Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

GC\Horcy\Default\Extensions\jmii- Problem


  • This topic is locked This topic is locked
12 replies to this topic

#1 gamewalkerz

gamewalkerz

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:04:05 AM

Posted 02 January 2015 - 08:44 PM

Hello all, I have a dire problem with my laptop.

Whenever right clicking on folders and the desktop Windows Explorer crashes and restarts.

Scanning with Malware Bytes brang up GigaClicks that for months I have had no luck with deleting it permanently.

Thinking that it is the cause and fed up of it, here I am.

Here is the log coming from Malware Bytes:

 

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 346507
Time Elapsed: 34 min, 38 sec
 
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled
 
Processes: 0
(No malicious items detected)
 
Modules: 0
(No malicious items detected)
 
Registry Keys: 0
(No malicious items detected)
 
Registry Values: 0
(No malicious items detected)
 
Registry Data: 0
(No malicious items detected)
 
Folders: 4
PUP.Optional.GigaClicks.A, C:\Users\Anthony\AppData\Local\GC\Horsy\Default\Extensions\jmiibbdogibcphdfkkmlimfffneaecbc, , [e3be31c18affee485b61da606c9723dd], 
PUP.Optional.GigaClicks.A, C:\Users\Anthony\AppData\Local\GC\Horsy\Default\Extensions\jmiibbdogibcphdfkkmlimfffneaecbc\2.4_0, , [e3be31c18affee485b61da606c9723dd], 
PUP.Optional.GigaClicks.A, C:\Users\Anthony\AppData\Local\GC\Horsy\Default\Extensions\jmiibbdogibcphdfkkmlimfffneaecbc\2.4_0\plugin, , [e3be31c18affee485b61da606c9723dd], 
PUP.Optional.GigaClicks.A, C:\Users\Anthony\AppData\Local\GC\Horsy\Default\Extensions\jmiibbdogibcphdfkkmlimfffneaecbc\2.4_0\plugin\resources, , [e3be31c18affee485b61da606c9723dd], 
 
Files: 18
PUP.Optional.GigaClicks.A, C:\Users\Anthony\AppData\Local\GC\Horsy\Default\Extensions\jmiibbdogibcphdfkkmlimfffneaecbc\2.4_0\background.html, , [e3be31c18affee485b61da606c9723dd], 
PUP.Optional.GigaClicks.A, C:\Users\Anthony\AppData\Local\GC\Horsy\Default\Extensions\jmiibbdogibcphdfkkmlimfffneaecbc\2.4_0\background.js, , [e3be31c18affee485b61da606c9723dd], 
PUP.Optional.GigaClicks.A, C:\Users\Anthony\AppData\Local\GC\Horsy\Default\Extensions\jmiibbdogibcphdfkkmlimfffneaecbc\2.4_0\content_script.js, , [e3be31c18affee485b61da606c9723dd], 
PUP.Optional.GigaClicks.A, C:\Users\Anthony\AppData\Local\GC\Horsy\Default\Extensions\jmiibbdogibcphdfkkmlimfffneaecbc\2.4_0\eventPage.js, , [e3be31c18affee485b61da606c9723dd], 
PUP.Optional.GigaClicks.A, C:\Users\Anthony\AppData\Local\GC\Horsy\Default\Extensions\jmiibbdogibcphdfkkmlimfffneaecbc\2.4_0\manifest.json, , [e3be31c18affee485b61da606c9723dd], 
PUP.Optional.GigaClicks.A, C:\Users\Anthony\AppData\Local\GC\Horsy\Default\Extensions\jmiibbdogibcphdfkkmlimfffneaecbc\2.4_0\plugin\apihook.dll, , [e3be31c18affee485b61da606c9723dd], 
PUP.Optional.GigaClicks.A, C:\Users\Anthony\AppData\Local\GC\Horsy\Default\Extensions\jmiibbdogibcphdfkkmlimfffneaecbc\2.4_0\plugin\convenience.dll, , [e3be31c18affee485b61da606c9723dd], 
PUP.Optional.GigaClicks.A, C:\Users\Anthony\AppData\Local\GC\Horsy\Default\Extensions\jmiibbdogibcphdfkkmlimfffneaecbc\2.4_0\plugin\resources\notip_mousedown.png, , [e3be31c18affee485b61da606c9723dd], 
PUP.Optional.GigaClicks.A, C:\Users\Anthony\AppData\Local\GC\Horsy\Default\Extensions\jmiibbdogibcphdfkkmlimfffneaecbc\2.4_0\plugin\resources\notip_mousedown_win7.png, , [e3be31c18affee485b61da606c9723dd], 
PUP.Optional.GigaClicks.A, C:\Users\Anthony\AppData\Local\GC\Horsy\Default\Extensions\jmiibbdogibcphdfkkmlimfffneaecbc\2.4_0\plugin\resources\notip_mouseover.png, , [e3be31c18affee485b61da606c9723dd], 
PUP.Optional.GigaClicks.A, C:\Users\Anthony\AppData\Local\GC\Horsy\Default\Extensions\jmiibbdogibcphdfkkmlimfffneaecbc\2.4_0\plugin\resources\notip_mouseover_win7.png, , [e3be31c18affee485b61da606c9723dd], 
PUP.Optional.GigaClicks.A, C:\Users\Anthony\AppData\Local\GC\Horsy\Default\Extensions\jmiibbdogibcphdfkkmlimfffneaecbc\2.4_0\plugin\resources\notip_normal.png, , [e3be31c18affee485b61da606c9723dd], 
PUP.Optional.GigaClicks.A, C:\Users\Anthony\AppData\Local\GC\Horsy\Default\Extensions\jmiibbdogibcphdfkkmlimfffneaecbc\2.4_0\plugin\resources\notip_normal_win7.png, , [e3be31c18affee485b61da606c9723dd], 
PUP.Optional.GigaClicks.A, C:\Users\Anthony\AppData\Local\GC\Horsy\Default\Extensions\jmiibbdogibcphdfkkmlimfffneaecbc\2.4_0\plugin\resources\tip_mousedown.png, , [e3be31c18affee485b61da606c9723dd], 
PUP.Optional.GigaClicks.A, C:\Users\Anthony\AppData\Local\GC\Horsy\Default\Extensions\jmiibbdogibcphdfkkmlimfffneaecbc\2.4_0\plugin\resources\tip_mousedown_win7.png, , [e3be31c18affee485b61da606c9723dd], 
PUP.Optional.GigaClicks.A, C:\Users\Anthony\AppData\Local\GC\Horsy\Default\Extensions\jmiibbdogibcphdfkkmlimfffneaecbc\2.4_0\plugin\resources\tip_mouseover.png, , [e3be31c18affee485b61da606c9723dd], 
PUP.Optional.GigaClicks.A, C:\Users\Anthony\AppData\Local\GC\Horsy\Default\Extensions\jmiibbdogibcphdfkkmlimfffneaecbc\2.4_0\plugin\resources\tip_mouseover_win7.png, , [e3be31c18affee485b61da606c9723dd], 
PUP.Optional.GigaClicks.A, C:\Users\Anthony\AppData\Local\GC\Horsy\Default\Extensions\jmiibbdogibcphdfkkmlimfffneaecbc\2.4_0\plugin\resources\tip_normal.png, , [e3be31c18affee485b61da606c9723dd], 
 
Physical Sectors: 0
(No malicious items detected)
 
(end)

 

Take your time and have fun guiding me through this dilemma.

Thanks, ~Jesse

 

Also: Ever since this problem, Kaspersky Pure will not finish it's loading screen and just sits there for hours.. and hours..


Edited by gamewalkerz, 02 January 2015 - 09:01 PM.


BC AdBot (Login to Remove)

 


#2 Machiavelli

Machiavelli

    Agent 007


  • Malware Response Instructor
  • 4,031 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:11:05 AM

Posted 07 January 2015 - 05:15 PM

Hey my friend, :)
Please move the items that MBAM found to the quarantine.

Please download FRST (by Farbar) from the link below and save it to your Desktop.

Download Mirror #1

If you are unsure whether you have 32-Bit or 64-Bit Windows, see here
  • Disable all anti-virus and anti-malware software to prevent them inhibiting FRST in any way. If you are unsure how to do this, see THIS.
  • Double-click FRST.exe/FRST64.exe (depending on which version you downloaded) to run it. (if you have Windows Vista / Windows 7 / Windows 8: Please do a Right click on the FRST icon and select Run as Administrator)
  • When the disclaimer appears, click Yes.
  • Click Scan to start FRST.
  • When FRST finishes scanning, two logs, FRST.txt and Addition.txt will open.
  • Copy (Ctrl+C) and Paste (Ctrl+V) the contents of both of these logs into your next post please.

~Machiavelli

If I don't reply within 24 hours please PM me!

  • Every topic with no replies within 5 days will be closed.
  • If you like my help here please give me feedback.

unite_blue.png
 
 


#3 gamewalkerz

gamewalkerz
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:04:05 AM

Posted 08 January 2015 - 03:55 AM

Well this is great xD

Tomorrow I have to bring my laptop in for upgrading, and was going to do a backup

Right click made it so I couldn't, so I went to see if there was a fix for it.

End of the line, I uninstalled Kaspersky and everything is fine. Using Avira now.

Avira, unlike Malware Bytes, found more files connected to the initial virus problem.

All fixed now thankyou, they are not coming back ;)

Sorry about my patience, I did it all myself xD


Edited by gamewalkerz, 08 January 2015 - 05:22 AM.


#4 gamewalkerz

gamewalkerz
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:04:05 AM

Posted 08 January 2015 - 05:23 AM

Well I have my confidence go down xD

The virus is back sadly.

Doing what your said now



#5 gamewalkerz

gamewalkerz
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:04:05 AM

Posted 08 January 2015 - 05:32 AM

FRST.exe:

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 07-01-2015
Ran by Anthony (administrator) on TOSHIBA on 08-01-2015 21:27:06
Running from C:\Users\Anthony\Desktop
Loaded Profiles: Anthony &  (Available profiles: Anthony)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Razer Inc.) C:\Program Files (x86)\Razer\Razer Game Booster\RzKLService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
(Glarysoft Ltd) C:\Program Files (x86)\Glary Utilities 5\Integrator.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe.old
(Bogdan Sharkov) C:\Program Files (x86)\Clownfish\Clownfish.exe
(AMD) C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
() C:\Program Files (x86)\ESO Survey Live\ESOSurveyLive.exe
(Dropbox, Inc.) C:\Users\Anthony\AppData\Roaming\Dropbox\bin\Dropbox.exe
() C:\Program Files\Rainmeter\Rainmeter.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-Agent.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(AMD) C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM64.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Raptr, Inc) C:\Program Files (x86)\Raptr\raptr.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Raptr, Inc) C:\Program Files (x86)\Raptr\raptr_im.exe
(Raptr Inc.) C:\Program Files (x86)\Raptr\raptr_ep64.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\nacl64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\nacl64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avcenter.exe
 
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [1686528 2012-03-27] (Wondershare)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-20] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [60712 2014-10-11] (Apple Inc.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767200 2014-04-17] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [BlueStacks Agent] => C:\Program Files (x86)\BlueStacks\HD-Agent.exe [835288 2014-08-13] (BlueStack Systems, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [271744 2014-09-26] (Oracle Corporation)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [157480 2014-10-15] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-10-02] (Apple Inc.)
HKLM-x32\...\Run: [Raptr] => C:\Program Files (x86)\Raptr\raptrstub.exe [55568 2014-11-19] (Raptr, Inc)
HKLM-x32\...\Run: [Lightshot] => C:\Program Files (x86)\Skillbrains\lightshot\Lightshot.exe [226560 2014-11-18] ()
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [3838800 2014-12-13] (LogMeIn Inc.)
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [126200 2014-11-20] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [702768 2014-11-24] (Avira Operations GmbH & Co. KG)
HKU\S-1-5-21-2426978524-3854536212-1475799715-1000\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [1941696 2015-01-06] (Valve Corporation)
HKU\S-1-5-21-2426978524-3854536212-1475799715-1000\...\Run: [LightShot] => C:\Users\Anthony\AppData\Local\Skillbrains\lightshot\Lightshot.exe
HKU\S-1-5-21-2426978524-3854536212-1475799715-1000\...\Run: [Dxtory Update Checker 2.0] => C:\Program Files (x86)\ExKode\Dxtory2.0\UpdateChecker.exe [93696 2010-10-17] (Dxtory Software)
HKU\S-1-5-21-2426978524-3854536212-1475799715-1000\...\Run: [Clownfish] => C:\Program Files (x86)\Clownfish\Clownfish.exe [1323776 2014-09-24] (Bogdan Sharkov)
HKU\S-1-5-21-2426978524-3854536212-1475799715-1000\...\Run: [HydraVisionDesktopManager] => C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe [1967616 2014-04-17] (AMD)
HKU\S-1-5-21-2426978524-3854536212-1475799715-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [30873192 2014-12-11] (Skype Technologies S.A.)
HKU\S-1-5-21-2426978524-3854536212-1475799715-1000\...\Run: [GUDelayStartup] => C:\Program Files (x86)\Glary Utilities 5\StartupManager.exe [37152 2015-01-05] (Glarysoft Ltd)
HKU\S-1-5-21-2426978524-3854536212-1475799715-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [1941696 2015-01-06] (Valve Corporation)
HKU\S-1-5-21-2426978524-3854536212-1475799715-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [LightShot] => C:\Users\Anthony\AppData\Local\Skillbrains\lightshot\Lightshot.exe
HKU\S-1-5-21-2426978524-3854536212-1475799715-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Dxtory Update Checker 2.0] => C:\Program Files (x86)\ExKode\Dxtory2.0\UpdateChecker.exe [93696 2010-10-17] (Dxtory Software)
HKU\S-1-5-21-2426978524-3854536212-1475799715-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Clownfish] => C:\Program Files (x86)\Clownfish\Clownfish.exe [1323776 2014-09-24] (Bogdan Sharkov)
HKU\S-1-5-21-2426978524-3854536212-1475799715-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [HydraVisionDesktopManager] => C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe [1967616 2014-04-17] (AMD)
HKU\S-1-5-21-2426978524-3854536212-1475799715-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [30873192 2014-12-11] (Skype Technologies S.A.)
HKU\S-1-5-21-2426978524-3854536212-1475799715-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [GUDelayStartup] => C:\Program Files (x86)\Glary Utilities 5\StartupManager.exe [37152 2015-01-05] (Glarysoft Ltd)
IFEO\bitguard.exe: [Debugger] tasklist.exe
IFEO\bprotect.exe: [Debugger] tasklist.exe
IFEO\bpsvc.exe: [Debugger] tasklist.exe
IFEO\browsemngr.exe: [Debugger] tasklist.exe
IFEO\browserdefender.exe: [Debugger] tasklist.exe
IFEO\browsermngr.exe: [Debugger] tasklist.exe
IFEO\browserprotect.exe: [Debugger] tasklist.exe
IFEO\browsersafeguard.exe: [Debugger] tasklist.exe
IFEO\bundlesweetimsetup.exe: [Debugger] tasklist.exe
IFEO\cltmngsvc.exe: [Debugger] tasklist.exe
IFEO\delta babylon.exe: [Debugger] tasklist.exe
IFEO\delta tb.exe: [Debugger] tasklist.exe
IFEO\delta2.exe: [Debugger] tasklist.exe
IFEO\deltainstaller.exe: [Debugger] tasklist.exe
IFEO\deltasetup.exe: [Debugger] tasklist.exe
IFEO\deltatb.exe: [Debugger] tasklist.exe
IFEO\deltatb_2501-c733154b.exe: [Debugger] tasklist.exe
IFEO\dprotectsvc.exe: [Debugger] tasklist.exe
IFEO\iminentsetup.exe: [Debugger] tasklist.exe
IFEO\jumpflip: [Debugger] tasklist.exe
IFEO\protectedsearch.exe: [Debugger] tasklist.exe
IFEO\rjatydimofu.exe: [Debugger] tasklist.exe
IFEO\searchinstaller.exe: [Debugger] tasklist.exe
IFEO\searchprotection.exe: [Debugger] tasklist.exe
IFEO\searchprotector.exe: [Debugger] tasklist.exe
IFEO\searchsettings.exe: [Debugger] tasklist.exe
IFEO\searchsettings64.exe: [Debugger] tasklist.exe
IFEO\snapdo.exe: [Debugger] tasklist.exe
IFEO\stinst32.exe: [Debugger] tasklist.exe
IFEO\stinst64.exe: [Debugger] tasklist.exe
IFEO\sweetimsetup.exe: [Debugger] tasklist.exe
IFEO\tbdelta.exetoolbar783881609.exe: [Debugger] tasklist.exe
IFEO\umbrella.exe: [Debugger] tasklist.exe
IFEO\utiljumpflip.exe: [Debugger] tasklist.exe
IFEO\volaro: [Debugger] tasklist.exe
IFEO\vonteera: [Debugger] tasklist.exe
IFEO\websteroids.exe: [Debugger] tasklist.exe
IFEO\websteroidsservice.exe: [Debugger] tasklist.exe
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ESO Survey Live.lnk
ShortcutTarget: ESO Survey Live.lnk -> C:\Program Files (x86)\ESO Survey Live\ESOSurveyLive.exe ()
Startup: C:\Users\Anthony\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Anthony\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\Anthony\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Rainmeter.lnk
ShortcutTarget: Rainmeter.lnk -> C:\Program Files\Rainmeter\Rainmeter.exe ()
HKLM\...\AppCertDlls: [x86] -> C:\Program Files (x86)\Movies Toolbar\SafetyNut\safetycrt.dll
HKLM\...\AppCertDlls: [x64] -> c:\program files (x86)\movies toolbar\safetynut\x64\safetycrt.dll
BootExecute: autocheck autochk *  
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
HKU\S-1-5-21-2426978524-3854536212-1475799715-1000\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=9&ar=msnhome
HKU\S-1-5-21-2426978524-3854536212-1475799715-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://ninemsn.com.au/?ocid=iehp
HKU\S-1-5-21-2426978524-3854536212-1475799715-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=9&ar=msnhome
HKU\S-1-5-21-2426978524-3854536212-1475799715-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://ninemsn.com.au/?ocid=iehp
SearchScopes: HKLM-x32 -> DefaultScope {018B5FAD-E61A-40D3-80BD-F614F644C5DB} URL = 
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKU\S-1-5-21-2426978524-3854536212-1475799715-1000 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKU\S-1-5-21-2426978524-3854536212-1475799715-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
 
FireFox:
========
FF ProfilePath: C:\Users\Anthony\AppData\Roaming\Mozilla\Firefox\Profiles\g0bvSwSz.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_246.dll ()
FF Plugin: @java.com/DTPlugin,version=10.45.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.45.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_246.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1202122.dll (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.71.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.71.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3522.0110 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2426978524-3854536212-1475799715-1000: @nsroblox.roblox.com/launcher -> C:\Program Files (x86)\Roblox\Versions\version-79a62ec00b324436\\NPRobloxProxy.dll ( ROBLOX Corporation)
FF Plugin HKU\S-1-5-21-2426978524-3854536212-1475799715-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Anthony\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-2426978524-3854536212-1475799715-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0: @nsroblox.roblox.com/launcher -> C:\Program Files (x86)\Roblox\Versions\version-79a62ec00b324436\\NPRobloxProxy.dll ( ROBLOX Corporation)
FF Plugin HKU\S-1-5-21-2426978524-3854536212-1475799715-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Anthony\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Extension: Avira Browser Safety - C:\Users\Anthony\AppData\Roaming\Mozilla\Firefox\Profiles\g0bvSwSz.default\Extensions\abs@avira.com [2015-01-08]
 
