Jump to content

svchost.exe problem


Recommended Posts

OK, since TwinHeadedEagle left I will try to help you :)

Minion%20Welcome.jpg

My name's Naathim and I'm a GeekU Minion! Now that we are mates and will be working together to clean your machine out of any junkware, feel free to call me Naat :)

Before we start please note the following:

  • Analysis and research take some time, also sometimes real life gets in the way, please be patient.
  • Limit your internet access to posting here, some infections just wait to steal typed-in passwords.
  • Don't run any scripts or tools on your own, unsupervised usage may cause more harm than good.
  • Paste the logs in your posts, attachments make my work harder and more complicated.
  • Stay with me to the end, the absence of symtoms doesn't mean that your machine is fully operational.
  • Note that we may live in totally different time zones, what may cause some delays between answers.
I can't foresee everything, so if anything unexpected happens, please stop and inform me!

There are no silly questions. Never be afraid to ask if in doubt!

Let's start and enjoy the fight! :)

warning.gif Rules and policies

We won't support any piracy.

That being told, if any evidence of illegal OS, software, cracks/keygens or any other will be revealed, any further assistance will be suspended. If you are aware that there is this kind of stuff on your machine, remove it before proceeding!

The same applies to any use of P2P software: uTorrent, BitTorrent, Vuze, Kazaa, Ares... We don't provide any help for P2P, except for their removal. All P2P software has to be uninstalled or at least fully disabled before proceeding!

Failure to follow these guidelines will result with closing your topic and withdrawning any assistance.

51a46ae42d560-malwarebytes_anti_malware. Scan with Malwarebytes' Anti-Malware

Please download and install Malwarebytes Anti-Malware, or re-run it if you already have it installed.

  • First of all select update.
  • Once updated, click the Settings tab, in the left panel choose Detctions & protection and tick Scan for rootkits.
  • Click the Scan tab, choose Threat Scan is checked and click Scan Now.
  • If threats are detected, click the Apply Actions button. You will now be prompted to reboot. Click Yes.
  • Upon completion of the scan (or after the reboot), click the History tab.
  • Click Application Logs and double-click the Scan Log.
  • At the bottom click Export and choose Text file.
Save the file to your desktop and include its content in your next reply.

FRST.gif Scan with Farbar Recovery Scan Tool

Please download Farbar Recovery Scan Tool and save it to your Desktop.

There will be two versions to download: 32-bit and 64-bit. Please download the one that is designed for your system. If you don't know which one should it be, download both of them and try each other out. Only one will run - this is the right one. Please leave it and delete the other.

  • Right-click on FRST.gif icon and select RunAsAdmin.jpg Run as Administrator to start the tool.

    > XP users click run after receipt of Windows Security Warning - Open File.

    > 8 users will be prompted about Windows SmartScreen protection - click More information and Run.

  • When the tool opens click Yes to disclaimer.
  • Make sure that Addition option is checked.
  • Press Scan button and wait.
  • The tool will produce two logfiles on your desktop: FRST.txt and Addition.txt.
Please include their content in your next reply.
Link to post
Share on other sites

Please read once more the guidelines I've included in my first post.
 

Before we start please note the following:
Analysis and research take some time, also sometimes real life gets in the way, please be patient.
Limit your internet access to posting here, some infections just wait to steal typed-in passwords.
Don't run any scripts or tools on your own, unsupervised usage may cause more harm than good.
Paste the logs in your posts, attachments make my work harder and more complicated.
Stay with me to the end, the absence of symtoms doesn't mean that your machine is fully operational.
Note that we may live in totally different time zones, what may cause some delays between answers.

Link to post
Share on other sites

Malwarebytes Anti-Malware

www.malwarebytes.org

 

Scan Date: 2014-08-25

Scan Time: 19:26:25

Logfile: scan.txt

Administrator: Yes

 

Version: 2.00.2.1012

Malware Database: v2014.08.25.03

Rootkit Database: v2014.08.21.01

License: Premium

Malware Protection: Enabled

Malicious Website Protection: Enabled

Self-protection: Disabled

 

OS: Windows 8.1

CPU: x64

File System: NTFS

User: Karolis

 

Scan Type: Threat Scan

Result: Completed

Objects Scanned: 309524

Time Elapsed: 7 min, 5 sec

 

Memory: Enabled

Startup: Enabled

Filesystem: Enabled

Archives: Enabled

Rootkits: Enabled

Heuristics: Enabled

PUP: Warn

PUM: Enabled

 

Processes: 0

(No malicious items detected)

 

Modules: 0

(No malicious items detected)

 

Registry Keys: 0

(No malicious items detected)

 

Registry Values: 0

(No malicious items detected)

 

Registry Data: 0

(No malicious items detected)

 

Folders: 0

(No malicious items detected)

 

Files: 0

(No malicious items detected)

 

Physical Sectors: 0

(No malicious items detected)

 

 

(end)

Link to post
Share on other sites

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 24-08-2014 03

Ran by Karolis (administrator) on ZVERIUKAS on 25-08-2014 19:36:06

Running from C:\Users\Karolis\Desktop

Platform: Windows 8.1 Pro (X64) OS Language: English (United States)

Internet Explorer Version 11

Boot Mode: Normal

 

The only official download link for FRST:



Download link from any site other than Bleeping Computer is unpermitted or outdated.


 

==================== Processes (Whitelisted) =================

 

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

 

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe

(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe

() C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe

(Microsoft Corporation) C:\Windows\System32\InputMethod\CHS\ChsIME.exe

(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe

(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe

(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe

(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe

() C:\Windows\System32\PnkBstrA.exe

(TomTom) D:\TomTom\TomTom HOME 2\TomTomHOMEService.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe

(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe

(Microsoft Corporation) C:\Windows\System32\dasHost.exe

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe

(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe

(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe

(BitTorrent Inc.) C:\Users\Karolis\AppData\Roaming\uTorrent\uTorrent.exe

() C:\Program Files (x86)\Razer\Abyssus\razerhid.exe

() C:\Program Files (x86)\Razer\Abyssus\razertra.exe

(Razer Inc.) C:\Program Files (x86)\Razer\Abyssus\razerofa.exe

(Logitech Inc.) C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe

() C:\Program Files (x86)\Logitech\LWS\Webcam Software\CameraHelperShell.exe

(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

(Microsoft Corporation) C:\Windows\System32\dllhost.exe

(Microsoft Corporation) C:\Windows\System32\Taskmgr.exe

(AIMP DevTeam) C:\Program Files (x86)\AIMP3\AIMP3.exe

(Almico Software (www.almico.com)) C:\Program Files (x86)\SpeedFan\speedfan.exe

() C:\Program Files (x86)\Razer\Abyssus\vdDaemon.exe

(Microsoft Corporation) C:\Windows\System32\SnippingTool.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

 

 

==================== Registry (Whitelisted) ==================

 

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

 

HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2403288 2014-08-09] (NVIDIA Corporation)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7203032 2013-10-22] (Realtek Semiconductor)

HKLM\...\Run: [shadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart

HKLM\...\Run: [bCSSync] => C:\Program Files\Microsoft Office\Office14\BCSSync.exe [108144 2012-11-05] (Microsoft Corporation)

HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [558496 2014-02-27] (Adobe Systems Incorporated)

HKLM-x32\...\Run: [iMSS] => C:\Program Files (x86)\Intel\Intel® Management Engine Components\IMSS\PIconStartup.exe [134616 2013-09-16] (Intel Corporation)

HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-12-21] (Adobe Systems Incorporated)

HKLM-x32\...\Run: [AdobeCEPServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CEPServiceManager4\CEPServiceManager.exe [1039248 2013-03-13] (Adobe Systems Incorporated)

HKLM-x32\...\Run: [Abyssus] => C:\Program Files (x86)\Razer\Abyssus\razerhid.exe [295936 2013-01-21] ()

HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.)

HKLM-x32\...\Run: [QuickTime Task] => D:\QuickTime\QTTask.exe [421888 2014-01-17] (Apple Inc.)

HKLM-x32\...\Run: [LWS] => C:\Program Files (x86)\Logitech\LWS\Webcam Software\LWS.exe [204136 2012-09-13] (Logitech Inc.)

HKLM-x32\...\Run: [sunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-07-25] (Oracle Corporation)

HKU\S-1-5-21-2511904500-3163892986-980190791-1001\...\Run: [skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [21650016 2014-07-24] (Skype Technologies S.A.)

HKU\S-1-5-21-2511904500-3163892986-980190791-1001\...\Run: [uTorrent] => C:\Users\Karolis\AppData\Roaming\uTorrent\uTorrent.exe [1322832 2014-07-03] (BitTorrent Inc.)

HKU\S-1-5-21-2511904500-3163892986-980190791-1001\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd)

HKU\S-1-5-21-2511904500-3163892986-980190791-1001\...\Run: [EADM] => D:\Origin\Origin.exe [3600728 2014-08-08] (Electronic Arts)

HKU\S-1-5-21-2511904500-3163892986-980190791-1001\...\Run: [TomTomHOME.exe] => D:\TomTom\\TomTom HOME 2\TomTomHOMERunner.exe [248176 2014-06-05] (TomTom)

HKU\S-1-5-21-2511904500-3163892986-980190791-1001\...\MountPoints2: {8e325d67-b5ca-11e3-8250-bcee7b595360} - "E:\setup.exe" 

Startup: C:\Users\Karolis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Logitech . Gaminio registracija.lnk

ShortcutTarget: Logitech . Gaminio registracija.lnk -> C:\Program Files (x86)\Logitech\Ereg\eReg.exe (Leader Technologies/Logitech)

ShellIconOverlayIdentifiers: "DropboxExt1" -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Karolis\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)

ShellIconOverlayIdentifiers: "DropboxExt2" -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Karolis\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)

ShellIconOverlayIdentifiers: "DropboxExt3" -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Karolis\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)

ShellIconOverlayIdentifiers: "DropboxExt4" -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Karolis\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)

ShellIconOverlayIdentifiers: "DropboxExt5" -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Karolis\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)

ShellIconOverlayIdentifiers: "DropboxExt6" -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Karolis\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)

ShellIconOverlayIdentifiers: "DropboxExt7" -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Karolis\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)

ShellIconOverlayIdentifiers: "DropboxExt8" -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Users\Karolis\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)

 

==================== Internet (Whitelisted) ====================

 

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

 

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yandex.ru/?win=117&clid=1969031

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://t.msn.com/?ocid=iehp

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x36C2ACC3D149CF01

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = lt-LT

BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)

BHO: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)

BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)

BHO: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)

BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)

BHO-x32: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)

BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)

BHO-x32: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)

Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)

Winsock: Catalog9 11 C:\Windows\SysWOW64\ierd_tgp_lsp.dll [1278008] (Tencent)

Winsock: Catalog9 12 C:\Windows\SysWOW64\ierd_tgp_lsp.dll [1278008] (Tencent)

Winsock: Catalog9 13 C:\Windows\SysWOW64\ierd_tgp_lsp.dll [1278008] (Tencent)

Winsock: Catalog9 14 C:\Windows\SysWOW64\ierd_tgp_lsp.dll [1278008] (Tencent)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt

Tcpip\..\Interfaces\{EB90FE18-E83B-4768-B993-F98B3DBF26D2}: [NameServer] 8.8.8.8,8.8.4.4

 

FireFox:

========

FF ProfilePath: C:\Users\Karolis\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default

FF DefaultSearchEngine: Yandex

FF SelectedSearchEngine: Yandex

FF Homepage: hxxp://www.yandex.ru/?win=117&clid=1969031

FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_145.dll ()

FF Plugin: @java.com/DTPlugin,version=10.51.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)

FF Plugin: @java.com/JavaPlugin,version=10.51.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)

FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)

FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll (Adobe Systems)

FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll ()

FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1210150.dll (Adobe Systems, Inc.)

