Jump to content

Blue screens when trying to run full scan of Malwarebytes

Raltharan
 Share

Recommended Posts

Raltharan

Raltharan

Posted
Posted

I have a strange problem for quite some time, in the form of blue screens. I have been getting them at different times. I tried a fix from the windows website, but it told me I have the incorrect windows version. I decided to use your software. The problem is, when I tried to run Malwarebytes I had another blue screen. Then when I tried to run the program, it gave me a Crash to Desktop everytime. I tried reinstalling the program but I would get errors each time. I also tried using Fix it for me tool from the windows website to uninstall certain programs, but it didn't work at all.

 

I have Avast antivirus, and I also tried running ComboFix with no success.

 

Thank you for your help!

 

Here are the logs requested:

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 12-06-2014 02
Ran by Csolsim (administrator) on CSOLSIM-PC on 15-06-2014 00:16:36
Running from D:\Downloads
Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: English(US)
Internet Explorer Version 11
Boot Mode: Normal
 
The only official download link for FRST:
Download link from any site other than Bleeping Computer is unpermitted or outdated.
 
==================== Processes (Whitelisted) =================
 
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Andrea Electronics Corporation) C:\Program Files\IDT\WDM\AESTSr64.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Atheros) C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\Ath_CoexAgent.exe
(Atheros Commnucations) C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\AdminService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Atheros Commnucations) C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtvStack.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Atheros Commnucations) C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\AthBtTray.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Microsoft Corporation) C:\Windows\System32\alg.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(DT Soft Ltd) C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
(CleanMyPC Software) C:\Program Files (x86)\CleanMyPC\Registry Cleaner\RCHelper.exe
() C:\Program Files (x86)\Standard8-in-Right\Standard8inRight.exe
(Microsoft Corporation) C:\Windows\System32\StikyNot.exe
(Dell) C:\Users\Csolsim\AppData\Local\Apps\2.0\7CZ1WHCL.A58\PNWHDH06.NER\dell..tion_0f612f649c4a10af_0005.0007_59de4fd2458fcaec\DellSystemDetect.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Google Inc.) C:\Users\Csolsim\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Csolsim\AppData\Local\Google\Chrome\Application\chrome.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Google Inc.) C:\Users\Csolsim\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Csolsim\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Csolsim\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Csolsim\AppData\Local\Google\Chrome\Application\chrome.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
(Google Inc.) C:\Users\Csolsim\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Csolsim\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Csolsim\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Csolsim\AppData\Local\Google\Chrome\Application\chrome.exe
 
 
==================== Registry (Whitelisted) ==================
 
HKLM\...\Run: [sysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1128448 2011-05-27] (IDT, Inc.)
HKLM\...\Run: [AtherosBtStack] => C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtvStack.exe [627360 2011-05-20] (Atheros Commnucations)
HKLM\...\Run: [AthBtTray] => C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\AthBtTray.exe [379552 2011-05-20] (Atheros Commnucations)
HKLM\...\Run: [shadowPlay] => C:\Windows\system32\nvspcap64.dll [1279480 2014-05-30] (NVIDIA Corporation)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [444904 2012-09-20] (Adobe Systems Incorporated)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2352072 2014-05-30] (NVIDIA Corporation)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43848 2014-02-12] (Apple Inc.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [amd_dc_opt] => C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe [77824 2008-07-22] (AMD)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [49208 2011-10-28] (Hewlett-Packard)
HKLM-x32\...\Run: [sunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [googletalk] => C:\Program Files (x86)\Google\Google Talk\googletalk.exe [3739648 2007-01-02] (Google)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [3854640 2014-04-02] (AVAST Software)
HKLM-x32\...\Run: [switchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS5.5ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe [1523360 2011-01-12] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-01-17] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-05-26] (Apple Inc.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer: [NoAutorun] 1
HKU\S-1-5-21-4294059139-1934989550-1564584821-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [357696 2010-04-01] (DT Soft Ltd)
HKU\S-1-5-21-4294059139-1934989550-1564584821-1000\...\Run: [uTorrent] => C:\Program Files (x86)\uTorrent\uTorrent.exe [399736 2012-09-09] (BitTorrent, Inc.)
HKU\S-1-5-21-4294059139-1934989550-1564584821-1000\...\Run: [Registry Cleaner Scheduler] => C:\Program Files (x86)\CleanMyPC\Registry Cleaner\RCHelper.exe [1403680 2013-05-21] (CleanMyPC Software)
HKU\S-1-5-21-4294059139-1934989550-1564584821-1000\...\Run: [standard8inRight] => C:\Program Files (x86)\Standard8-in-Right\Standard8inRight.exe [3515904 2011-09-06] ()
HKU\S-1-5-21-4294059139-1934989550-1564584821-1000\...\Run: [RESTART_STICKY_NOTES] => C:\Windows\System32\StikyNot.exe [427520 2009-07-14] (Microsoft Corporation)
HKU\S-1-5-21-4294059139-1934989550-1564584821-1000\...\Run: [DellSystemDetect] => C:\Users\Csolsim\AppData\Local\Apps\2.0\7CZ1WHCL.A58\PNWHDH06.NER\dell..tion_0f612f649c4a10af_0005.0007_59de4fd2458fcaec\DellSystemDetect.exe [254976 2014-05-26] (Dell)
HKU\S-1-5-21-4294059139-1934989550-1564584821-1000\...\Policies\system: [DisableLockWorkstation] 0
AppInit_DLLs: C:\Windows\System32\nvinitx.dll => C:\Windows\System32\nvinitx.dll [166568 2014-05-20] (NVIDIA Corporation)
AppInit_DLLs-x32: c:\Windows\SysWOW64\nvinit.dll => c:\Windows\SysWOW64\nvinit.dll [146480 2014-05-20] (NVIDIA Corporation)
AppInit_DLLs-x32:  C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [146480 2014-05-20] (NVIDIA Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
 
==================== Internet (Whitelisted) ====================
 
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x30A937EAA2A5CE01
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: Skype add-on for Internet Explorer - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
BHO-x32: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
BHO-x32: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: ArcPluginIEBHO Class - {84BFE29A-8139-402a-B2A4-C23AE9E1A75F} - C:\Program Files (x86)\Perfect World Entertainment\Arc\Plugins\ArcPluginIE.dll (Perfect World Entertainment Inc)
BHO-x32: CIESpeechBHO Class - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
BHO-x32: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO-x32: Skype Browser Helper - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
BHO-x32: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} -  No File
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} -  No File
DPF: HKLM-x32 {682C59F5-478C-4421-9070-AD170D143B77} http://www.dell.com/support/troubleshooting/Content/Ode/pcd86.cab
DPF: HKLM-x32 {8CFCF42C-1C64-47D6-AEEC-F9D001832ED3} http://xserv.dell.com/DellDriverScanner/DellSystem.CAB
DPF: HKLM-x32 {C1F8FC10-E5DB-4112-9DBF-6C3FF728D4E3} http://support.dell.com/systemprofiler/DellSystemLite.CAB
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 89.38.199.226 10.10.10.10 8.8.8.8
 
FireFox:
========
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_214.dll ()
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_13_0_0_214.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.55.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin-x32: @perfectworld.com/npArcPlayNowPlugin - C:\Program Files (x86)\Perfect World Entertainment\Arc\Plugins\npArcPluginFF.dll (Perfect World Entertainment Inc)
FF Plugin-x32: @videolan.org/vlc,version=2.0.8 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.1 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.2 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll (Adobe Systems)
FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin - C:\Users\Csolsim\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\Csolsim\AppData\Local\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\Csolsim\AppData\Local\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\Csolsim\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2013-07-04]
FF HKCU\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2013-07-04]
 
Chrome: 
=======
CHR HomePage: 
CHR Plugin: (Shockwave Flash) - C:\Users\Csolsim\AppData\Local\Google\Chrome\Application\35.0.1916.114\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Users\Csolsim\AppData\Local\Google\Chrome\Application\35.0.1916.114\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Users\Csolsim\AppData\Local\Google\Chrome\Application\35.0.1916.114\pdf.dll ()
CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (Coupons Inc., Coupon Printer Manager ) - C:\Users\Csolsim\AppData\Local\Google\Chrome\Application\plugins\npMozCouponPrinter.dll (Coupons, Inc.)
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Java Platform SE 7 U25) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (Silverlight Plug-In) - C:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll No File
CHR Plugin: (NVIDIA 3D Vision) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
CHR Plugin: (NVIDIA 3D VISION) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
CHR Plugin: (Pando Web Plugin) - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
CHR Plugin: (VLC Web Plugin) - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
CHR Plugin: (iTunes Application Detector) - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Plugin: (Unity Player) - C:\Users\Csolsim\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
CHR Plugin: (Google Update) - C:\Users\Csolsim\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll No File
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll No File
CHR Plugin: (Java Deployment Toolkit 7.0.250.17) - C:\Windows\SysWOW64\npDeployJava1.dll No File
CHR Extension: (Google Docs) - C:\Users\Csolsim\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-08-30]
CHR Extension: (Google Drive) - C:\Users\Csolsim\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-08-30]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Csolsim\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-05-24]
CHR Extension: (YouTube) - C:\Users\Csolsim\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-08-30]
CHR Extension: (Adblock for Youtube™) - C:\Users\Csolsim\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmedhionkhpnakcndndgjdbohmhepckk [2013-08-30]
CHR Extension: (Google Search) - C:\Users\Csolsim\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-08-30]
CHR Extension: (AdBlock) - C:\Users\Csolsim\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2013-08-30]
CHR Extension: (avast! Online Security) - C:\Users\Csolsim\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2013-08-30]
CHR Extension: (Skype Click to Call) - C:\Users\Csolsim\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2014-03-21]
CHR Extension: (Google Wallet) - C:\Users\Csolsim\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-30]
CHR Extension: (Gmail) - C:\Users\Csolsim\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-08-30]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-04-11]
CHR StartMenuInternet: Google Chrome - C:\Users\Csolsim\AppData\Local\Google\Chrome\Application\chrome.exe
 
==================== Services (Whitelisted) =================
 
S3 ArcService; C:\Program Files (x86)\Perfect World Entertainment\Arc\ArcService.exe [88400 2014-04-11] (Perfect World Entertainment Inc)
R2 Atheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\Ath_CoexAgent.exe [146592 2011-05-20] (Atheros) [File not signed]
R2 AtherosSvc; C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\adminservice.exe [80032 2011-05-20] (Atheros Commnucations) [File not signed]
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-04-02] (AVAST Software)
S3 BRSptSvc; C:\programdata\bitraider\BRSptSvc.exe [476936 2013-08-21] (BitRaider, LLC)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390720 2014-04-11] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1764992 2014-04-11] (Microsoft Corporation)
S2 DellDigitalDelivery; C:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe [162816 2011-10-26] (Dell Products, LP.) [File not signed]
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed]
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1631008 2014-05-30] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [21055432 2014-05-30] (NVIDIA Corporation)
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed]
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
S3 TunngleService; C:\Program Files (x86)\Tunngle\TnglCtrl.exe [757144 2013-08-16] (Tunngle.net GmbH) [File not signed]
 
==================== Drivers (Whitelisted) ====================
 
S3 AndNetDiag; C:\Windows\System32\DRIVERS\lgandnetdiag64.sys [29184 2012-07-03] (LG Electronics Inc.)
S3 ANDNetModem; C:\Windows\System32\DRIVERS\lgandnetmodem64.sys [36352 2012-07-03] (LG Electronics Inc.)
S3 andnetndis; C:\Windows\System32\DRIVERS\lgandnetndis64.sys [93184 2012-07-04] (LG Electronics Inc.)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-05-04] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-05-04] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-05-04] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1039096 2014-05-04] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [423240 2014-05-04] (AVAST Software)
S3 aswStm; C:\Windows\system32\drivers\aswStm.sys [85328 2014-05-04] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [208416 2014-05-04] ()
S3 cpudrv64; C:\Program Files (x86)\SystemRequirementsLab\cpudrv64.sys [17864 2011-06-02] ()
R1 nvkflt; C:\Windows\System32\DRIVERS\nvkflt.sys [301512 2014-05-20] (NVIDIA Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [20256 2014-05-30] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [40392 2014-03-31] (NVIDIA Corporation)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [834544 2012-06-28] () [File not signed]
R3 tap0901t; C:\Windows\System32\DRIVERS\tap0901t.sys [31232 2009-09-16] (Tunngle.net)
S3 usbbus; C:\Windows\System32\DRIVERS\lgx64bus.sys [17920 2012-03-02] (LG Electronics Inc.)
S3 UsbDiag; C:\Windows\System32\DRIVERS\lgx64diag.sys [28160 2012-03-02] (LG Electronics Inc.)
S3 USBModem; C:\Windows\System32\DRIVERS\lgx64modem.sys [34816 2012-03-02] (LG Electronics Inc.)
S3 WinRing0_1_2_0; C:\Program Files (x86)\IObit\Game Booster 3\Driver\WinRing0x64.sys [14544 2010-11-01] (OpenLibSys.org)
S3 XFDriver64; C:\Program Files (x86)\Xfire2\XFDriver64.sys [17160 2013-03-14] (XFire)
U3 ayaspdr9; C:\Windows\System32\Drivers\ayaspdr9.sys [0 ] (Microsoft Corporation)
S3 BRDriver64; \??\C:\programdata\bitraider\BRDriver64.sys [X]
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S4 NVHDA; system32\drivers\nvhda64v.sys [X]
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
 
==================== One Month Created Files and Folders ========
 
2014-06-15 00:16 - 2014-06-15 00:16 - 00000000 ____D () C:\FRST
2014-06-15 00:07 - 2014-06-15 00:07 - 00000000 ___RD () C:\Users\Csolsim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
2014-06-15 00:05 - 2014-06-15 00:05 - 00286712 _____ () C:\Windows\Minidump\061514-27424-01.dmp
2014-06-15 00:00 - 2014-06-15 00:00 - 00000000 ____D () C:\Users\hedev\AppData\Local\temp
2014-06-15 00:00 - 2014-06-15 00:00 - 00000000 ____D () C:\Users\Guest\AppData\Local\temp
2014-06-15 00:00 - 2014-06-15 00:00 - 00000000 ____D () C:\Users\Default\AppData\Local\temp
2014-06-15 00:00 - 2014-06-15 00:00 - 00000000 ____D () C:\Users\Default User\AppData\Local\temp
2014-06-14 23:50 - 2011-06-26 09:45 - 00256000 _____ () C:\Windows\PEV.exe
2014-06-14 23:50 - 2010-11-07 20:20 - 00208896 _____ () C:\Windows\MBR.exe
2014-06-14 23:50 - 2009-04-20 07:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-06-14 23:50 - 2000-08-31 03:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-06-14 23:50 - 2000-08-31 03:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-06-14 23:50 - 2000-08-31 03:00 - 00098816 _____ () C:\Windows\sed.exe
2014-06-14 23:50 - 2000-08-31 03:00 - 00080412 _____ () C:\Windows\grep.exe
2014-06-14 23:50 - 2000-08-31 03:00 - 00068096 _____ () C:\Windows\zip.exe
2014-06-14 23:49 - 2014-06-15 00:02 - 00000000 ____D () C:\ComboFix
2014-06-14 23:49 - 2014-06-15 00:01 - 00000000 ____D () C:\Qoobox
2014-06-14 23:49 - 2014-06-15 00:00 - 00000000 ____D () C:\Windows\erdnt
2014-06-13 09:12 - 2014-06-13 09:12 - 00296712 _____ () C:\Windows\Minidump\061314-65442-01.dmp
2014-06-12 18:13 - 2014-06-12 18:15 - 00000000 ____D () C:\Users\Csolsim\Documents\Venetica
2014-06-12 01:03 - 2014-06-12 01:03 - 00000885 _____ () C:\Users\Csolsim\Desktop\Venetica.lnk
2014-06-12 01:03 - 2014-06-12 01:03 - 00000000 ____D () C:\Users\Csolsim\AppData\Roaming\Venetica
2014-06-12 01:03 - 2014-06-12 01:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\R.G. Mechanics
2014-06-11 10:50 - 2014-06-15 00:10 - 00064592 _____ () C:\Windows\WindowsUpdate.log
2014-06-11 10:45 - 2014-06-15 00:06 - 00001848 _____ () C:\Windows\setupact.log
2014-06-11 10:45 - 2014-06-11 10:46 - 04977200 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-06-11 10:45 - 2014-06-11 10:46 - 00296976 _____ () C:\Windows\Minidump\061114-76877-01.dmp
2014-06-11 10:45 - 2014-06-11 10:45 - 00000000 _____ () C:\Windows\setuperr.log
2014-06-11 10:44 - 2014-06-15 00:05 - 736141007 _____ () C:\Windows\MEMORY.DMP
2014-06-11 10:44 - 2014-06-15 00:05 - 00004100 _____ () C:\Windows\PFRO.log
2014-06-08 13:19 - 2014-05-30 02:07 - 01715176 _____ (NVIDIA Corporation) C:\Windows\system32\nvspbridge64.dll
2014-06-08 13:19 - 2014-05-30 02:07 - 01291232 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspbridge.dll
2014-06-08 13:09 - 2014-06-08 13:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-06-08 13:07 - 2014-06-08 13:09 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-06-08 13:07 - 2014-06-08 13:09 - 00000000 ____D () C:\Program Files\iTunes
2014-06-08 13:07 - 2014-06-08 13:09 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-06-08 13:07 - 2014-06-08 13:07 - 00000000 ____D () C:\Program Files\iPod
2014-06-04 00:07 - 2014-05-06 07:40 - 23544320 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-06-04 00:07 - 2014-05-06 07:17 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-06-04 00:07 - 2014-05-06 06:25 - 17382912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-06-04 00:07 - 2014-05-06 06:07 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-06-04 00:07 - 2014-05-06 06:00 - 00084992 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-06-04 00:07 - 2014-05-06 05:10 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-06-02 22:13 - 2014-03-06 11:32 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-06-02 22:13 - 2014-03-06 10:40 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-06-02 22:12 - 2014-03-06 12:31 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-06-02 22:12 - 2014-03-06 11:59 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-06-02 22:12 - 2014-03-06 11:57 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-06-02 22:12 - 2014-03-06 11:57 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-06-02 22:12 - 2014-03-06 11:53 - 02767360 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-06-02 22:12 - 2014-03-06 11:40 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-06-02 22:12 - 2014-03-06 11:39 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-06-02 22:12 - 2014-03-06 11:29 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-06-02 22:12 - 2014-03-06 11:29 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-06-02 22:12 - 2014-03-06 11:28 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-06-02 22:12 - 2014-03-06 11:15 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-06-02 22:12 - 2014-03-06 11:11 - 05784064 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-06-02 22:12 - 2014-03-06 11:09 - 00453120 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-06-02 22:12 - 2014-03-06 11:03 - 00586240 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-06-02 22:12 - 2014-03-06 11:02 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-06-02 22:12 - 2014-03-06 11:02 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-06-02 22:12 - 2014-03-06 11:01 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-06-02 22:12 - 2014-03-06 10:56 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-06-02 22:12 - 2014-03-06 10:48 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-06-02 22:12 - 2014-03-06 10:47 - 02178048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-06-02 22:12 - 2014-03-06 10:46 - 04254720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-06-02 22:12 - 2014-03-06 10:46 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-06-02 22:12 - 2014-03-06 10:45 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-06-02 22:12 - 2014-03-06 10:42 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-06-02 22:12 - 2014-03-06 10:38 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-06-02 22:12 - 2014-03-06 10:36 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-06-02 22:12 - 2014-03-06 10:22 - 00367616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-06-02 22:12 - 2014-03-06 10:21 - 00628736 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-06-02 22:12 - 2014-03-06 10:13 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-06-02 22:12 - 2014-03-06 10:11 - 02043904 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-06-02 22:12 - 2014-03-06 10:07 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-06-02 22:12 - 2014-03-06 10:01 - 00244224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-06-02 22:12 - 2014-03-06 09:53 - 13551104 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-06-02 22:12 - 2014-03-06 09:46 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-06-02 22:12 - 2014-03-06 09:40 - 01967104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-06-02 22:12 - 2014-03-06 09:36 - 11745792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-06-02 22:12 - 2014-03-06 09:22 - 02260480 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-06-02 22:12 - 2014-03-06 08:58 - 01400832 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-06-02 22:12 - 2014-03-06 08:50 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-06-02 22:12 - 2014-03-06 08:43 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-06-02 22:12 - 2014-03-06 08:41 - 01789440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-06-02 22:12 - 2014-03-06 08:36 - 01143808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-06-02 21:49 - 2014-06-02 21:49 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-06-02 21:36 - 2014-05-09 09:14 - 00477184 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-06-02 21:36 - 2014-05-09 09:11 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-06-02 21:36 - 2014-03-25 05:43 - 14175744 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-06-02 21:36 - 2014-03-25 05:09 - 12874240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-06-02 21:36 - 2014-01-09 05:22 - 05694464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2014-06-02 21:36 - 2014-01-04 01:44 - 06574592 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2014-06-02 21:26 - 2014-04-12 05:22 - 00155072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2014-06-02 21:26 - 2014-04-12 05:22 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2014-06-02 21:26 - 2014-04-12 05:19 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-06-02 21:26 - 2014-04-12 05:19 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2014-06-02 21:26 - 2014-04-12 05:19 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2014-06-02 21:26 - 2014-04-12 05:19 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2014-06-02 21:26 - 2014-04-12 05:19 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2014-06-02 21:26 - 2014-04-12 05:12 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-06-02 21:26 - 2014-04-12 05:10 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-06-02 21:26 - 2014-03-04 12:47 - 05550016 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-06-02 21:26 - 2014-03-04 12:44 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-06-02 21:26 - 2014-03-04 12:44 - 00722944 _____ (Microsoft Corporation) C:\Windows\system32\objsel.dll
2014-06-02 21:26 - 2014-03-04 12:44 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2014-06-02 21:26 - 2014-03-04 12:44 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-06-02 21:26 - 2014-03-04 12:44 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-06-02 21:26 - 2014-03-04 12:44 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-06-02 21:26 - 2014-03-04 12:44 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-06-02 21:26 - 2014-03-04 12:44 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\wincredprovider.dll
2014-06-02 21:26 - 2014-03-04 12:43 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2014-06-02 21:26 - 2014-03-04 12:43 - 00057344 _____ (Microsoft Corporation) C:\Windows\system32\cngprovider.dll
2014-06-02 21:26 - 2014-03-04 12:43 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\adprovider.dll
2014-06-02 21:26 - 2014-03-04 12:43 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\capiprovider.dll
2014-06-02 21:26 - 2014-03-04 12:43 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\dpapiprovider.dll
2014-06-02 21:26 - 2014-03-04 12:43 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\dimsroam.dll
2014-06-02 21:26 - 2014-03-04 12:43 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-06-02 21:26 - 2014-03-04 12:20 - 03969984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2014-06-02 21:26 - 2014-03-04 12:20 - 03914176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2014-06-02 21:26 - 2014-03-04 12:17 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-06-02 21:26 - 2014-03-04 12:17 - 00538112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\objsel.dll
2014-06-02 21:26 - 2014-03-04 12:17 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2014-06-02 21:26 - 2014-03-04 12:17 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-06-02 21:26 - 2014-03-04 12:17 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2014-06-02 21:26 - 2014-03-04 12:17 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-06-02 21:26 - 2014-03-04 12:17 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cngprovider.dll
2014-06-02 21:26 - 2014-03-04 12:17 - 00049664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adprovider.dll
2014-06-02 21:26 - 2014-03-04 12:17 - 00048128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\capiprovider.dll
2014-06-02 21:26 - 2014-03-04 12:17 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpapiprovider.dll
2014-06-02 21:26 - 2014-03-04 12:17 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dimsroam.dll
2014-06-02 21:26 - 2014-03-04 12:17 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wincredprovider.dll
2014-06-02 21:26 - 2014-03-04 12:17 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-06-02 21:26 - 2014-03-04 12:16 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2014-05-27 14:33 - 2014-05-20 02:10 - 00601432 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2014-05-27 14:31 - 2014-05-27 14:31 - 00000000 ____D () C:\Windows\SysWOW64\NV
2014-05-27 14:31 - 2014-05-27 14:31 - 00000000 ____D () C:\Windows\system32\NV
2014-05-27 14:05 - 2014-05-20 05:44 - 31387936 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2014-05-27 14:05 - 2014-05-20 05:44 - 25256224 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2014-05-27 14:05 - 2014-05-20 05:44 - 24025376 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2014-05-27 14:05 - 2014-05-20 05:44 - 18531568 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2014-05-27 14:05 - 2014-05-20 05:44 - 17561544 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2014-05-27 14:05 - 2014-05-20 05:44 - 16003912 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2014-05-27 14:05 - 2014-05-20 05:44 - 12688328 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2014-05-27 14:05 - 2014-05-20 05:44 - 11644928 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2014-05-27 14:05 - 2014-05-20 05:44 - 11599072 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2014-05-27 14:05 - 2014-05-20 05:44 - 09735256 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2014-05-27 14:05 - 2014-05-20 05:44 - 09697640 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2014-05-27 14:05 - 2014-05-20 05:44 - 03141976 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2014-05-27 14:05 - 2014-05-20 05:44 - 02953672 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2014-05-27 14:05 - 2014-05-20 05:44 - 02785568 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll
2014-05-27 14:05 - 2014-05-20 05:44 - 02412376 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll
2014-05-27 14:05 - 2014-05-20 05:44 - 01889112 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6433788.dll
2014-05-27 14:05 - 2014-05-20 05:44 - 01541576 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6433788.dll
2014-05-27 14:05 - 2014-05-20 05:44 - 00895776 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2014-05-27 14:05 - 2014-05-20 05:44 - 00892704 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2014-05-27 14:05 - 2014-05-20 05:44 - 00867784 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2014-05-27 14:05 - 2014-05-20 05:44 - 00861128 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2014-05-27 14:05 - 2014-05-20 05:44 - 00354016 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2014-05-27 14:05 - 2014-05-20 05:44 - 00305600 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2014-05-27 14:05 - 2014-05-20 05:44 - 00301512 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvkflt.sys
2014-05-27 14:05 - 2014-05-20 05:44 - 00032544 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvpciflt.sys
2014-05-21 15:20 - 2014-05-21 15:20 - 00000000 ____D () C:\Users\Csolsim\AppData\Local\Freelancer
2014-05-21 00:01 - 2014-05-21 00:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Freeworlds
2014-05-21 00:01 - 2014-05-21 00:01 - 00001140 _____ () C:\Users\Public\Desktop\Freeworlds - Tides of War.lnk
2014-05-20 23:54 - 2014-06-12 00:05 - 00000000 ____D () C:\Program Files (x86)\Freeworlds - Tides of War
2014-05-20 23:52 - 2014-05-20 23:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games
 
