kemped

All done, is there anything left to do? If not thank you for all your help, I believe it's clean now.

Yes that is what I meant, thank you for your help. The registry backup is left, should I also delete that aswell?

I don't see any issues right now it's been fine for 2 days. Where can I reinstall akamai netsession? And could you please give me the steps to set my pc back to before this by reverting everything?

MiniToolBox by Farbar Version: 06-07-2014 Ran by Patrick (administrator) on 19-07-2014 at 08:29:47 Running from "C:\Users\Patrick\Downloads" Microsoft Windows 7 Home Premium Service Pack 1 (X64) Boot Mode: Normal *************************************************************************** ========================= Flush DNS: =================================== Windows IP-configuratie De DNS-omzettingscache is leeggemaakt. ========================= IE Proxy Settings: ============================== Proxy is not enabled. No Proxy Server is set. "Reset IE Proxy Settings": IE Proxy Settings were reset. ========================= FF Proxy Settings: ============================== "Reset FF Proxy Settings": Firefox Proxy settings were reset. ========================= Hosts content: ================================= ========================= IP Configuration: ================================ Intel® 82579V Gigabit Network Connection = LAN-verbinding (Connected) 802.11n draadloze LAN-kaart = Draadloze netwerkverbinding (Hardware not present) # ---------------------------------- # IPv4-configuratie # ---------------------------------- pushd interface ipv4 reset set global icmpredirects=enabled taskoffload=disabled popd # Einde van IPv4-configuratie Windows IP-configuratie Hostnaam . . . . . . . . . . . . : Patrick-PC Primair DNS-achtervoegsel . . . . : Knooppunttype . . . . . . . . . . : hybride IP-routering ingeschakeld . . . . : nee WINS-proxy ingeschakeld . . . . . : nee Ethernet-adapter voor LAN-verbinding: Verbindingsspec. DNS-achtervoegsel: Beschrijving. . . . . . . . . . . : Intel® 82579V Gigabit Network Connection Fysiek adres. . . . . . . . . . . : C8-9C-DC-EB-EE-E9 DHCP ingeschakeld . . . . . . . . : ja Autom. configuratie ingeschakeld : ja Link-local IPv6-adres . . . . . . : fe80::5c69:2e26:3db1:2dfe%11(voorkeur) IPv4-adres. . . . . . . . . . . . : 192.168.0.103(voorkeur) Subnetmasker. . . . . . . . . . . : 255.255.255.0 Lease verkregen . . . . . . . . . : zaterdag 19 juli 2014 8:27:56 Lease verlopen. . . . . . . . . . : maandag 28 juli 2014 17:39:21 Standaardgateway. . . . . . . . . : 192.168.0.1 DHCP-server . . . . . . . . . . . : 192.168.0.1 DHCPv6 IAID . . . . . . . . . . . : 336623826 DHCPv6-client DUID. . . . . . . . : 00-01-00-01-16-C2-17-E2-C8-9C-DC-EB-EE-E9 DNS-servers . . . . . . . . . . . : 192.168.0.1 NetBIOS via TCPIP . . . . . . . . : ingeschakeld Tunnel-adapter voor isatap.{E2036B6D-929C-4B58-88CF-20251397EEF0}: Mediumstatus. . . . . . . . . . . : medium ontkoppeld Verbindingsspec. DNS-achtervoegsel: Beschrijving. . . . . . . . . . . : Microsoft ISATAP Adapter Fysiek adres. . . . . . . . . . . : 00-00-00-00-00-00-00-E0 DHCP ingeschakeld . . . . . . . . : nee Autom. configuratie ingeschakeld : ja Tunnel-adapter voor Teredo Tunneling Pseudo-Interface: Verbindingsspec. DNS-achtervoegsel: Beschrijving. . . . . . . . . . . : Teredo Tunneling Pseudo-Interface Fysiek adres. . . . . . . . . . . : 00-00-00-00-00-00-00-E0 DHCP ingeschakeld . . . . . . . . : nee Autom. configuratie ingeschakeld : ja IPv6-adres. . . . . . . . . . . . : 2001:0:9d38:6abd:3425:1fd4:3f57:ff98(voorkeur) Link-local IPv6-adres . . . . . . : fe80::3425:1fd4:3f57:ff98%13(voorkeur) Standaardgateway. . . . . . . . . : :: NetBIOS via TCPIP . . . . . . . . : uitgeschakeld Server: UnKnown Address: 192.168.0.1 Naam: google.com Addresses: 2a00:1450:4013:c00::71 173.194.65.100 173.194.65.102 173.194.65.139 173.194.65.113 173.194.65.101 173.194.65.138 Pingen naar google.com [173.194.65.100] met 32 bytes aan gegevens: Antwoord van 173.194.65.100: bytes=32 tijd=15 ms TTL=49 Antwoord van 173.194.65.100: bytes=32 tijd=16 ms TTL=49 Ping-statistieken voor 173.194.65.100: Pakketten: verzonden = 2, ontvangen = 2, verloren = 0 (0% verlies). De gemiddelde tijd voor het uitvoeren van ��n bewerking in milliseconden: Minimum = 15ms, Maximum = 16ms, Gemiddelde = 15ms Server: UnKnown Address: 192.168.0.1 Naam: yahoo.com Addresses: 98.139.183.24 98.138.253.109 206.190.36.45 Pingen naar yahoo.com [98.139.183.24] met 32 bytes aan gegevens: Antwoord van 98.139.183.24: bytes=32 tijd=111 ms TTL=45 Antwoord van 98.139.183.24: bytes=32 tijd=109 ms TTL=45 Ping-statistieken voor 98.139.183.24: Pakketten: verzonden = 2, ontvangen = 2, verloren = 0 (0% verlies). De gemiddelde tijd voor het uitvoeren van ��n bewerking in milliseconden: Minimum = 109ms, Maximum = 111ms, Gemiddelde = 110ms Pingen naar 127.0.0.1 met 32 bytes aan gegevens: Antwoord van 127.0.0.1: bytes=32 tijd<1 ms TTL=128 Antwoord van 127.0.0.1: bytes=32 tijd<1 ms TTL=128 Ping-statistieken voor 127.0.0.1: Pakketten: verzonden = 2, ontvangen = 2, verloren = 0 (0% verlies). De gemiddelde tijd voor het uitvoeren van ��n bewerking in milliseconden: Minimum = 0ms, Maximum = 0ms, Gemiddelde = 0ms =========================================================================== Interfacelijst 11...c8 9c dc eb ee e9 ......Intel® 82579V Gigabit Network Connection 1...........................Software Loopback Interface 1 15...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter 13...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface =========================================================================== IPv4 routetabel =========================================================================== Actieve routes: Netwerkadres Netmasker Gateway Interface Metric 0.0.0.0 0.0.0.0 192.168.0.1 192.168.0.103 20 127.0.0.0 255.0.0.0 On-link 127.0.0.1 306 127.0.0.1 255.255.255.255 On-link 127.0.0.1 306 127.255.255.255 255.255.255.255 On-link 127.0.0.1 306 192.168.0.0 255.255.255.0 On-link 192.168.0.103 276 192.168.0.103 255.255.255.255 On-link 192.168.0.103 276 192.168.0.255 255.255.255.255 On-link 192.168.0.103 276 224.0.0.0 240.0.0.0 On-link 127.0.0.1 306 224.0.0.0 240.0.0.0 On-link 192.168.0.103 276 255.255.255.255 255.255.255.255 On-link 127.0.0.1 306 255.255.255.255 255.255.255.255 On-link 192.168.0.103 276 =========================================================================== Permanente routes: Geen IPv6 routetabel =========================================================================== Actieve routes: Indien metrische netwerkbestemming Gateway 13 58 ::/0 On-link 1 306 ::1/128 On-link 13 58 2001::/32 On-link 13 306 2001:0:9d38:6abd:3425:1fd4:3f57:ff98/128 On-link 11 276 fe80::/64 On-link 13 306 fe80::/64 On-link 13 306 fe80::3425:1fd4:3f57:ff98/128 On-link 11 276 fe80::5c69:2e26:3db1:2dfe/128 On-link 1 306 ff00::/8 On-link 13 306 ff00::/8 On-link 11 276 ff00::/8 On-link =========================================================================== Permanente routes: Geen ========================= Winsock entries ===================================== Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation) Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation) Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation) Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation) Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation) Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation) Catalog5 07 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.) Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280] (Microsoft Corp.) Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation) Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation) Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation) Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation) Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation) Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation) Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation) Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation) Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation) Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation) x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation) x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation) x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation) x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation) x64-Catalog5 05 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation) x64-Catalog5 06 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation) x64-Catalog5 07 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [170880] (Microsoft Corp.) x64-Catalog5 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [170880] (Microsoft Corp.) x64-Catalog9 01 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation) x64-Catalog9 02 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation) x64-Catalog9 03 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation) x64-Catalog9 04 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation) x64-Catalog9 05 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation) x64-Catalog9 06 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation) x64-Catalog9 07 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation) x64-Catalog9 08 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation) x64-Catalog9 09 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation) x64-Catalog9 10 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation) ========================= Event log errors: =============================== Application errors: ================== Error: (07/19/2014 08:28:45 AM) (Source: WinMgmt) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (07/19/2014 08:28:40 AM) (Source: MsiInstaller) (User: Patrick-PC) Description: Product: Akamai NetSession Interface -- Error 1310. Error writing to file: C:\Users\Patrick\AppData\Local\Akamai\admintool.exe. System error 0. Verify that you have access to that directory. Error: (07/19/2014 08:28:19 AM) (Source: MsiInstaller) (User: Patrick-PC) Description: Product: Akamai NetSession Interface -- Error 1310. Error writing to file: C:\Users\Patrick\AppData\Local\Akamai\admintool.exe. System error 0. Verify that you have access to that directory. Error: (07/19/2014 02:09:33 AM) (Source: Application Hang) (User: ) Description: Het programma mb_wfas.exe, versie 1.0.0.0 reageert niet meer op Windows en is afgesloten. Als u wilt zien of er meer informatie over het probleem beschikbaar is, raadpleegt u de probleemgeschiedenis in het onderdeel Onderhoudscentrum in het Configuratiescherm. Proces-id: 1fbc Starttijd: 01cfa2e58a5c8019 Eindtijd: 28 Toepassingspad: C:\Program Files (x86)\Steam\steamapps\common\Mount & Blade With Fire and Sword\mb_wfas.exe Rapport-id: Error: (07/19/2014 00:56:33 AM) (Source: MsiInstaller) (User: Patrick-PC) Description: Product: Akamai NetSession Interface -- Error 1310. Error writing to file: C:\Users\Patrick\AppData\Local\Akamai\admintool.exe. System error 0. Verify that you have access to that directory. Error: (07/19/2014 00:56:13 AM) (Source: MsiInstaller) (User: Patrick-PC) Description: Product: Akamai NetSession Interface -- Error 1310. Error writing to file: C:\Users\Patrick\AppData\Local\Akamai\admintool.exe. System error 0. Verify that you have access to that directory. Error: (07/18/2014 08:50:51 PM) (Source: MsiInstaller) (User: Patrick-PC) Description: Product: Akamai NetSession Interface -- Error 1310. Error writing to file: C:\Users\Patrick\AppData\Local\Akamai\admintool.exe. System error 0. Verify that you have access to that directory. Error: (07/18/2014 08:50:12 PM) (Source: MsiInstaller) (User: Patrick-PC) Description: Product: Akamai NetSession Interface -- Error 1310. Error writing to file: C:\Users\Patrick\AppData\Local\Akamai\admintool.exe. System error 0. Verify that you have access to that directory. Error: (07/18/2014 03:21:06 PM) (Source: MsiInstaller) (User: Patrick-PC) Description: Product: Akamai NetSession Interface -- Error 1310. Error writing to file: C:\Users\Patrick\AppData\Local\Akamai\admintool.exe. System error 0. Verify that you have access to that directory. Error: (07/18/2014 03:20:12 PM) (Source: MsiInstaller) (User: Patrick-PC) Description: Product: Akamai NetSession Interface -- Error 1310. Error writing to file: C:\Users\Patrick\AppData\Local\Akamai\admintool.exe. System error 0. Verify that you have access to that directory. System errors: ============= Error: (07/18/2014 09:34:46 AM) (Source: Microsoft Antimalware) (User: ) Description: %NT AUTHORITY60 heeft een fout gevonden tijdens het bijwerken van handtekeningen. Nieuwe handtekeningversie: Vorige handtekeningversie: 1.179.214.0 Updatebron: %NT AUTHORITY59 Updatefase: 4.5.0216.00 Bronpad: 4.5.0216.01 Type handtekening: %NT AUTHORITY602 Type update: %NT AUTHORITY604 Gebruiker: NT AUTHORITY\SYSTEM Huidige engineversie: %NT AUTHORITY605 Vorige engineversie: %NT AUTHORITY606 Foutcode: %NT AUTHORITY607 Foutbeschrijving: %NT AUTHORITY608 Error: (07/18/2014 09:29:11 AM) (Source: Service Control Manager) (User: ) Description: De Steam Client Service-service kan vanwege de volgende fout niet worden gestart: %%1053 Error: (07/18/2014 09:29:11 AM) (Source: Service Control Manager) (User: ) Description: Time-out (30000 seconden) tijdens het wachten op het verbinden van deze service: Steam Client Service. Error: (07/17/2014 01:17:09 AM) (Source: Service Control Manager) (User: ) Description: De NVIDIA Stereoscopic 3D Driver Service-service is onverwacht beëindigd. Dit is nu 1 keer gebeurd. Microsoft Office Sessions: ========================= Error: (07/19/2014 08:28:45 AM) (Source: WinMgmt)(User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (07/19/2014 08:28:40 AM) (Source: MsiInstaller)(User: Patrick-PC) Description: Product: Akamai NetSession Interface -- Error 1310. Error writing to file: C:\Users\Patrick\AppData\Local\Akamai\admintool.exe. System error 0. Verify that you have access to that directory.(NULL)(NULL)(NULL)(NULL)(NULL) Error: (07/19/2014 08:28:19 AM) (Source: MsiInstaller)(User: Patrick-PC) Description: Product: Akamai NetSession Interface -- Error 1310. Error writing to file: C:\Users\Patrick\AppData\Local\Akamai\admintool.exe. System error 0. Verify that you have access to that directory.(NULL)(NULL)(NULL)(NULL)(NULL) Error: (07/19/2014 02:09:33 AM) (Source: Application Hang)(User: ) Description: mb_wfas.exe1.0.0.01fbc01cfa2e58a5c801928C:\Program Files (x86)\Steam\steamapps\common\Mount & Blade With Fire and Sword\mb_wfas.exe Error: (07/19/2014 00:56:33 AM) (Source: MsiInstaller)(User: Patrick-PC) Description: Product: Akamai NetSession Interface -- Error 1310. Error writing to file: C:\Users\Patrick\AppData\Local\Akamai\admintool.exe. System error 0. Verify that you have access to that directory.(NULL)(NULL)(NULL)(NULL)(NULL) Error: (07/19/2014 00:56:13 AM) (Source: MsiInstaller)(User: Patrick-PC) Description: Product: Akamai NetSession Interface -- Error 1310. Error writing to file: C:\Users\Patrick\AppData\Local\Akamai\admintool.exe. System error 0. Verify that you have access to that directory.(NULL)(NULL)(NULL)(NULL)(NULL) Error: (07/18/2014 08:50:51 PM) (Source: MsiInstaller)(User: Patrick-PC) Description: Product: Akamai NetSession Interface -- Error 1310. Error writing to file: C:\Users\Patrick\AppData\Local\Akamai\admintool.exe. System error 0. Verify that you have access to that directory.(NULL)(NULL)(NULL)(NULL)(NULL) Error: (07/18/2014 08:50:12 PM) (Source: MsiInstaller)(User: Patrick-PC) Description: Product: Akamai NetSession Interface -- Error 1310. Error writing to file: C:\Users\Patrick\AppData\Local\Akamai\admintool.exe. System error 0. Verify that you have access to that directory.(NULL)(NULL)(NULL)(NULL)(NULL) Error: (07/18/2014 03:21:06 PM) (Source: MsiInstaller)(User: Patrick-PC) Description: Product: Akamai NetSession Interface -- Error 1310. Error writing to file: C:\Users\Patrick\AppData\Local\Akamai\admintool.exe. System error 0. Verify that you have access to that directory.(NULL)(NULL)(NULL)(NULL)(NULL) Error: (07/18/2014 03:20:12 PM) (Source: MsiInstaller)(User: Patrick-PC) Description: Product: Akamai NetSession Interface -- Error 1310. Error writing to file: C:\Users\Patrick\AppData\Local\Akamai\admintool.exe. System error 0. Verify that you have access to that directory.(NULL)(NULL)(NULL)(NULL)(NULL) CodeIntegrity Errors: =================================== Date: 2012-05-11 22:50:47.169 Description: De integriteit van de kopie van het bestand \Device\HarddiskVolume3\ijji\ENGLISH\Gunz\GameGuard\dump_wmimmc.sys kan niet worden geverifieerd omdat de bestands-hash niet is gevonden op het systeem. Tijdens een recente hardware- of softwarewijziging is mogelijk een bestand geïnstalleerd dat onjuist ondertekend of beschadigd is, of dat mogelijk kwaadwillende software van een onbekende bron is. Date: 2012-05-11 22:50:47.151 Description: De integriteit van de kopie van het bestand \Device\HarddiskVolume3\ijji\ENGLISH\Gunz\GameGuard\dump_wmimmc.sys kan niet worden geverifieerd omdat de bestands-hash niet is gevonden op het systeem. Tijdens een recente hardware- of softwarewijziging is mogelijk een bestand geïnstalleerd dat onjuist ondertekend of beschadigd is, of dat mogelijk kwaadwillende software van een onbekende bron is. =========================== Installed Programs ============================ Acer eRecovery Management (HKLM-x32\...\{7F811A54-5A09-4579-90E1-C93498E230D9}) (Version: 5.00.3505 - Acer Incorporated) Acer Registration (HKLM-x32\...\Acer Registration) (Version: 1.04.3503 - Acer Incorporated) Acer ScreenSaver (HKLM-x32\...\Acer Screensaver) (Version: 1.1.0609.2011 - Acer Incorporated) Acer Updater (HKLM-x32\...\{EE171732-BEB4-4576-887D-CB62727F01CA}) (Version: 1.02.3500 - Acer Incorporated) Adobe Flash Player 14 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 14.0.0.145 - Adobe Systems Incorporated) Adobe Flash Player 14 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 14.0.0.145 - Adobe Systems Incorporated) Adobe Reader XI (11.0.07) - Nederlands (HKLM-x32\...\{AC76BA86-7AD7-1043-7B44-AB0000000001}) (Version: 11.0.07 - Adobe Systems Incorporated) Akamai NetSession Interface (HKCU\...\Akamai) (Version: - Akamai Technologies, Inc) Bandisoft MPEG-1 Decoder (HKLM-x32\...\BandiMPEG1) (Version: - ) D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden ERUNT 1.1j (HKLM-x32\...\ERUNT_is1) (Version: - Lars Hederer) Evernote v. 4.5.1 (HKLM-x32\...\{28921580-E4BB-11E0-9FD7-1CC1DEF07CBE}) (Version: 4.5.1.5451 - Evernote Corp.) Fotogalerija Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Futuremark SystemInfo (HKLM-x32\...\{BEE64C14-BEF1-4610-8A68-A16EAA47B882}) (Version: 4.15.0 - Futuremark Corporation) Galeria de Fotografias do Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Galería fotográfica de Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Galeria fotogràfica del Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Galeria fotografii uslugi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Galerie de photos Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Galerie foto Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Hotkey Utility (HKLM-x32\...\Hotkey Utility) (Version: 2.05.3505 - Acer Incorporated) Identity Card (HKLM-x32\...\Identity Card) (Version: 1.00.3501 - Acer Incorporated) Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation) Intel® Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.1.0.1008 - Intel Corporation) Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Malwarebytes Anti-Malware versie 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation) Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation) Microsoft .NET Framework 4.5.1 (Nederlands) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1043) (Version: 4.5.50938 - Microsoft Corporation) Microsoft .NET Framework 4.5.1 (NLD) (Version: 4.5.50938 - Microsoft Corporation) Hidden Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}) (Version: 3.5.92.0 - Microsoft Corporation) Microsoft Games for Windows Marketplace (HKLM-x32\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation) Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation) Microsoft Security Client (Version: 4.5.0216.0 - Microsoft Corporation) Hidden Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.5.216.0 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation) Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation) Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation) Mount & Blade: Warband (HKLM-x32\...\Steam App 48700) (Version: - TaleWorlds Entertainment) Mozilla Firefox 30.0 (x86 nl) (HKLM-x32\...\Mozilla Firefox 30.0 (x86 nl)) (Version: 30.0 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla) MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation) MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation) MyWinLocker (Version: 4.0.14.25 - Egis Technology Inc.) Hidden MyWinLocker 4 (x32 Version: 4.0.14.25 - Egis Technology Inc.) Hidden MyWinLocker Suite (HKLM-x32\...\InstallShield_{17DF9714-60C9-43C9-A9C2-32BCAED44CBE}) (Version: 4.0.14.15 - Egis Technology Inc.) MyWinLocker Suite (x32 Version: 4.0.14.15 - Egis Technology Inc.) Hidden Nero Control Center 10 (x32 Version: 10.2.11100.1.1 - Nero AG) Hidden Nero ControlCenter 10 Help (CHM) (x32 Version: 10.5.10000 - Nero AG) Hidden Nero Core Components 10 (x32 Version: 2.0.18100.8.8 - Nero AG) Hidden Nero DiscSpeed 10 (HKLM-x32\...\{34490F4E-48D0-492E-8249-B48BECF0537C}) (Version: 6.2.10500.2.100 - Nero AG) Nero DiscSpeed 10 Help (CHM) (x32 Version: 10.5.10000 - Nero AG) Hidden Nero Express 10 (HKLM-x32\...\{70550193-1C22-445C-8FA4-564E155DB1A7}) (Version: 10.2.12000.21.100 - Nero AG) Nero Express 10 Help (CHM) (x32 Version: 10.5.10200 - Nero AG) Hidden Nero Multimedia Suite 10 Essentials (HKLM-x32\...\{62BF4BD3-B1F6-4FA2-8388-CC0647ACBF86}) (Version: 10.5.10300 - Nero AG) Nero StartSmart 10 (HKLM-x32\...\{F61D489E-6C44-49AC-AD02-7DA8ACA73A65}) (Version: 10.2.11600.14.100 - Nero AG) Nero StartSmart 10 Help (CHM) (x32 Version: 10.5.10000 - Nero AG) Hidden Nero Update (HKLM-x32\...\{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}) (Version: 1.0.0018 - Nero AG) Norton Online Backup (HKLM-x32\...\{40A66DF6-22D3-44B5-A7D3-83B118A2C0DC}) (Version: 2.1.17869 - Symantec Corporation) NVIDIA 3D Vision controllerstuurprogramma 337.88 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 337.88 - NVIDIA Corporation) NVIDIA 3D Vision stuurprogramma 337.88 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 337.88 - NVIDIA Corporation) NVIDIA GeForce Experience 2.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1 - NVIDIA Corporation) NVIDIA Grafisch stuurprogramma 337.88 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 337.88 - NVIDIA Corporation) NVIDIA HD Audio-stuurprogramma 1.3.30.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.30.1 - NVIDIA Corporation) NVIDIA Install Application (Version: 2.1002.157.1165 - NVIDIA Corporation) Hidden NVIDIA LED Visualizer 1.0 (Version: 1.0 - NVIDIA Corporation) Hidden NVIDIA Network Service (Version: 1.0 - NVIDIA Corporation) Hidden NVIDIA Optimus Update 14.6.22 (Version: 14.6.22 - NVIDIA Corporation) Hidden NVIDIA PhysX (x32 Version: 9.13.1220 - NVIDIA Corporation) Hidden NVIDIA PhysX systeemsoftware 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation) NVIDIA ShadowPlay 14.6.22 (Version: 14.6.22 - NVIDIA Corporation) Hidden NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.12.6514 - NVIDIA Corporation) Hidden NVIDIA Update 14.6.22 (Version: 14.6.22 - NVIDIA Corporation) Hidden NVIDIA Update Core (Version: 14.6.22 - NVIDIA Corporation) Hidden NVIDIA Virtual Audio 1.2.23 (Version: 1.2.23 - NVIDIA Corporation) Hidden NVIDIA-configuratiescherm 337.88 (Version: 337.88 - NVIDIA Corporation) Hidden OpenAL (HKLM-x32\...\OpenAL) (Version: - ) Plantronics® GameCom 780 Software for Dolby® Headphone (HKLM-x32\...\{EB3C9064-9140-4279-9E51-965119402151}) (Version: 1.00.0001 - Plantronics) Poczta uslugi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Podstawowe programy Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Pošta Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.988 - Even Balance, Inc.) Raccolta foto di Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6242 - Realtek Semiconductor Corp.) SHIELD Streaming (Version: 2.1.214 - NVIDIA Corporation) Hidden Shredder (Version: 2.0.8.9 - Egis Technology Inc.) Hidden Shredder (x32 Version: 2.0.8.9 - Egis Technology Inc.) Hidden Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation) swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden Welcome Center (HKLM-x32\...\Acer Welcome Center) (Version: 1.02.3504 - Acer Incorporated) Windows Live Argazki Galeria (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation) Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Fotogaléria (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Fotogalerie (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Fotogalleri (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Fotograf Galerisi (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Fotótár (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Galeria de Fotos (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Galerija fotografija (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live ID Sign-in Assistant (Version: 7.250.4225.0 - Microsoft Corporation) Hidden Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Language Selector (Version: 15.4.3508.1109 - Microsoft Corporation) Hidden Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Mesh (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden Windows Live Remote Client (Version: 15.4.5722.2 - Microsoft Corporation) Hidden Windows Live Remote Client Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden Windows Live Remote Service (Version: 15.4.5722.2 - Microsoft Corporation) Hidden Windows Live Remote Service Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Temel Parçalar (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live ???? (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live ??? (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Liven asennustyökalu (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Liven sähköposti (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Liven valokuvavalikoima (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden WinRAR 4.20 (64-bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH) S?????? f?t???af??? t?? Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden ???????? ?????????? Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden ????? Windows Live (x32 Version: 15.4.3502.0922 - ?????????? ??????????) Hidden ?????????? Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden ??????????? ?? Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden ?????? ??????? ?? Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden ???? Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden ???? ??? Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden ========================= Devices: ================================ Name: 802.11n draadloze LAN-kaart Description: 802.11n draadloze LAN-kaart Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: Ralink Technology, Corp. Service: netr28x Problem: : This device is disabled. (Code 22) Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions. ========================= Memory info: =================================== Percentage of memory in use: 25% Total physical RAM: 6126.01 MB Available physical RAM: 4587.02 MB Total Pagefile: 12250.2 MB Available Pagefile: 10627.96 MB Total Virtual: 4095.88 MB Available Virtual: 3971.63 MB ========================= Partitions: ===================================== 1 Drive c: (Acer) (Fixed) (Total:455.45 GB) (Free:381.26 GB) NTFS 2 Drive d: (DATA) (Fixed) (Total:455.96 GB) (Free:455.86 GB) NTFS ========================= Users: ======================================== Gebruikersaccounts voor \\PATRICK-PC Administrator Gast Patrick De opdracht is voltooid. ========================= Minidump Files ================================== No minidump file found **** End of log ****

