Jump to content

False Java Update


Recommended Posts

Hello,

 

Recently I have been getting redirected from random sites to a fake Java Update page saying: 'The page at 69.162.111.227 says: It is recommended that you update java to the latest version to view this page. Please update to continue.'

It also automatically downloads a file called setup.exe. 

 

I have scanned my computer with Malwarebytes, quarantined some files but that didn't fix it. 

 

I would be very grateful if someone helped me sort this problem out :).

 

 

Here's the log for the Malwarebytes scan:

Malwarebytes Anti-Malware
www.malwarebytes.org
 
Scan Date: 17/08/2014
Scan Time: 20:10:58
Logfile: 
Administrator: Yes
 
Version: 2.00.2.1012
Malware Database: v2014.08.17.05
Rootkit Database: v2014.08.16.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled
 
OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: Pies
 
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 310623
Time Elapsed: 10 min, 37 sec
 
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Heuristics: Enabled
PUP: Warn
PUM: Enabled
 
Processes: 0
(No malicious items detected)
 
Modules: 0
(No malicious items detected)
 
Registry Keys: 0
(No malicious items detected)
 
Registry Values: 0
(No malicious items detected)
 
Registry Data: 0
(No malicious items detected)
 
Folders: 0
(No malicious items detected)
 
Files: 1
PUP.Optional.SnapDo.A, C:\Users\Pies\AppData\Local\Google\Chrome\User Data\Default\Preferences, Good: (), Bad: (      "startup_urls": [ "http://feed.snap.do/?publisher=QuickIM&dpid=QuickIM&co=GB&userid=7f266736-ad81-482b-abfa-2dd97947203c&searchtype=hp&installDate=28/03/2013" ],), ,[6cdb3493abd049ed27c81ee7986dea16]
 
Physical Sectors: 0
(No malicious items detected)
 
 
(end)

 

Link to post
Share on other sites

Hello slowishsnail and :welcome:! My name is Borislav and I will be glad to help you solve your malware problem.

Please note:

  • If you are a paying customer, you have the privilege to contact the help desk at Consumer Support. If you choose this option to get help, please let me know.
  • I recommend you to keep the instructions I will be giving you so that they are available to you at any time. You can save them in a text file or print them.
  • Make sure you read all of the instructions and fixes thoroughly before continuing with them.
  • Follow my instructions strictly and don’t hesitate to stop and ask me if you have any questions.
  • Post your log files, don't attach them. Every log file should be copy/pasted in your next reply.
  • Do not perform any kind of scanning and fixing without my instructions. If you want to proceed on your own, please let me know.
Please follow the instructions here and then post your log files in a new reply in this thread:

http://forums.malwarebytes.org/index.php?showtopic=9573

Link to post
Share on other sites

FRST.txt:

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 17-08-2014 01

Ran by Pies (administrator) on PIE on 18-08-2014 20:17:02

Running from C:\Users\Pies\Desktop

Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: English (United States)

Internet Explorer Version 11

Boot Mode: Normal

 

The only official download link for FRST:



Download link from any site other than Bleeping Computer is unpermitted or outdated.


 

==================== Processes (Whitelisted) =================

 

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

 

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe

(Advent) C:\Program Files (x86)\Advent\AIO\Center\ADAIOHostService.exe

(DSGi) C:\Program Files (x86)\Advent\AIO\StatusMonitor\ADPrinterSDK.exe

(Nero AG) C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe

(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe

() C:\Windows\SysWOW64\PnkBstrA.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe

(Microsoft Corporation) C:\Windows\System32\rundll32.exe

(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe

(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe

(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe

(Intel Corporation) C:\Windows\System32\igfxtray.exe

(Intel Corporation) C:\Windows\System32\hkcmd.exe

(Intel Corporation) C:\Windows\System32\igfxpers.exe

(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe

(DSGi) C:\Program Files (x86)\Advent\AIO\StatusMonitor\ADStatusMonitor.exe

(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Microsoft Corporation) C:\Windows\System32\audiodg.exe

(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe

(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe

(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe

(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe

(Microsoft Corporation) C:\Windows\System32\wlanext.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Farbar) C:\Users\Pies\Desktop\FRST64 (1).exe

(Microsoft Corporation) C:\Windows\System32\dllhost.exe

 

 

==================== Registry (Whitelisted) ==================

 

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

 

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12480616 2012-04-24] (Realtek Semiconductor)

HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1158248 2012-03-09] (Realtek Semiconductor)

HKLM\...\Run: [Nvtmru] => "C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe"

HKLM\...\Run: [shadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart

HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2403104 2014-07-25] (NVIDIA Corporation)

HKLM-x32\...\Run: [bCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [91520 2010-01-21] (Microsoft Corporation)

HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)

HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59280 2012-08-27] (Apple Inc.)

HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [421776 2012-09-10] (Apple Inc.)

HKLM-x32\...\Run: [Conime] => %windir%\system32\conime.exe

HKLM-x32\...\Run: [ADStatusMonitor] => C:\Program Files (x86)\Advent\AiO\StatusMonitor\ADStatusMonitor.exe [2790816 2012-10-31] (DSGi)

Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)

HKU\S-1-5-21-1437058479-4054759572-805530273-1000\...\Run: [Facebook Update] => C:\Users\Pies\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2013-01-22] (Facebook Inc.)

HKU\S-1-5-21-1437058479-4054759572-805530273-1000\...\Run: [] => C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe

HKU\S-1-5-21-1437058479-4054759572-805530273-1000\...\MountPoints2: {027af8a6-25c3-11e2-8e10-083e8e13a7f6} - F:\Autorun.exe

AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [244184 2012-10-20] (NVIDIA Corporation)

AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [199888 2012-10-20] (NVIDIA Corporation)

Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Adobe Gamma Loader.lnk

ShortcutTarget: Adobe Gamma Loader.lnk -> C:\Program Files (x86)\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)

 

==================== Internet (Whitelisted) ====================

 

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

 

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://uk.msn.com/?ocid=iehp

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xBAA751DBC9B9CD01

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-gb



BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)

BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)

BHO-x32: No Name -> {5C255C8A-E604-49b4-9D64-90988571CECB} ->  No File

BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)

BHO-x32: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)

BHO-x32: Windows Live Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)

BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)

BHO-x32: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)

Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)

Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)

Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

 

FireFox:

========

FF ProfilePath: C:\Users\Pies\AppData\Roaming\Mozilla\Firefox\Profiles\65497ewy.default-1408279368874

FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_179.dll ()

FF Plugin: @microsoft.com/GENUINE -> disabled No File

FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)

FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)

FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_179.dll ()

FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()

FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)

FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)

FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File

FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll ( Microsoft Corporation)

FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)

FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)

FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)

FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)

FF Plugin-x32: @videolan.org/vlc,version=2.0.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)

FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\Pies\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)

FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Pies\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)

 

Chrome: 

=======

CHR HomePage: hxxp://google.com/

CHR StartupUrls: "hxxp://feed.snap.do/?publisher=QuickIM&dpid=QuickIM&co=GB&userid=7f266736-ad81-482b-abfa-2dd97947203c&searchtype=hp&installDate=28/03/2013"

CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.143\PepperFlash\pepflashplayer.dll ()

CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer

CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.143\ppGoogleNaClPluginChrome.dll ()

CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.143\pdf.dll ()

CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)

CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)

CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.22.3\npGoogleUpdate3.dll No File

CHR Plugin: (Java Deployment Toolkit 7.0.450.18) - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)

CHR Plugin: (Java Platform SE 7 U45) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)

CHR Plugin: (VLC Web Plugin) - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)

CHR Plugin: (iTunes Application Detector) - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()

CHR Plugin: (Unity Player) - C:\Users\Pies\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)

CHR Plugin: (Facebook Video Calling Plugin) - C:\Users\Pies\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)

CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_44.dll No File

CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll No File

CHR Extension: (Google Drive) - C:\Users\Pies\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2012-11-06]

CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Pies\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-08-09]

CHR Extension: (YouTube) - C:\Users\Pies\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2012-11-06]

CHR Extension: (Google Search) - C:\Users\Pies\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2012-11-06]

CHR Extension: (Google Wallet) - C:\Users\Pies\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-01-06]

CHR Extension: (Gmail) - C:\Users\Pies\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2012-11-06]

CHR Extension: (RSS Feed Reader) - C:\Users\Pies\AppData\Local\Google\Chrome\User Data\Default\Extensions\pnjaodmkngahhkoihejjehlcdlnohgmp [2014-08-17]

 

==================== Services (Whitelisted) =================

 

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

 

R2 Advent AiO Network Discovery Service; C:\Program Files (x86)\Advent\AIO\Center\ADAIOHostService.exe [395200 2012-10-31] (Advent)

R2 ADVENT AIO Status Monitor Service; C:\Program Files (x86)\Advent\AIO\StatusMonitor\ADPrinterSDK.exe [722336 2012-10-31] (DSGi)

S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]

S4 msvsmon90; C:\Program Files\Microsoft Visual Studio 9.0\Common7\IDE\Remote Debugger\x64\msvsmon.exe [4466688 2007-11-07] (Microsoft Corporation)

R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1720608 2014-07-25] (NVIDIA Corporation)

R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [18956064 2014-07-25] (NVIDIA Corporation)

R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [66872 2013-02-05] ()

 

==================== Drivers (Whitelisted) ====================

 

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

 

S3 ManyCam; C:\Windows\System32\DRIVERS\mcvidrv_x64.sys [44928 2012-10-11] (ManyCam LLC)

S3 mcaudrv_simple; C:\Windows\System32\drivers\mcaudrv_x64.sys [29696 2012-10-11] (ManyCam LLC)

R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [20256 2014-07-25] (NVIDIA Corporation)

R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [40392 2014-03-31] (NVIDIA Corporation)

R3 SmbDrvI; C:\Windows\System32\DRIVERS\Smb_driver_Intel.sys [44344 2012-10-18] (Synaptics Incorporated)

S3 VGPU; System32\drivers\rdvgkmd.sys [X]

 

==================== NetSvcs (Whitelisted) ===================

 

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)

 

 

==================== One Month Created Files and Folders ========

 

(If an entry is included in the fixlist, the file\folder will be moved.)

