Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

malware/trojan infection slows internet or not accesible


  • This topic is locked This topic is locked
12 replies to this topic

#1 tubertje1992

tubertje1992

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:04:44 PM

Posted 01 June 2015 - 04:14 PM

Hi,

2 days ago i wanted to download a new game bladestorm nightmare. Unfortunate for me i picked the wrong torrent, now this virus or what ever it is. Is trolling with me i tried every single thing that i could find on the internet to fix this problem.

I was able to remove the malware and some trojans.
Tried every possible programm

Hitman pro, adwcleaner, my own virus scanner nod 32, malwarebytes, Messing with my hosts files in system 32> driver>etc
Ccleaner. And i can continue on

now my problem is, i can't go on security sites or sites like these on my computer
The usual update programms nvidia, virus scanners, games that need to updated through a launcher and so on. My internet is slow on this computer but not on the others. (Living in a group) they have no complains

Also thanks to that virus was directing my computer to istartsurf.

Please help if this. Im at a lost cause here.

BC AdBot (Login to Remove)

 


#2 nasdaq

nasdaq

  • Malware Response Team
  • 39,909 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:11:44 AM

Posted 03 June 2015 - 10:06 AM

Hello, Welcome to BleepingComputer.
I'm nasdaq and will be helping you.

If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps in the order listed.
===

--RogueKiller--
  • Download & SAVE to your Desktop Download RogueKiller
  • Quit all programs that you may have started.
  • Please disconnect any USB or external drives from the computer before you run this scan!
  • For Vista or Windows 7, right-click and select "Run as Administrator to start"
  • For Windows XP, double-click to start.
  • Wait until Prescan has finished ...
  • Then Click on "Scan" button
  • Wait until the Status box shows "Scan Finished"
  • click on "delete"
  • Wait until the Status box shows "Deleting Finished"
  • Click on "Report" and copy/paste the content of the Notepad into your next reply.
  • The log should be found in RKreport[1].txt on your Desktop
  • Exit/Close RogueKiller+
=======


Download the version of this tool for your operating system.
Farbar Recovery Scan Tool (64 bit)
Farbar Recovery Scan Tool (32 bit)
and save it to a folder on your computer's Desktop.
Double-click to run it. When the tool opens click Yes to disclaimer.
Press Scan button.
It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.
===

Wait for further instructions.

#3 tubertje1992

tubertje1992
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:04:44 PM

Posted 03 June 2015 - 11:22 AM

Sorry, I totally forgot to notify that i have fixed the problem. I used Rkill, and Windows tool repair all in one from tweaker and Minitoolbox. i got everything fixed now, i can update again. and my computer is completely clean now.

i can acces security sites etc.

 

 

Rkill 2.7.0 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2015 BleepingComputer.com
More Information about Rkill can be found at this link:
 http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 06/03/2015 01:31:12 AM in x64 mode.
Windows Version: Windows 7 Home Premium Service Pack 1

Checking for Windows services to stop:

 * No malware services found to stop.

Checking for processes to terminate:

 * C:\Users\Acer\AppData\Local\Apps\2.0\BJ21XHJM.B4N\HECZCCT6.4XB\curs..tion_9e9e83ddf3ed3ead_0005.0001_36a9b62a0ea0a2ec\CurseClient.exe (PID: 3376) [UP-HEUR]

1 proccess terminated!

Checking Registry for malware related settings:

 * No issues found in the Registry.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

 * No issues found.

Checking Windows Service Integrity:

 * No issues found.

Searching for Missing Digital Signatures:

 * No issues found.

Checking HOSTS File:

 * HOSTS file entries found:

  127.0.0.1 localhost

Program finished at: 06/03/2015 01:32:57 AM
Execution time: 0 hours(s), 1 minute(s), and 45 seconds(s)

 

Farbar Service Scanner Version: 17-01-2015
Ran by Acer (administrator) on 03-06-2015 at 18:27:10
Running from "D:\"
Microsoft Windows 7 Home Premium  Service Pack 1 (X64)
Boot Mode: Normal
****************************************************************

Internet Services:
============

Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo.com is accessible.

ATTENTION!=====> local policy on IP:
Key: "HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local"
Value: "ActivePolicy"
Data: "SOFTWARE\Policies\Microsoft\Windows\IPSEC\Policy\Local\ipsecPolicy{c56427ef-91da-4fbb-bd2a-290e4f861ce8}"


Other Services:
==============


File Check:
========
C:\Windows\System32\nsisvc.dll => File is digitally signed
C:\Windows\System32\drivers\nsiproxy.sys => File is digitally signed
C:\Windows\System32\dhcpcore.dll => File is digitally signed
C:\Windows\System32\drivers\afd.sys => File is digitally signed
C:\Windows\System32\drivers\tdx.sys => File is digitally signed
C:\Windows\System32\Drivers\tcpip.sys => File is digitally signed
C:\Windows\System32\dnsrslvr.dll => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed


**** End of log ****

Just in case


Edited by tubertje1992, 03 June 2015 - 11:28 AM.


#4 nasdaq

nasdaq

  • Malware Response Team
  • 39,909 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:11:44 AM

Posted 03 June 2015 - 01:06 PM

Checking for processes to terminate:

* C:\Users\Acer\AppData\Local\Apps\2.0\BJ21XHJM.B4N\HECZCCT6.4XB\curs..tion_9e9e83ddf3ed3ead_0005.0001_36a9b62a0ea0a2ec\CurseClient.exe (PID: 3376) [UP-HEUR]

1 proccess terminated!


This looks to be OK. Are you still using these games
http://www.curse.com/

===

ATTENTION!=====> local policy on IP:
Key: "HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local"
Value: "ActivePolicy"
Data: "SOFTWARE\Policies\Microsoft\Windows\IPSEC\Policy\Local\ipsecPolicy{c56427ef-91da-4fbb-bd2a-290e4f861ce8}"


Have to check further on this one.
Please download and run the Farbar tool as I suggested.

Post the logs for my review.

#5 tubertje1992

tubertje1992
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:04:44 PM

Posted 03 June 2015 - 01:58 PM

yeah i still use curse for WoW.