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 15-07-2014 01 Ran by Patrick at 2014-07-18 20:49:10 Run:1 Running from C:\Users\Patrick\Desktop Boot Mode: Normal ============================================== Content of fixlist: ***************** SearchScopes: HKLM - DefaultScope value is missing. SearchScopes: HKLM-x32 - DefaultScope value is missing. FF Plugin: @java.com/DTPlugin,version=10.7.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation) C:\ProgramData\DynuEncrypt.dll C:\Users\Patrick\random.dat ***************** HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully. HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully. 'HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.7.2' => Key deleted successfully. C:\Windows\system32\npDeployJava1.dll => Moved successfully. C:\ProgramData\DynuEncrypt.dll => Moved successfully. C:\Users\Patrick\random.dat => Moved successfully. ==== End of Fixlog ====

JavaRa 1.16 Removal Log.Report follows after line.------------------------------------The JavaRa removal process was started on Thu Jul 17 01:14:51 2014 There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-ABCDEFFDCBA}. The error returned was 124. There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0001-ABCDEFFDCBA}. The error returned was 124. There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0002-ABCDEFFDCBA}. The error returned was 124. There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0003-ABCDEFFDCBA}. The error returned was 124. There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0004-ABCDEFFDCBA}. The error returned was 124. There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0005-ABCDEFFDCBA}. The error returned was 124. There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0006-ABCDEFFDCBA}. The error returned was 124. There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0007-ABCDEFFDCBA}. The error returned was 124. There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0008-ABCDEFFDCBA}. The error returned was 124. There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0009-ABCDEFFDCBA}. The error returned was 124. There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0010-ABCDEFFDCBA}. The error returned was 124. There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0011-ABCDEFFDCBA}. The error returned was 124. There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0012-ABCDEFFDCBA}. The error returned was 124. There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0013-ABCDEFFDCBA}. The error returned was 124. There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0014-ABCDEFFDCBA}. The error returned was 124. There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0015-ABCDEFFDCBA}. The error returned was 124. There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0016-ABCDEFFDCBA}. The error returned was 124. There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0017-ABCDEFFDCBA}. The error returned was 124. There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0018-ABCDEFFDCBA}. The error returned was 124. There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0019-ABCDEFFDCBA}. The error returned was 124. There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0020-ABCDEFFDCBA}. The error returned was 124. There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0021-ABCDEFFDCBA}. The error returned was 124. There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0022-ABCDEFFDCBA}. The error returned was 124. Found and removed: SOFTWARE\Classes\CLSID\{08B0E5C0-4FCB-11CF-AAA5-00401C608501} Found and removed: SOFTWARE\Classes\CLSID\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-DEC7-0000-0001-ABCDEFFEDCBA} Found and removed: SOFTWARE\Classes\CLSID\{DBC80044-A445-435b-BC74-9C25C1C588A9} Found and removed: SOFTWARE\Classes\Interface\{5852F5EC-8BF4-11D4-A245-0080C6F74284} Found and removed: SOFTWARE\Classes\MIME\Database\Content Type\application/java-deployment-toolkit Found and removed: SOFTWARE\Classes\TypeLib\{5852F5E0-8BF4-11D4-A245-0080C6F74284} Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects Found and removed: SOFTWARE\JavaSoft Found and removed: SOFTWARE\JreMetricsFound and removed: SOFTWARE\MozillaPlugins ------------------------------------Finished reporting. Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 15-07-2014 01 Ran by Patrick (administrator) on PATRICK-PC on 17-07-2014 01:23:07 Running from C:\Users\Patrick\Downloads Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Nederlands (Nederland) Internet Explorer Version 11 Boot Mode: Normal The only official download link for FRST: Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/ Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/ Download link from any site other than Bleeping Computer is unpermitted or outdated. See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (Acer Incorporated) C:\Program Files (x86)\Acer\Registration\GREGsvc.exe (Acer Incorporated) C:\Program Files\Acer\Acer Updater\UpdaterService.exe (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe (Symantec Corporation) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe () C:\Windows\SysWOW64\PnkBstrA.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe () C:\Program Files\Plantronics\GameCom780\GameCom780.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (Akamai Technologies, Inc.) C:\Users\Patrick\AppData\Local\Akamai\netsession_win.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (Akamai Technologies, Inc.) C:\Users\Patrick\AppData\Local\Akamai\netsession_win.exe (Egis Technology Inc.) C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe (Egis Technology Inc.) C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe () C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (Egis Technology Inc.) C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe (Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe (Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Reader 11.0\Reader\reader_sl.exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11580520 2010-11-11] (Realtek Semiconductor) HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [1271072 2014-03-11] (Microsoft Corporation) HKLM\...\Run: [GamecomSound] => C:\Program Files\Plantronics\GameCom780\GameCom780.exe [777448 2011-12-01] () HKLM\...\Run: [Nvtmru] => "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe" HKLM\...\Run: [shadowPlay] => C:\Windows\system32\nvspcap64.dll [1279480 2014-05-30] (NVIDIA Corporation) HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2352072 2014-05-30] (NVIDIA Corporation) HKLM-x32\...\Run: [suiteTray] => C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe [340848 2011-04-02] (Egis Technology Inc.) HKLM-x32\...\Run: [EgisTecPMMUpdate] => C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe [408432 2011-03-29] (Egis Technology Inc.) HKLM-x32\...\Run: [EgisUpdate] => C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe [202608 2011-03-29] (Egis Technology Inc.) HKLM-x32\...\Run: [Hotkey Utility] => C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe [627304 2011-08-11] () HKLM-x32\...\Run: [KiesTrayAgent] => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated) HKU\.DEFAULT\...\RunOnce: [isMyWinLockerReboot] - msiexec.exe /qn /x{voidguid} HKU\S-1-5-19\...\RunOnce: [isMyWinLockerReboot] - msiexec.exe /qn /x{voidguid} HKU\S-1-5-20\...\RunOnce: [isMyWinLockerReboot] - msiexec.exe /qn /x{voidguid} HKU\S-1-5-21-6045758-1717323391-879862430-1001\...\Run: [Akamai NetSession Interface] => C:\Users\Patrick\AppData\Local\Akamai\netsession_win.exe [4440896 2012-08-10] (Akamai Technologies, Inc.) HKU\S-1-5-21-6045758-1717323391-879862430-1001\...\Run: [] => C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe HKU\S-1-5-21-6045758-1717323391-879862430-1001\...\MountPoints2: {94c89b52-511a-11e1-a331-806e6f6e6963} - E:\setup.exe ==================== Internet (Whitelisted) ==================== HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://acer.msn.com HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://acer.nl.msn.com/ HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xE35952EA1F28CF01 HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = nl-NL HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://dnf.neople.com/ StartMenuInternet: IEXPLORE.EXE - iexplore.exe SearchScopes: HKLM - DefaultScope value is missing. SearchScopes: HKLM-x32 - DefaultScope value is missing. SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&r=408 BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) DPF: HKLM-x32 {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 FireFox: ======== FF ProfilePath: C:\Users\Patrick\AppData\Roaming\Mozilla\Firefox\Profiles\uh0a2ezk.default FF SelectedSearchEngine: user_pref("browser.search.selectedEngine", ""); FF Homepage: https://www.youtube.com/ FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_145.dll () FF Plugin: @java.com/DTPlugin,version=10.7.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation) FF Plugin: @microsoft.com/GENUINE - disabled No File FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation) FF Plugin HKCU: ubisoft.com/uplaypc - C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll No File FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.) FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\bolcom-nl.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\marktplaats-nl.xml FF Extension: Adblock Plus Pop-up Addon - C:\Users\Patrick\AppData\Roaming\Mozilla\Firefox\Profiles\uh0a2ezk.default\Extensions\adblockpopups@jessehakanen.net.xpi [2014-04-13] FF Extension: Adblock Plus - C:\Users\Patrick\AppData\Roaming\Mozilla\Firefox\Profiles\uh0a2ezk.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2012-05-11] ==================== Services (Whitelisted) ================= R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation) R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation) R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2014-03-11] (Microsoft Corporation) R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [347872 2014-03-11] (Microsoft Corporation) R2 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2804568 2010-06-02] (Symantec Corporation) S3 npggsvc; C:\Windows\SysWOW64\GameMon.des [4390376 2011-07-17] (INCA Internet Co., Ltd.) [File not signed] R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1631008 2014-05-30] (NVIDIA Corporation) R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [21055432 2014-05-30] (NVIDIA Corporation) R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2013-03-29] () ==================== Drivers (Whitelisted) ==================== R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-05-12] (Malwarebytes Corporation) R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [122584 2014-07-17] (Malwarebytes Corporation) R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-05-12] (Malwarebytes Corporation) R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [268512 2014-01-25] (Microsoft Corporation) R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [133928 2014-03-11] (Microsoft Corporation) S3 NPPTNT2; C:\Windows\SysWOW64\npptNT2.sys [4682 2004-12-31] (INCA Internet Co., Ltd.) [File not signed] R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [20256 2014-05-30] (NVIDIA Corporation) R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [40392 2014-03-31] (NVIDIA Corporation) R3 PlantronicsGC; C:\Windows\System32\drivers\PLTGC.sys [1327104 2011-11-05] (C-Media Electronics Inc) S3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [42184 2014-05-17] (Anchorfree Inc.) S3 dump_wmimmc; \??\C:\ijji\ENGLISH\Gunz\GameGuard\dump_wmimmc.sys [X] S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X] S3 sf; \??\C:\AeriaGames\SoldierFront\avital\soldierf64.sys [X] S3 X6va011; \??\C:\Windows\SysWOW64\Drivers\X6va011 [X] S3 XFDriver64; \??\C:\Program Files (x86)\Xfire2\XFDriver64.sys [X] ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2014-07-17 01:16 - 2014-07-17 01:16 - 00448512 _____ (OldTimer Tools) C:\Users\Patrick\Downloads\TFC.exe 2014-07-17 01:15 - 2014-07-17 01:15 - 00004200 _____ () C:\Users\Patrick\Desktop\Nieuw tekstdocument.txt 2014-07-17 01:14 - 2014-07-17 01:14 - 00004320 _____ () C:\JavaRa.log 2014-07-17 01:13 - 2014-07-17 01:13 - 00000000 ____D () C:\Users\Patrick\Desktop\RemoveJava 2014-07-17 01:12 - 2014-07-17 01:12 - 00165483 _____ () C:\Users\Patrick\Downloads\JavaRa-1.16-28-5-13.zip 2014-07-17 01:11 - 2012-05-04 19:29 - 00772504 _____ (Oracle Corporation) C:\Windows\SysWOW64\npDeployJava1.dll 2014-07-17 01:11 - 2012-05-04 19:29 - 00687504 _____ (Oracle Corporation) C:\Windows\SysWOW64\deployJava1.dll 2014-07-17 00:43 - 2014-07-17 00:43 - 00034214 _____ () C:\Users\Patrick\Downloads\Addition.txt 2014-07-17 00:41 - 2014-07-17 01:23 - 00010991 _____ () C:\Users\Patrick\Downloads\FRST.txt 2014-07-17 00:41 - 2014-07-17 00:41 - 02086912 _____ (Farbar) C:\Users\Patrick\Downloads\FRST64.exe 2014-07-16 22:44 - 2014-07-16 22:44 - 02347384 _____ (ESET) C:\Users\Patrick\Downloads\esetsmartinstaller_enu.exe 2014-07-16 22:38 - 2014-07-16 22:41 - 00000000 ____D () C:\AdwCleaner 2014-07-16 22:38 - 2014-07-16 22:38 - 01348263 _____ () C:\Users\Patrick\Downloads\AdwCleaner.exe 2014-07-16 22:36 - 2014-07-16 22:36 - 00001617 _____ () C:\Users\Patrick\Desktop\JRT.txt 2014-07-16 22:31 - 2014-07-16 22:31 - 01016261 _____ (Thisisu) C:\Users\Patrick\Downloads\JRT.exe 2014-07-16 11:59 - 2014-07-16 23:16 - 00000000 ____D () C:\Users\Patrick\AppData\Local\CrashDumps 2014-07-16 09:45 - 2014-07-16 09:50 - 00030312 _____ () C:\Windows\system32\Drivers\TrueSight.sys 2014-07-16 09:45 - 2014-07-16 09:45 - 05336664 _____ () C:\Users\Patrick\Downloads\RogueKillerX64.exe 2014-07-16 09:45 - 2014-07-16 09:45 - 00000000 ____D () C:\ProgramData\RogueKiller 2014-07-15 23:54 - 2014-07-17 01:20 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2014-07-15 23:54 - 2014-07-15 23:54 - 00001062 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk 2014-07-15 23:54 - 2014-07-15 23:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware 2014-07-15 23:54 - 2014-07-15 23:54 - 00000000 ____D () C:\ProgramData\Malwarebytes 2014-07-15 23:54 - 2014-07-15 23:54 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware 2014-07-15 23:54 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys 2014-07-15 23:54 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys 2014-07-15 23:54 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys 2014-07-15 23:53 - 2014-07-15 23:53 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Patrick\Downloads\mbam-setup-2.0.2.1012(1).exe 2014-07-15 23:51 - 2014-07-15 23:51 - 00321848 _____ (Malwarebytes Corporation) C:\Users\Patrick\Downloads\mbam-clean-2.1.1.1001.exe 2014-07-15 23:47 - 2014-07-15 23:48 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Patrick\Downloads\mbam-setup-2.0.2.1012.exe 2014-07-15 23:44 - 2014-07-15 23:44 - 00791393 _____ (Lars Hederer ) C:\Users\Patrick\Downloads\erunt-setup.exe 2014-07-15 23:44 - 2014-07-15 23:44 - 00000884 _____ () C:\Users\Patrick\Desktop\NTREGOPT.lnk 2014-07-15 23:44 - 2014-07-15 23:44 - 00000884 _____ () C:\Users\Gast\Desktop\NTREGOPT.lnk 2014-07-15 23:44 - 2014-07-15 23:44 - 00000865 _____ () C:\Users\Patrick\Desktop\ERUNT.lnk 2014-07-15 23:44 - 2014-07-15 23:44 - 00000865 _____ () C:\Users\Gast\Desktop\ERUNT.lnk 2014-07-15 23:44 - 2014-07-15 23:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ERUNT 2014-07-15 23:44 - 2014-07-15 23:44 - 00000000 ____D () C:\Program Files (x86)\ERUNT 2014-07-15 23:42 - 2014-07-15 23:43 - 00002038 _____ () C:\Users\Patrick\Desktop\Rkill.txt 2014-07-15 23:42 - 2014-07-15 23:42 - 01942776 _____ (Bleeping Computer, LLC) C:\Users\Patrick\Downloads\iExplore.exe 2014-07-15 23:42 - 2014-07-15 23:42 - 01062136 _____ (Bleeping Computer, LLC) C:\Users\Patrick\Downloads\iExplore64.exe 2014-07-15 10:23 - 2014-07-15 10:23 - 00000221 _____ () C:\Users\Patrick\Desktop\Mount & Blade Warband.url 2014-07-10 23:01 - 2014-07-17 01:23 - 00000000 ____D () C:\FRST 2014-07-09 19:53 - 2014-06-20 22:14 - 00266424 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll 2014-07-09 19:53 - 2014-06-20 21:39 - 00240824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll 2014-07-09 19:53 - 2014-06-19 03:39 - 23464448 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2014-07-09 19:53 - 2014-06-19 03:06 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2014-07-09 19:53 - 2014-06-19 03:06 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll 2014-07-09 19:53 - 2014-06-19 02:48 - 02768384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2014-07-09 19:53 - 2014-06-19 02:42 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2014-07-09 19:53 - 2014-06-19 02:42 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2014-07-09 19:53 - 2014-06-19 02:41 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll 2014-07-09 19:53 - 2014-06-19 02:41 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll 2014-07-09 19:53 - 2014-06-19 02:32 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2014-07-09 19:53 - 2014-06-19 02:31 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2014-07-09 19:53 - 2014-06-19 02:26 - 00598016 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2014-07-09 19:53 - 2014-06-19 02:24 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2014-07-09 19:53 - 2014-06-19 02:24 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2014-07-09 19:53 - 2014-06-19 02:23 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2014-07-09 19:53 - 2014-06-19 02:16 - 17276416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2014-07-09 19:53 - 2014-06-19 02:14 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe 2014-07-09 19:53 - 2014-06-19 02:09 - 00452608 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2014-07-09 19:53 - 2014-06-19 01:59 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll 2014-07-09 19:53 - 2014-06-19 01:56 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2014-07-09 19:53 - 2014-06-19 01:53 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2014-07-09 19:53 - 2014-06-19 01:51 - 05721088 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2014-07-09 19:53 - 2014-06-19 01:50 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2014-07-09 19:53 - 2014-06-19 01:48 - 00292864 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2014-07-09 19:53 - 2014-06-19 01:39 - 00608768 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2014-07-09 19:53 - 2014-06-19 01:38 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2014-07-09 19:53 - 2014-06-19 01:37 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2014-07-09 19:53 - 2014-06-19 01:36 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll 2014-07-09 19:53 - 2014-06-19 01:35 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll 2014-07-09 19:53 - 2014-06-19 01:33 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2014-07-09 19:53 - 2014-06-19 01:32 - 02179072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2014-07-09 19:53 - 2014-06-19 01:28 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2014-07-09 19:53 - 2014-06-19 01:28 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2014-07-09 19:53 - 2014-06-19 01:27 - 02040832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2014-07-09 19:53 - 2014-06-19 01:27 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll 2014-07-09 19:53 - 2014-06-19 01:25 - 00442368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2014-07-09 19:53 - 2014-06-19 01:23 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe 2014-07-09 19:53 - 2014-06-19 01:22 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll 2014-07-09 19:53 - 2014-06-19 01:12 - 00367616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll 2014-07-09 19:53 - 2014-06-19 01:06 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll 2014-07-09 19:53 - 2014-06-19 01:01 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll 2014-07-09 19:53 - 2014-06-19 00:59 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2014-07-09 19:53 - 2014-06-19 00:58 - 02266112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2014-07-09 19:53 - 2014-06-19 00:58 - 00239616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll 2014-07-09 19:53 - 2014-06-19 00:52 - 04254720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2014-07-09 19:53 - 2014-06-19 00:51 - 13527040 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2014-07-09 19:53 - 2014-06-19 00:49 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2014-07-09 19:53 - 2014-06-19 00:46 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll 2014-07-09 19:53 - 2014-06-19 00:45 - 01964544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2014-07-09 19:53 - 2014-06-19 00:35 - 11742208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2014-07-09 19:53 - 2014-06-19 00:34 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2014-07-09 19:53 - 2014-06-19 