 

2014-08-18 20:17 - 2014-08-18 20:17 - 00016266 _____ () C:\Users\Pies\Desktop\FRST.txt

2014-08-18 20:16 - 2014-08-18 20:16 - 02101760 _____ (Farbar) C:\Users\Pies\Desktop\FRST64 (1).exe

2014-08-17 16:12 - 2014-08-17 16:13 - 00044061 _____ () C:\Users\Pies\Downloads\Addition.txt

2014-08-17 16:12 - 2014-08-17 16:13 - 00033285 _____ () C:\Users\Pies\Downloads\FRST.txt

2014-08-17 16:11 - 2014-08-18 20:17 - 00000000 ____D () C:\FRST

2014-08-17 16:11 - 2014-08-17 16:11 - 02101760 _____ (Farbar) C:\Users\Pies\Downloads\FRST64.exe

2014-08-17 14:23 - 2014-08-17 14:23 - 02347384 _____ (ESET) C:\Users\Pies\Downloads\esetsmartinstaller_enu.exe

2014-08-17 14:23 - 2014-08-17 14:23 - 00000000 ____D () C:\Program Files (x86)\ESET

2014-08-17 14:22 - 2014-08-17 14:22 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Pies\Downloads\revosetup (1).exe

2014-08-17 14:17 - 2014-08-17 14:17 - 01361671 _____ () C:\Users\Pies\Downloads\AdwCleaner.exe

2014-08-17 14:15 - 2014-08-17 14:15 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Pies\Downloads\revosetup.exe

2014-08-17 14:15 - 2014-08-17 14:15 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group

2014-08-17 13:42 - 2014-08-17 13:42 - 00000203 _____ () C:\Users\Pies\Desktop\comics.txt

2014-08-17 13:42 - 2014-08-17 13:42 - 00000000 ____D () C:\Users\Pies\Desktop\Old Firefox Data

2014-08-17 13:20 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll

2014-08-17 13:19 - 2014-08-17 14:20 - 00000000 ____D () C:\AdwCleaner

2014-08-17 11:52 - 2014-08-17 20:10 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys

2014-08-17 11:52 - 2014-08-17 11:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware

2014-08-17 11:52 - 2014-08-17 11:52 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware

2014-08-17 11:52 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys

2014-08-17 11:52 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys

2014-08-14 14:18 - 2014-08-14 14:18 - 00000000 ____D () C:\Users\Public\Documents\EA Games

2014-08-14 11:07 - 2014-08-14 11:07 - 00003118 _____ () C:\Windows\System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe

2014-08-14 11:07 - 2014-08-14 11:07 - 00003092 _____ () C:\Windows\System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe

2014-08-14 11:07 - 2014-08-14 11:07 - 00003090 _____ () C:\Windows\System32\Tasks\Microsoft_Hardware_Launch_itype_exe

2014-08-14 11:07 - 2014-08-14 11:07 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_point64_01011.Wdf

2014-08-13 16:44 - 2014-08-13 16:53 - 00000000 ____D () C:\Users\Pies\AppData\Roaming\Tropico 4 Demo

2014-08-13 16:31 - 2014-08-13 16:42 - 00000000 ____D () C:\ProgramData\Package Cache

2014-08-13 16:22 - 2014-08-13 16:26 - 00000000 ____D () C:\Users\Pies\AppData\Roaming\Origin

2014-08-13 16:21 - 2014-08-13 16:42 - 00000000 ____D () C:\ProgramData\Origin

2014-08-12 11:58 - 2014-08-12 12:00 - 00000000 ____D () C:\Users\Pies\AppData\Local\NVIDIA Corporation

2014-08-12 11:58 - 2014-07-25 14:50 - 01715224 _____ (NVIDIA Corporation) C:\Windows\system32\nvspbridge64.dll

2014-08-12 11:58 - 2014-07-25 14:50 - 01291280 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspbridge.dll

2014-08-12 11:36 - 2014-08-12 11:47 - 00000000 ____D () C:\Users\Pies\Downloads\The Wolverine (2013) [1080p]

2014-08-11 23:31 - 2014-08-11 23:31 - 00000000 ____D () C:\Users\Pies\Desktop\Ludovico Einaudi

2014-08-11 23:28 - 2014-08-11 23:28 - 00000000 ____D () C:\Users\Pies\Downloads\Ludovico Einaudi

2014-08-11 23:17 - 2014-08-11 23:17 - 00000000 ____D () C:\Users\Pies\Downloads\Ludovico Einaudi - Islands - Essential Einaudi - Deluxe Edition.2CDs.2011

2014-08-11 13:03 - 2014-08-11 15:05 - 00000000 ____D () C:\Users\Pies\Desktop\vitaaaaa

2014-08-08 11:57 - 2014-08-08 11:57 - 00000000 ____D () C:\Users\Pies\Downloads\Picture of Dorian Grey

2014-08-07 21:08 - 2014-08-07 21:09 - 00000000 ____D () C:\Users\Pies\Downloads\X Men First Class (2011)

2014-08-07 21:07 - 2014-08-12 11:37 - 00000000 ____D () C:\Users\Pies\Downloads\X-Men.Days.Of.Future.Past.2014.HD-TS.XVID.AC3.HQ.Hive-CM8

2014-08-07 20:52 - 2014-08-08 15:29 - 00000000 ____D () C:\Users\Pies\Downloads\X-Men Origins Wolverine (2009) [1080p]

2014-08-07 20:52 - 2014-08-08 12:27 - 00000000 ____D () C:\Users\Pies\Downloads\X-Men The Last Stand (2006) [1080p]

2014-08-07 20:52 - 2014-08-07 23:12 - 00000000 ____D () C:\Users\Pies\Downloads\X-Men X2 X-Men United (2003) [1080p] {5.1}

2014-08-07 20:50 - 2014-08-07 22:39 - 00000000 ____D () C:\Users\Pies\Downloads\X-Men (2000) [1080p]

2014-08-07 20:43 - 2014-08-07 20:52 - 00000000 ____D () C:\Users\Pies\Downloads\Shame.2011.LIMITED.DVDRip.XviD-AMIABLE

2014-08-03 16:56 - 2014-08-03 16:56 - 00000000 ____D () C:\Windows\system32\appmgmt

 

==================== One Month Modified Files and Folders =======

 

(If an entry is included in the fixlist, the file\folder will be moved.)

 

2014-08-18 20:17 - 2014-08-18 20:17 - 00016266 _____ () C:\Users\Pies\Desktop\FRST.txt

2014-08-18 20:17 - 2014-08-17 16:11 - 00000000 ____D () C:\FRST

2014-08-18 20:16 - 2014-08-18 20:16 - 02101760 _____ (Farbar) C:\Users\Pies\Desktop\FRST64 (1).exe

2014-08-18 20:13 - 2013-10-14 17:41 - 00000000 ____D () C:\ProgramData\Advent

2014-08-18 20:13 - 2013-03-23 00:48 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job

2014-08-18 20:13 - 2013-01-22 01:39 - 00000924 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1437058479-4054759572-805530273-1000UA.job

2014-08-18 20:13 - 2013-01-22 01:39 - 00000902 _____ () C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1437058479-4054759572-805530273-1000Core.job

2014-08-18 20:13 - 2012-11-06 22:47 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job

2014-08-18 20:13 - 2012-11-06 22:47 - 00000890 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job

2014-08-17 22:20 - 2012-11-06 01:30 - 00000000 ____D () C:\Program Files (x86)\Steam

2014-08-17 22:19 - 2012-11-03 13:39 - 01314424 _____ () C:\Windows\WindowsUpdate.log

2014-08-17 22:19 - 2009-07-14 05:51 - 00062780 _____ () C:\Windows\setupact.log

2014-08-17 20:10 - 2014-08-17 11:52 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys

2014-08-17 16:13 - 2014-08-17 16:12 - 00044061 _____ () C:\Users\Pies\Downloads\Addition.txt

2014-08-17 16:13 - 2014-08-17 16:12 - 00033285 _____ () C:\Users\Pies\Downloads\FRST.txt

2014-08-17 16:11 - 2014-08-17 16:11 - 02101760 _____ (Farbar) C:\Users\Pies\Downloads\FRST64.exe

2014-08-17 14:23 - 2014-08-17 14:23 - 02347384 _____ (ESET) C:\Users\Pies\Downloads\esetsmartinstaller_enu.exe

2014-08-17 14:23 - 2014-08-17 14:23 - 00000000 ____D () C:\Program Files (x86)\ESET

2014-08-17 14:22 - 2014-08-17 14:22 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Pies\Downloads\revosetup (1).exe

2014-08-17 14:21 - 2010-11-21 04:47 - 00243704 _____ () C:\Windows\PFRO.log

2014-08-17 14:21 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT

2014-08-17 14:20 - 2014-08-17 13:19 - 00000000 ____D () C:\AdwCleaner

2014-08-17 14:17 - 2014-08-17 14:17 - 01361671 _____ () C:\Users\Pies\Downloads\AdwCleaner.exe