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version:03-06-2015
Ran by Acer at 2015-06-03 20:55:17
Running from D:\
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Acer (S-1-5-21-3843000899-3653866797-3830101878-1000 - Administrator - Enabled) => C:\Users\Acer
Administrator (S-1-5-21-3843000899-3653866797-3830101878-500 - Administrator - Disabled)
Gast (S-1-5-21-3843000899-3653866797-3830101878-501 - Limited - Enabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: ESET NOD32 Antivirus 4.2 (Enabled - Up to date) {77DEAFED-8149-104B-25A1-21771CA47CD1}
AV: Microsoft Security Essentials (Enabled - Up to date) {B7ECF8CD-0188-6703-DBA4-AA65C6ACFB0A}
AS: ESET NOD32 Antivirus 4.2 (Enabled - Up to date) {CCBF4E09-A773-1FC5-1F11-1A056723366C}
AS: Microsoft Security Essentials (Enabled - Up to date) {0C8D1929-27B2-688D-E114-9117BD2BB1B7}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKLM-x32\...\uTorrent) (Version: 3.3.0.29625 - BitTorrent Inc.)
64 Bit HP CIO Components Installer (Version: 7.2.8 - Hewlett-Packard) Hidden
AC3Filter (remove only) (HKLM-x32\...\AC3Filter) (Version:  - )
Acer DV Magician (HKLM-x32\...\{F6EFFB76-4A07-11DA-9D78-000129760D75}) (Version: 1.5.1730 - Acer Inc.)
Acer HomeMedia (HKLM-x32\...\{AA4BF92B-2AAF-11DA-9D78-000129760D75}) (Version: 1.5.0530 SP3001 - Acer Inc.)
Acer HomeMedia Connect (HKLM-x32\...\{132888AE-EF67-41C5-BCA2-7D5D2488AB63}) (Version: 1.4.5330 SP3001 - Acer Inc.)
Acer HomeMedia Trial Creator (HKLM-x32\...\{B580C409-E16F-44FF-904D-3AE94E113BE0}) (Version: 1.5.0530 SP3001 - Acer Inc.)
Acer SlideShow DVD (HKLM-x32\...\{41581EF5-45A7-11DA-9D78-000129760D75}) (Version: 1.5.1730 - Acer Inc.)
Activation Assistant for the 2007 Microsoft Office suites (HKLM-x32\...\Activation Assistant for the 2007 Microsoft Office suites) (Version:  - Microsoft Corporation)
Activation Assistant for the 2007 Microsoft Office suites (x32 Version: 1.0 - Microsoft Corporation) Hidden
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 2.0.3.13070 - Adobe Systems Inc.)
Adobe Flash Player 17 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 17.0.0.169 - Adobe Systems Incorporated)
Adobe Flash Player 17 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 17.0.0.188 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.11) - Nederlands (HKLM-x32\...\{AC76BA86-7AD7-1043-7B44-AB0000000001}) (Version: 11.0.11 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.0 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.0.0.112 - Adobe Systems, Inc.)
AION Free-to-Play (HKLM-x32\...\{82E73E8D-E1E7-45A4-A311-6D31492AA913}_is1) (Version:  - Gameforge)
Alt.Binz 0.39.4 (HKLM-x32\...\Alt.Binz) (Version: 0.39.4 - Rdl)
Anno 1404 Gold version 3.1 (HKLM-x32\...\{FF0DECB8-B15D-4444-A0CE-3B6BBE9C6F4C}_is1) (Version: 3.1 - vol1)
ASUS nVidia Driver (x32 Version: 1.00.0000 - ASUSTek) Hidden
Autodesk 3ds Max 2012 64-bit - English (HKLM\...\Autodesk 3ds Max 2012 64-bit - English) (Version: 14.0 - Autodesk)
Autodesk 3ds Max 2012 64-bit - English (Version: 14.0 - Autodesk) Hidden
Autodesk FBX Plug-in 2012.0 - 3ds Max 2012 64-bit (HKLM\...\Autodesk FBX Plug-in 2012.0 - 3ds Max 2012 64-bit) (Version:  - Autodesk)
Autodesk Material Library 2012 (HKLM-x32\...\{8F0837C2-EE09-4903-88F3-1976FE7FFF4E}) (Version: 2.5.0.8 - Autodesk)
Autodesk Material Library Base Resolution Image Library 2012 (HKLM-x32\...\{65420DC9-306E-4371-905F-F4DC3B418E52}) (Version: 2.5.0.8 - Autodesk)
Autodesk Material Library Medium Resolution Image Library 2012 (HKLM-x32\...\{B5751715-EC10-43D9-8C95-62E1368433EF}) (Version: 2.5.0.8 - Autodesk)
Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)
BufferChm (x32 Version: 130.0.331.000 - Hewlett-Packard) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.06 - Piriform)
Cheat Engine 6.3 (HKLM-x32\...\Cheat Engine 6.3_is1) (Version:  - Cheat Engine)
Cisco Network Magic (x32 Version: 5.5.09195.0 - Pure Networks) Hidden
CL-Eye Driver (HKLM-x32\...\CL-Eye Driver) (Version: 4.0.2.1017 - Code Laboratories, Inc.)
Composite 2012 64-bit (HKLM\...\{EA234BC3-39FE-4734-B72F-076086889F6D}) (Version: 7.0.0 - Autodesk)
Copy (x32 Version: 130.0.428.000 - Hewlett-Packard) Hidden
Curse Client (HKU\S-1-5-21-3843000899-3653866797-3830101878-1000\...\101a9f93b8f0bb6f) (Version: 5.1.1.820 - Curse)
Defraggler (HKLM\...\Defraggler) (Version: 2.10 - Piriform)
Destinations (x32 Version: 130.0.0.0 - Hewlett-Packard) Hidden
DeviceDiscovery (x32 Version: 130.0.465.000 - Hewlett-Packard) Hidden
DivX Setup (HKLM-x32\...\DivX Setup.divx.com) (Version: 2.5.0.8 - DivX, LLC)
DJ_AIO_03_F2200_Software_Min (x32 Version: 130.0.365.000 - Hewlett-Packard) Hidden
Dragon Age Toolset (HKLM-x32\...\{3B11D799-48E0-48ED-BFD7-EA655676D8BB}) (Version: 1.01 - Electronic Arts, Inc.)
DriverAgent by eSupport.com (HKLM\...\DriverAgent.exe) (Version:  - )
EA Installer (HKLM-x32\...\EA Installer.-2072690567) (Version: 2.2.0.62 - Electronic Arts, Inc.)
EA Shared Game Component: Activation (HKLM-x32\...\com.ea.Activation.919CACB699904AC5D41B606703500DD39747C02D.1) (Version: 2.2.0.62 - Electronic Arts)
EA Shared Game Component: Activation (x32 Version: 2.2.0 - Electronic Arts) Hidden
Elite Dangerous Launcher version 0.4.2220.0 (HKLM-x32\...\{696F8871-C91D-4CB1-825D-36BE18065575}_is1) (Version: 0.4.2220.0 - Frontier Developments)
Endless Legend (HKLM-x32\...\RW5kbGVzc0xlZ2VuZA==_is1) (Version: 1 - )
ESET NOD32 Antivirus (HKLM\...\{B4BC9421-3578-4447-A40D-993EDA32E1D3}) (Version: 4.2.64.12 - ESET, spol s r. o.)
EVE Online (HKLM-x32\...\{BAF7798B-050F-415A-9E84-912C424F747D}) (Version: 3.0.0 - CCP Games Ltd.)
EVE Online (remove only) (HKLM-x32\...\EVE) (Version:  - CCP Games Ltd.)
F2200 (x32 Version: 130.0.365.000 - Hewlett-Packard) Hidden
Fallout Mod Manager 0.13.21 (HKLM-x32\...\Generic Mod Manager_is1) (Version:  - Q, Timeslip)
Fraps (HKLM-x32\...\Fraps) (Version:  - )
Free YouTube to MP3 Converter version 3.11.35.1031 (HKLM-x32\...\Free YouTube to MP3 Converter_is1) (Version: 3.11.35.1031 - DVDVideoSoft Ltd.)
Gameforge Live 2.0.7 (HKLM-x32\...\{9C98989A-3A15-42DA-A3B9-D20331437D67}}_is1) (Version: 2.0.7 - Gameforge)
Glyph (HKLM-x32\...\Glyph) (Version:  - Trion Worlds, Inc.)
GOM Player (HKLM-x32\...\GOM Player) (Version: 2.2.69.5227 - Gretech Corporation)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 43.0.2357.81 - Google Inc.)
Google Update Helper (x32 Version: 1.3.27.5 - Google Inc.) Hidden
GPBaseService2 (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
Grand Theft Auto IV (x32 Version: 1.0.0011.131 - Rockstar Games Inc.) Hidden
Grand Theft Auto IV (x32 Version: 1.0.0013.131 - Rockstar Games Inc.) Hidden
HCS VoicePacks DARK version 1.6.3 (HKLM-x32\...\{3860FE92-C212-4FE7-9AE6-37062B90719C}_is1) (Version: 1.6.3 - HCS VoicePacks Ltd)
HCS VoicePacks Ltd VENUS version 1.6.3 (HKLM-x32\...\{56C400CA-0D41-4ACD-A5E3-B14C5F38CCBF}_is1) (Version: 1.6.3 - HCS VoicePacks Ltd)
Hearthstone (HKLM-x32\...\Hearthstone) (Version:  - Blizzard Entertainment)
HP Deskjet F2200 All-In-One Driver Software 13.0 Rel. 3 (HKLM\...\{3690900F-85EA-447F-BAD1-5CA25AA9B627}) (Version: 13.0 - HP)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HPDiagnosticAlert (x32 Version: 1.00.0001 - Microsoft) Hidden
HPPhotoGadget (x32 Version: 130.0.282.000 - Hewlett-Packard) Hidden
HPPhotoSmartDiscLabelContent1 (x32 Version: 2.04.0000 - Hewlett-Packard) Hidden
HPPhotosmartEssential (x32 Version: 2.04.0000 - Hewlett-Packard) Hidden
HPProductAssistant (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
HPSSupply (x32 Version: 130.0.371.000 - Hewlett-Packard) Hidden
Imouto Paradise! version 1.0 (HKLM-x32\...\{38073150-656E-4A04-8547-84D3531AB7D6}_is1) (Version: 1.0 - MangaGamer)
IMVU Avatar Chat Software (HKU\S-1-5-21-3843000899-3653866797-3830101878-1000\...\IMVU Avatar chat client software BETA) (Version:  - )
Java 7 Update 7 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417007FF}) (Version: 7.0.70 - Oracle)
Java 7 Update 71 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217021FF}) (Version: 7.0.710 - Oracle)
Java™ 6 Update 21 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86416021FF}) (Version: 6.0.210 - Oracle)
Java™ SE Development Kit 6 Update 21 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0160210}) (Version: 1.6.0.210 - Oracle)
LightScribe  1.4.142.1 (x32 Version: 1.4.142.1 - http://www.lightscribe.com) Hidden
Linksys Wireless Manager (HKLM\...\Linksys Wireless Manager) (Version: 4.9.9189.0 - Cisco Systems, Inc.)
Logitech GamePanel Software 3.03.133 (HKLM\...\{6CC95B76-D380-46B2-9022-9353938E48BA}) (Version: 3.03.133 - Logitech Inc.)
Malwarebytes Anti-Malware versie 2.1.6.1022 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.6.1022 - Malwarebytes Corporation)
Marvell Miniport Driver (HKLM-x32\...\Marvell Miniport Driver) (Version: 11.43.1.3 - Marvell)
Mass Effect (HKLM-x32\...\{1B0FBB9A-995D-47cd-87CD-13E68B676E4F}) (Version: 1.00 - Electronic Arts, Inc.)
Mass Effect 2 (HKLM-x32\...\{75D84EF7-0D8C-4e70-B3FA-7B42A5D4E0EB}) (Version: 1.02 - Electronic Arts, Inc.)
Mass Effect 3 © Bioware version 1 (HKLM-x32\...\TWFzcyBFZmZlY3QgMyAoYykgQmlvd2FyZQ==_is1) (Version: 1 - )
Mass Effect 3 Update v1.5.5427.124 version 1.00 (HKLM-x32\...\Mass Effect 3 Update v1.5.5427.124_is1) (Version: 1.00 - )
Mass Effect™ 3 (HKLM-x32\...\{6A9D1594-7791-48f5-9CAA-DE9BCB968320}) (Version: 1.01.0.0 - Electronic Arts)
Medieval II - Total War (HKLM-x32\...\Medieval II - Total War_is1) (Version:  - )
MegaTrainer eXperience V1.2.1.6 (HKLM-x32\...\MegaTrainer eXperience_is1) (Version:  - )
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET Framework 4.5.2 (Nederlands) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1043) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Chart Controls for Microsoft .NET Framework 3.5 (KB2500170) (HKLM-x32\...\{41785C66-90F2-40CE-8CB5-1C94BFC97280}) (Version: 3.5.30730.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{42AA4CA8-DCD8-4308-BCAB-0B6D75856A9D}) (Version: 3.5.95.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (HKLM-x32\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Language Pack 2010 - Dutch/Nederlands (HKLM-x32\...\Office14.OMUI.nl-nl) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Professional 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.8.204.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation)
Microsoft Speech SDK 5.1 (HKLM-x32\...\{A403D88E-ED7D-48E3-91FD-B8C8A720EDA1}) (Version: 5.1.4324.0 - Microsoft)
Microsoft SQL Server 2005 (HKLM-x32\...\Microsoft SQL Server 2005) (Version:  - Microsoft Corporation)
Microsoft SQL Server Native Client (HKLM\...\{9ACF3FDB-C8E6-444C-8C64-13A221F7BFFD}) (Version: 9.00.5000.00 - Microsoft Corporation)
Microsoft SQL Server Setup Support Files (English) (HKLM-x32\...\{53F5C3EE-05ED-4830-994B-50B2F0D50FCE}) (Version: 9.00.5000.00 - Microsoft Corporation)
Microsoft SQL Server VSS Writer (HKLM\...\{B636C9B9-A3F2-4DCE-ADCC-72E095018385}) (Version: 9.00.5000.00 - Microsoft Corporation)
Microsoft Text-to-Speech Engine 4.0 (English) (HKLM-x32\...\MSTTS) (Version:  - )
Microsoft Visual C++ 2005 ATL Update kb973923 - x64 8.0.50727.4053 (HKLM\...\{B6E3757B-5E77-3915-866A-CCFC4B8D194C}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) - KB2467175 (HKLM\...\{aac9fcc4-dd9e-4add-901c-b5496a07ab2e}) (Version: 8.0.51011 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (HKLM-x32\...\{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (HKLM\...\{8338783A-0968-3B85-AFC7-BAAE0A63DC50}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM-x32\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{f0080ca2-80ae-4958-b6eb-e8fa916d744a}) (Version: 11.0.61030.0 - Корпорация Майкрософт)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Works (HKLM-x32\...\{A2A0A82F-025F-458d-A0CD-9BB2320804B5}) (Version: 08.05.0822 - Microsoft Corporation)
Microsoft XML Parser SDK (HKLM-x32\...\{2E819828-BC8D-4177-BEBB-425FAFF89E6B}) (Version: 8.70.1104.04 - Microsoft Corporation)
MotioninJoy Gamepad tool 0.7.1001 (HKLM\...\{330DAC67-5B62-452A-A0E4-6B4A5923940F}_is1) (Version: 0.7.1001 - www.motioninjoy.com)
Mozilla Firefox 38.0.5 (x86 nl) (HKLM-x32\...\Mozilla Firefox 38.0.5 (x86 nl)) (Version: 38.0.5 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 38.0.1 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP2 Parser and SDK (HKLM-x32\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
NCLauncher (plaync) (HKLM-x32\...\NCLauncher_plaync) (Version:  - NCSOFT)
Network Magic (HKLM-x32\...\Network MagicUninstall) (Version: 5.5.9195.0 - Cisco Systems, Inc.)
Nexus Mod Manager (HKLM\...\6af12c54-643b-4752-87d0-8335503010de_is1) (Version: 0.46.0 - Black Tree Gaming)
NIF Utilities 3.7.3.265452180 for 3ds Max (HKLM\...\NIF Utilities for 3ds Max_is1) (Version:  - NIF File Format Library and Tools)
NifSkope (remove only) (HKLM-x32\...\NifSkope) (Version:  - )
NVIDIA 3D Vision controllerstuurprogramma 352.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 352.65 - NVIDIA Corporation)
NVIDIA 3D Vision stuurprogramma 353.06 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 353.06 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.4.1.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.4.1.21 - NVIDIA Corporation)
NVIDIA Grafisch stuurprogramma 353.06 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 353.06 - NVIDIA Corporation)
NVIDIA HD Audio-stuurprogramma 1.3.34.3 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.3 - NVIDIA Corporation)
NVIDIA PhysX Systeem Software 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
Origin (HKLM-x32\...\Origin) (Version: 9.0.15.65 - Electronic Arts, Inc.)
PerformanceTest v7.0 (64-bit) (HKLM\...\PerformanceTest 7_is1) (Version: 7.0 - Passmark Software)
PG583_64_inf (HKLM\...\{F7BBC6A1-A3C9-4745-BFFF-6BAA485D89C3}) (Version: 6.01.0042 - YUAN)
Plantronics® GameCom 780 Software for Dolby® Headphone (HKLM-x32\...\{EB3C9064-9140-4279-9E51-965119402151}) (Version: 3.10.0001 - Plantronics)
Popcorn Time (HKLM-x32\...\Popcorn Time_is1) (Version: Beta 5.2.1 - Popcorn Time)
Popcorn Time (HKU\S-1-5-21-3843000899-3653866797-3830101878-1000\...\Popcorn Time) (Version:  - Popcorn Official)
Princess Evangile (HKLM-x32\...\Princess Evangile_is1) (Version: 1.0 - MangaGamer)
Pure Networks Platform (x32 Version: 11.2.09195.1 - Pure Networks) Hidden
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version:  - Realtek Semiconductor Corp.)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{DC24971E-1946-445D-8A82-CE685433FA7D}) (Version:  - Realtek Semiconductor Corp.)
Revo Uninstaller 1.94 (HKLM-x32\...\Revo Uninstaller) (Version: 1.94 - VS Revo Group)
Scan (x32 Version: 13.0.0.0 - Hewlett-Packard) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
Service Pack 2 for Microsoft Office 2010 Language Pack (KB2687449) 32-Bit Edition (HKLM-x32\...\{90140000-0100-0413-0000-0000000FF1CE}_Office14.OMUI.nl-nl_{2ABAC676-CF18-432C-B4B2-54F12AD59929}) (Version:  - Microsoft)
SHIELD Streaming (Version: 4.1.1000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 2.4.1.21 - NVIDIA Corporation) Hidden
Sid Meiers Civilization - Beyond Earth (HKLM-x32\...\Sid Meiers Civilization - Beyond Earth_R.G. Mechanics_is1) (Version:  - R.G. Mechanics, markfiter)
Sid Meier's Civilization 5 (HKLM-x32\...\Sid Meier's Civilization 5_R.G. Mechanics_is1) (Version:  - R.G. Mechanics, Panky)
Skins (x32 Version: 2008.1003.1759.30358 - ATI) Hidden
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.4.0.9058 - Microsoft Corporation)
Skype™ 7.4 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.4.102 - Skype Technologies S.A.)
Smart Technology Programming Software 7.0.27.13 (HKLM\...\{BD90BC1C-115D-47E1-B85C-07AE182C3AB8}) (Version: 7.0.27.13 - Mad Catz)
SmartWebPrinting (x32 Version: 130.0.457.000 - Hewlett-Packard) Hidden
SolutionCenter (x32 Version: 130.0.373.000 - Hewlett-Packard) Hidden
SpyHunter 4 (HKLM-x32\...\SpyHunter) (Version: 4.19.13.4482 - Enigma Software Group, LLC)
Status (x32 Version: 130.0.469.000 - Hewlett-Packard) Hidden
Steam (HKLM-x32\...\Steam) (Version:  - Valve Corporation)
Stellar Phoenix Windows Data Recovery - Professional (HKLM-x32\...\Stellar Phoenix Windows Data Recovery - Professional_is1) (Version: 5.0.0.2 - Stellar Information Systems Ltd)
Stuurprogrammapakket voor Windows - YUAN High-Tech Development Co. Ltd. (OmniTV) Media  (12/14/2007 6.1.64.42) (HKLM\...\C5AA3B5CB0B86D325AD6960FFC90ABB1076B8FA7) (Version: 12/14/2007 6.1.64.42 - YUAN High-Tech Development Co. Ltd.)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
System Requirements Lab (HKLM-x32\...\{9E1BAB75-EB78-440D-94C0-A3857BE2E733}) (Version: 4.1.71.0 - Husdawg, LLC)
System Requirements Lab CYRI (HKLM-x32\...\{6C8C4577-8E15-4C63-96ED-D40F2072FF74}) (Version: 6.0.19.0 - Husdawg, LLC)
Taalpakket voor Microsoft .NET Framework 3.5 SP1 - NL (HKLM\...\Microsoft .NET Framework 3.5 Language Pack SP1 - nld) (Version:  - Microsoft Corporation)
Taalpakket voor Microsoft Visual Studio 2010 Tools for Office Runtime (x64) - NLD (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64) Language Pack - NLD) (Version: 10.0.50903 - Microsoft Corporation)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.15 - TeamSpeak Systems GmbH)
TERA (HKLM-x32\...\{A2F166A0-F031-4E27-A057-C69733219434}_is1) (Version: 28 - Gameforge Productions GmbH)
Toolbox (x32 Version: 130.0.648.000 - Hewlett-Packard) Hidden
TrayApp (x32 Version: 130.0.422.000 - Hewlett-Packard) Hidden
Tweaking.com - Windows Repair (HKLM-x32\...\Tweaking.com - Windows Repair) (Version: 3.2.1 - Tweaking.com)
Ubisoft Game Launcher (HKLM-x32\...\{888F1505-C2B3-4FDE-835D-36353EBD4754}) (Version: 1.0.0.0 - UBISOFT)
Unity Web Player (HKU\S-1-5-21-3843000899-3653866797-3830101878-1000\...\UnityWebPlayer) (Version:  - Unity Technologies ApS)
UnloadSupport (x32 Version: 11.0.0 - Hewlett-Packard) Hidden
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update voor Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0413-0000-0000000FF1CE}_HOMESTUDENTR_{5CF7002F-6F49-4482-9564-5614FBE560FA}) (Version:  - Microsoft)
Update voor Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0413-0000-0000000FF1CE}_HOMESTUDENTR_{15D84E79-1ED7-42C5-B2FD-745C3FBDDDC5}) (Version:  - Microsoft)
Update voor Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0413-0000-0000000FF1CE}_HOMESTUDENTR_{A66AE6A1-8D8C-4102-BC18-38CBDE40F809}) (Version:  - Microsoft)
Uplay (HKLM-x32\...\Uplay) (Version: 3.0 - Ubisoft)
Utility (x32 Version: 2.00.000 - Uw bedrijfsnaam) Hidden
VC80CRTRedist - 8.0.50727.4053 (x32 Version: 1.1.0 - DivX, Inc) Hidden
Veoh Giraffic Video Accelerator (HKLM-x32\...\Giraffic) (Version: 0.86.412.230 - Giraffic)
VoiceAttack (HKLM-x32\...\{FBABC026-02F7-46D5-A0F9-3D355D3C3133}) (Version: 1.5.7 - VoiceAttack.com)
WebReg (x32 Version: 130.0.132.017 - Hewlett-Packard) Hidden
Winamp (HKLM-x32\...\Winamp) (Version: 5.63  - Nullsoft, Inc)
Winamp Applicatie Detect (HKU\S-1-5-21-3843000899-3653866797-3830101878-1000\...\Winamp Detect) (Version: 1.0.0.1 - Nullsoft, Inc)
Windows Installer Clean Up (HKLM-x32\...\{121634B0-2F4B-11D3-ADA3-00C04F52DD52}) (Version: 3.00.00.0000 - Microsoft Corporation)
Windows Live ID Sign-in Assistant (HKLM\...\{9B48B0AC-C813-4174-9042-476A887592C7}) (Version: 6.500.3165.0 - Microsoft Corporation)
Windows Media Player Firefox Plugin (HKLM-x32\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
WinPatrol (HKLM-x32\...\{6A206A04-6BC1-411B-AA04-4E52EDEEADF2}) (Version: 33.5.2015.12 - Ruiware)
WinRAR archiver (HKLM\...\WinRAR archiver) (Version:  - )
World of Warcraft (HKLM-x32\...\World of Warcraft) (Version:  - Blizzard Entertainment)
XviD MPEG-4 Video Codec (HKLM-x32\...\xvid) (Version:  - XviD Development Team)
Zero Assumption Recovery Version 8.3 (HKLM-x32\...\Zero Assumption Recovery_is1) (Version:  - )
Zylom Games Player Plugin (HKLM-x32\...\Zylom Games Player Plugin) (Version:  - Zylom Games)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-3843000899-3653866797-3830101878-1000_Classes\CLSID\{de41a694-492d-4ad7-b756-1ba88599cc94}\InprocServer32 -> C:\Windows\system32\dfshim.dll (Microsoft Corporation)