00:15 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2014-07-09 19:53 - 2014-06-19 00:13 - 01791488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2014-07-09 19:53 - 2014-06-19 00:09 - 01139200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2014-07-09 19:53 - 2014-06-19 00:07 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2014-07-09 19:46 - 2014-06-30 04:09 - 00519168 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll 2014-07-09 19:46 - 2014-06-30 04:04 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll 2014-07-09 19:46 - 2014-06-18 04:18 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe 2014-07-09 19:46 - 2014-06-18 03:51 - 00646144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\osk.exe 2014-07-09 19:46 - 2014-06-18 03:10 - 03157504 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2014-07-09 19:46 - 2014-06-06 12:10 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll 2014-07-09 19:46 - 2014-06-06 11:44 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll 2014-07-09 19:46 - 2014-06-05 16:45 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll 2014-07-09 19:46 - 2014-06-05 16:26 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll 2014-07-09 19:46 - 2014-06-05 16:25 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll 2014-07-09 19:46 - 2014-05-30 10:08 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll 2014-07-09 19:46 - 2014-05-30 10:08 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll 2014-07-09 19:46 - 2014-05-30 10:08 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll 2014-07-09 19:46 - 2014-05-30 10:08 - 00307200 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll 2014-07-09 19:46 - 2014-05-30 10:08 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll 2014-07-09 19:46 - 2014-05-30 10:08 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll 2014-07-09 19:46 - 2014-05-30 10:08 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll 2014-07-09 19:46 - 2014-05-30 09:52 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll 2014-07-09 19:46 - 2014-05-30 09:52 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll 2014-07-09 19:46 - 2014-05-30 09:52 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll 2014-07-09 19:46 - 2014-05-30 09:52 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll 2014-07-09 19:46 - 2014-05-30 09:52 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll 2014-07-09 19:46 - 2014-05-30 09:52 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll 2014-07-09 19:46 - 2014-05-30 09:52 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll 2014-07-09 19:46 - 2014-05-30 08:45 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys 2014-07-08 19:33 - 2014-07-08 19:33 - 00000000 ____D () C:\Users\Patrick\AppData\Local\Adobe 2014-07-08 14:34 - 2014-07-15 23:28 - 00000000 ____D () C:\Program Files (x86)\Hazard Ops 2014-07-07 19:48 - 2014-07-15 23:26 - 00000000 ____D () C:\Users\Patrick\AppData\Local\QQSM 2014-07-07 19:08 - 2014-07-08 14:42 - 00000000 ____D () C:\ProgramData\Solid State Networks 2014-07-06 12:09 - 2014-07-06 12:09 - 09686176 _____ (Perfect World Entertainment) C:\Users\Patrick\Downloads\ArcInstall_v20140625a.exe 2014-07-05 01:43 - 2014-07-05 01:43 - 00000000 ____D () C:\Users\Patrick\AppData\Roaming\Nero 2014-06-23 15:44 - 2012-03-25 10:26 - 00115272 _____ (MotioninJoy) C:\Windows\system32\Drivers\MijXfilt.sys 2014-06-18 16:15 - 2014-06-18 16:15 - 01058200 _____ (Adobe) C:\Users\Patrick\Downloads\install_flashplayer14x32au_mssd_aaa_aih.exe 2014-06-18 04:58 - 2014-06-18 04:59 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox ==================== One Month Modified Files and Folders ======= 2014-07-17 01:23 - 2014-07-17 00:41 - 00010991 _____ () C:\Users\Patrick\Downloads\FRST.txt 2014-07-17 01:23 - 2014-07-10 23:01 - 00000000 ____D () C:\FRST 2014-07-17 01:23 - 2012-02-07 01:21 - 02097079 _____ () C:\Windows\WindowsUpdate.log 2014-07-17 01:20 - 2014-07-15 23:54 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2014-07-17 01:20 - 2012-02-07 01:22 - 00000000 ____D () C:\ProgramData\NVIDIA 2014-07-17 01:20 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2014-07-17 01:20 - 2009-07-14 06:51 - 00133495 _____ () C:\Windows\setupact.log 2014-07-17 01:16 - 2014-07-17 01:16 - 00448512 _____ (OldTimer Tools) C:\Users\Patrick\Downloads\TFC.exe 2014-07-17 01:16 - 2012-05-11 14:30 - 00000940 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job 2014-07-17 01:15 - 2014-07-17 01:15 - 00004200 _____ () C:\Users\Patrick\Desktop\Nieuw tekstdocument.txt 2014-07-17 01:14 - 2014-07-17 01:14 - 00004320 _____ () C:\JavaRa.log 2014-07-17 01:13 - 2014-07-17 01:13 - 00000000 ____D () C:\Users\Patrick\Desktop\RemoveJava 2014-07-17 01:12 - 2014-07-17 01:12 - 00165483 _____ () C:\Users\Patrick\Downloads\JavaRa-1.16-28-5-13.zip 2014-07-17 00:43 - 2014-07-17 00:43 - 00034214 _____ () C:\Users\Patrick\Downloads\Addition.txt 2014-07-17 00:41 - 2014-07-17 00:41 - 02086912 _____ (Farbar) C:\Users\Patrick\Downloads\FRST64.exe 2014-07-16 23:39 - 2012-09-05 19:04 - 00000000 ____D () C:\Users\Patrick\AppData\Local\Akamai 2014-07-16 23:16 - 2014-07-16 11:59 - 00000000 ____D () C:\Users\Patrick\AppData\Local\CrashDumps 2014-07-16 22:49 - 2009-07-14 06:45 - 00016976 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2014-07-16 22:49 - 2009-07-14 06:45 - 00016976 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2014-07-16 22:44 - 2014-07-16 22:44 - 02347384 _____ (ESET) C:\Users\Patrick\Downloads\esetsmartinstaller_enu.exe 2014-07-16 22:41 - 2014-07-16 22:38 - 00000000 ____D () C:\AdwCleaner 2014-07-16 22:41 - 2010-11-21 05:47 - 00658770 _____ () C:\Windows\PFRO.log 2014-07-16 22:38 - 2014-07-16 22:38 - 01348263 _____ () C:\Users\Patrick\Downloads\AdwCleaner.exe 2014-07-16 22:36 - 2014-07-16 22:36 - 00001617 _____ () C:\Users\Patrick\Desktop\JRT.txt 2014-07-16 22:31 - 2014-07-16 22:31 - 01016261 _____ (Thisisu) C:\Users\Patrick\Downloads\JRT.exe 2014-07-16 21:38 - 2012-05-11 14:57 - 00000000 ____D () C:\Program Files (x86)\Steam 2014-07-16 09:50 - 2014-07-16 09:45 - 00030312 _____ () C:\Windows\system32\Drivers\TrueSight.sys 2014-07-16 09:45 - 2014-07-16 09:45 - 05336664 _____ () C:\Users\Patrick\Downloads\RogueKillerX64.exe 2014-07-16 09:45 - 2014-07-16 09:45 - 00000000 ____D () C:\ProgramData\RogueKiller 2014-07-15 23:54 - 2014-07-15 23:54 - 00001062 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk 2014-07-15 23:54 - 2014-07-15 23:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware 2014-07-15 23:54 - 2014-07-15 23:54 - 00000000 ____D () C:\ProgramData\Malwarebytes 2014-07-15 23:54 - 2014-07-15 23:54 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware 2014-07-15 23:53 - 2014-07-15 23:53 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Patrick\Downloads\mbam-setup-2.0.2.1012(1).exe 2014-07-15 23:51 - 2014-07-15 23:51 - 00321848 _____ (Malwarebytes Corporation) C:\Users\Patrick\Downloads\mbam-clean-2.1.1.1001.exe 2014-07-15 23:48 - 2014-07-15 23:47 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Patrick\Downloads\mbam-setup-2.0.2.1012.exe 2014-07-15 23:45 - 2013-07-08 16:27 - 00000000 ____D () C:\Windows\ERDNT 2014-07-15 23:44 - 2014-07-15 23:44 - 00791393 _____ (Lars Hederer ) C:\Users\Patrick\Downloads\erunt-setup.exe 2014-07-15 23:44 - 2014-07-15 23:44 - 00000884 _____ () C:\Users\Patrick\Desktop\NTREGOPT.lnk 2014-07-15 23:44 - 2014-07-15 23:44 - 00000884 _____ () C:\Users\Gast\Desktop\NTREGOPT.lnk 2014-07-15 23:44 - 2014-07-15 23:44 - 00000865 _____ () C:\Users\Patrick\Desktop\ERUNT.lnk 2014-07-15 23:44 - 2014-07-15 23:44 - 00000865 _____ () C:\Users\Gast\Desktop\ERUNT.lnk 2014-07-15 23:44 - 2014-07-15 23:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ERUNT 2014-07-15 23:44 - 2014-07-15 23:44 - 00000000 ____D () C:\Program Files (x86)\ERUNT 2014-07-15 23:43 - 2014-07-15 23:42 - 00002038 _____ () C:\Users\Patrick\Desktop\Rkill.txt 2014-07-15 23:42 - 2014-07-15 23:42 - 01942776 _____ (Bleeping Computer, LLC) C:\Users\Patrick\Downloads\iExplore.exe 2014-07-15 23:42 - 2014-07-15 23:42 - 01062136 _____ (Bleeping Computer, LLC) C:\Users\Patrick\Downloads\iExplore64.exe 2014-07-15 23:29 - 2012-05-11 12:50 - 00000000 ____D () C:\Users\Patrick 2014-07-15 23:29 - 2010-11-21 09:17 - 00000000 ____D () C:\Program Files\Windows Journal 2014-07-15 23:28 - 2014-07-08 14:34 - 00000000 ____D () C:\Program Files (x86)\Hazard Ops 2014-07-15 23:28 - 2014-05-02 20:59 - 00000000 ___SD () C:\Windows\system32\CompatTel 2014-07-15 23:28 - 2013-05-09 09:11 - 00000000 ____D () C:\Users\Patrick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games 2014-07-15 23:28 - 2012-09-27 23:17 - 00000000 ____D () C:\Users\Gast 2014-07-15 23:28 - 2012-05-11 15:16 - 00000000 ____D () C:\Windows\system32\Macromed 2014-07-15 23:28 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\Dism 2014-07-15 23:28 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\NDF 2014-07-15 23:28 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\Dism 2014-07-15 23:28 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache 2014-07-15 23:28 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\registration 2014-07-15 23:28 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PolicyDefinitions 2014-07-15 23:28 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\AppCompat 2014-07-15 23:26 - 2014-07-07 19:48 - 00000000 ____D () C:\Users\Patrick\AppData\Local\QQSM 2014-07-15 23:26 - 2009-07-14 05:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared 2014-07-15 10:23 - 2014-07-15 10:23 - 00000221 _____ () C:\Users\Patrick\Desktop\Mount & Blade Warband.url 2014-07-10 22:51 - 2013-07-10 06:53 - 00000000 ____D () C:\Windows\system32\MRT 2014-07-09 20:50 - 2012-02-02 18:30 - 00745764 _____ () C:\Windows\system32\perfh013.dat 2014-07-09 20:50 - 2012-02-02 18:30 - 00153716 _____ () C:\Windows\system32\perfc013.dat 2014-07-09 20:50 - 2009-07-14 07:13 - 01670960 _____ () C:\Windows\system32\PerfStringBackup.INI 2014-07-09 20:09 - 2009-07-14 06:45 - 00276968 _____ () C:\Windows\system32\FNTCACHE.DAT 2014-07-09 19:55 - 2012-05-14 12:36 - 96441528 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2014-07-09 14:05 - 2012-08-04 14:57 - 00000000 ____D () C:\Users\Patrick\Documents\My Games 2014-07-09 12:16 - 2012-05-11 14:30 - 00699056 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2014-07-09 12:16 - 2012-05-11 14:30 - 00003878 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater 2014-07-09 12:16 - 2011-07-11 12:28 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2014-07-08 19:33 - 2014-07-08 19:33 - 00000000 ____D () C:\Users\Patrick\AppData\Local\Adobe 2014-07-08 14:42 - 2014-07-07 19:08 - 00000000 ____D () C:\ProgramData\Solid State Networks 2014-07-06 13:00 - 2014-04-23 20:33 - 00000000 ____D () C:\Program Files (x86)\Perfect World Entertainment 2014-07-06 13:00 - 2011-07-11 11:58 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information 2014-07-06 12:09 - 2014-07-06 12:09 - 09686176 _____ (Perfect World Entertainment) C:\Users\Patrick\Downloads\ArcInstall_v20140625a.exe 2014-07-05 01:49 - 2013-05-09 09:07 - 00000000 ____D () C:\Users\Public\Games 2014-07-05 01:43 - 2014-07-05 01:43 - 00000000 ____D () C:\Users\Patrick\AppData\Roaming\Nero 2014-06-30 04:09 - 2014-07-09 19:46 - 00519168 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll 2014-06-30 04:04 - 2014-07-09 19:46 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll 2014-06-23 15:52 - 2011-07-11 12:00 - 00639037 _____ () C:\Windows\DirectX.log 2014-06-20 22:14 - 2014-07-09 19:53 - 00266424 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll 2014-06-20 21:39 - 2014-07-09 19:53 - 00240824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll 2014-06-20 01:45 - 2013-04-04 20:26 - 00000000 ____D () C:\Users\Patrick\AppData\Local\Warframe 2014-06-19 23:02 - 2014-06-08 21:54 - 00000000 ____D () C:\Program Files\My Vapor Record 2014-06-19 14:04 - 2012-05-11 14:29 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service 2014-06-19 03:39 - 2014-07-09 19:53 - 23464448 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2014-06-19 03:06 - 2014-07-09 19:53 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2014-06-19 03:06 - 2014-07-09 19:53 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll 2014-06-19 02:48 - 2014-07-09 19:53 - 02768384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2014-06-19 02:42 - 2014-07-09 19:53 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2014-06-19 02:42 - 2014-07-09 19:53 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2014-06-19 02:41 - 2014-07-09 19:53 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll 2014-06-19 02:41 - 2014-07-09 19:53 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll 2014-06-19 02:32 - 2014-07-09 19:53 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2014-06-19 02:31 - 2014-07-09 19:53 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2014-06-19 02:26 - 2014-07-09 19:53 - 00598016 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2014-06-19 02:24 - 2014-07-09 19:53 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2014-06-19 02:24 - 2014-07-09 19:53 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2014-06-19 02:23 - 2014-07-09 19:53 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2014-06-19 02:16 - 2014-07-09 19:53 - 17276416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2014-06-19 02:14 - 2014-07-09 19:53 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe 2014-06-19 02:09 - 2014-07-09 19:53 - 00452608 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2014-06-19 01:59 - 2014-07-09 19:53 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll 2014-06-19 01:56 - 2014-07-09 19:53 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2014-06-19 01:53 - 2014-07-09 19:53 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2014-06-19 01:51 - 2014-07-09 19:53 - 05721088 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2014-06-19 01:50 - 2014-07-09 19:53 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2014-06-19 01:48 - 2014-07-09 19:53 - 00292864 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2014-06-19 01:39 - 2014-07-09 19:53 - 00608768 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2014-06-19 01:38 - 2014-07-09 19:53 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2014-06-19 01:37 - 2014-07-09 19:53 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2014-06-19 01:36 - 2014-07-09 19:53 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll 2014-06-19 01:35 - 2014-07-09 19:53 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll 2014-06-19 01:33 - 2014-07-09 19:53 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2014-06-19 01:32 - 2014-07-09 19:53 - 02179072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2014-06-19 01:28 - 2014-07-09 19:53 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2014-06-19 01:28 - 2014-07-09 19:53 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2014-06-19 01:27 - 2014-07-09 19:53 - 02040832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2014-06-19 01:27 - 2014-07-09 19:53 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll 2014-06-19 01:25 - 2014-07-09 19:53 - 00442368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2014-06-19 01:23 - 2014-07-09 19:53 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe 2014-06-19 01:22 - 2014-07-09 19:53 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll 2014-06-19 01:12 - 2014-07-09 19:53 - 00367616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll 2014-06-19 01:06 - 2014-07-09 19:53 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll 2014-06-19 01:01 - 2014-07-09 19:53 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll 2014-06-19 00:59 - 2014-07-09 19:53 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2014-06-19 00:58 - 2014-07-09 19:53 - 02266112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2014-06-19 00:58 - 2014-07-09 19:53 - 00239616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll 2014-06-19 00:52 - 2014-07-09 19:53 - 04254720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2014-06-19 00:51 - 2014-07-09 19:53 - 13527040 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2014-06-19 00:49 - 2014-07-09 19:53 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2014-06-19 00:46 - 2014-07-09 19:53 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll 2014-06-19 00:45 - 2014-07-09 19:53 - 01964544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2014-06-19 00:35 - 2014-07-09 19:53 - 11742208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2014-06-19 00:34 - 2014-07-09 19:53 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2014-06-19 00:34 - 2014-05-07 15:29 - 00000000 ____D () C:\Users\Patrick\AppData\Local\Windows Live 2014-06-19 00:15 - 2014-07-09 19:53 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2014-06-19 00:13 - 2014-07-09 19:53 - 01791488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2014-06-19 00:09 - 2014-07-09 19:53 - 01139200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2014-06-19 00:07 - 2014-07-09 19:53 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2014-06-18 16:15 - 2014-06-18 16:15 - 01058200 _____ (Adobe) C:\Users\Patrick\Downloads\install_flashplayer14x32au_mssd_aaa_aih.exe 2014-06-18 04:59 - 2014-06-18 04:58 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox 2014-06-18 04:18 - 2014-07-09 19:46 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe 2014-06-18 03:51 - 2014-07-09 19:46 - 00646144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\osk.exe 2014-06-18 03:10 - 2014-07-09 19:46 - 03157504 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys Files to move or delete: ==================== C:\ProgramData\DynuEncrypt.dll C:\Users\Patrick\random.dat ==================== Bamital & volsnap Check ================= C:\Windows\System32\winlogon.exe => File is digitally signed C:\Windows\System32\wininit.exe => File is digitally signed C:\Windows\SysWOW64\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\System32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\System32\services.exe => File is digitally signed C:\Windows\System32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\System32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\System32\rpcss.dll => File is digitally signed C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2014-07-09 17:17 ==================== End Of Log ============================ Additional scan result of Farbar Recovery Scan Tool (x64) Version: 15-07-2014 01 Ran by Patrick at 2014-07-17 01:24:04 Running from C:\Users\Patrick\Downloads Boot Mode: Normal ========================================================== ==================== Security Center ======================== AV: Microsoft Security Essentials (Enabled - Up to date) {641105E6-77ED-3F35-A304-765193BCB75F} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Microsoft Security Essentials (Enabled - Up to date) {DF70E402-51D7-30BB-99B4-4D23E83BFDE2} ==================== Installed Programs ====================== Acer eRecovery Management (HKLM-x32\...\{7F811A54-5A09-4579-90E1-C93498E230D9}) (Version: 5.00.3505 - Acer Incorporated) Acer Registration (HKLM-x32\...\Acer Registration) (Version: 1.04.3503 - Acer Incorporated) Acer ScreenSaver (HKLM-x32\...\Acer Screensaver) (Version: 1.1.0609.2011 - Acer Incorporated) Acer Updater (HKLM-x32\...\{EE171732-BEB4-4576-887D-CB62727F01CA}) (Version: 1.02.3500 - Acer Incorporated) Adobe Flash Player 14 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 14.0.0.145 - Adobe Systems Incorporated) Adobe Flash Player 14 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 14.0.0.145 - Adobe Systems Incorporated) Adobe Reader XI (11.0.07) - Nederlands (HKLM-x32\...\{AC76BA86-7AD7-1043-7B44-AB0000000001}) (Version: 11.0.07 - Adobe Systems Incorporated) Akamai NetSession Interface (HKCU\...\Akamai) (Version: - Akamai Technologies, Inc) Bandisoft MPEG-1 Decoder (HKLM-x32\...\BandiMPEG1) (Version: - ) D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden ERUNT 1.1j (HKLM-x32\...\ERUNT_is1) (Version: - Lars Hederer) Evernote v. 4.5.1 (HKLM-x32\...\{28921580-E4BB-11E0-9FD7-1CC1DEF07CBE}) (Version: 4.5.1.5451 - Evernote Corp.) Fotogalerija Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Futuremark SystemInfo (HKLM-x32\...\{BEE64C14-BEF1-4610-8A68-A16EAA47B882}) (Version: 4.15.0 - Futuremark Corporation) Galeria de Fotografias do Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Galería fotográfica de Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Galeria fotogràfica del Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Galeria fotografii usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Galerie de photos Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Galerie foto Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Hotkey Utility (HKLM-x32\...\Hotkey Utility) (Version: 2.05.3505 - Acer Incorporated) Identity Card (HKLM-x32\...