Infected....

usmcsniper · July 27, 2014

Here are my Awsmbr and Frst +addition reports.....

aswMBR version 1.0.1.2041 Copyright© 2014 AVAST Software
Run date: 2014-07-27 06:45:47
-----------------------------
06:45:47.676    OS Version: Windows x64 6.3.9600
06:45:47.676    Number of processors: 4 586 0x3A09
06:45:47.676    ComputerName: CRAPPY UserName: Vaporz
06:45:49.082    Initialize success
06:45:49.098    VM: driver load error: 2
06:45:51.191    AVAST engine defs: 14072700
06:46:17.536    Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\0000002e
06:46:17.536    Disk 0 Vendor: TOSHIBA_MQ01ABD075 AX003M Size: 715404MB BusType: 11
06:46:17.646    Disk 0 MBR read successfully
06:46:17.646    Disk 0 MBR scan
06:46:18.255    Disk 0 Windows 7 default MBR code
06:46:18.271    Disk 0 Partition 1 00     EE          GPT           2097151 MB offset 1
06:46:18.740    Disk 0 scanning C:\windows\system32\drivers
06:46:27.896    Service scanning
06:46:44.647    Service RtkBtFilter C:\windows\system32\DRIVERS\RtkBtfilter.sys **LOCKED** 32
06:46:44.678    Service RtkBtFilter2 C:\windows\system32\DRIVERS\RtkBtfilter.sys **LOCKED** 32
06:46:53.976    Modules scanning
06:46:53.976    Disk 0 trace - called modules:
06:46:54.022    ntoskrnl.exe CLASSPNP.SYS disk.sys storport.sys hal.dll iaStorA.sys
06:46:54.022    1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xffffe000535b3060]
06:46:54.022    3 CLASSPNP.SYS[fffff8005055a27b] -> nt!IofCallDriver -> \Device\0000002e[0xffffe0005251b060]
06:46:54.991    AVAST engine scan C:\
07:22:00.214    Scan finished successfully
07:22:05.715    Disk 0 MBR fix error
07:26:41.602    Disk 0 MBR has been saved successfully to "C:\Users\Vaporz\Desktop\MBR.dat"
07:26:41.602    The log file has been saved successfully to "C:\Users\Vaporz\Desktop\aswMBR.txt"

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 26-07-2014
Ran by Vaporz (administrator) on CRAPPY on 27-07-2014 07:38:18
Running from C:\Users\Vaporz\Desktop
Platform: Windows 8.1 (X64) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Safe Mode (with Networking)

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe

==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [sRS Premium Sound HD] => C:\Program Files\SRS Labs\SRS Control Panel\SRSPanel_64.exe [2172816 2012-10-22] (SRS Labs, Inc.)
HKLM\...\Run: [TSleepSrv] => C:\Program Files (x86)\TOSHIBA\System Setting\TSleepSrv.exe [1548952 2012-08-04] (TOSHIBA Corporation)
HKLM\...\Run: [TODDMain] => C:\Program Files (x86)\TOSHIBA\System Setting\TODDMain.exe [213136 2012-08-04] ()
HKLM\...\Run: [TCrdMain] => C:\Program Files\TOSHIBA\Hotkey\TCrdMain_Win8.exe [2556768 2013-08-17] (TOSHIBA Corporation)
HKLM\...\Run: [synTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2774256 2013-08-28] (Synaptics Incorporated)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13672152 2014-07-20] (Realtek Semiconductor)
HKLM\...\Run: [TosWaitSrv] => C:\Program Files\TOSHIBA\TPHM\TosWaitSrv.exe [354144 2013-08-13] (TOSHIBA Corporation)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Malwarebytes Anti-Exploit] => C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae.exe [382608 2014-06-04] (Malwarebytes Corporation)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [4086432 2014-07-17] (AVAST Software)
HKLM-x32\...\Run: [DivXUpdate] => C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1861968 2014-01-09] ()
HKLM-x32\...\Run: [DivXMediaServer] => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [455512 2014-05-27] (DivX, LLC)
HKLM-x32\...\Run: [TPUReg] => C:\Program Files (x86)\TOSHIBA\Password Utility\TosPU.exe [7148032 2012-10-31] (Pegatron Corporation)
Winlogon\Notify\igfxcui: C:\windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-3448416712-2654459564-1289727005-1001\...\Run: [GUDelayStartup] => C:\Program Files (x86)\Glary Utilities 5\StartupManager.exe [37152 2014-07-20] (Glarysoft Ltd)
ShellIconOverlayIdentifiers: 00avast -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
BootExecute: autocheck autochk * BootDefrag.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://toshiba13.msn.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://toshiba13.msn.com
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://toshiba13.msn.com
SearchScopes: HKLM - DefaultScope {E31ECC80-F5C5-41EA-B8FD-F25153C3420A} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MATBJS
SearchScopes: HKLM - {E31ECC80-F5C5-41EA-B8FD-F25153C3420A} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MATBJS
SearchScopes: HKLM-x32 - DefaultScope value is missing.
SearchScopes: HKLM-x32 - {E31ECC80-F5C5-41EA-B8FD-F25153C3420A} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MATBJS
SearchScopes: HKCU - {E31ECC80-F5C5-41EA-B8FD-F25153C3420A} URL =
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
DPF: HKLM-x32 {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab
DPF: HKLM-x32 {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} http://content.systemrequirementslab.com/bin/srldetect_intel_4.5.24.0.cab
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\Vaporz\AppData\Roaming\Mozilla\Firefox\Profiles\lxvygeaa.default
FF Homepage: www.msn.com
FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF64_14_0_0_145.dll ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll ()
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 - C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-07-17]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [144152 2013-10-10] (SUPERAntiSpyware.com)
S2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-07-17] (AVAST Software)
S2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [106488 2014-07-17] (AVAST Software)
S2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2356408 2014-06-19] (Microsoft Corporation)
S2 GFNEXSrv; C:\Program Files (x86)\Toshiba\Password Utility\GFNEXSrv.exe [156672 2011-10-13] () [File not signed]
S2 Intel® ME Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe [129856 2012-06-27] (Intel Corporation)
S2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation)
S2 MbaeSvc; C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae-svc.exe [360592 2014-06-04] (Malwarebytes Corporation)
S2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [201872 2012-12-10] (Realtek Semiconductor)
S2 THAccelSvc; C:\Program Files\TOSHIBA\HDD Accelerator\THAccelSvc.exe [214928 2013-10-17] (TOSHIBA CORPORATION)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347880 2014-06-26] (Microsoft Corporation)
S2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2014-06-26] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

U5 AppMgmt; C:\Windows\system32\svchost.exe [37768 2013-08-22] (Microsoft Corporation)
S2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-07-17] ()
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [28184 2014-07-17] (AVAST Software)
S2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-07-17] (AVAST Software)
R0 aswNdisFlt; C:\Windows\System32\DRIVERS\aswNdisFlt.sys [448400 2014-07-17] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-07-17] (AVAST Software)
S0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-07-17] ()
S1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1041168 2014-07-17] (AVAST Software)
S1 aswSP; C:\Windows\system32\drivers\aswSP.sys [427360 2014-07-17] (AVAST Software)
S2 aswStm; C:\Windows\system32\drivers\aswStm.sys [92008 2014-07-17] (AVAST Software)
R0 BootDefragDriver; C:\Windows\System32\drivers\BootDefragDriver.sys [17600 2014-06-16] (Glarysoft Ltd)
S3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-03-18] (Microsoft Corporation)
S1 ESProtectionDriver; C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae64.sys [62392 2014-06-04] ()
S1 GUBootStartup; C:\windows\System32\drivers\GUBootStartup.sys [20160 2014-07-05] (Glarysoft Ltd)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [100312 2014-07-20] (Intel Corporation)
S2 PEGAGFN; C:\Program Files (x86)\Toshiba\Password Utility\PEGAGFN.sys [14344 2009-09-11] (PEGATRON)
S3 RtkBtFilter; C:\Windows\system32\DRIVERS\RtkBtfilter.sys [48856 2013-11-28] (Realtek Microelectronics)
S3 RtkBtFilter2; C:\Windows\system32\DRIVERS\RtkBtfilter.sys [48856 2013-11-28] (Realtek Microelectronics)
R3 RTWlanE; C:\Windows\system32\DRIVERS\rtwlane.sys [3068120 2014-07-20] (Realtek Semiconductor Corporation                           )
S1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
S1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
S3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [43832 2012-08-16] (Synaptics Incorporated)
R0 THAccel; C:\Windows\System32\DRIVERS\THAccel.sys [111488 2013-10-15] (TOSHIBA Corporation)
R3 Thotkey; C:\Windows\System32\drivers\Thotkey.sys [32624 2013-08-19] (Windows ® Win 7 DDK provider)
U3 TrueSight; C:\Windows\System32\drivers\TrueSight.sys [30312 2014-07-27] ()
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123224 2014-06-26] (Microsoft Corporation)
S3 aswVmm; \??\C:\Users\Vaporz\AppData\Local\Temp\aswVmm.sys [X]
U3 aswMBR; \??\C:\Users\Vaporz\AppData\Local\Temp\aswMBR.sys [X]
U3 kxtdqpog; \??\C:\Users\Vaporz\AppData\Local\Temp\kxtdqpog.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)