Chrome: 
=======
CHR HomePage: Default -> hxxp://www.google.com/
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}{google:searchVersion}{google:sessionToken}{google:prefetchQuery}sugkey={google:suggestAPIKeyParameter}
CHR Profile: C:\Users\Anthony\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Drive) - C:\Users\Anthony\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-07-04]
CHR Extension: (Flappy Tunnel Bird for Chrome) - C:\Users\Anthony\AppData\Local\Google\Chrome\User Data\Default\Extensions\bejddkeopdhkdpgcckgeanfooacifkjb [2014-02-11]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Anthony\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-05-25]
CHR Extension: (YouTube) - C:\Users\Anthony\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-07-04]
CHR Extension: (Google Search) - C:\Users\Anthony\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-07-04]
CHR Extension: (Avira Browser Safety) - C:\Users\Anthony\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2015-01-08]
CHR Extension: (Chrome Remote Desktop) - C:\Users\Anthony\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbchcmhmhahfdphkhkmpfmihenigjmpp [2015-01-03]
CHR Extension: (Don't Starve) - C:\Users\Anthony\AppData\Local\Google\Chrome\User Data\Default\Extensions\hiledapehlkhdehbhppgmekfalnlfajc [2013-07-04]
CHR Extension: (Little Alchemy) - C:\Users\Anthony\AppData\Local\Google\Chrome\User Data\Default\Extensions\knkapnclbofjjgicpkfoagdjohlfjhpd [2013-10-04]
CHR Extension: (Google Wallet) - C:\Users\Anthony\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-23]
CHR Extension: (Gmail) - C:\Users\Anthony\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-07-04]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - No Path
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - No Path
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-07-14]
 
==================== Services (Whitelisted) =================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [431920 2014-11-24] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [431920 2014-11-24] (Avira Operations GmbH & Co. KG)
R2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [166192 2014-11-20] (Avira Operations GmbH & Co. KG)
S2 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [409304 2014-08-13] (BlueStack Systems, Inc.)
R2 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [384728 2014-08-13] (BlueStack Systems, Inc.)
R2 BstHdUpdaterSvc; C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe [777944 2014-08-13] (BlueStack Systems, Inc.)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
S3 EasyAntiCheat; C:\Windows\SysWOW64\EasyAntiCheat.exe [182304 2014-11-07] (EasyAntiCheat Ltd)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [417552 2014-12-02] (LogMeIn, Inc.)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2014-11-21] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [969016 2014-11-21] (Malwarebytes Corporation)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2013-10-29] ()
R2 RzKLService; C:\Program Files (x86)\Razer\Razer Game Booster\RzKLService.exe [105448 2014-02-25] (Razer Inc.)
S3 WMPNetworkSvc; No ImagePath
 
==================== Drivers (Whitelisted) ====================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [119272 2014-11-24] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [131608 2014-11-24] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2014-11-24] (Avira Operations GmbH & Co. KG)
R2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [122072 2014-08-13] (BlueStack Systems)
R1 GUBootStartup; C:\Windows\System32\drivers\GUBootStartup.sys [20160 2015-01-08] (Glarysoft Ltd)
R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [28656 2013-03-18] (Intel Corporation)
R3 L1C; C:\Windows\System32\DRIVERS\L1C62x64.sys [127568 2013-03-04] (Qualcomm Atheros Co., Ltd.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-11-21] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [129752 2015-01-08] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-11-21] (Malwarebytes Corporation)
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2013-03-18] (Apple, Inc.) [File not signed]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
 
 
==================== One Month Created Files and Folders ========
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2015-01-08 21:27 - 2015-01-08 21:27 - 00025959 _____ () C:\Users\Anthony\Desktop\FRST.txt
2015-01-08 21:26 - 2015-01-08 21:27 - 00000000 ____D () C:\FRST
2015-01-08 21:24 - 2015-01-08 21:24 - 02124288 _____ (Farbar) C:\Users\Anthony\Downloads\FRST64.exe
2015-01-08 21:24 - 2015-01-08 21:24 - 02124288 _____ (Farbar) C:\Users\Anthony\Desktop\FRST64.exe
2015-01-08 15:11 - 2015-01-08 15:09 - 00043064 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2015-01-08 15:09 - 2015-01-08 15:09 - 00000000 ____D () C:\Users\Anthony\AppData\Roaming\Avira
2015-01-08 15:08 - 2015-01-08 15:08 - 00000000 ____D () C:\Users\Anthony\AppData\Roaming\Mozilla
2015-01-08 15:06 - 2014-11-24 10:23 - 00131608 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2015-01-08 15:06 - 2014-11-24 10:23 - 00119272 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2015-01-08 15:06 - 2014-11-24 10:23 - 00028600 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys
2015-01-08 15:02 - 2015-01-08 15:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2015-01-08 15:02 - 2015-01-08 15:06 - 00000000 ____D () C:\ProgramData\Avira
2015-01-08 15:02 - 2015-01-08 15:06 - 00000000 ____D () C:\Program Files (x86)\Avira
2015-01-08 15:02 - 2015-01-08 15:02 - 00001133 _____ () C:\Users\Public\Desktop\Avira.lnk
2015-01-08 14:35 - 2015-01-08 14:37 - 03051011 _____ () C:\Users\Anthony\Downloads\kavremvr 2015-01-08 14-35-45 (pid 1200).log
2015-01-08 14:33 - 2015-01-08 14:35 - 07254208 _____ (Kaspersky Lab ZAO) C:\Users\Anthony\Downloads\kavremover.exe
2015-01-08 14:32 - 2015-01-08 14:32 - 04549888 _____ (Avira Operations & Co. KG) C:\Users\Anthony\Downloads\avira_en_av_5768081326__ws.exe
2015-01-08 13:03 - 2015-01-08 14:40 - 00000336 _____ () C:\Windows\Tasks\GlaryInitialize 5.job
2015-01-08 13:03 - 2015-01-08 13:03 - 00020160 _____ (Glarysoft Ltd) C:\Windows\system32\Drivers\GUBootStartup.sys
2015-01-08 13:03 - 2015-01-08 13:03 - 00002634 _____ () C:\Windows\System32\Tasks\GlaryInitialize 5
2015-01-08 13:03 - 2015-01-08 13:03 - 00001096 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glary Utilities 5.lnk
2015-01-08 13:03 - 2015-01-08 13:03 - 00000000 ____D () C:\Users\Anthony\AppData\Roaming\GlarySoft
2015-01-08 13:03 - 2015-01-08 13:03 - 00000000 ____D () C:\Users\Anthony\AppData\Roaming\DiskDefrag
2015-01-08 13:03 - 2015-01-08 13:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glary Utilities 5
2015-01-08 13:02 - 2015-01-08 14:40 - 00000000 ____D () C:\Program Files (x86)\Glary Utilities 5
2015-01-08 13:00 - 2015-01-08 13:00 - 00000000 ____D () C:\Users\Anthony\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\NirSoft ShellExView
2015-01-08 13:00 - 2015-01-08 13:00 - 00000000 ____D () C:\Program Files (x86)\NirSoft
2015-01-08 12:58 - 2015-01-08 13:00 - 14879544 _____ () C:\Users\Anthony\Downloads\gu5setup.exe
2015-01-08 12:51 - 2015-01-08 12:53 - 00140960 _____ () C:\Users\Anthony\Downloads\shexview_setup.exe
2015-01-03 12:35 - 2015-01-03 12:35 - 00005203 _____ () C:\Users\Anthony\Desktop\GC_Horsy.txt
2015-01-03 11:46 - 2015-01-03 11:47 - 02000785 _____ () C:\Users\Anthony\Downloads\Fish.zip
2015-01-03 11:40 - 2015-01-03 11:40 - 08317952 _____ () C:\Users\Anthony\Downloads\chromeremotedesktophost.msi
2015-01-03 11:33 - 2015-01-03 11:33 - 00000000 __SHD () C:\Users\Anthony\AppData\Local\EmieBrowserModeList
2015-01-02 19:49 - 2015-01-02 19:50 - 02380328 _____ () C:\Users\Anthony\Downloads\appliedenergistics2-rv1-stable-1.jar
2015-01-02 11:38 - 2015-01-02 11:39 - 01706107 _____ () C:\Users\Anthony\Downloads\extrautilities-1.2.1.jar
2015-01-01 14:51 - 2015-01-01 14:51 - 00000222 _____ () C:\Users\Anthony\Desktop\Godus.url
2015-01-01 14:11 - 2015-01-01 14:11 - 00260371 _____ () C:\Users\Anthony\Downloads\Autorank.jar
2014-12-29 20:22 - 2014-12-29 20:22 - 00465815 _____ () C:\Users\Anthony\Downloads\Zans-MinimapNoRadar-Mod-1.7.10.jar
2014-12-29 20:09 - 2014-12-29 20:10 - 00367294 _____ () C:\Users\Anthony\Downloads\mod_voxelMap_1.2.3_for_1.7.10.litemod
2014-12-29 19:55 - 2014-12-29 19:55 - 00510637 _____ () C:\Users\Anthony\Downloads\NotEnoughItems-1.7.10-1.0.4.80-universal.jar
2014-12-29 19:55 - 2014-12-29 19:55 - 00143274 _____ () C:\Users\Anthony\Downloads\EnderStorage-1.7.10-1.4.5.27-universal.jar
2014-12-29 19:51 - 2014-12-29 19:51 - 00157678 _____ () C:\Users\Anthony\Downloads\CodeChickenCore-1.7.10-1.0.4.29-universal.jar
2014-12-29 19:36 - 2014-12-29 19:36 - 00047354 _____ () C:\Users\Anthony\Downloads\TiCTooltips-mc1.7.10-1.1.11b (1).jar
2014-12-29 19:35 - 2014-12-29 19:35 - 00196807 _____ () C:\Users\Anthony\Downloads\Mantle-1.7.10-0.3.2 (1).jar
2014-12-29 19:34 - 2014-12-29 19:35 - 05214223 _____ () C:\Users\Anthony\Downloads\TConstruct-1.7.10-1.8.1.jar
2014-12-29 19:30 - 2014-12-29 19:31 - 03105553 _____ () C:\Users\Anthony\Downloads\forge-1.7.10-10.13.2.1230-installer-win.exe
2014-12-27 14:18 - 2014-12-27 14:18 - 00296044 _____ () C:\Users\Anthony\Downloads\Vault.jar
2014-12-27 14:18 - 2014-12-27 14:18 - 00088477 _____ () C:\Users\Anthony\Downloads\CommandSigns.jar
2014-12-27 14:07 - 2014-12-27 14:08 - 00094554 _____ () C:\Users\Anthony\Downloads\WarpPortals_v0563.jar
2014-12-27 12:22 - 2014-12-27 12:22 - 00990670 _____ () C:\Users\Anthony\Downloads\Essentials.zip
2014-12-27 12:21 - 2014-12-27 12:21 - 01568433 _____ () C:\Users\Anthony\Downloads\worldedit-bukkit-6.0.jar
2014-12-27 12:21 - 2014-12-27 12:21 - 00136362 _____ () C:\Users\Anthony\Downloads\EssentialsGroupManager.jar
2014-12-27 12:20 - 2014-12-27 12:20 - 00324043 _____ () C:\Users\Anthony\Downloads\worldguard-5.9.zip
2014-12-27 12:19 - 2015-01-03 12:19 - 00000000 ____D () C:\Users\Anthony\Desktop\G-Plugins
2014-12-26 11:31 - 2014-12-26 11:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2014-12-26 11:29 - 2014-12-26 11:31 - 00000926 _____ () C:\Users\Public\Desktop\LogMeIn Hamachi.lnk
2014-12-25 16:05 - 2014-12-25 16:06 - 00018549 _____ () C:\Windows\DirectX.log
2014-12-25 07:36 - 2014-12-13 16:09 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-12-25 07:36 - 2014-12-13 14:33 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-12-24 11:48 - 2014-12-24 11:48 - 02698960 _____ (Igor Pavlov) C:\Users\Anthony\Downloads\sl630_sl650_bios_w240.exe
2014-12-24 11:14 - 2014-12-24 11:14 - 00000000 ____D () C:\2c0461275c75da552754a5f1af
2014-12-24 11:13 - 2014-10-18 13:05 - 04121600 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2014-12-24 11:13 - 2014-10-18 12:33 - 03209728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2014-12-24 11:13 - 2014-07-07 13:06 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2014-12-24 11:13 - 2014-07-07 13:06 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2014-12-24 11:13 - 2014-07-07 13:06 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2014-12-24 11:13 - 2014-07-07 13:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2014-12-24 11:13 - 2014-07-07 12:40 - 00103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
2014-12-24 11:13 - 2014-07-07 12:39 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe
2014-12-24 11:13 - 2014-07-07 12:39 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe
2014-12-24 11:13 - 2014-07-07 12:37 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll
2014-12-24 09:48 - 2014-12-24 12:00 - 00159200 _____ () C:\Users\Anthony\AppData\Roaming\CrashRpt1402.dll
2014-12-24 09:48 - 2014-12-24 09:48 - 00000000 ____D () C:\Users\Anthony\Desktop\SIW
2014-12-24 04:34 - 2014-11-11 14:09 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2014-12-24 04:34 - 2014-11-11 13:44 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2014-12-24 04:33 - 2014-11-27 12:43 - 00389296 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-12-24 04:33 - 2014-11-27 12:10 - 00342200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-12-24 04:33 - 2014-11-22 14:13 - 25059840 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-12-24 04:33 - 2014-11-22 14:06 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-12-24 04:33 - 2014-11-22 14:06 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-12-24 04:33 - 2014-11-22 13:50 - 00580096 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-12-24 04:33 - 2014-11-22 13:50 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-12-24 04:33 - 2014-11-22 13:49 - 02885120 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-12-24 04:33 - 2014-11-22 13:49 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-12-24 04:33 - 2014-11-22 13:48 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-12-24 04:33 - 2014-11-22 13:41 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-12-24 04:33 - 2014-11-22 13:40 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-12-24 04:33 - 2014-11-22 13:37 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-12-24 04:33 - 2014-11-22 13:35 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-12-24 04:33 - 2014-11-22 13:34 - 06039552 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-12-24 04:33 - 2014-11-22 13:34 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-12-24 04:33 - 2014-11-22 13:26 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-12-24 04:33 - 2014-11-22 13:22 - 19749376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-12-24 04:33 - 2014-11-22 13:22 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-12-24 04:33 - 2014-11-22 13:20 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-12-24 04:33 - 2014-11-22 13:14 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-12-24 04:33 - 2014-11-22 13:09 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-12-24 04:33 - 2014-11-22 13:08 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-12-24 04:33 - 2014-11-22 13:07 - 00501248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-12-24 04:33 - 2014-11-22 13:07 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-12-24 04:33 - 2014-11-22 13:06 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-12-24 04:33 - 2014-11-22 13:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-12-24 04:33 - 2014-11-22 13:05 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-12-24 04:33 - 2014-11-22 13:01 - 02277888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-12-24 04:33 - 2014-11-22 12:59 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-12-24 04:33 - 2014-11-22 12:58 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-12-24 04:33 - 2014-11-22 12:56 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-12-24 04:33 - 2014-11-22 12:54 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-12-24 04:33 - 2014-11-22 12:49 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-12-24 04:33 - 2014-11-22 12:49 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-12-24 04:33 - 2014-11-22 12:47 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-12-24 04:33 - 2014-11-22 12:46 - 02125312 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-12-24 04:33 - 2014-11-22 12:45 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-12-24 04:33 - 2014-11-22 12:43 - 14412800 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-12-24 04:33 - 2014-11-22 12:40 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-12-24 04:33 - 2014-11-22 12:36 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-12-24 04:33 - 2014-11-22 12:35 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-12-24 04:33 - 2014-11-22 12:33 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-12-24 04:33 - 2014-11-22 12:29 - 04299264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-12-24 04:33 - 2014-11-22 12:28 - 02358272 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-12-24 04:33 - 2014-11-22 12:23 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-12-24 04:33 - 2014-11-22 12:22 - 02052096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-12-24 04:33 - 2014-11-22 12:21 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-12-24 04:33 - 2014-11-22 12:15 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-12-24 04:33 - 2014-11-22 12:13 - 12836864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-12-24 04:33 - 2014-11-22 12:03 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-12-24 04:33 - 2014-11-22 12:00 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-12-24 04:33 - 2014-11-22 11:56 - 01307136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-12-24 04:33 - 2014-11-22 11:54 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-12-24 04:33 - 2014-11-11 12:46 - 00119296 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys
2014-12-24 04:32 - 2014-10-30 13:03 - 00165888 _____ (Microsoft Corporation) C:\Windows\system32\charmap.exe
2014-12-24 04:32 - 2014-10-30 12:45 - 00155136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\charmap.exe
2014-12-24 04:31 - 2014-11-08 14:16 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-12-24 04:31 - 2014-11-08 13:45 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-12-24 04:31 - 2014-10-03 13:12 - 02020352 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll
2014-12-24 04:31 - 2014-10-03 13:12 - 00346624 _____ (Microsoft Corporation) C:\Windows\system32\WSManMigrationPlugin.dll
2014-12-24 04:31 - 2014-10-03 13:12 - 00310272 _____ (Microsoft Corporation) C:\Windows\system32\WsmWmiPl.dll
2014-12-24 04:31 - 2014-10-03 13:12 - 00181248 _____ (Microsoft Corporation) C:\Windows\system32\WsmAuto.dll
2014-12-24 04:31 - 2014-10-03 13:11 - 00266240 _____ (Microsoft Corporation) C:\Windows\system32\WSManHTTPConfig.exe
2014-12-24 04:31 - 2014-10-03 12:45 - 01177088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmSvc.dll
2014-12-24 04:31 - 2014-10-03 12:45 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManMigrationPlugin.dll
2014-12-24 04:31 - 2014-10-03 12:45 - 00214016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmWmiPl.dll
2014-12-24 04:31 - 2014-10-03 12:45 - 00145920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmAuto.dll
2014-12-24 04:31 - 2014-10-03 12:44 - 00198656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManHTTPConfig.exe
2014-12-21 16:12 - 2014-12-21 16:12 - 00000000 ____D () C:\Users\Anthony\AppData\Local\My Games
2014-12-21 14:09 - 2014-12-21 15:59 - 00000000 ____D () C:\Users\Anthony\AppData\Roaming\Games
2014-12-21 13:54 - 2014-12-21 13:55 - 00000000 ____D () C:\Program Files (x86)\The Adventure Company
2014-12-21 13:18 - 2014-12-24 21:19 - 00000220 _____ () C:\Users\Anthony\Desktop\Sid Meier's Civilization V.url
2014-12-18 18:41 - 2014-12-24 21:53 - 00000222 _____ () C:\Users\Anthony\Desktop\Don't Starve Together Beta.url
2014-12-17 18:25 - 2014-12-26 11:31 - 00000000 ____D () C:\Program Files (x86)\LogMeIn Hamachi
2014-12-14 16:16 - 2014-12-14 16:16 - 04269736 _____ () C:\Users\Anthony\Downloads\Faithful32_Tekkit_3.1.3.zip
2014-12-14 16:16 - 2014-12-14 16:16 - 01289162 _____ () C:\Users\Anthony\Downloads\faithful32pack_1_2_5.zip
2014-12-11 07:45 - 2014-12-24 14:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lightshot
 