==================== One Month Modified Files and Folders =======
 
2014-06-15 00:17 - 2012-06-27 18:38 - 00000000 ____D () C:\Users\Csolsim\AppData\Local\Temp
2014-06-15 00:16 - 2014-06-15 00:16 - 00000000 ____D () C:\FRST
2014-06-15 00:12 - 2009-07-14 07:45 - 00014416 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-06-15 00:12 - 2009-07-14 07:45 - 00014416 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-06-15 00:10 - 2014-06-11 10:50 - 00064592 _____ () C:\Windows\WindowsUpdate.log
2014-06-15 00:08 - 2012-06-28 12:40 - 00000000 ____D () C:\ProgramData\TEMP
2014-06-15 00:07 - 2014-06-15 00:07 - 00000000 ___RD () C:\Users\Csolsim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
2014-06-15 00:07 - 2012-06-28 12:29 - 00000000 ____D () C:\Users\Csolsim\AppData\Roaming\uTorrent
2014-06-15 00:06 - 2014-06-11 10:45 - 00001848 _____ () C:\Windows\setupact.log
2014-06-15 00:05 - 2014-06-15 00:05 - 00286712 _____ () C:\Windows\Minidump\061514-27424-01.dmp
2014-06-15 00:05 - 2014-06-11 10:44 - 736141007 _____ () C:\Windows\MEMORY.DMP
2014-06-15 00:05 - 2014-06-11 10:44 - 00004100 _____ () C:\Windows\PFRO.log
2014-06-15 00:05 - 2014-05-04 15:45 - 00000000 ____D () C:\Windows\Minidump
2014-06-15 00:05 - 2012-06-28 11:33 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-06-15 00:05 - 2009-07-14 08:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-06-15 00:02 - 2014-06-14 23:49 - 00000000 ____D () C:\ComboFix
2014-06-15 00:01 - 2014-06-14 23:49 - 00000000 ____D () C:\Qoobox
2014-06-15 00:00 - 2014-06-15 00:00 - 00000000 ____D () C:\Users\hedev\AppData\Local\temp
2014-06-15 00:00 - 2014-06-15 00:00 - 00000000 ____D () C:\Users\Guest\AppData\Local\temp
2014-06-15 00:00 - 2014-06-15 00:00 - 00000000 ____D () C:\Users\Default\AppData\Local\temp
2014-06-15 00:00 - 2014-06-15 00:00 - 00000000 ____D () C:\Users\Default User\AppData\Local\temp
2014-06-15 00:00 - 2014-06-14 23:49 - 00000000 ____D () C:\Windows\erdnt
2014-06-15 00:00 - 2009-07-14 05:34 - 00000215 _____ () C:\Windows\system.ini
2014-06-14 23:57 - 2012-06-28 10:49 - 00000916 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4294059139-1934989550-1564584821-1000UA.job
2014-06-14 23:56 - 2013-03-02 02:35 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-06-14 23:56 - 2012-06-28 10:49 - 00000864 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4294059139-1934989550-1564584821-1000Core.job
2014-06-14 23:44 - 2012-06-30 20:55 - 00000000 ____D () C:\Users\Csolsim\AppData\Local\CrashDumps
2014-06-14 23:38 - 2012-06-27 18:38 - 00000000 ____D () C:\Users\Csolsim
2014-06-14 23:34 - 2013-09-07 21:29 - 00000936 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-4294059139-1934989550-1564584821-1000UA.job
2014-06-14 23:34 - 2013-08-10 01:08 - 00000000 ____D () C:\Users\Csolsim\AppData\Roaming\Malwarebytes
2014-06-14 23:34 - 2013-08-10 01:08 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-06-14 21:33 - 2014-04-17 20:14 - 00000000 ____D () C:\Users\Csolsim\.minion
2014-06-14 20:34 - 2013-09-07 21:29 - 00000914 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-4294059139-1934989550-1564584821-1000Core.job
2014-06-14 20:15 - 2013-03-16 16:15 - 00000000 ____D () C:\Users\Csolsim\AppData\Roaming\Awesomium
2014-06-14 16:48 - 2009-07-14 08:13 - 00799970 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-06-14 16:16 - 2013-05-23 14:29 - 00003440 _____ () C:\Windows\System32\Tasks\PCDEventLauncherTask
2014-06-14 16:14 - 2012-07-07 12:14 - 00000000 ____D () C:\Users\Csolsim\AppData\Local\Adobe
2014-06-13 09:12 - 2014-06-13 09:12 - 00296712 _____ () C:\Windows\Minidump\061314-65442-01.dmp
2014-06-12 18:15 - 2014-06-12 18:13 - 00000000 ____D () C:\Users\Csolsim\Documents\Venetica
2014-06-12 02:18 - 2012-06-27 20:11 - 00000000 ____D () C:\NVIDIA
2014-06-12 01:03 - 2014-06-12 01:03 - 00000885 _____ () C:\Users\Csolsim\Desktop\Venetica.lnk
2014-06-12 01:03 - 2014-06-12 01:03 - 00000000 ____D () C:\Users\Csolsim\AppData\Roaming\Venetica
2014-06-12 01:03 - 2014-06-12 01:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\R.G. Mechanics
2014-06-12 00:09 - 2012-07-14 15:16 - 00000000 ____D () C:\Users\Csolsim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2014-06-12 00:05 - 2014-05-20 23:54 - 00000000 ____D () C:\Program Files (x86)\Freeworlds - Tides of War
2014-06-11 12:05 - 2013-12-31 16:52 - 00000000 ____D () C:\Users\Csolsim\Documents\VirtualDJ
2014-06-11 10:46 - 2014-06-11 10:45 - 04977200 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-06-11 10:46 - 2014-06-11 10:45 - 00296976 _____ () C:\Windows\Minidump\061114-76877-01.dmp
2014-06-11 10:45 - 2014-06-11 10:45 - 00000000 _____ () C:\Windows\setuperr.log
2014-06-10 21:00 - 2012-06-27 20:15 - 00000000 ____D () C:\Users\Csolsim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2014-06-10 21:00 - 2012-06-27 20:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2014-06-10 21:00 - 2012-06-27 20:14 - 00000000 ____D () C:\Program Files\WinRAR
2014-06-09 13:18 - 2012-07-10 15:01 - 00000000 ____D () C:\Users\Csolsim\AppData\Roaming\vlc
2014-06-08 13:57 - 2009-07-14 06:20 - 00000000 ____D () C:\Windows\rescache
2014-06-08 13:18 - 2012-06-28 11:30 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2014-06-08 13:12 - 2012-06-28 10:37 - 00000000 ____D () C:\Users\Csolsim\Desktop\Programe
2014-06-08 13:09 - 2014-06-08 13:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-06-08 13:09 - 2014-06-08 13:07 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-06-08 13:09 - 2014-06-08 13:07 - 00000000 ____D () C:\Program Files\iTunes
2014-06-08 13:09 - 2014-06-08 13:07 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-06-08 13:07 - 2014-06-08 13:07 - 00000000 ____D () C:\Program Files\iPod
2014-06-02 22:24 - 2009-07-14 06:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-06-02 21:58 - 2012-06-27 18:38 - 00000000 ___RD () C:\Users\Csolsim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-06-02 21:58 - 2012-06-27 18:38 - 00000000 ___RD () C:\Users\Csolsim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-06-02 21:49 - 2014-06-02 21:49 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-06-02 21:45 - 2012-06-27 18:47 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-06-02 21:43 - 2013-07-11 08:03 - 00000000 ____D () C:\Windows\system32\MRT
2014-06-02 21:41 - 2010-02-10 09:16 - 93223848 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-06-02 20:29 - 2012-08-09 14:07 - 00000000 ____D () C:\Users\Csolsim\AppData\Local\Skyrim
2014-05-30 02:07 - 2014-06-08 13:19 - 01715176 _____ (NVIDIA Corporation) C:\Windows\system32\nvspbridge64.dll
2014-05-30 02:07 - 2014-06-08 13:19 - 01291232 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspbridge.dll
2014-05-30 02:07 - 2013-11-02 17:38 - 01279480 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2014-05-30 02:07 - 2013-11-02 17:38 - 01122312 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2014-05-29 18:21 - 2014-02-03 16:22 - 00000000 ____D () C:\Users\Csolsim\Desktop\ad8931a3ae084a5a86591b889c6dc4190d30baa5
2014-05-29 14:02 - 2009-07-14 06:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-05-27 19:13 - 2012-06-27 19:53 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-05-27 19:06 - 2013-04-19 20:19 - 00000000 ____D () C:\Users\Csolsim\AppData\Roaming\Bioshock
2014-05-27 15:01 - 2012-06-28 11:22 - 00000000 ____D () C:\ProgramData\PCDr
2014-05-27 14:34 - 2012-08-21 23:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2014-05-27 14:33 - 2012-06-28 11:32 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2014-05-27 14:31 - 2014-05-27 14:31 - 00000000 ____D () C:\Windows\SysWOW64\NV
2014-05-27 14:31 - 2014-05-27 14:31 - 00000000 ____D () C:\Windows\system32\NV
2014-05-26 17:46 - 2012-06-28 10:48 - 00000000 ____D () C:\Users\Csolsim\AppData\Local\Deployment
2014-05-23 22:11 - 2012-06-28 10:54 - 00000000 ____D () C:\Users\Csolsim\AppData\Roaming\Skype
2014-05-21 15:20 - 2014-05-21 15:20 - 00000000 ____D () C:\Users\Csolsim\AppData\Local\Freelancer
2014-05-21 00:03 - 2014-05-21 00:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Freeworlds
2014-05-21 00:01 - 2014-05-21 00:01 - 00001140 _____ () C:\Users\Public\Desktop\Freeworlds - Tides of War.lnk
2014-05-20 23:52 - 2014-05-20 23:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games
2014-05-20 23:45 - 2013-08-17 00:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com
2014-05-20 23:20 - 2012-07-07 12:39 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
2014-05-20 21:05 - 2012-06-28 10:53 - 00000000 ___RD () C:\Program Files (x86)\Skype
2014-05-20 21:05 - 2012-06-28 10:53 - 00000000 ____D () C:\ProgramData\Skype
2014-05-20 05:44 - 2014-05-27 14:05 - 31387936 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2014-05-20 05:44 - 2014-05-27 14:05 - 25256224 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2014-05-20 05:44 - 2014-05-27 14:05 - 24025376 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2014-05-20 05:44 - 2014-05-27 14:05 - 18531568 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2014-05-20 05:44 - 2014-05-27 14:05 - 17561544 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2014-05-20 05:44 - 2014-05-27 14:05 - 16003912 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2014-05-20 05:44 - 2014-05-27 14:05 - 12688328 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2014-05-20 05:44 - 2014-05-27 14:05 - 11644928 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2014-05-20 05:44 - 2014-05-27 14:05 - 11599072 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2014-05-20 05:44 - 2014-05-27 14:05 - 09735256 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2014-05-20 05:44 - 2014-05-27 14:05 - 09697640 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2014-05-20 05:44 - 2014-05-27 14:05 - 03141976 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2014-05-20 05:44 - 2014-05-27 14:05 - 02953672 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2014-05-20 05:44 - 2014-05-27 14:05 - 02785568 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll
2014-05-20 05:44 - 2014-05-27 14:05 - 02412376 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll
2014-05-20 05:44 - 2014-05-27 14:05 - 01889112 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6433788.dll
2014-05-20 05:44 - 2014-05-27 14:05 - 01541576 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6433788.dll
2014-05-20 05:44 - 2014-05-27 14:05 - 00895776 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2014-05-20 05:44 - 2014-05-27 14:05 - 00892704 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2014-05-20 05:44 - 2014-05-27 14:05 - 00867784 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2014-05-20 05:44 - 2014-05-27 14:05 - 00861128 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2014-05-20 05:44 - 2014-05-27 14:05 - 00354016 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2014-05-20 05:44 - 2014-05-27 14:05 - 00305600 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2014-05-20 05:44 - 2014-05-27 14:05 - 00301512 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvkflt.sys
2014-05-20 05:44 - 2014-05-27 14:05 - 00032544 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvpciflt.sys
2014-05-20 05:44 - 2013-11-22 17:13 - 17480432 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2014-05-20 05:44 - 2013-11-22 17:13 - 14434704 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2014-05-20 05:44 - 2013-11-22 17:13 - 03109248 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2014-05-20 05:44 - 2013-11-22 17:13 - 02730208 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2014-05-20 05:44 - 2013-11-22 17:13 - 00952952 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2014-05-20 05:44 - 2013-11-22 17:13 - 00837056 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2014-05-20 05:44 - 2013-11-22 17:13 - 00166568 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2014-05-20 05:44 - 2013-11-22 17:13 - 00146480 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2014-05-20 05:44 - 2013-11-22 17:13 - 00026069 _____ () C:\Windows\system32\nvinfo.pb
2014-05-20 04:25 - 2013-11-22 17:20 - 06769096 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2014-05-20 04:25 - 2013-11-22 17:20 - 03514144 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2014-05-20 04:25 - 2013-11-22 17:20 - 02560968 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2014-05-20 04:25 - 2013-11-22 17:20 - 01078616 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshext.dll
2014-05-20 04:25 - 2013-11-22 17:20 - 00927520 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2014-05-20 04:25 - 2013-11-22 17:20 - 00387528 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2014-05-20 04:25 - 2013-11-22 17:20 - 00076064 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshextr.dll
2014-05-20 04:25 - 2013-11-22 17:20 - 00062808 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2014-05-20 02:10 - 2014-05-27 14:33 - 00601432 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2014-05-16 02:57 - 2013-01-06 20:35 - 00000000 ____D () C:\Users\Csolsim\Documents\Mount&Blade Savegames
 
==================== Bamital & volsnap Check =================
 
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2014-06-08 13:53
 
==================== End Of Log ============================
Link to post
Share on other sites
  • Root Admin
AdvancedSetup

AdvancedSetup

Posted
  • Root Admin
Posted

Hello and :welcome:

Please read the following and post back the logs when ready and we'll see about getting you cleaned up.

General P2P/Piracy Warning:
 
 

 
If you're using
Peer 2 Peer
software such as
uTorrent, BitTorrent
or similar you must either fully uninstall them or completely disable them from running while being assisted here.

Failure to remove or disable such software will result in your topic being closed and no further assistance being provided.

If you have
illegal/cracked software, cracks, keygens etc
. on the system, please remove or uninstall them now and read the policy on
Piracy
.



 
Before we proceed further, please read all of the following instructions carefully.
If there is anything that you do not understand kindly ask before proceeding.
If needed please print out these instructions.
  • Please do not post logs using CODE, QUOTE, or FONT tags. Just paste them as direct text.
  • If the log is too large then you can use attachments by clicking on the More Reply Options button.
  • Please enable your system to show hidden files: How to see hidden files in Windows
  • Make sure you're subscribed to this topic:
    • Click on the Follow This Topic Button (at the top right of this page), make sure that the Receive notification box is checked and that it is set to Instantly

    [*]Removing malware can be unpredictable...It is unlikely but things can go very wrong! Please make sure you Backup all files that cannot be replaced if something were to happen. You can copy them to a CD/DVD, external drive or a pen drive [*]Please don't run any other scans, download, install or uninstall any programs unless requested by me while I'm working with you. [*]The removal of malware is not instantaneous, please be patient. Often we are also on a different Time Zone. [*]Perform everything in the correct order. Sometimes one step requires the previous one. [*]If you have any problems while following my instructions, Stop there and tell me the exact nature of the issue. [*]You can check here if you're not sure if your computer is 32-bit or 64-bit [*]Please disable your antivirus while running any requested scanners so that they do not interfere with the scanners. [*]When we are done, I'll give you instructions on how to cleanup all the tools and logs [*]Please stick with me until I give you the "all clear" and Please don't waste my time by leaving before that. [*]Your topic will be closed if you haven't replied within 3 days [*](If I have not responded within 24 hours, please send me a Private Message as a reminder)


 
STEP 0
RKill is a program that was developed at BleepingComputer.com that attempts to terminate known malware processes
so that your normal security software can then run and clean your computer of infections.
When RKill runs it will kill malware processes and then removes incorrect executable associations and fixes policies
that stop us from using certain tools. When finished it will display a log file that shows the processes that were
terminated while the program was running.

As RKill only terminates a program's running process, and does not delete any files, after running it you should not reboot
your computer as any malware processes that are configured to start automatically will just be started again.
Instead, after running RKill you should immediately scan your computer using the requested scans I've included.

Please download Rkill by Grinler from one of the links below and save it to your desktop.
 


Link 2

  • On Windows XP double-click on the Rkill desktop icon to run the tool.
  • On Windows Vista/Windows 7 or 8, right-click on the Rkill desktop icon and select Run As Administrator
  • A black DOS box will briefly flash and then disappear. This is normal and indicates the tool ran successfully.
  • If not, delete the file, then download and use the one provided in Link 2.
  • If it does not work, repeat the process and attempt to use one of the remaining links until the tool runs.
  • If the tool does not run from any of the links provided, please let me know.
  • Do not reboot the computer, you will need to run the application again.

STEP 01
Backup the Registry:
Modifying the Registry can create unforeseen problems, so it always wise to create a backup before doing so.
  • Please download ERUNT from one of the following links: Link1 | Link2 | Link3
  • ERUNT (Emergency Recovery Utility NT) is a free program that allows you to keep a complete backup of your registry and restore it when needed.
  • Double click on erunt-setup.exe to Install ERUNT by following the prompts.
  • NOTE: Do not choose to allow ERUNT to add an Entry to the Startup folder. Click NO.
  • Start ERUNT either by double clicking on the desktop icon or choosing to start the program at the end of the setup process.
  • Choose a location for the backup.
    • Note: the default location is C:\Windows\ERDNT which is acceptable.

    [*]Make sure that at least the first two check boxes are selected. [*]Click on OK [*]Then click on YES to create the folder. [*]Note: if it is necessary to restore the registry, open the backup folder and start ERDNT.exe


STEP 02
Please run a Threat Scan with MBAM.  If you're unable to run or complete the scan as shown below please see the following:  MBAM Clean Removal Process 2x
When reinstalling the program please try the latest version.

Right click and choose "Run as administrator" to open Malwarebytes Anti-Malware and from the Dashboard please Check for Updates by clicking the Update Now... link
Open up Malwarebytes > Settings > Detection and Protection > Enable Scan for rootkit and Under Non Malware Protection set both PUP and PUM to Treat detections as malware.
Click on the SCAN button and run a Threat Scan with Malwarebytes Anti-Malware by clicking the Scan Now>> button.
Once completed please click on the History > Application Logs and find your scan log and open it and then click on the "copy to clipboard" button and post back the results on your next reply.
 
 
STEP 03
Please download RogueKiller and save it to your desktop.

You can check here if you're not sure if your computer is 32-bit or 64-bit

  • RogueKiller 32-bit | RogueKiller 64-bit
  • Quit all running programs.
  • For Windows XP, double-click to start.
  • For Vista,Windows 7/8, Right-click on the program and select Run as Administrator to start and when prompted allow it to run.
  • Read and accept the EULA (End User Licene Agreement)
  • Click Scan to scan the system.
  • When the scan completes Close the program > Don't Fix anything!
  • Don't run any other options, they're not all bad!!
  • Post back the report which should be located on your desktop.


Thank you

 

Link to post
Share on other sites
Raltharan

Raltharan

Posted
  • Author
Posted
Before we start, let me thank you for your help and for the warm welcome! 

 

I have disabled the uTorrent software, however, I cannot account for behaviour of applications such as Lord of the Rings Online / Guild Wars 2 / Elder Scrolls Online which all use P2P. They are closed at the moment. I have also disabled the antivirus.

 

Also, I would like to mention that the Blue Screens have intensified in the past two days, and have as cause different errors (as opposed to Kernel_inpage_error from before).

 

Here is the log from Mbam:

 

Malwarebytes Anti-Malware

www.malwarebytes.org

 

Scan Date: 17/06/2014

Scan Time: 14:35:28

Logfile: 

Administrator: Yes

 

Version: 2.00.2.1012

Malware Database: v2014.06.17.04

Rootkit Database: v2014.06.02.01

License: Free

Malware Protection: Disabled

Malicious Website Protection: Disabled

Self-protection: Disabled

 

OS: Windows 7 Service Pack 1

CPU: x64

File System: NTFS

User: Csolsim

 

Scan Type: Threat Scan

Result: Completed

Objects Scanned: 323980

Time Elapsed: 10 min, 37 sec

 

Memory: Enabled

Startup: Enabled

Filesystem: Enabled

Archives: Enabled

Rootkits: Enabled

Deep Rootkit Scan: Enabled

Heuristics: Enabled

PUP: Enabled

PUM: Enabled

 

Processes: 0

(No malicious items detected)

 

Modules: 0

(No malicious items detected)

 

Registry Keys: 4

PUP.Optional.DataMangr.A, HKLM\SOFTWARE\WOW6432NODE\DataMngr, , [81311162b5c649ed35534263ae54aa56], 

PUP.Optional.DataMngr.A, HKU\S-1-5-21-4294059139-1934989550-1564584821-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\DataMngr, , [6a487ff4d8a34fe758231bbec142b24e], 

PUP.Optional.Babylon.A, HKU\S-1-5-21-4294059139-1934989550-1564584821-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\BABSOLUTION\Redir, , [1a986e059be03ff7443c46942ed5b749], 

PUP.Optional.Babylon.A, HKU\S-1-5-21-4294059139-1934989550-1564584821-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\BABSOLUTION\Updater, , [aa087af90a71ec4aec951ebc659e6898], 

 

Registry Values: 0

(No malicious items detected)

 

Registry Data: 0

(No malicious items detected)

 

Folders: 0

(No malicious items detected)

 

Files: 2

PUP.Optional.Delta.A, C:\ProgramData\DSearchLink\DSearchLink.exe, , [feb40370285352e42ab5fe3eeb19659b], 

PUP.Optional.Delta.A, C:\Users\Csolsim\AppData\Roaming\BabSolution\Shared\enhancedNT.dll, , [783a5f1486f5ff37e21d769f32cf5ea2], 

 

Physical Sectors: 0

(No malicious items detected)

 

 

(end)

 

I did not quarantine anything, I simply quit the program.

 

Report from RogueKiller:

 


RogueKiller V9.0.3.0 (x64) [Jun 17 2014] by Adlice Software





 

Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version

Started in : Normal mode

User : Csolsim [Admin rights]

Mode : Scan -- Date : 06/17/2014  14:55:38

 

¤¤¤ Bad processes : 1 ¤¤¤

[suspicious.Path] GoogleCrashHandler.exe -- C:\Users\Csolsim\AppData\Local\Google\Update\1.3.24.7\GoogleCrashHandler.exe[7] -> KILLED [TermProc]

 

¤¤¤ Registry Entries : 16 ¤¤¤

[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters | DhcpNameServer : 89.38.199.226 10.10.10.10 8.8.8.8  -> FOUND

[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters | DhcpNameServer : 89.38.199.226 10.10.10.10 8.8.8.8  -> FOUND

[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\Tcpip\Parameters | DhcpNameServer : 89.38.199.226 10.10.10.10 8.8.8.8  -> FOUND

[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{7FB111BB-61F2-4F0D-A708-E2329C6DB1C9} | DhcpNameServer : 89.38.199.226 10.10.10.10 8.8.8.8  -> FOUND

[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters\Interfaces\{7FB111BB-61F2-4F0D-A708-E2329C6DB1C9} | DhcpNameServer : 89.38.199.226 10.10.10.10 8.8.8.8  -> FOUND

[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\Tcpip\Parameters\Interfaces\{7FB111BB-61F2-4F0D-A708-E2329C6DB1C9} | DhcpNameServer : 89.38.199.226 10.10.10.10 8.8.8.8  -> FOUND

[PUM.Policies] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System | EnableLUA : 0  -> FOUND

[PUM.Policies] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System | EnableLUA : 0  -> FOUND

[PUM.Policies] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System | ConsentPromptBehaviorAdmin : 0  -> FOUND

[PUM.Policies] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System | ConsentPromptBehaviorAdmin : 0  -> FOUND

[PUM.DesktopIcons] (X64) HKEY_USERS\S-1-5-21-4294059139-1934989550-1564584821-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\ClassicStartMenu | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1  -> FOUND

[PUM.DesktopIcons] (X86) HKEY_USERS\S-1-5-21-4294059139-1934989550-1564584821-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\ClassicStartMenu | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1  -> FOUND

[PUM.DesktopIcons] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1  -> FOUND

[PUM.DesktopIcons] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1  -> FOUND

[PUM.DesktopIcons] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1  -> FOUND

[PUM.DesktopIcons] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1  -> FOUND

 

¤¤¤ Scheduled tasks : 0 ¤¤¤

 

¤¤¤ Files : 0 ¤¤¤

 

¤¤¤ HOSTS File : 0 ¤¤¤

 

¤¤¤ Antirootkit : 0 ¤¤¤

 

¤¤¤ Web browsers : 0 ¤¤¤

 

¤¤¤ MBR Check : ¤¤¤

+++++ PhysicalDrive0: ST9750420AS ATA Device +++++

--- User ---

[MBR] 07f9318c031411ff9def17c5d1078cda

[bSP] d2ab8ded279f5172c86bd5083bb8f3fc : Windows Vista/7/8 MBR Code

Partition table:

0 - [XXXXXX] DELL-UTIL (0xde) [VISIBLE] Offset (sectors): 63 | Size: 39 MB

1 - [ACTIVE] FAT32 (0xb) [VISIBLE] Offset (sectors): 81920 | Size: 2000 MB

2 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 4177920 | Size: 153363 MB

3 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 318265344 | Size: 560000 MB

User = LL1 ... OK

User = LL2 ... OK

 

Link to post
Share on other sites
  • Root Admin
AdvancedSetup

AdvancedSetup

Posted
  • Root Admin
Posted

Okay that's fine and we're not worried about the games using P2P and we'll guide you if we have suggestions about that as we go along.
 
For now please go ahead and run through the following steps and post back the logs when ready.
 
STEP 04
Please download Junkware Removal Tool to your desktop.

  • Shutdown your antivirus to avoid any conflicts.
  • Right click over JRT.exe and select Run as administrator on Windows Vista or Windows 7, double-click on XP.
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next reply message
  • When completed make sure to re-enable your antivirus

STEP 05
Lets clean out any adware now: (this will require a reboot so save all your work)

Please download AdwCleaner by Xplode and save to your Desktop.

  • Double click on AdwCleaner.exe to run the tool.
    Vista/Windows 7/8 users right-click and select Run As Administrator
  • Click on the Scan button.
  • AdwCleaner will begin...be patient as the scan may take some time to complete.
  • When it's done you'll see: Pending: Please uncheck elements you don't want removed.
  • Now click on the Report button...a logfile (AdwCleaner[R0].txt) will open in Notepad for review.
  • Look over the log especially under Files/Folders for any program you want to save.
  • If there's a program you may want to save, just uncheck it from AdwCleaner.
  • If you're not sure, post the log for review. (all items found are adware/spyware/foistware)
  • If you're ready to clean it all up.....click the Clean button.
  • After rebooting, a logfile report (AdwCleaner[s0].txt) will open automatically.
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of that logfile will also be saved in the C:\AdwCleaner folder.
  • Items that are deleted are moved to the Quarantine Folder: C:\AdwCleaner\Quarantine
  • To restore an item that has been deleted:
  • Go to Tools > Quarantine Manager > check what you want restored > now click on Restore.

STEP 06
Please open Malwarebytes Anti-Malware and from the Dashboard please Check for Updates by clicking the Update Now... link
Open up Malwarebytes > Settings > Detection and Protection > Enable Scan for rootkits, Under Non Malware Protection set both PUP and PUM to Treat detections as malware.
Click on the SCAN button and run a Threat Scan with Malwarebytes Anti-Malware by clicking the Scan Now>> button.
Once completed please click on the History > Application Logs and find your scan log and open it and then click on the "copy to clipboard" button and post back the results on your next reply.