==================== Restore Points =========================

31-05-2015 12:59:30 Controlepunt van HitmanPro
31-05-2015 13:00:54 Controlepunt van HitmanPro
31-05-2015 13:29:25 Controlepunt van HitmanPro
31-05-2015 19:26:07 Configured Microsoft Office Home and Student 2007
01-06-2015 01:04:43 Installed Microsoft Fix it 50267
01-06-2015 01:44:03 Installed Microsoft Fix it 50267
02-06-2015 02:55:59 Removed System Requirements Lab CYRI
03-06-2015 12:08:16 Windows Update

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2015-06-01 01:44 - 2015-06-03 02:21 - 00000855 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1       localhost

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {1172CECD-0689-414A-AA8A-8C81A943DE81} - System32\Tasks\{B1BA947D-EF4D-456B-9910-C791A3FAAAF0} => pcalua.exe -a "C:\Program Files (x86)\Steam\steam.exe" -c steam://uninstall/13140
Task: {12EB53D8-D31B-48F4-8903-29ACEC3750A4} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-05-07] (Microsoft Corporation)
Task: {169EB111-B9EB-4B6A-9EAF-36F48C20E5CB} - System32\Tasks\{01EA28C4-22E8-4436-8F04-A2D3E630222B} => pcalua.exe -a "C:\Program Files (x86)\Origin Games\Dragon Age Origins  Awakening\Dragon Age Origins Awakening_code.exe" -d "C:\Program Files (x86)\Origin Games\Dragon Age Origins  Awakening"
Task: {190FD03A-8BE5-4D42-968D-34341F088B34} - System32\Tasks\Microsoft\Windows\Windows Activation Technologies\ValidationTask => C:\Windows\system32\Wat\WatAdminSvc.exe [2010-06-12] (Microsoft Corporation)
Task: {26159BA0-B1A8-40C5-A75E-072D58DEA62D} - System32\Tasks\{92D1451B-A7AF-4BF0-8C49-F48122ED93F1} => pcalua.exe -a C:\Users\Acer\Desktop\bw-da103.exe -d C:\Users\Acer\Desktop
Task: {2FC3879D-78BE-4D18-A10E-D073F856AE80} - System32\Tasks\Tweaking.com - Windows Repair Tray Icon => C:\Program Files (x86)\Tweaking.com\Windows Repair (All in One)\WR_Tray_Icon.exe [2015-03-12] (Tweaking.com)
Task: {30DD8F89-DA09-4A68-98E3-9B5D0349524A} - System32\Tasks\{82D96031-99A6-4347-A4D2-34AFBCDB1F2D} => Firefox.exe http://ui.skype.com/ui/0/5.5.59.124/nl/abandoninstall?source=lightinstaller&page=tsMain&installinfo=google-toolbar:notoffered;notincluded,google-chrome:notoffered;disabled
Task: {37A63E32-214C-4BC3-8C27-2AA72988558F} - System32\Tasks\Microsoft\Windows\Application Experience\Microsoft Compatibility Appraiser => C:\Windows\system32\compattel\DiagTrackRunner.exe [2015-03-16] (Microsoft Corporation)
Task: {3D35EC74-7985-4649-80B4-6711C5D21234} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle => C:\Windows\system32\GWX\GWX.exe [2015-05-07] (Microsoft Corporation)
Task: {48C96A96-EF7D-456B-B9B1-DA5F95C29DF0} - System32\Tasks\{9BCE9E7A-1020-4777-B151-BF1245C5FC89} => D:\WoW-4.0.0-WOW-enGB-Installer.exe
Task: {5654AC4C-1D73-4919-B9E3-7AB1BCE0BB19} - System32\Tasks\Defraggler Volume D Task => C:\Program Files\Defraggler\df64.exe [2012-06-06] (Piriform Ltd)
Task: {57298008-CAC3-4628-AEEF-035384436668} - System32\Tasks\{FC9121D8-DBB4-48B7-B0E1-DF75C67CC84F} => pcalua.exe -a D:\msicuu2.exe -d "C:\Program Files (x86)\Mozilla Firefox"
Task: {587E0FD1-84F8-42E9-8E2F-C5FAB1ABF7A1} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-12-19] (Adobe Systems Incorporated)
Task: {5BCDB559-A258-45C5-BAED-AABB3BF12F9D} - System32\Tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess => C:\Windows\system32\GWX\GWX.exe [2015-05-07] (Microsoft Corporation)
Task: {5CD39F5D-609C-47DC-BC43-2EAD2D3DC801} - System32\Tasks\Defraggler Volume K Task => C:\Program Files\Defraggler\df64.exe [2012-06-06] (Piriform Ltd)
Task: {677262FB-4A9D-41E7-89BA-97924981907F} - System32\Tasks\{DE1F9672-53AE-44E4-A15C-B4FBF14E6390} => pcalua.exe -a "D:\Program Files (x86)\Dragon Age Origins  Awakening\Dragon Age Origins Awakening_code.exe" -d "D:\Program Files (x86)\Dragon Age Origins  Awakening"
Task: {67890716-0508-403F-9E89-E444F7405AD0} - \ReAgentc No Task File <==== ATTENTION
Task: {68CA6F94-8B6B-4931-94C1-363B8CDFDC8A} - System32\Tasks\{95D65F5C-276F-4211-A943-5DC9F42D2118} => Firefox.exe http://ui.skype.com/ui/0/6.22.64.107/nl/abandoninstall?source=lightinstaller&amp;page=tsBing
Task: {6DF68A0E-1E61-4C6C-8C74-92A02A4EA43D} - System32\Tasks\{A6D5B587-83C4-4022-82EB-7098E11FB074} => D:\Program Files (x86)\Total War Shogun 2\Shogun2.exe
Task: {712C6861-2B14-4E72-92BA-22B6921FE2B7} - System32\Tasks\Microsoft\Windows\Wired\GatherWiredInfo => C:\Windows\system32\gatherWiredInfo.vbs
Task: {744BF2F7-52E0-443D-8A9C-3ABE45913B56} - System32\Tasks\{8797FFC9-CC9B-469F-A4B4-84FB4349C347} => Firefox.exe http://ui.skype.com/ui/0/5.5.59.124/nl/abandoninstall?source=lightinstaller&amp;page=tsProblems&amp;LastError=12002&amp;installinfo=google-toolbar:notoffered;notincluded,google-chrome:notoffered;disabled
Task: {780980C1-F688-4041-83D6-82AF68B5D8AD} - System32\Tasks\{993E03A0-5FDE-4473-A3E5-E633F4BB6D2E} => pcalua.exe -a "D:\games\Dragon Age\DAOriginsLauncher.exe" -d "D:\Games\Dragon Age"
Task: {7C98DEF8-5959-4A7B-94CC-BA121CFFE08E} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\Logon => C:\Windows\system32\GWX\GWX.exe [2015-05-07] (Microsoft Corporation)
Task: {7E972D6C-23E3-4073-8F23-69F6D49D30F5} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-05-29] (Google Inc.)
Task: {A49678F0-B20D-48E5-AD49-5F6E6528A272} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-05-08] (Piriform Ltd)
Task: {AAE3CBE1-C122-4CFA-B264-BD0684035028} - System32\Tasks\{E25025C6-5CF8-471E-9CEE-863D0846FBD2} => Firefox.exe http://www.skype.com/go/downloading?source=lightinstaller&amp;ver=5.5.59.124&amp;LastError=12002
Task: {AF0C8A2F-3F3B-44C6-9A90-4851BD6488C3} - System32\Tasks\McDefragTask => c:\PROGRA~2\mcafee\mqc\QcConsol.exe
Task: {AFAEE4A8-5A86-435C-A2A3-A952A4EAE111} - System32\Tasks\{D64EBA04-DF7F-4E5D-8F1F-F902E9A09CB4} => pcalua.exe -a "D:\Program Files (x86)\Dragon Age Origins  Awakening\DragonAgeAwakeningInstaller.exe" -d "D:\Program Files (x86)\Dragon Age Origins  Awakening"
Task: {B385C08A-1AAB-4D0C-893B-72CDFC9AB549} - System32\Tasks\{9B7F7725-7189-4748-87BF-15DCDB59EB3A} => Firefox.exe
Task: {B8B72AAA-E066-4EEA-A54D-82392D2FF948} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => schtasks
Task: {C42CCCAC-1EAB-49F2-9844-76EDED0FDB00} - System32\Tasks\Defraggler Volume C Task => C:\Program Files\Defraggler\df64.exe [2012-06-06] (Piriform Ltd)
Task: {CA8D7632-1601-4540-B4C7-FC9045FBDA3A} - System32\Tasks\{DC77722F-9C20-4312-BE42-A7748547C7EF} => pcalua.exe -a "C:\Program Files (x86)\Origin Games\Dragon Age Origins  Awakening\DragonAgeAwakeningInstaller.exe" -d "C:\Program Files (x86)\Origin Games\Dragon Age Origins  Awakening"
Task: {D70FB743-1609-4F41-9768-F2349B09C728} - System32\Tasks\{95CB7987-DEA5-46DC-91C7-A6AB4E37EA79} => Firefox.exe http://ui.skype.com/ui/0/5.5.59.124/nl/abandoninstall?source=lightinstaller&amp;page=tsProblems&amp;LastError=12002&amp;installinfo=google-toolbar:notoffered;notincluded,google-chrome:notoffered;disabled
Task: {D81D8541-4B2B-4889-ABDF-1FD90927C42C} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-05-29] (Adobe Systems Incorporated)
Task: {E91D6474-70CC-42BE-80FF-8BED8AF557ED} - System32\Tasks\Microsoft\Windows\Wireless\GatherWirelessInfo => C:\Windows\system32\gatherWirelessInfo.vbs
Task: {EA25612C-AB1F-427F-A536-FE2AB3647270} - System32\Tasks\McQcTask => c:\PROGRA~2\mcafee\mqc\QcConsol.exe
Task: {FDBD688C-264A-455A-A9AF-74CD8014CEE9} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-05-29] (Google Inc.)
Task: {FE669485-4ABE-4C27-A280-C3FDA847B493} - System32\Tasks\{3083833C-D298-48DD-9FA6-0752FC85A227} => pcalua.exe -a "C:\Program Files (x86)\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\Uninstall.exe" -d "C:\Program Files (x86)\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS"
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\Defraggler Volume C Task.job => C:\Program Files\Defraggler\df64.exe
Task: C:\Windows\Tasks\Defraggler Volume D Task.job => C:\Program Files\Defraggler\df64.exe
Task: C:\Windows\Tasks\Defraggler Volume K Task.job => C:\Program Files\Defraggler\df64.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\{BB149A2A-005D-49BE-9A49-547B5D48854C}.job => C:\Program Files (x86)\Skype\Phone\Skype.exe

==================== Loaded Modules (Whitelisted) ==============

2007-06-05 14:20 - 2007-06-05 14:20 - 00177704 _____ () C:\Windows\SysWOW64\PSIService.exe
2008-10-25 04:10 - 2008-10-25 04:10 - 00341280 _____ () C:\Program Files (x86)\SiteAdvisor\6172\SAService.exe
2013-01-18 14:21 - 2015-05-28 06:15 - 00116368 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2014-03-04 22:49 - 2011-12-01 21:15 - 00777448 ____N () C:\Program Files\Plantronics\GameCom780\GameCom780.exe
2008-10-25 04:23 - 2008-05-20 17:50 - 00204908 _____ () C:\Program Files (x86)\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\PCMMediaSharing.exe
2014-10-09 22:25 - 2014-10-09 22:25 - 00016384 ____N () C:\Users\Acer\AppData\Local\Apps\2.0\BJ21XHJM.B4N\HECZCCT6.4XB\curs..tion_9e9e83ddf3ed3ead_0005.0001_36a9b62a0ea0a2ec\Curse.CurseClient.WowDb.dll
2014-10-09 22:25 - 2014-10-09 22:25 - 00035840 ____N () C:\Users\Acer\AppData\Local\Apps\2.0\BJ21XHJM.B4N\HECZCCT6.4XB\curs..tion_9e9e83ddf3ed3ead_0005.0001_36a9b62a0ea0a2ec\Curse.Advertising.dll
2014-10-09 22:25 - 2014-10-09 22:25 - 00099840 ____N () C:\Users\Acer\AppData\Local\Apps\2.0\BJ21XHJM.B4N\HECZCCT6.4XB\curs..tion_9e9e83ddf3ed3ead_0005.0001_36a9b62a0ea0a2ec\Curse.CurseClient.CMOD2.dll
2015-05-04 21:25 - 2015-05-04 21:25 - 00055576 _____ () C:\Program Files\CCleaner\branding.dll
2015-05-08 20:50 - 2015-05-08 20:50 - 00065536 _____ () C:\Program Files\CCleaner\lang\lang-1043.dll
2014-05-14 18:45 - 2014-05-14 18:45 - 00090624 _____ () C:\Program Files (x86)\PasswordBox\libwebsocketswin32.dll
2008-10-25 04:10 - 2008-10-25 04:10 - 00111904 _____ () C:\Program Files (x86)\SiteAdvisor\6172\APEngine.dll
2008-10-25 04:10 - 2008-10-25 04:10 - 00070432 _____ () C:\Program Files (x86)\SiteAdvisor\6172\McFrmWk.dll
2008-10-25 04:10 - 2008-10-25 04:10 - 00116000 _____ () C:\Program Files (x86)\SiteAdvisor\6172\CntScan.dll
2015-03-31 16:18 - 2015-03-28 05:45 - 00011920 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2014-03-04 22:49 - 2011-12-01 21:16 - 00150760 ____N () C:\Program Files\Plantronics\GameCom780\VmixPLGC.dll
2009-07-13 18:37 - 2009-07-13 18:37 - 00152112 _____ () C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\CAntiVirusCOM.dll
2009-07-13 18:37 - 2009-07-13 18:37 - 00098304 _____ () C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\CFireWallCOM.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\ProgramData:$SS_DESCRIPTOR_LVVWVBGV0VFBTLX4D06YH7LVUTPXGJMBKE1R0WT1VH7E24F7PHCTVF4VMVFVVX4VM
AlternateDataStreams: C:\Users\All Users:$SS_DESCRIPTOR_LVVWVBGV0VFBTLX4D06YH7LVUTPXGJMBKE1R0WT1VH7E24F7PHCTVF4VMVFVVX4VM
AlternateDataStreams: C:\ProgramData\Application Data:$SS_DESCRIPTOR_LVVWVBGV0VFBTLX4D06YH7LVUTPXGJMBKE1R0WT1VH7E24F7PHCTVF4VMVFVVX4VM
AlternateDataStreams: C:\ProgramData\TEMP:C895616B
AlternateDataStreams: C:\ProgramData\TEMP:D5FBE8F9

