - 03651840 _____ () C:\Users\Eli\Downloads\TN5KSer.rar
2014-10-25 05:44 - 2014-10-25 05:55 - 00000000 ____D () C:\Program Files (x86)\Sid Meiers Civilization Beyond Earth
2014-10-25 05:44 - 2014-10-25 05:44 - 00001040 _____ () C:\Users\Public\Desktop\Sid Meiers Civilization Beyond Earth.lnk
2014-10-24 21:13 - 2014-11-01 01:05 - 00000000 ____D () C:\Users\Eli\Downloads\Sid.Meiers.Civilization.Beyond.Earth-RELOADED[rarbg]
2014-10-21 22:52 - 2014-10-21 22:53 - 00084416 _____ () C:\Users\Eli\Downloads\FLVPlayer-Chrome.exe
2014-10-21 20:13 - 2013-04-15 18:12 - 01372539 _____ () C:\Users\Eli\Desktop\Five Kingdoms_ Book 05 - Fierce Loyalty - Toby Neighbors.epub
2014-10-21 20:11 - 2014-10-21 20:11 - 04019440 _____ () C:\Users\Eli\Downloads\Five Kingdoms.zip
2014-10-21 17:47 - 2014-11-01 00:37 - 00000000 ____D () C:\Users\Eli\Desktop\Richard Morgan - Land Fit for Heroes 1-2
2014-10-21 17:46 - 2014-10-21 17:46 - 03166320 _____ () C:\Users\Eli\Downloads\Fit.rar
2014-10-18 09:21 - 2014-10-18 09:21 - 03190496 _____ () C:\Users\Eli\Downloads\AP_PSP.rar
2014-10-18 09:09 - 2014-10-18 09:09 - 00415968 _____ () C:\Users\Eli\Downloads\Impulse_ A Whole New Day (The I - Power, P.S_.rar
2014-10-14 13:10 - 2014-10-14 13:10 - 00001907 _____ () C:\Users\Eli\Desktop\Launcher.exe - Shortcut.lnk
2014-10-14 11:48 - 2014-10-14 11:48 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Borderlands The Pre-Sequel
2014-10-14 11:35 - 2014-10-14 11:48 - 00000000 ____D () C:\Program Files (x86)\Borderlands The Pre-Sequel
2014-10-13 15:26 - 2014-10-13 15:26 - 00863344 _____ () C:\Users\Eli\Downloads\L.B. EE04 C.rar
2014-10-13 15:26 - 2012-04-27 21:51 - 00866832 _____ () C:\Users\Eli\Desktop\Lindsay Buroker - Conspiracy (The Emperors Edge 04).epub
2014-10-12 14:34 - 2014-10-12 14:34 - 00425107 _____ () C:\Users\Eli\Downloads\Lindsay Buroker - Dark Currents.epub
2014-10-12 14:33 - 2014-10-12 14:33 - 00412032 _____ () C:\Users\Eli\Downloads\Lindsay Buroker - The Emperor's Edge.mobi
2014-10-11 07:21 - 2014-10-11 07:21 - 01305072 _____ () C:\Users\Eli\Downloads\ForcedAscent.zip
2014-10-11 07:21 - 2014-10-11 07:21 - 00462124 _____ () C:\Users\Eli\Downloads\Executable (The Demon Accords) - Conroe, John.epub
2014-10-10 18:22 - 2014-08-08 10:17 - 00000000 ____D () C:\Users\Eli\Desktop\John Booth - Tom and Laura
2014-10-10 18:21 - 2014-10-10 18:21 - 02234560 _____ () C:\Users\Eli\Downloads\TomAndLaura.zip
2014-10-10 09:17 - 2014-10-10 09:17 - 00287959 _____ () C:\Users\Eli\Downloads\Jake's Quest - Wizards V - John Booth.epub
2014-10-10 09:15 - 2014-10-10 09:16 - 00290921 _____ () C:\Users\Eli\Downloads\Jakes Women.epub
2014-10-09 20:35 - 2014-10-09 20:35 - 00310172 _____ () C:\Users\Eli\Downloads\Wizards2.epub
2014-10-09 20:35 - 2014-10-09 20:35 - 00255386 _____ () C:\Users\Eli\Downloads\Jakes Justice.epub
2014-10-09 11:22 - 2014-10-09 11:23 - 00229936 _____ () C:\Users\Eli\Downloads\Wizards1.epub
2014-10-09 10:53 - 2014-10-09 10:53 - 04898102 _____ () C:\Users\Eli\Downloads\Zom-B Family - Darren Shan.epub
2014-10-09 06:41 - 2014-07-10 19:41 - 00392062 _____ () C:\Users\Eli\Desktop\P S Power - [Keeley Thomson 05] - Demon Bait (mobi).mobi
2014-10-09 06:39 - 2014-10-09 06:40 - 00343248 _____ () C:\Users\Eli\Downloads\DB-PSP.rar
2014-10-09 06:36 - 2014-02-11 20:08 - 00000000 ____D () C:\Users\Eli\Desktop\keeley thomson
2014-10-09 06:34 - 2014-10-09 06:34 - 01061088 _____ () C:\Users\Eli\Downloads\keeley thomson.rar
2014-10-08 01:15 - 2014-10-08 01:15 - 00303092 _____ () C:\Users\Eli\Downloads\Road Blocks (Other Places) - P. S. Power.epub
2014-10-06 22:29 - 2014-10-06 22:29 - 00323554 _____ () C:\Users\Eli\Downloads\Shortcuts (Other Places) - Power, P.S_.epub
2014-10-06 22:06 - 2014-10-06 22:06 - 00423664 _____ () C:\Users\Eli\Downloads\EtEpSP.zip
2014-10-06 06:22 - 2014-10-06 06:22 - 00992704 _____ () C:\Users\Eli\Downloads\Goddess of the Moon (Young Ancients (214).rar
2014-10-06 06:02 - 2014-10-06 06:03 - 01243136 _____ () C:\Users\Eli\Downloads\Kingdom of Stars (The Young Ancient (174).rar
2014-10-04 19:54 - 2014-10-04 19:55 - 01412080 _____ () C:\Users\Eli\Downloads\The Silence Within (The Young Ancie (176).rar
2014-10-04 19:54 - 2014-10-04 19:54 - 01327200 _____ () C:\Users\Eli\Downloads\Lord of the Sky (The Young Ancients (173).rar
2014-10-03 07:25 - 2014-10-03 07:25 - 00940464 _____ () C:\Users\Eli\Downloads\The Dark Half of the Sun (The Young (169).rar
2014-10-02 15:55 - 2014-10-02 15:55 - 00000000 ____D () C:\Users\Eli\AppData\Roaming\Steam
2014-10-02 07:18 - 2014-11-01 00:37 - 00000000 ____D () C:\Users\Eli\Desktop\x64
2014-10-02 00:36 - 2014-10-02 00:36 - 00001260 _____ () C:\Users\Eli\Desktop\Middle Earth Shadow of Mordor.lnk
2014-10-02 00:36 - 2014-10-02 00:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Middle Earth Shadow of Mordor
 