==================== One Month Modified Files and Folders =======
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2015-01-08 21:14 - 2013-07-02 12:04 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-01-08 21:09 - 2013-07-06 18:20 - 00000000 ____D () C:\Users\Anthony\AppData\Roaming\Skype
2015-01-08 20:58 - 2014-03-21 20:24 - 00000000 ____D () C:\Users\Anthony\AppData\Local\LogMeIn Hamachi
2015-01-08 20:54 - 2014-04-15 14:19 - 00000000 ____D () C:\Users\Anthony\AppData\Roaming\.minecraft
2015-01-08 20:36 - 2013-07-02 12:03 - 00000898 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-01-08 20:17 - 2013-08-08 22:07 - 00000392 _____ () C:\Windows\Tasks\update-sys.job
2015-01-08 19:53 - 2013-08-08 22:07 - 00000392 _____ () C:\Windows\Tasks\update-S-1-5-21-2426978524-3854536212-1475799715-1000.job
2015-01-08 19:35 - 2014-05-19 18:07 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-01-08 18:41 - 2014-06-20 21:23 - 00000000 ____D () C:\Users\Anthony\AppData\Roaming\Raptr
2015-01-08 15:13 - 2013-08-24 21:50 - 00000000 ____D () C:\Users\Anthony\AppData\Local\GC
2015-01-08 15:05 - 2013-07-02 11:00 - 01866907 _____ () C:\Windows\WindowsUpdate.log
2015-01-08 15:02 - 2014-06-09 18:06 - 00000000 ____D () C:\ProgramData\Package Cache
2015-01-08 14:48 - 2009-07-14 15:45 - 00028352 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-01-08 14:48 - 2009-07-14 15:45 - 00028352 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-01-08 14:42 - 2013-07-24 22:24 - 00000000 ___RD () C:\Users\Anthony\Dropbox
2015-01-08 14:42 - 2013-07-04 12:30 - 00000000 ____D () C:\Program Files (x86)\Steam
2015-01-08 14:41 - 2013-07-24 22:12 - 00000000 ____D () C:\Users\Anthony\AppData\Roaming\Dropbox
2015-01-08 14:39 - 2013-07-02 12:03 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-01-08 14:39 - 2009-07-14 16:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-01-08 14:38 - 2014-10-08 21:51 - 00024100 _____ () C:\Windows\PFRO.log
2015-01-08 14:38 - 2014-10-01 21:22 - 00009240 _____ () C:\Windows\setupact.log
2015-01-08 14:37 - 2014-06-20 20:09 - 00000000 ____D () C:\Users\Anthony\Desktop\FPS_Lag_Virsus Help
2015-01-08 14:23 - 2009-07-14 16:32 - 00000000 ____D () C:\Windows\Performance
2015-01-08 13:00 - 2014-05-16 22:32 - 00000312 _____ () C:\Windows\Tasks\FreeFixer background scan.job
2015-01-08 06:36 - 2009-07-14 16:13 - 00782470 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-01-05 21:58 - 2014-06-21 18:27 - 00000000 ____D () C:\Users\Anthony\Documents\FTB_Launcher
2015-01-05 21:31 - 2014-05-27 09:21 - 00000000 ____D () C:\Users\Anthony\AppData\Local\ftblauncher
2015-01-05 08:42 - 2013-07-06 18:20 - 00000000 ___RD () C:\Program Files (x86)\Skype
2015-01-05 08:42 - 2013-07-06 17:59 - 00000000 ____D () C:\ProgramData\Skype
2015-01-03 12:20 - 2014-08-05 08:45 - 00000000 ____D () C:\Users\Anthony\Desktop\Anime
2015-01-03 12:19 - 2013-07-06 17:05 - 00000000 ____D () C:\Users\Anthony\Desktop\Jesse's Stuff
2015-01-03 11:44 - 2013-07-02 12:03 - 00000000 ____D () C:\Program Files (x86)\Google
2015-01-03 11:08 - 2014-09-02 07:13 - 00000000 ____D () C:\Users\Anthony\AppData\Roaming\FileZilla
2015-01-01 14:51 - 2013-07-04 13:14 - 00000000 ____D () C:\Users\Anthony\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2014-12-30 20:16 - 2014-11-25 18:21 - 00001106 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-12-30 20:16 - 2014-05-19 18:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-12-30 20:16 - 2014-05-19 18:06 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-12-26 11:36 - 2013-08-04 18:30 - 22754064 _____ () C:\Users\Anthony\Desktop\TechnicLauncher.exe
2014-12-26 11:34 - 2013-08-04 18:51 - 00000000 ____D () C:\Users\Anthony\AppData\Roaming\.technic
2014-12-24 14:23 - 2014-11-21 05:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Gaming Evolved
2014-12-24 14:23 - 2014-10-21 15:57 - 00000000 ____D () C:\Program Files (x86)\AGEIA Technologies
2014-12-24 14:23 - 2014-07-13 21:48 - 00000000 ____D () C:\Users\Anthony\AppData\Roaming\Rainmeter
2014-12-24 14:23 - 2014-06-20 21:23 - 00000000 ____D () C:\Program Files (x86)\Raptr
2014-12-24 14:23 - 2013-08-08 22:07 - 00000000 ____D () C:\Users\Anthony\AppData\Local\Skillbrains
2014-12-24 14:23 - 2013-07-04 12:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-12-24 14:23 - 2009-07-14 14:20 - 00000000 ____D () C:\Windows\servicing
2014-12-24 14:23 - 2009-07-14 14:20 - 00000000 ____D () C:\Windows\AppCompat
2014-12-24 14:23 - 2009-07-14 14:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared
2014-12-24 14:22 - 2009-07-14 14:20 - 00000000 ____D () C:\Windows\registration
2014-12-24 12:47 - 2009-07-14 14:20 - 00000000 ____D () C:\Windows\rescache
2014-12-24 11:39 - 2013-07-02 10:59 - 00000000 ____D () C:\Users\Anthony
2014-12-24 11:35 - 2009-07-14 14:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-12-24 11:14 - 2014-01-28 10:56 - 112710672 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-12-24 11:14 - 2014-01-28 10:56 - 00000000 ____D () C:\Windows\system32\MRT
2014-12-24 09:54 - 2013-07-24 22:23 - 00000000 ____D () C:\Users\Anthony\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-12-24 09:52 - 2013-08-28 22:46 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-12-21 21:48 - 2013-08-11 15:33 - 00000000 ____D () C:\Users\Anthony\AppData\Roaming\TS3Client
2014-12-17 19:54 - 2013-08-08 22:07 - 00000425 _____ () C:\Users\Anthony\AppData\Local\UserProducts.xml
2014-12-11 07:45 - 2013-08-08 22:07 - 00003270 _____ () C:\Windows\System32\Tasks\update-S-1-5-21-2426978524-3854536212-1475799715-1000
2014-12-11 07:45 - 2013-08-08 22:07 - 00000000 ____D () C:\Program Files (x86)\Skillbrains
2014-12-10 06:14 - 2013-07-02 12:04 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-12-10 06:14 - 2013-07-02 12:04 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-12-10 06:14 - 2013-07-02 12:04 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
 
Some content of TEMP:
====================
C:\Users\Anthony\AppData\Local\Temp\avgnt.exe
C:\Users\Anthony\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp_bxknj.dll
C:\Users\Anthony\AppData\Local\Temp\jre-7u71-windows-i586-iftw.exe
C:\Users\Anthony\AppData\Local\Temp\SkypeSetup.exe
 
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2015-01-08 14:59
 
==================== End Of Log ============================
 
Addition.exe:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 07-01-2015
Ran by Anthony at 2015-01-08 21:28:29
Running from C:\Users\Anthony\Desktop
Boot Mode: Normal
==========================================================
 
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Avira Desktop (Disabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AV: Kaspersky Anti-Virus (Disabled - Up to date) {179979E8-273D-D14E-0543-2861940E4886}
AS: Kaspersky Anti-Virus (Disabled - Up to date) {ACF8980C-0107-DEC0-3FF3-1313EF89023B}
AS: Avira Desktop (Disabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 
==================== Installed Programs ======================
 
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
7-Zip 9.22beta (HKLM-x32\...\7-Zip) (Version:  - )
Adobe Flash Player 15 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 15.0.0.246 - Adobe Systems Incorporated)
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.246 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.10) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.0 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.0.2.122 - Adobe Systems, Inc.)
AMD Catalyst Install Manager (HKLM\...\{3FAEEEBE-48F4-84C1-2B49-96AE73E67E3E}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
Apple Application Support (HKLM-x32\...\{83CAF0DE-8D3B-4C37-A631-2B8F16EC3031}) (Version: 3.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{BDD99690-3541-4619-9D2A-3CDDB3E15F9E}) (Version: 8.0.5.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Audacity 2.0.5 (HKLM-x32\...\Audacity_is1) (Version: 2.0.5 - Audacity Team)
Avira (HKLM-x32\...\{e7c7c227-b742-4878-9425-f09bbf9951db}) (Version: 1.1.27.25527 - Avira Operations & Co. KG)
Avira (x32 Version: 1.1.27.25527 - Avira Operations & Co. KG) Hidden
Avira Free Antivirus (HKLM-x32\...\Avira AntiVir Desktop) (Version: 14.0.7.468 - Avira)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Blender (HKLM\...\Blender) (Version: 2.68a - Blender Foundation)
BlueStacks App Player (HKLM-x32\...\BlueStacks App Player) (Version: 0.9.1.4057 - BlueStack Systems, Inc.)
BlueStacks Notification Center (HKLM-x32\...\{981B38A6-E4D0-4D94-98C2-75AC645755F5}) (Version: 0.9.1.4057 - BlueStack Systems, Inc.)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 4.14 - Piriform)
Cheat Engine 6.3 (HKLM-x32\...\Cheat Engine 6.3_is1) (Version:  - Cheat Engine)
Clownfish for Skype (HKLM-x32\...\Clownfish) (Version:  - )
Counter-Strike: Source (HKLM-x32\...\Steam App 240) (Version:  - Valve)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Don't Starve Together Beta (HKLM-x32\...\Steam App 322330) (Version:  - Klei Entertainment)
Dropbox (HKU\S-1-5-21-2426978524-3854536212-1475799715-1000\...\Dropbox) (Version: 3.0.3 - Dropbox, Inc.)
Dropbox (HKU\S-1-5-21-2426978524-3854536212-1475799715-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Dropbox) (Version: 3.0.3 - Dropbox, Inc.)
Dxtory version 2.0.125 (HKLM-x32\...\Dxtory2.0_is1) (Version: 2.0.125 - ExKode Co. Ltd.)
ESO Survey Live version 1.3.0 (HKLM-x32\...\17CBAF83-B4D1-41CC-B7DC-BFF1D4B9DDAC-live_is1) (Version: 1.3.0 - Immersyve, Inc.)
FileZilla Client 3.9.0.5 (HKLM-x32\...\FileZilla Client) (Version: 3.9.0.5 - Tim Kosse)
Fistful of Frags (HKLM-x32\...\Steam App 265630) (Version:  - Fistful of Frags Team)
Fraps (remove only) (HKLM-x32\...\Fraps) (Version:  - )
Free Mouse Auto Clicker 3.1 (HKLM-x32\...\{7D9D583E-EC8B-4390-B3A4-017B8182C8FF}_is1) (Version:  - Advanced Mouse Auto Clicker ltd.)
FreeFixer (HKLM-x32\...\FreeFixer1.11) (Version: 1.11 - Kephyr)
GameSalad Creator (HKLM-x32\...\{42C1A82C-0F7D-4B3E-AEA5-2BD75A5DF390}) (Version: 0.10.4.1 - GameSalad)
Garry's Mod (HKLM-x32\...\Steam App 4000) (Version:  - Garry)
GIMP 2.8.10 (HKLM\...\GIMP-2_is1) (Version: 2.8.10 - The GIMP Team)
GitHub (HKU\S-1-5-21-2426978524-3854536212-1475799715-1000\...\5f7eb300e2ea4ebf) (Version: 2.0.6.0 - GitHub, Inc.)
GitHub (HKU\S-1-5-21-2426978524-3854536212-1475799715-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\5f7eb300e2ea4ebf) (Version: 2.0.6.0 - GitHub, Inc.)
Glary Utilities 5.16 (HKLM-x32\...\Glary Utilities 5) (Version: 5.16.0.29 - Glarysoft Ltd)
Godus (HKLM-x32\...\Steam App 232810) (Version:  - 22cans)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 39.0.2171.95 - Google Inc.)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.5111.1712 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Hearthstone (HKLM-x32\...\Hearthstone) (Version:  - Blizzard Entertainment)
Heaven Benchmark version 4.0 (HKLM-x32\...\Unigine Heaven Benchmark (Basic Edition)_is1) (Version: 4.0 - Unigine Corp.)
HydraVision (x32 Version: 4.2.252.0 - Advanced Micro Devices, Inc.) Hidden
iCloud (HKLM\...\{2AAF09D5-4B3F-4975-B6A9-ECE2631FC942}) (Version: 4.0.5.20 - Apple Inc.)
iTunes (HKLM\...\{2ABBBD91-91E5-4AD7-929A-FE15D1DC0576}) (Version: 12.0.1.26 - Apple Inc.)
Java 7 Update 45 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417045FF}) (Version: 7.0.450 - Oracle)
Java 7 Update 71 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217071FF}) (Version: 7.0.710 - Oracle)
Java SE Development Kit 7 Update 25 (HKLM-x32\...\{32A3A4F4-B792-11D6-A78A-00B0D0170250}) (Version: 1.7.0.250 - Oracle)
Java SE Development Kit 7 Update 45 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0170450}) (Version: 1.7.0.450 - Oracle)
Jurassic Park Operation Genesis (HKLM-x32\...\InstallShield_{A347C572-F7B4-43A3-BD51-FFC99184F70D}) (Version: 1.00.0000 - Universal Interactive)
Jurassic Park Operation Genesis (x32 Version: 1.00.0000 - Universal Interactive) Hidden
Lightshot-5.2.0.8 (HKLM-x32\...\{30A5B3C9-2084-4063-A32A-628A98DE512B}_is1) (Version: 5.2.0.8 - Skillbrains)
Loadout (HKLM-x32\...\Steam App 208090) (Version:  - Edge of Reality)
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.291 - LogMeIn, Inc.)
LogMeIn Hamachi (x32 Version: 2.2.0.291 - LogMeIn, Inc.) Hidden
Malwarebytes Anti-Malware version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 ENU (HKLM-x32\...\{3A9FC03D-C685-4831-94CF-4EDFD3749497}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 x64 ENU (HKLM\...\{D4AD39AD-091E-4D33-BB2B-59F6FCB8ADC3}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Mumble 1.2.8 (HKLM-x32\...\{A9DBD31A-A09F-4C7E-86D1-3B21C59000D1}) (Version: 1.2.8 - Thorvald Natvig)
My Game Long Name (HKLM\...\UDK-edef2d0c-fb86-4ba0-a494-d1204ed24704) (Version:  - Epic Games, Inc.)
NirSoft ShellExView (HKLM-x32\...\NirSoft ShellExView) (Version:  - )
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.5.4 - Notepad++ Team)
NVIDIA PhysX (HKLM-x32\...\{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}) (Version: 9.12.1031 - NVIDIA Corporation)
Origin (HKLM-x32\...\Origin) (Version: 9.4.1.116 - Electronic Arts, Inc.)
ORION: Dino Horde (HKLM-x32\...\Steam App 104900) (Version:  - Spiral Game Studios)
Paint.NET v3.5.10 (HKLM\...\{529125EF-E3AC-4B74-97E6-F688A7C0F1C0}) (Version: 3.60.0 - dotPDN LLC)
PAYDAY 2 (HKLM-x32\...\Steam App 218620) (Version:  - OVERKILL - a Starbreeze Studio.)
Planetary Annihilation (HKLM-x32\...\Steam App 233250) (Version:  - Uber Entertainment)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.)
Python 2.7.6 (HKLM-x32\...\{C3CC4DF5-39A5-4027-B136-2B3E1F5AB6E2}) (Version: 2.7.6150 - Python Software Foundation)
QuickTime 7 (HKLM-x32\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.)
Rainmeter (HKLM-x32\...\Rainmeter) (Version: 3.1 r2290 - )
Raptr (HKLM-x32\...\Raptr) (Version:  - )
Razer Game Booster (HKLM-x32\...\Razer Game Booster_is1) (Version: 4.2.45.0 - Razer Inc.)
Realm of the Mad God (HKLM-x32\...\Steam App 200210) (Version:  - Wild Shadow Studios)
ROBLOX Player (HKLM-x32\...\{373B1718-8CC5-4567-8EE2-9033AD08A680}) (Version:  - ROBLOX Corporation)
ROBLOX Studio 2013 (HKLM-x32\...\{2922D6F1-2865-4EFA-97A9-94EEAB3AFA14}) (Version:  - ROBLOX Corporation)
Robocraft (HKLM-x32\...\Steam App 301520) (Version:  - Freejam)
Rubber Ninjas 1.05 (HKLM-x32\...\{28780589-C504-4A32-B630-2F12546123A4}_is1) (Version:  - Rag Doll Software)
Sid Meier's Civilization V (HKLM-x32\...\Steam App 8930) (Version:  - 2K Games, Inc.)
SimCity™ (HKLM-x32\...\{F70FDE4B-8F86-4eb6-8C8E-636EC89F6419}) (Version: 1.0.0.0 - Electronic Arts)
SketchUp 2013 (HKLM-x32\...\{B75BC01B-4586-43F8-9349-D250DB98F26F}) (Version: 13.0.4812 - Trimble Navigation Limited)
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.3.16540.9015 - Microsoft Corporation)
Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
SQL Power Injector 1.2 (HKLM-x32\...\{3D55339F-D991-4806-9FD4-00B815714AF1}) (Version: 1.2 - SQLPowerInjector)
Starbound (HKLM-x32\...\Steam App 211820) (Version:  - )
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
tAPI version r3 (HKLM-x32\...\{6D47E78A-A9FE-41B8-A5C6-8A6A04FB8F71}_is1) (Version: r3 - tAPI Development Team)
Team Fortress 2 (HKLM-x32\...\Steam App 440) (Version:  - Valve)
TeamSpeak 3 Client (HKLM-x32\...\TeamSpeak 3 Client) (Version: 3.0.11 - TeamSpeak Systems GmbH)
TEdit 3 (HKLM-x32\...\{EB7A8012-5699-4CB0-A6E9-0C818CF67A29}) (Version: 1.0.0.0 - BinaryConstruct)
Terraria (HKLM-x32\...\Steam App 105600) (Version:  - Re-Logic)
Terraria Game Launcher version 3.2.1.2 (HKLM-x32\...\{31D22D10-7FD2-401B-8AEA-D20A1A9A440E}_is1) (Version: 3.2.1.2 - Eikester)
The Elder Scrolls Online Beta (HKLM-x32\...\The Elder Scrolls Online Beta_is1) (Version: 0.3.4 - )
The Ship (HKLM-x32\...\Steam App 2400) (Version:  - Outerlight Ltd.)
The Stomping Land (HKLM-x32\...\Steam App 263440) (Version:  - SuperCrit)
TUG (HKLM-x32\...\Steam App 277930) (Version:  - Nerd Kingdom Inc.)
Unity (HKLM-x32\...\Unity) (Version:  - Unity Technologies ApS)
Unity Web Player (HKU\S-1-5-21-2426978524-3854536212-1475799715-1000\...\UnityWebPlayer) (Version:  - Unity Technologies ApS)
Unity Web Player (HKU\S-1-5-21-2426978524-3854536212-1475799715-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\UnityWebPlayer) (Version:  - Unity Technologies ApS)
Universal Extractor 1.6.1 (HKLM-x32\...\Universal Extractor_is1) (Version: 1.6.1 - Jared Breland)
Unturned (HKLM-x32\...\Steam App 304930) (Version:  - Nelson Sexton)
VLC media player 2.1.3 (HKLM-x32\...\VLC media player) (Version: 2.1.3 - VideoLAN)
Wildlife Park 2 - Dino World (HKLM-x32\...\Steam App 307930) (Version:  - b-alive gmbh)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3522.0110 - Microsoft Corporation)
Wings 3D 1.4.1 (HKLM-x32\...\Wings 3D 1.4.1) (Version:  - )
WinRAR 4.20 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
World of Warcraft (HKLM-x32\...\World of Warcraft) (Version:  - Blizzard Entertainment)
Zoo Tycoon 2 - Ultimate Collection (HKLM-x32\...\InstallShield_{9CC4840D-EF1C-406F-AF08-3C19EB1335B9}) (Version: 1.00.0000 - Microsoft Game Studios)
Zoo Tycoon 2 - Ultimate Collection (x32 Version: 1.00.0000 - Microsoft Game Studios) Hidden
 
==================== Custom CLSID (selected items): ==========================
 
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
 
CustomCLSID: HKU\S-1-5-21-2426978524-3854536212-1475799715-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Anthony\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2426978524-3854536212-1475799715-1000_Classes\CLSID\{D45F043D-F17F-4e8a-8435-70971D9FA46D}\InprocServer32 -> C:\Program Files (x86)\Blender Foundation\Blender\BlendThumb64.dll ()
CustomCLSID: HKU\S-1-5-21-2426978524-3854536212-1475799715-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Anthony\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2426978524-3854536212-1475799715-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Anthony\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2426978524-3854536212-1475799715-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Anthony\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2426978524-3854536212-1475799715-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Anthony\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2426978524-3854536212-1475799715-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Anthony\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2426978524-3854536212-1475799715-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Anthony\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2426978524-3854536212-1475799715-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Anthony\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2426978524-3854536212-1475799715-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Anthony\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
 