==================== Safe Mode (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\49231621.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\49231621.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcmscsvc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MCODS => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MpfService => ""="Service"

==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\.DEFAULT\...\clonewarsadventures.com -> clonewarsadventures.com
IE trusted site: HKU\.DEFAULT\...\freerealms.com -> freerealms.com
IE trusted site: HKU\.DEFAULT\...\soe.com -> soe.com
IE trusted site: HKU\.DEFAULT\...\sony.com -> sony.com


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3843000899-3653866797-3830101878-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Acer\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 213.46.228.196 - 62.179.104.196

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [TCP Query User{3BD919F1-FA54-4F13-A0C5-1EE0375918B4}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{F4148493-9466-4A23-9293-68C833A7C922}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{30087649-2E6D-4079-9310-54ACC61422D5}] => (Allow) C:\Program Files (x86)\uTorrent\uTorrent.exe
FirewallRules: [{1E029F69-1C87-4624-AAB9-DACE4F4BBA83}] => (Allow) C:\Program Files (x86)\uTorrent\uTorrent.exe
FirewallRules: [TCP Query User{8827E590-24F9-4BDC-B81B-8AD4455A29D6}C:\users\acer\appdata\local\popcorn time\node-webkit\popcorn time.exe] => (Allow) C:\users\acer\appdata\local\popcorn time\node-webkit\popcorn time.exe
FirewallRules: [UDP Query User{16DEC676-119D-485F-B01B-8C6E88ACC20F}C:\users\acer\appdata\local\popcorn time\node-webkit\popcorn time.exe] => (Allow) C:\users\acer\appdata\local\popcorn time\node-webkit\popcorn time.exe
FirewallRules: [{91F3399D-905A-4EFC-8D98-2BED76207285}] => (Allow) C:\Users\Acer\AppData\Local\Apps\2.0\BJ21XHJM.B4N\HECZCCT6.4XB\curs..tion_9e9e83ddf3ed3ead_0005.0001_36a9b62a0ea0a2ec\CurseClient.exe
FirewallRules: [{77024782-88A1-4070-97A1-25F1186D78E7}] => (Allow) C:\Users\Acer\AppData\Local\Apps\2.0\BJ21XHJM.B4N\HECZCCT6.4XB\curs..tion_9e9e83ddf3ed3ead_0005.0001_36a9b62a0ea0a2ec\CurseClient.exe
FirewallRules: [{7F05C31F-1C84-4432-9EE2-8DF5245252AD}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{F11B78F8-BA69-466E-95BA-760ECEAFF143}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{B6663D0E-AECE-4EEF-BE0C-A41AD08261A0}C:\program files (x86)\popcorn time\chromecast\node.exe] => (Allow) C:\program files (x86)\popcorn time\chromecast\node.exe
FirewallRules: [UDP Query User{3D890EAC-B9FD-42E1-ADBB-3CD2F52B2B07}C:\program files (x86)\popcorn time\chromecast\node.exe] => (Allow) C:\program files (x86)\popcorn time\chromecast\node.exe
FirewallRules: [TCP Query User{AAD45B50-9FF9-4E83-A27B-6A3A4521D47C}C:\program files (x86)\popcorn time\popcorntimedesktop.exe] => (Allow) C:\program files (x86)\popcorn time\popcorntimedesktop.exe
FirewallRules: [UDP Query User{E659DBB6-A5C9-431E-B8ED-8703BC094E72}C:\program files (x86)\popcorn time\popcorntimedesktop.exe] => (Allow) C:\program files (x86)\popcorn time\popcorntimedesktop.exe

==================== Faulty Device Manager Devices =============

Name: ST500DM002-1BD142 ATA Device
Description: Schijfstation
Class Guid: {4d36e967-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standaardschijfstations)
Service: disk
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Standaard-PS/2-toetsenbord
Description: Standaard-PS/2-toetsenbord
Class Guid: {4d36e96b-e325-11ce-bfc1-08002be10318}
Manufacturer: (standaardtoetsenbord)
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: adgnetworktdi
Description: adgnetworktdi
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: adgnetworktdi
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: Microsoft PS/2-muis
Description: Microsoft PS/2-muis
Class Guid: {4d36e96f-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: AODDriver4.01
Description: AODDriver4.01
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: AODDriver4.01
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.


==================== Event log errors: =========================

Application errors:
==================
Error: (06/03/2015 01:46:09 PM) (Source: usbperf) (EventID: 2001) (User: )
Description: De waarde 'First Counter' onder de sleutel usbperf\Performance kan niet worden gelezen. Raadpleeg de gegevens voor de statuscodes.

Error: (06/03/2015 00:43:27 PM) (Source: Windows Search Service) (EventID: 10021) (User: )
Description: Kan geen registerinformatie van prestatiemeteritems lezen voor WSearchIdxPi, voor exemplaar  , vanwege de volgende fout: De bewerking is voltooid.   0x0.

Error: (06/03/2015 00:43:18 PM) (Source: Windows Search Service) (EventID: 3007) (User: )
Description: De prestatiemeter voor het gegevensverzamelaarobject kan niet worden geïnitialiseerd omdat de items niet zijn geladen of het gedeelde geheugen niet kan worden geopend. Dit is alleen van invloed op de beschikbaarheid van de prestatiemeteritems. Start de computer opnieuw op.

Context: toepassing , catalogus SystemIndex

Error: (06/03/2015 00:43:17 PM) (Source: Windows Search Service) (EventID: 3006) (User: )
Description: De prestatiemeter voor de gegevensverzamelaarservice kan niet worden geïnitialiseerd omdat de items niet zijn geladen of het gedeelde geheugen niet kan worden geopend. Dit is alleen van invloed op de beschikbaarheid van de prestatiemeteritems. Start de computer opnieuw op.

Error: (06/03/2015 00:43:01 PM) (Source: RaySat_3dsmax2012_64 Server) (EventID: 2) (User: )
Description: (1507) getservbyname: De aangevraagde naam is geldig, maar er zijn geen gegevens van het aangevraagde type gevonden. (0x2afc)

Error: (06/03/2015 00:40:24 PM) (Source: NvStreamSvc) (EventID: 2001) (User: )
Description: NvStreamSvcSSAU restarted too many times in a short period. Aborting. [0]

Error: (06/03/2015 11:05:18 AM) (Source: usbperf) (EventID: 2001) (User: )
Description: De waarde 'First Counter' onder de sleutel usbperf\Performance kan niet worden gelezen. Raadpleeg de gegevens voor de statuscodes.

Error: (06/03/2015 10:56:29 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Naam van toepassing met fout: NVNetworkService.exe, versie: 2.3.7.63, tijdstempel: 0x55574610
Naam van module met fout: NVNetworkService.exe, versie: 2.3.7.63, tijdstempel: 0x55574610
Uitzonderingscode: 0x40000015
Foutoffset: 0x000dd6ce
Id van proces met fout: 0x10f4
Starttijd van toepassing met fout: 0xNVNetworkService.exe0
Pad naar toepassing met fout: NVNetworkService.exe1
Pad naar module met fout: NVNetworkService.exe2
Rapport-id: NVNetworkService.exe3

Error: (06/03/2015 10:05:16 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Naam van toepassing met fout: NvStreamNetworkService.exe, versie: 4.1.1943.6202, tijdstempel: 0x551399be
Naam van module met fout: NvStreamNetworkService.exe, versie: 4.1.1943.6202, tijdstempel: 0x551399be
Uitzonderingscode: 0xc0000005
Foutoffset: 0x00000000004e920f
Id van proces met fout: 0x1130
Starttijd van toepassing met fout: 0xNvStreamNetworkService.exe0
Pad naar toepassing met fout: NvStreamNetworkService.exe1
Pad naar module met fout: NvStreamNetworkService.exe2
Rapport-id: NvStreamNetworkService.exe3

Error: (06/03/2015 10:05:13 AM) (Source: .NET Runtime Optimization Service) (EventID: 1103) (User: )
Description: .NET Runtime Optimization Service (clr_optimization_v2.0.50727_32) - Tried to start a service that wasn't the latest version of CLR Optimization service. Will shutdown


System errors:
=============
Error: (06/03/2015 00:53:13 PM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: ScRegSetValueExW-oproep voor FailureCommand is niet geslaagd vanwege deze fout:
%%5.

Error: (06/03/2015 00:52:39 PM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: ScRegSetValueExW-oproep voor Start is niet geslaagd vanwege deze fout:
%%5.

Error: (06/03/2015 00:43:44 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: De volgende opstartstuurprogramma's zijn niet geladen:
adgnetworktdi
NetworkX

Error: (06/03/2015 00:42:49 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: De Crypkey License-service kan vanwege de volgende fout niet worden gestart:
%%2

Error: (06/03/2015 00:42:46 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: De AODDriver4.01-service kan vanwege de volgende fout niet worden gestart:
%%3

Error: (06/03/2015 00:42:46 PM) (Source: NETLOGON) (EventID: 3095) (User: )
Description: Deze computer is geconfigureerd als lid van een werkgroep, niet als
lid van een domein. De NetLogon-service hoeft niet te worden gestart in
deze configuratie.

Error: (06/03/2015 10:05:06 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: De volgende opstartstuurprogramma's zijn niet geladen:
adgnetworktdi
NetworkX

Error: (06/03/2015 10:02:36 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: De Crypkey License-service kan vanwege de volgende fout niet worden gestart:
%%2

Error: (06/03/2015 10:02:19 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: De AODDriver4.01-service kan vanwege de volgende fout niet worden gestart:
%%3

Error: (06/03/2015 10:02:16 AM) (Source: NETLOGON) (EventID: 3095) (User: )
Description: Deze computer is geconfigureerd als lid van een werkgroep, niet als
lid van een domein. De NetLogon-service hoeft niet te worden gestart in
deze configuratie.


Microsoft Office:
=========================

CodeIntegrity Errors:
===================================
  Date: 2010-08-11 19:51:56.665
  Description: De integriteit van de kopie van het bestand \Device\HarddiskVolume2\Program Files\PeerGuardian2\pgfilter.sys kan niet worden geverifieerd omdat de bestands-hash niet is gevonden op het systeem. Tijdens een recente hardware- of softwarewijziging is mogelijk een bestand geïnstalleerd dat onjuist ondertekend of beschadigd is, of dat mogelijk kwaadwillende software van een onbekende bron is.

  Date: 2010-08-11 19:51:56.659
  Description: De integriteit van de kopie van het bestand \Device\HarddiskVolume2\Program Files\PeerGuardian2\pgfilter.sys kan niet worden geverifieerd omdat de bestands-hash niet is gevonden op het systeem. Tijdens een recente hardware- of softwarewijziging is mogelijk een bestand geïnstalleerd dat onjuist ondertekend of beschadigd is, of dat mogelijk kwaadwillende software van een onbekende bron is.

  Date: 2010-08-11 19:51:14.559
  Description: De integriteit van de kopie van het bestand \Device\HarddiskVolume2\Program Files\PeerGuardian2\pgfilter.sys kan niet worden geverifieerd omdat de bestands-hash niet is gevonden op het systeem. Tijdens een recente hardware- of softwarewijziging is mogelijk een bestand geïnstalleerd dat onjuist ondertekend of beschadigd is, of dat mogelijk kwaadwillende software van een onbekende bron is.

  Date: 2010-08-11 19:51:14.552
  Description: De integriteit van de kopie van het bestand \Device\HarddiskVolume2\Program Files\PeerGuardian2\pgfilter.sys kan niet worden geverifieerd omdat de bestands-hash niet is gevonden op het systeem. Tijdens een recente hardware- of softwarewijziging is mogelijk een bestand geïnstalleerd dat onjuist ondertekend of beschadigd is, of dat mogelijk kwaadwillende software van een onbekende bron is.

  Date: 2010-08-11 19:48:03.157
  Description: De integriteit van de kopie van het bestand \Device\HarddiskVolume2\Program Files\PeerGuardian2\pgfilter.sys kan niet worden geverifieerd omdat de bestands-hash niet is gevonden op het systeem. Tijdens een recente hardware- of softwarewijziging is mogelijk een bestand geïnstalleerd dat onjuist ondertekend of beschadigd is, of dat mogelijk kwaadwillende software van een onbekende bron is.

  Date: 2010-08-11 19:48:03.151
  Description: De integriteit van de kopie van het bestand \Device\HarddiskVolume2\Program Files\PeerGuardian2\pgfilter.sys kan niet worden geverifieerd omdat de bestands-hash niet is gevonden op het systeem. Tijdens een recente hardware- of softwarewijziging is mogelijk een bestand geïnstalleerd dat onjuist ondertekend of beschadigd is, of dat mogelijk kwaadwillende software van een onbekende bron is.