\Identity Card) (Version: 1.00.3501 - Acer Incorporated) Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation) Intel® Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.1.0.1008 - Intel Corporation) Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden League of Legends (HKLM-x32\...\{92606477-9366-4D3B-8AE3-6BE4B29727AB}) (Version: 1.3 - Riot Games) Malwarebytes Anti-Malware versie 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation) Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation) Microsoft .NET Framework 4.5.1 (Nederlands) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1043) (Version: 4.5.50938 - Microsoft Corporation) Microsoft .NET Framework 4.5.1 (NLD) (Version: 4.5.50938 - Microsoft Corporation) Hidden Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}) (Version: 3.5.92.0 - Microsoft Corporation) Microsoft Games for Windows Marketplace (HKLM-x32\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation) Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation) Microsoft Security Client (Version: 4.5.0216.0 - Microsoft Corporation) Hidden Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.5.216.0 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation) Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation) Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation) Mozilla Firefox 30.0 (x86 nl) (HKLM-x32\...\Mozilla Firefox 30.0 (x86 nl)) (Version: 30.0 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla) MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation) MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation) MyWinLocker (Version: 4.0.14.25 - Egis Technology Inc.) Hidden MyWinLocker 4 (x32 Version: 4.0.14.25 - Egis Technology Inc.) Hidden MyWinLocker Suite (HKLM-x32\...\InstallShield_{17DF9714-60C9-43C9-A9C2-32BCAED44CBE}) (Version: 4.0.14.15 - Egis Technology Inc.) MyWinLocker Suite (x32 Version: 4.0.14.15 - Egis Technology Inc.) Hidden Nero Control Center 10 (x32 Version: 10.2.11100.1.1 - Nero AG) Hidden Nero ControlCenter 10 Help (CHM) (x32 Version: 10.5.10000 - Nero AG) Hidden Nero Core Components 10 (x32 Version: 2.0.18100.8.8 - Nero AG) Hidden Nero DiscSpeed 10 (HKLM-x32\...\{34490F4E-48D0-492E-8249-B48BECF0537C}) (Version: 6.2.10500.2.100 - Nero AG) Nero DiscSpeed 10 Help (CHM) (x32 Version: 10.5.10000 - Nero AG) Hidden Nero Express 10 (HKLM-x32\...\{70550193-1C22-445C-8FA4-564E155DB1A7}) (Version: 10.2.12000.21.100 - Nero AG) Nero Express 10 Help (CHM) (x32 Version: 10.5.10200 - Nero AG) Hidden Nero Multimedia Suite 10 Essentials (HKLM-x32\...\{62BF4BD3-B1F6-4FA2-8388-CC0647ACBF86}) (Version: 10.5.10300 - Nero AG) Nero StartSmart 10 (HKLM-x32\...\{F61D489E-6C44-49AC-AD02-7DA8ACA73A65}) (Version: 10.2.11600.14.100 - Nero AG) Nero StartSmart 10 Help (CHM) (x32 Version: 10.5.10000 - Nero AG) Hidden Nero Update (HKLM-x32\...\{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}) (Version: 1.0.0018 - Nero AG) Norton Online Backup (HKLM-x32\...\{40A66DF6-22D3-44B5-A7D3-83B118A2C0DC}) (Version: 2.1.17869 - Symantec Corporation) NVIDIA 3D Vision controllerstuurprogramma 337.88 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 337.88 - NVIDIA Corporation) NVIDIA 3D Vision stuurprogramma 337.88 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 337.88 - NVIDIA Corporation) NVIDIA GeForce Experience 2.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1 - NVIDIA Corporation) NVIDIA Grafisch stuurprogramma 337.88 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 337.88 - NVIDIA Corporation) NVIDIA HD Audio-stuurprogramma 1.3.30.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.30.1 - NVIDIA Corporation) NVIDIA Install Application (Version: 2.1002.157.1165 - NVIDIA Corporation) Hidden NVIDIA LED Visualizer 1.0 (Version: 1.0 - NVIDIA Corporation) Hidden NVIDIA Network Service (Version: 1.0 - NVIDIA Corporation) Hidden NVIDIA Optimus Update 14.6.22 (Version: 14.6.22 - NVIDIA Corporation) Hidden NVIDIA PhysX (x32 Version: 9.13.1220 - NVIDIA Corporation) Hidden NVIDIA PhysX systeemsoftware 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation) NVIDIA ShadowPlay 14.6.22 (Version: 14.6.22 - NVIDIA Corporation) Hidden NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.12.6514 - NVIDIA Corporation) Hidden NVIDIA Update 14.6.22 (Version: 14.6.22 - NVIDIA Corporation) Hidden NVIDIA Update Core (Version: 14.6.22 - NVIDIA Corporation) Hidden NVIDIA Virtual Audio 1.2.23 (Version: 1.2.23 - NVIDIA Corporation) Hidden NVIDIA-configuratiescherm 337.88 (Version: 337.88 - NVIDIA Corporation) Hidden OpenAL (HKLM-x32\...\OpenAL) (Version: - ) Plantronics® GameCom 780 Software for Dolby® Headphone (HKLM-x32\...\{EB3C9064-9140-4279-9E51-965119402151}) (Version: 1.00.0001 - Plantronics) Poczta usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Podstawowe programy Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Pošta Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.988 - Even Balance, Inc.) Raccolta foto di Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6242 - Realtek Semiconductor Corp.) SHIELD Streaming (Version: 2.1.214 - NVIDIA Corporation) Hidden Shredder (Version: 2.0.8.9 - Egis Technology Inc.) Hidden Shredder (x32 Version: 2.0.8.9 - Egis Technology Inc.) Hidden Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation) swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden Welcome Center (HKLM-x32\...\Acer Welcome Center) (Version: 1.02.3504 - Acer Incorporated) Windows Live Argazki Galeria (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation) Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Fotogaléria (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Fotogalerie (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Fotogalleri (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Fotoğraf Galerisi (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Fotótár (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Galeria de Fotos (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Galerija fotografija (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live ID Sign-in Assistant (Version: 7.250.4225.0 - Microsoft Corporation) Hidden Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Language Selector (Version: 15.4.3508.1109 - Microsoft Corporation) Hidden Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Mesh (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden Windows Live Remote Client (Version: 15.4.5722.2 - Microsoft Corporation) Hidden Windows Live Remote Client Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden Windows Live Remote Service (Version: 15.4.5722.2 - Microsoft Corporation) Hidden Windows Live Remote Service Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Temel Parçalar (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live 影像中心 (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live 程式集 (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Liven asennustyökalu (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Liven sähköposti (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Liven valokuvavalikoima (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden WinRAR 4.20 (64-bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH) Συλλογή φωτογραφιών του Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Основные компоненты Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Почта Windows Live (x32 Version: 15.4.3502.0922 - Корпорация Майкрософт) Hidden Фотоальбом Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Фотогалерия на Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden גלריית התמונות של Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden بريد Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden معرض صور Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden ==================== Restore Points ========================= 10-07-2014 20:34:28 Windows Update 10-07-2014 20:48:20 Windows Update 14-07-2014 09:21:46 Windows Update 15-07-2014 21:32:53 Windows Update 16-07-2014 23:09:59 Removed Java 7 Update 7 (64-bit) 16-07-2014 23:10:38 Removed Java 7 Update 55 16-07-2014 23:11:37 Removed JavaFX 2.1.1 ==================== Hosts content: ========================== 2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts ==================== Scheduled Tasks (whitelisted) ============= Task: {0FE833D6-1CC1-4D33-AD84-2DA4D5B307D0} - System32\Tasks\Adobe Reader Speed Launcher => C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe Task: {5C5FE30A-AAA1-4C2E-AD79-30544C05DA33} - System32\Tasks\Adobe ARM => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21] (Adobe Systems Incorporated) Task: {8DEBD8F5-E8CC-449C-BE51-2263C43011FE} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-07-09] (Adobe Systems Incorporated) Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe ==================== Loaded Modules (whitelisted) ============= 2012-05-23 18:47 - 2014-05-20 03:25 - 00116568 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll 2012-05-11 15:04 - 2013-03-29 16:39 - 00076888 _____ () C:\Windows\SysWOW64\PnkBstrA.exe 2013-04-04 16:38 - 2011-12-01 21:15 - 00777448 ____N () C:\Program Files\Plantronics\GameCom780\GameCom780.exe 2011-08-11 05:58 - 2011-08-11 05:58 - 00627304 _____ () C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe 2013-04-04 16:38 - 2011-12-01 21:16 - 00150760 ____N () C:\Program Files\Plantronics\GameCom780\VmixPLGC.dll 2011-08-11 05:57 - 2011-08-11 05:57 - 00151656 _____ () C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyHook.dll 2014-06-18 04:58 - 2014-06-18 04:58 - 03852912 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll 2014-02-14 17:17 - 2014-02-14 17:17 - 00169472 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\0a0467413a424068d1471448ff6ca6cc\IsdiInterop.ni.dll 2012-02-07 01:25 - 2010-11-06 09:50 - 00058880 _____ () C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IsdiInterop.dll ==================== Alternate Data Streams (whitelisted) ========= ==================== Safe Mode (whitelisted) =================== ==================== EXE Association (whitelisted) ============= ==================== MSCONFIG/TASK MANAGER disabled items ========= MSCONFIG\Services: HssSrv => 2 MSCONFIG\Services: HssTrayService => 3 MSCONFIG\Services: SkypeUpdate => 2 MSCONFIG\startupreg: KPeerNexonEU => C:\Nexon\NEXON_EU_Downloader\nxEULauncher.exe MSCONFIG\startupreg: Norton Online Backup => C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun MSCONFIG\startupreg: Steam => "C:\Program Files (x86)\Steam\Steam.exe" -silent ==================== Faulty Device Manager Devices ============= Name: 802.11n draadloze LAN-kaart Description: 802.11n draadloze LAN-kaart Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: Ralink Technology, Corp. Service: netr28x Problem: : This device is disabled. (Code 22) Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions. ==================== Event log errors: ========================= Application errors: ================== Error: (07/17/2014 01:23:02 AM) (Source: SideBySide) (EventID: 80) (User: ) Description: Kan activeringscontext voor C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1 niet maken. Fout in manifest of beleidsbestand C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2 op regel C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3. Een onderdeelversie die nodig is voor de toepassing conflicteert met een andere onderdeelversie die reeds actief is. Conflicterende onderdelen zijn: Onderdeel 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest. Onderdeel 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest. Error: (07/17/2014 01:22:06 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (07/16/2014 11:39:54 PM) (Source: MsiInstaller) (EventID: 11310) (User: Patrick-PC) Description: Product: Akamai NetSession Interface -- Error 1310. Error writing to file: C:\Users\Patrick\AppData\Local\Akamai\admintool.exe. System error 0. Verify that you have access to that directory. Error: (07/16/2014 11:39:33 PM) (Source: MsiInstaller) (EventID: 11310) (User: Patrick-PC) Description: Product: Akamai NetSession Interface -- Error 1310. Error writing to file: C:\Users\Patrick\AppData\Local\Akamai\admintool.exe. System error 0. Verify that you have access to that directory. Error: (07/16/2014 11:16:51 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Naam van toepassing met fout: plugin-container.exe, versie: 30.0.0.5269, tijdstempel: 0x53914233 Naam van module met fout: mozalloc.dll, versie: 30.0.0.5269, tijdstempel: 0x53911393 Uitzonderingscode: 0x80000003 Foutoffset: 0x0000141b Id van proces met fout: 0x115c Starttijd van toepassing met fout: 0xplugin-container.exe0 Pad naar toepassing met fout: plugin-container.exe1 Pad naar module met fout: plugin-container.exe2 Rapport-id: plugin-container.exe3 Error: (07/16/2014 11:01:38 PM) (Source: SideBySide) (EventID: 80) (User: ) Description: Kan activeringscontext voor C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1 niet maken. Fout in manifest of beleidsbestand C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2 op regel C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3. Een onderdeelversie die nodig is voor de toepassing conflicteert met een andere onderdeelversie die reeds actief is. Conflicterende onderdelen zijn: Onderdeel 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest. Onderdeel 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest. Error: (07/16/2014 11:01:31 PM) (Source: SideBySide) (EventID: 80) (User: ) Description: Kan activeringscontext voor C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1 niet maken. Fout in manifest of beleidsbestand C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2 op regel C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3. Een onderdeelversie die nodig is voor de toepassing conflicteert met een andere onderdeelversie die reeds actief is. Conflicterende onderdelen zijn: Onderdeel 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest. Onderdeel 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest. Error: (07/16/2014 10:45:50 PM) (Source: SideBySide) (EventID: 80) (User: ) Description: Kan activeringscontext voor C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1 niet maken. Fout in manifest of beleidsbestand C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2 op regel C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3. Een onderdeelversie die nodig is voor de toepassing conflicteert met een andere onderdeelversie die reeds actief is. Conflicterende onderdelen zijn: Onderdeel 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest. Onderdeel 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest. Error: (07/16/2014 10:45:48 PM) (Source: SideBySide) (EventID: 80) (User: ) Description: Kan activeringscontext voor C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1 niet maken. Fout in manifest of beleidsbestand C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2 op regel C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3. Een onderdeelversie die nodig is voor de toepassing conflicteert met een andere onderdeelversie die reeds actief is. Conflicterende onderdelen zijn: Onderdeel 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest. Onderdeel 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest. Error: (07/16/2014 10:44:36 PM) (Source: SideBySide) (EventID: 80) (User: ) Description: Kan activeringscontext voor C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1 niet maken. Fout in manifest of beleidsbestand C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2 op regel C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3. Een onderdeelversie die nodig is voor de toepassing conflicteert met een andere onderdeelversie die reeds actief is. Conflicterende onderdelen zijn: Onderdeel 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest. Onderdeel 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest. System errors: ============= Error: (07/17/2014 01:17:09 AM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: De NVIDIA Stereoscopic 3D Driver Service-service is onverwacht beëindigd. Dit is nu 1 keer gebeurd. Microsoft Office Sessions: ========================= Error: (07/17/2014 01:23:02 AM) (Source: SideBySide) (EventID: 80) (User: ) Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Patrick\Downloads\esetsmartinstaller_enu.exe Error: (07/17/2014 01:22:06 AM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (07/16/2014 11:39:54 PM) (Source: MsiInstaller) (EventID: 11310) (User: Patrick-PC) Description: Product: Akamai NetSession Interface -- Error 1310. Error writing to file: C:\Users\Patrick\AppData\Local\Akamai\admintool.exe. System error 0. Verify that you have access to that directory.(NULL)(NULL)(NULL)(NULL)(NULL) Error: (07/16/2014 11:39:33 PM) (Source: MsiInstaller) (EventID: 11310) (User: Patrick-PC) Description: Product: Akamai NetSession Interface -- Error 1310. Error writing to file: C:\Users\Patrick\AppData\Local\Akamai\admintool.exe. System error 0. Verify that you have access to that directory.(NULL)(NULL)(NULL)(NULL)(NULL) Error: (07/16/2014 11:16:51 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: plugin-container.exe30.0.0.526953914233mozalloc.dll30.0.0.526953911393800000030000141b115c01cfa1371148a843C:\Program Files (x86)\Mozilla Firefox\plugin-container.exeC:\Program Files (x86)\Mozilla Firefox\mozalloc.dll805d6fd7-0d2e-11e4-aef6-c89cdcebeee9 Error: (07/16/2014 11:01:38 PM) (Source: SideBySide) (EventID: 80) (User: ) Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Patrick\Downloads\esetsmartinstaller_enu.exe Error: (07/16/2014 11:01:31 PM) (Source: SideBySide) (EventID: 80) (User: ) Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Patrick\Downloads\esetsmartinstaller_enu.exe Error: (07/16/2014 10:45:50 PM) (Source: SideBySide) (EventID: 80) (User: ) Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Patrick\Downloads\esetsmartinstaller_enu.exe Error: (07/16/2014 10:45:48 PM) (Source: SideBySide) (EventID: 80) (User: ) Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Patrick\Downloads\esetsmartinstaller_enu.exe Error: (07/16/2014 10:44:36 PM) (Source: SideBySide) (EventID: 80) (User: ) Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Patrick\Downloads\esetsmartinstaller_enu.exe CodeIntegrity Errors: =================================== Date: 2012-05-11 22:50:47.169 Description: De integriteit van de kopie van het bestand \Device\HarddiskVolume3\ijji\ENGLISH\Gunz\GameGuard\dump_wmimmc.sys kan niet worden geverifieerd omdat de bestands-hash niet is gevonden op het systeem. Tijdens een recente hardware- of softwarewijziging is mogelijk een bestand geïnstalleerd dat onjuist ondertekend of beschadigd is, of dat mogelijk kwaadwillende software van een onbekende bron is. Date: 2012-05-11 22:50:47.151 Description: De integriteit van de kopie van het bestand \Device\HarddiskVolume3\ijji\ENGLISH\Gunz\GameGuard\dump_wmimmc.sys kan niet worden geverifieerd omdat de bestands-hash niet is gevonden op het systeem. Tijdens een recente hardware- of softwarewijziging is mogelijk een bestand geïnstalleerd dat onjuist ondertekend of beschadigd is, of dat mogelijk kwaadwillende software van een onbekende bron is. ==================== Memory info =========================== Percentage of memory in use: 36% Total physical RAM: 6126.01 MB Available physical RAM: 3871.46 MB Total Pagefile: 12250.2 MB Available Pagefile: 9990.86 MB Total Virtual: 8192 MB Available Virtual: 8191.85 MB ==================== Drives ================================ Drive c: (Acer) (Fixed) (Total:455.45 GB) (Free:378.2 GB) NTFS Drive d: (DATA) (Fixed) (Total:455.96 GB) (Free:455.86 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 932 GB) (Disk ID: 30B852E5) Partition 1: (Not Active) - (Size=20 GB) - (Type=27) Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=455 GB) - (Type=07 NTFS) Partition 4: (Not Active) - (Size=456 GB) - (Type=07 NTFS) ==================== End Of Log ============================ Malwarebytes Anti-Malware www.malwarebytes.org Scan Date: 17-7-2014 Scan Time: 1:32:25 Logfile: Administrator: Yes Version: 2.00.2.1012 Malware Database: v2014.07.16.09 Rootkit Database: v2014.07.14.01 License: Trial Malware Protection: Enabled Malicious Website Protection: Enabled Self-protection: Disabled OS: Windows 7 Service Pack 1 CPU: x64 File System: NTFS User: Patrick Scan Type: Threat Scan Result: Completed Objects Scanned: 323035 Time Elapsed: 6 min, 59 sec Memory: Enabled Startup: Enabled Filesystem: Enabled Archives: Enabled Rootkits: Enabled Heuristics: Enabled PUP: Enabled PUM: Enabled Processes: 0 (No malicious items detected) Modules: 0 (No malicious items detected) Registry Keys: 0 (No malicious items detected) Registry Values: 0 (No malicious items detected) Registry Data: 0 (No malicious items detected) Folders: 0 (No malicious items detected) Files: 0 (No malicious items detected) Physical Sectors: 0 (No malicious items detected) (end)