==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-07-27 07:38 - 2014-07-27 07:38 - 00012051 _____ () C:\Users\Vaporz\Desktop\FRST.txt
2014-07-27 07:38 - 2014-07-27 07:38 - 00000000 ____D () C:\Users\Vaporz\Desktop\FRST-OlderVersion
2014-07-27 07:26 - 2014-07-27 07:26 - 00001741 _____ () C:\Users\Vaporz\Desktop\aswMBR.txt
2014-07-27 07:26 - 2014-07-27 07:26 - 00000512 _____ () C:\Users\Vaporz\Desktop\MBR.dat
2014-07-27 06:16 - 2014-07-27 06:16 - 00000306 _____ () C:\windows\PFRO.log
2014-07-27 03:51 - 2014-07-27 03:51 - 00000000 _____ () C:\windows\setuperr.log
2014-07-27 03:51 - 2014-07-27 03:51 - 00000000 _____ () C:\windows\setupact.log
2014-07-27 01:20 - 2014-07-27 01:20 - 00474072 _____ () C:\windows\system32\FNTCACHE.DAT
2014-07-27 01:10 - 2014-07-27 01:10 - 00773632 _____ (Robert Simpson, et al.) C:\Users\Vaporz\AppData\Roaming\System.Data.SQLite.dll
2014-07-27 01:04 - 2014-07-27 01:04 - 05379160 _____ () C:\Users\Vaporz\Desktop\RogueKillerX64(1).exe
2014-07-27 00:41 - 2014-07-27 03:46 - 00000000 ____D () C:\Users\Vaporz\AppData\Local\CrashDumps
2014-07-27 00:22 - 2014-07-27 00:22 - 00000000 ____D () C:\Program Files (x86)\TOSHIBA Corporation
2014-07-27 00:16 - 2014-07-27 00:16 - 00000000 ____D () C:\Users\Vaporz\AppData\Local\{16D8D997-18E4-42EB-9B86-ABEBB7D83C37}
2014-07-26 20:08 - 2014-07-26 20:08 - 00000000 ____D () C:\Users\Vaporz\AppData\Local\Macromedia
2014-07-26 20:06 - 2014-07-27 06:44 - 00325877 _____ () C:\windows\WindowsUpdate.log
2014-07-26 19:51 - 2014-07-26 19:51 - 00000000 ____D () C:\ProgramData\Mozilla
2014-07-26 19:51 - 2014-07-26 19:51 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-07-25 21:42 - 2014-07-09 21:16 - 00716800 _____ (Microsoft Corporation) C:\windows\system32\SkyDriveTelemetry.dll
2014-07-25 21:42 - 2014-07-09 21:03 - 04756992 _____ (Microsoft Corporation) C:\windows\system32\SyncEngine.dll
2014-07-25 21:42 - 2014-07-09 20:33 - 01120256 _____ (Microsoft Corporation) C:\windows\system32\SkyDrive.exe
2014-07-23 07:04 - 2014-07-23 07:04 - 00016352 ____N () C:\bootsqm.dat
2014-07-21 00:13 - 2014-07-21 00:13 - 00380416 _____ () C:\Users\Vaporz\Desktop\8pw7k8e4.exe
2014-07-20 22:58 - 2014-07-20 22:58 - 05185536 _____ (AVAST Software) C:\Users\Vaporz\Desktop\aswmbr.exe
2014-07-20 19:32 - 2014-07-20 19:32 - 00871640 _____ (Realtek ) C:\windows\system32\Drivers\Rt630x64.sys
2014-07-20 19:32 - 2014-07-20 19:32 - 00073800 _____ (Realtek Semiconductor Corporation) C:\windows\system32\RtNicProp64.dll
2014-07-20 13:14 - 2014-07-20 13:14 - 00556248 _____ (Realtek Semiconductor Corporation) C:\windows\system32\Drivers\SET436D.tmp
2014-07-20 13:14 - 2014-07-20 13:14 - 00100312 _____ (Intel Corporation) C:\windows\system32\Drivers\TeeDriverx64.sys
2014-07-20 13:14 - 2014-07-20 13:14 - 00000000 ____H () C:\windows\system32\Drivers\Msft_Kernel_TeeDriverx64_01011.Wdf
2014-07-20 13:13 - 2014-07-20 13:13 - 03962840 _____ (Realtek Semiconductor Corp.) C:\windows\system32\Drivers\RTKVHD64.sys
2014-07-20 13:13 - 2014-07-20 13:13 - 03068120 _____ (Realtek Semiconductor Corporation ) C:\windows\system32\Drivers\rtwlane.sys
2014-07-20 13:13 - 2014-07-20 13:13 - 02834648 _____ (Realtek Semiconductor Corp.) C:\windows\system32\RtPgEx64.dll
2014-07-20 13:13 - 2014-07-20 13:13 - 02800344 _____ (Realtek Semiconductor Corp.) C:\windows\system32\RltkAPO64.dll
2014-07-20 13:13 - 2014-07-20 13:13 - 02770976 _____ (Fortemedia Corporation) C:\windows\system32\FMAPO64.dll
2014-07-20 13:13 - 2014-07-20 13:13 - 01959128 _____ (Realtek Semiconductor Corp.) C:\windows\system32\RTSnMg64.cpl
2014-07-20 13:13 - 2014-07-20 13:13 - 01286872 _____ (Realtek Semiconductor Corp.) C:\windows\system32\RTCOM64.dll
2014-07-20 13:13 - 2014-07-20 13:13 - 01099203 _____ () C:\windows\system32\Drivers\RTAIODAT.DAT
2014-07-20 13:13 - 2014-07-20 13:13 - 01022168 _____ (Realtek Semiconductor Corp.) C:\windows\system32\RtkApi64.dll
2014-07-20 13:13 - 2014-07-20 13:13 - 00948952 _____ (Realtek Semiconductor Corp.) C:\windows\system32\RCoInstII64.dll
2014-07-20 13:13 - 2014-07-20 13:13 - 00628952 _____ (Realtek Semiconductor Corp.) C:\windows\system32\RtDataProc64.dll
2014-07-20 13:13 - 2014-07-20 13:13 - 00209096 _____ (Andrea Electronics Corporation) C:\windows\system32\AERTAC64.dll
2014-07-20 13:13 - 2014-07-20 13:13 - 00113576 _____ (Real Sound Lab SIA) C:\windows\system32\CONEQMSAPOGUILibrary.dll
2014-07-20 12:50 - 2014-07-21 04:34 - 00002858 _____ () C:\windows\System32\Tasks\Driver Booster SkipUAC (Vaporz)
2014-07-20 12:50 - 2014-07-20 12:50 - 00000000 ____D () C:\ProgramData\IObit
2014-07-20 09:45 - 2014-07-20 10:19 - 00000000 ____D () C:\Program Files\Recuva
2014-07-20 09:45 - 2014-07-20 09:45 - 00001681 _____ () C:\Users\Public\Desktop\Recuva.lnk
2014-07-20 05:57 - 2014-07-20 05:57 - 00001332 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Movie Maker.lnk
2014-07-20 05:57 - 2014-07-20 05:57 - 00000000 ____D () C:\windows\en
2014-07-20 05:48 - 2014-07-20 05:48 - 00000000 ____D () C:\windows\softwaredistribution.bak2
2014-07-20 02:29 - 2014-07-20 02:29 - 00000000 ____D () C:\Users\Vaporz\AppData\Roaming\Macromedia
2014-07-19 16:16 - 2014-07-19 16:16 - 00000000 ____D () C:\Program Files (x86)\AC3Filter
2014-07-19 16:16 - 2013-04-05 21:27 - 02231296 _____ () C:\windows\system32\ac3filter64.acm
2014-07-19 16:16 - 2013-04-05 21:26 - 01679360 _____ () C:\windows\SysWOW64\ac3filter.acm
2014-07-19 16:05 - 2014-07-19 16:05 - 00001093 _____ () C:\Users\Public\Desktop\DivX Player.lnk
2014-07-19 14:23 - 2014-07-19 14:23 - 00004608 _____ () C:\Users\Vaporz\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-07-19 14:22 - 2014-07-19 20:14 - 00000000 ____D () C:\Users\Vaporz\AppData\Roaming\DivX
2014-07-19 14:22 - 2014-07-19 16:05 - 00001609 _____ () C:\Users\Vaporz\Desktop\DivX Movies.lnk
2014-07-19 14:22 - 2014-07-19 16:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DivX
2014-07-19 14:22 - 2014-07-19 14:22 - 00001158 _____ () C:\Users\Public\Desktop\DivX Converter.lnk
2014-07-19 14:22 - 2014-07-19 14:22 - 00000000 ____D () C:\Program Files\DivX
2014-07-19 14:21 - 2014-07-19 16:05 - 00000000 ____D () C:\ProgramData\DivX
2014-07-19 14:21 - 2014-07-19 16:05 - 00000000 ____D () C:\Program Files (x86)\DivX
2014-07-19 14:20 - 2014-07-19 14:21 - 00999232 _____ (DivX, LLC) C:\Users\Vaporz\Desktop\DivXInstaller.exe
2014-07-17 18:23 - 2014-07-17 18:23 - 01354223 _____ () C:\Users\Vaporz\Desktop\adwcleaner_3.216.exe
2014-07-17 11:18 - 2014-07-17 11:18 - 00000000 ____D () C:\windows\PCHEALTH
2014-07-17 11:11 - 2014-07-17 11:11 - 00000000 ____D () C:\Users\Vaporz\AppData\Roaming\AVAST Software
2014-07-17 10:57 - 2014-07-17 11:11 - 00004182 _____ () C:\windows\System32\Tasks\avast! Emergency Update
2014-07-17 10:57 - 2014-07-17 10:57 - 01041168 _____ (AVAST Software) C:\windows\system32\Drivers\aswSnx.sys
2014-07-17 10:57 - 2014-07-17 10:57 - 00448400 _____ (AVAST Software) C:\windows\system32\Drivers\aswNdisFlt.sys
2014-07-17 10:57 - 2014-07-17 10:57 - 00427360 _____ (AVAST Software) C:\windows\system32\Drivers\aswsp.sys
2014-07-17 10:57 - 2014-07-17 10:57 - 00307344 _____ (AVAST Software) C:\windows\system32\aswBoot.exe
2014-07-17 10:57 - 2014-07-17 10:57 - 00224896 _____ () C:\windows\system32\Drivers\aswVmm.sys
2014-07-17 10:57 - 2014-07-17 10:57 - 00093568 _____ (AVAST Software) C:\windows\system32\Drivers\aswRdr2.sys
2014-07-17 10:57 - 2014-07-17 10:57 - 00092008 _____ (AVAST Software) C:\windows\system32\Drivers\aswStm.sys
2014-07-17 10:57 - 2014-07-17 10:57 - 00079184 _____ (AVAST Software) C:\windows\system32\Drivers\aswMonFlt.sys
2014-07-17 10:57 - 2014-07-17 10:57 - 00065776 _____ () C:\windows\system32\Drivers\aswRvrt.sys
2014-07-17 10:57 - 2014-07-17 10:57 - 00043152 _____ (AVAST Software) C:\windows\avastSS.scr
2014-07-17 10:57 - 2014-07-17 10:57 - 00029208 _____ () C:\windows\system32\Drivers\aswHwid.sys
2014-07-17 10:57 - 2014-07-17 10:57 - 00028184 _____ (AVAST Software) C:\windows\system32\Drivers\aswKbd.sys
2014-07-17 10:57 - 2014-07-17 10:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast
2014-07-17 10:56 - 2014-07-17 10:56 - 00000000 ____D () C:\Program Files\AVAST Software
2014-07-17 10:49 - 2014-07-17 10:49 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-07-17 10:00 - 2014-07-27 05:27 - 00122584 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\MBAMSwissArmy.sys
2014-07-17 09:59 - 2014-07-17 09:59 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-07-17 09:59 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbamchameleon.sys
2014-07-17 09:59 - 2014-05-12 07:26 - 00064216 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mwac.sys
2014-07-17 09:59 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbam.sys
2014-07-17 09:45 - 2014-07-17 09:45 - 00001129 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Exploit.lnk
2014-07-17 09:45 - 2014-07-17 09:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Exploit
2014-07-17 09:44 - 2014-07-26 20:15 - 00000000 ____D () C:\ProgramData\Malwarebytes Anti-Exploit
2014-07-17 09:44 - 2014-07-17 09:45 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Exploit
2014-07-17 08:48 - 2014-07-27 07:38 - 00000000 ____D () C:\FRST
2014-07-17 08:38 - 2014-07-27 06:15 - 00000000 ____D () C:\AdwCleaner
2014-07-17 08:35 - 2014-07-27 05:22 - 00030312 _____ () C:\windows\system32\Drivers\TrueSight.sys
2014-07-17 07:42 - 2014-07-17 07:42 - 00000000 ____D () C:\Program Files (x86)\Trend Micro
2014-07-17 07:41 - 2014-07-17 09:27 - 00001752 _____ () C:\sc-cleaner.txt
2014-07-17 07:22 - 2014-07-27 07:38 - 02093568 _____ (Farbar) C:\Users\Vaporz\Desktop\FRST64.exe
2014-07-17 07:12 - 2014-07-17 07:12 - 00000000 ____D () C:\windows\erdnt
2014-07-17 07:11 - 2014-07-17 07:11 - 01016261 _____ (Thisisu) C:\Users\Vaporz\Desktop\JRT.exe
2014-07-17 06:57 - 2014-07-17 06:57 - 00000085 _____ () C:\windows\wininit.ini
2014-07-17 06:57 - 2014-07-17 06:57 - 00000000 ____D () C:\windows\System32\Tasks\Safer-Networking
2014-07-17 06:53 - 2014-07-17 06:53 - 00000706 _____ () C:\DelFix.txt
2014-07-17 04:51 - 2014-07-21 04:35 - 00004274 _____ () C:\windows\System32\Tasks\ReimageUpdater
2014-07-17 04:51 - 2014-07-21 04:35 - 00003436 _____ () C:\windows\System32\Tasks\Reimage Reminder
2014-07-17 04:50 - 2014-07-17 04:51 - 00000000 ____D () C:\ProgramData\Reimage Protector
2014-07-16 04:36 - 2014-06-05 07:13 - 00216368 _____ (Microsoft Corporation) C:\windows\system32\rsaenh.dll
2014-07-16 04:36 - 2014-06-05 06:14 - 00189016 _____ (Microsoft Corporation) C:\windows\SysWOW64\rsaenh.dll
2014-07-16 04:36 - 2014-06-01 19:10 - 00423768 _____ (Microsoft Corporation) C:\windows\system32\hal.dll
2014-07-16 04:36 - 2014-05-31 03:07 - 00467800 ____C (Microsoft Corporation) C:\windows\system32\Drivers\USBHUB3.SYS
2014-07-16 04:36 - 2014-05-31 03:07 - 00440664 ____C (Microsoft Corporation) C:\windows\system32\Drivers\usbport.sys
2014-07-16 04:36 - 2014-05-31 03:07 - 00419672 ____C (Microsoft Corporation) C:\windows\system32\Drivers\usbhub.sys
2014-07-16 04:36 - 2014-05-31 03:07 - 00089944 ____C (Microsoft Corporation) C:\windows\system32\Drivers\usbehci.sys
2014-07-16 04:36 - 2014-05-31 03:07 - 00027480 ____C (Microsoft Corporation) C:\windows\system32\Drivers\usbd.sys
2014-07-16 04:36 - 2014-05-30 23:30 - 00037376 ____C (Microsoft Corporation) C:\windows\system32\Drivers\usbuhci.sys
2014-07-16 04:36 - 2014-05-30 23:27 - 00110592 _____ (Microsoft Corporation) C:\windows\system32\Drivers\WUDFPf.sys
2014-07-16 04:36 - 2014-05-30 23:26 - 00227840 _____ (Microsoft Corporation) C:\windows\system32\Drivers\WUDFRd.sys
2014-07-16 04:36 - 2014-05-30 21:01 - 00284672 _____ (Microsoft Corporation) C:\windows\system32\WUDFHost.exe
2014-07-16 04:36 - 2014-05-30 21:01 - 00209408 _____ (Microsoft Corporation) C:\windows\system32\WUDFPlatform.dll
2014-07-16 04:36 - 2014-05-30 21:01 - 00099840 _____ (Microsoft Corporation) C:\windows\system32\WUDFSvc.dll
2014-07-16 04:36 - 2014-05-27 08:53 - 02518360 _____ (Microsoft Corporation) C:\windows\system32\Drivers\tcpip.sys
2014-07-16 04:36 - 2014-05-27 02:56 - 00323584 _____ (Microsoft Corporation) C:\windows\system32\DaOtpCredentialProvider.dll
2014-07-16 04:36 - 2014-05-27 02:53 - 00270848 _____ (Microsoft Corporation) C:\windows\SysWOW64\DaOtpCredentialProvider.dll
2014-07-16 04:36 - 2014-05-16 21:59 - 16871936 _____ (Microsoft Corporation) C:\windows\system32\Windows.UI.Xaml.dll
2014-07-16 04:36 - 2014-05-16 21:13 - 12711424 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.UI.Xaml.dll
2014-07-16 04:33 - 2014-07-19 14:31 - 00000000 ____D () C:\windows\softwaredistribution.bak1
2014-07-10 04:05 - 2014-07-10 04:05 - 00000000 ____D () C:\Users\Vaporz\AppData\Roaming\sMedio
2014-07-09 05:26 - 2014-04-13 20:29 - 01018880 _____ (Microsoft Corporation) C:\windows\system32\termsrv.dll
2014-07-09 05:17 - 2014-06-18 16:46 - 00250880 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll
2014-07-09 05:17 - 2014-06-18 15:57 - 00225280 _____ (Microsoft Corporation) C:\windows\SysWOW64\iedkcs32.dll
2014-07-09 05:17 - 2014-06-16 15:26 - 00779264 _____ (Microsoft Corporation) C:\windows\SysWOW64\osk.exe
2014-07-09 05:17 - 2014-06-16 15:24 - 00834048 _____ (Microsoft Corporation) C:\windows\system32\osk.exe
2014-07-09 05:17 - 2014-06-06 07:20 - 04190720 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2014-07-09 05:17 - 2014-05-29 20:03 - 00563200 _____ (Microsoft Corporation) C:\windows\system32\Drivers\afd.sys
2014-07-09 05:17 - 2014-05-29 05:02 - 00565576 _____ (Microsoft Corporation) C:\windows\system32\Drivers\cng.sys
2014-07-09 05:17 - 2014-05-29 00:55 - 00735232 _____ (Microsoft Corporation) C:\windows\system32\adtschema.dll
2014-07-09 05:17 - 2014-05-28 23:40 - 00735232 _____ (Microsoft Corporation) C:\windows\SysWOW64\adtschema.dll
2014-07-09 05:17 - 2014-05-28 23:37 - 00436224 _____ (Microsoft Corporation) C:\windows\system32\certcli.dll
2014-07-09 05:17 - 2014-05-28 22:34 - 00318976 _____ (Microsoft Corporation) C:\windows\SysWOW64\certcli.dll
2014-07-09 05:17 - 2014-05-28 22:27 - 01417216 _____ (Microsoft Corporation) C:\windows\system32\lsasrv.dll
2014-07-09 05:16 - 2014-06-18 18:39 - 23464448 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2014-07-09 05:16 - 2014-06-18 17:16 - 17276416 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2014-07-09 05:16 - 2014-06-18 16:51 - 05721088 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2014-07-09 05:16 - 2014-06-18 15:52 - 04254720 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2014-07-09 05:16 - 2014-06-18 15:51 - 13527040 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2014-07-09 05:16 - 2014-06-18 15:35 - 11742208 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2014-07-09 05:15 - 2014-06-18 17:48 - 02768384 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2014-07-09 05:15 - 2014-06-18 17:09 - 00452608 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
2014-07-09 05:15 - 2014-06-18 16:50 - 00085504 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2014-07-09 05:15 - 2014-06-18 16:48 - 00292864 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2014-07-09 05:15 - 2014-06-18 16:39 - 00608768 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2014-07-09 05:15 - 2014-06-18 16:33 - 00631808 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2014-07-09 05:15 - 2014-06-18 16:32 - 02179072 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2014-07-09 05:15 - 2014-06-18 16:27 - 02040832 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2014-07-09 05:15 - 2014-06-18 16:12 - 00367616 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtmsft.dll
2014-07-09 05:15 - 2014-06-18 15:59 - 00069632 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll
2014-07-09 05:15 - 2014-06-18 15:58 - 02266112 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2014-07-09 05:15 - 2014-06-18 15:58 - 00239616 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll
2014-07-09 05:15 - 2014-06-18 15:49 - 00526336 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2014-07-09 05:15 - 2014-06-18 15:45 - 01964544 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
2014-07-09 05:15 - 2014-06-18 15:34 - 01393664 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2014-07-09 05:15 - 2014-06-18 15:15 - 00846336 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2014-07-09 05:15 - 2014-06-18 15:13 - 01791488 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2014-07-09 05:15 - 2014-06-18 15:09 - 01139200 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2014-07-09 05:15 - 2014-06-18 15:07 - 00704512 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll
2014-07-09 05:15 - 2014-06-06 06:04 - 00586240 _____ (Microsoft Corporation) C:\windows\system32\qedit.dll
2014-07-09 05:15 - 2014-06-06 05:18 - 00488960 _____ (Microsoft Corporation) C:\windows\SysWOW64\qedit.dll
2014-07-09 05:15 - 2014-05-31 03:07 - 00054776 _____ (Microsoft Corporation) C:\windows\system32\wuauclt.exe
2014-07-09 05:15 - 2014-05-31 03:06 - 00555736 _____ (Microsoft Corporation) C:\windows\system32\twinapi.appcore.dll
2014-07-09 05:15 - 2014-05-30 20:40 - 13287936 _____ (Microsoft Corporation) C:\windows\system32\twinui.dll
2014-07-09 05:15 - 2014-05-30 20:30 - 11792384 _____ (Microsoft Corporation) C:\windows\SysWOW64\twinui.dll
2014-07-09 05:15 - 2014-05-30 20:12 - 00249344 _____ (Microsoft Corporation) C:\windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-07-09 05:15 - 2014-05-30 20:06 - 00093696 _____ (Microsoft Corporation) C:\windows\system32\wudriver.dll
2014-07-09 05:15 - 2014-05-30 20:03 - 00827392 _____ (Microsoft Corporation) C:\windows\system32\wuapi.dll
2014-07-09 05:15 - 2014-05-30 20:01 - 00189952 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-07-09 05:15 - 2014-05-30 19:56 - 00080896 _____ (Microsoft Corporation) C:\windows\SysWOW64\wudriver.dll
2014-07-09 05:15 - 2014-05-30 19:54 - 00666624 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuapi.dll
2014-07-09 05:15 - 2014-05-30 19:48 - 03463680 _____ (Microsoft Corporation) C:\windows\system32\wuaueng.dll
2014-07-09 05:15 - 2014-05-30 19:37 - 01054208 _____ (Microsoft Corporation) C:\windows\system32\twinui.appcore.dll
2014-07-09 05:15 - 2014-05-30 19:36 - 00923136 _____ (Microsoft Corporation) C:\windows\system32\WSShared.dll
2014-07-09 05:15 - 2014-05-30 19:35 - 00828928 _____ (Microsoft Corporation) C:\windows\SysWOW64\twinui.appcore.dll
2014-07-09 05:15 - 2014-05-30 19:32 - 00756224 _____ (Microsoft Corporation) C:\windows\SysWOW64\WSShared.dll
2014-07-03 01:44 - 2014-07-02 23:10 - 00000747 ____R () C:\windows\system32\Drivers\etc\hosts.20140703-014444.backup
2014-07-02 19:44 - 2014-07-02 19:44 - 00000017 _____ () C:\Users\Vaporz\AppData\Local\resmon.resmoncfg
2014-06-28 02:10 - 2014-06-28 02:14 - 00000000 ____D () C:\Users\Vaporz\AppData\Local\Windows Live
2014-06-27 13:35 - 2014-07-27 06:38 - 00004970 _____ () C:\windows\System32\Tasks\Microsoft Office 15 Sync Maintenance for CRAPPY-Vaporz Crappy
2014-06-27 13:28 - 2014-06-27 13:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2014-06-27 13:27 - 2014-07-19 20:14 - 00000000 ____D () C:\Users\Vaporz\AppData\Local\VirtualStore
2014-06-27 13:26 - 2014-07-10 03:47 - 00000000 ____D () C:\Program Files\Microsoft Office 15
2014-06-27 11:03 - 2014-06-27 11:03 - 00000000 __SHD () C:\Users\Vaporz\AppData\Local\EmieUserList
2014-06-27 11:03 - 2014-06-27 11:03 - 00000000 __SHD () C:\Users\Vaporz\AppData\Local\EmieSiteList