STEP 07
button_eos.gif

Please go here to run the online antivirus scannner from ESET.

  • Turn off the real time scanner of any existing antivirus program while performing the online scan
  • Tick the box next to YES, I accept the Terms of Use.
  • Click Start
  • When asked, allow the activex control to install
  • Click Start
  • Make sure that the option Remove found threats is unticked
  • Click on Advanced Settings and ensure these options are ticked:
    • Scan for potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth Technology
  • Click Scan
  • Wait for the scan to finish
  • If any threats were found, click the 'List of found threats' , then click Export to text file....
  • Save it to your desktop, then please copy and paste that log as a reply to this topic.

STEP 08
Please download the Farbar Recovery Scan Tool and save it to your desktop.

Note: You need to run the version compatibale with your system. You can check here if you're not sure if your computer is 32-bit or 64-bit

  • Double-click to run it. When the tool opens click Yes to disclaimer.
  • Press the Scan button.
  • It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
  • The first time the tool is run, it also makes another log (Addition.txt). Please attach it to your reply as well.
Link to post
Share on other sites
Raltharan

Raltharan

Posted
  • Author
Posted

Hello again Ron! Unfortunately, my PC was stuck at step 07, with ESET Online Scanner running for almost 22 minutes and still at 0%. I will let it run for another half an hour, and let you know if the situation changes.

 

As such, I didn't proceed to step 08, as instructed.

 

Here are the logs for the other steps - JRT

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 7 Ultimate x64
Ran by Csolsim on 18/06/2014 at 14:28:48.25
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
 
~~~ Services
 
 
 
~~~ Registry Values
 
 
 
~~~ Registry Keys
 
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\babsolution
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\conduit
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\smartbar
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-4294059139-1934989550-1564584821-1000\Software\sweetim
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\conduit
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\dt soft\daemon tools toolbar
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\prod.cap
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\apnstub_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\apnstub_rasmancs
 
 
 
~~~ Files
 
 
 
~~~ Folders
 
Successfully deleted: [Folder] "C:\ProgramData\babylon"
Successfully deleted: [Folder] "C:\ProgramData\dsearchlink"
Successfully deleted: [Folder] "C:\Users\Csolsim\AppData\Roaming\babsolution"
Successfully deleted: [Folder] "C:\Users\Csolsim\AppData\Roaming\babylon"
Successfully deleted: [Folder] "C:\Users\Csolsim\AppData\Roaming\cleanmypc software"
Successfully deleted: [Folder] "C:\Program Files (x86)\coupons"
Successfully deleted: [Folder] "C:\Program Files (x86)\gamesbar"
 
 
 
~~~ Event Viewer Logs were cleared
 
 
 
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 18/06/2014 at 14:38:53.61
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
AdwCleaner:
 
# AdwCleaner v3.212 - Report created 18/06/2014 at 14:45:30
# Updated 05/06/2014 by Xplode
# Operating System : Windows 7 Ultimate Service Pack 1 (64 bits)
# Username : Csolsim - CSOLSIM-PC
# Running from : C:\Users\Csolsim\Desktop\AdwCleaner.exe
# Option : Clean
 
***** [ Services ] *****
 
 
***** [ Files / Folders ] *****
 
Folder Deleted : C:\Users\Csolsim\AppData\Local\Babylon
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
Key Deleted : HKLM\SOFTWARE\14919ea49a8f3b4aa3cf1058d9a64cec
Key Deleted : HKCU\Software\OCS
 
***** [ Browsers ] *****
 
-\\ Internet Explorer v11.0.9600.17126
 
 
-\\ Google Chrome v
 
[ File : C:\Users\Csolsim\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
Deleted [search Provider] : hxxp://uk.ask.com/web?q={searchTerms}
 
*************************
 
AdwCleaner[R0].txt - [1000 octets] - [18/06/2014 14:42:39]
AdwCleaner[R1].txt - [1060 octets] - [18/06/2014 14:44:27]
AdwCleaner[s0].txt - [954 octets] - [18/06/2014 14:45:30]
 
########## EOF - C:\AdwCleaner\AdwCleaner[s0].txt - [1013 octets] ##########
 
MBAM
 
Malwarebytes Anti-Malware
www.malwarebytes.org
 
Scan Date: 18/06/2014
Scan Time: 14:50:38
Logfile: mbam.txt
Administrator: Yes
 
Version: 2.00.2.1012
Malware Database: v2014.06.18.03
Rootkit Database: v2014.06.02.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled
 
OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: Csolsim
 
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 323554
Time Elapsed: 12 min, 50 sec
 
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Deep Rootkit Scan: Enabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled
 
Processes: 0
(No malicious items detected)
 
Modules: 0
(No malicious items detected)
 
Registry Keys: 0
(No malicious items detected)
 
Registry Values: 0
(No malicious items detected)
 
Registry Data: 0
(No malicious items detected)
 
Folders: 0
(No malicious items detected)
 
Files: 0
(No malicious items detected)
 
Physical Sectors: 0
(No malicious items detected)
 
 
(end)
 
Under these circumstances, what should I do next?
Link to post
Share on other sites
  • Root Admin
AdvancedSetup

AdvancedSetup

Posted
  • Root Admin
Posted

Please do the following
 
Please run a Full Disk Check on your system drive.  If needed here are some links on how to run a Disk Check.


On Windows 7 the disk check log is in the Event Logs under Application with a heading source of  Wininit


How to Run Disk Check in Windows 7

How to Run Check Disk at Startup in Vista or Windows 7

How to Read the Event Viewer Log for Check Disk (chkdsk) in Vista, Windows 7, and Windows 8

 

 

Once completed look in the Event Logs and copy/paste back the results of the disk check on your next reply.

 

 

Then run the following

 

Please visit this webpage and read the ComboFix User's Guide:

  • Once you've read the article and are ready to use the program you can download it directly from the link below.
  • Important! - Please make sure you save combofix to your desktop and do not run it from your browser
  • Direct download link for: ComboFix.exe
  • Please make sure you disable your security applications before running ComboFix.
  • Once Combofix has completed it will produce and open a log file.  Please be patient as it can take some time to load.
  • Please attach that log file to your next reply.
  • If needed the file can be located here:  C:\combofix.txt
  • NOTE: If you receive the message "illegal operation has been attempted on a registry key that has been marked for deletion", just reboot the computer.


 

Link to post
Share on other sites
Raltharan

Raltharan

Posted
  • Author
Posted

Hello again,

 

I will post the logs in the following reply. I just wanted to say something extremely strange happened when I logged into windows today - a pop-up like add appearead in the lower right corner of my screen, right after login. The thing loaded up faster than the windows gadgets (the clock)

 

Here is a photo of this:

post-166878-0-67428700-1403173765_thumb.

 

Is it related to the problem I'm having?

Link to post
Share on other sites
Raltharan

Raltharan

Posted
  • Author
Posted

Strange, given the fact that nothing was running (no browser - is it possible to have an add without a browser turned on?)

 

Anyhow, here are the logs you requested!

 

Chkdsk:

 

Level Date and Time Source Event ID Task Category
Information 19/06/2014 14:21:19 Microsoft-Windows-Wininit 1001 None "
 
Checking file system on C:
The type of the file system is NTFS.
 
A disk check has been scheduled.
Windows will now check the disk.                         
 
CHKDSK is verifying files (stage 1 of 5)...
  225280 file records processed.                                         
 
File verification completed.
  952 large file records processed.                                   
 
  0 bad file records processed.                                     
 
  2 EA records processed.                                           
 
  60 reparse records processed.                                      
 
CHKDSK is verifying indexes (stage 2 of 5)...
  291796 index entries processed.                                        
 
Index verification completed.
  0 unindexed files scanned.                                        
 
  0 unindexed files recovered.                                      
 
CHKDSK is verifying security descriptors (stage 3 of 5)...
  225280 file SDs/SIDs processed.                                        
 
Cleaning up 203 unused index entries from index $SII of file 0x9.
Cleaning up 203 unused index entries from index $SDH of file 0x9.
Cleaning up 203 unused security descriptors.
Security descriptor verification completed.
  33259 data files processed.                                           
 
CHKDSK is verifying Usn Journal...
  37182072 USN bytes processed.                                            
 
Usn Journal verification completed.
CHKDSK is verifying file data (stage 4 of 5)...
  225264 files processed.                                                
 
File data verification completed.
CHKDSK is verifying free space (stage 5 of 5)...
  17660422 free clusters processed.                                        
 
Free space verification is complete.
Windows has checked the file system and found no problems.
 
 157043711 KB total disk space.
  85973344 KB in 160719 files.
     93004 KB in 33260 indexes.
        16 KB in bad sectors.
    335659 KB in use by the system.
     65536 KB occupied by the log file.
  70641688 KB available on disk.
 
      4096 bytes in each allocation unit.
  39260927 total allocation units on disk.
  17660422 allocation units available on disk.
 
Internal Info:
00 70 03 00 c0 f5 02 00 c8 59 05 00 00 00 00 00  .p.......Y......
ce 04 00 00 3c 00 00 00 00 00 00 00 00 00 00 00  ....<...........
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
 
Windows has finished checking your disk.
Please wait while your computer restarts.
"
 
Combofix:
 
ComboFix 14-06-19.01 - Csolsim 19/06/2014  16:20:03.1.4 - x64
Microsoft Windows 7 Ultimate   6.1.7601.1.1252.44.1033.18.6050.4382 [GMT 3:00]
Running from: c:\users\Csolsim\Desktop\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {17AD7D40-BA12-9C46-7131-94903A54AD8B}
SP: avast! Antivirus *Disabled/Updated* {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((((((   Other Deletions   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\programdata\PCDr\6426\AddOnDownloaded\7bd91bf5-79bd-4c68-b85b-3c132cdb258a.dll
c:\programdata\PCDr\6426\AddOnDownloaded\d460bca3-24f0-49a7-beed-a064fad82750.dll
.
.
(((((((((((((((((((((((((   Files Created from 2014-05-19 to 2014-06-19  )))))))))))))))))))))))))))))))
.
.
2014-06-19 13:27 . 2014-06-19 13:27 -------- d-----w- c:\users\hedev\AppData\Local\temp
2014-06-19 13:27 . 2014-06-19 13:27 -------- d-----w- c:\users\Guest\AppData\Local\temp
2014-06-19 13:27 . 2014-06-19 13:27 -------- d-----w- c:\users\Default\AppData\Local\temp
2014-06-18 21:34 . 2014-06-18 21:34 -------- d-----w- c:\users\Csolsim\.minion
2014-06-18 21:28 . 2014-06-18 21:28 -------- d-----w- c:\program files (x86)\Common Files\Java
2014-06-18 21:27 . 2014-06-18 21:27 98216 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll
2014-06-18 12:05 . 2014-06-18 12:05 -------- d-----w- c:\program files (x86)\ESET
2014-06-18 11:43 . 2010-08-30 05:34 536576 ----a-w- c:\windows\SysWow64\sqlite3.dll
2014-06-18 11:42 . 2014-06-18 11:45 -------- d-----w- C:\AdwCleaner
2014-06-18 11:31 . 2014-06-18 11:31 -------- d-----w- c:\users\Csolsim\AppData\Roaming\CleanMyPC Software
2014-06-18 11:28 . 2014-06-18 11:28 -------- d-----w- c:\windows\ERUNT
2014-06-17 15:07 . 2014-06-17 15:35 -------- d-----w- c:\users\Csolsim\AppData\Roaming\RadeonPro
2014-06-17 15:07 . 2014-06-17 15:09 -------- d-----w- c:\program files (x86)\RadeonPro
2014-06-17 14:14 . 2014-06-17 16:00 75888 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{A13D983E-0957-4986-99DD-0228AB7B4038}\offreg.dll
2014-06-17 11:48 . 2014-06-17 11:48 -------- d-----w- c:\programdata\RogueKiller
2014-06-17 11:23 . 2014-06-18 11:50 122584 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys
2014-06-17 11:22 . 2014-06-17 11:22 -------- d-----w- c:\program files (x86)\Malwarebytes Anti-Malware
2014-06-17 11:22 . 2014-06-17 11:22 -------- d-----w- c:\programdata\Malwarebytes
2014-06-17 11:22 . 2014-05-12 04:26 63704 ----a-w- c:\windows\system32\drivers\mwac.sys
2014-06-17 11:22 . 2014-05-12 04:26 91352 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys
2014-06-17 11:22 . 2014-05-12 04:25 25816 ----a-w- c:\windows\system32\drivers\mbam.sys
2014-06-17 11:13 . 2014-06-17 11:13 -------- d-----w- c:\program files (x86)\ERUNT
2014-06-15 22:37 . 2014-04-30 23:20 10702536 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{A13D983E-0957-4986-99DD-0228AB7B4038}\mpengine.dll
2014-06-15 22:34 . 2014-05-30 09:24 574976 ----a-w- c:\windows\system32\ieui.dll
2014-06-15 17:01 . 2014-06-15 17:01 -------- d-----w- c:\users\Default\AppData\Local\NVIDIA
2014-06-15 17:01 . 2014-06-15 17:01 -------- d-----w- c:\users\Default\AppData\Local\NVIDIA Corporation
2014-06-11 22:03 . 2014-06-11 22:03 -------- d-----w- c:\users\Csolsim\AppData\Roaming\Venetica
2014-06-08 10:07 . 2014-06-08 10:07 -------- d-----w- c:\program files\iPod
2014-06-08 10:07 . 2014-06-08 10:09 -------- d-----w- c:\programdata\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-06-08 10:07 . 2014-06-08 10:09 -------- d-----w- c:\program files\iTunes
2014-06-08 10:07 . 2014-06-08 10:09 -------- d-----w- c:\program files (x86)\iTunes
2014-06-02 18:49 . 2014-06-02 18:49 -------- d-s---w- c:\windows\system32\CompatTel
2014-06-02 18:36 . 2014-03-25 02:43 14175744 ----a-w- c:\windows\system32\shell32.dll
2014-06-02 18:36 . 2014-01-09 02:22 5694464 ----a-w- c:\windows\SysWow64\mstscax.dll
2014-06-02 18:36 . 2014-01-03 22:44 6574592 ----a-w- c:\windows\system32\mstscax.dll
2014-06-02 18:36 . 2014-05-09 06:14 477184 ----a-w- c:\windows\system32\aepdu.dll
2014-06-02 18:36 . 2014-05-09 06:11 424448 ----a-w- c:\windows\system32\aeinv.dll
2014-05-27 11:33 . 2014-05-19 23:10 601432 ----a-w- c:\windows\SysWow64\nvStreaming.exe
2014-05-27 11:31 . 2014-05-27 11:31 -------- d-----w- c:\windows\SysWow64\NV
2014-05-27 11:31 . 2014-05-27 11:31 -------- d-----w- c:\windows\system32\NV
2014-05-21 12:20 . 2014-05-21 12:20 -------- d-----w- c:\users\Csolsim\AppData\Local\Freelancer
2014-05-20 18:05 . 2014-05-20 18:05 -------- d-----w- c:\program files (x86)\Common Files\Skype
.
.
.
((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2014-06-15 22:43 . 2010-02-10 06:16 95414520 ----a-w- c:\windows\system32\MRT.exe
2014-06-15 21:37 . 2013-12-31 08:24 85328 ----a-w- c:\windows\system32\drivers\aswstm.sys
2014-06-15 21:37 . 2012-06-28 09:34 423240 ----a-w- c:\windows\system32\drivers\aswsp.sys
2014-06-15 21:37 . 2012-06-28 09:34 1039096 ----a-w- c:\windows\system32\drivers\aswsnx.sys
2014-05-20 02:44 . 2013-11-22 14:13 952952 ----a-w- c:\windows\system32\nvumdshimx.dll
2014-05-20 02:44 . 2013-11-22 14:13 837056 ----a-w- c:\windows\SysWow64\nvumdshim.dll
2014-05-20 02:44 . 2013-11-22 14:13 166568 ----a-w- c:\windows\system32\nvinitx.dll
2014-05-20 02:44 . 2013-11-22 14:13 146480 ----a-w- c:\windows\SysWow64\nvinit.dll
2014-05-20 02:44 . 2013-11-22 14:13 17480432 ----a-w- c:\windows\system32\nvd3dumx.dll
2014-05-20 02:44 . 2013-11-22 14:13 14434704 ----a-w- c:\windows\SysWow64\nvd3dum.dll
2014-05-20 02:44 . 2013-11-22 14:13 3109248 ----a-w- c:\windows\system32\nvapi64.dll
2014-05-20 02:44 . 2013-11-22 14:13 2730208 ----a-w- c:\windows\SysWow64\nvapi.dll
2014-05-20 01:25 . 2013-11-22 14:20 6769096 ----a-w- c:\windows\system32\nvcpl.dll
2014-05-20 01:25 . 2013-11-22 14:20 3514144 ----a-w- c:\windows\system32\nvsvc64.dll
2014-05-20 01:25 . 2013-11-22 14:20 927520 ----a-w- c:\windows\system32\nvvsvc.exe
2014-05-20 01:25 . 2013-11-22 14:20 76064 ----a-w- c:\windows\system32\nv3dappshextr.dll
2014-05-20 01:25 . 2013-11-22 14:20 62808 ----a-w- c:\windows\system32\nvshext.dll
2014-05-20 01:25 . 2013-11-22 14:20 387528 ----a-w- c:\windows\system32\nvmctray.dll
2014-05-20 01:25 . 2013-11-22 14:20 2560968 ----a-w- c:\windows\system32\nvsvcr.dll
2014-05-20 01:25 . 2013-11-22 14:20 1078616 ----a-w- c:\windows\system32\nv3dappshext.dll
2014-05-14 23:49 . 2013-11-22 14:20 3774821 ----a-w- c:\windows\system32\nvcoproc.bin
2014-05-13 20:59 . 2013-03-01 23:35 70832 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2014-05-13 20:59 . 2013-03-01 23:35 692400 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2014-05-13 20:59 . 2014-05-13 19:57 17938608 ----a-w- c:\windows\SysWow64\FlashPlayerInstaller.exe
2014-05-04 12:53 . 2014-05-04 12:53 29208 ----a-w- c:\windows\system32\drivers\aswHwid.sys
2014-05-04 12:53 . 2013-03-13 22:46 208416 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2014-05-04 12:53 . 2013-03-13 22:46 65776 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2014-05-04 12:53 . 2012-06-28 09:34 79184 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2014-05-04 12:53 . 2012-06-28 09:34 334648 ----a-w- c:\windows\system32\aswBoot.exe
2014-05-04 12:53 . 2012-06-28 09:34 93568 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2014-05-04 12:53 . 2014-05-04 12:53 43152 ----a-w- c:\windows\avastSS.scr
2014-03-31 19:46 . 2014-03-31 19:46 130712 ----a-w- c:\windows\SysWow64\MSSTDFMT.DLL
2014-03-31 19:46 . 2014-03-31 19:46 1070232 ----a-w- c:\windows\SysWow64\MSCOMCTL.OCX
2014-03-31 06:35 . 2010-02-10 06:18 270496 ------w- c:\windows\system32\MpSigStub.exe
.
.
(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown 
REGEDIT4
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"="c:\program files (x86)\DAEMON Tools Lite\DTLite.exe" [2010-04-01 357696]
"uTorrent"="c:\program files (x86)\uTorrent\uTorrent.exe" [2012-09-09 399736]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2010-11-20 1475584]
"Registry Cleaner Scheduler"="c:\program files (x86)\CleanMyPC\Registry Cleaner\RCHelper.exe" [2013-05-21 1403680]
"Standard8inRight"="c:\program files (x86)\Standard8-in-Right\Standard8inRight.exe" [2011-09-06 3515904]
"DellSystemDetect"="c:\users\Csolsim\AppData\Local\Apps\2.0\7CZ1WHCL.A58\PNWHDH06.NER\dell..tion_0f612f649c4a10af_0005.0007_59de4fd2458fcaec\DellSystemDetect.exe" [2014-05-26 254976]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2014-02-12 43848]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-11-21 959904]
"amd_dc_opt"="c:\program files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe" [2008-07-22 77824]
"HP Software Update"="c:\program files (x86)\HP\HP Software Update\HPWuSchd2.exe" [2011-10-28 49208]
"googletalk"="c:\program files (x86)\Google\Google Talk\googletalk.exe" [2007-01-01 3739648]
"AvastUI.exe"="c:\program files\AVAST Software\Avast\AvastUI.exe" [2014-06-15 3890208]
"SwitchBoard"="c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe" [2010-02-19 517096]
"AdobeCS5.5ServiceManager"="c:\program files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" [2011-01-12 1523360]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2014-01-17 421888]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2014-05-26 152392]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2014-05-07 256896]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
HP Digital Imaging Monitor.lnk - c:\program files (x86)\HP\Digital Imaging\bin\hpqtra08.exe [2009-11-18 275072]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 0 (0x0)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableLUA"= 0 (0x0)
"EnableUIADesktopToggle"= 0 (0x0)
"PromptOnSecureDesktop"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"NoAutorun"= 1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
"AppInit_DLLs"=c:\windows\SysWOW64\nvinit.dll c:\windows\SysWOW64\nvinit.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DellSystemDetect^Registry: HKCU:RUN]
c:\users\Csolsim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dell\Dell System Detect.appref-ms [X]
.
R2 aswStm;aswStm;c:\windows\system32\drivers\aswStm.sys;c:\windows\SYSNATIVE\drivers\aswStm.sys [x]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 DellDigitalDelivery;Dell Digital Delivery Service;c:\program files (x86)\Dell Digital Delivery\DeliveryService.exe;c:\program files (x86)\Dell Digital Delivery\DeliveryService.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 AndNetDiag;LGE AndroidNet USB Serial Port;c:\windows\system32\DRIVERS\lgandnetdiag64.sys;c:\windows\SYSNATIVE\DRIVERS\lgandnetdiag64.sys [x]
R3 ANDNetModem;LGE AndroidNet USB Modem;c:\windows\system32\DRIVERS\lgandnetmodem64.sys;c:\windows\SYSNATIVE\DRIVERS\lgandnetmodem64.sys [x]
R3 andnetndis;LGE AndroidNet NDIS Ethernet Adapter;c:\windows\system32\DRIVERS\lgandnetndis64.sys;c:\windows\SYSNATIVE\DRIVERS\lgandnetndis64.sys [x]
R3 ArcService;Arc Service;c:\program files (x86)\Perfect World Entertainment\Arc\ArcService.exe;c:\program files (x86)\Perfect World Entertainment\Arc\ArcService.exe [x]
R3 ATHDFU;Atheros Valkyrie USB BootROM;c:\windows\system32\Drivers\AthDfu.sys;c:\windows\SYSNATIVE\Drivers\AthDfu.sys [x]
R3 BRDriver64;BRDriver64;c:\programdata\bitraider\BRDriver64.sys;c:\programdata\bitraider\BRDriver64.sys [x]
R3 BRSptSvc;BitRaider Mini-Support Service;c:\programdata\bitraider\BRSptSvc.exe;c:\programdata\bitraider\BRSptSvc.exe [x]
R3 cpudrv64;cpudrv64;c:\program files (x86)\SystemRequirementsLab\cpudrv64.sys;c:\program files (x86)\SystemRequirementsLab\cpudrv64.sys [x]
R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]
R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;c:\windows\system32\Drivers\RtsUStor.sys;c:\windows\SYSNATIVE\Drivers\RtsUStor.sys [x]
R3 SwitchBoard;SwitchBoard;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe;c:\program files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [x]
R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys;c:\windows\SYSNATIVE\drivers\synth3dvsc.sys [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys;c:\windows\SYSNATIVE\drivers\tsusbhub.sys [x]
R3 TunngleService;TunngleService;c:\program files (x86)\Tunngle\TnglCtrl.exe;c:\program files (x86)\Tunngle\TnglCtrl.exe [x]
R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys;c:\windows\SYSNATIVE\drivers\rdvgkmd.sys [x]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R3 WinRing0_1_2_0;WinRing0_1_2_0;c:\program files (x86)\IObit\Game Booster 3\Driver\WinRing0x64.sys;c:\program files (x86)\IObit\Game Booster 3\Driver\WinRing0x64.sys [x]
R3 XFDriver64;XFDriver64;c:\program files (x86)\Xfire2\XFDriver64.sys;c:\program files (x86)\Xfire2\XFDriver64.sys [x]
R4 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad64v.sys;c:\windows\SYSNATIVE\drivers\nvvad64v.sys [x]
S0 aswRvrt;avast! Revert; [x]
S0 aswVmm;avast! VM Monitor; [x]
S0 nvpciflt;nvpciflt;c:\windows\system32\DRIVERS\nvpciflt.sys;c:\windows\SYSNATIVE\DRIVERS\nvpciflt.sys [x]
S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys;c:\windows\SYSNATIVE\Drivers\PxHlpa64.sys [x]
S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys;c:\windows\SYSNATIVE\Drivers\sptd.sys [x]
S1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys;c:\windows\SYSNATIVE\drivers\aswSnx.sys [x]
S1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys;c:\windows\SYSNATIVE\drivers\aswSP.sys [x]
S1 nvkflt;nvkflt;c:\windows\system32\DRIVERS\nvkflt.sys;c:\windows\SYSNATIVE\DRIVERS\nvkflt.sys [x]
S2 AESTFilters;Andrea ST Filters Service;c:\program files\IDT\WDM\AESTSr64.exe;c:\program files\IDT\WDM\AESTSr64.exe [x]
S2 aswHwid;avast! HardwareID;c:\windows\system32\drivers\aswHwid.sys;c:\windows\SYSNATIVE\drivers\aswHwid.sys [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]
S2 Atheros Bt&Wlan Coex Agent;Atheros Bt&Wlan Coex Agent;c:\program files (x86)\Dell Wireless\Bluetooth Suite\Ath_CoexAgent.exe;c:\program files (x86)\Dell Wireless\Bluetooth Suite\Ath_CoexAgent.exe [x]
S2 AtherosSvc;AtherosSvc;c:\program files (x86)\Dell Wireless\Bluetooth Suite\adminservice.exe;c:\program files (x86)\Dell Wireless\Bluetooth Suite\adminservice.exe [x]
S2 c2cautoupdatesvc;Skype Click to Call Updater;c:\program files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe;c:\program files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [x]
S2 c2cpnrsvc;Skype Click to Call PNR Service;c:\program files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe;c:\program files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [x]
S2 NvNetworkService;NVIDIA Network Service;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe;c:\program files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [x]
S2 RadeonPro Support Service;RadeonPro Support Service;c:\program files (x86)\RadeonPro\RadeonProSupport.exe;c:\program files (x86)\RadeonPro\RadeonProSupport.exe [x]
S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe;c:\program files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [x]
S2 UNS;Intel® Management and Security Application User Notification Service;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe;c:\program files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [x]
S3 AthBTPort;Atheros Virtual Bluetooth Class;c:\windows\system32\DRIVERS\btath_flt.sys;c:\windows\SYSNATIVE\DRIVERS\btath_flt.sys [x]
S3 BTATH_A2DP;Bluetooth A2DP Audio Driver;c:\windows\system32\drivers\btath_a2dp.sys;c:\windows\SYSNATIVE\drivers\btath_a2dp.sys [x]
S3 BTATH_BUS;Atheros Bluetooth Bus;c:\windows\system32\DRIVERS\btath_bus.sys;c:\windows\SYSNATIVE\DRIVERS\btath_bus.sys [x]
S3 BTATH_HCRP;Bluetooth HCRP Server driver;c:\windows\system32\DRIVERS\btath_hcrp.sys;c:\windows\SYSNATIVE\DRIVERS\btath_hcrp.sys [x]
S3 BTATH_LWFLT;Bluetooth LWFLT Device;c:\windows\system32\DRIVERS\btath_lwflt.sys;c:\windows\SYSNATIVE\DRIVERS\btath_lwflt.sys [x]
S3 BTATH_RCP;Bluetooth AVRCP Device;c:\windows\system32\DRIVERS\btath_rcp.sys;c:\windows\SYSNATIVE\DRIVERS\btath_rcp.sys [x]
S3 BtFilter;BtFilter;c:\windows\system32\DRIVERS\btfilter.sys;c:\windows\SYSNATIVE\DRIVERS\btfilter.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 tap0901t;TAP-Win32 Adapter V9 (Tunngle);c:\windows\system32\DRIVERS\tap0901t.sys;c:\windows\SYSNATIVE\DRIVERS\tap0901t.sys [x]
S3 tihub3;TI USB3 Hub Service;c:\windows\system32\DRIVERS\tihub3.sys;c:\windows\SYSNATIVE\DRIVERS\tihub3.sys [x]
S3 tixhci;TI XHCI Service;c:\windows\system32\DRIVERS\tixhci.sys;c:\windows\SYSNATIVE\DRIVERS\tixhci.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
hpdevmgmt REG_MULTI_SZ   hpqcxs08 hpqddsvc
.
Contents of the 'Scheduled Tasks' folder
.
2014-06-19 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-03-01 20:59]
.
2014-06-18 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-4294059139-1934989550-1564584821-1000Core.job
- c:\users\Csolsim\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-09-07 18:29]
.
2014-06-19 c:\windows\Tasks\FacebookUpdateTaskUserS-1-5-21-4294059139-1934989550-1564584821-1000UA.job
- c:\users\Csolsim\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-09-07 18:29]
.
2014-06-18 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4294059139-1934989550-1564584821-1000Core.job
- c:\users\Csolsim\AppData\Local\Google\Update\GoogleUpdate.exe [2012-06-28 07:49]
.
2014-06-19 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4294059139-1934989550-1564584821-1000UA.job
- c:\users\Csolsim\AppData\Local\Google\Update\GoogleUpdate.exe [2012-06-28 07:49]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2014-06-15 21:36 290888 ----a-w- c:\program files\AVAST Software\Avast\ashShA64.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2011-05-27 1128448]
"AtherosBtStack"="c:\program files (x86)\Dell Wireless\Bluetooth Suite\BtvStack.exe" [2011-05-20 627360]
"AthBtTray"="c:\program files (x86)\Dell Wireless\Bluetooth Suite\AthBtTray.exe" [2011-05-20 379552]
"IgfxTray"="c:\windows\system32\igfxtray.exe" [2012-11-15 171064]
"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2012-11-15 399416]
"Persistence"="c:\windows\system32\igfxpers.exe" [2012-11-15 441912]
"AdobeAAMUpdater-1.0"="c:\program files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" [2012-09-20 444904]
"NvBackend"="c:\program files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe" [2014-05-29 2352072]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"=c:\windows\System32\nvinitx.dll
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.fr/
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = *.local
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~1\Office12\EXCEL.EXE/3000
Trusted Zone: dell.com
TCP: DhcpNameServer = 89.38.199.226 10.10.10.10 8.8.8.8
DPF: {682C59F5-478C-4421-9070-AD170D143B77} - hxxp://www.dell.com/support/troubleshooting/Content/Ode/pcd86.cab
.
- - - - ORPHANS REMOVED - - - -
.
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
AddRemove-Coupon Printer for Windows5.0.0.0 - c:\program files (x86)\Coupons\uninstall.exe
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_USERS\S-1-5-21-4294059139-1934989550-1564584821-1000\Software\SecuROM\!CAUTION! NEVER A OR CHANGE ANY KEY*]
"??"=hex:3b,a6,fc,8c,c6,e6,19,9f,58,f0,51,fd,0f,b0,5c,8d,65,9a,55,eb,85,b7,4e,
   ca,59,e9,18,30,ea,4b,43,95,8d,77,d8,7b,43,ca,cb,a1,4d,4e,61,9e,51,c2,c5,c6,\
"??"=hex:35,fc,c6,3d,c9,02,ad,db,37,1f,61,de,0f,33,8f,50
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_13_0_0_214_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_13_0_0_214_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{BEB3C0C7-B648-4257-96D9-B5D024816E27}\Version*Version]
"Version"=hex:7b,23,3f,25,a4,cb,55,a1,d4,1f,6e,4e,2d,47,31,69,db,eb,7d,53,da,
   36,1b,1c,42,c6,9f,b1,ad,30,b8,30,e3,b7,6c,01,73,ef,67,69,4d,94,a7,d6,a9,bc,\
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_13_0_0_214_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_13_0_0_214_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_13_0_0_214.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.13"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_13_0_0_214.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_13_0_0_214.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_13_0_0_214.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Minnetonka Audio Software\SurCode Dolby Digital Premiere\Version*Version]
"Version"=hex:7b,23,3f,25,a4,cb,55,a1,d4,1f,6e,4e,2d,47,31,69,db,eb,7d,53,da,
   36,1b,1c,42,c6,9f,b1,ad,30,b8,30,e3,b7,6c,01,73,ef,67,69,4d,94,a7,d6,a9,bc,\
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2014-06-19  16:37:29
ComboFix-quarantined-files.txt  2014-06-19 13:37
.
Pre-Run: 71,993,638,912 bytes free
Post-Run: 73,819,967,488 bytes free
.
- - End Of File - - 75EAA83D84264CA5D7002465F99F8582
A36C5E4F47E84449FF07ED3517B43A31
Link to post
Share on other sites
  • Root Admin
AdvancedSetup