==================== One Month Modified Files and Folders =======
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2057-05-28 06:36 - 2014-09-11 10:12 - 01090522 _____ () C:\Users\Eli\Desktop\L. E. Modesitt Jr - Forever Hero 99 - The Forever Hero # Omnibus 01-03 (v5.0).epub
2014-11-01 05:09 - 2011-10-30 05:02 - 00000000 ____D () C:\Users\Eli\AppData\Local\PMB Files
2014-11-01 05:08 - 2009-07-13 23:45 - 00021248 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-11-01 05:08 - 2009-07-13 23:45 - 00021248 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-11-01 05:06 - 2009-07-14 00:13 - 00782470 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-11-01 05:03 - 2011-10-30 06:05 - 01131288 _____ () C:\Windows\WindowsUpdate.log
2014-11-01 05:02 - 2011-10-30 06:11 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-11-01 05:01 - 2011-10-30 04:59 - 00000000 ____D () C:\Users\Eli\AppData\Local\Deployment
2014-11-01 05:00 - 2014-09-12 20:00 - 00000368 _____ () C:\Windows\Tasks\RNUpgradeHelperLogonPrompt_Eli.job
2014-11-01 05:00 - 2014-05-14 18:27 - 00005875 _____ () C:\Windows\setupact.log
2014-11-01 05:00 - 2012-03-09 02:00 - 00000000 ____D () C:\Program Files (x86)\Emsisoft Anti-Malware
2014-11-01 05:00 - 2011-10-30 04:50 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-11-01 04:59 - 2013-12-28 17:18 - 00000000 ____D () C:\Program Files\PS3 Controller
2014-11-01 04:59 - 2011-10-30 05:13 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-11-01 04:59 - 2009-07-14 00:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-11-01 04:53 - 2014-05-31 04:09 - 00001152 _____ () C:\Windows\PFRO.log
2014-11-01 04:47 - 2012-04-08 15:24 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-11-01 04:29 - 2011-10-30 04:50 - 00000898 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-11-01 03:57 - 2011-10-30 04:54 - 00000900 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1157633437-3435439162-184462557-1000UA.job
2014-11-01 02:47 - 2014-03-27 17:38 - 00000000 ____D () C:\Users\Public\Sony Online Entertainment
2014-11-01 01:57 - 2011-10-30 04:54 - 00000848 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1157633437-3435439162-184462557-1000Core.job
2014-11-01 01:40 - 2011-10-30 04:09 - 00000000 ____D () C:\Users\Eli
2014-11-01 01:32 - 2014-08-21 01:28 - 00000000 ____D () C:\Users\Eli\Downloads\Willow (1988) 1080p
2014-11-01 01:24 - 2013-06-20 23:48 - 00000000 ____D () C:\Users\Eli\Downloads\Utopia
2014-11-01 01:24 - 2011-12-06 17:34 - 00000000 ____D () C:\Users\Eli\Downloads\Violette Malan - Dhulyn Parno
2014-11-01 01:16 - 2013-12-07 20:32 - 00000000 ____D () C:\Users\Eli\Downloads\Starbound
2014-11-01 01:16 - 2012-03-03 17:40 - 00000000 ____D () C:\Users\Eli\Downloads\Thurman_ Rob
2014-11-01 01:05 - 2014-03-10 14:43 - 00000000 ____D () C:\Users\Eli\Downloads\Sexy_Urban_Fantasy_Mystery