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-07-27 07:38 - 2014-07-27 07:38 - 00012051 _____ () C:\Users\Vaporz\Desktop\FRST.txt
2014-07-27 07:38 - 2014-07-27 07:38 - 00000000 ____D () C:\Users\Vaporz\Desktop\FRST-OlderVersion
2014-07-27 07:38 - 2014-07-17 08:48 - 00000000 ____D () C:\FRST
2014-07-27 07:38 - 2014-07-17 07:22 - 02093568 _____ (Farbar) C:\Users\Vaporz\Desktop\FRST64.exe
2014-07-27 07:26 - 2014-07-27 07:26 - 00001741 _____ () C:\Users\Vaporz\Desktop\aswMBR.txt
2014-07-27 07:26 - 2014-07-27 07:26 - 00000512 _____ () C:\Users\Vaporz\Desktop\MBR.dat
2014-07-27 06:44 - 2014-07-26 20:06 - 00325877 _____ () C:\windows\WindowsUpdate.log
2014-07-27 06:44 - 2013-08-22 07:45 - 00000006 ____H () C:\windows\Tasks\SA.DAT
2014-07-27 06:38 - 2014-06-27 13:35 - 00004970 _____ () C:\windows\System32\Tasks\Microsoft Office 15 Sync Maintenance for CRAPPY-Vaporz Crappy
2014-07-27 06:28 - 2014-06-18 20:57 - 00000000 ____D () C:\windows\AppReadiness
2014-07-27 06:20 - 2014-06-26 14:15 - 00000000 ___DO () C:\Users\Vaporz\OneDrive
2014-07-27 06:19 - 2014-06-25 15:51 - 00000830 _____ () C:\windows\Tasks\Adobe Flash Player Updater.job
2014-07-27 06:19 - 2014-06-23 18:14 - 00000920 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-07-27 06:18 - 2014-06-18 12:34 - 00000348 _____ () C:\windows\Tasks\GlaryInitialize 5.job
2014-07-27 06:18 - 2014-06-18 12:34 - 00000000 ____D () C:\Program Files (x86)\Glary Utilities 5
2014-07-27 06:17 - 2014-06-20 19:53 - 00000908 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-07-27 06:16 - 2014-07-27 06:16 - 00000306 _____ () C:\windows\PFRO.log
2014-07-27 06:15 - 2014-07-17 08:38 - 00000000 ____D () C:\AdwCleaner
2014-07-27 05:27 - 2014-07-17 10:00 - 00122584 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\MBAMSwissArmy.sys
2014-07-27 05:22 - 2014-07-17 08:35 - 00030312 _____ () C:\windows\system32\Drivers\TrueSight.sys
2014-07-27 05:21 - 2012-07-26 00:59 - 00000000 ____D () C:\windows\CbsTemp
2014-07-27 03:51 - 2014-07-27 03:51 - 00000000 _____ () C:\windows\setuperr.log
2014-07-27 03:51 - 2014-07-27 03:51 - 00000000 _____ () C:\windows\setupact.log
2014-07-27 03:46 - 2014-07-27 00:41 - 00000000 ____D () C:\Users\Vaporz\AppData\Local\CrashDumps
2014-07-27 03:02 - 2013-08-22 08:36 - 00000000 ____D () C:\windows\system32\sru
2014-07-27 01:20 - 2014-07-27 01:20 - 00474072 _____ () C:\windows\system32\FNTCACHE.DAT
2014-07-27 01:10 - 2014-07-27 01:10 - 00773632 _____ (Robert Simpson, et al.) C:\Users\Vaporz\AppData\Roaming\System.Data.SQLite.dll
2014-07-27 01:04 - 2014-07-27 01:04 - 05379160 _____ () C:\Users\Vaporz\Desktop\RogueKillerX64(1).exe
2014-07-27 00:59 - 2014-06-20 19:45 - 00000000 ____D () C:\ProgramData\RogueKiller
2014-07-27 00:51 - 2014-06-18 09:32 - 00003600 _____ () C:\windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3448416712-2654459564-1289727005-1001
2014-07-27 00:44 - 2012-11-13 01:22 - 00000000 ____D () C:\ProgramData\Adobe
2014-07-27 00:22 - 2014-07-27 00:22 - 00000000 ____D () C:\Program Files (x86)\TOSHIBA Corporation
2014-07-27 00:21 - 2012-11-13 01:30 - 00000000 ____D () C:\Program Files (x86)\Toshiba
2014-07-27 00:21 - 2012-11-13 01:23 - 00000000 ____D () C:\Program Files\Toshiba
2014-07-27 00:17 - 2013-02-17 04:59 - 00000000 ____D () C:\windows\System32\Tasks\TOSHIBA
2014-07-27 00:17 - 2012-11-13 01:23 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-07-27 00:16 - 2014-07-27 00:16 - 00000000 ____D () C:\Users\Vaporz\AppData\Local\{16D8D997-18E4-42EB-9B86-ABEBB7D83C37}
2014-07-26 20:16 - 2014-06-20 10:19 - 00000000 ____D () C:\Users\Vaporz\AppData\Local\Mozilla
2014-07-26 20:15 - 2014-07-17 09:44 - 00000000 ____D () C:\ProgramData\Malwarebytes Anti-Exploit
2014-07-26 20:08 - 2014-07-26 20:08 - 00000000 ____D () C:\Users\Vaporz\AppData\Local\Macromedia
2014-07-26 20:06 - 2014-06-20 10:19 - 00000000 ____D () C:\Users\Vaporz\AppData\Roaming\Mozilla
2014-07-26 20:04 - 2014-06-19 20:06 - 00000000 ____D () C:\Users\Vaporz\AppData\Roaming\Adobe
2014-07-26 19:52 - 2014-06-25 17:20 - 00002774 _____ () C:\windows\System32\Tasks\CCleanerSkipUAC
2014-07-26 19:52 - 2014-06-25 17:18 - 00000000 ____D () C:\Program Files\CCleaner
2014-07-26 19:51 - 2014-07-26 19:51 - 00000000 ____D () C:\ProgramData\Mozilla
2014-07-26 19:51 - 2014-07-26 19:51 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-07-26 19:51 - 2014-06-20 10:19 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-07-26 19:06 - 2014-03-18 03:03 - 00863592 _____ () C:\windows\system32\PerfStringBackup.INI
2014-07-25 21:59 - 2013-08-22 08:36 - 00000000 ____D () C:\windows\rescache
2014-07-25 21:46 - 2014-06-18 12:34 - 00000000 ____D () C:\Users\Vaporz\AppData\Roaming\DiskDefrag
2014-07-25 10:13 - 2014-06-18 12:35 - 00001119 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glary Utilities 5.lnk
2014-07-25 10:13 - 2014-06-18 12:34 - 00002970 _____ () C:\windows\System32\Tasks\GU5SkipUAC
2014-07-23 07:11 - 2013-08-22 06:25 - 00262144 ___SH () C:\windows\system32\config\BBI
2014-07-23 07:04 - 2014-07-23 07:04 - 00016352 ____N () C:\bootsqm.dat
2014-07-21 04:35 - 2014-07-17 04:51 - 00004274 _____ () C:\windows\System32\Tasks\ReimageUpdater
2014-07-21 04:35 - 2014-07-17 04:51 - 00003436 _____ () C:\windows\System32\Tasks\Reimage Reminder
2014-07-21 04:35 - 2013-02-17 05:07 - 00003236 _____ () C:\windows\System32\Tasks\Norton WSC Integration
2014-07-21 04:34 - 2014-07-20 12:50 - 00002858 _____ () C:\windows\System32\Tasks\Driver Booster SkipUAC (Vaporz)
2014-07-21 04:21 - 2013-08-22 08:36 - 00000000 ____D () C:\windows\system32\NDF
2014-07-21 00:13 - 2014-07-21 00:13 - 00380416 _____ () C:\Users\Vaporz\Desktop\8pw7k8e4.exe
2014-07-20 22:58 - 2014-07-20 22:58 - 05185536 _____ (AVAST Software) C:\Users\Vaporz\Desktop\aswmbr.exe
2014-07-20 21:07 - 2014-06-26 13:48 - 00000000 ____D () C:\Users\Vaporz
2014-07-20 19:32 - 2014-07-20 19:32 - 00871640 _____ (Realtek ) C:\windows\system32\Drivers\Rt630x64.sys
2014-07-20 19:32 - 2014-07-20 19:32 - 00073800 _____ (Realtek Semiconductor Corporation) C:\windows\system32\RtNicProp64.dll
2014-07-20 13:14 - 2014-07-20 13:14 - 00556248 _____ (Realtek Semiconductor Corporation) C:\windows\system32\Drivers\SET436D.tmp
2014-07-20 13:14 - 2014-07-20 13:14 - 00100312 _____ (Intel Corporation) C:\windows\system32\Drivers\TeeDriverx64.sys
2014-07-20 13:14 - 2014-07-20 13:14 - 00000000 ____H () C:\windows\system32\Drivers\Msft_Kernel_TeeDriverx64_01011.Wdf
2014-07-20 13:13 - 2014-07-20 13:13 - 03962840 _____ (Realtek Semiconductor Corp.) C:\windows\system32\Drivers\RTKVHD64.sys
2014-07-20 13:13 - 2014-07-20 13:13 - 03068120 _____ (Realtek Semiconductor Corporation ) C:\windows\system32\Drivers\rtwlane.sys
2014-07-20 13:13 - 2014-07-20 13:13 - 02834648 _____ (Realtek Semiconductor Corp.) C:\windows\system32\RtPgEx64.dll
2014-07-20 13:13 - 2014-07-20 13:13 - 02800344 _____ (Realtek Semiconductor Corp.) C:\windows\system32\RltkAPO64.dll
2014-07-20 13:13 - 2014-07-20 13:13 - 02770976 _____ (Fortemedia Corporation) C:\windows\system32\FMAPO64.dll
2014-07-20 13:13 - 2014-07-20 13:13 - 01959128 _____ (Realtek Semiconductor Corp.) C:\windows\system32\RTSnMg64.cpl
2014-07-20 13:13 - 2014-07-20 13:13 - 01286872 _____ (Realtek Semiconductor Corp.) C:\windows\system32\RTCOM64.dll
2014-07-20 13:13 - 2014-07-20 13:13 - 01099203 _____ () C:\windows\system32\Drivers\RTAIODAT.DAT
2014-07-20 13:13 - 2014-07-20 13:13 - 01022168 _____ (Realtek Semiconductor Corp.) C:\windows\system32\RtkApi64.dll
2014-07-20 13:13 - 2014-07-20 13:13 - 00948952 _____ (Realtek Semiconductor Corp.) C:\windows\system32\RCoInstII64.dll
2014-07-20 13:13 - 2014-07-20 13:13 - 00628952 _____ (Realtek Semiconductor Corp.) C:\windows\system32\RtDataProc64.dll
2014-07-20 13:13 - 2014-07-20 13:13 - 00209096 _____ (Andrea Electronics Corporation) C:\windows\system32\AERTAC64.dll
2014-07-20 13:13 - 2014-07-20 13:13 - 00113576 _____ (Real Sound Lab SIA) C:\windows\system32\CONEQMSAPOGUILibrary.dll
2014-07-20 13:13 - 2014-06-26 13:38 - 00000000 ____D () C:\windows\SysWOW64\RTCOM
2014-07-20 12:50 - 2014-07-20 12:50 - 00000000 ____D () C:\ProgramData\IObit
2014-07-20 11:57 - 2012-11-13 01:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Toshiba
2014-07-20 10:19 - 2014-07-20 09:45 - 00000000 ____D () C:\Program Files\Recuva
2014-07-20 10:04 - 2014-06-26 13:48 - 00000000 ____D () C:\Users\Administrator
2014-07-20 09:45 - 2014-07-20 09:45 - 00001681 _____ () C:\Users\Public\Desktop\Recuva.lnk
2014-07-20 09:44 - 2013-08-22 08:36 - 00262144 _____ () C:\windows\system32\config\BCD-Template
2014-07-20 06:06 - 2014-06-18 09:24 - 00000000 ____D () C:\Users\Vaporz\AppData\Local\Packages
2014-07-20 05:57 - 2014-07-20 05:57 - 00001332 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Movie Maker.lnk
2014-07-20 05:57 - 2014-07-20 05:57 - 00000000 ____D () C:\windows\en
2014-07-20 05:56 - 2012-11-13 01:58 - 00001401 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Photo Gallery.lnk
2014-07-20 05:56 - 2012-11-13 01:58 - 00000000 ____D () C:\Program Files (x86)\Windows Live
2014-07-20 05:48 - 2014-07-20 05:48 - 00000000 ____D () C:\windows\softwaredistribution.bak2
2014-07-20 02:29 - 2014-07-20 02:29 - 00000000 ____D () C:\Users\Vaporz\AppData\Roaming\Macromedia
2014-07-19 20:14 - 2014-07-19 14:22 - 00000000 ____D () C:\Users\Vaporz\AppData\Roaming\DivX
2014-07-19 20:14 - 2014-06-27 13:27 - 00000000 ____D () C:\Users\Vaporz\AppData\Local\VirtualStore
2014-07-19 16:16 - 2014-07-19 16:16 - 00000000 ____D () C:\Program Files (x86)\AC3Filter
2014-07-19 16:05 - 2014-07-19 16:05 - 00001093 _____ () C:\Users\Public\Desktop\DivX Player.lnk
2014-07-19 16:05 - 2014-07-19 14:22 - 00001609 _____ () C:\Users\Vaporz\Desktop\DivX Movies.lnk
2014-07-19 16:05 - 2014-07-19 14:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DivX
2014-07-19 16:05 - 2014-07-19 14:21 - 00000000 ____D () C:\ProgramData\DivX
2014-07-19 16:05 - 2014-07-19 14:21 - 00000000 ____D () C:\Program Files (x86)\DivX
2014-07-19 14:31 - 2014-07-16 04:33 - 00000000 ____D () C:\windows\softwaredistribution.bak1
2014-07-19 14:23 - 2014-07-19 14:23 - 00004608 _____ () C:\Users\Vaporz\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-07-19 14:22 - 2014-07-19 14:22 - 00001158 _____ () C:\Users\Public\Desktop\DivX Converter.lnk
2014-07-19 14:22 - 2014-07-19 14:22 - 00000000 ____D () C:\Program Files\DivX
2014-07-19 14:21 - 2014-07-19 14:20 - 00999232 _____ (DivX, LLC) C:\Users\Vaporz\Desktop\DivXInstaller.exe
2014-07-17 18:23 - 2014-07-17 18:23 - 01354223 _____ () C:\Users\Vaporz\Desktop\adwcleaner_3.216.exe
2014-07-17 11:18 - 2014-07-17 11:18 - 00000000 ____D () C:\windows\PCHEALTH
2014-07-17 11:15 - 2012-11-13 01:23 - 00002457 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
2014-07-17 11:14 - 2014-02-22 14:55 - 00000000 ____D () C:\Users\Vaporz\Documents\Avast
2014-07-17 11:11 - 2014-07-17 11:11 - 00000000 ____D () C:\Users\Vaporz\AppData\Roaming\AVAST Software
2014-07-17 11:11 - 2014-07-17 10:57 - 00004182 _____ () C:\windows\System32\Tasks\avast! Emergency Update
2014-07-17 10:57 - 2014-07-17 10:57 - 01041168 _____ (AVAST Software) C:\windows\system32\Drivers\aswSnx.sys
2014-07-17 10:57 - 2014-07-17 10:57 - 00448400 _____ (AVAST Software) C:\windows\system32\Drivers\aswNdisFlt.sys
2014-07-17 10:57 - 2014-07-17 10:57 - 00427360 _____ (AVAST Software) C:\windows\system32\Drivers\aswsp.sys
2014-07-17 10:57 - 2014-07-17 10:57 - 00307344 _____ (AVAST Software) C:\windows\system32\aswBoot.exe
2014-07-17 10:57 - 2014-07-17 10:57 - 00224896 _____ () C:\windows\system32\Drivers\aswVmm.sys
2014-07-17 10:57 - 2014-07-17 10:57 - 00093568 _____ (AVAST Software) C:\windows\system32\Drivers\aswRdr2.sys
2014-07-17 10:57 - 2014-07-17 10:57 - 00092008 _____ (AVAST Software) C:\windows\system32\Drivers\aswStm.sys
2014-07-17 10:57 - 2014-07-17 10:57 - 00079184 _____ (AVAST Software) C:\windows\system32\Drivers\aswMonFlt.sys
2014-07-17 10:57 - 2014-07-17 10:57 - 00065776 _____ () C:\windows\system32\Drivers\aswRvrt.sys
2014-07-17 10:57 - 2014-07-17 10:57 - 00043152 _____ (AVAST Software) C:\windows\avastSS.scr
2014-07-17 10:57 - 2014-07-17 10:57 - 00029208 _____ () C:\windows\system32\Drivers\aswHwid.sys
2014-07-17 10:57 - 2014-07-17 10:57 - 00028184 _____ (AVAST Software) C:\windows\system32\Drivers\aswKbd.sys
2014-07-17 10:57 - 2014-07-17 10:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast
2014-07-17 10:56 - 2014-07-17 10:56 - 00000000 ____D () C:\Program Files\AVAST Software
2014-07-17 10:49 - 2014-07-17 10:49 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-07-17 10:45 - 2012-11-13 01:25 - 00000000 ____D () C:\ProgramData\Norton
2014-07-17 10:15 - 2013-02-17 05:07 - 00000000 ____D () C:\Program Files\Common Files\Symantec Shared
2014-07-17 09:59 - 2014-07-17 09:59 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-07-17 09:45 - 2014-07-17 09:45 - 00001129 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Exploit.lnk
2014-07-17 09:45 - 2014-07-17 09:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Exploit
2014-07-17 09:45 - 2014-07-17 09:44 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Exploit
2014-07-17 09:38 - 2012-07-26 01:12 - 00000000 ____D () C:\windows\LiveKernelReports
2014-07-17 09:27 - 2014-07-17 07:41 - 00001752 _____ () C:\sc-cleaner.txt
2014-07-17 08:54 - 2014-06-18 21:15 - 00000000 ____D () C:\windows\pss
2014-07-17 07:42 - 2014-07-17 07:42 - 00000000 ____D () C:\Program Files (x86)\Trend Micro
2014-07-17 07:34 - 2014-06-20 20:46 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2
2014-07-17 07:12 - 2014-07-17 07:12 - 00000000 ____D () C:\windows\erdnt
2014-07-17 07:11 - 2014-07-17 07:11 - 01016261 _____ (Thisisu) C:\Users\Vaporz\Desktop\JRT.exe
2014-07-17 06:57 - 2014-07-17 06:57 - 00000085 _____ () C:\windows\wininit.ini
2014-07-17 06:57 - 2014-07-17 06:57 - 00000000 ____D () C:\windows\System32\Tasks\Safer-Networking
2014-07-17 06:57 - 2014-06-20 20:46 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-07-17 06:53 - 2014-07-17 06:53 - 00000706 _____ () C:\DelFix.txt
2014-07-17 04:51 - 2014-07-17 04:50 - 00000000 ____D () C:\ProgramData\Reimage Protector
2014-07-17 04:51 - 2014-06-26 12:16 - 00000163 _____ () C:\windows\Reimage.ini
2014-07-16 04:11 - 2014-06-26 06:44 - 00000000 ____D () C:\windows\softwaredistribution.bak
2014-07-16 04:02 - 2013-08-22 06:25 - 00262144 ___SH () C:\windows\system32\config\ELAM
2014-07-10 04:05 - 2014-07-10 04:05 - 00000000 ____D () C:\Users\Vaporz\AppData\Roaming\sMedio
2014-07-10 03:47 - 2014-06-27 13:26 - 00000000 ____D () C:\Program Files\Microsoft Office 15
2014-07-09 21:16 - 2014-07-25 21:42 - 00716800 _____ (Microsoft Corporation) C:\windows\system32\SkyDriveTelemetry.dll
2014-07-09 21:03 - 2014-07-25 21:42 - 04756992 _____ (Microsoft Corporation) C:\windows\system32\SyncEngine.dll
2014-07-09 20:33 - 2014-07-25 21:42 - 01120256 _____ (Microsoft Corporation) C:\windows\system32\SkyDrive.exe
2014-07-09 05:33 - 2014-03-18 02:45 - 00000000 ____D () C:\Program Files\Windows Journal
2014-07-09 05:33 - 2013-08-22 08:36 - 00000000 ___RD () C:\windows\ToastData
2014-07-09 05:33 - 2013-08-22 08:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-07-09 05:33 - 2013-08-22 08:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-07-09 05:33 - 2013-08-22 08:36 - 00000000 ____D () C:\windows\WinStore
2014-07-09 05:28 - 2014-06-18 13:24 - 00000000 ____D () C:\windows\system32\MRT
2014-07-09 05:27 - 2014-06-18 13:24 - 96441528 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2014-07-09 05:19 - 2014-06-25 15:51 - 00003718 _____ () C:\windows\System32\Tasks\Adobe Flash Player Updater
2014-07-05 03:27 - 2014-06-18 12:34 - 00020160 _____ (Glarysoft Ltd) C:\windows\system32\Drivers\GUBootStartup.sys
2014-07-02 23:10 - 2014-07-03 01:44 - 00000747 ____R () C:\windows\system32\Drivers\etc\hosts.20140703-014444.backup
2014-07-02 19:44 - 2014-07-02 19:44 - 00000017 _____ () C:\Users\Vaporz\AppData\Local\resmon.resmoncfg
2014-06-28 03:05 - 2014-04-11 17:35 - 00000000 ____D () C:\Users\Vaporz\Downloads\Ice Cube - Friday HQ 720P ESubs NimitMak SilverRG
2014-06-28 02:14 - 2014-06-28 02:10 - 00000000 ____D () C:\Users\Vaporz\AppData\Local\Windows Live
2014-06-27 13:30 - 2014-06-27 13:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2014-06-27 11:03 - 2014-06-27 11:03 - 00000000 __SHD () C:\Users\Vaporz\AppData\Local\EmieUserList
2014-06-27 11:03 - 2014-06-27 11:03 - 00000000 __SHD () C:\Users\Vaporz\AppData\Local\EmieSiteList

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2014-07-23 09:59

==================== End Of Log ============================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 26-07-2014
Ran by Vaporz at 2014-07-27 07:38:44
Running from C:\Users\Vaporz\Desktop
Boot Mode: Safe Mode (with Networking)
==========================================================

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
FW: avast! Antivirus (Enabled) {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

AC3Filter 2.6.0b (HKLM-x32\...\AC3Filter_is1) (Version: 2.6.0b - Alexander Vigovsky)
Adobe Flash Player 14 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 14.0.0.145 - Adobe Systems Incorporated)
Adobe Reader X (10.1.10) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AA1000000001}) (Version: 10.1.10 - Adobe Systems Incorporated)
avast! Internet Security (HKLM-x32\...\Avast) (Version: 9.0.2021 - AVAST Software)
CCleaner (HKLM\...\CCleaner) (Version: 4.16 - Piriform)
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{AF312B06-5C5C-468E-89B3-BE6DE2645722}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{0A4EF0E6-A912-4CDE-A7F3-6E56E7C13A2F}) (Version: 1.1.6 - Cisco Systems, Inc.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DivX Setup (HKLM-x32\...\DivX Setup) (Version: 2.6.3.52 - DivX, LLC)
Glary Utilities PRO 5.4 (HKLM-x32\...\Glary Utilities 5) (Version: 5.4.0.11 - Glarysoft Ltd)
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3345 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.5.2.1001 - Intel Corporation)
Intel® SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
Intel® Trusted Connect Service Client (Version: 1.24.388.1 - Intel Corporation) Hidden
Malwarebytes Anti-Exploit version 1.03.1.1220 (HKLM\...\Malwarebytes Anti-Exploit_is1) (Version: 1.03.1.1220 - Malwarebytes)
Malwarebytes Anti-Malware version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office 365 - en-us (HKLM\...\O365HomePremRetail - en-us) (Version: 15.0.4631.1002 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.50727 (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.50727 (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 31.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 31.0 (x86 en-US)) (Version: 31.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 31.0 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden
MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4631.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4631.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4631.1002 - Microsoft Corporation) Hidden
Origin (HKLM-x32\...\Origin) (Version: 9.0.15.60 - Electronic Arts, Inc.)
Photo Gallery (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
Premium Sound HD (HKLM\...\{000A208E-1050-4181-AC37-E13DA9254B73}) (Version: 1.12.6000 - DTS, Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.3.730.2012 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7246 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.8400.30136 - Realtek Semiconductor Corp.)
REALTEK Wireless LAN Driver (HKLM-x32\...\InstallShield_{95F38874-065A-40AB-AFC1-B764B192FFE7}) (Version: 2.00.0002 - REALTEK Semiconductor Corp.)
REALTEK Wireless LAN Driver (x32 Version: 2.00.0002 - REALTEK Semiconductor Corp.) Hidden
Recuva (HKLM\...\Recuva) (Version: 1.51 - Piriform)
Registry Recycler (HKLM-x32\...\Registry Recycler_is1) (Version: 0.9.2.7 - Developer Tribe (Pvt) Ltd.)
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 5.7.1026 - SUPERAntiSpyware.com)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 17.0.8.21 - Synaptics Incorporated)
TOSHIBA Application Installer (HKLM-x32\...\{970472D0-F5F9-4158-A6E3-1AE49EFEF2D3}) (Version: 9.0.1.4 - TOSHIBA)
TOSHIBA Desktop Assist (HKLM\...\{95CCACF0-010D-45F0-82BF-858643D8BC02}) (Version: 1.02.01.6407 - Toshiba Corporation)
TOSHIBA Function Key (HKLM\...\{16562A90-71BC-41A0-B890-D91B0C267120}) (Version: 1.1.0002.6401 - Toshiba Corporation)
TOSHIBA HDD Accelerator (HKLM\...\{DB4D9937-0B14-4EF1-BF9A-BB7E3B9DCB04}) (Version: 1.2.0000 - Toshiba Corporation)
Toshiba Password Utility (HKLM-x32\...\InstallShield_{78931270-BC9E-441A-A52B-73ECD4ACFAB5}) (Version: 2.00.972 - Toshiba Corporation)
Toshiba Password Utility (x32 Version: 2.00.972 - Toshiba Corporation) Hidden
TOSHIBA PC Health Monitor (HKLM\...\{9DECD0F9-D3E8-48B0-A390-1CF09F54E3A4}) (Version: 1.9.09.6400 - Toshiba Corporation)
TOSHIBA Quality Application (HKLM-x32\...\{E69992ED-A7F6-406C-9280-1C156417BC49}) (Version: 1.0.8 - TOSHIBA)
TOSHIBA Recovery Media Creator (HKLM-x32\...\{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}) (Version: 2.2.1.54043006 - Toshiba Corporation)
TOSHIBA Resolution+ Plug-in for Windows Media Player (HKLM-x32\...\{6CB76C9D-80C2-4CB3-A4CD-D96B239E3F94}) (Version: 1.2.8.0 - Toshiba Corporation)
TOSHIBA Service Station (HKLM\...\{FBFCEEA5-96EA-4C8E-9262-43CBBEBAE413}) (Version: 2.6.8 - Toshiba Corporation)
TOSHIBA System Driver (HKLM-x32\...\{1E6A96A1-2BAB-43EF-8087-30437593C66C}) (Version: 1.00.0032 - Toshiba Corporation)
TOSHIBA System Settings (HKLM-x32\...\{05A55927-DB9B-4E26-BA44-828EBFF829F0}) (Version: 1.00.0002.32002 - Toshiba Corporation)
TOSHIBA VIDEO PLAYER (HKLM\...\{FF07604E-C860-40E9-A230-E37FA41F103A}) (Version: 5.3.42.120 - Toshiba Corporation)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
Windows Driver Package - Realtek Semiconductor Corp. RtkBtFilter Bluetooth (07/11/2012 2.3.13.3) (HKLM\...\57F58DC141BEB353704E041792E5B00606694FEA) (Version: 07/11/2012 2.3.13.3 - Realtek Semiconductor Corp.)
Windows Live Communications Platform (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