FF Plugin-x32: @esn.me/esnsonar,version=0.70.4 -> C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB)

FF Plugin-x32: @esn/esnlaunch,version=2.3.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.3.0\npesnlaunch.dll (ESN Social Software AB)

FF Plugin-x32: @esn/npbattlelog,version=2.4.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.4.0\npbattlelog.dll (EA Digital Illusions CE AB)

FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)

FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)

FF Plugin-x32: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)

FF Plugin-x32: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)

FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)

FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)

FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)

FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)

FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)

FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)

FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll (Adobe Systems)

FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Karolis\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)

FF SearchPlugin: C:\Users\Karolis\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default\searchplugins\yandex.ru-192238.xml

FF Extension: No Name - C:\Users\Karolis\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default\Extensions\staged [2014-03-27]

 

Chrome: 

=======

CHR HomePage: hxxp://www.google.lt/

CHR StartupUrls: "hxxp://google.lt/"

CHR Extension: („Google“ dokumentai) - C:\Users\Karolis\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-03-27]

CHR Extension: („Google“ diskas ) - C:\Users\Karolis\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-03-27]

CHR Extension: (WOT) - C:\Users\Karolis\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhmmomiinigofkjcapegjjndpbikblnp [2014-06-15]

CHR Extension: (YouTube) - C:\Users\Karolis\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-03-27]

CHR Extension: (Adblock Youtube™) - C:\Users\Karolis\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmedhionkhpnakcndndgjdbohmhepckk [2014-06-01]

CHR Extension: („Google“ paieška) - C:\Users\Karolis\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-03-27]

CHR Extension: (Hola Better Internet) - C:\Users\Karolis\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkojfkhlekighikafcpjkiklfbnlmeio [2014-03-27]

CHR Extension: („Google“ piniginė) - C:\Users\Karolis\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-03-27]

CHR Extension: (Gmail) - C:\Users\Karolis\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-03-27]

 

==================== Services (Whitelisted) =================

 

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

 

R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe [920736 2012-06-01] ()

S4 ASGT; C:\Windows\SysWOW64\ASGT.exe [55296 2012-01-17] () [File not signed]

S4 FreemakeVideoCapture; D:\Programos\Freemake\CaptureLib\CaptureLibService.exe [9216 2014-03-12] (Ellora Assets Corp.) [File not signed]

S4 Futuremark SystemInfo Service; C:\Program Files (x86)\Futuremark\SystemInfo\FMSISvc.exe [520416 2014-02-28] (Futuremark)

S4 Intel® Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel® Corporation) [File not signed]

S4 Intel® Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel® Corporation)

S4 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [169432 2013-09-16] (Intel Corporation)

R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation)

R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation)

S3 npggsvc; C:\Windows\SysWOW64\GameMon.des [5226672 2014-01-22] (INCA Internet Co., Ltd.)

R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1720792 2014-08-09] (NVIDIA Corporation)

R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [18973144 2014-08-09] (NVIDIA Corporation)

S3 OverwolfUpdaterService; C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [99616 2014-03-05] (Overwolf LTD)

R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [76152 2014-08-11] ()

R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2014-08-08] ()

R2 TomTomHOMEService; D:\TomTom\TomTom HOME 2\TomTomHOMEService.exe [93040 2014-06-05] (TomTom)

S3 TunngleService; D:\Tunngle\TnglCtrl.exe [758224 2013-11-06] (Tunngle.net GmbH)

R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347880 2014-03-24] (Microsoft Corporation)

R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2014-03-24] (Microsoft Corporation)

 

==================== Drivers (Whitelisted) ====================

 

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

 

R3 Abyssus; C:\Windows\system32\drivers\Abyssus.sys [23040 2013-01-09] ( )

R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2013-07-04] ()

S3 cleanhlp; D:\EEK\bin\cleanhlp64.sys [57024 2014-08-25] (Emsisoft GmbH)

R1 dtsoftbus01; C:\Windows\System32\drivers\dtsoftbus01.sys [283064 2014-03-27] (Disc Soft Ltd)

S3 hitmanpro37; C:\Windows\system32\drivers\hitmanpro37.sys [32512 2014-08-25] ()

R3 lvsels64; C:\Windows\system32\DRIVERS\lvsels64.sys [67992 2009-10-07] (Logitech Inc.)

S3 mbamchameleon; C:\Windows\system32\drivers\mbamchameleon.sys [92888 2014-06-08] (Malwarebytes Corporation)

R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-05-12] (Malwarebytes Corporation)

R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [122584 2014-08-25] (Malwarebytes Corporation)

R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64216 2014-05-12] (Malwarebytes Corporation)

R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-09-16] (Intel Corporation)

R2 npf; C:\Windows\System32\drivers\npf.sys [35344 2011-02-12] (CACE Technologies, Inc.)

S3 NVFLASH; C:\Windows\system32\drivers\nvflash.sys [15648 2013-04-19] ()

R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [20440 2014-08-09] (NVIDIA Corporation)

R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [40392 2014-03-31] (NVIDIA Corporation)

R1 QqGameMasterControl; C:\Windows\system32\drivers\QMTgpNetflow764.sys [47928 2013-12-13] (tencent)

R1 QqGameMasterControl; C:\Windows\SysWOW64\drivers\QMTgpNetflow764.sys [47928 2013-12-13] (tencent)

R2 RtNdPt630; C:\Windows\system32\DRIVERS\RtNdPt630.sys [28888 2013-09-26] (Realtek Semiconductor Corp.)

S3 RTTEAMPT; C:\Windows\system32\DRIVERS\RtTeam620.sys [58512 2012-07-03] (Realtek Corporation)

S3 ssudserd; C:\Windows\system32\DRIVERS\ssudserd.sys [206080 2014-01-22] (DEVGURU Co., LTD.(www.devguru.co.kr))

R3 tap0901t; C:\Windows\system32\DRIVERS\tap0901t.sys [31232 2009-09-16] (Tunngle.net)

S3 TesSafe; C:\Windows\system32\TesSafe.sys [969696 2014-04-12] (TENCENT)

R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123224 2014-03-24] (Microsoft Corporation)

S3 cpuz136; \??\C:\Windows\TEMP\cpuz136\cpuz136_x64.sys [X]

S3 X6va017; \??\C:\Windows\SysWOW64\Drivers\X6va017 [X]

 

==================== NetSvcs (Whitelisted) ===================

 

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)

 

 

==================== One Month Created Files and Folders ========

 

(If an entry is included in the fixlist, the file\folder will be moved.)

 

2014-08-25 19:36 - 2014-08-25 19:36 - 00021364 _____ () C:\Users\Karolis\Desktop\FRST.txt

2014-08-25 19:35 - 2014-08-25 19:36 - 00000000 ____D () C:\FRST

2014-08-25 19:35 - 2014-08-25 19:35 - 00001040 _____ () C:\Users\Karolis\Desktop\scan.txt

2014-08-25 19:34 - 2014-08-25 19:34 - 00000995 _____ () C:\Users\Karolis\Desktop\New Text Document (2).txt

2014-08-25 19:27 - 2014-08-25 19:27 - 02103296 _____ (Farbar) C:\Users\Karolis\Desktop\FRST64.exe

2014-08-25 19:03 - 2014-08-25 18:37 - 05572212 _____ (Swearware) C:\Users\Karolis\Desktop\ComboFix.exe

2014-08-25 18:05 - 2014-08-25 18:05 - 00000000 ____D () C:\Windows\ERUNT

2014-08-25 18:02 - 2014-08-25 18:03 - 00000000 ____D () C:\AdwCleaner

2014-08-25 18:02 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll

2014-08-25 17:43 - 2014-08-25 17:43 - 00000689 _____ () C:\Users\Karolis\Desktop\Start Emsisoft Emergency Kit.lnk

2014-08-25 17:41 - 2014-08-25 17:41 - 00032512 _____ () C:\Windows\system32\Drivers\hitmanpro37.sys

2014-08-25 17:40 - 2014-08-25 17:40 - 00001666 _____ () C:\Windows\system32\.crusader

2014-08-25 17:35 - 2014-08-25 17:40 - 00000000 ____D () C:\ProgramData\HitmanPro

2014-08-25 17:28 - 2014-08-25 17:28 - 00036456 _____ () C:\Windows\system32\Drivers\TrueSight.sys

2014-08-25 17:28 - 2014-08-25 17:28 - 00000000 ____D () C:\ProgramData\RogueKiller

2014-08-25 17:23 - 2014-08-25 17:23 - 00002674 _____ () C:\Users\Karolis\Desktop\Rkill.txt

2014-08-25 17:22 - 2014-08-25 17:22 - 00000971 _____ () C:\Users\Karolis\Desktop\iExplore - Shortcut.lnk

2014-08-25 17:16 - 2014-08-25 17:16 - 00000000 ____D () C:\TDSSKiller_Quarantine

2014-08-25 17:09 - 2014-08-25 18:42 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)

2014-08-25 16:56 - 2014-08-25 18:42 - 00000000 ____D () C:\Users\Karolis\Desktop\mbar

2014-08-24 17:30 - 2014-08-24 19:54 - 00000000 ____D () C:\Users\Karolis\Desktop\1710 bukit

2014-08-24 17:11 - 2014-08-24 17:19 - 00000000 ____D () C:\Users\Karolis\Desktop\MINCE

2014-08-24 16:53 - 2014-08-24 16:53 - 00001265 _____ () C:\Users\Karolis\Desktop\XComGame - Shortcut.lnk

2014-08-24 16:52 - 2014-08-24 16:52 - 00000705 _____ () C:\Users\Public\Desktop\XCOM Enemy Within.lnk

2014-08-24 16:52 - 2014-08-24 16:52 - 00000705 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XCOM Enemy Within.lnk

2014-08-24 16:39 - 2014-08-24 16:39 - 00002185 _____ () C:\Users\Karolis\Desktop\Minecraft.lnk

2014-08-24 16:39 - 2014-08-24 16:39 - 00000000 ____D () C:\Users\Karolis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Minecraft

2014-08-24 01:30 - 2014-08-24 11:54 - 00000000 ____D () C:\Users\Karolis\AppData\Local\Battle.net

2014-08-24 01:30 - 2014-08-24 01:30 - 00000673 _____ () C:\Users\Public\Desktop\Battle.net.lnk

2014-08-24 01:30 - 2014-08-24 01:30 - 00000000 ____D () C:\Users\Karolis\AppData\Roaming\NVIDIA

2014-08-24 01:30 - 2014-08-24 01:30 - 00000000 ____D () C:\Users\Karolis\AppData\Roaming\Battle.net

2014-08-24 01:30 - 2014-08-24 01:30 - 00000000 ____D () C:\Users\Karolis\AppData\Local\Blizzard Entertainment

2014-08-24 01:30 - 2014-08-24 01:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battle.net

2014-08-24 01:30 - 2014-08-24 01:30 - 00000000 ____D () C:\ProgramData\Blizzard Entertainment

2014-08-24 01:29 - 2014-08-24 01:29 - 00000000 ____D () C:\ProgramData\Battle.net

2014-08-23 18:15 - 2014-08-23 18:15 - 00000000 _____ () C:\Users\Karolis\Desktop\New Text Document.txt

2014-08-23 13:46 - 2014-08-20 15:20 - 00002199 _____ () C:\Users\Karolis\Desktop\Google Chrome - Copy.lnk

2014-08-22 16:32 - 2014-08-22 16:32 - 00002149 _____ () C:\Users\Public\Desktop\3D Vision Photo Viewer.lnk

2014-08-22 16:32 - 2014-08-22 16:32 - 00000000 ____D () C:\Program Files (x86)\AGEIA Technologies

2014-08-22 16:32 - 2014-07-02 23:48 - 00075040 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll

2014-08-22 16:32 - 2014-07-02 23:48 - 00061912 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll

2014-08-22 16:32 - 2014-07-02 21:55 - 06783776 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll

2014-08-22 16:32 - 2014-07-02 21:55 - 03522392 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll

2014-08-22 16:32 - 2014-07-02 21:55 - 00935368 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe

2014-08-22 16:32 - 2014-07-02 21:55 - 00386520 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll

2014-08-22 16:32 - 2014-07-02 21:55 - 00062808 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll

2014-08-22 16:32 - 2014-07-02 20:44 - 00609240 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe

2014-08-22 16:32 - 2014-07-02 13:14 - 03826628 _____ () C:\Windows\system32\nvcoproc.bin

2014-08-22 16:31 - 2014-08-11 23:31 - 01515296 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdagenco6420103.dll

2014-08-22 16:31 - 2014-08-11 23:31 - 00197408 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys

2014-08-22 16:31 - 2014-08-11 23:31 - 00031520 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll

2014-08-22 16:31 - 2014-07-02 23:48 - 31512520 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll

2014-08-22 16:31 - 2014-07-02 23:48 - 24196896 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll

2014-08-22 16:31 - 2014-07-02 23:48 - 22994208 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll

2014-08-22 16:31 - 2014-07-02 23:48 - 18626304 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll

2014-08-22 16:31 - 2014-07-02 23:48 - 17555104 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll

2014-08-22 16:31 - 2014-07-02 23:48 - 16122344 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll

2014-08-22 16:31 - 2014-07-02 23:48 - 15294296 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll

2014-08-22 16:31 - 2014-07-02 23:48 - 14498552 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll

2014-08-22 16:31 - 2014-07-02 23:48 - 13922752 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll

2014-08-22 16:31 - 2014-07-02 23:48 - 13835208 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll

2014-08-22 16:31 - 2014-07-02 23:48 - 12866008 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys

2014-08-22 16:31 - 2014-07-02 23:48 - 11283344 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll

2014-08-22 16:31 - 2014-07-02 23:48 - 11222048 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll

2014-08-22 16:31 - 2014-07-02 23:48 - 04247000 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll

2014-08-22 16:31 - 2014-07-02 23:48 - 03989960 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll

2014-08-22 16:31 - 2014-07-02 23:48 - 03196816 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll

2014-08-22 16:31 - 2014-07-02 23:48 - 02814656 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll

2014-08-22 16:31 - 2014-07-02 23:48 - 01890080 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6434052.dll

2014-08-22 16:31 - 2014-07-02 23:48 - 01539928 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6434052.dll

2014-08-22 16:31 - 2014-07-02 23:48 - 00965312 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll

2014-08-22 16:31 - 2014-07-02 23:48 - 00944928 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll

2014-08-22 16:31 - 2014-07-02 23:48 - 00907096 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll

2014-08-22 16:31 - 2014-07-02 23:48 - 00903624 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll

2014-08-22 16:31 - 2014-07-02 23:48 - 00869152 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll

2014-08-22 16:31 - 2014-07-02 23:48 - 00846832 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll

2014-08-22 16:31 - 2014-07-02 23:48 - 00835032 _____ () C:\Windows\system32\nvmcumd.dll

2014-08-22 16:31 - 2014-07-02 23:48 - 00502232 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll

2014-08-22 16:31 - 2014-07-02 23:48 - 00418760 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll

2014-08-22 16:31 - 2014-07-02 23:48 - 00391640 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll

2014-08-22 16:31 - 2014-07-02 23:48 - 00354016 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll

2014-08-22 16:31 - 2014-07-02 23:48 - 00348120 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll

2014-08-22 16:31 - 2014-07-02 23:48 - 00305600 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll

2014-08-22 16:31 - 2014-07-02 23:48 - 00166568 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll

2014-08-22 16:31 - 2014-07-02 23:48 - 00146480 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll

2014-08-22 16:31 - 2014-07-02 23:48 - 00026353 _____ () C:\Windows\system32\nvinfo.pb

2014-08-22 04:40 - 2014-08-22 04:40 - 00000883 _____ () C:\Users\Public\Desktop\Titanfall.lnk

2014-08-22 04:40 - 2014-08-22 04:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Titanfall

2014-08-21 19:56 - 2014-08-21 19:56 - 00000000 ____D () C:\Users\Karolis\Desktop\bybiskiausai

2014-08-21 18:59 - 2014-08-21 18:59 - 00000684 _____ () C:\Users\Karolis\Desktop\Five Nights at Freddy's.lnk

2014-08-21 18:59 - 2014-08-21 18:59 - 00000000 ____D () C:\Users\Karolis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Five Nights at Freddy's

2014-08-20 22:04 - 2014-08-20 22:04 - 00000000 ____D () C:\Users\Karolis\AppData\Roaming\MMFApplications

2014-08-20 19:14 - 2014-08-16 17:19 - 00001021 _____ () C:\Users\Karolis\Desktop\bf4 - Shortcut.lnk

2014-08-20 15:56 - 2014-08-20 15:20 - 00002199 _____ () C:\Users\Karolis\Desktop\Google Chrome.lnk

2014-08-19 15:15 - 2014-08-19 15:16 - 00000000 ____D () C:\Users\Karolis\Desktop\METAL

2014-08-16 17:49 - 2014-08-16 17:49 - 00000655 _____ () C:\Users\Public\Desktop\DS3 Tool.lnk

2014-08-16 17:49 - 2014-08-16 17:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MotioninJoy

2014-08-16 17:49 - 2012-05-12 12:31 - 00121416 _____ (MotioninJoy) C:\Windows\system32\Drivers\MijXfilt.sys

2014-08-16 17:49 - 2011-12-07 19:42 - 01721576 _____ (Microsoft Corporation) C:\Windows\system32\WdfCoInstaller01009.dll

2014-08-16 17:49 - 2011-12-07 19:42 - 00328712 _____ (Logitech Inc.) C:\Windows\system32\MijFrc.dll

2014-08-16 17:49 - 2011-12-07 19:42 - 00074960 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\xusb21.sys

2014-08-16 17:45 - 2014-08-16 17:45 - 00000000 ____D () C:\Users\Karolis\AppData\Roaming\MotioninJoy

2014-08-16 17:19 - 2014-08-16 17:23 - 00001130 _____ () C:\Users\Karolis\Desktop\Crysis3 - Shortcut.lnk

2014-08-16 17:19 - 2014-08-16 17:19 - 00000571 _____ () C:\Users\Karolis\Desktop\prototype2 - Shortcut.lnk

2014-08-14 08:04 - 2014-07-25 16:51 - 17524224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll

2014-08-14 08:04 - 2014-07-25 15:08 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll

2014-08-14 08:04 - 2014-07-25 14:52 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll

2014-08-14 08:04 - 2014-07-25 14:34 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll

2014-08-14 08:04 - 2014-07-25 14:13 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll

2014-08-14 08:04 - 2014-07-25 13:00 - 01169920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll

2014-08-14 08:03 - 2014-08-07 05:12 - 01336624 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll

2014-08-14 08:03 - 2014-08-07 01:39 - 04148224 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys

2014-08-14 08:03 - 2014-08-07 01:38 - 00697856 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll

2014-08-14 08:03 - 2014-08-02 08:44 - 00527360 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll

2014-08-14 08:03 - 2014-08-02 06:56 - 01064448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll

2014-08-14 08:03 - 2014-08-02 06:11 - 00918528 _____ (Microsoft Corporation) C:\Windows\system32\MrmCoreR.dll

2014-08-14 08:03 - 2014-07-25 17:52 - 23645696 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll

2014-08-14 08:03 - 2014-07-25 16:28 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll

2014-08-14 08:03 - 2014-07-25 16:25 - 02774528 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll

2014-08-14 08:03 - 2014-07-25 16:25 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll

2014-08-14 08:03 - 2014-07-25 15:59 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll

2014-08-14 08:03 - 2014-07-25 15:40 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll

2014-08-14 08:03 - 2014-07-25 15:34 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll

2014-08-14 08:03 - 2014-07-25 15:30 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll

2014-08-14 08:03 - 2014-07-25 15:28 - 05824512 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll

2014-08-14 08:03 - 2014-07-25 15:28 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll

2014-08-14 08:03 - 2014-07-25 15:21 - 02184704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll

2014-08-14 08:03 - 2014-07-25 15:17 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll

2014-08-14 08:03 - 2014-07-25 15:10 - 00292864 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll

2014-08-14 08:03 - 2014-07-25 15:06 - 04204032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll

2014-08-14 08:03 - 2014-07-25 14:47 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll

2014-08-14 08:03 - 2014-07-25 14:43 - 00333312 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll

2014-08-14 08:03 - 2014-07-25 14:43 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll

2014-08-14 08:03 - 2014-07-25 14:42 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe

2014-08-14 08:03 - 2014-07-25 14:39 - 02087936 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl

2014-08-14 08:03 - 2014-07-25 14:29 - 00239616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll

2014-08-14 08:03 - 2014-07-25 14:23 - 13547008 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll

2014-08-14 08:03 - 2014-07-25 14:09 - 00291840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll

2014-08-14 08:03 - 2014-07-25 14:07 - 02001920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl

2014-08-14 08:03 - 2014-07-25 14:03 - 11772928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll

2014-08-14 08:03 - 2014-07-25 13:52 - 02266624 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll

2014-08-14 08:03 - 2014-07-25 13:26 - 01431040 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll

2014-08-14 08:03 - 2014-07-25 13:17 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll

2014-08-14 08:03 - 2014-07-25 13:09 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll

2014-08-14 08:03 - 2014-07-25 13:05 - 01792512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll

2014-08-14 08:03 - 2014-07-15 21:16 - 03048880 _____ (Microsoft Corporation) C:\Windows\system32\WpcMon.exe

2014-08-14 08:03 - 2014-07-15 11:29 - 03118080 _____ (Microsoft Corporation) C:\Windows\system32\Wpc.dll

2014-08-14 08:03 - 2014-07-15 11:22 - 02861056 _____ (Microsoft Corporation) C:\Windows\system32\WpcWebSync.dll

2014-08-14 08:03 - 2014-07-15 11:03 - 02344448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Wpc.dll

2014-08-14 08:03 - 2014-07-12 07:17 - 00623616 _____ (Microsoft Corporation) C:\Windows\system32\MDMAgent.exe

2014-08-14 08:03 - 2014-06-20 04:48 - 01273184 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll

2014-08-14 08:03 - 2014-06-20 02:52 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll

2014-08-14 08:03 - 2014-06-13 04:15 - 00517528 _____ (Microsoft Corporation) C:\Windows\system32\dxgi.dll

2014-08-14 08:03 - 2014-06-13 04:14 - 01557848 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys

2014-08-14 08:03 - 2014-06-13 03:10 - 00406400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxgi.dll

2014-08-14 08:03 - 2014-06-10 01:13 - 00035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe

2014-08-14 08:03 - 2014-06-10 01:13 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe

2014-08-14 08:03 - 2014-06-06 14:34 - 02133504 _____ (Microsoft Corporation) C:\Windows\system32\dwmcore.dll

2014-08-14 08:03 - 2014-06-04 12:27 - 00114520 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe

2014-08-14 08:03 - 2014-06-04 08:31 - 00356352 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll

2014-08-14 08:03 - 2014-06-04 08:22 - 02790912 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll

2014-08-14 08:03 - 2014-06-04 07:43 - 00281088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll

2014-08-14 08:03 - 2014-06-04 07:38 - 03304448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll

2014-08-14 08:03 - 2014-06-04 05:15 - 02642944 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll

2014-08-14 08:03 - 2014-06-04 05:14 - 02318336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll

2014-08-14 08:02 - 2014-06-05 17:13 - 00216368 _____ (Microsoft Corporation) C:\Windows\system32\rsaenh.dll

2014-08-14 08:02 - 2014-06-05 16:14 - 00189016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rsaenh.dll

2014-08-14 08:02 - 2014-06-02 05:10 - 00423768 _____ (Microsoft Corporation) C:\Windows\system32\hal.dll

2014-08-14 08:02 - 2014-05-31 13:07 - 00467800 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\USBHUB3.SYS

2014-08-14 08:02 - 2014-05-31 13:07 - 00440664 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys

2014-08-14 08:02 - 2014-05-31 13:07 - 00419672 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys

2014-08-14 08:02 - 2014-05-31 13:07 - 00089944 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys

2014-08-14 08:02 - 2014-05-31 13:07 - 00027480 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys

2014-08-14 08:02 - 2014-05-31 09:30 - 00037376 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys

2014-08-14 08:02 - 2014-05-31 09:27 - 00110592 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFPf.sys

2014-08-14 08:02 - 2014-05-31 09:26 - 00227840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WUDFRd.sys

2014-08-14 08:02 - 2014-05-31 07:01 - 00284672 _____ (Microsoft Corporation) C:\Windows\system32\WUDFHost.exe

2014-08-14 08:02 - 2014-05-31 07:01 - 00209408 _____ (Microsoft Corporation) C:\Windows\system32\WUDFPlatform.dll

2014-08-14 08:02 - 2014-05-31 07:01 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\WUDFSvc.dll

2014-08-14 08:02 - 2014-05-29 09:21 - 00655872 _____ (Microsoft Corporation) C:\Windows\system32\cscui.dll

2014-08-14 08:02 - 2014-05-27 18:53 - 02518360 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys

2014-08-14 08:02 - 2014-05-27 12:56 - 00323584 _____ (Microsoft Corporation) C:\Windows\system32\DaOtpCredentialProvider.dll

2014-08-14 08:02 - 2014-05-27 12:53 - 00270848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DaOtpCredentialProvider.dll

2014-08-14 08:02 - 2014-05-17 07:59 - 16871936 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.dll

2014-08-14 08:02 - 2014-05-17 07:13 - 12711424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.dll

2014-08-14 08:02 - 2014-04-30 07:30 - 00668160 _____ (Microsoft Corporation) C:\Windows\system32\gpprefcl.dll

2014-08-14 08:02 - 2014-04-30 06:52 - 00590336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gpprefcl.dll

2014-08-13 10:01 - 2014-08-13 10:01 - 00145349 ____N () C:\Windows\Minidump\081314-4140-01.dmp

2014-08-12 16:20 - 2014-08-12 16:20 - 00000000 ____D () C:\Windows\system32\appmgmt

2014-08-11 18:35 - 2014-08-11 18:35 - 00076152 _____ () C:\Windows\system32\PnkBstrA.exe

2014-08-11 17:29 - 2014-08-11 17:28 - 00001121 _____ () C:\Users\Karolis\Desktop\TeknoMW3 - Shortcut.lnk

2014-08-11 02:20 - 2014-08-11 02:20 - 00000000 ____D () C:\Users\Karolis\AppData\Roaming\roi

2014-08-07 13:51 - 2014-08-07 13:51 - 00272808 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe

2014-08-07 13:51 - 2014-08-07 13:51 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe

2014-08-07 13:51 - 2014-08-07 13:51 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe

2014-08-07 13:51 - 2014-08-07 13:51 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll

2014-08-07 13:51 - 2014-08-07 13:51 - 00000000 ____D () C:\Program Files (x86)\Java

2014-08-03 13:41 - 2014-08-12 19:08 - 00000000 ____D () C:\Users\Karolis\Desktop\dd

2014-07-31 13:32 - 2014-07-31 13:31 - 00148421 ____N () C:\Windows\Minidump\073114-4859-01.dmp

 

==================== One Month Modified Files and Folders =======

 

(If an entry is included in the fixlist, the file\folder will be moved.)