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 15-07-2014 01 Ran by Patrick (administrator) on PATRICK-PC on 17-07-2014 00:42:52 Running from C:\Users\Patrick\Downloads Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Nederlands (Nederland) Internet Explorer Version 11 Boot Mode: Normal The only official download link for FRST: Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/ Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/ Download link from any site other than Bleeping Computer is unpermitted or outdated. See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (Acer Incorporated) C:\Program Files (x86)\Acer\Registration\GREGsvc.exe (Acer Incorporated) C:\Program Files\Acer\Acer Updater\UpdaterService.exe (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe (Symantec Corporation) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe () C:\Windows\SysWOW64\PnkBstrA.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe () C:\Program Files\Plantronics\GameCom780\GameCom780.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe (Egis Technology Inc.) C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe (Egis Technology Inc.) C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe () C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (Egis Technology Inc.) C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe (Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_14_0_0_145.exe (Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_14_0_0_145.exe (Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe (Akamai Technologies, Inc.) C:\Users\Patrick\AppData\Local\Akamai\netsession_win.exe (Akamai Technologies, Inc.) C:\Users\Patrick\AppData\Local\Akamai\netsession_win.exe ==================== Registry (Whitelisted) ================== HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [11580520 2010-11-11] (Realtek Semiconductor) HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [1271072 2014-03-11] (Microsoft Corporation) HKLM\...\Run: [GamecomSound] => C:\Program Files\Plantronics\GameCom780\GameCom780.exe [777448 2011-12-01] () HKLM\...\Run: [Nvtmru] => "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe" HKLM\...\Run: [shadowPlay] => C:\Windows\system32\nvspcap64.dll [1279480 2014-05-30] (NVIDIA Corporation) HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2352072 2014-05-30] (NVIDIA Corporation) HKLM-x32\...\Run: [suiteTray] => C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe [340848 2011-04-02] (Egis Technology Inc.) HKLM-x32\...\Run: [EgisTecPMMUpdate] => C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe [408432 2011-03-29] (Egis Technology Inc.) HKLM-x32\...\Run: [EgisUpdate] => C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe [202608 2011-03-29] (Egis Technology Inc.) HKLM-x32\...\Run: [Hotkey Utility] => C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe [627304 2011-08-11] () HKLM-x32\...\Run: [KiesTrayAgent] => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated) HKLM-x32\...\Run: [sunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation) HKU\.DEFAULT\...\RunOnce: [isMyWinLockerReboot] - msiexec.exe /qn /x{voidguid} HKU\S-1-5-19\...\RunOnce: [isMyWinLockerReboot] - msiexec.exe /qn /x{voidguid} HKU\S-1-5-20\...\RunOnce: [isMyWinLockerReboot] - msiexec.exe /qn /x{voidguid} HKU\S-1-5-21-6045758-1717323391-879862430-1001\...\Run: [Akamai NetSession Interface] => C:\Users\Patrick\AppData\Local\Akamai\netsession_win.exe [4440896 2012-08-10] (Akamai Technologies, Inc.) HKU\S-1-5-21-6045758-1717323391-879862430-1001\...\Run: [] => C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe HKU\S-1-5-21-6045758-1717323391-879862430-1001\...\MountPoints2: {94c89b52-511a-11e1-a331-806e6f6e6963} - E:\setup.exe ==================== Internet (Whitelisted) ==================== HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://acer.msn.com HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://acer.nl.msn.com/ HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xE35952EA1F28CF01 HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = nl-NL HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://dnf.neople.com/ StartMenuInternet: IEXPLORE.EXE - iexplore.exe SearchScopes: HKLM - DefaultScope value is missing. SearchScopes: HKLM-x32 - DefaultScope value is missing. SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?q={searchTerms}&r=408 BHO: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) BHO: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) BHO-x32: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) BHO-x32: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) DPF: HKLM-x32 {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 FireFox: ======== FF ProfilePath: C:\Users\Patrick\AppData\Roaming\Mozilla\Firefox\Profiles\uh0a2ezk.default FF SelectedSearchEngine: user_pref("browser.search.selectedEngine", ""); FF Homepage: https://www.youtube.com/ FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_145.dll () FF Plugin: @java.com/DTPlugin,version=10.7.2 - C:\Windows\system32\npDeployJava1.dll (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=10.7.2 - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin: @microsoft.com/GENUINE - disabled No File FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll () FF Plugin-x32: @java.com/DTPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin-x32: @microsoft.com/GENUINE - disabled No File FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin-x32: @ngm.nexoneu.com/NxGame - C:\ProgramData\NexonEU\NGM\npNxGameeu.dll (Nexon) FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation) FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation) FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF Plugin HKCU: ubisoft.com/uplaypc - C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll No File FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.) FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\bolcom-nl.xml FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\marktplaats-nl.xml FF Extension: Adblock Plus Pop-up Addon - C:\Users\Patrick\AppData\Roaming\Mozilla\Firefox\Profiles\uh0a2ezk.default\Extensions\adblockpopups@jessehakanen.net.xpi [2014-04-13] FF Extension: Adblock Plus - C:\Users\Patrick\AppData\Roaming\Mozilla\Firefox\Profiles\uh0a2ezk.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2012-05-11] ==================== Services (Whitelisted) ================= R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation) R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation) R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2014-03-11] (Microsoft Corporation) S3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [347872 2014-03-11] (Microsoft Corporation) R2 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2804568 2010-06-02] (Symantec Corporation) S3 npggsvc; C:\Windows\SysWOW64\GameMon.des [4390376 2011-07-17] (INCA Internet Co., Ltd.) [File not signed] R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1631008 2014-05-30] (NVIDIA Corporation) R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [21055432 2014-05-30] (NVIDIA Corporation) R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2013-03-29] () ==================== Drivers (Whitelisted) ==================== R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-05-12] (Malwarebytes Corporation) R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [122584 2014-07-16] (Malwarebytes Corporation) R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-05-12] (Malwarebytes Corporation) R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [268512 2014-01-25] (Microsoft Corporation) S3 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [133928 2014-03-11] (Microsoft Corporation) S3 NPPTNT2; C:\Windows\SysWOW64\npptNT2.sys [4682 2004-12-31] (INCA Internet Co., Ltd.) [File not signed] R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [20256 2014-05-30] (NVIDIA Corporation) R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [40392 2014-03-31] (NVIDIA Corporation) R3 PlantronicsGC; C:\Windows\System32\drivers\PLTGC.sys [1327104 2011-11-05] (C-Media Electronics Inc) S3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [42184 2014-05-17] (Anchorfree Inc.) S3 dump_wmimmc; \??\C:\ijji\ENGLISH\Gunz\GameGuard\dump_wmimmc.sys [X] S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X] S3 sf; \??\C:\AeriaGames\SoldierFront\avital\soldierf64.sys [X] S3 X6va011; \??\C:\Windows\SysWOW64\Drivers\X6va011 [X] S3 XFDriver64; \??\C:\Program Files (x86)\Xfire2\XFDriver64.sys [X] ==================== NetSvcs (Whitelisted) =================== ==================== One Month Created Files and Folders ======== 2014-07-17 00:41 - 2014-07-17 00:42 - 00013661 _____ () C:\Users\Patrick\Downloads\FRST.txt 2014-07-17 00:41 - 2014-07-17 00:41 - 02086912 _____ (Farbar) C:\Users\Patrick\Downloads\FRST64.exe 2014-07-16 22:44 - 2014-07-16 22:44 - 02347384 _____ (ESET) C:\Users\Patrick\Downloads\esetsmartinstaller_enu.exe 2014-07-16 22:44 - 2014-07-16 22:44 - 00000000 ____D () C:\Program Files (x86)\ESET 2014-07-16 22:38 - 2014-07-16 22:41 - 00000000 ____D () C:\AdwCleaner 2014-07-16 22:38 - 2014-07-16 22:38 - 01348263 _____ () C:\Users\Patrick\Downloads\AdwCleaner.exe 2014-07-16 22:36 - 2014-07-16 22:36 - 00001617 _____ () C:\Users\Patrick\Desktop\JRT.txt 2014-07-16 22:31 - 2014-07-16 22:31 - 01016261 _____ (Thisisu) C:\Users\Patrick\Downloads\JRT.exe 2014-07-16 11:59 - 2014-07-16 23:16 - 00000000 ____D () C:\Users\Patrick\AppData\Local\CrashDumps 2014-07-16 09:45 - 2014-07-16 09:50 - 00030312 _____ () C:\Windows\system32\Drivers\TrueSight.sys 2014-07-16 09:45 - 2014-07-16 09:45 - 05336664 _____ () C:\Users\Patrick\Downloads\RogueKillerX64.exe 2014-07-16 09:45 - 2014-07-16 09:45 - 00000000 ____D () C:\ProgramData\RogueKiller 2014-07-15 23:54 - 2014-07-16 23:53 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2014-07-15 23:54 - 2014-07-15 23:54 - 00001062 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk 2014-07-15 23:54 - 2014-07-15 23:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware 2014-07-15 23:54 - 2014-07-15 23:54 - 00000000 ____D () C:\ProgramData\Malwarebytes 2014-07-15 23:54 - 2014-07-15 23:54 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware 2014-07-15 23:54 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys 2014-07-15 23:54 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys 2014-07-15 23:54 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys 2014-07-15 23:53 - 2014-07-15 23:53 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Patrick\Downloads\mbam-setup-2.0.2.1012(1).exe 2014-07-15 23:51 - 2014-07-15 23:51 - 00321848 _____ (Malwarebytes Corporation) C:\Users\Patrick\Downloads\mbam-clean-2.1.1.1001.exe 2014-07-15 23:47 - 2014-07-15 23:48 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Patrick\Downloads\mbam-setup-2.0.2.1012.exe 2014-07-15 23:44 - 2014-07-15 23:44 - 00791393 _____ (Lars Hederer ) C:\Users\Patrick\Downloads\erunt-setup.exe 2014-07-15 23:44 - 2014-07-15 23:44 - 00000884 _____ () C:\Users\Patrick\Desktop\NTREGOPT.lnk 2014-07-15 23:44 - 2014-07-15 23:44 - 00000884 _____ () C:\Users\Gast\Desktop\NTREGOPT.lnk 2014-07-15 23:44 - 2014-07-15 23:44 - 00000865 _____ () C:\Users\Patrick\Desktop\ERUNT.lnk 2014-07-15 23:44 - 2014-07-15 23:44 - 00000865 _____ () C:\Users\Gast\Desktop\ERUNT.lnk 2014-07-15 23:44 - 2014-07-15 23:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ERUNT 2014-07-15 23:44 - 2014-07-15 23:44 - 00000000 ____D () C:\Program Files (x86)\ERUNT 2014-07-15 23:42 - 2014-07-15 23:43 - 00002038 _____ () C:\Users\Patrick\Desktop\Rkill.txt 2014-07-15 23:42 - 2014-07-15 23:42 - 01942776 _____ (Bleeping Computer, LLC) C:\Users\Patrick\Downloads\iExplore.exe 2014-07-15 23:42 - 2014-07-15 23:42 - 01062136 _____ (Bleeping Computer, LLC) C:\Users\Patrick\Downloads\iExplore64.exe 2014-07-15 10:23 - 2014-07-15 10:23 - 00000221 _____ () C:\Users\Patrick\Desktop\Mount & Blade Warband.url 2014-07-10 23:01 - 2014-07-17 00:42 - 00000000 ____D () C:\FRST 2014-07-09 19:53 - 2014-06-20 22:14 - 00266424 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll 2014-07-09 19:53 - 2014-06-20 21:39 - 00240824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll 2014-07-09 19:53 - 2014-06-19 03:39 - 23464448 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2014-07-09 19:53 - 2014-06-19 03:06 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2014-07-09 19:53 - 2014-06-19 03:06 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll 2014-07-09 19:53 - 2014-06-19 02:48 - 02768384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2014-07-09 19:53 - 2014-06-19 02:42 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2014-07-09 19:53 - 2014-06-19 02:42 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2014-07-09 19:53 - 2014-06-19 02:41 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll 2014-07-09 19:53 - 2014-06-19 02:41 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll 2014-07-09 19:53 - 2014-06-19 02:32 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2014-07-09 19:53 - 2014-06-19 02:31 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2014-07-09 19:53 - 2014-06-19 02:26 - 00598016 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2014-07-09 19:53 - 2014-06-19 02:24 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2014-07-09 19:53 - 2014-06-19 02:24 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2014-07-09 19:53 - 2014-06-19 02:23 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2014-07-09 19:53 - 2014-06-19 02:16 - 17276416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2014-07-09 19:53 - 2014-06-19 02:14 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe 2014-07-09 19:53 - 2014-06-19 02:09 - 00452608 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2014-07-09 19:53 - 2014-06-19 01:59 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll 2014-07-09 19:53 - 2014-06-19 01:56 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2014-07-09 19:53 - 2014-06-19 01:53 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2014-07-09 19:53 - 2014-06-19 01:51 - 05721088 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2014-07-09 19:53 - 2014-06-19 01:50 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2014-07-09 19:53 - 2014-06-19 01:48 - 00292864 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2014-07-09 19:53 - 2014-06-19 01:39 - 00608768 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2014-07-09 19:53 - 2014-06-19 01:38 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2014-07-09 19:53 - 2014-06-19 01:37 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2014-07-09 19:53 - 2014-06-19 01:36 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll 2014-07-09 19:53 - 2014-06-19 01:35 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll 2014-07-09 19:53 - 2014-06-19 01:33 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2014-07-09 19:53 - 2014-06-19 01:32 - 02179072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2014-07-09 19:53 - 2014-06-19 01:28 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2014-07-09 19:53 - 2014-06-19 01:28 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2014-07-09 19:53 - 2014-06-19 01:27 - 02040832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2014-07-09 19:53 - 2014-06-19 01:27 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll 2014-07-09 19:53 - 2014-06-19 01:25 - 00442368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2014-07-09 19:53 - 2014-06-19 01:23 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe 2014-07-09 19:53 - 2014-06-19 01:22 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll 2014-07-09 19:53 - 2014-06-19 01:12 - 00367616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll 2014-07-09 19:53 - 2014-06-19 01:06 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll 2014-07-09 19:53 - 2014-06-19 01:01 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll 2014-07-09 19:53 - 2014-06-19 00:59 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2014-07-09 19:53 - 2014-06-19 00:58 - 02266112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2014-07-09 19:53 - 2014-06-19 00:58 - 00239616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll 2014-07-09 19:53 - 2014-06-19 00:52 - 04254720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2014-07-09 19:53 - 2014-06-19 00:51 - 13527040 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2014-07-09 19:53 - 2014-06-19 00:49 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2014-07-09 19:53 - 2014-06-19 00:46 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll 2014-07-09 19:53 - 2014-06-19 00:45 - 01964544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2014-07-09 19:53 - 2014-06-19 00:35 - 11742208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2014-07-09 19:53 - 2014-06-19 00:34 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2014-07-09 19:53 - 2014-06-19 00:15 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2014-07-09 19:53 - 2014-06-19 00:13 - 01791488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2014-07-09 19:53 - 2014-06-19 00:09 - 01139200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2014-07-09 19:53 - 2014-06-19 00:07 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2014-07-09 19:46 - 2014-06-30 04:09 - 00519168 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll 2014-07-09 19:46 - 2014-06-30 04:04 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll 2014-07-09 19:46 - 2014-06-18 04:18 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe 2014-07-09 19:46 - 2014-06-18 03:51 - 00646144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\osk.exe 2014-07-09 19:46 - 2014-06-18 03:10 - 03157504 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2014-07-09 19:46 - 2014-06-06 12:10 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll 2014-07-09 19:46 - 2014-06-06 11:44 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll 2014-07-09 19:46 - 2014-06-05 16:45 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll 2014-07-09 19:46 - 2014-06-05 16:26 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll 2014-07-09 19:46 - 2014-06-05 16:25 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll 2014-07-09 19:46 - 2014-05-30 10:08 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll 2014-07-09 19:46 - 2014-05-30 10:08 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll 2014-07-09 19:46 - 2014-05-30 10:08 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll 2014-07-09 19:46 - 2014-05-30 10:08 - 00307200 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll 2014-07-09 19:46 - 2014-05-30 10:08 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll 2014-07-09 19:46 - 2014-05-30 10:08 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll 2014-07-09 19:46 - 2014-05-30 10:08 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll 2014-07-09 19:46 - 2014-05-30 09:52 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll 2014-07-09 19:46 - 2014-05-30 09:52 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll 2014-07-09 19:46 - 2014-05-30 09:52 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll 2014-07-09 19:46 - 2014-05-30 09:52 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll 2014-07-09 19:46 - 2014-05-30 09:52 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll 2014-07-09 19:46 - 2014-05-30 09:52 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll 2014-07-09 19:46 - 2014-05-30 09:52 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll 2014-07-09 19:46 - 2014-05-30 08:45 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys 2014-07-08 19:33 - 2014-07-08 19:33 - 00000000 ____D () C:\Users\Patrick\AppData\Local\Adobe 2014-07-08 14:34 - 2014-07-15 23:28 - 00000000 ____D () C:\Program Files (x86)\Hazard Ops 2014-07-07 19:48 - 2014-07-15 23:26 - 00000000 ____D () C:\Users\Patrick\AppData\Local\QQSM 2014-07-07 19:08 - 2014-07-08 14:42 - 00000000 ____D () C:\ProgramData\Solid State Networks 2014-07-06 12:09 - 2014-07-06 12:09 - 09686176 _____ (Perfect World Entertainment) C:\Users\Patrick\Downloads\ArcInstall_v20140625a.exe 2014-07-05 01:43 - 2014-07-05 01:43 - 00000000 ____D () C:\Users\Patrick\AppData\Roaming\Nero 2014-06-23 15:44 - 2012-03-25 10:26 - 00115272 _____ (MotioninJoy) C:\Windows\system32\Drivers\MijXfilt.sys 2014-06-18 16:15 - 2014-06-18 16:15 - 01058200 _____ (Adobe) C:\Users\Patrick\Downloads\install_flashplayer14x32au_mssd_aaa_aih.exe 2014-06-18 04:58 - 2014-06-18 04:59 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox ==================== One Month Modified Files and Folders ======= 2014-07-17 00:42 - 2014-07-17 00:41 - 00013661 _____ () C:\Users\Patrick\Downloads\FRST.txt 2014-07-17 00:42 - 2014-07-10 23:01 - 00000000 ____D () C:\FRST 2014-07-17 00:41 - 2014-07-17 00:41 - 02086912 _____ (Farbar) C:\Users\Patrick\Downloads\FRST64.exe 2014-07-17 00:16 - 2012-05-11 14:30 - 00000940 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job 2014-07-16 23:53 - 2014-07-15 23:54 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2014-07-16 23:39 - 2012-09-05 19:04 - 00000000 ____D () C:\Users\Patrick\AppData\Local\Akamai 2014-07-16 23:33 - 2012-02-07 01:21 - 02091984 _____ () C:\Windows\WindowsUpdate.log 2014-07-16 23:16 - 2014-07-16 11:59 - 00000000 ____D () C:\Users\Patrick\AppData\Local\CrashDumps 2014-07-16 22:49 - 2009-07-14 06:45 - 00016976 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2014-07-16 22:49 - 2009-07-14 06:45 - 00016976 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2014-07-16 22:44 - 2014-07-16 22:44 - 02347384 _____ (ESET) C:\Users\Patrick\Downloads\esetsmartinstaller_enu.exe 2014-07-16 22:44 - 2014-07-16 22:44 - 00000000 ____D () C:\Program Files (x86)\ESET 2014-07-16 22:42 - 2009-07-14 06:51 - 00133327 _____ () C:\Windows\setupact.log 2014-07-16 22:41 - 2014-07-16 22:38 - 00000000 ____D () C:\AdwCleaner 2014-07-16 22:41 - 2012-02-07 01:22 - 00000000 ____D () C:\ProgramData\NVIDIA 2014-07-16 22:41 - 2010-11-21 05:47 - 00658770 _____ () C:\Windows\PFRO.log 2014-07-16 22:41 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2014-07-16 22:38 - 2014-07-16 22:38 - 01348263 _____ () C:\Users\Patrick\Downloads\AdwCleaner.exe 2014-07-16 22:36 - 2014-07-16 22:36 - 00001617 _____ () C:\Users\Patrick\Desktop\JRT.txt 2014-07-16 22:31 - 2014-07-16 22:31 - 01016261 _____ (Thisisu) C:\Users\Patrick\Downloads\JRT.exe 2014-07-16 21:38 - 2012-05-11 14:57 - 00000000 ____D () C:\Program Files (x86)\Steam 2014-07-16 09:50 - 2014-07-16 09:45 - 00030312 _____ () C:\Windows\system32\Drivers\TrueSight.sys 2014-07-16 09:45 - 2014-07-16 09:45 - 05336664 _____ () C:\Users\Patrick\Downloads\RogueKillerX64.exe 2014-07-16 09:45 - 2014-07-16 09:45 - 00000000 ____D () C:\ProgramData\RogueKiller 2014-07-15 23:54 - 2014-07-15 23:54 - 00001062 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk 2014-07-15 23:54 - 2014-07-15 23:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware 2014-07-15 23:54 - 2014-07-15 23:54 - 00000000 ____D () C:\ProgramData\Malwarebytes 2014-07-15 23:54 - 2014-07-15 23:54 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware 2014-07-15 23:53 - 2014-07-15 23:53 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Patrick\Downloads\mbam-setup-2.0.2.1012(1).exe 2014-07-15 23:51 - 2014-07-15 23:51 - 00321848 _____ (Malwarebytes Corporation) C:\Users\Patrick\Downloads\mbam-clean-2.1.1.1001.exe 2014-07-15 23:48 - 2014-07-15 23:47 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\Patrick\Downloads\mbam-setup-2.0.2.1012.exe 2014-07-15 23:45 - 2013-07-08 16:27 - 00000000 ____D () C:\Windows\ERDNT 2014-07-15 23:44 - 2014-07-15 23:44 - 00791393 _____ (Lars Hederer ) C:\Users\Patrick\Downloads\erunt-setup.exe 2014-07-15 23:44 - 2014-07-15 23:44 - 00000884 _____ () C:\Users\Patrick\Desktop\NTREGOPT.lnk 2014-07-15 23:44 - 2014-07-15 23:44 - 00000884 _____ () C:\Users\Gast\Desktop\NTREGOPT.lnk 2014-07-15 23:44 - 2014-07-15 23:44 - 00000865 _____ () C:\Users\Patrick\Desktop\ERUNT.lnk 2014-07-15 23:44 - 2014-07-15 23:44 - 00000865 _____ () C:\Users\Gast\Desktop\ERUNT.lnk 2014-07-15 23:44 - 2014-07-15 23:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ERUNT 2014-07-15 23:44 - 2014-07-15 23:44 - 00000000 ____D () C:\Program Files (x86)\ERUNT 2014-07-15 23:43 - 2014-07-15 23:42 - 00002038 _____ () C:\Users\Patrick\Desktop\Rkill.txt 2014-07-15 23:42 - 2014-07-15 23:42 - 01942776 _____ (Bleeping Computer, LLC) C:\Users\Patrick\Downloads\iExplore.exe 2014-07-15 23:42 - 2014-07-15 23:42 - 01062136 _____ (Bleeping Computer, LLC) C:\Users\Patrick\Downloads\iExplore64.exe 2014-07-15 23:29 - 2012-05-11 12:50 - 00000000 ____D () C:\Users\Patrick 2014-07-15 23:29 - 2010-11-21 09:17 - 00000000 ____D () C:\Program Files\Windows Journal 2014-07-15 23:28 - 2014-07-08 14:34 - 00000000 ____D () C:\Program Files (x86)\Hazard Ops 2014-07-15 23:28 - 2014-05-02 20:59 - 00000000 ___SD () C:\Windows\system32\CompatTel 2014-07-15 23:28 - 2013-05-09 09:11 - 00000000 ____D () C:\Users\Patrick\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games 2014-07-15 23:28 - 2012-09-27 23:17 - 00000000 ____D () C:\Users\Gast 2014-07-15 23:28 - 2012-05-11 15:16 - 00000000 ____D () C:\Windows\system32\Macromed 2014-07-15 23:28 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\SysWOW64\Dism 2014-07-15 23:28 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\NDF 2014-07-15 23:28 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\Dism 2014-07-15 23:28 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\rescache 2014-07-15 23:28 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\registration 2014-07-15 23:28 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\PolicyDefinitions 2014-07-15 23:28 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\AppCompat 2014-07-15 23:26 - 2014-07-07 19:48 - 00000000 ____D () C:\Users\Patrick\AppData\Local\QQSM 2014-07-15 23:26 - 2009-07-14 05:20 - 00000000 ____D () C:\Program Files\Common Files\Microsoft Shared 2014-07-15 10:23 - 2014-07-15 10:23 - 00000221 _____ () C:\Users\Patrick\Desktop\Mount & Blade Warband.url 2014-07-10 22:51 - 2013-07-10 06:53 - 00000000 ____D () C:\Windows\system32\MRT 2014-07-09 20:50 - 2012-02-02 18:30 - 00745764 _____ () C:\Windows\system32\perfh013.dat 2014-07-09 20:50 - 2012-02-02 18:30 - 00153716 _____ () C:\Windows\system32\perfc013.dat 2014-07-09 20:50 - 2009-07-14 07:13 - 01670960 _____ () C:\Windows\system32\PerfStringBackup.INI 2014-07-09 20:09 - 2009-07-14 06:45 - 00276968 _____ () C:\Windows\system32\FNTCACHE.DAT 2014-07-09 19:55 - 2012-05-14 12:36 - 96441528 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2014-07-09 14:05 - 2012-08-04 14:57 - 00000000 ____D () C:\Users\Patrick\Documents\My Games 2014-07-09 12:16 - 2012-05-11 14:30 - 00699056 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2014-07-09 12:16 - 2012-05-11 14:30 - 00003878 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater 2014-07-09 12:16 - 2011-07-11 12:28 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2014-07-08 19:33 - 2014-07-08 19:33 - 00000000 ____D () C:\Users\Patrick\AppData\Local\Adobe 2014-07-08 14:42 - 2014-07-07 19:08 - 00000000 ____D () C:\ProgramData\Solid State Networks 2014-07-06 13:00 - 2014-04-23 20:33 - 00000000 ____D () C:\Program Files (x86)\Perfect World Entertainment 2014-07-06 13:00 - 2011-07-11 11:58 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information 2014-07-06 12:09 - 2014-07-06 12:09 - 09686176 _____ (Perfect World Entertainment) C:\Users\Patrick\Downloads\ArcInstall_v20140625a.exe 2014-07-05 01:49 - 2013-05-09 09:07 - 00000000 ____D () C:\Users\Public\Games 2014-07-05 01:43 - 2014-07-05 01:43 - 00000000 ____D () C:\Users\Patrick\AppData\Roaming\Nero 2014-06-30 04:09 - 2014-07-09 19:46 - 00519168 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll 2014-06-30 04:04 - 2014-07-09 19:46 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll 2014-06-23 15:52 - 2011-07-11 12:00 - 00639037 _____ () C:\Windows\DirectX.log 2014-06-20 22:14 - 2014-07-09 19:53 - 00266424 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll 2014-06-20 21:39 - 2014-07-09 19:53 - 00240824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll 2014-06-20 01:45 - 2013-04-04 20:26 - 00000000 ____D () C:\Users\Patrick\AppData\Local\Warframe 2014-06-19 23:02 - 2014-06-08 21:54 - 00000000 ____D () C:\Program Files\My Vapor Record 2014-06-19 14:04 - 2012-05-11 14:29 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service 2014-06-19 03:39 - 2014-07-09 19:53 - 23464448 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2014-06-19 03:06 - 2014-07-09 19:53 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2014-06-19 03:06 - 2014-07-09 19:53 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll 2014-06-19 02:48 - 2014-07-09 19:53 - 02768384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2014-06-19 02:42 - 2014-07-09 19:53 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2014-06-19 02:42 - 2014-07-09 19:53 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2014-06-19 02:41 - 2014-07-09 19:53 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll 2014-06-19 02:41 - 2014-07-09 19:53 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll 2014-06-19 02:32 - 2014-07-09 19:53 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2014-06-19 02:31 - 2014-07-09 19:53 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2014-06-19 02:26 - 2014-07-09 19:53 - 00598016 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2014-06-19 02:24 - 2014-07-09 19:53 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2014-06-19 