2014-11-01 01:05 - 2013-03-13 18:13 - 00000000 ____D () C:\Users\Eli\Downloads\Shadowrun-Novels
2014-11-01 01:04 - 2013-04-24 07:30 - 00000000 ____D () C:\Users\Eli\Downloads\Marvel
2014-11-01 01:04 - 2011-11-11 16:57 - 00000000 ____D () C:\Users\Eli\Downloads\photos
2014-11-01 01:03 - 2013-03-28 21:00 - 00000000 ____D () C:\Users\Eli\Downloads\HD_Audio
2014-11-01 01:03 - 2013-01-25 17:50 - 00000000 ____D () C:\Users\Eli\Downloads\Gaelic Storm
2014-11-01 01:03 - 2012-10-22 21:34 - 00000000 ____D () C:\Users\Eli\Downloads\Japanese Level I and II
2014-11-01 01:02 - 2014-03-31 23:13 - 00000000 ____D () C:\Users\Eli\Downloads\FTC_023
2014-11-01 01:02 - 2013-03-08 23:59 - 00000000 ____D () C:\Users\Eli\Downloads\Doc Savage (Robeson, Kenneth Complete collection 182 ebooks
2014-11-01 01:01 - 2013-01-26 20:26 - 00000000 ____D () C:\Users\Eli\Downloads\Dengue Fever
2014-11-01 00:59 - 2013-08-04 20:38 - 00000000 ____D () C:\Users\Eli\Downloads\comix-4.0.4
2014-11-01 00:58 - 2014-01-03 22:29 - 00000000 ____D () C:\Users\Eli\Downloads\BTTF pack 1-5
2014-11-01 00:58 - 2013-04-16 21:52 - 00000000 ____D () C:\Users\Eli\Downloads\Brandon Mull
2014-11-01 00:41 - 2012-11-01 02:56 - 00000000 ____D () C:\Users\Eli\Documents\SEGA
2014-11-01 00:41 - 2012-03-31 15:36 - 00000000 ____D () C:\Users\Eli\Documents\Spartan
2014-11-01 00:40 - 2012-10-24 21:13 - 00000000 ____D () C:\Users\Eli\Documents\Raiderz
2014-11-01 00:40 - 2011-10-30 08:53 - 00000000 ____D () C:\Users\Eli\Documents\My Games
2014-11-01 00:39 - 2014-02-21 09:54 - 00000000 ____D () C:\Users\Eli\Documents\Gunz2
2014-11-01 00:39 - 2014-02-07 21:51 - 00000000 ____D () C:\Users\Eli\Documents\Elder Scrolls Online
2014-11-01 00:39 - 2014-01-28 13:30 - 00000000 ____D () C:\Users\Eli\Documents\MightAndMagicXLegacy
2014-11-01 00:39 - 2012-10-23 17:32 - 00000000 ____D () C:\Users\Eli\Documents\Game
2014-11-01 00:38 - 2013-05-30 23:05 - 00000000 ____D () C:\Users\Eli\Documents\dragoon
2014-11-01 00:38 - 2012-04-21 06:50 - 00000000 ____D () C:\Users\Eli\Documents\Diablo III
2014-11-01 00:38 - 2012-03-01 09:25 - 00000000 ____D () C:\Users\Eli\Documents\BioWare
2014-11-01 00:37 - 2014-05-07 19:59 - 00000000 ____D () C:\Users\Eli\Desktop\Hemlock And The Dread Sorceress (Book 2)
2014-11-01 00:37 - 2012-03-09 02:00 - 00000000 ____D () C:\Users\Eli\Documents\Anti-Malware
2014-11-01 00:37 - 2012-01-04 19:58 - 00000000 ____D () C:\Users\Eli\Calibre Library
2014-11-01 00:22 - 2014-05-23 07:03 - 00000000 ____D () C:\Users\Eli\AppData\Roaming\Tropico 5
2014-11-01 00:22 - 2012-12-03 18:02 - 00000000 ____D () C:\Users\Eli\AppData\Roaming\TS3Client
2014-11-01 00:22 - 2011-10-30 05:06 - 00000000 ____D () C:\Users\Eli\AppData\Roaming\Winamp
2014-11-01 00:22 - 2011-10-30 05:06 - 00000000 ____D () C:\Users\Eli\AppData\Roaming\Tropico 4