 

2014-08-25 19:36 - 2014-08-25 19:36 - 00021364 _____ () C:\Users\Karolis\Desktop\FRST.txt

2014-08-25 19:36 - 2014-08-25 19:35 - 00000000 ____D () C:\FRST

2014-08-25 19:36 - 2014-03-27 19:01 - 00000000 ____D () C:\Users\Karolis\AppData\Roaming\Skype

2014-08-25 19:35 - 2014-08-25 19:35 - 00001040 _____ () C:\Users\Karolis\Desktop\scan.txt

2014-08-25 19:35 - 2014-03-28 00:23 - 01672065 _____ () C:\Windows\WindowsUpdate.log

2014-08-25 19:34 - 2014-08-25 19:34 - 00000995 _____ () C:\Users\Karolis\Desktop\New Text Document (2).txt

2014-08-25 19:34 - 2014-03-27 20:03 - 00000000 ____D () C:\Users\Karolis\AppData\Roaming\uTorrent

2014-08-25 19:33 - 2014-04-12 14:23 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job

2014-08-25 19:28 - 2014-03-27 18:32 - 00003938 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{17BD94DA-6821-4C48-A64F-27112F43355C}

2014-08-25 19:27 - 2014-08-25 19:27 - 02103296 _____ (Farbar) C:\Users\Karolis\Desktop\FRST64.exe

2014-08-25 19:26 - 2014-04-13 17:18 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys

2014-08-25 19:02 - 2013-08-22 18:36 - 00000000 ____D () C:\Windows\system32\sru

2014-08-25 18:55 - 2014-03-27 18:33 - 00000932 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job

2014-08-25 18:46 - 2014-04-07 21:03 - 01481728 ___SH () C:\Users\Karolis\Desktop\Thumbs.db

2014-08-25 18:42 - 2014-08-25 17:09 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)

2014-08-25 18:42 - 2014-08-25 16:56 - 00000000 ____D () C:\Users\Karolis\Desktop\mbar

2014-08-25 18:37 - 2014-08-25 19:03 - 05572212 _____ (Swearware) C:\Users\Karolis\Desktop\ComboFix.exe

2014-08-25 18:35 - 2014-03-27 19:31 - 00000000 ____D () C:\Users\Karolis\AppData\Roaming\AIMP3

2014-08-25 18:31 - 2014-03-27 21:37 - 00000000 ____D () C:\Program Files (x86)\SpeedFan

2014-08-25 18:18 - 2014-03-27 18:34 - 00003598 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2511904500-3163892986-980190791-1001

2014-08-25 18:10 - 2014-03-27 18:33 - 00863592 _____ () C:\Windows\system32\PerfStringBackup.INI

2014-08-25 18:06 - 2014-03-27 18:33 - 00002199 _____ () C:\Users\Public\Desktop\Google Chrome.lnk

2014-08-25 18:05 - 2014-08-25 18:05 - 00000000 ____D () C:\Windows\ERUNT

2014-08-25 18:04 - 2014-03-27 19:12 - 00000000 _____ () C:\Windows\system32\Drivers\lvuvc.hs

2014-08-25 18:04 - 2014-03-27 18:38 - 00000000 ____D () C:\ProgramData\NVIDIA

2014-08-25 18:04 - 2014-03-27 18:33 - 00000928 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job

2014-08-25 18:04 - 2013-08-22 17:45 - 00000006 ____H () C:\Windows\Tasks\SA.DAT

2014-08-25 18:03 - 2014-08-25 18:02 - 00000000 ____D () C:\AdwCleaner

2014-08-25 18:03 - 2014-03-28 00:20 - 00042450 _____ () C:\Windows\PFRO.log

2014-08-25 17:43 - 2014-08-25 17:43 - 00000689 _____ () C:\Users\Karolis\Desktop\Start Emsisoft Emergency Kit.lnk

2014-08-25 17:41 - 2014-08-25 17:41 - 00032512 _____ () C:\Windows\system32\Drivers\hitmanpro37.sys

2014-08-25 17:41 - 2013-08-22 17:44 - 05151992 _____ () C:\Windows\system32\FNTCACHE.DAT

2014-08-25 17:40 - 2014-08-25 17:40 - 00001666 _____ () C:\Windows\system32\.crusader

2014-08-25 17:40 - 2014-08-25 17:35 - 00000000 ____D () C:\ProgramData\HitmanPro

2014-08-25 17:40 - 2014-03-27 20:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KMSpico

2014-08-25 17:40 - 2014-03-27 20:15 - 00000000 ____D () C:\Program Files\KMSpico

2014-08-25 17:29 - 2014-07-09 11:59 - 00121910 _____ () C:\Windows\system32\KMSServer.exe

2014-08-25 17:28 - 2014-08-25 17:28 - 00036456 _____ () C:\Windows\system32\Drivers\TrueSight.sys

2014-08-25 17:28 - 2014-08-25 17:28 - 00000000 ____D () C:\ProgramData\RogueKiller

2014-08-25 17:23 - 2014-08-25 17:23 - 00002674 _____ () C:\Users\Karolis\Desktop\Rkill.txt

2014-08-25 17:22 - 2014-08-25 17:22 - 00000971 _____ () C:\Users\Karolis\Desktop\iExplore - Shortcut.lnk

2014-08-25 17:16 - 2014-08-25 17:16 - 00000000 ____D () C:\TDSSKiller_Quarantine

2014-08-24 20:08 - 2014-04-20 10:07 - 00000000 ____D () C:\Users\Karolis\AppData\Roaming\.minecraft

2014-08-24 19:54 - 2014-08-24 17:30 - 00000000 ____D () C:\Users\Karolis\Desktop\1710 bukit

2014-08-24 17:19 - 2014-08-24 17:11 - 00000000 ____D () C:\Users\Karolis\Desktop\MINCE

2014-08-24 16:53 - 2014-08-24 16:53 - 00001265 _____ () C:\Users\Karolis\Desktop\XComGame - Shortcut.lnk

2014-08-24 16:52 - 2014-08-24 16:52 - 00000705 _____ () C:\Users\Public\Desktop\XCOM Enemy Within.lnk

2014-08-24 16:52 - 2014-08-24 16:52 - 00000705 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XCOM Enemy Within.lnk

2014-08-24 16:39 - 2014-08-24 16:39 - 00002185 _____ () C:\Users\Karolis\Desktop\Minecraft.lnk

2014-08-24 16:39 - 2014-08-24 16:39 - 00000000 ____D () C:\Users\Karolis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Minecraft

2014-08-24 11:55 - 2014-03-27 20:27 - 00000000 ____D () C:\ProgramData\Origin

2014-08-24 11:54 - 2014-08-24 01:30 - 00000000 ____D () C:\Users\Karolis\AppData\Local\Battle.net

2014-08-24 01:30 - 2014-08-24 01:30 - 00000673 _____ () C:\Users\Public\Desktop\Battle.net.lnk

2014-08-24 01:30 - 2014-08-24 01:30 - 00000000 ____D () C:\Users\Karolis\AppData\Roaming\NVIDIA

2014-08-24 01:30 - 2014-08-24 01:30 - 00000000 ____D () C:\Users\Karolis\AppData\Roaming\Battle.net

2014-08-24 01:30 - 2014-08-24 01:30 - 00000000 ____D () C:\Users\Karolis\AppData\Local\Blizzard Entertainment

2014-08-24 01:30 - 2014-08-24 01:30 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battle.net

2014-08-24 01:30 - 2014-08-24 01:30 - 00000000 ____D () C:\ProgramData\Blizzard Entertainment

2014-08-24 01:29 - 2014-08-24 01:29 - 00000000 ____D () C:\ProgramData\Battle.net

2014-08-23 18:15 - 2014-08-23 18:15 - 00000000 _____ () C:\Users\Karolis\Desktop\New Text Document.txt

2014-08-22 16:32 - 2014-08-22 16:32 - 00002149 _____ () C:\Users\Public\Desktop\3D Vision Photo Viewer.lnk

2014-08-22 16:32 - 2014-08-22 16:32 - 00000000 ____D () C:\Program Files (x86)\AGEIA Technologies

2014-08-22 16:32 - 2014-03-27 18:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation

2014-08-22 16:32 - 2014-03-27 18:37 - 00000000 ____D () C:\ProgramData\NVIDIA Corporation

2014-08-22 16:32 - 2014-03-27 18:37 - 00000000 ____D () C:\Program Files\NVIDIA Corporation

2014-08-22 16:32 - 2014-03-27 18:37 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation

2014-08-22 16:32 - 2013-08-22 18:36 - 00000000 ____D () C:\Windows\Help

2014-08-22 16:32 - 2013-08-22 17:46 - 00036588 _____ () C:\Windows\setupact.log

2014-08-22 04:40 - 2014-08-22 04:40 - 00000883 _____ () C:\Users\Public\Desktop\Titanfall.lnk

2014-08-22 04:40 - 2014-08-22 04:40 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Titanfall

2014-08-22 04:25 - 2014-03-27 19:26 - 00453308 _____ () C:\Windows\DirectX.log

2014-08-22 03:48 - 2014-04-18 00:59 - 00001294 _____ () C:\Users\Karolis\Desktop\shutdown (2).lnk

2014-08-22 02:11 - 2014-05-30 12:34 - 00000000 ____D () C:\Users\Karolis\AppData\Roaming\Origin

2014-08-21 19:58 - 2014-07-23 09:09 - 00000000 ___RD () C:\Users\Karolis\Dropbox

2014-08-21 19:56 - 2014-08-21 19:56 - 00000000 ____D () C:\Users\Karolis\Desktop\bybiskiausai

2014-08-21 19:53 - 2014-07-23 09:08 - 00000000 ____D () C:\Users\Karolis\AppData\Roaming\Dropbox

2014-08-21 18:59 - 2014-08-21 18:59 - 00000684 _____ () C:\Users\Karolis\Desktop\Five Nights at Freddy's.lnk

2014-08-21 18:59 - 2014-08-21 18:59 - 00000000 ____D () C:\Users\Karolis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Five Nights at Freddy's

2014-08-20 22:04 - 2014-08-20 22:04 - 00000000 ____D () C:\Users\Karolis\AppData\Roaming\MMFApplications

2014-08-20 20:09 - 2014-07-14 00:58 - 00000000 ____D () C:\Users\Karolis\Desktop\PS

2014-08-20 20:09 - 2014-03-28 00:23 - 00000000 ____D () C:\Users\Karolis

2014-08-20 15:58 - 2014-06-23 17:29 - 00000000 ____D () C:\Users\Karolis\Desktop\l, (1)

2014-08-20 15:58 - 2014-04-06 13:11 - 00000000 ____D () C:\Users\Karolis\Desktop\wall

2014-08-20 15:20 - 2014-08-23 13:46 - 00002199 _____ () C:\Users\Karolis\Desktop\Google Chrome - Copy.lnk

2014-08-20 15:20 - 2014-08-20 15:56 - 00002199 _____ () C:\Users\Karolis\Desktop\Google Chrome.lnk

