kemped
Honorary Members-
Posts
66 -
Joined
-
Last visited
Reputation
0 Neutral-
PC and Internet running slow, might be infected.
kemped replied to kemped's topic in Resolved Malware Removal Logs
All done, is there anything left to do? If not thank you for all your help, I believe it's clean now. -
PC and Internet running slow, might be infected.
kemped replied to kemped's topic in Resolved Malware Removal Logs
Yes that is what I meant, thank you for your help. The registry backup is left, should I also delete that aswell? -
PC and Internet running slow, might be infected.
kemped replied to kemped's topic in Resolved Malware Removal Logs
I don't see any issues right now it's been fine for 2 days. Where can I reinstall akamai netsession? And could you please give me the steps to set my pc back to before this by reverting everything? -
PC and Internet running slow, might be infected.
kemped replied to kemped's topic in Resolved Malware Removal Logs
MiniToolBox by Farbar Version: 06-07-2014 Ran by Patrick (administrator) on 19-07-2014 at 08:29:47 Running from "C:\Users\Patrick\Downloads" Microsoft Windows 7 Home Premium Service Pack 1 (X64) Boot Mode: Normal *************************************************************************** ========================= Flush DNS: =================================== Windows IP-configuratie De DNS-omzettingscache is leeggemaakt. ========================= IE Proxy Settings: ============================== Proxy is not enabled. No Proxy Server is set. "Reset IE Proxy Settings": IE Proxy Settings were reset. ========================= FF Proxy Settings: ============================== "Reset FF Proxy Settings": Firefox Proxy settings were reset. ========================= Hosts content: ================================= ========================= IP Configuration: ================================ Intel® 82579V Gigabit Network Connection = LAN-verbinding (Connected) 802.11n draadloze LAN-kaart = Draadloze netwerkverbinding (Hardware not present) # ---------------------------------- # IPv4-configuratie # ---------------------------------- pushd interface ipv4 reset set global icmpredirects=enabled taskoffload=disabled popd # Einde van IPv4-configuratie Windows IP-configuratie Hostnaam . . . . . . . . . . . . : Patrick-PC Primair DNS-achtervoegsel . . . . : Knooppunttype . . . . . . . . . . : hybride IP-routering ingeschakeld . . . . : nee WINS-proxy ingeschakeld . . . . . : nee Ethernet-adapter voor LAN-verbinding: Verbindingsspec. DNS-achtervoegsel: Beschrijving. . . . . . . . . . . : Intel® 82579V Gigabit Network Connection Fysiek adres. . . . . . . . . . . : C8-9C-DC-EB-EE-E9 DHCP ingeschakeld . . . . . . . . : ja Autom. configuratie ingeschakeld : ja Link-local IPv6-adres . . . . . . : fe80::5c69:2e26:3db1:2dfe%11(voorkeur) IPv4-adres. . . . . . . . . . . . : 192.168.0.103(voorkeur) Subnetmasker. . . . . . . . . . . : 255.255.255.0 Lease verkregen . . . . . . . . . : zaterdag 19 juli 2014 8:27:56 Lease verlopen. . . . . . . . . . : maandag 28 juli 2014 17:39:21 Standaardgateway. . . . . . . . . : 192.168.0.1 DHCP-server . . . . . . . . . . . : 192.168.0.1 DHCPv6 IAID . . . . . . . . . . . : 336623826 DHCPv6-client DUID. . . . . . . . : 00-01-00-01-16-C2-17-E2-C8-9C-DC-EB-EE-E9 DNS-servers . . . . . . . . . . . : 192.168.0.1 NetBIOS via TCPIP . . . . . . . . : ingeschakeld Tunnel-adapter voor isatap.{E2036B6D-929C-4B58-88CF-20251397EEF0}: Mediumstatus. . . . . . . . . . . : medium ontkoppeld Verbindingsspec. DNS-achtervoegsel: Beschrijving. . . . . . . . . . . : Microsoft ISATAP Adapter Fysiek adres. . . . . . . . . . . : 00-00-00-00-00-00-00-E0 DHCP ingeschakeld . . . . . . . . : nee Autom. configuratie ingeschakeld : ja Tunnel-adapter voor Teredo Tunneling Pseudo-Interface: Verbindingsspec. DNS-achtervoegsel: Beschrijving. . . . . . . . . . . : Teredo Tunneling Pseudo-Interface Fysiek adres. . . . . . . . . . . : 00-00-00-00-00-00-00-E0 DHCP ingeschakeld . . . . . . . . : nee Autom. configuratie ingeschakeld : ja IPv6-adres. . . . . . . . . . . . : 2001:0:9d38:6abd:3425:1fd4:3f57:ff98(voorkeur) Link-local IPv6-adres . . . . . . : fe80::3425:1fd4:3f57:ff98%13(voorkeur) Standaardgateway. . . . . . . . . : :: NetBIOS via TCPIP . . . . . . . . : uitgeschakeld Server: UnKnown Address: 192.168.0.1 Naam: google.com Addresses: 2a00:1450:4013:c00::71 173.194.65.100 173.194.65.102 173.194.65.139 173.194.65.113 173.194.65.101 173.194.65.138 Pingen naar google.com [173.194.65.100] met 32 bytes aan gegevens: Antwoord van 173.194.65.100: bytes=32 tijd=15 ms TTL=49 Antwoord van 173.194.65.100: bytes=32 tijd=16 ms TTL=49 Ping-statistieken voor 173.194.65.100: Pakketten: verzonden = 2, ontvangen = 2, verloren = 0 (0% verlies). De gemiddelde tijd voor het uitvoeren van ��n bewerking in milliseconden: Minimum = 15ms, Maximum = 16ms, Gemiddelde = 15ms Server: UnKnown Address: 192.168.0.1 Naam: yahoo.com Addresses: 98.139.183.24 98.138.253.109 206.190.36.45 Pingen naar yahoo.com [98.139.183.24] met 32 bytes aan gegevens: Antwoord van 98.139.183.24: bytes=32 tijd=111 ms TTL=45 Antwoord van 98.139.183.24: bytes=32 tijd=109 ms TTL=45 Ping-statistieken voor 98.139.183.24: Pakketten: verzonden = 2, ontvangen = 2, verloren = 0 (0% verlies). De gemiddelde tijd voor het uitvoeren van ��n bewerking in milliseconden: Minimum = 109ms, Maximum = 111ms, Gemiddelde = 110ms Pingen naar 127.0.0.1 met 32 bytes aan gegevens: Antwoord van 127.0.0.1: bytes=32 tijd<1 ms TTL=128 Antwoord van 127.0.0.1: bytes=32 tijd<1 ms TTL=128 Ping-statistieken voor 127.0.0.1: Pakketten: verzonden = 2, ontvangen = 2, verloren = 0 (0% verlies). De gemiddelde tijd voor het uitvoeren van ��n bewerking in milliseconden: Minimum = 0ms, Maximum = 0ms, Gemiddelde = 0ms =========================================================================== Interfacelijst 11...c8 9c dc eb ee e9 ......Intel® 82579V Gigabit Network Connection 1...........................Software Loopback Interface 1 15...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter 13...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface =========================================================================== IPv4 routetabel =========================================================================== Actieve routes: Netwerkadres Netmasker Gateway Interface Metric 0.0.0.0 0.0.0.0 192.168.0.1 192.168.0.103 20 127.0.0.0 255.0.0.0 On-link 127.0.0.1 306 127.0.0.1 255.255.255.255 On-link 127.0.0.1 306 127.255.255.255 255.255.255.255 On-link 127.0.0.1 306 192.168.0.0 255.255.255.0 On-link 192.168.0.103 276 192.168.0.103 255.255.255.255 On-link 192.168.0.103 276 192.168.0.255 255.255.255.255 On-link 192.168.0.103 276 224.0.0.0 240.0.0.0 On-link 127.0.0.1 306 224.0.0.0 240.0.0.0 On-link 192.168.0.103 276 255.255.255.255 255.255.255.255 On-link 127.0.0.1 306 255.255.255.255 255.255.255.255 On-link 192.168.0.103 276 =========================================================================== Permanente routes: Geen IPv6 routetabel =========================================================================== Actieve routes: Indien metrische netwerkbestemming Gateway 13 58 ::/0 On-link 1 306 ::1/128 On-link 13 58 2001::/32 On-link 13 306 2001:0:9d38:6abd:3425:1fd4:3f57:ff98/128 On-link 11 276 fe80::/64 On-link 13 306 fe80::/64 On-link 13 306 fe80::3425:1fd4:3f57:ff98/128 On-link 11 276 fe80::5c69:2e26:3db1:2dfe/128 On-link 1 306 ff00::/8 On-link 13 306 ff00::/8 On-link 11 276 ff00::/8 On-link =========================================================================== Permanente routes: Geen ========================= Winsock entries ===================================== Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation) Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation) Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation) Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation) Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation) Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation) Catalog5 07 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.) Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.) Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation) Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation) Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation) Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation) Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation) Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation) Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation) Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation) Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation) Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation) x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation) x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation) x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation) x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation) x64-Catalog5 05 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation) x64-Catalog5 06 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation) x64-Catalog5 07 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [170880] (Microsoft Corp.) x64-Catalog5 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [170880] (Microsoft Corp.) x64-Catalog9 01 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation) x64-Catalog9 02 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation) x64-Catalog9 03 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation) x64-Catalog9 04 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation) x64-Catalog9 05 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation) x64-Catalog9 06 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation) x64-Catalog9 07 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation) x64-Catalog9 08 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation) x64-Catalog9 09 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation) x64-Catalog9 10 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation) ========================= Event log errors: =============================== Application errors: ================== Error: (07/19/2014 08:28:45 AM) (Source: WinMgmt) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (07/19/2014 08:28:40 AM) (Source: MsiInstaller) (User: Patrick-PC) Description: Product: Akamai NetSession Interface -- Error 1310. Error writing to file: C:\Users\Patrick\AppData\Local\Akamai\admintool.exe. System error 0. Verify that you have access to that directory. Error: (07/19/2014 08:28:19 AM) (Source: MsiInstaller) (User: Patrick-PC) Description: Product: Akamai NetSession Interface -- Error 1310. Error writing to file: C:\Users\Patrick\AppData\Local\Akamai\admintool.exe. System error 0. Verify that you have access to that directory. Error: (07/19/2014 02:09:33 AM) (Source: Application Hang) (User: ) Description: Het programma mb_wfas.exe, versie 1.0.0.0 reageert niet meer op Windows en is afgesloten. Als u wilt zien of er meer informatie over het probleem beschikbaar is, raadpleegt u de probleemgeschiedenis in het onderdeel Onderhoudscentrum in het Configuratiescherm. Proces-id: 1fbc Starttijd: 01cfa2e58a5c8019 Eindtijd: 28 Toepassingspad: C:\Program Files (x86)\Steam\steamapps\common\Mount & Blade With Fire and Sword\mb_wfas.exe Rapport-id: Error: (07/19/2014 00:56:33 AM) (Source: MsiInstaller) (User: Patrick-PC) Description: Product: Akamai NetSession Interface -- Error 1310. Error writing to file: C:\Users\Patrick\AppData\Local\Akamai\admintool.exe. System error 0. Verify that you have access to that directory. Error: (07/19/2014 00:56:13 AM) (Source: MsiInstaller) (User: Patrick-PC) Description: Product: Akamai NetSession Interface -- Error 1310. Error writing to file: C:\Users\Patrick\AppData\Local\Akamai\admintool.exe. System error 0. Verify that you have access to that directory. Error: (07/18/2014 08:50:51 PM) (Source: MsiInstaller) (User: Patrick-PC) Description: Product: Akamai NetSession Interface -- Error 1310. Error writing to file: C:\Users\Patrick\AppData\Local\Akamai\admintool.exe. System error 0. Verify that you have access to that directory. Error: (07/18/2014 08:50:12 PM) (Source: MsiInstaller) (User: Patrick-PC) Description: Product: Akamai NetSession Interface -- Error 1310. Error writing to file: C:\Users\Patrick\AppData\Local\Akamai\admintool.exe. System error 0. Verify that you have access to that directory. Error: (07/18/2014 03:21:06 PM) (Source: MsiInstaller) (User: Patrick-PC) Description: Product: Akamai NetSession Interface -- Error 1310. Error writing to file: C:\Users\Patrick\AppData\Local\Akamai\admintool.exe. System error 0. Verify that you have access to that directory. Error: (07/18/2014 03:20:12 PM) (Source: MsiInstaller) (User: Patrick-PC) Description: Product: Akamai NetSession Interface -- Error 1310. Error writing to file: C:\Users\Patrick\AppData\Local\Akamai\admintool.exe. System error 0. Verify that you have access to that directory. System errors: ============= Error: (07/18/2014 09:34:46 AM) (Source: Microsoft Antimalware) (User: ) Description: %NT AUTHORITY60 heeft een fout gevonden tijdens het bijwerken van handtekeningen. Nieuwe handtekeningversie: Vorige handtekeningversie: 1.179.214.0 Updatebron: %NT AUTHORITY59 Updatefase: 4.5.0216.00 Bronpad: 4.5.0216.01 Type handtekening: %NT AUTHORITY602 Type update: %NT AUTHORITY604 Gebruiker: NT AUTHORITY\SYSTEM Huidige engineversie: %NT AUTHORITY605 Vorige engineversie: %NT AUTHORITY606 Foutcode: %NT AUTHORITY607 Foutbeschrijving: %NT AUTHORITY608 Error: (07/18/2014 09:29:11 AM) (Source: Service Control Manager) (User: ) Description: De Steam Client Service-service kan vanwege de volgende fout niet worden gestart: %%1053 Error: (07/18/2014 09:29:11 AM) (Source: Service Control Manager) (User: ) Description: Time-out (30000 seconden) tijdens het wachten op het verbinden van deze service: Steam Client Service. Error: (07/17/2014 01:17:09 AM) (Source: Service Control Manager) (User: ) Description: De NVIDIA Stereoscopic 3D Driver Service-service is onverwacht beëindigd. Dit is nu 1 keer gebeurd. Microsoft Office Sessions: ========================= Error: (07/19/2014 08:28:45 AM) (Source: WinMgmt)(User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (07/19/2014 08:28:40 AM) (Source: MsiInstaller)(User: Patrick-PC) Description: Product: Akamai NetSession Interface -- Error 1310. Error writing to file: C:\Users\Patrick\AppData\Local\Akamai\admintool.exe. System error 0. Verify that you have access to that directory.(NULL)(NULL)(NULL)(NULL)(NULL) Error: (07/19/2014 08:28:19 AM) (Source: MsiInstaller)(User: Patrick-PC) Description: Product: Akamai NetSession Interface -- Error 1310. Error writing to file: C:\Users\Patrick\AppData\Local\Akamai\admintool.exe. System error 0. Verify that you have access to that directory.(NULL)(NULL)(NULL)(NULL)(NULL) Error: (07/19/2014 02:09:33 AM) (Source: Application Hang)(User: ) Description: mb_wfas.exe1.0.0.01fbc01cfa2e58a5c801928C:\Program Files (x86)\Steam\steamapps\common\Mount & Blade With Fire and Sword\mb_wfas.exe Error: (07/19/2014 00:56:33 AM) (Source: MsiInstaller)(User: Patrick-PC) Description: Product: Akamai NetSession Interface -- Error 1310. Error writing to file: C:\Users\Patrick\AppData\Local\Akamai\admintool.exe. System error 0. Verify that you have access to that directory.(NULL)(NULL)(NULL)(NULL)(NULL) Error: (07/19/2014 00:56:13 AM) (Source: MsiInstaller)(User: Patrick-PC) Description: Product: Akamai NetSession Interface -- Error 1310. Error writing to file: C:\Users\Patrick\AppData\Local\Akamai\admintool.exe. System error 0. Verify that you have access to that directory.(NULL)(NULL)(NULL)(NULL)(NULL) Error: (07/18/2014 08:50:51 PM) (Source: MsiInstaller)(User: Patrick-PC) Description: Product: Akamai NetSession Interface -- Error 1310. Error writing to file: C:\Users\Patrick\AppData\Local\Akamai\admintool.exe. System error 0. Verify that you have access to that directory.(NULL)(NULL)(NULL)(NULL)(NULL) Error: (07/18/2014 08:50:12 PM) (Source: MsiInstaller)(User: Patrick-PC) Description: Product: Akamai NetSession Interface -- Error 1310. Error writing to file: C:\Users\Patrick\AppData\Local\Akamai\admintool.exe. System error 0. Verify that you have access to that directory.(NULL)(NULL)(NULL)(NULL)(NULL) Error: (07/18/2014 03:21:06 PM) (Source: MsiInstaller)(User: Patrick-PC) Description: Product: Akamai NetSession Interface -- Error 1310. Error writing to file: C:\Users\Patrick\AppData\Local\Akamai\admintool.exe. System error 0. Verify that you have access to that directory.(NULL)(NULL)(NULL)(NULL)(NULL) Error: (07/18/2014 03:20:12 PM) (Source: MsiInstaller)(User: Patrick-PC) Description: Product: Akamai NetSession Interface -- Error 1310. Error writing to file: C:\Users\Patrick\AppData\Local\Akamai\admintool.exe. System error 0. Verify that you have access to that directory.(NULL)(NULL)(NULL)(NULL)(NULL) CodeIntegrity Errors: =================================== Date: 2012-05-11 22:50:47.169 Description: De integriteit van de kopie van het bestand \Device\HarddiskVolume3\ijji\ENGLISH\Gunz\GameGuard\dump_wmimmc.sys kan niet worden geverifieerd omdat de bestands-hash niet is gevonden op het systeem. Tijdens een recente hardware- of softwarewijziging is mogelijk een bestand geïnstalleerd dat onjuist ondertekend of beschadigd is, of dat mogelijk kwaadwillende software van een onbekende bron is. Date: 2012-05-11 22:50:47.151 Description: De integriteit van de kopie van het bestand \Device\HarddiskVolume3\ijji\ENGLISH\Gunz\GameGuard\dump_wmimmc.sys kan niet worden geverifieerd omdat de bestands-hash niet is gevonden op het systeem. Tijdens een recente hardware- of softwarewijziging is mogelijk een bestand geïnstalleerd dat onjuist ondertekend of beschadigd is, of dat mogelijk kwaadwillende software van een onbekende bron is. =========================== Installed Programs ============================ Acer eRecovery Management (HKLM-x32\...\{7F811A54-5A09-4579-90E1-C93498E230D9}) (Version: 5.00.3505 - Acer Incorporated) Acer Registration (HKLM-x32\...\Acer Registration) (Version: 1.04.3503 - Acer Incorporated) Acer ScreenSaver (HKLM-x32\...\Acer Screensaver) (Version: 1.1.0609.2011 - Acer Incorporated) Acer Updater (HKLM-x32\...\{EE171732-BEB4-4576-887D-CB62727F01CA}) (Version: 1.02.3500 - Acer Incorporated) Adobe Flash Player 14 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 14.0.0.145 - Adobe Systems Incorporated) Adobe Flash Player 14 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 14.0.0.145 - Adobe Systems Incorporated) Adobe Reader XI (11.0.07) - Nederlands (HKLM-x32\...\{AC76BA86-7AD7-1043-7B44-AB0000000001}) (Version: 11.0.07 - Adobe Systems Incorporated) Akamai NetSession Interface (HKCU\...\Akamai) (Version: - Akamai Technologies, Inc) Bandisoft MPEG-1 Decoder (HKLM-x32\...\BandiMPEG1) (Version: - ) D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden ERUNT 1.1j (HKLM-x32\...\ERUNT_is1) (Version: - Lars Hederer) Evernote v. 4.5.1 (HKLM-x32\...\{28921580-E4BB-11E0-9FD7-1CC1DEF07CBE}) (Version: 4.5.1.5451 - Evernote Corp.) Fotogalerija Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Futuremark SystemInfo (HKLM-x32\...\{BEE64C14-BEF1-4610-8A68-A16EAA47B882}) (Version: 4.15.0 - Futuremark Corporation) Galeria de Fotografias do Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Galería fotográfica de Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Galeria fotogràfica del Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Galeria fotografii uslugi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Galerie de photos Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Galerie foto Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Hotkey Utility (HKLM-x32\...