2014-11-01 00:21 - 2013-12-31 20:57 - 00000000 ____D () C:\Users\Eli\AppData\Roaming\Sword of the Stars - The Pit
2014-11-01 00:21 - 2013-04-24 07:57 - 00000000 ____D () C:\Users\Eli\AppData\Roaming\StarTrekPC
2014-11-01 00:21 - 2011-10-30 05:06 - 00000000 __RHD () C:\Users\Eli\AppData\Roaming\SecuROM
2014-11-01 00:21 - 2011-10-30 05:06 - 00000000 ____D () C:\Users\Eli\AppData\Roaming\Tropico 3
2014-11-01 00:21 - 2011-10-30 05:06 - 00000000 ____D () C:\Users\Eli\AppData\Roaming\Thunderbird
2014-11-01 00:21 - 2011-10-30 05:06 - 00000000 ____D () C:\Users\Eli\AppData\Roaming\runic games
2014-11-01 00:21 - 2011-10-30 05:06 - 00000000 ____D () C:\Users\Eli\AppData\Roaming\Real
2014-11-01 00:20 - 2012-03-09 02:43 - 00000000 ____D () C:\Users\Eli\AppData\Roaming\OnlineArmor
2014-10-31 23:14 - 2014-05-08 13:29 - 00000000 ____D () C:\Users\Eli\AppData\Roaming\NCSOFT
2014-10-31 23:14 - 2013-02-03 21:49 - 00000000 ____D () C:\Users\Eli\AppData\Roaming\Omerta
2014-10-31 23:14 - 2012-06-18 14:41 - 00000000 ____D () C:\Users\Eli\AppData\Roaming\Mumble
2014-10-31 23:14 - 2011-10-30 05:06 - 00000000 ____D () C:\Users\Eli\AppData\Roaming\Mozilla
2014-10-31 23:12 - 2014-03-16 09:19 - 00000000 ____D () C:\Users\Eli\AppData\Roaming\HandymanStudios
2014-10-31 23:12 - 2011-10-30 05:06 - 00000000 ____D () C:\Users\Eli\AppData\Roaming\Martial Empires Luancher OBT
2014-10-31 23:12 - 2011-10-30 05:06 - 00000000 ____D () C:\Users\Eli\AppData\Roaming\launcher
2014-10-31 23:12 - 2011-10-30 05:06 - 00000000 ____D () C:\Users\Eli\AppData\Roaming\Kalypso Media
2014-10-31 23:12 - 2011-10-30 05:06 - 00000000 ____D () C:\Users\Eli\AppData\Roaming\Hi-Rez Studios
2014-10-31 23:11 - 2012-11-13 21:48 - 00000000 ____D () C:\Users\Eli\AppData\Roaming\GameFly
2014-10-31 23:11 - 2012-02-11 15:24 - 00000000 ____D () C:\Users\Eli\AppData\Roaming\EnMasse
2014-10-31 23:11 - 2012-01-04 19:58 - 00000000 ____D () C:\Users\Eli\AppData\Roaming\calibre
2014-10-31 23:11 - 2011-10-30 05:06 - 00000000 ____D () C:\Users\Eli\AppData\Roaming\gamigo
2014-10-31 23:11 - 2011-10-30 05:06 - 00000000 ____D () C:\Users\Eli\AppData\Roaming\DragonicaSCB
2014-10-31 23:11 - 2011-10-30 05:06 - 00000000 ____D () C:\Users\Eli\AppData\Roaming\DivX
2014-10-31 23:11 - 2011-10-30 05:06 - 00000000 ____D () C:\Users\Eli\AppData\Roaming\DAEMON Tools Lite
2014-10-31 23:11 - 2011-10-30 05:06 - 00000000 ____D () C:\Users\Eli\AppData\Roaming\Creative
2014-10-31 23:10 - 2013-04-17 13:39 - 00000000 ____D () C:\Users\Eli\AppData\Roaming\Awesomium
2014-10-31 23:10 - 2011-10-30 05:03 - 00000000 ____D () C:\Users\Eli\AppData\Roaming\BugTrap Console Test
2014-10-31 23:10 - 2011-10-30 05:03 - 00000000 ____D () C:\Users\Eli\AppData\Roaming\Barnes & Noble
2014-10-31 23:10 - 2011-10-30 04:50 - 00000000 ____D () C:\Users\Eli\AppData\Roaming\Adobe