==================== Restore Points =========================

17-07-2014 14:42:27 Installed HiJackThis
19-07-2014 21:13:48 Installed Free MKV To MP4 Converter
20-07-2014 19:59:45 Driver Booster : Realtek Bluetooth 4.0 Module
26-07-2014 04:42:28 Windows Update
27-07-2014 07:16:13 Installed Toshiba Password Utility

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2012-07-25 22:26 - 2014-07-20 22:42 - 00000747 ___RA C:\windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {009D23DA-0B45-4C01-BCD8-CDFADE82CE66} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2014-06-19] (Microsoft Corporation)
Task: {026EA220-D83D-46F0-8259-0E254B919077} - System32\Tasks\ReimageUpdater => C:\Program Files\Reimage\Reimage Protector\ReiGuard.exe
Task: {05293577-D647-4185-B859-C94839A0B2E3} - System32\Tasks\Microsoft\Windows\SettingSync\NetworkStateChangeTask
Task: {0836BCBC-A979-453F-A71F-F89BB6B03A61} - System32\Tasks\Norton Internet Security\Norton Error Analyzer => C:\Program Files (x86)\Norton Internet Security\Engine\20.5.0.28\SymErr.exe
Task: {0B545118-B563-42FC-8D07-B78F602FCF34} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {0FA6B997-5682-4EEA-8A71-DC32FA3E2F60} - System32\Tasks\Norton Anti-Theft\Norton Error Analyzer => C:\Program Files (x86)\Norton Anti-Theft\Engine\1.10.0.9\SymErr.exe
Task: {1234BC5A-4CC8-40C8-A0C7-48BF648999F1} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-07-17] (AVAST Software)
Task: {17A19055-F9DB-4366-929C-F82A1E4A04B1} - System32\Tasks\Norton Internet Security\Norton Error Processor => C:\Program Files (x86)\Norton Internet Security\Engine\20.5.0.28\SymErr.exe
Task: {1AD9BF85-CA43-4199-9C8A-C20BBF908A99} - System32\Tasks\GlaryInitialize 5 => C:\Program Files (x86)\Glary Utilities 5\Initialize.exe [2014-07-20] (Glarysoft Ltd)
Task: {1C94DD14-AC81-45A8-BEF6-552167A0A2BA} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: {2085BF56-520D-4951-B7C0-DF34AF90CC6A} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {26AC4BFC-A7A1-488E-AF7F-D8C9A98F86B1} - System32\Tasks\Synaptics TouchPad Enhancements => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2013-08-28] (Synaptics Incorporated)
Task: {2C9C0C6C-2A74-46F2-858A-4389D253EAD0} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCachePrepopulate
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\Windows\System32\AutoWorkplace.exe [2013-08-21] (Microsoft Corporation)
Task: {353B244E-A110-4AD7-A63A-01170AAA3F25} - System32\Tasks\Driver Booster SkipUAC (Vaporz) => C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe
Task: {3AC52950-13AC-4015-8F3F-8BB47B28421B} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyUpload
Task: {3B6D8A73-F20B-4C93-B8FB-56A154F172D2} - System32\Tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone => C:\Windows\system32\tzsync.exe [2013-08-22] (Microsoft Corporation)
Task: {49754026-21E1-41FC-94FD-727AFE414FE7} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCacheRebalance
Task: {5051FABF-5DCD-471E-AC66-A1B4DE26256B} - System32\Tasks\Microsoft Office 15 Sync Maintenance for CRAPPY-Vaporz Crappy => C:\Program Files\Microsoft Office 15\Root\Office15\MsoSync.exe [2014-06-03] (Microsoft Corporation)
Task: {64F47007-13C1-437D-BBA1-7998E4EF1D32} - System32\Tasks\GU5SkipUAC => C:\Program Files (x86)\Glary Utilities 5\Integrator.exe [2014-07-20] (Glarysoft Ltd)
Task: {6AA91E8C-DDBD-4979-8464-4062F7681A19} - System32\Tasks\Microsoft\Windows\Plug and Play\Plug and Play Cleanup
Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task
Task: {73B1B253-CE67-4501-AE1A-377DD1D68B65} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
Task: {77F1D869-6E65-4079-A2A0-E2023408EF97} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task
Task: {8AB78820-EDD5-4303-9CC0-057E2F71A962} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2014-07-09] (Microsoft Corporation)
Task: {8CC813C9-712A-41EF-9512-B233444FC669} - System32\Tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup => Rundll32.exe %windir%\system32\AppxDeploymentClient.dll,AppxPreStageCleanupRunTask
Task: {976F6960-F59E-4F4E-9328-28B5053D8400} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: {9FF4C139-5234-410C-B7FA-23EE2FD2AB53} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Maintenance Work
Task: {A7A26ADA-8CFB-460E-BFFB-82D2992CB9F5} - System32\Tasks\Norton Anti-Theft\Norton Error Processor => C:\Program Files (x86)\Norton Anti-Theft\Engine\1.10.0.9\SymErr.exe
Task: {AD64239E-64AA-4537-A0DE-4138E7BD3CA7} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-07-09] (Adobe Systems Incorporated)
Task: {BF58E14B-1069-43E0-80DD-BB525A2FD9CD} - System32\Tasks\Microsoft\Windows\DiskFootprint\Diagnostics
Task: {C1AC027D-51FE-4548-B656-EED29AFBF318} - System32\Tasks\Microsoft\Windows\WindowsUpdate\Scheduled Start With Network => Sc.exe start wuauserv
Task: {CA3FC884-5A24-417F-A8E4-A0C6C10DA98C} - System32\Tasks\Reimage Reminder => C:\Program Files\Reimage\Reimage Repair\ReimageReminder.exe
Task: {CFD7C21A-808B-487B-A6EC-8A10E44E8360} - System32\Tasks\Microsoft\Windows\SettingSync\BackupTask
Task: {D08F1AB1-8F5E-4779-937E-7A750E734C77} - System32\Tasks\Microsoft\Windows\DiskCleanup\SilentCleanup => C:\Windows\system32\cleanmgr.exe [2014-03-18] (Microsoft Corporation)
Task: {D88FEC9E-A82A-46F9-87E2-B6B97B301C1A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {DA46820F-FF8A-4B5E-A6B2-B12185DCFFFB} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Logon Synchronization
Task: {DB1E6CC0-023B-45E0-9F61-81682DC2BD40} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton Internet Security\Engine\20.5.0.28\WSCStub.exe
Task: {E2ACF668-4308-4463-9ECA-B3DD4467FB01} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Validation
Task: {E3BDCA69-0278-4D27-AE94-D673C4802877} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Management
Task: {E4691BC1-9ED4-424A-A0D0-CD2E37BDCB52} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2014-06-10] (Microsoft Corporation)
Task: {E6D378FA-E068-4BCB-80DE-56D43A249507} - System32\Tasks\Microsoft\Windows\RecoveryEnvironment\VerifyWinRE
Task: {F6078087-E2E8-4883-8359-D3253157982C} - \Driver Booster Update No Task File <==== ATTENTION
Task: {F949DCFC-8247-49BF-97BC-B9C180E4D4A4} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-07-23] (Piriform Ltd)
Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\windows\Tasks\GlaryInitialize 5.job => C:\Program Files (x86)\Glary Utilities 5\Initialize.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\Synaptics TouchPad Enhancements.job => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

==================== Loaded Modules (whitelisted) =============

2014-07-17 10:57 - 2014-07-17 10:57 - 19329904 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2014-07-17 10:57 - 2014-07-17 10:57 - 00301152 _____ () C:\Program Files\AVAST Software\Avast\aswProperty.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\Users\Vaporz\OneDrive:ms-properties

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\18605156.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\21653485.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\68007639.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\18605156.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\21653485.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\68007639.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PEVSystemStart => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\procexp90.Sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Option => "OptionValue"="2"

==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)

==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

MSCONFIG\Services: taisregispinger => 2
HKLM\...\StartupApproved\Run32: => "SDTray"

==================== Faulty Device Manager Devices =============

==================== Event log errors: =========================

Application errors:
==================
Error: (07/27/2014 06:43:19 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: CRAPPY)
Description: Activation of app winstore_cw5n1h2txyewy!Windows.Store failed with error: -2144927151 See the Microsoft-Windows-TWinUI/Operational log for additional information.

Error: (07/27/2014 06:41:03 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: CRAPPY)
Description: Activation of app windows.immersivecontrolpanel_cw5n1h2txyewy!microsoft.windows.immersivecontrolpanel failed with error: -2144927151 See the Microsoft-Windows-TWinUI/Operational log for additional information.

Error: (07/27/2014 06:40:56 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: CRAPPY)
Description: Activation of app windows.immersivecontrolpanel_cw5n1h2txyewy!microsoft.windows.immersivecontrolpanel failed with error: -2144927151 See the Microsoft-Windows-TWinUI/Operational log for additional information.

Error: (07/27/2014 06:40:36 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: CRAPPY)
Description: Activation of app windows.immersivecontrolpanel_cw5n1h2txyewy!microsoft.windows.immersivecontrolpanel failed with error: -2144927151 See the Microsoft-Windows-TWinUI/Operational log for additional information.

System errors:
=============
Error: (07/27/2014 07:38:46 AM) (Source: DCOM) (EventID: 10005) (User: CRAPPY)
Description: 1084WSearchUnavailable{B52D54BB-4818-4EB9-AA80-F9EACD371DF8}

Error: (07/27/2014 07:38:46 AM) (Source: DCOM) (EventID: 10005) (User: CRAPPY)
Description: 1084WSearchUnavailable{B52D54BB-4818-4EB9-AA80-F9EACD371DF8}

Error: (07/27/2014 07:38:45 AM) (Source: DCOM) (EventID: 10005) (User: CRAPPY)
Description: 1084WSearchUnavailable{B52D54BB-4818-4EB9-AA80-F9EACD371DF8}

Error: (07/27/2014 07:38:45 AM) (Source: DCOM) (EventID: 10005) (User: CRAPPY)
Description: 1084WSearchUnavailable{B52D54BB-4818-4EB9-AA80-F9EACD371DF8}

Error: (07/27/2014 07:38:42 AM) (Source: DCOM) (EventID: 10005) (User: CRAPPY)
Description: 1084WSearchUnavailable{B52D54BB-4818-4EB9-AA80-F9EACD371DF8}

Error: (07/27/2014 07:38:42 AM) (Source: DCOM) (EventID: 10005) (User: CRAPPY)
Description: 1084WSearchUnavailable{B52D54BB-4818-4EB9-AA80-F9EACD371DF8}

Error: (07/27/2014 07:38:42 AM) (Source: DCOM) (EventID: 10005) (User: CRAPPY)
Description: 1084ShellHWDetectionUnavailable{DD522ACC-F821-461A-A407-50B198B896DC}

Error: (07/27/2014 07:38:19 AM) (Source: DCOM) (EventID: 10005) (User: CRAPPY)
Description: 1084WSearchUnavailable{B52D54BB-4818-4EB9-AA80-F9EACD371DF8}

Error: (07/27/2014 07:38:19 AM) (Source: DCOM) (EventID: 10005) (User: CRAPPY)
Description: 1084WSearchUnavailable{B52D54BB-4818-4EB9-AA80-F9EACD371DF8}

Error: (07/27/2014 07:38:10 AM) (Source: DCOM) (EventID: 10005) (User: CRAPPY)
Description: 1084WSearchUnavailable{B52D54BB-4818-4EB9-AA80-F9EACD371DF8}

Microsoft Office Sessions:
=========================
Error: (07/27/2014 06:43:19 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: CRAPPY)
Description: winstore_cw5n1h2txyewy!Windows.Store-2144927151

Error: (07/27/2014 06:41:03 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: CRAPPY)
Description: windows.immersivecontrolpanel_cw5n1h2txyewy!microsoft.windows.immersivecontrolpanel-2144927151

Error: (07/27/2014 06:40:56 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: CRAPPY)
Description: windows.immersivecontrolpanel_cw5n1h2txyewy!microsoft.windows.immersivecontrolpanel-2144927151

Error: (07/27/2014 06:40:36 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: CRAPPY)
Description: windows.immersivecontrolpanel_cw5n1h2txyewy!microsoft.windows.immersivecontrolpanel-2144927151

CodeIntegrity Errors:
===================================
Date: 2014-07-27 06:45:16.393
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2014-07-27 06:16:49.452
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2014-07-27 04:47:05.708
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2014-07-27 04:21:14.705
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2014-07-27 01:21:21.296
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2014-07-25 21:47:22.043
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2014-07-23 09:49:20.206
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2014-07-23 07:06:01.939
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2014-07-21 01:24:40.267
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2014-07-21 01:00:34.422
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

==================== Memory info ===========================

Percentage of memory in use: 33%
Total physical RAM: 6027.22 MB
Available physical RAM: 4020.11 MB
Total Pagefile: 6987.22 MB
Available Pagefile: 5235.61 MB
Total Virtual: 131072 MB
Available Virtual: 131071.82 MB

==================== Drives ================================

Drive c: (TI10657400D) (Fixed) (Total:686.32 GB) (Free:629 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 699 GB) (Disk ID: 00000000)

Partition: GPT Partition Type.

==================== End Of Log ============================

usmcsniper · July 27, 2014

Im really hoping someone can help me out here

TwinHeadedEagle · July 28, 2014

Hello,

I would like first to hear what is the problem with your PC? Why are you running FRST from Safe Mode?

usmcsniper · July 28, 2014

Win 8.1 programs have stopped opening. Comp is freezing. It tells me programs or registry items are missing or values have changed. I also have lost the ability to do refresh or restart or auto repair.... I'm a Marine. Not a computer genius like my friends here. That is why I am here. Seeking your help to get my Toshiba Laptop working properly and flawlessly once again.

TwinHeadedEagle · July 28, 2014

Can you boot Windows normally? When this started to happen?

usmcsniper · July 28, 2014

Booting has no problems except that sometimes I have to reboot to get everything to appear or work properly. This has been ongoing since I bought this laptop which came with win 8 pre installed new. I've reset, refreshed and had microsoft people thru there remote technicians reload win 8. Trying to get to 8.1 was ridiculous and now its like i'm back at square 1 again and the system (8.1) is breaking down again.

TwinHeadedEagle · July 28, 2014

51a46ae42d560-malwarebytes_anti_malware. Scan with Malwarebytes' Anti-Malware

Please download Malwarebytes Anti-Malware and save it to your desktop.

Install the progam and select update.
Once updated, click the Settings tab, in the left panel choose Detctions & protection and tick Scan for rootkits.
Click the Scan tab, choose Threat Scan is checked and click Scan Now.
If threats are detected, click the Apply Actions button. You will now be prompted to reboot. Click Yes.
Upon completion of the scan (or after the reboot), click the History tab.
Click Application Logs and double-click the Scan Log.
At the bottom click Export and choose Text file.

Save the file to your desktop and include its content in your next reply.

usmcsniper · July 28, 2014

Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 7/28/2014
Scan Time: 12:14:48 PM
Logfile: MWB.txt
Administrator: Yes

Version: 2.00.2.1012
Malware Database: v2014.07.28.06
Rootkit Database: v2014.07.17.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled

OS: Windows 8.1
CPU: x64
File System: NTFS
User: Vaporz

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 306057
Time Elapsed: 8 min, 38 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 0
(No malicious items detected)

Registry Values: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Folders: 0
(No malicious items detected)

Files: 0
(No malicious items detected)

Physical Sectors: 0
(No malicious items detected)

(end)

TwinHeadedEagle · July 28, 2014

I do not see presence of malware on your PC.

usmcsniper · July 28, 2014

I'm at a loss here dude. Not cause Mwb FOUND NOTHING BUT that my computer keeps developing problems. I've run ESET Online in the past Nothing! Avast, nothing!!!! Rogue killer finds stuff and it comes back. Same with Super AntiSpyware. JRT reports stuff too and comes back??? Im at a loss here.....

TwinHeadedEagle · July 28, 2014

Your problems aren't caused by malware. I am not sure how can I help you further, because we're limited with the space and time here. You said you have lost reset and refresh options? Can you explain it?

usmcsniper · July 28, 2014

You know if you hold shift and restart it will take you to the blue screen that gives you the options of startup, troubleshooting and advanced......well advanced options used to have refresh, restart, automatic repair, Prompt command and Safe mode 10 option restart. Now there is only Safe mode and Bios. I don't know why. Can you recommend to me some free programs that I can find to explore other possibilities to find out whats going on inside this machine. It would truly be appreciated.

usmcsniper · July 28, 2014

06:46:44.647    Service RtkBtFilter C:\windows\system32\DRIVERS\RtkBtfilter.sys **LOCKED** 32
06:46:44.678    Service RtkBtFilter2 C:\windows\system32\DRIVERS\RtkBtfilter.sys **LOCKED** 32
06:46:53.976    Modules scanning
06:46:53.976    Disk 0 trace - called modules:
06:46:54.022    ntoskrnl.exe CLASSPNP.SYS disk.sys storport.sys hal.dll iaStorA.sys
06:46:54.022    1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xffffe000535b3060]
06:46:54.022    3 CLASSPNP.SYS[fffff8005055a27b] -> nt!IofCallDriver -> \Device\0000002e[0xffffe0005251b060]

This part from the first post of the ASWMBR report log I've been told is not correct . The first two were highlighted in yellow.

usmcsniper · July 28, 2014

Im gonna run The FRST not in safe mode caused you questioned why I did. I figure with a minimal startup it would find the problem.....