\Hotkey Utility) (Version: 2.05.3505 - Acer Incorporated) Identity Card (HKLM-x32\...\Identity Card) (Version: 1.00.3501 - Acer Incorporated) Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation) Intel® Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.1.0.1008 - Intel Corporation) Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Malwarebytes Anti-Malware versie 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation) Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation) Microsoft .NET Framework 4.5.1 (Nederlands) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1043) (Version: 4.5.50938 - Microsoft Corporation) Microsoft .NET Framework 4.5.1 (NLD) (Version: 4.5.50938 - Microsoft Corporation) Hidden Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}) (Version: 3.5.92.0 - Microsoft Corporation) Microsoft Games for Windows Marketplace (HKLM-x32\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation) Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation) Microsoft Security Client (Version: 4.5.0216.0 - Microsoft Corporation) Hidden Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.5.216.0 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation) Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation) Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation) Mount & Blade: Warband (HKLM-x32\...\Steam App 48700) (Version: - TaleWorlds Entertainment) Mozilla Firefox 30.0 (x86 nl) (HKLM-x32\...\Mozilla Firefox 30.0 (x86 nl)) (Version: 30.0 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla) MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation) MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation) MyWinLocker (Version: 4.0.14.25 - Egis Technology Inc.) Hidden MyWinLocker 4 (x32 Version: 4.0.14.25 - Egis Technology Inc.) Hidden MyWinLocker Suite (HKLM-x32\...\InstallShield_{17DF9714-60C9-43C9-A9C2-32BCAED44CBE}) (Version: 4.0.14.15 - Egis Technology Inc.) MyWinLocker Suite (x32 Version: 4.0.14.15 - Egis Technology Inc.) Hidden Nero Control Center 10 (x32 Version: 10.2.11100.1.1 - Nero AG) Hidden Nero ControlCenter 10 Help (CHM) (x32 Version: 10.5.10000 - Nero AG) Hidden Nero Core Components 10 (x32 Version: 2.0.18100.8.8 - Nero AG) Hidden Nero DiscSpeed 10 (HKLM-x32\...\{34490F4E-48D0-492E-8249-B48BECF0537C}) (Version: 6.2.10500.2.100 - Nero AG) Nero DiscSpeed 10 Help (CHM) (x32 Version: 10.5.10000 - Nero AG) Hidden Nero Express 10 (HKLM-x32\...\{70550193-1C22-445C-8FA4-564E155DB1A7}) (Version: 10.2.12000.21.100 - Nero AG) Nero Express 10 Help (CHM) (x32 Version: 10.5.10200 - Nero AG) Hidden Nero Multimedia Suite 10 Essentials (HKLM-x32\...\{62BF4BD3-B1F6-4FA2-8388-CC0647ACBF86}) (Version: 10.5.10300 - Nero AG) Nero StartSmart 10 (HKLM-x32\...\{F61D489E-6C44-49AC-AD02-7DA8ACA73A65}) (Version: 10.2.11600.14.100 - Nero AG) Nero StartSmart 10 Help (CHM) (x32 Version: 10.5.10000 - Nero AG) Hidden Nero Update (HKLM-x32\...\{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}) (Version: 1.0.0018 - Nero AG) Norton Online Backup (HKLM-x32\...\{40A66DF6-22D3-44B5-A7D3-83B118A2C0DC}) (Version: 2.1.17869 - Symantec Corporation) NVIDIA 3D Vision controllerstuurprogramma 337.88 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 337.88 - NVIDIA Corporation) NVIDIA 3D Vision stuurprogramma 337.88 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 337.88 - NVIDIA Corporation) NVIDIA GeForce Experience 2.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1 - NVIDIA Corporation) NVIDIA Grafisch stuurprogramma 337.88 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 337.88 - NVIDIA Corporation) NVIDIA HD Audio-stuurprogramma 1.3.30.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.30.1 - NVIDIA Corporation) NVIDIA Install Application (Version: 2.1002.157.1165 - NVIDIA Corporation) Hidden NVIDIA LED Visualizer 1.0 (Version: 1.0 - NVIDIA Corporation) Hidden NVIDIA Network Service (Version: 1.0 - NVIDIA Corporation) Hidden NVIDIA Optimus Update 14.6.22 (Version: 14.6.22 - NVIDIA Corporation) Hidden NVIDIA PhysX (x32 Version: 9.13.1220 - NVIDIA Corporation) Hidden NVIDIA PhysX systeemsoftware 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation) NVIDIA ShadowPlay 14.6.22 (Version: 14.6.22 - NVIDIA Corporation) Hidden NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.12.6514 - NVIDIA Corporation) Hidden NVIDIA Update 14.6.22 (Version: 14.6.22 - NVIDIA Corporation) Hidden NVIDIA Update Core (Version: 14.6.22 - NVIDIA Corporation) Hidden NVIDIA Virtual Audio 1.2.23 (Version: 1.2.23 - NVIDIA Corporation) Hidden NVIDIA-configuratiescherm 337.88 (Version: 337.88 - NVIDIA Corporation) Hidden OpenAL (HKLM-x32\...\OpenAL) (Version: - ) Plantronics® GameCom 780 Software for Dolby® Headphone (HKLM-x32\...\{EB3C9064-9140-4279-9E51-965119402151}) (Version: 1.00.0001 - Plantronics) Poczta uslugi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Podstawowe programy Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Pošta Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.988 - Even Balance, Inc.) Raccolta foto di Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6242 - Realtek Semiconductor Corp.) SHIELD Streaming (Version: 2.1.214 - NVIDIA Corporation) Hidden Shredder (Version: 2.0.8.9 - Egis Technology Inc.) Hidden Shredder (x32 Version: 2.0.8.9 - Egis Technology Inc.) Hidden Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation) swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden Welcome Center (HKLM-x32\...\Acer Welcome Center) (Version: 1.02.3504 - Acer Incorporated) Windows Live Argazki Galeria (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation) Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Fotogaléria (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Fotogalerie (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Fotogalleri (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Fotograf Galerisi (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Fotótár (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Galeria de Fotos (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Galerija fotografija (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live ID Sign-in Assistant (Version: 7.250.4225.0 - Microsoft Corporation) Hidden Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Language Selector (Version: 15.4.3508.1109 - Microsoft Corporation) Hidden Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Mesh (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden Windows Live Remote Client (Version: 15.4.5722.2 - Microsoft Corporation) Hidden Windows Live Remote Client Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden Windows Live Remote Service (Version: 15.4.5722.2 - Microsoft Corporation) Hidden Windows Live Remote Service Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Temel Parçalar (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live ???? (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live ??? (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Liven asennustyökalu (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Liven sähköposti (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Liven valokuvavalikoima (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden WinRAR 4.20 (64-bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH) S?????? f?t???af??? t?? Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden ???????? ?????????? Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden ????? Windows Live (x32 Version: 15.4.3502.0922 - ?????????? ??????????) Hidden ?????????? Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden ??????????? ?? Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden ?????? ??????? ?? Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden ???? Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden ???? ??? Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden ========================= Devices: ================================ Name: 802.11n draadloze LAN-kaart Description: 802.11n draadloze LAN-kaart Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: Ralink Technology, Corp. Service: netr28x Problem: : This device is disabled. (Code 22) Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions. ========================= Memory info: =================================== Percentage of memory in use: 25% Total physical RAM: 6126.01 MB Available physical RAM: 4587.02 MB Total Pagefile: 12250.2 MB Available Pagefile: 10627.96 MB Total Virtual: 4095.88 MB Available Virtual: 3971.63 MB ========================= Partitions: ===================================== 1 Drive c: (Acer) (Fixed) (Total:455.45 GB) (Free:381.26 GB) NTFS 2 Drive d: (DATA) (Fixed) (Total:455.96 GB) (Free:455.86 GB) NTFS ========================= Users: ======================================== Gebruikersaccounts voor \\PATRICK-PC Administrator Gast Patrick De opdracht is voltooid. ========================= Minidump Files ================================== No minidump file found **** End of log **** -
PC and Internet running slow, might be infected.
kemped replied to kemped's topic in Resolved Malware Removal Logs
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 15-07-2014 01 Ran by Patrick at 2014-07-18 20:49:10 Run:1 Running from C:\Users\Patrick\Desktop Boot Mode: Normal ============================================== Content of fixlist: ***************** SearchScopes: HKLM - DefaultScope value is missing. SearchScopes: HKLM-x32 - DefaultScope value is missing. FF Plugin: @java.com/DTPlugin,version=10.7.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation) C:\ProgramData\DynuEncrypt.dll C:\Users\Patrick\random.dat ***************** HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully. HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully. 'HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.7.2' => Key deleted successfully. C:\Windows\system32\npDeployJava1.dll => Moved successfully. C:\ProgramData\DynuEncrypt.dll => Moved successfully. C:\Users\Patrick\random.dat => Moved successfully. ==== End of Fixlog ==== -
PC and Internet running slow, might be infected.
kemped replied to kemped's topic in Resolved Malware Removal Logs
JavaRa 1.16 Removal Log.Report follows after line.------------------------------------The JavaRa removal process was started on Thu Jul 17 01:14:51 2014 There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-ABCDEFFDCBA}. The error returned was 124. There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0001-ABCDEFFDCBA}. The error returned was 124. There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0002-ABCDEFFDCBA}. The error returned was 124. There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0003-ABCDEFFDCBA}. The error returned was 124. There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0004-ABCDEFFDCBA}. The error returned was 124. There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0005-ABCDEFFDCBA}. The error returned was 124. There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0006-ABCDEFFDCBA}. The error returned was 124. There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0007-ABCDEFFDCBA}. The error returned was 124. There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0008-ABCDEFFDCBA}. The error returned was 124. There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0009-ABCDEFFDCBA}. The error returned was 124. There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0010-ABCDEFFDCBA}. The error returned was 124. There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0011-ABCDEFFDCBA}. The error returned was 124. There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0012-ABCDEFFDCBA}. The error returned was 124. There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0013-ABCDEFFDCBA}. The error returned was 124. There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0014-ABCDEFFDCBA}. The error returned was 124. There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0015-ABCDEFFDCBA}. The error returned was 124. There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0016-ABCDEFFDCBA}. The error returned was 124. There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0017-ABCDEFFDCBA}. The error returned was 124. There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0018-ABCDEFFDCBA}. The error returned was 124. There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0019-ABCDEFFDCBA}. The error returned was 124. There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0020-ABCDEFFDCBA}. The error returned was 124. There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0021-ABCDEFFDCBA}. The error returned was 124. There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0022-ABCDEFFDCBA}. The error returned was 124. Found and removed: SOFTWARE\Classes\CLSID\{08B0E5C0-4FCB-11CF-AAA5-00401C608501} Found and removed: SOFTWARE\Classes\CLSID\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-DEC7-0000-0001-ABCDEFFEDCBA} Found and removed: SOFTWARE\Classes\CLSID\{DBC80044-A445-435b-BC74-9C25C1C588A9} Found and removed: SOFTWARE\Classes\Interface\{5852F5EC-8BF4-11D4-A245-0080C6F74284} Found and removed: SOFTWARE\Classes\MIME\Database\Content Type\application/java-deployment-toolkit Found and removed: SOFTWARE\Classes\TypeLib\{5852F5E0-8BF4-11D4-A245-0080C6F74284} Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects Found and removed: SOFTWARE\JavaSoft Found and removed: SOFTWARE\JreMetricsFound and removed: SOFTWARE\MozillaPlugins ------------------------------------Finished reporting. Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 15-07-2014 01 Ran by Patrick (administrator) on PATRICK-PC on 17-07-2014 01:23:07 Running from C:\Users\Patrick\Downloads Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Nederlands (Nederland) Internet Explorer Version 11 Boot Mode: Normal The only official download link for FRST: Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/ Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/ Download link from any site other than Bleeping Computer is unpermitted or outdated. See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (Acer Incorporated) C:\Program Files (x86)\Acer\Registration\GREGsvc.exe (Acer Incorporated) C:\Program Files\Acer\Acer Updater\UpdaterService.exe (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe (Symantec Corporation) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe () C:\Windows\SysWOW64\PnkBstrA.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe () C:\Program Files\Plantronics\GameCom780\GameCom780.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (Akamai Technologies, Inc.) C:\Users\Patrick\AppData\Local\Akamai\netsession_win.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (Akamai Technologies, Inc.) C:\Users\Patrick\AppData\Local\Akamai\netsession_win.exe (Egis Technology Inc.) C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe (Egis Technology Inc.) C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe () C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (Egis Technology Inc.) C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe (Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe (Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Reader 11.0\Reader\reader_sl.exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11580520 2010-11-11] (Realtek Semiconductor) HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [1271072 2014-03-11] (Microsoft Corporation) HKLM\...\Run: [GamecomSound] => C:\Program Files\Plantronics\GameCom780\GameCom780.exe [777448 2011-12-01] () HKLM\...\Run: [Nvtmru] => "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe" HKLM\...\Run: [shadowPlay] => C:\Windows\system32\nvspcap64.dll [1279480 2014-05-30] (NVIDIA Corporation) HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2352072 2014-05-30] (NVIDIA Corporation) HKLM-x32\...\Run: [suiteTray] => C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe [340848 2011-04-02] (Egis Technology Inc.) HKLM-x32\...\Run: [EgisTecPMMUpdate] => C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe [408432 2011-03-29] (Egis Technology Inc.) HKLM-x32\...\Run: [EgisUpdate] => C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe [202608 2011-03-29] (Egis Technology Inc.) HKLM-x32\...\Run: [Hotkey Utility] => C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe [627304 2011-08-11] () HKLM-x32\...\Run: [KiesTrayAgent] => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated) HKU\.DEFAULT\...\RunOnce: [isMyWinLockerReboot] - msiexec.exe /qn /x{voidguid} HKU\S-1-5-19\...\RunOnce: [isMyWinLockerReboot] - msiexec.exe /qn /x{voidguid} HKU\S-1-5-20\...\RunOnce: [isMyWinLockerReboot] - msiexec.exe /qn /x{voidguid} HKU\S-1-5-21-6045758-1717323391-879862430-1001\...\Run: [Akamai NetSession Interface] => C:\Users\Patrick\AppData\Local\Akamai\netsession_win.exe [4440896 2012-08-10] (Akamai Technologies, Inc.) HKU\S-1-5-21-6045758-1717323391-879862430-1001\...\Run: [] => C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe HKU\S-1-5-21-6045758-1717323391-879862430-1001\...\MountPoints2: {94c89b52-511a-11e1-a331-806e6f6e6963} - E:\setup.exe ==================== Internet (Whitelisted) ==================== HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://acer.msn.com HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://acer.nl.msn.com/ HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xE35952EA1F28CF01 HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = nl-NL HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://dnf.neople.com/ StartMenuInternet: IEXPLORE.EXE - iexplore.exe SearchScopes: HKLM - DefaultScope value is missing. SearchScopes: HKLM-x32 - DefaultScope value is missing. SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&r=408 BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) DPF: HKLM-x32 {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 FireFox: ======== FF ProfilePath: C:\Users\Patrick\AppData\Roaming\Mozilla\Firefox\Profiles\uh0a2ezk.default FF SelectedSearchEngine: user_pref("browser.search.selectedEngine", ""); FF Homepage: https://www.youtube.com/ FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_145.dll () FF Plugin: @java.com/DTPlugin,version=10.7.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation) FF Plugin: @microsoft.com/GENUINE - disabled No File FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation) FF Plugin HKCU: ubisoft.com/uplaypc - C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll No File FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.) FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\bolcom-nl.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\marktplaats-nl.xml FF Extension: Adblock Plus Pop-up Addon - C:\Users\Patrick\AppData\Roaming\Mozilla\Firefox\Profiles\uh0a2ezk.default\Extensions\adblockpopups@jessehakanen.net.xpi [2014-04-13] FF Extension: Adblock Plus - C:\Users\Patrick\AppData\Roaming\Mozilla\Firefox\Profiles\uh0a2ezk.