2014-10-31 23:01 - 2013-01-02 13:19 - 00000000 ____D () C:\Users\Eli\AppData\Local\Warframe
2014-10-31 23:01 - 2012-10-30 20:21 - 00000000 ____D () C:\Users\Eli\AppData\Local\red 5 studios
2014-10-31 23:01 - 2012-06-17 21:37 - 00000000 ____D () C:\Users\Eli\AppData\Local\PokerStars.NET
2014-10-31 23:01 - 2011-12-07 15:01 - 00000000 ____D () C:\Users\Eli\AppData\Local\PunkBuster
2014-10-31 23:01 - 2011-11-10 10:41 - 00000000 ____D () C:\Users\Eli\AppData\Local\Skyrim
2014-10-31 23:01 - 2011-10-30 05:02 - 00000000 ____D () C:\Users\Eli\AppData\Local\Thunderbird
2014-10-31 23:01 - 2011-10-30 04:09 - 00000000 ____D () C:\Users\Eli\AppData\Local\VirtualStore
2014-10-31 23:00 - 2011-10-30 05:02 - 00000000 ____D () C:\Users\Eli\AppData\Local\Oblivion
2014-10-31 23:00 - 2011-10-30 05:02 - 00000000 ____D () C:\Users\Eli\AppData\Local\NCSoft
2014-10-31 22:54 - 2011-10-30 05:02 - 00000000 ____D () C:\Users\Eli\AppData\Local\Mozilla
2014-10-31 22:54 - 2011-10-30 05:02 - 00000000 ____D () C:\Users\Eli\AppData\Local\Microsoft Games
2014-10-31 22:52 - 2011-10-30 04:59 - 00000000 ____D () C:\Users\Eli\AppData\Local\HotheadGames
2014-10-31 22:52 - 2011-10-30 04:50 - 00000000 ____D () C:\Users\Eli\AppData\Local\Google
2014-10-31 22:49 - 2013-01-12 00:13 - 00000000 ____D () C:\Users\Eli\AppData\Local\DefianceBeta
2014-10-31 22:49 - 2011-10-30 04:59 - 00000000 ____D () C:\Users\Eli\AppData\Local\GamersFirst LIVE!
2014-10-31 22:49 - 2011-10-30 04:59 - 00000000 ____D () C:\Users\Eli\AppData\Local\Funcom
2014-10-31 22:49 - 2011-10-30 04:59 - 00000000 ____D () C:\Users\Eli\AppData\Local\FalloutNV
2014-10-31 22:49 - 2011-10-30 04:59 - 00000000 ____D () C:\Users\Eli\AppData\Local\Fallout3
2014-10-31 22:49 - 2011-10-30 04:59 - 00000000 ____D () C:\Users\Eli\AppData\Local\Electronic Arts
2014-10-31 22:49 - 2011-10-30 04:59 - 00000000 ____D () C:\Users\Eli\AppData\Local\EA Games
2014-10-31 22:48 - 2014-05-27 22:03 - 00000000 ____D () C:\Users\Eli\AppData\Local\Blizzard Entertainment
2014-10-31 22:48 - 2014-05-27 22:03 - 00000000 ____D () C:\Users\Eli\AppData\Local\Battle.net
2014-10-31 22:48 - 2014-02-26 10:52 - 00000000 ____D () C:\Users\Eli\AppData\Local\AMD
2014-10-31 22:48 - 2014-01-21 14:12 - 00000000 ____D () C:\ProgramData\Rosetta Stone
2014-10-31 22:48 - 2013-11-09 10:15 - 00000000 ____D () C:\Users\Eli\AppData\Local\Daedalic Entertainment GmbH
2014-10-31 22:48 - 2013-08-23 08:09 - 00000000 ____D () C:\ProgramData\Turbine
2014-10-31 22:48 - 2013-02-11 19:56 - 00000000 ____D () C:\Users\Eli\AppData\Local\DefianceAlpha
2014-10-31 22:48 - 2013-01-26 01:13 - 00000000 ____D () C:\ProgramData\Steam
2014-10-31 22:48 - 2011-10-30 05:52 - 00000000 __SHD () C:\ProgramData\SecuROM
2014-10-31 22:48 - 2011-10-30 05:52 - 00000000 ____D () C:\ProgramData\SEGA Corporation