TwinHeadedEagle · July 28, 2014

Ok, I would like to see reports from Normal Mode.

Also, take a look at this --> http://windows.microsoft.com/en-us/windows-8/restore-refresh-reset-pc

usmcsniper · July 28, 2014

Normal Mode Reports AswMBR and FRST w/Additional report

aswMBR version 1.0.1.2041 Copyright© 2014 AVAST Software
Run date: 2014-07-28 13:25:18
-----------------------------
13:25:18.878    OS Version: Windows x64 6.2.9200
13:25:18.878    Number of processors: 4 586 0x3A09
13:25:18.878    ComputerName: CRAPPY UserName: Vaporz
13:25:19.785    Initialize success
13:25:19.894    VM: initialized successfully
13:25:19.894    VM: Intel CPU supported
13:25:22.293    VM: disk I/O iaStorA.sys
13:25:25.855    AVAST engine defs: 14072802
13:25:40.905    Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\0000002e
13:25:40.905    Disk 0 Vendor: TOSHIBA_MQ01ABD075 AX003M Size: 715404MB BusType: 11
13:25:41.030    Disk 0 MBR read successfully
13:25:41.030    Disk 0 MBR scan
13:25:41.030    Disk 0 Windows 7 default MBR code
13:25:41.046    Disk 0 Partition 1 00     EE          GPT           2097151 MB offset 1
13:25:41.155    Disk 0 scanning C:\windows\system32\drivers
13:25:48.454    Service scanning
13:25:54.940    Service RtkBtFilter C:\windows\system32\DRIVERS\RtkBtfilter.sys **LOCKED** 32
13:25:54.955    Service RtkBtFilter2 C:\windows\system32\DRIVERS\RtkBtfilter.sys **LOCKED** 32
13:25:59.221    Modules scanning
13:25:59.221    Disk 0 trace - called modules:
13:25:59.221    ntoskrnl.exe CLASSPNP.SYS disk.sys Wdf01000.sys THAccel.sys hal.dll
13:25:59.237    1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xffffe0012478e460]
13:25:59.237    3 CLASSPNP.SYS[fffff800793aa27b] -> nt!IofCallDriver -> [0xffffe00124790e20]
13:25:59.456    AVAST engine scan C:\
14:11:24.467    Scan finished successfully
14:31:23.339    Disk 0 MBR fix error
14:31:46.654    Disk 0 MBR has been saved successfully to "C:\Users\Vaporz\Desktop\MBR.dat"
14:31:46.654    The log file has been saved successfully to "C:\Users\Vaporz\Desktop\aswMBR728.txt"

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 26-07-2014
Ran by Vaporz (administrator) on CRAPPY on 28-07-2014 14:32:08
Running from C:\Users\Vaporz\Desktop
Platform: Windows 8.1 (X64) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RTKAUDIOSERVICE64.EXE
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
() C:\Program Files (x86)\Toshiba\Password Utility\GFNEXSrv.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\afwServ.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore64.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae-svc.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(TOSHIBA Corporation) C:\Windows\System32\TODDSrv.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(SRS Labs, Inc.) C:\Program Files\SRS Labs\SRS Control Panel\SRSPanel_64.exe
(TOSHIBA Corporation) C:\Program Files (x86)\Toshiba\System Setting\TSleepSrv.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(TOSHIBA Corporation) C:\Program Files\Toshiba\Hotkey\TCrdMain_Win8.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
() C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
(Glarysoft Ltd) C:\Program Files (x86)\Glary Utilities 5\Integrator.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(TOSHIBA CORPORATION) C:\Program Files\Toshiba\HDD Accelerator\THAccelSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(TOSHIBA Corporation) C:\Program Files\Toshiba\TPHM\TPCHSrv.exe
(TOSHIBA Corporation) C:\Program Files\Toshiba\TPHM\TPCHWMsg.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\root\office15\msosync.exe

==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [sRS Premium Sound HD] => C:\Program Files\SRS Labs\SRS Control Panel\SRSPanel_64.exe [2172816 2012-10-22] (SRS Labs, Inc.)
HKLM\...\Run: [TSleepSrv] => C:\Program Files (x86)\TOSHIBA\System Setting\TSleepSrv.exe [1548952 2012-08-04] (TOSHIBA Corporation)
HKLM\...\Run: [TODDMain] => C:\Program Files (x86)\TOSHIBA\System Setting\TODDMain.exe [213136 2012-08-04] ()
HKLM\...\Run: [TCrdMain] => C:\Program Files\TOSHIBA\Hotkey\TCrdMain_Win8.exe [2556768 2013-08-17] (TOSHIBA Corporation)
HKLM\...\Run: [synTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2774256 2013-08-28] (Synaptics Incorporated)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13672152 2014-07-20] (Realtek Semiconductor)
HKLM\...\Run: [TosWaitSrv] => C:\Program Files\TOSHIBA\TPHM\TosWaitSrv.exe [354144 2013-08-13] (TOSHIBA Corporation)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Malwarebytes Anti-Exploit] => C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae.exe [382608 2014-06-04] (Malwarebytes Corporation)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [4086432 2014-07-17] (AVAST Software)
HKLM-x32\...\Run: [DivXUpdate] => C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [1861968 2014-01-09] ()
HKLM-x32\...\Run: [DivXMediaServer] => C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe [455512 2014-05-27] (DivX, LLC)
HKLM-x32\...\Run: [TPUReg] => C:\Program Files (x86)\TOSHIBA\Password Utility\TosPU.exe [7148032 2012-10-31] (Pegatron Corporation)
Winlogon\Notify\igfxcui: C:\windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-3448416712-2654459564-1289727005-1001\...\Run: [GUDelayStartup] => C:\Program Files (x86)\Glary Utilities 5\StartupManager.exe [37152 2014-07-20] (Glarysoft Ltd)
ShellIconOverlayIdentifiers: 00avast -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
BootExecute: autocheck autochk * BootDefrag.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://toshiba13.msn.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://toshiba13.msn.com
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://toshiba13.msn.com
SearchScopes: HKLM - DefaultScope {E31ECC80-F5C5-41EA-B8FD-F25153C3420A} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MATBJS
SearchScopes: HKLM - {E31ECC80-F5C5-41EA-B8FD-F25153C3420A} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MATBJS
SearchScopes: HKLM-x32 - DefaultScope value is missing.
SearchScopes: HKLM-x32 - {E31ECC80-F5C5-41EA-B8FD-F25153C3420A} URL = http://www.bing.com/search?q={searchTerms}&form=IE10TR&src=IE10TR&pc=MATBJS
SearchScopes: HKCU - {E31ECC80-F5C5-41EA-B8FD-F25153C3420A} URL =
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
DPF: HKLM-x32 {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab
DPF: HKLM-x32 {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} http://content.systemrequirementslab.com/bin/srldetect_intel_4.5.24.0.cab
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\Vaporz\AppData\Roaming\Mozilla\Firefox\Profiles\lxvygeaa.default
FF Homepage: www.msn.com
FF Plugin: @adobe.com/FlashPlayer - C:\WINDOWS\system32\Macromed\Flash\NPSWF64_14_0_0_145.dll ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll ()
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 - C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-07-17]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [144152 2013-10-10] (SUPERAntiSpyware.com)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-07-17] (AVAST Software)
R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [106488 2014-07-17] (AVAST Software)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2356408 2014-06-19] (Microsoft Corporation)
R2 GFNEXSrv; C:\Program Files (x86)\Toshiba\Password Utility\GFNEXSrv.exe [156672 2011-10-13] () [File not signed]
R2 Intel® ME Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe [129856 2012-06-27] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation)
R2 MbaeSvc; C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae-svc.exe [360592 2014-06-04] (Malwarebytes Corporation)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [201872 2012-12-10] (Realtek Semiconductor)
R2 THAccelSvc; C:\Program Files\TOSHIBA\HDD Accelerator\THAccelSvc.exe [214928 2013-10-17] (TOSHIBA CORPORATION)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347880 2014-06-26] (Microsoft Corporation)
S2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2014-06-26] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

U5 AppMgmt; C:\Windows\system32\svchost.exe [37768 2013-08-22] (Microsoft Corporation)
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-07-17] ()
R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [28184 2014-07-17] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [79184 2014-07-17] (AVAST Software)
R0 aswNdisFlt; C:\Windows\System32\DRIVERS\aswNdisFlt.sys [448400 2014-07-17] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-07-17] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-07-17] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1041168 2014-07-17] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [427360 2014-07-17] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [92008 2014-07-17] (AVAST Software)
R0 BootDefragDriver; C:\Windows\System32\drivers\BootDefragDriver.sys [17600 2014-06-16] (Glarysoft Ltd)
S3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [226304 2014-03-18] (Microsoft Corporation)
R1 ESProtectionDriver; C:\Program Files (x86)\Malwarebytes Anti-Exploit\mbae64.sys [62392 2014-06-04] ()
R1 GUBootStartup; C:\windows\System32\drivers\GUBootStartup.sys [20160 2014-07-05] (Glarysoft Ltd)
R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [100312 2014-07-20] (Intel Corporation)
R2 PEGAGFN; C:\Program Files (x86)\Toshiba\Password Utility\PEGAGFN.sys [14344 2009-09-11] (PEGATRON)
R3 RtkBtFilter; C:\Windows\system32\DRIVERS\RtkBtfilter.sys [48856 2013-11-28] (Realtek Microelectronics)
S3 RtkBtFilter2; C:\Windows\system32\DRIVERS\RtkBtfilter.sys [48856 2013-11-28] (Realtek Microelectronics)
R3 RTWlanE; C:\Windows\system32\DRIVERS\rtwlane.sys [3068120 2014-07-20] (Realtek Semiconductor Corporation )
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
S3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [43832 2012-08-16] (Synaptics Incorporated)
R0 THAccel; C:\Windows\System32\DRIVERS\THAccel.sys [111488 2013-10-15] (TOSHIBA Corporation)
R3 Thotkey; C:\Windows\System32\drivers\Thotkey.sys [32624 2013-08-19] (Windows ® Win 7 DDK provider)
U3 TrueSight; C:\Windows\System32\drivers\TrueSight.sys [30312 2014-07-27] ()
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123224 2014-06-26] (Microsoft Corporation)
R3 aswVmm; \??\C:\Users\Vaporz\AppData\Local\Temp\aswVmm.sys [X]
U3 aswMBR; \??\C:\Users\Vaporz\AppData\Local\Temp\aswMBR.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)

