Jump to content

Virus help-SERIOUS


Recommended Posts

Hello, yesterday, I have downloaded something and after I installed it I quickly deleted/un-installed it realizing it was a keylog/infection of some sort.

I went into Task manager and saw "psr.exe" knowing it was some kind of recording software/program to look at my info.

I deleted it, as well as terminated it, but the problem is, it seems that it has corrupted my administrative privileges.

 

PROBLEM: It prevents me from installing/opening virus-protection related softwares. -Including malawarebytes, etc.

Please help me ASAP, I'm in safe mode and shall remain in safe mode unless instructed other wise.

 

Thank you.

Link to post
Share on other sites

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 09-07-2014

Ran by User (administrator) on USER-PC on 10-07-2014 04:31:20

Running from C:\Users\User\Downloads

Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: English (United States)

Internet Explorer Version 11

Boot Mode: Safe Mode (with Networking)

 

The only official download link for FRST:



Download link from any site other than Bleeping Computer is unpermitted or outdated.


 

==================== Processes (Whitelisted) =================

 

(Microsoft Corporation) C:\ProgramData\NT Kernel\NTKernel.exe

(Microsoft Corporation) C:\Users\User\AppData\Roaming\csrss.exe

(Opera Software) C:\Program Files (x86)\Opera\22.0.1471.70\opera.exe

() C:\Program Files (x86)\Opera\22.0.1471.70\opera_crashreporter.exe

(Opera Software) C:\Program Files (x86)\Opera\22.0.1471.70\opera.exe

(Opera Software) C:\Program Files (x86)\Opera\22.0.1471.70\opera.exe

(Microsoft Corporation) C:\Windows\System32\taskmgr.exe

(OldTimer Tools) C:\Users\User\Downloads\OTL.exe

(Kaspersky Lab ZAO) C:\Users\User\Downloads\tdsskiller.exe

(Opera Software) C:\Program Files (x86)\Opera\22.0.1471.70\opera.exe

(Opera Software) C:\Program Files (x86)\Opera\22.0.1471.70\opera.exe

 

 

==================== Registry (Whitelisted) ==================

 

HKLM\...\Run: [Apoint] => C:\Program Files\DellTPad\Apoint.exe [626552 2012-04-09] (Alps Electric Co., Ltd.)

HKLM\...\Run: [QuickSet] => c:\Program Files\Dell\QuickSet\QuickSet.exe [3732848 2012-03-23] (Dell Inc.)

HKLM\...\Run: [Dell Audio] => C:\Program Files\Cirrus Logic Audio Panel\CirrusAudioPanel_Dell.exe [20567552 2012-05-10] ()

HKLM\...\Run: [broadcom Wireless Manager UI] => C:\Program Files\Dell\DW WLAN Card\WLTRAY.exe [7520768 2012-04-26] (Dell Inc.)

HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [558496 2014-02-27] (Adobe Systems Incorporated)

HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1271072 2014-03-11] (Microsoft Corporation)

HKLM\...\Run: [CanonSolutionMenu] => C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.exe [767312 2009-03-17] (CANON INC.)

HKLM\...\Run: [CanonMyPrinter] => C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2184520 2009-03-23] (CANON INC.)

HKLM-x32\...\Run: [iAStorIcon] => C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [284440 2012-02-01] (Intel Corporation)

HKLM-x32\...\Run: [Dell Webcam Central] => C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe [577024 2012-03-06] (Creative Technology Ltd)

HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43848 2014-02-12] (Apple Inc.)

HKLM-x32\...\Run: [sunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)

HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)

HKLM-x32\...\Run: [Aimersoft Helper Compact.exe] => C:\Program Files (x86)\Common Files\Aimersoft\Aimersoft Helper Compact\ASHelper.exe [1734144 2013-05-29] (AimerSoft)

HKLM-x32\...\Run: [] => [X]

HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-05-26] (Apple Inc.)

Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)

HKU\.DEFAULT\...\Run: [bitdefender Wallet Agent] => "C:\Program Files\Bitdefender\Bitdefender\pmbxag.exe"

HKU\.DEFAULT\...\Run: [bitdefender Wallet] => "C:\Program Files\Bitdefender\Bitdefender\pwdmanui.exe" --hidden --nowizard

HKU\.DEFAULT\...\Run: [bitdefender Wallet Application Agent] => "C:\Program Files\Bitdefender\Bitdefender\antispam32\bdapppassmgr.exe"

HKU\S-1-5-21-2278122046-1784014762-222765858-1000\...\Run: [Messenger (Yahoo!)] => C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe [6595928 2012-05-25] (Yahoo! Inc.)

HKU\S-1-5-21-2278122046-1784014762-222765858-1000\...\Run: [AdobeBridge] => [X]

HKU\S-1-5-21-2278122046-1784014762-222765858-1000\...\Run: [Akamai NetSession Interface] => C:\Users\User\AppData\Local\Akamai\netsession_win.exe [4672920 2014-04-17] (Akamai Technologies, Inc.)

HKU\S-1-5-21-2278122046-1784014762-222765858-1000\...\Run: [skyDrive] => C:\Users\User\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe [257224 2014-05-15] (Microsoft Corporation)

HKU\S-1-5-21-2278122046-1784014762-222765858-1000\...\Run: [bitTorrent] => C:\Users\User\AppData\Roaming\BitTorrent\BitTorrent.exe [1267032 2014-06-30] (BitTorrent Inc.)

HKU\S-1-5-21-2278122046-1784014762-222765858-1000\...\Run: [skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [21444224 2014-05-08] (Skype Technologies S.A.)

HKU\S-1-5-21-2278122046-1784014762-222765858-1000\...\Run: [LightShot] => C:\Users\User\AppData\Local\Skillbrains\lightshot\Lightshot.exe [226592 2014-03-12] ()

HKU\S-1-5-21-2278122046-1784014762-222765858-1000\...\Winlogon: [shell] C:\ProgramData\NT Kernel\NTKernel.exe [329728 2014-07-10] (Microsoft Corporation) <==== ATTENTION 

IFEO\AvastSvc.exe: [Debugger] nqij.exe

IFEO\AvastUI.exe: [Debugger] nqij.exe

IFEO\avcenter.exe: [Debugger] nqij.exe

IFEO\avconfig.exe: [Debugger] nqij.exe

IFEO\avgcsrvx.exe: [Debugger] nqij.exe

IFEO\avgidsagent.exe: [Debugger] nqij.exe

IFEO\avgnt.exe: [Debugger] nqij.exe

IFEO\avgrsx.exe: [Debugger] nqij.exe

IFEO\avguard.exe: [Debugger] nqij.exe

IFEO\avgui.exe: [Debugger] nqij.exe

IFEO\avgwdsvc.exe: [Debugger] nqij.exe

IFEO\avp.exe: [Debugger] nqij.exe

IFEO\avscan.exe: [Debugger] nqij.exe

IFEO\bdagent.exe: [Debugger] nqij.exe

IFEO\blindman.exe: [Debugger] nqij.exe

IFEO\ccuac.exe: [Debugger] nqij.exe

IFEO\ComboFix.exe: [Debugger] nqij.exe

IFEO\egui.exe: [Debugger] nqij.exe

IFEO\hijackthis.exe: [Debugger] nqij.exe

IFEO\instup.exe: [Debugger] nqij.exe

IFEO\keyscrambler.exe: [Debugger] nqij.exe

IFEO\mbam.exe: [Debugger] nqij.exe

IFEO\mbamgui.exe: [Debugger] nqij.exe

IFEO\mbampt.exe: [Debugger] nqij.exe

IFEO\mbamscheduler.exe: [Debugger] nqij.exe

IFEO\mbamservice.exe: [Debugger] nqij.exe

IFEO\rstrui.exe: [Debugger] nqij.exe

IFEO\SDFiles.exe: [Debugger] nqij.exe

IFEO\SDMain.exe: [Debugger] nqij.exe

IFEO\SDWinSec.exe: [Debugger] nqij.exe

IFEO\spybotsd.exe: [Debugger] nqij.exe

IFEO\wireshark.exe: [Debugger] nqij.exe

IFEO\zlclient.exe: [Debugger] nqij.exe

Lsa: [Notification Packages] scecli c:\Program Files\WIDCOMM\Bluetooth Software\BtwProximityCP.dll

Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk

ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)

Startup: C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk

ShortcutTarget: Dropbox.lnk -> C:\Users\User\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)

ShellIconOverlayIdentifiers:  SkyDrive1 -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  No File

ShellIconOverlayIdentifiers:  SkyDrive2 -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  No File

ShellIconOverlayIdentifiers:  SkyDrive3 -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  No File

ShellIconOverlayIdentifiers: DropboxExt1 -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} =>  No File

ShellIconOverlayIdentifiers: DropboxExt2 -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} =>  No File

ShellIconOverlayIdentifiers: DropboxExt3 -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} =>  No File

ShellIconOverlayIdentifiers: DropboxExt4 -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} =>  No File

ShellIconOverlayIdentifiers-x32:  SkyDrive1 -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  No File

ShellIconOverlayIdentifiers-x32:  SkyDrive2 -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  No File

ShellIconOverlayIdentifiers-x32:  SkyDrive3 -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  No File

ShellIconOverlayIdentifiers-x32: DropboxExt1 -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} =>  No File

ShellIconOverlayIdentifiers-x32: DropboxExt2 -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} =>  No File

ShellIconOverlayIdentifiers-x32: DropboxExt3 -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} =>  No File

BootExecute: autocheck autochk * SmartDefragBootTime.exe

GroupPolicy: Group Policy on Chrome detected <======= ATTENTION

 

==================== Internet (Whitelisted) ====================

 


HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.google.com

URLSearchHook: HKCU - (No Name) - {03EB0E9C-7A91-4381-A220-9B52B641CDB1} - No File

SearchScopes: HKLM - DefaultScope {451DB2E5-62A4-4DD8-A2DC-399981F96083} URL = http://www.bing.com/search?q={searchTerms}&form=IE9TR&src=IE9TR&pc=MDDSJS

SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 

SearchScopes: HKLM - {451DB2E5-62A4-4DD8-A2DC-399981F96083} URL = http://www.bing.com/search?q={searchTerms}&form=IE9TR&src=IE9TR&pc=MDDSJS

SearchScopes: HKLM-x32 - DefaultScope {BB74DE59-BC4C-4172-9AC4-73315F71CFFE} URL = http://websearch.fastosearch.info/?l=1&q={searchTerms}&pid=1387&r=2014/06/17&hid=6051478625501509087&lg=EN&cc=US&unqvl=55

SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 

SearchScopes: HKLM-x32 - {451DB2E5-62A4-4DD8-A2DC-399981F96083} URL = http://www.bing.com/search?q={searchTerms}&form=IE9TR&src=IE9TR&pc=MDDSJS




SearchScopes: HKCU - {95B7759C-8C7F-4BF1-B163-73684A933233} URL = http://mysearch.avg.com/search?cid={0CC125A9-9D1C-4A21-83F5-639125A54B06}&mid=8e59ebc49e444b9ca9e1be91718fd5d3-a49a24e35e7697e4496ced687597af7283a7b3c1〈=en&ds=AVG&coid=avgtbavg&cmpid=&pr=sa&d=2014-02-12 03:46:10&v=17.3.1.204&pid=safeguard&sg=0&sap=dsp&q={searchTerms}

SearchScopes: HKCU - {A614661F-9ECA-437D-AD8A-2B7D5B9F6FFD} URL = http://search.conduit.com/Results.aspx?ctid=CT3300019&SearchSource=45&UM=2&q={searchTerms}



SearchScopes: HKCU - {FE1E1825-A348-4887-86FE-3BE585FC54C8} URL = http://search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=198484&p={searchTerms}

BHO: No Name - {10921475-03CE-4E04-90CE-E2E7EF20C814} -  No File

BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)

BHO: Skype add-on for Internet Explorer - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)

BHO-x32: No Name - {02478D38-C3F9-4efb-9B51-7695ECA05670} -  No File

BHO-x32: No Name - {03EB0E9C-7A91-4381-A220-9B52B641CDB1} -  No File

BHO-x32: PasswordBox Helper - {5DB69B97-934B-451D-94DB-32EF802A01CD} - C:\Program Files (x86)\PasswordBox\Application\pbbtn.dll (PasswordBox, Inc.)

BHO-x32: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)

BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)

BHO-x32: No Name - {95B7759C-8C7F-4BF1-B163-73684A933233} -  No File

BHO-x32: No Name - {9D974C8C-6D92-44FB-BEAF-B45A1C0CF17F} -  No File

BHO-x32: Skype Browser Helper - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)

BHO-x32: No Name - {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} -  No File

BHO-x32: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)

Toolbar: HKLM - No Name - {03EB0E9C-7A91-4381-A220-9B52B641CDB1} -  No File

Toolbar: HKLM-x32 - No Name - {95B7759C-8C7F-4BF1-B163-73684A933233} -  No File

Toolbar: HKLM-x32 - No Name - {03EB0E9C-7A91-4381-A220-9B52B641CDB1} -  No File

DPF: HKLM-x32 {688C8675-1834-48FA-9DEF-4755CEFB9EDE} http://192.168.1.69/EDVR.CAB

Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)

Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)

Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)

Handler-x32: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\18.1.7\ViProtocol.dll (AVG Secure Search)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.254

 

FireFox:

========

FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_145.dll ()

FF Plugin: @microsoft.com/GENUINE - disabled No File

FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)

FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll ()

FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()

FF Plugin-x32: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin - C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\18.1.7\\npsitesafety.dll No File

FF Plugin-x32: @canon.com/EPPEX - C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)

FF Plugin-x32: @java.com/DTPlugin,version=10.40.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)

FF Plugin-x32: @java.com/JavaPlugin,version=10.40.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)

FF Plugin-x32: @messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6 - C:\Program Files (x86)\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)

FF Plugin-x32: @microsoft.com/GENUINE - disabled No File

FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)

FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF Plugin-x32: @nexon.net/NxGame - C:\ProgramData\NexonUS\NGM\npNxGameUS.dll No File

FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)

FF Plugin-x32: @perfectworld.com/npArcPlayNowPlugin - C:\Program Files (x86)\Perfect World Entertainment\Arc\Plugins\npArcPluginFF.dll No File

FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll No File

FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll No File

FF Plugin-x32: @TrendMicro.com/FFExtension - C:\Program Files\Trend Micro\Titanium\UIFramework\Toolbar\firefoxextension\components\npToolbarChrome.dll No File

FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF Plugin HKCU: @nsroblox.roblox.com/launcher - C:\Users\User\AppData\Local\Roblox\Versions\version-1112937d32504d8c\\NPRobloxProxy.dll ( ROBLOX Corporation)

FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\User\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)

FF Plugin HKCU: pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)

FF Plugin HKCU: thehappycloud.com/HappyCloudPlugin - C:\ProgramData\HappyCloud\Application\npHappyCloudPlugin.dll (The Happy Cloud)

FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\safeguard-secure-search.xml

FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2014-05-12]

FF HKLM-x32\...\Firefox\Extensions: [avg@toolbar] - C:\ProgramData\AVG SafeGuard toolbar\FireFoxExt\18.1.5.514

FF Extension: AVG SafeGuard toolbar - C:\ProgramData\AVG SafeGuard toolbar\FireFoxExt\18.1.5.514 []

FF HKLM-x32\...\Firefox\Extensions: [firefox@passwordbox.com] - C:\Program Files (x86)\PasswordBox\Firefox

FF Extension: PasswordBox - C:\Program Files (x86)\PasswordBox\Firefox [2013-11-21]

 

Chrome: 

=======

CHR HomePage: hxxp://google.com/

CHR StartupUrls: "hxxp://google.com/"

CHR Extension: (Advanced SystemCare Surfing Protection) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbmegnmpleoagolcnjnejdacakedpcgd [2014-07-01]

CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-05-25]

CHR Extension: (Roblox Group Enhancer by Merely) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ddjfhkkpgfghimddaekfocbahebohdim [2014-07-02]

CHR Extension: (SoundGecko) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dnpdaiiodhbjjcfmmflmidbhgibekagi [2014-07-02]

CHR Extension: (Roblox Auto-Signature) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\hbkjblojhhiigcklodheehnlmmjpibak [2014-05-05]

CHR Extension: (AVG SafeGuard) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof [2014-07-02]

CHR Extension: (Google Wallet) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-04-27]

CHR HKCU\...\Chrome\Extension: [apdfllckaahabafndbhieahigkjlhalf] - C:\Users\User\AppData\Local\Google\Drive\apdfllckaahabafndbhieahigkjlhalf_live.crx [2014-04-27]

CHR HKCU\...\Chrome\Extension: [kjjpeodeilefdpblgopdaoojammobcaf] - C:\Users\User\AppData\Local\CRE\kjjpeodeilefdpblgopdaoojammobcaf.crx [2014-04-27]

CHR HKLM-x32\...\Chrome\Extension: [kjjpeodeilefdpblgopdaoojammobcaf] - C:\Users\User\AppData\Local\CRE\kjjpeodeilefdpblgopdaoojammobcaf.crx [2014-04-27]

CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-04-11]

CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

 

==================== Services (Whitelisted) =================

 

S2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390720 2014-04-11] (Microsoft Corporation)

S2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1764992 2014-04-11] (Microsoft Corporation)

S2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [116104 2009-02-10] ()

S2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2014-03-11] () [File not signed]

S3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [347872 2014-03-11] (Microsoft Corporation)

S3 npggsvc; C:\Windows\SysWOW64\GameMon.des [4784312 2013-04-23] (INCA Internet Co., Ltd.) [File not signed]

S2 NVMS-SRV-CMS; C:\Program Files (x86)\NVMS5 Standard Edition\bin\cms.exe [155136 2012-05-23] () [File not signed]

S2 NVMS-SRV-DB; C:\Program Files (x86)\NVMS5 Standard Edition\data\bin\mysqld.exe [6562432 2009-03-16] ()

S2 NVMS-SRV-NRU; C:\Program Files (x86)\NVMS5 Standard Edition\bin\nru.exe [15872 2012-05-23] () [File not signed]

S2 NVMS-SRV-VTDU; C:\Program Files (x86)\NVMS5 Standard Edition\bin\vtdu.exe [14848 2012-05-23] () [File not signed]

S2 NVMS-SRV-WATCH; C:\Program Files (x86)\NVMS5 Standard Edition\bin\watch.exe [176640 2012-03-31] () [File not signed]

S2 PasswordBox; C:\Program Files (x86)\PasswordBox\pbbtnService.exe [67584 2014-05-14] (PasswordBox, Inc.) [File not signed]

S2 vToolbarUpdater18.1.7; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.7\ToolbarUpdater.exe [1807896 2014-06-24] (AVG Secure Search)

S2 wltrysvc; C:\Program Files\Dell\DW WLAN Card\bcmwltry.exe [6292992 2012-04-26] (Dell Inc.) [File not signed]

S2 AdvancedSystemCareService7; C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe [X]

S2 f7dc94c1; "C:\Windows\system32\rundll32.exe" "c:\progra~2\sssupp~1\AssistantSvc.dll",service

 

==================== Drivers (Whitelisted) ====================

 

S1 1551350drv; C:\Windows\System32\DRIVERS\1551350drv.sys [556632 2013-11-25] (Kaspersky Lab)

R1 avgtp; C:\Windows\system32\drivers\avgtpx64.sys [50464 2014-06-24] (AVG Technologies)

S3 bcbtums; C:\Windows\System32\drivers\bcbtums.sys [170200 2014-06-24] (Broadcom Corporation.)

S3 CirrusLFD; C:\Windows\System32\DRIVERS\CSLFDx64.sys [35328 2012-05-10] (Cirrus Logic)

R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [100312 2014-06-24] (Intel Corporation)

S0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [268512 2014-01-25] (Microsoft Corporation)

S3 netr28ux; C:\Windows\System32\DRIVERS\Dnetr28ux.sys [987648 2009-08-06] (Ralink Technology Corp.)

S2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [133928 2014-03-11] (Microsoft Corporation)

R0 SmartDefragDriver; C:\Windows\System32\Drivers\SmartDefragDriver.sys [21184 2013-12-24] (IObit)

S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]

S3 FileMonitor; \??\C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\FileMonitor.sys [X]

S3 hxsyol; \??\C:\AeriaGames\AuraKingdom\avital\hxsy64.sys [X]

S3 pccsmcfd; system32\DRIVERS\pccsmcfdx64.sys [X]

S3 RegFilter; \??\C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\regfilter.sys [X]

S3 UrlFilter; \??\C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\UrlFilter.sys [X]

S3 X6va012; \??\C:\Windows\SysWOW64\Drivers\X6va012 [X]

S3 X6va015; \??\C:\Windows\SysWOW64\Drivers\X6va015 [X]

S3 XFDriver64; \??\C:\Program Files (x86)\Xfire2\XFDriver64.sys [X]

S3 xhunter1; \??\C:\Windows\xhunter1.sys [X]

 

==================== NetSvcs (Whitelisted) ===================

 

 

==================== One Month Created Files and Folders ========

 

2014-07-10 04:31 - 2014-07-10 04:31 - 02084352 _____ (Farbar) C:\Users\User\Downloads\FRST64.exe

2014-07-10 04:31 - 2014-07-10 04:31 - 00023701 _____ () C:\Users\User\Downloads\FRST.txt

2014-07-10 04:31 - 2014-07-10 04:31 - 00000000 ____D () C:\FRST

2014-07-10 04:22 - 2014-07-10 04:22 - 04621032 _____ (Avira Operations GmbH & Co. KG) C:\Users\User\Downloads\avira_en_av___ws2.exe

2014-07-10 04:21 - 2014-07-10 04:21 - 38612976 _____ (IObit ) C:\Users\User\Downloads\Advanced-SystemCare.exe

2014-07-10 04:20 - 2014-07-10 04:20 - 00000000 ____D () C:\TDSSKiller_Quarantine

2014-07-10 04:17 - 2014-07-10 04:17 - 04181856 _____ (Kaspersky Lab ZAO) C:\Users\User\Downloads\tdsskiller.exe

2014-07-10 04:12 - 2014-07-10 04:12 - 00602112 _____ (OldTimer Tools) C:\Users\User\Downloads\OTL.exe

2014-07-10 04:03 - 2014-07-10 04:03 - 00222294 _____ () C:\Users\User\Documents\cc_20140710_040334.reg

2014-07-10 04:02 - 2014-07-10 04:02 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\User\Downloads\mbam-setup-2.0.2.1012 (2).exe

2014-07-10 04:01 - 2014-07-10 04:01 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\User\Downloads\mbam-setup-2.0.2.1012 (1).exe

2014-07-10 04:00 - 2014-07-10 04:00 - 06153352 _____ (Malwarebytes Corporation ) C:\Users\User\Downloads\1234.exe

2014-07-10 03:53 - 2014-07-10 03:53 - 03736040 _____ (Piriform Ltd) C:\Users\User\Downloads\ccsetup415_slim.exe

2014-07-10 03:53 - 2014-07-10 03:53 - 00000824 _____ () C:\Users\Public\Desktop\CCleaner.lnk

2014-07-10 03:53 - 2014-07-10 03:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner

2014-07-10 03:53 - 2014-07-10 03:53 - 00000000 ____D () C:\Program Files\CCleaner

2014-07-10 03:48 - 2014-07-10 03:48 - 00000000 ____D () C:\Windows\erdnt

2014-07-10 03:48 - 2014-07-10 03:48 - 00000000 ____D () C:\32788R22FWJFW

2014-07-10 03:47 - 2014-07-10 03:47 - 05217324 ____R (Swearware) C:\Users\User\Downloads\123.exe

2014-07-10 03:45 - 2014-07-10 03:45 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\User\Downloads\mbam-setup-2.0.2.1012.exe

2014-07-10 03:00 - 2014-07-10 03:00 - 00000000 __SHD () C:\Windows\SysWOW64\NT Kernel

2014-07-10 02:48 - 2014-07-10 02:48 - 00000000 ____D () C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bluetooth Devices

2014-07-10 02:33 - 2014-07-10 02:37 - 00000320 _____ () C:\Windows\Tasks\Start Registry Reviver for User-PC@User(logon).job

2014-07-10 02:33 - 2014-07-10 02:33 - 00001057 _____ () C:\Users\Public\Desktop\Registry Reviver.lnk

2014-07-10 02:33 - 2014-07-10 02:33 - 00000000 ____D () C:\ProgramData\ReviverSoft

2014-07-10 02:33 - 2014-07-10 02:33 - 00000000 ____D () C:\ProgramData\RegistryReviver.exe

2014-07-10 02:33 - 2014-07-10 02:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ReviverSoft

2014-07-10 02:33 - 2014-07-10 02:33 - 00000000 ____D () C:\Program Files\ReviverSoft

2014-07-10 02:32 - 2014-07-10 02:32 - 05513976 _____ (ReviverSoft LLC) C:\Users\User\Downloads\RegistryReviverSetup (1).exe

2014-07-10 02:28 - 2014-07-10 02:28 - 05513976 _____ (ReviverSoft LLC) C:\Users\User\Downloads\RegistryReviverSetup.exe

2014-07-10 02:17 - 2014-07-10 02:17 - 00000000 ____D () C:\Users\User\AppData\Roaming\Process Hacker 2

2014-07-10 02:16 - 2014-07-10 02:16 - 01932448 _____ (wj32 ) C:\Users\User\Downloads\processhacker-2.33-setup (1).exe

2014-07-10 02:16 - 2014-07-10 02:16 - 00001843 _____ () C:\Users\User\Desktop\Process Hacker 2.lnk

2014-07-10 02:16 - 2014-07-10 02:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Process Hacker 2

2014-07-10 02:16 - 2014-07-10 02:16 - 00000000 ____D () C:\Program Files\Process Hacker 2

2014-07-10 02:14 - 2014-07-10 02:14 - 01932448 _____ (wj32 ) C:\Users\User\Downloads\processhacker-2.33-setup.exe

2014-07-10 02:05 - 2014-07-10 02:05 - 01243655 _____ () C:\Users\User\Downloads\ProcessExplorer.zip

2014-07-10 01:50 - 2014-07-10 04:31 - 00059392 _____ () C:\Users\User\AppData\Roaming\msconfig.ini

2014-07-10 01:49 - 2014-07-10 02:48 - 00000000 __SHD () C:\ProgramData\NT Kernel

2014-07-10 01:47 - 2014-07-10 01:49 - 00329728 ___SH (Microsoft Corporation) C:\Users\User\AppData\Roaming\csrss.exe

2014-07-09 13:35 - 2014-07-09 13:35 - 00000000 _____ () C:\asc_rdflag

2014-07-09 03:05 - 2014-07-09 03:05 - 00000000 ____D () C:\4dd46bf29c26f1c43867ca6cf6ad

2014-07-09 02:36 - 2014-06-20 15:14 - 00266424 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll

2014-07-09 02:36 - 2014-06-20 14:39 - 00240824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll

2014-07-09 02:36 - 2014-06-18 20:06 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb

2014-07-09 02:36 - 2014-06-18 20:06 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll

2014-07-09 02:36 - 2014-06-18 19:42 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll

2014-07-09 02:36 - 2014-06-18 19:41 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll

2014-07-09 02:36 - 2014-06-18 19:31 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll

2014-07-09 02:36 - 2014-06-18 19:24 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe

2014-07-09 02:36 - 2014-06-18 19:16 - 17276416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll

2014-07-09 02:36 - 2014-06-18 19:09 - 00452608 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll

2014-07-09 02:36 - 2014-06-18 18:59 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll

2014-07-09 02:36 - 2014-06-18 18:56 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb

2014-07-09 02:36 - 2014-06-18 18:39 - 00608768 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe

2014-07-09 02:36 - 2014-06-18 18:37 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll

2014-07-09 02:36 - 2014-06-18 18:36 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll

2014-07-09 02:36 - 2014-06-18 18:33 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll

2014-07-09 02:36 - 2014-06-18 18:32 - 02179072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll

2014-07-09 02:36 - 2014-06-18 18:28 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll

2014-07-09 02:36 - 2014-06-18 18:28 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll

2014-07-09 02:36 - 2014-06-18 18:25 - 00442368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll

2014-07-09 02:36 - 2014-06-18 18:22 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll

2014-07-09 02:36 - 2014-06-18 18:12 - 00367616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll

2014-07-09 02:36 - 2014-06-18 18:06 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll

2014-07-09 02:36 - 2014-06-18 17:59 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll

2014-07-09 02:36 - 2014-06-18 17:58 - 00239616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll

2014-07-09 02:36 - 2014-06-18 17:49 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll

2014-07-09 02:36 - 2014-06-18 17:45 - 01964544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl

2014-07-09 02:36 - 2014-06-18 17:35 - 11742208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll

2014-07-09 02:36 - 2014-06-18 17:34 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll

2014-07-09 02:36 - 2014-06-18 17:09 - 01139200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll

2014-07-09 02:36 - 2014-06-17 21:18 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe

2014-07-09 02:36 - 2014-06-17 20:51 - 00646144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\osk.exe

2014-07-09 02:36 - 2014-06-17 20:10 - 03157504 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys

2014-07-09 02:36 - 2014-06-06 05:10 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll

2014-07-09 02:36 - 2014-06-06 04:44 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll

2014-07-09 02:36 - 2014-05-30 03:08 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll

2014-07-09 02:36 - 2014-05-30 03:08 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll

2014-07-09 02:36 - 2014-05-30 03:08 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll

2014-07-09 02:36 - 2014-05-30 03:08 - 00307200 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll

2014-07-09 02:36 - 2014-05-30 03:08 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll

2014-07-09 02:36 - 2014-05-30 03:08 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll

2014-07-09 02:36 - 2014-05-30 03:08 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll

2014-07-09 02:36 - 2014-05-30 02:52 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll

2014-07-09 02:36 - 2014-05-30 02:52 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll

2014-07-09 02:36 - 2014-05-30 02:52 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll

2014-07-09 02:36 - 2014-05-30 02:52 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll

2014-07-09 02:36 - 2014-05-30 02:52 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll

2014-07-09 02:36 - 2014-05-30 02:52 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll

2014-07-09 02:36 - 2014-05-30 02:52 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll

2014-07-09 02:36 - 2014-05-30 01:45 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys

2014-07-09 02:35 - 2014-06-18 20:39 - 23464448 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll

2014-07-09 02:35 - 2014-06-18 19:48 - 02768384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll

2014-07-09 02:35 - 2014-06-18 19:42 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll

2014-07-09 02:35 - 2014-06-18 19:41 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll

2014-07-09 02:35 - 2014-06-18 19:32 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll

2014-07-09 02:35 - 2014-06-18 19:26 - 00598016 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll

2014-07-09 02:35 - 2014-06-18 19:24 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe

2014-07-09 02:35 - 2014-06-18 19:23 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll

2014-07-09 02:35 - 2014-06-18 19:14 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe

2014-07-09 02:35 - 2014-06-18 18:53 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll

2014-07-09 02:35 - 2014-06-18 18:51 - 05721088 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll

2014-07-09 02:35 - 2014-06-18 18:50 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll

2014-07-09 02:35 - 2014-06-18 18:48 - 00292864 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll

2014-07-09 02:35 - 2014-06-18 18:38 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll

2014-07-09 02:35 - 2014-06-18 18:35 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll

2014-07-09 02:35 - 2014-06-18 18:27 - 02040832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl

2014-07-09 02:35 - 2014-06-18 18:27 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll

2014-07-09 02:35 - 2014-06-18 18:23 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe

2014-07-09 02:35 - 2014-06-18 18:01 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll

2014-07-09 02:35 - 2014-06-18 17:58 - 02266112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll

2014-07-09 02:35 - 2014-06-18 17:52 - 04254720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll

2014-07-09 02:35 - 2014-06-18 17:51 - 13527040 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll

2014-07-09 02:35 - 2014-06-18 17:46 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll

2014-07-09 02:35 - 2014-06-18 17:15 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll

2014-07-09 02:35 - 2014-06-18 17:13 - 01791488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll

2014-07-09 02:35 - 2014-06-18 17:07 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll

2014-07-09 02:35 - 2014-06-05 09:45 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll

2014-07-09 02:35 - 2014-06-05 09:26 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll

2014-07-09 02:35 - 2014-06-05 09:25 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll

2014-07-08 17:12 - 2014-07-08 17:12 - 00347816 _____ (Microsoft Corporation) C:\Users\User\Downloads\MicrosoftFixit.Printing.Run.exe

2014-07-07 19:34 - 2014-07-10 01:56 - 00000000 ____D () C:\Users\User\Documents\Exploits

2014-07-05 00:19 - 2014-07-05 00:19 - 00000222 _____ () C:\Users\User\Desktop\Dead Island Epidemic.url

2014-07-04 09:58 - 2014-07-04 09:58 - 00000000 ____D () C:\Users\User\Documents\My Cheat Tables

2014-07-04 09:58 - 2014-07-04 09:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cheat Engine 6.4

2014-07-04 09:58 - 2014-07-04 09:58 - 00000000 ____D () C:\Program Files (x86)\Cheat Engine 6.4

2014-07-03 20:10 - 2014-07-03 20:10 - 00000000 __SHD () C:\found.003

2014-07-03 02:33 - 2014-07-03 02:33 - 00001053 _____ () C:\Users\User\Desktop\Notepad++.lnk

2014-07-03 02:33 - 2014-07-03 02:33 - 00000000 ____D () C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Notepad++

2014-07-03 02:33 - 2014-07-03 02:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++

2014-07-01 23:07 - 2014-07-01 23:08 - 03359578 _____ () C:\Users\User\Documents\YouTube-449f8a55c5be4a2c8bd0030a91d1ed66.mp4

2014-07-01 22:47 - 2014-07-01 22:47 - 03502232 _____ () C:\Users\User\Documents\YouTube-8a4ae8b9b35e47e7a73adca6d55551e1.mp4

2014-07-01 10:26 - 2014-07-10 03:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Game Assistant

2014-07-01 08:58 - 2014-07-01 08:58 - 00939224 _____ (Realtek ) C:\Windows\system32\Drivers\Rt64win7.sys

2014-07-01 08:58 - 2014-07-01 08:58 - 00073800 _____ (Realtek Semiconductor Corporation) C:\Windows\system32\RtNicProp64.dll

2014-07-01 03:16 - 2014-07-01 03:16 - 00001120 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Media Encoder CC 2014.lnk

2014-07-01 01:19 - 2014-07-01 01:19 - 00000000 ___RD () C:\Users\User\Creative Cloud Files

2014-06-27 21:50 - 2014-06-27 22:12 - 00000000 ____D () C:\Fraps

2014-06-27 21:50 - 2014-06-27 21:50 - 00000574 _____ () C:\Users\User\Desktop\Fraps.lnk

2014-06-27 21:50 - 2014-06-27 21:50 - 00000000 ____D () C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Fraps

2014-06-26 22:28 - 2014-06-26 22:28 - 00000000 ____D () C:\Users\User\AppData\Roaming\No Company Name

2014-06-26 21:43 - 2014-06-26 21:43 - 00001040 _____ () C:\Users\Public\Desktop\Vegas Pro 13.0 (64-bit).lnk

2014-06-26 21:43 - 2014-06-26 21:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sony

2014-06-26 21:42 - 2014-06-26 21:42 - 00000000 ____D () C:\Program Files\Sony

2014-06-26 21:42 - 2014-06-26 21:42 - 00000000 ____D () C:\Program Files (x86)\Sony

2014-06-26 17:45 - 2014-06-26 17:45 - 00003164 _____ () C:\Windows\System32\Tasks\SmartDefrag3_Startup

2014-06-26 17:42 - 2014-06-26 17:42 - 00003356 _____ () C:\Windows\System32\Tasks\EnergoTech Update

2014-06-26 17:42 - 2014-06-26 17:42 - 00000000 ____D () C:\ProgramData\EnergoTech

2014-06-26 16:23 - 2014-06-26 16:24 - 00000000 ____D () C:\Users\User\Documents\SPACE

2014-06-26 13:35 - 2014-07-01 10:38 - 00000000 ____D () C:\ProgramData\TechSmith

2014-06-25 21:54 - 2014-06-25 21:54 - 00000000 ____D () C:\Users\User\AppData\Roaming\StormFall

2014-06-25 21:54 - 2014-06-25 21:54 - 00000000 ____D () C:\Users\User\AppData\Local\StormFall

2014-06-25 18:35 - 2014-06-25 18:35 - 00005053 _____ () C:\ProgramData\hwjqxkkr.zva

2014-06-25 18:35 - 2014-06-25 18:35 - 00000000 ____D () C:\Users\User\AppData\Roaming\MOVAVI

2014-06-25 18:35 - 2014-06-25 18:35 - 00000000 ____D () C:\Users\User\AppData\Local\Movavi

2014-06-25 18:32 - 2014-06-25 21:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Movavi Screen Capture Studio 5

2014-06-25 15:46 - 2014-06-25 15:46 - 00000000 ____D () C:\ProgramData\BlueStacks

2014-06-25 15:44 - 2014-06-25 15:44 - 00000000 ____D () C:\Users\User\Documents\NewBlueFX

2014-06-25 14:56 - 2014-06-28 23:43 - 00000000 ____D () C:\Users\User\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant

2014-06-25 14:41 - 2014-06-25 14:41 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\48230029.sys

2014-06-24 17:04 - 2014-07-10 03:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Malware Fighter

2014-06-24 16:51 - 2014-06-24 16:51 - 09889352 _____ (Realtek Semiconductor Corp.) C:\Windows\SysWOW64\RsCRIcon.dll

2014-06-24 16:51 - 2014-06-24 16:51 - 00271064 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RtsUStor.sys

2014-06-24 16:50 - 2014-06-24 16:50 - 00170200 _____ (Broadcom Corporation.) C:\Windows\system32\Drivers\bcbtums.sys

2014-06-24 16:50 - 2014-06-24 16:50 - 00057270 _____ () C:\Windows\system32\Drivers\BCM43142A0_001.001.011.0161.0177.hex

2014-06-24 16:50 - 2014-06-24 16:50 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_TeeDriverx64_01011.Wdf

2014-06-24 16:49 - 2014-06-24 16:49 - 01795952 _____ (Microsoft Corporation) C:\Windows\system32\WdfCoInstaller01011.dll

2014-06-24 16:49 - 2014-06-24 16:49 - 00100312 _____ (Intel Corporation) C:\Windows\system32\Drivers\TeeDriverx64.sys

2014-06-24 16:34 - 2014-06-24 16:34 - 00003170 _____ () C:\Windows\System32\Tasks\SmartDefrag3_Update

2014-06-24 16:33 - 2014-06-24 16:33 - 00002860 _____ () C:\Windows\System32\Tasks\Driver Booster SkipUAC (SYSTEM)

2014-06-24 16:26 - 2013-11-19 16:52 - 00034080 _____ (IObit) C:\Windows\system32\SmartDefragBootTime.exe

2014-06-24 16:25 - 2014-07-10 03:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Smart Defrag 3

2014-06-24 16:25 - 2014-07-10 03:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Booster

2014-06-24 16:25 - 2014-06-24 16:33 - 00003220 _____ () C:\Windows\System32\Tasks\Driver Booster Scan

2014-06-24 16:25 - 2014-06-24 16:33 - 00003164 _____ () C:\Windows\System32\Tasks\Driver Booster Update

2014-06-24 16:25 - 2014-06-24 16:25 - 00002852 _____ () C:\Windows\System32\Tasks\Driver Booster SkipUAC (User)

2014-06-24 16:25 - 2014-03-10 18:17 - 00128288 _____ (IObit) C:\Windows\system32\IObitSmartDefragExtension.dll20140624163407.dll

2014-06-24 16:25 - 2014-03-10 18:17 - 00128288 _____ (IObit) C:\Windows\system32\IObitSmartDefragExtension.dll20140624162611.dll

2014-06-24 16:25 - 2014-03-10 18:17 - 00128288 _____ (IObit) C:\Windows\system32\IObitSmartDefragExtension.dll

2014-06-24 16:25 - 2013-12-24 10:40 - 00021184 _____ (IObit) C:\Windows\system32\Drivers\SmartDefragDriver.sys

2014-06-24 11:41 - 2014-06-24 11:41 - 00000000 ____D () C:\ProgramData\AVG Secure Search

2014-06-18 12:25 - 2014-06-18 12:25 - 00000222 _____ () C:\Users\User\Desktop\Soldier Front 2.url

2014-06-18 09:58 - 2014-07-10 02:49 - 00000000 ____D () C:\Users\User\AppData\Local\Adobe

2014-06-17 22:09 - 2014-07-09 23:02 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys

2014-06-17 22:08 - 2014-07-10 03:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware

2014-06-17 22:07 - 2014-07-10 03:39 - 00000000 ____D () C:\Program Files (x86)\winlogon.exe

2014-06-17 22:07 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys

2014-06-17 22:07 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys

2014-06-17 21:55 - 2014-06-17 21:55 - 00000604 _____ () C:\Users\User\Documents\MC instruc.txt

2014-06-16 21:48 - 2014-06-16 21:50 - 01557060 _____ (TeamExtreme) C:\Users\User\Desktop\Minecraft.exe

2014-06-16 21:10 - 2014-06-27 12:10 - 00000000 ____D () C:\ProgramData\MySearch

2014-06-16 21:10 - 2014-06-18 19:12 - 00000000 ____D () C:\ProgramData\Appday software

2014-06-16 21:10 - 2014-06-17 22:43 - 00000000 ____D () C:\Program Files (x86)\ss Supporter

2014-06-16 21:09 - 2014-06-27 12:10 - 00000000 ____D () C:\ProgramData\Downoload keaEper

2014-06-16 21:09 - 2014-06-27 12:10 - 00000000 ____D () C:\ProgramData\Adblocker

2014-06-16 21:09 - 2014-06-17 22:32 - 00000000 ____D () C:\ProgramData\77e9934e1b4ae1eb

2014-06-16 21:09 - 2014-06-17 22:32 - 00000000 ____D () C:\Program Files (x86)\Adblocker

2014-06-16 21:09 - 2014-06-17 22:30 - 00000000 ____D () C:\Program Files (x86)\Downoload keaEper

2014-06-16 21:09 - 2014-06-16 21:09 - 00000000 ____D () C:\Users\User\AppData\Local\Packages

2014-06-16 21:09 - 2014-06-16 21:09 - 00000000 ____D () C:\Users\User\AppData\Local\Chromatic Browser

2014-06-16 21:08 - 2014-06-17 22:17 - 00000000 ____D () C:\Users\User\AppData\Roaming\SkypEmoticons

2014-06-16 21:08 - 2014-06-16 21:10 - 00000000 ____D () C:\ProgramData\InstallMate

2014-06-16 21:08 - 2014-06-16 21:08 - 00000000 ____D () C:\Users\User\AppData\Local\Torch

2014-06-16 21:08 - 2014-06-16 21:08 - 00000000 ____D () C:\Users\User\AppData\Local\Comodo

2014-06-16 21:08 - 2014-06-16 21:08 - 00000000 ____D () C:\Users\Guest\AppData\Local\Torch

2014-06-16 21:08 - 2014-06-16 21:08 - 00000000 ____D () C:\Users\Guest\AppData\Local\Google

2014-06-16 21:08 - 2014-06-16 21:08 - 00000000 ____D () C:\Users\Guest\AppData\Local\Comodo

2014-06-16 21:08 - 2014-06-16 21:08 - 00000000 ____D () C:\Users\Guest\AppData\Local\Chromatic Browser

2014-06-16 21:08 - 2014-06-16 21:08 - 00000000 ____D () C:\Users\Guest

2014-06-16 21:08 - 2014-06-16 21:08 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Torch

2014-06-16 21:08 - 2014-06-16 21:08 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Google

2014-06-16 21:08 - 2014-06-16 21:08 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Comodo

2014-06-16 21:08 - 2014-06-16 21:08 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Chromatic Browser

2014-06-16 21:08 - 2014-06-16 21:08 - 00000000 ____D () C:\Users\Administrator

2014-06-11 11:46 - 2014-05-08 04:32 - 03178496 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll

2014-06-11 11:46 - 2014-05-08 04:32 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\RdpGroupPolicyExtension.dll

2014-06-11 11:46 - 2014-04-24 21:34 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll

2014-06-11 11:46 - 2014-04-24 21:06 - 00626688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll

2014-06-11 11:46 - 2014-04-04 21:47 - 01903552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys

2014-06-11 11:46 - 2014-04-04 21:47 - 00288192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS

2014-06-11 11:46 - 2014-03-26 09:44 - 02002432 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll

2014-06-11 11:46 - 2014-03-26 09:44 - 01882112 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll

2014-06-11 11:46 - 2014-03-26 09:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll

2014-06-11 11:46 - 2014-03-26 09:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll

2014-06-11 11:46 - 2014-03-26 09:27 - 01389056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll

2014-06-11 11:46 - 2014-03-26 09:27 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll

2014-06-11 11:46 - 2014-03-26 09:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll

2014-06-11 11:46 - 2014-03-26 09:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll

2014-06-10 17:34 - 2014-06-10 17:57 - 00000000 ____D () C:\Users\User\Downloads\[Fuwanovel] Yandere

2014-06-10 00:48 - 2014-06-10 15:05 - 00005486 _____ () C:\Users\User\Downloads\[Fuwanovel] Yandere.torrent

 

==================== One Month Modified Files and Folders =======

 

2014-07-10 04:31 - 2014-07-10 04:31 - 02084352 _____ (Farbar) C:\Users\User\Downloads\FRST64.exe

2014-07-10 04:31 - 2014-07-10 04:31 - 00023701 _____ () C:\Users\User\Downloads\FRST.txt

2014-07-10 04:31 - 2014-07-10 04:31 - 00000000 ____D () C:\FRST

2014-07-10 04:31 - 2014-07-10 01:50 - 00059392 _____ () C:\Users\User\AppData\Roaming\msconfig.ini

2014-07-10 04:22 - 2014-07-10 04:22 - 04621032 _____ (Avira Operations GmbH & Co. KG) C:\Users\User\Downloads\avira_en_av___ws2.exe

2014-07-10 04:21 - 2014-07-10 04:21 - 38612976 _____ (IObit ) C:\Users\User\Downloads\Advanced-SystemCare.exe

2014-07-10 04:20 - 2014-07-10 04:20 - 00000000 ____D () C:\TDSSKiller_Quarantine

2014-07-10 04:17 - 2014-07-10 04:17 - 04181856 _____ (Kaspersky Lab ZAO) C:\Users\User\Downloads\tdsskiller.exe

2014-07-10 04:12 - 2014-07-10 04:12 - 00602112 _____ (OldTimer Tools) C:\Users\User\Downloads\OTL.exe

2014-07-10 04:06 - 2013-08-08 14:07 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware

2014-07-10 04:03 - 2014-07-10 04:03 - 00222294 _____ () C:\Users\User\Documents\cc_20140710_040334.reg

2014-07-10 04:02 - 2014-07-10 04:02 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\User\Downloads\mbam-setup-2.0.2.1012 (2).exe

2014-07-10 04:01 - 2014-07-10 04:01 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\User\Downloads\mbam-setup-2.0.2.1012 (1).exe

2014-07-10 04:00 - 2014-07-10 04:00 - 06153352 _____ (Malwarebytes Corporation ) C:\Users\User\Downloads\1234.exe

2014-07-10 03:59 - 2014-07-01 10:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Game Assistant

2014-07-10 03:59 - 2014-06-24 17:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Malware Fighter

2014-07-10 03:59 - 2014-06-24 16:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Smart Defrag 3

2014-07-10 03:59 - 2014-06-24 16:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Booster

2014-07-10 03:59 - 2014-06-17 22:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware

2014-07-10 03:59 - 2014-04-13 12:48 - 00000000 ____D () C:\Users\User\AppData\Roaming\BitTorrent

2014-07-10 03:59 - 2014-01-04 15:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced SystemCare 7

2014-07-10 03:59 - 2013-07-10 21:57 - 00000000 ____D () C:\Program Files (x86)\Steam

2014-07-10 03:59 - 2013-06-26 21:41 - 00000000 ____D () C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MyPC Backup

2014-07-10 03:58 - 2014-05-04 18:19 - 00000000 ____D () C:\Users\User\AppData\Local\CrashDumps

2014-07-10 03:58 - 2013-11-25 13:18 - 00000000 ____D () C:\Windows\Minidump

2014-07-10 03:53 - 2014-07-10 03:53 - 03736040 _____ (Piriform Ltd) C:\Users\User\Downloads\ccsetup415_slim.exe

2014-07-10 03:53 - 2014-07-10 03:53 - 00000824 _____ () C:\Users\Public\Desktop\CCleaner.lnk

2014-07-10 03:53 - 2014-07-10 03:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner

2014-07-10 03:53 - 2014-07-10 03:53 - 00000000 ____D () C:\Program Files\CCleaner

2014-07-10 03:48 - 2014-07-10 03:48 - 00000000 ____D () C:\Windows\erdnt

2014-07-10 03:48 - 2014-07-10 03:48 - 00000000 ____D () C:\32788R22FWJFW

2014-07-10 03:47 - 2014-07-10 03:47 - 05217324 ____R (Swearware) C:\Users\User\Downloads\123.exe

2014-07-10 03:45 - 2014-07-10 03:45 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\User\Downloads\mbam-setup-2.0.2.1012.exe

2014-07-10 03:40 - 2009-07-13 23:45 - 00021312 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

2014-07-10 03:40 - 2009-07-13 23:45 - 00021312 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

2014-07-10 03:39 - 2014-06-17 22:07 - 00000000 ____D () C:\Program Files (x86)\winlogon.exe

2014-07-10 03:38 - 2013-06-26 22:24 - 00000000 ____D () C:\Users\User\AppData\Roaming\Skype

2014-07-10 03:18 - 2013-06-26 21:36 - 00000000 ____D () C:\Users\User\AppData\Roaming\Adobe

2014-07-10 03:18 - 2013-02-26 23:48 - 00000000 ____D () C:\Program Files (x86)\Adobe

2014-07-10 03:16 - 2013-10-05 23:28 - 00000000 ____D () C:\Program Files\Adobe

2014-07-10 03:16 - 2013-07-02 09:48 - 00000000 ____D () C:\Program Files\Common Files\Adobe

2014-07-10 03:14 - 2014-05-14 17:04 - 00000000 ___RD () C:\Users\User\Dropbox

2014-07-10 03:14 - 2014-05-14 16:53 - 00000000 ____D () C:\Users\User\AppData\Roaming\Dropbox

2014-07-10 03:13 - 2014-05-14 16:55 - 00000000 ____D () C:\Users\User\AppData\Roaming\DropboxMaster

2014-07-10 03:12 - 2013-08-19 16:24 - 00000000 ___RD () C:\Users\User\SkyDrive

2014-07-10 03:00 - 2014-07-10 03:00 - 00000000 __SHD () C:\Windows\SysWOW64\NT Kernel

2014-07-10 02:49 - 2014-06-18 09:58 - 00000000 ____D () C:\Users\User\AppData\Local\Adobe

2014-07-10 02:48 - 2014-07-10 02:48 - 00000000 ____D () C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bluetooth Devices

2014-07-10 02:48 - 2014-07-10 01:49 - 00000000 __SHD () C:\ProgramData\NT Kernel

2014-07-10 02:37 - 2014-07-10 02:33 - 00000320 _____ () C:\Windows\Tasks\Start Registry Reviver for User-PC@User(logon).job

2014-07-10 02:33 - 2014-07-10 02:33 - 00001057 _____ () C:\Users\Public\Desktop\Registry Reviver.lnk

2014-07-10 02:33 - 2014-07-10 02:33 - 00000000 ____D () C:\ProgramData\ReviverSoft

2014-07-10 02:33 - 2014-07-10 02:33 - 00000000 ____D () C:\ProgramData\RegistryReviver.exe

2014-07-10 02:33 - 2014-07-10 02:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ReviverSoft

2014-07-10 02:33 - 2014-07-10 02:33 - 00000000 ____D () C:\Program Files\ReviverSoft

2014-07-10 02:32 - 2014-07-10 02:32 - 05513976 _____ (ReviverSoft LLC) C:\Users\User\Downloads\RegistryReviverSetup (1).exe

2014-07-10 02:28 - 2014-07-10 02:28 - 05513976 _____ (ReviverSoft LLC) C:\Users\User\Downloads\RegistryReviverSetup.exe

2014-07-10 02:17 - 2014-07-10 02:17 - 00000000 ____D () C:\Users\User\AppData\Roaming\Process Hacker 2

2014-07-10 02:16 - 2014-07-10 02:16 - 01932448 _____ (wj32 ) C:\Users\User\Downloads\processhacker-2.33-setup (1).exe

2014-07-10 02:16 - 2014-07-10 02:16 - 00001843 _____ () C:\Users\User\Desktop\Process Hacker 2.lnk

2014-07-10 02:16 - 2014-07-10 02:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Process Hacker 2

2014-07-10 02:16 - 2014-07-10 02:16 - 00000000 ____D () C:\Program Files\Process Hacker 2

2014-07-10 02:14 - 2014-07-10 02:14 - 01932448 _____ (wj32 ) C:\Users\User\Downloads\processhacker-2.33-setup.exe

2014-07-10 02:05 - 2014-07-10 02:05 - 01243655 _____ () C:\Users\User\Downloads\ProcessExplorer.zip

2014-07-10 01:56 - 2014-07-07 19:34 - 00000000 ____D () C:\Users\User\Documents\Exploits

2014-07-10 01:49 - 2014-07-10 01:47 - 00329728 ___SH (Microsoft Corporation) C:\Users\User\AppData\Roaming\csrss.exe

2014-07-10 01:30 - 2013-11-30 20:05 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job

2014-07-10 01:19 - 2013-09-27 21:05 - 00000000 ____D () C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Roblox

2014-07-10 01:14 - 2013-02-26 22:58 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job

2014-07-10 00:57 - 2014-05-03 17:49 - 00000386 _____ () C:\Windows\Tasks\update-sys.job

2014-07-10 00:01 - 2013-12-08 19:22 - 00000000 _____ () C:\dfu.log

2014-07-09 23:47 - 2014-05-03 17:49 - 00000386 _____ () C:\Windows\Tasks\update-S-1-5-21-2278122046-1784014762-222765858-1000.job

2014-07-09 23:02 - 2014-06-17 22:09 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys

2014-07-09 21:39 - 2013-06-26 21:39 - 00001208 _____ () C:\Windows\Tasks\Trusted Saver-codedownloader.job

2014-07-09 21:39 - 2013-06-26 21:39 - 00001204 _____ () C:\Windows\Tasks\Trusted Saver-updater.job

2014-07-09 21:39 - 2013-06-26 21:39 - 00001108 _____ () C:\Windows\Tasks\Trusted Saver-enabler.job

2014-07-09 18:30 - 2013-11-30 20:05 - 00000890 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job

2014-07-09 13:36 - 2009-07-14 00:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT

2014-07-09 13:35 - 2014-07-09 13:35 - 00000000 _____ () C:\asc_rdflag

2014-07-09 13:35 - 2014-01-05 13:20 - 73723904 _____ () C:\Windows\system32\config\software.iodefrag.bak

2014-07-09 13:35 - 2014-01-05 13:20 - 00233472 _____ () C:\Windows\system32\config\default.iodefrag.bak

2014-07-09 13:35 - 2014-01-05 13:20 - 00061440 _____ () C:\Windows\system32\config\sam.iodefrag.bak

2014-07-09 13:35 - 2014-01-05 13:20 - 00024576 _____ () C:\Windows\system32\config\security.iodefrag.bak

2014-07-09 11:13 - 2014-03-28 20:46 - 00000000 ____D () C:\Program Files (x86)\osu!