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2012-05-11] ==================== Services (Whitelisted) ================= R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation) R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation) R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2014-03-11] (Microsoft Corporation) R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [347872 2014-03-11] (Microsoft Corporation) R2 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2804568 2010-06-02] (Symantec Corporation) S3 npggsvc; C:\Windows\SysWOW64\GameMon.des [4390376 2011-07-17] (INCA Internet Co., Ltd.) [File not signed] R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1631008 2014-05-30] (NVIDIA Corporation) R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [21055432 2014-05-30] (NVIDIA Corporation) R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2013-03-29] () ==================== Drivers (Whitelisted) ==================== R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-05-12] (Malwarebytes Corporation) R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [122584 2014-07-17] (Malwarebytes Corporation) R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-05-12] (Malwarebytes Corporation) R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [268512 2014-01-25] (Microsoft Corporation) R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [133928 2014-03-11] (Microsoft Corporation) S3 NPPTNT2; C:\Windows\SysWOW64\npptNT2.sys [4682 2004-12-31] (INCA Internet Co., Ltd.) [File not signed] R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [20256 2014-05-30] (NVIDIA Corporation) R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [40392 2014-03-31] (NVIDIA Corporation) R3 PlantronicsGC; C:\Windows\System32\drivers\PLTGC.sys [1327104 2011-11-05] (C-Media Electronics Inc) S3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [42184 2014-05-17] (Anchorfree Inc.) S3 dump_wmimmc; \??\C:\ijji\ENGLISH\Gunz\GameGuard\dump_wmimmc.sys [X] S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X] S3 sf; \??\C:\AeriaGames\SoldierFront\avital\soldierf64.sys [X] S3 X6va011; \??\C:\Windows\SysWOW64\Drivers\X6va011 [X] S3 XFDriver64; \??\C:\Program Files (x86)\Xfire2\XFDriver64.sys [X] ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2014-07-17 01:16 - 2014-07-17 01:16 - 00448512 _____ (OldTimer Tools) C:\Users\Patrick\Downloads\TFC.exe 2014-07-17 01:15 - 2014-07-17 01:15 - 00004200 _____ () C:\Users\Patrick\Desktop\Nieuw tekstdocument.txt 2014-07-17 01:14 - 2014-07-17 01:14 - 00004320 _____ () C:\JavaRa.log 2014-07-17 01:13 - 2014-07-17 01:13 - 00000000 ____D () C:\Users\Patrick\Desktop\RemoveJava 2014-07-17 01:12 - 2014-07-17 01:12 - 00165483 _____ () C:\Users\Patrick\Downloads\JavaRa-1.16-28-5-13.zip 2014-07-17 01:11 - 2012-05-04 19:29 - 00772504 _____ (Oracle Corporation) C:\Windows\SysWOW64\npDeployJava1.dll 2014-07-17 01:11 - 2012-05-04 19:29 - 00687504 _____ (Oracle Corporation) C:\Windows\SysWOW64\deployJava1.dll 2014-07-17 00:43 - 2014-07-17 00:43 - 00034214 _____ () C:\Users\Patrick\Downloads\Addition.txt 2014-07-17 00:41 - 2014-07-17 01:23 - 00010991 _____ () C:\Users\Patrick\Downloads\FRST.txt 2014-07-17 00:41 - 2014-07-17 00:41 - 02086912 _____ (Farbar) C:\Users\Patrick\Downloads\FRST64.exe 2014-07-16 22:44 - 2014-07-16 22:44 - 02347384 _____ (ESET) C:\Users\Patrick\Downloads\esetsmartinstaller_enu.exe 2014-07-16 22:38 - 2014-07-16 22:41 - 00000000 ____D () C:\AdwCleaner 2014-07-16 22:38 - 2014-07-16 22:38 - 01348263 _____ () C:\Users\Patrick\Downloads\AdwCleaner.exe 2014-07-16 22:36 - 2014-07-16 22:36 - 00001617 _____ () C:\Users\Patrick\Desktop\JRT.txt 2014-07-16 22:31 - 2014-07-16 22:31 - 01016261 _____ (Thisisu) C:\Users\Patrick\Downloads\JRT.exe 2014-07-16 11:59 - 2014-07-16 23:16 - 00000000 ____D () C:\Users\Patrick\AppData\Local\CrashDumps 2014-07-16 09:45 - 2014-07-16 09:50 - 00030312 _____ () C:\Windows\system32\Drivers\TrueSight.sys 2014-07-16 09:45 - 2014-07-16 09:45 - 05336664 _____ () C:\Users\Patrick\Downloads\RogueKillerX64.exe 2014-07-16 09:45 - 2014-07-16 09:45 - 00000000 ____D () C:\ProgramData\RogueKiller 2014-07-15 23:54 - 2014-07-17 01:20 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2014-07-15 23:54 - 2014-07-15 23:54 - 00001062 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk 2014-07-15 23:54 - 2014-07-15 23:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware 2014-07-15 23:54 - 2014-07-15 23:54 - 00000000 ____D () C:\ProgramData\Malwarebytes 2014-07-15 23:54 - 2014-07-15 23:54 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware 2014-07-15 23:54 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys 2014-07-15 23:54 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys 2014-07-15 23:54 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys 2014-07-15 23:53 - 2014-07-15 23:53 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Patrick\Downloads\mbam-setup-2.0.2.1012(1).exe 2014-07-15 23:51 - 2014-07-15 23:51 - 00321848 _____ (Malwarebytes Corporation) C:\Users\Patrick\Downloads\mbam-clean-2.1.1.1001.exe 2014-07-15 23:47 - 2014-07-15 23:48 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Patrick\Downloads\mbam-setup-2.0.2.1012.exe 2014-07-15 23:44 - 2014-07-15 23:44 - 00791393 _____ (Lars Hederer ) C:\Users\Patrick\Downloads\erunt-setup.exe 2014-07-15 23:44 - 2014-07-15 23:44 - 00000884 _____ () C:\Users\Patrick\Desktop\NTREGOPT.lnk 2014-07-15 23:44 - 2014-07-15 23:44 - 00000884 _____ () C:\Users\Gast\Desktop\NTREGOPT.lnk 2014-07-15 23:44 - 2014-07-15 23:44 - 00000865 _____ () C:\Users\Patrick\Desktop\ERUNT.lnk 2014-07-15 23:44 - 2014-07-15 23:44 - 00000865 _____ () C:\Users\Gast\Desktop\ERUNT.lnk 2014-07-15 23:44 - 2014-07-15 23:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ERUNT 2014-07-15 23:44 - 2014-07-15 23:44 - 00000000 ____D () C:\Program Files (x86)\ERUNT 2014-07-15 23:42 - 2014-07-15 23:43 - 00002038 _____ () C:\Users\Patrick\Desktop\Rkill.txt 2014-07-15 23:42 - 2014-07-15 23:42 - 01942776 _____ (Bleeping Computer, LLC) C:\Users\Patrick\Downloads\iExplore.exe 2014-07-15 23:42 - 2014-07-15 23:42 - 01062136 _____ (Bleeping Computer, LLC) C:\Users\Patrick\Downloads\iExplore64.exe 2014-07-15 10:23 - 2014-07-15 10:23 - 00000221 _____ () C:\Users\Patrick\Desktop\Mount & Blade Warband.url 2014-07-10 23:01 - 2014-07-17 01:23 - 00000000 ____D () C:\FRST 2014-07-09 19:53 - 2014-06-20 22:14 - 00266424 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll 2014-07-09 19:53 - 2014-06-20 21:39 - 00240824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll 2014-07-09 19:53 - 2014-06-19 03:39 - 23464448 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2014-07-09 19:53 - 2014-06-19 03:06 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2014-07-09 19:53 - 2014-06-19 03:06 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll 2014-07-09 19:53 - 2014-06-19 02:48 - 02768384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2014-07-09 19:53 - 2014-06-19 02:42 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2014-07-09 19:53 - 2014-06-19 02:42 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2014-07-09 19:53 - 2014-06-19 02:41 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll 2014-07-09 19:53 - 2014-06-19 02:41 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll 2014-07-09 19:53 - 2014-06-19 02:32 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2014-07-09 19:53 - 2014-06-19 02:31 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2014-07-09 19:53 - 2014-06-19 02:26 - 00598016 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2014-07-09 19:53 - 2014-06-19 02:24 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2014-07-09 19:53 - 2014-06-19 02:24 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2014-07-09 19:53 - 2014-06-19 02:23 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2014-07-09 19:53 - 2014-06-19 02:16 - 17276416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2014-07-09 19:53 - 2014-06-19 02:14 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe 2014-07-09 19:53 - 2014-06-19 02:09 - 00452608 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2014-07-09 19:53 - 2014-06-19 01:59 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll 2014-07-09 19:53 - 2014-06-19 01:56 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2014-07-09 19:53 - 2014-06-19 01:53 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2014-07-09 19:53 - 2014-06-19 01:51 - 05721088 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2014-07-09 19:53 - 2014-06-19 01:50 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2014-07-09 19:53 - 2014-06-19 01:48 - 00292864 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2014-07-09 19:53 - 2014-06-19 01:39 - 00608768 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2014-07-09 19:53 - 2014-06-19 01:38 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2014-07-09 19:53 - 2014-06-19 01:37 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2014-07-09 19:53 - 2014-06-19 01:36 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll 2014-07-09 19:53 - 2014-06-19 01:35 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll 2014-07-09 19:53 - 2014-06-19 01:33 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2014-07-09 19:53 - 2014-06-19 01:32 - 02179072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2014-07-09 19:53 - 2014-06-19 01:28 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2014-07-09 19:53 - 2014-06-19 01:28 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2014-07-09 19:53 - 2014-06-19 01:27 - 02040832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2014-07-09 19:53 - 2014-06-19 01:27 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll 2014-07-09 19:53 - 2014-06-19 01:25 - 00442368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2014-07-09 19:53 - 2014-06-19 01:23 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe 2014-07-09 19:53 - 2014-06-19 01:22 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll 2014-07-09 19:53 - 2014-06-19 01:12 - 00367616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll 2014-07-09 19:53 - 2014-06-19 01:06 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll 2014-07-09 19:53 - 2014-06-19 01:01 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll 2014-07-09 19:53 - 2014-06-19 00:59 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2014-07-09 19:53 - 2014-06-19 00:58 - 02266112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2014-07-09 19:53 - 2014-06-19 00:58 - 00239616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll 2014-07-09 19:53 - 2014-06-19 00:52 - 04254720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2014-07-09 19:53 - 2014-06-19 00:51 - 13527040 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2014-07-09 19:53 - 2014-06-19 00:49 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2014-07-09 19:53 - 2014-06-19 00:46 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll 2014-07-09 19:53 - 2014-06-19 00:45 - 01964544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2014-07-09 19:53 - 2014-06-19 00:35 - 11742208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2014-07-09 19:53 - 2014-06-19 00:34 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2014-07-09 19:53 - 2014-06-19 00:15 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2014-07-09 19:53 - 2014-06-19 00:13 - 01791488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2014-07-09 19:53 - 2014-06-19 00:09 - 01139200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2014-07-09 19:53 - 2014-06-19 00:07 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2014-07-09 19:46 - 2014-06-30 04:09 - 00519168 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll 2014-07-09 19:46 - 2014-06-30 04:04 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll 2014-07-09 19:46 - 2014-06-18 04:18 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe 2014-07-09 19:46 - 2014-06-18 03:51 - 00646144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\osk.exe 2014-07-09 19:46 - 2014-06-18 03:10 - 03157504 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2014-07-09 19:46 - 2014-06-06 12:10 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll 2014-07-09 19:46 - 2014-06-06 11:44 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll 2014-07-09 19:46 - 2014-06-05 16:45 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll 2014-07-09 19:46 - 2014-06-05 16:26 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll 2014-07-09 19:46 - 2014-06-05 16:25 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll 2014-07-09 19:46 - 2014-05-30 10:08 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll 2014-07-09 19:46 - 2014-05-30 10:08 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll 2014-07-09 19:46 - 2014-05-30 10:08 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll 2014-07-09 19:46 - 2014-05-30 10:08 - 00307200 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll 2014-07-09 19:46 - 2014-05-30 10:08 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll 2014-07-09 19:46 - 2014-05-30 10:08 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll 2014-07-09 19:46 - 2014-05-30 10:08 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll 2014-07-09 19:46 - 2014-05-30 09:52 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll 2014-07-09 19:46 - 2014-05-30 09:52 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll 2014-07-09 19:46 - 2014-05-30 09:52 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll 2014-07-09 19:46 - 2014-05-30 09:52 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll 2014-07-09 19:46 - 2014-05-30 09:52 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll 2014-07-09 19:46 - 2014-05-30 09:52 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll 2014-07-09 19:46 - 2014-05-30 09:52 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll 2014-07-09 19:46 - 2014-05-30 08:45 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys 2014-07-08 19:33 - 2014-07-08 19:33 - 00000000 ____D () C:\Users\Patrick\AppData\Local\Adobe 2014-07-08 14:34 - 2014-07-15 23:28 - 00000000 ____D () C:\Program Files (x86)\Hazard Ops 2014-07-07 19:48 - 2014-07-15 23:26 - 00000000 ____D () C:\Users\Patrick\AppData\Local\QQSM 2014-07-07 19:08 - 2014-07-08 14:42 - 00000000 ____D () C:\ProgramData\Solid State Networks 2014-07-06 12:09 - 2014-07-06 12:09 - 09686176 _____ (Perfect World Entertainment) C:\Users\Patrick\Downloads\ArcInstall_v20140625a.exe 2014-07-05 01:43 - 2014-07-05 01:43 - 00000000 ____D () C:\Users\Patrick\AppData\Roaming\Nero 2014-06-23 15:44 - 2012-03-25 10:26 - 00115272 _____ (MotioninJoy) C:\Windows\system32\Drivers\MijXfilt.sys 2014-06-18 16:15 - 2014-06-18 16:15 - 01058200 _____ (Adobe) C:\Users\Patrick\Downloads\install_flashplayer14x32au_mssd_aaa_aih.exe 2014-06-18 04:58 - 2014-06-18 04:59 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox ==================== One Month Modified Files and Folders ======= 2014-07-17 01:23 - 2014-07-17 00:41 - 00010991 _____ () C:\Users\Patrick\Downloads\FRST.txt 2014-07-17 01:23 - 2014-07-10 23:01 - 00000000 ____D () C:\FRST 2014-07-17 01:23 - 2012-02-07 01:21 - 02097079 _____ () C:\Windows\WindowsUpdate.log 2014-07-17 01:20 - 2014-07-15 23:54 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2014-07-17 01:20 - 2012-02-07 01:22 - 00000000 ____D () C:\ProgramData\NVIDIA 2014-07-17 01:20 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2014-07-17 01:20 - 2009-07-14 06:51 - 00133495 _____ () C:\Windows\setupact.log 2014-07-17 01:16 - 2014-07-17 01:16 - 00448512 _____ (OldTimer Tools) C:\Users\Patrick\Downloads\TFC.exe 2014-07-17 01:16 - 2012-05-11 14:30 - 00000940 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job 2014-07-17 01:15 - 2014-07-17 01:15 - 00004200 _____ () C:\Users\Patrick\Desktop\Nieuw tekstdocument.txt 2014-07-17 01:14 - 2014-07-17 01:14 - 00004320 _____ () C:\JavaRa.log 2014-07-17 01:13 - 2014-07-17 01:13 - 00000000 ____D () C:\Users\Patrick\Desktop\RemoveJava 2014-07-17 01:12 - 2014-07-17 01:12 - 00165483 _____ () C:\Users\Patrick\Downloads\JavaRa-1.16-28-5-13.zip 2014-07-17 00:43 - 2014-07-17 00:43 - 00034214 _____ () C:\Users\Patrick\Downloads\Addition.txt 2014-07-17 00:41 - 2014-07-17 00:41 - 02086912 _____ (Farbar) C:\Users\Patrick\Downloads\FRST64.exe 2014-07-16 23:39 - 2012-09-05 19:04 - 00000000 ____D () C:\Users\Patrick\AppData\Local\Akamai 2014-07-16 23:16 - 2014-07-16 11:59 - 00000000 ____D () C:\Users\Patrick\AppData\Local\CrashDumps 2014-07-16 22:49 - 2009-07-14 06:45 - 00016976 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2014-07-16 22:49 - 2009-07-14 06:45 - 00016976 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2014-07-16 22:44 - 2014-07-16 22:44 - 02347384 _____ (ESET) C:\Users\Patrick\Downloads\esetsmartinstaller_enu.exe 2014-07-16 22:41 - 2014-07-16 22:38 - 00000000 ____D () C:\AdwCleaner 2014-07-16 22:41 - 2010-11-21 05:47 - 00658770 _____ () C:\Windows\PFRO.log 2014-07-16 22:38 - 2014-07-16 22:38 - 01348263 _____ () C:\Users\Patrick\Downloads\AdwCleaner.exe 2014-07-16 22:36 - 2014-07-16 22:36 - 00001617 _____ () C:\Users\Patrick\Desktop\JRT.txt 2014-07-16 22:31 - 2014-07-16 22:31 - 01016261 _____ (Thisisu) C:\Users\Patrick\Downloads\JRT.exe 2014-07-16 21:38 - 2012-05-11 14:57 - 00000000 ____D () C:\Program Files (x86)\Steam 2014-07-16 09:50 - 2014-07-16 09:45 - 00030312 _____ () C:\Windows\system32\Drivers\TrueSight.sys 2014-07-16 09:45 - 2014-07-16 09:45 - 05336664 _____ () C:\Users\Patrick\Downloads\RogueKillerX64.exe 2014-07-16 09:45 - 2014-07-16 09:45 - 00000000 ____D () C:\ProgramData\RogueKiller 2014-07-15 23:54 - 2014-07-15 23:54 - 00001062 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk 2014-07-15 23:54 - 2014-07-15 23:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware 2014-07-15 23:54 - 2014-07-15 23:54 - 00000000 ____D () C:\ProgramData\Malwarebytes 2014-07-15 23:54 - 2014-07-15 23:54 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware 2014-07-15 23:53 - 2014-07-15 23:53 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Patrick\Downloads\mbam-setup-2.0.2.1012(1).exe 2014-07-15 23:51 - 2014-07-15 23:51 - 00321848 _____ (Malwarebytes Corporation) C:\Users\Patrick\Downloads\mbam-clean-2.1.1.1001.exe 2014-07-15 23:48 - 2014-07-15 23:47 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Patrick\Downloads\mbam-setup-2.0.2.1012.exe 2014-07-15 23:45 - 2013-07-08 16:27 - 00000000 ____D () C:\Windows\ERDNT 2014-07-15 23:44 - 2014-07-15 23:44 - 00791393 _____ (Lars Hederer ) C:\Users\Patrick\Downloads\erunt-setup.exe 2014-07-15 23:44 - 2014-07-15 23:44 - 00000884 _____ () C:\Users\Patrick\Desktop\NTREGOPT.lnk 2014-07-15 23:44 - 2014-07-15 23:44 - 00000884 _____ () C:\Users\Gast\Desktop\NTREGOPT.lnk 2014-07-15 23:44 - 2014-07-15 23:44 - 00000865 _____ () C:\Users\Patrick\Desktop\ERUNT.lnk 2014-07-15 23:44 - 2014-07-15 23:44 - 00000865 _____ () C:\Users\Gast\Desktop\ERUNT.lnk 2014-07-15 23:44 - 2014-07-15 23:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ERUNT 2014-07-15 23:44 - 2014-07-15 23:44 - 00000000 ____D () C:\Program Files (x86)\ERUNT 2014-07-15 23:43 - 2014-07-15 23:42 - 00002038 _____ () C:\Users\Patrick\Desktop\Rkill.txt 2014-07-15 23:42 - 2014-07-15 23:42 - 01942776 _____ (Bleeping Computer, LLC) C:\Users\Patrick\Downloads\iExplore.exe 2014-07-15 23:42 - 2014-07-15 23:42 - 01062136 _____ (Bleeping Computer, LLC) C:\Users\Patrick\Downloads\iExplore64.exe 2014-07-15 23:29 - 2012-05-11 12:50 - 00000000 ____D () C:\Users\Patrick 2014-07-15 23:29 - 2010-11-21 09:17 - 00000000 ____D () C:\Program Files\Windows Journal 2014-07-15 23:28 - 2014-07-08 14:34 - 00000000 ____D () C:\Program Files (x86)\Hazard Ops 2014-07-15 23:28 - 2014-05-02 20:59 - 00000000 ___SD () C:\Windows\system32\CompatTel 2014-07-15 23:28 - 2013-05-09 09:11 - 00000000 ____D () C:\Users\Patrick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games 2014-07-15 23:28 - 2012-09-27 23:17 - 00000000 ____D () C:\Users\Gast 2014-07-15 23:28 - 2012-05-11 15:16 - 00000000 ____D () C:\Windows\system32\Macromed 2014-07-15 23:28 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\Dism 2014-07-15 23:28 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\NDF 2014-07-15 23:28 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\Dism 2014-07-15 23:28 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache 2014-07-15 23:28 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\registration 2014-07-15 23:28 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PolicyDefinitions 2014-07-15 23:28 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\AppCompat 2014-07-15 