AdvancedSetup

Posted
  • Root Admin
Posted

Please either disable or uninstall the following as previously requested.

"uTorrent"="c:\program files (x86)\uTorrent\uTorrent.exe" [2012-09-09 399736]

Please stop using and uninstall this software
"Registry Cleaner Scheduler"="c:\program files (x86)\CleanMyPC\Registry Cleaner\RCHelper.exe" [2013-05-21 1403680]

Do I need a Windows Registry Cleaner?


What is this application?
"Standard8inRight"="c:\program files (x86)\Standard8-in-Right\Standard8inRight.exe" [2011-09-06 3515904]
 
 
 
 
Please go into Control Panel, Add/Remove and uninstall ALL versions of Java and then run the following
 
Please download JavaRa-1.16 and save it to your computer.

  • Double click to open the zip file and then select all and choose Copy.
  • Create a new folder on your Desktop named RemoveJava and paste the files into this new folder.
  • Quit all browsers and other running applications.
  • Right-click on JavaRa.exe in RemoveJava folder and choose Run as administrator to start the program.
  • From the drop-down menu, choose English and click on Select.
  • JavaRa will open; click on Remove Older Versions to remove the older versions of Java installed on your computer.
  • Click Yes when prompted. When JavaRa is done, a notice will appear that a logfile has been produced. Click OK.
  • A logfile will pop up. Please save it to a convenient location and post it in your next reply.

 

Next:

Please download MiniToolBox save it to your desktop and run it.

Checkmark the following check-boxes:

  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Devices
  • List Users, Partitions and Memory size.
  • List Minidump Files

Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.

Note: When using Reset FF Proxy Settings option Firefox should be closed.
 

Link to post
Share on other sites
Raltharan

Raltharan

Posted
  • Author
Posted
Hello there!

 

I didn't really realize that registry cleaners weren't that good. I read an article you suggested.  What about SlimWare Utilities Silmcleaner 4? Is that alright to use?

 

uTorrent was disabled during the scans. Just to be on the safe side, I uninstalled it.

 

The 8-in-right is a mouse driver that came together with an A4Tech mouse. Supposedly it supports 8 mouse types in 1 driver. Smooths mouse movement or so I noticed and also has a mouse control panel.

 

 

Here are the logs you requested - JavaRa:

 


JavaRa 1.16 Removal Log.

 

Report follows after line.

 

------------------------------------

 

The JavaRa removal process was started on Fri Jun 20 12:32:31 2014

 

There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-ABCDEFFDCBA}. The error returned was 124.

 

There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0001-ABCDEFFDCBA}. The error returned was 124.

 

There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0002-ABCDEFFDCBA}. The error returned was 124.

 

There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0003-ABCDEFFDCBA}. The error returned was 124.

 

There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0004-ABCDEFFDCBA}. The error returned was 124.

 

There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0005-ABCDEFFDCBA}. The error returned was 124.

 

There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0006-ABCDEFFDCBA}. The error returned was 124.

 

There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0007-ABCDEFFDCBA}. The error returned was 124.

 

There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0008-ABCDEFFDCBA}. The error returned was 124.

 

There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0009-ABCDEFFDCBA}. The error returned was 124.

 

There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0010-ABCDEFFDCBA}. The error returned was 124.

 

There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0011-ABCDEFFDCBA}. The error returned was 124.

 

There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0012-ABCDEFFDCBA}. The error returned was 124.

 

There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0013-ABCDEFFDCBA}. The error returned was 124.

 

There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0014-ABCDEFFDCBA}. The error returned was 124.

 

There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0015-ABCDEFFDCBA}. The error returned was 124.

 

There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0016-ABCDEFFDCBA}. The error returned was 124.

 

There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0017-ABCDEFFDCBA}. The error returned was 124.

 

There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0018-ABCDEFFDCBA}. The error returned was 124.

 

There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0019-ABCDEFFDCBA}. The error returned was 124.

 

There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0020-ABCDEFFDCBA}. The error returned was 124.

 

There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0021-ABCDEFFDCBA}. The error returned was 124.

 

There was an error removing C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0022-ABCDEFFDCBA}. The error returned was 124.

 

Found and removed: SOFTWARE\Classes\CLSID\{08B0E5C0-4FCB-11CF-AAA5-00401C608501}

 

Found and removed: SOFTWARE\Classes\CLSID\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}

 

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-DEC7-0000-0001-ABCDEFFEDCBA}

 

Found and removed: SOFTWARE\Classes\CLSID\{DBC80044-A445-435b-BC74-9C25C1C588A9}

 

Found and removed: SOFTWARE\Classes\Interface\{5852F5EC-8BF4-11D4-A245-0080C6F74284}

 

Found and removed: SOFTWARE\Classes\MIME\Database\Content Type\application/java-deployment-toolkit

 

Found and removed: SOFTWARE\Classes\TypeLib\{5852F5E0-8BF4-11D4-A245-0080C6F74284}

 

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects

 

Found and removed: SOFTWARE\JavaSoft

 

Found and removed: SOFTWARE\JreMetrics

 

Found and removed: SOFTWARE\MozillaPlugins

 

------------------------------------

 

Finished reporting.

 

 

MiniToolBox

 


MiniToolBox by Farbar  Version: 18-06-2014 01

Ran by Csolsim (administrator) on 20-06-2014 at 12:33:46

Running from "C:\Users\Csolsim\Desktop"

Microsoft Windows 7 Ultimate  Service Pack 1 (X64)

Boot Mode: Normal

***************************************************************************

 

========================= Flush DNS: ===================================

 

Windows IP Configuration

 

Successfully flushed the DNS Resolver Cache.

 

========================= IE Proxy Settings: ============================== 

 

Proxy is not enabled.

No Proxy Server is set.

 

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= Hosts content: =================================

 

127.0.0.1       localhost

 

========================= IP Configuration: ================================

 

Realtek PCIe FE Family Controller = Local Area Connection (Connected)

Dell Wireless 1702 802.11b/g/n = Wireless Network Connection (Media disconnected)

Bluetooth Device (Personal Area Network) = Bluetooth Network Connection (Media disconnected)

TAP-Win32 Adapter V9 (Tunngle) = Tunngle (Media disconnected)

 

 

# ----------------------------------

# IPv4 Configuration

# ----------------------------------

pushd interface ipv4

 

reset

 

 

popd

# End of IPv4 configuration

 

 

 

Windows IP Configuration

 

   Host Name . . . . . . . . . . . . : Csolsim-PC

   Primary Dns Suffix  . . . . . . . : 

   Node Type . . . . . . . . . . . . : Hybrid

   IP Routing Enabled. . . . . . . . : No

   WINS Proxy Enabled. . . . . . . . : No

 

Ethernet adapter Bluetooth Network Connection:

 

   Media State . . . . . . . . . . . : Media disconnected

   Connection-specific DNS Suffix  . : 

   Description . . . . . . . . . . . : Bluetooth Device (Personal Area Network)

   Physical Address. . . . . . . . . : C0-18-85-65-F4-A4

   DHCP Enabled. . . . . . . . . . . : Yes

   Autoconfiguration Enabled . . . . : Yes

 

Ethernet adapter Local Area Connection:

 

   Connection-specific DNS Suffix  . : 

   Description . . . . . . . . . . . : Realtek PCIe FE Family Controller

   Physical Address. . . . . . . . . : 00-24-1D-C4-25-88

   DHCP Enabled. . . . . . . . . . . : Yes

   Autoconfiguration Enabled . . . . : Yes

   IPv4 Address. . . . . . . . . . . : 89.38.197.165(Preferred) 

   Subnet Mask . . . . . . . . . . . : 255.255.255.0

   Lease Obtained. . . . . . . . . . : 20 June 2014 11:55:59

   Lease Expires . . . . . . . . . . : 20 June 2014 23:55:59

   Default Gateway . . . . . . . . . : 89.38.197.1

   DHCP Server . . . . . . . . . . . : 192.168.195.254

   DNS Servers . . . . . . . . . . . : 89.38.199.226

                                       10.10.10.10

                                       8.8.8.8

   NetBIOS over Tcpip. . . . . . . . : Enabled

 

Ethernet adapter Tunngle:

 

   Media State . . . . . . . . . . . : Media disconnected

   Connection-specific DNS Suffix  . : 

   Description . . . . . . . . . . . : TAP-Win32 Adapter V9 (Tunngle)

   Physical Address. . . . . . . . . : 00-FF-62-78-0C-E5

   DHCP Enabled. . . . . . . . . . . : Yes

   Autoconfiguration Enabled . . . . : Yes

 

Wireless LAN adapter Wireless Network Connection:

 

   Media State . . . . . . . . . . . : Media disconnected

   Connection-specific DNS Suffix  . : 

   Description . . . . . . . . . . . : Dell Wireless 1702 802.11b/g/n

   Physical Address. . . . . . . . . : C0-18-85-65-F4-A3

   DHCP Enabled. . . . . . . . . . . : Yes

   Autoconfiguration Enabled . . . . : Yes

 

Tunnel adapter isatap.{7FB111BB-61F2-4F0D-A708-E2329C6DB1C9}:

 

   Media State . . . . . . . . . . . : Media disconnected

   Connection-specific DNS Suffix  . : 

   Description . . . . . . . . . . . : Microsoft ISATAP Adapter #3

   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0

   DHCP Enabled. . . . . . . . . . . : No

   Autoconfiguration Enabled . . . . : Yes

 

Tunnel adapter isatap.{36F5EFEE-1E09-42E3-AE03-D0D88E1F13CE}:

 

   Media State . . . . . . . . . . . : Media disconnected

   Connection-specific DNS Suffix  . : 

   Description . . . . . . . . . . . : Microsoft ISATAP Adapter #2

   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0

   DHCP Enabled. . . . . . . . . . . : No

   Autoconfiguration Enabled . . . . : Yes

 

Tunnel adapter 6TO4 Adapter:

 

   Connection-specific DNS Suffix  . : 

   Description . . . . . . . . . . . : Microsoft 6to4 Adapter

   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0

   DHCP Enabled. . . . . . . . . . . : No

   Autoconfiguration Enabled . . . . : Yes

   IPv6 Address. . . . . . . . . . . : 2002:5926:c5a5::5926:c5a5(Preferred) 

   Default Gateway . . . . . . . . . : 2002:c058:6301::1

                                       2002:c058:6301::c058:6301

   DNS Servers . . . . . . . . . . . : 89.38.199.226

                                       10.10.10.10

                                       8.8.8.8

   NetBIOS over Tcpip. . . . . . . . : Disabled

 

Tunnel adapter isatap.{DC1CED33-BD45-49CF-A769-14F1D4855A08}:

 

   Media State . . . . . . . . . . . : Media disconnected

   Connection-specific DNS Suffix  . : 

   Description . . . . . . . . . . . : Microsoft ISATAP Adapter #4

   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0

   DHCP Enabled. . . . . . . . . . . : No

   Autoconfiguration Enabled . . . . : Yes

 

Tunnel adapter isatap.{62780CE5-2E76-4C8C-B60E-D0205004D863}:

 

   Media State . . . . . . . . . . . : Media disconnected

   Connection-specific DNS Suffix  . : 

   Description . . . . . . . . . . . : Microsoft ISATAP Adapter #5

   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0

   DHCP Enabled. . . . . . . . . . . : No

   Autoconfiguration Enabled . . . . : Yes

 

Tunnel adapter Local Area Connection* 19:

 

   Connection-specific DNS Suffix  . : 

   Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface

   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0

   DHCP Enabled. . . . . . . . . . . : No

   Autoconfiguration Enabled . . . . : Yes

   IPv6 Address. . . . . . . . . . . : 2001:0:5ef5:79fd:38f7:3f69:a6d9:3a5a(Preferred) 

   Link-local IPv6 Address . . . . . : fe80::38f7:3f69:a6d9:3a5a%33(Preferred) 

   Default Gateway . . . . . . . . . : 

   NetBIOS over Tcpip. . . . . . . . : Disabled

Server:  ns1.pronetit.ro

Address:  89.38.199.226

 

Name:    google.com

Addresses:  2a00:1450:4017:800::1004

 195.95.178.88

 195.95.178.89

 195.95.178.95

 195.95.178.96

 195.95.178.102

 195.95.178.103

 195.95.178.109

 195.95.178.110

 195.95.178.116

 195.95.178.117

 195.95.178.123

 195.95.178.82

 

 

Pinging google.com [195.95.178.82] with 32 bytes of data:

Reply from 195.95.178.82: bytes=32 time<1ms TTL=61

Reply from 195.95.178.82: bytes=32 time<1ms TTL=61

 

Ping statistics for 195.95.178.82:

    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

    Minimum = 0ms, Maximum = 0ms, Average = 0ms

Server:  ns1.pronetit.ro

Address:  89.38.199.226

 

Name:    yahoo.com

Addresses:  206.190.36.45

 98.138.253.109

 98.139.183.24

 

 

Pinging yahoo.com [98.139.183.24] with 32 bytes of data:

Reply from 98.139.183.24: bytes=32 time=133ms TTL=49

Reply from 98.139.183.24: bytes=32 time=132ms TTL=49

 

Ping statistics for 98.139.183.24:

    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

    Minimum = 132ms, Maximum = 133ms, Average = 132ms

 

Pinging 127.0.0.1 with 32 bytes of data:

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

 

Ping statistics for 127.0.0.1:

    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),

Approximate round trip times in milli-seconds:

    Minimum = 0ms, Maximum = 0ms, Average = 0ms

===========================================================================

Interface List

 16...c0 18 85 65 f4 a4 ......Bluetooth Device (Personal Area Network)

 11...00 24 1d c4 25 88 ......Realtek PCIe FE Family Controller

 14...00 ff 62 78 0c e5 ......TAP-Win32 Adapter V9 (Tunngle)

 12...c0 18 85 65 f4 a3 ......Dell Wireless 1702 802.11b/g/n

  1...........................Software Loopback Interface 1

 30...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #3

 29...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #2

 32...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter

 31...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #4

 28...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #5

 33...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface

===========================================================================

 

IPv4 Route Table

===========================================================================

Active Routes:

Network Destination        Netmask          Gateway       Interface  Metric

          0.0.0.0          0.0.0.0      89.38.197.1    89.38.197.165     20

      89.38.197.0    255.255.255.0         On-link     89.38.197.165    276

    89.38.197.165  255.255.255.255         On-link     89.38.197.165    276

    89.38.197.255  255.255.255.255         On-link     89.38.197.165    276

        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306

        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306

  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306

        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306

        224.0.0.0        240.0.0.0         On-link     89.38.197.165    276

  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306

  255.255.255.255  255.255.255.255         On-link     89.38.197.165    276

===========================================================================

Persistent Routes:

  None

 

IPv6 Route Table

===========================================================================

Active Routes:

 If Metric Network Destination      Gateway

 32   1056 ::/0                     2002:c058:6301::1

 32   1041 ::/0                     2002:c058:6301::c058:6301

  1    306 ::1/128                  On-link

 33     58 2001::/32                On-link

 33    306 2001:0:5ef5:79fd:38f7:3f69:a6d9:3a5a/128

                                    On-link

 32   1025 2002::/16                On-link

 32    281 2002:5926:c5a5::5926:c5a5/128

                                    On-link

 33    306 fe80::/64                On-link

 33    306 fe80::38f7:3f69:a6d9:3a5a/128

                                    On-link

  1    306 ff00::/8                 On-link

 33    306 ff00::/8                 On-link

===========================================================================

Persistent Routes:

  None

========================= Winsock entries =====================================

 

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [52224] (Microsoft Corporation)

Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)

Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)

Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)

Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)

Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)

Catalog5 07 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [121704] (Apple Inc.)

Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [134528] (Microsoft Corporation)

Catalog5 09 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [134528] (Microsoft Corporation)

Catalog5 10 C:\Windows\SysWOW64\wshbth.dll [36352] (Microsoft Corporation)

Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)

Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)

Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)

Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)

Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)

Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)

Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)

Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)

Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)

Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)

Catalog9 11 C:\Windows\SysWOW64\mswsock.dll [231424] (Microsoft Corporation)

x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70656] (Microsoft Corporation)

x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)

x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)

x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)

x64-Catalog5 05 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)

x64-Catalog5 06 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)

x64-Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [132968] (Apple Inc.)

x64-Catalog5 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [168304] (Microsoft Corporation)

x64-Catalog5 09 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [168304] (Microsoft Corporation)

x64-Catalog5 10 C:\Windows\System32\wshbth.dll [47104] (Microsoft Corporation)

x64-Catalog9 01 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)

x64-Catalog9 02 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)

x64-Catalog9 03 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)

x64-Catalog9 04 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)

x64-Catalog9 05 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)

x64-Catalog9 06 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)

x64-Catalog9 07 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)

x64-Catalog9 08 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)

x64-Catalog9 09 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)

x64-Catalog9 10 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)

x64-Catalog9 11 C:\Windows\System32\mswsock.dll [327168] (Microsoft Corporation)

 

========================= Event log errors: ===============================

 

Application errors:

==================

Error: (06/20/2014 00:22:25 PM) (Source: SideBySide) (User: )

Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest2" on line C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest3.

A component version required by the application conflicts with another component version already active.

Conflicting components are:.

Component 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Component 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.

 

Error: (06/20/2014 00:22:25 PM) (Source: SideBySide) (User: )

Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest2" on line C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest3.

A component version required by the application conflicts with another component version already active.

Conflicting components are:.

Component 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Component 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.

 

Error: (06/20/2014 00:15:05 PM) (Source: SideBySide) (User: )

Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest2" on line C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest3.

A component version required by the application conflicts with another component version already active.

Conflicting components are:.

Component 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Component 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.

 

Error: (06/20/2014 00:15:02 PM) (Source: SideBySide) (User: )

Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.

A component version required by the application conflicts with another component version already active.

Conflicting components are:.

Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.

Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

 

Error: (06/19/2014 06:28:12 PM) (Source: SideBySide) (User: )

Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest2" on line C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest3.

A component version required by the application conflicts with another component version already active.

Conflicting components are:.

Component 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Component 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.

 

Error: (06/19/2014 06:28:12 PM) (Source: SideBySide) (User: )

Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest2" on line C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest3.

A component version required by the application conflicts with another component version already active.

Conflicting components are:.

Component 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Component 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.

 

Error: (06/19/2014 05:53:04 PM) (Source: SideBySide) (User: )

Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest2" on line C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest3.

A component version required by the application conflicts with another component version already active.

Conflicting components are:.

Component 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Component 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.

 

Error: (06/19/2014 05:53:04 PM) (Source: SideBySide) (User: )

Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest2" on line C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest3.

A component version required by the application conflicts with another component version already active.

Conflicting components are:.

Component 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Component 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.

 

Error: (06/19/2014 02:52:55 PM) (Source: SideBySide) (User: )

Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest2" on line C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest3.

A component version required by the application conflicts with another component version already active.

Conflicting components are:.

Component 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

Component 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.

 

Error: (06/19/2014 02:52:49 PM) (Source: SideBySide) (User: )

Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.

A component version required by the application conflicts with another component version already active.

Conflicting components are:.

Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.

Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

 

 

System errors:

=============

Error: (06/20/2014 11:59:23 AM) (Source: Service Control Manager) (User: )

Description: The Dell Digital Delivery Service service terminated unexpectedly.  It has done this 1 time(s).

 

Error: (06/19/2014 06:11:46 PM) (Source: Service Control Manager) (User: )

Description: The Dell Digital Delivery Service service terminated unexpectedly.  It has done this 1 time(s).

 

Error: (06/19/2014 05:01:05 PM) (Source: ipnathlp) (User: )

Description: 

 

Error: (06/19/2014 05:01:05 PM) (Source: ipnathlp) (User: )

Description: 

 

Error: (06/19/2014 04:34:00 PM) (Source: volsnap) (User: )

Description: The shadow copies of volume C: were aborted because of an IO failure on volume C:.

 

Error: (06/19/2014 04:29:42 PM) (Source: atapi) (User: )

Description: The driver detected a controller error on \Device\Ide\IdePort0.

 

Error: (06/19/2014 04:29:42 PM) (Source: atapi) (User: )

Description: The driver detected a controller error on \Device\Ide\IdePort0.

 

Error: (06/19/2014 04:29:42 PM) (Source: atapi) (User: )

Description: The driver detected a controller error on \Device\Ide\IdePort0.

 

Error: (06/19/2014 04:29:42 PM) (Source: atapi) (User: )

Description: The driver detected a controller error on \Device\Ide\IdePort0.

 

Error: (06/19/2014 04:29:42 PM) (Source: atapi) (User: )

Description: The driver detected a controller error on \Device\Ide\IdePort0.

 

 

Microsoft Office Sessions:

=========================

 

CodeIntegrity Errors:

===================================

  Date: 2014-06-19 16:27:04.031

  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

 

  Date: 2014-06-19 16:27:03.937

  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

 

  Date: 2014-06-14 23:59:24.951

  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

 

  Date: 2014-06-14 23:59:24.841

  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

 

 

 

=========================== Installed Programs ============================

64 Bit HP CIO Components Installer (Version: 7.2.8 - Hewlett-Packard) Hidden

8-in-Right (HKLM-x32\...\InstallShield_{11EC41FA-5F24-4D3D-AC61-080171D79CD4}) (Version: 11.09.0001 - A4TECH)

8-in-Right (x32 Version: 11.09.0001 - A4TECH) Hidden

Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 13.0.0.111 - Adobe Systems Incorporated)

Adobe AIR (x32 Version: 13.0.0.111 - Adobe Systems Incorporated) Hidden

Adobe Community Help (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.4.980 - Adobe Systems Incorporated.)