2014-08-19 15:16 - 2014-08-19 15:15 - 00000000 ____D () C:\Users\Karolis\Desktop\METAL

2014-08-19 14:54 - 2014-05-27 18:53 - 00000000 ____D () C:\Users\Karolis\AppData\Local\Paint.NET

2014-08-19 12:25 - 2013-08-22 18:36 - 00000000 ____D () C:\Windows\Speech

2014-08-19 01:38 - 2013-08-22 16:25 - 00262144 ___SH () C:\Windows\system32\config\BBI

2014-08-17 22:44 - 2014-07-09 19:43 - 00000000 ____D () C:\Users\Karolis\AppData\Local\CrashDumps

2014-08-17 16:31 - 2014-03-27 19:32 - 00000000 ____D () C:\The KMPlayer

2014-08-17 16:30 - 2014-03-27 19:32 - 00000576 _____ () C:\Users\Karolis\Desktop\KMPlayer.lnk

2014-08-17 10:55 - 2014-03-27 19:03 - 00016614 _____ () C:\Windows\system32\lvcoinst.log

2014-08-16 17:49 - 2014-08-16 17:49 - 00000655 _____ () C:\Users\Public\Desktop\DS3 Tool.lnk

2014-08-16 17:49 - 2014-08-16 17:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MotioninJoy

2014-08-16 17:45 - 2014-08-16 17:45 - 00000000 ____D () C:\Users\Karolis\AppData\Roaming\MotioninJoy

2014-08-16 17:43 - 2013-08-22 18:36 - 00000000 ____D () C:\Windows\AppReadiness

2014-08-16 17:23 - 2014-08-16 17:19 - 00001130 _____ () C:\Users\Karolis\Desktop\Crysis3 - Shortcut.lnk

2014-08-16 17:19 - 2014-08-20 19:14 - 00001021 _____ () C:\Users\Karolis\Desktop\bf4 - Shortcut.lnk

2014-08-16 17:19 - 2014-08-16 17:19 - 00000571 _____ () C:\Users\Karolis\Desktop\prototype2 - Shortcut.lnk

2014-08-16 08:09 - 2014-03-27 19:01 - 00000000 ____D () C:\ProgramData\Skype

2014-08-16 06:45 - 2013-08-22 18:36 - 00000000 ____D () C:\Windows\rescache

2014-08-15 18:11 - 2014-07-23 09:09 - 00001074 _____ () C:\Users\Karolis\Desktop\Dropbox.lnk

2014-08-15 18:11 - 2014-07-23 09:09 - 00000000 ____D () C:\Users\Karolis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox

2014-08-15 16:55 - 2014-05-16 16:31 - 00215416 _____ () C:\Windows\SysWOW64\PnkBstrB.exe

2014-08-15 16:55 - 2014-05-16 16:31 - 00214392 _____ () C:\Windows\SysWOW64\PnkBstrB.ex0

2014-08-15 07:19 - 2013-08-22 18:36 - 00000000 ___RD () C:\Windows\ToastData

2014-08-15 07:19 - 2013-08-22 18:36 - 00000000 ____D () C:\Windows\PolicyDefinitions

2014-08-15 06:41 - 2014-03-27 22:11 - 00000000 ____D () C:\Windows\system32\MRT

2014-08-15 06:41 - 2013-08-22 18:20 - 00000000 ____D () C:\Windows\CbsTemp

2014-08-15 06:38 - 2014-07-09 10:26 - 00000000 ___SD () C:\Windows\system32\CompatTel

2014-08-15 06:38 - 2014-03-27 22:11 - 99218768 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe

2014-08-14 08:02 - 2014-07-09 09:33 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll

2014-08-14 08:02 - 2014-07-09 09:33 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll

2014-08-14 08:02 - 2014-05-15 08:36 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb

2014-08-14 08:02 - 2014-04-09 09:17 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll

2014-08-14 08:02 - 2014-04-09 09:16 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll

2014-08-14 08:02 - 2014-04-09 09:14 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe

2014-08-14 08:02 - 2014-04-09 09:14 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe

2014-08-14 08:02 - 2014-04-09 09:14 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe

2014-08-14 08:02 - 2014-04-09 09:14 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll

2014-08-14 08:02 - 2014-04-09 09:14 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll

2014-08-14 08:02 - 2014-04-09 09:14 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll

2014-08-14 08:02 - 2014-04-09 09:14 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll

2014-08-14 08:02 - 2014-04-09 09:14 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll

2014-08-14 08:02 - 2014-04-09 09:14 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll

2014-08-14 08:02 - 2013-08-22 06:46 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll

2014-08-14 08:01 - 2014-06-12 15:40 - 00428888 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS

2014-08-13 10:01 - 2014-08-13 10:01 - 00145349 ____N () C:\Windows\Minidump\081314-4140-01.dmp

2014-08-13 10:01 - 2014-03-30 11:43 - 00000000 ____D () C:\Windows\Minidump

2014-08-12 19:08 - 2014-08-03 13:41 - 00000000 ____D () C:\Users\Karolis\Desktop\dd

2014-08-12 16:20 - 2014-08-12 16:20 - 00000000 ____D () C:\Windows\system32\appmgmt

2014-08-12 16:20 - 2014-05-16 16:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Activision

2014-08-12 16:19 - 2014-05-07 18:56 - 00000000 ____D () C:\Users\Karolis\AppData\Local\NCSOFT

2014-08-12 16:18 - 2014-07-04 00:01 - 00000000 ____D () C:\ProgramData\Hi-Rez Studios

2014-08-12 16:18 - 2014-03-27 18:39 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information

2014-08-12 16:17 - 2014-06-04 22:05 - 00000000 ____D () C:\Users\Karolis\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam

2014-08-11 23:31 - 2014-08-22 16:31 - 01515296 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdagenco6420103.dll

2014-08-11 23:31 - 2014-08-22 16:31 - 00197408 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys

2014-08-11 23:31 - 2014-08-22 16:31 - 00031520 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll

2014-08-11 20:07 - 2013-08-22 18:36 - 00000000 ____D () C:\Windows\system32\NDF

2014-08-11 18:35 - 2014-08-11 18:35 - 00076152 _____ () C:\Windows\system32\PnkBstrA.exe

2014-08-11 17:28 - 2014-08-11 17:29 - 00001121 _____ () C:\Users\Karolis\Desktop\TeknoMW3 - Shortcut.lnk

2014-08-11 02:20 - 2014-08-11 02:20 - 00000000 ____D () C:\Users\Karolis\AppData\Roaming\roi

2014-08-10 02:52 - 2014-05-16 16:35 - 00000000 ____D () C:\Users\Karolis\AppData\Local\PunkBuster

2014-08-09 03:22 - 2014-06-04 22:20 - 01715224 _____ (NVIDIA Corporation) C:\Windows\system32\nvspbridge64.dll

2014-08-09 03:22 - 2014-06-04 22:20 - 01291280 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspbridge.dll

2014-08-09 03:22 - 2014-03-27 18:46 - 01283136 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll

2014-08-09 03:22 - 2014-03-27 18:46 - 01126480 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll

2014-08-08 11:49 - 2014-03-28 18:04 - 00000000 ____D () C:\Program Files (x86)\Battlelog Web Plugins

2014-08-08 11:48 - 2014-05-16 16:31 - 00076888 _____ () C:\Windows\SysWOW64\PnkBstrA.exe

2014-08-07 13:51 - 2014-08-07 13:51 - 00272808 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe

2014-08-07 13:51 - 2014-08-07 13:51 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe

2014-08-07 13:51 - 2014-08-07 13:51 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe

2014-08-07 13:51 - 2014-08-07 13:51 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll

2014-08-07 13:51 - 2014-08-07 13:51 - 00000000 ____D () C:\Program Files (x86)\Java

2014-08-07 13:51 - 2014-04-03 19:28 - 00000000 ____D () C:\ProgramData\Oracle

2014-08-07 05:12 - 2014-08-14 08:03 - 01336624 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll

2014-08-07 01:39 - 2014-08-14 08:03 - 04148224 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys

2014-08-07 01:38 - 2014-08-14 08:03 - 00697856 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll

2014-08-05 19:06 - 2013-08-22 18:36 - 00000000 ___RD () C:\Windows\ImmersiveControlPanel

2014-08-03 22:53 - 2014-07-05 21:06 - 00000228 _____ () C:\Users\Karolis\BullseyeCoverageError.txt

2014-08-02 08:44 - 2014-08-14 08:03 - 00527360 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll

2014-08-02 06:56 - 2014-08-14 08:03 - 01064448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll

2014-08-02 06:11 - 2014-08-14 08:03 - 00918528 _____ (Microsoft Corporation) C:\Windows\system32\MrmCoreR.dll

2014-08-02 03:17 - 2013-08-22 18:38 - 00704480 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe

2014-08-02 03:17 - 2013-08-22 18:38 - 00105440 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl

2014-07-31 13:31 - 2014-07-31 13:32 - 00148421 ____N () C:\Windows\Minidump\073114-4859-01.dmp

2014-07-28 20:11 - 2014-07-23 08:57 - 00000000 ____D () C:\Users\Karolis\Desktop\TO PHONE

 

Files to move or delete:

====================

C:\ProgramData\DT0001.dat

 

 

Some content of TEMP:

====================

C:\Users\Karolis\AppData\Local\Temp\BindSetup1.7z.exe

C:\Users\Karolis\AppData\Local\Temp\BindSetup2.exe

C:\Users\Karolis\AppData\Local\Temp\BindSetup3.exe

C:\Users\Karolis\AppData\Local\Temp\BRSVC_13370421_hlp.exe

C:\Users\Karolis\AppData\Local\Temp\BullseyeCoverage-2-x86.dll

C:\Users\Karolis\AppData\Local\Temp\dateinj01.dll

C:\Users\Karolis\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpjfc17j.dll

C:\Users\Karolis\AppData\Local\Temp\FreemakeVideoConverter_4.1.3.15.exe

C:\Users\Karolis\AppData\Local\Temp\FreemakeVideoDownloader_3.6.4.1.exe

C:\Users\Karolis\AppData\Local\Temp\ftd2xx2892585759672850632.dll

C:\Users\Karolis\AppData\Local\Temp\gtapi.dll

C:\Users\Karolis\AppData\Local\Temp\install_flash_player.exe

C:\Users\Karolis\AppData\Local\Temp\jansi-32-git-Bukkit-1.7.9-R0.2-24-g07d4558-b3116jnks.dll

C:\Users\Karolis\AppData\Local\Temp\jansi-64-git-Bukkit-1.7.9-R0.2-24-g07d4558-b3116jnks.dll

C:\Users\Karolis\AppData\Local\Temp\jna980575153750014321.dll

C:\Users\Karolis\AppData\Local\Temp\jre-7u55-windows-i586-iftw.exe

C:\Users\Karolis\AppData\Local\Temp\jre-7u65-windows-i586-iftw.exe

C:\Users\Karolis\AppData\Local\Temp\jre-7u67-windows-i586-iftw.exe

C:\Users\Karolis\AppData\Local\Temp\nvSCPAPI.dll

C:\Users\Karolis\AppData\Local\Temp\nvSCPAPI64.dll

C:\Users\Karolis\AppData\Local\Temp\nvStInst.exe

C:\Users\Karolis\AppData\Local\Temp\ose00000.exe

C:\Users\Karolis\AppData\Local\Temp\Quarantine.exe

C:\Users\Karolis\AppData\Local\Temp\setup.exe

C:\Users\Karolis\AppData\Local\Temp\sfamcc00001.dll

C:\Users\Karolis\AppData\Local\Temp\sfamcc00002.dll

C:\Users\Karolis\AppData\Local\Temp\sfareca00001.dll

C:\Users\Karolis\AppData\Local\Temp\sfextra.dll

C:\Users\Karolis\AppData\Local\Temp\SkypeSetup.exe

C:\Users\Karolis\AppData\Local\Temp\sonarinst.exe

C:\Users\Karolis\AppData\Local\Temp\sqlite-3.7.2-sqlitejdbc.dll

C:\Users\Karolis\AppData\Local\Temp\SRLDetectionLibrary6960188433696458132.dll

C:\Users\Karolis\AppData\Local\Temp\TXPltSafeInit.dll

C:\Users\Karolis\AppData\Local\Temp\uninst.exe

C:\Users\Karolis\AppData\Local\Temp\uninstall_complete.exe

C:\Users\Karolis\AppData\Local\Temp\Wise_SETUP.exe

 

 

==================== Bamital & volsnap Check =================

 

(There is no automatic fix for files that do not pass verification.)