23:26 - 2014-07-07 19:48 - 00000000 ____D () C:\Users\Patrick\AppData\Local\QQSM 2014-07-15 23:26 - 2009-07-14 05:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared 2014-07-15 10:23 - 2014-07-15 10:23 - 00000221 _____ () C:\Users\Patrick\Desktop\Mount & Blade Warband.url 2014-07-10 22:51 - 2013-07-10 06:53 - 00000000 ____D () C:\Windows\system32\MRT 2014-07-09 20:50 - 2012-02-02 18:30 - 00745764 _____ () C:\Windows\system32\perfh013.dat 2014-07-09 20:50 - 2012-02-02 18:30 - 00153716 _____ () C:\Windows\system32\perfc013.dat 2014-07-09 20:50 - 2009-07-14 07:13 - 01670960 _____ () C:\Windows\system32\PerfStringBackup.INI 2014-07-09 20:09 - 2009-07-14 06:45 - 00276968 _____ () C:\Windows\system32\FNTCACHE.DAT 2014-07-09 19:55 - 2012-05-14 12:36 - 96441528 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2014-07-09 14:05 - 2012-08-04 14:57 - 00000000 ____D () C:\Users\Patrick\Documents\My Games 2014-07-09 12:16 - 2012-05-11 14:30 - 00699056 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2014-07-09 12:16 - 2012-05-11 14:30 - 00003878 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater 2014-07-09 12:16 - 2011-07-11 12:28 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2014-07-08 19:33 - 2014-07-08 19:33 - 00000000 ____D () C:\Users\Patrick\AppData\Local\Adobe 2014-07-08 14:42 - 2014-07-07 19:08 - 00000000 ____D () C:\ProgramData\Solid State Networks 2014-07-06 13:00 - 2014-04-23 20:33 - 00000000 ____D () C:\Program Files (x86)\Perfect World Entertainment 2014-07-06 13:00 - 2011-07-11 11:58 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information 2014-07-06 12:09 - 2014-07-06 12:09 - 09686176 _____ (Perfect World Entertainment) C:\Users\Patrick\Downloads\ArcInstall_v20140625a.exe 2014-07-05 01:49 - 2013-05-09 09:07 - 00000000 ____D () C:\Users\Public\Games 2014-07-05 01:43 - 2014-07-05 01:43 - 00000000 ____D () C:\Users\Patrick\AppData\Roaming\Nero 2014-06-30 04:09 - 2014-07-09 19:46 - 00519168 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll 2014-06-30 04:04 - 2014-07-09 19:46 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll 2014-06-23 15:52 - 2011-07-11 12:00 - 00639037 _____ () C:\Windows\DirectX.log 2014-06-20 22:14 - 2014-07-09 19:53 - 00266424 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll 2014-06-20 21:39 - 2014-07-09 19:53 - 00240824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll 2014-06-20 01:45 - 2013-04-04 20:26 - 00000000 ____D () C:\Users\Patrick\AppData\Local\Warframe 2014-06-19 23:02 - 2014-06-08 21:54 - 00000000 ____D () C:\Program Files\My Vapor Record 2014-06-19 14:04 - 2012-05-11 14:29 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service 2014-06-19 03:39 - 2014-07-09 19:53 - 23464448 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2014-06-19 03:06 - 2014-07-09 19:53 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2014-06-19 03:06 - 2014-07-09 19:53 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll 2014-06-19 02:48 - 2014-07-09 19:53 - 02768384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2014-06-19 02:42 - 2014-07-09 19:53 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2014-06-19 02:42 - 2014-07-09 19:53 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2014-06-19 02:41 - 2014-07-09 19:53 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll 2014-06-19 02:41 - 2014-07-09 19:53 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll 2014-06-19 02:32 - 2014-07-09 19:53 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2014-06-19 02:31 - 2014-07-09 19:53 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2014-06-19 02:26 - 2014-07-09 19:53 - 00598016 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2014-06-19 02:24 - 2014-07-09 19:53 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2014-06-19 02:24 - 2014-07-09 19:53 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2014-06-19 02:23 - 2014-07-09 19:53 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2014-06-19 02:16 - 2014-07-09 19:53 - 17276416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2014-06-19 02:14 - 2014-07-09 19:53 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe 2014-06-19 02:09 - 2014-07-09 19:53 - 00452608 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2014-06-19 01:59 - 2014-07-09 19:53 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll 2014-06-19 01:56 - 2014-07-09 19:53 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2014-06-19 01:53 - 2014-07-09 19:53 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2014-06-19 01:51 - 2014-07-09 19:53 - 05721088 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2014-06-19 01:50 - 2014-07-09 19:53 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2014-06-19 01:48 - 2014-07-09 19:53 - 00292864 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2014-06-19 01:39 - 2014-07-09 19:53 - 00608768 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2014-06-19 01:38 - 2014-07-09 19:53 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2014-06-19 01:37 - 2014-07-09 19:53 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2014-06-19 01:36 - 2014-07-09 19:53 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll 2014-06-19 01:35 - 2014-07-09 19:53 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll 2014-06-19 01:33 - 2014-07-09 19:53 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2014-06-19 01:32 - 2014-07-09 19:53 - 02179072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2014-06-19 01:28 - 2014-07-09 19:53 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2014-06-19 01:28 - 2014-07-09 19:53 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2014-06-19 01:27 - 2014-07-09 19:53 - 02040832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2014-06-19 01:27 - 2014-07-09 19:53 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll 2014-06-19 01:25 - 2014-07-09 19:53 - 00442368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2014-06-19 01:23 - 2014-07-09 19:53 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe 2014-06-19 01:22 - 2014-07-09 19:53 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll 2014-06-19 01:12 - 2014-07-09 19:53 - 00367616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll 2014-06-19 01:06 - 2014-07-09 19:53 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll 2014-06-19 01:01 - 2014-07-09 19:53 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll 2014-06-19 00:59 - 2014-07-09 19:53 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2014-06-19 00:58 - 2014-07-09 19:53 - 02266112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2014-06-19 00:58 - 2014-07-09 19:53 - 00239616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll 2014-06-19 00:52 - 2014-07-09 19:53 - 04254720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2014-06-19 00:51 - 2014-07-09 19:53 - 13527040 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2014-06-19 00:49 - 2014-07-09 19:53 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2014-06-19 00:46 - 2014-07-09 19:53 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll 2014-06-19 00:45 - 2014-07-09 19:53 - 01964544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2014-06-19 00:35 - 2014-07-09 19:53 - 11742208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2014-06-19 00:34 - 2014-07-09 19:53 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2014-06-19 00:34 - 2014-05-07 15:29 - 00000000 ____D () C:\Users\Patrick\AppData\Local\Windows Live 2014-06-19 00:15 - 2014-07-09 19:53 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2014-06-19 00:13 - 2014-07-09 19:53 - 01791488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2014-06-19 00:09 - 2014-07-09 19:53 - 01139200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2014-06-19 00:07 - 2014-07-09 19:53 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2014-06-18 16:15 - 2014-06-18 16:15 - 01058200 _____ (Adobe) C:\Users\Patrick\Downloads\install_flashplayer14x32au_mssd_aaa_aih.exe 2014-06-18 04:59 - 2014-06-18 04:58 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox 2014-06-18 04:18 - 2014-07-09 19:46 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe 2014-06-18 03:51 - 2014-07-09 19:46 - 00646144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\osk.exe 2014-06-18 03:10 - 2014-07-09 19:46 - 03157504 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys Files to move or delete: ==================== C:\ProgramData\DynuEncrypt.dll C:\Users\Patrick\random.dat ==================== Bamital & volsnap Check ================= C:\Windows\System32\winlogon.exe => File is digitally signed C:\Windows\System32\wininit.exe => File is digitally signed C:\Windows\SysWOW64\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\System32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\System32\services.exe => File is digitally signed C:\Windows\System32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\System32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\System32\rpcss.dll => File is digitally signed C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2014-07-09 17:17 ==================== End Of Log ============================ Additional scan result of Farbar Recovery Scan Tool (x64) Version: 15-07-2014 01 Ran by Patrick at 2014-07-17 01:24:04 Running from C:\Users\Patrick\Downloads Boot Mode: Normal ========================================================== ==================== Security Center ======================== AV: Microsoft Security Essentials (Enabled - Up to date) {641105E6-77ED-3F35-A304-765193BCB75F} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Microsoft Security Essentials (Enabled - Up to date) {DF70E402-51D7-30BB-99B4-4D23E83BFDE2} ==================== Installed Programs ====================== Acer eRecovery Management (HKLM-x32\...\{7F811A54-5A09-4579-90E1-C93498E230D9}) (Version: 5.00.3505 - Acer Incorporated) Acer Registration (HKLM-x32\...\Acer Registration) (Version: 1.04.3503 - Acer Incorporated) Acer ScreenSaver (HKLM-x32\...\Acer Screensaver) (Version: 1.1.0609.2011 - Acer Incorporated) Acer Updater (HKLM-x32\...\{EE171732-BEB4-4576-887D-CB62727F01CA}) (Version: 1.02.3500 - Acer Incorporated) Adobe Flash Player 14 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 14.0.0.145 - Adobe Systems Incorporated) Adobe Flash Player 14 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 14.0.0.145 - Adobe Systems Incorporated) Adobe Reader XI (11.0.07) - Nederlands (HKLM-x32\...\{AC76BA86-7AD7-1043-7B44-AB0000000001}) (Version: 11.0.07 - Adobe Systems Incorporated) Akamai NetSession Interface (HKCU\...\Akamai) (Version: - Akamai Technologies, Inc) Bandisoft MPEG-1 Decoder (HKLM-x32\...\BandiMPEG1) (Version: - ) D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden ERUNT 1.1j (HKLM-x32\...\ERUNT_is1) (Version: - Lars Hederer) Evernote v. 4.5.1 (HKLM-x32\...\{28921580-E4BB-11E0-9FD7-1CC1DEF07CBE}) (Version: 4.5.1.5451 - Evernote Corp.) Fotogalerija Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Futuremark SystemInfo (HKLM-x32\...\{BEE64C14-BEF1-4610-8A68-A16EAA47B882}) (Version: 4.15.0 - Futuremark Corporation) Galeria de Fotografias do Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Galería fotográfica de Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Galeria fotogràfica del Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Galeria fotografii usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Galerie de photos Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Galerie foto Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Hotkey Utility (HKLM-x32\...\Hotkey Utility) (Version: 2.05.3505 - Acer Incorporated) Identity Card (HKLM-x32\...\Identity Card) (Version: 1.00.3501 - Acer Incorporated) Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation) Intel® Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.1.0.1008 - Intel Corporation) Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden League of Legends (HKLM-x32\...\{92606477-9366-4D3B-8AE3-6BE4B29727AB}) (Version: 1.3 - Riot Games) Malwarebytes Anti-Malware versie 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation) Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation) Microsoft .NET Framework 4.5.1 (Nederlands) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1043) (Version: 4.5.50938 - Microsoft Corporation) Microsoft .NET Framework 4.5.1 (NLD) (Version: 4.5.50938 - Microsoft Corporation) Hidden Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}) (Version: 3.5.92.0 - Microsoft Corporation) Microsoft Games for Windows Marketplace (HKLM-x32\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation) Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation) Microsoft Security Client (Version: 4.5.0216.0 - Microsoft Corporation) Hidden Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.5.216.0 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation) Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation) Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation) Mozilla Firefox 30.0 (x86 nl) (HKLM-x32\...\Mozilla Firefox 30.0 (x86 nl)) (Version: 30.0 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla) MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation) MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation) MyWinLocker (Version: 4.0.14.25 - Egis Technology Inc.) Hidden MyWinLocker 4 (x32 Version: 4.0.14.25 - Egis Technology Inc.) Hidden MyWinLocker Suite (HKLM-x32\...\InstallShield_{17DF9714-60C9-43C9-A9C2-32BCAED44CBE}) (Version: 4.0.14.15 - Egis Technology Inc.) MyWinLocker Suite (x32 Version: 4.0.14.15 - Egis Technology Inc.) Hidden Nero Control Center 10 (x32 Version: 10.2.11100.1.1 - Nero AG) Hidden Nero ControlCenter 10 Help (CHM) (x32 Version: 10.5.10000 - Nero AG) Hidden Nero Core Components 10 (x32 Version: 2.0.18100.8.8 - Nero AG) Hidden Nero DiscSpeed 10 (HKLM-x32\...\{34490F4E-48D0-492E-8249-B48BECF0537C}) (Version: 6.2.10500.2.100 - Nero AG) Nero DiscSpeed 10 Help (CHM) (x32 Version: 10.5.10000 - Nero AG) Hidden Nero Express 10 (HKLM-x32\...\{70550193-1C22-445C-8FA4-564E155DB1A7}) (Version: 10.2.12000.21.100 - Nero AG) Nero Express 10 Help (CHM) (x32 Version: 10.5.10200 - Nero AG) Hidden Nero Multimedia Suite 10 Essentials (HKLM-x32\...\{62BF4BD3-B1F6-4FA2-8388-CC0647ACBF86}) (Version: 10.5.10300 - Nero AG) Nero StartSmart 10 (HKLM-x32\...\{F61D489E-6C44-49AC-AD02-7DA8ACA73A65}) (Version: 10.2.11600.14.100 - Nero AG) Nero StartSmart 10 Help (CHM) (x32 Version: 10.5.10000 - Nero AG) Hidden Nero Update (HKLM-x32\...\{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}) (Version: 1.0.0018 - Nero AG) Norton Online Backup (HKLM-x32\...\{40A66DF6-22D3-44B5-A7D3-83B118A2C0DC}) (Version: 2.1.17869 - Symantec Corporation) NVIDIA 3D Vision controllerstuurprogramma 337.88 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 337.88 - NVIDIA Corporation) NVIDIA 3D Vision stuurprogramma 337.88 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 337.88 - NVIDIA Corporation) NVIDIA GeForce Experience 2.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1 - NVIDIA Corporation) NVIDIA Grafisch stuurprogramma 337.88 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 337.88 - NVIDIA Corporation) NVIDIA HD Audio-stuurprogramma 1.3.30.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.30.1 - NVIDIA Corporation) NVIDIA Install Application (Version: 2.1002.157.1165 - NVIDIA Corporation) Hidden NVIDIA LED Visualizer 1.0 (Version: 1.0 - NVIDIA Corporation) Hidden NVIDIA Network Service (Version: 1.0 - NVIDIA Corporation) Hidden NVIDIA Optimus Update 14.6.22 (Version: 14.6.22 - NVIDIA Corporation) Hidden NVIDIA PhysX (x32 Version: 9.13.1220 - NVIDIA Corporation) Hidden NVIDIA PhysX systeemsoftware 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation) NVIDIA ShadowPlay 14.6.22 (Version: 14.6.22 - NVIDIA Corporation) Hidden NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.12.6514 - NVIDIA Corporation) Hidden NVIDIA Update 14.6.22 (Version: 14.6.22 - NVIDIA Corporation) Hidden NVIDIA Update Core (Version: 14.6.22 - NVIDIA Corporation) Hidden NVIDIA Virtual Audio 1.2.23 (Version: 1.2.23 - NVIDIA Corporation) Hidden NVIDIA-configuratiescherm 337.88 (Version: 337.88 - NVIDIA Corporation) Hidden OpenAL (HKLM-x32\...\OpenAL) (Version: - ) Plantronics® GameCom 780 Software for Dolby® Headphone (HKLM-x32\...\{EB3C9064-9140-4279-9E51-965119402151}) (Version: 1.00.0001 - Plantronics) Poczta usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Podstawowe programy Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Pošta Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.988 - Even Balance, Inc.) Raccolta foto di Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6242 - Realtek Semiconductor Corp.) SHIELD Streaming (Version: 2.1.214 - NVIDIA Corporation) Hidden Shredder (Version: 2.0.8.9 - Egis Technology Inc.) Hidden Shredder (x32 Version: 2.0.8.9 - Egis Technology Inc.) Hidden Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation) swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden Welcome Center (HKLM-x32\...