2014-08-17 14:15 - 2014-08-17 14:15 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Pies\Downloads\revosetup.exe

2014-08-17 14:15 - 2014-08-17 14:15 - 00000000 ____D () C:\Program Files (x86)\VS Revo Group

2014-08-17 14:12 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\SchCache

2014-08-17 13:42 - 2014-08-17 13:42 - 00000203 _____ () C:\Users\Pies\Desktop\comics.txt

2014-08-17 13:42 - 2014-08-17 13:42 - 00000000 ____D () C:\Users\Pies\Desktop\Old Firefox Data

2014-08-17 13:31 - 2012-11-03 16:46 - 00000000 ____D () C:\ProgramData\Kaspersky Lab

2014-08-17 12:14 - 2013-03-23 00:48 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater

2014-08-17 12:14 - 2012-11-03 15:38 - 00699568 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe

2014-08-17 12:14 - 2012-11-03 15:38 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl

2014-08-17 12:08 - 2009-07-14 05:45 - 00419008 _____ () C:\Windows\system32\FNTCACHE.DAT

2014-08-17 12:07 - 2009-07-14 05:45 - 00020640 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

2014-08-17 12:07 - 2009-07-14 05:45 - 00020640 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

2014-08-17 11:52 - 2014-08-17 11:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware

2014-08-17 11:52 - 2014-08-17 11:52 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware

2014-08-17 11:52 - 2013-09-09 23:30 - 00000000 ____D () C:\Users\Pies\AppData\Roaming\Malwarebytes

2014-08-17 11:52 - 2013-09-09 23:30 - 00000000 ____D () C:\ProgramData\Malwarebytes

2014-08-15 10:02 - 2012-11-03 16:41 - 00000000 ____D () C:\ProgramData\boost_interprocess

2014-08-14 15:54 - 2012-11-03 15:01 - 00111176 _____ () C:\Users\Pies\AppData\Local\GDIPFONTCACHEV1.DAT

2014-08-14 14:18 - 2014-08-14 14:18 - 00000000 ____D () C:\Users\Public\Documents\EA Games

2014-08-14 11:14 - 2013-06-01 23:30 - 00000000 ____D () C:\Users\Pies\AppData\Local\dxhr

2014-08-14 11:07 - 2014-08-14 11:07 - 00003118 _____ () C:\Windows\System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe

2014-08-14 11:07 - 2014-08-14 11:07 - 00003092 _____ () C:\Windows\System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe

2014-08-14 11:07 - 2014-08-14 11:07 - 00003090 _____ () C:\Windows\System32\Tasks\Microsoft_Hardware_Launch_itype_exe

2014-08-14 11:07 - 2014-08-14 11:07 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_point64_01011.Wdf

2014-08-13 17:13 - 2012-11-15 22:41 - 00000000 ____D () C:\Users\Pies\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games

2014-08-13 16:53 - 2014-08-13 16:44 - 00000000 ____D () C:\Users\Pies\AppData\Roaming\Tropico 4 Demo

2014-08-13 16:44 - 2012-12-07 22:04 - 00126869 _____ () C:\Windows\DirectX.log

2014-08-13 16:42 - 2014-08-13 16:31 - 00000000 ____D () C:\ProgramData\Package Cache

2014-08-13 16:42 - 2014-08-13 16:21 - 00000000 ____D () C:\ProgramData\Origin

2014-08-13 16:33 - 2013-08-01 00:26 - 00000000 ____D () C:\Users\Pies\Documents\Electronic Arts

2014-08-13 16:28 - 2009-07-14 06:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games

2014-08-13 16:26 - 2014-08-13 16:22 - 00000000 ____D () C:\Users\Pies\AppData\Roaming\Origin

2014-08-12 12:00 - 2014-08-12 11:58 - 00000000 ____D () C:\Users\Pies\AppData\Local\NVIDIA Corporation

2014-08-12 12:00 - 2013-08-23 22:46 - 00000000 ____D () C:\Users\Pies\AppData\Local\NVIDIA

2014-08-12 11:59 - 2012-11-03 14:45 - 00000000 ____D () C:\ProgramData\NVIDIA

2014-08-12 11:59 - 2012-11-03 14:39 - 00000000 ____D () C:\ProgramData\NVIDIA Corporation

2014-08-12 11:58 - 2012-11-03 14:39 - 00000000 ____D () C:\Program Files\NVIDIA Corporation

2014-08-12 11:58 - 2012-11-03 14:39 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation

2014-08-12 11:47 - 2014-08-12 11:36 - 00000000 ____D () C:\Users\Pies\Downloads\The Wolverine (2013) [1080p]

2014-08-12 11:37 - 2014-08-07 21:07 - 00000000 ____D () C:\Users\Pies\Downloads\X-Men.Days.Of.Future.Past.2014.HD-TS.XVID.AC3.HQ.Hive-CM8

2014-08-12 11:35 - 2012-11-03 15:48 - 00000000 ___RD () C:\Users\Pies\Desktop\Docs

2014-08-11 23:31 - 2014-08-11 23:31 - 00000000 ____D () C:\Users\Pies\Desktop\Ludovico Einaudi

2014-08-11 23:28 - 2014-08-11 23:28 - 00000000 ____D () C:\Users\Pies\Downloads\Ludovico Einaudi

2014-08-11 23:17 - 2014-08-11 23:17 - 00000000 ____D () C:\Users\Pies\Downloads\Ludovico Einaudi - Islands - Essential Einaudi - Deluxe Edition.2CDs.2011

2014-08-11 17:51 - 2013-07-23 01:54 - 00000000 ____D () C:\Users\Pies\Documents\Euro Truck Simulator 2

2014-08-11 15:05 - 2014-08-11 13:03 - 00000000 ____D () C:\Users\Pies\Desktop\vitaaaaa

2014-08-11 12:12 - 2009-07-14 06:13 - 00794142 _____ () C:\Windows\system32\PerfStringBackup.INI

2014-08-08 15:29 - 2014-08-07 20:52 - 00000000 ____D () C:\Users\Pies\Downloads\X-Men Origins Wolverine (2009) [1080p]

2014-08-08 12:27 - 2014-08-07 20:52 - 00000000 ____D () C:\Users\Pies\Downloads\X-Men The Last Stand (2006) [1080p]

2014-08-08 11:57 - 2014-08-08 11:57 - 00000000 ____D () C:\Users\Pies\Downloads\Picture of Dorian Grey

2014-08-07 23:12 - 2014-08-07 20:52 - 00000000 ____D () C:\Users\Pies\Downloads\X-Men X2 X-Men United (2003) [1080p] {5.1}

2014-08-07 22:39 - 2014-08-07 20:50 - 00000000 ____D () C:\Users\Pies\Downloads\X-Men (2000) [1080p]

2014-08-07 21:09 - 2014-08-07 21:08 - 00000000 ____D () C:\Users\Pies\Downloads\X Men First Class (2011)

2014-08-07 20:52 - 2014-08-07 20:43 - 00000000 ____D () C:\Users\Pies\Downloads\Shame.2011.LIMITED.DVDRip.XviD-AMIABLE

2014-08-03 16:56 - 2014-08-03 16:56 - 00000000 ____D () C:\Windows\system32\appmgmt

2014-08-03 16:55 - 2013-05-19 03:54 - 00000000 ____D () C:\Users\Pies\AppData\Roaming\Samsung

2014-08-03 16:55 - 2013-05-19 03:54 - 00000000 ____D () C:\Users\Pies\AppData\Local\Samsung

2014-08-03 16:55 - 2013-05-19 03:52 - 00000000 ____D () C:\Program Files (x86)\Samsung

2014-08-03 16:54 - 2013-05-19 03:52 - 00000000 ____D () C:\ProgramData\Samsung

2014-08-03 16:54 - 2012-11-03 13:56 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information

2014-08-03 16:52 - 2012-11-14 19:00 - 00000000 ____D () C:\Program Files (x86)\Microsoft Games

2014-08-03 16:46 - 2012-12-20 04:25 - 00007602 _____ () C:\Users\Pies\AppData\Local\Resmon.ResmonCfg

2014-07-29 17:33 - 2013-11-05 01:37 - 00000000 ____D () C:\oldgames

2014-07-25 14:50 - 2014-08-12 11:58 - 01715224 _____ (NVIDIA Corporation) C:\Windows\system32\nvspbridge64.dll

2014-07-25 14:50 - 2014-08-12 11:58 - 01291280 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspbridge.dll

2014-07-25 14:50 - 2013-11-19 23:19 - 01283136 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll

2014-07-25 14:50 - 2013-11-19 23:19 - 01126480 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll

2014-07-21 16:30 - 2012-11-03 14:45 - 00000000 ____D () C:\Windows\SysWOW64\NV

2014-07-21 16:30 - 2012-11-03 14:45 - 00000000 ____D () C:\Windows\system32\NV

 

Files to move or delete:

====================

C:\Users\Pies\jagex_cl_loginapplet_LIVE.dat

C:\Users\Pies\jagex_cl_runescape_LIVE.dat

C:\Users\Pies\random.dat

C:\Users\Public\Task-to-Start.reg

 

 

Some content of TEMP:

====================

C:\Users\Pies\AppData\Local\Temp\actual_remove.exe

C:\Users\Pies\AppData\Local\Temp\AutoRun.exe

C:\Users\Pies\AppData\Local\Temp\AutoRunGUI.dll

C:\Users\Pies\AppData\Local\Temp\comver.dll

C:\Users\Pies\AppData\Local\Temp\drm_dyndata_7380011.dll

C:\Users\Pies\AppData\Local\Temp\drm_dyndata_7390004.dll

C:\Users\Pies\AppData\Local\Temp\EBU52AB.exe

C:\Users\Pies\AppData\Local\Temp\EBU72AA.DLL

C:\Users\Pies\AppData\Local\Temp\First15.exe

C:\Users\Pies\AppData\Local\Temp\fp_pl_pfs_installer.exe

C:\Users\Pies\AppData\Local\Temp\jre-7u15-windows-i586-iftw.exe

C:\Users\Pies\AppData\Local\Temp\jre-7u17-windows-i586-iftw.exe

C:\Users\Pies\AppData\Local\Temp\jre-7u25-windows-i586-iftw.exe

C:\Users\Pies\AppData\Local\Temp\MouseKeyboardCenterx64_1033.exe

C:\Users\Pies\AppData\Local\Temp\npp.6.5.2.Installer.exe

C:\Users\Pies\AppData\Local\Temp\nsxAE35.tmp.exe

C:\Users\Pies\AppData\Local\Temp\ose00000.exe

C:\Users\Pies\AppData\Local\Temp\Quarantine.exe

C:\Users\Pies\AppData\Local\Temp\safeguard.exe

C:\Users\Pies\AppData\Local\Temp\Second Life Setup.exe

C:\Users\Pies\AppData\Local\Temp\SkypeSetupFull(6.3.73.105)(Trackable457)trackable.exe

C:\Users\Pies\AppData\Local\Temp\update130223.exe

C:\Users\Pies\AppData\Local\Temp\VP6Install.exe

C:\Users\Pies\AppData\Local\Temp\VP6VFW.dll

C:\Users\Pies\AppData\Local\Temp\xmlUpdater.exe

 

 

==================== Bamital & volsnap Check =================

 

(There is no automatic fix for files that do not pass verification.)

 

C:\Windows\System32\winlogon.exe => File is digitally signed

C:\Windows\System32\wininit.exe => File is digitally signed

C:\Windows\SysWOW64\wininit.exe => File is digitally signed

C:\Windows\explorer.exe => File is digitally signed

C:\Windows\SysWOW64\explorer.exe => File is digitally signed

C:\Windows\System32\svchost.exe => File is digitally signed

C:\Windows\SysWOW64\svchost.exe => File is digitally signed

C:\Windows\System32\services.exe => File is digitally signed

C:\Windows\System32\User32.dll => MD5 is legit

C:\Windows\SysWOW64\User32.dll => MD5 is legit

C:\Windows\System32\userinit.exe => File is digitally signed

C:\Windows\SysWOW64\userinit.exe => File is digitally signed

C:\Windows\System32\rpcss.dll => File is digitally signed

C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

 

 

LastRegBack: 2014-08-08 17:56

 

==================== End Of Log ============================

 

 

Addition.txt:

 


Additional scan result of Farbar Recovery Scan Tool (x64) Version: 16-08-2014 04

Ran by Pies at 2014-08-18 20:17:02

Running from C:\Users\Pies\Desktop

Boot Mode: Normal

==========================================================

 

 

==================== Security Center ========================

 

(If an entry is included in the fixlist, it will be removed.)

 

AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

 

==================== Installed Programs ======================

 

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

 

7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)

Acer Crystal Eye Webcam (HKLM-x32\...\InstallShield_{A0382E3C-7384-429A-9BFA-AF5888E5A193}) (Version: 1.5.3501.00 - CyberLink Corp.)

Acer Crystal Eye Webcam (x32 Version: 1.5.3501.00 - CyberLink Corp.) Hidden

AdC4USelfUpdater (x32 Version: 1.00.0000 - Advent) Hidden

Adobe Flash Player 14 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 14.0.0.179 - Adobe Systems Incorporated)

Adobe Photoshop 7.0.1 (HKLM-x32\...\Adobe Photoshop 7.0) (Version: 7.0 - Adobe Systems, Inc.)

Adobe Reader XI (11.0.06) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.06 - Adobe Systems Incorporated)

ADVENT AIO Printer (Version: 2.0.0.0 - DSGi) Hidden

Advent AIO Software (HKLM-x32\...\{27B5D9DE-D57D-48ee-A4F1-DC3D9DA0DF57}) (Version: 2.1.4.0 - Advent)

Advent Essentials (x32 Version: 1.0.0.0 - DSGi) Hidden

Advertising Center (x32 Version: 0.0.0.1 - Nero AG) Hidden

aioscnnr (x32 Version: 1.0.6.0 - DSGi) Hidden

Amnesia: The Dark Descent (HKLM-x32\...\Steam App 57300) (Version:  - )

Apple Application Support (HKLM-x32\...\{63EC2120-1742-4625-AA47-C6A8AEC9C64C}) (Version: 2.2.2 - Apple Inc.)

Audacity 2.0.5 (HKLM-x32\...\Audacity_is1) (Version: 2.0.5 - Audacity Team)

Awesomenauts (HKLM-x32\...\Steam App 204300) (Version:  - )

Banished (HKLM-x32\...\Steam App 242920) (Version:  - Shining Rock Software LLC)

Broadcom NetLink Controller (HKLM\...\{C91DCB72-F5BB-410D-A91A-314F5D1B4284}) (Version: 15.0.7.1 - Broadcom Corporation)

CCleaner (HKLM\...\CCleaner) (Version: 4.00 - Piriform)

Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{349F73CA-653A-43A6-AE77-970B07D6EDA0}) (Version:  - Microsoft)

Deus Ex: Human Revolution - Director's Cut (HKLM-x32\...\Steam App 238010) (Version:  - Eidos Montreal)

Deus Ex: Human Revolution (HKLM-x32\...\Steam App 28050) (Version:  - Eidos Montreal)

DolbyFiles (x32 Version: 0.1 - Nero AG) Hidden

Dungeon Siege 2 (HKLM-x32\...\DungeonSiege2) (Version:  - Microsoft)

Dungeon Siege 2 Broken World (HKLM-x32\...\{A563C4F4-BE36-4956-BA0B-E02BDD9F70D5}) (Version: 1.00.0000 - Gas Powered Games)

Dungeon Siege Legends of Aranna (HKLM-x32\...\Dungeon Siege Legends of Aranna 1.0) (Version:  - Microsoft)

Euro Truck Simulator 2 (HKLM-x32\...\Steam App 227300) (Version:  - SCS Software)

Facebook Video Calling 3.1.0.521 (HKLM-x32\...\{2091F234-EB58-4B80-8C96-8EB78C808CF7}) (Version: 3.1.521 - Skype Limited)

GameSpy Arcade (HKLM-x32\...\GameSpy Arcade) (Version:  - )

GameSpy Comrade (HKLM-x32\...\{5F4C776F-8CBD-4C4F-892F-B568ABDD70C8}) (Version: 1.5.0.156 - GameSpy)

Garry's Mod (HKLM-x32\...\Steam App 4000) (Version:  - Team Garry)

Google Chrome (HKLM-x32\...\Google Chrome) (Version: 36.0.1985.143 - Google Inc.)

Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden

Grand Theft Auto: San Andreas (HKLM-x32\...\Steam App 12120) (Version:  - Rockstar Games)

Grand Theft Auto: Vice City (HKLM-x32\...\Steam App 12110) (Version:  - Rockstar Games)

Half-Life 2 (HKLM-x32\...\Steam App 220) (Version:  - Valve)

Half-Life 2: Episode One (HKLM-x32\...\Steam App 380) (Version:  - Valve)

Half-Life 2: Episode Two (HKLM-x32\...\Steam App 420) (Version:  - Valve)

Half-Life 2: Lost Coast (HKLM-x32\...\Steam App 340) (Version:  - Valve)

ImagXpress (x32 Version: 7.0.74.0 - Nero AG) Hidden

iTunes (HKLM\...\{1493B2AE-0261-47D2-B1AA-F4DAD0F6C48B}) (Version: 10.7.0.21 - Apple Inc.)