02:24 - 2014-07-09 19:53 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2014-06-19 02:23 - 2014-07-09 19:53 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2014-06-19 02:16 - 2014-07-09 19:53 - 17276416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll 2014-06-19 02:14 - 2014-07-09 19:53 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe 2014-06-19 02:09 - 2014-07-09 19:53 - 00452608 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2014-06-19 01:59 - 2014-07-09 19:53 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll 2014-06-19 01:56 - 2014-07-09 19:53 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb 2014-06-19 01:53 - 2014-07-09 19:53 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2014-06-19 01:51 - 2014-07-09 19:53 - 05721088 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2014-06-19 01:50 - 2014-07-09 19:53 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2014-06-19 01:48 - 2014-07-09 19:53 - 00292864 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2014-06-19 01:39 - 2014-07-09 19:53 - 00608768 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2014-06-19 01:38 - 2014-07-09 19:53 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll 2014-06-19 01:37 - 2014-07-09 19:53 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll 2014-06-19 01:36 - 2014-07-09 19:53 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll 2014-06-19 01:35 - 2014-07-09 19:53 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll 2014-06-19 01:33 - 2014-07-09 19:53 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2014-06-19 01:32 - 2014-07-09 19:53 - 02179072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll 2014-06-19 01:28 - 2014-07-09 19:53 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll 2014-06-19 01:28 - 2014-07-09 19:53 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll 2014-06-19 01:27 - 2014-07-09 19:53 - 02040832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2014-06-19 01:27 - 2014-07-09 19:53 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll 2014-06-19 01:25 - 2014-07-09 19:53 - 00442368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll 2014-06-19 01:23 - 2014-07-09 19:53 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe 2014-06-19 01:22 - 2014-07-09 19:53 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll 2014-06-19 01:12 - 2014-07-09 19:53 - 00367616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll 2014-06-19 01:06 - 2014-07-09 19:53 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll 2014-06-19 01:01 - 2014-07-09 19:53 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll 2014-06-19 00:59 - 2014-07-09 19:53 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll 2014-06-19 00:58 - 2014-07-09 19:53 - 02266112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2014-06-19 00:58 - 2014-07-09 19:53 - 00239616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll 2014-06-19 00:52 - 2014-07-09 19:53 - 04254720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll 2014-06-19 00:51 - 2014-07-09 19:53 - 13527040 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2014-06-19 00:49 - 2014-07-09 19:53 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll 2014-06-19 00:46 - 2014-07-09 19:53 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll 2014-06-19 00:45 - 2014-07-09 19:53 - 01964544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl 2014-06-19 00:35 - 2014-07-09 19:53 - 11742208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll 2014-06-19 00:34 - 2014-07-09 19:53 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2014-06-19 00:34 - 2014-05-07 15:29 - 00000000 ____D () C:\Users\Patrick\AppData\Local\Windows Live 2014-06-19 00:15 - 2014-07-09 19:53 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2014-06-19 00:13 - 2014-07-09 19:53 - 01791488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll 2014-06-19 00:09 - 2014-07-09 19:53 - 01139200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll 2014-06-19 00:07 - 2014-07-09 19:53 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll 2014-06-18 16:15 - 2014-06-18 16:15 - 01058200 _____ (Adobe) C:\Users\Patrick\Downloads\install_flashplayer14x32au_mssd_aaa_aih.exe 2014-06-18 04:59 - 2014-06-18 04:58 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox 2014-06-18 04:18 - 2014-07-09 19:46 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe 2014-06-18 03:51 - 2014-07-09 19:46 - 00646144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\osk.exe 2014-06-18 03:10 - 2014-07-09 19:46 - 03157504 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys Files to move or delete: ==================== C:\ProgramData\DynuEncrypt.dll C:\Users\Patrick\random.dat Some content of TEMP: ==================== C:\Users\Patrick\AppData\Local\Temp\HssInstaller64.exe C:\Users\Patrick\AppData\Local\Temp\nv3DVStreaming.dll C:\Users\Patrick\AppData\Local\Temp\nvSCPAPI.dll C:\Users\Patrick\AppData\Local\Temp\nvStereoApiI.dll C:\Users\Patrick\AppData\Local\Temp\nvStInst.exe C:\Users\Patrick\AppData\Local\Temp\Quarantine.exe ==================== Bamital & volsnap Check ================= C:\Windows\System32\winlogon.exe => File is digitally signed C:\Windows\System32\wininit.exe => File is digitally signed C:\Windows\SysWOW64\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\System32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\System32\services.exe => File is digitally signed C:\Windows\System32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\System32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\System32\rpcss.dll => File is digitally signed C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2014-07-09 17:17 ==================== End Of Log ============================ 'Additional scan result of Farbar Recovery Scan Tool (x64) Version: 15-07-2014 01 Ran by Patrick at 2014-07-17 00:43:09 Running from C:\Users\Patrick\Downloads Boot Mode: Normal ========================================================== ==================== Security Center ======================== AV: Microsoft Security Essentials (Disabled - Up to date) {641105E6-77ED-3F35-A304-765193BCB75F} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Microsoft Security Essentials (Disabled - Up to date) {DF70E402-51D7-30BB-99B4-4D23E83BFDE2} ==================== Installed Programs ====================== Acer eRecovery Management (HKLM-x32\...\{7F811A54-5A09-4579-90E1-C93498E230D9}) (Version: 5.00.3505 - Acer Incorporated) Acer Registration (HKLM-x32\...\Acer Registration) (Version: 1.04.3503 - Acer Incorporated) Acer ScreenSaver (HKLM-x32\...\Acer Screensaver) (Version: 1.1.0609.2011 - Acer Incorporated) Acer Updater (HKLM-x32\...\{EE171732-BEB4-4576-887D-CB62727F01CA}) (Version: 1.02.3500 - Acer Incorporated) Adobe Flash Player 14 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 14.0.0.145 - Adobe Systems Incorporated) Adobe Flash Player 14 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 14.0.0.145 - Adobe Systems Incorporated) Adobe Reader XI (11.0.07) - Nederlands (HKLM-x32\...\{AC76BA86-7AD7-1043-7B44-AB0000000001}) (Version: 11.0.07 - Adobe Systems Incorporated) Akamai NetSession Interface (HKCU\...\Akamai) (Version: - Akamai Technologies, Inc) Bandisoft MPEG-1 Decoder (HKLM-x32\...\BandiMPEG1) (Version: - ) D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden ERUNT 1.1j (HKLM-x32\...\ERUNT_is1) (Version: - Lars Hederer) Evernote v. 4.5.1 (HKLM-x32\...\{28921580-E4BB-11E0-9FD7-1CC1DEF07CBE}) (Version: 4.5.1.5451 - Evernote Corp.) Fotogalerija Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Futuremark SystemInfo (HKLM-x32\...\{BEE64C14-BEF1-4610-8A68-A16EAA47B882}) (Version: 4.15.0 - Futuremark Corporation) Galeria de Fotografias do Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Galería fotográfica de Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Galeria fotogràfica del Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Galeria fotografii usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Galerie de photos Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Galerie foto Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Hotkey Utility (HKLM-x32\...\Hotkey Utility) (Version: 2.05.3505 - Acer Incorporated) Identity Card (HKLM-x32\...\Identity Card) (Version: 1.00.3501 - Acer Incorporated) Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation) Intel® Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.1.0.1008 - Intel Corporation) Java 7 Update 55 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217045FF}) (Version: 7.0.550 - Oracle) Java 7 Update 7 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417007FF}) (Version: 7.0.70 - Oracle) Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden JavaFX 2.1.1 (HKLM-x32\...\{1111706F-666A-4037-7777-211328764D10}) (Version: 2.1.1 - Oracle Corporation) Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden League of Legends (HKLM-x32\...\{92606477-9366-4D3B-8AE3-6BE4B29727AB}) (Version: 1.3 - Riot Games) Malwarebytes Anti-Malware versie 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation) Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation) Microsoft .NET Framework 4.5.1 (Nederlands) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1043) (Version: 4.5.50938 - Microsoft Corporation) Microsoft .NET Framework 4.5.1 (NLD) (Version: 4.5.50938 - Microsoft Corporation) Hidden Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}) (Version: 3.5.92.0 - Microsoft Corporation) Microsoft Games for Windows Marketplace (HKLM-x32\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation) Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation) Microsoft Security Client (Version: 4.5.0216.0 - Microsoft Corporation) Hidden Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.5.216.0 - Microsoft Corporation) Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation) Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation) Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.60610 (Version: 11.0.60610 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.60610 (x32 Version: 11.0.60610 - Microsoft Corporation) Hidden Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation) Mozilla Firefox 30.0 (x86 nl) (HKLM-x32\...\Mozilla Firefox 30.0 (x86 nl)) (Version: 30.0 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla) MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation) MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation) MyWinLocker (Version: 4.0.14.25 - Egis Technology Inc.) Hidden MyWinLocker 4 (x32 Version: 4.0.14.25 - Egis Technology Inc.) Hidden MyWinLocker Suite (HKLM-x32\...\InstallShield_{17DF9714-60C9-43C9-A9C2-32BCAED44CBE}) (Version: 4.0.14.15 - Egis Technology Inc.) MyWinLocker Suite (x32 Version: 4.0.14.15 - Egis Technology Inc.) Hidden Nero Control Center 10 (x32 Version: 10.2.11100.1.1 - Nero AG) Hidden Nero ControlCenter 10 Help (CHM) (x32 Version: 10.5.10000 - Nero AG) Hidden Nero Core Components 10 (x32 Version: 2.0.18100.8.8 - Nero AG) Hidden Nero DiscSpeed 10 (HKLM-x32\...\{34490F4E-48D0-492E-8249-B48BECF0537C}) (Version: 6.2.10500.2.100 - Nero AG) Nero DiscSpeed 10 Help (CHM) (x32 Version: 10.5.10000 - Nero AG) Hidden Nero Express 10 (HKLM-x32\...\{70550193-1C22-445C-8FA4-564E155DB1A7}) (Version: 10.2.12000.21.100 - Nero AG) Nero Express 10 Help (CHM) (x32 Version: 10.5.10200 - Nero AG) Hidden Nero Multimedia Suite 10 Essentials (HKLM-x32\...\{62BF4BD3-B1F6-4FA2-8388-CC0647ACBF86}) (Version: 10.5.10300 - Nero AG) Nero StartSmart 10 (HKLM-x32\...\{F61D489E-6C44-49AC-AD02-7DA8ACA73A65}) (Version: 10.2.11600.14.100 - Nero AG) Nero StartSmart 10 Help (CHM) (x32 Version: 10.5.10000 - Nero AG) Hidden Nero Update (HKLM-x32\...\{65BB0407-4CC8-4DC7-952E-3EEFDF05602A}) (Version: 1.0.0018 - Nero AG) Norton Online Backup (HKLM-x32\...\{40A66DF6-22D3-44B5-A7D3-83B118A2C0DC}) (Version: 2.1.17869 - Symantec Corporation) NVIDIA 3D Vision controllerstuurprogramma 337.88 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 337.88 - NVIDIA Corporation) NVIDIA 3D Vision stuurprogramma 337.88 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 337.88 - NVIDIA Corporation) NVIDIA GeForce Experience 2.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1 - NVIDIA Corporation) NVIDIA Grafisch stuurprogramma 337.88 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 337.88 - NVIDIA Corporation) NVIDIA HD Audio-stuurprogramma 1.3.30.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.30.1 - NVIDIA Corporation) NVIDIA Install Application (Version: 2.1002.157.1165 - NVIDIA Corporation) Hidden NVIDIA LED Visualizer 1.0 (Version: 1.0 - NVIDIA Corporation) Hidden NVIDIA Network Service (Version: 1.0 - NVIDIA Corporation) Hidden NVIDIA Optimus Update 14.6.22 (Version: 14.6.22 - NVIDIA Corporation) Hidden NVIDIA PhysX (x32 Version: 9.13.1220 - NVIDIA Corporation) Hidden NVIDIA PhysX systeemsoftware 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation) NVIDIA ShadowPlay 14.6.22 (Version: 14.6.22 - NVIDIA Corporation) Hidden NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.12.6514 - NVIDIA Corporation) Hidden NVIDIA Update 14.6.22 (Version: 14.6.22 - NVIDIA Corporation) Hidden NVIDIA Update Core (Version: 14.6.22 - NVIDIA Corporation) Hidden NVIDIA Virtual Audio 1.2.23 (Version: 1.2.23 - NVIDIA Corporation) Hidden NVIDIA-configuratiescherm 337.88 (Version: 337.88 - NVIDIA Corporation) Hidden OpenAL (HKLM-x32\...\OpenAL) (Version: - ) Plantronics® GameCom 780 Software for Dolby® Headphone (HKLM-x32\...\{EB3C9064-9140-4279-9E51-965119402151}) (Version: 1.00.0001 - Plantronics) Poczta usługi Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Podstawowe programy Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Pošta Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.988 - Even Balance, Inc.) Raccolta foto di Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6242 - Realtek Semiconductor Corp.) SHIELD Streaming (Version: 2.1.214 - NVIDIA Corporation) Hidden Shredder (Version: 2.0.8.9 - Egis Technology Inc.) Hidden Shredder (x32 Version: 2.0.8.9 - Egis Technology Inc.) Hidden Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation) swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden Welcome Center (HKLM-x32\...\Acer Welcome Center) (Version: 1.02.3504 - Acer Incorporated) Windows Live Argazki Galeria (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Communications Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation) Windows Live Essentials (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Fotogaléria (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Fotogalerie (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Fotogalleri (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Fotoğraf Galerisi (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Fotótár (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Galeria de Fotos (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Galerija fotografija (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live ID Sign-in Assistant (Version: 7.250.4225.0 - Microsoft Corporation) Hidden Windows Live Installer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Language Selector (Version: 15.4.3508.1109 - Microsoft Corporation) Hidden Windows Live Mail (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Mesh (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live MIME IFilter (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Movie Maker (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Photo Common (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Photo Gallery (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live PIMT Platform (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden Windows Live Remote Client (Version: 15.4.5722.2 - Microsoft Corporation) Hidden Windows Live Remote Client Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden Windows Live Remote Service (Version: 15.4.5722.2 - Microsoft Corporation) Hidden Windows Live Remote Service Resources (Version: 15.4.5722.2 - Microsoft Corporation) Hidden Windows Live SOXE (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Temel Parçalar (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live UX Platform (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109 - Microsoft Corporation) Hidden Windows Live Writer (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live Writer Resources (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live 影像中心 (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Live 程式集 (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Liven asennustyökalu (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Liven sähköposti (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Windows Liven valokuvavalikoima (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden WinRAR 4.20 (64-bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH) Συλλογή φωτογραφιών του Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Основные компоненты Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Почта Windows Live (x32 Version: 15.4.3502.0922 - Корпорация Майкрософт) Hidden Фотоальбом Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden Фотогалерия на Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden גלריית התמונות של Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden بريد Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden معرض صور Windows Live (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden ==================== Restore Points ========================= 10-07-2014 13:34:15 Windows Update 10-07-2014 16:03:00 Herstelbewerking 10-07-2014 20:34:28 Windows Update 10-07-2014 20:48:20 Windows Update 14-07-2014 09:21:46 Windows Update 15-07-2014 21:32:53 Windows Update ==================== Hosts content: ========================== 2009-07-14 04:34 - 2009-06-10 23:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts ==================== Scheduled Tasks (whitelisted) ============= Task: {0FE833D6-1CC1-4D33-AD84-2DA4D5B307D0} - System32\Tasks\Adobe Reader Speed Launcher => C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe Task: {5C5FE30A-AAA1-4C2E-AD79-30544C05DA33} - System32\Tasks\Adobe ARM => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21] (Adobe Systems Incorporated) Task: {8DEBD8F5-E8CC-449C-BE51-2263C43011FE} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-07-09] (Adobe Systems Incorporated) Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe ==================== Loaded Modules (whitelisted) ============= 2012-05-23 18:47 - 2014-05-20 03:25 - 00116568 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll 2012-05-11 15:04 - 2013-03-29 16:39 - 00076888 _____ () C:\Windows\SysWOW64\PnkBstrA.exe 2013-04-04 16:38 - 2011-12-01 21:15 - 00777448 ____N () C:\Program Files\Plantronics\GameCom780\GameCom780.exe 2011-08-11 05:58 - 2011-08-11 05:58 - 00627304 _____ () C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyUtility.exe 2013-04-04 16:38 - 2011-12-01 21:16 - 00150760 ____N () C:\Program Files\Plantronics\GameCom780\VmixPLGC.dll 2011-08-11 05:57 - 2011-08-11 05:57 - 00151656 _____ () C:\Program Files (x86)\Acer\Hotkey Utility\HotkeyHook.dll 2014-02-14 17:17 - 2014-02-14 17:17 - 00169472 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\0a0467413a424068d1471448ff6ca6cc\IsdiInterop.ni.dll 2012-02-07 01:25 - 2010-11-06 09:50 - 00058880 _____ () C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IsdiInterop.dll 2014-06-18 04:58 - 2014-06-18 04:58 - 03852912 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll 2014-07-09 11:31 - 2014-07-09 11:31 - 17029808 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll ==================== Alternate Data Streams (whitelisted) ========= ==================== Safe Mode (whitelisted) =================== ==================== EXE Association (whitelisted) ============= ==================== MSCONFIG/TASK MANAGER disabled items ========= MSCONFIG\Services: HssSrv => 2 MSCONFIG\Services: HssTrayService => 3 MSCONFIG\Services: SkypeUpdate => 2 MSCONFIG\startupreg: KPeerNexonEU => C:\Nexon\NEXON_EU_Downloader\nxEULauncher.exe MSCONFIG\startupreg: Norton Online Backup => C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun MSCONFIG\startupreg: Steam => "C:\Program Files (x86)\Steam\Steam.exe" -silent ==================== Faulty Device Manager Devices ============= Name: 802.11n draadloze LAN-kaart Description: 802.11n draadloze LAN-kaart Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: Ralink Technology, Corp. Service: netr28x Problem: : This device is disabled. (Code 22) Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions. ==================== Event log errors: ========================= Application errors: ================== Error: (07/16/2014 11:39:54 PM) (Source: MsiInstaller) (EventID: 11310) (User: Patrick-PC) Description: Product: Akamai NetSession Interface -- Error 1310. Error writing to file: C:\Users\Patrick\AppData\Local\Akamai\admintool.exe. System error 0. Verify that you have access to that directory. Error: (07/16/2014 11:39:33 PM) (Source: MsiInstaller) (EventID: 11310) (User: Patrick-PC) Description: Product: Akamai NetSession Interface -- Error 1310. Error writing to file: C:\Users\Patrick\AppData\Local\Akamai\admintool.exe. System error 0. Verify that you have access to that directory. Error: (07/16/2014 11:16:51 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Naam van toepassing met fout: plugin-container.exe, versie: 30.0.0.5269, tijdstempel: 0x53914233 Naam van module met fout: mozalloc.dll, versie: 30.0.0.5269, tijdstempel: 0x53911393 Uitzonderingscode: 0x80000003 Foutoffset: 0x0000141b Id van proces met fout: 0x115c Starttijd van toepassing met fout: 0xplugin-container.exe0 Pad naar toepassing met fout: plugin-container.exe1 Pad naar module met fout: plugin-container.exe2 Rapport-id: plugin-container.exe3 Error: (07/16/2014 11:01:38 PM) (Source: SideBySide) (EventID: 80) (User: ) Description: Kan activeringscontext voor C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1 niet maken. Fout in manifest of beleidsbestand C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2 op regel C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3. Een onderdeelversie die nodig is voor de toepassing conflicteert met een andere onderdeelversie die reeds actief is. Conflicterende onderdelen zijn: Onderdeel 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest. Onderdeel 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest. Error: (07/16/2014 11:01:31 PM) (Source: SideBySide) (EventID: 80) (User: ) Description: Kan activeringscontext voor C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1 niet maken. Fout in manifest of beleidsbestand C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2 op regel C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3. Een onderdeelversie die nodig is voor de toepassing conflicteert met een andere onderdeelversie die reeds actief is. Conflicterende onderdelen zijn: Onderdeel 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest. Onderdeel 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest. Error: (07/16/2014 10:45:50 PM) (Source: SideBySide) (EventID: 80) (User: ) Description: Kan activeringscontext voor C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1 niet maken. Fout in manifest of beleidsbestand C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2 op regel C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3. Een onderdeelversie die nodig is voor de toepassing conflicteert met een andere onderdeelversie die reeds actief is. Conflicterende onderdelen zijn: Onderdeel 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest. Onderdeel 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest. Error: (07/16/2014 10:45:48 PM) (Source: SideBySide) (EventID: 80) (User: ) Description: Kan activeringscontext voor C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1 niet maken. Fout in manifest of beleidsbestand C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2 op regel C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3. Een onderdeelversie die nodig is voor de toepassing conflicteert met een andere onderdeelversie die reeds actief is. Conflicterende onderdelen zijn: Onderdeel 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest. Onderdeel 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest. Error: (07/16/2014 10:44:36 PM) (Source: SideBySide) (EventID: 80) (User: ) Description: Kan activeringscontext voor C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1 niet maken. Fout in manifest of beleidsbestand C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2 op regel C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3. Een onderdeelversie die nodig is voor de toepassing conflicteert met een andere onderdeelversie die reeds actief is. Conflicterende onderdelen zijn: Onderdeel 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest. Onderdeel 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest. Error: (07/16/2014 10:44:34 PM) (Source: SideBySide) (EventID: 80) (User: ) Description: Kan activeringscontext voor C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1 niet maken. Fout in manifest of beleidsbestand C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2 op regel C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3. Een onderdeelversie die nodig is voor de toepassing conflicteert met een andere onderdeelversie die reeds actief is. Conflicterende onderdelen zijn: Onderdeel 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest. Onderdeel 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest. Error: (07/16/2014 10:43:39 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 System errors: ============= Microsoft Office Sessions: ========================= Error: (07/16/2014 11:39:54 PM) (Source: MsiInstaller) (EventID: 11310) (User: Patrick-PC) Description: Product: Akamai NetSession Interface -- Error 1310. Error writing to file: C:\Users\Patrick\AppData\Local\Akamai\admintool.exe. System error 0. Verify that you have access to that directory.(NULL)(NULL)(NULL)(NULL)(NULL) Error: (07/16/2014 11:39:33 PM) (Source: MsiInstaller) (EventID: 11310) (User: Patrick-PC) Description: Product: Akamai NetSession Interface -- Error 1310. Error writing to file: C:\Users\Patrick\AppData\Local\Akamai\admintool.exe. System error 0. Verify that you have access to that directory.(NULL)(NULL)(NULL)(NULL)(NULL) Error: (07/16/2014 11:16:51 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: plugin-container.exe30.0.0.526953914233mozalloc.dll30.0.0.526953911393800000030000141b115c01cfa1371148a843C:\Program Files (x86)\Mozilla Firefox\plugin-container.exeC:\Program Files (x86)\Mozilla Firefox\mozalloc.dll805d6fd7-0d2e-11e4-aef6-c89cdcebeee9 Error: (07/16/2014 11:01:38 PM) (Source: SideBySide) (EventID: 80) (User: ) Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Patrick\Downloads\esetsmartinstaller_enu.exe Error: (07/16/2014 11:01:31 PM) (Source: SideBySide) (EventID: 80) (User: ) Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Patrick\Downloads\esetsmartinstaller_enu.exe Error: (07/16/2014 10:45:50 PM) (Source: SideBySide) (EventID: 80) (User: ) Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Patrick\Downloads\esetsmartinstaller_enu.exe Error: (07/16/2014 10:45:48 PM) (Source: SideBySide) (EventID: 80) (User: ) Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Patrick\Downloads\esetsmartinstaller_enu.exe Error: (07/16/2014 10:44:36 PM) (Source: SideBySide) (EventID: 80) (User: ) Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Patrick\Downloads\esetsmartinstaller_enu.exe Error: (07/16/2014 10:44:34 PM) (Source: SideBySide) (EventID: 80) (User: ) Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Patrick\Downloads\esetsmartinstaller_enu.exe Error: (07/16/2014 10:43:39 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 CodeIntegrity Errors: =================================== Date: 2012-05-11 22:50:47.169 Description: De integriteit van de kopie van het bestand \Device\HarddiskVolume3\ijji\ENGLISH\Gunz\GameGuard\dump_wmimmc.sys kan niet worden geverifieerd omdat de bestands-hash niet is gevonden op het systeem. Tijdens een recente hardware- of softwarewijziging is mogelijk een bestand geïnstalleerd dat onjuist ondertekend of beschadigd is, of dat mogelijk kwaadwillende software van een onbekende bron is. Date: 2012-05-11 22:50:47.151 Description: De integriteit van de kopie van het bestand \Device\HarddiskVolume3\ijji\ENGLISH\Gunz\GameGuard\dump_wmimmc.sys kan niet worden geverifieerd omdat de bestands-hash niet is gevonden op het systeem. Tijdens een recente hardware- of softwarewijziging is mogelijk een bestand geïnstalleerd dat onjuist ondertekend of beschadigd is, of dat mogelijk kwaadwillende software van een onbekende bron is. ==================== Memory info =========================== Percentage of memory in use: 37% Total physical RAM: 6126.01 MB Available physical RAM: 3811.77 MB Total Pagefile: 12250.2 MB Available Pagefile: 9909.14 MB Total Virtual: 8192 MB Available Virtual: 8191.85 MB ==================== Drives ================================ Drive c: (Acer) (Fixed) (Total:455.45 GB) (Free:374.39 GB) NTFS Drive d: (DATA) (Fixed) (Total:455.96 GB) (Free:455.86 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 932 GB) (Disk ID: 30B852E5) Partition 1: (Not Active) - (Size=20 GB) - (Type=27) Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=455 GB) - (Type=07 NTFS) Partition 4: (Not Active) - (Size=456 GB) - (Type=07 NTFS) ==================== End Of Log ============================