\Acer Welcome Center) (Version: 1.02.3504 - Acer Incorporated) Windows Live Argazki Galeria (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation) Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Fotogaléria (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Fotogalerie (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Fotogalleri (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Fotoğraf Galerisi (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Fotótár (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Galeria de Fotos (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Galerija fotografija (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live ID Sign-in Assistant (Version: 7.250.4225.0 - Microsoft Corporation) Hidden Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Language Selector (Version: 15.4.3508.1109 - Microsoft Corporation) Hidden Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Mesh (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden Windows Live Remote Client (Version: 15.4.5722.2 - Microsoft Corporation) Hidden Windows Live Remote Client Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden Windows Live Remote Service (Version: 15.4.5722.2 - Microsoft Corporation) Hidden Windows Live Remote Service Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Temel Parçalar (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live 影像中心 (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live 程式集 (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Liven asennustyökalu (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Liven sähköposti (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Liven valokuvavalikoima (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden WinRAR 4.20 (64-bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH) Συλλογή φωτογραφιών του Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Основные компоненты Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Почта Windows Live (x32 Version: 15.4.3502.0922 - Корпорация Майкрософт) Hidden Фотоальбом Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Фотогалерия на Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden גלריית התמונות של Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden بريد Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden معرض صور Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden ==================== Restore Points ========================= 10-07-2014 20:34:28 Windows Update 10-07-2014 20:48:20 Windows Update 14-07-2014 09:21:46 Windows Update 15-07-2014 21:32:53 Windows Update 16-07-2014 23:09:59 Removed Java 7 Update 7 (64-bit) 16-07-2014 23:10:38 Removed Java 7 Update 55 16-07-2014 23:11:37 Removed JavaFX 2.1.1 ==================== Hosts content: ========================== 2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts ==================== Scheduled Tasks (whitelisted) ============= Task: {0FE833D6-1CC1-4D33-AD84-2DA4D5B307D0} - System32\Tasks\Adobe Reader Speed Launcher => C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe Task: {5C5FE30A-AAA1-4C2E-AD79-30544C05DA33} - System32\Tasks\Adobe ARM => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21] (Adobe Systems Incorporated) Task: {8DEBD8F5-E8CC-449C-BE51-2263C43011FE} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-07-09] (Adobe Systems Incorporated) Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe ==================== Loaded Modules (whitelisted) ============= 2012-05-23 18:47 - 2014-05-20 03:25 - 00116568 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll 2012-05-11 15:04 - 2013-03-29 16:39 - 00076888 _____ () C:\Windows\SysWOW64\PnkBstrA.exe 2013-04-04 16:38 - 2011-12-01 21:15 - 00777448 ____N () C:\Program Files\Plantronics\GameCom780\GameCom780.exe 2011-08-11 05:58 - 2011-08-11 05:58 - 00627304 _____ () C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe 2013-04-04 16:38 - 2011-12-01 21:16 - 00150760 ____N () C:\Program Files\Plantronics\GameCom780\VmixPLGC.dll 2011-08-11 05:57 - 2011-08-11 05:57 - 00151656 _____ () C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyHook.dll 2014-06-18 04:58 - 2014-06-18 04:58 - 03852912 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll 2014-02-14 17:17 - 2014-02-14 17:17 - 00169472 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\0a0467413a424068d1471448ff6ca6cc\IsdiInterop.ni.dll 2012-02-07 01:25 - 2010-11-06 09:50 - 00058880 _____ () C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IsdiInterop.dll ==================== Alternate Data Streams (whitelisted) ========= ==================== Safe Mode (whitelisted) =================== ==================== EXE Association (whitelisted) ============= ==================== MSCONFIG/TASK MANAGER disabled items ========= MSCONFIG\Services: HssSrv => 2 MSCONFIG\Services: HssTrayService => 3 MSCONFIG\Services: SkypeUpdate => 2 MSCONFIG\startupreg: KPeerNexonEU => C:\Nexon\NEXON_EU_Downloader\nxEULauncher.exe MSCONFIG\startupreg: Norton Online Backup => C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun MSCONFIG\startupreg: Steam => "C:\Program Files (x86)\Steam\Steam.exe" -silent ==================== Faulty Device Manager Devices ============= Name: 802.11n draadloze LAN-kaart Description: 802.11n draadloze LAN-kaart Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: Ralink Technology, Corp. Service: netr28x Problem: : This device is disabled. (Code 22) Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions. ==================== Event log errors: ========================= Application errors: ================== Error: (07/17/2014 01:23:02 AM) (Source: SideBySide) (EventID: 80) (User: ) Description: Kan activeringscontext voor C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1 niet maken. Fout in manifest of beleidsbestand C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2 op regel C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3. Een onderdeelversie die nodig is voor de toepassing conflicteert met een andere onderdeelversie die reeds actief is. Conflicterende onderdelen zijn: Onderdeel 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest. Onderdeel 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest. Error: (07/17/2014 01:22:06 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (07/16/2014 11:39:54 PM) (Source: MsiInstaller) (EventID: 11310) (User: Patrick-PC) Description: Product: Akamai NetSession Interface -- Error 1310. Error writing to file: C:\Users\Patrick\AppData\Local\Akamai\admintool.exe. System error 0. Verify that you have access to that directory. Error: (07/16/2014 11:39:33 PM) (Source: MsiInstaller) (EventID: 11310) (User: Patrick-PC) Description: Product: Akamai NetSession Interface -- Error 1310. Error writing to file: C:\Users\Patrick\AppData\Local\Akamai\admintool.exe. System error 0. Verify that you have access to that directory. Error: (07/16/2014 11:16:51 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Naam van toepassing met fout: plugin-container.exe, versie: 30.0.0.5269, tijdstempel: 0x53914233 Naam van module met fout: mozalloc.dll, versie: 30.0.0.5269, tijdstempel: 0x53911393 Uitzonderingscode: 0x80000003 Foutoffset: 0x0000141b Id van proces met fout: 0x115c Starttijd van toepassing met fout: 0xplugin-container.exe0 Pad naar toepassing met fout: plugin-container.exe1 Pad naar module met fout: plugin-container.exe2 Rapport-id: plugin-container.exe3 Error: (07/16/2014 11:01:38 PM) (Source: SideBySide) (EventID: 80) (User: ) Description: Kan activeringscontext voor C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1 niet maken. Fout in manifest of beleidsbestand C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2 op regel C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3. Een onderdeelversie die nodig is voor de toepassing conflicteert met een andere onderdeelversie die reeds actief is. Conflicterende onderdelen zijn: Onderdeel 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest. Onderdeel 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest. Error: (07/16/2014 11:01:31 PM) (Source: SideBySide) (EventID: 80) (User: ) Description: Kan activeringscontext voor C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1 niet maken. Fout in manifest of beleidsbestand C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2 op regel C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3. Een onderdeelversie die nodig is voor de toepassing conflicteert met een andere onderdeelversie die reeds actief is. Conflicterende onderdelen zijn: Onderdeel 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest. Onderdeel 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest. Error: (07/16/2014 10:45:50 PM) (Source: SideBySide) (EventID: 80) (User: ) Description: Kan activeringscontext voor C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1 niet maken. Fout in manifest of beleidsbestand C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2 op regel C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3. Een onderdeelversie die nodig is voor de toepassing conflicteert met een andere onderdeelversie die reeds actief is. Conflicterende onderdelen zijn: Onderdeel 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest. Onderdeel 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest. Error: (07/16/2014 10:45:48 PM) (Source: SideBySide) (EventID: 80) (User: ) Description: Kan activeringscontext voor C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1 niet maken. Fout in manifest of beleidsbestand C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2 op regel C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3. Een onderdeelversie die nodig is voor de toepassing conflicteert met een andere onderdeelversie die reeds actief is. Conflicterende onderdelen zijn: Onderdeel 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest. Onderdeel 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest. Error: (07/16/2014 10:44:36 PM) (Source: SideBySide) (EventID: 80) (User: ) Description: Kan activeringscontext voor C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1 niet maken. Fout in manifest of beleidsbestand C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2 op regel C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3. Een onderdeelversie die nodig is voor de toepassing conflicteert met een andere onderdeelversie die reeds actief is. Conflicterende onderdelen zijn: Onderdeel 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest. Onderdeel 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest. System errors: ============= Error: (07/17/2014 01:17:09 AM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: De NVIDIA Stereoscopic 3D Driver Service-service is onverwacht beëindigd. Dit is nu 1 keer gebeurd. Microsoft Office Sessions: ========================= Error: (07/17/2014 01:23:02 AM) (Source: SideBySide) (EventID: 80) (User: ) Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Patrick\Downloads\esetsmartinstaller_enu.exe Error: (07/17/2014 01:22:06 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (07/16/2014 11:39:54 PM) (Source: MsiInstaller) (EventID: 11310) (User: Patrick-PC) Description: Product: Akamai NetSession Interface -- Error 1310. Error writing to file: C:\Users\Patrick\AppData\Local\Akamai\admintool.exe. System error 0. Verify that you have access to that directory.(NULL)(NULL)(NULL)(NULL)(NULL) Error: (07/16/2014 11:39:33 PM) (Source: MsiInstaller) (EventID: 11310) (User: Patrick-PC) Description: Product: Akamai NetSession Interface -- Error 1310. Error writing to file: C:\Users\Patrick\AppData\Local\Akamai\admintool.exe. System error 0. Verify that you have access to that directory.(NULL)(NULL)(NULL)(NULL)(NULL) Error: (07/16/2014 11:16:51 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: plugin-container.exe30.0.0.526953914233mozalloc.dll30.0.0.526953911393800000030000141b115c01cfa1371148a843C:\Program Files (x86)\Mozilla Firefox\plugin-container.exeC:\Program Files (x86)\Mozilla Firefox\mozalloc.dll805d6fd7-0d2e-11e4-aef6-c89cdcebeee9 Error: (07/16/2014 11:01:38 PM) (Source: SideBySide) (EventID: 80) (User: ) Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Patrick\Downloads\esetsmartinstaller_enu.exe Error: (07/16/2014 11:01:31 PM) (Source: SideBySide) (EventID: 80) (User: ) Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Patrick\Downloads\esetsmartinstaller_enu.exe Error: (07/16/2014 10:45:50 PM) (Source: SideBySide) (EventID: 80) (User: ) Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Patrick\Downloads\esetsmartinstaller_enu.exe Error: (07/16/2014 10:45:48 PM) (Source: SideBySide) (EventID: 80) (User: ) Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Patrick\Downloads\esetsmartinstaller_enu.exe Error: (07/16/2014 10:44:36 PM) (Source: SideBySide) (EventID: 80) (User: ) Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Patrick\Downloads\esetsmartinstaller_enu.exe CodeIntegrity Errors: =================================== Date: 2012-05-11 22:50:47.169 Description: De integriteit van de kopie van het bestand \Device\HarddiskVolume3\ijji\ENGLISH\Gunz\GameGuard\dump_wmimmc.sys kan niet worden geverifieerd omdat de bestands-hash niet is gevonden op het systeem. Tijdens een recente hardware- of softwarewijziging is mogelijk een bestand geïnstalleerd dat onjuist ondertekend of beschadigd is, of dat mogelijk kwaadwillende software van een onbekende bron is. Date: 2012-05-11 22:50:47.151 Description: De integriteit van de kopie van het bestand \Device\HarddiskVolume3\ijji\ENGLISH\Gunz\GameGuard\dump_wmimmc.sys kan niet worden geverifieerd omdat de bestands-hash niet is gevonden op het systeem. Tijdens een recente hardware- of softwarewijziging is mogelijk een bestand geïnstalleerd dat onjuist ondertekend of beschadigd is, of dat mogelijk kwaadwillende software van een onbekende bron is. ==================== Memory info =========================== Percentage of memory in use: 36% Total physical RAM: 6126.01 MB Available physical RAM: 3871.46 MB Total Pagefile: 12250.2 MB Available Pagefile: 9990.86 MB Total Virtual: 8192 MB Available Virtual: 8191.85 MB ==================== Drives ================================ Drive c: (Acer) (Fixed) (Total:455.45 GB) (Free:378.2 GB) NTFS Drive d: (DATA) (Fixed) (Total:455.96 GB) (Free:455.86 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 932 GB) (Disk ID: 30B852E5) Partition 1: (Not Active) - (Size=20 GB) - (Type=27) Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=455 GB) - (Type=07 NTFS) Partition 4: (Not Active) - (Size=456 GB) - (Type=07 NTFS) ==================== End Of Log ============================ Malwarebytes Anti-Malware www.malwarebytes.org Scan Date: 17-7-2014 Scan Time: 1:32:25 Logfile: Administrator: Yes Version: 2.00.2.1012 Malware Database: v2014.07.16.09 Rootkit Database: v2014.07.14.01 License: Trial Malware Protection: Enabled Malicious Website Protection: Enabled Self-protection: Disabled OS: Windows 7 Service Pack 1 CPU: x64 File System: NTFS User: Patrick Scan Type: Threat Scan Result: Completed Objects Scanned: 323035 Time Elapsed: 6 min, 59 sec Memory: Enabled Startup: Enabled Filesystem: Enabled Archives: Enabled Rootkits: Enabled Heuristics: Enabled PUP: Enabled PUM: Enabled Processes: 0 (No malicious items detected) Modules: 0 (No malicious items detected) Registry Keys: 0 (No malicious items detected) Registry Values: 0 (No malicious items detected) Registry Data: 0 (No malicious items detected) Folders: 0 (No malicious items detected) Files: 0 (No malicious items detected) Physical Sectors: 0 (No malicious items detected) (end) -
PC and Internet running slow, might be infected.
kemped replied to kemped's topic in Resolved Malware Removal Logs
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 15-07-2014 01 Ran by Patrick (administrator) on PATRICK-PC on 17-07-2014 00:42:52 Running from C:\Users\Patrick\Downloads Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Nederlands (Nederland) Internet Explorer Version 11 Boot Mode: Normal The only official download link for FRST: Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/ Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/ Download link from any site other than Bleeping Computer is unpermitted or outdated. See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (Acer Incorporated) C:\Program Files (x86)\Acer\Registration\GREGsvc.exe (Acer Incorporated) C:\Program Files\Acer\Acer Updater\UpdaterService.exe (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe (Symantec Corporation) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe () C:\Windows\SysWOW64\PnkBstrA.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe () C:\Program Files\Plantronics\GameCom780\GameCom780.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (Egis Technology Inc.) C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe (Egis Technology Inc.) C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe () C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (Egis Technology Inc.) C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe (Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_14_0_0_145.exe (Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_14_0_0_145.exe (Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe (Akamai Technologies, Inc.) C:\Users\Patrick\AppData\Local\Akamai\netsession_win.exe (Akamai Technologies, Inc.) C:\Users\Patrick\AppData\Local\Akamai\netsession_win.exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11580520 2010-11-11] (Realtek Semiconductor) HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [1271072 2014-03-11] (Microsoft Corporation) HKLM\...\Run: [GamecomSound] => C:\Program Files\Plantronics\GameCom780\GameCom780.exe [777448 2011-12-01] () HKLM\...\Run: [Nvtmru] => "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe" HKLM\...\Run: [shadowPlay] => C:\Windows\system32\nvspcap64.dll [1279480 2014-05-30] (NVIDIA Corporation) HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2352072 2014-05-30] (NVIDIA Corporation) HKLM-x32\...\Run: [suiteTray] => C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe [340848 2011-04-02] (Egis Technology Inc.) HKLM-x32\...\Run: [EgisTecPMMUpdate] => C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe [408432 2011-03-29] (Egis Technology Inc.) HKLM-x32\...\Run: [EgisUpdate] => C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe [202608 2011-03-29] (Egis Technology Inc.) HKLM-x32\...\Run: [Hotkey Utility] => C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe [627304 2011-08-11] () HKLM-x32\...\Run: [KiesTrayAgent] => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated) HKLM-x32\...\Run: [sunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation) HKU\.DEFAULT\...\RunOnce: [isMyWinLockerReboot] - msiexec.exe /qn /x{voidguid} HKU\S-1-5-19\...\RunOnce: [isMyWinLockerReboot] - msiexec.exe /qn /x{voidguid} HKU\S-1-5-20\...\RunOnce: [isMyWinLockerReboot] - msiexec.exe /qn /x{voidguid} HKU\S-1-5-21-6045758-1717323391-879862430-1001\...\Run: [Akamai NetSession Interface] => C:\Users\Patrick\AppData\Local\Akamai\netsession_win.exe [4440896 2012-08-10] (Akamai Technologies, Inc.) HKU\S-1-5-21-6045758-1717323391-879862430-1001\...\Run: [] => C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe HKU\S-1-5-21-6045758-1717323391-879862430-1001\...\MountPoints2: {94c89b52-511a-11e1-a331-806e6f6e6963} - E:\setup.exe ==================== Internet (Whitelisted) ==================== HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://acer.msn.com HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://acer.nl.msn.com/ HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xE35952EA1F28CF01 HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = nl-NL HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://dnf.neople.com/ StartMenuInternet: IEXPLORE.EXE - iexplore.exe SearchScopes: HKLM - DefaultScope value is missing. SearchScopes: HKLM-x32 - DefaultScope value is missing. SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&r=408 BHO: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) BHO: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) BHO-x32: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) BHO-x32: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) DPF: HKLM-x32 {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 FireFox: ======== FF ProfilePath: C:\Users\Patrick\AppData\Roaming\Mozilla\Firefox\Profiles\uh0a2ezk.default FF SelectedSearchEngine: user_pref("browser.search.selectedEngine", ""); FF Homepage: https://www.youtube.com/ FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_145.dll () FF Plugin: @java.com/DTPlugin,version=10.7.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=10.7.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin: @microsoft.com/GENUINE - disabled No File FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll () FF Plugin-x32: @java.com/DTPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin-x32: @microsoft.com/GENUINE - disabled No File FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin-x32: @ngm.nexoneu.com/NxGame - C:\ProgramData\NexonEU\NGM\npNxGameeu.dll (Nexon) FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation) FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation) FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF Plugin HKCU: ubisoft.com/uplaypc - C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll No File FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.) FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\bolcom-nl.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\marktplaats-nl.xml FF Extension: Adblock Plus Pop-up Addon - C:\Users\Patrick\AppData\Roaming\Mozilla\Firefox\Profiles\uh0a2ezk.default\Extensions\adblockpopups@jessehakanen.net.xpi [2014-04-13] FF Extension: Adblock Plus - C:\Users\Patrick\AppData\Roaming\Mozilla\Firefox\Profiles\uh0a2ezk.