==================== Restore Points  =========================
 
26-12-2014 08:46:42 Windows Update
26-12-2014 11:28:23 Installed LogMeIn Hamachi
31-12-2014 09:57:46 Windows Update
03-01-2015 11:38:02 Windows Update
03-01-2015 11:41:12 Installed Chrome Remote Desktop Host
03-01-2015 11:44:36 Removed Chrome Remote Desktop Host
07-01-2015 09:32:50 Windows Update
08-01-2015 06:37:17 Windows Backup
 
==================== Hosts content: ==========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2009-07-14 13:34 - 2009-06-11 08:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
 
==================== Scheduled Tasks (whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
 
Task: {1A39EAD2-39BC-4896-AB84-5B597DADB9CE} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-19] (Google Inc.)
Task: {27FCA3ED-7DCC-45AB-998A-974DEDF74A0C} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-19] (Google Inc.)
Task: {29AF2424-0384-486C-B086-96252710ED1B} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2013-01-29] (Microsoft Corporation)
Task: {32F23DB1-D507-412D-B06D-72AB303B525E} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-05-21] (Piriform Ltd)
Task: {44343F26-1032-43B3-A56D-23D9E4B90E13} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2013-01-29] (Microsoft)
Task: {4C25379C-7F34-477E-9BD5-023C47F6717E} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2013-01-29] (Microsoft Corporation)
Task: {57E1607A-D2DE-4316-BDBD-6B46841F3539} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2013-01-29] (Microsoft Corporation)
Task: {6904C321-D857-43AA-8222-7BE3776E6C79} - System32\Tasks\update-S-1-5-21-2426978524-3854536212-1475799715-1000 => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [2014-03-25] ()
Task: {69792B05-24B7-45C9-B9D2-77E5F3844274} - System32\Tasks\{94EC822F-AFBA-4D63-AD00-F17DC0B5C376} => Chrome.exe http://www.skype.com/go/downloading?source=lightinstaller&amp;ver=6.6.0.106&amp;LastError=-9
Task: {79766264-208D-4FAA-BE93-1CB3E6F813D0} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2013-01-29] (Microsoft Corporation)
Task: {909ABFEA-136D-4DD9-B179-FEB9EDAC89E3} - \Escolade No Task File <==== ATTENTION
Task: {93F8BCA2-6D23-44C2-80F3-946DF04E455E} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {94D11DF0-D84C-4EEF-AC54-57AC03F07EDF} - System32\Tasks\GC_Scheduler => %LOCALAPPDATA%\GC\Runner.exe <==== ATTENTION
Task: {9996ED0A-DABA-47D8-9AEE-460F1C416B86} - \GoforFilesUpdate No Task File <==== ATTENTION
Task: {A9F30D1A-3339-40FD-BF72-820357461A57} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-12-10] (Adobe Systems Incorporated)
Task: {BE7CDC7A-F7F4-4AA6-B473-7928DD5C34E4} - System32\Tasks\update-sys => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [2014-03-25] ()
Task: {C6F70166-9F83-4881-98F7-7F8A3A74A6CF} - System32\Tasks\GlaryInitialize 5 => C:\Program Files (x86)\Glary Utilities 5\Initialize.exe [2015-01-05] (Glarysoft Ltd)
Task: {F66500C5-4DC8-41D8-BD67-9F14FCE2285C} - System32\Tasks\{97D39254-493D-458F-A2B0-7E77A598822B} => pcalua.exe -a D:\autorun.exe -d D:\
Task: {F9DB131A-8947-45F3-9122-A3623C7A65BA} - System32\Tasks\FreeFixer background scan => C:\Program Files\FreeFixer\freefixer.exe [2014-05-15] (Kephyr)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\FreeFixer background scan.job => C:\Program Files\FreeFixer\freefixer.exe
Task: C:\Windows\Tasks\GlaryInitialize 5.job => C:\Program Files (x86)\Glary Utilities 5\Initialize.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\update-S-1-5-21-2426978524-3854536212-1475799715-1000.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe
Task: C:\Windows\Tasks\update-sys.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe
 
==================== Loaded Modules (whitelisted) =============
 
2014-05-02 06:29 - 2014-05-02 06:29 - 00098304 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext_64.dll
2012-06-19 02:24 - 2012-06-19 02:24 - 00222720 _____ () C:\Program Files (x86)\Notepad++\NppShell_05.dll
2013-10-29 20:08 - 2013-10-29 20:08 - 00076888 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2014-02-27 19:51 - 2014-01-06 14:44 - 00064000 _____ () C:\Program Files (x86)\ESO Survey Live\ESOSurveyLive.exe
2014-05-26 01:18 - 2014-05-26 01:18 - 00036536 _____ () C:\Program Files\Rainmeter\Rainmeter.exe
2014-05-26 01:18 - 2014-05-26 01:18 - 00747192 _____ () C:\Program Files\Rainmeter\Rainmeter.dll
2014-05-26 01:17 - 2014-05-26 01:17 - 00056832 _____ () C:\Program Files\Rainmeter\Plugins\WebParser.dll
2014-05-26 01:17 - 2014-05-26 01:17 - 00011776 _____ () C:\Program Files\Rainmeter\Plugins\RecycleManager.dll
2014-01-20 13:17 - 2014-01-20 13:17 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-10-11 13:05 - 2014-10-11 13:05 - 01044776 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2015-01-05 16:18 - 2015-01-05 16:18 - 00080160 _____ () C:\Program Files (x86)\Glary Utilities 5\zlib1.dll
2014-10-22 11:22 - 2014-10-22 11:22 - 00750080 _____ () C:\Users\Anthony\AppData\Roaming\Dropbox\bin\libGLESv2.dll
2015-01-08 14:41 - 2015-01-08 14:41 - 00043008 _____ () c:\users\anthony\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp_bxknj.dll
2014-10-22 11:22 - 2014-10-22 11:22 - 00047616 _____ () C:\Users\Anthony\AppData\Roaming\Dropbox\bin\libEGL.dll
2014-10-22 11:22 - 2014-10-22 11:22 - 00863744 _____ () C:\Users\Anthony\AppData\Roaming\Dropbox\bin\plugins\platforms\qwindows.dll
2014-10-22 11:22 - 2014-10-22 11:22 - 00200704 _____ () C:\Users\Anthony\AppData\Roaming\Dropbox\bin\plugins\imageformats\qjpeg.dll
2010-11-23 09:56 - 2010-11-23 09:56 - 00087040 _____ () C:\Program Files (x86)\Raptr\_ctypes.pyd
2010-11-23 09:56 - 2010-11-23 09:56 - 00043008 _____ () C:\Program Files (x86)\Raptr\_socket.pyd
2010-11-23 09:56 - 2010-11-23 09:56 - 00805376 _____ () C:\Program Files (x86)\Raptr\_ssl.pyd
2014-05-14 10:26 - 2014-05-14 10:26 - 05812736 _____ () C:\Program Files (x86)\Raptr\PyQt4.QtGui.pyd
2014-05-14 10:26 - 2014-05-14 10:26 - 00067584 _____ () C:\Program Files (x86)\Raptr\sip.pyd
2014-05-14 10:26 - 2014-05-14 10:26 - 01662464 _____ () C:\Program Files (x86)\Raptr\PyQt4.QtCore.pyd
2014-05-14 10:26 - 2014-05-14 10:26 - 00494592 _____ () C:\Program Files (x86)\Raptr\PyQt4.QtNetwork.pyd
2010-11-23 09:57 - 2010-11-23 09:57 - 00096256 _____ () C:\Program Files (x86)\Raptr\win32api.pyd
2010-11-23 09:56 - 2010-11-23 09:56 - 00110592 _____ () C:\Program Files (x86)\Raptr\pywintypes26.dll
2010-11-23 09:56 - 2010-11-23 09:56 - 00010240 _____ () C:\Program Files (x86)\Raptr\select.pyd
2010-11-23 09:56 - 2010-11-23 09:56 - 00356864 _____ () C:\Program Files (x86)\Raptr\_hashlib.pyd
2010-11-23 09:57 - 2010-11-23 09:57 - 00036352 _____ () C:\Program Files (x86)\Raptr\win32process.pyd
2010-11-23 09:57 - 2010-11-23 09:57 - 00111104 _____ () C:\Program Files (x86)\Raptr\win32file.pyd
2010-11-23 09:56 - 2010-11-23 09:56 - 00044544 _____ () C:\Program Files (x86)\Raptr\_sqlite3.pyd
2011-02-16 05:17 - 2011-02-16 05:17 - 00417501 _____ () C:\Program Files (x86)\Raptr\sqlite3.dll
2010-11-23 09:57 - 2010-11-23 09:57 - 00167936 _____ () C:\Program Files (x86)\Raptr\win32gui.pyd
2014-05-14 10:26 - 2014-05-14 10:26 - 00313856 _____ () C:\Program Files (x86)\Raptr\PyQt4.QtWebKit.pyd
2010-11-23 09:56 - 2010-11-23 09:56 - 00127488 _____ () C:\Program Files (x86)\Raptr\pyexpat.pyd
2010-11-23 09:56 - 2010-11-23 09:56 - 00009216 _____ () C:\Program Files (x86)\Raptr\winsound.pyd
2010-11-23 09:56 - 2010-11-23 09:56 - 00354304 _____ () C:\Program Files (x86)\Raptr\pythoncom26.dll
2010-11-23 09:57 - 2010-11-23 09:57 - 00016384 _____ () C:\Program Files (x86)\Raptr\win32trace.pyd
2014-08-14 11:37 - 2014-08-14 11:37 - 00113171 _____ () C:\Program Files (x86)\Raptr\libvlc.dll
2014-08-14 11:37 - 2014-08-14 11:37 - 02396691 _____ () C:\Program Files (x86)\Raptr\libvlccore.dll
2010-11-23 09:56 - 2010-11-23 09:56 - 00583680 _____ () C:\Program Files (x86)\Raptr\unicodedata.pyd
2010-11-23 09:57 - 2010-11-23 09:57 - 00263168 _____ () C:\Program Files (x86)\Raptr\win32com.shell.shell.pyd
2010-11-23 09:56 - 2010-11-23 09:56 - 00324608 _____ () C:\Program Files (x86)\Raptr\PIL._imaging.pyd
2013-11-21 11:05 - 2013-11-21 11:05 - 00256000 _____ () C:\Program Files (x86)\Raptr\amd_ags.dll
2010-11-23 09:57 - 2010-11-23 09:57 - 00141312 _____ () C:\Program Files (x86)\Raptr\gobject._gobject.pyd
2014-06-18 11:56 - 2014-06-18 11:56 - 02717595 _____ () C:\Program Files (x86)\Raptr\heliotrope._purple.pyd
2011-02-16 05:17 - 2011-02-16 05:17 - 01213633 _____ () C:\Program Files (x86)\Raptr\libxml2-2.dll
2010-11-23 10:06 - 2010-11-23 10:06 - 00055808 _____ () C:\Program Files (x86)\Raptr\zlib1.dll
2013-05-10 10:52 - 2013-05-10 10:52 - 00495680 _____ () C:\Program Files (x86)\Raptr\plugins\libaim.dll
2013-05-10 10:52 - 2013-05-10 10:52 - 01183699 _____ () C:\Program Files (x86)\Raptr\liboscar.dll
2013-05-10 10:52 - 2013-05-10 10:52 - 00483306 _____ () C:\Program Files (x86)\Raptr\plugins\libicq.dll
2013-05-04 05:57 - 2013-05-04 05:57 - 00655356 _____ () C:\Program Files (x86)\Raptr\plugins\libirc.dll
2013-05-04 05:56 - 2013-05-04 05:56 - 01306387 _____ () C:\Program Files (x86)\Raptr\plugins\libmsn.dll
2013-05-04 05:56 - 2013-05-04 05:56 - 00565461 _____ () C:\Program Files (x86)\Raptr\plugins\libxmpp.dll
2013-05-04 05:57 - 2013-05-04 05:57 - 01640221 _____ () C:\Program Files (x86)\Raptr\libjabber.dll
2013-05-04 05:56 - 2013-05-04 05:56 - 00506276 _____ () C:\Program Files (x86)\Raptr\plugins\libyahoo.dll
2013-05-04 05:57 - 2013-05-04 05:57 - 01053730 _____ () C:\Program Files (x86)\Raptr\libymsg.dll
2013-05-04 05:57 - 2013-05-04 05:57 - 00497782 _____ () C:\Program Files (x86)\Raptr\plugins\libyahoojp.dll
2013-05-04 05:57 - 2013-05-04 05:57 - 00603326 _____ () C:\Program Files (x86)\Raptr\plugins\ssl-nss.dll
2013-05-04 05:57 - 2013-05-04 05:57 - 00474199 _____ () C:\Program Files (x86)\Raptr\plugins\ssl.dll
2014-09-07 03:44 - 2014-09-07 03:44 - 00035328 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext.dll
2014-05-25 03:41 - 2014-05-25 03:41 - 00091648 _____ () C:\Program Files (x86)\FileZilla FTP Client\libgcc_s_sjlj-1.dll
2014-05-25 03:41 - 2014-05-25 03:41 - 00892416 _____ () C:\Program Files (x86)\FileZilla FTP Client\libstdc++-6.dll
2014-12-24 10:47 - 2014-12-06 12:50 - 01077064 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\libglesv2.dll
2014-12-24 10:46 - 2014-12-06 12:50 - 00211272 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\libegl.dll
2014-12-24 10:48 - 2014-12-06 12:50 - 09009480 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\pdf.dll
2014-12-24 10:46 - 2014-12-06 12:50 - 01677128 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\ffmpegsumo.dll
2014-12-24 10:48 - 2014-12-06 12:50 - 14913352 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\PepperFlash\pepflashplayer.dll
 
==================== Alternate Data Streams (whitelisted) =========
 
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
 
 
==================== Safe Mode (whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"
 
==================== EXE Association (whitelisted) =============
 
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
 
 
==================== MSCONFIG/TASK MANAGER disabled items =========
 
(Currently there is no automatic fix for this section.)
 
 
========================= Accounts: ==========================
 
Administrator (S-1-5-21-2426978524-3854536212-1475799715-500 - Administrator - Disabled)
Anthony (S-1-5-21-2426978524-3854536212-1475799715-1000 - Administrator - Enabled) => C:\Users\Anthony
Guest (S-1-5-21-2426978524-3854536212-1475799715-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2426978524-3854536212-1475799715-1002 - Limited - Enabled)
 
==================== Faulty Device Manager Devices =============
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (01/08/2015 03:02:39 PM) (Source: MsiInstaller) (EventID: 11704) (User: Toshiba)
Description: Product: Avira -- Error 1704. An installation for Kaspersky Anti-Virus is currently suspended.  You must undo the changes made by that installation to continue.  Do you want to undo those changes?
 
Error: (01/08/2015 02:40:31 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (01/08/2015 02:40:16 PM) (Source: BstHdAndroidSvc) (EventID: 0) (User: )
Description: Service cannot be started. System.ApplicationException: Cannot start service.  Service did not stop gracefully the last time it was run.
   at BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
   at System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)
 
Error: (01/08/2015 02:30:25 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (01/08/2015 01:10:11 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: explorer.exe, version: 6.1.7601.17567, time stamp: 0x4d672ee4
Faulting module name: prloader.dll, version: 1.2.11.57, time stamp: 0x52c18446
Exception code: 0xc0000005
Fault offset: 0x0000000000027406
Faulting process id: 0x7c4
Faulting application start time: 0xexplorer.exe0
Faulting application path: explorer.exe1
Faulting module path: explorer.exe2
Report Id: explorer.exe3
 
Error: (01/08/2015 01:10:00 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: explorer.exe, version: 6.1.7601.17567, time stamp: 0x4d672ee4
Faulting module name: prloader.dll, version: 1.2.11.57, time stamp: 0x52c18446
Exception code: 0xc0000005
Fault offset: 0x0000000000027406
Faulting process id: 0x2fdc
Faulting application start time: 0xexplorer.exe0
Faulting application path: explorer.exe1
Faulting module path: explorer.exe2
Report Id: explorer.exe3
 
Error: (01/08/2015 01:09:21 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: explorer.exe, version: 6.1.7601.17567, time stamp: 0x4d672ee4
Faulting module name: prloader.dll, version: 1.2.11.57, time stamp: 0x52c18446
Exception code: 0xc0000005
Fault offset: 0x0000000000027406
Faulting process id: 0x19fc
Faulting application start time: 0xexplorer.exe0
Faulting application path: explorer.exe1
Faulting module path: explorer.exe2
Report Id: explorer.exe3
 
Error: (01/08/2015 00:44:03 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 15766054
 
Error: (01/08/2015 00:44:03 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 15766054
 
Error: (01/08/2015 00:44:03 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
 
System errors:
=============
Error: (01/08/2015 07:07:36 PM) (Source: Disk) (EventID: 7) (User: )
Description: The device, \Device\Harddisk0\DR0, has a bad block.
 
Error: (01/08/2015 07:07:28 PM) (Source: Disk) (EventID: 7) (User: )
Description: The device, \Device\Harddisk0\DR0, has a bad block.
 
Error: (01/08/2015 07:07:20 PM) (Source: Disk) (EventID: 7) (User: )
Description: The device, \Device\Harddisk0\DR0, has a bad block.
 
Error: (01/08/2015 03:42:13 PM) (Source: Disk) (EventID: 7) (User: )
Description: The device, \Device\Harddisk0\DR0, has a bad block.
 
Error: (01/08/2015 03:41:17 PM) (Source: Disk) (EventID: 7) (User: )
Description: The device, \Device\Harddisk0\DR0, has a bad block.
 
Error: (01/08/2015 03:40:42 PM) (Source: Disk) (EventID: 7) (User: )
Description: The device, \Device\Harddisk0\DR0, has a bad block.
 
Error: (01/08/2015 03:40:34 PM) (Source: Disk) (EventID: 7) (User: )
Description: The device, \Device\Harddisk0\DR0, has a bad block.
 
Error: (01/08/2015 03:40:30 PM) (Source: Disk) (EventID: 7) (User: )
Description: The device, \Device\Harddisk0\DR0, has a bad block.
 
Error: (01/08/2015 03:40:22 PM) (Source: Disk) (EventID: 7) (User: )
Description: The device, \Device\Harddisk0\DR0, has a bad block.
 
Error: (01/08/2015 03:40:18 PM) (Source: Disk) (EventID: 7) (User: )
Description: The device, \Device\Harddisk0\DR0, has a bad block.
 