 

C:\Windows\System32\winlogon.exe => File is digitally signed

C:\Windows\System32\wininit.exe => File is digitally signed

C:\Windows\explorer.exe => File is digitally signed

C:\Windows\SysWOW64\explorer.exe => File is digitally signed

C:\Windows\System32\svchost.exe => File is digitally signed

C:\Windows\SysWOW64\svchost.exe => File is digitally signed

C:\Windows\System32\services.exe => File is digitally signed

C:\Windows\System32\User32.dll => File is digitally signed

C:\Windows\SysWOW64\User32.dll => File is digitally signed

C:\Windows\System32\userinit.exe => File is digitally signed

C:\Windows\SysWOW64\userinit.exe => File is digitally signed

C:\Windows\System32\rpcss.dll => File is digitally signed

C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

 

 

LastRegBack: 2014-08-25 13:50

 

==================== End Of Log ============================

Link to post
Share on other sites

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 24-08-2014 03

Ran by Karolis at 2014-08-25 19:36:27

Running from C:\Users\Karolis\Desktop

Boot Mode: Normal

==========================================================

 

 

==================== Security Center ========================

 

(If an entry is included in the fixlist, it will be removed.)

 

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

 

==================== Installed Programs ======================

 

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

 

µTorrent (HKCU\...\uTorrent) (Version: 3.4.2.32126 - BitTorrent Inc.)

3DMark 11 (HKLM-x32\...\{f9e83b9c-ab7e-4005-8f32-4ea69703a5e4}) (Version: 1.0.132.0 - Futuremark)

3DMark 11 (Version: 1.0.132.0 - Futuremark) Hidden

7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)

Adobe After Effects CC (HKLM-x32\...\{317243C1-6580-4F43-AED7-37D4438C3DD5}) (Version: 12 - Adobe Systems Incorporated)

Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 4.0.0.1390 - Adobe Systems Incorporated)

Adobe AIR (x32 Version: 4.0.0.1390 - Adobe Systems Incorporated) Hidden

Adobe Flash Player 14 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 14.0.0.145 - Adobe Systems Incorporated)

Adobe Photoshop CC 2014 (HKLM-x32\...\{D7A4F897-B20A-42D0-862D-CB5F6DB7391D}) (Version: 15.0 - Adobe Systems Incorporated)

Adobe Premiere Pro CC (HKLM-x32\...\{505FF1AC-E7F5-4462-BBA7-08900E7E9EEF}) (Version: 7.0.0 - Adobe Systems Incorporated)

Adobe Reader XI (11.0.06) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.06 - Adobe Systems Incorporated)

Adobe Shockwave Player 12.1 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.1.0.150 - Adobe Systems, Inc.)

AIMP3 (HKLM-x32\...\AIMP3) (Version: v3.55.1345, 26.03.2014 - AIMP DevTeam)

Apple Application Support (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)

Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)

Assassins Creed IV Black Flag (HKLM-x32\...\QXNzYXNzaW5zQ3JlZWRJVkJsYWNrRmxhZw==_is1) (Version: 1 - )

ASUS Boot Setting (HKLM-x32\...\{7AAE9187-C24F-4073-A951-36C370E7A3A5}) (Version: 1.00.17 - ASUSTeK Computer Inc.)

ASUS GPU Tweak (HKLM-x32\...\InstallShield_{532F6E8A-AF97-41C3-915F-39F718EC07D1}) (Version: 2.4.9.2 - ASUSTek COMPUTER INC.)

ASUS GPU Tweak (x32 Version: 2.4.9.2 - ASUSTek COMPUTER INC.) Hidden

Battle.net (HKLM-x32\...\Battle.net) (Version:  - Blizzard Entertainment)

Battlefield 3™ (HKLM-x32\...\{76285C16-411A-488A-BCE3-C83CB933D8CF}) (Version: 1.6.0.0 - Electronic Arts)

Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.3.0 - EA Digital Illusions CE AB)

CABAL Online (EU) (HKCU\...\CabalOnline(EU)) (Version:  - )

CABAL Online (NA - Global) (HKCU\...\CabalOnline(NA - Global)) (Version:  - )

Call of Duty Modern Warfare 2 (HKLM-x32\...\Call of Duty Modern Warfare 2_is1) (Version:  - Activision)

Call of Duty® 4 - Modern Warfare (HKLM-x32\...\InstallShield_{E48469CC-635E-4FD5-A122-1497C286D217}) (Version: 1.7 - Activision)

Call of Duty® 4 - Modern Warfare (x32 Version: 1.00.0000 - Activision) Hidden

Call of Duty® 4 - Modern Warfare 1.1 Patch (x32 Version:  - ) Hidden

Call of Duty® 4 - Modern Warfare 1.1 Patch (x32 Version: 1.1 - Activision) Hidden

Call of Duty® 4 - Modern Warfare 1.2 Patch (x32 Version:  - ) Hidden

Call of Duty® 4 - Modern Warfare 1.2 Patch (x32 Version: 1.2 - Activision) Hidden

Call of Duty® 4 - Modern Warfare 1.3 Patch (x32 Version:  - ) Hidden

Call of Duty® 4 - Modern Warfare 1.3 Patch (x32 Version: 1.3 - Activision) Hidden

Call of Duty® 4 - Modern Warfare 1.4 Patch (x32 Version:  - ) Hidden

Call of Duty® 4 - Modern Warfare 1.4 Patch (x32 Version: 1.4 - Activision) Hidden

Call of Duty® 4 - Modern Warfare 1.5 Multiplayer Patch (x32 Version:  - ) Hidden

Call of Duty® 4 - Modern Warfare 1.5 Patch (x32 Version: 1.5 - Activision) Hidden

Call of Duty® 4 - Modern Warfare 1.6 Patch (x32 Version:  - ) Hidden

Call of Duty® 4 - Modern Warfare 1.6 Patch (x32 Version: 1.6 - Activision) Hidden

Call of Duty® 4 - Modern Warfare 1.7 Patch (x32 Version:  - ) Hidden

Call of Duty® 4 - Modern Warfare 1.7 Patch (x32 Version: 1.7 - Activision) Hidden

CameraHelperMsi (x32 Version: 13.51.815.0 - Logitech) Hidden

Camtasia Studio 8 (HKLM-x32\...\{45F34E54-DAD9-405B-A4F6-B12B0A46B984}) (Version: 8.4.1.1745 - TechSmith Corporation)

China Localization Patcher (HKLM-x32\...\{35B0E09B-4A05-453B-8023-F9820566F007}) (Version: 1.6.0.0 - LokiReborn)

ChrisPC Win Experience Index 2.20 (HKLM-x32\...\{1116089C-14B5-1A23-8113-6124567ABCDE}_is1) (Version:  - Chris P.C. srl)

Company of Heroes (HKLM-x32\...\{BA801B94-C28D-46EE-B806-E1E021A3D519}) (Version: 1.0.0.78 - THQ Inc.)

Company of Heroes 2 (HKLM-x32\...\Q29tcGFueW9mSGVyb2VzMg==_is1) (Version: 1 - )

CPUID CPU-Z 1.69 (HKLM\...\CPUID CPU-Z_is1) (Version:  - )

DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.49.1.0356 - Disc Soft Ltd)

Definition Update for Microsoft Office 2010 (KB982726) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{0FF4FAA8-370E-42C3-B9A2-331907DE7876}) (Version:  - Microsoft)

Dragon Nest Europe (HKLM-x32\...\Dragon Nest Europe) (Version:  - )

Dropbox (HKCU\...\Dropbox) (Version: 2.10.27 - Dropbox, Inc.)

erLT (x32 Version: 1.20.138.34 - Logitech, Inc.) Hidden

ESN Sonar (HKLM-x32\...\ESN Sonar-0.70.4) (Version: 0.70.4 - ESN Social Software AB)

Five Nights at Freddy's (HKCU\...\Five Nights at Freddy's) (Version:  - )

Freemake Video Converter version 4.1.3 (HKLM-x32\...\Freemake Video Converter_is1) (Version: 4.1.3 - Ellora Assets Corporation)

Freemake Video Downloader (HKLM-x32\...\Freemake Video Downloader_is1) (Version: 3.6.4 - Ellora Assets Corporation)

Futuremark SystemInfo (HKLM-x32\...\{EF7EA37B-C009-4D53-AE2A-FF7C6AEC35CE}) (Version: 4.26.386 - Futuremark)

GameRanger (HKCU\...\GameRanger) (Version:  - GameRanger Technologies)

Google Chrome (HKLM-x32\...\Google Chrome) (Version: 36.0.1985.143 - „Google Inc.“)

Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden

Intel® Chipset Device Software (Version: 10.0.13 - Intel Corporation) Hidden

Intel® Chipset Device Software (x32 Version: 10.0.13 - Intel® Corporation) Hidden

Intel® Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1011 - Intel Corporation)

Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.15.1730 - Intel Corporation)

Intel® Trusted Connect Service Client (Version: 1.31.8.1 - Intel Corporation) Hidden

Java 7 Update 51 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417051FF}) (Version: 7.0.510 - Oracle)

Java 7 Update 67 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217067FF}) (Version: 7.0.670 - Oracle)

Java Auto Updater (x32 Version: 2.1.67.1 - Oracle, Inc.) Hidden

KMSpico v9.0.4.20131109 (Beta1) (HKLM\...\KMSpico_is1) (Version: 9.0.4.20131109 - )

League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games)

League of Legends (x32 Version: 3.0.1 - Riot Games) Hidden

Logitech Webcam Software (HKLM-x32\...\{D40EB009-0499-459c-A8AF-C9C110766215}) (Version: 2.80 - Logitech Inc.)

LOLReplay (HKLM-x32\...\LOLReplay) (Version: 0.8.7 - www.leaguereplays.com)

LWS Facebook (x32 Version: 13.50.854.0 - Logitech) Hidden

LWS Gallery (x32 Version: 13.51.827.0 - Logitech) Hidden

LWS Help_main (x32 Version: 13.51.828.0 - Logitech) Hidden

LWS YouTube Plugin (x32 Version: 13.31.1038.0 - Logitech) Hidden

LWS Launcher (x32 Version: 13.51.828.0 - Logitech) Hidden

LWS Motion Detection (x32 Version: 13.51.815.0 - Logitech) Hidden

LWS Pictures And Video (x32 Version: 13.51.815.0 - Logitech) Hidden

LWS Twitter (x32 Version: 13.30.1346.0 - Logitech) Hidden

LWS Webcam Software (x32 Version: 13.51.815.0 - Logitech) Hidden

LWS WLM Plugin (x32 Version: 1.30.1201.0 - Logitech) Hidden

Malwarebytes Anti-Malware version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)

Microsoft AppLocale (HKLM-x32\...\{394BE3D9-7F57-4638-A8D1-1D88671913B7}) (Version: 1.0.0 - MS)

Microsoft Office Access MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden

Microsoft Office Access Setup Metadata MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden

Microsoft Office Excel MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden

Microsoft Office Groove MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden

Microsoft Office InfoPath MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden

Microsoft Office Office 32-bit Components 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden

Microsoft Office OneNote MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden

Microsoft Office Outlook MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden

Microsoft Office PowerPoint MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden

Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation)

Microsoft Office Professional Plus 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden

Microsoft Office Proof (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden

Microsoft Office Proof (French) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden

Microsoft Office Proof (Spanish) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden

Microsoft Office Proofing (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden

Microsoft Office Publisher MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden

Microsoft Office Shared 32-bit MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden

Microsoft Office Shared MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden

Microsoft Office Shared Setup Metadata MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden

Microsoft Office Word MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden

Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)

Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)

Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)

Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)

Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (Version: 11.0.61030 - Microsoft Corporation) Hidden

Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (Version: 11.0.61030 - Microsoft Corporation) Hidden

Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (x32 Version: 11.0.61030 - Microsoft Corporation) Hidden

Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (x32 Version: 11.0.61030 - Microsoft Corporation) Hidden

Microsoft Windows Application Compatibility Database (HKLM\...\{deb7008b-681e-4a4a-8aae-cc833e8216ce}.sdb) (Version:  - )

Minecraft1.7.2 (HKLM-x32\...\Minecraft1.7.2) (Version:  - )

Minecraft1.7.8 (HKLM-x32\...\Minecraft1.7.8) (Version:  - )

MK LOL (HKCU\...\MK LOL) (Version:  - )

MotioninJoy Gamepad tool 0.7.1001 (HKLM\...\{330DAC67-5B62-452A-A0E4-6B4A5923940F}_is1) (Version: 0.7.1001 - www.motioninjoy.com)