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2012-05-11] ==================== Services (Whitelisted) ================= R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation) R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation) R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2014-03-11] (Microsoft Corporation) S3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [347872 2014-03-11] (Microsoft Corporation) R2 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2804568 2010-06-02] (Symantec Corporation) S3 npggsvc; C:\Windows\SysWOW64\GameMon.des [4390376 2011-07-17] (INCA Internet Co., Ltd.) [File not signed] R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1631008 2014-05-30] (NVIDIA Corporation) R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [21055432 2014-05-30] (NVIDIA Corporation) R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2013-03-29] () ==================== Drivers (Whitelisted) ==================== R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-05-12] (Malwarebytes Corporation) R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [122584 2014-07-16] (Malwarebytes Corporation) R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-05-12] (Malwarebytes Corporation) R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [268512 2014-01-25] (Microsoft Corporation) S3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [133928 2014-03-11] (Microsoft Corporation) S3 NPPTNT2; C:\Windows\SysWOW64\npptNT2.sys [4682 2004-12-31] (INCA Internet Co., Ltd.) [File not signed] R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [20256 2014-05-30] (NVIDIA Corporation) R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [40392 2014-03-31] (NVIDIA Corporation) R3 PlantronicsGC; C:\Windows\System32\drivers\PLTGC.sys [1327104 2011-11-05] (C-Media Electronics Inc) S3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [42184 2014-05-17] (Anchorfree Inc.) S3 dump_wmimmc; \??\C:\ijji\ENGLISH\Gunz\GameGuard\dump_wmimmc.sys [X] S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X] S3 sf; \??\C:\AeriaGames\SoldierFront\avital\soldierf64.sys [X] S3 X6va011; \??\C:\Windows\SysWOW64\Drivers\X6va011 [X] S3 XFDriver64; \??\C:\Program Files (x86)\Xfire2\XFDriver64.sys [X] ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2014-07-17 00:41 - 2014-07-17 00:42 - 00013661 _____ () C:\Users\Patrick\Downloads\FRST.txt 2014-07-17 00:41 - 2014-07-17 00:41 - 02086912 _____ (Farbar) C:\Users\Patrick\Downloads\FRST64.exe 2014-07-16 22:44 - 2014-07-16 22:44 - 02347384 _____ (ESET) C:\Users\Patrick\Downloads\esetsmartinstaller_enu.exe 2014-07-16 22:44 - 2014-07-16 22:44 - 00000000 ____D () C:\Program Files (x86)\ESET 2014-07-16 22:38 - 2014-07-16 22:41 - 00000000 ____D () C:\AdwCleaner 2014-07-16 22:38 - 2014-07-16 22:38 - 01348263 _____ () C:\Users\Patrick\Downloads\AdwCleaner.exe 2014-07-16 22:36 - 2014-07-16 22:36 - 00001617 _____ () C:\Users\Patrick\Desktop\JRT.txt 2014-07-16 22:31 - 2014-07-16 22:31 - 01016261 _____ (Thisisu) C:\Users\Patrick\Downloads\JRT.exe 2014-07-16 11:59 - 2014-07-16 23:16 - 00000000 ____D () C:\Users\Patrick\AppData\Local\CrashDumps 2014-07-16 09:45 - 2014-07-16 09:50 - 00030312 _____ () C:\Windows\system32\Drivers\TrueSight.sys 2014-07-16 09:45 - 2014-07-16 09:45 - 05336664 _____ () C:\Users\Patrick\Downloads\RogueKillerX64.exe 2014-07-16 09:45 - 2014-07-16 09:45 - 00000000 ____D () C:\ProgramData\RogueKiller 2014-07-15 23:54 - 2014-07-16 23:53 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2014-07-15 23:54 - 2014-07-15 23:54 - 00001062 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk 2014-07-15 23:54 - 2014-07-15 23:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware 2014-07-15 23:54 - 2014-07-15 23:54 - 00000000 ____D () C:\ProgramData\Malwarebytes 2014-07-15 23:54 - 2014-07-15 23:54 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware 2014-07-15 23:54 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys 2014-07-15 23:54 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys 2014-07-15 23:54 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys 2014-07-15 23:53 - 2014-07-15 23:53 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Patrick\Downloads\mbam-setup-2.0.2.1012(1).exe 2014-07-15 23:51 - 2014-07-15 23:51 - 00321848 _____ (Malwarebytes Corporation) C:\Users\Patrick\Downloads\mbam-clean-2.1.1.1001.exe 2014-07-15 23:47 - 2014-07-15 23:48 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Patrick\Downloads\mbam-setup-2.0.2.1012.exe 2014-07-15 23:44 - 2014-07-15 23:44 - 00791393 _____ (Lars Hederer ) C:\Users\Patrick\Downloads\erunt-setup.exe 2014-07-15 23:44 - 2014-07-15 23:44 - 00000884 _____ () C:\Users\Patrick\Desktop\NTREGOPT.lnk 2014-07-15 23:44 - 2014-07-15 23:44 - 00000884 _____ () C:\Users\Gast\Desktop\NTREGOPT.lnk 2014-07-15 23:44 - 2014-07-15 23:44 - 00000865 _____ () C:\Users\Patrick\Desktop\ERUNT.lnk 2014-07-15 23:44 - 2014-07-15 23:44 - 00000865 _____ () C:\Users\Gast\Desktop\ERUNT.lnk 2014-07-15 23:44 - 2014-07-15 23:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ERUNT 2014-07-15 23:44 - 2014-07-15 23:44 - 00000000 ____D () C:\Program Files (x86)\ERUNT 2014-07-15 23:42 - 2014-07-15 23:43 - 00002038 _____ () C:\Users\Patrick\Desktop\Rkill.txt 2014-07-15 23:42 - 2014-07-15 23:42 - 01942776 _____ (Bleeping Computer, LLC) C:\Users\Patrick\Downloads\iExplore.exe 2014-07-15 23:42 - 2014-07-15 23:42 - 01062136 _____ (Bleeping Computer, LLC) C:\Users\Patrick\Downloads\iExplore64.exe 2014-07-15 10:23 - 2014-07-15 10:23 - 00000221 _____ () C:\Users\Patrick\Desktop\Mount & Blade Warband.url 2014-07-10 23:01 - 2014-07-17 00:42 - 00000000 ____D () C:\FRST 2014-07-09 19:53 - 2014-06-20 22:14 - 00266424 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll 2014-07-09 19:53 - 2014-06-20 21:39 - 00240824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll 2014-07-09 19:53 - 2014-06-19 03:39 - 23464448 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2014-07-09 19:53 - 2014-06-19 03:06 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2014-07-09 19:53 - 2014-06-19 03:06 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll 2014-07-09 19:53 - 2014-06-19 02:48 - 02768384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2014-07-09 19:53 - 2014-06-19 02:42 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2014-07-09 19:53 - 2014-06-19 02:42 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2014-07-09 19:53 - 2014-06-19 02:41 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll 2014-07-09 19:53 - 2014-06-19 02:41 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll 2014-07-09 19:53 - 2014-06-19 02:32 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2014-07-09 19:53 - 2014-06-19 02:31 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2014-07-09 19:53 - 2014-06-19 02:26 - 00598016 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2014-07-09 19:53 - 2014-06-19 02:24 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2014-07-09 19:53 - 2014-06-19 02:24 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2014-07-09 19:53 - 2014-06-19 02:23 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2014-07-09 19:53 - 2014-06-19 02:16 - 17276416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2014-07-09 19:53 - 2014-06-19 02:14 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe 2014-07-09 19:53 - 2014-06-19 02:09 - 00452608 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2014-07-09 19:53 - 2014-06-19 01:59 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll 2014-07-09 19:53 - 2014-06-19 01:56 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2014-07-09 19:53 - 2014-06-19 01:53 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2014-07-09 19:53 - 2014-06-19 01:51 - 05721088 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2014-07-09 19:53 - 2014-06-19 01:50 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2014-07-09 19:53 - 2014-06-19 01:48 - 00292864 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2014-07-09 19:53 - 2014-06-19 01:39 - 00608768 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2014-07-09 19:53 - 2014-06-19 01:38 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2014-07-09 19:53 - 2014-06-19 01:37 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2014-07-09 19:53 - 2014-06-19 01:36 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll 2014-07-09 19:53 - 2014-06-19 01:35 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll 2014-07-09 19:53 - 2014-06-19 01:33 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2014-07-09 19:53 - 2014-06-19 01:32 - 02179072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2014-07-09 19:53 - 2014-06-19 01:28 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2014-07-09 19:53 - 2014-06-19 01:28 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2014-07-09 19:53 - 2014-06-19 01:27 - 02040832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2014-07-09 19:53 - 2014-06-19 01:27 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll 2014-07-09 19:53 - 2014-06-19 01:25 - 00442368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2014-07-09 19:53 - 2014-06-19 01:23 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe 2014-07-09 19:53 - 2014-06-19 01:22 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll 2014-07-09 19:53 - 2014-06-19 01:12 - 00367616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll 2014-07-09 19:53 - 2014-06-19 01:06 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll 2014-07-09 19:53 - 2014-06-19 01:01 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll 2014-07-09 19:53 - 2014-06-19 00:59 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2014-07-09 19:53 - 2014-06-19 00:58 - 02266112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2014-07-09 19:53 - 2014-06-19 00:58 - 00239616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll 2014-07-09 19:53 - 2014-06-19 00:52 - 04254720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2014-07-09 19:53 - 2014-06-19 00:51 - 13527040 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2014-07-09 19:53 - 2014-06-19 00:49 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2014-07-09 19:53 - 2014-06-19 00:46 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll 2014-07-09 19:53 - 2014-06-19 00:45 - 01964544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2014-07-09 19:53 - 2014-06-19 00:35 - 11742208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2014-07-09 19:53 - 2014-06-19 00:34 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2014-07-09 19:53 - 2014-06-19 00:15 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2014-07-09 19:53 - 2014-06-19 00:13 - 01791488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2014-07-09 19:53 - 2014-06-19 00:09 - 01139200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2014-07-09 19:53 - 2014-06-19 00:07 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2014-07-09 19:46 - 2014-06-30 04:09 - 00519168 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll 2014-07-09 19:46 - 2014-06-30 04:04 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll 2014-07-09 19:46 - 2014-06-18 04:18 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe 2014-07-09 19:46 - 2014-06-18 03:51 - 00646144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\osk.exe 2014-07-09 19:46 - 2014-06-18 03:10 - 03157504 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2014-07-09 19:46 - 2014-06-06 12:10 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll 2014-07-09 19:46 - 2014-06-06 11:44 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll 2014-07-09 19:46 - 2014-06-05 16:45 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll 2014-07-09 19:46 - 2014-06-05 16:26 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll 2014-07-09 19:46 - 2014-06-05 16:25 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll 2014-07-09 19:46 - 2014-05-30 10:08 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll 2014-07-09 19:46 - 2014-05-30 10:08 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll 2014-07-09 19:46 - 2014-05-30 10:08 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll 2014-07-09 19:46 - 2014-05-30 10:08 - 00307200 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll 2014-07-09 19:46 - 2014-05-30 10:08 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll 2014-07-09 19:46 - 2014-05-30 10:08 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll 2014-07-09 19:46 - 2014-05-30 10:08 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll 2014-07-09 19:46 - 2014-05-30 09:52 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll 2014-07-09 19:46 - 2014-05-30 09:52 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll 2014-07-09 19:46 - 2014-05-30 09:52 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll 2014-07-09 19:46 - 2014-05-30 09:52 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll 2014-07-09 19:46 - 2014-05-30 09:52 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll 2014-07-09 19:46 - 2014-05-30 09:52 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll 2014-07-09 19:46 - 2014-05-30 09:52 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll 2014-07-09 19:46 - 2014-05-30 08:45 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys 2014-07-08 19:33 - 2014-07-08 19:33 - 00000000 ____D () C:\Users\Patrick\AppData\Local\Adobe 2014-07-08 14:34 - 2014-07-15 23:28 - 00000000 ____D () C:\Program Files (x86)\Hazard Ops 2014-07-07 19:48 - 2014-07-15 23:26 - 00000000 ____D () C:\Users\Patrick\AppData\Local\QQSM 2014-07-07 19:08 - 2014-07-08 14:42 - 00000000 ____D () C:\ProgramData\Solid State Networks 2014-07-06 12:09 - 2014-07-06 12:09 - 09686176 _____ (Perfect World Entertainment) C:\Users\Patrick\Downloads\ArcInstall_v20140625a.exe 2014-07-05 01:43 - 2014-07-05 01:43 - 00000000 ____D () C:\Users\Patrick\AppData\Roaming\Nero 2014-06-23 15:44 - 2012-03-25 10:26 - 00115272 _____ (MotioninJoy) C:\Windows\system32\Drivers\MijXfilt.sys 2014-06-18 16:15 - 2014-06-18 16:15 - 01058200 _____ (Adobe) C:\Users\Patrick\Downloads\install_flashplayer14x32au_mssd_aaa_aih.exe 2014-06-18 04:58 - 2014-06-18 04:59 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox ==================== One Month Modified Files and Folders ======= 2014-07-17 00:42 - 2014-07-17 00:41 - 00013661 _____ () C:\Users\Patrick\Downloads\FRST.txt 2014-07-17 00:42 - 2014-07-10 23:01 - 00000000 ____D () C:\FRST 2014-07-17 00:41 - 2014-07-17 00:41 - 02086912 _____ (Farbar) C:\Users\Patrick\Downloads\FRST64.exe 2014-07-17 00:16 - 2012-05-11 14:30 - 00000940 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job 2014-07-16 23:53 - 2014-07-15 23:54 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2014-07-16 23:39 - 2012-09-05 19:04 - 00000000 ____D () C:\Users\Patrick\AppData\Local\Akamai 2014-07-16 23:33 - 2012-02-07 01:21 - 02091984 _____ () C:\Windows\WindowsUpdate.log 2014-07-16 23:16 - 2014-07-16 11:59 - 00000000 ____D () C:\Users\Patrick\AppData\Local\CrashDumps 2014-07-16 22:49 - 2009-07-14 06:45 - 00016976 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2014-07-16 22:49 - 2009-07-14 06:45 - 00016976 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2014-07-16 22:44 - 2014-07-16 22:44 - 02347384 _____ (ESET) C:\Users\Patrick\Downloads\esetsmartinstaller_enu.exe 2014-07-16 22:44 - 2014-07-16 22:44 - 00000000 ____D () C:\Program Files (x86)\ESET 2014-07-16 22:42 - 2009-07-14 06:51 - 00133327 _____ () C:\Windows\setupact.log 2014-07-16 22:41 - 2014-07-16 22:38 - 00000000 ____D () C:\AdwCleaner 2014-07-16 22:41 - 2012-02-07 01:22 - 00000000 ____D () C:\ProgramData\NVIDIA 2014-07-16 22:41 - 2010-11-21 05:47 - 00658770 _____ () C:\Windows\PFRO.log 2014-07-16 22:41 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2014-07-16 22:38 - 2014-07-16 22:38 - 01348263 _____ () C:\Users\Patrick\Downloads\AdwCleaner.exe 2014-07-16 22:36 - 2014-07-16 22:36 - 00001617 _____ () C:\Users\Patrick\Desktop\JRT.txt 2014-07-16 22:31 - 2014-07-16 22:31 - 01016261 _____ (Thisisu) C:\Users\Patrick\Downloads\JRT.exe 2014-07-16 21:38 - 2012-05-11 14:57 - 00000000 ____D () C:\Program Files (x86)\Steam 2014-07-16 09:50 - 2014-07-16 09:45 - 00030312 _____ () C:\Windows\system32\Drivers\TrueSight.sys 2014-07-16 09:45 - 2014-07-16 09:45 - 05336664 _____ () C:\Users\Patrick\Downloads\RogueKillerX64.exe 2014-07-16 09:45 - 2014-07-16 09:45 - 00000000 ____D () C:\ProgramData\RogueKiller 2014-07-15 23:54 - 2014-07-15 23:54 - 00001062 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk 2014-07-15 23:54 - 2014-07-15 23:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware 2014-07-15 23:54 - 2014-07-15 23:54 - 00000000 ____D () C:\ProgramData\Malwarebytes 2014-07-15 23:54 - 2014-07-15 23:54 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware 2014-07-15 23:53 - 2014-07-15 23:53 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Patrick\Downloads\mbam-setup-2.0.2.1012(1).exe 2014-07-15 23:51 - 2014-07-15 23:51 - 00321848 _____ (Malwarebytes Corporation) C:\Users\Patrick\Downloads\mbam-clean-2.1.1.1001.exe 2014-07-15 23:48 - 2014-07-15 23:47 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Patrick\Downloads\mbam-setup-2.0.2.1012.exe 2014-07-15 23:45 - 2013-07-08 16:27 - 00000000 ____D () C:\Windows\ERDNT 2014-07-15 23:44 - 2014-07-15 23:44 - 00791393 _____ (Lars Hederer ) C:\Users\Patrick\Downloads\erunt-setup.exe 2014-07-15 23:44 - 2014-07-15 23:44 - 00000884 _____ () C:\Users\Patrick\Desktop\NTREGOPT.lnk 2014-07-15 23:44 - 2014-07-15 23:44 - 00000884 _____ () C:\Users\Gast\Desktop\NTREGOPT.lnk 2014-07-15 23:44 - 2014-07-15 23:44 - 00000865 _____ () C:\Users\Patrick\Desktop\ERUNT.lnk 2014-07-15 23:44 - 2014-07-15 23:44 - 00000865 _____ () C:\Users\Gast\Desktop\ERUNT.lnk 2014-07-15 23:44 - 2014-07-15 23:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ERUNT 2014-07-15 23:44 - 2014-07-15 23:44 - 00000000 ____D () C:\Program Files (x86)\ERUNT 2014-07-15 23:43 - 2014-07-15 23:42 - 00002038 _____ () C:\Users\Patrick\Desktop\Rkill.txt 2014-07-15 23:42 - 2014-07-15 23:42 - 01942776 _____ (Bleeping Computer, LLC) C:\Users\Patrick\Downloads\iExplore.exe 2014-07-15 23:42 - 2014-07-15 23:42 - 01062136 _____ (Bleeping Computer, LLC) C:\Users\Patrick\Downloads\iExplore64.exe 2014-07-15 23:29 - 2012-05-11 12:50 - 00000000 ____D () C:\Users\Patrick 2014-07-15 23:29 - 2010-11-21 09:17 - 00000000 ____D () C:\Program Files\Windows Journal 2014-07-15 23:28 - 2014-07-08 14:34 - 00000000 ____D () C:\Program Files (x86)\Hazard Ops 2014-07-15 23:28 - 2014-05-02 20:59 - 00000000 ___SD () C:\Windows\system32\CompatTel 2014-07-15 23:28 - 2013-05-09 09:11 - 00000000 ____D () C:\Users\Patrick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games 2014-07-15 23:28 - 2012-09-27 23:17 - 00000000 ____D () C:\Users\Gast 2014-07-15 23:28 - 2012-05-11 15:16 - 00000000 ____D () C:\Windows\system32\Macromed 2014-07-15 23:28 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\Dism 2014-07-15 23:28 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\NDF 2014-07-15 23:28 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\Dism 2014-07-15 23:28 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache 2014-07-15 23:28 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\registration 2014-07-15 23:28 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PolicyDefinitions 2014-07-15 23:28 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\AppCompat 2014-07-15 23:26 - 2014-07-07 19:48 - 00000000 ____D () C:\Users\Patrick\AppData\Local\QQSM 2014-07-15 23:26 - 2009-07-14 05:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared 2014-07-15 10:23 - 2014-07-15 10:23 - 00000221 _____ () C:\Users\Patrick\Desktop\Mount & Blade Warband.url 2014-07-10 22:51 - 2013-07-10 06:53 - 00000000 ____D () C:\Windows\system32\MRT 2014-07-09 20:50 - 2012-02-02 18:30 - 00745764 _____ () C:\Windows\system32\perfh013.dat 2014-07-09 20:50 - 2012-02-02 18:30 - 00153716 _____ () C:\Windows\system32\perfc013.dat 2014-07-09 20:50 - 2009-07-14 07:13 - 01670960 _____ () C:\Windows\system32\PerfStringBackup.INI 2014-07-09 20:09 - 2009-07-14 06:45 - 00276968 _____ () C:\Windows\system32\FNTCACHE.DAT 2014-07-09 19:55 - 2012-05-14 12:36 - 96441528 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2014-07-09 14:05 - 2012-08-04 14:57 - 00000000 ____D () C:\Users\Patrick\Documents\My Games 2014-07-09 12:16 - 2012-05-11 14:30 - 00699056 