 
Microsoft Office Sessions:
=========================
Error: (01/08/2015 03:02:39 PM) (Source: MsiInstaller) (EventID: 11704) (User: Toshiba)
Description: Product: Avira -- Error 1704. An installation for Kaspersky Anti-Virus is currently suspended.  You must undo the changes made by that installation to continue.  Do you want to undo those changes?(NULL)(NULL)(NULL)(NULL)(NULL)
 
Error: (01/08/2015 02:40:31 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (01/08/2015 02:40:16 PM) (Source: BstHdAndroidSvc) (EventID: 0) (User: )
Description: Service cannot be started. System.ApplicationException: Cannot start service.  Service did not stop gracefully the last time it was run.
   at BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
   at System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)
 
Error: (01/08/2015 02:30:25 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (01/08/2015 01:10:11 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: explorer.exe6.1.7601.175674d672ee4prloader.dll1.2.11.5752c18446c000000500000000000274067c401d02ae838c3151dC:\Windows\explorer.exeC:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\x64\prloader.dll793e1c6b-96db-11e4-b77e-00266c88a249
 
Error: (01/08/2015 01:10:00 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: explorer.exe6.1.7601.175674d672ee4prloader.dll1.2.11.5752c18446c000000500000000000274062fdc01d02ae8217885afC:\Windows\explorer.exeC:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\x64\prloader.dll729f1159-96db-11e4-b77e-00266c88a249
 
Error: (01/08/2015 01:09:21 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: explorer.exe6.1.7601.175674d672ee4prloader.dll1.2.11.5752c18446c0000005000000000002740619fc01d02abdc541ab2dC:\Windows\explorer.exeC:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\x64\prloader.dll5b48e900-96db-11e4-b77e-00266c88a249
 
Error: (01/08/2015 00:44:03 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 15766054
 
Error: (01/08/2015 00:44:03 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 15766054
 
Error: (01/08/2015 00:44:03 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
 
CodeIntegrity Errors:
===================================
  Date: 2015-01-01 16:16:48.002
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-01-01 16:16:48.000
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-01-01 16:16:47.976
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-01-01 16:16:47.934
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\KLELAMX64\klelam.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-01-01 16:16:47.931
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\KLELAMX64\klelam.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-01-01 16:16:47.928
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\KLELAMX64\klelam.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-12-31 14:45:09.073
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-12-31 14:45:09.072
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-12-31 14:45:09.069
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-12-31 14:45:09.048
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\KLELAMX64\klelam.sys because the set of per-page image hashes could not be found on the system.
 
 
==================== Memory info =========================== 
 
Processor: Intel® Core™ i5 CPU M 460 @ 2.53GHz
Percentage of memory in use: 68%
Total physical RAM: 3957.86 MB
Available physical RAM: 1243.95 MB
Total Pagefile: 7913.9 MB
Available Pagefile: 4253.5 MB
Total Virtual: 8192 MB
Available Virtual: 8191.83 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:596.07 GB) (Free:149.74 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 596.2 GB) (Disk ID: 21EF627E)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=596.1 GB) - (Type=07 NTFS)
 
==================== End Of Log ============================


#6 Machiavelli

Machiavelli

    Agent 007


  • Malware Response Instructor
  • 4,031 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:11:05 AM

Posted 08 January 2015 - 10:58 AM

What's with MBAM? ;)

Cheers

~Machiavelli

If I don't reply within 24 hours please PM me!

  • Every topic with no replies within 5 days will be closed.
  • If you like my help here please give me feedback.

unite_blue.png
 
 


#7 gamewalkerz

gamewalkerz
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:04:05 AM

Posted 08 January 2015 - 02:45 PM

I do not know.



#8 Machiavelli

Machiavelli

    Agent 007


  • Malware Response Instructor
  • 4,031 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:11:05 AM

Posted 08 January 2015 - 03:01 PM

Did you moved them into quarantine like I said? :)

~Machiavelli

If I don't reply within 24 hours please PM me!

  • Every topic with no replies within 5 days will be closed.
  • If you like my help here please give me feedback.

unite_blue.png
 
 


#9 gamewalkerz

gamewalkerz
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:04:05 AM

Posted 09 January 2015 - 01:23 AM

Uh... I may of not have seen that part ;)

 

FRST.txt:

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 07-01-2015
Ran by Anthony (administrator) on TOSHIBA on 09-01-2015 17:15:47
Running from C:\Users\Anthony\Desktop
Loaded Profiles: Anthony &  (Available profiles: Anthony)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Razer Inc.) C:\Program Files (x86)\Razer\Razer Game Booster\RzKLService.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
(Glarysoft Ltd) C:\Program Files (x86)\Glary Utilities 5\Integrator.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe.old
(Bogdan Sharkov) C:\Program Files (x86)\Clownfish\Clownfish.exe
(AMD) C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
() C:\Program Files (x86)\ESO Survey Live\ESOSurveyLive.exe
(Dropbox, Inc.) C:\Users\Anthony\AppData\Roaming\Dropbox\bin\Dropbox.exe
() C:\Program Files\Rainmeter\Rainmeter.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-Agent.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(AMD) C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM64.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Raptr, Inc) C:\Program Files (x86)\Raptr\raptr.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Raptr, Inc) C:\Program Files (x86)\Raptr\raptr_im.exe
(Raptr Inc.) C:\Program Files (x86)\Raptr\raptr_ep64.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\nacl64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\nacl64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Kephyr) C:\Program Files\FreeFixer\freefixer.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Oracle Corporation) C:\Program Files\Java\jre7\bin\javaw.exe
(Oracle Corporation) C:\Program Files\Java\jre7\bin\javaw.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [1686528 2012-03-27] (Wondershare)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-20] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [60712 2014-10-11] (Apple Inc.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767200 2014-04-17] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [BlueStacks Agent] => C:\Program Files (x86)\BlueStacks\HD-Agent.exe [835288 2014-08-13] (BlueStack Systems, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [271744 2014-09-26] (Oracle Corporation)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [157480 2014-10-15] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-10-02] (Apple Inc.)
HKLM-x32\...\Run: [Raptr] => C:\Program Files (x86)\Raptr\raptrstub.exe [55568 2014-11-19] (Raptr, Inc)
HKLM-x32\...\Run: [Lightshot] => C:\Program Files (x86)\Skillbrains\lightshot\Lightshot.exe [226560 2014-11-18] ()
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [3838800 2014-12-13] (LogMeIn Inc.)
HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [126200 2014-11-20] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [702768 2014-11-24] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\RunOnce: [Malwarebytes Anti-Malware (cleanup)] => C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\mbamdor.exe [54072 2014-11-21] (Malwarebytes Corporation)
HKU\S-1-5-21-2426978524-3854536212-1475799715-1000\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [1941696 2015-01-06] (Valve Corporation)
HKU\S-1-5-21-2426978524-3854536212-1475799715-1000\...\Run: [LightShot] => C:\Users\Anthony\AppData\Local\Skillbrains\lightshot\Lightshot.exe
HKU\S-1-5-21-2426978524-3854536212-1475799715-1000\...\Run: [Dxtory Update Checker 2.0] => C:\Program Files (x86)\ExKode\Dxtory2.0\UpdateChecker.exe [93696 2010-10-17] (Dxtory Software)
HKU\S-1-5-21-2426978524-3854536212-1475799715-1000\...\Run: [Clownfish] => C:\Program Files (x86)\Clownfish\Clownfish.exe [1323776 2014-09-24] (Bogdan Sharkov)
HKU\S-1-5-21-2426978524-3854536212-1475799715-1000\...\Run: [HydraVisionDesktopManager] => C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe [1967616 2014-04-17] (AMD)
HKU\S-1-5-21-2426978524-3854536212-1475799715-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [30873192 2014-12-11] (Skype Technologies S.A.)
HKU\S-1-5-21-2426978524-3854536212-1475799715-1000\...\Run: [GUDelayStartup] => C:\Program Files (x86)\Glary Utilities 5\StartupManager.exe [37152 2015-01-05] (Glarysoft Ltd)
HKU\S-1-5-21-2426978524-3854536212-1475799715-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [1941696 2015-01-06] (Valve Corporation)
HKU\S-1-5-21-2426978524-3854536212-1475799715-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [LightShot] => C:\Users\Anthony\AppData\Local\Skillbrains\lightshot\Lightshot.exe
HKU\S-1-5-21-2426978524-3854536212-1475799715-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Dxtory Update Checker 2.0] => C:\Program Files (x86)\ExKode\Dxtory2.0\UpdateChecker.exe [93696 2010-10-17] (Dxtory Software)
HKU\S-1-5-21-2426978524-3854536212-1475799715-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Clownfish] => C:\Program Files (x86)\Clownfish\Clownfish.exe [1323776 2014-09-24] (Bogdan Sharkov)
HKU\S-1-5-21-2426978524-3854536212-1475799715-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [HydraVisionDesktopManager] => C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe [1967616 2014-04-17] (AMD)
HKU\S-1-5-21-2426978524-3854536212-1475799715-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [30873192 2014-12-11] (Skype Technologies S.A.)
HKU\S-1-5-21-2426978524-3854536212-1475799715-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [GUDelayStartup] => C:\Program Files (x86)\Glary Utilities 5\StartupManager.exe [37152 2015-01-05] (Glarysoft Ltd)
IFEO\bitguard.exe: [Debugger] tasklist.exe
IFEO\bprotect.exe: [Debugger] tasklist.exe
IFEO\bpsvc.exe: [Debugger] tasklist.exe
IFEO\browsemngr.exe: [Debugger] tasklist.exe
IFEO\browserdefender.exe: [Debugger] tasklist.exe
IFEO\browsermngr.exe: [Debugger] tasklist.exe
IFEO\browserprotect.exe: [Debugger] tasklist.exe
IFEO\browsersafeguard.exe: [Debugger] tasklist.exe
IFEO\bundlesweetimsetup.exe: [Debugger] tasklist.exe
IFEO\cltmngsvc.exe: [Debugger] tasklist.exe
IFEO\delta babylon.exe: [Debugger] tasklist.exe
IFEO\delta tb.exe: [Debugger] tasklist.exe
IFEO\delta2.exe: [Debugger] tasklist.exe
IFEO\deltainstaller.exe: [Debugger] tasklist.exe
IFEO\deltasetup.exe: [Debugger] tasklist.exe
IFEO\deltatb.exe: [Debugger] tasklist.exe
IFEO\deltatb_2501-c733154b.exe: [Debugger] tasklist.exe
IFEO\dprotectsvc.exe: [Debugger] tasklist.exe
IFEO\iminentsetup.exe: [Debugger] tasklist.exe
IFEO\jumpflip: [Debugger] tasklist.exe
IFEO\protectedsearch.exe: [Debugger] tasklist.exe
IFEO\rjatydimofu.exe: [Debugger] tasklist.exe
IFEO\searchinstaller.exe: [Debugger] tasklist.exe
IFEO\searchprotection.exe: [Debugger] tasklist.exe
IFEO\searchprotector.exe: [Debugger] tasklist.exe
IFEO\searchsettings.exe: [Debugger] tasklist.exe
IFEO\searchsettings64.exe: [Debugger] tasklist.exe
IFEO\snapdo.exe: [Debugger] tasklist.exe
IFEO\stinst32.exe: [Debugger] tasklist.exe
IFEO\stinst64.exe: [Debugger] tasklist.exe
IFEO\sweetimsetup.exe: [Debugger] tasklist.exe
IFEO\tbdelta.exetoolbar783881609.exe: [Debugger] tasklist.exe
IFEO\umbrella.exe: [Debugger] tasklist.exe
IFEO\utiljumpflip.exe: [Debugger] tasklist.exe
IFEO\volaro: [Debugger] tasklist.exe
IFEO\vonteera: [Debugger] tasklist.exe
IFEO\websteroids.exe: [Debugger] tasklist.exe
IFEO\websteroidsservice.exe: [Debugger] tasklist.exe
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\ESO Survey Live.lnk
ShortcutTarget: ESO Survey Live.lnk -> C:\Program Files (x86)\ESO Survey Live\ESOSurveyLive.exe ()
Startup: C:\Users\Anthony\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Anthony\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\Anthony\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Rainmeter.lnk
ShortcutTarget: Rainmeter.lnk -> C:\Program Files\Rainmeter\Rainmeter.exe ()
HKLM\...\AppCertDlls: [x86] -> C:\Program Files (x86)\Movies Toolbar\SafetyNut\safetycrt.dll
HKLM\...\AppCertDlls: [x64] -> c:\program files (x86)\movies toolbar\safetynut\x64\safetycrt.dll
BootExecute: autocheck autochk *  
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
HKU\S-1-5-21-2426978524-3854536212-1475799715-1000\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=9&ar=msnhome
HKU\S-1-5-21-2426978524-3854536212-1475799715-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://ninemsn.com.au/?ocid=iehp
HKU\S-1-5-21-2426978524-3854536212-1475799715-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=9&ar=msnhome
HKU\S-1-5-21-2426978524-3854536212-1475799715-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://ninemsn.com.au/?ocid=iehp
SearchScopes: HKLM-x32 -> DefaultScope {018B5FAD-E61A-40D3-80BD-F614F644C5DB} URL = 
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKU\S-1-5-21-2426978524-3854536212-1475799715-1000 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKU\S-1-5-21-2426978524-3854536212-1475799715-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
 
FireFox:
========
FF ProfilePath: C:\Users\Anthony\AppData\Roaming\Mozilla\Firefox\Profiles\g0bvSwSz.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_246.dll ()
FF Plugin: @java.com/DTPlugin,version=10.45.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.45.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_246.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1202122.dll (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.71.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.71.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3522.0110 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2426978524-3854536212-1475799715-1000: @nsroblox.roblox.com/launcher -> C:\Program Files (x86)\Roblox\Versions\version-79a62ec00b324436\\NPRobloxProxy.dll ( ROBLOX Corporation)
FF Plugin HKU\S-1-5-21-2426978524-3854536212-1475799715-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Anthony\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-2426978524-3854536212-1475799715-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0: @nsroblox.roblox.com/launcher -> C:\Program Files (x86)\Roblox\Versions\version-79a62ec00b324436\\NPRobloxProxy.dll ( ROBLOX Corporation)
FF Plugin HKU\S-1-5-21-2426978524-3854536212-1475799715-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Anthony\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Extension: Avira Browser Safety - C:\Users\Anthony\AppData\Roaming\Mozilla\Firefox\Profiles\g0bvSwSz.default\Extensions\abs@avira.com [2015-01-08]
 
Chrome: 
=======
CHR HomePage: Default -> hxxp://www.google.com/
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}{google:searchVersion}{google:sessionToken}{google:prefetchQuery}sugkey={google:suggestAPIKeyParameter}
CHR Profile: C:\Users\Anthony\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Drive) - C:\Users\Anthony\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-07-04]
CHR Extension: (Flappy Tunnel Bird for Chrome) - C:\Users\Anthony\AppData\Local\Google\Chrome\User Data\Default\Extensions\bejddkeopdhkdpgcckgeanfooacifkjb [2014-02-11]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Anthony\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-05-25]
CHR Extension: (YouTube) - C:\Users\Anthony\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-07-04]
CHR Extension: (Google Search) - C:\Users\Anthony\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-07-04]
CHR Extension: (Avira Browser Safety) - C:\Users\Anthony\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2015-01-08]
CHR Extension: (Chrome Remote Desktop) - C:\Users\Anthony\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbchcmhmhahfdphkhkmpfmihenigjmpp [2015-01-03]
CHR Extension: (Don't Starve) - C:\Users\Anthony\AppData\Local\Google\Chrome\User Data\Default\Extensions\hiledapehlkhdehbhppgmekfalnlfajc [2013-07-04]
CHR Extension: (Little Alchemy) - C:\Users\Anthony\AppData\Local\Google\Chrome\User Data\Default\Extensions\knkapnclbofjjgicpkfoagdjohlfjhpd [2013-10-04]
CHR Extension: (Google Wallet) - C:\Users\Anthony\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-23]
CHR Extension: (Gmail) - C:\Users\Anthony\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-07-04]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - No Path
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - No Path
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-07-14]
 
==================== Services (Whitelisted) =================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [431920 2014-11-24] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [431920 2014-11-24] (Avira Operations GmbH & Co. KG)
R2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [166192 2014-11-20] (Avira Operations GmbH & Co. KG)
S2 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [409304 2014-08-13] (BlueStack Systems, Inc.)
R2 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [384728 2014-08-13] (BlueStack Systems, Inc.)
R2 BstHdUpdaterSvc; C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe [777944 2014-08-13] (BlueStack Systems, Inc.)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
S3 EasyAntiCheat; C:\Windows\SysWOW64\EasyAntiCheat.exe [182304 2014-11-07] (EasyAntiCheat Ltd)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [417552 2014-12-02] (LogMeIn, Inc.)
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2014-11-21] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [969016 2014-11-21] (Malwarebytes Corporation)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2013-10-29] ()
R2 RzKLService; C:\Program Files (x86)\Razer\Razer Game Booster\RzKLService.exe [105448 2014-02-25] (Razer Inc.)
S3 WMPNetworkSvc; No ImagePath
 
==================== Drivers (Whitelisted) ====================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [119272 2014-11-24] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [131608 2014-11-24] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2014-11-24] (Avira Operations GmbH & Co. KG)
R2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [122072 2014-08-13] (BlueStack Systems)
U0 dljnagny; C:\Windows\System32\drivers\bfpfk.sys [79064 2015-01-09] (Malwarebytes Corporation)
R1 GUBootStartup; C:\Windows\System32\drivers\GUBootStartup.sys [20160 2015-01-08] (Glarysoft Ltd)
R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [28656 2013-03-18] (Intel Corporation)
R3 L1C; C:\Windows\System32\DRIVERS\L1C62x64.sys [127568 2013-03-04] (Qualcomm Atheros Co., Ltd.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-11-21] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [129752 2015-01-09] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-11-21] (Malwarebytes Corporation)
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2013-03-18] (Apple, Inc.) [File not signed]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
 