2014-07-09 10:42 - 2009-07-13 23:45 - 08149000 _____ () C:\Windows\system32\FNTCACHE.DAT

2014-07-09 10:38 - 2010-11-21 02:17 - 00000000 ____D () C:\Program Files\Windows Journal

2014-07-09 10:38 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\SysWOW64\Dism

2014-07-09 10:38 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\system32\Dism

2014-07-09 10:28 - 2014-01-04 15:35 - 00000000 ____D () C:\ProgramData\ProductData

2014-07-09 03:05 - 2014-07-09 03:05 - 00000000 ____D () C:\4dd46bf29c26f1c43867ca6cf6ad

2014-07-09 03:05 - 2013-09-30 18:29 - 96441528 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe

2014-07-09 03:05 - 2013-09-30 18:29 - 00000000 ____D () C:\Windows\system32\MRT

2014-07-08 22:14 - 2013-02-26 22:58 - 00699056 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe

2014-07-08 22:14 - 2013-02-26 22:58 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl

2014-07-08 22:14 - 2013-02-26 22:58 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater

2014-07-08 17:19 - 2014-05-17 11:33 - 00000000 ____D () C:\ProgramData\CanonIJPLM

2014-07-08 17:12 - 2014-07-08 17:12 - 00347816 _____ (Microsoft Corporation) C:\Users\User\Downloads\MicrosoftFixit.Printing.Run.exe

2014-07-08 17:06 - 2014-05-17 12:14 - 00000000 ____D () C:\ProgramData\CanonIJ

2014-07-08 17:06 - 2013-10-19 18:57 - 00000000 ____D () C:\Users\User\Documents\Adobe

2014-07-08 17:02 - 2009-07-14 00:13 - 00798066 _____ () C:\Windows\system32\PerfStringBackup.INI

2014-07-08 12:11 - 2013-08-07 19:20 - 00000000 ___HD () C:\Windows\msdownld.tmp

2014-07-05 11:23 - 2013-09-20 21:51 - 00000000 ____D () C:\Users\User\Documents\ROBLOX

2014-07-05 00:59 - 2013-06-26 21:32 - 00119600 _____ () C:\Users\User\AppData\Local\GDIPFONTCACHEV1.DAT

2014-07-05 00:19 - 2014-07-05 00:19 - 00000222 _____ () C:\Users\User\Desktop\Dead Island Epidemic.url

2014-07-05 00:19 - 2013-11-26 17:14 - 00000000 ____D () C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam

2014-07-04 09:58 - 2014-07-04 09:58 - 00000000 ____D () C:\Users\User\Documents\My Cheat Tables

2014-07-04 09:58 - 2014-07-04 09:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cheat Engine 6.4

2014-07-04 09:58 - 2014-07-04 09:58 - 00000000 ____D () C:\Program Files (x86)\Cheat Engine 6.4

2014-07-03 20:10 - 2014-07-03 20:10 - 00000000 __SHD () C:\found.003

2014-07-03 02:35 - 2013-08-24 22:19 - 00000000 ____D () C:\Users\User\AppData\Roaming\Notepad++

2014-07-03 02:33 - 2014-07-03 02:33 - 00001053 _____ () C:\Users\User\Desktop\Notepad++.lnk

2014-07-03 02:33 - 2014-07-03 02:33 - 00000000 ____D () C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Notepad++

2014-07-03 02:33 - 2014-07-03 02:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++

2014-07-03 02:33 - 2013-08-24 22:19 - 00000000 ____D () C:\Program Files (x86)\Notepad++

2014-07-02 00:06 - 2013-07-02 10:49 - 00000000 ____D () C:\ProgramData\regid.1986-12.com.adobe

2014-07-01 23:08 - 2014-07-01 23:07 - 03359578 _____ () C:\Users\User\Documents\YouTube-449f8a55c5be4a2c8bd0030a91d1ed66.mp4

2014-07-01 22:47 - 2014-07-01 22:47 - 03502232 _____ () C:\Users\User\Documents\YouTube-8a4ae8b9b35e47e7a73adca6d55551e1.mp4

2014-07-01 22:29 - 2014-01-03 03:17 - 00000000 ____D () C:\Users\User\AppData\Roaming\Publish Providers

2014-07-01 21:34 - 2013-11-21 18:19 - 00000000 ____D () C:\Program Files (x86)\PasswordBox

2014-07-01 20:34 - 2013-12-15 11:02 - 00000000 ____D () C:\Users\User\Incomplete

2014-07-01 20:30 - 2013-12-15 11:00 - 00000000 ____D () C:\Users\User\AppData\Roaming\MP3Rocket

2014-07-01 16:39 - 2013-06-26 23:15 - 00000000 ____D () C:\Users\User\AppData\Local\Roblox

2014-07-01 10:49 - 2014-01-04 15:35 - 00000000 ____D () C:\ProgramData\IObit

2014-07-01 10:46 - 2013-02-26 23:45 - 00000000 ____D () C:\Windows\PCHEALTH

2014-07-01 10:38 - 2014-06-26 13:35 - 00000000 ____D () C:\ProgramData\TechSmith

2014-07-01 10:24 - 2014-01-04 15:35 - 00000000 ____D () C:\Program Files (x86)\IObit

2014-07-01 10:24 - 2014-01-04 15:34 - 00000000 ____D () C:\Users\User\AppData\Roaming\IObit

2014-07-01 08:58 - 2014-07-01 08:58 - 00939224 _____ (Realtek ) C:\Windows\system32\Drivers\Rt64win7.sys

2014-07-01 08:58 - 2014-07-01 08:58 - 00073800 _____ (Realtek Semiconductor Corporation) C:\Windows\system32\RtNicProp64.dll

2014-07-01 08:58 - 2013-02-27 00:20 - 00107552 _____ (Realtek Semiconductor Corporation) C:\Windows\system32\RTNUninst64.dll

2014-07-01 03:16 - 2014-07-01 03:16 - 00001120 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Media Encoder CC 2014.lnk

2014-07-01 02:32 - 2013-12-23 14:22 - 00000000 ____D () C:\ProgramData\Package Cache

2014-07-01 01:19 - 2014-07-01 01:19 - 00000000 ___RD () C:\Users\User\Creative Cloud Files

2014-06-28 23:43 - 2014-06-25 14:56 - 00000000 ____D () C:\Users\User\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant

2014-06-27 22:12 - 2014-06-27 21:50 - 00000000 ____D () C:\Fraps

2014-06-27 21:50 - 2014-06-27 21:50 - 00000574 _____ () C:\Users\User\Desktop\Fraps.lnk

2014-06-27 21:50 - 2014-06-27 21:50 - 00000000 ____D () C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Fraps

2014-06-27 19:01 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\PLA

2014-06-27 12:10 - 2014-06-16 21:10 - 00000000 ____D () C:\ProgramData\MySearch

2014-06-27 12:10 - 2014-06-16 21:09 - 00000000 ____D () C:\ProgramData\Downoload keaEper

2014-06-27 12:10 - 2014-06-16 21:09 - 00000000 ____D () C:\ProgramData\Adblocker

2014-06-27 00:30 - 2013-12-15 03:12 - 00000408 _____ () C:\Users\User\AppData\Roaming\CamShapes.ini

2014-06-27 00:30 - 2013-12-15 03:12 - 00000408 _____ () C:\Users\User\AppData\Roaming\CamLayout.ini

2014-06-27 00:30 - 2013-12-15 03:12 - 00000100 _____ () C:\Users\User\AppData\Roaming\Camdata.ini

2014-06-27 00:30 - 2013-12-15 02:32 - 00004550 _____ () C:\Users\User\AppData\Roaming\CamStudio.cfg

2014-06-27 00:28 - 2013-12-15 02:21 - 00000096 _____ () C:\Users\User\AppData\Roaming\version2.xml

2014-06-27 00:05 - 2013-06-26 22:17 - 00001190 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Paint.NET.lnk

2014-06-27 00:05 - 2013-06-26 22:17 - 00001178 _____ () C:\Users\Public\Desktop\Paint.NET.lnk

2014-06-27 00:04 - 2013-06-26 22:17 - 00000000 ____D () C:\Program Files\Paint.NET

2014-06-26 23:24 - 2013-08-31 01:10 - 00000000 ____D () C:\Users\User\AppData\Roaming\Sony

2014-06-26 22:28 - 2014-06-26 22:28 - 00000000 ____D () C:\Users\User\AppData\Roaming\No Company Name

2014-06-26 21:44 - 2014-05-03 17:45 - 00013708 _____ () C:\Windows\system32\--traceoff

2014-06-26 21:43 - 2014-06-26 21:43 - 00001040 _____ () C:\Users\Public\Desktop\Vegas Pro 13.0 (64-bit).lnk

2014-06-26 21:43 - 2014-06-26 21:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sony

2014-06-26 21:42 - 2014-06-26 21:42 - 00000000 ____D () C:\Program Files\Sony

2014-06-26 21:42 - 2014-06-26 21:42 - 00000000 ____D () C:\Program Files (x86)\Sony

2014-06-26 21:42 - 2013-12-15 03:11 - 00000000 ____D () C:\ProgramData\Sony

2014-06-26 17:45 - 2014-06-26 17:45 - 00003164 _____ () C:\Windows\System32\Tasks\SmartDefrag3_Startup

2014-06-26 17:42 - 2014-06-26 17:42 - 00003356 _____ () C:\Windows\System32\Tasks\EnergoTech Update

2014-06-26 17:42 - 2014-06-26 17:42 - 00000000 ____D () C:\ProgramData\EnergoTech

2014-06-26 16:41 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\system

2014-06-26 16:24 - 2014-06-26 16:23 - 00000000 ____D () C:\Users\User\Documents\SPACE

2014-06-26 12:57 - 2013-07-02 13:34 - 00000000 __SHD () C:\Windows\SysWOW64\AI_RecycleBin

2014-06-26 12:39 - 2013-02-26 23:17 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information

2014-06-25 22:34 - 2014-05-10 23:34 - 00000000 ____D () C:\Program Files (x86)\OBS

2014-06-25 21:54 - 2014-06-25 21:54 - 00000000 ____D () C:\Users\User\AppData\Roaming\StormFall

2014-06-25 21:54 - 2014-06-25 21:54 - 00000000 ____D () C:\Users\User\AppData\Local\StormFall

2014-06-25 21:02 - 2014-06-25 18:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Movavi Screen Capture Studio 5

2014-06-25 18:35 - 2014-06-25 18:35 - 00005053 _____ () C:\ProgramData\hwjqxkkr.zva

2014-06-25 18:35 - 2014-06-25 18:35 - 00000000 ____D () C:\Users\User\AppData\Roaming\MOVAVI

2014-06-25 18:35 - 2014-06-25 18:35 - 00000000 ____D () C:\Users\User\AppData\Local\Movavi

2014-06-25 15:46 - 2014-06-25 15:46 - 00000000 ____D () C:\ProgramData\BlueStacks

2014-06-25 15:44 - 2014-06-25 15:44 - 00000000 ____D () C:\Users\User\Documents\NewBlueFX

2014-06-25 15:44 - 2013-02-26 23:48 - 00000000 ____D () C:\ProgramData\Adobe

2014-06-25 14:41 - 2014-06-25 14:41 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\48230029.sys

2014-06-24 16:52 - 2013-02-27 00:20 - 00107552 _____ (Realtek Semiconductor Corporation) C:\Windows\system32\SET75CE.tmp

2014-06-24 16:51 - 2014-06-24 16:51 - 09889352 _____ (Realtek Semiconductor Corp.) C:\Windows\SysWOW64\RsCRIcon.dll

2014-06-24 16:51 - 2014-06-24 16:51 - 00271064 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RtsUStor.sys

2014-06-24 16:51 - 2009-07-13 22:20 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories

2014-06-24 16:50 - 2014-06-24 16:50 - 00170200 _____ (Broadcom Corporation.) C:\Windows\system32\Drivers\bcbtums.sys

2014-06-24 16:50 - 2014-06-24 16:50 - 00057270 _____ () C:\Windows\system32\Drivers\BCM43142A0_001.001.011.0161.0177.hex

2014-06-24 16:50 - 2014-06-24 16:50 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_TeeDriverx64_01011.Wdf

2014-06-24 16:49 - 2014-06-24 16:49 - 01795952 _____ (Microsoft Corporation) C:\Windows\system32\WdfCoInstaller01011.dll

2014-06-24 16:49 - 2014-06-24 16:49 - 00100312 _____ (Intel Corporation) C:\Windows\system32\Drivers\TeeDriverx64.sys

2014-06-24 16:34 - 2014-06-24 16:34 - 00003170 _____ () C:\Windows\System32\Tasks\SmartDefrag3_Update

2014-06-24 16:33 - 2014-06-24 16:33 - 00002860 _____ () C:\Windows\System32\Tasks\Driver Booster SkipUAC (SYSTEM)

2014-06-24 16:33 - 2014-06-24 16:25 - 00003220 _____ () C:\Windows\System32\Tasks\Driver Booster Scan

2014-06-24 16:33 - 2014-06-24 16:25 - 00003164 _____ () C:\Windows\System32\Tasks\Driver Booster Update

2014-06-24 16:25 - 2014-06-24 16:25 - 00002852 _____ () C:\Windows\System32\Tasks\Driver Booster SkipUAC (User)

2014-06-24 11:41 - 2014-06-24 11:41 - 00000000 ____D () C:\ProgramData\AVG Secure Search

2014-06-24 11:41 - 2013-07-01 21:11 - 00000000 ____D () C:\Program Files (x86)\AVG SafeGuard toolbar

2014-06-24 11:41 - 2013-06-29 20:06 - 00050464 _____ (AVG Technologies) C:\Windows\system32\Drivers\avgtpx64.sys

2014-06-21 16:03 - 2014-05-15 18:08 - 00000000 ____D () C:\Program Files (x86)\IObit Apps Toolbar

2014-06-21 02:50 - 2014-06-01 10:47 - 00001109 _____ () C:\Users\User\Desktop\Katawa Shoujo.lnk

2014-06-21 02:50 - 2014-06-01 10:46 - 00000000 ____D () C:\Program Files (x86)\Katawa Shoujo

2014-06-20 15:48 - 2009-07-13 22:20 - 00000000 __RSD () C:\Windows\Media

2014-06-20 15:14 - 2014-07-09 02:36 - 00266424 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll

2014-06-20 14:39 - 2014-07-09 02:36 - 00240824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll

2014-06-18 20:39 - 2014-07-09 02:35 - 23464448 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll

2014-06-18 20:06 - 2014-07-09 02:36 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb

2014-06-18 20:06 - 2014-07-09 02:36 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll

2014-06-18 19:48 - 2014-07-09 02:35 - 02768384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll

2014-06-18 19:42 - 2014-07-09 02:36 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll

2014-06-18 19:42 - 2014-07-09 02:35 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll

2014-06-18 19:41 - 2014-07-09 02:36 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll

2014-06-18 19:41 - 2014-07-09 02:35 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll

2014-06-18 19:32 - 2014-07-09 02:35 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll

2014-06-18 19:31 - 2014-07-09 02:36 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll

2014-06-18 19:26 - 2014-07-09 02:35 - 00598016 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll

2014-06-18 19:24 - 2014-07-09 02:36 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe

2014-06-18 19:24 - 2014-07-09 02:35 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe

2014-06-18 19:23 - 2014-07-09 02:35 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll

2014-06-18 19:16 - 2014-07-09 02:36 - 17276416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll

2014-06-18 19:14 - 2014-07-09 02:35 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe

2014-06-18 19:12 - 2014-06-16 21:10 - 00000000 ____D () C:\ProgramData\Appday software

2014-06-18 19:09 - 2014-07-09 02:36 - 00452608 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll

2014-06-18 18:59 - 2014-07-09 02:36 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll

2014-06-18 18:56 - 2014-07-09 02:36 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb

2014-06-18 18:53 - 2014-07-09 02:35 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll

2014-06-18 18:51 - 2014-07-09 02:35 - 05721088 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll

2014-06-18 18:50 - 2014-07-09 02:35 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll

2014-06-18 18:48 - 2014-07-09 02:35 - 00292864 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll

2014-06-18 18:39 - 2014-07-09 02:36 - 00608768 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe

2014-06-18 18:38 - 2014-07-09 02:35 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll

2014-06-18 18:37 - 2014-07-09 02:36 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll

2014-06-18 18:36 - 2014-07-09 02:36 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll

2014-06-18 18:35 - 2014-07-09 02:35 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll

2014-06-18 18:33 - 2014-07-09 02:36 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll

2014-06-18 18:32 - 2014-07-09 02:36 - 02179072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll

2014-06-18 18:28 - 2014-07-09 02:36 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll

2014-06-18 18:28 - 2014-07-09 02:36 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll

2014-06-18 18:27 - 2014-07-09 02:35 - 02040832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl

2014-06-18 18:27 - 2014-07-09 02:35 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll

2014-06-18 18:25 - 2014-07-09 02:36 - 00442368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll

2014-06-18 18:23 - 2014-07-09 02:35 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe

2014-06-18 18:22 - 2014-07-09 02:36 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll

2014-06-18 18:12 - 2014-07-09 02:36 - 00367616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll

2014-06-18 18:06 - 2014-07-09 02:36 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll

2014-06-18 18:01 - 2014-07-09 02:35 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll

2014-06-18 17:59 - 2014-07-09 02:36 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll

2014-06-18 17:58 - 2014-07-09 02:36 - 00239616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll

2014-06-18 17:58 - 2014-07-09 02:35 - 02266112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll

2014-06-18 17:52 - 2014-07-09 02:35 - 04254720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll

2014-06-18 17:51 - 2014-07-09 02:35 - 13527040 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll

2014-06-18 17:49 - 2014-07-09 02:36 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll

2014-06-18 17:46 - 2014-07-09 02:35 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll

2014-06-18 17:45 - 2014-07-09 02:36 - 01964544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl

2014-06-18 17:35 - 2014-07-09 02:36 - 11742208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll

2014-06-18 17:34 - 2014-07-09 02:36 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll

2014-06-18 17:15 - 2014-07-09 02:35 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll

2014-06-18 17:13 - 2014-07-09 02:35 - 01791488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll

2014-06-18 17:09 - 2014-07-09 02:36 - 01139200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll

2014-06-18 17:07 - 2014-07-09 02:35 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll

2014-06-18 12:25 - 2014-06-18 12:25 - 00000222 _____ () C:\Users\User\Desktop\Soldier Front 2.url

2014-06-18 10:03 - 2014-06-04 08:40 - 00003826 _____ () C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1401603626

2014-06-18 10:03 - 2014-06-01 01:20 - 00000000 ____D () C:\Program Files (x86)\Opera

2014-06-17 22:43 - 2014-06-16 21:10 - 00000000 ____D () C:\Program Files (x86)\ss Supporter

2014-06-17 22:43 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\Web

2014-06-17 22:32 - 2014-06-16 21:09 - 00000000 ____D () C:\ProgramData\77e9934e1b4ae1eb

2014-06-17 22:32 - 2014-06-16 21:09 - 00000000 ____D () C:\Program Files (x86)\Adblocker

2014-06-17 22:30 - 2014-06-16 21:09 - 00000000 ____D () C:\Program Files (x86)\Downoload keaEper

2014-06-17 22:25 - 2014-06-04 17:25 - 00000000 ____D () C:\Users\User\AppData\Local\Bluestacks

2014-06-17 22:25 - 2009-07-13 22:20 - 00000000 __RHD () C:\Users\Public\Libraries

2014-06-17 22:17 - 2014-06-16 21:08 - 00000000 ____D () C:\Users\User\AppData\Roaming\SkypEmoticons

2014-06-17 22:08 - 2013-08-08 14:08 - 00000000 ____D () C:\Users\User\AppData\Roaming\Malwarebytes

2014-06-17 22:07 - 2013-08-08 14:07 - 00000000 ____D () C:\ProgramData\Malwarebytes

2014-06-17 21:55 - 2014-06-17 21:55 - 00000604 _____ () C:\Users\User\Documents\MC instruc.txt

2014-06-17 21:35 - 2013-06-27 17:08 - 00000000 ____D () C:\Users\User\AppData\Roaming\.minecraft

2014-06-17 21:18 - 2014-07-09 02:36 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe

2014-06-17 20:51 - 2014-07-09 02:36 - 00646144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\osk.exe

2014-06-17 20:10 - 2014-07-09 02:36 - 03157504 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys

2014-06-16 21:50 - 2014-06-16 21:48 - 01557060 _____ (TeamExtreme) C:\Users\User\Desktop\Minecraft.exe

2014-06-16 21:10 - 2014-06-16 21:08 - 00000000 ____D () C:\ProgramData\InstallMate

2014-06-16 21:09 - 2014-06-16 21:09 - 00000000 ____D () C:\Users\User\AppData\Local\Packages

2014-06-16 21:09 - 2014-06-16 21:09 - 00000000 ____D () C:\Users\User\AppData\Local\Chromatic Browser

2014-06-16 21:09 - 2013-08-01 00:04 - 00000506 __RSH () C:\ProgramData\ntuser.pol

2014-06-16 21:09 - 2013-06-26 22:05 - 00000000 ____D () C:\Program Files (x86)\Google

2014-06-16 21:08 - 2014-06-16 21:08 - 00000000 ____D () C:\Users\User\AppData\Local\Torch

2014-06-16 21:08 - 2014-06-16 21:08 - 00000000 ____D () C:\Users\User\AppData\Local\Comodo

2014-06-16 21:08 - 2014-06-16 21:08 - 00000000 ____D () C:\Users\Guest\AppData\Local\Torch

2014-06-16 21:08 - 2014-06-16 21:08 - 00000000 ____D () C:\Users\Guest\AppData\Local\Google

2014-06-16 21:08 - 2014-06-16 21:08 - 00000000 ____D () C:\Users\Guest\AppData\Local\Comodo

2014-06-16 21:08 - 2014-06-16 21:08 - 00000000 ____D () C:\Users\Guest\AppData\Local\Chromatic Browser

2014-06-16 21:08 - 2014-06-16 21:08 - 00000000 ____D () C:\Users\Guest

2014-06-16 21:08 - 2014-06-16 21:08 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Torch

2014-06-16 21:08 - 2014-06-16 21:08 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Google

2014-06-16 21:08 - 2014-06-16 21:08 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Comodo

2014-06-16 21:08 - 2014-06-16 21:08 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Chromatic Browser

2014-06-16 21:08 - 2014-06-16 21:08 - 00000000 ____D () C:\Users\Administrator

2014-06-16 21:08 - 2013-06-26 22:05 - 00000000 ____D () C:\Users\User\AppData\Local\Google

2014-06-12 04:10 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\rescache

2014-06-10 17:57 - 2014-06-10 17:34 - 00000000 ____D () C:\Users\User\Downloads\[Fuwanovel] Yandere

2014-06-10 15:05 - 2014-06-10 00:48 - 00005486 _____ () C:\Users\User\Downloads\[Fuwanovel] Yandere.torrent

2014-06-10 00:47 - 2014-06-05 00:12 - 00000000 ____D () C:\Users\User\AppData\Roaming\cobra

 

Files to move or delete:

====================

C:\ProgramData\RegistryReviver.exe

C:\Users\User\jagex_cl_runescape_LIVE.dat

C:\Users\User\random.dat

C:\Users\User\AppData\Roaming\msconfig.ini

 

 

Some content of TEMP:

====================

C:\Users\User\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpxhuypv.dll

 

 

==================== Bamital & volsnap Check =================

 

C:\Windows\System32\winlogon.exe => File is digitally signed

C:\Windows\System32\wininit.exe => File is digitally signed

C:\Windows\SysWOW64\wininit.exe => File is digitally signed

C:\Windows\explorer.exe => File is digitally signed

C:\Windows\SysWOW64\explorer.exe => File is digitally signed

C:\Windows\System32\svchost.exe => File is digitally signed

C:\Windows\SysWOW64\svchost.exe => File is digitally signed

C:\Windows\System32\services.exe => File is digitally signed

C:\Windows\System32\User32.dll => File is digitally signed

C:\Windows\SysWOW64\User32.dll => File is digitally signed

C:\Windows\System32\userinit.exe => File is digitally signed

C:\Windows\SysWOW64\userinit.exe => File is digitally signed

C:\Windows\System32\rpcss.dll => File is digitally signed

C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

 

 

LastRegBack: 2014-07-04 19:54

 

==================== End Of Log ============================

Link to post
Share on other sites

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 09-07-2014

Ran by User at 2014-07-10 04:31:49

Running from C:\Users\User\Downloads

Boot Mode: Safe Mode (with Networking)

==========================================================

 

 

==================== Security Center ========================

 

AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

 

==================== Installed Programs ======================

 

Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 14.0.0.110 - Adobe Systems Incorporated)

Adobe AIR (x32 Version: 14.0.0.110 - Adobe Systems Incorporated) Hidden

Adobe Flash Player 14 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 14.0.0.145 - Adobe Systems Incorporated)

Adobe Flash Player 14 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 14.0.0.145 - Adobe Systems Incorporated)

Adobe Media Encoder CC 2014 (HKLM-x32\...\{663DEEEF-EF34-4DCB-8687-73A7AA146E02}) (Version: 8.0.0 - Adobe Systems Incorporated)

Adobe Reader XI (11.0.07) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.07 - Adobe Systems Incorporated)

Advanced Audio FX Engine (HKLM-x32\...\Advanced Audio FX Engine) (Version: 1.12.05 - Creative Technology Ltd)

Akamai NetSession Interface (HKCU\...\Akamai) (Version:  - Akamai Technologies, Inc)

Apple Application Support (HKLM-x32\...\{D9DAD0FF-495A-472B-9F10-BAE430A26682}) (Version: 3.0.3 - Apple Inc.)

Apple Mobile Device Support (HKLM\...\{787136D2-F0F8-4625-AA3F-72D7795AC842}) (Version: 7.1.1.3 - Apple Inc.)

Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)

Arc (HKLM-x32\...\{CED8E25B-122A-4E80-B612-7F99B93284B3}) (Version: 1.0.0.5510 - Perfect World Entertainment)

Audacity 2.0.5 (HKLM-x32\...\Audacity_is1) (Version: 2.0.5 - Audacity Team)

BitTorrent (HKCU\...\BitTorrent) (Version: 7.9.2.32128 - BitTorrent Inc.)

Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)

Canon Inkjet Printer/Scanner/Fax Extended Survey Program (HKLM-x32\...\CANONIJPLM100) (Version:  - )

Canon MP Navigator EX 3.0 (HKLM-x32\...\MP Navigator EX 3.0) (Version:  - )

Canon MP490 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP490_series) (Version:  - )

Canon MP490 series User Registration (HKLM-x32\...\Canon MP490 series User Registration) (Version:  - )

Canon Utilities Easy-PhotoPrint EX (HKLM-x32\...\Easy-PhotoPrint EX) (Version:  - )

Canon Utilities My Printer (HKLM-x32\...\CanonMyPrinter) (Version:  - )

Canon Utilities Solution Menu (HKLM-x32\...\CanonSolutionMenu) (Version:  - )

CCleaner (HKLM\...\CCleaner) (Version: 4.15 - Piriform)

Cheat Engine 6.4 (HKLM-x32\...\Cheat Engine 6.4_is1) (Version:  - Cheat Engine)

Cirrus Logic Audio Panel (Version: 1.1.12.4 - Cirrus Logic) Hidden

Cirrus Logic Audio x64 (Version: 6.24.5.2 - Cirrus Logic) Hidden

Cisco EAP-FAST Module (x32 Version: 2.2.14 - Cisco Systems, Inc.) Hidden

Cisco LEAP Module (x32 Version: 1.0.19 - Cisco Systems, Inc.) Hidden

Cisco PEAP Module (x32 Version: 1.1.6 - Cisco Systems, Inc.) Hidden

Compatibility Pack for the 2007 Office system (HKLM-x32\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)

D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden

Dead Island: Epidemic (HKLM-x32\...\Steam App 222900) (Version:  - Stunlock Studios)

Dell Audio (HKLM-x32\...\{3A69FD31-5EE7-42C9-918B-81C07AA21043}) (Version: 6.24.5.2 - Cirrus Logic)

Dell Edoc Viewer (HKLM\...\{8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}) (Version: 1.0.0 - Dell Inc)

Dell Touchpad (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: 7.1209.101.217 - ALPS ELECTRIC CO., LTD.)