MSVCRT Redists (Version: 1.0 - Sony Creative Software Inc.) Hidden

NVIDIA 3D Vision Controller Driver 340.50 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 340.50 - NVIDIA Corporation)

NVIDIA 3D Vision Driver 340.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 340.52 - NVIDIA Corporation)

NVIDIA Control Panel 340.52 (Version: 340.52 - NVIDIA Corporation) Hidden

NVIDIA GeForce Experience 2.1.1.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1.1.1 - NVIDIA Corporation)

NVIDIA Graphics Driver 340.52 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 340.52 - NVIDIA Corporation)

NVIDIA HD Audio Driver 1.3.30.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.30.1 - NVIDIA Corporation)

NVIDIA Install Application (Version: 2.1002.160.1244 - NVIDIA Corporation) Hidden

NVIDIA LED Visualizer 1.0 (Version: 1.0 - NVIDIA Corporation) Hidden

NVIDIA Network Service (Version: 1.0 - NVIDIA Corporation) Hidden

NVIDIA PhysX (x32 Version: 9.13.1220 - NVIDIA Corporation) Hidden

NVIDIA PhysX System Software 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)

NVIDIA ShadowPlay 15.3.36 (Version: 15.3.36 - NVIDIA Corporation) Hidden

NVIDIA Stereoscopic 3D Driver (x32 Version: 7.17.12.6514 - NVIDIA Corporation) Hidden

NVIDIA Update 15.3.36 (Version: 15.3.36 - NVIDIA Corporation) Hidden

NVIDIA Update Core (Version: 15.3.36 - NVIDIA Corporation) Hidden

NVIDIA Virtual Audio 1.2.23 (Version: 1.2.23 - NVIDIA Corporation) Hidden

Open Broadcaster Software (HKLM-x32\...\Open Broadcaster Software) (Version:  - )

Origin (HKLM-x32\...\Origin) (Version: 9.4.7.2799 - Electronic Arts, Inc.)

Overwolf (HKLM-x32\...\{FB83467F-D8EB-43E6-8B3D-860B045C1C52}) (Version: 0.51.325 - Overwolf)

Paint.NET v3.5.11 (HKLM\...\{72EF03F5-0507-4861-9A44-D99FD4C41418}) (Version: 3.61.0 - dotPDN LLC)

PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.)

QuickTime 7 (HKLM-x32\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)

Razer Abyssus (HKLM-x32\...\{CBD6B23A-B54F-476A-9527-C262F469CACF}) (Version: 2.02 -  Razer USA Ltd.)

Realtek Ethernet Diagnostic Utility (HKLM-x32\...\{DADC7AB0-E554-4705-9F6A-83EA82ED708E}) (Version: 2.0.2.7 - Realtek)

Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7071 - Realtek Semiconductor Corp.)

Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{A3364707-2F53-4C83-8F68-C9877A9080C7}) (Version:  - Microsoft)

Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (Version:  - Microsoft) Hidden

SHIELD Streaming (Version: 3.1.100 - NVIDIA Corporation) Hidden

System Requirements Lab CYRI (HKLM-x32\...\{19B0831B-0C18-4103-86E4-90FCD04CD3B9}) (Version: 6.0.12.5 - Husdawg, LLC)

System Requirements Lab Detection (HKLM-x32\...\{A407FC22-36BF-4C82-A516-59D94BC505A9}) (Version: 1.0.5.0 - Husdawg, LLC)

Skype™ 6.18 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.18.106 - Skype Technologies S.A.)

SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version:  - )

Steam (HKLM-x32\...\Steam) (Version:  - Valve Corporation)

swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden

TAP-Windows 9.9.2 (HKLM\...\TAP-Windows) (Version: 9.9.2 - )

TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.14 - TeamSpeak Systems GmbH)

TechPowerUp GPU-Z (HKLM-x32\...\TechPowerUp GPU-Z) (Version:  - TechPowerUp)

TERA (HKLM-x32\...\{A2F166A0-F031-4E27-A057-C69733219434}_is1) (Version: 7 - Gameforge Productions GmbH)

The KMPlayer (remove only) (HKLM-x32\...\The KMPlayer) (Version: 3.9.0.126 - PandoraTV)

Titanfall™ (HKLM-x32\...\{347EE0C3-0690-48F6-A231-53853C2A80D6}) (Version: 1.0.5.7 - Electronic Arts)

TomTom HOME (HKLM-x32\...\{7A2BB1C8-903D-4585-9F3B-CADD67D07D37}) (Version: 2.9.8 - TomTom)

TomTom HOME Visual Studio Merge Modules (HKLM-x32\...\{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}) (Version: 1.0.2 - TomTom International B.V.)

Tunngle beta (HKLM-x32\...\Tunngle beta_is1) (Version:  - Tunngle.net GmbH)

Unity (HKLM-x32\...\Unity) (Version:  - Unity Technologies ApS)

Unity Web Player (HKCU\...\UnityWebPlayer) (Version:  - Unity Technologies ApS)

Unturned (HKLM-x32\...\Steam App 304930) (Version:  - Nelson Sexton)

Update for CHS Microsoft IME HAP Dictionary (Version: 16.0.961.1 - Microsoft Corporation) Hidden

Update for Microsoft Access 2010 (KB2553446) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{FEF4C57D-0975-4D3C-ACC7-DCD038C3788F}) (Version:  - Microsoft)

Update for Microsoft Filter Pack 2.0 (KB2810071) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{59446CD0-D49A-4154-BDD5-59CB3B6F89AC}) (Version:  - Microsoft)

Update for Microsoft Office 2010 (KB2553157) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{01A0BCB9-0022-4B33-906C-A5DE8570012A}) (Version:  - Microsoft)

Update for Microsoft Office 2010 (KB2589370) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{A237DF8D-4459-438D-9D1A-5A5B336222CB}) (Version:  - Microsoft)

Update for Microsoft Office 2010 (KB2760598) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{F216169C-2B40-429B-8370-B5BA06EC5423}) (Version:  - Microsoft)

Update for Microsoft Office 2010 (KB2760598) 64-Bit Edition (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}_Office14.PROPLUS_{F216169C-2B40-429B-8370-B5BA06EC5423}) (Version:  - Microsoft)

Update for Microsoft Office 2010 (KB2760758) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{A7D93AFA-2F60-448B-8DDD-8575FDAB47CC}) (Version:  - Microsoft)

Update for Microsoft Office 2010 (KB2760758) 64-Bit Edition (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}_Office14.PROPLUS_{A7D93AFA-2F60-448B-8DDD-8575FDAB47CC}) (Version:  - Microsoft)

Update for Microsoft Office 2010 (KB2794737) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{07DC9C6C-E916-4F42-8677-716930ED0393}) (Version:  - Microsoft)

Update for Microsoft OneNote 2010 (KB2810072) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{1C381677-BE03-49CC-AFCA-242AA6094621}) (Version:  - Microsoft)

Update for Microsoft OneNote 2010 (KB2810072) 64-Bit Edition (HKLM\...\{90140000-0043-0000-1000-0000000FF1CE}_Office14.PROPLUS_{1C381677-BE03-49CC-AFCA-242AA6094621}) (Version:  - Microsoft)

Update for Microsoft PowerPoint 2010 (KB2553145) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{762C2438-9257-42BC-BD3D-6D02EC138D18}) (Version:  - Microsoft)

Update for Microsoft PowerPoint 2010 (KB2553145) 64-Bit Edition (HKLM\...\{90140000-0018-0409-1000-0000000FF1CE}_Office14.PROPLUS_{55C3C61D-31E9-4ECF-B29B-C1C6A8FB68FB}) (Version:  - Microsoft)

Update for Microsoft Visio Viewer 2010 (KB2810066) 64-Bit Edition (HKLM\...\{90140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUS_{DF33B92A-5381-4F03-AB54-2D67086B357E}) (Version:  - Microsoft)

Uplay (HKLM-x32\...\Uplay) (Version: 4.3 - Ubisoft)

Vegas Pro 12.0 (64-bit) (HKLM\...\{59BEEE71-1A39-11E3-8E5C-F04DA23A5C58}) (Version: 12.0.714 - Sony)

WATCH_DOGS (HKLM-x32\...\Uplay Install 274) (Version:  - Ubisoft)

WinPcap 4.1.2 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2001 - CACE Technologies)

WinRAR 5.01 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)

XCOM: Enemy Within (HKLM-x32\...\WENPTUVuZW15V2l0aGlu_is1) (Version: 1 - )

剑灵_腾讯 (HKLM-x32\...\剑灵_腾讯) (Version:  - Tencent)

腾讯游戏平台 (HKLM-x32\...\腾讯游戏平台Formal) (Version:  - Tencent)

 

==================== Custom CLSID (selected items): ==========================

 

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

 

CustomCLSID: HKU\S-1-5-21-2511904500-3163892986-980190791-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Karolis\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-2511904500-3163892986-980190791-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Karolis\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-2511904500-3163892986-980190791-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Karolis\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-2511904500-3163892986-980190791-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Karolis\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-2511904500-3163892986-980190791-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Karolis\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-2511904500-3163892986-980190791-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Karolis\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-2511904500-3163892986-980190791-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Karolis\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-2511904500-3163892986-980190791-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Karolis\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-2511904500-3163892986-980190791-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Karolis\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)

 

==================== Restore Points  =========================

 

25-08-2014 14:39:25 Checkpoint by HitmanPro

 

==================== Hosts content: ==========================

 

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

 

2013-08-22 16:25 - 2014-04-09 00:05 - 00001132 ____A C:\Windows\system32\Drivers\etc\hosts

127.0.0.1                   activate.adobe.com

127.0.0.1                   practivate.adobe.com

127.0.0.1                   lmlicenses.wip4.adobe.com

127.0.0.1                   lm.licenses.adobe.com

127.0.0.1                   na1r.services.adobe.com

127.0.0.1                   hlrcv.stage.adobe.com

 

 

==================== Scheduled Tasks (whitelisted) =============

 

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

 

Task: {05293577-D647-4185-B859-C94839A0B2E3} - System32\Tasks\Microsoft\Windows\SettingSync\NetworkStateChangeTask

Task: {098BE8C5-82F3-4181-927C-0B02A2721661} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-03-27] (Google Inc.)

Task: {0B545118-B563-42FC-8D07-B78F602FCF34} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList

Task: {0D8A891D-890C-4808-84D8-2F436AB14653} - System32\Tasks\Microsoft\Windows\Application Experience\AitAgent => aitagent.exe

Task: {13DA79AF-6A34-4CCA-8E0A-B5F649D2C8C3} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Validation

Task: {2085BF56-520D-4951-B7C0-DF34AF90CC6A} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask

Task: {2C9C0C6C-2A74-46F2-858A-4389D253EAD0} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCachePrepopulate

Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\Windows\System32\AutoWorkplace.exe [2013-08-22] (Microsoft Corporation)

Task: {3B6D8A73-F20B-4C93-B8FB-56A154F172D2} - System32\Tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone => C:\Windows\system32\tzsync.exe [2013-08-22] (Microsoft Corporation)

Task: {49754026-21E1-41FC-94FD-727AFE414FE7} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCacheRebalance

Task: {4DDB99D8-E6FE-43A5-BC05-13FE4EB04358} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-07-08] (Adobe Systems Incorporated)

Task: {4E71995A-CDA3-4B60-B765-F5E2B104BE46} - \AutoPico Daily Restart No Task File <==== ATTENTION

Task: {50CB28A0-5869-467F-9F73-FE7903799EA2} - System32\Tasks\KMS Server OnLogon Activate => C:\Windows\AutoKMS_VL_ALL\AutoKMS_VL_ALL.exe [2013-11-19] (MDL)

Task: {599E15E2-7978-46A8-8D0B-02F1DD11D765} - \AutoKMS No Task File <==== ATTENTION

Task: {61C47BEF-DD7F-475A-AD6C-8AF1B8E11538} - System32\Tasks\Microsoft\Windows\DiskFootprint\Diagnostics

Task: {6696F734-1ED3-4B78-BE3F-D9E711001D5E} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Management

Task: {6AA91E8C-DDBD-4979-8464-4062F7681A19} - System32\Tasks\Microsoft\Windows\Plug and Play\Plug and Play Cleanup

Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task

Task: {73B1B253-CE67-4501-AE1A-377DD1D68B65} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask

Task: {77F1D869-6E65-4079-A2A0-E2023408EF97} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState

Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task

Task: {8CC813C9-712A-41EF-9512-B233444FC669} - System32\Tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup => Rundll32.exe %windir%\system32\AppxDeploymentClient.dll,AppxPreStageCleanupRunTask

Task: {9EA67AD6-0E42-4541-90B9-7A5D682474AB} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyUpload

Task: {9FF4C139-5234-410C-B7FA-23EE2FD2AB53} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Maintenance Work

Task: {A216000C-66D3-4E66-8A6E-D98AB5762D3C} - System32\Tasks\Microsoft\Windows\Bluetooth\UninstallDeviceTask => BthUdTask.exe

Task: {A3DDD35E-A31D-47E8-996C-F7241E15A7A3} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-03-27] (Google Inc.)