==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-07-28 14:31 - 2014-07-28 14:31 - 00001816 _____ () C:\Users\Vaporz\Desktop\aswMBR728.txt
2014-07-28 12:41 - 2014-07-28 12:41 - 00001043 _____ () C:\Users\Vaporz\Desktop\MWB.txt
2014-07-27 07:59 - 2014-07-27 08:00 - 110249712 _____ (Microsoft Corporation) C:\Users\Vaporz\Desktop\msert.exe
2014-07-27 07:38 - 2014-07-28 14:32 - 00014323 _____ () C:\Users\Vaporz\Desktop\FRST.txt
2014-07-27 07:38 - 2014-07-27 07:38 - 00030036 _____ () C:\Users\Vaporz\Desktop\Addition.txt
2014-07-27 07:26 - 2014-07-28 14:31 - 00000512 _____ () C:\Users\Vaporz\Desktop\MBR.dat
2014-07-27 07:26 - 2014-07-27 07:26 - 00001741 _____ () C:\Users\Vaporz\Desktop\aswMBR.txt
2014-07-27 06:16 - 2014-07-27 06:16 - 00000306 _____ () C:\windows\PFRO.log
2014-07-27 03:51 - 2014-07-27 03:51 - 00000000 _____ () C:\windows\setuperr.log
2014-07-27 03:51 - 2014-07-27 03:51 - 00000000 _____ () C:\windows\setupact.log
2014-07-27 01:20 - 2014-07-27 01:20 - 00474072 _____ () C:\windows\system32\FNTCACHE.DAT
2014-07-27 01:10 - 2014-07-27 01:10 - 00773632 _____ (Robert Simpson, et al.) C:\Users\Vaporz\AppData\Roaming\System.Data.SQLite.dll
2014-07-27 01:04 - 2014-07-27 01:04 - 05379160 _____ () C:\Users\Vaporz\Desktop\RogueKillerX64(1).exe
2014-07-27 00:41 - 2014-07-27 23:46 - 00000000 ____D () C:\Users\Vaporz\AppData\Local\CrashDumps
2014-07-27 00:22 - 2014-07-27 00:22 - 00000000 ____D () C:\Program Files (x86)\TOSHIBA Corporation
2014-07-27 00:16 - 2014-07-27 00:16 - 00000000 ____D () C:\Users\Vaporz\AppData\Local\{16D8D997-18E4-42EB-9B86-ABEBB7D83C37}
2014-07-26 20:08 - 2014-07-26 20:08 - 00000000 ____D () C:\Users\Vaporz\AppData\Local\Macromedia
2014-07-26 20:06 - 2014-07-28 14:16 - 01575919 _____ () C:\windows\WindowsUpdate.log
2014-07-26 19:51 - 2014-07-26 19:51 - 00000000 ____D () C:\ProgramData\Mozilla
2014-07-26 19:51 - 2014-07-26 19:51 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-07-25 21:42 - 2014-07-09 21:16 - 00716800 _____ (Microsoft Corporation) C:\windows\system32\SkyDriveTelemetry.dll
2014-07-25 21:42 - 2014-07-09 21:03 - 04756992 _____ (Microsoft Corporation) C:\windows\system32\SyncEngine.dll
2014-07-25 21:42 - 2014-07-09 20:33 - 01120256 _____ (Microsoft Corporation) C:\windows\system32\SkyDrive.exe
2014-07-23 07:04 - 2014-07-23 07:04 - 00016352 ____N () C:\bootsqm.dat
2014-07-21 00:13 - 2014-07-21 00:13 - 00380416 _____ () C:\Users\Vaporz\Desktop\8pw7k8e4.exe
2014-07-20 22:58 - 2014-07-20 22:58 - 05185536 _____ (AVAST Software) C:\Users\Vaporz\Desktop\aswmbr.exe
2014-07-20 19:32 - 2014-07-20 19:32 - 00871640 _____ (Realtek ) C:\windows\system32\Drivers\Rt630x64.sys
2014-07-20 19:32 - 2014-07-20 19:32 - 00073800 _____ (Realtek Semiconductor Corporation) C:\windows\system32\RtNicProp64.dll
2014-07-20 13:14 - 2014-07-20 13:14 - 00556248 _____ (Realtek Semiconductor Corporation) C:\windows\system32\Drivers\SET436D.tmp
2014-07-20 13:14 - 2014-07-20 13:14 - 00100312 _____ (Intel Corporation) C:\windows\system32\Drivers\TeeDriverx64.sys
2014-07-20 13:14 - 2014-07-20 13:14 - 00000000 ____H () C:\windows\system32\Drivers\Msft_Kernel_TeeDriverx64_01011.Wdf
2014-07-20 13:13 - 2014-07-20 13:13 - 03962840 _____ (Realtek Semiconductor Corp.) C:\windows\system32\Drivers\RTKVHD64.sys
2014-07-20 13:13 - 2014-07-20 13:13 - 03068120 _____ (Realtek Semiconductor Corporation ) C:\windows\system32\Drivers\rtwlane.sys
2014-07-20 13:13 - 2014-07-20 13:13 - 02834648 _____ (Realtek Semiconductor Corp.) C:\windows\system32\RtPgEx64.dll
2014-07-20 13:13 - 2014-07-20 13:13 - 02800344 _____ (Realtek Semiconductor Corp.) C:\windows\system32\RltkAPO64.dll
2014-07-20 13:13 - 2014-07-20 13:13 - 02770976 _____ (Fortemedia Corporation) C:\windows\system32\FMAPO64.dll
2014-07-20 13:13 - 2014-07-20 13:13 - 01959128 _____ (Realtek Semiconductor Corp.) C:\windows\system32\RTSnMg64.cpl
2014-07-20 13:13 - 2014-07-20 13:13 - 01286872 _____ (Realtek Semiconductor Corp.) C:\windows\system32\RTCOM64.dll
2014-07-20 13:13 - 2014-07-20 13:13 - 01099203 _____ () C:\windows\system32\Drivers\RTAIODAT.DAT
2014-07-20 13:13 - 2014-07-20 13:13 - 01022168 _____ (Realtek Semiconductor Corp.) C:\windows\system32\RtkApi64.dll
2014-07-20 13:13 - 2014-07-20 13:13 - 00948952 _____ (Realtek Semiconductor Corp.) C:\windows\system32\RCoInstII64.dll
2014-07-20 13:13 - 2014-07-20 13:13 - 00628952 _____ (Realtek Semiconductor Corp.) C:\windows\system32\RtDataProc64.dll
2014-07-20 13:13 - 2014-07-20 13:13 - 00209096 _____ (Andrea Electronics Corporation) C:\windows\system32\AERTAC64.dll
2014-07-20 13:13 - 2014-07-20 13:13 - 00113576 _____ (Real Sound Lab SIA) C:\windows\system32\CONEQMSAPOGUILibrary.dll
2014-07-20 12:50 - 2014-07-21 04:34 - 00002858 _____ () C:\windows\System32\Tasks\Driver Booster SkipUAC (Vaporz)
2014-07-20 12:50 - 2014-07-20 12:50 - 00000000 ____D () C:\ProgramData\IObit
2014-07-20 09:45 - 2014-07-20 10:19 - 00000000 ____D () C:\Program Files\Recuva
2014-07-20 09:45 - 2014-07-20 09:45 - 00001681 _____ () C:\Users\Public\Desktop\Recuva.lnk
2014-07-20 05:57 - 2014-07-20 05:57 - 00001332 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Movie Maker.lnk
2014-07-20 05:57 - 2014-07-20 05:57 - 00000000 ____D () C:\windows\en
2014-07-20 05:48 - 2014-07-20 05:48 - 00000000 ____D () C:\windows\softwaredistribution.bak2
2014-07-20 02:29 - 2014-07-20 02:29 - 00000000 ____D () C:\Users\Vaporz\AppData\Roaming\Macromedia
2014-07-19 16:16 - 2014-07-19 16:16 - 00000000 ____D () C:\Program Files (x86)\AC3Filter
2014-07-19 16:16 - 2013-04-05 21:27 - 02231296 _____ () C:\windows\system32\ac3filter64.acm
2014-07-19 16:16 - 2013-04-05 21:26 - 01679360 _____ () C:\windows\SysWOW64\ac3filter.acm
2014-07-19 16:05 - 2014-07-19 16:05 - 00001093 _____ () C:\Users\Public\Desktop\DivX Player.lnk
2014-07-19 14:23 - 2014-07-19 14:23 - 00004608 _____ () C:\Users\Vaporz\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-07-19 14:22 - 2014-07-19 20:14 - 00000000 ____D () C:\Users\Vaporz\AppData\Roaming\DivX
2014-07-19 14:22 - 2014-07-19 16:05 - 00001609 _____ () C:\Users\Vaporz\Desktop\DivX Movies.lnk
2014-07-19 14:22 - 2014-07-19 16:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DivX
2014-07-19 14:22 - 2014-07-19 14:22 - 00001158 _____ () C:\Users\Public\Desktop\DivX Converter.lnk
2014-07-19 14:22 - 2014-07-19 14:22 - 00000000 ____D () C:\Program Files\DivX
2014-07-19 14:21 - 2014-07-19 16:05 - 00000000 ____D () C:\ProgramData\DivX
2014-07-19 14:21 - 2014-07-19 16:05 - 00000000 ____D () C:\Program Files (x86)\DivX
2014-07-19 14:20 - 2014-07-19 14:21 - 00999232 _____ (DivX, LLC) C:\Users\Vaporz\Desktop\DivXInstaller.exe
2014-07-17 18:23 - 2014-07-17 18:23 - 01354223 _____ () C:\Users\Vaporz\Desktop\adwcleaner_3.216.exe
2014-07-17 11:18 - 2014-07-17 11:18 - 00000000 ____D () C:\windows\PCHEALTH
2014-07-17 11:11 - 2014-07-17 11:11 - 00000000 ____D () C:\Users\Vaporz\AppData\Roaming\AVAST Software
2014-07-17 10:57 - 2014-07-17 11:11 - 00004182 _____ () C:\windows\System32\Tasks\avast! Emergency Update
2014-07-17 10:57 - 2014-07-17 10:57 - 01041168 _____ (AVAST Software) C:\windows\system32\Drivers\aswSnx.sys
2014-07-17 10:57 - 2014-07-17 10:57 - 00448400 _____ (AVAST Software) C:\windows\system32\Drivers\aswNdisFlt.sys
2014-07-17 10:57 - 2014-07-17 10:57 - 00427360 _____ (AVAST Software) C:\windows\system32\Drivers\aswsp.sys
2014-07-17 10:57 - 2014-07-17 10:57 - 00307344 _____ (AVAST Software) C:\windows\system32\aswBoot.exe
2014-07-17 10:57 - 2014-07-17 10:57 - 00224896 _____ () C:\windows\system32\Drivers\aswVmm.sys
2014-07-17 10:57 - 2014-07-17 10:57 - 00093568 _____ (AVAST Software) C:\windows\system32\Drivers\aswRdr2.sys
2014-07-17 10:57 - 2014-07-17 10:57 - 00092008 _____ (AVAST Software) C:\windows\system32\Drivers\aswStm.sys
2014-07-17 10:57 - 2014-07-17 10:57 - 00079184 _____ (AVAST Software) C:\windows\system32\Drivers\aswMonFlt.sys
2014-07-17 10:57 - 2014-07-17 10:57 - 00065776 _____ () C:\windows\system32\Drivers\aswRvrt.sys
2014-07-17 10:57 - 2014-07-17 10:57 - 00043152 _____ (AVAST Software) C:\windows\avastSS.scr
2014-07-17 10:57 - 2014-07-17 10:57 - 00029208 _____ () C:\windows\system32\Drivers\aswHwid.sys
2014-07-17 10:57 - 2014-07-17 10:57 - 00028184 _____ (AVAST Software) C:\windows\system32\Drivers\aswKbd.sys
2014-07-17 10:57 - 2014-07-17 10:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast
2014-07-17 10:56 - 2014-07-17 10:56 - 00000000 ____D () C:\Program Files\AVAST Software
2014-07-17 10:49 - 2014-07-17 10:49 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-07-17 10:00 - 2014-07-28 12:46 - 00122584 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\MBAMSwissArmy.sys
2014-07-17 09:59 - 2014-07-17 09:59 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-07-17 09:59 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbamchameleon.sys
2014-07-17 09:59 - 2014-05-12 07:26 - 00064216 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mwac.sys
2014-07-17 09:59 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbam.sys
2014-07-17 09:45 - 2014-07-17 09:45 - 00001129 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Exploit.lnk
2014-07-17 09:45 - 2014-07-17 09:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Exploit
2014-07-17 09:44 - 2014-07-26 20:15 - 00000000 ____D () C:\ProgramData\Malwarebytes Anti-Exploit
2014-07-17 09:44 - 2014-07-17 09:45 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Exploit
2014-07-17 08:48 - 2014-07-28 14:32 - 00000000 ____D () C:\FRST
2014-07-17 08:38 - 2014-07-27 06:15 - 00000000 ____D () C:\AdwCleaner
2014-07-17 08:35 - 2014-07-27 05:22 - 00030312 _____ () C:\windows\system32\Drivers\TrueSight.sys
2014-07-17 07:42 - 2014-07-17 07:42 - 00000000 ____D () C:\Program Files (x86)\Trend Micro
2014-07-17 07:41 - 2014-07-17 09:27 - 00001752 _____ () C:\sc-cleaner.txt
2014-07-17 07:22 - 2014-07-27 07:38 - 02093568 _____ (Farbar) C:\Users\Vaporz\Desktop\FRST64.exe
2014-07-17 07:12 - 2014-07-17 07:12 - 00000000 ____D () C:\windows\erdnt
2014-07-17 07:11 - 2014-07-17 07:11 - 01016261 _____ (Thisisu) C:\Users\Vaporz\Desktop\JRT.exe
2014-07-17 06:57 - 2014-07-17 06:57 - 00000085 _____ () C:\windows\wininit.ini
2014-07-17 06:57 - 2014-07-17 06:57 - 00000000 ____D () C:\windows\System32\Tasks\Safer-Networking
2014-07-17 06:53 - 2014-07-17 06:53 - 00000706 _____ () C:\DelFix.txt
2014-07-17 04:51 - 2014-07-21 04:35 - 00004274 _____ () C:\windows\System32\Tasks\ReimageUpdater
2014-07-17 04:51 - 2014-07-21 04:35 - 00003436 _____ () C:\windows\System32\Tasks\Reimage Reminder
2014-07-17 04:50 - 2014-07-17 04:51 - 00000000 ____D () C:\ProgramData\Reimage Protector
2014-07-16 04:36 - 2014-06-05 07:13 - 00216368 _____ (Microsoft Corporation) C:\windows\system32\rsaenh.dll
2014-07-16 04:36 - 2014-06-05 06:14 - 00189016 _____ (Microsoft Corporation) C:\windows\SysWOW64\rsaenh.dll
2014-07-16 04:36 - 2014-06-01 19:10 - 00423768 _____ (Microsoft Corporation) C:\windows\system32\hal.dll
2014-07-16 04:36 - 2014-05-31 03:07 - 00467800 ____C (Microsoft Corporation) C:\windows\system32\Drivers\USBHUB3.SYS
2014-07-16 04:36 - 2014-05-31 03:07 - 00440664 ____C (Microsoft Corporation) C:\windows\system32\Drivers\usbport.sys
2014-07-16 04:36 - 2014-05-31 03:07 - 00419672 ____C (Microsoft Corporation) C:\windows\system32\Drivers\usbhub.sys
2014-07-16 04:36 - 2014-05-31 03:07 - 00089944 ____C (Microsoft Corporation) C:\windows\system32\Drivers\usbehci.sys
2014-07-16 04:36 - 2014-05-31 03:07 - 00027480 ____C (Microsoft Corporation) C:\windows\system32\Drivers\usbd.sys
2014-07-16 04:36 - 2014-05-30 23:30 - 00037376 ____C (Microsoft Corporation) C:\windows\system32\Drivers\usbuhci.sys
2014-07-16 04:36 - 2014-05-30 23:27 - 00110592 _____ (Microsoft Corporation) C:\windows\system32\Drivers\WUDFPf.sys
2014-07-16 04:36 - 2014-05-30 23:26 - 00227840 _____ (Microsoft Corporation) C:\windows\system32\Drivers\WUDFRd.sys
2014-07-16 04:36 - 2014-05-30 21:01 - 00284672 _____ (Microsoft Corporation) C:\windows\system32\WUDFHost.exe
2014-07-16 04:36 - 2014-05-30 21:01 - 00209408 _____ (Microsoft Corporation) C:\windows\system32\WUDFPlatform.dll
2014-07-16 04:36 - 2014-05-30 21:01 - 00099840 _____ (Microsoft Corporation) C:\windows\system32\WUDFSvc.dll
2014-07-16 04:36 - 2014-05-27 08:53 - 02518360 _____ (Microsoft Corporation) C:\windows\system32\Drivers\tcpip.sys
2014-07-16 04:36 - 2014-05-27 02:56 - 00323584 _____ (Microsoft Corporation) C:\windows\system32\DaOtpCredentialProvider.dll
2014-07-16 04:36 - 2014-05-27 02:53 - 00270848 _____ (Microsoft Corporation) C:\windows\SysWOW64\DaOtpCredentialProvider.dll
2014-07-16 04:36 - 2014-05-16 21:59 - 16871936 _____ (Microsoft Corporation) C:\windows\system32\Windows.UI.Xaml.dll
2014-07-16 04:36 - 2014-05-16 21:13 - 12711424 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.UI.Xaml.dll
2014-07-16 04:33 - 2014-07-19 14:31 - 00000000 ____D () C:\windows\softwaredistribution.bak1
2014-07-10 04:05 - 2014-07-10 04:05 - 00000000 ____D () C:\Users\Vaporz\AppData\Roaming\sMedio
2014-07-09 05:26 - 2014-04-13 20:29 - 01018880 _____ (Microsoft Corporation) C:\windows\system32\termsrv.dll
2014-07-09 05:17 - 2014-06-18 16:46 - 00250880 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll
2014-07-09 05:17 - 2014-06-18 15:57 - 00225280 _____ (Microsoft Corporation) C:\windows\SysWOW64\iedkcs32.dll
2014-07-09 05:17 - 2014-06-16 15:26 - 00779264 _____ (Microsoft Corporation) C:\windows\SysWOW64\osk.exe
2014-07-09 05:17 - 2014-06-16 15:24 - 00834048 _____ (Microsoft Corporation) C:\windows\system32\osk.exe
2014-07-09 05:17 - 2014-06-06 07:20 - 04190720 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2014-07-09 05:17 - 2014-05-29 20:03 - 00563200 _____ (Microsoft Corporation) C:\windows\system32\Drivers\afd.sys
2014-07-09 05:17 - 2014-05-29 05:02 - 00565576 _____ (Microsoft Corporation) C:\windows\system32\Drivers\cng.sys
2014-07-09 05:17 - 2014-05-29 00:55 - 00735232 _____ (Microsoft Corporation) C:\windows\system32\adtschema.dll
2014-07-09 05:17 - 2014-05-28 23:40 - 00735232 _____ (Microsoft Corporation) C:\windows\SysWOW64\adtschema.dll
2014-07-09 05:17 - 2014-05-28 23:37 - 00436224 _____ (Microsoft Corporation) C:\windows\system32\certcli.dll
2014-07-09 05:17 - 2014-05-28 22:34 - 00318976 _____ (Microsoft Corporation) C:\windows\SysWOW64\certcli.dll
2014-07-09 05:17 - 2014-05-28 22:27 - 01417216 _____ (Microsoft Corporation) C:\windows\system32\lsasrv.dll
2014-07-09 05:16 - 2014-06-18 18:39 - 23464448 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2014-07-09 05:16 - 2014-06-18 17:16 - 17276416 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2014-07-09 05:16 - 2014-06-18 16:51 - 05721088 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2014-07-09 05:16 - 2014-06-18 15:52 - 04254720 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2014-07-09 05:16 - 2014-06-18 15:51 - 13527040 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2014-07-09 05:16 - 2014-06-18 15:35 - 11742208 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2014-07-09 05:15 - 2014-06-18 17:48 - 02768384 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2014-07-09 05:15 - 2014-06-18 17:09 - 00452608 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
2014-07-09 05:15 - 2014-06-18 16:50 - 00085504 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2014-07-09 05:15 - 2014-06-18 16:48 - 00292864 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2014-07-09 05:15 - 2014-06-18 16:39 - 00608768 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2014-07-09 05:15 - 2014-06-18 16:33 - 00631808 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2014-07-09 05:15 - 2014-06-18 16:32 - 02179072 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2014-07-09 05:15 - 2014-06-18 16:27 - 02040832 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2014-07-09 05:15 - 2014-06-18 16:12 - 00367616 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtmsft.dll
2014-07-09 05:15 - 2014-06-18 15:59 - 00069632 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll
2014-07-09 05:15 - 2014-06-18 15:58 - 02266112 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2014-07-09 05:15 - 2014-06-18 15:58 - 00239616 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll
2014-07-09 05:15 - 2014-06-18 15:49 - 00526336 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2014-07-09 05:15 - 2014-06-18 15:45 - 01964544 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
2014-07-09 05:15 - 2014-06-18 15:34 - 01393664 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2014-07-09 05:15 - 2014-06-18 15:15 - 00846336 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2014-07-09 05:15 - 2014-06-18 15:13 - 01791488 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2014-07-09 05:15 - 2014-06-18 15:09 - 01139200 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2014-07-09 05:15 - 2014-06-18 15:07 - 00704512 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll
2014-07-09 05:15 - 2014-06-06 06:04 - 00586240 _____ (Microsoft Corporation) C:\windows\system32\qedit.dll
2014-07-09 05:15 - 2014-06-06 05:18 - 00488960 _____ (Microsoft Corporation) C:\windows\SysWOW64\qedit.dll
2014-07-09 05:15 - 2014-05-31 03:07 - 00054776 _____ (Microsoft Corporation) C:\windows\system32\wuauclt.exe
2014-07-09 05:15 - 2014-05-31 03:06 - 00555736 _____ (Microsoft Corporation) C:\windows\system32\twinapi.appcore.dll
2014-07-09 05:15 - 2014-05-30 20:40 - 13287936 _____ (Microsoft Corporation) C:\windows\system32\twinui.dll
2014-07-09 05:15 - 2014-05-30 20:30 - 11792384 _____ (Microsoft Corporation) C:\windows\SysWOW64\twinui.dll
2014-07-09 05:15 - 2014-05-30 20:12 - 00249344 _____ (Microsoft Corporation) C:\windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-07-09 05:15 - 2014-05-30 20:06 - 00093696 _____ (Microsoft Corporation) C:\windows\system32\wudriver.dll
2014-07-09 05:15 - 2014-05-30 20:03 - 00827392 _____ (Microsoft Corporation) C:\windows\system32\wuapi.dll
2014-07-09 05:15 - 2014-05-30 20:01 - 00189952 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-07-09 05:15 - 2014-05-30 19:56 - 00080896 _____ (Microsoft Corporation) C:\windows\SysWOW64\wudriver.dll
2014-07-09 05:15 - 2014-05-30 19:54 - 00666624 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuapi.dll
2014-07-09 05:15 - 2014-05-30 19:48 - 03463680 _____ (Microsoft Corporation) C:\windows\system32\wuaueng.dll
2014-07-09 05:15 - 2014-05-30 19:37 - 01054208 _____ (Microsoft Corporation) C:\windows\system32\twinui.appcore.dll
2014-07-09 05:15 - 2014-05-30 19:36 - 00923136 _____ (Microsoft Corporation) C:\windows\system32\WSShared.dll
2014-07-09 05:15 - 2014-05-30 19:35 - 00828928 _____ (Microsoft Corporation) C:\windows\SysWOW64\twinui.appcore.dll
2014-07-09 05:15 - 2014-05-30 19:32 - 00756224 _____ (Microsoft Corporation) C:\windows\SysWOW64\WSShared.dll
2014-07-03 01:44 - 2014-07-02 23:10 - 00000747 ____R () C:\windows\system32\Drivers\etc\hosts.20140703-014444.backup
2014-07-02 19:44 - 2014-07-02 19:44 - 00000017 _____ () C:\Users\Vaporz\AppData\Local\resmon.resmoncfg
2014-06-28 02:10 - 2014-06-28 02:14 - 00000000 ____D () C:\Users\Vaporz\AppData\Local\Windows Live