==================== Memory info ===========================

Processor: AMD Athlon™ II X4 620 Processor
Percentage of memory in use: 37%
Total physical RAM: 8191.18 MB
Available physical RAM: 5105.68 MB
Total Pagefile: 16380.57 MB
Available Pagefile: 12851.88 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB

==================== Drives ================================

Drive c: (ACER) (Fixed) (Total:235.33 GB) (Free:46.18 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (DATA) (Fixed) (Total:352.99 GB) (Free:148.79 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 698.6 GB) (Disk ID: 6B22F4CA)
Partition 1: (Not Active) - (Size=110.3 GB) - (Type=27)
Partition 2: (Active) - (Size=235.3 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=353 GB) - (Type=07 NTFS)

==================== End of log ============================

 

can result of Farbar Recovery Scan Tool (FRST) (x64) Version:03-06-2015
Ran by Acer (administrator) on PC_VAN_ACER on 03-06-2015 20:54:09
Running from D:\
Loaded Profiles: Acer (Available Profiles: Acer)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Nederlands (Nederland)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Giraffic) C:\Program Files (x86)\Giraffic\Veoh_GirafficWatchdog.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Giraffic) C:\Program Files (x86)\Giraffic\Veoh_Giraffic.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
(McAfee, Inc.) C:\Program Files\McAfee\AppStats\MfeASUM.exe
(Microsoft Corporation) C:\Program Files (x86)\DAODB\MSSQL.1\MSSQL\Binn\sqlservr.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(PasswordBox, Inc.) C:\Program Files (x86)\PasswordBox\pbbtnService.exe
() C:\Windows\SysWOW64\PSIService.exe
() C:\Program Files (x86)\SiteAdvisor\6172\SAService.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Company) C:\Program Files (x86)\Popcorn Time\Updater.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Cisco Systems, Inc.) C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\nmsrvc.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(AMD) C:\Windows\System32\atieclxx.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Realtek Semiconductor) C:\Windows\RAVCpl64.exe
(Logitech Inc.) C:\Program Files\Logitech\GamePanel Software\LGDevAgt.exe
(Logitech Inc.) C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe
(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Linksys\Linksys Wireless Manager\LinksysWirelessManager64.exe
(Saitek) C:\Program Files\SmartTechnology\Software\ProfilerU.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Saitek) C:\Program Files\SmartTechnology\Software\SaiMfd.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
() C:\Program Files\Plantronics\GameCom780\GameCom780.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Ruiware) C:\Program Files (x86)\Ruiware\WinPatrol\WinPatrol.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
() C:\Program Files (x86)\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\PCMMediaSharing.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\nmctxth.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Pure Networks\Network Magic\nmapp.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Curse) C:\Users\Acer\AppData\Local\Apps\2.0\BJ21XHJM.B4N\HECZCCT6.4XB\curs..tion_9e9e83ddf3ed3ead_0005.0001_36a9b62a0ea0a2ec\CurseClient.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Tweaking.com) C:\Program Files (x86)\Tweaking.com\Windows Repair (All in One)\WR_Tray_Icon.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Farbar) D:\FSS.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Skytel] => C:\Windows\Skytel.exe [1826816 2007-11-20] (Realtek Semiconductor Corp.)
HKLM\...\Run: [RtHDVCpl] => C:\Windows\RAVCpl64.exe [6296064 2008-05-20] (Realtek Semiconductor)
HKLM\...\Run: [Linksys Wireless Manager] => C:\Program Files (x86)\Linksys\Linksys Wireless Manager\LinksysWirelessManager.exe [1366064 2009-07-09] (Cisco Systems, Inc.)
HKLM\...\Run: [Launch LgDeviceAgent] => C:\Program Files\Logitech\GamePanel Software\LgDevAgt.exe [415752 2009-08-13] (Logitech Inc.)
HKLM\...\Run: [Launch LGDCore] => C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe [4195848 2009-08-13] (Logitech Inc.)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [2916584 2010-08-12] (ESET)
HKLM\...\Run: [ProfilerU] => C:\Program Files\SmartTechnology\Software\ProfilerU.exe [454144 2013-04-16] (Saitek)
HKLM\...\Run: [SaiMfd] => C:\Program Files\SmartTechnology\Software\SaiMfd.exe [158208 2013-04-16] (Saitek)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2673296 2015-03-28] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [GamecomSound] => C:\Program Files\Plantronics\GameCom780\GameCom780.exe [777448 2011-12-01] ()
HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [1337000 2015-04-30] (Microsoft Corporation)
HKLM-x32\...\Run: [PCMMediaSharing] => C:\Program Files (x86)\Acer Arcade Live\Acer HomeMedia Connect\Kernel\DMS\PCMMediaSharing.exe [204908 2008-05-20] ()
HKLM-x32\...\Run: [nmctxth] => C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\nmctxth.exe [647216 2009-07-07] (Cisco Systems, Inc.)
HKLM-x32\...\Run: [nmapp] => C:\Program Files (x86)\Pure Networks\Network Magic\nmapp.exe [472112 2009-07-08] (Cisco Systems, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [271744 2014-09-26] (Oracle Corporation)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems Incorporated)
HKU\S-1-5-21-3843000899-3653866797-3830101878-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [357696 2010-04-01] (DT Soft Ltd)
HKU\S-1-5-21-3843000899-3653866797-3830101878-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [31280256 2015-04-17] (Skype Technologies S.A.)
HKU\S-1-5-21-3843000899-3653866797-3830101878-1000\...\Run: [GoogleChromeAutoLaunch_7360584B616087257445E78FC1FAACF2] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [813896 2015-05-22] (Google Inc.)
HKU\S-1-5-21-3843000899-3653866797-3830101878-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8322328 2015-05-08] (Piriform Ltd)
HKU\S-1-5-21-3843000899-3653866797-3830101878-1000\...\Run: [WinPatrol] => C:\Program Files (x86)\Ruiware\WinPatrol\winpatrol.exe [1238152 2015-05-17] (Ruiware)
HKU\S-1-5-21-3843000899-3653866797-3830101878-1000\...\MountPoints2: {3fd4dcb4-698c-11df-a358-806e6f6e6963} - E:\EE2AutoRun.exe
HKU\S-1-5-21-3843000899-3653866797-3830101878-1000\...\MountPoints2: {f38d1729-3d81-11e3-be3d-00016c6d3d89} - E:\Startme.exe
Startup: C:\Users\Acer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\CurseClientStartup.ccip [2013-09-02] ()

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\.DEFAULT\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-3843000899-3653866797-3830101878-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local: [ActivePolicy] SOFTWARE\Policies\Microsoft\Windows\IPSEC\Policy\Local\ipsecPolicy{c56427ef-91da-4fbb-bd2a-290e4f861ce8} <======= ATTENTION (Policy restriction on IP)
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com
HKU\S-1-5-21-3843000899-3653866797-3830101878-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://nl.msn.com/?ocid=iehp
HKU\S-1-5-21-3843000899-3653866797-3830101878-1000\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.nl/
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\.DEFAULT -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3843000899-3653866797-3830101878-1000 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
BHO: No Name -> {326E768D-4182-46FD-9C16-1449A49795F4} ->  No File
BHO: No Name -> {593DDEC6-7468-4cdd-90E1-42DADAA222E9} ->  No File
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll [2012-09-01] (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [2012-09-01] (Oracle Corporation)
BHO-x32: DivX Plus Web Player HTML5 <video> -> {326E768D-4182-46FD-9C16-1449A49795F4} -> C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll [2011-02-08] (DivX, LLC)
BHO-x32: DivX HiQ -> {593DDEC6-7468-4cdd-90E1-42DADAA222E9} -> C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll [2011-02-08] (DivX, LLC)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2014-09-26] (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2014-09-26] (Oracle Corporation)
DPF: HKLM-x32 {C3F79A2B-B9B4-4A66-B012-3EE46475B072} http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
DPF: HKLM-x32 {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
Handler: pure-go - {4746C79A-2042-4332-8650-48966E44ABA8} - C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\amd64\puresp4.dll [2009-07-14] (Cisco Systems, Inc.)
Handler-x32: pure-go - {4746C79A-2042-4332-8650-48966E44ABA8} - C:\Program Files (x86)\Common Files\Pure Networks Shared\Platform\puresp4.dll [2009-07-14] (Cisco Systems, Inc.)
Handler: siteadvisor - {3A5DC592-7723-4EAA-9EE6-AF4222BCF879} - C:\Program Files (x86)\SiteAdvisor\6172\SiteAd64.dll [2008-10-25] ()
Handler-x32: siteadvisor - {3A5DC592-7723-4EAA-9EE6-AF4222BCF879} - C:\Program Files (x86)\SiteAdvisor\6172\SiteAdv.dll [2007-08-24] ()
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 213.46.228.196 62.179.104.196

FireFox:
========
FF ProfilePath: C:\Users\Acer\AppData\Roaming\Mozilla\Firefox\Profiles\jenrrewu.default-1433191350931
FF Homepage: www.google.nl
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_188.dll [2015-05-29] ()
FF Plugin: @java.com/DTPlugin,version=10.7.2 -> C:\Windows\system32\npDeployJava1.dll [2012-09-01] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.7.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2012-09-01] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-16] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_188.dll [2015-05-29] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1200112.dll [2013-02-18] (Adobe Systems, Inc.)
FF Plugin-x32: @divx.com/DivX Browser Plugin,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll [2011-02-08] (DivX, LLC)
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll [2011-01-24] (DivX, LLC.)
FF Plugin-x32: @java.com/DTPlugin,version=10.71.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll [2014-09-26] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.71.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2014-09-26] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WPF,version=3.5 -> C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation)
FF Plugin-x32: @ncsoft.com/Plugin -> C:\Program Files (x86)\plaync\NCPlugin\npncllm3.dll [2014-11-10] (NCSOFT Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-05-28] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-05-28] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-29] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-29] (Google Inc.)
FF Plugin-x32: @zylom.com/ZylomGamesPlayer -> C:\ProgramData\Zylom\ZylomGamesPlayer\npzylomgamesplayer.dll [2009-10-23] (Zylom)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-05-01] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3843000899-3653866797-3830101878-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Acer\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2012-02-22] (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-3843000899-3653866797-3830101878-1000: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2014-11-19] ()
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2015-05-01] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npwachk.dll [2012-06-28] (Nullsoft, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\Acer\AppData\Roaming\mozilla\plugins\np-mswmp.dll [2007-04-10] (Microsoft Corporation)
FF Extension: PrivacyChoice TrackerBlock - C:\Users\Acer\AppData\Roaming\Mozilla\Firefox\Profiles\jenrrewu.default-1433191350931\Extensions\trackerblock@privacychoice.org.xpi [2015-06-02]
FF Extension: Adblock Plus - C:\Users\Acer\AppData\Roaming\Mozilla\Firefox\Profiles\jenrrewu.default-1433191350931\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-06-02]
FF Extension: DownThemAll! - C:\Users\Acer\AppData\Roaming\Mozilla\Firefox\Profiles\jenrrewu.default-1433191350931\Extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi [2015-06-01]
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2015-06-03]
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird
FF Extension: ESET Smart Security Extension - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2012-08-12]
FF HKLM-x32\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2010-06-04]
FF HKLM-x32\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\html5video
FF Extension: DivX Plus Web Player HTML5 &video& - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\html5video [2011-04-28]
FF HKLM-x32\...\Firefox\Extensions: [{6904342A-8307-11DF-A508-4AE2DFD72085}] - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\wpa
FF Extension: DivX HiQ - C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\wpa [2011-04-28]
FF HKLM-x32\...\Firefox\Extensions: [{B7082FAA-CB62-4872-9106-E42DD88EDE45}] - C:\Program Files (x86)\McAfee\SiteAdvisor
FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird
FF HKU\S-1-5-21-3843000899-3653866797-3830101878-1000\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3