Java 7 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217045FF}) (Version: 7.0.510 - Oracle)

Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden

Malwarebytes Anti-Malware version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)

Menu Templates - Starter Kit (x32 Version: 9.4.2.0 - Nero AG) Hidden

Microsoft .NET Framework 1.1 (HKLM-x32\...\Microsoft .NET Framework 1.1  (1033)) (Version:  - )

Microsoft .NET Framework 1.1 (x32 Version: 1.1.4322 - Microsoft) Hidden

Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)

Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation) Hidden

Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version: 4.0.30319 - Microsoft Corporation)

Microsoft .NET Framework 4 Extended (Version: 4.0.30319 - Microsoft Corporation) Hidden

Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden

Microsoft Choice Guard (x32 Version: 2.0.48.0 - Microsoft Corporation) Hidden

Microsoft Office Access MUI (English) 2010 (x32 Version: 14.0.4734.1000 - Microsoft Corporation) Hidden

Microsoft Office Access Setup Metadata MUI (English) 2010 (x32 Version: 14.0.4734.1000 - Microsoft Corporation) Hidden

Microsoft Office Excel MUI (English) 2010 (x32 Version: 14.0.4734.1000 - Microsoft Corporation) Hidden

Microsoft Office Groove MUI (English) 2010 (x32 Version: 14.0.4734.1000 - Microsoft Corporation) Hidden

Microsoft Office InfoPath MUI (English) 2010 (x32 Version: 14.0.4734.1000 - Microsoft Corporation) Hidden

Microsoft Office Office 64-bit Components 2010 (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden

Microsoft Office OneNote MUI (English) 2010 (x32 Version: 14.0.4734.1000 - Microsoft Corporation) Hidden

Microsoft Office Outlook MUI (English) 2010 (x32 Version: 14.0.4734.1000 - Microsoft Corporation) Hidden

Microsoft Office PowerPoint MUI (English) 2010 (x32 Version: 14.0.4734.1000 - Microsoft Corporation) Hidden

Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.4734.1000 - Microsoft Corporation)

Microsoft Office Professional Plus 2010 (x32 Version: 14.0.4734.1000 - Microsoft Corporation) Hidden

Microsoft Office Proof (English) 2010 (x32 Version: 14.0.4734.1000 - Microsoft Corporation) Hidden

Microsoft Office Proof (French) 2010 (x32 Version: 14.0.4734.1000 - Microsoft Corporation) Hidden

Microsoft Office Proof (Spanish) 2010 (x32 Version: 14.0.4734.1000 - Microsoft Corporation) Hidden

Microsoft Office Proofing (English) 2010 (x32 Version: 14.0.4734.1000 - Microsoft Corporation) Hidden

Microsoft Office Publisher MUI (English) 2010 (x32 Version: 14.0.4734.1000 - Microsoft Corporation) Hidden

Microsoft Office Shared 64-bit MUI (English) 2010 (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden

Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 (Version: 14.0.4734.1000 - Microsoft Corporation) Hidden

Microsoft Office Shared MUI (English) 2010 (x32 Version: 14.0.4734.1000 - Microsoft Corporation) Hidden

Microsoft Office Shared Setup Metadata MUI (English) 2010 (x32 Version: 14.0.4734.1000 - Microsoft Corporation) Hidden

Microsoft Office Word MUI (English) 2010 (x32 Version: 14.0.4734.1000 - Microsoft Corporation) Hidden

Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)

Microsoft SQL Server Compact 3.5 Design Tools ENU (HKLM-x32\...\{2E5C075E-11AB-4BDD-918C-7B9A68953FF8}) (Version: 3.5.5386.0 - Microsoft Corporation)

Microsoft SQL Server Compact 3.5 ENU (HKLM-x32\...\{BCC899FE-2DAA-460C-A5FB-60291E73D9C3}) (Version: 3.5.5386.0 - Microsoft Corporation)

Microsoft Visual Basic 2008 Express Edition - ENU (HKLM-x32\...\Microsoft Visual Basic 2008 Express Edition - ENU) (Version:  - Microsoft Corporation)

Microsoft Visual Basic 2008 Express Edition - ENU (x32 Version: 9.0.21022 - Microsoft Corporation) Hidden

Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual Studio 2008 Remote Debugger Light (x64) - ENU (HKLM\...\Microsoft Visual Studio 2008 Remote Debugger Light (x64) - ENU) (Version:  - Microsoft Corporation)

Microsoft Visual Studio 2008 Remote Debugger Light (x64) - ENU (Version: 9.0.21022 - Microsoft Corporation) Hidden

Microsoft Windows SDK for Visual Studio 2008 Express Tools for .NET Framework (HKLM\...\{62577E41-C350-3D07-97C8-2B6CDB4BAD60}) (Version: 3.5.21022 - Microsoft)

Microsoft Windows SDK for Visual Studio 2008 Express Tools for Win32 (HKLM\...\{11EB1163-5761-4BC6-8F48-98DCF6A46BBF}) (Version: 6.1.5288.17011 - Microsoft Corporation)

Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)

Microsoft.Visual Basic v6.0sp6 (HKLM-x32\...\Microsoft.Visual Basic_is1) (Version:  - )

Movie Templates - Starter Kit (x32 Version: 9.4.2.0 - Nero AG) Hidden

Mozilla Firefox 20.0.1 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 20.0.1 (x86 en-US)) (Version: 20.0.1 - Mozilla)

Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 20.0.1 - Mozilla)

MpcStar 5.4 (HKLM-x32\...\MpcStar) (Version: 5.4 - www.mpcstar.com)

MSVCRT (x32 Version: 14.0.1468.721 - Microsoft) Hidden

MSXML4 Parser (HKLM-x32\...\{01501EBA-EC35-4F9F-8889-3BE346E5DA13}) (Version: 1.0.0 - Microsoft Game Studios)

MyFreeCodec (HKCU\...\MyFreeCodec) (Version:  - )

Need For Speed Underground (HKLM-x32\...\{A99968BE-C155-474C-0089-33239DEE1CE2}) (Version:  - )

Nero 9 Essentials (HKLM-x32\...\{e837c504-940d-4324-8c23-c9dc9e62060d}) (Version:  - Nero AG)

Nero BurnRights (x32 Version: 3.4.11.100 - Nero AG) Hidden

Nero BurnRights Help (x32 Version: 3.4.4.100 - Nero AG) Hidden

Nero ControlCenter (x32 Version: 9.0.0.1 - Nero AG) Hidden

Nero CoverDesigner (x32 Version: 4.4.9.100 - Nero AG) Hidden

Nero CoverDesigner Help (x32 Version: 4.4.9.100 - Nero AG) Hidden

Nero DiscSpeed (x32 Version: 5.4.11.100 - Nero AG) Hidden

Nero DiscSpeed Help (x32 Version: 5.4.4.100 - Nero AG) Hidden

Nero DriveSpeed (x32 Version: 4.4.11.100 - Nero AG) Hidden

Nero DriveSpeed Help (x32 Version: 4.4.4.100 - Nero AG) Hidden

Nero Express Help (x32 Version: 9.6.2.101 - Nero AG) Hidden

Nero InfoTool (x32 Version: 6.4.11.100 - Nero AG) Hidden

Nero InfoTool Help (x32 Version: 6.4.4.100 - Nero AG) Hidden

Nero Installer (x32 Version: 4.4.9.0 - Nero AG) Hidden

Nero Online Upgrade (x32 Version: 1.3.0.0 - Nero AG) Hidden

Nero ShowTime (x32 Version: 5.4.0.100 - Nero AG) Hidden

Nero ShowTime (x32 Version: 5.4.13.100 - Nero AG) Hidden

Nero StartSmart (x32 Version: 9.4.12.100 - Nero AG) Hidden

Nero StartSmart Help (x32 Version: 9.4.12.100 - Nero AG) Hidden

Nero Vision (x32 Version: 6.4.12.100 - Nero AG) Hidden

Nero Vision Help (x32 Version: 6.4.8.100 - Nero AG) Hidden

NeroExpress (x32 Version: 9.4.17.100 - Nero AG) Hidden

neroxml (x32 Version: 1.0.0 - Nero AG) Hidden

Notepad++ (HKLM-x32\...\Notepad++) (Version: 6.5.2 - Notepad++ Team)

NVIDIA Control Panel 310.33 (Version: 310.33 - NVIDIA Corporation) Hidden

NVIDIA GeForce Experience 2.1.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1.1 - NVIDIA Corporation)

NVIDIA Install Application (Version: 2.1002.157.1165 - NVIDIA Corporation) Hidden

NVIDIA LED Visualizer 1.0 (Version: 1.0 - NVIDIA Corporation) Hidden

NVIDIA Network Service (Version: 1.0 - NVIDIA Corporation) Hidden

NVIDIA Optimus Update 15.3.33 (Version: 15.3.33 - NVIDIA Corporation) Hidden

NVIDIA ShadowPlay 15.3.33 (Version: 15.3.33 - NVIDIA Corporation) Hidden

NVIDIA Update 15.3.33 (Version: 15.3.33 - NVIDIA Corporation) Hidden

NVIDIA Update Core (Version: 15.3.33 - NVIDIA Corporation) Hidden

NVIDIA Virtual Audio 1.2.23 (Version: 1.2.23 - NVIDIA Corporation) Hidden

ocr (x32 Version: 6.0.0.0 - Eastman Kodak Company) Hidden

Perspective 1.0 (HKLM-x32\...\Perspective) (Version: 1.0 - Widdershins)

PodTrans Pro 3.4.9 (HKLM-x32\...\{59CDD550-EB6A-44D5-8246-F2195CA54A4A}}_is1) (Version: 3.4.9 - iMobie Inc.)

Portal (HKLM-x32\...\Steam App 400) (Version:  - Valve)

Portal 2 (HKLM-x32\...\Steam App 620) (Version:  - Valve)

POSTAL 2 Complete (HKLM-x32\...\Steam App 223470) (Version:  - )

PowerISO (HKLM-x32\...\PowerISO) (Version: 5.8 - Power Software Ltd)

PreReq (x32 Version: 6.2.4.0 - Eastman Kodak Company) Hidden

Proteus (HKLM-x32\...\Steam App 219680) (Version:  - Ed Key and David Kanaga)

PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.986 - Even Balance, Inc.)

Qualcomm Atheros WiFi Driver Installation (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 3.1 - Qualcomm Atheros)

Qualcomm Atheros WiFi Driver Installation (HKLM-x32\...\{7D916FA5-DAE9-4A25-B089-655C70EAF607}) (Version: 9.2 - Qualcomm Atheros)

QuickShare (HKLM-x32\...\{6903918F-8A5A-4C72-9573-0F2D1559F28C}) (Version: 1.6.1.945 - Linkury Inc.) <==== ATTENTION

Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6622 - Realtek Semiconductor Corp.)