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2014-07-09 12:16 - 2012-05-11 14:30 - 00003878 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater 2014-07-09 12:16 - 2011-07-11 12:28 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2014-07-08 19:33 - 2014-07-08 19:33 - 00000000 ____D () C:\Users\Patrick\AppData\Local\Adobe 2014-07-08 14:42 - 2014-07-07 19:08 - 00000000 ____D () C:\ProgramData\Solid State Networks 2014-07-06 13:00 - 2014-04-23 20:33 - 00000000 ____D () C:\Program Files (x86)\Perfect World Entertainment 2014-07-06 13:00 - 2011-07-11 11:58 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information 2014-07-06 12:09 - 2014-07-06 12:09 - 09686176 _____ (Perfect World Entertainment) C:\Users\Patrick\Downloads\ArcInstall_v20140625a.exe 2014-07-05 01:49 - 2013-05-09 09:07 - 00000000 ____D () C:\Users\Public\Games 2014-07-05 01:43 - 2014-07-05 01:43 - 00000000 ____D () C:\Users\Patrick\AppData\Roaming\Nero 2014-06-30 04:09 - 2014-07-09 19:46 - 00519168 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll 2014-06-30 04:04 - 2014-07-09 19:46 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll 2014-06-23 15:52 - 2011-07-11 12:00 - 00639037 _____ () C:\Windows\DirectX.log 2014-06-20 22:14 - 2014-07-09 19:53 - 00266424 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll 2014-06-20 21:39 - 2014-07-09 19:53 - 00240824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll 2014-06-20 01:45 - 2013-04-04 20:26 - 00000000 ____D () C:\Users\Patrick\AppData\Local\Warframe 2014-06-19 23:02 - 2014-06-08 21:54 - 00000000 ____D () C:\Program Files\My Vapor Record 2014-06-19 14:04 - 2012-05-11 14:29 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service 2014-06-19 03:39 - 2014-07-09 19:53 - 23464448 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2014-06-19 03:06 - 2014-07-09 19:53 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2014-06-19 03:06 - 2014-07-09 19:53 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll 2014-06-19 02:48 - 2014-07-09 19:53 - 02768384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2014-06-19 02:42 - 2014-07-09 19:53 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2014-06-19 02:42 - 2014-07-09 19:53 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2014-06-19 02:41 - 2014-07-09 19:53 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll 2014-06-19 02:41 - 2014-07-09 19:53 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll 2014-06-19 02:32 - 2014-07-09 19:53 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2014-06-19 02:31 - 2014-07-09 19:53 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2014-06-19 02:26 - 2014-07-09 19:53 - 00598016 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2014-06-19 02:24 - 2014-07-09 19:53 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2014-06-19 02:24 - 2014-07-09 19:53 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2014-06-19 02:23 - 2014-07-09 19:53 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2014-06-19 02:16 - 2014-07-09 19:53 - 17276416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2014-06-19 02:14 - 2014-07-09 19:53 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe 2014-06-19 02:09 - 2014-07-09 19:53 - 00452608 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2014-06-19 01:59 - 2014-07-09 19:53 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll 2014-06-19 01:56 - 2014-07-09 19:53 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2014-06-19 01:53 - 2014-07-09 19:53 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2014-06-19 01:51 - 2014-07-09 19:53 - 05721088 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2014-06-19 01:50 - 2014-07-09 19:53 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2014-06-19 01:48 - 2014-07-09 19:53 - 00292864 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2014-06-19 01:39 - 2014-07-09 19:53 - 00608768 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2014-06-19 01:38 - 2014-07-09 19:53 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2014-06-19 01:37 - 2014-07-09 19:53 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2014-06-19 01:36 - 2014-07-09 19:53 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll 2014-06-19 01:35 - 2014-07-09 19:53 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll 2014-06-19 01:33 - 2014-07-09 19:53 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2014-06-19 01:32 - 2014-07-09 19:53 - 02179072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2014-06-19 01:28 - 2014-07-09 19:53 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2014-06-19 01:28 - 2014-07-09 19:53 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2014-06-19 01:27 - 2014-07-09 19:53 - 02040832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2014-06-19 01:27 - 2014-07-09 19:53 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll 2014-06-19 01:25 - 2014-07-09 19:53 - 00442368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2014-06-19 01:23 - 2014-07-09 19:53 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe 2014-06-19 01:22 - 2014-07-09 19:53 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll 2014-06-19 01:12 - 2014-07-09 19:53 - 00367616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll 2014-06-19 01:06 - 2014-07-09 19:53 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll 2014-06-19 01:01 - 2014-07-09 19:53 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll 2014-06-19 00:59 - 2014-07-09 19:53 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2014-06-19 00:58 - 2014-07-09 19:53 - 02266112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2014-06-19 00:58 - 2014-07-09 19:53 - 00239616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll 2014-06-19 00:52 - 2014-07-09 19:53 - 04254720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2014-06-19 00:51 - 2014-07-09 19:53 - 13527040 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2014-06-19 00:49 - 2014-07-09 19:53 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2014-06-19 00:46 - 2014-07-09 19:53 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll 2014-06-19 00:45 - 2014-07-09 19:53 - 01964544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2014-06-19 00:35 - 2014-07-09 19:53 - 11742208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2014-06-19 00:34 - 2014-07-09 19:53 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2014-06-19 00:34 - 2014-05-07 15:29 - 00000000 ____D () C:\Users\Patrick\AppData\Local\Windows Live 2014-06-19 00:15 - 2014-07-09 19:53 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2014-06-19 00:13 - 2014-07-09 19:53 - 01791488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2014-06-19 00:09 - 2014-07-09 19:53 - 01139200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2014-06-19 00:07 - 2014-07-09 19:53 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2014-06-18 16:15 - 2014-06-18 16:15 - 01058200 _____ (Adobe) C:\Users\Patrick\Downloads\install_flashplayer14x32au_mssd_aaa_aih.exe 2014-06-18 04:59 - 2014-06-18 04:58 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox 2014-06-18 04:18 - 2014-07-09 19:46 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe 2014-06-18 03:51 - 2014-07-09 19:46 - 00646144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\osk.exe 2014-06-18 03:10 - 2014-07-09 19:46 - 03157504 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys Files to move or delete: ==================== C:\ProgramData\DynuEncrypt.dll C:\Users\Patrick\random.dat Some content of TEMP: ==================== C:\Users\Patrick\AppData\Local\Temp\HssInstaller64.exe C:\Users\Patrick\AppData\Local\Temp\nv3DVStreaming.dll C:\Users\Patrick\AppData\Local\Temp\nvSCPAPI.dll C:\Users\Patrick\AppData\Local\Temp\nvStereoApiI.dll C:\Users\Patrick\AppData\Local\Temp\nvStInst.exe C:\Users\Patrick\AppData\Local\Temp\Quarantine.exe ==================== Bamital & volsnap Check ================= C:\Windows\System32\winlogon.exe => File is digitally signed C:\Windows\System32\wininit.exe => File is digitally signed C:\Windows\SysWOW64\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\System32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\System32\services.exe => File is digitally signed C:\Windows\System32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\System32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\System32\rpcss.dll => File is digitally signed C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2014-07-09 17:17 ==================== End Of Log ============================ 'Additional scan result of Farbar Recovery Scan Tool (x64) Version: 15-07-2014 01 Ran by Patrick at 2014-07-17 00:43:09 Running from C:\Users\Patrick\Downloads Boot Mode: Normal ========================================================== ==================== Security Center ======================== AV: Microsoft Security Essentials (Disabled - Up to date) {641105E6-77ED-3F35-A304-765193BCB75F} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Microsoft Security Essentials (Disabled - Up to date) {DF70E402-51D7-30BB-99B4-4D23E83BFDE2} ==================== Installed Programs ====================== Acer eRecovery Management (HKLM-x32\...\{7F811A54-5A09-4579-90E1-C93498E230D9}) (Version: 5.00.3505 - Acer Incorporated) Acer Registration (HKLM-x32\...\Acer Registration) (Version: 1.04.3503 - Acer Incorporated) Acer ScreenSaver (HKLM-x32\...\Acer Screensaver) (Version: 1.1.0609.2011 - Acer Incorporated) Acer Updater (HKLM-x32\...\{EE171732-BEB4-4576-887D-CB62727F01CA}) (Version: 1.02.3500 - Acer Incorporated) Adobe Flash Player 14 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 14.0.0.145 - Adobe Systems Incorporated) Adobe Flash Player 14 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 14.0.0.145 - Adobe Systems Incorporated) Adobe Reader XI (11.0.07) - Nederlands (HKLM-x32\...\{AC76BA86-7AD7-1043-7B44-AB0000000001}) (Version: 11.0.07 - Adobe Systems Incorporated) Akamai NetSession Interface (HKCU\...\Akamai) (Version: - Akamai Technologies, Inc) Bandisoft MPEG-1 Decoder (HKLM-x32\...\BandiMPEG1) (Version: - ) D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden ERUNT 1.1j (HKLM-x32\...\ERUNT_is1) (Version: - Lars Hederer) Evernote v. 4.5.1 (HKLM-x32\...\{28921580-E4BB-11E0-9FD7-1CC1DEF07CBE}) (Version: 4.5.1.5451 - Evernote Corp.) Fotogalerija Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Futuremark SystemInfo (HKLM-x32\...\{BEE64C14-BEF1-4610-8A68-A16EAA47B882}) (Version: 4.15.0 - Futuremark Corporation) Galeria de Fotografias do Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Galería fotográfica de Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Galeria fotogràfica del Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Galeria fotografii usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Galerie de photos Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Galerie foto Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Hotkey Utility (HKLM-x32\...\Hotkey Utility) (Version: 2.05.3505 - Acer Incorporated) Identity Card (HKLM-x32\...\Identity Card) (Version: 1.00.3501 - Acer Incorporated) Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation) Intel® Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.1.0.1008 - Intel Corporation) Java 7 Update 55 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217045FF}) (Version: 7.0.550 - Oracle) Java 7 Update 7 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417007FF}) (Version: 7.0.70 - Oracle) Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden JavaFX 2.1.1 (HKLM-x32\...\{1111706F-666A-4037-7777-211328764D10}) (Version: 2.1.1 - Oracle Corporation) Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden League of Legends (HKLM-x32\...\{92606477-9366-4D3B-8AE3-6BE4B29727AB}) (Version: 1.3 - Riot Games) Malwarebytes Anti-Malware versie 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation) Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation) Microsoft .NET Framework 4.5.1 (Nederlands) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1043) (Version: 4.5.50938 - Microsoft Corporation) Microsoft .NET Framework 4.5.1 (NLD) (Version: 4.5.50938 - Microsoft Corporation) Hidden Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}) (Version: 3.5.92.0 - Microsoft Corporation) Microsoft Games for Windows Marketplace (HKLM-x32\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation) Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation) Microsoft Security Client (Version: 4.5.0216.0 - Microsoft Corporation) Hidden Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.5.216.0 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation) Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation) Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation) Mozilla Firefox 30.0 (x86 nl) (HKLM-x32\...\Mozilla Firefox 30.0 (x86 nl)) (Version: 30.0 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla) MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation) MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation) MyWinLocker (Version: 4.0.14.25 - Egis Technology Inc.) Hidden MyWinLocker 4 (x32 Version: 4.0.14.25 - Egis Technology Inc.) Hidden MyWinLocker Suite (HKLM-x32\...\InstallShield_{17DF9714-60C9-43C9-A9C2-32BCAED44CBE}) (Version: 4.0.14.15 - Egis Technology Inc.) MyWinLocker Suite (x32 Version: 4.0.14.15 - Egis Technology Inc.) Hidden Nero Control Center 10 (x32 Version: 10.2.11100.1.1 - Nero AG) Hidden Nero ControlCenter 10 Help (CHM) (x32 Version: 10.5.10000 - Nero AG) Hidden Nero Core Components 10 (x32 Version: 2.0.18100.8.8 - Nero AG) Hidden Nero DiscSpeed 10 (HKLM-x32\...\{34490F4E-48D0-492E-8249-B48BECF0537C}) (Version: 6.2.10500.2.100 - Nero AG) Nero DiscSpeed 10 Help (CHM) (x32 Version: 10.5.10000 - Nero AG) Hidden Nero Express 10 (HKLM-x32\...\{70550193-1C22-445C-8FA4-564E155DB1A7}) (Version: 10.2.12000.21.100 - Nero AG) Nero Express 10 Help (CHM) (x32 Version: 10.5.10200 - Nero AG) Hidden Nero Multimedia Suite 10 Essentials (HKLM-x32\...\{62BF4BD3-B1F6-4FA2-8388-CC0647ACBF86}) (Version: 10.5.10300 - Nero AG) Nero StartSmart 10 (HKLM-x32\...\{F61D489E-6C44-49AC-AD02-7DA8ACA73A65}) (Version: 10.2.11600.14.100 - Nero AG) Nero StartSmart 10 Help (CHM) (x32 Version: 10.5.10000 - Nero AG) Hidden Nero Update (HKLM-x32\...\{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}) (Version: 1.0.0018 - Nero AG) Norton Online Backup (HKLM-x32\...\{40A66DF6-22D3-44B5-A7D3-83B118A2C0DC}) (Version: 2.1.17869 - Symantec Corporation) NVIDIA 3D Vision controllerstuurprogramma 337.88 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 337.88 - NVIDIA Corporation) NVIDIA 3D Vision stuurprogramma 337.88 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 337.88 - NVIDIA Corporation) NVIDIA GeForce Experience 2.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1 - NVIDIA Corporation) NVIDIA Grafisch stuurprogramma 337.88 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 337.88 - NVIDIA Corporation) NVIDIA HD Audio-stuurprogramma 1.3.30.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.30.1 - NVIDIA Corporation) NVIDIA Install Application (Version: 2.1002.157.1165 - NVIDIA Corporation) Hidden NVIDIA LED Visualizer 1.0 (Version: 1.0 - NVIDIA Corporation) Hidden NVIDIA Network Service (Version: 1.0 - NVIDIA Corporation) Hidden NVIDIA Optimus Update 14.6.22 (Version: 14.6.22 - NVIDIA Corporation) Hidden NVIDIA PhysX (x32 Version: 9.13.1220 - NVIDIA Corporation) Hidden NVIDIA PhysX systeemsoftware 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation) NVIDIA ShadowPlay 14.6.22 (Version: 14.6.22 - NVIDIA Corporation) Hidden NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.12.6514 - NVIDIA Corporation) Hidden NVIDIA Update 14.6.22 (Version: 14.6.22 - NVIDIA Corporation) Hidden NVIDIA Update Core (Version: 14.6.22 - NVIDIA Corporation) Hidden NVIDIA Virtual Audio 1.2.23 (Version: 1.2.23 - NVIDIA Corporation) Hidden NVIDIA-configuratiescherm 337.88 (Version: 337.88 - NVIDIA Corporation) Hidden OpenAL (HKLM-x32\...\OpenAL) (Version: - ) Plantronics® GameCom 780 Software for Dolby® Headphone (HKLM-x32\...\{EB3C9064-9140-4279-9E51-965119402151}) (Version: 1.00.0001 - Plantronics) Poczta usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Podstawowe programy Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Pošta Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.988 - Even Balance, Inc.) Raccolta foto di Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6242 - Realtek Semiconductor Corp.) SHIELD Streaming (Version: 2.1.214 - NVIDIA Corporation) Hidden Shredder (Version: 2.0.8.9 - Egis Technology Inc.) Hidden Shredder (x32 Version: 2.0.8.9 - Egis Technology Inc.) Hidden Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation) swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden Welcome Center (HKLM-x32\...\Acer Welcome Center) (Version: 1.02.3504 - Acer Incorporated) Windows Live Argazki Galeria (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation) Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Fotogaléria (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Fotogalerie (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Fotogalleri (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Fotoğraf Galerisi (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Fotótár (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Galeria de Fotos (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Galerija fotografija (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live ID Sign-in Assistant (Version: 7.250.4225.0 - Microsoft Corporation) Hidden Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Language Selector (Version: 15.4.3508.1109 - Microsoft Corporation) Hidden Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Mesh (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden Windows Live Remote Client (Version: 15.4.5722.2 - Microsoft Corporation) Hidden Windows Live Remote Client Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden Windows Live Remote Service (Version: 15.4.5722.2 - Microsoft Corporation) Hidden Windows Live Remote Service Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Temel Parçalar (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live 影像中心 (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live 程式集 (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Liven asennustyökalu (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Liven sähköposti (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Liven valokuvavalikoima (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden WinRAR 4.20 (64-bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH) Συλλογή φωτογραφιών του Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Основные компоненты Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Почта Windows Live (x32 Version: 15.4.3502.0922 - Корпорация Майкрософт) Hidden Фотоальбом Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Фотогалерия на Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden גלריית התמונות של Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden بريد Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden معرض صور Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden ==================== Restore Points ========================= 10-07-2014 13:34:15 Windows Update 10-07-2014 16:03:00 Herstelbewerking 10-07-2014 20:34:28 Windows Update 10-07-2014 20:48:20 Windows Update 14-07-2014 09:21:46 Windows Update 15-07-2014 21:32:53 Windows Update ==================== Hosts content: ========================== 2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts ==================== Scheduled Tasks (whitelisted) ============= Task: {0FE833D6-1CC1-4D33-AD84-2DA4D5B307D0} - System32\Tasks\Adobe Reader Speed Launcher => C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe Task: {5C5FE30A-AAA1-4C2E-AD79-30544C05DA33} - System32\Tasks\Adobe ARM => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21] (Adobe Systems Incorporated) Task: {8DEBD8F5-E8CC-449C-BE51-2263C43011FE} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-07-09] (Adobe Systems Incorporated) Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe ==================== Loaded Modules (whitelisted) ============= 2012-05-23 18:47 - 2014-05-20 03:25 - 00116568 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll 2012-05-11 15:04 - 2013-03-29 16:39 - 00076888 _____ () C:\Windows\SysWOW64\PnkBstrA.exe 2013-04-04 16:38 - 2011-12-01 21:15 - 00777448 ____N () C:\Program Files\Plantronics\GameCom780\GameCom780.exe 2011-08-11 05:58 - 2011-08-11 05:58 - 00627304 _____ () C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe 2013-04-04 16:38 - 2011-12-01 21:16 - 00150760 ____N () C:\Program Files\Plantronics\GameCom780\VmixPLGC.dll 2011-08-11 05:57 - 2011-08-11 05:57 - 00151656 _____ () C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyHook.dll 2014-02-14 17:17 - 2014-02-14 17:17 - 00169472 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\0a0467413a424068d1471448ff6ca6cc\IsdiInterop.ni.dll 2012-02-07 01:25 - 2010-11-06 09:50 - 00058880 _____ () C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IsdiInterop.dll 2014-06-18 04:58 - 2014-06-18 04:58 - 03852912 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll 2014-07-09 11:31 - 2014-07-09 11:31 - 17029808 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll ==================== Alternate Data Streams (whitelisted) ========= ==================== Safe Mode (whitelisted) =================== ==================== EXE Association (whitelisted) ============= ==================== MSCONFIG/TASK MANAGER disabled items ========= MSCONFIG\Services: HssSrv => 2 MSCONFIG\Services: HssTrayService => 3 MSCONFIG\Services: SkypeUpdate => 2 MSCONFIG\startupreg: KPeerNexonEU => C:\Nexon\NEXON_EU_Downloader\nxEULauncher.exe MSCONFIG\startupreg: Norton Online Backup => C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun MSCONFIG\startupreg: Steam => "C:\Program Files (x86)\Steam\Steam.exe" -silent ==================== Faulty Device Manager Devices ============= Name: 802.11n draadloze LAN-kaart Description: 802.11n draadloze LAN-kaart Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: Ralink Technology, Corp. Service: netr28x Problem: : This device is disabled. (Code 22) Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions. ==================== Event log errors: ========================= Application errors: ================== Error: (07/16/2014 11:39:54 PM) (Source: MsiInstaller) (EventID: 11310) (User: Patrick-PC) Description: Product: Akamai NetSession Interface -- Error 1310. Error writing to file: C:\Users\Patrick\AppData\Local\Akamai\admintool.exe. System error 0. Verify that you have access to that directory. Error: (07/16/2014 11:39:33 PM) (Source: MsiInstaller) (EventID: 11310) (User: Patrick-PC) Description: Product: Akamai NetSession Interface -- Error 1310. Error writing to file: C:\Users\Patrick\AppData\Local\Akamai\admintool.exe. System error 0. Verify that you have access to that directory. Error: (07/16/2014 11:16:51 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Naam van toepassing met fout: plugin-container.exe, versie: 30.0.0.5269, tijdstempel: 0x53914233 Naam van module met fout: mozalloc.dll, versie: 30.0.0.5269, tijdstempel: 0x53911393 Uitzonderingscode: 0x80000003 Foutoffset: 0x0000141b Id van proces met fout: 0x115c Starttijd van toepassing met fout: 0xplugin-container.exe0 Pad naar toepassing met fout: plugin-container.exe1 Pad naar module met fout: plugin-container.exe2 Rapport-id: plugin-container.exe3 Error: (07/16/2014 11:01:38 PM) (Source: SideBySide) (EventID: 80) (User: ) Description: Kan activeringscontext voor C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1 niet maken. Fout in manifest of beleidsbestand C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2 op regel C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3. Een onderdeelversie die nodig is voor de toepassing conflicteert met een andere onderdeelversie die reeds actief is. Conflicterende onderdelen zijn: Onderdeel 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest. Onderdeel 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest. Error: (07/16/2014 11:01:31 PM) (Source: SideBySide) (EventID: 80) (User: ) Description: Kan activeringscontext voor C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1 niet maken. Fout in manifest of beleidsbestand C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2 op regel C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3. Een onderdeelversie die nodig is voor de toepassing conflicteert met een andere onderdeelversie die reeds actief is. Conflicterende onderdelen zijn: Onderdeel 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest. Onderdeel 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest. Error: (07/16/2014 10:45:50 PM) (Source: SideBySide) (EventID: 80) (User: ) Description: Kan activeringscontext voor C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1 niet maken. Fout in manifest of beleidsbestand C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2 op regel C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3. Een onderdeelversie die nodig is voor de toepassing conflicteert met een andere onderdeelversie die reeds actief is. Conflicterende onderdelen zijn: Onderdeel 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest. Onderdeel 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest. Error: (07/16/2014 10:45:48 PM) (Source: SideBySide) (EventID: 80) (User: ) Description: Kan activeringscontext voor C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1 niet maken. Fout in manifest of beleidsbestand C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2 op regel C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3. Een onderdeelversie die nodig is voor de toepassing conflicteert met een andere onderdeelversie die reeds actief is. Conflicterende onderdelen zijn: Onderdeel 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest. Onderdeel 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest. Error: (07/16/2014 10:44:36 PM) (Source: SideBySide) (EventID: 80) (User: ) Description: Kan activeringscontext voor C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1 niet maken. Fout in manifest of beleidsbestand C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2 op regel C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3. Een onderdeelversie die nodig is voor de toepassing conflicteert met een andere onderdeelversie die reeds actief is. Conflicterende onderdelen zijn: Onderdeel 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest. Onderdeel 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest. Error: (07/16/2014 10:44:34 PM) (Source: SideBySide) (EventID: 80) (User: ) Description: Kan activeringscontext voor C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1 niet maken. Fout in manifest of beleidsbestand C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2 op regel C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3. Een onderdeelversie die nodig is voor de toepassing conflicteert met een andere onderdeelversie die reeds actief is. Conflicterende onderdelen zijn: Onderdeel 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest. Onderdeel 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest. Error: (07/16/2014 10:43:39 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 System errors: ============= Microsoft Office Sessions: ========================= Error: (07/16/2014 11:39:54 PM) (Source: MsiInstaller) (EventID: 11310) (User: Patrick-PC) Description: Product: Akamai NetSession Interface -- Error 1310. Error writing to file: C:\Users\Patrick\AppData\Local\Akamai\admintool.exe. System error 0. Verify that you have access to that directory.(NULL)(NULL)(NULL)(NULL)(NULL) Error: (07/16/2014 11:39:33 PM) (Source: MsiInstaller) (EventID: 11310) (User: Patrick-PC) Description: Product: Akamai NetSession Interface -- Error 1310. Error writing to file: C:\Users\Patrick\AppData\Local\Akamai\admintool.exe. System error 0. Verify that you have access to that directory.(NULL)(NULL)(NULL)(NULL)(NULL) Error: (07/16/2014 11:16:51 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: plugin-container.exe30.0.0.526953914233mozalloc.dll30.0.0.526953911393800000030000141b115c01cfa1371148a843C:\Program Files (x86)\Mozilla Firefox\plugin-container.exeC:\Program Files (x86)\Mozilla Firefox\mozalloc.dll805d6fd7-0d2e-11e4-aef6-c89cdcebeee9 Error: (07/16/2014 11:01:38 PM) (Source: SideBySide) (EventID: 80) (User: ) Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Patrick\Downloads\esetsmartinstaller_enu.exe Error: (07/16/2014 11:01:31 PM) (Source: SideBySide) (EventID: 80) (User: ) Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Patrick\Downloads\esetsmartinstaller_enu.exe Error: (07/16/2014 10:45:50 PM) (Source: SideBySide) (EventID: 80) (User: ) Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Patrick\Downloads\esetsmartinstaller_enu.exe Error: (07/16/2014 10:45:48 PM) (Source: SideBySide) (EventID: 80) (User: ) Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Patrick\Downloads\esetsmartinstaller_enu.exe Error: (07/16/2014 10:44:36 PM) (Source: SideBySide) (EventID: 80) (User: ) Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Patrick\Downloads\esetsmartinstaller_enu.exe Error: (07/16/2014 10:44:34 PM) (Source: SideBySide) (EventID: 80) (User: ) Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Patrick\Downloads\esetsmartinstaller_enu.exe Error: (07/16/2014 10:43:39 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 CodeIntegrity Errors: =================================== Date: 2012-05-11 22:50:47.169 Description: De integriteit van de kopie van het bestand \Device\HarddiskVolume3\ijji\ENGLISH\Gunz\GameGuard\dump_wmimmc.sys kan niet worden geverifieerd omdat de bestands-hash niet is gevonden op het systeem. Tijdens een recente hardware- of softwarewijziging is mogelijk een bestand geïnstalleerd dat onjuist ondertekend of beschadigd is, of dat mogelijk kwaadwillende software van een onbekende bron is. Date: 2012-05-11 22:50:47.151 Description: De integriteit van de kopie van het bestand \Device\HarddiskVolume3\ijji\ENGLISH\Gunz\GameGuard\dump_wmimmc.sys kan niet worden geverifieerd omdat de bestands-hash niet is gevonden op het systeem. Tijdens een recente hardware- of softwarewijziging is mogelijk een bestand geïnstalleerd dat onjuist ondertekend of beschadigd is, of dat mogelijk kwaadwillende software van een onbekende bron is. ==================== Memory info =========================== Percentage of memory in use: 37% Total physical RAM: 6126.01 MB Available physical RAM: 3811.77 MB Total Pagefile: 12250.2 MB Available Pagefile: 9909.14 MB Total Virtual: 8192 MB Available Virtual: 8191.85 MB ==================== Drives ================================ Drive c: (Acer) (Fixed) (Total:455.45 GB) (Free:374.39 GB) NTFS Drive d: (DATA) (Fixed) (Total:455.96 GB) (Free:455.86 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 932 GB) (Disk ID: 30B852E5) Partition 1: (Not Active) - (Size=20 GB) - (Type=27) Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=455 GB) - (Type=07 NTFS) Partition 4: (Not Active) - (Size=456 GB) - (Type=07 NTFS) ==================== End Of Log ============================ -
PC and Internet running slow, might be infected.
kemped replied to kemped's topic in Resolved Malware Removal Logs
I didn't think it would fit I'm sorry. -
PC and Internet running slow, might be infected.
kemped replied to kemped's topic in Resolved Malware Removal Logs
Malwarebytes Anti-Malware www.malwarebytes.org Scan Date: 16-7-2014 Scan Time: 22:50:06 Logfile: Administrator: Yes Version: 2.00.2.1012 Malware Database: v2014.07.16.08 Rootkit Database: v2014.07.14.01 License: Trial Malware Protection: Enabled Malicious Website Protection: Enabled Self-protection: Disabled OS: Windows 7 Service Pack 1 CPU: x64 File System: NTFS User: Patrick Scan Type: Threat Scan Result: Completed Objects Scanned: 327236 Time Elapsed: 8 min, 48 sec Memory: Enabled Startup: Enabled Filesystem: Enabled Archives: Enabled Rootkits: Enabled Heuristics: Enabled PUP: Enabled PUM: Enabled Processes: 0 (No malicious items detected) Modules: 0 (No malicious items detected) Registry Keys: 0 (No malicious items detected) Registry Values: 0 (No malicious items detected) Registry Data: 0 (No malicious items detected) Folders: 0 (No malicious items detected) Files: 0 (No malicious items detected) Physical Sectors: 0 (No malicious items detected) (end) -
PC and Internet running slow, might be infected.
kemped replied to kemped's topic in Resolved Malware Removal Logs
# AdwCleaner v3.215 - Rapport aangemaakt 16/07/2014 op 22:41:02 # Laatste Update 09/07/2014 door Xplode # Besturingssysteem : Windows 7 Home Premium Service Pack 1 (64 bits) # Gebruikersnaam : Patrick - PATRICK-PC # Gestart vanuit : C:\Users\Patrick\Downloads\AdwCleaner.exe # Optie : Verwijderen ***** [ Services ] ***** ***** [ Bestanden / Mappen ] ***** Map Verwijderd : C:\Users\Patrick\AppData\Local\Temp\hotspot shield ***** [ Snelkoppelingen ] ***** ***** [ Register ] ***** ***** [ Browsers ] ***** -\\ Internet Explorer v11.0.9600.17207 -\\ Mozilla Firefox v30.0 (nl) [ Bestand : C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\ruhroa3l.default\prefs.js ] [ Bestand : C:\Users\Patrick\AppData\Roaming\Mozilla\Firefox\Profiles\uh0a2ezk.default\prefs.js ] ************************* AdwCleaner[R0].txt - [981 octets] - [16/07/2014 22:38:49] AdwCleaner[s0].txt - [908 octets] - [16/07/2014 22:41:02] ########## EOF - C:\AdwCleaner\AdwCleaner[s0].txt - [967 octets] ########## -
PC and Internet running slow, might be infected.
kemped replied to kemped's topic in Resolved Malware Removal Logs
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Junkware Removal Tool (JRT) by Thisisu Version: 6.1.4 (04.06.2014:1) OS: Windows 7 Home Premium x64 Ran by Patrick on wo 16-07-2014 at 22:32:20,85 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~ Services ~~~ Registry Values ~~~ Registry Keys Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\anchorfree ~~~ Files ~~~ Folders Successfully deleted: [Empty Folder] C:\Users\Patrick\appdata\local\{4D119BDB-C640-4EC0-964A-8619C67BD8C8} Successfully deleted: [Empty Folder] C:\Users\Patrick\appdata\local\{540A5E85-98ED-446A-A3C9-F3789325A1B8} Successfully deleted: [Empty Folder] C:\Users\Patrick\appdata\local\{7AF53350-A04A-4DEA-93BB-B33C0A56A089} Successfully deleted: [Empty Folder] C:\Users\Patrick\appdata\local\{A6F756BA-408C-45EF-92C3-9E56B4A55DC3} Successfully deleted: [Empty Folder] C:\Users\Patrick\appdata\local\{A801D19F-47AC-4DFD-8841-AD278FF69215} Successfully deleted: [Empty Folder] C:\Users\Patrick\appdata\local\{A8D2C2E0-7D22-415E-9794-10B4CC23623D} ~~~ FireFox Successfully deleted: [File] C:\Users\Patrick\AppData\Roaming\mozilla\firefox\profiles\uh0a2ezk.default\invalidprefs.js Emptied folder: C:\Users\Patrick\AppData\Roaming\mozilla\firefox\profiles\uh0a2ezk.default\minidumps [174 files] ~~~ Event Viewer Logs were cleared ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Scan was completed on wo 16-07-2014 at 22:36:05,01 End of JRT log ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ -
PC and Internet running slow, might be infected.
kemped replied to kemped's topic in Resolved Malware Removal Logs
I can't get the malwarebytes log because it stops warking everytimeI try to copy or export the scan. Rkill 2.6.7 by Lawrence Abrams (Grinler) http://www.bleepingcomputer.com/ Copyright 2008-2014 BleepingComputer.com More Information about Rkill can be found at this link: http://www.bleepingcomputer.com/forums/topic308364.html Program started at: 07/15/2014 11:43:46 PM in x64 mode. Windows Version: Windows 7 Home Premium Service Pack 1 Checking for Windows services to stop: * No malware services found to stop. Checking for processes to terminate: * No malware processes found to kill. Checking Registry for malware related settings: * No issues found in the Registry. Resetting .EXE, .COM, & .BAT associations in the Windows Registry. Performing miscellaneous checks: * No issues found. Checking Windows Service Integrity: * No issues found. Searching for Missing Digital Signatures: * No issues found. Checking HOSTS File: * No issues found. Program finished at: 07/15/2014 11:43:51 PM Execution time: 0 hours(s), 0 minute(s), and 5 seconds(s) - RogueKiller V9.2.3.0 (x64) [Jul 11 2014] by Adlice Software mail : http://www.adlice.com/contact/ Feedback : http://forum.adlice.com Website : http://www.adlice.com/softwares/roguekiller/ Blog : http://www.adlice.com besturingssysteem : Windows 7 (6.1.7601 Service Pack 1) 64 bits version Gestart vanuit : Normale modus Gebruiker : Patrick [Administrator rechten] Modus : Scan -- Datum : 07/16/2014 09:52:27 ¤¤¤ Kwaadaardige processen : 0 ¤¤¤ ¤¤¤ Register verwijzingen : 4 ¤¤¤ [PUM.DesktopIcons] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1 -> gevonden [PUM.DesktopIcons] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1 -> gevonden [PUM.DesktopIcons] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1 -> gevonden [PUM.DesktopIcons] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1 -> gevonden ¤¤¤ geplande taken : 0 ¤¤¤ ¤¤¤ Files : 0 ¤¤¤ ¤¤¤ HOSTS Bestand : 0 ¤¤¤ ¤¤¤ Antirootkit : 0 (Driver: Geladen) ¤¤¤ ¤¤¤ webbrowsers : 0 ¤¤¤ ¤¤¤ MBR Controle : ¤¤¤ +++++ PhysicalDrive0: WDC WD10EARX-22N0YB0 +++++ --- User --- [MBR] 785ecec1df07236b6917f0bd1b1a4be5 [bSP] 9cf65ee326386cde493aa45358a29e18 : Windows Vista/7/8 MBR Code Partition table: 0 - [XXXXXX] ACER (0x27) [VISIBLE] Offset (sectors): 2048 | Size: 20480 MB 1 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 41945088 | Size: 100 MB 2 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 42149888 | Size: 466382 MB 3 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 997300224 | Size: 466905 MB User = LL1 ... OK User = LL2 ... OK +++++ PhysicalDrive1: Generic- Compact Flash USB Device +++++ Error reading User MBR! ([15] Het apparaat is niet klaar. ) Error reading LL1 MBR! NOT VALID! Error reading LL2 MBR! ([32] De aanvraag wordt niet ondersteund. ) +++++ PhysicalDrive2: Multiple Flash Reader USB Device +++++ Error reading User MBR! ([15] Het apparaat is niet klaar. ) Error reading LL1 MBR! NOT VALID! Error reading LL2 MBR! ([32] De aanvraag wordt niet ondersteund. ) ============================================ RKreport_SCN_07162014_094845.log -
PC and Internet running slow, might be infected.
kemped replied to kemped's topic in Resolved Malware Removal Logs
I don't want to continue untill I hear back so I'll stop untill tomorrow -
PC and Internet running slow, might be infected.
kemped replied to kemped's topic in Resolved Malware Removal Logs
There are 2 issues, first was malwarebytes didn't start anymore so I had to use the clean install/reinstall which needed a reboot, and after the scan was done 4 PUP.optional.conduit.A were found, i put then in quarantine and had to reboot pc. So now it's been rebooted twice but I didn't run RKill everytime it restarted, the first time nothing showed up anyways. Now i have an issue with copying to clipboard on malwarebytes. after I completed the scan I wanted to copy scan to clipboard but everytime I do it malwarebytes stops working and shuts off. -
PC and Internet running slow, might be infected.
kemped replied to kemped's topic in Resolved Malware Removal Logs
hello?? Everything I start this pc the internet becomes extremely slow and unusable, if this pc is off the internet is fine on other computers.