I didn't think it would fit I'm sorry.

Malwarebytes Anti-Malware www.malwarebytes.org Scan Date: 16-7-2014 Scan Time: 22:50:06 Logfile: Administrator: Yes Version: 2.00.2.1012 Malware Database: v2014.07.16.08 Rootkit Database: v2014.07.14.01 License: Trial Malware Protection: Enabled Malicious Website Protection: Enabled Self-protection: Disabled OS: Windows 7 Service Pack 1 CPU: x64 File System: NTFS User: Patrick Scan Type: Threat Scan Result: Completed Objects Scanned: 327236 Time Elapsed: 8 min, 48 sec Memory: Enabled Startup: Enabled Filesystem: Enabled Archives: Enabled Rootkits: Enabled Heuristics: Enabled PUP: Enabled PUM: Enabled Processes: 0 (No malicious items detected) Modules: 0 (No malicious items detected) Registry Keys: 0 (No malicious items detected) Registry Values: 0 (No malicious items detected) Registry Data: 0 (No malicious items detected) Folders: 0 (No malicious items detected) Files: 0 (No malicious items detected) Physical Sectors: 0 (No malicious items detected) (end)

# AdwCleaner v3.215 - Rapport aangemaakt 16/07/2014 op 22:41:02 # Laatste Update 09/07/2014 door Xplode # Besturingssysteem : Windows 7 Home Premium Service Pack 1 (64 bits) # Gebruikersnaam : Patrick - PATRICK-PC # Gestart vanuit : C:\Users\Patrick\Downloads\AdwCleaner.exe # Optie : Verwijderen ***** [ Services ] ***** ***** [ Bestanden / Mappen ] ***** Map Verwijderd : C:\Users\Patrick\AppData\Local\Temp\hotspot shield ***** [ Snelkoppelingen ] ***** ***** [ Register ] ***** ***** [ Browsers ] ***** -\\ Internet Explorer v11.0.9600.17207 -\\ Mozilla Firefox v30.0 (nl) [ Bestand : C:\Users\Gast\AppData\Roaming\Mozilla\Firefox\Profiles\ruhroa3l.default\prefs.js ] [ Bestand : C:\Users\Patrick\AppData\Roaming\Mozilla\Firefox\Profiles\uh0a2ezk.default\prefs.js ] ************************* AdwCleaner[R0].txt - [981 octets] - [16/07/2014 22:38:49] AdwCleaner[s0].txt - [908 octets] - [16/07/2014 22:41:02] ########## EOF - C:\AdwCleaner\AdwCleaner[s0].txt - [967 octets] ##########