Red Shark (HKLM-x32\...\{8AE7D257-08DA-469F-A777-9D8F4D33B0D8}) (Version:  - )

Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)

RuneScape Launcher 1.2.2 (HKLM-x32\...\{A85FCCBE-31AB-4312-A5A9-165FF3B0BF90}) (Version: 1.2.2 - Jagex Ltd)

Saints Row: The Third (HKLM-x32\...\Steam App 55230) (Version:  - Volition)

SHIELD Streaming (Version: 3.1.100 - NVIDIA Corporation) Hidden

Skype™ 6.11 (HKLM-x32\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.)

Source SDK Base 2007 (HKLM-x32\...\Steam App 218) (Version:  - Valve)

Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)

Stronghold Crusader (HKLM-x32\...\Stronghold Crusader) (Version:  - )

Team Fortress 2 (HKLM-x32\...\Steam App 440) (Version:  - Valve)

The Elder Scrolls V: Skyrim (HKLM-x32\...\Steam App 72850) (Version:  - Bethesda Game Studios)

The Lord of the Rings Online™ (HKLM-x32\...\Steam App 212500) (Version:  - Turbine, Inc.)

The Lord of the Rings Online™ v03.08.00.8029 (HKLM-x32\...\12bbe590-c890-11d9-9669-0800200c9a66_is1) (Version: 03.08.00.8029 - Turbine, Inc.)

The Sims 2 (HKLM-x32\...\{6E7DD182-9FC6-4651-0095-2E666CC6AF35}) (Version:  - )

The Sims 2 Glamour Life Stuff (HKLM-x32\...\{9CDBC303-3EED-40b0-8E41-A7C65AA96C26}) (Version:  - )

The Sims 2 Nightlife (HKLM-x32\...\{F7529650-B9DB-481B-0089-A2AC3C2821C1}) (Version:  - )

The Sims 2 Open For Business (HKLM-x32\...\{7B3577F5-1D82-4C9B-008B-69D026FD8BCA}) (Version:  - )

The Sims 2 Pets (HKLM-x32\...\{4817189D-1785-4627-A33C-39FD90919300}) (Version:  - )

The Sims 2 University (HKLM-x32\...\{01521746-02A6-4A72-00BD-A285DF6B80C6}) (Version:  - )

The Sims Complete Collection (HKLM-x32\...\{F2527115-B8BF-4FDB-B5DA-5AADFB7C13E1}) (Version:  - )

The Sims™ 2 Apartment Life (HKLM-x32\...\{B6F5B704-06D3-4687-90F3-6195304AD755}) (Version:  - Electronic Arts)

The Sims™ 2 Bon Voyage (HKLM-x32\...\{F248ADFA-64E0-4b03-8A83-059078BED6A0}) (Version:  - Electronic Arts)

The Sims™ 2 Celebration! Stuff (HKLM-x32\...\{EAA38532-7AD0-4f78-918A-4F4F02096ECE}) (Version:  - )

The Sims™ 2 FreeTime (HKLM-x32\...\{87F6C83D-F949-4d14-B5CB-DC8C75F8932D}) (Version:  - Electronic Arts)

The Sims™ 2 H&M® Fashion Stuff (HKLM-x32\...\{84DDE556-43EF-43ed-B2DF-37AF9E5DDD75}) (Version:  - )

The Sims™ 2 IKEA® Home Stuff (HKLM-x32\...\{6E17F9751-F056-4335-B718-8AF1B1092AFB}) (Version:  - Electronic Arts)

The Sims™ 2 Kitchen & Bath Interior Design Stuff (HKLM-x32\...\{6522C636-B04C-4333-9BEB-9E0C0B6350D6}) (Version:  - Electronic Arts)

The Sims™ 2 Mansion and Garden Stuff (HKLM-x32\...\{1A2A15C2-6780-49c1-B296-503230E9DE00}) (Version:  - Electronic Arts)

The Sims™ 2 Seasons (HKLM-x32\...\{DFEF49D9-FC95-4301-99B9-2FB91C6ABA06}) (Version:  - )

The Sims™ 2 Teen Style Stuff (HKLM-x32\...\{5C648FDB-0138-4619-B66E-230EF53E8E2C}) (Version:  - Electronic Arts)

The Sims™ 3 (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}) (Version: 1.55.4 - Electronic Arts)

The Sims™ 3 70s, 80s, & 90s Stuff (HKLM-x32\...\{E1868CAE-E3B9-4099-8C18-AA8944D336FD}) (Version: 17.0.77 - Electronic Arts)

The Sims™ 3 Ambitions (HKLM-x32\...\{910F4A29-1134-49E0-AD8B-56E4A3152BD1}) (Version: 4.0.87 - Electronic Arts)

The Sims™ 3 Fast Lane Stuff (HKLM-x32\...\{ED436EA8-4145-4703-AE5D-4D09DD24AF5A}) (Version: 5.0.44 - Electronic Arts)

The Sims™ 3 Generations (HKLM-x32\...\{E6B88BD6-E4B2-4701-A648-B6DAC6E491CC}) (Version: 8.0.152 - Electronic Arts)

The Sims™ 3 High-End Loft Stuff (HKLM-x32\...\{71828142-5A24-4BD0-97E7-976DA08CE6CF}) (Version: 3.0.38 - Electronic Arts)

The Sims™ 3 Island Paradise (HKLM-x32\...\{DB21639E-FE55-432C-BCA2-0C5249E3F79E}) (Version: 19.0.101 - Electronic Arts)

The Sims™ 3 Master Suite Stuff (HKLM-x32\...\{08A25478-C5DD-4EA7-B168-3D687CA987FF}) (Version: 11.0.84 - Electronic Arts)

The Sims™ 3 Outdoor Living Stuff (HKLM-x32\...\{117B6BF6-82C3-420C-B284-9247C8568E53}) (Version: 7.0.55 - Electronic Arts)

The Sims™ 3 Pets (HKLM-x32\...\{C12631C6-804D-4B32-B0DD-8A496462F106}) (Version: 10.0.96 - Electronic Arts)

The Sims™ 3 Seasons (HKLM-x32\...\{3DE92282-CB49-434F-81BF-94E5B380E889}) (Version: 16.0.136 - Electronic Arts)

The Sims™ 3 Showtime (HKLM-x32\...\{3BBFD444-5FAB-49F6-98B1-A1954E831399}) (Version: 12.0.273 - Electronic Arts)

The Sims™ 3 Supernatural (HKLM-x32\...\{B37DAFA5-717D-41F8-BDFB-3A4B68C0B3A1}) (Version: 15.0.135 - Electronic Arts)

The Sims™ 3 Town Life Stuff (HKLM-x32\...\{7B11296A-F894-449C-8DF6-6AAAA7D4D118}) (Version: 9.0.73 - Electronic Arts)

The Sims™ 3 University Life (HKLM-x32\...\{F26DE8EF-F2CF-40DC-8CDA-CC0D82D11B36}) (Version: 18.0.126 - Electronic Arts)

The Sims™ 3 World Adventures (HKLM-x32\...\{BA26FFA5-6D47-47DB-BE56-34C357B5F8CC}) (Version: 2.0.86 - Electronic Arts)

Unity Web Player (HKCU\...\UnityWebPlayer) (Version:  - Unity Technologies ApS)

Update for Microsoft .NET Framework 4 Client Profile (KB2836939v3) (HKLM-x32\...\{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}.KB2836939v3) (Version: 3 - Microsoft Corporation)

Update for Microsoft .NET Framework 4 Extended (KB2836939v3) (HKLM-x32\...\{8E34682C-8118-31F1-BC4C-98CD9675E1C2}.KB2836939v3) (Version: 3 - Microsoft Corporation)

Update for Microsoft Office 2010 (KB2494150) (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{3FCFD88F-4D13-4F38-8625-ABABEA7F61EA}) (Version:  - Microsoft)

Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{35698CB7-AAA2-4577-B505-DBFF504AEF23}) (Version:  - Microsoft)

Update for Microsoft Office 2010 (KB2825640) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{BA610006-2C39-4419-9834-CF61AB24810A}) (Version:  - Microsoft)

VC Runtimes MSI (x32 Version: 9.0.21022 - Microsoft) Hidden

VLC media player 2.0.4 (HKLM-x32\...\VLC media player) (Version: 2.0.4 - VideoLAN)

Windows Live Call (x32 Version: 14.0.8117.0416 - Microsoft Corporation) Hidden

Windows Live Communications Platform (x32 Version: 14.0.8117.416 - Microsoft Corporation) Hidden

Windows Live Essentials (HKLM-x32\...\WinLiveSuite_Wave3) (Version: 14.0.8117.0416 - Microsoft Corporation)

Windows Live Essentials (x32 Version: 14.0.8117.416 - Microsoft Corporation) Hidden

Windows Live Messenger (x32 Version: 14.0.8117.0416 - Microsoft Corporation) Hidden

Windows Live Sign-in Assistant (HKLM-x32\...\{45338B07-A236-4270-9A77-EBB4115517B5}) (Version: 5.000.818.5 - Microsoft Corporation)

Windows Live Upload Tool (HKLM-x32\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)

WinRAR 4.20 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)

 

==================== Custom CLSID (selected items): ==========================

 

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

 

 

==================== Restore Points  =========================

 

22-07-2014 22:36:51 Scheduled Checkpoint

03-08-2014 15:53:42 Removed Samsung Kies

03-08-2014 15:56:39 Removed Apple Software Update

03-08-2014 15:57:06 Removed Apple Mobile Device Support

03-08-2014 15:58:15 Removed Bonjour

12-08-2014 10:58:52 Installed DirectX

13-08-2014 15:30:55 Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005

13-08-2014 15:41:17 Removed Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219

13-08-2014 15:41:42 Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005

13-08-2014 15:43:07 Installed DirectX

14-08-2014 10:05:41 DCInstallRestorePoint

17-08-2014 10:44:10 Removed Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219

 

==================== Hosts content: ==========================

 

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

 

2009-07-14 03:34 - 2014-07-26 14:40 - 00000833 ____A C:\Windows\system32\Drivers\etc\hosts

 

==================== Scheduled Tasks (whitelisted) =============

 

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

 

Task: {1A579199-7502-498E-AA95-D4513C29225D} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-03-25] (Piriform Ltd)

Task: {2488AAC0-0BB6-4305-806B-CF02AD8E7ADD} - System32\Tasks\Microsoft_Hardware_Launch_mousekeyboardcenter_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\mousekeyboardcenter.exe

Task: {388E583A-83C4-42E9-8BD0-2BC5C3973D2C} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-1437058479-4054759572-805530273-1000UA => C:\Users\Pies\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-01-22] (Facebook Inc.)