Chrome:
=======
CHR Profile: C:\Users\Acer\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (DivX HiQ) - C:\Users\Acer\AppData\Local\Google\Chrome\User Data\Default\Extensions\fnjbmmemklcjgepojigaapkoodmkgbae [2015-06-01]
CHR Extension: (Bookmark Manager) - C:\Users\Acer\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik [2015-06-01]
CHR Extension: (Google Wallet) - C:\Users\Acer\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-06-01]
CHR Extension: (DivX Plus Web Player HTML5 <video>) - C:\Users\Acer\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm [2015-06-01]
CHR HKLM\...\Chrome\Extension: [fnjbmmemklcjgepojigaapkoodmkgbae] - No Path Or update_url value
CHR HKLM\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - No Path Or update_url value
CHR HKLM-x32\...\Chrome\Extension: [fnjbmmemklcjgepojigaapkoodmkgbae] - C:\Program Files (x86)\DivX\DivX Plus Web Player\google_chrome\wpa\wpa.crx [2011-02-08]
CHR HKLM-x32\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files (x86)\DivX\DivX Plus Web Player\google_chrome\html5video\html5video.crx [2011-02-08]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1394816 2015-05-01] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1772672 2015-05-01] (Microsoft Corporation)
S3 EhttpSrv; C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe [42360 2010-08-12] (ESET)
R2 ekrn; C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [810144 2010-08-12] (ESET)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1152144 2015-03-28] (NVIDIA Corporation)
R2 Giraffic; C:\Program Files (x86)\Giraffic\Veoh_GirafficWatchdog.exe [2245232 2013-05-13] (Giraffic)
R3 hpqcxs08; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll [249344 2009-09-20] (Hewlett-Packard Co.) [File not signed]
R2 hpqddsvc; C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll [133120 2009-09-20] (Hewlett-Packard Co.) [File not signed]
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
R2 LightScribeService; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [61440 2007-01-17] (Hewlett-Packard Company) [File not signed]
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1080120 2015-04-14] (Malwarebytes Corporation)
R2 MfeASUM; C:\Program Files\McAfee\AppStats\MfeASUM.exe [200768 2012-06-16] (McAfee, Inc.)
S2 mi-raysat_3dsmax2012_64; C:\Program Files\Autodesk\3ds Max 2012\mentalimages\satellite\raysat_3dsmax2012_64server.exe [86016 2011-02-22] () [File not signed]
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [23816 2015-04-30] (Microsoft Corporation)
R2 MSSQL$BWDATOOLSET; C:\Program Files (x86)\DAODB\MSSQL.1\MSSQL\Binn\sqlservr.exe [29293408 2010-12-10] (Microsoft Corporation)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed]
R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [366544 2015-04-30] (Microsoft Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1893008 2015-05-23] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [22995600 2015-03-28] (NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [1903472 2014-12-21] (Electronic Arts)
R2 PasswordBox; C:\Program Files (x86)\PasswordBox\pbbtnService.exe [67584 2014-05-14] (PasswordBox, Inc.) [File not signed]
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed]
R2 ProtexisLicensing; C:\Windows\SysWOW64\PSIService.exe [177704 2007-06-05] ()
R2 SiteAdvisor Service; C:\Program Files (x86)\SiteAdvisor\6172\SAService.exe [341280 2008-10-25] ()
R2 Update service; C:\Program Files (x86)\Popcorn Time\Updater.exe [335360 2014-12-17] (Company) [File not signed]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
S2 Crypkey License; crypserv.exe [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R0 ahcix64s; C:\Windows\System32\drivers\ahcix64s.sys [215568 2008-04-02] (AMD Technologies Inc.)
S3 asusgsb; C:\Windows\System32\drivers\asusgsb.sys [17792 2009-02-17] (ASUSTeK Computer Inc.) [File not signed]
R2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [314016 2012-05-06] ()
R2 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [168544 2010-07-29] (ESET)
R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [141264 2010-07-29] (ESET)
R2 epfwwfpr; C:\Windows\System32\DRIVERS\epfwwfpr.sys [126320 2010-07-29] (ESET)
R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [43680 2012-05-06] ()
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-04-14] (Malwarebytes Corporation)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-04-14] (Malwarebytes Corporation)
R1 MfeASKM; C:\Program Files\McAfee\AppStats\MfeASKM.sys [31408 2012-06-16] (McAfee, Inc.)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [280376 2015-03-04] (Microsoft Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [124568 2015-03-04] (Microsoft Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2015-03-28] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [38032 2014-11-22] (NVIDIA Corporation)
S3 PlantronicsGC; C:\Windows\System32\drivers\PLTGC.sys [1328128 2013-02-07] (C-Media Electronics Inc)
R3 SaiK1703; C:\Windows\System32\DRIVERS\SaiK1703.sys [180544 2012-09-20] (Saitek)
R3 SaiMini; C:\Windows\System32\DRIVERS\SaiMini.sys [25120 2013-04-30] (Saitek)
R3 SaiNtBus; C:\Windows\System32\drivers\SaiBus.sys [52640 2013-04-30] (Saitek)
R3 SaiU1703; C:\Windows\System32\DRIVERS\SaiU1703.sys [47168 2012-09-20] (Saitek)
R3 ScpVBus; C:\Windows\System32\DRIVERS\ScpVBus.sys [39168 2013-05-19] (Scarlet.Crush Productions)
U5 VWiFiFlt; C:\Windows\System32\Drivers\VWiFiFlt.sys [59904 2009-07-14] (Microsoft Corporation)
S1 adgnetworktdi; system32\drivers\adgnetworktdi.sys [X]
S2 AODDriver4.01; \??\C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [X]
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
S1 EIO64; system32\DRIVERS\EIO64.sys [X]
S1 NetworkX; \SystemRoot\system32\ckldrv.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-06-03 20:54 - 2015-06-03 20:54 - 00000000 ____D C:\FRST
2015-06-03 12:07 - 2015-05-25 20:24 - 05569984 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-06-03 12:07 - 2015-05-25 20:23 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-06-03 12:07 - 2015-05-25 20:23 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-06-03 12:07 - 2015-05-25 20:21 - 01728960 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-06-03 12:07 - 2015-05-25 20:19 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-06-03 12:07 - 2015-05-25 20:19 - 01255424 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2015-06-03 12:07 - 2015-05-25 20:19 - 01162752 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-06-03 12:07 - 2015-05-25 20:19 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2015-06-03 12:07 - 2015-05-25 20:19 - 00728576 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-06-03 12:07 - 2015-05-25 20:19 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2015-06-03 12:07 - 2015-05-25 20:19 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-06-03 12:07 - 2015-05-25 20:19 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2015-06-03 12:07 - 2015-05-25 20:19 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-06-03 12:07 - 2015-05-25 20:19 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-06-03 12:07 - 2015-05-25 20:19 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-06-03 12:07 - 2015-05-25 20:19 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-06-03 12:07 - 2015-05-25 20:19 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2015-06-03 12:07 - 2015-05-25 20:19 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-06-03 12:07 - 2015-05-25 20:19 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-06-03 12:07 - 2015-05-25 20:19 - 00113664 _____ (Microsoft Corporation) C:\Windows\system32\sechost.dll
2015-06-03 12:07 - 2015-05-25 20:19 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-06-03 12:07 - 2015-05-25 20:19 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2015-06-03 12:07 - 2015-05-25 20:19 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-06-03 12:07 - 2015-05-25 20:19 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-06-03 12:07 - 2015-05-25 20:19 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2015-06-03 12:07 - 2015-05-25 20:19 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-06-03 12:07 - 2015-05-25 20:18 - 00879104 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2015-06-03 12:07 - 2015-05-25 20:18 - 00404992 _____ (Microsoft Corporation) C:\Windows\system32\tracerpt.exe
2015-06-03 12:07 - 2015-05-25 20:18 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2015-06-03 12:07 - 2015-05-25 20:18 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2015-06-03 12:07 - 2015-05-25 20:18 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2015-06-03 12:07 - 2015-05-25 20:18 - 00104448 _____ (Microsoft Corporation) C:\Windows\system32\logman.exe
2015-06-03 12:07 - 2015-05-25 20:18 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-06-03 12:07 - 2015-05-25 20:18 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\typeperf.exe
2015-06-03 12:07 - 2015-05-25 20:18 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2015-06-03 12:07 - 2015-05-25 20:18 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\relog.exe
2015-06-03 12:07 - 2015-05-25 20:18 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-06-03 12:07 - 2015-05-25 20:18 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-06-03 12:07 - 2015-05-25 20:18 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\diskperf.exe
2015-06-03 12:07 - 2015-05-25 20:14 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-06-03 12:07 - 2015-05-25 20:14 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-06-03 12:07 - 2015-05-25 20:11 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-06-03 12:07 - 2015-05-25 20:11 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2015-06-03 12:07 - 2015-05-25 20:11 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-06-03 12:07 - 2015-05-25 20:11 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-06-03 12:07 - 2015-05-25 20:11 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-06-03 12:07 - 2015-05-25 20:11 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-06-03 12:07 - 2015-05-25 20:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-06-03 12:07 - 2015-05-25 20:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-06-03 12:07 - 2015-05-25 20:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-06-03 12:07 - 2015-05-25 20:11 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-06-03 12:07 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-06-03 12:07 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-06-03 12:07 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-06-03 12:07 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-06-03 12:07 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-06-03 12:07 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-06-03 12:07 - 2015-05-25 20:11 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-06-03 12:07 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-06-03 12:07 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-06-03 12:07 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-06-03 12:07 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-06-03 12:07 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-06-03 12:07 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-06-03 12:07 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-06-03 12:07 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-06-03 12:07 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-06-03 12:07 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-06-03 12:07 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-06-03 12:07 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-06-03 12:07 - 2015-05-25 20:11 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-06-03 12:07 - 2015-05-25 20:07 - 03989440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2015-06-03 12:07 - 2015-05-25 20:07 - 03934144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2015-06-03 12:07 - 2015-05-25 20:04 - 01310744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-06-03 12:07 - 2015-05-25 20:01 - 00641536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2015-06-03 12:07 - 2015-05-25 20:01 - 00635392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll
2015-06-03 12:07 - 2015-05-25 20:01 - 00551424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-06-03 12:07 - 2015-05-25 20:01 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-06-03 12:07 - 2015-05-25 20:01 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-06-03 12:07 - 2015-05-25 20:01 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-06-03 12:07 - 2015-05-25 20:01 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-06-03 12:07 - 2015-05-25 20:01 - 00092160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sechost.dll
2015-06-03 12:07 - 2015-05-25 20:01 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-06-03 12:07 - 2015-05-25 20:01 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2015-06-03 12:07 - 2015-05-25 20:01 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-06-03 12:07 - 2015-05-25 20:01 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-06-03 12:07 - 2015-05-25 20:01 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2015-06-03 12:07 - 2015-05-25 20:00 - 00364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tracerpt.exe
2015-06-03 12:07 - 2015-05-25 20:00 - 00082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\logman.exe
2015-06-03 12:07 - 2015-05-25 20:00 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-06-03 12:07 - 2015-05-25 20:00 - 00040448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\typeperf.exe
2015-06-03 12:07 - 2015-05-25 20:00 - 00037888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\relog.exe
2015-06-03 12:07 - 2015-05-25 20:00 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2015-06-03 12:07 - 2015-05-25 20:00 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\diskperf.exe
2015-06-03 12:07 - 2015-05-25 19:59 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2015-06-03 12:07 - 2015-05-25 19:59 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2015-06-03 12:07 - 2015-05-25 19:59 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-06-03 12:07 - 2015-05-25 19:59 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2015-06-03 12:07 - 2015-05-25 19:57 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-06-03 12:07 - 2015-05-25 19:57 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-06-03 12:07 - 2015-05-25 19:55 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-06-03 12:07 - 2015-05-25 19:55 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2015-06-03 12:07 - 2015-05-25 19:55 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2015-06-03 12:07 - 2015-05-25 19:55 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2015-06-03 12:07 - 2015-05-25 19:55 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2015-06-03 12:07 - 2015-05-25 19:55 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2015-06-03 12:07 - 2015-05-25 19:55 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2015-06-03 12:07 - 2015-05-25 19:55 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2015-06-03 12:07 - 2015-05-25 19:55 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2015-06-03 12:07 - 2015-05-25 19:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2015-06-03 12:07 - 2015-05-25 19:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2015-06-03 12:07 - 2015-05-25 19:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2015-06-03 12:07 - 2015-05-25 19:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2015-06-03 12:07 - 2015-05-25 19:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2015-06-03 12:07 - 2015-05-25 19:55 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2015-06-03 12:07 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2015-06-03 12:07 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-06-03 12:07 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2015-06-03 12:07 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2015-06-03 12:07 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2015-06-03 12:07 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2015-06-03 12:07 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2015-06-03 12:07 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2015-06-03 12:07 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2015-06-03 12:07 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2015-06-03 12:07 - 2015-05-25 19:55 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2015-06-03 12:07 - 2015-05-25 19:00 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\UtcResources.dll
2015-06-03 12:07 - 2015-05-25 18:50 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2015-06-03 12:07 - 2015-05-25 18:50 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2015-06-03 12:07 - 2015-05-25 18:48 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2015-06-03 12:07 - 2015-05-25 18:48 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2015-06-03 12:07 - 2015-05-25 18:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2015-06-03 12:07 - 2015-05-25 18:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2015-06-03 12:02 - 2015-05-22 20:18 - 01021440 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-06-03 12:02 - 2015-05-22 20:18 - 00757248 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-06-03 12:02 - 2015-05-22 20:18 - 00700416 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-06-03 12:02 - 2015-05-22 20:18 - 00423424 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-06-03 12:02 - 2015-05-22 20:18 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-06-03 12:02 - 2015-05-22 20:18 - 00045568 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-06-03 12:02 - 2015-05-22 20:13 - 01119232 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-06-03 12:02 - 2015-05-21 15:19 - 00193536 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2015-06-03 12:02 - 2015-05-09 05:27 - 03147776 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-06-03 12:02 - 2015-05-09 05:27 - 02589184 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-06-03 12:02 - 2015-05-09 05:27 - 00696320 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-06-03 12:02 - 2015-05-09 05:27 - 00191488 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-06-03 12:02 - 2015-05-09 05:27 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-06-03 12:02 - 2015-05-09 05:27 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-06-03 12:02 - 2015-05-09 05:27 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-06-03 12:02 - 2015-05-09 05:26 - 00135168 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-06-03 12:02 - 2015-05-09 05:26 - 00087040 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-06-03 12:02 - 2015-05-09 05:26 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-06-03 12:02 - 2015-05-09 05:26 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-06-03 12:02 - 2015-05-09 05:14 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-06-03 12:02 - 2015-05-09 05:14 - 00173056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-06-03 12:02 - 2015-05-09 05:14 - 00092672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-06-03 12:02 - 2015-05-09 05:14 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-06-03 12:02 - 2015-05-09 05:13 - 00033792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-06-03 12:02 - 2015-03-14 05:21 - 01632768 _____ (Microsoft Corporation) C:\Windows\system32\dwmcore.dll
2015-06-03 12:02 - 2015-03-14 05:21 - 00082944 _____ (Microsoft Corporation) C:\Windows\system32\dwmapi.dll
2015-06-03 12:02 - 2015-03-14 05:04 - 01372160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmcore.dll
2015-06-03 12:02 - 2015-03-14 05:04 - 00067584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmapi.dll
2015-06-03 11:58 - 2015-04-11 05:19 - 00069888 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\stream.sys
2015-06-03 11:21 - 2015-06-03 11:50 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2015-06-03 11:00 - 2015-05-28 05:52 - 00571024 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2015-06-03 10:46 - 2015-05-28 09:04 - 30480528 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2015-06-03 10:46 - 2015-05-28 09:04 - 22946960 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2015-06-03 10:46 - 2015-05-28 09:04 - 16185352 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2015-06-03 10:46 - 2015-05-28 09:04 - 14987528 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2015-06-03 10:46 - 2015-05-28 09:04 - 14495448 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2015-06-03 10:46 - 2015-05-28 09:04 - 13304280 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2015-06-03 10:46 - 2015-05-28 09:04 - 11830512 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2015-06-03 10:46 - 2015-05-28 09:04 - 10995528 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2015-06-03 10:46 - 2015-05-28 09:04 - 02932368 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2015-06-03 10:46 - 2015-05-28 09:04 - 02599056 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2015-06-03 10:46 - 2015-05-28 09:04 - 01898312 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6435306.dll
2015-06-03 10:46 - 2015-05-28 09:04 - 01557832 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6435306.dll
2015-06-03 10:46 - 2015-05-28 09:04 - 01099808 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2015-06-03 10:46 - 2015-05-28 09:04 - 01059984 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2015-06-03 10:46 - 2015-05-28 09:04 - 01050440 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2015-06-03 10:46 - 2015-05-28 09:04 - 00982856 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2015-06-03 10:46 - 2015-05-28 09:04 - 00974480 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2015-06-03 10:46 - 2015-05-28 09:04 - 00939080 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2015-06-03 10:46 - 2015-05-28 09:04 - 00195912 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys
2015-06-03 10:46 - 2015-05-28 09:04 - 00175880 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2015-06-03 10:46 - 2015-05-28 09:04 - 00154256 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2015-06-03 10:46 - 2015-05-28 09:04 - 00150648 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2015-06-03 10:46 - 2015-05-28 09:04 - 00128512 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2015-06-03 10:46 - 2015-05-28 09:04 - 00031552 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll
2015-06-03 10:46 - 2015-05-28 09:04 - 00030966 _____ C:\Windows\system32\nvinfo.pb
2015-06-03 10:45 - 2015-05-28 09:04 - 42719888 _____ C:\Windows\system32\nvcompiler.dll
2015-06-03 10:45 - 2015-05-28 09:04 - 37741712 _____ C:\Windows\SysWOW64\nvcompiler.dll
2015-06-03 01:54 - 2015-06-03 01:54 - 00000207 _____ C:\Windows\tweaking.com-regbackup-PC_VAN_ACER-Windows-7-Home-Premium-(64-bit).dat
2015-06-03 01:53 - 2015-06-03 01:53 - 00000000 ____D C:\RegBackup
2015-06-03 01:51 - 2015-06-03 01:51 - 00002167 _____ C:\Users\Acer\Desktop\Tweaking.com - Windows Repair.lnk
2015-06-03 01:49 - 2015-06-03 01:49 - 00003658 _____ C:\Windows\System32\Tasks\Tweaking.com - Windows Repair Tray Icon
2015-06-03 01:49 - 2015-06-03 01:49 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tweaking.com
2015-06-03 01:49 - 2015-06-03 01:49 - 00000000 ____D C:\Program Files (x86)\Tweaking.com
2015-06-03 01:39 - 2015-06-03 01:39 - 00000000 ____D C:\TDSSKiller_Quarantine
2015-06-03 01:31 - 2015-06-03 01:32 - 00002402 _____ C:\Users\Acer\Desktop\Rkill.txt
2015-06-03 01:23 - 2015-06-03 01:23 - 00002121 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
2015-06-03 01:23 - 2015-06-03 01:23 - 00000000 ____D C:\Program Files\Microsoft Security Client
2015-06-03 01:23 - 2015-06-03 01:23 - 00000000 ____D C:\Program Files (x86)\Microsoft Security Client
2015-06-02 15:01 - 2015-06-02 15:01 - 43575652 _____ C:\Users\Acer\Desktop\BACKUP.reg
2015-06-01 22:42 - 2015-06-01 22:42 - 00000000 ____D C:\Users\Acer\Desktop\Oude Firefox-gegevens
2015-06-01 21:37 - 2015-06-03 01:23 - 00000000 ____D C:\Users\Acer\AppData\Roaming\WinPatrol
2015-06-01 21:37 - 2015-06-01 21:54 - 00000000 ____D C:\AdwCleaner
2015-06-01 21:37 - 2015-06-01 21:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinPatrol
2015-06-01 21:37 - 2015-06-01 21:37 - 00000000 ____D C:\Program Files (x86)\Ruiware
2015-06-01 16:30 - 2015-06-01 16:30 - 00000000 ____D C:\Program Files\HitmanPro
2015-06-01 15:27 - 2015-06-01 15:27 - 00000000 ____D C:\Users\Acer\AppData\Local\GWX
2015-06-01 02:21 - 2015-06-01 02:21 - 00000826 _____ C:\Users\Public\Desktop\CCleaner.lnk
2015-06-01 01:44 - 2015-06-01 15:27 - 00000021 _____ C:\Windows\system32\Drivers\etc\hosts_bak_129
2015-05-31 13:02 - 2015-05-31 13:29 - 00004408 _____ C:\Windows\system32\.crusader
2015-05-31 12:21 - 2015-05-31 13:03 - 00000000 ____D C:\ProgramData\HitmanPro
2015-05-31 12:20 - 2015-06-03 10:20 - 00136408 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-05-31 12:20 - 2015-05-31 12:20 - 00001110 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-05-31 12:20 - 2015-05-31 12:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-05-31 12:20 - 2015-05-31 12:20 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-05-31 12:20 - 2015-04-14 09:37 - 00107736 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-05-31 12:20 - 2015-04-14 09:37 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-05-31 12:20 - 2015-04-14 09:37 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-05-31 05:03 - 2015-05-31 05:03 - 00000000 _____ C:\autoexec.bat
2015-05-30 21:04 - 2015-05-30 21:04 - 04331265 _____ C:\Users\Acer\Downloads\Endless Legend V1.0.44 64bit Trainer +2.rar
2015-05-30 16:18 - 2015-05-30 16:18 - 00000000 ____D C:\Users\Acer\Downloads\ns-EAWX_MAXI-poseden
2015-05-30 16:17 - 2015-05-30 16:17 - 04118903 _____ C:\Users\Acer\Downloads\ns-EAWX_MI.rar
2015-05-30 16:10 - 2015-05-30 16:10 - 00178800 _____ (Sony DADC Austria AG.) C:\Windows\SysWOW64\CmdLineExt_x64.dll
2015-05-30 15:29 - 2015-05-30 16:01 - 00000000 ____D C:\Users\Acer\Documents\Endless Legend
2015-05-30 15:26 - 2015-05-30 15:26 - 00000579 _____ C:\Users\Public\Desktop\Endless Legend.lnk
2015-05-30 15:26 - 2015-05-30 15:26 - 00000579 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Endless Legend.lnk
2015-05-29 14:13 - 2015-05-29 14:13 - 00391728 _____ C:\Users\Acer\Downloads\adguardInstaller.exe
2015-05-29 14:04 - 2015-06-01 21:40 - 00000000 ____D C:\Users\Acer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-05-29 14:04 - 2015-05-31 12:07 - 00002396 _____ C:\Users\Acer\Desktop\App-opstartprogramma van Chrome.lnk
2015-05-29 13:57 - 2015-06-01 21:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-05-29 13:57 - 2015-05-31 12:06 - 00002283 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2015-05-29 13:56 - 2015-06-03 20:01 - 00001052 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-05-29 13:56 - 2015-06-03 14:01 - 00001048 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-05-29 13:56 - 2015-05-29 13:56 - 00004048 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-05-29 13:56 - 2015-05-29 13:56 - 00003796 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-05-26 16:03 - 2015-05-26 16:03 - 00000000 __SHD C:\found.000
2015-05-25 18:33 - 2015-05-25 18:34 - 00000000 ____D C:\Users\Acer\AppData\Local\Stardock
2015-05-25 18:33 - 2015-05-25 18:33 - 00000000 ____D C:\ProgramData\Stardock
2015-05-25 13:37 - 2015-05-25 13:37 - 00000000 ____D C:\Users\Acer\AppData\Roaming\DS4Windows
2015-05-25 13:36 - 2013-05-19 02:02 - 00039168 _____ (Scarlet.Crush Productions) C:\Windows\system32\Drivers\ScpVBus.sys
2015-05-16 02:41 - 2015-05-16 02:41 - 00000000 ____D C:\Users\Acer\AppData\Roaming\vlc
2015-05-14 15:40 - 2015-05-14 15:40 - 00001129 _____ C:\Users\Public\Desktop\Popcorn Time SE.lnk
2015-05-14 15:40 - 2015-05-14 15:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Popcorn Time
2015-05-14 15:40 - 2015-05-14 15:40 - 00000000 ____D C:\Program Files (x86)\Popcorn Time
2015-05-14 15:39 - 2015-05-14 15:39 - 50764339 _____ (Popcorn Time ) C:\Users\Acer\Downloads\PopcornTime-latest.exe
2015-05-14 01:23 - 2015-05-01 15:17 - 00124112 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll
2015-05-14 01:23 - 2015-05-01 15:16 - 00102608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2015-05-13 16:12 - 2015-04-22 03:48 - 00342736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-05-13 16:12 - 2015-04-21 19:08 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-05-13 16:12 - 2015-04-21 18:50 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-05-13 16:12 - 2015-04-21 18:40 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-05-13 16:12 - 2015-04-21 18:35 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-05-13 16:12 - 2015-04-21 18:14 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-05-13 16:12 - 2015-04-21 18:11 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-05-13 16:12 - 2015-04-21 18:10 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-05-13 16:12 - 2015-04-21 18:08 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-05-13 16:12 - 2015-04-21 18:02 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-05-13 16:12 - 2015-04-21 17:49 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-05-13 16:12 - 2015-04-21 17:43 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-05-13 16:12 - 2015-04-21 17:38 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-05-13 16:12 - 2015-04-21 17:36 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-05-13 16:12 - 2015-04-21 17:26 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-05-13 16:12 - 2015-04-21 16:58 - 01310208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-05-13 16:12 - 2015-04-18 05:10 - 00460800 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2015-05-13 16:12 - 2015-04-18 04:56 - 00342016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2015-05-13 16:11 - 2015-04-22 04:28 - 00389840 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-05-13 16:11 - 2015-04-21 19:14 - 24971776 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-05-13 16:11 - 2015-04-21 19:07 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-05-13 16:11 - 2015-04-21 18:51 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-05-13 16:11 - 2015-04-21 18:50 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-05-13 16:11 - 2015-04-21 18:50 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-05-13 16:11 - 2015-04-21 18:49 - 02885120 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-05-13 16:11 - 2015-04-21 18:48 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-05-13 16:11 - 2015-04-21 18:41 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-05-13 16:11 - 2015-04-21 18:37 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-05-13 16:11 - 2015-04-21 18:35 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-05-13 16:11 - 2015-04-21 18:35 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-05-13 16:11 - 2015-04-21 18:34 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-05-13 16:11 - 2015-04-21 18:31 - 06025728 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-05-13 16:11 - 2015-04-21 18:26 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-05-13 16:11 - 2015-04-21 18:25 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-05-13 16:11 - 2015-04-21 18:24 - 19691008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-05-13 16:11 - 2015-04-21 18:22 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-05-13 16:11 - 2015-04-21 18:11 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-05-13 16:11 - 2015-04-21 18:09 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-05-13 16:11 - 2015-04-21 18:09 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-05-13 16:11 - 2015-04-21 18:08 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-05-13 16:11 - 2015-04-21 18:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-05-13 16:11 - 2015-04-21 18:04 - 02278400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-05-13 16:11 - 2015-04-21 18:03 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-05-13 16:11 - 2015-04-21 18:00 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-05-13 16:11 - 2015-04-21 17:58 - 00664576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-05-13 16:11 - 2015-04-21 17:58 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-05-13 16:11 - 2015-04-21 17:57 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-05-13 16:11 - 2015-04-21 17:49 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-05-13 16:11 - 2015-04-21 17:48 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-05-13 16:11 - 2015-04-21 17:47 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-05-13 16:11 - 2015-04-21 17:46 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-05-13 16:11 - 2015-04-21 17:40 - 14401536 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-05-13 16:11 - 2015-04-21 17:39 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-05-13 16:11 - 2015-04-21 17:31 - 04305920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-05-13 16:11 - 2015-04-21 17:27 - 02352128 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-05-13 16:11 - 2015-04-21 17:25 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-05-13 16:11 - 2015-04-21 17:24 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-05-13 16:11 - 2015-04-21 17:17 - 12828672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-05-13 16:11 - 2015-04-21 17:15 - 01547264 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-05-13 16:11 - 2015-04-21 17:03 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-05-13 16:11 - 2015-04-21 17:02 - 01882112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-05-13 16:11 - 2015-04-21 16:56 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-05-13 16:11 - 2015-04-20 05:17 - 01647104 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2015-05-13 16:11 - 2015-04-20 05:17 - 01179136 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2015-05-13 16:11 - 2015-04-20 04:56 - 01250816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2015-05-13 16:11 - 2015-04-20 04:11 - 03204608 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-05-13 16:11 - 2015-04-13 05:28 - 00328704 _____ (Microsoft Corporation) C:\Windows\system32\services.exe
2015-05-13 16:11 - 2015-04-08 05:29 - 00275456 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll
2015-05-13 16:11 - 2015-04-08 05:29 - 00024576 _____ (Microsoft Corporation) C:\Windows\system32\jnwmon.dll
2015-05-13 16:11 - 2015-04-08 05:14 - 00216064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InkEd.dll
2015-05-13 16:11 - 2015-01-29 05:19 - 02543104 _____ (Microsoft Corporation) C:\Windows\system32\wpdshext.dll
2015-05-13 16:11 - 2015-01-29 05:02 - 02311168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wpdshext.dll
2015-05-13 16:10 - 2015-03-04 06:41 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\apphelp.dll
2015-05-13 16:10 - 2015-03-04 06:41 - 00072192 _____ (Microsoft Corporation) C:\Windows\system32\aelupsvc.dll
2015-05-13 16:10 - 2015-03-04 06:41 - 00023552 _____ (Microsoft Corporation) C:\Windows\system32\sdbinst.exe
2015-05-13 16:10 - 2015-03-04 06:41 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\shimeng.dll
2015-05-13 16:10 - 2015-03-04 06:11 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shimeng.dll
2015-05-13 16:10 - 2015-03-04 06:10 - 00295936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apphelp.dll
2015-05-13 16:10 - 2015-03-04 06:10 - 00020992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sdbinst.exe
2015-05-13 16:10 - 2015-02-18 09:06 - 00123904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe
2015-05-13 16:10 - 2015-02-18 09:04 - 00142336 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
2015-05-13 00:07 - 2015-05-13 00:07 - 00000595 _____ C:\Users\Public\Desktop\EVE Online.lnk
2015-05-13 00:07 - 2015-05-13 00:07 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EVE