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Junkware Removal Tool (JRT) by Thisisu Version: 6.1.4 (04.06.2014:1) OS: Windows 7 Home Premium x64 Ran by Patrick on wo 16-07-2014 at 22:32:20,85 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~ Services ~~~ Registry Values ~~~ Registry Keys Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\anchorfree ~~~ Files ~~~ Folders Successfully deleted: [Empty Folder] C:\Users\Patrick\appdata\local\{4D119BDB-C640-4EC0-964A-8619C67BD8C8} Successfully deleted: [Empty Folder] C:\Users\Patrick\appdata\local\{540A5E85-98ED-446A-A3C9-F3789325A1B8} Successfully deleted: [Empty Folder] C:\Users\Patrick\appdata\local\{7AF53350-A04A-4DEA-93BB-B33C0A56A089} Successfully deleted: [Empty Folder] C:\Users\Patrick\appdata\local\{A6F756BA-408C-45EF-92C3-9E56B4A55DC3} Successfully deleted: [Empty Folder] C:\Users\Patrick\appdata\local\{A801D19F-47AC-4DFD-8841-AD278FF69215} Successfully deleted: [Empty Folder] C:\Users\Patrick\appdata\local\{A8D2C2E0-7D22-415E-9794-10B4CC23623D} ~~~ FireFox Successfully deleted: [File] C:\Users\Patrick\AppData\Roaming\mozilla\firefox\profiles\uh0a2ezk.default\invalidprefs.js Emptied folder: C:\Users\Patrick\AppData\Roaming\mozilla\firefox\profiles\uh0a2ezk.default\minidumps [174 files] ~~~ Event Viewer Logs were cleared ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Scan was completed on wo 16-07-2014 at 22:36:05,01 End of JRT log ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

I can't get the malwarebytes log because it stops warking everytimeI try to copy or export the scan. Rkill 2.6.7 by Lawrence Abrams (Grinler) http://www.bleepingcomputer.com/ Copyright 2008-2014 BleepingComputer.com More Information about Rkill can be found at this link: http://www.bleepingcomputer.com/forums/topic308364.html Program started at: 07/15/2014 11:43:46 PM in x64 mode. Windows Version: Windows 7 Home Premium Service Pack 1 Checking for Windows services to stop: * No malware services found to stop. Checking for processes to terminate: * No malware processes found to kill. Checking Registry for malware related settings: * No issues found in the Registry. Resetting .EXE, .COM, & .BAT associations in the Windows Registry. Performing miscellaneous checks: * No issues found. Checking Windows Service Integrity: * No issues found. Searching for Missing Digital Signatures: * No issues found. Checking HOSTS File: * No issues found. Program finished at: 07/15/2014 11:43:51 PM Execution time: 0 hours(s), 0 minute(s), and 5 seconds(s) - RogueKiller V9.2.3.0 (x64) [Jul 11 2014] by Adlice Software mail : http://www.adlice.com/contact/ Feedback : http://forum.adlice.com Website : http://www.adlice.com/softwares/roguekiller/ Blog : http://www.adlice.com besturingssysteem : Windows 7 (6.1.7601 Service Pack 1) 64 bits version Gestart vanuit : Normale modus Gebruiker : Patrick [Administrator rechten] Modus : Scan -- Datum : 07/16/2014 09:52:27 ¤¤¤ Kwaadaardige processen : 0 ¤¤¤ ¤¤¤ Register verwijzingen : 4 ¤¤¤ [PUM.DesktopIcons] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1 -> gevonden [PUM.DesktopIcons] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1 -> gevonden [PUM.DesktopIcons] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1 -> gevonden [PUM.DesktopIcons] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1 -> gevonden ¤¤¤ geplande taken : 0 ¤¤¤ ¤¤¤ Files : 0 ¤¤¤ ¤¤¤ HOSTS Bestand : 0 ¤¤¤ ¤¤¤ Antirootkit : 0 (Driver: Geladen) ¤¤¤ ¤¤¤ webbrowsers : 0 ¤¤¤ ¤¤¤ MBR Controle : ¤¤¤ +++++ PhysicalDrive0: WDC WD10EARX-22N0YB0 +++++ --- User --- [MBR] 785ecec1df07236b6917f0bd1b1a4be5 [bSP] 9cf65ee326386cde493aa45358a29e18 : Windows Vista/7/8 MBR Code Partition table: 0 - [XXXXXX] ACER (0x27) [VISIBLE] Offset (sectors): 2048 | Size: 20480 MB 1 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 41945088 | Size: 100 MB 2 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 42149888 | Size: 466382 MB 3 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 997300224 | Size: 466905 MB User = LL1 ... OK User = LL2 ... OK +++++ PhysicalDrive1: Generic- Compact Flash USB Device +++++ Error reading User MBR! ([15] Het apparaat is niet klaar. ) Error reading LL1 MBR! NOT VALID! Error reading LL2 MBR! ([32] De aanvraag wordt niet ondersteund. ) +++++ PhysicalDrive2: Multiple Flash Reader USB Device +++++ Error reading User MBR! ([15] Het apparaat is niet klaar. ) Error reading LL1 MBR! NOT VALID! Error reading LL2 MBR! ([32] De aanvraag wordt niet ondersteund. ) ============================================ RKreport_SCN_07162014_094845.log

I don't want to continue untill I hear back so I'll stop untill tomorrow

There are 2 issues, first was malwarebytes didn't start anymore so I had to use the clean install/reinstall which needed a reboot, and after the scan was done 4 PUP.optional.conduit.A were found, i put then in quarantine and had to reboot pc. So now it's been rebooted twice but I didn't run RKill everytime it restarted, the first time nothing showed up anyways. Now i have an issue with copying to clipboard on malwarebytes. after I completed the scan I wanted to copy scan to clipboard but everytime I do it malwarebytes stops working and shuts off.

hello?? Everything I start this pc the internet becomes extremely slow and unusable, if this pc is off the internet is fine on other computers.