Task: {8104F50D-FA31-4294-AC2F-8900F339AE8B} - System32\Tasks\Microsoft_Hardware_Launch_itype_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe

Task: {B7A0599C-7CC2-4025-B9D5-AC036B8C261F} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-11-06] (Google Inc.)

Task: {B82A615C-31C6-42E1-B6EA-2F070D867A72} - System32\Tasks\Microsoft_Hardware_Launch_ipoint_exe => c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe

Task: {D7B91746-E6C8-452E-91FE-6154E4825068} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-11-06] (Google Inc.)

Task: {DA094F54-3CD0-488D-8D5F-DDE61837B35A} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-1437058479-4054759572-805530273-1000Core => C:\Users\Pies\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-01-22] (Facebook Inc.)

Task: {FD6BD2F2-F4D2-4E8D-BF22-7C0F1F2BE422} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-08-17] (Adobe Systems Incorporated)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1437058479-4054759572-805530273-1000Core.job => C:\Users\Pies\AppData\Local\Facebook\Update\FacebookUpdate.exe

Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1437058479-4054759572-805530273-1000UA.job => C:\Users\Pies\AppData\Local\Facebook\Update\FacebookUpdate.exe

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

 

==================== Loaded Modules (whitelisted) =============

 

2012-11-03 14:40 - 2012-10-20 01:36 - 00086888 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll

2010-01-09 21:17 - 2010-01-09 21:17 - 04254560 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF

2010-01-21 02:40 - 2010-01-21 02:40 - 08794464 _____ () C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll

2012-06-18 16:24 - 2012-06-18 16:24 - 00222720 _____ () C:\Program Files (x86)\Notepad++\NppShell_05.dll

2013-02-05 20:26 - 2013-02-05 20:26 - 00066872 _____ () C:\Windows\SysWOW64\PnkBstrA.exe

2012-11-03 14:38 - 2012-10-22 18:39 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll

2010-01-09 21:18 - 2010-01-09 21:18 - 04254560 _____ () C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF

2010-01-21 02:34 - 2010-01-21 02:34 - 08793952 _____ () C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveIntlResource.dll

2014-08-15 15:43 - 2014-08-07 04:20 - 00718152 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.143\libglesv2.dll

2014-08-15 15:43 - 2014-08-07 04:20 - 00126280 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.143\libegl.dll

2014-08-15 15:43 - 2014-08-07 04:20 - 08537928 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.143\pdf.dll

2014-08-15 15:43 - 2014-08-07 04:20 - 00353096 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.143\ppGoogleNaClPluginChrome.dll

2014-08-15 15:43 - 2014-08-07 04:20 - 01732936 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.143\ffmpegsumo.dll

2014-05-22 00:00 - 2014-08-04 20:15 - 01171456 _____ () C:\Program Files (x86)\Steam\libavcodec-55.dll

2014-05-01 14:30 - 2014-08-04 20:15 - 00441856 _____ () C:\Program Files (x86)\Steam\libavutil-53.dll

2014-02-11 22:40 - 2014-08-04 20:15 - 00332288 _____ () C:\Program Files (x86)\Steam\libavresample-1.dll

2013-03-12 18:10 - 2014-08-04 20:15 - 00769024 _____ () C:\Program Files (x86)\Steam\SDL2.dll

2014-05-22 00:00 - 2014-08-13 23:31 - 02144448 _____ () C:\Program Files (x86)\Steam\video.dll

2014-05-22 00:00 - 2014-08-04 20:15 - 00403968 _____ () C:\Program Files (x86)\Steam\libavformat-55.dll

2014-05-22 00:00 - 2014-07-31 04:47 - 00519168 _____ () C:\Program Files (x86)\Steam\libswscale-2.dll

2012-11-06 01:31 - 2014-08-13 23:30 - 00677056 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL

2012-11-06 01:31 - 2014-08-13 07:27 - 34587328 _____ () C:\Program Files (x86)\Steam\bin\libcef.dll

2014-08-17 15:44 - 2014-08-13 07:27 - 00837824 _____ () C:\Program Files (x86)\Steam\bin\ffmpegsumo.dll

 

==================== Alternate Data Streams (whitelisted) =========

 

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

 

 

==================== Safe Mode (whitelisted) ===================

 

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

 

 

==================== EXE Association (whitelisted) =============

 

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)

 

 

==================== MSCONFIG/TASK MANAGER disabled items =========

 

(Currently there is no automatic fix for this section.)

 

 

==================== Faulty Device Manager Devices =============

 

Could not list Devices. Check "winmgmt" service or repair WMI.

 

 

==================== Event log errors: =========================

 

Application errors:

==================

Error: (08/17/2014 03:41:01 PM) (Source: SideBySide) (EventID: 80) (User: )

Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.

A component version required by the application conflicts with another component version already active.

Conflicting components are:.

Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.

Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

 

Error: (08/17/2014 02:23:30 PM) (Source: SideBySide) (EventID: 80) (User: )

Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.

A component version required by the application conflicts with another component version already active.

Conflicting components are:.

Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.

Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

 

Error: (08/17/2014 02:23:27 PM) (Source: SideBySide) (EventID: 80) (User: )

Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.

A component version required by the application conflicts with another component version already active.

Conflicting components are:.

Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.

Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

 

Error: (08/17/2014 02:23:27 PM) (Source: SideBySide) (EventID: 80) (User: )

Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.

A component version required by the application conflicts with another component version already active.

Conflicting components are:.

Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.

Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

 

Error: (08/17/2014 02:23:22 PM) (Source: SideBySide) (EventID: 80) (User: )

Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.

A component version required by the application conflicts with another component version already active.

Conflicting components are:.

Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.

Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

 

Error: (08/17/2014 02:23:11 PM) (Source: WinMgmt) (EventID: 10) (User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

 

Error: (08/17/2014 02:21:32 PM) (Source: Winlogon) (EventID: 4103) (User: )

Description: Windows license activation failed. Error 0x80070005.

 

Error: (08/17/2014 02:14:33 PM) (Source: WinMgmt) (EventID: 10) (User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

 

Error: (08/17/2014 02:12:59 PM) (Source: Winlogon) (EventID: 4103) (User: )

Description: Windows license activation failed. Error 0x80070005.

 

Error: (08/17/2014 00:10:11 PM) (Source: WinMgmt) (EventID: 10) (User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

 

 

System errors:

=============

Error: (08/17/2014 03:45:10 PM) (Source: Service Control Manager) (EventID: 7000) (User: )

Description: The Steam Client Service service failed to start due to the following error: 

%%1053

 

Error: (08/17/2014 03:45:10 PM) (Source: Service Control Manager) (EventID: 7009) (User: )

Description: A timeout was reached (30000 milliseconds) while waiting for the Steam Client Service service to connect.

 

Error: (08/17/2014 11:44:37 AM) (Source: DCOM) (EventID: 10001) (User: )

Description: C:\Windows\System32\slui.exe -Embedding5{F87B28F1-DA9A-4F35-8EC0-800EFCF26B83}

 

Error: (08/17/2014 11:18:59 AM) (Source: BTHUSB) (EventID: 17) (User: )

Description: The local Bluetooth adapter has failed in an undetermined manner and will not be used. The driver has been unloaded.

 

Error: (08/17/2014 10:40:33 AM) (Source: BTHUSB) (EventID: 17) (User: )

Description: The local Bluetooth adapter has failed in an undetermined manner and will not be used. The driver has been unloaded.

 

Error: (08/15/2014 04:09:38 PM) (Source: DCOM) (EventID: 10001) (User: )

Description: C:\Windows\System32\slui.exe -Embedding5{F87B28F1-DA9A-4F35-8EC0-800EFCF26B83}

 

Error: (08/15/2014 03:40:00 PM) (Source: BTHUSB) (EventID: 17) (User: )

Description: The local Bluetooth adapter has failed in an undetermined manner and will not be used. The driver has been unloaded.

 

Error: (08/15/2014 09:56:51 AM) (Source: BTHUSB) (EventID: 17) (User: )

Description: The local Bluetooth adapter has failed in an undetermined manner and will not be used. The driver has been unloaded.

 

Error: (08/14/2014 11:21:47 PM) (Source: BTHUSB) (EventID: 17) (User: )

Description: The local Bluetooth adapter has failed in an undetermined manner and will not be used. The driver has been unloaded.