Dell Webcam Central (HKLM-x32\...\Dell Webcam Central) (Version: 2.01.15 - Creative Technology Ltd)

Dropbox (HKCU\...\Dropbox) (Version: 2.8.2 - Dropbox, Inc.)

DW WLAN Card Utility (HKLM\...\DW WLAN Card Utility) (Version: 6.20.55.52 - Dell Inc.)

Fraps (remove only) (HKLM-x32\...\Fraps) (Version:  - )

Google Chrome (HKLM-x32\...\Google Chrome) (Version: 35.0.1916.153 - Google Inc.)

Google Update Helper (x32 Version: 1.3.24.7 - Google Inc.) Hidden

Happy Cloud Client (HKCU\...\HappyCloud) (Version: 3.72 - Happy Cloud, Inc.)

Intel® Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)

Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.0.4.1441 - Intel Corporation)

Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.3347 - Intel Corporation)

Intel® Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.1.0.1006 - Intel Corporation)

Intel® Trusted Connect Service Client (HKLM\...\{09536BA1-E498-4CC3-B834-D884A67D7E34}) (Version: 1.23.605.1 - Intel Corporation)

IObit Apps Toolbar v9.2 (HKLM-x32\...\{4F5E5430-1DA8-4B2B-BB26-B29C0E7DBFDB}) (Version: 9.2 - Spigot, Inc.) <==== ATTENTION

iTunes (HKLM\...\{5A68A656-979F-4168-8795-E2E368AA4DC2}) (Version: 11.2.2.3 - Apple Inc.)

Java 7 Update 40 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217040FF}) (Version: 7.0.400 - Oracle)

Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden

Junk Mail filter update (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden

Katawa Shoujo (HKLM-x32\...\Katawa Shoujo) (Version:  - )

Lightshot-5.1.2.5 (HKLM-x32\...\{30A5B3C9-2084-4063-A32A-628A98DE512B}_is1) (Version: 5.1.2.5 - Skillbrains)

Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)

Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden

Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden

Microsoft Office Word Viewer 2003 (HKLM-x32\...\{90850409-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)

Microsoft OneDrive (HKCU\...\OneDriveSetup.exe) (Version: 17.0.4041.0512 - Microsoft Corporation)

Microsoft Security Client (Version: 4.5.0216.0 - Microsoft Corporation) Hidden

Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.5.216.0 - Microsoft Corporation)

Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)

Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{820B6609-4C97-3A2B-B644-573B06A0F0CC}) (Version: 9.0.30729 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)

Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)

Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)

Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)

Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (Version: 11.0.61030 - Microsoft Corporation) Hidden

Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (Version: 11.0.61030 - Microsoft Corporation) Hidden

Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (x32 Version: 11.0.61030 - Microsoft Corporation) Hidden

Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (x32 Version: 11.0.61030 - Microsoft Corporation) Hidden

Movie Maker (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden

MP3 Rocket (HKLM-x32\...\MP3 Rocket) (Version: 6.4.7 - MP3 Rocket Inc)

MSVC90_x64 (Version: 1.0.1.2 - Nokia) Hidden

MSVC90_x86 (x32 Version: 1.0.1.2 - Nokia) Hidden

MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden

MSVCRT Redists (Version: 1.0 - Sony Creative Software Inc.) Hidden

MSVCRT Redists (x32 Version: 1.0 - Sony Creative Software Inc.) Hidden

MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden

MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden

MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden

Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.6.7 - Notepad++ Team)

NVMS5 Standard Edition (HKLM-x32\...\{F011CDD5-87D2-4873-8EE3-FA95B1FEAED9}) (Version: 5.2 - NVMS)

Open Broadcaster Software (HKLM-x32\...\Open Broadcaster Software) (Version:  - )

Opera Stable 22.0.1471.70 (HKLM-x32\...\Opera 22.0.1471.70) (Version: 22.0.1471.70 - Opera Software ASA)

osu! (HKLM-x32\...\{C3592426-531E-4110-911D-BFECE2CE284C}) (Version: 0.0.0.0 - peppy)

paint.net (HKLM\...\{3F5F509B-E226-417C-8CD1-CAAE756C328A}) (Version: 4.0.0 - dotPDN LLC)

Pando Media Booster (HKLM-x32\...\{980A182F-E0A2-4A40-94C1-AE0C1235902E}) (Version: 2.6.0.7 - Pando Networks Inc.)

Photo Gallery (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden

Process Hacker 2.33 (r5590) (HKLM\...\Process_Hacker2_is1) (Version: 2.33.0.5590 - wj32)

Quickset64 (HKLM\...\{87CF757E-C1F1-4D22-865C-00C6950B5258}) (Version: 11.0.10 - Dell Inc.)

Registry Reviver (HKLM\...\Registry Reviver) (Version: 3.0.1.162 - ReviverSoft LLC)

ROBLOX Player for User (HKCU\...\{373B1718-8CC5-4567-8EE2-9033AD08A680}) (Version:  - ROBLOX Corporation)

ROBLOX Studio 2013 for User (HKCU\...\{2922D6F1-2865-4EFA-97A9-94EEAB3AFA14}) (Version:  - ROBLOX Corporation)

Skype Click to Call (HKLM-x32\...\{BB285C9F-C821-4770-8970-56C4AB52C87E}) (Version: 7.2.15747.10003 - Microsoft Corporation)

Skype™ 6.16 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.16.105 - Skype Technologies S.A.)

Soldier Front 2 (HKLM-x32\...\Steam App 239660) (Version:  - Dragonfly)

Steam (HKLM-x32\...\Steam) (Version:  - Valve Corporation)

Trusted Saver (HKLM-x32\...\Trusted Saver) (Version: 1.27.153.5 - Trusted Saver)

Unity Web Player (HKCU\...\UnityWebPlayer) (Version:  - Unity Technologies ApS)

Vegas Pro 13.0 (64-bit) (HKLM\...\{D0360940-CCC6-11E3-B9C6-F04DA23A5C58}) (Version: 13.0.310 - Sony)

Visual Studio 2010 x64 Redistributables (HKLM\...\{21B133D6-5979-47F0-BE1C-F6A6B304693F}) (Version: 13.0.0.1 - AVG Technologies)

WIDCOMM Bluetooth Software (HKLM\...\{A1439D4F-FD46-47F2-A1D3-FEE097C29A09}) (Version: 6.5.1.2500 - Broadcom Corporation)

Windows Live Communications Platform (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden

Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3508.0205 - Microsoft Corporation)

Windows Live Essentials (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden

Windows Live ID Sign-in Assistant (Version: 7.250.4311.0 - Microsoft Corporation) Hidden

Windows Live Installer (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden

Windows Live Mail (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden

Windows Live Messenger (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden

Windows Live MIME IFilter (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden

Windows Live Photo Common (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden

Windows Live PIMT Platform (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden

Windows Live SOXE (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden

Windows Live SOXE Definitions (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden

Windows Live UX Platform (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden

Windows Live UX Platform Language Pack (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden

Windows Live Writer (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden

Windows Live Writer Resources (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden

WinRAR 5.00 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.00.0 - win.rar GmbH)

Yahoo! Messenger (HKLM-x32\...\Yahoo! Messenger) (Version:  - Yahoo! Inc.)

 

==================== Restore Points  =========================

 

04-07-2014 16:09:15 Windows Update

08-07-2014 01:21:10 Installed Cheat Engine

08-07-2014 15:56:00 Windows Update

09-07-2014 08:01:50 Windows Update

09-07-2014 15:30:52 Windows Update

10-07-2014 07:34:38 Registry Reviver Restore Point (07/10/14)

10-07-2014 08:19:17 Removed Vegas Pro 13.0 (64-bit)

 

==================== Hosts content: ==========================

 

2009-07-13 21:34 - 2009-06-10 16:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

 

==================== Scheduled Tasks (whitelisted) =============

 

Task: {021DC7CF-36E4-4B2F-8E4D-A6584BF4291A} - System32\Tasks\Driver Booster SkipUAC (User) => C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe <==== ATTENTION

Task: {05754845-923B-4EBC-9945-92327A4540CB} - System32\Tasks\update-sys => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [2014-03-25] ()

Task: {1B82B772-B3AE-42DF-9772-70D8A90C2589} - System32\Tasks\{D0FD7341-BFFA-4E6F-A8F5-EBE5421775DA} => C:\Program Files (x86)\Canon\IJ Manual\Easy Guide Viewer\cmview.exe [2009-04-23] (CANON INC.)

Task: {2E79C2D0-9E4C-4BCA-BD70-632B26052CA8} - System32\Tasks\{B52DC84F-8800-4BF5-8662-6181DD8F6BEB} => C:\Program Files (x86)\Canon\IJ Manual\Easy Guide Viewer\cmview.exe [2009-04-23] (CANON INC.)

Task: {3427CCB5-DDCC-4AD4-8336-C7C76A65C71F} - System32\Tasks\AdobeAAMUpdater-1.0-User-PC-User => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2014-02-27] (Adobe Systems Incorporated)

Task: {4890274D-37BB-4AF9-A0B3-357CDF81E169} - System32\Tasks\Opera scheduled Autoupdate 1401603626 => C:\Program Files (x86)\Opera\launcher.exe [2014-06-16] (Opera Software)

Task: {4DEF4503-EAF1-45B7-AD0F-B85C895AAD46} - System32\Tasks\EnergoTech Update => C:\ProgramData\EnergoTech\update.exe [2014-06-26] (EnergoTech LLC)

Task: {53755BAC-6759-4771-A1C6-9B3CFE0B4492} - System32\Tasks\Trusted Saver-codedownloader => C:\Program Files (x86)\Trusted Saver\Trusted Saver-codedownloader.exe [2013-06-26] (Trusted Saver)

Task: {56A14F61-F7B5-449A-88DD-5EAB501DD935} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-07-08] (Adobe Systems Incorporated)

Task: {5E47C81B-2144-45A1-858B-F4985B69F817} - System32\Tasks\update-S-1-5-21-2278122046-1784014762-222765858-1000 => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [2014-03-25] ()

Task: {69505C6E-384D-4612-88DE-198F1633758F} - \BackgroundContainer Startup Task No Task File <==== ATTENTION

Task: {69A0D086-99B3-416E-A066-11F113C4F7BB} - System32\Tasks\Trusted Saver-enabler => C:\Program Files (x86)\Trusted Saver\Trusted Saver-enabler.exe [2013-10-14] (Trusted Saver) <==== ATTENTION

Task: {70285D8D-B643-446B-8E9B-731110398450} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

Task: {8108B12B-DD65-4728-9781-3007E593999D} - System32\Tasks\Driver Booster Update => C:\Program Files (x86)\IObit\Driver Booster\AutoUpdate.exe <==== ATTENTION

Task: {8835B91A-32B9-43AA-AA50-777FA7CD09DC} - System32\Tasks\ASC7_PerformanceMonitor => C:\Program Files (x86)\IObit\Advanced SystemCare 7\Monitor.exe

Task: {89420A3A-583F-4732-90AC-D95E6DB5E239} - System32\Tasks\ASC7_SkipUac_User => C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASC.exe

Task: {B3919807-9639-45EA-8D39-9AAA4D2FC038} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

Task: {B9896929-D4C0-422A-BB2B-0989D92D0842} - System32\Tasks\Uninstaller_SkipUac_Administrator => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe

Task: {C7617B60-D96E-43DF-BC4F-30DE17D472AF} - System32\Tasks\Driver Booster Scan => C:\Program Files (x86)\IObit\Driver Booster\Scheduler.exe <==== ATTENTION

Task: {C962D970-643D-43DA-8F9E-B1015A6B8797} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)

Task: {E00A2EE2-9647-4959-B9D5-C6DD2F2FB1B8} - System32\Tasks\SmartDefrag3_Update => C:\Program Files (x86)\IObit\Smart Defrag 3\AutoUpdate.exe

Task: {E515A0E4-424F-4EBD-A20E-A013C8EBA565} - System32\Tasks\Trusted Saver-updater => C:\Program Files (x86)\Trusted Saver\Trusted Saver-updater.exe [2013-06-26] (Trusted Saver)

Task: {EDBF7E16-8C18-4DE3-8AC4-11F55FF0C9EA} - System32\Tasks\SmartDefrag3_Startup => C:\Program Files (x86)\IObit\Smart Defrag 3\SmartDefrag.exe

Task: {FFADC1C7-75F0-4220-B9EF-725AF12C43CF} - System32\Tasks\Driver Booster SkipUAC (SYSTEM) => C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe <==== ATTENTION

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

Task: C:\Windows\Tasks\Start Registry Reviver for User-PC@User(logon).job => C:\Program Files\ReviverSoft\Registry Reviver\RegistryReviver.exe

Task: C:\Windows\Tasks\Trusted Saver-codedownloader.job => C:\Program Files (x86)\Trusted Saver\Trusted Saver-codedownloader.exe

Task: C:\Windows\Tasks\Trusted Saver-enabler.job => C:\Program Files (x86)\Trusted Saver\Trusted Saver-enabler.exe <==== ATTENTION

Task: C:\Windows\Tasks\Trusted Saver-updater.job => C:\Program Files (x86)\Trusted Saver\Trusted Saver-updater.exe

Task: C:\Windows\Tasks\update-S-1-5-21-2278122046-1784014762-222765858-1000.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe

Task: C:\Windows\Tasks\update-sys.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe

 

==================== Loaded Modules (whitelisted) =============

 

2014-06-18 10:03 - 2014-06-18 10:03 - 01396344 _____ () C:\Program Files (x86)\Opera\22.0.1471.70\opera_crashreporter.exe

2014-06-18 10:03 - 2014-06-18 10:03 - 00957048 _____ () C:\Program Files (x86)\Opera\22.0.1471.70\ffmpegsumo.dll

2014-07-08 22:14 - 2014-07-08 22:14 - 17029808 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll

 

==================== Alternate Data Streams (whitelisted) =========

 

AlternateDataStreams: C:\Users\User\Cookies:Hvyl6zsIaM2elEsQwf5AvJ

 

==================== Safe Mode (whitelisted) ===================

 

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\IMFservice => ""="Service"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Option => "OptionValue"="2"

 

==================== EXE Association (whitelisted) =============

 

 

==================== MSCONFIG/TASK MANAGER disabled items =========

 

 

==================== Faulty Device Manager Devices =============

 

Name: Security Processor Loader Driver

Description: Security Processor Loader Driver

Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}

Manufacturer: 

Service: spldr

Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)

Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.

Devices stay in this state if they have been prepared for removal.

After you remove the device, this error disappears.Remove the device, and this error should be resolved.

 

 

==================== Event log errors: =========================

 

Application errors:

==================

Error: (07/10/2014 04:23:26 AM) (Source: Application Error) (EventID: 1000) (User: )

Description: Faulting application name: avira_en_av___ws2.exe, version: 1.1.17.31000, time stamp: 0x52974fc4

Faulting module name: KERNELBASE.dll, version: 6.1.7601.18409, time stamp: 0x53159a86

Exception code: 0xc06d007e

Fault offset: 0x0000c42d

Faulting process id: 0x4f4

Faulting application start time: 0xavira_en_av___ws2.exe0

Faulting application path: avira_en_av___ws2.exe1

Faulting module path: avira_en_av___ws2.exe2

Report Id: avira_en_av___ws2.exe3

 

Error: (07/10/2014 04:23:13 AM) (Source: Application Error) (EventID: 1000) (User: )

Description: Faulting application name: avira_en_av___ws2.exe, version: 1.1.17.31000, time stamp: 0x52974fc4

Faulting module name: KERNELBASE.dll, version: 6.1.7601.18409, time stamp: 0x53159a86

Exception code: 0xc06d007e

Fault offset: 0x0000c42d

Faulting process id: 0xa4c

Faulting application start time: 0xavira_en_av___ws2.exe0

Faulting application path: avira_en_av___ws2.exe1

Faulting module path: avira_en_av___ws2.exe2

Report Id: avira_en_av___ws2.exe3

 

Error: (07/10/2014 04:13:12 AM) (Source: Windows Search Service Profile Notification) (EventID: 2) (User: )

Description: Unable to remove Windows Search Service indexed data for user 'S-1-5-21-2278122046-1784014762-222765858-1001' in response to user profile deletion.  Error code 0x8007043C.

 

This service cannot be started in Safe Mode

.

 

Error: (07/10/2014 03:50:45 AM) (Source: WinMgmt) (EventID: 10) (User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

 

Error: (07/10/2014 03:44:21 AM) (Source: WinMgmt) (EventID: 10) (User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

 

Error: (07/10/2014 03:40:37 AM) (Source: Application Error) (EventID: 1000) (User: )

Description: Faulting application name: winlogon.exe, version: 1.0.0.532, time stamp: 0x53518532

Faulting module name: MSVCR100.dll, version: 10.0.40219.325, time stamp: 0x4df2be1e

Exception code: 0x40000015

Fault offset: 0x0008d6fd

Faulting process id: 0x1c2c

Faulting application start time: 0xwinlogon.exe0

Faulting application path: winlogon.exe1

Faulting module path: winlogon.exe2

Report Id: winlogon.exe3

 

Error: (07/10/2014 03:40:07 AM) (Source: Application Error) (EventID: 1000) (User: )

Description: Faulting application name: winlogon.exe, version: 1.0.0.532, time stamp: 0x53518532

Faulting module name: MSVCR100.dll, version: 10.0.40219.325, time stamp: 0x4df2be1e

Exception code: 0x40000015

Fault offset: 0x0008d6fd

Faulting process id: 0x1ec0

Faulting application start time: 0xwinlogon.exe0

Faulting application path: winlogon.exe1

Faulting module path: winlogon.exe2

Report Id: winlogon.exe3

 

Error: (07/10/2014 03:12:29 AM) (Source: WinMgmt) (EventID: 10) (User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

 

Error: (07/10/2014 02:59:12 AM) (Source: WinMgmt) (EventID: 10) (User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

 

Error: (07/10/2014 02:49:04 AM) (Source: WinMgmt) (EventID: 10) (User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

 

 

System errors:

=============

Error: (07/10/2014 04:31:11 AM) (Source: Service Control Manager) (EventID: 7001) (User: )

Description: The Computer Browser service depends on the Server service which failed to start because of the following error: 

%%1068

 

Error: (07/10/2014 04:31:11 AM) (Source: Service Control Manager) (EventID: 7001) (User: )

Description: The Computer Browser service depends on the Server service which failed to start because of the following error: 

%%1068

 

Error: (07/10/2014 04:31:11 AM) (Source: Service Control Manager) (EventID: 7001) (User: )

Description: The Computer Browser service depends on the Server service which failed to start because of the following error: 

%%1068

 

Error: (07/10/2014 04:31:11 AM) (Source: Service Control Manager) (EventID: 7001) (User: )

Description: The Computer Browser service depends on the Server service which failed to start because of the following error: 

%%1068

 

Error: (07/10/2014 04:31:11 AM) (Source: Service Control Manager) (EventID: 7001) (User: )

Description: The Computer Browser service depends on the Server service which failed to start because of the following error: 

%%1068

 

Error: (07/10/2014 04:31:11 AM) (Source: Service Control Manager) (EventID: 7001) (User: )

Description: The Computer Browser service depends on the Server service which failed to start because of the following error: 

%%1068

 

Error: (07/10/2014 04:27:51 AM) (Source: Service Control Manager) (EventID: 7001) (User: )

Description: The Computer Browser service depends on the Server service which failed to start because of the following error: 

%%1068

 

Error: (07/10/2014 04:27:51 AM) (Source: Service Control Manager) (EventID: 7001) (User: )

Description: The Computer Browser service depends on the Server service which failed to start because of the following error: 

%%1068

 

Error: (07/10/2014 04:27:51 AM) (Source: Service Control Manager) (EventID: 7001) (User: )

Description: The Computer Browser service depends on the Server service which failed to start because of the following error: 

%%1068

 

Error: (07/10/2014 04:25:43 AM) (Source: Service Control Manager) (EventID: 7001) (User: )

Description: The Computer Browser service depends on the Server service which failed to start because of the following error: 

%%1068

 

 

Microsoft Office Sessions:

=========================

Error: (07/10/2014 04:23:26 AM) (Source: Application Error) (EventID: 1000) (User: )

Description: avira_en_av___ws2.exe1.1.17.3100052974fc4KERNELBASE.dll6.1.7601.1840953159a86c06d007e0000c42d4f401cf9c2091608731C:\Users\User\Downloads\avira_en_av___ws2.exeC:\Windows\syswow64\KERNELBASE.dlld82b66f8-0813-11e4-861e-e0db559a7406

 

Error: (07/10/2014 04:23:13 AM) (Source: Application Error) (EventID: 1000) (User: )

Description: avira_en_av___ws2.exe1.1.17.3100052974fc4KERNELBASE.dll6.1.7601.1840953159a86c06d007e0000c42da4c01cf9c2089c4a1dcC:\Users\User\Downloads\avira_en_av___ws2.exeC:\Windows\syswow64\KERNELBASE.dlld0a52cd4-0813-11e4-861e-e0db559a7406

 

Error: (07/10/2014 04:13:12 AM) (Source: Windows Search Service Profile Notification) (EventID: 2) (User: )

Description: S-1-5-21-2278122046-1784014762-222765858-10010x8007043CThis service cannot be started in Safe Mode

 

Error: (07/10/2014 03:50:45 AM) (Source: WinMgmt) (EventID: 10) (User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

 

Error: (07/10/2014 03:44:21 AM) (Source: WinMgmt) (EventID: 10) (User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

 

Error: (07/10/2014 03:40:37 AM) (Source: Application Error) (EventID: 1000) (User: )

Description: winlogon.exe1.0.0.53253518532MSVCR100.dll10.0.40219.3254df2be1e400000150008d6fd1c2c01cf9c1a9f43ee04C:\Program Files (x86)\winlogon.exe\winlogon.exeC:\Program Files (x86)\winlogon.exe\MSVCR100.dlldcfd810e-080d-11e4-84af-9c2a70c3beca

 

Error: (07/10/2014 03:40:07 AM) (Source: Application Error) (EventID: 1000) (User: )

Description: winlogon.exe1.0.0.53253518532MSVCR100.dll10.0.40219.3254df2be1e400000150008d6fd1ec001cf9c1a8ac66bc6C:\Program Files (x86)\winlogon.exe\winlogon.exeC:\Program Files (x86)\winlogon.exe\MSVCR100.dllcaf4d895-080d-11e4-84af-9c2a70c3beca

 

Error: (07/10/2014 03:12:29 AM) (Source: WinMgmt) (EventID: 10) (User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

 

Error: (07/10/2014 02:59:12 AM) (Source: WinMgmt) (EventID: 10) (User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

 

Error: (07/10/2014 02:49:04 AM) (Source: WinMgmt) (EventID: 10) (User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

 

 

CodeIntegrity Errors:

===================================

  Date: 2013-11-25 01:10:40.852

  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.

 

  Date: 2013-11-25 01:10:40.849

  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.

 

  Date: 2013-11-25 01:10:40.846

  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.

 

  Date: 2013-11-25 01:10:40.836

  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\KLELAMX64\klelam.sys because the set of per-page image hashes could not be found on the system.

 

  Date: 2013-11-25 01:10:40.834

  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\KLELAMX64\klelam.sys because the set of per-page image hashes could not be found on the system.

 

  Date: 2013-11-25 01:10:40.831

  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\KLELAMX64\klelam.sys because the set of per-page image hashes could not be found on the system.

 

  Date: 2013-11-17 15:57:23.515

  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.

 

  Date: 2013-11-17 15:57:23.513

  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.

 

  Date: 2013-11-17 15:57:23.511

  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.

 

  Date: 2013-11-17 15:57:23.468

  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\KLELAMX64\klelam.sys because the set of per-page image hashes could not be found on the system.

 

 

==================== Memory info =========================== 

 

Percentage of memory in use: 43%

Total physical RAM: 3960.51 MB

Available physical RAM: 2219.6 MB

Total Pagefile: 7919.2 MB

Available Pagefile: 6284.3 MB

Total Virtual: 8192 MB

Available Virtual: 8191.81 MB

 

==================== Drives ================================

 

Drive c: (OS) (Fixed) (Total:279.48 GB) (Free:116.56 GB) NTFS

 

==================== MBR & Partition Table ==================

 

========================================================

Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 298 GB) (Disk ID: 060A5014)

Partition 1: (Not Active) - (Size=39 MB) - (Type=DE)

Partition 2: (Active) - (Size=19 GB) - (Type=07 NTFS)

Partition 3: (Not Active) - (Size=279 GB) - (Type=07 NTFS)

 

==================== End Of Log ============================

Link to post
Share on other sites

So I got pass the error where it downloads then errors.

This time I made it to the installing part, once I click all those "next" and "I agree", etc.

It stops and shows me this 

 

Internal error: Expression error 'Runtime Error (at 79:177):

External exception E06D7363

 

Thank you for your assistance.

 

I will attach a image file of it.

 

post-168663-0-72756500-1405041347_thumb.

Link to post
Share on other sites

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 10-07-2014 01

Ran by User (administrator) on USER-PC on 10-07-2014 21:34:41

Running from C:\Users\User\Downloads

Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: English (United States)

Internet Explorer Version 11

Boot Mode: Normal

 

The only official download link for FRST:



Download link from any site other than Bleeping Computer is unpermitted or outdated.


 

==================== Processes (Whitelisted) =================

 

(SurfRight B.V.) C:\Program Files\HitmanPro\hmpsched.exe

(Dell Inc.) C:\Program Files\Dell\DW WLAN Card\WLTRYSVC.EXE

(Dell Inc.) C:\Program Files\Dell\DW WLAN Card\BCMWLTRY.EXE

(Microsoft Corporation) C:\Windows\System32\wlanext.exe

(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe

(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe

(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe

(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe

(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\Apoint.exe

(Dell Inc.) C:\Program Files\Dell\QuickSet\quickset.exe

() C:\Program Files\Cirrus Logic Audio Panel\CirrusAudioPanel_Dell.exe

(Dell Inc.) C:\Program Files\Dell\DW WLAN Card\WLTRAY.EXE

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe

(Intel Corporation) C:\Windows\System32\igfxtray.exe

(Intel Corporation) C:\Windows\System32\hkcmd.exe

(Intel Corporation) C:\Windows\System32\igfxpers.exe

(CANON INC.) C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE

(Akamai Technologies, Inc.) C:\Users\User\AppData\Local\Akamai\netsession_win.exe

(Microsoft Corporation) C:\Users\User\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe

(BitTorrent Inc.) C:\Users\User\AppData\Roaming\BitTorrent\BitTorrent.exe

(Akamai Technologies, Inc.) C:\Users\User\AppData\Local\Akamai\netsession_win.exe

(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe

(Skillbrains) C:\Users\User\AppData\Local\Skillbrains\lightshot\5.1.2.5\Lightshot.exe

(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe

(Dropbox, Inc.) C:\Users\User\AppData\Roaming\Dropbox\bin\Dropbox.exe

(Creative Technology Ltd) C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe

(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

(AimerSoft) C:\Program Files (x86)\Common Files\Aimersoft\Aimersoft Helper Compact\ASHelper.exe

(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe

() C:\Program Files (x86)\Canon\IJPLM\ijplmsvc.exe

(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe

() C:\Program Files (x86)\NVMS5 Standard Edition\bin\cms.exe

() C:\Program Files (x86)\NVMS5 Standard Edition\data\bin\mysqld.exe

() C:\Program Files (x86)\NVMS5 Standard Edition\bin\watch.exe

(PasswordBox, Inc.) C:\Program Files (x86)\PasswordBox\pbbtnService.exe

(AVG Secure Search) C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.7\ToolbarUpdater.exe

(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE

(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe

(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApMsgFwd.exe

(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\hidfind.exe

(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTStackServer.exe

(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApntEx.exe

(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\Bluetooth Headset Helper.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe

() C:\Program Files (x86)\NVMS5 Standard Edition\bin\vtdu.exe

() C:\Program Files (x86)\NVMS5 Standard Edition\bin\nru.exe

(Yahoo! Inc.) C:\Program Files (x86)\Yahoo!\Messenger\Ymsgr_tray.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe

(Opera Software) C:\Program Files (x86)\Opera\22.0.1471.70\opera.exe

() C:\Program Files (x86)\Opera\22.0.1471.70\opera_crashreporter.exe

(Opera Software) C:\Program Files (x86)\Opera\22.0.1471.70\opera.exe

(Opera Software) C:\Program Files (x86)\Opera\22.0.1471.70\opera.exe

(Opera Software) C:\Program Files (x86)\Opera\22.0.1471.70\opera.exe

(Malwarebytes Corp.) C:\Users\User\Downloads\mbar-1.07.0.1012.exe

(Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe

(Malwarebytes Corporation) C:\Users\User\Desktop\mbar\mbar.exe

(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae-svc.exe

(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae.exe

(Opera Software) C:\Program Files (x86)\Opera\22.0.1471.70\opera.exe

(Microsoft Corporation) C:\Windows\System32\audiodg.exe

(Opera Software) C:\Program Files (x86)\Opera\22.0.1471.70\opera.exe

(Opera Software) C:\Program Files (x86)\Opera\22.0.1471.70\opera.exe

 

 

==================== Registry (Whitelisted) ==================

 

HKLM\...\Run: [Apoint] => C:\Program Files\DellTPad\Apoint.exe [626552 2012-04-09] (Alps Electric Co., Ltd.)