 
==================== One Month Created Files and Folders ========
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2015-01-09 17:15 - 2015-01-09 17:17 - 00026645 _____ () C:\Users\Anthony\Desktop\FRST.txt
2015-01-09 17:14 - 2015-01-09 17:14 - 00079064 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\bfpfk.sys
2015-01-08 21:26 - 2015-01-09 17:16 - 00000000 ____D () C:\FRST
2015-01-08 21:24 - 2015-01-08 21:24 - 02124288 _____ (Farbar) C:\Users\Anthony\Downloads\FRST64.exe
2015-01-08 21:24 - 2015-01-08 21:24 - 02124288 _____ (Farbar) C:\Users\Anthony\Desktop\FRST64.exe
2015-01-08 15:11 - 2015-01-08 15:09 - 00043064 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2015-01-08 15:09 - 2015-01-08 15:09 - 00000000 ____D () C:\Users\Anthony\AppData\Roaming\Avira
2015-01-08 15:08 - 2015-01-08 15:08 - 00000000 ____D () C:\Users\Anthony\AppData\Roaming\Mozilla
2015-01-08 15:06 - 2014-11-24 10:23 - 00131608 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2015-01-08 15:06 - 2014-11-24 10:23 - 00119272 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2015-01-08 15:06 - 2014-11-24 10:23 - 00028600 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys
2015-01-08 15:02 - 2015-01-08 15:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2015-01-08 15:02 - 2015-01-08 15:06 - 00000000 ____D () C:\ProgramData\Avira
2015-01-08 15:02 - 2015-01-08 15:06 - 00000000 ____D () C:\Program Files (x86)\Avira
2015-01-08 15:02 - 2015-01-08 15:02 - 00001133 _____ () C:\Users\Public\Desktop\Avira.lnk
2015-01-08 14:35 - 2015-01-08 14:37 - 03051011 _____ () C:\Users\Anthony\Downloads\kavremvr 2015-01-08 14-35-45 (pid 1200).log
2015-01-08 14:33 - 2015-01-08 14:35 - 07254208 _____ (Kaspersky Lab ZAO) C:\Users\Anthony\Downloads\kavremover.exe
2015-01-08 14:32 - 2015-01-08 14:32 - 04549888 _____ (Avira Operations & Co. KG) C:\Users\Anthony\Downloads\avira_en_av_5768081326__ws.exe
2015-01-08 13:03 - 2015-01-08 14:40 - 00000336 _____ () C:\Windows\Tasks\GlaryInitialize 5.job
2015-01-08 13:03 - 2015-01-08 13:03 - 00020160 _____ (Glarysoft Ltd) C:\Windows\system32\Drivers\GUBootStartup.sys
2015-01-08 13:03 - 2015-01-08 13:03 - 00002634 _____ () C:\Windows\System32\Tasks\GlaryInitialize 5
2015-01-08 13:03 - 2015-01-08 13:03 - 00001096 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glary Utilities 5.lnk
2015-01-08 13:03 - 2015-01-08 13:03 - 00000000 ____D () C:\Users\Anthony\AppData\Roaming\GlarySoft
2015-01-08 13:03 - 2015-01-08 13:03 - 00000000 ____D () C:\Users\Anthony\AppData\Roaming\DiskDefrag
2015-01-08 13:03 - 2015-01-08 13:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glary Utilities 5
2015-01-08 13:02 - 2015-01-08 14:40 - 00000000 ____D () C:\Program Files (x86)\Glary Utilities 5
2015-01-08 13:00 - 2015-01-08 13:00 - 00000000 ____D () C:\Users\Anthony\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\NirSoft ShellExView
2015-01-08 13:00 - 2015-01-08 13:00 - 00000000 ____D () C:\Program Files (x86)\NirSoft
2015-01-08 12:58 - 2015-01-08 13:00 - 14879544 _____ () C:\Users\Anthony\Downloads\gu5setup.exe
2015-01-08 12:51 - 2015-01-08 12:53 - 00140960 _____ () C:\Users\Anthony\Downloads\shexview_setup.exe
2015-01-03 11:46 - 2015-01-03 11:47 - 02000785 _____ () C:\Users\Anthony\Downloads\Fish.zip
2015-01-03 11:40 - 2015-01-03 11:40 - 08317952 _____ () C:\Users\Anthony\Downloads\chromeremotedesktophost.msi
2015-01-03 11:33 - 2015-01-03 11:33 - 00000000 __SHD () C:\Users\Anthony\AppData\Local\EmieBrowserModeList
2015-01-02 19:49 - 2015-01-02 19:50 - 02380328 _____ () C:\Users\Anthony\Downloads\appliedenergistics2-rv1-stable-1.jar
2015-01-02 11:38 - 2015-01-02 11:39 - 01706107 _____ () C:\Users\Anthony\Downloads\extrautilities-1.2.1.jar
2015-01-01 14:51 - 2015-01-01 14:51 - 00000222 _____ () C:\Users\Anthony\Desktop\Godus.url
2015-01-01 14:11 - 2015-01-01 14:11 - 00260371 _____ () C:\Users\Anthony\Downloads\Autorank.jar
2014-12-29 20:22 - 2014-12-29 20:22 - 00465815 _____ () C:\Users\Anthony\Downloads\Zans-MinimapNoRadar-Mod-1.7.10.jar
2014-12-29 20:09 - 2014-12-29 20:10 - 00367294 _____ () C:\Users\Anthony\Downloads\mod_voxelMap_1.2.3_for_1.7.10.litemod
2014-12-29 19:55 - 2014-12-29 19:55 - 00510637 _____ () C:\Users\Anthony\Downloads\NotEnoughItems-1.7.10-1.0.4.80-universal.jar
2014-12-29 19:55 - 2014-12-29 19:55 - 00143274 _____ () C:\Users\Anthony\Downloads\EnderStorage-1.7.10-1.4.5.27-universal.jar
2014-12-29 19:51 - 2014-12-29 19:51 - 00157678 _____ () C:\Users\Anthony\Downloads\CodeChickenCore-1.7.10-1.0.4.29-universal.jar
2014-12-29 19:36 - 2014-12-29 19:36 - 00047354 _____ () C:\Users\Anthony\Downloads\TiCTooltips-mc1.7.10-1.1.11b (1).jar
2014-12-29 19:35 - 2014-12-29 19:35 - 00196807 _____ () C:\Users\Anthony\Downloads\Mantle-1.7.10-0.3.2 (1).jar
2014-12-29 19:34 - 2014-12-29 19:35 - 05214223 _____ () C:\Users\Anthony\Downloads\TConstruct-1.7.10-1.8.1.jar
2014-12-29 19:30 - 2014-12-29 19:31 - 03105553 _____ () C:\Users\Anthony\Downloads\forge-1.7.10-10.13.2.1230-installer-win.exe
2014-12-27 14:18 - 2014-12-27 14:18 - 00296044 _____ () C:\Users\Anthony\Downloads\Vault.jar
2014-12-27 14:18 - 2014-12-27 14:18 - 00088477 _____ () C:\Users\Anthony\Downloads\CommandSigns.jar
2014-12-27 14:07 - 2014-12-27 14:08 - 00094554 _____ () C:\Users\Anthony\Downloads\WarpPortals_v0563.jar
2014-12-27 12:22 - 2014-12-27 12:22 - 00990670 _____ () C:\Users\Anthony\Downloads\Essentials.zip
2014-12-27 12:21 - 2014-12-27 12:21 - 01568433 _____ () C:\Users\Anthony\Downloads\worldedit-bukkit-6.0.jar
2014-12-27 12:21 - 2014-12-27 12:21 - 00136362 _____ () C:\Users\Anthony\Downloads\EssentialsGroupManager.jar
2014-12-27 12:20 - 2014-12-27 12:20 - 00324043 _____ () C:\Users\Anthony\Downloads\worldguard-5.9.zip
2014-12-27 12:19 - 2015-01-03 12:19 - 00000000 ____D () C:\Users\Anthony\Desktop\G-Plugins
2014-12-26 11:31 - 2014-12-26 11:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Hamachi
2014-12-26 11:29 - 2014-12-26 11:31 - 00000926 _____ () C:\Users\Public\Desktop\LogMeIn Hamachi.lnk
2014-12-25 16:05 - 2014-12-25 16:06 - 00018549 _____ () C:\Windows\DirectX.log
2014-12-25 07:36 - 2014-12-13 16:09 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-12-25 07:36 - 2014-12-13 14:33 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-12-24 11:48 - 2014-12-24 11:48 - 02698960 _____ (Igor Pavlov) C:\Users\Anthony\Downloads\sl630_sl650_bios_w240.exe
2014-12-24 11:14 - 2014-12-24 11:14 - 00000000 ____D () C:\2c0461275c75da552754a5f1af
2014-12-24 11:13 - 2014-10-18 13:05 - 04121600 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2014-12-24 11:13 - 2014-10-18 12:33 - 03209728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2014-12-24 11:13 - 2014-07-07 13:06 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2014-12-24 11:13 - 2014-07-07 13:06 - 00055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2014-12-24 11:13 - 2014-07-07 13:06 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2014-12-24 11:13 - 2014-07-07 13:02 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2014-12-24 11:13 - 2014-07-07 12:40 - 00103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
2014-12-24 11:13 - 2014-07-07 12:39 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe
2014-12-24 11:13 - 2014-07-07 12:39 - 00023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe
2014-12-24 11:13 - 2014-07-07 12:37 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll
2014-12-24 09:48 - 2014-12-24 12:00 - 00159200 _____ () C:\Users\Anthony\AppData\Roaming\CrashRpt1402.dll
2014-12-24 09:48 - 2014-12-24 09:48 - 00000000 ____D () C:\Users\Anthony\Desktop\SIW
2014-12-24 04:34 - 2014-11-11 14:09 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2014-12-24 04:34 - 2014-11-11 13:44 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2014-12-24 04:33 - 2014-11-27 12:43 - 00389296 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-12-24 04:33 - 2014-11-27 12:10 - 00342200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-12-24 04:33 - 2014-11-22 14:13 - 25059840 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-12-24 04:33 - 2014-11-22 14:06 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-12-24 04:33 - 2014-11-22 14:06 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-12-24 04:33 - 2014-11-22 13:50 - 00580096 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-12-24 04:33 - 2014-11-22 13:50 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-12-24 04:33 - 2014-11-22 13:49 - 02885120 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-12-24 04:33 - 2014-11-22 13:49 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-12-24 04:33 - 2014-11-22 13:48 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-12-24 04:33 - 2014-11-22 13:41 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-12-24 04:33 - 2014-11-22 13:40 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-12-24 04:33 - 2014-11-22 13:37 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-12-24 04:33 - 2014-11-22 13:35 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-12-24 04:33 - 2014-11-22 13:34 - 06039552 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-12-24 04:33 - 2014-11-22 13:34 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-12-24 04:33 - 2014-11-22 13:26 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-12-24 04:33 - 2014-11-22 13:22 - 19749376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-12-24 04:33 - 2014-11-22 13:22 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-12-24 04:33 - 2014-11-22 13:20 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-12-24 04:33 - 2014-11-22 13:14 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-12-24 04:33 - 2014-11-22 13:09 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-12-24 04:33 - 2014-11-22 13:08 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-12-24 04:33 - 2014-11-22 13:07 - 00501248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-12-24 04:33 - 2014-11-22 13:07 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-12-24 04:33 - 2014-11-22 13:06 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-12-24 04:33 - 2014-11-22 13:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-12-24 04:33 - 2014-11-22 13:05 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-12-24 04:33 - 2014-11-22 13:01 - 02277888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-12-24 04:33 - 2014-11-22 12:59 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-12-24 04:33 - 2014-11-22 12:58 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-12-24 04:33 - 2014-11-22 12:56 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-12-24 04:33 - 2014-11-22 12:54 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-12-24 04:33 - 2014-11-22 12:49 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-12-24 04:33 - 2014-11-22 12:49 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-12-24 04:33 - 2014-11-22 12:47 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-12-24 04:33 - 2014-11-22 12:46 - 02125312 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-12-24 04:33 - 2014-11-22 12:45 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-12-24 04:33 - 2014-11-22 12:43 - 14412800 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-12-24 04:33 - 2014-11-22 12:40 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-12-24 04:33 - 2014-11-22 12:36 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-12-24 04:33 - 2014-11-22 12:35 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-12-24 04:33 - 2014-11-22 12:33 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-12-24 04:33 - 2014-11-22 12:29 - 04299264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-12-24 04:33 - 2014-11-22 12:28 - 02358272 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-12-24 04:33 - 2014-11-22 12:23 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-12-24 04:33 - 2014-11-22 12:22 - 02052096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-12-24 04:33 - 2014-11-22 12:21 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-12-24 04:33 - 2014-11-22 12:15 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-12-24 04:33 - 2014-11-22 12:13 - 12836864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-12-24 04:33 - 2014-11-22 12:03 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-12-24 04:33 - 2014-11-22 12:00 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-12-24 04:33 - 2014-11-22 11:56 - 01307136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-12-24 04:33 - 2014-11-22 11:54 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-12-24 04:33 - 2014-11-11 12:46 - 00119296 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys
2014-12-24 04:32 - 2014-10-30 13:03 - 00165888 _____ (Microsoft Corporation) C:\Windows\system32\charmap.exe
2014-12-24 04:32 - 2014-10-30 12:45 - 00155136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\charmap.exe
2014-12-24 04:31 - 2014-11-08 14:16 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-12-24 04:31 - 2014-11-08 13:45 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-12-24 04:31 - 2014-10-03 13:12 - 02020352 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll
2014-12-24 04:31 - 2014-10-03 13:12 - 00346624 _____ (Microsoft Corporation) C:\Windows\system32\WSManMigrationPlugin.dll
2014-12-24 04:31 - 2014-10-03 13:12 - 00310272 _____ (Microsoft Corporation) C:\Windows\system32\WsmWmiPl.dll
2014-12-24 04:31 - 2014-10-03 13:12 - 00181248 _____ (Microsoft Corporation) C:\Windows\system32\WsmAuto.dll
2014-12-24 04:31 - 2014-10-03 13:11 - 00266240 _____ (Microsoft Corporation) C:\Windows\system32\WSManHTTPConfig.exe
2014-12-24 04:31 - 2014-10-03 12:45 - 01177088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmSvc.dll
2014-12-24 04:31 - 2014-10-03 12:45 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManMigrationPlugin.dll
2014-12-24 04:31 - 2014-10-03 12:45 - 00214016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmWmiPl.dll
2014-12-24 04:31 - 2014-10-03 12:45 - 00145920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmAuto.dll
2014-12-24 04:31 - 2014-10-03 12:44 - 00198656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManHTTPConfig.exe
2014-12-21 16:12 - 2014-12-21 16:12 - 00000000 ____D () C:\Users\Anthony\AppData\Local\My Games
2014-12-21 14:09 - 2014-12-21 15:59 - 00000000 ____D () C:\Users\Anthony\AppData\Roaming\Games
2014-12-21 13:54 - 2014-12-21 13:55 - 00000000 ____D () C:\Program Files (x86)\The Adventure Company
2014-12-21 13:18 - 2014-12-24 21:19 - 00000220 _____ () C:\Users\Anthony\Desktop\Sid Meier's Civilization V.url
2014-12-18 18:41 - 2014-12-24 21:53 - 00000222 _____ () C:\Users\Anthony\Desktop\Don't Starve Together Beta.url
2014-12-17 18:25 - 2014-12-26 11:31 - 00000000 ____D () C:\Program Files (x86)\LogMeIn Hamachi
2014-12-14 16:16 - 2014-12-14 16:16 - 04269736 _____ () C:\Users\Anthony\Downloads\Faithful32_Tekkit_3.1.3.zip
2014-12-14 16:16 - 2014-12-14 16:16 - 01289162 _____ () C:\Users\Anthony\Downloads\faithful32pack_1_2_5.zip
2014-12-11 07:45 - 2014-12-24 14:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lightshot
 
==================== One Month Modified Files and Folders =======
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2015-01-09 17:14 - 2013-07-02 12:04 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-01-09 17:09 - 2013-07-06 18:20 - 00000000 ____D () C:\Users\Anthony\AppData\Roaming\Skype
2015-01-09 17:07 - 2013-07-02 11:00 - 01882607 _____ () C:\Windows\WindowsUpdate.log
2015-01-09 16:59 - 2014-03-21 20:24 - 00000000 ____D () C:\Users\Anthony\AppData\Local\LogMeIn Hamachi
2015-01-09 16:52 - 2014-04-15 14:19 - 00000000 ____D () C:\Users\Anthony\AppData\Roaming\.minecraft
2015-01-09 16:36 - 2013-07-02 12:03 - 00000898 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-01-09 16:17 - 2013-08-08 22:07 - 00000392 _____ () C:\Windows\Tasks\update-sys.job
2015-01-09 16:13 - 2014-05-19 18:07 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-01-09 15:53 - 2013-08-08 22:07 - 00000392 _____ () C:\Windows\Tasks\update-S-1-5-21-2426978524-3854536212-1475799715-1000.job
2015-01-09 14:41 - 2014-06-20 21:23 - 00000000 ____D () C:\Users\Anthony\AppData\Roaming\Raptr
2015-01-09 14:12 - 2009-07-14 16:13 - 00782470 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-01-09 13:00 - 2014-05-16 22:32 - 00000312 _____ () C:\Windows\Tasks\FreeFixer background scan.job
2015-01-08 21:37 - 2013-10-30 06:16 - 00000000 ____D () C:\Windows\Minidump
2015-01-08 21:36 - 2013-07-02 12:03 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-01-08 21:34 - 2014-06-20 20:09 - 00000000 ____D () C:\Users\Anthony\Desktop\FPS_Lag_Virsus Help
2015-01-08 15:13 - 2013-08-24 21:50 - 00000000 ____D () C:\Users\Anthony\AppData\Local\GC
2015-01-08 15:02 - 2014-06-09 18:06 - 00000000 ____D () C:\ProgramData\Package Cache
2015-01-08 14:48 - 2009-07-14 15:45 - 00028352 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-01-08 14:48 - 2009-07-14 15:45 - 00028352 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-01-08 14:42 - 2013-07-24 22:24 - 00000000 ___RD () C:\Users\Anthony\Dropbox
2015-01-08 14:42 - 2013-07-04 12:30 - 00000000 ____D () C:\Program Files (x86)\Steam
2015-01-08 14:41 - 2013-07-24 22:12 - 00000000 ____D () C:\Users\Anthony\AppData\Roaming\Dropbox
2015-01-08 14:39 - 2009-07-14 16:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-01-08 14:38 - 2014-10-08 21:51 - 00024100 _____ () C:\Windows\PFRO.log
2015-01-08 14:23 - 2009-07-14 16:32 - 00000000 ____D () C:\Windows\Performance
2015-01-05 21:58 - 2014-06-21 18:27 - 00000000 ____D () C:\Users\Anthony\Documents\FTB_Launcher
2015-01-05 21:31 - 2014-05-27 09:21 - 00000000 ____D () C:\Users\Anthony\AppData\Local\ftblauncher
2015-01-05 08:42 - 2013-07-06 18:20 - 00000000 ___RD () C:\Program Files (x86)\Skype
2015-01-05 08:42 - 2013-07-06 17:59 - 00000000 ____D () C:\ProgramData\Skype
2015-01-03 12:20 - 2014-08-05 08:45 - 00000000 ____D () C:\Users\Anthony\Desktop\Anime
2015-01-03 12:19 - 2013-07-06 17:05 - 00000000 ____D () C:\Users\Anthony\Desktop\Jesse's Stuff
2015-01-03 11:44 - 2013-07-02 12:03 - 00000000 ____D () C:\Program Files (x86)\Google
2015-01-03 11:08 - 2014-09-02 07:13 - 00000000 ____D () C:\Users\Anthony\AppData\Roaming\FileZilla
2015-01-01 14:51 - 2013-07-04 13:14 - 00000000 ____D () C:\Users\Anthony\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2014-12-30 20:16 - 2014-11-25 18:21 - 00001106 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-12-30 20:16 - 2014-05-19 18:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-12-30 20:16 - 2014-05-19 18:06 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-12-26 11:36 - 2013-08-04 18:30 - 22754064 _____ () C:\Users\Anthony\Desktop\TechnicLauncher.exe
2014-12-26 11:34 - 2013-08-04 18:51 - 00000000 ____D () C:\Users\Anthony\AppData\Roaming\.technic
2014-12-24 14:23 - 2014-11-21 05:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Gaming Evolved
2014-12-24 14:23 - 2014-10-21 15:57 - 00000000 ____D () C:\Program Files (x86)\AGEIA Technologies
2014-12-24 14:23 - 2014-07-13 21:48 - 00000000 ____D () C:\Users\Anthony\AppData\Roaming\Rainmeter
2014-12-24 14:23 - 2014-06-20 21:23 - 00000000 ____D () C:\Program Files (x86)\Raptr
2014-12-24 14:23 - 2013-08-08 22:07 - 00000000 ____D () C:\Users\Anthony\AppData\Local\Skillbrains
2014-12-24 14:23 - 2013-07-04 12:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-12-24 14:23 - 2009-07-14 14:20 - 00000000 ____D () C:\Windows\servicing
2014-12-24 14:23 - 2009-07-14 14:20 - 00000000 ____D () C:\Windows\AppCompat
2014-12-24 14:23 - 2009-07-14 14:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared
2014-12-24 14:22 - 2009-07-14 14:20 - 00000000 ____D () C:\Windows\registration
2014-12-24 12:47 - 2009-07-14 14:20 - 00000000 ____D () C:\Windows\rescache
2014-12-24 11:39 - 2013-07-02 10:59 - 00000000 ____D () C:\Users\Anthony
2014-12-24 11:35 - 2009-07-14 14:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-12-24 11:14 - 2014-01-28 10:56 - 112710672 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-12-24 11:14 - 2014-01-28 10:56 - 00000000 ____D () C:\Windows\system32\MRT
2014-12-24 09:54 - 2013-07-24 22:23 - 00000000 ____D () C:\Users\Anthony\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-12-24 09:52 - 2013-08-28 22:46 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-12-21 21:48 - 2013-08-11 15:33 - 00000000 ____D () C:\Users\Anthony\AppData\Roaming\TS3Client
2014-12-17 19:54 - 2013-08-08 22:07 - 00000425 _____ () C:\Users\Anthony\AppData\Local\UserProducts.xml
2014-12-11 07:45 - 2013-08-08 22:07 - 00003270 _____ () C:\Windows\System32\Tasks\update-S-1-5-21-2426978524-3854536212-1475799715-1000
2014-12-11 07:45 - 2013-08-08 22:07 - 00000000 ____D () C:\Program Files (x86)\Skillbrains
2014-12-10 06:14 - 2013-07-02 12:04 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-12-10 06:14 - 2013-07-02 12:04 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-12-10 06:14 - 2013-07-02 12:04 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
 
Some content of TEMP:
====================
C:\Users\Anthony\AppData\Local\Temp\avgnt.exe
C:\Users\Anthony\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp_bxknj.dll
 
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2015-01-08 14:59
 
==================== End Of Log ============================
 
Addition.txt:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 07-01-2015
Ran by Anthony at 2015-01-09 17:18:42
Running from C:\Users\Anthony\Desktop
Boot Mode: Normal
==========================================================
 