Adobe Community Help (x32 Version: 3.4.980 - Adobe Systems Incorporated.) Hidden

Adobe Digital Editions 2.0 (HKLM-x32\...\Adobe Digital Editions 2.0) (Version: 2.0 - Adobe Systems Incorporated)

Adobe Flash Player 13 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 13.0.0.214 - Adobe Systems Incorporated)

Adobe Flash Player 13 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 13.0.0.214 - Adobe Systems Incorporated)

Adobe Premiere Pro CS5.5 (HKLM-x32\...\{0497EAED-70DA-4BBE-BEB3-AF77FD8788EA}) (Version: 5.5 - Adobe Systems Incorporated)

Adobe Premiere Pro CS5.5 Functional Content (HKLM-x32\...\{B0D32525-8AFA-43C4-B84D-AB2A844D5EAD}) (Version: 5.5.0 - Adobe Systems Incorporated)

Adobe Reader X (10.1.10) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AA1000000001}) (Version: 10.1.10 - Adobe Systems Incorporated)

Adobe Story (HKLM-x32\...\com.adobe.AdobeStory.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.0.571 - Adobe Systems Incorporated)

Adobe Story (x32 Version: 1.0.571 - Adobe Systems Incorporated) Hidden

Apple Application Support (HKLM-x32\...\{D9DAD0FF-495A-472B-9F10-BAE430A26682}) (Version: 3.0.3 - Apple Inc.)

Apple Mobile Device Support (HKLM\...\{787136D2-F0F8-4625-AA3F-72D7795AC842}) (Version: 7.1.1.3 - Apple Inc.)

Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)

Arc (HKLM-x32\...\{CED8E25B-122A-4E80-B612-7F99B93284B3}) (Version: 1.0.0.5510 - Perfect World Entertainment)

Audacity 2.0.4 (HKLM-x32\...\Audacity_is1) (Version: 2.0.4 - Audacity Team)

avast! Free Antivirus (HKLM-x32\...\avast) (Version: 9.0.2018 - Avast Software)

BitRaider Web Client (HKLM-x32\...\BitRaider Web Client) (Version: 1.1.3.1 - BitRaider, LLC)

Bluetooth Win7 Suite (64) (HKLM\...\{230D1595-57DA-4933-8C4E-375797EBB7E1}) (Version: 7.2.0.83 - Atheros Communications)

Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)

BOSS (HKLM-x32\...\BOSS) (Version: 2.1.1 - BOSS Development Team)

Brytenwalda version 1.40 (HKLM-x32\...\{4D15C6C1-74C9-4AA4-8378-CEEDE7E53F39}_is1) (Version: 1.40 - Brytenwalda Dev.)

BS.Player FREE (HKLM-x32\...\BSPlayerf) (Version: 2.65.1074 - AB Team, d.o.o.)

BufferChm (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden

Copy (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden

Coupon Printer for Windows (HKLM-x32\...\Coupon Printer for Windows5.0.0.0) (Version: 5.0.0.0 - Coupons.com Incorporated)

Dark Souls Prepare to Die Edition (HKLM-x32\...\GFWL_{4E4D0FA1-F880-4CCB-999A-501000008200}) (Version: 1.0.0000.130 - NAMCO BANDAI Games Europe S.A.S.)

Dark Souls Prepare to Die Edition (x32 Version: 1.0.0000.130 - NAMCO BANDAI Games Europe S.A.S.) Hidden

Dell Digital Delivery (HKLM-x32\...\{31045ECE-019D-4DDF-A5C8-5C51A3FE50EE}) (Version: 1.7.4501.0 - Dell Products, LP)

Dell Driver Download Manager (HKCU\...\bd4d3a0508d364f5) (Version: 3.0.0.0 - Dell Inc)

Dell System Detect (HKCU\...\9204f5692a8faf3b) (Version: 5.8.1.1 - Dell)

Dell System Detect Bootstrapper (HKCU\...\8e3135b376bd523e) (Version: 1.1.0.15 - Dell)

Dell WLAN and Bluetooth Client Installation (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 9.0 - Dell Inc.)

Destinations (x32 Version: 140.0.77.000 - Hewlett-Packard) Hidden

DeviceDiscovery (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden

DiskMax 4.71 (HKLM\...\DiskMax) (Version: 4.71 - KoshyJohn.com)

DJ_AIO_06_F2400_SW_Min (x32 Version: 140.0.690.000 - Hewlett-Packard) Hidden

Dual-Core Optimizer (HKLM-x32\...\{9FD6F1A8-5550-46AF-8509-271DF0E768B5}) (Version: 1.1.4.0169 - AMD)

ERUNT 1.1j (HKLM-x32\...\ERUNT_is1) (Version:  - Lars Hederer)

ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version:  - )

Explorer Suite III (HKLM\...\Explorer Suite_is1) (Version:  - )

F2400 (x32 Version: 140.0.690.000 - Hewlett-Packard) Hidden

Facebook Video Calling 2.0.0.447 (HKLM-x32\...\{8DF41A9F-FE13-43E8-A003-5F9B55A011EE}) (Version: 2.0.447 - Skype Limited)

Game Booster 3 (HKLM-x32\...\Game Booster_is1) (Version: 3.4 - IObit)

Google Chrome (HKCU\...\Google Chrome) (Version: 35.0.1916.153 - Google Inc.)

Google Talk (remove only) (HKLM-x32\...\{226b64e8-dc75-4eea-a6c8-abcb496320f2}-Google Talk) (Version:  - )

GPBaseService2 (x32 Version: 140.0.211.000 - Hewlett-Packard) Hidden

Guild Wars 2 (HKLM-x32\...\Guild Wars 2) (Version:  - NCsoft Corporation, Ltd.)

HP Customer Participation Program 14.0 (HKLM\...\HPExtendedCapabilities) (Version: 14.0 - HP)

HP Deskjet F2400 All-in-One Driver Software 14.0 Rel. 6 (HKLM\...\{819CA3BC-2FF8-4811-B42F-421F7BFD3559}) (Version: 14.0 - HP)

HP Imaging Device Functions 14.0 (HKLM\...\HP Imaging Device Functions) (Version: 14.0 - HP)

HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.2024 - HP Photo Creations Powered by RocketLife)

HP Smart Web Printing 4.60 (HKLM\...\HP Smart Web Printing) (Version: 4.60 - HP)

HP Solution Center 14.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 14.0 - HP)

HP Update (HKLM-x32\...\{97486FBE-A3FC-4783-8D55-EA37E9D171CC}) (Version: 5.005.000.002 - Hewlett-Packard)

HPDiagnosticAlert (x32 Version: 1.00.0000 - Microsoft) Hidden

HPPhotoGadget (x32 Version: 140.0.524.000 - Hewlett-Packard) Hidden

HPProductAssistant (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden

HPSSupply (x32 Version: 140.0.211.000 - Hewlett-Packard) Hidden

IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6341.0 - IDT)

ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.7.0 - LIGHTNING UK!)

Intel® Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)

Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1118 - Intel Corporation)

Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.2843 - Intel Corporation)

Intel® SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)

iTunes (HKLM\...\{5A68A656-979F-4168-8795-E2E368AA4DC2}) (Version: 11.2.2.3 - Apple Inc.)

LG PC Suite (HKLM-x32\...\LG PC Suite) (Version: 5.3.01.20130729 - LG Electronics)

LG United Mobile Driver (HKLM-x32\...\{2A3A4BD6-6CE0-4E2A-80D2-1D0FF6ACBFBA}) (Version: 3.8.1 - LG Electronics)

Malwarebytes Anti-Malware version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)

MarketResearch (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden

Microsoft .NET Framework 1.1 (HKLM-x32\...\Microsoft .NET Framework 1.1  (1033)) (Version:  - )

Microsoft .NET Framework 1.1 (x32 Version: 1.1.4322 - Microsoft) Hidden

Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)

Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden

Microsoft Chart Controls for Microsoft .NET Framework 3.5 (KB2500170) (HKLM-x32\...\{41785C66-90F2-40CE-8CB5-1C94BFC97280}) (Version: 3.5.30730.0 - Microsoft Corporation)

Microsoft Game Studios Common Redistributables Pack 1 (x32 Version: 1.0.0 - Microsoft Game Studios) Hidden

Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{F2508213-9989-4E85-A078-72BE483917EF}) (Version: 3.5.88.0 - Microsoft Corporation)

Microsoft Games for Windows Marketplace (HKLM-x32\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)

Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)

Microsoft Office 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden

Microsoft Office Access MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office Access Setup Metadata MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office Excel MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)

Microsoft Office InfoPath MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office Outlook MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office PowerPoint MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office Professional Plus 2007 (HKLM-x32\...\PROPLUS) (Version: 12.0.6612.1000 - Microsoft Corporation)

Microsoft Office Professional Plus 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office Proof (Spanish) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office Proofing (English) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden

Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden

Microsoft Office Publisher MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office Shared 64-bit MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office Shared MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office Shared Setup Metadata MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Office Word MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden

Microsoft Research Mesh Virtual WIFI (HKLM-x32\...\{034A32D5-699E-4AED-A2EB-2CCB6E7F37F1}) (Version: 1.0.000 - Microsoft Research)

Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)

Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106 (HKLM-x32\...\{6e8f74e0-43bd-4dce-8477-6ff6828acc07}) (Version: 11.0.51106.1 - Microsoft Corporation)

Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106 (HKLM-x32\...\{8e70e4e1-06d7-470b-9f74-a51bef21088e}) (Version: 11.0.51106.1 - Microsoft Corporation)

Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.51106 (Version: 11.0.51106 - Microsoft Corporation) Hidden

Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.51106 (Version: 11.0.51106 - Microsoft Corporation) Hidden

Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.51106 (x32 Version: 11.0.51106 - Microsoft Corporation) Hidden

Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.51106 (x32 Version: 11.0.51106 - Microsoft Corporation) Hidden

Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)

Microsoft XML Parser (x32 Version: 8.20.8730.4 - Microsoft Corporation) Hidden

Microsoft_VC80_ATL_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden

Microsoft_VC80_CRT_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden

Microsoft_VC80_CRT_x86_x64 (Version: 8.0.50727.4053 - Adobe) Hidden

Microsoft_VC80_MFC_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden

Microsoft_VC80_MFC_x86_x64 (Version: 8.0.50727.4053 - Adobe) Hidden

Microsoft_VC80_MFCLOC_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden

Microsoft_VC80_MFCLOC_x86_x64 (Version: 80.50727.4053 - Adobe) Hidden

Microsoft_VC90_ATL_x86 (x32 Version: 1.00.0000 - Adobe) Hidden

Microsoft_VC90_ATL_x86_x64 (Version: 1.00.0000 - Adobe) Hidden

Microsoft_VC90_CRT_x86 (x32 Version: 1.00.0000 - Adobe) Hidden

Microsoft_VC90_CRT_x86_x64 (Version: 1.00.0000 - Adobe) Hidden

Microsoft_VC90_MFC_x86 (x32 Version: 1.00.0000 - Adobe) Hidden

Microsoft_VC90_MFC_x86_x64 (Version: 1.00.0000 - Adobe) Hidden

Microsoft_VC90_MFCLOC_x86 (x32 Version: 1.00.0000 - Adobe) Hidden

Minion (HKCU\...\{Minion}}_is1) (Version: 2.0 - ZAM Network LLC)

Mount.and.Blade.Warband (HKLM-x32\...\Mount.and.Blade.Warband_is1) (Version:  - )

MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)

MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)

My Dell (HKLM\...\PC-Doctor for Windows) (Version: 3.5.6426.22 - PC-Doctor, Inc.)

Nexus Mod Manager (HKLM\...\6af12c54-643b-4752-87d0-8335503010de_is1) (Version: 0.49.3 - Black Tree Gaming)

NVIDIA 3D Vision Driver 337.88 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 337.88 - NVIDIA Corporation)

NVIDIA Control Panel 337.88 (Version: 337.88 - NVIDIA Corporation) Hidden

NVIDIA Graphics Driver 337.88 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 337.88 - NVIDIA Corporation)

NVIDIA HD Audio Driver 1.3.30.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.30.1 - NVIDIA Corporation)

NVIDIA Install Application (Version: 2.1002.157.1165 - NVIDIA Corporation) Hidden

NVIDIA Network Service (Version: 1.0 - NVIDIA Corporation) Hidden

NVIDIA Optimus Update 14.6.22 (Version: 14.6.22 - NVIDIA Corporation) Hidden

NVIDIA PhysX (x32 Version: 9.13.1220 - NVIDIA Corporation) Hidden

NVIDIA PhysX System Software 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)

NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.12.6514 - NVIDIA Corporation) Hidden

NVIDIA Update Core (Version: 14.6.22 - NVIDIA Corporation) Hidden

OpenAL (HKLM-x32\...\OpenAL) (Version:  - )

Origin (HKLM-x32\...\Origin) (Version: 9.4.6.2792 - Electronic Arts, Inc.)

PxMergeModule (x32 Version: 1.00.0000 - Your Company Name) Hidden

Quickset64 (HKLM\...\{87CF757E-C1F1-4D22-865C-00C6950B5258}) (Version: 10.09.25 - Dell Inc.)

QuickTime 7 (HKLM-x32\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)

RAD Video Tools (HKLM-x32\...\RADVideo) (Version:  - )

RadeonPro 1.0 (Build 1.1.1.0) (HKLM-x32\...\RadeonPro_is1) (Version:  - )

Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.31.1025.2010 - Realtek)

Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7600.30126 - Realtek Semiconductor Corp.)

S.T.A.L.K.E.R. - Shadow of Chernobyl [v1.0006] (HKLM-x32\...\S.T.A.L.K.E.R. - Shadow of Chernobyl_is1) (Version: 1.0006 - THQ)

Scan (x32 Version: 140.0.80.000 - Hewlett-Packard) Hidden

Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 14.0 - HP)

Skype Click to Call (HKLM-x32\...\{BB285C9F-C821-4770-8970-56C4AB52C87E}) (Version: 7.2.15747.10003 - Microsoft Corporation)

Skype™ 6.16 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.16.105 - Skype Technologies S.A.)

SmartWebPrinting (x32 Version: 140.0.186.000 - Hewlett-Packard) Hidden

SolutionCenter (x32 Version: 140.0.213.000 - Hewlett-Packard) Hidden

Stalker Complete 2009 (HKLM-x32\...\{Stalker Complete 2009 v1.4.4}}_is1) (Version:  - )

Status (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden

Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)

System Requirements Lab CYRI (HKLM-x32\...\{943A8D28-80D6-41DC-AE94-81FEB42041BF}) (Version: 4.5.1.0 - Husdawg, LLC)

System Requirements Lab for Intel (HKLM-x32\...\{C5DA59CF-2BB8-48D5-8E5B-17F2E0F0FEE4}) (Version: 4.5.5.0 - Husdawg, LLC)

TES Construction Set (HKLM-x32\...\{605333A6-963F-480C-A358-1301CAA6CFF6}) (Version:  - )

TES Construction Set (HKLM-x32\...\{8245C111-D83F-4C66-BBC6-2424F6116944}) (Version:  - )

The Bard's Tale (HKLM-x32\...\GOGPACKBARDSTALE_is1) (Version: 2.0.0.7 - GOG.com)

The Elder Scrolls Online (HKLM-x32\...\The Elder Scrolls Online) (Version: 1.0.0.0 - Zenimax Online Studios)

The Lord of the Rings Online™ v03.07.00.8037 (HKLM-x32\...\12bbe590-c890-11d9-9669-0800200c9a66_is1) (Version: 03.07.00.8037 - Turbine, Inc.)

The Lord of the Rings: War in the North (HKLM-x32\...\Steam App 32800) (Version:  - Snowblind Studios)

The Sims Medieval (HKLM-x32\...\{83BEEFB4-8C28-4F4F-8A9D-E0D1ADCE335B}) (Version: 2.0.113 - Electronic Arts)

TI USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{B1EB7FFF-6E44-43D8-869D-B78E44CD3E0F}) (Version: 1.12.14.0 - Texas Instruments Inc.)

TI USB3 Host Driver (x32 Version: 1.12.14.0 - Texas Instruments Inc.) Hidden

Tom Clancy's Splinter Cell® Blacklist™ (HKLM-x32\...\{A6356F2F-D3E1-4D83-9AA2-72871DD0C298}) (Version: 1.01 - Ubisoft)

Toolbox (x32 Version: 140.0.428.000 - Hewlett-Packard) Hidden

TrayApp (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden

TreeSize Free V2.7 (HKLM-x32\...\TreeSize Free_is1) (Version: 2.7 - JAM Software)

TSEV Skyrim LE (HKLM-x32\...\TSEV Skyrim LE_is1) (Version: 2.0.0.0 - )

Tunngle beta (HKLM-x32\...\Tunngle beta_is1) (Version:  - Tunngle.net GmbH)

Unity Web Player (HKCU\...\UnityWebPlayer) (Version:  - Unity Technologies ApS)

Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)

Update for Microsoft Office 2007 Help for Common Features (KB963673) (HKLM-x32\...\{90120000-006E-0409-0000-0000000FF1CE}_PROPLUS_{AB365889-0395-4FAD-B702-CA5985D53D42}) (Version:  - Microsoft)

Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (HKLM-x32\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{A024FC7B-77DE-45DE-A058-1C049A17BFB3}) (Version:  - Microsoft)

Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version:  - Microsoft)

Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-002A-0000-1000-0000000FF1CE}_PROPLUS_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version:  - Microsoft)

Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (HKLM-x32\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}) (Version:  - Microsoft)

Update for Microsoft Office Access 2007 Help (KB963663) (HKLM-x32\...\{90120000-0015-0409-0000-0000000FF1CE}_PROPLUS_{6B76A18A-AA1E-42AB-A7AD-6C84BBB43987}) (Version:  - Microsoft)

Update for Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0409-0000-0000000FF1CE}_PROPLUS_{199DF7B6-169C-448C-B511-1054101BE9C9}) (Version:  - Microsoft)

Update for Microsoft Office Infopath 2007 Help (KB963662) (HKLM-x32\...\{90120000-0044-0409-0000-0000000FF1CE}_PROPLUS_{716B81B8-B13C-41DF-8EAC-7A2F656CAB63}) (Version:  - Microsoft)

Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition (HKLM-x32\...\{90120000-001A-0409-0000-0000000FF1CE}_PROPLUS_{ED38F8A3-4F61-494E-8BCA-E3AC7760C924}) (Version:  - Microsoft)

Update for Microsoft Office Outlook 2007 (KB2863811) 32-Bit Edition (HKLM-x32\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{53DEC068-4690-4F6B-9946-7D21EF02236B}) (Version:  - Microsoft)

Update for Microsoft Office Outlook 2007 Help (KB963677) (HKLM-x32\...\{90120000-001A-0409-0000-0000000FF1CE}_PROPLUS_{0451F231-E3E3-4943-AB9F-58EB96171784}) (Version:  - Microsoft)

Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2881065) 32-Bit Edition (HKLM-x32\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{B7EF38F7-1D58-4085-A9A4-0F6C69A5AA1E}) (Version:  - Microsoft)

Update for Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0409-0000-0000000FF1CE}_PROPLUS_{397B1D4F-ED7B-4ACA-A637-43B670843876}) (Version:  - Microsoft)

Update for Microsoft Office Publisher 2007 Help (KB963667) (HKLM-x32\...\{90120000-0019-0409-0000-0000000FF1CE}_PROPLUS_{2E40DE55-B289-4C8B-8901-5D369B16814F}) (Version:  - Microsoft)

Update for Microsoft Office Script Editor Help (KB963671) (HKLM-x32\...\{90120000-006E-0409-0000-0000000FF1CE}_PROPLUS_{CD11C6A2-FFC6-4271-8EAB-79C3582F505C}) (Version:  - Microsoft)

Update for Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0409-0000-0000000FF1CE}_PROPLUS_{80E762AA-C921-4839-9D7D-DB62A72C0726}) (Version:  - Microsoft)

Uplay (HKLM-x32\...\Uplay) (Version: 3.0 - Ubisoft)

Venetica (HKLM-x32\...\Venetica_R.G. Mechanics_is1) (Version:  - R.G. Mechanics, spider91)

VirtualDJ PRO Full (HKLM-x32\...\{C515E2A3-4878-4C85-A519-52630C7AB08B}) (Version: 7.3 - Atomix Productions)

VLC media player 2.1.3 (HKLM-x32\...\VLC media player) (Version: 2.1.3 - VideoLAN)

WebReg (x32 Version: 140.0.212.017 - Hewlett-Packard) Hidden

Windows Live ID Sign-in Assistant (HKLM\...\{9B48B0AC-C813-4174-9042-476A887592C7}) (Version: 6.500.3165.0 - Microsoft Corporation)

WinRAR 5.01 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)

Xfire 2.0 (HKLM-x32\...\{43ADAE00-A4ED-4379-A76D-A1FF5D9D334A}_is1) (Version: 2.0 - Xfire, Inc.)

Xfire Codec (remove only) (HKLM-x32\...\XfireCodec) (Version:  - )

 

========================= Devices: ================================

 

 

========================= Memory info: ===================================

 

Percentage of memory in use: 30%

Total physical RAM: 6050.05 MB

Available physical RAM: 4195.59 MB

Total Pagefile: 12098.27 MB

Available Pagefile: 10137.41 MB

Total Virtual: 4095.88 MB

Available Virtual: 3972.13 MB

 

========================= Partitions: =====================================

 

1 Drive c: () (Fixed) (Total:149.77 GB) (Free:68.5 GB) NTFS

2 Drive d: () (Fixed) (Total:546.87 GB) (Free:129.71 GB) NTFS

 

========================= Users: ========================================

 

User accounts for \\CSOLSIM-PC

 

Administrator            ASPNET                   Csolsim                  

Guest                    

 

========================= Minidump Files ==================================

 

No minidump file found

 

 

**** End of log ****

 


Link to post
Share on other sites
  • Root Admin
AdvancedSetup

AdvancedSetup

Posted
  • Root Admin
Posted

Please try to download and install these 2 Microsoft updates. Once installed please restart the computer even if not asked to.

 

Microsoft Visual C++ 2008 SP1 Redistributable Package (x64)

Microsoft Visual C++ 2010 Redistributable Package (x64)
 

Then run a new FRST scan and make sure you put a check mark in the ADDITIONS.TXT box to get a new one of those files too. Then post back both new logs and let me know how the computer is running now.

Link to post
Share on other sites
Raltharan

Raltharan

Posted
  • Author
Posted

Hey Ron! Thanks for the reply and the help. The computer is running ok, and for the last two days I haven't gotten any weird pop-ups on my desktop or any Blue Screens. Then again, I didn't really use my PC for that much time after posting here. Also, regarding Java... is it good or bad? There are a lot of programs which use it. Am I allowed to install it again? Or should I just stop using programs which use Java?

 

Should anything happen again, can I post in this topic again?

 

I am curious though.. what was the cause / multiple causes. Do you have some reading I could do on the subject to prevent situations like these?

 

FRST Log:

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 16-06-2014
Ran by Csolsim (administrator) on CSOLSIM-PC on 21-06-2014 12:30:11
Running from C:\Users\Csolsim\Desktop
Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: English(US)
Internet Explorer Version 11
Boot Mode: Normal
 
The only official download link for FRST:
Download link from any site other than Bleeping Computer is unpermitted or outdated.
 
==================== Processes (Whitelisted) =================
 
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Andrea Electronics Corporation) C:\Program Files\IDT\WDM\AESTSr64.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Atheros) C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\Ath_CoexAgent.exe
(Atheros Commnucations) C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\AdminService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(Mr. John aka japamd) C:\Program Files (x86)\RadeonPro\RadeonProSupport.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Windows\System32\alg.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Atheros Commnucations) C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtvStack.exe
(Atheros Commnucations) C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\AthBtTray.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(DT Soft Ltd) C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
() C:\Program Files (x86)\Standard8-in-Right\Standard8inRight.exe
(Dell) C:\Users\Csolsim\AppData\Local\Apps\2.0\4DRBC0RA.A11\KG1XJ4MO.2EW\dell..tion_0f612f649c4a10af_0005.0008_a4204ff54ae5d3ac\DellSystemDetect.exe
(Hewlett-Packard Co.) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
 
 
==================== Registry (Whitelisted) ==================
 
HKLM\...\Run: [sysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1128448 2011-05-27] (IDT, Inc.)
HKLM\...\Run: [AtherosBtStack] => C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtvStack.exe [627360 2011-05-20] (Atheros Commnucations)
HKLM\...\Run: [AthBtTray] => C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\AthBtTray.exe [379552 2011-05-20] (Atheros Commnucations)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [444904 2012-09-20] (Adobe Systems Incorporated)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2352072 2014-05-30] (NVIDIA Corporation)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43848 2014-02-12] (Apple Inc.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [amd_dc_opt] => C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe [77824 2008-07-22] (AMD)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [49208 2011-10-28] (Hewlett-Packard)
HKLM-x32\...\Run: [googletalk] => C:\Program Files (x86)\Google\Google Talk\googletalk.exe [3739648 2007-01-02] (Google)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [3890208 2014-06-16] (AVAST Software)
HKLM-x32\...\Run: [switchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS5.5ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe [1523360 2011-01-12] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-01-17] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-05-26] (Apple Inc.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer: [NoAutorun] 1
HKU\S-1-5-21-4294059139-1934989550-1564584821-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [357696 2010-04-01] (DT Soft Ltd)
HKU\S-1-5-21-4294059139-1934989550-1564584821-1000\...\Run: [standard8inRight] => C:\Program Files (x86)\Standard8-in-Right\Standard8inRight.exe [3515904 2011-09-06] ()
HKU\S-1-5-21-4294059139-1934989550-1564584821-1000\...\Run: [DellSystemDetect] => C:\Users\Csolsim\AppData\Local\Apps\2.0\4DRBC0RA.A11\KG1XJ4MO.2EW\dell..tion_0f612f649c4a10af_0005.0008_a4204ff54ae5d3ac\DellSystemDetect.exe [262720 2014-06-19] (Dell)
HKU\S-1-5-21-4294059139-1934989550-1564584821-1000\...\Policies\system: [DisableLockWorkstation] 0
AppInit_DLLs: C:\Windows\System32\nvinitx.dll => C:\Windows\System32\nvinitx.dll [166568 2014-05-20] (NVIDIA Corporation)
AppInit_DLLs-x32: c:\Windows\SysWOW64\nvinit.dll => c:\Windows\SysWOW64\nvinit.dll [146480 2014-05-20] (NVIDIA Corporation)
AppInit_DLLs-x32:  C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [146480 2014-05-20] (NVIDIA Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
 
==================== Internet (Whitelisted) ====================
 
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.fr/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x30A937EAA2A5CE01
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
SearchScopes: HKLM-x32 - DefaultScope value is missing.
BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
BHO: Skype add-on for Internet Explorer - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} -  No File
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} -  No File
DPF: HKLM-x32 {682C59F5-478C-4421-9070-AD170D143B77} http://www.dell.com/support/troubleshooting/Content/Ode/pcd86.cab
DPF: HKLM-x32 {8CFCF42C-1C64-47D6-AEEC-F9D001832ED3} http://xserv.dell.com/DellDriverScanner/DellSystem.CAB
DPF: HKLM-x32 {C1F8FC10-E5DB-4112-9DBF-6C3FF728D4E3} http://support.dell.com/systemprofiler/DellSystemLite.CAB
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 192.168.10.1
 