HKLM\...\Run: [QuickSet] => c:\Program Files\Dell\QuickSet\QuickSet.exe [3732848 2012-03-23] (Dell Inc.)

HKLM\...\Run: [Dell Audio] => C:\Program Files\Cirrus Logic Audio Panel\CirrusAudioPanel_Dell.exe [20567552 2012-05-10] ()

HKLM\...\Run: [broadcom Wireless Manager UI] => C:\Program Files\Dell\DW WLAN Card\WLTRAY.exe [7520768 2012-04-26] (Dell Inc.)

HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [558496 2014-02-27] (Adobe Systems Incorporated)

HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1271072 2014-03-11] (Microsoft Corporation)

HKLM\...\Run: [CanonSolutionMenu] => C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.exe [767312 2009-03-17] (CANON INC.)

HKLM\...\Run: [CanonMyPrinter] => C:\Program Files\Canon\MyPrinter\BJMyPrt.exe [2184520 2009-03-23] (CANON INC.)

HKLM-x32\...\Run: [iAStorIcon] => C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [284440 2012-02-01] (Intel Corporation)

HKLM-x32\...\Run: [Dell Webcam Central] => C:\Program Files (x86)\Dell Webcam\Dell Webcam Central\WebcamDell2.exe [577024 2012-03-06] (Creative Technology Ltd)

HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43848 2014-02-12] (Apple Inc.)

HKLM-x32\...\Run: [sunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)

HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)

HKLM-x32\...\Run: [Aimersoft Helper Compact.exe] => C:\Program Files (x86)\Common Files\Aimersoft\Aimersoft Helper Compact\ASHelper.exe [1734144 2013-05-29] (AimerSoft)

HKLM-x32\...\Run: [] => [X]

HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-05-26] (Apple Inc.)

HKLM-x32\...\Run: [Malwarebytes Anti-Exploit] => C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae.exe [382608 2014-06-04] (Malwarebytes Corporation)

HKLM\...\Winlogon: [userinit] C:\Windows\SysWOW64\userinit.exe,

Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)

HKU\.DEFAULT\...\Run: [bitdefender Wallet Agent] => "C:\Program Files\Bitdefender\Bitdefender\pmbxag.exe"

HKU\.DEFAULT\...\Run: [bitdefender Wallet] => "C:\Program Files\Bitdefender\Bitdefender\pwdmanui.exe" --hidden --nowizard

HKU\.DEFAULT\...\Run: [bitdefender Wallet Application Agent] => "C:\Program Files\Bitdefender\Bitdefender\antispam32\bdapppassmgr.exe"

HKU\S-1-5-21-2278122046-1784014762-222765858-1000\...\Run: [Messenger (Yahoo!)] => C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe [6595928 2012-05-25] (Yahoo! Inc.)

HKU\S-1-5-21-2278122046-1784014762-222765858-1000\...\Run: [AdobeBridge] => [X]

HKU\S-1-5-21-2278122046-1784014762-222765858-1000\...\Run: [Akamai NetSession Interface] => C:\Users\User\AppData\Local\Akamai\netsession_win.exe [4672920 2014-04-17] (Akamai Technologies, Inc.)

HKU\S-1-5-21-2278122046-1784014762-222765858-1000\...\Run: [skyDrive] => C:\Users\User\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe [257224 2014-05-15] (Microsoft Corporation)

HKU\S-1-5-21-2278122046-1784014762-222765858-1000\...\Run: [bitTorrent] => C:\Users\User\AppData\Roaming\BitTorrent\BitTorrent.exe [1274456 2014-07-10] (BitTorrent Inc.)

HKU\S-1-5-21-2278122046-1784014762-222765858-1000\...\Run: [skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [21444224 2014-05-08] (Skype Technologies S.A.)

HKU\S-1-5-21-2278122046-1784014762-222765858-1000\...\Run: [LightShot] => C:\Users\User\AppData\Local\Skillbrains\lightshot\Lightshot.exe [226592 2014-03-12] ()

HKU\S-1-5-21-2278122046-1784014762-222765858-1000\...\Winlogon: [shell] C:\Windows\Explorer.exe [2871808 2013-02-27] (Microsoft Corporation) <==== ATTENTION 

HKU\S-1-5-21-2278122046-1784014762-222765858-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Messenger (Yahoo!)] => C:\Program Files (x86)\Yahoo!\Messenger\YahooMessenger.exe [6595928 2012-05-25] (Yahoo! Inc.)

HKU\S-1-5-21-2278122046-1784014762-222765858-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [AdobeBridge] => [X]

HKU\S-1-5-21-2278122046-1784014762-222765858-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [Akamai NetSession Interface] => C:\Users\User\AppData\Local\Akamai\netsession_win.exe [4672920 2014-04-17] (Akamai Technologies, Inc.)

HKU\S-1-5-21-2278122046-1784014762-222765858-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [skyDrive] => C:\Users\User\AppData\Local\Microsoft\SkyDrive\SkyDrive.exe [257224 2014-05-15] (Microsoft Corporation)

HKU\S-1-5-21-2278122046-1784014762-222765858-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [bitTorrent] => C:\Users\User\AppData\Roaming\BitTorrent\BitTorrent.exe [1274456 2014-07-10] (BitTorrent Inc.)

HKU\S-1-5-21-2278122046-1784014762-222765858-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [21444224 2014-05-08] (Skype Technologies S.A.)

HKU\S-1-5-21-2278122046-1784014762-222765858-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Run: [LightShot] => C:\Users\User\AppData\Local\Skillbrains\lightshot\Lightshot.exe [226592 2014-03-12] ()

HKU\S-1-5-21-2278122046-1784014762-222765858-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\...\Winlogon: [shell] C:\Windows\Explorer.exe [2871808 2013-02-27] (Microsoft Corporation) <==== ATTENTION 

Lsa: [Notification Packages] scecli c:\Program Files\WIDCOMM\Bluetooth Software\BtwProximityCP.dll

Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk

ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)

Startup: C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk

ShortcutTarget: Dropbox.lnk -> C:\Users\User\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)

ShellIconOverlayIdentifiers:  SkyDrive1 -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  No File

ShellIconOverlayIdentifiers:  SkyDrive2 -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  No File

ShellIconOverlayIdentifiers:  SkyDrive3 -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  No File

ShellIconOverlayIdentifiers: DropboxExt1 -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} =>  No File

ShellIconOverlayIdentifiers: DropboxExt2 -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} =>  No File

ShellIconOverlayIdentifiers: DropboxExt3 -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} =>  No File

ShellIconOverlayIdentifiers: DropboxExt4 -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} =>  No File

ShellIconOverlayIdentifiers-x32:  SkyDrive1 -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  No File

ShellIconOverlayIdentifiers-x32:  SkyDrive2 -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  No File

ShellIconOverlayIdentifiers-x32:  SkyDrive3 -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  No File

ShellIconOverlayIdentifiers-x32: DropboxExt1 -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} =>  No File

ShellIconOverlayIdentifiers-x32: DropboxExt2 -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} =>  No File

ShellIconOverlayIdentifiers-x32: DropboxExt3 -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} =>  No File

BootExecute: autocheck autochk * SmartDefragBootTime.exebootdelete

GroupPolicy: Group Policy on Chrome detected <======= ATTENTION

 

==================== Internet (Whitelisted) ====================

 

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank

URLSearchHook: HKCU - (No Name) - {03EB0E9C-7A91-4381-A220-9B52B641CDB1} - No File

SearchScopes: HKLM - DefaultScope {451DB2E5-62A4-4DD8-A2DC-399981F96083} URL = http://www.bing.com/search?q={searchTerms}&form=IE9TR&src=IE9TR&pc=MDDSJS

SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 

SearchScopes: HKLM - {451DB2E5-62A4-4DD8-A2DC-399981F96083} URL = http://www.bing.com/search?q={searchTerms}&form=IE9TR&src=IE9TR&pc=MDDSJS

SearchScopes: HKLM-x32 - DefaultScope {BB74DE59-BC4C-4172-9AC4-73315F71CFFE} URL = http://websearch.fastosearch.info/?l=1&q={searchTerms}&pid=1387&r=2014/06/17&hid=6051478625501509087&lg=EN&cc=US&unqvl=55

SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 

SearchScopes: HKLM-x32 - {451DB2E5-62A4-4DD8-A2DC-399981F96083} URL = http://www.bing.com/search?q={searchTerms}&form=IE9TR&src=IE9TR&pc=MDDSJS




SearchScopes: HKCU - {95B7759C-8C7F-4BF1-B163-73684A933233} URL = http://mysearch.avg.com/search?cid={0CC125A9-9D1C-4A21-83F5-639125A54B06}&mid=8e59ebc49e444b9ca9e1be91718fd5d3-a49a24e35e7697e4496ced687597af7283a7b3c1〈=en&ds=AVG&coid=avgtbavg&cmpid=&pr=sa&d=2014-02-12 03:46:10&v=17.3.1.204&pid=safeguard&sg=0&sap=dsp&q={searchTerms}


SearchScopes: HKCU - {FE1E1825-A348-4887-86FE-3BE585FC54C8} URL = http://search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=198484&p={searchTerms}

BHO: No Name - {10921475-03CE-4E04-90CE-E2E7EF20C814} -  No File

BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)

BHO: Skype add-on for Internet Explorer - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)

BHO-x32: No Name - {02478D38-C3F9-4efb-9B51-7695ECA05670} -  No File

BHO-x32: No Name - {03EB0E9C-7A91-4381-A220-9B52B641CDB1} -  No File

BHO-x32: PasswordBox Helper - {5DB69B97-934B-451D-94DB-32EF802A01CD} - C:\Program Files (x86)\PasswordBox\Application\pbbtn.dll (PasswordBox, Inc.)

BHO-x32: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)

BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)

BHO-x32: No Name - {95B7759C-8C7F-4BF1-B163-73684A933233} -  No File

BHO-x32: No Name - {9D974C8C-6D92-44FB-BEAF-B45A1C0CF17F} -  No File

BHO-x32: Skype Browser Helper - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)

BHO-x32: No Name - {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} -  No File

BHO-x32: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)

Toolbar: HKLM - No Name - {03EB0E9C-7A91-4381-A220-9B52B641CDB1} -  No File

Toolbar: HKLM-x32 - No Name - {95B7759C-8C7F-4BF1-B163-73684A933233} -  No File

Toolbar: HKLM-x32 - No Name - {03EB0E9C-7A91-4381-A220-9B52B641CDB1} -  No File

DPF: HKLM-x32 {688C8675-1834-48FA-9DEF-4755CEFB9EDE} http://192.168.1.69/EDVR.CAB

Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)

Handler-x32: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)

Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)

Handler-x32: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\18.1.7\ViProtocol.dll (AVG Secure Search)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.254

 

FireFox:

========

FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_145.dll ()

FF Plugin: @microsoft.com/GENUINE - disabled No File

FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)

FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll ()

FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()

FF Plugin-x32: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin - C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\18.1.7\\npsitesafety.dll No File

FF Plugin-x32: @canon.com/EPPEX - C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)

FF Plugin-x32: @java.com/DTPlugin,version=10.40.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)

FF Plugin-x32: @java.com/JavaPlugin,version=10.40.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)

FF Plugin-x32: @messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6 - C:\Program Files (x86)\Yahoo!\Shared\npYState.dll (Yahoo! Inc.)

FF Plugin-x32: @microsoft.com/GENUINE - disabled No File

FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)

FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF Plugin-x32: @nexon.net/NxGame - C:\ProgramData\NexonUS\NGM\npNxGameUS.dll No File

FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)

FF Plugin-x32: @perfectworld.com/npArcPlayNowPlugin - C:\Program Files (x86)\Perfect World Entertainment\Arc\Plugins\npArcPluginFF.dll No File

FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll No File

FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll No File

FF Plugin-x32: @TrendMicro.com/FFExtension - C:\Program Files\Trend Micro\Titanium\UIFramework\Toolbar\firefoxextension\components\npToolbarChrome.dll No File

FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF Plugin HKCU: @nsroblox.roblox.com/launcher - C:\Users\User\AppData\Local\Roblox\Versions\version-1112937d32504d8c\\NPRobloxProxy.dll ( ROBLOX Corporation)

FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\User\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)

FF Plugin HKCU: pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)

FF Plugin HKCU: thehappycloud.com/HappyCloudPlugin - C:\ProgramData\HappyCloud\Application\npHappyCloudPlugin.dll (The Happy Cloud)

FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\safeguard-secure-search.xml

FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2014-05-12]

FF HKLM-x32\...\Firefox\Extensions: [avg@toolbar] - C:\ProgramData\AVG SafeGuard toolbar\FireFoxExt\18.1.5.514

FF Extension: AVG SafeGuard toolbar - C:\ProgramData\AVG SafeGuard toolbar\FireFoxExt\18.1.5.514 []

FF HKLM-x32\...\Firefox\Extensions: [firefox@passwordbox.com] - C:\Program Files (x86)\PasswordBox\Firefox

FF Extension: PasswordBox - C:\Program Files (x86)\PasswordBox\Firefox [2013-11-21]

 

Chrome: 

=======

CHR HomePage: hxxp://google.com/

CHR StartupUrls: "hxxp://google.com/"

CHR Extension: (Advanced SystemCare Surfing Protection) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbmegnmpleoagolcnjnejdacakedpcgd [2014-07-01]

CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-05-25]

CHR Extension: (Roblox Group Enhancer by Merely) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ddjfhkkpgfghimddaekfocbahebohdim [2014-07-02]

CHR Extension: (SoundGecko) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dnpdaiiodhbjjcfmmflmidbhgibekagi [2014-07-02]

CHR Extension: (Roblox Auto-Signature) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\hbkjblojhhiigcklodheehnlmmjpibak [2014-05-05]

CHR Extension: (AVG SafeGuard) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof [2014-07-02]

CHR Extension: (Google Wallet) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-04-27]

CHR HKCU\...\Chrome\Extension: [apdfllckaahabafndbhieahigkjlhalf] - C:\Users\User\AppData\Local\Google\Drive\apdfllckaahabafndbhieahigkjlhalf_live.crx [2014-04-27]

CHR HKCU\...\Chrome\Extension: [kjjpeodeilefdpblgopdaoojammobcaf] - C:\Users\User\AppData\Local\CRE\kjjpeodeilefdpblgopdaoojammobcaf.crx [2014-04-27]

CHR HKLM-x32\...\Chrome\Extension: [kjjpeodeilefdpblgopdaoojammobcaf] - C:\Users\User\AppData\Local\CRE\kjjpeodeilefdpblgopdaoojammobcaf.crx [2014-04-27]

CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-04-11]

CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

 

==================== Services (Whitelisted) =================

 

R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390720 2014-04-11] (Microsoft Corporation)

R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1764992 2014-04-11] (Microsoft Corporation)

R2 HitmanProScheduler; C:\Program Files\HitmanPro\hmpsched.exe [127752 2014-07-10] (SurfRight B.V.)

R2 IJPLMSVC; C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE [116104 2009-02-10] ()

R2 MbaeSvc; C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae-svc.exe [360592 2014-06-04] (Malwarebytes Corporation)

S2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2014-03-11] () [File not signed]

S3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [347872 2014-03-11] (Microsoft Corporation)

S3 npggsvc; C:\Windows\SysWOW64\GameMon.des [4784312 2013-04-23] (INCA Internet Co., Ltd.) [File not signed]

R2 NVMS-SRV-CMS; C:\Program Files (x86)\NVMS5 Standard Edition\bin\cms.exe [155136 2012-05-23] () [File not signed]

R2 NVMS-SRV-DB; C:\Program Files (x86)\NVMS5 Standard Edition\data\bin\mysqld.exe [6562432 2009-03-16] ()

R2 NVMS-SRV-NRU; C:\Program Files (x86)\NVMS5 Standard Edition\bin\nru.exe [15872 2012-05-23] () [File not signed]

R2 NVMS-SRV-VTDU; C:\Program Files (x86)\NVMS5 Standard Edition\bin\vtdu.exe [14848 2012-05-23] () [File not signed]

R2 NVMS-SRV-WATCH; C:\Program Files (x86)\NVMS5 Standard Edition\bin\watch.exe [176640 2012-03-31] () [File not signed]

R2 PasswordBox; C:\Program Files (x86)\PasswordBox\pbbtnService.exe [67584 2014-05-14] (PasswordBox, Inc.) [File not signed]

R2 vToolbarUpdater18.1.7; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.7\ToolbarUpdater.exe [1807896 2014-06-24] (AVG Secure Search)

R2 wltrysvc; C:\Program Files\Dell\DW WLAN Card\bcmwltry.exe [6292992 2012-04-26] (Dell Inc.) [File not signed]

S2 AdvancedSystemCareService7; C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASCService.exe [X]

S2 f7dc94c1; "C:\Windows\system32\rundll32.exe" "c:\progra~2\sssupp~1\AssistantSvc.dll",service

 

==================== Drivers (Whitelisted) ====================

 

S1 1551350drv; C:\Windows\System32\DRIVERS\1551350drv.sys [556632 2013-11-25] (Kaspersky Lab)

R1 avgtp; C:\Windows\system32\drivers\avgtpx64.sys [50464 2014-06-24] (AVG Technologies)

R3 bcbtums; C:\Windows\System32\drivers\bcbtums.sys [170200 2014-06-24] (Broadcom Corporation.)

R3 CirrusLFD; C:\Windows\System32\DRIVERS\CSLFDx64.sys [35328 2012-05-10] (Cirrus Logic)

R1 ESProtectionDriver; C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae64.sys [62392 2014-06-04] ()

R3 mbamchameleon; C:\Windows\system32\drivers\mbamchameleon.sys [92888 2014-07-10] (Malwarebytes Corporation)

R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [128728 2014-07-10] (Malwarebytes Corporation)

R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [100312 2014-06-24] (Intel Corporation)

R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [268512 2014-01-25] (Microsoft Corporation)

S3 netr28ux; C:\Windows\System32\DRIVERS\Dnetr28ux.sys [987648 2009-08-06] (Ralink Technology Corp.)

R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [133928 2014-03-11] (Microsoft Corporation)

R0 SmartDefragDriver; C:\Windows\System32\Drivers\SmartDefragDriver.sys [21184 2013-12-24] (IObit)

S0 86004999; system32\DRIVERS\86004999.sys [X]

S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]

S3 FileMonitor; \??\C:\Program Files (x86)\IObit\IObit Malware Fighter\Drivers\win7_amd64\FileMonitor.sys [X]

S3 hxsyol; \??\C:\AeriaGames\AuraKingdom\avital\hxsy64.sys [X]

S3 MFE_RR; \??\C:\Users\User\AppData\Local\Temp\mfe_rr.sys [X]

S3 pccsmcfd; system32\DRIVERS\pccsmcfdx64.sys [X]

S3 RegFilter; \??\C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\regfilter.sys [X]

S3 UrlFilter; \??\C:\Program Files (x86)\IObit\IObit Malware Fighter\drivers\win7_amd64\UrlFilter.sys [X]

S3 X6va012; \??\C:\Windows\SysWOW64\Drivers\X6va012 [X]

S3 X6va015; \??\C:\Windows\SysWOW64\Drivers\X6va015 [X]

S3 XFDriver64; \??\C:\Program Files (x86)\Xfire2\XFDriver64.sys [X]

S3 xhunter1; \??\C:\Windows\xhunter1.sys [X]

 

==================== NetSvcs (Whitelisted) ===================

 

 

==================== One Month Created Files and Folders ========

 

2014-07-10 21:34 - 2014-07-10 21:34 - 00028639 _____ () C:\Users\User\Downloads\FRST.txt

2014-07-10 21:33 - 2014-07-10 21:34 - 02084864 _____ (Farbar) C:\Users\User\Downloads\FRST64.exe

2014-07-10 21:22 - 2014-07-10 21:23 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)

2014-07-10 21:19 - 2014-07-10 21:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Exploit

2014-07-10 21:19 - 2014-07-10 21:19 - 00000000 ____D () C:\ProgramData\Malwarebytes Anti-Exploit

2014-07-10 21:19 - 2014-07-10 21:19 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Exploit

2014-07-10 21:18 - 2014-07-10 21:18 - 02650408 _____ (Malwarebytes ) C:\Users\User\Downloads\mbae-setup-1.03.1.1220.exe

2014-07-10 21:18 - 2014-07-10 21:18 - 00000000 ____D () C:\Users\User\Desktop\mbar

2014-07-10 21:16 - 2014-07-10 21:18 - 14349744 _____ (Malwarebytes Corp.) C:\Users\User\Downloads\mbar-1.07.0.1012 (1).exe

2014-07-10 21:15 - 2014-07-10 21:17 - 14349744 _____ (Malwarebytes Corp.) C:\Users\User\Downloads\mbar-1.07.0.1012.exe

2014-07-10 21:15 - 2014-07-10 21:15 - 00065232 _____ (Malwarebytes) C:\Users\User\Downloads\regassassin-setup-1.03.exe

2014-07-10 20:05 - 2014-07-10 20:05 - 00000834 _____ () C:\Users\User\Desktop\BitTorrent.lnk

2014-07-10 18:00 - 2014-07-10 20:45 - 00000336 _____ () C:\Windows\setupact.log

2014-07-10 18:00 - 2014-07-10 18:00 - 00000000 _____ () C:\Windows\setuperr.log

2014-07-10 15:39 - 2014-07-10 15:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Roblox

2014-07-10 15:07 - 2014-07-10 15:07 - 00025451 _____ () C:\Users\User\Documents\DDS.txt

2014-07-10 15:07 - 2014-07-10 15:07 - 00017905 _____ () C:\Users\User\Documents\Attach.txt

2014-07-10 14:49 - 2014-07-10 14:49 - 73723904 _____ () C:\Windows\system32\config\software.bdkup

2014-07-10 14:49 - 2014-07-10 14:49 - 17563648 _____ () C:\Windows\system32\config\system.bdkup

2014-07-10 13:50 - 2014-07-10 13:50 - 00025576 _____ () C:\Windows\system32\.crusader

2014-07-10 12:50 - 2014-07-10 12:50 - 00000000 ____D () C:\ProgramData\Kaspersky Lab

2014-07-10 11:55 - 2014-07-10 12:14 - 00000000 ____D () C:\ProgramData\HitmanPro

2014-07-10 11:55 - 2014-07-10 11:55 - 00001895 _____ () C:\Users\Public\Desktop\HitmanPro.lnk

2014-07-10 11:55 - 2014-07-10 11:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HitmanPro

2014-07-10 11:55 - 2014-07-10 11:55 - 00000000 ____D () C:\Program Files\HitmanPro

2014-07-10 10:23 - 2014-07-10 10:23 - 00000000 ____D () C:\Users\User\AppData\Roaming\Windows Live Writer

2014-07-10 10:23 - 2014-07-10 10:23 - 00000000 ____D () C:\Users\User\AppData\Local\Windows Live Writer

2014-07-10 10:09 - 2014-07-10 10:09 - 00003224 ____N () C:\bootsqm.dat

2014-07-10 10:07 - 2014-07-10 10:07 - 00000000 __SHD () C:\found.004

2014-07-10 04:31 - 2014-07-10 21:34 - 00000000 ____D () C:\FRST

2014-07-10 04:20 - 2014-07-10 04:20 - 00000000 ____D () C:\TDSSKiller_Quarantine

2014-07-10 03:53 - 2014-07-10 03:53 - 00000824 _____ () C:\Users\Public\Desktop\CCleaner.lnk

2014-07-10 03:53 - 2014-07-10 03:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner

2014-07-10 03:53 - 2014-07-10 03:53 - 00000000 ____D () C:\Program Files\CCleaner

2014-07-10 03:48 - 2014-07-10 03:48 - 00000000 ____D () C:\Windows\erdnt

2014-07-10 03:48 - 2014-07-10 03:48 - 00000000 ____D () C:\32788R22FWJFW

2014-07-10 03:00 - 2014-07-10 03:00 - 00000000 __SHD () C:\Windows\SysWOW64\NT Kernel

2014-07-10 02:48 - 2014-07-10 02:48 - 00000000 ____D () C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bluetooth Devices

2014-07-10 02:33 - 2014-07-10 02:33 - 00000000 ____D () C:\Program Files\ReviverSoft

2014-07-10 02:17 - 2014-07-10 02:17 - 00000000 ____D () C:\Users\User\AppData\Roaming\Process Hacker 2

2014-07-10 02:16 - 2014-07-10 02:16 - 00001843 _____ () C:\Users\User\Desktop\Process Hacker 2.lnk

2014-07-10 02:16 - 2014-07-10 02:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Process Hacker 2

2014-07-10 02:16 - 2014-07-10 02:16 - 00000000 ____D () C:\Program Files\Process Hacker 2

2014-07-10 01:50 - 2014-07-10 13:01 - 00057152 _____ () C:\Users\User\AppData\Roaming\msconfig.ini

2014-07-09 13:35 - 2014-07-09 13:35 - 00000000 _____ () C:\asc_rdflag

2014-07-09 03:05 - 2014-07-09 03:05 - 00000000 ____D () C:\4dd46bf29c26f1c43867ca6cf6ad

2014-07-09 02:36 - 2014-06-20 15:14 - 00266424 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll

2014-07-09 02:36 - 2014-06-20 14:39 - 00240824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll

2014-07-09 02:36 - 2014-06-18 20:06 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb

2014-07-09 02:36 - 2014-06-18 20:06 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll

2014-07-09 02:36 - 2014-06-18 19:42 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll

2014-07-09 02:36 - 2014-06-18 19:41 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll

2014-07-09 02:36 - 2014-06-18 19:31 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll

2014-07-09 02:36 - 2014-06-18 19:24 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe

2014-07-09 02:36 - 2014-06-18 19:16 - 17276416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll

2014-07-09 02:36 - 2014-06-18 19:09 - 00452608 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll

2014-07-09 02:36 - 2014-06-18 18:59 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll

2014-07-09 02:36 - 2014-06-18 18:56 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb

2014-07-09 02:36 - 2014-06-18 18:39 - 00608768 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe

2014-07-09 02:36 - 2014-06-18 18:37 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll

2014-07-09 02:36 - 2014-06-18 18:36 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll

2014-07-09 02:36 - 2014-06-18 18:33 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll

2014-07-09 02:36 - 2014-06-18 18:32 - 02179072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll

2014-07-09 02:36 - 2014-06-18 18:28 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll

2014-07-09 02:36 - 2014-06-18 18:28 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll

2014-07-09 02:36 - 2014-06-18 18:25 - 00442368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll

2014-07-09 02:36 - 2014-06-18 18:22 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll

2014-07-09 02:36 - 2014-06-18 18:12 - 00367616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll

2014-07-09 02:36 - 2014-06-18 18:06 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll

2014-07-09 02:36 - 2014-06-18 17:59 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll

2014-07-09 02:36 - 2014-06-18 17:58 - 00239616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll

2014-07-09 02:36 - 2014-06-18 17:49 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll

2014-07-09 02:36 - 2014-06-18 17:45 - 01964544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl

2014-07-09 02:36 - 2014-06-18 17:35 - 11742208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll

2014-07-09 02:36 - 2014-06-18 17:34 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll

2014-07-09 02:36 - 2014-06-18 17:09 - 01139200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll

2014-07-09 02:36 - 2014-06-17 21:18 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe

2014-07-09 02:36 - 2014-06-17 20:51 - 00646144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\osk.exe

2014-07-09 02:36 - 2014-06-17 20:10 - 03157504 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys

2014-07-09 02:36 - 2014-06-06 05:10 - 00624128 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll

2014-07-09 02:36 - 2014-06-06 04:44 - 00509440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll

2014-07-09 02:36 - 2014-05-30 03:08 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll

2014-07-09 02:36 - 2014-05-30 03:08 - 00340992 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll

2014-07-09 02:36 - 2014-05-30 03:08 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll

2014-07-09 02:36 - 2014-05-30 03:08 - 00307200 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll

2014-07-09 02:36 - 2014-05-30 03:08 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll

2014-07-09 02:36 - 2014-05-30 03:08 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll

2014-07-09 02:36 - 2014-05-30 03:08 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll

2014-07-09 02:36 - 2014-05-30 02:52 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll

2014-07-09 02:36 - 2014-05-30 02:52 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll

2014-07-09 02:36 - 2014-05-30 02:52 - 00247808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll

2014-07-09 02:36 - 2014-05-30 02:52 - 00220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll

2014-07-09 02:36 - 2014-05-30 02:52 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll

2014-07-09 02:36 - 2014-05-30 02:52 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll

2014-07-09 02:36 - 2014-05-30 02:52 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll

2014-07-09 02:36 - 2014-05-30 01:45 - 00497152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys

2014-07-09 02:35 - 2014-06-18 20:39 - 23464448 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll

2014-07-09 02:35 - 2014-06-18 19:48 - 02768384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll

2014-07-09 02:35 - 2014-06-18 19:42 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll

2014-07-09 02:35 - 2014-06-18 19:41 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll

2014-07-09 02:35 - 2014-06-18 19:32 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll

2014-07-09 02:35 - 2014-06-18 19:26 - 00598016 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll

2014-07-09 02:35 - 2014-06-18 19:24 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe

2014-07-09 02:35 - 2014-06-18 19:23 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll

2014-07-09 02:35 - 2014-06-18 19:14 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe

2014-07-09 02:35 - 2014-06-18 18:53 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll

2014-07-09 02:35 - 2014-06-18 18:51 - 05721088 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll

2014-07-09 02:35 - 2014-06-18 18:50 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll

2014-07-09 02:35 - 2014-06-18 18:48 - 00292864 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll

2014-07-09 02:35 - 2014-06-18 18:38 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll

2014-07-09 02:35 - 2014-06-18 18:35 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll

2014-07-09 02:35 - 2014-06-18 18:27 - 02040832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl

2014-07-09 02:35 - 2014-06-18 18:27 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll

2014-07-09 02:35 - 2014-06-18 18:23 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe

2014-07-09 02:35 - 2014-06-18 18:01 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll

2014-07-09 02:35 - 2014-06-18 17:58 - 02266112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll

2014-07-09 02:35 - 2014-06-18 17:52 - 04254720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll

2014-07-09 02:35 - 2014-06-18 17:51 - 13527040 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll

2014-07-09 02:35 - 2014-06-18 17:46 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll

2014-07-09 02:35 - 2014-06-18 17:15 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll

2014-07-09 02:35 - 2014-06-18 17:13 - 01791488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll

2014-07-09 02:35 - 2014-06-18 17:07 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll

2014-07-09 02:35 - 2014-06-05 09:45 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll

2014-07-09 02:35 - 2014-06-05 09:26 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll

2014-07-09 02:35 - 2014-06-05 09:25 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll

2014-07-03 20:10 - 2014-07-03 20:10 - 00000000 __SHD () C:\found.003

2014-07-03 02:33 - 2014-07-03 02:33 - 00001053 _____ () C:\Users\User\Desktop\Notepad++.lnk

2014-07-03 02:33 - 2014-07-03 02:33 - 00000000 ____D () C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Notepad++

2014-07-03 02:33 - 2014-07-03 02:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++

2014-07-01 10:26 - 2014-07-10 03:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Game Assistant

2014-07-01 08:58 - 2014-07-01 08:58 - 00939224 _____ (Realtek ) C:\Windows\system32\Drivers\Rt64win7.sys

2014-07-01 08:58 - 2014-07-01 08:58 - 00073800 _____ (Realtek Semiconductor Corporation) C:\Windows\system32\RtNicProp64.dll

2014-07-01 03:16 - 2014-07-01 03:16 - 00001120 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Media Encoder CC 2014.lnk

2014-07-01 01:19 - 2014-07-01 01:19 - 00000000 ___RD () C:\Users\User\Creative Cloud Files

2014-06-27 21:50 - 2014-06-27 22:12 - 00000000 ____D () C:\Fraps

2014-06-27 21:50 - 2014-06-27 21:50 - 00000574 _____ () C:\Users\User\Desktop\Fraps.lnk

2014-06-27 21:50 - 2014-06-27 21:50 - 00000000 ____D () C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Fraps

2014-06-26 22:28 - 2014-06-26 22:28 - 00000000 ____D () C:\Users\User\AppData\Roaming\No Company Name

2014-06-26 21:43 - 2014-06-26 21:43 - 00001040 _____ () C:\Users\Public\Desktop\Vegas Pro 13.0 (64-bit).lnk

2014-06-26 21:43 - 2014-06-26 21:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sony

2014-06-26 21:42 - 2014-06-26 21:42 - 00000000 ____D () C:\Program Files\Sony

2014-06-26 21:42 - 2014-06-26 21:42 - 00000000 ____D () C:\Program Files (x86)\Sony

2014-06-26 17:45 - 2014-06-26 17:45 - 00003164 _____ () C:\Windows\System32\Tasks\SmartDefrag3_Startup

2014-06-26 17:42 - 2014-06-26 17:42 - 00003356 _____ () C:\Windows\System32\Tasks\EnergoTech Update

2014-06-26 17:42 - 2014-06-26 17:42 - 00000000 ____D () C:\ProgramData\EnergoTech

2014-06-26 13:35 - 2014-07-01 10:38 - 00000000 ____D () C:\ProgramData\TechSmith

2014-06-25 21:54 - 2014-06-25 21:54 - 00000000 ____D () C:\Users\User\AppData\Roaming\StormFall

2014-06-25 21:54 - 2014-06-25 21:54 - 00000000 ____D () C:\Users\User\AppData\Local\StormFall

2014-06-25 18:35 - 2014-06-25 18:35 - 00005053 _____ () C:\ProgramData\hwjqxkkr.zva

2014-06-25 18:35 - 2014-06-25 18:35 - 00000000 ____D () C:\Users\User\AppData\Roaming\MOVAVI

2014-06-25 18:35 - 2014-06-25 18:35 - 00000000 ____D () C:\Users\User\AppData\Local\Movavi

2014-06-25 18:32 - 2014-06-25 21:02 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Movavi Screen Capture Studio 5

2014-06-25 15:46 - 2014-06-25 15:46 - 00000000 ____D () C:\ProgramData\BlueStacks

2014-06-25 15:44 - 2014-06-25 15:44 - 00000000 ____D () C:\Users\User\Documents\NewBlueFX

2014-06-25 14:56 - 2014-06-28 23:43 - 00000000 ____D () C:\Users\User\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant

2014-06-25 14:41 - 2014-06-25 14:41 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\48230029.sys

2014-06-24 17:04 - 2014-07-10 03:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Malware Fighter

2014-06-24 16:51 - 2014-06-24 16:51 - 09889352 _____ (Realtek Semiconductor Corp.) C:\Windows\SysWOW64\RsCRIcon.dll

2014-06-24 16:51 - 2014-06-24 16:51 - 00271064 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RtsUStor.sys

2014-06-24 16:50 - 2014-06-24 16:50 - 00170200 _____ (Broadcom Corporation.) C:\Windows\system32\Drivers\bcbtums.sys

2014-06-24 16:50 - 2014-06-24 16:50 - 00057270 _____ () C:\Windows\system32\Drivers\BCM43142A0_001.001.011.0161.0177.hex

2014-06-24 16:50 - 2014-06-24 16:50 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_TeeDriverx64_01011.Wdf

2014-06-24 16:49 - 2014-06-24 16:49 - 01795952 _____ (Microsoft Corporation) C:\Windows\system32\WdfCoInstaller01011.dll

2014-06-24 16:49 - 2014-06-24 16:49 - 00100312 _____ (Intel Corporation) C:\Windows\system32\Drivers\TeeDriverx64.sys

2014-06-24 16:34 - 2014-06-24 16:34 - 00003170 _____ () C:\Windows\System32\Tasks\SmartDefrag3_Update

2014-06-24 16:33 - 2014-06-24 16:33 - 00002860 _____ () C:\Windows\System32\Tasks\Driver Booster SkipUAC (SYSTEM)

2014-06-24 16:26 - 2013-11-19 16:52 - 00034080 _____ (IObit) C:\Windows\system32\SmartDefragBootTime.exe

2014-06-24 16:25 - 2014-07-10 03:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Smart Defrag 3

2014-06-24 16:25 - 2014-07-10 03:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Booster

2014-06-24 16:25 - 2014-06-24 16:33 - 00003220 _____ () C:\Windows\System32\Tasks\Driver Booster Scan

2014-06-24 16:25 - 2014-06-24 16:33 - 00003164 _____ () C:\Windows\System32\Tasks\Driver Booster Update

2014-06-24 16:25 - 2014-06-24 16:25 - 00002852 _____ () C:\Windows\System32\Tasks\Driver Booster SkipUAC (User)

2014-06-24 16:25 - 2014-03-10 18:17 - 00128288 _____ (IObit) C:\Windows\system32\IObitSmartDefragExtension.dll20140624163407.dll

2014-06-24 16:25 - 2014-03-10 18:17 - 00128288 _____ (IObit) C:\Windows\system32\IObitSmartDefragExtension.dll20140624162611.dll

2014-06-24 16:25 - 2014-03-10 18:17 - 00128288 _____ (IObit) C:\Windows\system32\IObitSmartDefragExtension.dll

2014-06-24 16:25 - 2013-12-24 10:40 - 00021184 _____ (IObit) C:\Windows\system32\Drivers\SmartDefragDriver.sys

2014-06-24 11:41 - 2014-06-24 11:41 - 00000000 ____D () C:\ProgramData\AVG Secure Search

2014-06-18 12:25 - 2014-06-18 12:25 - 00000222 _____ () C:\Users\User\Desktop\Soldier Front 2.url

2014-06-18 09:58 - 2014-07-10 02:49 - 00000000 ____D () C:\Users\User\AppData\Local\Adobe

2014-06-17 22:09 - 2014-07-10 21:22 - 00128728 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys

2014-06-17 22:08 - 2014-07-10 03:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware

2014-06-17 22:07 - 2014-07-10 21:18 - 00092888 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys

2014-06-17 22:07 - 2014-07-10 03:39 - 00000000 ____D () C:\Program Files (x86)\winlogon.exe

2014-06-17 22:07 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys

2014-06-17 21:55 - 2014-06-17 21:55 - 00000604 _____ () C:\Users\User\Documents\MC instruc.txt

2014-06-16 21:48 - 2014-06-16 21:50 - 01557060 _____ (TeamExtreme) C:\Users\User\Desktop\Minecraft.exe

2014-06-16 21:10 - 2014-07-10 14:51 - 00000000 ____D () C:\Program Files (x86)\ss Supporter

2014-06-16 21:10 - 2014-06-27 12:10 - 00000000 ____D () C:\ProgramData\MySearch

2014-06-16 21:10 - 2014-06-18 19:12 - 00000000 ____D () C:\ProgramData\Appday software

2014-06-16 21:09 - 2014-06-27 12:10 - 00000000 ____D () C:\ProgramData\Downoload keaEper

2014-06-16 21:09 - 2014-06-27 12:10 - 00000000 ____D () C:\ProgramData\Adblocker

2014-06-16 21:09 - 2014-06-17 22:32 - 00000000 ____D () C:\ProgramData\77e9934e1b4ae1eb

2014-06-16 21:09 - 2014-06-17 22:32 - 00000000 ____D () C:\Program Files (x86)\Adblocker

2014-06-16 21:09 - 2014-06-17 22:30 - 00000000 ____D () C:\Program Files (x86)\Downoload keaEper

2014-06-16 21:09 - 2014-06-16 21:09 - 00000000 ____D () C:\Users\User\AppData\Local\Packages

2014-06-16 21:09 - 2014-06-16 21:09 - 00000000 ____D () C:\Users\User\AppData\Local\Chromatic Browser

2014-06-16 21:08 - 2014-06-17 22:17 - 00000000 ____D () C:\Users\User\AppData\Roaming\SkypEmoticons

2014-06-16 21:08 - 2014-06-16 21:10 - 00000000 ____D () C:\ProgramData\InstallMate

2014-06-16 21:08 - 2014-06-16 21:08 - 00000000 ____D () C:\Users\User\AppData\Local\Torch

2014-06-16 21:08 - 2014-06-16 21:08 - 00000000 ____D () C:\Users\User\AppData\Local\Comodo

2014-06-16 21:08 - 2014-06-16 21:08 - 00000000 ____D () C:\Users\Guest\AppData\Local\Torch

2014-06-16 21:08 - 2014-06-16 21:08 - 00000000 ____D () C:\Users\Guest\AppData\Local\Google

2014-06-16 21:08 - 2014-06-16 21:08 - 00000000 ____D () C:\Users\Guest\AppData\Local\Comodo

2014-06-16 21:08 - 2014-06-16 21:08 - 00000000 ____D () C:\Users\Guest\AppData\Local\Chromatic Browser

2014-06-16 21:08 - 2014-06-16 21:08 - 00000000 ____D () C:\Users\Guest

2014-06-16 21:08 - 2014-06-16 21:08 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Torch

2014-06-16 21:08 - 2014-06-16 21:08 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Google

2014-06-16 21:08 - 2014-06-16 21:08 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Comodo

2014-06-16 21:08 - 2014-06-16 21:08 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Chromatic Browser

2014-06-16 21:08 - 2014-06-16 21:08 - 00000000 ____D () C:\Users\Administrator

2014-06-11 11:46 - 2014-05-08 04:32 - 03178496 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll

2014-06-11 11:46 - 2014-05-08 04:32 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\RdpGroupPolicyExtension.dll

2014-06-11 11:46 - 2014-04-24 21:34 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll

2014-06-11 11:46 - 2014-04-24 21:06 - 00626688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll

2014-06-11 11:46 - 2014-04-04 21:47 - 01903552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys

2014-06-11 11:46 - 2014-04-04 21:47 - 00288192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS

2014-06-11 11:46 - 2014-03-26 09:44 - 02002432 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll

2014-06-11 11:46 - 2014-03-26 09:44 - 01882112 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll

2014-06-11 11:46 - 2014-03-26 09:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll

2014-06-11 11:46 - 2014-03-26 09:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll

2014-06-11 11:46 - 2014-03-26 09:27 - 01389056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll

2014-06-11 11:46 - 2014-03-26 09:27 - 01237504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll

2014-06-11 11:46 - 2014-03-26 09:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll

2014-06-11 11:46 - 2014-03-26 09:25 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll

2014-06-10 17:34 - 2014-07-10 13:50 - 00000000 ____D () C:\Users\User\Downloads\[Fuwanovel] Yandere

2014-06-10 00:48 - 2014-06-10 15:05 - 00005486 _____ () C:\Users\User\Downloads\[Fuwanovel] Yandere.torrent

 

==================== One Month Modified Files and Folders =======

 

2014-07-10 21:35 - 2014-07-10 21:34 - 00028639 _____ () C:\Users\User\Downloads\FRST.txt

2014-07-10 21:34 - 2014-07-10 21:33 - 02084864 _____ (Farbar) C:\Users\User\Downloads\FRST64.exe

2014-07-10 21:34 - 2014-07-10 04:31 - 00000000 ____D () C:\FRST

2014-07-10 21:34 - 2014-04-13 12:48 - 00000000 ____D () C:\Users\User\AppData\Roaming\BitTorrent

2014-07-10 21:23 - 2014-07-10 21:22 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)

2014-07-10 21:22 - 2014-06-17 22:09 - 00128728 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys

2014-07-10 21:19 - 2014-07-10 21:19 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Exploit

2014-07-10 21:19 - 2014-07-10 21:19 - 00000000 ____D () C:\ProgramData\Malwarebytes Anti-Exploit

2014-07-10 21:19 - 2014-07-10 21:19 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Exploit

2014-07-10 21:18 - 2014-07-10 21:18 - 02650408 _____ (Malwarebytes ) C:\Users\User\Downloads\mbae-setup-1.03.1.1220.exe

2014-07-10 21:18 - 2014-07-10 21:18 - 00000000 ____D () C:\Users\User\Desktop\mbar

2014-07-10 21:18 - 2014-07-10 21:16 - 14349744 _____ (Malwarebytes Corp.) C:\Users\User\Downloads\mbar-1.07.0.1012 (1).exe

2014-07-10 21:18 - 2014-06-17 22:07 - 00092888 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys

2014-07-10 21:17 - 2014-07-10 21:15 - 14349744 _____ (Malwarebytes Corp.) C:\Users\User\Downloads\mbar-1.07.0.1012.exe

2014-07-10 21:15 - 2014-07-10 21:15 - 00065232 _____ (Malwarebytes) C:\Users\User\Downloads\regassassin-setup-1.03.exe

2014-07-10 20:53 - 2009-07-13 23:45 - 00021312 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

2014-07-10 20:53 - 2009-07-13 23:45 - 00021312 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

2014-07-10 20:48 - 2014-05-14 17:04 - 00000000 ___RD () C:\Users\User\Dropbox

2014-07-10 20:48 - 2014-05-14 16:55 - 00000000 ____D () C:\Users\User\AppData\Roaming\DropboxMaster

2014-07-10 20:48 - 2014-05-14 16:53 - 00000000 ____D () C:\Users\User\AppData\Roaming\Dropbox

2014-07-10 20:46 - 2013-08-19 16:24 - 00000000 ___RD () C:\Users\User\SkyDrive

2014-07-10 20:45 - 2014-07-10 18:00 - 00000336 _____ () C:\Windows\setupact.log

2014-07-10 20:05 - 2014-07-10 20:05 - 00000834 _____ () C:\Users\User\Desktop\BitTorrent.lnk

2014-07-10 20:05 - 2014-04-13 12:48 - 00000814 _____ () C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\BitTorrent.lnk

2014-07-10 18:00 - 2014-07-10 18:00 - 00000000 _____ () C:\Windows\setuperr.log

2014-07-10 15:39 - 2014-07-10 15:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Roblox

2014-07-10 15:07 - 2014-07-10 15:07 - 00025451 _____ () C:\Users\User\Documents\DDS.txt

2014-07-10 15:07 - 2014-07-10 15:07 - 00017905 _____ () C:\Users\User\Documents\Attach.txt

2014-07-10 14:59 - 2013-11-26 17:14 - 00000000 ____D () C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam

2014-07-10 14:59 - 2013-07-10 21:57 - 00000000 ____D () C:\Program Files (x86)\Steam

2014-07-10 14:51 - 2014-06-16 21:10 - 00000000 ____D () C:\Program Files (x86)\ss Supporter

2014-07-10 14:49 - 2014-07-10 14:49 - 73723904 _____ () C:\Windows\system32\config\software.bdkup

2014-07-10 14:49 - 2014-07-10 14:49 - 17563648 _____ () C:\Windows\system32\config\system.bdkup

2014-07-10 13:57 - 2013-11-25 13:18 - 00000000 ____D () C:\Windows\Minidump

2014-07-10 13:50 - 2014-07-10 13:50 - 00025576 _____ () C:\Windows\system32\.crusader

2014-07-10 13:50 - 2014-06-10 17:34 - 00000000 ____D () C:\Users\User\Downloads\[Fuwanovel] Yandere

2014-07-10 13:30 - 2014-03-28 20:46 - 00000000 ____D () C:\Program Files (x86)\osu!

2014-07-10 13:09 - 2013-06-26 22:24 - 00000000 ____D () C:\Users\User\AppData\Roaming\Skype

2014-07-10 13:01 - 2014-07-10 01:50 - 00057152 _____ () C:\Users\User\AppData\Roaming\msconfig.ini

2014-07-10 12:50 - 2014-07-10 12:50 - 00000000 ____D () C:\ProgramData\Kaspersky Lab

2014-07-10 12:14 - 2014-07-10 11:55 - 00000000 ____D () C:\ProgramData\HitmanPro

2014-07-10 12:11 - 2013-11-25 15:57 - 00002198 _____ () C:\Windows\epplauncher.mif

2014-07-10 11:55 - 2014-07-10 11:55 - 00001895 _____ () C:\Users\Public\Desktop\HitmanPro.lnk

2014-07-10 11:55 - 2014-07-10 11:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HitmanPro

2014-07-10 11:55 - 2014-07-10 11:55 - 00000000 ____D () C:\Program Files\HitmanPro

2014-07-10 10:23 - 2014-07-10 10:23 - 00000000 ____D () C:\Users\User\AppData\Roaming\Windows Live Writer

2014-07-10 10:23 - 2014-07-10 10:23 - 00000000 ____D () C:\Users\User\AppData\Local\Windows Live Writer

2014-07-10 10:22 - 2013-10-05 23:00 - 00000000 ____D () C:\Users\User\AppData\Local\Windows Live

2014-07-10 10:09 - 2014-07-10 10:09 - 00003224 ____N () C:\bootsqm.dat

2014-07-10 10:07 - 2014-07-10 10:07 - 00000000 __SHD () C:\found.004

2014-07-10 04:20 - 2014-07-10 04:20 - 00000000 ____D () C:\TDSSKiller_Quarantine

2014-07-10 04:06 - 2013-08-08 14:07 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes' Anti-Malware

2014-07-10 03:59 - 2014-07-01 10:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Game Assistant

2014-07-10 03:59 - 2014-06-24 17:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IObit Malware Fighter

2014-07-10 03:59 - 2014-06-24 16:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Smart Defrag 3

2014-07-10 03:59 - 2014-06-24 16:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Booster

2014-07-10 03:59 - 2014-06-17 22:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware

2014-07-10 03:59 - 2014-01-04 15:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced SystemCare 7

2014-07-10 03:58 - 2014-05-04 18:19 - 00000000 ____D () C:\Users\User\AppData\Local\CrashDumps

2014-07-10 03:53 - 2014-07-10 03:53 - 00000824 _____ () C:\Users\Public\Desktop\CCleaner.lnk

2014-07-10 03:53 - 2014-07-10 03:53 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner

2014-07-10 03:53 - 2014-07-10 03:53 - 00000000 ____D () C:\Program Files\CCleaner

2014-07-10 03:48 - 2014-07-10 03:48 - 00000000 ____D () C:\Windows\erdnt

2014-07-10 03:48 - 2014-07-10 03:48 - 00000000 ____D () C:\32788R22FWJFW

2014-07-10 03:39 - 2014-06-17 22:07 - 00000000 ____D () C:\Program Files (x86)\winlogon.exe

2014-07-10 03:18 - 2013-06-26 21:36 - 00000000 ____D () C:\Users\User\AppData\Roaming\Adobe

2014-07-10 03:18 - 2013-02-26 23:48 - 00000000 ____D () C:\Program Files (x86)\Adobe

2014-07-10 03:16 - 2013-10-05 23:28 - 00000000 ____D () C:\Program Files\Adobe

2014-07-10 03:16 - 2013-07-02 09:48 - 00000000 ____D () C:\Program Files\Common Files\Adobe

2014-07-10 03:00 - 2014-07-10 03:00 - 00000000 __SHD () C:\Windows\SysWOW64\NT Kernel

2014-07-10 02:49 - 2014-06-18 09:58 - 00000000 ____D () C:\Users\User\AppData\Local\Adobe

2014-07-10 02:48 - 2014-07-10 02:48 - 00000000 ____D () C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bluetooth Devices

2014-07-10 02:33 - 2014-07-10 02:33 - 00000000 ____D () C:\Program Files\ReviverSoft

2014-07-10 02:17 - 2014-07-10 02:17 - 00000000 ____D () C:\Users\User\AppData\Roaming\Process Hacker 2

2014-07-10 02:16 - 2014-07-10 02:16 - 00001843 _____ () C:\Users\User\Desktop\Process Hacker 2.lnk

2014-07-10 02:16 - 2014-07-10 02:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Process Hacker 2

2014-07-10 02:16 - 2014-07-10 02:16 - 00000000 ____D () C:\Program Files\Process Hacker 2

2014-07-10 01:30 - 2013-11-30 20:05 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job

2014-07-10 01:14 - 2013-02-26 22:58 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job

2014-07-10 00:57 - 2014-05-03 17:49 - 00000386 _____ () C:\Windows\Tasks\update-sys.job

2014-07-10 00:01 - 2013-12-08 19:22 - 00000000 _____ () C:\dfu.log

2014-07-09 23:47 - 2014-05-03 17:49 - 00000386 _____ () C:\Windows\Tasks\update-S-1-5-21-2278122046-1784014762-222765858-1000.job

2014-07-09 21:39 - 2013-06-26 21:39 - 00001208 _____ () C:\Windows\Tasks\Trusted Saver-codedownloader.job

2014-07-09 21:39 - 2013-06-26 21:39 - 00001204 _____ () C:\Windows\Tasks\Trusted Saver-updater.job

2014-07-09 21:39 - 2013-06-26 21:39 - 00001108 _____ () C:\Windows\Tasks\Trusted Saver-enabler.job

2014-07-09 18:30 - 2013-11-30 20:05 - 00000890 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job

2014-07-09 13:36 - 2009-07-14 00:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT

2014-07-09 13:35 - 2014-07-09 13:35 - 00000000 _____ () C:\asc_rdflag

2014-07-09 13:35 - 2014-01-05 13:20 - 73723904 _____ () C:\Windows\system32\config\software.iodefrag.bak

2014-07-09 13:35 - 2014-01-05 13:20 - 00233472 _____ () C:\Windows\system32\config\default.iodefrag.bak

2014-07-09 13:35 - 2014-01-05 13:20 - 00061440 _____ () C:\Windows\system32\config\sam.iodefrag.bak

2014-07-09 13:35 - 2014-01-05 13:20 - 00024576 _____ () C:\Windows\system32\config\security.iodefrag.bak

2014-07-09 10:42 - 2009-07-13 23:45 - 08149000 _____ () C:\Windows\system32\FNTCACHE.DAT

2014-07-09 10:38 - 2010-11-21 02:17 - 00000000 ____D () C:\Program Files\Windows Journal

2014-07-09 10:38 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\SysWOW64\Dism

2014-07-09 10:38 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\system32\Dism

2014-07-09 10:28 - 2014-01-04 15:35 - 00000000 ____D () C:\ProgramData\ProductData

2014-07-09 03:05 - 2014-07-09 03:05 - 00000000 ____D () C:\4dd46bf29c26f1c43867ca6cf6ad

2014-07-09 03:05 - 2013-09-30 18:29 - 96441528 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe

2014-07-09 03:05 - 2013-09-30 18:29 - 00000000 ____D () C:\Windows\system32\MRT

2014-07-08 22:14 - 2013-02-26 22:58 - 00699056 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe

2014-07-08 22:14 - 2013-02-26 22:58 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl

2014-07-08 22:14 - 2013-02-26 22:58 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater

2014-07-08 17:19 - 2014-05-17 11:33 - 00000000 ____D () C:\ProgramData\CanonIJPLM

2014-07-08 17:06 - 2014-05-17 12:14 - 00000000 ____D () C:\ProgramData\CanonIJ

2014-07-08 17:06 - 2013-10-19 18:57 - 00000000 ____D () C:\Users\User\Documents\Adobe