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-07-28 14:32 - 2014-07-27 07:38 - 00014323 _____ () C:\Users\Vaporz\Desktop\FRST.txt
2014-07-28 14:32 - 2014-07-17 08:48 - 00000000 ____D () C:\FRST
2014-07-28 14:31 - 2014-07-28 14:31 - 00001816 _____ () C:\Users\Vaporz\Desktop\aswMBR728.txt
2014-07-28 14:31 - 2014-07-27 07:26 - 00000512 _____ () C:\Users\Vaporz\Desktop\MBR.dat
2014-07-28 14:19 - 2014-06-25 15:51 - 00000830 _____ () C:\windows\Tasks\Adobe Flash Player Updater.job
2014-07-28 14:19 - 2014-06-23 18:14 - 00000920 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-07-28 14:16 - 2014-07-26 20:06 - 01575919 _____ () C:\windows\WindowsUpdate.log
2014-07-28 14:12 - 2014-06-27 13:35 - 00004970 _____ () C:\windows\System32\Tasks\Microsoft Office 15 Sync Maintenance for CRAPPY-Vaporz Crappy
2014-07-28 14:00 - 2013-08-22 08:36 - 00000000 ____D () C:\windows\system32\sru
2014-07-28 13:58 - 2014-06-18 20:57 - 00000000 ____D () C:\windows\AppReadiness
2014-07-28 12:46 - 2014-07-17 10:00 - 00122584 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\MBAMSwissArmy.sys
2014-07-28 12:41 - 2014-07-28 12:41 - 00001043 _____ () C:\Users\Vaporz\Desktop\MWB.txt
2014-07-28 09:06 - 2014-03-18 03:03 - 00863592 _____ () C:\windows\system32\PerfStringBackup.INI
2014-07-27 23:46 - 2014-07-27 00:41 - 00000000 ____D () C:\Users\Vaporz\AppData\Local\CrashDumps
2014-07-27 23:04 - 2012-07-26 00:59 - 00000000 ____D () C:\windows\CbsTemp
2014-07-27 08:00 - 2014-07-27 07:59 - 110249712 _____ (Microsoft Corporation) C:\Users\Vaporz\Desktop\msert.exe
2014-07-27 07:51 - 2014-06-26 14:15 - 00000000 ___DO () C:\Users\Vaporz\OneDrive
2014-07-27 07:47 - 2014-06-18 12:34 - 00000348 _____ () C:\windows\Tasks\GlaryInitialize 5.job
2014-07-27 07:47 - 2014-06-18 12:34 - 00000000 ____D () C:\Program Files (x86)\Glary Utilities 5
2014-07-27 07:46 - 2014-06-20 19:53 - 00000908 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-07-27 07:46 - 2013-08-22 07:45 - 00000006 ____H () C:\windows\Tasks\SA.DAT
2014-07-27 07:38 - 2014-07-27 07:38 - 00030036 _____ () C:\Users\Vaporz\Desktop\Addition.txt
2014-07-27 07:38 - 2014-07-17 07:22 - 02093568 _____ (Farbar) C:\Users\Vaporz\Desktop\FRST64.exe
2014-07-27 07:26 - 2014-07-27 07:26 - 00001741 _____ () C:\Users\Vaporz\Desktop\aswMBR.txt
2014-07-27 06:16 - 2014-07-27 06:16 - 00000306 _____ () C:\windows\PFRO.log
2014-07-27 06:15 - 2014-07-17 08:38 - 00000000 ____D () C:\AdwCleaner
2014-07-27 05:22 - 2014-07-17 08:35 - 00030312 _____ () C:\windows\system32\Drivers\TrueSight.sys
2014-07-27 03:51 - 2014-07-27 03:51 - 00000000 _____ () C:\windows\setuperr.log
2014-07-27 03:51 - 2014-07-27 03:51 - 00000000 _____ () C:\windows\setupact.log
2014-07-27 01:20 - 2014-07-27 01:20 - 00474072 _____ () C:\windows\system32\FNTCACHE.DAT
2014-07-27 01:10 - 2014-07-27 01:10 - 00773632 _____ (Robert Simpson, et al.) C:\Users\Vaporz\AppData\Roaming\System.Data.SQLite.dll
2014-07-27 01:04 - 2014-07-27 01:04 - 05379160 _____ () C:\Users\Vaporz\Desktop\RogueKillerX64(1).exe
2014-07-27 00:59 - 2014-06-20 19:45 - 00000000 ____D () C:\ProgramData\RogueKiller
2014-07-27 00:51 - 2014-06-18 09:32 - 00003600 _____ () C:\windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3448416712-2654459564-1289727005-1001
2014-07-27 00:44 - 2012-11-13 01:22 - 00000000 ____D () C:\ProgramData\Adobe
2014-07-27 00:22 - 2014-07-27 00:22 - 00000000 ____D () C:\Program Files (x86)\TOSHIBA Corporation
2014-07-27 00:21 - 2012-11-13 01:30 - 00000000 ____D () C:\Program Files (x86)\Toshiba
2014-07-27 00:21 - 2012-11-13 01:23 - 00000000 ____D () C:\Program Files\Toshiba
2014-07-27 00:17 - 2013-02-17 04:59 - 00000000 ____D () C:\windows\System32\Tasks\TOSHIBA
2014-07-27 00:17 - 2012-11-13 01:23 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2014-07-27 00:16 - 2014-07-27 00:16 - 00000000 ____D () C:\Users\Vaporz\AppData\Local\{16D8D997-18E4-42EB-9B86-ABEBB7D83C37}
2014-07-26 20:16 - 2014-06-20 10:19 - 00000000 ____D () C:\Users\Vaporz\AppData\Local\Mozilla
2014-07-26 20:15 - 2014-07-17 09:44 - 00000000 ____D () C:\ProgramData\Malwarebytes Anti-Exploit
2014-07-26 20:08 - 2014-07-26 20:08 - 00000000 ____D () C:\Users\Vaporz\AppData\Local\Macromedia
2014-07-26 20:06 - 2014-06-20 10:19 - 00000000 ____D () C:\Users\Vaporz\AppData\Roaming\Mozilla
2014-07-26 20:04 - 2014-06-19 20:06 - 00000000 ____D () C:\Users\Vaporz\AppData\Roaming\Adobe
2014-07-26 19:52 - 2014-06-25 17:20 - 00002774 _____ () C:\windows\System32\Tasks\CCleanerSkipUAC
2014-07-26 19:52 - 2014-06-25 17:18 - 00000000 ____D () C:\Program Files\CCleaner
2014-07-26 19:51 - 2014-07-26 19:51 - 00000000 ____D () C:\ProgramData\Mozilla
2014-07-26 19:51 - 2014-07-26 19:51 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-07-26 19:51 - 2014-06-20 10:19 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-07-25 21:59 - 2013-08-22 08:36 - 00000000 ____D () C:\windows\rescache
2014-07-25 21:46 - 2014-06-18 12:34 - 00000000 ____D () C:\Users\Vaporz\AppData\Roaming\DiskDefrag
2014-07-25 10:13 - 2014-06-18 12:35 - 00001119 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glary Utilities 5.lnk
2014-07-25 10:13 - 2014-06-18 12:34 - 00002970 _____ () C:\windows\System32\Tasks\GU5SkipUAC
2014-07-23 07:11 - 2013-08-22 06:25 - 00262144 ___SH () C:\windows\system32\config\BBI
2014-07-23 07:04 - 2014-07-23 07:04 - 00016352 ____N () C:\bootsqm.dat
2014-07-21 04:35 - 2014-07-17 04:51 - 00004274 _____ () C:\windows\System32\Tasks\ReimageUpdater
2014-07-21 04:35 - 2014-07-17 04:51 - 00003436 _____ () C:\windows\System32\Tasks\Reimage Reminder
2014-07-21 04:35 - 2013-02-17 05:07 - 00003236 _____ () C:\windows\System32\Tasks\Norton WSC Integration
2014-07-21 04:34 - 2014-07-20 12:50 - 00002858 _____ () C:\windows\System32\Tasks\Driver Booster SkipUAC (Vaporz)
2014-07-21 04:21 - 2013-08-22 08:36 - 00000000 ____D () C:\windows\system32\NDF
2014-07-21 00:13 - 2014-07-21 00:13 - 00380416 _____ () C:\Users\Vaporz\Desktop\8pw7k8e4.exe
2014-07-20 22:58 - 2014-07-20 22:58 - 05185536 _____ (AVAST Software) C:\Users\Vaporz\Desktop\aswmbr.exe
2014-07-20 21:07 - 2014-06-26 13:48 - 00000000 ____D () C:\Users\Vaporz
2014-07-20 19:32 - 2014-07-20 19:32 - 00871640 _____ (Realtek ) C:\windows\system32\Drivers\Rt630x64.sys
2014-07-20 19:32 - 2014-07-20 19:32 - 00073800 _____ (Realtek Semiconductor Corporation) C:\windows\system32\RtNicProp64.dll
2014-07-20 13:14 - 2014-07-20 13:14 - 00556248 _____ (Realtek Semiconductor Corporation) C:\windows\system32\Drivers\SET436D.tmp
2014-07-20 13:14 - 2014-07-20 13:14 - 00100312 _____ (Intel Corporation) C:\windows\system32\Drivers\TeeDriverx64.sys
2014-07-20 13:14 - 2014-07-20 13:14 - 00000000 ____H () C:\windows\system32\Drivers\Msft_Kernel_TeeDriverx64_01011.Wdf
2014-07-20 13:13 - 2014-07-20 13:13 - 03962840 _____ (Realtek Semiconductor Corp.) C:\windows\system32\Drivers\RTKVHD64.sys
2014-07-20 13:13 - 2014-07-20 13:13 - 03068120 _____ (Realtek Semiconductor Corporation ) C:\windows\system32\Drivers\rtwlane.sys
2014-07-20 13:13 - 2014-07-20 13:13 - 02834648 _____ (Realtek Semiconductor Corp.) C:\windows\system32\RtPgEx64.dll
2014-07-20 13:13 - 2014-07-20 13:13 - 02800344 _____ (Realtek Semiconductor Corp.) C:\windows\system32\RltkAPO64.dll
2014-07-20 13:13 - 2014-07-20 13:13 - 02770976 _____ (Fortemedia Corporation) C:\windows\system32\FMAPO64.dll
2014-07-20 13:13 - 2014-07-20 13:13 - 01959128 _____ (Realtek Semiconductor Corp.) C:\windows\system32\RTSnMg64.cpl
2014-07-20 13:13 - 2014-07-20 13:13 - 01286872 _____ (Realtek Semiconductor Corp.) C:\windows\system32\RTCOM64.dll
2014-07-20 13:13 - 2014-07-20 13:13 - 01099203 _____ () C:\windows\system32\Drivers\RTAIODAT.DAT
2014-07-20 13:13 - 2014-07-20 13:13 - 01022168 _____ (Realtek Semiconductor Corp.) C:\windows\system32\RtkApi64.dll
2014-07-20 13:13 - 2014-07-20 13:13 - 00948952 _____ (Realtek Semiconductor Corp.) C:\windows\system32\RCoInstII64.dll
2014-07-20 13:13 - 2014-07-20 13:13 - 00628952 _____ (Realtek Semiconductor Corp.) C:\windows\system32\RtDataProc64.dll
2014-07-20 13:13 - 2014-07-20 13:13 - 00209096 _____ (Andrea Electronics Corporation) C:\windows\system32\AERTAC64.dll
2014-07-20 13:13 - 2014-07-20 13:13 - 00113576 _____ (Real Sound Lab SIA) C:\windows\system32\CONEQMSAPOGUILibrary.dll
2014-07-20 13:13 - 2014-06-26 13:38 - 00000000 ____D () C:\windows\SysWOW64\RTCOM
2014-07-20 12:50 - 2014-07-20 12:50 - 00000000 ____D () C:\ProgramData\IObit
2014-07-20 11:57 - 2012-11-13 01:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Toshiba
2014-07-20 10:19 - 2014-07-20 09:45 - 00000000 ____D () C:\Program Files\Recuva
2014-07-20 10:04 - 2014-06-26 13:48 - 00000000 ____D () C:\Users\Administrator
2014-07-20 09:45 - 2014-07-20 09:45 - 00001681 _____ () C:\Users\Public\Desktop\Recuva.lnk
2014-07-20 09:44 - 2013-08-22 08:36 - 00262144 _____ () C:\windows\system32\config\BCD-Template
2014-07-20 06:06 - 2014-06-18 09:24 - 00000000 ____D () C:\Users\Vaporz\AppData\Local\Packages
2014-07-20 05:57 - 2014-07-20 05:57 - 00001332 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Movie Maker.lnk
2014-07-20 05:57 - 2014-07-20 05:57 - 00000000 ____D () C:\windows\en
2014-07-20 05:56 - 2012-11-13 01:58 - 00001401 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Photo Gallery.lnk
2014-07-20 05:56 - 2012-11-13 01:58 - 00000000 ____D () C:\Program Files (x86)\Windows Live
2014-07-20 05:48 - 2014-07-20 05:48 - 00000000 ____D () C:\windows\softwaredistribution.bak2
2014-07-20 02:29 - 2014-07-20 02:29 - 00000000 ____D () C:\Users\Vaporz\AppData\Roaming\Macromedia
2014-07-19 20:14 - 2014-07-19 14:22 - 00000000 ____D () C:\Users\Vaporz\AppData\Roaming\DivX
2014-07-19 20:14 - 2014-06-27 13:27 - 00000000 ____D () C:\Users\Vaporz\AppData\Local\VirtualStore
2014-07-19 16:16 - 2014-07-19 16:16 - 00000000 ____D () C:\Program Files (x86)\AC3Filter
2014-07-19 16:05 - 2014-07-19 16:05 - 00001093 _____ () C:\Users\Public\Desktop\DivX Player.lnk
2014-07-19 16:05 - 2014-07-19 14:22 - 00001609 _____ () C:\Users\Vaporz\Desktop\DivX Movies.lnk
2014-07-19 16:05 - 2014-07-19 14:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DivX
2014-07-19 16:05 - 2014-07-19 14:21 - 00000000 ____D () C:\ProgramData\DivX
2014-07-19 16:05 - 2014-07-19 14:21 - 00000000 ____D () C:\Program Files (x86)\DivX
2014-07-19 14:31 - 2014-07-16 04:33 - 00000000 ____D () C:\windows\softwaredistribution.bak1
2014-07-19 14:23 - 2014-07-19 14:23 - 00004608 _____ () C:\Users\Vaporz\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-07-19 14:22 - 2014-07-19 14:22 - 00001158 _____ () C:\Users\Public\Desktop\DivX Converter.lnk
2014-07-19 14:22 - 2014-07-19 14:22 - 00000000 ____D () C:\Program Files\DivX
2014-07-19 14:21 - 2014-07-19 14:20 - 00999232 _____ (DivX, LLC) C:\Users\Vaporz\Desktop\DivXInstaller.exe
2014-07-17 18:23 - 2014-07-17 18:23 - 01354223 _____ () C:\Users\Vaporz\Desktop\adwcleaner_3.216.exe
2014-07-17 11:18 - 2014-07-17 11:18 - 00000000 ____D () C:\windows\PCHEALTH
2014-07-17 11:15 - 2012-11-13 01:23 - 00002457 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
2014-07-17 11:14 - 2014-02-22 14:55 - 00000000 ____D () C:\Users\Vaporz\Documents\Avast
2014-07-17 11:11 - 2014-07-17 11:11 - 00000000 ____D () C:\Users\Vaporz\AppData\Roaming\AVAST Software
2014-07-17 11:11 - 2014-07-17 10:57 - 00004182 _____ () C:\windows\System32\Tasks\avast! Emergency Update
2014-07-17 10:57 - 2014-07-17 10:57 - 01041168 _____ (AVAST Software) C:\windows\system32\Drivers\aswSnx.sys
2014-07-17 10:57 - 2014-07-17 10:57 - 00448400 _____ (AVAST Software) C:\windows\system32\Drivers\aswNdisFlt.sys
2014-07-17 10:57 - 2014-07-17 10:57 - 00427360 _____ (AVAST Software) C:\windows\system32\Drivers\aswsp.sys
2014-07-17 10:57 - 2014-07-17 10:57 - 00307344 _____ (AVAST Software) C:\windows\system32\aswBoot.exe
2014-07-17 10:57 - 2014-07-17 10:57 - 00224896 _____ () C:\windows\system32\Drivers\aswVmm.sys
2014-07-17 10:57 - 2014-07-17 10:57 - 00093568 _____ (AVAST Software) C:\windows\system32\Drivers\aswRdr2.sys
2014-07-17 10:57 - 2014-07-17 10:57 - 00092008 _____ (AVAST Software) C:\windows\system32\Drivers\aswStm.sys
2014-07-17 10:57 - 2014-07-17 10:57 - 00079184 _____ (AVAST Software) C:\windows\system32\Drivers\aswMonFlt.sys
2014-07-17 10:57 - 2014-07-17 10:57 - 00065776 _____ () C:\windows\system32\Drivers\aswRvrt.sys
2014-07-17 10:57 - 2014-07-17 10:57 - 00043152 _____ (AVAST Software) C:\windows\avastSS.scr
2014-07-17 10:57 - 2014-07-17 10:57 - 00029208 _____ () C:\windows\system32\Drivers\aswHwid.sys
2014-07-17 10:57 - 2014-07-17 10:57 - 00028184 _____ (AVAST Software) C:\windows\system32\Drivers\aswKbd.sys
2014-07-17 10:57 - 2014-07-17 10:57 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast
2014-07-17 10:56 - 2014-07-17 10:56 - 00000000 ____D () C:\Program Files\AVAST Software
2014-07-17 10:49 - 2014-07-17 10:49 - 00000000 ____D () C:\ProgramData\AVAST Software
2014-07-17 10:45 - 2012-11-13 01:25 - 00000000 ____D () C:\ProgramData\Norton
2014-07-17 10:15 - 2013-02-17 05:07 - 00000000 ____D () C:\Program Files\Common Files\Symantec Shared
2014-07-17 09:59 - 2014-07-17 09:59 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-07-17 09:45 - 2014-07-17 09:45 - 00001129 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Exploit.lnk
2014-07-17 09:45 - 2014-07-17 09:45 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Exploit
2014-07-17 09:45 - 2014-07-17 09:44 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Exploit
2014-07-17 09:38 - 2012-07-26 01:12 - 00000000 ____D () C:\windows\LiveKernelReports
2014-07-17 09:27 - 2014-07-17 07:41 - 00001752 _____ () C:\sc-cleaner.txt
2014-07-17 08:54 - 2014-06-18 21:15 - 00000000 ____D () C:\windows\pss
2014-07-17 07:42 - 2014-07-17 07:42 - 00000000 ____D () C:\Program Files (x86)\Trend Micro
2014-07-17 07:34 - 2014-06-20 20:46 - 00000000 ____D () C:\Program Files (x86)\Spybot - Search & Destroy 2
2014-07-17 07:12 - 2014-07-17 07:12 - 00000000 ____D () C:\windows\erdnt
2014-07-17 07:11 - 2014-07-17 07:11 - 01016261 _____ (Thisisu) C:\Users\Vaporz\Desktop\JRT.exe
2014-07-17 06:57 - 2014-07-17 06:57 - 00000085 _____ () C:\windows\wininit.ini
2014-07-17 06:57 - 2014-07-17 06:57 - 00000000 ____D () C:\windows\System32\Tasks\Safer-Networking
2014-07-17 06:57 - 2014-06-20 20:46 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy
2014-07-17 06:53 - 2014-07-17 06:53 - 00000706 _____ () C:\DelFix.txt
2014-07-17 04:51 - 2014-07-17 04:50 - 00000000 ____D () C:\ProgramData\Reimage Protector
2014-07-17 04:51 - 2014-06-26 12:16 - 00000163 _____ () C:\windows\Reimage.ini
2014-07-16 04:11 - 2014-06-26 06:44 - 00000000 ____D () C:\windows\softwaredistribution.bak
2014-07-16 04:02 - 2013-08-22 06:25 - 00262144 ___SH () C:\windows\system32\config\ELAM
2014-07-10 04:05 - 2014-07-10 04:05 - 00000000 ____D () C:\Users\Vaporz\AppData\Roaming\sMedio
2014-07-10 03:47 - 2014-06-27 13:26 - 00000000 ____D () C:\Program Files\Microsoft Office 15
2014-07-09 21:16 - 2014-07-25 21:42 - 00716800 _____ (Microsoft Corporation) C:\windows\system32\SkyDriveTelemetry.dll
2014-07-09 21:03 - 2014-07-25 21:42 - 04756992 _____ (Microsoft Corporation) C:\windows\system32\SyncEngine.dll
2014-07-09 20:33 - 2014-07-25 21:42 - 01120256 _____ (Microsoft Corporation) C:\windows\system32\SkyDrive.exe
2014-07-09 05:33 - 2014-03-18 02:45 - 00000000 ____D () C:\Program Files\Windows Journal
2014-07-09 05:33 - 2013-08-22 08:36 - 00000000 ___RD () C:\windows\ToastData
2014-07-09 05:33 - 2013-08-22 08:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-07-09 05:33 - 2013-08-22 08:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-07-09 05:33 - 2013-08-22 08:36 - 00000000 ____D () C:\windows\WinStore
2014-07-09 05:28 - 2014-06-18 13:24 - 00000000 ____D () C:\windows\system32\MRT
2014-07-09 05:27 - 2014-06-18 13:24 - 96441528 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2014-07-09 05:19 - 2014-06-25 15:51 - 00003718 _____ () C:\windows\System32\Tasks\Adobe Flash Player Updater
2014-07-05 03:27 - 2014-06-18 12:34 - 00020160 _____ (Glarysoft Ltd) C:\windows\system32\Drivers\GUBootStartup.sys
2014-07-02 23:10 - 2014-07-03 01:44 - 00000747 ____R () C:\windows\system32\Drivers\etc\hosts.20140703-014444.backup
2014-07-02 19:44 - 2014-07-02 19:44 - 00000017 _____ () C:\Users\Vaporz\AppData\Local\resmon.resmoncfg
2014-06-28 03:05 - 2014-04-11 17:35 - 00000000 ____D () C:\Users\Vaporz\Downloads\Ice Cube - Friday HQ 720P ESubs NimitMak SilverRG
2014-06-28 02:14 - 2014-06-28 02:10 - 00000000 ____D () C:\Users\Vaporz\AppData\Local\Windows Live

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2014-07-23 09:59

==================== End Of Log ============================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 26-07-2014
Ran by Vaporz at 2014-07-28 14:32:41
Running from C:\Users\Vaporz\Desktop
Boot Mode: Normal
==========================================================

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}
FW: avast! Antivirus (Enabled) {2F96FC65-F07D-9D1E-5A6E-3DA5C487EAF0}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