FireFox:
========
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_13_0_0_214.dll ()
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll (Adobe Systems)
FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin - C:\Users\Csolsim\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\Csolsim\AppData\Local\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\Csolsim\AppData\Local\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\Csolsim\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF HKLM-x32\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2013-07-04]
FF HKCU\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2013-07-04]
 
Chrome: 
=======
CHR HomePage: 
CHR Plugin: (Shockwave Flash) - C:\Users\Csolsim\AppData\Local\Google\Chrome\Application\35.0.1916.153\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Users\Csolsim\AppData\Local\Google\Chrome\Application\35.0.1916.153\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Users\Csolsim\AppData\Local\Google\Chrome\Application\35.0.1916.153\pdf.dll ()
CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.4) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (Coupons Inc., Coupon Printer Manager ) - C:\Users\Csolsim\AppData\Local\Google\Chrome\Application\plugins\npMozCouponPrinter.dll (Coupons, Inc.)
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Java Platform SE 7 U25) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll No File
CHR Plugin: (Silverlight Plug-In) - C:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll No File
CHR Plugin: (NVIDIA 3D Vision) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
CHR Plugin: (NVIDIA 3D VISION) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
CHR Plugin: (Pando Web Plugin) - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
CHR Plugin: (VLC Web Plugin) - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
CHR Plugin: (iTunes Application Detector) - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Plugin: (Unity Player) - C:\Users\Csolsim\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
CHR Plugin: (Google Update) - C:\Users\Csolsim\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll No File
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_94.dll No File
CHR Plugin: (Java Deployment Toolkit 7.0.250.17) - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
CHR Extension: (Google Docs) - C:\Users\Csolsim\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-08-30]
CHR Extension: (Google Drive) - C:\Users\Csolsim\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-08-30]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Csolsim\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-05-24]
CHR Extension: (YouTube) - C:\Users\Csolsim\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-08-30]
CHR Extension: (Adblock for Youtube™) - C:\Users\Csolsim\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmedhionkhpnakcndndgjdbohmhepckk [2013-08-30]
CHR Extension: (Google Search) - C:\Users\Csolsim\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-08-30]
CHR Extension: (AdBlock) - C:\Users\Csolsim\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-06-16]
CHR Extension: (avast! Online Security) - C:\Users\Csolsim\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2013-08-30]
CHR Extension: (Skype Click to Call) - C:\Users\Csolsim\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2014-03-21]
CHR Extension: (Google Wallet) - C:\Users\Csolsim\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-30]
CHR Extension: (Gmail) - C:\Users\Csolsim\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-08-30]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-05-04]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-04-11]
CHR StartMenuInternet: Google Chrome - C:\Users\Csolsim\AppData\Local\Google\Chrome\Application\chrome.exe
 
==================== Services (Whitelisted) =================
 
S3 ArcService; C:\Program Files (x86)\Perfect World Entertainment\Arc\ArcService.exe [88400 2014-04-11] (Perfect World Entertainment Inc)
R2 Atheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\Ath_CoexAgent.exe [146592 2011-05-20] (Atheros) [File not signed]
R2 AtherosSvc; C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\adminservice.exe [80032 2011-05-20] (Atheros Commnucations) [File not signed]
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-06-16] (AVAST Software)
S3 BRSptSvc; C:\programdata\bitraider\BRSptSvc.exe [476936 2013-08-21] (BitRaider, LLC)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390720 2014-04-11] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1764992 2014-04-11] (Microsoft Corporation)
S2 DellDigitalDelivery; C:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe [162816 2011-10-26] (Dell Products, LP.) [File not signed]
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed]
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1631008 2014-05-30] (NVIDIA Corporation)
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed]
R2 RadeonPro Support Service; C:\Program Files (x86)\RadeonPro\RadeonProSupport.exe [20608 2013-11-04] (Mr. John aka japamd)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
S3 TunngleService; C:\Program Files (x86)\Tunngle\TnglCtrl.exe [757144 2013-08-16] (Tunngle.net GmbH) [File not signed]
 
==================== Drivers (Whitelisted) ====================
 
S3 AndNetDiag; C:\Windows\System32\DRIVERS\lgandnetdiag64.sys [29184 2012-07-03] (LG Electronics Inc.)
S3 ANDNetModem; C:\Windows\System32\DRIVERS\lgandnetmodem64.sys [36352 2012-07-03] (LG Electronics Inc.)
S3 andnetndis; C:\Windows\System32\DRIVERS\lgandnetndis64.sys [93184 2012-07-04] (LG Electronics Inc.)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-05-04] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-05-04] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-05-04] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-05-04] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1039096 2014-06-16] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [423240 2014-06-16] (AVAST Software)
S2 aswStm; C:\Windows\system32\drivers\aswStm.sys [85328 2014-06-16] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [208416 2014-05-04] ()
S3 cpudrv64; C:\Program Files (x86)\SystemRequirementsLab\cpudrv64.sys [17864 2011-06-02] ()
R1 nvkflt; C:\Windows\System32\DRIVERS\nvkflt.sys [301512 2014-05-20] (NVIDIA Corporation)
S3 Serial; C:\Windows\system32\DRIVERS\serial.sys [94208 2009-07-14] (Brother Industries Ltd.)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [834544 2012-06-28] () [File not signed]
R3 tap0901t; C:\Windows\System32\DRIVERS\tap0901t.sys [31232 2009-09-16] (Tunngle.net)
S3 usbbus; C:\Windows\System32\DRIVERS\lgx64bus.sys [17920 2012-03-02] (LG Electronics Inc.)
S3 UsbDiag; C:\Windows\System32\DRIVERS\lgx64diag.sys [28160 2012-03-02] (LG Electronics Inc.)
S3 USBModem; C:\Windows\System32\DRIVERS\lgx64modem.sys [34816 2012-03-02] (LG Electronics Inc.)
S3 XFDriver64; C:\Program Files (x86)\Xfire2\XFDriver64.sys [17160 2013-03-14] (XFire)
U3 apoxo35b; C:\Windows\System32\Drivers\apoxo35b.sys [0 ] (Microsoft Corporation)
S3 BRDriver64; \??\C:\programdata\bitraider\BRDriver64.sys [X]
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S4 NVHDA; system32\drivers\nvhda64v.sys [X]
S4 nvvad_WaveExtensible; system32\drivers\nvvad64v.sys [X]
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
 
==================== One Month Created Files and Folders ========
 
2014-06-21 12:30 - 2014-06-21 12:31 - 00020148 _____ () C:\Users\Csolsim\Desktop\FRST.txt
2014-06-21 12:29 - 2014-06-21 12:30 - 00000000 ____D () C:\FRST
2014-06-21 12:29 - 2014-06-21 12:29 - 00000000 ___RD () C:\Users\Csolsim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
2014-06-20 12:33 - 2014-06-20 12:34 - 00051962 _____ () C:\Users\Csolsim\Desktop\Result.txt
2014-06-20 12:32 - 2014-06-20 12:32 - 00004320 _____ () C:\JavaRa.log
2014-06-20 12:31 - 2014-06-20 12:31 - 00000484 _____ () C:\Users\Csolsim\Desktop\reply.txt
2014-06-20 12:31 - 2014-06-20 12:31 - 00000000 ____D () C:\Users\Csolsim\Desktop\RemoveJava
2014-06-20 12:30 - 2012-05-04 19:29 - 00772504 _____ (Oracle Corporation) C:\Windows\SysWOW64\npDeployJava1.dll
2014-06-20 12:30 - 2012-05-04 19:29 - 00687504 _____ (Oracle Corporation) C:\Windows\SysWOW64\deployJava1.dll
2014-06-20 12:23 - 2014-06-20 12:23 - 00400384 _____ (Farbar) C:\Users\Csolsim\Desktop\MiniToolBox.exe
2014-06-19 18:20 - 2014-06-19 18:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Geeks3D
2014-06-19 16:37 - 2014-06-19 16:37 - 00028138 _____ () C:\ComboFix.txt
2014-06-19 16:37 - 2014-06-19 16:37 - 00000000 ____D () C:\Users\Public\AppData\Local\temp
2014-06-19 16:37 - 2014-06-19 16:37 - 00000000 ____D () C:\Users\hedev\AppData\Local\temp
2014-06-19 16:37 - 2014-06-19 16:37 - 00000000 ____D () C:\Users\Guest\AppData\Local\temp
2014-06-19 16:37 - 2014-06-19 16:37 - 00000000 ____D () C:\Users\Default\AppData\Local\temp
2014-06-19 16:37 - 2014-06-19 16:37 - 00000000 ____D () C:\Users\Default User\AppData\Local\temp
2014-06-19 16:18 - 2011-06-26 09:45 - 00256000 _____ () C:\Windows\PEV.exe
2014-06-19 16:18 - 2010-11-07 20:20 - 00208896 _____ () C:\Windows\MBR.exe
2014-06-19 16:18 - 2009-04-20 07:56 - 00060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2014-06-19 16:18 - 2000-08-31 03:00 - 00518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2014-06-19 16:18 - 2000-08-31 03:00 - 00406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2014-06-19 16:18 - 2000-08-31 03:00 - 00098816 _____ () C:\Windows\sed.exe
2014-06-19 16:18 - 2000-08-31 03:00 - 00080412 _____ () C:\Windows\grep.exe
2014-06-19 16:18 - 2000-08-31 03:00 - 00068096 _____ () C:\Windows\zip.exe
2014-06-19 16:17 - 2014-06-19 16:37 - 00000000 ____D () C:\Qoobox
2014-06-19 16:14 - 2014-06-19 16:14 - 00000000 ____D () C:\Users\Csolsim\Desktop\LocaleMetaData
2014-06-19 16:09 - 2014-06-19 16:09 - 05207168 ____R (Swearware) C:\Users\Csolsim\Desktop\ComboFix.exe
2014-06-19 13:21 - 2014-06-19 13:21 - 00000024 _____ () C:\Users\Csolsim\AppData\Roaming\temp.ini
2014-06-19 00:34 - 2014-06-19 00:34 - 00000622 _____ () C:\Users\Csolsim\Documents\Minion.lnk
2014-06-19 00:34 - 2014-06-19 00:34 - 00000000 ____D () C:\Users\Csolsim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ZAM Network LLC
2014-06-19 00:34 - 2014-06-19 00:34 - 00000000 ____D () C:\Users\Csolsim\.minion
2014-06-18 15:07 - 2014-06-18 15:07 - 02081280 _____ (Farbar) C:\Users\Csolsim\Desktop\FRST64.exe
2014-06-18 15:05 - 2014-06-18 15:05 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-06-18 15:04 - 2014-06-18 15:04 - 02347384 _____ (ESET) C:\Users\Csolsim\Desktop\esetsmartinstaller_enu.exe
2014-06-18 15:03 - 2014-06-18 15:03 - 00001085 _____ () C:\Users\Csolsim\Desktop\mbam.txt
2014-06-18 14:48 - 2014-06-18 14:48 - 00001093 _____ () C:\Users\Csolsim\Desktop\AdwCleaner[s0].txt
2014-06-18 14:43 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll
2014-06-18 14:42 - 2014-06-18 14:45 - 00000000 ____D () C:\AdwCleaner
2014-06-18 14:41 - 2014-06-18 14:41 - 01333465 _____ () C:\Users\Csolsim\Desktop\AdwCleaner.exe
2014-06-18 14:38 - 2014-06-18 14:38 - 00002002 _____ () C:\Users\Csolsim\Desktop\JRT.txt
2014-06-18 14:31 - 2014-06-18 14:31 - 00000000 ____D () C:\Users\Csolsim\AppData\Roaming\CleanMyPC Software
2014-06-18 14:28 - 2014-06-18 14:28 - 00000000 ____D () C:\Windows\ERUNT
2014-06-18 14:27 - 2014-06-18 14:27 - 01016261 _____ (Thisisu) C:\Users\Csolsim\Desktop\JRT.exe
2014-06-17 20:59 - 2014-06-17 20:59 - 00000000 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_60-b19.log
2014-06-17 18:07 - 2014-06-17 18:35 - 00000000 ____D () C:\Users\Csolsim\AppData\Roaming\RadeonPro
2014-06-17 18:07 - 2014-06-17 18:09 - 00000000 ____D () C:\Program Files (x86)\RadeonPro
2014-06-17 18:07 - 2014-06-17 18:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RadeonPro
2014-06-17 17:53 - 2014-06-17 17:53 - 00000000 ____D () C:\Users\Csolsim\Documents\RadeonPro Benchmarks
2014-06-17 14:48 - 2014-06-17 14:48 - 00000000 ____D () C:\ProgramData\RogueKiller
2014-06-17 14:23 - 2014-06-18 14:50 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-06-17 14:22 - 2014-06-17 14:22 - 00001106 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-06-17 14:22 - 2014-06-17 14:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-06-17 14:22 - 2014-06-17 14:22 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-06-17 14:22 - 2014-06-17 14:22 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-06-17 14:22 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-06-17 14:22 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-06-17 14:22 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-06-17 14:13 - 2014-06-19 16:28 - 00000000 ____D () C:\Windows\ERDNT
2014-06-17 14:13 - 2014-06-17 14:13 - 00000909 _____ () C:\Users\Guest\Desktop\ERUNT.lnk
2014-06-17 14:13 - 2014-06-17 14:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ERUNT
2014-06-17 14:13 - 2014-06-17 14:13 - 00000000 ____D () C:\Program Files (x86)\ERUNT
2014-06-17 14:08 - 2014-06-17 14:08 - 05268992 _____ () C:\Users\Csolsim\Desktop\RogueKillerX64.exe
2014-06-17 14:07 - 2014-06-17 14:08 - 00791393 _____ (Lars Hederer ) C:\Users\Csolsim\Desktop\erunt-setup.exe
2014-06-17 14:07 - 2014-06-17 14:07 - 01940216 _____ (Bleeping Computer, LLC) C:\Users\Csolsim\Desktop\iExplore.exe
2014-06-17 13:49 - 2014-06-17 13:49 - 00286576 _____ () C:\Windows\Minidump\061714-28126-01.dmp
2014-06-16 13:28 - 2014-06-16 13:28 - 00007597 _____ () C:\Users\Csolsim\AppData\Local\Resmon.ResmonCfg
2014-06-16 01:35 - 2014-05-30 13:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-06-16 01:35 - 2014-05-30 13:02 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-06-16 01:35 - 2014-05-30 12:45 - 02768384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-06-16 01:35 - 2014-05-30 12:39 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-06-16 01:35 - 2014-05-30 12:38 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-06-16 01:35 - 2014-05-30 12:28 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-06-16 01:35 - 2014-05-30 12:27 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-06-16 01:35 - 2014-05-30 12:21 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-06-16 01:35 - 2014-05-30 12:18 - 17271296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-06-16 01:35 - 2014-05-30 12:06 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-06-16 01:35 - 2014-05-30 12:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-06-16 01:35 - 2014-05-30 11:55 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-06-16 01:35 - 2014-05-30 11:44 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-06-16 01:35 - 2014-05-30 11:43 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-06-16 01:35 - 2014-05-30 11:42 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-06-16 01:35 - 2014-05-30 11:38 - 02179072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-06-16 01:35 - 2014-05-30 11:35 - 00608768 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-06-16 01:35 - 2014-05-30 11:34 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-06-16 01:35 - 2014-05-30 11:33 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-06-16 01:35 - 2014-05-30 11:30 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-06-16 01:35 - 2014-05-30 11:29 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-06-16 01:35 - 2014-05-30 11:28 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-06-16 01:35 - 2014-05-30 11:27 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-06-16 01:35 - 2014-05-30 11:23 - 02040832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-06-16 01:35 - 2014-05-30 11:16 - 00368128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-06-16 01:35 - 2014-05-30 11:10 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-06-16 01:35 - 2014-05-30 11:06 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-06-16 01:35 - 2014-05-30 11:04 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-06-16 01:35 - 2014-05-30 11:02 - 00242688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-06-16 01:35 - 2014-05-30 10:56 - 04244992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-06-16 01:35 - 2014-05-30 10:54 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-06-16 01:35 - 2014-05-30 10:50 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-06-16 01:35 - 2014-05-30 10:49 - 01964544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-06-16 01:35 - 2014-05-30 10:40 - 11725312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-06-16 01:35 - 2014-05-30 10:30 - 01398272 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-06-16 01:35 - 2014-05-30 10:21 - 01790976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-06-16 01:35 - 2014-05-30 10:15 - 01143296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-06-16 01:35 - 2014-05-30 10:13 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-06-16 01:35 - 2014-05-08 12:32 - 03178496 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2014-06-16 01:35 - 2014-05-08 12:32 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\RdpGroupPolicyExtension.dll
2014-06-16 01:35 - 2014-04-25 05:34 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2014-06-16 01:35 - 2014-04-25 05:06 - 00626688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
2014-06-16 01:35 - 2014-04-05 05:47 - 01903552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2014-06-16 01:35 - 2014-04-05 05:47 - 00288192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2014-06-16 01:35 - 2014-03-26 17:44 - 02002432 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2014-06-16 01:35 - 2014-03-26 17:44 - 01882112 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-06-16 01:35 - 2014-03-26 17:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2014-06-16 01:35 - 2014-03-26 17:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2014-06-16 01:35 - 2014-03-26 17:27 - 01389056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2014-06-16 01:35 - 2014-03-26 17:27 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-06-16 01:35 - 2014-03-26 17:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll
2014-06-16 01:35 - 2014-03-26 17:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2014-06-16 01:34 - 2014-05-30 13:21 - 23414784 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-06-16 01:34 - 2014-05-30 12:39 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-06-16 01:34 - 2014-05-30 12:24 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-06-16 01:34 - 2014-05-30 12:21 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-06-16 01:34 - 2014-05-30 12:20 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-06-16 01:34 - 2014-05-30 12:11 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-06-16 01:34 - 2014-05-30 12:08 - 05782528 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-06-16 01:34 - 2014-05-30 11:49 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-06-16 01:34 - 2014-05-30 11:46 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-06-16 01:34 - 2014-05-30 11:44 - 00295424 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-06-16 01:34 - 2014-05-30 11:24 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-06-16 01:34 - 2014-05-30 10:56 - 02266112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-06-16 01:34 - 2014-05-30 10:43 - 13522944 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-06-16 01:34 - 2014-05-30 10:13 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-06-15 20:01 - 2014-06-15 20:01 - 00000000 ____D () C:\Users\Default\AppData\Local\NVIDIA Corporation
2014-06-15 20:01 - 2014-06-15 20:01 - 00000000 ____D () C:\Users\Default\AppData\Local\NVIDIA
2014-06-15 20:01 - 2014-06-15 20:01 - 00000000 ____D () C:\Users\Default User\AppData\Local\NVIDIA Corporation
2014-06-15 20:01 - 2014-06-15 20:01 - 00000000 ____D () C:\Users\Default User\AppData\Local\NVIDIA
2014-06-13 09:12 - 2014-06-13 09:12 - 00296712 _____ () C:\Windows\Minidump\061314-65442-01.dmp
2014-06-12 18:13 - 2014-06-12 18:15 - 00000000 ____D () C:\Users\Csolsim\Documents\Venetica
2014-06-12 01:03 - 2014-06-12 01:03 - 00000000 ____D () C:\Users\Csolsim\AppData\Roaming\Venetica
2014-06-12 01:03 - 2014-06-12 01:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\R.G. Mechanics
2014-06-11 10:50 - 2014-06-21 12:25 - 00289106 _____ () C:\Windows\WindowsUpdate.log
2014-06-11 10:45 - 2014-06-21 12:21 - 00004760 _____ () C:\Windows\setupact.log
2014-06-11 10:45 - 2014-06-11 10:46 - 04977200 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-06-11 10:45 - 2014-06-11 10:46 - 00296976 _____ () C:\Windows\Minidump\061114-76877-01.dmp
2014-06-11 10:45 - 2014-06-11 10:45 - 00000000 _____ () C:\Windows\setuperr.log
2014-06-11 10:44 - 2014-06-20 23:48 - 00061846 _____ () C:\Windows\PFRO.log
2014-06-11 10:44 - 2014-06-17 13:49 - 425684743 _____ () C:\Windows\MEMORY.DMP
2014-06-08 13:09 - 2014-06-08 13:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-06-08 13:07 - 2014-06-08 13:09 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-06-08 13:07 - 2014-06-08 13:09 - 00000000 ____D () C:\Program Files\iTunes
2014-06-08 13:07 - 2014-06-08 13:09 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-06-08 13:07 - 2014-06-08 13:07 - 00000000 ____D () C:\Program Files\iPod
2014-06-02 21:49 - 2014-06-02 21:49 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-06-02 21:36 - 2014-05-09 09:14 - 00477184 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-06-02 21:36 - 2014-05-09 09:11 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-06-02 21:36 - 2014-03-25 05:43 - 14175744 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-06-02 21:36 - 2014-03-25 05:09 - 12874240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-06-02 21:36 - 2014-01-09 05:22 - 05694464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2014-06-02 21:36 - 2014-01-04 01:44 - 06574592 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2014-06-02 21:26 - 2014-04-12 05:22 - 00155072 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2014-06-02 21:26 - 2014-04-12 05:22 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2014-06-02 21:26 - 2014-04-12 05:19 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-06-02 21:26 - 2014-04-12 05:19 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2014-06-02 21:26 - 2014-04-12 05:19 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2014-06-02 21:26 - 2014-04-12 05:19 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2014-06-02 21:26 - 2014-04-12 05:19 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2014-06-02 21:26 - 2014-04-12 05:12 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-06-02 21:26 - 2014-04-12 05:10 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-06-02 21:26 - 2014-03-04 12:47 - 05550016 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-06-02 21:26 - 2014-03-04 12:44 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-06-02 21:26 - 2014-03-04 12:44 - 00722944 _____ (Microsoft Corporation) C:\Windows\system32\objsel.dll
2014-06-02 21:26 - 2014-03-04 12:44 - 00424960 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2014-06-02 21:26 - 2014-03-04 12:44 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2014-06-02 21:26 - 2014-03-04 12:44 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2014-06-02 21:26 - 2014-03-04 12:44 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2014-06-02 21:26 - 2014-03-04 12:44 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2014-06-02 21:26 - 2014-03-04 12:44 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\wincredprovider.dll
2014-06-02 21:26 - 2014-03-04 12:43 - 00455168 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2014-06-02 21:26 - 2014-03-04 12:43 - 00057344 _____ (Microsoft Corporation) C:\Windows\system32\cngprovider.dll
2014-06-02 21:26 - 2014-03-04 12:43 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\adprovider.dll
2014-06-02 21:26 - 2014-03-04 12:43 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\capiprovider.dll
2014-06-02 21:26 - 2014-03-04 12:43 - 00052736 _____ (Microsoft Corporation) C:\Windows\system32\dpapiprovider.dll
2014-06-02 21:26 - 2014-03-04 12:43 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\dimsroam.dll
2014-06-02 21:26 - 2014-03-04 12:43 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2014-06-02 21:26 - 2014-03-04 12:20 - 03969984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2014-06-02 21:26 - 2014-03-04 12:20 - 03914176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2014-06-02 21:26 - 2014-03-04 12:17 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-06-02 21:26 - 2014-03-04 12:17 - 00538112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\objsel.dll
2014-06-02 21:26 - 2014-03-04 12:17 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2014-06-02 21:26 - 2014-03-04 12:17 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2014-06-02 21:26 - 2014-03-04 12:17 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2014-06-02 21:26 - 2014-03-04 12:17 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2014-06-02 21:26 - 2014-03-04 12:17 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cngprovider.dll
2014-06-02 21:26 - 2014-03-04 12:17 - 00049664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adprovider.dll
2014-06-02 21:26 - 2014-03-04 12:17 - 00048128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\capiprovider.dll
2014-06-02 21:26 - 2014-03-04 12:17 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dpapiprovider.dll
2014-06-02 21:26 - 2014-03-04 12:17 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dimsroam.dll
2014-06-02 21:26 - 2014-03-04 12:17 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wincredprovider.dll
2014-06-02 21:26 - 2014-03-04 12:17 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2014-06-02 21:26 - 2014-03-04 12:16 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2014-05-27 14:33 - 2014-05-20 02:10 - 00601432 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2014-05-27 14:31 - 2014-05-27 14:31 - 00000000 ____D () C:\Windows\SysWOW64\NV
2014-05-27 14:31 - 2014-05-27 14:31 - 00000000 ____D () C:\Windows\system32\NV
2014-05-27 14:05 - 2014-05-20 05:44 - 31387936 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2014-05-27 14:05 - 2014-05-20 05:44 - 25256224 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2014-05-27 14:05 - 2014-05-20 05:44 - 24025376 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2014-05-27 14:05 - 2014-05-20 05:44 - 18531568 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2014-05-27 14:05 - 2014-05-20 05:44 - 17561544 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2014-05-27 14:05 - 2014-05-20 05:44 - 16003912 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2014-05-27 14:05 - 2014-05-20 05:44 - 12688328 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2014-05-27 14:05 - 2014-05-20 05:44 - 11644928 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2014-05-27 14:05 - 2014-05-20 05:44 - 11599072 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2014-05-27 14:05 - 2014-05-20 05:44 - 09735256 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2014-05-27 14:05 - 2014-05-20 05:44 - 09697640 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2014-05-27 14:05 - 2014-05-20 05:44 - 03141976 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2014-05-27 14:05 - 2014-05-20 05:44 - 02953672 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2014-05-27 14:05 - 2014-05-20 05:44 - 02785568 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvenc.dll
2014-05-27 14:05 - 2014-05-20 05:44 - 02412376 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvenc.dll
2014-05-27 14:05 - 2014-05-20 05:44 - 01889112 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6433788.dll
2014-05-27 14:05 - 2014-05-20 05:44 - 01541576 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6433788.dll
2014-05-27 14:05 - 2014-05-20 05:44 - 00895776 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2014-05-27 14:05 - 2014-05-20 05:44 - 00892704 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2014-05-27 14:05 - 2014-05-20 05:44 - 00867784 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2014-05-27 14:05 - 2014-05-20 05:44 - 00861128 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2014-05-27 14:05 - 2014-05-20 05:44 - 00354016 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2014-05-27 14:05 - 2014-05-20 05:44 - 00305600 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2014-05-27 14:05 - 2014-05-20 05:44 - 00301512 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvkflt.sys
2014-05-27 14:05 - 2014-05-20 05:44 - 00032544 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvpciflt.sys
 