2014-07-08 17:02 - 2009-07-14 00:13 - 00798066 _____ () C:\Windows\system32\PerfStringBackup.INI

2014-07-08 12:11 - 2013-08-07 19:20 - 00000000 ___HD () C:\Windows\msdownld.tmp

2014-07-05 11:23 - 2013-09-20 21:51 - 00000000 ____D () C:\Users\User\Documents\ROBLOX

2014-07-05 00:59 - 2013-06-26 21:32 - 00119600 _____ () C:\Users\User\AppData\Local\GDIPFONTCACHEV1.DAT

2014-07-03 20:10 - 2014-07-03 20:10 - 00000000 __SHD () C:\found.003

2014-07-03 02:35 - 2013-08-24 22:19 - 00000000 ____D () C:\Users\User\AppData\Roaming\Notepad++

2014-07-03 02:33 - 2014-07-03 02:33 - 00001053 _____ () C:\Users\User\Desktop\Notepad++.lnk

2014-07-03 02:33 - 2014-07-03 02:33 - 00000000 ____D () C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Notepad++

2014-07-03 02:33 - 2014-07-03 02:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++

2014-07-03 02:33 - 2013-08-24 22:19 - 00000000 ____D () C:\Program Files (x86)\Notepad++

2014-07-02 00:06 - 2013-07-02 10:49 - 00000000 ____D () C:\ProgramData\regid.1986-12.com.adobe

2014-07-01 22:29 - 2014-01-03 03:17 - 00000000 ____D () C:\Users\User\AppData\Roaming\Publish Providers

2014-07-01 21:34 - 2013-11-21 18:19 - 00000000 ____D () C:\Program Files (x86)\PasswordBox

2014-07-01 20:34 - 2013-12-15 11:02 - 00000000 ____D () C:\Users\User\Incomplete

2014-07-01 20:30 - 2013-12-15 11:00 - 00000000 ____D () C:\Users\User\AppData\Roaming\MP3Rocket

2014-07-01 16:39 - 2013-06-26 23:15 - 00000000 ____D () C:\Users\User\AppData\Local\Roblox

2014-07-01 10:49 - 2014-01-04 15:35 - 00000000 ____D () C:\ProgramData\IObit

2014-07-01 10:46 - 2013-02-26 23:45 - 00000000 ____D () C:\Windows\PCHEALTH

2014-07-01 10:38 - 2014-06-26 13:35 - 00000000 ____D () C:\ProgramData\TechSmith

2014-07-01 10:24 - 2014-01-04 15:35 - 00000000 ____D () C:\Program Files (x86)\IObit

2014-07-01 10:24 - 2014-01-04 15:34 - 00000000 ____D () C:\Users\User\AppData\Roaming\IObit

2014-07-01 08:58 - 2014-07-01 08:58 - 00939224 _____ (Realtek ) C:\Windows\system32\Drivers\Rt64win7.sys

2014-07-01 08:58 - 2014-07-01 08:58 - 00073800 _____ (Realtek Semiconductor Corporation) C:\Windows\system32\RtNicProp64.dll

2014-07-01 08:58 - 2013-02-27 00:20 - 00107552 _____ (Realtek Semiconductor Corporation) C:\Windows\system32\RTNUninst64.dll

2014-07-01 03:16 - 2014-07-01 03:16 - 00001120 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Media Encoder CC 2014.lnk

2014-07-01 02:32 - 2013-12-23 14:22 - 00000000 ____D () C:\ProgramData\Package Cache

2014-07-01 01:19 - 2014-07-01 01:19 - 00000000 ___RD () C:\Users\User\Creative Cloud Files

2014-06-28 23:43 - 2014-06-25 14:56 - 00000000 ____D () C:\Users\User\AppData\Roaming\com.adobe.downloadassistant.AdobeDownloadAssistant

2014-06-27 22:12 - 2014-06-27 21:50 - 00000000 ____D () C:\Fraps

2014-06-27 21:50 - 2014-06-27 21:50 - 00000574 _____ () C:\Users\User\Desktop\Fraps.lnk

2014-06-27 21:50 - 2014-06-27 21:50 - 00000000 ____D () C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Fraps

2014-06-27 19:01 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\PLA

2014-06-27 12:10 - 2014-06-16 21:10 - 00000000 ____D () C:\ProgramData\MySearch

2014-06-27 12:10 - 2014-06-16 21:09 - 00000000 ____D () C:\ProgramData\Downoload keaEper

2014-06-27 12:10 - 2014-06-16 21:09 - 00000000 ____D () C:\ProgramData\Adblocker

2014-06-27 00:30 - 2013-12-15 03:12 - 00000408 _____ () C:\Users\User\AppData\Roaming\CamShapes.ini

2014-06-27 00:30 - 2013-12-15 03:12 - 00000408 _____ () C:\Users\User\AppData\Roaming\CamLayout.ini

2014-06-27 00:30 - 2013-12-15 03:12 - 00000100 _____ () C:\Users\User\AppData\Roaming\Camdata.ini

2014-06-27 00:30 - 2013-12-15 02:32 - 00004550 _____ () C:\Users\User\AppData\Roaming\CamStudio.cfg

2014-06-27 00:28 - 2013-12-15 02:21 - 00000096 _____ () C:\Users\User\AppData\Roaming\version2.xml

2014-06-27 00:05 - 2013-06-26 22:17 - 00001190 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Paint.NET.lnk

2014-06-27 00:05 - 2013-06-26 22:17 - 00001178 _____ () C:\Users\Public\Desktop\Paint.NET.lnk

2014-06-27 00:04 - 2013-06-26 22:17 - 00000000 ____D () C:\Program Files\Paint.NET

2014-06-26 23:24 - 2013-08-31 01:10 - 00000000 ____D () C:\Users\User\AppData\Roaming\Sony

2014-06-26 22:28 - 2014-06-26 22:28 - 00000000 ____D () C:\Users\User\AppData\Roaming\No Company Name

2014-06-26 21:44 - 2014-05-03 17:45 - 00013708 _____ () C:\Windows\system32\--traceoff

2014-06-26 21:43 - 2014-06-26 21:43 - 00001040 _____ () C:\Users\Public\Desktop\Vegas Pro 13.0 (64-bit).lnk

2014-06-26 21:43 - 2014-06-26 21:43 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sony

2014-06-26 21:42 - 2014-06-26 21:42 - 00000000 ____D () C:\Program Files\Sony

2014-06-26 21:42 - 2014-06-26 21:42 - 00000000 ____D () C:\Program Files (x86)\Sony

2014-06-26 21:42 - 2013-12-15 03:11 - 00000000 ____D () C:\ProgramData\Sony

2014-06-26 17:45 - 2014-06-26 17:45 - 00003164 _____ () C:\Windows\System32\Tasks\SmartDefrag3_Startup

2014-06-26 17:42 - 2014-06-26 17:42 - 00003356 _____ () C:\Windows\System32\Tasks\EnergoTech Update

2014-06-26 17:42 - 2014-06-26 17:42 - 00000000 ____D () C:\ProgramData\EnergoTech

2014-06-26 16:41 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\system

2014-06-26 12:57 - 2013-07-02 13:34 - 00000000 __SHD () C:\Windows\SysWOW64\AI_RecycleBin

2014-06-26 12:39 - 2013-02-26 23:17 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information

2014-06-25 22:34 - 2014-05-10 23:34 - 00000000 ____D () C:\Program Files (x86)\OBS

2014-06-25 21:54 - 2014-06-25 21:54 - 00000000 ____D () C:\Users\User\AppData\Roaming\StormFall

2014-06-25 21:54 - 2014-06-25 21:54 - 00000000 ____D () C:\Users\User\AppData\Local\StormFall

2014-06-25 21:02 - 2014-06-25 18:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Movavi Screen Capture Studio 5

2014-06-25 18:35 - 2014-06-25 18:35 - 00005053 _____ () C:\ProgramData\hwjqxkkr.zva

2014-06-25 18:35 - 2014-06-25 18:35 - 00000000 ____D () C:\Users\User\AppData\Roaming\MOVAVI

2014-06-25 18:35 - 2014-06-25 18:35 - 00000000 ____D () C:\Users\User\AppData\Local\Movavi

2014-06-25 15:46 - 2014-06-25 15:46 - 00000000 ____D () C:\ProgramData\BlueStacks

2014-06-25 15:44 - 2014-06-25 15:44 - 00000000 ____D () C:\Users\User\Documents\NewBlueFX

2014-06-25 15:44 - 2013-02-26 23:48 - 00000000 ____D () C:\ProgramData\Adobe

2014-06-25 14:41 - 2014-06-25 14:41 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\48230029.sys

2014-06-24 16:52 - 2013-02-27 00:20 - 00107552 _____ (Realtek Semiconductor Corporation) C:\Windows\system32\SET75CE.tmp

2014-06-24 16:51 - 2014-06-24 16:51 - 09889352 _____ (Realtek Semiconductor Corp.) C:\Windows\SysWOW64\RsCRIcon.dll

2014-06-24 16:51 - 2014-06-24 16:51 - 00271064 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RtsUStor.sys

2014-06-24 16:51 - 2009-07-13 22:20 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories

2014-06-24 16:50 - 2014-06-24 16:50 - 00170200 _____ (Broadcom Corporation.) C:\Windows\system32\Drivers\bcbtums.sys

2014-06-24 16:50 - 2014-06-24 16:50 - 00057270 _____ () C:\Windows\system32\Drivers\BCM43142A0_001.001.011.0161.0177.hex

2014-06-24 16:50 - 2014-06-24 16:50 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_TeeDriverx64_01011.Wdf

2014-06-24 16:49 - 2014-06-24 16:49 - 01795952 _____ (Microsoft Corporation) C:\Windows\system32\WdfCoInstaller01011.dll

2014-06-24 16:49 - 2014-06-24 16:49 - 00100312 _____ (Intel Corporation) C:\Windows\system32\Drivers\TeeDriverx64.sys

2014-06-24 16:34 - 2014-06-24 16:34 - 00003170 _____ () C:\Windows\System32\Tasks\SmartDefrag3_Update

2014-06-24 16:33 - 2014-06-24 16:33 - 00002860 _____ () C:\Windows\System32\Tasks\Driver Booster SkipUAC (SYSTEM)

2014-06-24 16:33 - 2014-06-24 16:25 - 00003220 _____ () C:\Windows\System32\Tasks\Driver Booster Scan

2014-06-24 16:33 - 2014-06-24 16:25 - 00003164 _____ () C:\Windows\System32\Tasks\Driver Booster Update

2014-06-24 16:25 - 2014-06-24 16:25 - 00002852 _____ () C:\Windows\System32\Tasks\Driver Booster SkipUAC (User)

2014-06-24 11:41 - 2014-06-24 11:41 - 00000000 ____D () C:\ProgramData\AVG Secure Search

2014-06-24 11:41 - 2013-07-01 21:11 - 00000000 ____D () C:\Program Files (x86)\AVG SafeGuard toolbar

2014-06-24 11:41 - 2013-06-29 20:06 - 00050464 _____ (AVG Technologies) C:\Windows\system32\Drivers\avgtpx64.sys

2014-06-21 16:03 - 2014-05-15 18:08 - 00000000 ____D () C:\Program Files (x86)\IObit Apps Toolbar

2014-06-21 02:50 - 2014-06-01 10:47 - 00001109 _____ () C:\Users\User\Desktop\Katawa Shoujo.lnk

2014-06-21 02:50 - 2014-06-01 10:46 - 00000000 ____D () C:\Program Files (x86)\Katawa Shoujo

2014-06-20 15:48 - 2009-07-13 22:20 - 00000000 __RSD () C:\Windows\Media

2014-06-20 15:14 - 2014-07-09 02:36 - 00266424 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll

2014-06-20 14:39 - 2014-07-09 02:36 - 00240824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll

2014-06-18 20:39 - 2014-07-09 02:35 - 23464448 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll

2014-06-18 20:06 - 2014-07-09 02:36 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb

2014-06-18 20:06 - 2014-07-09 02:36 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll

2014-06-18 19:48 - 2014-07-09 02:35 - 02768384 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll

2014-06-18 19:42 - 2014-07-09 02:36 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll

2014-06-18 19:42 - 2014-07-09 02:35 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll

2014-06-18 19:41 - 2014-07-09 02:36 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll

2014-06-18 19:41 - 2014-07-09 02:35 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll

2014-06-18 19:32 - 2014-07-09 02:35 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll

2014-06-18 19:31 - 2014-07-09 02:36 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll

2014-06-18 19:26 - 2014-07-09 02:35 - 00598016 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll

2014-06-18 19:24 - 2014-07-09 02:36 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe

2014-06-18 19:24 - 2014-07-09 02:35 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe

2014-06-18 19:23 - 2014-07-09 02:35 - 00752640 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll

2014-06-18 19:16 - 2014-07-09 02:36 - 17276416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll

2014-06-18 19:14 - 2014-07-09 02:35 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe

2014-06-18 19:12 - 2014-06-16 21:10 - 00000000 ____D () C:\ProgramData\Appday software

2014-06-18 19:09 - 2014-07-09 02:36 - 00452608 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll

2014-06-18 18:59 - 2014-07-09 02:36 - 00038400 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll

2014-06-18 18:56 - 2014-07-09 02:36 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb

2014-06-18 18:53 - 2014-07-09 02:35 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll

2014-06-18 18:51 - 2014-07-09 02:35 - 05721088 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll

2014-06-18 18:50 - 2014-07-09 02:35 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll

2014-06-18 18:48 - 2014-07-09 02:35 - 00292864 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll

2014-06-18 18:39 - 2014-07-09 02:36 - 00608768 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe

2014-06-18 18:38 - 2014-07-09 02:35 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll

2014-06-18 18:37 - 2014-07-09 02:36 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll

2014-06-18 18:36 - 2014-07-09 02:36 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll

2014-06-18 18:35 - 2014-07-09 02:35 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll

2014-06-18 18:33 - 2014-07-09 02:36 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll

2014-06-18 18:32 - 2014-07-09 02:36 - 02179072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll

2014-06-18 18:28 - 2014-07-09 02:36 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll

2014-06-18 18:28 - 2014-07-09 02:36 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll

2014-06-18 18:27 - 2014-07-09 02:35 - 02040832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl

2014-06-18 18:27 - 2014-07-09 02:35 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll

2014-06-18 18:25 - 2014-07-09 02:36 - 00442368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll

2014-06-18 18:23 - 2014-07-09 02:35 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe

2014-06-18 18:22 - 2014-07-09 02:36 - 00592896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll

2014-06-18 18:12 - 2014-07-09 02:36 - 00367616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll

2014-06-18 18:06 - 2014-07-09 02:36 - 00032256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll

2014-06-18 18:01 - 2014-07-09 02:35 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll

2014-06-18 17:59 - 2014-07-09 02:36 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll

2014-06-18 17:58 - 2014-07-09 02:36 - 00239616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll

2014-06-18 17:58 - 2014-07-09 02:35 - 02266112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll

2014-06-18 17:52 - 2014-07-09 02:35 - 04254720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll

2014-06-18 17:51 - 2014-07-09 02:35 - 13527040 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll

2014-06-18 17:49 - 2014-07-09 02:36 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll

2014-06-18 17:46 - 2014-07-09 02:35 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll

2014-06-18 17:45 - 2014-07-09 02:36 - 01964544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl

2014-06-18 17:35 - 2014-07-09 02:36 - 11742208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll

2014-06-18 17:34 - 2014-07-09 02:36 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll

2014-06-18 17:15 - 2014-07-09 02:35 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll

2014-06-18 17:13 - 2014-07-09 02:35 - 01791488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll

2014-06-18 17:09 - 2014-07-09 02:36 - 01139200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll

2014-06-18 17:07 - 2014-07-09 02:35 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll

2014-06-18 12:25 - 2014-06-18 12:25 - 00000222 _____ () C:\Users\User\Desktop\Soldier Front 2.url

2014-06-18 10:03 - 2014-06-04 08:40 - 00003826 _____ () C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1401603626

2014-06-18 10:03 - 2014-06-01 01:20 - 00000000 ____D () C:\Program Files (x86)\Opera

2014-06-17 22:43 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\Web

2014-06-17 22:32 - 2014-06-16 21:09 - 00000000 ____D () C:\ProgramData\77e9934e1b4ae1eb

2014-06-17 22:32 - 2014-06-16 21:09 - 00000000 ____D () C:\Program Files (x86)\Adblocker

2014-06-17 22:30 - 2014-06-16 21:09 - 00000000 ____D () C:\Program Files (x86)\Downoload keaEper

2014-06-17 22:25 - 2014-06-04 17:25 - 00000000 ____D () C:\Users\User\AppData\Local\Bluestacks

2014-06-17 22:25 - 2009-07-13 22:20 - 00000000 __RHD () C:\Users\Public\Libraries

2014-06-17 22:17 - 2014-06-16 21:08 - 00000000 ____D () C:\Users\User\AppData\Roaming\SkypEmoticons

2014-06-17 22:08 - 2013-08-08 14:08 - 00000000 ____D () C:\Users\User\AppData\Roaming\Malwarebytes

2014-06-17 22:07 - 2013-08-08 14:07 - 00000000 ____D () C:\ProgramData\Malwarebytes

2014-06-17 21:55 - 2014-06-17 21:55 - 00000604 _____ () C:\Users\User\Documents\MC instruc.txt

2014-06-17 21:35 - 2013-06-27 17:08 - 00000000 ____D () C:\Users\User\AppData\Roaming\.minecraft

2014-06-17 21:18 - 2014-07-09 02:36 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\osk.exe

2014-06-17 20:51 - 2014-07-09 02:36 - 00646144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\osk.exe

2014-06-17 20:10 - 2014-07-09 02:36 - 03157504 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys

2014-06-16 21:50 - 2014-06-16 21:48 - 01557060 _____ (TeamExtreme) C:\Users\User\Desktop\Minecraft.exe

2014-06-16 21:10 - 2014-06-16 21:08 - 00000000 ____D () C:\ProgramData\InstallMate

2014-06-16 21:09 - 2014-06-16 21:09 - 00000000 ____D () C:\Users\User\AppData\Local\Packages

2014-06-16 21:09 - 2014-06-16 21:09 - 00000000 ____D () C:\Users\User\AppData\Local\Chromatic Browser

2014-06-16 21:09 - 2013-08-01 00:04 - 00000506 __RSH () C:\ProgramData\ntuser.pol

2014-06-16 21:09 - 2013-06-26 22:05 - 00000000 ____D () C:\Program Files (x86)\Google

2014-06-16 21:08 - 2014-06-16 21:08 - 00000000 ____D () C:\Users\User\AppData\Local\Torch

2014-06-16 21:08 - 2014-06-16 21:08 - 00000000 ____D () C:\Users\User\AppData\Local\Comodo

2014-06-16 21:08 - 2014-06-16 21:08 - 00000000 ____D () C:\Users\Guest\AppData\Local\Torch

2014-06-16 21:08 - 2014-06-16 21:08 - 00000000 ____D () C:\Users\Guest\AppData\Local\Google

2014-06-16 21:08 - 2014-06-16 21:08 - 00000000 ____D () C:\Users\Guest\AppData\Local\Comodo

2014-06-16 21:08 - 2014-06-16 21:08 - 00000000 ____D () C:\Users\Guest\AppData\Local\Chromatic Browser

2014-06-16 21:08 - 2014-06-16 21:08 - 00000000 ____D () C:\Users\Guest

2014-06-16 21:08 - 2014-06-16 21:08 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Torch

2014-06-16 21:08 - 2014-06-16 21:08 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Google

2014-06-16 21:08 - 2014-06-16 21:08 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Comodo

2014-06-16 21:08 - 2014-06-16 21:08 - 00000000 ____D () C:\Users\Administrator\AppData\Local\Chromatic Browser

2014-06-16 21:08 - 2014-06-16 21:08 - 00000000 ____D () C:\Users\Administrator

2014-06-16 21:08 - 2013-06-26 22:05 - 00000000 ____D () C:\Users\User\AppData\Local\Google

2014-06-12 04:10 - 2009-07-13 22:20 - 00000000 ____D () C:\Windows\rescache

2014-06-10 15:05 - 2014-06-10 00:48 - 00005486 _____ () C:\Users\User\Downloads\[Fuwanovel] Yandere.torrent

2014-06-10 00:47 - 2014-06-05 00:12 - 00000000 ____D () C:\Users\User\AppData\Roaming\cobra

 

Files to move or delete:

====================

C:\Users\User\jagex_cl_runescape_LIVE.dat

C:\Users\User\random.dat

C:\Users\User\AppData\Roaming\msconfig.ini

 

 

Some content of TEMP:

====================

C:\Users\User\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpkiz7ow.dll

 

 

==================== Bamital & volsnap Check =================

 

C:\Windows\System32\winlogon.exe => File is digitally signed

C:\Windows\System32\wininit.exe => File is digitally signed

C:\Windows\SysWOW64\wininit.exe => File is digitally signed

C:\Windows\explorer.exe => File is digitally signed

C:\Windows\SysWOW64\explorer.exe => File is digitally signed

C:\Windows\System32\svchost.exe => File is digitally signed

C:\Windows\SysWOW64\svchost.exe => File is digitally signed

C:\Windows\System32\services.exe => File is digitally signed

C:\Windows\System32\User32.dll => File is digitally signed

C:\Windows\SysWOW64\User32.dll => File is digitally signed

C:\Windows\System32\userinit.exe => File is digitally signed

C:\Windows\SysWOW64\userinit.exe => File is digitally signed

C:\Windows\System32\rpcss.dll => File is digitally signed

C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

 

 

LastRegBack: 2014-07-04 19:54

 

==================== End Of Log ============================

Link to post
Share on other sites

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 10-07-2014 01

Ran by User at 2014-07-10 21:39:33

Running from C:\Users\User\Downloads

Boot Mode: Normal

==========================================================

 

 

==================== Security Center ========================

 

AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

 

==================== Installed Programs ======================

 

Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 14.0.0.110 - Adobe Systems Incorporated)

Adobe AIR (x32 Version: 14.0.0.110 - Adobe Systems Incorporated) Hidden

Adobe Flash Player 14 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 14.0.0.145 - Adobe Systems Incorporated)

Adobe Flash Player 14 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 14.0.0.145 - Adobe Systems Incorporated)

Adobe Media Encoder CC 2014 (HKLM-x32\...\{663DEEEF-EF34-4DCB-8687-73A7AA146E02}) (Version: 8.0.0 - Adobe Systems Incorporated)

Adobe Reader XI (11.0.07) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.07 - Adobe Systems Incorporated)

Advanced Audio FX Engine (HKLM-x32\...\Advanced Audio FX Engine) (Version: 1.12.05 - Creative Technology Ltd)

Akamai NetSession Interface (HKCU\...\Akamai) (Version:  - Akamai Technologies, Inc)

Apple Application Support (HKLM-x32\...\{D9DAD0FF-495A-472B-9F10-BAE430A26682}) (Version: 3.0.3 - Apple Inc.)

Apple Mobile Device Support (HKLM\...\{787136D2-F0F8-4625-AA3F-72D7795AC842}) (Version: 7.1.1.3 - Apple Inc.)

Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)

Arc (HKLM-x32\...\{CED8E25B-122A-4E80-B612-7F99B93284B3}) (Version: 1.0.0.5510 - Perfect World Entertainment)

Audacity 2.0.5 (HKLM-x32\...\Audacity_is1) (Version: 2.0.5 - Audacity Team)

BitTorrent (HKCU\...\BitTorrent) (Version: 7.9.2.32241 - BitTorrent Inc.)

Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)

Canon Inkjet Printer/Scanner/Fax Extended Survey Program (HKLM-x32\...\CANONIJPLM100) (Version:  - )

Canon MP Navigator EX 3.0 (HKLM-x32\...\MP Navigator EX 3.0) (Version:  - )

Canon MP490 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP490_series) (Version:  - )

Canon MP490 series User Registration (HKLM-x32\...\Canon MP490 series User Registration) (Version:  - )

Canon Utilities Easy-PhotoPrint EX (HKLM-x32\...\Easy-PhotoPrint EX) (Version:  - )

Canon Utilities My Printer (HKLM-x32\...\CanonMyPrinter) (Version:  - )

Canon Utilities Solution Menu (HKLM-x32\...\CanonSolutionMenu) (Version:  - )

CCleaner (HKLM\...\CCleaner) (Version: 4.15 - Piriform)

Cirrus Logic Audio Panel (Version: 1.1.12.4 - Cirrus Logic) Hidden

Cirrus Logic Audio x64 (Version: 6.24.5.2 - Cirrus Logic) Hidden

Cisco EAP-FAST Module (x32 Version: 2.2.14 - Cisco Systems, Inc.) Hidden

Cisco LEAP Module (x32 Version: 1.0.19 - Cisco Systems, Inc.) Hidden

Cisco PEAP Module (x32 Version: 1.1.6 - Cisco Systems, Inc.) Hidden

Compatibility Pack for the 2007 Office system (HKLM-x32\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)

D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden

Dell Audio (HKLM-x32\...\{3A69FD31-5EE7-42C9-918B-81C07AA21043}) (Version: 6.24.5.2 - Cirrus Logic)

Dell Edoc Viewer (HKLM\...\{8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}) (Version: 1.0.0 - Dell Inc)

Dell Touchpad (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: 7.1209.101.217 - ALPS ELECTRIC CO., LTD.)

Dell Webcam Central (HKLM-x32\...\Dell Webcam Central) (Version: 2.01.15 - Creative Technology Ltd)

Dropbox (HKCU\...\Dropbox) (Version: 2.8.2 - Dropbox, Inc.)

DW WLAN Card Utility (HKLM\...\DW WLAN Card Utility) (Version: 6.20.55.52 - Dell Inc.)

Fraps (remove only) (HKLM-x32\...\Fraps) (Version:  - )

Google Chrome (HKLM-x32\...\Google Chrome) (Version: 35.0.1916.153 - Google Inc.)

Google Update Helper (x32 Version: 1.3.24.7 - Google Inc.) Hidden

Happy Cloud Client (HKCU\...\HappyCloud) (Version: 3.72 - Happy Cloud, Inc.)

HitmanPro 3.7 (HKLM\...\HitmanPro37) (Version: 3.7.9.220 - SurfRight B.V.)

Intel® Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)

Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.0.4.1441 - Intel Corporation)

Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.3347 - Intel Corporation)

Intel® Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.1.0.1006 - Intel Corporation)

Intel® Trusted Connect Service Client (HKLM\...\{09536BA1-E498-4CC3-B834-D884A67D7E34}) (Version: 1.23.605.1 - Intel Corporation)

IObit Apps Toolbar v9.2 (HKLM-x32\...\{4F5E5430-1DA8-4B2B-BB26-B29C0E7DBFDB}) (Version: 9.2 - Spigot, Inc.) <==== ATTENTION

iTunes (HKLM\...\{5A68A656-979F-4168-8795-E2E368AA4DC2}) (Version: 11.2.2.3 - Apple Inc.)