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Avira Desktop (Enabled - Up to date) {4D041356-F94D-285F-8768-AAE50FA36859}
AV: Kaspersky Anti-Virus (Disabled - Up to date) {179979E8-273D-D14E-0543-2861940E4886}
AS: Kaspersky Anti-Virus (Disabled - Up to date) {ACF8980C-0107-DEC0-3FF3-1313EF89023B}
AS: Avira Desktop (Enabled - Up to date) {F665F2B2-DF77-27D1-BDD8-9197742422E4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 
==================== Installed Programs ======================
 
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
7-Zip 9.22beta (HKLM-x32\...\7-Zip) (Version:  - )
Adobe Flash Player 15 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 15.0.0.246 - Adobe Systems Incorporated)
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.246 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.10) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.0 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.0.2.122 - Adobe Systems, Inc.)
AMD Catalyst Install Manager (HKLM\...\{3FAEEEBE-48F4-84C1-2B49-96AE73E67E3E}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
Apple Application Support (HKLM-x32\...\{83CAF0DE-8D3B-4C37-A631-2B8F16EC3031}) (Version: 3.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{BDD99690-3541-4619-9D2A-3CDDB3E15F9E}) (Version: 8.0.5.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Audacity 2.0.5 (HKLM-x32\...\Audacity_is1) (Version: 2.0.5 - Audacity Team)
Avira (HKLM-x32\...\{e7c7c227-b742-4878-9425-f09bbf9951db}) (Version: 1.1.27.25527 - Avira Operations & Co. KG)
Avira (x32 Version: 1.1.27.25527 - Avira Operations & Co. KG) Hidden
Avira Free Antivirus (HKLM-x32\...\Avira AntiVir Desktop) (Version: 14.0.7.468 - Avira)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
Blender (HKLM\...\Blender) (Version: 2.68a - Blender Foundation)
BlueStacks App Player (HKLM-x32\...\BlueStacks App Player) (Version: 0.9.1.4057 - BlueStack Systems, Inc.)
BlueStacks Notification Center (HKLM-x32\...\{981B38A6-E4D0-4D94-98C2-75AC645755F5}) (Version: 0.9.1.4057 - BlueStack Systems, Inc.)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 4.14 - Piriform)
Cheat Engine 6.3 (HKLM-x32\...\Cheat Engine 6.3_is1) (Version:  - Cheat Engine)
Clownfish for Skype (HKLM-x32\...\Clownfish) (Version:  - )
Counter-Strike: Source (HKLM-x32\...\Steam App 240) (Version:  - Valve)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Don't Starve Together Beta (HKLM-x32\...\Steam App 322330) (Version:  - Klei Entertainment)
Dropbox (HKU\S-1-5-21-2426978524-3854536212-1475799715-1000\...\Dropbox) (Version: 3.0.3 - Dropbox, Inc.)
Dropbox (HKU\S-1-5-21-2426978524-3854536212-1475799715-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Dropbox) (Version: 3.0.3 - Dropbox, Inc.)
Dxtory version 2.0.125 (HKLM-x32\...\Dxtory2.0_is1) (Version: 2.0.125 - ExKode Co. Ltd.)
ESO Survey Live version 1.3.0 (HKLM-x32\...\17CBAF83-B4D1-41CC-B7DC-BFF1D4B9DDAC-live_is1) (Version: 1.3.0 - Immersyve, Inc.)
FileZilla Client 3.9.0.5 (HKLM-x32\...\FileZilla Client) (Version: 3.9.0.5 - Tim Kosse)
Fistful of Frags (HKLM-x32\...\Steam App 265630) (Version:  - Fistful of Frags Team)
Fraps (remove only) (HKLM-x32\...\Fraps) (Version:  - )
Free Mouse Auto Clicker 3.1 (HKLM-x32\...\{7D9D583E-EC8B-4390-B3A4-017B8182C8FF}_is1) (Version:  - Advanced Mouse Auto Clicker ltd.)
FreeFixer (HKLM-x32\...\FreeFixer1.11) (Version: 1.11 - Kephyr)
GameSalad Creator (HKLM-x32\...\{42C1A82C-0F7D-4B3E-AEA5-2BD75A5DF390}) (Version: 0.10.4.1 - GameSalad)
Garry's Mod (HKLM-x32\...\Steam App 4000) (Version:  - Garry)
GIMP 2.8.10 (HKLM\...\GIMP-2_is1) (Version: 2.8.10 - The GIMP Team)
GitHub (HKU\S-1-5-21-2426978524-3854536212-1475799715-1000\...\5f7eb300e2ea4ebf) (Version: 2.0.6.0 - GitHub, Inc.)
GitHub (HKU\S-1-5-21-2426978524-3854536212-1475799715-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\5f7eb300e2ea4ebf) (Version: 2.0.6.0 - GitHub, Inc.)
Glary Utilities 5.16 (HKLM-x32\...\Glary Utilities 5) (Version: 5.16.0.29 - Glarysoft Ltd)
Godus (HKLM-x32\...\Steam App 232810) (Version:  - 22cans)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 39.0.2171.95 - Google Inc.)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.5111.1712 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Hearthstone (HKLM-x32\...\Hearthstone) (Version:  - Blizzard Entertainment)
Heaven Benchmark version 4.0 (HKLM-x32\...\Unigine Heaven Benchmark (Basic Edition)_is1) (Version: 4.0 - Unigine Corp.)
HydraVision (x32 Version: 4.2.252.0 - Advanced Micro Devices, Inc.) Hidden
iCloud (HKLM\...\{2AAF09D5-4B3F-4975-B6A9-ECE2631FC942}) (Version: 4.0.5.20 - Apple Inc.)
iTunes (HKLM\...\{2ABBBD91-91E5-4AD7-929A-FE15D1DC0576}) (Version: 12.0.1.26 - Apple Inc.)
Java 7 Update 45 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417045FF}) (Version: 7.0.450 - Oracle)
Java 7 Update 71 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217071FF}) (Version: 7.0.710 - Oracle)
Java SE Development Kit 7 Update 25 (HKLM-x32\...\{32A3A4F4-B792-11D6-A78A-00B0D0170250}) (Version: 1.7.0.250 - Oracle)
Java SE Development Kit 7 Update 45 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0170450}) (Version: 1.7.0.450 - Oracle)
Jurassic Park Operation Genesis (HKLM-x32\...\InstallShield_{A347C572-F7B4-43A3-BD51-FFC99184F70D}) (Version: 1.00.0000 - Universal Interactive)
Jurassic Park Operation Genesis (x32 Version: 1.00.0000 - Universal Interactive) Hidden
Lightshot-5.2.0.8 (HKLM-x32\...\{30A5B3C9-2084-4063-A32A-628A98DE512B}_is1) (Version: 5.2.0.8 - Skillbrains)
Loadout (HKLM-x32\...\Steam App 208090) (Version:  - Edge of Reality)
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.291 - LogMeIn, Inc.)
LogMeIn Hamachi (x32 Version: 2.2.0.291 - LogMeIn, Inc.) Hidden
Malwarebytes Anti-Malware version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 ENU (HKLM-x32\...\{3A9FC03D-C685-4831-94CF-4EDFD3749497}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 x64 ENU (HKLM\...\{D4AD39AD-091E-4D33-BB2B-59F6FCB8ADC3}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
Movie Maker (x32 Version: 16.4.3522.0110 - Microsoft Corporation) Hidden
Mumble 1.2.8 (HKLM-x32\...\{A9DBD31A-A09F-4C7E-86D1-3B21C59000D1}) (Version: 1.2.8 - Thorvald Natvig)
My Game Long Name (HKLM\...\UDK-edef2d0c-fb86-4ba0-a494-d1204ed24704) (Version:  - Epic Games, Inc.)
NirSoft ShellExView (HKLM-x32\...\NirSoft ShellExView) (Version:  - )
Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.5.4 - Notepad++ Team)
NVIDIA PhysX (HKLM-x32\...\{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}) (Version: 9.12.1031 - NVIDIA Corporation)
Origin (HKLM-x32\...\Origin) (Version: 9.4.1.116 - Electronic Arts, Inc.)
ORION: Dino Horde (HKLM-x32\...\Steam App 104900) (Version:  - Spiral Game Studios)
Paint.NET v3.5.10 (HKLM\...\{529125EF-E3AC-4B74-97E6-F688A7C0F1C0}) (Version: 3.60.0 - dotPDN LLC)
PAYDAY 2 (HKLM-x32\...\Steam App 218620) (Version:  - OVERKILL - a Starbreeze Studio.)
Planetary Annihilation (HKLM-x32\...\Steam App 233250) (Version:  - Uber Entertainment)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.)
Python 2.7.6 (HKLM-x32\...\{C3CC4DF5-39A5-4027-B136-2B3E1F5AB6E2}) (Version: 2.7.6150 - Python Software Foundation)
QuickTime 7 (HKLM-x32\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.)
Rainmeter (HKLM-x32\...\Rainmeter) (Version: 3.1 r2290 - )
Raptr (HKLM-x32\...\Raptr) (Version:  - )
Razer Game Booster (HKLM-x32\...\Razer Game Booster_is1) (Version: 4.2.45.0 - Razer Inc.)
Realm of the Mad God (HKLM-x32\...\Steam App 200210) (Version:  - Wild Shadow Studios)
ROBLOX Player (HKLM-x32\...\{373B1718-8CC5-4567-8EE2-9033AD08A680}) (Version:  - ROBLOX Corporation)
ROBLOX Studio 2013 (HKLM-x32\...\{2922D6F1-2865-4EFA-97A9-94EEAB3AFA14}) (Version:  - ROBLOX Corporation)
Robocraft (HKLM-x32\...\Steam App 301520) (Version:  - Freejam)
Rubber Ninjas 1.05 (HKLM-x32\...\{28780589-C504-4A32-B630-2F12546123A4}_is1) (Version:  - Rag Doll Software)
Sid Meier's Civilization V (HKLM-x32\...\Steam App 8930) (Version:  - 2K Games, Inc.)
SimCity™ (HKLM-x32\...\{F70FDE4B-8F86-4eb6-8C8E-636EC89F6419}) (Version: 1.0.0.0 - Electronic Arts)
SketchUp 2013 (HKLM-x32\...\{B75BC01B-4586-43F8-9349-D250DB98F26F}) (Version: 13.0.4812 - Trimble Navigation Limited)
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.3.16540.9015 - Microsoft Corporation)
Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
SQL Power Injector 1.2 (HKLM-x32\...\{3D55339F-D991-4806-9FD4-00B815714AF1}) (Version: 1.2 - SQLPowerInjector)
Starbound (HKLM-x32\...\Steam App 211820) (Version:  - )
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
tAPI version r3 (HKLM-x32\...\{6D47E78A-A9FE-41B8-A5C6-8A6A04FB8F71}_is1) (Version: r3 - tAPI Development Team)
Team Fortress 2 (HKLM-x32\...\Steam App 440) (Version:  - Valve)
TeamSpeak 3 Client (HKLM-x32\...\TeamSpeak 3 Client) (Version: 3.0.11 - TeamSpeak Systems GmbH)
TEdit 3 (HKLM-x32\...\{EB7A8012-5699-4CB0-A6E9-0C818CF67A29}) (Version: 1.0.0.0 - BinaryConstruct)
Terraria (HKLM-x32\...\Steam App 105600) (Version:  - Re-Logic)
Terraria Game Launcher version 3.2.1.2 (HKLM-x32\...\{31D22D10-7FD2-401B-8AEA-D20A1A9A440E}_is1) (Version: 3.2.1.2 - Eikester)
The Elder Scrolls Online Beta (HKLM-x32\...\The Elder Scrolls Online Beta_is1) (Version: 0.3.4 - )
The Ship (HKLM-x32\...\Steam App 2400) (Version:  - Outerlight Ltd.)
The Stomping Land (HKLM-x32\...\Steam App 263440) (Version:  - SuperCrit)
TUG (HKLM-x32\...\Steam App 277930) (Version:  - Nerd Kingdom Inc.)
Unity (HKLM-x32\...\Unity) (Version:  - Unity Technologies ApS)
Unity Web Player (HKU\S-1-5-21-2426978524-3854536212-1475799715-1000\...\UnityWebPlayer) (Version:  - Unity Technologies ApS)
Unity Web Player (HKU\S-1-5-21-2426978524-3854536212-1475799715-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\UnityWebPlayer) (Version:  - Unity Technologies ApS)
Universal Extractor 1.6.1 (HKLM-x32\...\Universal Extractor_is1) (Version: 1.6.1 - Jared Breland)
Unturned (HKLM-x32\...\Steam App 304930) (Version:  - Nelson Sexton)
VLC media player 2.1.3 (HKLM-x32\...\VLC media player) (Version: 2.1.3 - VideoLAN)
Wildlife Park 2 - Dino World (HKLM-x32\...\Steam App 307930) (Version:  - b-alive gmbh)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3522.0110 - Microsoft Corporation)
Wings 3D 1.4.1 (HKLM-x32\...\Wings 3D 1.4.1) (Version:  - )
WinRAR 4.20 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
World of Warcraft (HKLM-x32\...\World of Warcraft) (Version:  - Blizzard Entertainment)
Zoo Tycoon 2 - Ultimate Collection (HKLM-x32\...\InstallShield_{9CC4840D-EF1C-406F-AF08-3C19EB1335B9}) (Version: 1.00.0000 - Microsoft Game Studios)
Zoo Tycoon 2 - Ultimate Collection (x32 Version: 1.00.0000 - Microsoft Game Studios) Hidden
 
==================== Custom CLSID (selected items): ==========================
 
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
 
CustomCLSID: HKU\S-1-5-21-2426978524-3854536212-1475799715-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Anthony\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2426978524-3854536212-1475799715-1000_Classes\CLSID\{D45F043D-F17F-4e8a-8435-70971D9FA46D}\InprocServer32 -> C:\Program Files (x86)\Blender Foundation\Blender\BlendThumb64.dll ()
CustomCLSID: HKU\S-1-5-21-2426978524-3854536212-1475799715-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Anthony\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2426978524-3854536212-1475799715-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Anthony\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2426978524-3854536212-1475799715-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Anthony\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2426978524-3854536212-1475799715-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Anthony\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2426978524-3854536212-1475799715-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Anthony\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2426978524-3854536212-1475799715-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Anthony\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2426978524-3854536212-1475799715-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Anthony\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-2426978524-3854536212-1475799715-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Anthony\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
 
==================== Restore Points  =========================
 
26-12-2014 11:28:23 Installed LogMeIn Hamachi
31-12-2014 09:57:46 Windows Update
03-01-2015 11:38:02 Windows Update
03-01-2015 11:41:12 Installed Chrome Remote Desktop Host
03-01-2015 11:44:36 Removed Chrome Remote Desktop Host
07-01-2015 09:32:50 Windows Update
08-01-2015 06:37:17 Windows Backup
08-01-2015 22:32:18 Windows Backup
09-01-2015 06:40:51 Windows Backup
 
==================== Hosts content: ==========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2009-07-14 13:34 - 2009-06-11 08:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
 
==================== Scheduled Tasks (whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
 
Task: {1A39EAD2-39BC-4896-AB84-5B597DADB9CE} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-19] (Google Inc.)
Task: {27FCA3ED-7DCC-45AB-998A-974DEDF74A0C} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-19] (Google Inc.)
Task: {29AF2424-0384-486C-B086-96252710ED1B} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2013-01-29] (Microsoft Corporation)
Task: {32F23DB1-D507-412D-B06D-72AB303B525E} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-05-21] (Piriform Ltd)
Task: {44343F26-1032-43B3-A56D-23D9E4B90E13} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe [2013-01-29] (Microsoft)
Task: {4C25379C-7F34-477E-9BD5-023C47F6717E} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2013-01-29] (Microsoft Corporation)
Task: {57E1607A-D2DE-4316-BDBD-6B46841F3539} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2013-01-29] (Microsoft Corporation)
Task: {6904C321-D857-43AA-8222-7BE3776E6C79} - System32\Tasks\update-S-1-5-21-2426978524-3854536212-1475799715-1000 => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [2014-03-25] ()
Task: {69792B05-24B7-45C9-B9D2-77E5F3844274} - System32\Tasks\{94EC822F-AFBA-4D63-AD00-F17DC0B5C376} => Chrome.exe http://www.skype.com/go/downloading?source=lightinstaller&amp;ver=6.6.0.106&amp;LastError=-9
Task: {79766264-208D-4FAA-BE93-1CB3E6F813D0} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2013-01-29] (Microsoft Corporation)
Task: {909ABFEA-136D-4DD9-B179-FEB9EDAC89E3} - \Escolade No Task File <==== ATTENTION
Task: {93F8BCA2-6D23-44C2-80F3-946DF04E455E} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {94D11DF0-D84C-4EEF-AC54-57AC03F07EDF} - System32\Tasks\GC_Scheduler => %LOCALAPPDATA%\GC\Runner.exe <==== ATTENTION
Task: {9996ED0A-DABA-47D8-9AEE-460F1C416B86} - \GoforFilesUpdate No Task File <==== ATTENTION
Task: {A9F30D1A-3339-40FD-BF72-820357461A57} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-12-10] (Adobe Systems Incorporated)
Task: {BE7CDC7A-F7F4-4AA6-B473-7928DD5C34E4} - System32\Tasks\update-sys => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [2014-03-25] ()
Task: {C6F70166-9F83-4881-98F7-7F8A3A74A6CF} - System32\Tasks\GlaryInitialize 5 => C:\Program Files (x86)\Glary Utilities 5\Initialize.exe [2015-01-05] (Glarysoft Ltd)
Task: {F66500C5-4DC8-41D8-BD67-9F14FCE2285C} - System32\Tasks\{97D39254-493D-458F-A2B0-7E77A598822B} => pcalua.exe -a D:\autorun.exe -d D:\
Task: {F9DB131A-8947-45F3-9122-A3623C7A65BA} - System32\Tasks\FreeFixer background scan => C:\Program Files\FreeFixer\freefixer.exe [2014-05-15] (Kephyr)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\FreeFixer background scan.job => C:\Program Files\FreeFixer\freefixer.exe
Task: C:\Windows\Tasks\GlaryInitialize 5.job => C:\Program Files (x86)\Glary Utilities 5\Initialize.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\update-S-1-5-21-2426978524-3854536212-1475799715-1000.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe
Task: C:\Windows\Tasks\update-sys.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe
 