==================== One Month Modified Files and Folders =======
 
2014-06-21 12:31 - 2014-06-21 12:30 - 00020148 _____ () C:\Users\Csolsim\Desktop\FRST.txt
2014-06-21 12:31 - 2012-06-27 18:38 - 00000000 ____D () C:\Users\Csolsim\AppData\Local\Temp
2014-06-21 12:30 - 2014-06-21 12:29 - 00000000 ____D () C:\FRST
2014-06-21 12:29 - 2014-06-21 12:29 - 00000000 ___RD () C:\Users\Csolsim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BT Devices
2014-06-21 12:27 - 2009-07-14 07:45 - 00014416 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-06-21 12:27 - 2009-07-14 07:45 - 00014416 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-06-21 12:25 - 2014-06-11 10:50 - 00289106 _____ () C:\Windows\WindowsUpdate.log
2014-06-21 12:21 - 2014-06-11 10:45 - 00004760 _____ () C:\Windows\setupact.log
2014-06-21 12:21 - 2012-06-28 11:33 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-06-21 12:21 - 2009-07-14 08:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-06-20 23:57 - 2012-06-28 10:49 - 00000916 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4294059139-1934989550-1564584821-1000UA.job
2014-06-20 23:56 - 2013-03-02 02:35 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-06-20 23:56 - 2012-06-28 10:49 - 00000864 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4294059139-1934989550-1564584821-1000Core.job
2014-06-20 23:50 - 2012-07-07 11:20 - 00004182 _____ () C:\Windows\System32\Tasks\avast! Emergency Update
2014-06-20 23:48 - 2014-06-11 10:44 - 00061846 _____ () C:\Windows\PFRO.log
2014-06-20 13:27 - 2013-05-23 14:29 - 00003440 _____ () C:\Windows\System32\Tasks\PCDEventLauncherTask
2014-06-20 12:34 - 2014-06-20 12:33 - 00051962 _____ () C:\Users\Csolsim\Desktop\Result.txt
2014-06-20 12:32 - 2014-06-20 12:32 - 00004320 _____ () C:\JavaRa.log
2014-06-20 12:31 - 2014-06-20 12:31 - 00000484 _____ () C:\Users\Csolsim\Desktop\reply.txt
2014-06-20 12:31 - 2014-06-20 12:31 - 00000000 ____D () C:\Users\Csolsim\Desktop\RemoveJava
2014-06-20 12:25 - 2012-09-02 22:43 - 00000000 ____D () C:\Program Files (x86)\Java
2014-06-20 12:23 - 2014-06-20 12:23 - 00400384 _____ (Farbar) C:\Users\Csolsim\Desktop\MiniToolBox.exe
2014-06-20 12:22 - 2012-06-28 12:29 - 00000000 ____D () C:\Users\Csolsim\AppData\Roaming\uTorrent
2014-06-20 12:21 - 2012-06-28 12:40 - 00000000 ____D () C:\ProgramData\TEMP
2014-06-20 12:06 - 2012-07-07 12:14 - 00000000 ____D () C:\Users\Csolsim\AppData\Local\Adobe
2014-06-19 18:36 - 2012-06-28 10:48 - 00000000 ____D () C:\Users\Csolsim\AppData\Local\Deployment
2014-06-19 18:36 - 2012-06-28 10:48 - 00000000 ____D () C:\Users\Csolsim\AppData\Local\Apps\2.0
2014-06-19 18:28 - 2014-06-19 18:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Geeks3D
2014-06-19 18:21 - 2012-06-28 10:37 - 00000000 ____D () C:\Users\Csolsim\Desktop\Programe
2014-06-19 18:20 - 2013-11-24 17:25 - 00000000 ____D () C:\Users\Csolsim\AppData\Roaming\NVIDIA
2014-06-19 18:14 - 2009-07-14 08:13 - 00799970 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-06-19 17:34 - 2013-09-07 21:29 - 00000936 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-4294059139-1934989550-1564584821-1000UA.job
2014-06-19 17:03 - 2013-03-16 16:15 - 00000000 ____D () C:\Users\Csolsim\AppData\Roaming\Awesomium
2014-06-19 16:37 - 2014-06-19 16:37 - 00028138 _____ () C:\ComboFix.txt
2014-06-19 16:37 - 2014-06-19 16:37 - 00000000 ____D () C:\Users\Public\AppData\Local\temp
2014-06-19 16:37 - 2014-06-19 16:37 - 00000000 ____D () C:\Users\hedev\AppData\Local\temp
2014-06-19 16:37 - 2014-06-19 16:37 - 00000000 ____D () C:\Users\Guest\AppData\Local\temp
2014-06-19 16:37 - 2014-06-19 16:37 - 00000000 ____D () C:\Users\Default\AppData\Local\temp
2014-06-19 16:37 - 2014-06-19 16:37 - 00000000 ____D () C:\Users\Default User\AppData\Local\temp
2014-06-19 16:37 - 2014-06-19 16:17 - 00000000 ____D () C:\Qoobox
2014-06-19 16:37 - 2009-07-14 06:20 - 00000000 __RHD () C:\Users\Default
2014-06-19 16:28 - 2014-06-17 14:13 - 00000000 ____D () C:\Windows\ERDNT
2014-06-19 16:27 - 2009-07-14 05:34 - 00000215 _____ () C:\Windows\system.ini
2014-06-19 16:14 - 2014-06-19 16:14 - 00000000 ____D () C:\Users\Csolsim\Desktop\LocaleMetaData
2014-06-19 16:09 - 2014-06-19 16:09 - 05207168 ____R (Swearware) C:\Users\Csolsim\Desktop\ComboFix.exe
2014-06-19 13:21 - 2014-06-19 13:21 - 00000024 _____ () C:\Users\Csolsim\AppData\Roaming\temp.ini
2014-06-19 00:34 - 2014-06-19 00:34 - 00000622 _____ () C:\Users\Csolsim\Documents\Minion.lnk
2014-06-19 00:34 - 2014-06-19 00:34 - 00000000 ____D () C:\Users\Csolsim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ZAM Network LLC
2014-06-19 00:34 - 2014-06-19 00:34 - 00000000 ____D () C:\Users\Csolsim\.minion
2014-06-19 00:34 - 2014-04-17 20:14 - 00000000 ____D () C:\Users\Csolsim\AppData\Local\Minion
2014-06-19 00:34 - 2012-06-27 18:38 - 00000000 ____D () C:\Users\Csolsim
2014-06-19 00:29 - 2013-09-20 07:28 - 00000000 ____D () C:\ProgramData\Oracle
2014-06-18 20:34 - 2013-09-07 21:29 - 00000914 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-4294059139-1934989550-1564584821-1000Core.job
2014-06-18 16:05 - 2013-11-19 13:55 - 00000000 ____D () C:\Users\Csolsim\AppData\Local\NVIDIA Corporation
2014-06-18 16:05 - 2012-08-21 23:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2014-06-18 16:05 - 2012-06-28 11:32 - 00000000 ____D () C:\ProgramData\NVIDIA Corporation
2014-06-18 16:05 - 2012-06-28 11:32 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2014-06-18 16:05 - 2012-06-28 11:30 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2014-06-18 15:07 - 2014-06-18 15:07 - 02081280 _____ (Farbar) C:\Users\Csolsim\Desktop\FRST64.exe
2014-06-18 15:05 - 2014-06-18 15:05 - 00000000 ____D () C:\Program Files (x86)\ESET
2014-06-18 15:04 - 2014-06-18 15:04 - 02347384 _____ (ESET) C:\Users\Csolsim\Desktop\esetsmartinstaller_enu.exe
2014-06-18 15:03 - 2014-06-18 15:03 - 00001085 _____ () C:\Users\Csolsim\Desktop\mbam.txt
2014-06-18 14:50 - 2014-06-17 14:23 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-06-18 14:48 - 2014-06-18 14:48 - 00001093 _____ () C:\Users\Csolsim\Desktop\AdwCleaner[s0].txt
2014-06-18 14:45 - 2014-06-18 14:42 - 00000000 ____D () C:\AdwCleaner
2014-06-18 14:41 - 2014-06-18 14:41 - 01333465 _____ () C:\Users\Csolsim\Desktop\AdwCleaner.exe
2014-06-18 14:38 - 2014-06-18 14:38 - 00002002 _____ () C:\Users\Csolsim\Desktop\JRT.txt
2014-06-18 14:31 - 2014-06-18 14:31 - 00000000 ____D () C:\Users\Csolsim\AppData\Roaming\CleanMyPC Software
2014-06-18 14:28 - 2014-06-18 14:28 - 00000000 ____D () C:\Windows\ERUNT
2014-06-18 14:27 - 2014-06-18 14:27 - 01016261 _____ (Thisisu) C:\Users\Csolsim\Desktop\JRT.exe
2014-06-17 20:59 - 2014-06-17 20:59 - 00000000 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_60-b19.log
2014-06-17 18:35 - 2014-06-17 18:07 - 00000000 ____D () C:\Users\Csolsim\AppData\Roaming\RadeonPro
2014-06-17 18:09 - 2014-06-17 18:07 - 00000000 ____D () C:\Program Files (x86)\RadeonPro
2014-06-17 18:07 - 2014-06-17 18:07 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RadeonPro
2014-06-17 17:53 - 2014-06-17 17:53 - 00000000 ____D () C:\Users\Csolsim\Documents\RadeonPro Benchmarks
2014-06-17 17:51 - 2012-06-30 20:55 - 00000000 ____D () C:\Users\Csolsim\AppData\Local\CrashDumps
2014-06-17 14:48 - 2014-06-17 14:48 - 00000000 ____D () C:\ProgramData\RogueKiller
2014-06-17 14:22 - 2014-06-17 14:22 - 00001106 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-06-17 14:22 - 2014-06-17 14:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-06-17 14:22 - 2014-06-17 14:22 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-06-17 14:22 - 2014-06-17 14:22 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-06-17 14:13 - 2014-06-17 14:13 - 00000909 _____ () C:\Users\Guest\Desktop\ERUNT.lnk
2014-06-17 14:13 - 2014-06-17 14:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ERUNT
2014-06-17 14:13 - 2014-06-17 14:13 - 00000000 ____D () C:\Program Files (x86)\ERUNT
2014-06-17 14:08 - 2014-06-17 14:08 - 05268992 _____ () C:\Users\Csolsim\Desktop\RogueKillerX64.exe
2014-06-17 14:08 - 2014-06-17 14:07 - 00791393 _____ (Lars Hederer ) C:\Users\Csolsim\Desktop\erunt-setup.exe
2014-06-17 14:07 - 2014-06-17 14:07 - 01940216 _____ (Bleeping Computer, LLC) C:\Users\Csolsim\Desktop\iExplore.exe
2014-06-17 13:49 - 2014-06-17 13:49 - 00286576 _____ () C:\Windows\Minidump\061714-28126-01.dmp
2014-06-17 13:49 - 2014-06-11 10:44 - 425684743 _____ () C:\Windows\MEMORY.DMP
2014-06-17 13:49 - 2014-05-04 15:45 - 00000000 ____D () C:\Windows\Minidump
2014-06-16 16:13 - 2009-07-14 06:20 - 00000000 ____D () C:\Windows\rescache
2014-06-16 14:27 - 2012-07-10 15:01 - 00000000 ____D () C:\Users\Csolsim\AppData\Roaming\vlc
2014-06-16 13:28 - 2014-06-16 13:28 - 00007597 _____ () C:\Users\Csolsim\AppData\Local\Resmon.ResmonCfg
2014-06-16 02:25 - 2013-02-25 00:48 - 00000000 ____D () C:\Users\Csolsim\Documents\Mount&Blade Warband Savegames
2014-06-16 01:49 - 2013-07-11 08:03 - 00000000 ____D () C:\Windows\system32\MRT
2014-06-16 01:43 - 2012-06-27 18:47 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-06-16 01:43 - 2010-02-10 09:16 - 95414520 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-06-16 01:38 - 2014-02-06 03:30 - 00000000 ____D () C:\Users\Csolsim\Documents\Elder Scrolls Online
2014-06-16 00:37 - 2013-12-31 11:24 - 00085328 _____ (AVAST Software) C:\Windows\system32\Drivers\aswstm.sys
2014-06-16 00:37 - 2012-06-28 12:34 - 01039096 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsnx.sys
2014-06-16 00:37 - 2012-06-28 12:34 - 00423240 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys
2014-06-16 00:25 - 2013-11-19 16:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast
2014-06-16 00:25 - 2013-09-11 00:23 - 00000000 ____D () C:\Users\Guest
2014-06-16 00:25 - 2012-06-28 11:29 - 00000000 ____D () C:\ProgramData\Atheros
2014-06-16 00:23 - 2013-08-21 17:02 - 00000000 ____D () C:\Users\hedev
2014-06-16 00:23 - 2009-07-14 06:20 - 00000000 ____D () C:\Windows\registration
2014-06-15 20:01 - 2014-06-15 20:01 - 00000000 ____D () C:\Users\Default\AppData\Local\NVIDIA Corporation
2014-06-15 20:01 - 2014-06-15 20:01 - 00000000 ____D () C:\Users\Default\AppData\Local\NVIDIA
2014-06-15 20:01 - 2014-06-15 20:01 - 00000000 ____D () C:\Users\Default User\AppData\Local\NVIDIA Corporation
2014-06-15 20:01 - 2014-06-15 20:01 - 00000000 ____D () C:\Users\Default User\AppData\Local\NVIDIA
2014-06-13 09:12 - 2014-06-13 09:12 - 00296712 _____ () C:\Windows\Minidump\061314-65442-01.dmp
2014-06-12 18:15 - 2014-06-12 18:13 - 00000000 ____D () C:\Users\Csolsim\Documents\Venetica
2014-06-12 02:18 - 2012-06-27 20:11 - 00000000 ____D () C:\NVIDIA
2014-06-12 01:03 - 2014-06-12 01:03 - 00000000 ____D () C:\Users\Csolsim\AppData\Roaming\Venetica
2014-06-12 01:03 - 2014-06-12 01:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\R.G. Mechanics
2014-06-12 00:09 - 2012-07-14 15:16 - 00000000 ____D () C:\Users\Csolsim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2014-06-11 12:05 - 2013-12-31 16:52 - 00000000 ____D () C:\Users\Csolsim\Documents\VirtualDJ
2014-06-11 10:46 - 2014-06-11 10:45 - 04977200 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-06-11 10:46 - 2014-06-11 10:45 - 00296976 _____ () C:\Windows\Minidump\061114-76877-01.dmp
2014-06-11 10:45 - 2014-06-11 10:45 - 00000000 _____ () C:\Windows\setuperr.log
2014-06-10 21:00 - 2012-06-27 20:15 - 00000000 ____D () C:\Users\Csolsim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2014-06-10 21:00 - 2012-06-27 20:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2014-06-10 21:00 - 2012-06-27 20:14 - 00000000 ____D () C:\Program Files\WinRAR
2014-06-08 13:09 - 2014-06-08 13:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-06-08 13:09 - 2014-06-08 13:07 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-06-08 13:09 - 2014-06-08 13:07 - 00000000 ____D () C:\Program Files\iTunes
2014-06-08 13:09 - 2014-06-08 13:07 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-06-08 13:07 - 2014-06-08 13:07 - 00000000 ____D () C:\Program Files\iPod
2014-06-02 22:24 - 2009-07-14 06:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-06-02 21:58 - 2012-06-27 18:38 - 00000000 ___RD () C:\Users\Csolsim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-06-02 21:58 - 2012-06-27 18:38 - 00000000 ___RD () C:\Users\Csolsim\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-06-02 21:49 - 2014-06-02 21:49 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-06-02 20:29 - 2012-08-09 14:07 - 00000000 ____D () C:\Users\Csolsim\AppData\Local\Skyrim
2014-05-30 13:21 - 2014-06-16 01:34 - 23414784 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-05-30 13:02 - 2014-06-16 01:35 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-05-30 13:02 - 2014-06-16 01:35 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-05-30 12:45 - 2014-06-16 01:35 - 02768384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-05-30 12:39 - 2014-06-16 01:35 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-05-30 12:39 - 2014-06-16 01:34 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-05-30 12:38 - 2014-06-16 01:35 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-05-30 12:28 - 2014-06-16 01:35 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-05-30 12:27 - 2014-06-16 01:35 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-05-30 12:24 - 2014-06-16 01:34 - 00574976 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-05-30 12:21 - 2014-06-16 01:35 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-05-30 12:21 - 2014-06-16 01:34 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-05-30 12:20 - 2014-06-16 01:34 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-05-30 12:18 - 2014-06-16 01:35 - 17271296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-05-30 12:11 - 2014-06-16 01:34 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-05-30 12:08 - 2014-06-16 01:34 - 05782528 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-05-30 12:06 - 2014-06-16 01:35 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-05-30 12:02 - 2014-06-16 01:35 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-05-30 11:55 - 2014-06-16 01:35 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-05-30 11:49 - 2014-06-16 01:34 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-05-30 11:46 - 2014-06-16 01:34 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-05-30 11:44 - 2014-06-16 01:35 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-05-30 11:44 - 2014-06-16 01:34 - 00295424 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-05-30 11:43 - 2014-06-16 01:35 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-05-30 11:42 - 2014-06-16 01:35 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-05-30 11:38 - 2014-06-16 01:35 - 02179072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-05-30 11:35 - 2014-06-16 01:35 - 00608768 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-05-30 11:34 - 2014-06-16 01:35 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-05-30 11:33 - 2014-06-16 01:35 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-05-30 11:30 - 2014-06-16 01:35 - 00440832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-05-30 11:29 - 2014-06-16 01:35 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-05-30 11:28 - 2014-06-16 01:35 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-05-30 11:27 - 2014-06-16 01:35 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-05-30 11:24 - 2014-06-16 01:34 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-05-30 11:23 - 2014-06-16 01:35 - 02040832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-05-30 11:16 - 2014-06-16 01:35 - 00368128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-05-30 11:10 - 2014-06-16 01:35 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-05-30 11:06 - 2014-06-16 01:35 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-05-30 11:04 - 2014-06-16 01:35 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-05-30 11:02 - 2014-06-16 01:35 - 00242688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-05-30 10:56 - 2014-06-16 01:35 - 04244992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-05-30 10:56 - 2014-06-16 01:34 - 02266112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-05-30 10:54 - 2014-06-16 01:35 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-05-30 10:50 - 2014-06-16 01:35 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-05-30 10:49 - 2014-06-16 01:35 - 01964544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-05-30 10:43 - 2014-06-16 01:34 - 13522944 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-05-30 10:40 - 2014-06-16 01:35 - 11725312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-05-30 10:30 - 2014-06-16 01:35 - 01398272 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-05-30 10:21 - 2014-06-16 01:35 - 01790976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-05-30 10:15 - 2014-06-16 01:35 - 01143296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-05-30 10:13 - 2014-06-16 01:35 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-05-30 10:13 - 2014-06-16 01:34 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-05-29 18:21 - 2014-02-03 16:22 - 00000000 ____D () C:\Users\Csolsim\Desktop\ad8931a3ae084a5a86591b889c6dc4190d30baa5
2014-05-29 14:02 - 2009-07-14 06:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-05-27 19:13 - 2012-06-27 19:53 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-05-27 19:06 - 2013-04-19 20:19 - 00000000 ____D () C:\Users\Csolsim\AppData\Roaming\Bioshock
2014-05-27 15:01 - 2012-06-28 11:22 - 00000000 ____D () C:\ProgramData\PCDr
2014-05-27 14:31 - 2014-05-27 14:31 - 00000000 ____D () C:\Windows\SysWOW64\NV
2014-05-27 14:31 - 2014-05-27 14:31 - 00000000 ____D () C:\Windows\system32\NV
2014-05-23 22:11 - 2012-06-28 10:54 - 00000000 ____D () C:\Users\Csolsim\AppData\Roaming\Skype
 
==================== Bamital & volsnap Check =================
 
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2014-06-18 18:48
 
==================== End Of Log ============================
Link to post
Share on other sites
Raltharan

Raltharan

Posted
  • Author
Posted

Addition log as post was too long:

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 16-06-2014
Ran by Csolsim at 2014-06-21 12:31:32
Running from C:\Users\Csolsim\Desktop
Boot Mode: Normal
==========================================================
 
 
==================== Security Center ========================
 
AV: avast! Antivirus (Disabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Disabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
 