2014-10-31 22:48 - 2011-10-30 04:59 - 00000000 ____D () C:\Users\Eli\AppData\Local\Amazon
2014-10-31 22:43 - 2011-10-30 05:52 - 00000000 ____D () C:\ProgramData\Norton
2014-10-31 22:43 - 2011-10-30 05:52 - 00000000 ____D () C:\ProgramData\Giraffic
2014-10-31 22:41 - 2011-10-30 05:52 - 00000000 __SHD () C:\ProgramData\DSS
2014-10-31 22:41 - 2011-10-30 05:52 - 00000000 ____D () C:\ProgramData\DivX
2014-10-31 22:41 - 2011-10-30 05:52 - 00000000 ____D () C:\ProgramData\Creative
2014-10-31 22:41 - 2011-10-30 04:16 - 00000000 ____D () C:\ProgramData\Cisco Systems
2014-10-31 22:39 - 2014-09-24 08:23 - 00000000 ____D () C:\GOG Games
2014-10-31 22:39 - 2013-04-17 11:28 - 00000000 ____D () C:\ProgramData\bitraider
2014-10-31 22:39 - 2012-04-20 13:15 - 00000000 ____D () C:\ProgramData\Battle.net
2014-10-31 22:31 - 2014-09-12 20:00 - 00000362 _____ () C:\Windows\Tasks\ReclaimerUpdateFiles_Eli.job
2014-10-31 22:31 - 2014-09-12 20:00 - 00000358 _____ () C:\Windows\Tasks\ReclaimerUpdateXML_Eli.job
2014-10-31 12:36 - 2012-06-09 16:36 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-10-31 06:37 - 2013-10-22 07:26 - 00000000 ____D () C:\ProgramData\Oracle
2014-10-31 06:31 - 2014-09-19 21:51 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-10-30 20:48 - 2014-09-12 20:00 - 00002940 _____ () C:\Windows\System32\Tasks\ReclaimerUpdateXML_Eli
2014-10-30 20:34 - 2012-10-10 12:10 - 00000000 ____D () C:\Users\Eli\AppData\Local\FLT
2014-10-30 11:39 - 2011-10-30 05:03 - 00000000 ____D () C:\Users\Eli\AppData\Roaming\BitTorrent
2014-10-30 03:00 - 2014-05-13 18:10 - 00000378 _____ () C:\Windows\Tasks\ErrorEND.job
2014-10-29 20:24 - 2014-09-12 20:00 - 00002944 _____ () C:\Windows\System32\Tasks\ReclaimerUpdateFiles_Eli
2014-10-25 05:55 - 2011-10-30 05:02 - 00000000 ____D () C:\Users\Eli\AppData\Local\My Games
2014-10-24 01:52 - 2011-10-30 04:54 - 00003866 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1157633437-3435439162-184462557-1000UA
2014-10-24 01:52 - 2011-10-30 04:54 - 00003470 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1157633437-3435439162-184462557-1000Core
2014-10-23 18:19 - 2014-05-13 21:39 - 00000000 ____D () C:\Users\Eli\AppData\Local\NVIDIA Corporation
2014-10-20 10:24 - 2011-10-30 04:50 - 00003894 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-10-20 10:24 - 2011-10-30 04:50 - 00003642 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-10-14 11:49 - 2011-10-30 21:30 - 00000000 ____D () C:\Windows\SysWOW64\directx
2014-10-14 11:48 - 2011-10-30 21:30 - 00000000 ___HD () C:\Windows\msdownld.tmp
2014-10-09 12:13 - 2012-12-12 16:56 - 00007612 _____ () C:\Users\Eli\AppData\Local\Resmon.ResmonCfg
2014-10-02 15:55 - 2012-09-15 07:18 - 00000000 ____D () C:\Users\Eli\Documents\WB Games
2014-10-02 00:36 - 2014-10-01 23:40 - 00000000 ____D () C:\Program Files (x86)\Middle Earth Shadow of Mordor
 