==================== Loaded Modules (whitelisted) =============
 
2014-05-02 06:29 - 2014-05-02 06:29 - 00098304 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext_64.dll
2012-06-19 02:24 - 2012-06-19 02:24 - 00222720 _____ () C:\Program Files (x86)\Notepad++\NppShell_05.dll
2013-10-29 20:08 - 2013-10-29 20:08 - 00076888 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2014-02-27 19:51 - 2014-01-06 14:44 - 00064000 _____ () C:\Program Files (x86)\ESO Survey Live\ESOSurveyLive.exe
2014-05-26 01:18 - 2014-05-26 01:18 - 00036536 _____ () C:\Program Files\Rainmeter\Rainmeter.exe
2014-05-26 01:18 - 2014-05-26 01:18 - 00747192 _____ () C:\Program Files\Rainmeter\Rainmeter.dll
2014-05-26 01:17 - 2014-05-26 01:17 - 00056832 _____ () C:\Program Files\Rainmeter\Plugins\WebParser.dll
2014-05-26 01:17 - 2014-05-26 01:17 - 00011776 _____ () C:\Program Files\Rainmeter\Plugins\RecycleManager.dll
2013-10-18 18:51 - 2013-10-18 18:51 - 00055720 _____ () C:\Program Files\Java\jre7\bin\prism-d3d.dll
2013-10-18 18:51 - 2013-10-18 18:51 - 00197544 _____ () C:\Program Files\Java\jre7\bin\glass.dll
2013-10-18 18:51 - 2013-10-18 18:51 - 00590760 _____ () C:\Program Files\Java\jre7\bin\libxml2.dll
2013-10-18 18:51 - 2013-10-18 18:51 - 00202664 _____ () C:\Program Files\Java\jre7\bin\libxslt.dll
2013-10-18 18:51 - 2013-10-18 18:51 - 14863784 _____ () C:\Program Files\Java\jre7\bin\jfxwebkit.dll
2013-10-18 18:51 - 2013-10-18 18:51 - 00319912 _____ () C:\Program Files\Java\jre7\bin\javafx-font.dll
2015-01-09 16:28 - 2015-01-09 16:28 - 00310272 _____ () C:\Users\Anthony\AppData\Roaming\.minecraft\versions\1.7.10\1.7.10-natives-93014437847679\lwjgl64.dll
2015-01-09 16:28 - 2015-01-09 16:28 - 00653832 _____ () C:\Users\Anthony\AppData\Roaming\.minecraft\versions\1.7.10\1.7.10-natives-93014437847679\avutil-ttv-51.dll
2015-01-09 16:28 - 2015-01-09 16:28 - 00361103 _____ () C:\Users\Anthony\AppData\Roaming\.minecraft\versions\1.7.10\1.7.10-natives-93014437847679\swresample-ttv-0.dll
2015-01-09 16:28 - 2015-01-09 16:28 - 00688161 _____ () C:\Users\Anthony\AppData\Roaming\.minecraft\versions\1.7.10\1.7.10-natives-93014437847679\libmp3lame-ttv.dll
2015-01-09 16:28 - 2015-01-09 16:28 - 01127424 _____ () C:\Users\Anthony\AppData\Roaming\.minecraft\versions\1.7.10\1.7.10-natives-93014437847679\twitchsdk.dll
2015-01-09 16:28 - 2015-01-09 16:28 - 00382464 _____ () C:\Users\Anthony\AppData\Roaming\.minecraft\versions\1.7.10\1.7.10-natives-93014437847679\OpenAL64.dll
2014-01-20 13:17 - 2014-01-20 13:17 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-10-11 13:05 - 2014-10-11 13:05 - 01044776 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2014-09-07 03:44 - 2014-09-07 03:44 - 00035328 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext.dll
2014-05-25 03:41 - 2014-05-25 03:41 - 00091648 _____ () C:\Program Files (x86)\FileZilla FTP Client\libgcc_s_sjlj-1.dll
2014-05-25 03:41 - 2014-05-25 03:41 - 00892416 _____ () C:\Program Files (x86)\FileZilla FTP Client\libstdc++-6.dll
2015-01-05 16:18 - 2015-01-05 16:18 - 00080160 _____ () C:\Program Files (x86)\Glary Utilities 5\zlib1.dll
2014-10-22 11:22 - 2014-10-22 11:22 - 00750080 _____ () C:\Users\Anthony\AppData\Roaming\Dropbox\bin\libGLESv2.dll
2015-01-08 14:41 - 2015-01-08 14:41 - 00043008 _____ () c:\users\anthony\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp_bxknj.dll
2014-10-22 11:22 - 2014-10-22 11:22 - 00047616 _____ () C:\Users\Anthony\AppData\Roaming\Dropbox\bin\libEGL.dll
2014-10-22 11:22 - 2014-10-22 11:22 - 00863744 _____ () C:\Users\Anthony\AppData\Roaming\Dropbox\bin\plugins\platforms\qwindows.dll
2014-10-22 11:22 - 2014-10-22 11:22 - 00200704 _____ () C:\Users\Anthony\AppData\Roaming\Dropbox\bin\plugins\imageformats\qjpeg.dll
2010-11-23 09:56 - 2010-11-23 09:56 - 00087040 _____ () C:\Program Files (x86)\Raptr\_ctypes.pyd
2010-11-23 09:56 - 2010-11-23 09:56 - 00043008 _____ () C:\Program Files (x86)\Raptr\_socket.pyd
2010-11-23 09:56 - 2010-11-23 09:56 - 00805376 _____ () C:\Program Files (x86)\Raptr\_ssl.pyd
2014-05-14 10:26 - 2014-05-14 10:26 - 05812736 _____ () C:\Program Files (x86)\Raptr\PyQt4.QtGui.pyd
2014-05-14 10:26 - 2014-05-14 10:26 - 00067584 _____ () C:\Program Files (x86)\Raptr\sip.pyd
2014-05-14 10:26 - 2014-05-14 10:26 - 01662464 _____ () C:\Program Files (x86)\Raptr\PyQt4.QtCore.pyd
2014-05-14 10:26 - 2014-05-14 10:26 - 00494592 _____ () C:\Program Files (x86)\Raptr\PyQt4.QtNetwork.pyd
2010-11-23 09:57 - 2010-11-23 09:57 - 00096256 _____ () C:\Program Files (x86)\Raptr\win32api.pyd
2010-11-23 09:56 - 2010-11-23 09:56 - 00110592 _____ () C:\Program Files (x86)\Raptr\pywintypes26.dll
2010-11-23 09:56 - 2010-11-23 09:56 - 00010240 _____ () C:\Program Files (x86)\Raptr\select.pyd
2010-11-23 09:56 - 2010-11-23 09:56 - 00356864 _____ () C:\Program Files (x86)\Raptr\_hashlib.pyd
2010-11-23 09:57 - 2010-11-23 09:57 - 00036352 _____ () C:\Program Files (x86)\Raptr\win32process.pyd
2010-11-23 09:57 - 2010-11-23 09:57 - 00111104 _____ () C:\Program Files (x86)\Raptr\win32file.pyd
2010-11-23 09:56 - 2010-11-23 09:56 - 00044544 _____ () C:\Program Files (x86)\Raptr\_sqlite3.pyd
2011-02-16 05:17 - 2011-02-16 05:17 - 00417501 _____ () C:\Program Files (x86)\Raptr\sqlite3.dll
2010-11-23 09:57 - 2010-11-23 09:57 - 00167936 _____ () C:\Program Files (x86)\Raptr\win32gui.pyd
2014-05-14 10:26 - 2014-05-14 10:26 - 00313856 _____ () C:\Program Files (x86)\Raptr\PyQt4.QtWebKit.pyd
2010-11-23 09:56 - 2010-11-23 09:56 - 00127488 _____ () C:\Program Files (x86)\Raptr\pyexpat.pyd
2010-11-23 09:56 - 2010-11-23 09:56 - 00009216 _____ () C:\Program Files (x86)\Raptr\winsound.pyd
2010-11-23 09:56 - 2010-11-23 09:56 - 00354304 _____ () C:\Program Files (x86)\Raptr\pythoncom26.dll
2010-11-23 09:57 - 2010-11-23 09:57 - 00016384 _____ () C:\Program Files (x86)\Raptr\win32trace.pyd
2014-08-14 11:37 - 2014-08-14 11:37 - 00113171 _____ () C:\Program Files (x86)\Raptr\libvlc.dll
2014-08-14 11:37 - 2014-08-14 11:37 - 02396691 _____ () C:\Program Files (x86)\Raptr\libvlccore.dll
2010-11-23 09:56 - 2010-11-23 09:56 - 00583680 _____ () C:\Program Files (x86)\Raptr\unicodedata.pyd
2010-11-23 09:57 - 2010-11-23 09:57 - 00263168 _____ () C:\Program Files (x86)\Raptr\win32com.shell.shell.pyd
2010-11-23 09:56 - 2010-11-23 09:56 - 00324608 _____ () C:\Program Files (x86)\Raptr\PIL._imaging.pyd
2013-11-21 11:05 - 2013-11-21 11:05 - 00256000 _____ () C:\Program Files (x86)\Raptr\amd_ags.dll
2010-11-23 09:57 - 2010-11-23 09:57 - 00141312 _____ () C:\Program Files (x86)\Raptr\gobject._gobject.pyd
2014-06-18 11:56 - 2014-06-18 11:56 - 02717595 _____ () C:\Program Files (x86)\Raptr\heliotrope._purple.pyd
2011-02-16 05:17 - 2011-02-16 05:17 - 01213633 _____ () C:\Program Files (x86)\Raptr\libxml2-2.dll
2010-11-23 10:06 - 2010-11-23 10:06 - 00055808 _____ () C:\Program Files (x86)\Raptr\zlib1.dll
2013-05-10 10:52 - 2013-05-10 10:52 - 00495680 _____ () C:\Program Files (x86)\Raptr\plugins\libaim.dll
2013-05-10 10:52 - 2013-05-10 10:52 - 01183699 _____ () C:\Program Files (x86)\Raptr\liboscar.dll
2013-05-10 10:52 - 2013-05-10 10:52 - 00483306 _____ () C:\Program Files (x86)\Raptr\plugins\libicq.dll
2013-05-04 05:57 - 2013-05-04 05:57 - 00655356 _____ () C:\Program Files (x86)\Raptr\plugins\libirc.dll
2013-05-04 05:56 - 2013-05-04 05:56 - 01306387 _____ () C:\Program Files (x86)\Raptr\plugins\libmsn.dll
2013-05-04 05:56 - 2013-05-04 05:56 - 00565461 _____ () C:\Program Files (x86)\Raptr\plugins\libxmpp.dll
2013-05-04 05:57 - 2013-05-04 05:57 - 01640221 _____ () C:\Program Files (x86)\Raptr\libjabber.dll
2013-05-04 05:56 - 2013-05-04 05:56 - 00506276 _____ () C:\Program Files (x86)\Raptr\plugins\libyahoo.dll
2013-05-04 05:57 - 2013-05-04 05:57 - 01053730 _____ () C:\Program Files (x86)\Raptr\libymsg.dll
2013-05-04 05:57 - 2013-05-04 05:57 - 00497782 _____ () C:\Program Files (x86)\Raptr\plugins\libyahoojp.dll
2013-05-04 05:57 - 2013-05-04 05:57 - 00603326 _____ () C:\Program Files (x86)\Raptr\plugins\ssl-nss.dll
2013-05-04 05:57 - 2013-05-04 05:57 - 00474199 _____ () C:\Program Files (x86)\Raptr\plugins\ssl.dll
2014-12-24 10:47 - 2014-12-06 12:50 - 01077064 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\libglesv2.dll
2014-12-24 10:46 - 2014-12-06 12:50 - 00211272 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\libegl.dll
2014-12-24 10:48 - 2014-12-06 12:50 - 09009480 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\pdf.dll
2014-12-24 10:46 - 2014-12-06 12:50 - 01677128 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\ffmpegsumo.dll
2014-12-24 10:48 - 2014-12-06 12:50 - 14913352 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\PepperFlash\pepflashplayer.dll
 
==================== Alternate Data Streams (whitelisted) =========
 
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
 
 
==================== Safe Mode (whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"
 
==================== EXE Association (whitelisted) =============
 
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
 
 
==================== MSCONFIG/TASK MANAGER disabled items =========
 
(Currently there is no automatic fix for this section.)
 
 
========================= Accounts: ==========================
 
Administrator (S-1-5-21-2426978524-3854536212-1475799715-500 - Administrator - Disabled)
Anthony (S-1-5-21-2426978524-3854536212-1475799715-1000 - Administrator - Enabled) => C:\Users\Anthony
Guest (S-1-5-21-2426978524-3854536212-1475799715-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2426978524-3854536212-1475799715-1002 - Limited - Enabled)
 
==================== Faulty Device Manager Devices =============
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (01/08/2015 03:02:39 PM) (Source: MsiInstaller) (EventID: 11704) (User: Toshiba)
Description: Product: Avira -- Error 1704. An installation for Kaspersky Anti-Virus is currently suspended.  You must undo the changes made by that installation to continue.  Do you want to undo those changes?
 
Error: (01/08/2015 02:40:31 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (01/08/2015 02:40:16 PM) (Source: BstHdAndroidSvc) (EventID: 0) (User: )
Description: Service cannot be started. System.ApplicationException: Cannot start service.  Service did not stop gracefully the last time it was run.
   at BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
   at System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)
 
Error: (01/08/2015 02:30:25 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (01/08/2015 01:10:11 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: explorer.exe, version: 6.1.7601.17567, time stamp: 0x4d672ee4
Faulting module name: prloader.dll, version: 1.2.11.57, time stamp: 0x52c18446
Exception code: 0xc0000005
Fault offset: 0x0000000000027406
Faulting process id: 0x7c4
Faulting application start time: 0xexplorer.exe0
Faulting application path: explorer.exe1
Faulting module path: explorer.exe2
Report Id: explorer.exe3
 
Error: (01/08/2015 01:10:00 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: explorer.exe, version: 6.1.7601.17567, time stamp: 0x4d672ee4
Faulting module name: prloader.dll, version: 1.2.11.57, time stamp: 0x52c18446
Exception code: 0xc0000005
Fault offset: 0x0000000000027406
Faulting process id: 0x2fdc
Faulting application start time: 0xexplorer.exe0
Faulting application path: explorer.exe1
Faulting module path: explorer.exe2
Report Id: explorer.exe3
 
Error: (01/08/2015 01:09:21 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: explorer.exe, version: 6.1.7601.17567, time stamp: 0x4d672ee4
Faulting module name: prloader.dll, version: 1.2.11.57, time stamp: 0x52c18446
Exception code: 0xc0000005
Fault offset: 0x0000000000027406
Faulting process id: 0x19fc
Faulting application start time: 0xexplorer.exe0
Faulting application path: explorer.exe1
Faulting module path: explorer.exe2
Report Id: explorer.exe3
 
Error: (01/08/2015 00:44:03 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 15766054
 
Error: (01/08/2015 00:44:03 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 15766054
 
Error: (01/08/2015 00:44:03 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
 
System errors:
=============
Error: (01/08/2015 07:07:36 PM) (Source: Disk) (EventID: 7) (User: )
Description: The device, \Device\Harddisk0\DR0, has a bad block.
 
Error: (01/08/2015 07:07:28 PM) (Source: Disk) (EventID: 7) (User: )
Description: The device, \Device\Harddisk0\DR0, has a bad block.
 
Error: (01/08/2015 07:07:20 PM) (Source: Disk) (EventID: 7) (User: )
Description: The device, \Device\Harddisk0\DR0, has a bad block.
 
Error: (01/08/2015 03:42:13 PM) (Source: Disk) (EventID: 7) (User: )
Description: The device, \Device\Harddisk0\DR0, has a bad block.
 
Error: (01/08/2015 03:41:17 PM) (Source: Disk) (EventID: 7) (User: )
Description: The device, \Device\Harddisk0\DR0, has a bad block.
 
Error: (01/08/2015 03:40:42 PM) (Source: Disk) (EventID: 7) (User: )
Description: The device, \Device\Harddisk0\DR0, has a bad block.
 
Error: (01/08/2015 03:40:34 PM) (Source: Disk) (EventID: 7) (User: )
Description: The device, \Device\Harddisk0\DR0, has a bad block.
 
Error: (01/08/2015 03:40:30 PM) (Source: Disk) (EventID: 7) (User: )
Description: The device, \Device\Harddisk0\DR0, has a bad block.
 
Error: (01/08/2015 03:40:22 PM) (Source: Disk) (EventID: 7) (User: )
Description: The device, \Device\Harddisk0\DR0, has a bad block.
 
Error: (01/08/2015 03:40:18 PM) (Source: Disk) (EventID: 7) (User: )
Description: The device, \Device\Harddisk0\DR0, has a bad block.
 
 
Microsoft Office Sessions:
=========================
Error: (01/08/2015 03:02:39 PM) (Source: MsiInstaller) (EventID: 11704) (User: Toshiba)
Description: Product: Avira -- Error 1704. An installation for Kaspersky Anti-Virus is currently suspended.  You must undo the changes made by that installation to continue.  Do you want to undo those changes?(NULL)(NULL)(NULL)(NULL)(NULL)
 
Error: (01/08/2015 02:40:31 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (01/08/2015 02:40:16 PM) (Source: BstHdAndroidSvc) (EventID: 0) (User: )
Description: Service cannot be started. System.ApplicationException: Cannot start service.  Service did not stop gracefully the last time it was run.
   at BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
   at System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)
 
Error: (01/08/2015 02:30:25 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003
 
Error: (01/08/2015 01:10:11 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: explorer.exe6.1.7601.175674d672ee4prloader.dll1.2.11.5752c18446c000000500000000000274067c401d02ae838c3151dC:\Windows\explorer.exeC:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\x64\prloader.dll793e1c6b-96db-11e4-b77e-00266c88a249
 
Error: (01/08/2015 01:10:00 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: explorer.exe6.1.7601.175674d672ee4prloader.dll1.2.11.5752c18446c000000500000000000274062fdc01d02ae8217885afC:\Windows\explorer.exeC:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\x64\prloader.dll729f1159-96db-11e4-b77e-00266c88a249
 
Error: (01/08/2015 01:09:21 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: explorer.exe6.1.7601.175674d672ee4prloader.dll1.2.11.5752c18446c0000005000000000002740619fc01d02abdc541ab2dC:\Windows\explorer.exeC:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\x64\prloader.dll5b48e900-96db-11e4-b77e-00266c88a249
 
Error: (01/08/2015 00:44:03 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 15766054
 
Error: (01/08/2015 00:44:03 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 15766054
 
Error: (01/08/2015 00:44:03 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
 
CodeIntegrity Errors:
===================================
  Date: 2015-01-01 16:16:48.002
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-01-01 16:16:48.000
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-01-01 16:16:47.976
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-01-01 16:16:47.934
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\KLELAMX64\klelam.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-01-01 16:16:47.931
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\KLELAMX64\klelam.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-01-01 16:16:47.928
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\KLELAMX64\klelam.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-12-31 14:45:09.073
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-12-31 14:45:09.072
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-12-31 14:45:09.069
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.
 
  Date: 2014-12-31 14:45:09.048
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 14.0.0\KLELAMX64\klelam.sys because the set of per-page image hashes could not be found on the system.
 
 
==================== Memory info =========================== 
 
Processor: Intel® Core™ i5 CPU M 460 @ 2.53GHz
Percentage of memory in use: 78%
Total physical RAM: 3957.86 MB
Available physical RAM: 850.15 MB
Total Pagefile: 7913.9 MB
Available Pagefile: 1432.16 MB
Total Virtual: 8192 MB
Available Virtual: 8191.85 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:596.07 GB) (Free:149.95 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 596.2 GB) (Disk ID: 21EF627E)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=596.1 GB) - (Type=07 NTFS)
 
==================== End Of Log ============================


#10 Machiavelli

Machiavelli

    Agent 007


  • Malware Response Instructor
  • 4,031 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:11:05 AM

Posted 09 January 2015 - 08:17 AM

I need the MBAM Log, not an FRST Log. :)
  • Start Malwarebytes
  • Go to the tab called History
  • Then click on Application Logs
tq7qi6z6.png
  • Then select the one log where it has found anything, do a double click on it
  • Then click on the Export
  • Button - select in the menu Text File (.txt)
p84ykoav.png
  • Save it on your Desktop and post the content of this text file into your next reply.

~Machiavelli

If I don't reply within 24 hours please PM me!

  • Every topic with no replies within 5 days will be closed.
  • If you like my help here please give me feedback.

unite_blue.png
 
 


#11 gamewalkerz

gamewalkerz
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:04:05 AM

Posted 09 January 2015 - 02:42 PM

This is quick reply -

About to go put this laptop in for an upgrade on RAM and CPU.

Will have this back in 1-2 days.

Please wait for me as this has been planed before the virus ever appearing.

~Thanks



#12 Machiavelli

Machiavelli

    Agent 007


  • Malware Response Instructor
  • 4,031 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:11:05 AM

Posted 09 January 2015 - 03:37 PM

OK :)

~Machiavelli

If I don't reply within 24 hours please PM me!

  • Every topic with no replies within 5 days will be closed.
  • If you like my help here please give me feedback.

unite_blue.png
 
 


#13 Machiavelli

Machiavelli

    Agent 007


  • Malware Response Instructor
  • 4,031 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:11:05 AM

Posted 14 January 2015 - 10:28 AM

Due to the lack of feedback, this topic is now closed.

In the event you still have problems, please send me or any Moderator a Private Message and ask them to reopen this topic within the next 5 days.

Please include a link to your topic in the Private Message. Thank you.

~Machiavelli

If I don't reply within 24 hours please PM me!

  • Every topic with no replies within 5 days will be closed.
  • If you like my help here please give me feedback.

unite_blue.png
 
 





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users