AC3Filter 2.6.0b (HKLM-x32\...\AC3Filter_is1) (Version: 2.6.0b - Alexander Vigovsky)
Adobe Flash Player 14 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 14.0.0.145 - Adobe Systems Incorporated)
Adobe Reader X (10.1.10) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AA1000000001}) (Version: 10.1.10 - Adobe Systems Incorporated)
avast! Internet Security (HKLM-x32\...\Avast) (Version: 9.0.2021 - AVAST Software)
CCleaner (HKLM\...\CCleaner) (Version: 4.16 - Piriform)
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{AF312B06-5C5C-468E-89B3-BE6DE2645722}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{0A4EF0E6-A912-4CDE-A7F3-6E56E7C13A2F}) (Version: 1.1.6 - Cisco Systems, Inc.)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DivX Setup (HKLM-x32\...\DivX Setup) (Version: 2.6.3.52 - DivX, LLC)
Glary Utilities PRO 5.4 (HKLM-x32\...\Glary Utilities 5) (Version: 5.4.0.11 - Glarysoft Ltd)
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3345 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.5.2.1001 - Intel Corporation)
Intel® SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
Intel® Trusted Connect Service Client (Version: 1.24.388.1 - Intel Corporation) Hidden
Malwarebytes Anti-Exploit version 1.03.1.1220 (HKLM\...\Malwarebytes Anti-Exploit_is1) (Version: 1.03.1.1220 - Malwarebytes)
Malwarebytes Anti-Malware version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Office 365 - en-us (HKLM\...\O365HomePremRetail - en-us) (Version: 15.0.4631.1002 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.50727 (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.50727 (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Movie Maker (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 31.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 31.0 (x86 en-US)) (Version: 31.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 31.0 - Mozilla)
MSVCRT (x32 Version: 15.4.2862.0708 - Microsoft) Hidden
MSVCRT110 (x32 Version: 16.4.1108.0727 - Microsoft) Hidden
MSVCRT110_amd64 (Version: 16.4.1109.0912 - Microsoft) Hidden
Office 15 Click-to-Run Extensibility Component (x32 Version: 15.0.4631.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (Version: 15.0.4631.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (x32 Version: 15.0.4631.1002 - Microsoft Corporation) Hidden
Origin (HKLM-x32\...\Origin) (Version: 9.0.15.60 - Electronic Arts, Inc.)
Photo Gallery (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
Premium Sound HD (HKLM\...\{000A208E-1050-4181-AC37-E13DA9254B73}) (Version: 1.12.6000 - DTS, Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.3.730.2012 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7246 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.8400.30136 - Realtek Semiconductor Corp.)
REALTEK Wireless LAN Driver (HKLM-x32\...\InstallShield_{95F38874-065A-40AB-AFC1-B764B192FFE7}) (Version: 2.00.0002 - REALTEK Semiconductor Corp.)
REALTEK Wireless LAN Driver (x32 Version: 2.00.0002 - REALTEK Semiconductor Corp.) Hidden
Recuva (HKLM\...\Recuva) (Version: 1.51 - Piriform)
Registry Recycler (HKLM-x32\...\Registry Recycler_is1) (Version: 0.9.2.7 - Developer Tribe (Pvt) Ltd.)
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 5.7.1026 - SUPERAntiSpyware.com)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 17.0.8.21 - Synaptics Incorporated)
TOSHIBA Application Installer (HKLM-x32\...\{970472D0-F5F9-4158-A6E3-1AE49EFEF2D3}) (Version: 9.0.1.4 - TOSHIBA)
TOSHIBA Desktop Assist (HKLM\...\{95CCACF0-010D-45F0-82BF-858643D8BC02}) (Version: 1.02.01.6407 - Toshiba Corporation)
TOSHIBA Function Key (HKLM\...\{16562A90-71BC-41A0-B890-D91B0C267120}) (Version: 1.1.0002.6401 - Toshiba Corporation)
TOSHIBA HDD Accelerator (HKLM\...\{DB4D9937-0B14-4EF1-BF9A-BB7E3B9DCB04}) (Version: 1.2.0000 - Toshiba Corporation)
Toshiba Password Utility (HKLM-x32\...\InstallShield_{78931270-BC9E-441A-A52B-73ECD4ACFAB5}) (Version: 2.00.972 - Toshiba Corporation)
Toshiba Password Utility (x32 Version: 2.00.972 - Toshiba Corporation) Hidden
TOSHIBA PC Health Monitor (HKLM\...\{9DECD0F9-D3E8-48B0-A390-1CF09F54E3A4}) (Version: 1.9.09.6400 - Toshiba Corporation)
TOSHIBA Quality Application (HKLM-x32\...\{E69992ED-A7F6-406C-9280-1C156417BC49}) (Version: 1.0.8 - TOSHIBA)
TOSHIBA Recovery Media Creator (HKLM-x32\...\{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}) (Version: 2.2.1.54043006 - Toshiba Corporation)
TOSHIBA Resolution+ Plug-in for Windows Media Player (HKLM-x32\...\{6CB76C9D-80C2-4CB3-A4CD-D96B239E3F94}) (Version: 1.2.8.0 - Toshiba Corporation)
TOSHIBA Service Station (HKLM\...\{FBFCEEA5-96EA-4C8E-9262-43CBBEBAE413}) (Version: 2.6.8 - Toshiba Corporation)
TOSHIBA System Driver (HKLM-x32\...\{1E6A96A1-2BAB-43EF-8087-30437593C66C}) (Version: 1.00.0032 - Toshiba Corporation)
TOSHIBA System Settings (HKLM-x32\...\{05A55927-DB9B-4E26-BA44-828EBFF829F0}) (Version: 1.00.0002.32002 - Toshiba Corporation)
TOSHIBA VIDEO PLAYER (HKLM\...\{FF07604E-C860-40E9-A230-E37FA41F103A}) (Version: 5.3.42.120 - Toshiba Corporation)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
Windows Driver Package - Realtek Semiconductor Corp. RtkBtFilter Bluetooth (07/11/2012 2.3.13.3) (HKLM\...\57F58DC141BEB353704E041792E5B00606694FEA) (Version: 07/11/2012 2.3.13.3 - Realtek Semiconductor Corp.)
Windows Live Communications Platform (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
Windows Live Essentials (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Installer (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live Photo Common (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live PIMT Platform (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live SOXE (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live SOXE Definitions (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live UX Platform (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Windows Live UX Platform Language Pack (x32 Version: 16.4.3528.0331 - Microsoft Corporation) Hidden

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

==================== Restore Points =========================

19-07-2014 21:13:48 Installed Free MKV To MP4 Converter
20-07-2014 19:59:45 Driver Booster : Realtek Bluetooth 4.0 Module
26-07-2014 04:42:28 Windows Update
27-07-2014 07:16:13 Installed Toshiba Password Utility

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2012-07-25 22:26 - 2014-07-20 22:42 - 00000747 ___RA C:\windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {009D23DA-0B45-4C01-BCD8-CDFADE82CE66} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [2014-06-19] (Microsoft Corporation)
Task: {026EA220-D83D-46F0-8259-0E254B919077} - System32\Tasks\ReimageUpdater => C:\Program Files\Reimage\Reimage Protector\ReiGuard.exe
Task: {05293577-D647-4185-B859-C94839A0B2E3} - System32\Tasks\Microsoft\Windows\SettingSync\NetworkStateChangeTask
Task: {0836BCBC-A979-453F-A71F-F89BB6B03A61} - System32\Tasks\Norton Internet Security\Norton Error Analyzer => C:\Program Files (x86)\Norton Internet Security\Engine\20.5.0.28\SymErr.exe
Task: {0B545118-B563-42FC-8D07-B78F602FCF34} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {0FA6B997-5682-4EEA-8A71-DC32FA3E2F60} - System32\Tasks\Norton Anti-Theft\Norton Error Analyzer => C:\Program Files (x86)\Norton Anti-Theft\Engine\1.10.0.9\SymErr.exe
Task: {1234BC5A-4CC8-40C8-A0C7-48BF648999F1} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-07-17] (AVAST Software)
Task: {17A19055-F9DB-4366-929C-F82A1E4A04B1} - System32\Tasks\Norton Internet Security\Norton Error Processor => C:\Program Files (x86)\Norton Internet Security\Engine\20.5.0.28\SymErr.exe
Task: {1AD9BF85-CA43-4199-9C8A-C20BBF908A99} - System32\Tasks\GlaryInitialize 5 => C:\Program Files (x86)\Glary Utilities 5\Initialize.exe [2014-07-20] (Glarysoft Ltd)
Task: {1C94DD14-AC81-45A8-BEF6-552167A0A2BA} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: {2085BF56-520D-4951-B7C0-DF34AF90CC6A} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {26AC4BFC-A7A1-488E-AF7F-D8C9A98F86B1} - System32\Tasks\Synaptics TouchPad Enhancements => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2013-08-28] (Synaptics Incorporated)
Task: {2C9C0C6C-2A74-46F2-858A-4389D253EAD0} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCachePrepopulate
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\Windows\System32\AutoWorkplace.exe [2013-08-21] (Microsoft Corporation)
Task: {353B244E-A110-4AD7-A63A-01170AAA3F25} - System32\Tasks\Driver Booster SkipUAC (Vaporz) => C:\Program Files (x86)\IObit\Driver Booster\DriverBooster.exe
Task: {3AC52950-13AC-4015-8F3F-8BB47B28421B} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyUpload
Task: {3B6D8A73-F20B-4C93-B8FB-56A154F172D2} - System32\Tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone => C:\Windows\system32\tzsync.exe [2013-08-22] (Microsoft Corporation)
Task: {49754026-21E1-41FC-94FD-727AFE414FE7} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCacheRebalance
Task: {5051FABF-5DCD-471E-AC66-A1B4DE26256B} - System32\Tasks\Microsoft Office 15 Sync Maintenance for CRAPPY-Vaporz Crappy => C:\Program Files\Microsoft Office 15\Root\Office15\MsoSync.exe [2014-06-03] (Microsoft Corporation)
Task: {64F47007-13C1-437D-BBA1-7998E4EF1D32} - System32\Tasks\GU5SkipUAC => C:\Program Files (x86)\Glary Utilities 5\Integrator.exe [2014-07-20] (Glarysoft Ltd)
Task: {6AA91E8C-DDBD-4979-8464-4062F7681A19} - System32\Tasks\Microsoft\Windows\Plug and Play\Plug and Play Cleanup
Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task
Task: {73B1B253-CE67-4501-AE1A-377DD1D68B65} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
Task: {77F1D869-6E65-4079-A2A0-E2023408EF97} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task
Task: {8CC813C9-712A-41EF-9512-B233444FC669} - System32\Tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup => Rundll32.exe %windir%\system32\AppxDeploymentClient.dll,AppxPreStageCleanupRunTask
Task: {976F6960-F59E-4F4E-9328-28B5053D8400} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: {9F008CBF-69C2-4714-95EE-7929C0280A62} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2014-07-09] (Microsoft Corporation)
Task: {9FF4C139-5234-410C-B7FA-23EE2FD2AB53} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Maintenance Work
Task: {A7A26ADA-8CFB-460E-BFFB-82D2992CB9F5} - System32\Tasks\Norton Anti-Theft\Norton Error Processor => C:\Program Files (x86)\Norton Anti-Theft\Engine\1.10.0.9\SymErr.exe
Task: {AD64239E-64AA-4537-A0DE-4138E7BD3CA7} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-07-09] (Adobe Systems Incorporated)
Task: {BF58E14B-1069-43E0-80DD-BB525A2FD9CD} - System32\Tasks\Microsoft\Windows\DiskFootprint\Diagnostics
Task: {C1AC027D-51FE-4548-B656-EED29AFBF318} - System32\Tasks\Microsoft\Windows\WindowsUpdate\Scheduled Start With Network => Sc.exe start wuauserv
Task: {CA3FC884-5A24-417F-A8E4-A0C6C10DA98C} - System32\Tasks\Reimage Reminder => C:\Program Files\Reimage\Reimage Repair\ReimageReminder.exe
Task: {CFD7C21A-808B-487B-A6EC-8A10E44E8360} - System32\Tasks\Microsoft\Windows\SettingSync\BackupTask
Task: {D08F1AB1-8F5E-4779-937E-7A750E734C77} - System32\Tasks\Microsoft\Windows\DiskCleanup\SilentCleanup => C:\Windows\system32\cleanmgr.exe [2014-03-18] (Microsoft Corporation)
Task: {D88FEC9E-A82A-46F9-87E2-B6B97B301C1A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {DA46820F-FF8A-4B5E-A6B2-B12185DCFFFB} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Logon Synchronization
Task: {DB1E6CC0-023B-45E0-9F61-81682DC2BD40} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton Internet Security\Engine\20.5.0.28\WSCStub.exe
Task: {E2ACF668-4308-4463-9ECA-B3DD4467FB01} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Validation
Task: {E3BDCA69-0278-4D27-AE94-D673C4802877} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Management
Task: {E4691BC1-9ED4-424A-A0D0-CD2E37BDCB52} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [2014-06-10] (Microsoft Corporation)
Task: {E6D378FA-E068-4BCB-80DE-56D43A249507} - System32\Tasks\Microsoft\Windows\RecoveryEnvironment\VerifyWinRE
Task: {F6078087-E2E8-4883-8359-D3253157982C} - \Driver Booster Update No Task File <==== ATTENTION
Task: {F949DCFC-8247-49BF-97BC-B9C180E4D4A4} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-07-23] (Piriform Ltd)
Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\windows\Tasks\GlaryInitialize 5.job => C:\Program Files (x86)\Glary Utilities 5\Initialize.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\windows\Tasks\Synaptics TouchPad Enhancements.job => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

==================== Loaded Modules (whitelisted) =============

2011-10-13 14:38 - 2011-10-13 14:38 - 00156672 _____ () C:\Program Files (x86)\Toshiba\Password Utility\GFNEXSrv.exe
2014-06-27 13:26 - 2014-05-20 09:19 - 00105640 _____ () C:\Program Files\Microsoft Office 15\ClientX64\ApiClient.dll
2012-07-18 18:38 - 2012-07-18 18:38 - 00020904 _____ () C:\Program Files\TOSHIBA\Hotkey\SmoothView.dll
2013-03-06 03:02 - 2013-03-06 03:02 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2014-01-09 22:26 - 2014-01-09 22:26 - 01861968 _____ () C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
2014-07-17 10:57 - 2014-07-17 10:57 - 00301152 _____ () C:\Program Files\AVAST Software\Avast\aswProperty.dll
2014-07-27 04:21 - 2014-07-27 04:21 - 02795008 _____ () C:\Program Files\AVAST Software\Avast\defs\14072700\algo.dll
2014-07-28 12:30 - 2014-07-28 12:30 - 02795008 _____ () C:\Program Files\AVAST Software\Avast\defs\14072802\algo.dll
2014-07-17 10:57 - 2014-07-17 10:57 - 19329904 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2014-01-09 22:28 - 2014-01-09 22:28 - 00100688 _____ () C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll
2014-07-20 20:01 - 2014-07-20 20:01 - 00080160 _____ () C:\Program Files (x86)\Glary Utilities 5\zlib1.dll
2013-02-17 04:50 - 2012-06-25 11:41 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\ACE.dll
2014-06-27 13:26 - 2014-06-27 13:26 - 00316584 _____ () C:\Program Files\Microsoft Office 15\Root\Office15\AppVIsvStream32.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\Users\Vaporz\OneDrive:ms-properties

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\18605156.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\21653485.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\68007639.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PEVSystemStart => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\18605156.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\21653485.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\68007639.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PEVSystemStart => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\procexp90.Sys => ""="Driver"

==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)

==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

MSCONFIG\Services: taisregispinger => 2
HKLM\...\StartupApproved\Run32: => "SDTray"

==================== Faulty Device Manager Devices =============

==================== Event log errors: =========================

Application errors:
==================
Error: (07/28/2014 06:40:24 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: CRAPPY)
Description: Activation of app microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 failed with error: -2144927141 See the Microsoft-Windows-TWinUI/Operational log for additional information.

Error: (07/28/2014 06:40:24 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: CRAPPY)
Description: Activation of app microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 failed with error: -2144927141 See the Microsoft-Windows-TWinUI/Operational log for additional information.

Error: (07/28/2014 06:10:24 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: CRAPPY)
Description: Activation of app microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 failed with error: -2144927141 See the Microsoft-Windows-TWinUI/Operational log for additional information.

Error: (07/28/2014 06:10:24 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: CRAPPY)
Description: Activation of app microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 failed with error: -2144927141 See the Microsoft-Windows-TWinUI/Operational log for additional information.

Error: (07/28/2014 05:46:29 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: CRAPPY)
Description: Activation of app microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 failed with error: -2144927141 See the Microsoft-Windows-TWinUI/Operational log for additional information.

Error: (07/28/2014 05:35:40 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: CRAPPY)
Description: Activation of app microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 failed with error: -2144927141 See the Microsoft-Windows-TWinUI/Operational log for additional information.

Error: (07/28/2014 05:35:40 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: CRAPPY)
Description: Activation of app microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 failed with error: -2144927141 See the Microsoft-Windows-TWinUI/Operational log for additional information.

Error: (07/28/2014 05:10:24 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: CRAPPY)
Description: Activation of app microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 failed with error: -2144927141 See the Microsoft-Windows-TWinUI/Operational log for additional information.

Error: (07/28/2014 05:10:24 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: CRAPPY)
Description: Activation of app microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 failed with error: -2144927141 See the Microsoft-Windows-TWinUI/Operational log for additional information.

Error: (07/28/2014 04:40:24 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: CRAPPY)
Description: Activation of app microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 failed with error: -2144927141 See the Microsoft-Windows-TWinUI/Operational log for additional information.

System errors:
=============
Error: (07/28/2014 01:58:02 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80070005: EncyclopaediaBritannica.EncyclopaediaBritannica.

Error: (07/28/2014 01:58:02 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80070005: 4DF9E0F8.Netflix.

Error: (07/28/2014 01:32:14 PM) (Source: disk) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Harddisk0\DR0.

Error: (07/28/2014 01:29:52 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80070005: EncyclopaediaBritannica.EncyclopaediaBritannica.

Error: (07/28/2014 01:29:52 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80070005: 4DF9E0F8.Netflix.

Error: (07/28/2014 00:51:18 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80070005: EncyclopaediaBritannica.EncyclopaediaBritannica.

Error: (07/28/2014 00:51:18 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80070005: 4DF9E0F8.Netflix.

Error: (07/28/2014 00:24:26 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80070005: EncyclopaediaBritannica.EncyclopaediaBritannica.

Error: (07/28/2014 00:24:26 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80070005: 4DF9E0F8.Netflix.

Error: (07/28/2014 11:23:21 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80070005: EncyclopaediaBritannica.EncyclopaediaBritannica.

Microsoft Office Sessions:
=========================
Error: (07/28/2014 06:40:24 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: CRAPPY)
Description: microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1-2144927141

Error: (07/28/2014 06:40:24 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: CRAPPY)
Description: microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1-2144927141

Error: (07/28/2014 06:10:24 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: CRAPPY)
Description: microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1-2144927141

Error: (07/28/2014 06:10:24 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: CRAPPY)
Description: microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1-2144927141

Error: (07/28/2014 05:46:29 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: CRAPPY)
Description: microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1-2144927141

Error: (07/28/2014 05:35:40 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: CRAPPY)
Description: microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1-2144927141

Error: (07/28/2014 05:35:40 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: CRAPPY)
Description: microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1-2144927141

Error: (07/28/2014 05:10:24 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: CRAPPY)
Description: microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1-2144927141

Error: (07/28/2014 05:10:24 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: CRAPPY)
Description: microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1-2144927141

Error: (07/28/2014 04:40:24 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: CRAPPY)
Description: microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1-2144927141

CodeIntegrity Errors:
===================================
Date: 2014-07-27 07:46:32.628
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2014-07-27 06:45:16.393
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2014-07-27 06:16:49.452
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2014-07-27 04:47:05.708
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2014-07-27 04:21:14.705
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2014-07-27 01:21:21.296
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2014-07-25 21:47:22.043
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2014-07-23 09:49:20.206
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2014-07-23 07:06:01.939
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2014-07-21 01:24:40.267
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Windows Defender\MsMpEng.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

==================== Memory info ===========================

Percentage of memory in use: 45%
Total physical RAM: 6027.22 MB
Available physical RAM: 3289.27 MB
Total Pagefile: 6987.22 MB
Available Pagefile: 3888.04 MB
Total Virtual: 131072 MB
Available Virtual: 131071.82 MB

==================== Drives ================================

Drive c: (TI10657400D) (Fixed) (Total:686.32 GB) (Free:630.05 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 699 GB) (Disk ID: 00000000)

Partition: GPT Partition Type.

==================== End Of Log ============================

TwinHeadedEagle · July 29, 2014

PC is clean, there is no malware. Read the link I posted above.

AdvancedSetup · August 1, 2014

Glad we could help.

If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Infected....

Recommended Posts

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Recently Browsing 0 members

Important Information