Java 7 Update 40 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217040FF}) (Version: 7.0.400 - Oracle)

Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden

Junk Mail filter update (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden

Katawa Shoujo (HKLM-x32\...\Katawa Shoujo) (Version:  - )

Lightshot-5.1.2.5 (HKLM-x32\...\{30A5B3C9-2084-4063-A32A-628A98DE512B}_is1) (Version: 5.1.2.5 - Skillbrains)

Malwarebytes Anti-Exploit version 1.03.1.1220 (HKLM\...\Malwarebytes Anti-Exploit_is1) (Version: 1.03.1.1220 - Malwarebytes)

Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)

Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden

Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden

Microsoft Office Word Viewer 2003 (HKLM-x32\...\{90850409-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)

Microsoft OneDrive (HKCU\...\OneDriveSetup.exe) (Version: 17.0.4041.0512 - Microsoft Corporation)

Microsoft Security Client (Version: 4.5.0216.0 - Microsoft Corporation) Hidden

Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.5.216.0 - Microsoft Corporation)

Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)

Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{820B6609-4C97-3A2B-B644-573B06A0F0CC}) (Version: 9.0.30729 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)

Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)

Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)

Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)

Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (Version: 11.0.61030 - Microsoft Corporation) Hidden

Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (Version: 11.0.61030 - Microsoft Corporation) Hidden

Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (x32 Version: 11.0.61030 - Microsoft Corporation) Hidden

Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (x32 Version: 11.0.61030 - Microsoft Corporation) Hidden

Movie Maker (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden

MP3 Rocket (HKLM-x32\...\MP3 Rocket) (Version: 6.4.7 - MP3 Rocket Inc)

MSVC90_x64 (Version: 1.0.1.2 - Nokia) Hidden

MSVC90_x86 (x32 Version: 1.0.1.2 - Nokia) Hidden

MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden

MSVCRT Redists (Version: 1.0 - Sony Creative Software Inc.) Hidden

MSVCRT Redists (x32 Version: 1.0 - Sony Creative Software Inc.) Hidden

MSVCRT_amd64 (x32 Version: 15.4.2862.0708 - Microsoft) Hidden

MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden

MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden

Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.6.7 - Notepad++ Team)

NVMS5 Standard Edition (HKLM-x32\...\{F011CDD5-87D2-4873-8EE3-FA95B1FEAED9}) (Version: 5.2 - NVMS)

Open Broadcaster Software (HKLM-x32\...\Open Broadcaster Software) (Version:  - )

Opera Stable 22.0.1471.70 (HKLM-x32\...\Opera 22.0.1471.70) (Version: 22.0.1471.70 - Opera Software ASA)

osu! (HKLM-x32\...\{C3592426-531E-4110-911D-BFECE2CE284C}) (Version: 0.0.0.0 - peppy)

paint.net (HKLM\...\{3F5F509B-E226-417C-8CD1-CAAE756C328A}) (Version: 4.0.0 - dotPDN LLC)

Pando Media Booster (HKLM-x32\...\{980A182F-E0A2-4A40-94C1-AE0C1235902E}) (Version: 2.6.0.7 - Pando Networks Inc.)

Photo Gallery (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden

Process Hacker 2.33 (r5590) (HKLM\...\Process_Hacker2_is1) (Version: 2.33.0.5590 - wj32)

Quickset64 (HKLM\...\{87CF757E-C1F1-4D22-865C-00C6950B5258}) (Version: 11.0.10 - Dell Inc.)

ROBLOX Player for User (HKCU\...\{373B1718-8CC5-4567-8EE2-9033AD08A680}) (Version:  - ROBLOX Corporation)

Skype Click to Call (HKLM-x32\...\{BB285C9F-C821-4770-8970-56C4AB52C87E}) (Version: 7.2.15747.10003 - Microsoft Corporation)

Skype™ 6.16 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.16.105 - Skype Technologies S.A.)

Soldier Front 2 (HKLM-x32\...\Steam App 239660) (Version:  - Dragonfly)

Steam (HKLM-x32\...\Steam) (Version:  - Valve Corporation)

Trusted Saver (HKLM-x32\...\Trusted Saver) (Version: 1.27.153.5 - Trusted Saver)

Unity Web Player (HKCU\...\UnityWebPlayer) (Version:  - Unity Technologies ApS)

Vegas Pro 13.0 (64-bit) (HKLM\...\{D0360940-CCC6-11E3-B9C6-F04DA23A5C58}) (Version: 13.0.310 - Sony)

Visual Studio 2010 x64 Redistributables (HKLM\...\{21B133D6-5979-47F0-BE1C-F6A6B304693F}) (Version: 13.0.0.1 - AVG Technologies)

WIDCOMM Bluetooth Software (HKLM\...\{A1439D4F-FD46-47F2-A1D3-FEE097C29A09}) (Version: 6.5.1.2500 - Broadcom Corporation)

Windows Live Communications Platform (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden

Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3508.0205 - Microsoft Corporation)

Windows Live Essentials (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden

Windows Live ID Sign-in Assistant (Version: 7.250.4311.0 - Microsoft Corporation) Hidden

Windows Live Installer (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden

Windows Live Mail (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden

Windows Live Messenger (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden

Windows Live MIME IFilter (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden

Windows Live Photo Common (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden

Windows Live PIMT Platform (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden

Windows Live SOXE (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden

Windows Live SOXE Definitions (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden

Windows Live UX Platform (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden

Windows Live UX Platform Language Pack (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden

Windows Live Writer (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden

Windows Live Writer Resources (x32 Version: 16.4.3508.0205 - Microsoft Corporation) Hidden

WinRAR 5.00 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.00.0 - win.rar GmbH)

Yahoo! Messenger (HKLM-x32\...\Yahoo! Messenger) (Version:  - Yahoo! Inc.)

 

==================== Restore Points  =========================

 

04-07-2014 16:09:15 Windows Update

08-07-2014 01:21:10 Installed Cheat Engine

08-07-2014 15:56:00 Windows Update

09-07-2014 08:01:50 Windows Update

09-07-2014 15:30:52 Windows Update

10-07-2014 07:34:38 Registry Reviver Restore Point (07/10/14)

10-07-2014 08:19:17 Removed Vegas Pro 13.0 (64-bit)

10-07-2014 17:13:12 Checkpoint by HitmanPro

10-07-2014 17:34:15 Checkpoint by HitmanPro

 

==================== Hosts content: ==========================

 

2009-07-13 21:34 - 2009-06-10 16:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

 

==================== Scheduled Tasks (whitelisted) =============

 

Task: {021DC7CF-36E4-4B2F-8E4D-A6584BF4291A} - System32\Tasks\Driver Booster SkipUAC (User) => C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe

Task: {05754845-923B-4EBC-9945-92327A4540CB} - System32\Tasks\update-sys => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [2014-03-25] ()

Task: {1B82B772-B3AE-42DF-9772-70D8A90C2589} - System32\Tasks\{D0FD7341-BFFA-4E6F-A8F5-EBE5421775DA} => C:\Program Files (x86)\Canon\IJ Manual\Easy Guide Viewer\cmview.exe [2009-04-23] (CANON INC.)

Task: {2E79C2D0-9E4C-4BCA-BD70-632B26052CA8} - System32\Tasks\{B52DC84F-8800-4BF5-8662-6181DD8F6BEB} => C:\Program Files (x86)\Canon\IJ Manual\Easy Guide Viewer\cmview.exe [2009-04-23] (CANON INC.)

Task: {3427CCB5-DDCC-4AD4-8336-C7C76A65C71F} - System32\Tasks\AdobeAAMUpdater-1.0-User-PC-User => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2014-02-27] (Adobe Systems Incorporated)

Task: {4890274D-37BB-4AF9-A0B3-357CDF81E169} - System32\Tasks\Opera scheduled Autoupdate 1401603626 => C:\Program Files (x86)\Opera\launcher.exe [2014-06-16] (Opera Software)

Task: {4DEF4503-EAF1-45B7-AD0F-B85C895AAD46} - System32\Tasks\EnergoTech Update => C:\ProgramData\EnergoTech\update.exe [2014-06-26] (EnergoTech LLC)

Task: {53755BAC-6759-4771-A1C6-9B3CFE0B4492} - System32\Tasks\Trusted Saver-codedownloader => C:\Program Files (x86)\Trusted Saver\Trusted Saver-codedownloader.exe [2013-06-26] (Trusted Saver)

Task: {56A14F61-F7B5-449A-88DD-5EAB501DD935} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-07-08] (Adobe Systems Incorporated)

Task: {5E47C81B-2144-45A1-858B-F4985B69F817} - System32\Tasks\update-S-1-5-21-2278122046-1784014762-222765858-1000 => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [2014-03-25] ()

Task: {69505C6E-384D-4612-88DE-198F1633758F} - \BackgroundContainer Startup Task No Task File <==== ATTENTION

Task: {69A0D086-99B3-416E-A066-11F113C4F7BB} - System32\Tasks\Trusted Saver-enabler => C:\Program Files (x86)\Trusted Saver\Trusted Saver-enabler.exe [2013-10-14] (Trusted Saver)

Task: {70285D8D-B643-446B-8E9B-731110398450} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

Task: {8108B12B-DD65-4728-9781-3007E593999D} - System32\Tasks\Driver Booster Update => C:\Program Files (x86)\IObit\Driver Booster\AutoUpdate.exe

Task: {8835B91A-32B9-43AA-AA50-777FA7CD09DC} - System32\Tasks\ASC7_PerformanceMonitor => C:\Program Files (x86)\IObit\Advanced SystemCare 7\Monitor.exe

Task: {89420A3A-583F-4732-90AC-D95E6DB5E239} - System32\Tasks\ASC7_SkipUac_User => C:\Program Files (x86)\IObit\Advanced SystemCare 7\ASC.exe

Task: {B3919807-9639-45EA-8D39-9AAA4D2FC038} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

Task: {B9896929-D4C0-422A-BB2B-0989D92D0842} - System32\Tasks\Uninstaller_SkipUac_Administrator => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe

Task: {C7617B60-D96E-43DF-BC4F-30DE17D472AF} - System32\Tasks\Driver Booster Scan => C:\Program Files (x86)\IObit\Driver Booster\Scheduler.exe

Task: {C962D970-643D-43DA-8F9E-B1015A6B8797} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)

Task: {E00A2EE2-9647-4959-B9D5-C6DD2F2FB1B8} - System32\Tasks\SmartDefrag3_Update => C:\Program Files (x86)\IObit\Smart Defrag 3\AutoUpdate.exe

Task: {E515A0E4-424F-4EBD-A20E-A013C8EBA565} - System32\Tasks\Trusted Saver-updater => C:\Program Files (x86)\Trusted Saver\Trusted Saver-updater.exe [2013-06-26] (Trusted Saver)

Task: {EDBF7E16-8C18-4DE3-8AC4-11F55FF0C9EA} - System32\Tasks\SmartDefrag3_Startup => C:\Program Files (x86)\IObit\Smart Defrag 3\SmartDefrag.exe

Task: {FFADC1C7-75F0-4220-B9EF-725AF12C43CF} - System32\Tasks\Driver Booster SkipUAC (SYSTEM) => C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

Task: C:\Windows\Tasks\Trusted Saver-codedownloader.job => C:\Program Files (x86)\Trusted Saver\Trusted Saver-codedownloader.exe

Task: C:\Windows\Tasks\Trusted Saver-enabler.job => C:\Program Files (x86)\Trusted Saver\Trusted Saver-enabler.exe

Task: C:\Windows\Tasks\Trusted Saver-updater.job => C:\Program Files (x86)\Trusted Saver\Trusted Saver-updater.exe

Task: C:\Windows\Tasks\update-S-1-5-21-2278122046-1784014762-222765858-1000.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe

Task: C:\Windows\Tasks\update-sys.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe

 

==================== Loaded Modules (whitelisted) =============

 

2012-05-10 17:47 - 2012-05-10 17:47 - 20567552 _____ () C:\Program Files\Cirrus Logic Audio Panel\CirrusAudioPanel_Dell.exe

2012-05-10 17:47 - 2012-05-10 17:47 - 03625472 _____ () C:\Program Files\Cirrus Logic Audio Panel\en-US\CirrusAudioPanel_Dell.resources.dll

2012-05-10 17:47 - 2012-05-10 17:47 - 00048128 _____ () C:\Program Files\Cirrus Logic Audio Panel\CoreAudioApi.dll

2012-05-10 17:47 - 2012-05-10 17:47 - 00013824 _____ () C:\Program Files\Cirrus Logic Audio Panel\LocalizationControlsLib.dll

2012-05-10 17:47 - 2012-05-10 17:47 - 00260096 _____ () C:\Program Files\Cirrus Logic Audio Panel\LocalizeLanguage.dll

2012-05-10 17:47 - 2012-05-10 17:47 - 00011776 _____ () C:\Program Files\Cirrus Logic Audio Panel\ExtendedWindowsControls.dll

2013-02-27 00:21 - 2012-03-27 11:33 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll

2014-05-17 11:33 - 2009-02-10 11:01 - 00116104 _____ () C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE

2013-08-15 14:55 - 2012-05-23 15:00 - 00155136 _____ () C:\Program Files (x86)\NVMS5 Standard Edition\bin\cms.exe

2013-08-15 14:56 - 2009-03-16 13:29 - 06562432 _____ () C:\Program Files (x86)\NVMS5 Standard Edition\data\bin\mysqld.exe

2013-08-15 14:56 - 2012-03-31 17:38 - 00176640 _____ () C:\Program Files (x86)\NVMS5 Standard Edition\bin\watch.exe

2013-08-15 14:55 - 2012-05-23 14:58 - 00014848 _____ () C:\Program Files (x86)\NVMS5 Standard Edition\bin\vtdu.exe

2013-08-15 14:55 - 2012-05-23 14:58 - 00015872 _____ () C:\Program Files (x86)\NVMS5 Standard Edition\bin\nru.exe

2014-06-18 10:03 - 2014-06-18 10:03 - 01396344 _____ () C:\Program Files (x86)\Opera\22.0.1471.70\opera_crashreporter.exe

2014-01-20 14:17 - 2014-01-20 14:17 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll

2014-01-20 14:16 - 2014-01-20 14:16 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll

2014-07-10 20:46 - 2014-07-10 20:46 - 00043008 _____ () c:\users\user\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpkiz7ow.dll

2013-08-23 14:01 - 2013-08-23 14:01 - 25100288 _____ () C:\Users\User\AppData\Roaming\Dropbox\bin\libcef.dll

2013-08-15 14:55 - 2012-05-23 14:59 - 00176640 _____ () C:\Program Files (x86)\NVMS5 Standard Edition\bin\nmactionmgr.dll

2013-12-14 17:25 - 2012-05-24 09:39 - 00496640 _____ () C:\Program Files (x86)\NVMS5 Standard Edition\bin\sdp.dll

2013-12-14 17:25 - 2012-04-10 11:45 - 01318912 _____ () C:\Program Files (x86)\NVMS5 Standard Edition\bin\LIBMYSQL.dll

2013-08-15 14:55 - 2012-05-23 14:59 - 00116736 _____ () C:\Program Files (x86)\NVMS5 Standard Edition\bin\action.dll

2013-08-15 14:55 - 2012-05-23 14:59 - 00117248 _____ () C:\Program Files (x86)\NVMS5 Standard Edition\bin\adapter.dll

2013-12-14 17:25 - 2012-05-24 09:39 - 00118784 _____ () C:\Program Files (x86)\NVMS5 Standard Edition\bin\mitoid.dll

2013-08-15 14:55 - 2012-05-23 14:59 - 00159232 _____ () C:\Program Files (x86)\NVMS5 Standard Edition\bin\nmmitcore.dll

2013-08-15 14:55 - 2012-05-23 14:59 - 00179200 _____ () C:\Program Files (x86)\NVMS5 Standard Edition\bin\nmsecucore.dll

2013-12-14 17:25 - 2012-05-24 09:39 - 00128000 _____ () C:\Program Files (x86)\NVMS5 Standard Edition\bin\tdcne.dll

2013-08-15 14:55 - 2012-05-23 14:59 - 00139264 _____ () C:\Program Files (x86)\NVMS5 Standard Edition\bin\actionalarmout.dll

2013-08-15 14:55 - 2012-05-23 14:59 - 00142336 _____ () C:\Program Files (x86)\NVMS5 Standard Edition\bin\actioncupreview.dll

2013-12-14 17:25 - 2012-05-24 09:39 - 00193536 _____ () C:\Program Files (x86)\NVMS5 Standard Edition\bin\tdccms.dll

2013-08-15 14:55 - 2012-05-23 14:59 - 00169984 _____ () C:\Program Files (x86)\NVMS5 Standard Edition\bin\nmlogcore.dll

2013-08-15 14:55 - 2012-05-23 14:59 - 00138240 _____ () C:\Program Files (x86)\NVMS5 Standard Edition\bin\msgcenter.dll

2013-08-15 14:55 - 2012-05-23 14:59 - 00168448 _____ () C:\Program Files (x86)\NVMS5 Standard Edition\bin\adapter_nru.dll

2013-08-15 14:55 - 2012-05-23 14:59 - 00211456 _____ () C:\Program Files (x86)\NVMS5 Standard Edition\bin\nmmit.dll

2013-08-15 14:55 - 2012-05-23 14:59 - 00224768 _____ () C:\Program Files (x86)\NVMS5 Standard Edition\bin\license.dll

2013-08-15 14:55 - 2012-05-23 14:59 - 00130048 _____ () C:\Program Files (x86)\NVMS5 Standard Edition\bin\nmsecu.dll

2013-08-15 14:55 - 2012-05-23 14:59 - 00122368 _____ () C:\Program Files (x86)\NVMS5 Standard Edition\bin\nmfault.dll

2013-08-15 14:55 - 2012-05-23 14:59 - 00254464 _____ () C:\Program Files (x86)\NVMS5 Standard Edition\bin\nmfaultcore.dll

2013-08-15 14:55 - 2012-05-23 14:59 - 00070656 _____ () C:\Program Files (x86)\NVMS5 Standard Edition\bin\nmexport.dll

2013-08-15 14:55 - 2012-05-23 14:59 - 00291840 _____ () C:\Program Files (x86)\NVMS5 Standard Edition\bin\nmvtdumgr.dll

2013-08-15 14:55 - 2012-05-23 14:59 - 00128000 _____ () C:\Program Files (x86)\NVMS5 Standard Edition\bin\nmuserproperty.dll

2013-08-15 14:55 - 2012-05-23 14:59 - 00158208 _____ () C:\Program Files (x86)\NVMS5 Standard Edition\bin\adapter_vtdu.dll

2013-08-15 14:55 - 2012-05-23 14:59 - 00116736 _____ () C:\Program Files (x86)\NVMS5 Standard Edition\bin\nmlog.dll

2013-08-15 14:55 - 2012-05-23 15:00 - 00215040 _____ () C:\Program Files (x86)\NVMS5 Standard Edition\bin\adapter_dvrs.dll

2013-12-14 17:25 - 2012-04-10 11:45 - 01253376 _____ () C:\Program Files (x86)\NVMS5 Standard Edition\bin\HieClientUnit.dll

2013-08-15 14:55 - 2012-05-23 14:59 - 00250880 _____ () C:\Program Files (x86)\NVMS5 Standard Edition\bin\nmmap.dll

2013-08-15 14:55 - 2012-05-23 14:59 - 00156672 _____ () C:\Program Files (x86)\NVMS5 Standard Edition\bin\nmhydvrs.dll

2013-08-15 14:55 - 2012-05-23 14:59 - 00150528 _____ () C:\Program Files (x86)\NVMS5 Standard Edition\bin\nmnrumgr.dll

2013-08-15 14:55 - 2012-05-23 14:59 - 00137216 _____ () C:\Program Files (x86)\NVMS5 Standard Edition\bin\nmsys.dll

2014-05-14 11:45 - 2014-05-14 11:45 - 00090624 _____ () C:\Program Files (x86)\PasswordBox\libwebsocketswin32.dll

2013-12-14 17:25 - 2012-05-24 09:39 - 00117248 _____ () C:\Program Files (x86)\NVMS5 Standard Edition\bin\avadapter.dll

2013-08-15 14:55 - 2012-05-23 14:58 - 00031232 _____ () C:\Program Files (x86)\NVMS5 Standard Edition\bin\nesys.dll

2013-12-14 17:25 - 2012-05-24 09:39 - 00175616 _____ () C:\Program Files (x86)\NVMS5 Standard Edition\bin\avadapter_private.dll

2013-12-14 17:25 - 2012-05-24 09:39 - 00148992 _____ () C:\Program Files (x86)\NVMS5 Standard Edition\bin\avadapter_private_vtdu.dll

2013-08-15 14:55 - 2012-05-23 14:58 - 00133632 _____ () C:\Program Files (x86)\NVMS5 Standard Edition\bin\nevtdu.dll

2013-12-14 17:25 - 2012-05-24 09:39 - 00106496 _____ () C:\Program Files (x86)\NVMS5 Standard Edition\bin\avadapter_private_ex.dll

2013-08-15 14:55 - 2012-05-23 14:58 - 00080384 _____ () C:\Program Files (x86)\NVMS5 Standard Edition\bin\nenru_avr.dll

2013-08-15 14:55 - 2012-05-23 14:58 - 00163328 _____ () C:\Program Files (x86)\NVMS5 Standard Edition\bin\nenru.dll

2013-06-26 21:41 - 2012-05-25 04:25 - 00921600 _____ () C:\Program Files (x86)\Yahoo!\Messenger\yui.dll

2014-02-12 18:53 - 2014-02-12 18:53 - 00172032 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\00a0b4a9df6e4abf30ae2af3624a77ce\IsdiInterop.ni.dll

2013-02-26 23:17 - 2012-02-01 17:25 - 00059904 _____ () C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IsdiInterop.dll

2013-02-26 23:22 - 2012-03-06 15:27 - 01198872 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\ACE.dll

2014-06-18 10:03 - 2014-06-18 10:03 - 00877688 _____ () C:\Program Files (x86)\Opera\22.0.1471.70\libglesv2.dll

2014-06-18 10:03 - 2014-06-18 10:03 - 00135800 _____ () C:\Program Files (x86)\Opera\22.0.1471.70\libegl.dll

2014-06-18 10:03 - 2014-06-18 10:03 - 00957048 _____ () C:\Program Files (x86)\Opera\22.0.1471.70\ffmpegsumo.dll

 

==================== Alternate Data Streams (whitelisted) =========

 

AlternateDataStreams: C:\Users\User\Cookies:Hvyl6zsIaM2elEsQwf5AvJ

 

==================== Safe Mode (whitelisted) ===================

 

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\IMFservice => ""="Service"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"

 

==================== EXE Association (whitelisted) =============

 

 

==================== MSCONFIG/TASK MANAGER disabled items =========

 

 

==================== Faulty Device Manager Devices =============

 

 

==================== Event log errors: =========================

 

Application errors:

==================

Error: (07/10/2014 08:46:53 PM) (Source: WinMgmt) (EventID: 10) (User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

 

Error: (07/10/2014 08:42:21 PM) (Source: WinMgmt) (EventID: 10) (User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

 

Error: (07/10/2014 07:54:50 PM) (Source: WinMgmt) (EventID: 10) (User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

 

Error: (07/10/2014 06:26:48 PM) (Source: WinMgmt) (EventID: 10) (User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

 

Error: (07/10/2014 06:18:39 PM) (Source: WinMgmt) (EventID: 10) (User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

 

Error: (07/10/2014 06:10:29 PM) (Source: WinMgmt) (EventID: 10) (User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

 

Error: (07/10/2014 06:01:36 PM) (Source: WinMgmt) (EventID: 10) (User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

 

Error: (07/10/2014 02:00:34 PM) (Source: WinMgmt) (EventID: 10) (User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

 

Error: (07/10/2014 01:52:33 PM) (Source: WinMgmt) (EventID: 10) (User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

 

Error: (07/10/2014 01:50:04 PM) (Source: System Restore) (EventID: 8193) (User: )

Description: Failed to create restore point (Process = C:\Program Files\HitmanPro\HitmanPro.exe Files\HitmanPro\HitmanPro.exe" ; Description = Checkpoint by HitmanPro; Error = 0x8007043c).

 

 

System errors:

=============

Error: (07/10/2014 08:53:46 PM) (Source: cdrom) (EventID: 7) (User: )

Description: The device, \Device\CdRom0, has a bad block.

 

Error: (07/10/2014 08:53:37 PM) (Source: cdrom) (EventID: 7) (User: )

Description: The device, \Device\CdRom0, has a bad block.

 

Error: (07/10/2014 08:53:29 PM) (Source: cdrom) (EventID: 7) (User: )

Description: The device, \Device\CdRom0, has a bad block.

 

Error: (07/10/2014 08:53:20 PM) (Source: cdrom) (EventID: 7) (User: )

Description: The device, \Device\CdRom0, has a bad block.

 

Error: (07/10/2014 08:53:11 PM) (Source: cdrom) (EventID: 7) (User: )

Description: The device, \Device\CdRom0, has a bad block.

 

Error: (07/10/2014 08:53:03 PM) (Source: cdrom) (EventID: 7) (User: )

Description: The device, \Device\CdRom0, has a bad block.

 

Error: (07/10/2014 08:52:54 PM) (Source: cdrom) (EventID: 7) (User: )

Description: The device, \Device\CdRom0, has a bad block.

 

Error: (07/10/2014 08:52:46 PM) (Source: cdrom) (EventID: 7) (User: )

Description: The device, \Device\CdRom0, has a bad block.

 

Error: (07/10/2014 08:52:37 PM) (Source: cdrom) (EventID: 7) (User: )

Description: The device, \Device\CdRom0, has a bad block.

 

Error: (07/10/2014 08:52:28 PM) (Source: cdrom) (EventID: 7) (User: )

Description: The device, \Device\CdRom0, has a bad block.

 

 

Microsoft Office Sessions:

=========================

Error: (07/10/2014 08:46:53 PM) (Source: WinMgmt) (EventID: 10) (User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

 

Error: (07/10/2014 08:42:21 PM) (Source: WinMgmt) (EventID: 10) (User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

 

Error: (07/10/2014 07:54:50 PM) (Source: WinMgmt) (EventID: 10) (User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

 

Error: (07/10/2014 06:26:48 PM) (Source: WinMgmt) (EventID: 10) (User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

 

Error: (07/10/2014 06:18:39 PM) (Source: WinMgmt) (EventID: 10) (User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

 

Error: (07/10/2014 06:10:29 PM) (Source: WinMgmt) (EventID: 10) (User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

 

Error: (07/10/2014 06:01:36 PM) (Source: WinMgmt) (EventID: 10) (User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

 

Error: (07/10/2014 02:00:34 PM) (Source: WinMgmt) (EventID: 10) (User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

 

Error: (07/10/2014 01:52:33 PM) (Source: WinMgmt) (EventID: 10) (User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

 

Error: (07/10/2014 01:50:04 PM) (Source: System Restore) (EventID: 8193) (User: )

Description: C:\Program Files\HitmanPro\HitmanPro.exe Files\HitmanPro\HitmanPro.exe" Checkpoint by HitmanPro0x8007043c

 

 

CodeIntegrity Errors:

===================================

  Date: 2013-11-25 01:10:40.852

  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.

 

  Date: 2013-11-25 01:10:40.849

  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.

 

  Date: 2013-11-25 01:10:40.846

  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.

 

  Date: 2013-11-25 01:10:40.836

  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\KLELAMX64\klelam.sys because the set of per-page image hashes could not be found on the system.

 

  Date: 2013-11-25 01:10:40.834

  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\KLELAMX64\klelam.sys because the set of per-page image hashes could not be found on the system.

 

  Date: 2013-11-25 01:10:40.831

  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\KLELAMX64\klelam.sys because the set of per-page image hashes could not be found on the system.

 

  Date: 2013-11-17 15:57:23.515

  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.

 

  Date: 2013-11-17 15:57:23.513

  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.

 

  Date: 2013-11-17 15:57:23.511

  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.

 

  Date: 2013-11-17 15:57:23.468

  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files (x86)\Kaspersky Lab\Kaspersky PURE 3.0\KLELAMX64\klelam.sys because the set of per-page image hashes could not be found on the system.

 

 

==================== Memory info =========================== 

 

Percentage of memory in use: 65%

Total physical RAM: 3960.51 MB

Available physical RAM: 1354.84 MB

Total Pagefile: 7919.2 MB

Available Pagefile: 4684.92 MB

Total Virtual: 8192 MB

Available Virtual: 8191.85 MB

 

==================== Drives ================================

 

Drive c: (OS) (Fixed) (Total:279.48 GB) (Free:190.53 GB) NTFS

 

==================== MBR & Partition Table ==================

 

========================================================

Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 298 GB) (Disk ID: 060A5014)

Partition 1: (Not Active) - (Size=39 MB) - (Type=DE)

Partition 2: (Active) - (Size=19 GB) - (Type=07 NTFS)

Partition 3: (Not Active) - (Size=279 GB) - (Type=07 NTFS)

 

==================== End Of Log ============================

Link to post
Share on other sites

  • 1 month later...
  • Root Admin

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.