Some content of TEMP:
====================
C:\Users\Eli\AppData\Local\Temp\Game.exe
C:\Users\Eli\AppData\Local\Temp\jre-7u65-windows-i586-iftw.exe
C:\Users\Eli\AppData\Local\Temp\jre-7u67-windows-i586-iftw.exe
C:\Users\Eli\AppData\Local\Temp\jre-7u71-windows-i586-iftw.exe
C:\Users\Eli\AppData\Local\Temp\nvSCPAPI.dll
C:\Users\Eli\AppData\Local\Temp\nvStInst.exe
C:\Users\Eli\AppData\Local\Temp\Wildstar.exe
 
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2014-10-06 14:38
 
==================== End Of Log ============================


#4 B-boy/StyLe/

B-boy/StyLe/

    Bleepin' Freestyler


  • Malware Response Team
  • 8,285 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Bulgaria
  • Local time:07:21 PM

Posted 06 November 2014 - 04:23 AM

Hello! Welcome to BleepingComputer Forums! :welcome:
My name is Georgi and and I will be helping you with your computer problems.

Before we begin, please note the following:

  • I will working be on your Malware issues, this may or may not, solve other issues you have with your machine.
  • The logs can take some time to research, so please be patient with me.
  • Stay with the topic until I tell you that your system is clean. Missing symptoms does not mean that everything is okay.
  • Instructions that I give are for your system only!
  • Please do not run any tools until requested ! The reason for this is so I know what is going on with the machine at any time. Some programs can interfere with others and hamper the recovery process.
  • Please perform all steps in the order received. If you can't understand something don't hesitate to ask.
  • Again I would like to remind you to make no further changes to your computer unless I direct you to do so. I will not help you if you do not follow my instructions.

 

 

If the system has been used after topic creation time we need to take a look at fresh logs.
Please download the latest version of Farbar Recovery Scan Tool and save it to your desktop.

Note: You need to run the version compatibale with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.

  • Double-click to run it. When the tool opens click Yes to disclaimer.
  • Press Scan button.
  • It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
  • The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.

 

 

Regards,

Georgi


cXfZ4wS.png


#5 Fexhie

Fexhie
  • Topic Starter

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:11:21 AM

Posted 07 November 2014 - 11:44 AM

Thanks for the response.  I unfortunately went ahead and formatted. The virus was spreading all over my system and was inserting files into pretty much every folder so I did not have much choice.  I think I am rid of it now tho.  Thanks for the help anyway!



#6 B-boy/StyLe/

B-boy/StyLe/

    Bleepin' Freestyler


  • Malware Response Team
  • 8,285 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Bulgaria
  • Local time:07:21 PM

Posted 07 November 2014 - 02:34 PM

Thank you for the feedback and safe surfing! :)

 

 

Regards,

Georgi


cXfZ4wS.png


#7 B-boy/StyLe/

B-boy/StyLe/

    Bleepin' Freestyler


  • Malware Response Team
  • 8,285 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Bulgaria
  • Local time:07:21 PM

Posted 19 November 2014 - 03:58 AM

It appears that this issue is resolved, therefore I am closing the topic. If that is not the case and you need or wish to continue with this topic, please send me or any Moderator a Personal Message (PM) that you would like this topic re-opened.

cXfZ4wS.png





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users