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-06-03 20:54 - 2013-04-13 10:36 - 00000000 ____D C:\Users\Acer\AppData\Local\Deployment
2015-06-03 20:47 - 2011-05-30 18:53 - 00000000 ____D C:\Users\Acer\AppData\Roaming\Skype
2015-06-03 20:44 - 2011-07-02 11:49 - 00000000 ____D C:\Program Files (x86)\Giraffic
2015-06-03 20:08 - 2012-03-29 14:32 - 00000940 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-06-03 15:22 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2015-06-03 12:50 - 2010-06-08 10:23 - 00018544 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-06-03 12:50 - 2010-06-08 10:23 - 00018544 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-06-03 12:49 - 2010-06-08 10:43 - 01344985 _____ C:\Windows\WindowsUpdate.log
2015-06-03 12:47 - 2009-07-14 11:16 - 00700974 _____ C:\Windows\system32\perfh013.dat
2015-06-03 12:47 - 2009-07-14 11:16 - 00144780 _____ C:\Windows\system32\perfc013.dat
2015-06-03 12:47 - 2009-07-14 07:13 - 01608362 _____ C:\Windows\system32\PerfStringBackup.INI
2015-06-03 12:43 - 2015-01-12 17:05 - 08806320 _____ C:\Windows\setupact.log
2015-06-03 12:43 - 2011-07-02 11:49 - 00000000 ____D C:\ProgramData\Giraffic
2015-06-03 12:42 - 2013-06-30 22:56 - 00277324 _____ C:\Windows\PFRO.log
2015-06-03 12:42 - 2013-01-18 14:21 - 00000000 ____D C:\ProgramData\NVIDIA
2015-06-03 12:42 - 2012-08-14 21:49 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-06-03 12:42 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-06-03 12:40 - 2014-12-11 00:47 - 00000000 ____D C:\Windows\system32\appraiser
2015-06-03 12:40 - 2014-05-07 02:23 - 00000000 ___SD C:\Windows\system32\CompatTel
2015-06-03 12:40 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2015-06-03 12:32 - 2012-08-06 12:49 - 00003966 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{064099B1-7BFA-4472-BA14-52F3C7819DD6}
2015-06-03 11:37 - 2013-04-15 12:04 - 00000000 ____D C:\Windows\AutoKMS
2015-06-03 11:00 - 2013-01-18 14:20 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2015-06-03 11:00 - 2012-08-04 13:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2015-06-03 11:00 - 2011-12-13 00:39 - 00000000 ____D C:\temp
2015-06-03 10:48 - 2012-08-02 18:17 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2015-06-03 10:46 - 2012-12-16 23:16 - 00000000 ____D C:\ProgramData\boost_interprocess
2015-06-03 10:02 - 2013-06-30 22:58 - 00112128 _____ C:\Users\Acer\AppData\Local\GDIPFONTCACHEV1.DAT
2015-06-03 10:02 - 2013-06-30 22:56 - 00425536 _____ C:\Windows\system32\FNTCACHE.DAT
2015-06-03 02:20 - 2006-11-02 14:34 - 00000449 _____ C:\Windows\win.ini
2015-06-03 02:05 - 2010-08-06 22:09 - 01804956 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2015-06-03 01:23 - 2011-07-02 11:10 - 00001912 _____ C:\Windows\epplauncher.mif
2015-06-02 21:33 - 2014-10-12 00:35 - 00000000 ____D C:\Users\Acer\AppData\Local\Popcorn-Time
2015-06-02 20:47 - 2010-08-05 22:10 - 00000000 ____D C:\ProgramData\TEMP
2015-06-02 03:00 - 2010-06-08 13:35 - 00000000 ____D C:\Users\Acer\AppData\Roaming\uTorrent
2015-06-02 01:39 - 2014-07-04 21:57 - 00000000 ____D C:\Program Files\OBS
2015-06-02 01:39 - 2014-07-04 21:57 - 00000000 ____D C:\Program Files (x86)\OBS
2015-06-02 01:37 - 2014-01-12 13:54 - 00000000 ____D C:\ProgramData\Sony Mobile
2015-06-02 01:37 - 2014-01-12 13:54 - 00000000 ____D C:\Program Files (x86)\Sony Mobile
2015-06-02 01:37 - 2008-10-25 03:58 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2015-06-01 21:40 - 2014-12-07 14:57 - 00001013 _____ C:\Users\Acer\Desktop\Sid Meiers Civilization - Beyond Earth.lnk
2015-06-01 21:40 - 2012-08-14 21:49 - 00001069 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-06-01 21:40 - 2010-06-08 10:48 - 00000977 _____ C:\Users\Acer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-06-01 21:37 - 2012-08-05 00:08 - 00000000 ____D C:\ProgramData\InstallMate
2015-06-01 21:28 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\NDF
2015-06-01 02:22 - 2012-08-29 15:02 - 00000000 ____D C:\Program Files\CCleaner
2015-06-01 02:21 - 2012-08-29 15:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2015-05-31 13:29 - 2013-05-20 21:31 - 00000000 ____D C:\Users\Acer\Desktop\trainer ME2
2015-05-31 12:20 - 2012-08-29 15:03 - 00000000 ____D C:\ProgramData\Malwarebytes
2015-05-31 12:06 - 2012-08-14 21:49 - 00001155 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
2015-05-31 12:06 - 2010-05-27 15:20 - 00000953 _____ C:\Users\Acer\Desktop\Launch Internet Explorer Browser.lnk
2015-05-31 05:02 - 2010-06-08 10:24 - 00000000 ____D C:\Users\Acer
2015-05-31 04:49 - 2012-12-16 23:15 - 00000000 ____D C:\Users\Acer\AppData\Local\backburner
2015-05-31 04:49 - 2012-12-16 22:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Autodesk
2015-05-30 16:19 - 2009-07-14 07:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2015-05-29 20:32 - 2012-08-29 15:34 - 00000396 _____ C:\Windows\Tasks\Defraggler Volume D Task.job
2015-05-29 16:41 - 2012-08-29 15:34 - 00000396 _____ C:\Windows\Tasks\Defraggler Volume K Task.job
2015-05-29 16:41 - 2012-08-29 15:34 - 00000396 _____ C:\Windows\Tasks\Defraggler Volume C Task.job
2015-05-29 13:57 - 2012-03-10 16:14 - 00000000 ____D C:\Program Files (x86)\Google
2015-05-29 13:57 - 2010-05-27 15:35 - 00000000 ____D C:\Users\Acer\AppData\Local\Google
2015-05-29 09:52 - 2014-09-29 20:14 - 00000000 ____D C:\Users\Acer\AppData\Local\Adobe
2015-05-29 09:52 - 2012-03-29 14:32 - 00003878 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-05-29 09:51 - 2012-03-29 14:32 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-05-29 09:51 - 2011-05-16 16:11 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-05-28 09:04 - 2015-01-22 17:44 - 02986392 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2015-05-28 09:04 - 2014-02-19 02:16 - 01558848 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdagenco6420103.dll
2015-05-28 09:04 - 2013-04-14 03:22 - 12852152 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2015-05-28 09:04 - 2013-02-26 00:32 - 17486856 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2015-05-28 09:04 - 2013-02-26 00:32 - 15864064 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2015-05-28 09:04 - 2013-02-26 00:32 - 03379680 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2015-05-28 09:04 - 2013-01-18 14:20 - 00105288 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2015-05-28 09:04 - 2012-08-02 18:18 - 00112968 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2015-05-28 06:15 - 2013-04-14 01:48 - 02558608 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2015-05-28 06:15 - 2013-01-18 14:21 - 06872904 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2015-05-28 06:15 - 2013-01-18 14:21 - 03491984 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2015-05-28 06:15 - 2013-01-18 14:21 - 00937288 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2015-05-28 06:15 - 2013-01-18 14:21 - 00385168 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2015-05-28 06:15 - 2013-01-18 14:21 - 00062608 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2015-05-27 12:48 - 2013-01-18 14:21 - 04408727 _____ C:\Windows\system32\nvcoproc.bin
2015-05-27 02:58 - 2011-05-30 18:52 - 00000000 ___RD C:\Program Files (x86)\Skype
2015-05-25 19:19 - 2012-08-18 23:33 - 00000047 _____ C:\Users\Acer\Documents\mt-x_hook.txt
2015-05-25 19:19 - 2012-08-18 23:33 - 00000007 _____ C:\Users\Acer\Documents\mt-e_hook.txt
2015-05-25 18:31 - 2011-11-24 19:03 - 00000000 ____D C:\Users\Acer\Documents\My Games
2015-05-23 01:18 - 2014-12-29 14:58 - 00000000 ____D C:\Users\Acer\Downloads\Gameforge Live
2015-05-23 01:18 - 2014-12-29 14:58 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gameforge Live
2015-05-21 02:34 - 2015-04-04 03:00 - 00000000 ___SD C:\Windows\SysWOW64\GWX
2015-05-21 02:34 - 2015-04-04 03:00 - 00000000 ___SD C:\Windows\system32\GWX
2015-05-18 16:09 - 2011-05-30 18:52 - 00000000 ____D C:\ProgramData\Skype
2015-05-14 17:46 - 2013-05-21 09:59 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2015-05-14 10:30 - 2009-07-14 11:56 - 00000000 ____D C:\Program Files\Windows Journal
2015-05-14 10:30 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\AdvancedInstallers
2015-05-14 10:29 - 2013-03-14 01:25 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2015-05-14 10:29 - 2013-03-14 01:25 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2015-05-14 01:40 - 2008-10-25 04:48 - 00000000 ____D C:\ProgramData\Microsoft Help
2015-05-14 01:38 - 2013-08-03 02:50 - 00000000 ____D C:\Windows\system32\MRT
2015-05-14 01:27 - 2010-06-12 12:34 - 140425016 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-05-14 01:23 - 2013-03-14 01:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2015-05-13 00:01 - 2011-03-14 00:25 - 00007641 _____ C:\Users\Acer\AppData\Local\Resmon.ResmonCfg