==================== Installed Programs ======================
 
64 Bit HP CIO Components Installer (Version: 7.2.8 - Hewlett-Packard) Hidden
8-in-Right (HKLM-x32\...\InstallShield_{11EC41FA-5F24-4D3D-AC61-080171D79CD4}) (Version: 11.09.0001 - A4TECH)
8-in-Right (x32 Version: 11.09.0001 - A4TECH) Hidden
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 13.0.0.111 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 13.0.0.111 - Adobe Systems Incorporated) Hidden
Adobe Community Help (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.4.980 - Adobe Systems Incorporated.)
Adobe Community Help (x32 Version: 3.4.980 - Adobe Systems Incorporated.) Hidden
Adobe Digital Editions 2.0 (HKLM-x32\...\Adobe Digital Editions 2.0) (Version: 2.0 - Adobe Systems Incorporated)
Adobe Flash Player 13 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 13.0.0.214 - Adobe Systems Incorporated)
Adobe Flash Player 13 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 13.0.0.214 - Adobe Systems Incorporated)
Adobe Premiere Pro CS5.5 (HKLM-x32\...\{0497EAED-70DA-4BBE-BEB3-AF77FD8788EA}) (Version: 5.5 - Adobe Systems Incorporated)
Adobe Premiere Pro CS5.5 Functional Content (HKLM-x32\...\{B0D32525-8AFA-43C4-B84D-AB2A844D5EAD}) (Version: 5.5.0 - Adobe Systems Incorporated)
Adobe Reader X (10.1.10) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AA1000000001}) (Version: 10.1.10 - Adobe Systems Incorporated)
Adobe Story (HKLM-x32\...\com.adobe.AdobeStory.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.0.571 - Adobe Systems Incorporated)
Adobe Story (x32 Version: 1.0.571 - Adobe Systems Incorporated) Hidden
Apple Application Support (HKLM-x32\...\{D9DAD0FF-495A-472B-9F10-BAE430A26682}) (Version: 3.0.3 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{787136D2-F0F8-4625-AA3F-72D7795AC842}) (Version: 7.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Arc (HKLM-x32\...\{CED8E25B-122A-4E80-B612-7F99B93284B3}) (Version: 1.0.0.5510 - Perfect World Entertainment)
Audacity 2.0.4 (HKLM-x32\...\Audacity_is1) (Version: 2.0.4 - Audacity Team)
avast! Free Antivirus (HKLM-x32\...\avast) (Version: 9.0.2018 - Avast Software)
BitRaider Web Client (HKLM-x32\...\BitRaider Web Client) (Version: 1.1.3.1 - BitRaider, LLC)
Bluetooth Win7 Suite (64) (HKLM\...\{230D1595-57DA-4933-8C4E-375797EBB7E1}) (Version: 7.2.0.83 - Atheros Communications)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
BOSS (HKLM-x32\...\BOSS) (Version: 2.1.1 - BOSS Development Team)
Brytenwalda version 1.40 (HKLM-x32\...\{4D15C6C1-74C9-4AA4-8378-CEEDE7E53F39}_is1) (Version: 1.40 - Brytenwalda Dev.)
BS.Player FREE (HKLM-x32\...\BSPlayerf) (Version: 2.65.1074 - AB Team, d.o.o.)
BufferChm (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
Copy (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
Coupon Printer for Windows (HKLM-x32\...\Coupon Printer for Windows5.0.0.0) (Version: 5.0.0.0 - Coupons.com Incorporated)
Dark Souls Prepare to Die Edition (HKLM-x32\...\GFWL_{4E4D0FA1-F880-4CCB-999A-501000008200}) (Version: 1.0.0000.130 - NAMCO BANDAI Games Europe S.A.S.)
Dark Souls Prepare to Die Edition (x32 Version: 1.0.0000.130 - NAMCO BANDAI Games Europe S.A.S.) Hidden
Dell Digital Delivery (HKLM-x32\...\{31045ECE-019D-4DDF-A5C8-5C51A3FE50EE}) (Version: 1.7.4501.0 - Dell Products, LP)
Dell Driver Download Manager (HKCU\...\bd4d3a0508d364f5) (Version: 3.0.0.0 - Dell Inc)
Dell System Detect (HKCU\...\9204f5692a8faf3b) (Version: 5.8.1.1 - Dell)
Dell System Detect Bootstrapper (HKCU\...\8e3135b376bd523e) (Version: 1.1.0.15 - Dell)
Dell WLAN and Bluetooth Client Installation (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 9.0 - Dell Inc.)
Destinations (x32 Version: 140.0.77.000 - Hewlett-Packard) Hidden
DeviceDiscovery (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
DiskMax 4.71 (HKLM\...\DiskMax) (Version: 4.71 - KoshyJohn.com)
DJ_AIO_06_F2400_SW_Min (x32 Version: 140.0.690.000 - Hewlett-Packard) Hidden
Dual-Core Optimizer (HKLM-x32\...\{9FD6F1A8-5550-46AF-8509-271DF0E768B5}) (Version: 1.1.4.0169 - AMD)
ERUNT 1.1j (HKLM-x32\...\ERUNT_is1) (Version:  - Lars Hederer)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version:  - )
Explorer Suite III (HKLM\...\Explorer Suite_is1) (Version:  - )
F2400 (x32 Version: 140.0.690.000 - Hewlett-Packard) Hidden
Facebook Video Calling 2.0.0.447 (HKLM-x32\...\{8DF41A9F-FE13-43E8-A003-5F9B55A011EE}) (Version: 2.0.447 - Skype Limited)
Game Booster 3 (HKLM-x32\...\Game Booster_is1) (Version: 3.4 - IObit)
Google Chrome (HKCU\...\Google Chrome) (Version: 35.0.1916.153 - Google Inc.)
Google Talk (remove only) (HKLM-x32\...\{226b64e8-dc75-4eea-a6c8-abcb496320f2}-Google Talk) (Version:  - )
GPBaseService2 (x32 Version: 140.0.211.000 - Hewlett-Packard) Hidden
Guild Wars 2 (HKLM-x32\...\Guild Wars 2) (Version:  - NCsoft Corporation, Ltd.)
HP Customer Participation Program 14.0 (HKLM\...\HPExtendedCapabilities) (Version: 14.0 - HP)
HP Deskjet F2400 All-in-One Driver Software 14.0 Rel. 6 (HKLM\...\{819CA3BC-2FF8-4811-B42F-421F7BFD3559}) (Version: 14.0 - HP)
HP Imaging Device Functions 14.0 (HKLM\...\HP Imaging Device Functions) (Version: 14.0 - HP)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.2024 - HP Photo Creations Powered by RocketLife)
HP Smart Web Printing 4.60 (HKLM\...\HP Smart Web Printing) (Version: 4.60 - HP)
HP Solution Center 14.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 14.0 - HP)
HP Update (HKLM-x32\...\{97486FBE-A3FC-4783-8D55-EA37E9D171CC}) (Version: 5.005.000.002 - Hewlett-Packard)
HPDiagnosticAlert (x32 Version: 1.00.0000 - Microsoft) Hidden
HPPhotoGadget (x32 Version: 140.0.524.000 - Hewlett-Packard) Hidden
HPProductAssistant (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
HPSSupply (x32 Version: 140.0.211.000 - Hewlett-Packard) Hidden
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6341.0 - IDT)
ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.7.0 - LIGHTNING UK!)
Intel® Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1118 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.2843 - Intel Corporation)
Intel® SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
iTunes (HKLM\...\{5A68A656-979F-4168-8795-E2E368AA4DC2}) (Version: 11.2.2.3 - Apple Inc.)
LG PC Suite (HKLM-x32\...\LG PC Suite) (Version: 5.3.01.20130729 - LG Electronics)
LG United Mobile Driver (HKLM-x32\...\{2A3A4BD6-6CE0-4E2A-80D2-1D0FF6ACBFBA}) (Version: 3.8.1 - LG Electronics)
Malwarebytes Anti-Malware version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
MarketResearch (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
Microsoft .NET Framework 1.1 (HKLM-x32\...\Microsoft .NET Framework 1.1  (1033)) (Version:  - )
Microsoft .NET Framework 1.1 (x32 Version: 1.1.4322 - Microsoft) Hidden
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Chart Controls for Microsoft .NET Framework 3.5 (KB2500170) (HKLM-x32\...\{41785C66-90F2-40CE-8CB5-1C94BFC97280}) (Version: 3.5.30730.0 - Microsoft Corporation)
Microsoft Game Studios Common Redistributables Pack 1 (x32 Version: 1.0.0 - Microsoft Game Studios) Hidden
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{F2508213-9989-4E85-A078-72BE483917EF}) (Version: 3.5.88.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden
Microsoft Office Access MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Access Setup Metadata MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office InfoPath MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Professional Plus 2007 (HKLM-x32\...\PROPLUS) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden
Microsoft Office Publisher MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Research Mesh Virtual WIFI (HKLM-x32\...\{034A32D5-699E-4AED-A2EB-2CCB6E7F37F1}) (Version: 1.0.000 - Microsoft Research)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106 (HKLM-x32\...\{6e8f74e0-43bd-4dce-8477-6ff6828acc07}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106 (HKLM-x32\...\{8e70e4e1-06d7-470b-9f74-a51bef21088e}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.51106 (Version: 11.0.51106 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.51106 (Version: 11.0.51106 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.51106 (x32 Version: 11.0.51106 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.51106 (x32 Version: 11.0.51106 - Microsoft Corporation) Hidden
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
Microsoft XML Parser (x32 Version: 8.20.8730.4 - Microsoft Corporation) Hidden
Microsoft_VC80_ATL_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_CRT_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_CRT_x86_x64 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFC_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFC_x86_x64 (Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFCLOC_x86 (x32 Version: 8.0.50727.4053 - Adobe) Hidden
Microsoft_VC80_MFCLOC_x86_x64 (Version: 80.50727.4053 - Adobe) Hidden
Microsoft_VC90_ATL_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_ATL_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_CRT_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_CRT_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFC_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFC_x86_x64 (Version: 1.00.0000 - Adobe) Hidden
Microsoft_VC90_MFCLOC_x86 (x32 Version: 1.00.0000 - Adobe) Hidden
Minion (HKCU\...\{Minion}}_is1) (Version: 2.0 - ZAM Network LLC)
Mount.and.Blade.Warband (HKLM-x32\...\Mount.and.Blade.Warband_is1) (Version:  - )
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
My Dell (HKLM\...\PC-Doctor for Windows) (Version: 3.5.6426.22 - PC-Doctor, Inc.)
Nexus Mod Manager (HKLM\...\6af12c54-643b-4752-87d0-8335503010de_is1) (Version: 0.49.3 - Black Tree Gaming)
NVIDIA 3D Vision Driver 337.88 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 337.88 - NVIDIA Corporation)
NVIDIA Control Panel 337.88 (Version: 337.88 - NVIDIA Corporation) Hidden
NVIDIA Graphics Driver 337.88 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 337.88 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.30.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.30.1 - NVIDIA Corporation)
NVIDIA Install Application (Version: 2.1002.157.1165 - NVIDIA Corporation) Hidden
NVIDIA Network Service (Version: 1.0 - NVIDIA Corporation) Hidden
NVIDIA Optimus Update 14.6.22 (Version: 14.6.22 - NVIDIA Corporation) Hidden
NVIDIA PhysX (x32 Version: 9.13.1220 - NVIDIA Corporation) Hidden
NVIDIA PhysX System Software 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)
NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.12.6514 - NVIDIA Corporation) Hidden
NVIDIA Update Core (Version: 14.6.22 - NVIDIA Corporation) Hidden
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
Origin (HKLM-x32\...\Origin) (Version: 9.4.6.2792 - Electronic Arts, Inc.)
PxMergeModule (x32 Version: 1.00.0000 - Your Company Name) Hidden
Quickset64 (HKLM\...\{87CF757E-C1F1-4D22-865C-00C6950B5258}) (Version: 10.09.25 - Dell Inc.)
QuickTime 7 (HKLM-x32\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)
RAD Video Tools (HKLM-x32\...\RADVideo) (Version:  - )
RadeonPro 1.0 (Build 1.1.1.0) (HKLM-x32\...\RadeonPro_is1) (Version:  - )
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.31.1025.2010 - Realtek)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7600.30126 - Realtek Semiconductor Corp.)
S.T.A.L.K.E.R. - Shadow of Chernobyl [v1.0006] (HKLM-x32\...\S.T.A.L.K.E.R. - Shadow of Chernobyl_is1) (Version: 1.0006 - THQ)
Scan (x32 Version: 140.0.80.000 - Hewlett-Packard) Hidden
Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 14.0 - HP)
Skype Click to Call (HKLM-x32\...\{BB285C9F-C821-4770-8970-56C4AB52C87E}) (Version: 7.2.15747.10003 - Microsoft Corporation)
Skype™ 6.16 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.16.105 - Skype Technologies S.A.)
SmartWebPrinting (x32 Version: 140.0.186.000 - Hewlett-Packard) Hidden
SolutionCenter (x32 Version: 140.0.213.000 - Hewlett-Packard) Hidden
Stalker Complete 2009 (HKLM-x32\...\{Stalker Complete 2009 v1.4.4}}_is1) (Version:  - )
Status (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
System Requirements Lab CYRI (HKLM-x32\...\{943A8D28-80D6-41DC-AE94-81FEB42041BF}) (Version: 4.5.1.0 - Husdawg, LLC)
System Requirements Lab for Intel (HKLM-x32\...\{C5DA59CF-2BB8-48D5-8E5B-17F2E0F0FEE4}) (Version: 4.5.5.0 - Husdawg, LLC)
TES Construction Set (HKLM-x32\...\{605333A6-963F-480C-A358-1301CAA6CFF6}) (Version:  - )
TES Construction Set (HKLM-x32\...\{8245C111-D83F-4C66-BBC6-2424F6116944}) (Version:  - )
The Bard's Tale (HKLM-x32\...\GOGPACKBARDSTALE_is1) (Version: 2.0.0.7 - GOG.com)
The Elder Scrolls Online (HKLM-x32\...\The Elder Scrolls Online) (Version: 1.0.0.0 - Zenimax Online Studios)
The Lord of the Rings Online™ v03.07.00.8037 (HKLM-x32\...\12bbe590-c890-11d9-9669-0800200c9a66_is1) (Version: 03.07.00.8037 - Turbine, Inc.)
The Lord of the Rings: War in the North (HKLM-x32\...\Steam App 32800) (Version:  - Snowblind Studios)
The Sims Medieval (HKLM-x32\...\{83BEEFB4-8C28-4F4F-8A9D-E0D1ADCE335B}) (Version: 2.0.113 - Electronic Arts)
TI USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{B1EB7FFF-6E44-43D8-869D-B78E44CD3E0F}) (Version: 1.12.14.0 - Texas Instruments Inc.)
TI USB3 Host Driver (x32 Version: 1.12.14.0 - Texas Instruments Inc.) Hidden
Tom Clancy's Splinter Cell® Blacklist™ (HKLM-x32\...\{A6356F2F-D3E1-4D83-9AA2-72871DD0C298}) (Version: 1.01 - Ubisoft)
Toolbox (x32 Version: 140.0.428.000 - Hewlett-Packard) Hidden
TrayApp (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
TreeSize Free V2.7 (HKLM-x32\...\TreeSize Free_is1) (Version: 2.7 - JAM Software)
TSEV Skyrim LE (HKLM-x32\...\TSEV Skyrim LE_is1) (Version: 2.0.0.0 - )
Tunngle beta (HKLM-x32\...\Tunngle beta_is1) (Version:  - Tunngle.net GmbH)
Unity Web Player (HKCU\...\UnityWebPlayer) (Version:  - Unity Technologies ApS)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update for Microsoft Office 2007 Help for Common Features (KB963673) (HKLM-x32\...\{90120000-006E-0409-0000-0000000FF1CE}_PROPLUS_{AB365889-0395-4FAD-B702-CA5985D53D42}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (HKLM-x32\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{A024FC7B-77DE-45DE-A058-1C049A17BFB3}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-002A-0000-1000-0000000FF1CE}_PROPLUS_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (HKLM-x32\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}) (Version:  - Microsoft)
Update for Microsoft Office Access 2007 Help (KB963663) (HKLM-x32\...\{90120000-0015-0409-0000-0000000FF1CE}_PROPLUS_{6B76A18A-AA1E-42AB-A7AD-6C84BBB43987}) (Version:  - Microsoft)
Update for Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0409-0000-0000000FF1CE}_PROPLUS_{199DF7B6-169C-448C-B511-1054101BE9C9}) (Version:  - Microsoft)
Update for Microsoft Office Infopath 2007 Help (KB963662) (HKLM-x32\...\{90120000-0044-0409-0000-0000000FF1CE}_PROPLUS_{716B81B8-B13C-41DF-8EAC-7A2F656CAB63}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition (HKLM-x32\...\{90120000-001A-0409-0000-0000000FF1CE}_PROPLUS_{ED38F8A3-4F61-494E-8BCA-E3AC7760C924}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 (KB2863811) 32-Bit Edition (HKLM-x32\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{53DEC068-4690-4F6B-9946-7D21EF02236B}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 Help (KB963677) (HKLM-x32\...\{90120000-001A-0409-0000-0000000FF1CE}_PROPLUS_{0451F231-E3E3-4943-AB9F-58EB96171784}) (Version:  - Microsoft)
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2881065) 32-Bit Edition (HKLM-x32\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{B7EF38F7-1D58-4085-A9A4-0F6C69A5AA1E}) (Version:  - Microsoft)
Update for Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0409-0000-0000000FF1CE}_PROPLUS_{397B1D4F-ED7B-4ACA-A637-43B670843876}) (Version:  - Microsoft)
Update for Microsoft Office Publisher 2007 Help (KB963667) (HKLM-x32\...\{90120000-0019-0409-0000-0000000FF1CE}_PROPLUS_{2E40DE55-B289-4C8B-8901-5D369B16814F}) (Version:  - Microsoft)
Update for Microsoft Office Script Editor Help (KB963671) (HKLM-x32\...\{90120000-006E-0409-0000-0000000FF1CE}_PROPLUS_{CD11C6A2-FFC6-4271-8EAB-79C3582F505C}) (Version:  - Microsoft)
Update for Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0409-0000-0000000FF1CE}_PROPLUS_{80E762AA-C921-4839-9D7D-DB62A72C0726}) (Version:  - Microsoft)
Uplay (HKLM-x32\...\Uplay) (Version: 3.0 - Ubisoft)
Venetica (HKLM-x32\...\Venetica_R.G. Mechanics_is1) (Version:  - R.G. Mechanics, spider91)
VirtualDJ PRO Full (HKLM-x32\...\{C515E2A3-4878-4C85-A519-52630C7AB08B}) (Version: 7.3 - Atomix Productions)
VLC media player 2.1.3 (HKLM-x32\...\VLC media player) (Version: 2.1.3 - VideoLAN)
WebReg (x32 Version: 140.0.212.017 - Hewlett-Packard) Hidden
Windows Live ID Sign-in Assistant (HKLM\...\{9B48B0AC-C813-4174-9042-476A887592C7}) (Version: 6.500.3165.0 - Microsoft Corporation)
WinRAR 5.01 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)
Xfire 2.0 (HKLM-x32\...\{43ADAE00-A4ED-4379-A76D-A1FF5D9D334A}_is1) (Version: 2.0 - Xfire, Inc.)
Xfire Codec (remove only) (HKLM-x32\...\XfireCodec) (Version:  - )
 
==================== Restore Points  =========================
 
20-06-2014 09:23:32 Removed Java 7 Update 60
20-06-2014 09:30:01 Removed JavaFX 2.1.1
 
==================== Hosts content: ==========================
 
2009-07-14 05:34 - 2014-06-19 16:27 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1       localhost
 
==================== Scheduled Tasks (whitelisted) =============
 
Task: {09265653-CD7D-4630-B614-5CA4E6F78A47} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-05-04] (AVAST Software)
Task: {23D775DC-347A-414F-9A24-50B70A74DA79} - System32\Tasks\PCDEventLauncherTask => C:\Program Files\My Dell\sessionchecker.exe [2014-01-31] (PC-Doctor, Inc.)
Task: {2C7970DD-E2D0-4D6E-9F1F-F921B2193C46} - System32\Tasks\{8CF94426-7442-4F3C-94F3-DFBA3E2A2EF5} => Iexplore.exe http://www.skype.com/go/downloading?source=lightinstaller&ver=4.1.0.179.259&LastError=404
Task: {31635A6E-BF59-45F4-A582-1AA4585F5906} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-4294059139-1934989550-1564584821-1000UA => C:\Users\Csolsim\AppData\Local\Google\Update\GoogleUpdate.exe [2012-06-28] (Google Inc.)
Task: {3E137066-79D5-45C5-8CB2-99DE8D396FBB} - System32\Tasks\SystemToolsDailyTest => uaclauncher.exe
Task: {54578A2B-00AB-4AE8-BD46-F6B4C15DA2E5} - System32\Tasks\PCDoctorBackgroundMonitorTask => C:\Program Files\My Dell\uaclauncher.exe [2014-01-31] (PC-Doctor, Inc.)
Task: {5CD84673-35D3-4592-A540-F406267DBBF9} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
Task: {6B4D5871-CDD6-454D-9C42-E92895197B12} - System32\Tasks\Game_Booster_AutoUpdate => C:\Program Files (x86)\IObit\Game Booster 3\AutoUpdate.exe [2013-06-09] ()
Task: {8E9BDF31-09A7-4322-99EB-F60C65A2C217} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-05-13] (Adobe Systems Incorporated)
Task: {908D0E26-6C64-4BD2-9798-3A0462C11804} - System32\Tasks\AdobeAAMUpdater-1.0-Csolsim-PC-Csolsim => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2012-09-20] (Adobe Systems Incorporated)
Task: {DB6402D5-FC22-4965-B254-8C8CAFC255F4} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-4294059139-1934989550-1564584821-1000UA => C:\Users\Csolsim\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-09-07] (Facebook Inc.)
Task: {F052C05F-E13E-4C83-A576-183D6B068040} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-4294059139-1934989550-1564584821-1000Core => C:\Users\Csolsim\AppData\Local\Google\Update\GoogleUpdate.exe [2012-06-28] (Google Inc.)
Task: {FAB4D252-DA2E-48F3-8C79-9E23DB29B0D8} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-4294059139-1934989550-1564584821-1000Core => C:\Users\Csolsim\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-09-07] (Facebook Inc.)
Task: {FB6FCDDB-E44B-475F-88BD-4091F40CAA57} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-4294059139-1934989550-1564584821-1000Core.job => C:\Users\Csolsim\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-4294059139-1934989550-1564584821-1000UA.job => C:\Users\Csolsim\AppData\Local\Facebook\Update\FacebookUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4294059139-1934989550-1564584821-1000Core.job => C:\Users\Csolsim\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-4294059139-1934989550-1564584821-1000UA.job => C:\Users\Csolsim\AppData\Local\Google\Update\GoogleUpdate.exe
 
==================== Loaded Modules (whitelisted) =============
 
2013-11-22 17:20 - 2014-05-20 04:25 - 00116568 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2012-06-28 11:03 - 2011-04-10 10:40 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2011-09-06 15:38 - 2011-09-06 15:38 - 03515904 _____ () C:\Program Files (x86)\Standard8-in-Right\Standard8inRight.exe
2014-06-20 23:50 - 2014-06-20 23:50 - 02783232 _____ () C:\Program Files\AVAST Software\Avast\defs\14062001\algo.dll
2014-06-21 12:22 - 2014-06-21 12:22 - 02783744 _____ () C:\Program Files\AVAST Software\Avast\defs\14062100\algo.dll
2014-01-20 15:17 - 2014-01-20 15:17 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-01-20 15:16 - 2014-01-20 15:16 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2013-11-22 17:13 - 2014-05-20 05:44 - 00012120 _____ () C:\Program Files (x86)\NVIDIA Corporation\CoProcManager\detoured.dll
2010-12-02 18:56 - 2010-12-02 18:56 - 00815104 _____ () C:\Program Files (x86)\Standard8-in-Right\Data\Standard8inRight\Forms\OSD_Text\OSD_Text.dll
2011-01-09 21:45 - 2011-01-09 21:45 - 00088064 _____ () C:\Program Files (x86)\Standard8-in-Right\DLL\DLL_MouseDeviceManager.dll
2011-03-21 20:33 - 2011-03-21 20:33 - 00999424 _____ () C:\Program Files (x86)\Standard8-in-Right\Data\Standard8inRight\Forms\TrayIconWebAdvertisement\TrayIconWebAdvertisement.dll
2010-09-20 15:18 - 2010-09-20 15:18 - 00085504 _____ () C:\Program Files (x86)\Standard8-in-Right\DLL\DLL_ZoomControl.dll
2010-09-20 15:18 - 2010-09-20 15:18 - 00054272 _____ () C:\Program Files (x86)\Standard8-in-Right\DLL\DLL_ScrollbarControl.dll
2011-04-12 16:14 - 2011-04-12 16:14 - 00063488 _____ () C:\Program Files (x86)\Standard8-in-Right\DLL\DLL_AnalyzeGesturesInRight.dll
2010-11-01 21:16 - 2010-11-01 21:16 - 00062976 _____ () C:\Program Files (x86)\Standard8-in-Right\DLL\DLL_AnalyzeGesturesInOne.dll
2011-08-10 14:43 - 2011-08-10 14:43 - 00118272 _____ () C:\Program Files (x86)\Standard8-in-Right\DLL\DLL_Wheel4D.dll
2013-11-19 16:40 - 2013-11-19 16:40 - 19336120 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
 
==================== Alternate Data Streams (whitelisted) =========
 
AlternateDataStreams: C:\Program Files\Common Files\Microsoft Shared:nzntlBpjm1Bi7VZJqgwSz
AlternateDataStreams: C:\ProgramData\Microsoft:8c3ULJgB2pNZHGaE1x1eyoA
AlternateDataStreams: C:\ProgramData\Microsoft:p0NrwqaooXCEmtovT0P
AlternateDataStreams: C:\ProgramData\Microsoft:pRF6JPOj7z29D5mMp14wMT
AlternateDataStreams: C:\ProgramData\TEMP:ECF54A0E
AlternateDataStreams: C:\Users\Csolsim\AppData\Local\Temporary Internet Files:irPvyDL7v7bEffnlBu
 
==================== Safe Mode (whitelisted) ===================
 
 
==================== EXE Association (whitelisted) =============
 
 
==================== MSCONFIG/TASK MANAGER disabled items =========
 
 
==================== Faulty Device Manager Devices =============
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (06/20/2014 00:22:25 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest2" on line C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Component 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
 
Error: (06/20/2014 00:22:25 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest2" on line C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Component 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
 
Error: (06/20/2014 00:15:05 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest2" on line C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Component 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
 
Error: (06/20/2014 00:15:02 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
 
Error: (06/19/2014 06:28:12 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest2" on line C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Component 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
 
Error: (06/19/2014 06:28:12 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest2" on line C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Component 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
 
Error: (06/19/2014 05:53:04 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest2" on line C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Component 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
 
Error: (06/19/2014 05:53:04 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest2" on line C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Component 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
 
Error: (06/19/2014 02:52:55 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest2" on line C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
Component 2: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
 
Error: (06/19/2014 02:52:49 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
 
 
System errors:
=============
Error: (06/21/2014 00:24:17 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Dell Digital Delivery Service service terminated unexpectedly.  It has done this 1 time(s).
 
Error: (06/21/2014 00:14:13 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Dell Digital Delivery Service service terminated unexpectedly.  It has done this 1 time(s).
 
Error: (06/21/2014 00:11:46 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The RadeonPro Support Service service failed to start due to the following error: 
%%1053
 
Error: (06/21/2014 00:11:46 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the RadeonPro Support Service service to connect.
 
Error: (06/20/2014 11:52:36 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Dell Digital Delivery Service service terminated unexpectedly.  It has done this 1 time(s).
 
Error: (06/20/2014 11:49:52 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Atheros Bt&Wlan Coex Agent service to connect.
 
Error: (06/20/2014 11:59:23 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Dell Digital Delivery Service service terminated unexpectedly.  It has done this 1 time(s).
 
Error: (06/19/2014 06:11:46 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Dell Digital Delivery Service service terminated unexpectedly.  It has done this 1 time(s).
 
Error: (06/19/2014 05:01:05 PM) (Source: ipnathlp) (EventID: 1233) (User: )
Description: 
 
Error: (06/19/2014 05:01:05 PM) (Source: ipnathlp) (EventID: 1233) (User: )
Description: 
 
 
Microsoft Office Sessions:
=========================
 
CodeIntegrity Errors:
===================================
  Date: 2014-06-19 16:27:04.031
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2014-06-19 16:27:03.937
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2014-06-14 23:59:24.951
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
  Date: 2014-06-14 23:59:24.841
  Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
 
 
==================== Memory info =========================== 
 
Percentage of memory in use: 26%
Total physical RAM: 6050.05 MB
Available physical RAM: 4433.72 MB
Total Pagefile: 12098.27 MB
Available Pagefile: 10438 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:149.77 GB) (Free:68.24 GB) NTFS
Drive d: () (Fixed) (Total:546.87 GB) (Free:129.7 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 699 GB) (Disk ID: 0C7A859B)
Partition 1: (Not Active) - (Size=39 MB) - (Type=DE)
Partition 2: (Active) - (Size=2 GB) - (Type=0B)
Partition 3: (Not Active) - (Size=150 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=547 GB) - (Type=07 NTFS)
 
==================== End Of Log ============================
Link to post
Share on other sites
Raltharan

Raltharan

Posted
  • Author
Posted

I just had a strange crash while trying to run a Dell System Analysis under the section "Video Card Problems". At the hard drive test, the laptop failed the "Target Seek Test" (or something like that) and shortly after the screen flickered. Everything on the desktop was gone except My Computer and Recycle Bin icons. Windows explorer loaded an empty window (or rather, it didn't load at all) and I was forced to restart. I tried to restart via the CTRL-ALT-DEL but I got an error about having to restart the PC manually, since I couldn't acess the CTRL-ALT-DEL features. Then, I tried to restart the laptop from the START window but the laptop was stuck at a black screen. I then shut down the laptop manually via the power button.

 

Upon restart, everything is normal again. Was it related to the problems I was having earlier? Also, what does it mean to fail the "Target Seek Test" on the HDD?

Link to post
Share on other sites
  • Root Admin
AdvancedSetup

AdvancedSetup

Posted
  • Root Admin
Posted

That entry Target Seek Test failure would appear to indicate an issue with the hard drive which could certainly cause all sorts of issues on the computer.

 

The video card has this entry as an error in the Event Logs

 

Error: (06/21/2014 00:11:46 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The RadeonPro Support Service service failed to start due to the following error: 
%%1053
 
I would recommend doing another hard drive test - and if possible a long test and post back the results.
 
When we're done I'll give you information to read up on if wanted.
Link to post
Share on other sites
Raltharan

Raltharan

Posted
  • Author
Posted

Thanks for the advice! I tried to run a hard drive test, and it crashed at Target Read Test with a flickering screen followed by a blue screen.

 

Upon restart, windows directed me to these two files , a .dmp and a .xml. I uploaded the .xml, but the .dmp couldn't be uploaded. So I read the .dmp with Blue Screen Viewer and exported it:

 

==================================================
Dump File         : 062214-53726-01.dmp
Crash Time        : 22/06/2014 14:39:26
Bug Check String  : CRITICAL_OBJECT_TERMINATION
Bug Check Code    : 0x000000f4
Parameter 1       : 00000000`00000003
Parameter 2       : fffffa80`0662cb30
Parameter 3       : fffffa80`0662ce10
Parameter 4       : fffff800`03189270
Caused By Driver  : ntoskrnl.exe
Caused By Address : ntoskrnl.exe+75bc0
File Description  : NT Kernel & System
Product Name      : Microsoft® Windows® Operating System
Company           : Microsoft Corporation
File Version      : 6.1.7601.18409 (win7sp1_gdr.140303-2144)
Processor         : x64
Crash Address     : ntoskrnl.exe+75bc0
Stack Address 1   : 
Stack Address 2   : 
Stack Address 3   : 
Computer Name     : 
Full Path         : C:\Windows\Minidump\062214-53726-01.dmp
Processors Count  : 4
Major Version     : 15
Minor Version     : 7601
Dump File Size    : 286,888
Dump File Time    : 22/06/2014 14:41:10
==================================================
 
What can I do?

WER-71947-0.sysdata.xml

Link to post
Share on other sites
Raltharan

Raltharan

Posted
  • Author
Posted

I ran a troubleshooting tool on my laptop's manufacturer website. Several of the bluescreens were found to be a result of virus infection, others from faulty drivers. Ok until now, as we cleared ( I think? ) the infection and I updated the drivers. Another 'suggestion' would be to update my BIOS, since it would seem that a faulty / outdated BIOS is the culprit.

 

Now, I realize this is well beyond your usual support (since you've helped my quite a bit, thanks!), but can you give me a few last suggestions? Should I try and update my BIOS or should I just take the laptop back for repairs? I don't know if it's a software problem or a hardware one.

Link to post
Share on other sites
  • Root Admin
AdvancedSetup

AdvancedSetup

Posted
  • Root Admin
Posted

Please zip and attach a couple of the dump files that are the newest ones if they're not too big. As for BIOS updates that can potentially be dangerous for someone that's never done it. Its much easier than it used to be but can still potentially bite you. Seriously doubt BSOD is due to old BIOS unless you have a message from the MFG site saying so.

Link to post
Share on other sites
Raltharan

Raltharan

Posted
  • Author
Posted

Hello Ron,

 

Sorry for the long time between replies. I've had a total hard drive failure the other day. The laptop wouldn't boot at all or when it would boot I would get a blue screen. I had to take it to the manufacturer and hopefully they will replace the hard drive. Assuming that there was no viral infection which caused the failure. Case in which I will have to buy the replacement. Was I still infected, by the way?

 

Either way, thank you for all the help you have given me. If you could reccommend me some additional reading on the subject of malware, in order to know how to protect myself (what not to do - for instance using registry cleaners, which I didn't know at all before you told me), that would be great!

Link to post
Share on other sites
  • Root Admin
AdvancedSetup

AdvancedSetup

Posted
  • Root Admin
Posted

Nothing that should have been causing a BSOD. Just some common minor PUP entries.
 
Here is some information concerning keeping the computer clean.
 


As Java seems to get exploited on a regular basis I advise not using Java if possible but to at least disable java in your web browsers
How do I disable Java in my web browser? - Disable Java

A lot of reading here but if you take the time to read a bit of it you'll see why/how infections and general damage are so easily inflicted on the computer. There is also advice on how to prevent it and keep the system working well. Don't forget about good, solid backups of your data to an external drive that is not connected except when backing up your data. If you leave a backup drive connected and you do get infected it can easily damage, encrypt, delete, or corrupt your backups as well and then you'd lose all data.
Nothing is 100% bulletproof but with a little bit of education you can certainly swing things in your favor.

If you're not currently using Malwarebytes Premium then you may want to consider purchasing the product which can also help greatly reduce the risk of a future infection.

Link to post
Share on other sites
  • 1 month later...
  • Root Admin
AdvancedSetup

AdvancedSetup

Posted
  • Root Admin
Posted

Glad we could help. :)

If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites
Guest
This topic is now closed to further replies.
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.