 

Error: (08/14/2014 08:58:46 PM) (Source: BTHUSB) (EventID: 17) (User: )

Description: The local Bluetooth adapter has failed in an undetermined manner and will not be used. The driver has been unloaded.

 

 

Microsoft Office Sessions:

=========================

Error: (08/17/2014 03:41:01 PM) (Source: SideBySide) (EventID: 80) (User: )

Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Program Files (x86)\ESET\ESET Online Scanner\ESETSmartInstaller.exe

 

Error: (08/17/2014 02:23:30 PM) (Source: SideBySide) (EventID: 80) (User: )

Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Pies\Downloads\esetsmartinstaller_enu.exe

 

Error: (08/17/2014 02:23:27 PM) (Source: SideBySide) (EventID: 80) (User: )

Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Pies\Downloads\esetsmartinstaller_enu.exe

 

Error: (08/17/2014 02:23:27 PM) (Source: SideBySide) (EventID: 80) (User: )

Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Pies\Downloads\esetsmartinstaller_enu.exe

 

Error: (08/17/2014 02:23:22 PM) (Source: SideBySide) (EventID: 80) (User: )

Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestC:\Users\Pies\Downloads\esetsmartinstaller_enu.exe

 

Error: (08/17/2014 02:23:11 PM) (Source: WinMgmt) (EventID: 10) (User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

 

Error: (08/17/2014 02:21:32 PM) (Source: Winlogon) (EventID: 4103) (User: )

Description: 0x800700050x00000000

 

Error: (08/17/2014 02:14:33 PM) (Source: WinMgmt) (EventID: 10) (User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

 

Error: (08/17/2014 02:12:59 PM) (Source: Winlogon) (EventID: 4103) (User: )

Description: 0x800700050x00000000

 

Error: (08/17/2014 00:10:11 PM) (Source: WinMgmt) (EventID: 10) (User: )

Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

 

 

CodeIntegrity Errors:

===================================

  Date: 2012-11-27 22:30:51.550

  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.

 

  Date: 2012-11-27 22:30:51.550

  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.

 

  Date: 2012-11-27 22:30:51.550

  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.

 

  Date: 2012-11-27 22:30:51.530

  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\KLELAMX64\klelam.sys because the set of per-page image hashes could not be found on the system.

 

  Date: 2012-11-27 22:30:51.530

  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\KLELAMX64\klelam.sys because the set of per-page image hashes could not be found on the system.

 

  Date: 2012-11-27 22:30:51.530

  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\KLELAMX64\klelam.sys because the set of per-page image hashes could not be found on the system.

 

  Date: 2012-11-25 23:24:40.507

  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.

 

  Date: 2012-11-25 23:24:40.497

  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.

 

  Date: 2012-11-25 23:24:40.437

  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.

 

  Date: 2012-11-25 23:24:40.427

  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2013\KLELAMX64\klelam.sys because the set of per-page image hashes could not be found on the system.

 

 

==================== Memory info =========================== 

 

Processor: Intel® Core i5-3210M CPU @ 2.50GHz

Percentage of memory in use: 48%

Total physical RAM: 5962.36 MB

Available physical RAM: 3079.69 MB

Total Pagefile: 11922.89 MB

Available Pagefile: 9068.64 MB

Total Virtual: 8192 MB

Available Virtual: 8191.81 MB

 

==================== Drives ================================

 

Drive c: () (Fixed) (Total:465.66 GB) (Free:79.64 GB) NTFS

 

==================== MBR & Partition Table ==================

 

========================================================

Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 3DE41BFD)

Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)

Partition 2: (Not Active) - (Size=465.7 GB) - (Type=07 NTFS)

 

==================== End Of Log ============================

Link to post
Share on other sites

Step 1

Please uninstall this program: QuickShare

Step 2

  • Launch Malwarebytes' Anti-Malware
  • Go to Update tab and select Check for Updates. If an update is found, it will download and install the latest version.
  • Go to Scanner tab and select Threat Scan, then click Scan.
  • The scan may take some time to finish,so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart. (See Extra Note)
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  • Copy&Paste the entire report in your next reply.
Extra Note: If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts, click OK to either and let MBAM proceed with the disinfection process, if asked to restart the computer,please do so immediately.
Link to post
Share on other sites

Here's the log for malwarebytes:

 

Malwarebytes Anti-Malware
www.malwarebytes.org
 
Scan Date: 19/08/2014
Scan Time: 17:59:52
Logfile: 
Administrator: Yes
 
Version: 2.00.2.1012
Malware Database: v2014.08.19.08
Rootkit Database: v2014.08.16.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled
 
OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: Pies
 
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 311881
Time Elapsed: 10 min, 47 sec
 
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Heuristics: Enabled
PUP: Warn
PUM: Enabled
 
Processes: 0
(No malicious items detected)
 
Modules: 0
(No malicious items detected)
 
Registry Keys: 0
(No malicious items detected)
 
Registry Values: 0
(No malicious items detected)
 
Registry Data: 0
(No malicious items detected)
 
Folders: 0
(No malicious items detected)
 
Files: 1
PUP.Optional.SnapDo.A, C:\Users\Pies\AppData\Local\Google\Chrome\User Data\Default\Preferences, Good: (), Bad: (      "startup_urls": [ "http://feed.snap.do/?publisher=QuickIM&dpid=QuickIM&co=GB&userid=7f266736-ad81-482b-abfa-2dd97947203c&searchtype=hp&installDate=28/03/2013" ],), Replaced,[a0a74a7d6c0f181e3824a069c44110f0]
 
Physical Sectors: 0
(No malicious items detected)
 
 
(end)
Link to post
Share on other sites

Step 1

Please download Junkware Removal Tool to your desktop.

  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista or Seven, right-mouse click it and select Run as Administrator.
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.
Step 2

Please download AdwCleaner by Xplode onto your desktop.

  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click on Scan button. Wait until is finished.
  • Click on Clean.
  • Confirm each time with Ok.
  • Your computer will be rebooted automatically. A text file will open after the restart.
  • Please post the content of that logfile with your next answer.
  • You can find the logfile at C:\AdwCleaner\AdwCleaner[s0].txt as well.
In your next reply, post the following log files:
  • Junkware Removal Tool log
  • AdwCleaner log
Link to post
Share on other sites

Junkware Removal Tool log:

 

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Junkware Removal Tool (JRT) by Thisisu

Version: 6.1.4 (04.06.2014:1)

OS: Windows 7 Ultimate x64

Ran by Pies on 27/08/2014 at 20:39:38.54

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

 

 

 

 

~~~ Services

 

 

 

~~~ Registry Values

 

 

 

~~~ Registry Keys

 

 

 

~~~ Files

 

 

 

~~~ Folders

 

Successfully deleted: [Folder] "C:\ProgramData\boost_interprocess"

Successfully deleted: [Folder] "C:\Program Files (x86)\myfree codec"

 

 

 

~~~ Event Viewer Logs were cleared

 

 

 

 

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Scan was completed on 27/08/2014 at 20:46:23.69

End of JRT log

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Link to post
Share on other sites

Adw Cleaner log:

 

# AdwCleaner v3.308 - Report created 27/08/2014 at 20:55:11
# Updated 20/08/2014 by Xplode
# Operating System : Windows 7 Ultimate Service Pack 1 (64 bits)
# Username : Pies - PIE
# Running from : C:\Users\Pies\Desktop\AdwCleaner.exe
# Option : Clean
 
***** [ Services ] *****
 
 
***** [ Files / Folders ] *****
 
 
***** [ Scheduled Tasks ] *****
 
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6DDA37BA-0553-499A-AE0D-BEBA67204548}
 
***** [ Browsers ] *****
 
-\\ Internet Explorer v11.0.9600.17041
 
 
-\\ Mozilla Firefox v20.0.1 (en-US)
 
[ File : C:\Users\Pies\AppData\Roaming\Mozilla\Firefox\Profiles\65497ewy.default-1408279368874\prefs.js ]
 
 
-\\ Google Chrome v36.0.1985.143
 
[ File : C:\Users\Pies\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
Deleted [search Provider] : hxxp://uk.ask.com/web?q={searchTerms}
Deleted [search Provider] : hxxp://www.trovigo.com/Results.aspx?gd=&ctid=CT3324790&octid=EB_ORIGINAL_CTID&SearchSource=58&CUI=&UM=4&UP=SP52008655-3113-4DEF-90AC-CB6EA2C8BB20&q={searchTerms}&SSPV=
Deleted [search Provider] : hxxp://feed.snap.do/?publisher=QuickIM&dpid=QuickIM&co=GB&userid=7f266736-ad81-482b-abfa-2dd97947203c&searchtype=ds&q={searchTerms}&installDate=28/03/2013
Deleted [startup_urls] : hxxp://feed.snap.do/?publisher=QuickIM&dpid=QuickIM&co=GB&userid=7f266736-ad81-482b-abfa-2dd97947203c&searchtype=hp&installDate=28/03/2013
 
*************************
 
AdwCleaner[R0].txt - [5466 octets] - [17/08/2014 13:19:14]
AdwCleaner[R1].txt - [4581 octets] - [17/08/2014 14:17:53]
AdwCleaner[R2].txt - [1803 octets] - [27/08/2014 20:49:02]
AdwCleaner[s0].txt - [4806 octets] - [17/08/2014 14:20:13]
AdwCleaner[s1].txt - [1734 octets] - [27/08/2014 20:55:11]
 
########## EOF - C:\AdwCleaner\AdwCleaner[s1].txt - [1794 octets] ##########
Link to post
Share on other sites

  • 2 months later...
  • 3 months later...
  • Root Admin

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.

Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.