==================== Files in the root of some directories =======

2013-05-20 23:33 - 2014-06-02 14:39 - 0003710 _____ () C:\Program Files (x86)\Mozilla Firefoxsafeguard-secure-search.xml
2013-04-24 01:41 - 2013-04-24 01:41 - 0000170 _____ () C:\Users\Acer\AppData\Roaming\wklnhst.dat
2011-11-15 06:50 - 2011-11-15 06:52 - 0167456 _____ () C:\Users\Acer\AppData\Local\edsinstaller.txt-20111115.log
2010-09-13 22:19 - 2010-09-13 22:19 - 0000357 _____ () C:\Users\Acer\AppData\Local\GLF289F.tmp
2015-02-28 23:24 - 2015-02-28 23:25 - 11509994 _____ () C:\Users\Acer\AppData\Local\package.nw.new
2011-03-14 00:25 - 2015-05-13 00:01 - 0007641 _____ () C:\Users\Acer\AppData\Local\Resmon.ResmonCfg
2015-01-22 13:51 - 2015-01-22 13:51 - 0000287 _____ () C:\ProgramData\fontcacheev1.dat
2013-10-14 17:10 - 2015-03-08 17:03 - 0014871 _____ () C:\ProgramData\hpzinstall.log

Files to move or delete:
====================
C:\Users\Acer\bootrec.exe
C:\ProgramData\fontcacheev1.dat
C:\Windows\Tasks\{BB149A2A-005D-49BE-9A49-547B5D48854C}.job


Some files in TEMP:
====================
C:\Users\Acer\AppData\Local\Temp\EsgInstallerx64Stub.exe
C:\Users\Acer\AppData\Local\Temp\nvSCPAPI.dll
C:\Users\Acer\AppData\Local\Temp\nvSCPAPI64.dll
C:\Users\Acer\AppData\Local\Temp\nvStInst.exe
C:\Users\Acer\AppData\Local\Temp\Quarantine.exe
C:\Users\Acer\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-06-03 15:14

==================== End of log ============================

 

here is the full scan sorry i used fss xD



#6 tubertje1992

tubertje1992
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:04:44 PM

Posted 03 June 2015 - 02:02 PM

btw still have to remove windows essentials just wanted to see if it could find anything. gonna remove it now



#7 nasdaq

nasdaq

  • Malware Response Team
  • 39,909 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:11:44 AM

Posted 04 June 2015 - 07:37 AM

Is this Dhcp IP 213.46.228.196 address necessary?
Tcpip\Parameters: [DhcpNameServer] 213.46.228.196 62.179.104.196
You are in the Netherland and this is what I found.
http://whatismyipaddress.com/ip/213.46.228.196

Please check with you Internet Provider and make sure it's OK.

----

Open notepad (Start =>All Programs => Accessories => Notepad). Please copy the entire contents of the code box below.
 
start

CreateRestorePoint:
CloseProcesses:

(Company) \Updater.exe
HKLM-x32\...\Run: [] => [X]
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\.DEFAULT\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-3843000899-3653866797-3830101878-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local: [ActivePolicy] SOFTWARE\Policies\Microsoft\Windows\IPSEC\Policy\Local\ipsecPolicy{c56427ef-91da-4fbb-bd2a-290e4f861ce8} <======= ATTENTION (Policy restriction on IP)
SearchScopes: HKU\.DEFAULT -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
SearchScopes: HKU\S-1-5-21-3843000899-3653866797-3830101878-1000 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
BHO: No Name -> {326E768D-4182-46FD-9C16-1449A49795F4} ->  No File
BHO: No Name -> {593DDEC6-7468-4cdd-90E1-42DADAA222E9} ->  No File
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Extension: PrivacyChoice TrackerBlock - C:\Users\Acer\AppData\Roaming\Mozilla\Firefox\Profiles\jenrrewu.default-1433191350931\Extensions\trackerblock@privacychoice.org.xpi [2015-06-02]
CHR HKLM\...\Chrome\Extension: [fnjbmmemklcjgepojigaapkoodmkgbae] - No Path Or update_url value
CHR HKLM\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - No Path Or update_url value
R2 Update service; C:\Program Files (x86)\Popcorn Time\Updater.exe [335360 2014-12-17] (Company) [File not signed]
S2 Crypkey License; crypserv.exe [X]
S1 adgnetworktdi; system32\drivers\adgnetworktdi.sys [X]
S2 AODDriver4.01; \??\C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [X]
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
S1 EIO64; system32\DRIVERS\EIO64.sys [X]
S1 NetworkX; \SystemRoot\system32\ckldrv.sys [X]
C:\Program Files (x86)\Popcorn Time
C:\Users\Acer\AppData\Roaming\Mozilla\Firefox\Profiles\jenrrewu.default-1433191350931\Extensions\trackerblock@privacychoice.org.xpi
C:\Users\Acer\AppData\Local\Temp\EsgInstallerx64Stub.exe
C:\Users\Acer\AppData\Local\Temp\nvSCPAPI.dll
C:\Users\Acer\AppData\Local\Temp\nvSCPAPI64.dll
C:\Users\Acer\AppData\Local\Temp\nvStInst.exe

End
Save the files as fixlist.txt in the same folder where the Farbar tool is running from.
The location is listed in the 3rd line of the Farbar log you have submitted.

Run FRST and click Fix only once and wait.

Restart the computer normally to reset the registry.

The tool will create a log (Fixlog.txt) please post it to your reply.
===

How is the computer running now?

#8 tubertje1992

tubertje1992
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:04:44 PM

Posted 04 June 2015 - 09:38 AM

its doing fine now but i noticed that popcorn time is in C:\FRST\Quarantine\C\Program Files (x86)\Popcorn Time I have 2 Popcorn times one in SE version and one in Desktop version.



#9 tubertje1992

tubertje1992
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:04:44 PM

Posted 04 June 2015 - 09:46 AM

 Here is the log

 

Restore point was successfully created.
Processes closed successfully.
\Updater.exe => No running process found
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\ => value removed successfully
"HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer" => key removed successfully
"HKU\.DEFAULT\SOFTWARE\Policies\Microsoft\Internet Explorer" => key removed successfully
"HKU\S-1-5-21-3843000899-3653866797-3830101878-1000\SOFTWARE\Policies\Microsoft\Internet Explorer" => key removed successfully
HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local\\ActivePolicy => value removed successfully
"HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}" => key removed successfully
HKCR\CLSID\{6A1806CD-94D4-4689-BA73-E35EA1EA9990} => key not found.
SearchScopes: => Error: No automatic fix found for this entry.
HKU\S-1-5-21-3843000899-3653866797-3830101878-1000 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = => Error: No automatic fix found for this entry.
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{326E768D-4182-46FD-9C16-1449A49795F4}" => key removed successfully
HKCR\CLSID\{326E768D-4182-46FD-9C16-1449A49795F4} => key not found.
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{593DDEC6-7468-4cdd-90E1-42DADAA222E9}" => key removed successfully
HKCR\CLSID\{593DDEC6-7468-4cdd-90E1-42DADAA222E9} => key not found.
"HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE" => key removed successfully
"HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE" => key removed successfully
C:\Users\Acer\AppData\Roaming\Mozilla\Firefox\Profiles\jenrrewu.default-1433191350931\Extensions\trackerblock@privacychoice.org.xpi => moved successfully.
"HKLM\SOFTWARE\Google\Chrome\Extensions\fnjbmmemklcjgepojigaapkoodmkgbae" => key removed successfully
"HKLM\SOFTWARE\Google\Chrome\Extensions\nneajnkjbffgblleaoojgaacokifdkhm" => key removed successfully
Update service => Service removed successfully
Crypkey License => Service removed successfully
adgnetworktdi => Service removed successfully
AODDriver4.01 => Service removed successfully
Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [X] => Error: No automatic fix found for this entry.
EagleX64 => Service removed successfully
EIO64 => Service removed successfully
NetworkX => Service removed successfully
C:\Program Files (x86)\Popcorn Time => moved successfully.
"C:\Users\Acer\AppData\Roaming\Mozilla\Firefox\Profiles\jenrrewu.default-1433191350931\Extensions\trackerblock@privacychoice.org.xpi" => File/Folder not found.
C:\Users\Acer\AppData\Local\Temp\EsgInstallerx64Stub.exe => moved successfully.
C:\Users\Acer\AppData\Local\Temp\nvSCPAPI.dll => moved successfully.
C:\Users\Acer\AppData\Local\Temp\nvSCPAPI64.dll => moved successfully.
C:\Users\Acer\AppData\Local\Temp\nvStInst.exe => moved successfully.


The system needed a reboot..

==== End of Fixlog 16:26:22 ====



#10 nasdaq

nasdaq

  • Malware Response Team
  • 39,909 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:11:44 AM

Posted 04 June 2015 - 12:28 PM

C:\FRST\Quarantine\C\Program Files (x86)\Popcorn Time


This one is quarantined in the C:\FRST\Quarantine folder.
Empty the Quarantine folder.

Is the se version Java?

#11 tubertje1992

tubertje1992
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:04:44 PM

Posted 04 June 2015 - 03:16 PM

it is for android. so guess it does.



#12 nasdaq

nasdaq

  • Malware Response Team
  • 39,909 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:11:44 AM

Posted 05 June 2015 - 07:29 AM

Is it causing any problems?
You can delete it if it's in a \temp or quarantine folder.

If all is well.

To learn more about how to protect yourself while on the internet read this little guide best security practices keep safe.
http://www.bleepingcomputer.com/forums/t/407147/answers-to-common-security-questions-best-practices/
===

#13 nasdaq

nasdaq

  • Malware Response Team
  • 39,909 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Montreal, QC. Canada
  • Local time:11:44 AM

Posted 11 June 2015 - 12:47 PM

It appears that this issue is resolved, therefore I am closing the topic. If that is not the case and you need or wish to continue with this topic, please send me or any Moderator a Personal Message (PM) that you would like this topic re-opened.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users