Task: {AABD9B96-E49D-45F2-AAF8-E8809B04C87E} - System32\Tasks\Microsoft\Windows\WindowsUpdate\Scheduled Start With Network => Sc.exe start wuauserv

Task: {AC013C64-33AF-4F74-9C34-CDD84168F239} - System32\Tasks\Microsoft\Windows\DiskCleanup\SilentCleanup => C:\Windows\system32\cleanmgr.exe [2014-02-22] (Microsoft Corporation)

Task: {C5A9524D-FE3D-4223-B7EC-E14A241ECF4F} - System32\Tasks\KMS Server Daily Activate => C:\Windows\AutoKMS_VL_ALL\AutoKMS_VL_ALL.exe [2013-11-19] (MDL)

Task: {CFD7C21A-808B-487B-A6EC-8A10E44E8360} - System32\Tasks\Microsoft\Windows\SettingSync\BackupTask

Task: {D88FEC9E-A82A-46F9-87E2-B6B97B301C1A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing

Task: {DA46820F-FF8A-4B5E-A6B2-B12185DCFFFB} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Logon Synchronization

Task: {E6D378FA-E068-4BCB-80DE-56D43A249507} - System32\Tasks\Microsoft\Windows\RecoveryEnvironment\VerifyWinRE

Task: {ED2E7886-29A6-4F87-ACA5-47860AB06D3D} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2014-08-15] (Microsoft Corporation)

Task: {FE49D7A4-81BE-4C42-A01A-E8ED2194C50F} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

 

==================== Loaded Modules (whitelisted) =============

 

2014-08-22 16:32 - 2014-07-02 21:55 - 00116568 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll

2014-03-27 22:31 - 2012-09-18 16:27 - 00192512 _____ () C:\Windows\System32\zlhp1020.dll

2014-03-27 22:31 - 2012-09-18 16:27 - 00065024 _____ () C:\Windows\system32\spool\PRTPROCS\x64\pphp1020.dll

2014-04-09 16:30 - 2012-06-01 17:42 - 00920736 _____ () C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe

2010-10-20 16:23 - 2010-10-20 16:23 - 08801632 _____ () C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll

2014-08-11 18:35 - 2014-08-11 18:35 - 00076152 _____ () C:\Windows\system32\PnkBstrA.exe

2014-04-10 12:27 - 2013-01-21 14:17 - 00295936 _____ () C:\Program Files (x86)\Razer\Abyssus\razerhid.exe

2014-04-10 12:27 - 2013-01-21 14:20 - 00295936 _____ () C:\Program Files (x86)\Razer\Abyssus\razertra.exe

2012-09-13 00:38 - 2012-09-13 00:38 - 00264040 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\CameraHelperShell.exe

2014-04-10 12:27 - 2011-03-01 14:34 - 01759232 _____ () C:\Program Files (x86)\Razer\Abyssus\vdDaemon.exe

2014-04-09 16:30 - 2014-08-25 18:04 - 00026624 _____ () C:\Program Files (x86)\ASUS\AXSP\1.00.19\PEbiosinterface32.dll

2014-04-09 16:30 - 2010-06-29 10:58 - 00104448 _____ () C:\Program Files (x86)\ASUS\AXSP\1.00.19\ATKEX.dll

2013-04-04 02:09 - 2013-04-04 02:09 - 04300456 _____ () C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF

2010-10-20 16:45 - 2010-10-20 16:45 - 08801120 _____ () C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveIntlResource.dll

2012-09-13 00:38 - 2012-09-13 00:38 - 02144104 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\QtCore4.dll

2012-09-13 00:38 - 2012-09-13 00:38 - 07955304 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\QtGui4.dll

2012-09-13 00:38 - 2012-09-13 00:38 - 00341352 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\QtXml4.dll

2012-09-13 00:38 - 2012-09-13 00:38 - 00028008 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\imageformats\QGif4.dll

2012-09-13 00:38 - 2012-09-13 00:38 - 00127336 _____ () C:\Program Files (x86)\Logitech\LWS\Webcam Software\imageformats\QJpeg4.dll

2012-09-13 00:39 - 2012-09-13 00:39 - 00336232 _____ () C:\Program Files (x86)\Common Files\logishrd\LWSPlugins\LWS\Applets\CameraHelper\DevManagerCore.dll

2014-03-27 19:31 - 2014-03-27 19:31 - 00505344 _____ () C:\Program Files (x86)\AIMP3\sqlite3.dll

2014-03-27 19:31 - 2014-03-27 19:31 - 00218112 _____ () C:\Program Files (x86)\AIMP3\libsoxr.dll

2014-03-27 19:31 - 2014-03-27 19:31 - 00220672 _____ () C:\Program Files (x86)\AIMP3\Modules\MACDll.dll

2014-03-27 19:31 - 2014-03-27 19:31 - 00294400 _____ () C:\Program Files (x86)\AIMP3\Modules\libFLAC.dll

2014-03-27 19:31 - 2014-03-27 19:31 - 01733120 _____ () C:\Program Files (x86)\AIMP3\Modules\aimp_libvorbis.dll

2014-03-27 19:31 - 2014-03-27 19:31 - 00072136 _____ () C:\Program Files (x86)\AIMP3\Plugins\aimp_lastfm.dll

2014-03-27 19:31 - 2014-03-27 19:31 - 00026624 _____ () C:\Program Files (x86)\AIMP3\Plugins\Aorta.svp

2014-03-27 19:31 - 2014-03-27 19:31 - 00237568 _____ () C:\Program Files (x86)\AIMP3\Plugins\OptimFROG.dll

2014-03-27 19:31 - 2014-03-27 19:31 - 00141768 _____ () C:\Program Files (x86)\AIMP3\Plugins\PandemicAnalogMeter.dll

2014-08-24 13:56 - 2014-08-25 18:31 - 00158720 _____ () C:\Users\Karolis\AppData\Local\Temp\sfareca00001.dll

2014-03-27 21:38 - 2014-08-25 18:31 - 00192512 _____ () C:\Users\Karolis\AppData\Local\Temp\sfamcc00001.dll

2014-08-16 05:57 - 2014-08-07 06:20 - 00718152 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.143\libglesv2.dll

2014-08-16 05:57 - 2014-08-07 06:20 - 00126280 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.143\libegl.dll

2014-08-16 05:57 - 2014-08-07 06:20 - 08537928 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.143\pdf.dll

2014-08-16 05:57 - 2014-08-07 06:20 - 00353096 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.143\ppGoogleNaClPluginChrome.dll

2014-08-16 05:57 - 2014-08-07 06:20 - 01732936 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.143\ffmpegsumo.dll

 

==================== Alternate Data Streams (whitelisted) =========

 

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

 

AlternateDataStreams: C:\Users\Karolis\AppData\Local\JBbDXcVXIQoc:vzSxblq1WcJp2PUzEFt4bxea7e

AlternateDataStreams: C:\Users\Karolis\AppData\Local\Temp:0Lx4YZXirt7Qae6Dkl2T3tN055

 

==================== Safe Mode (whitelisted) ===================

 

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

 

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\79335635.sys => ""="Driver"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp => ""="Driver"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp.sys => ""="Driver"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\79335635.sys => ""="Driver"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CleanHlp => ""="Driver"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CleanHlp.sys => ""="Driver"

 

==================== EXE Association (whitelisted) =============

 

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)

 

 

==================== MSCONFIG/TASK MANAGER disabled items =========

 

(Currently there is no automatic fix for this section.)

 

MSCONFIG\Services: AdobeARMservice => 2

MSCONFIG\Services: asComSvc => 2

MSCONFIG\Services: ASGT => 2

MSCONFIG\Services: FreemakeVideoCapture => 2

MSCONFIG\Services: Futuremark SystemInfo Service => 3

MSCONFIG\Services: gupdate => 2

MSCONFIG\Services: gupdatem => 3

MSCONFIG\Services: Intel® Capability Licensing Service Interface => 2

MSCONFIG\Services: Intel® Capability Licensing Service TCP IP Interface => 3

MSCONFIG\Services: jhi_service => 2

MSCONFIG\Services: LMS => 2

MSCONFIG\Services: NvNetworkService => 2

MSCONFIG\Services: NvStreamSvc => 2

MSCONFIG\Services: nvsvc => 2

MSCONFIG\Services: Service KMSELDI => 2

MSCONFIG\Services: SkypeUpdate => 2

MSCONFIG\Services: Stereo Service => 2

HKLM\...\StartupApproved\Run: => "ShadowPlay"

HKLM\...\StartupApproved\Run: => "NvBackend"

HKLM\...\StartupApproved\Run: => "BCSSync"

HKLM\...\StartupApproved\Run32: => "Adobe ARM"

HKLM\...\StartupApproved\Run32: => "IMSS"

HKLM\...\StartupApproved\Run32: => "AdobeCEPServiceManager"

HKLM\...\StartupApproved\Run32: => "APSDaemon"

HKLM\...\StartupApproved\Run32: => "QuickTime Task"

HKCU\...\StartupApproved\StartupFolder: => "Logitech . Gaminio registracija.lnk"

HKCU\...\StartupApproved\Run: => "DAEMON Tools Lite"

HKCU\...\StartupApproved\Run: => "EADM"

HKCU\...\StartupApproved\Run: => "TomTomHOME.exe"

 

==================== Faulty Device Manager Devices =============

 

 

==================== Event log errors: =========================

 

Application errors:

==================

Error: (08/25/2014 06:04:59 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )

Description: License Activation (slui.exe) failed with the following error code:

hr=0xC004F074

Command-line arguments:

RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=c06b6981-d7fd-4a35-b7b4-054742b7af67;NotificationInterval=1440;Trigger=NetworkAvailable

 

Error: (08/25/2014 06:04:35 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )

Description: License Activation (slui.exe) failed with the following error code:

hr=0xC004F074

Command-line arguments:

RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=c06b6981-d7fd-4a35-b7b4-054742b7af67;NotificationInterval=1440;Trigger=UserLogon;SessionId=1

 

Error: (08/25/2014 05:42:06 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )

Description: License Activation (slui.exe) failed with the following error code:

hr=0xC004F074

Command-line arguments:

RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=c06b6981-d7fd-4a35-b7b4-054742b7af67;NotificationInterval=1440;Trigger=NetworkAvailable

 

Error: (08/25/2014 05:41:44 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )

Description: License Activation (slui.exe) failed with the following error code:

hr=0xC004F074

Command-line arguments:

RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=c06b6981-d7fd-4a35-b7b4-054742b7af67;NotificationInterval=1440;Trigger=UserLogon;SessionId=1

 

Error: (08/25/2014 05:39:26 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )

Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.

 

 

Details:

AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol.

 

System Error:

Access is denied.

.

 

Error: (08/25/2014 05:39:25 PM) (Source: VSS) (EventID: 8194) (User: )

Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface.  hr = 0x80070005, Access is denied.

.

This is often caused by incorrect security settings in either the writer or requestor process.

 

 

Operation:

   Gathering Writer Data

 

Context:

   Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}

   Writer Name: System Writer

   Writer Instance ID: {5a7a358a-3b1e-4203-a407-c09fbd1a94e6}

 

Error: (08/25/2014 05:19:32 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )

Description: License Activation (slui.exe) failed with the following error code:

hr=0xC004F074

Command-line arguments:

RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=c06b6981-d7fd-4a35-b7b4-054742b7af67;NotificationInterval=1440;Trigger=NetworkAvailable

 

Error: (08/25/2014 05:19:11 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )

Description: License Activation (slui.exe) failed with the following error code:

hr=0xC004F074

Command-line arguments:

RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=c06b6981-d7fd-4a35-b7b4-054742b7af67;NotificationInterval=1440;Trigger=UserLogon;SessionId=1

 

Error: (08/25/2014 01:53:52 PM) (Source: SideBySide) (EventID: 33) (User: )

Description: Activation context generation failed for "Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"1".

Dependent Assembly Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0" could not be found.

Please use sxstrace.exe for detailed diagnosis.

 

Error: (08/25/2014 11:14:27 AM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )

Description: License Activation (slui.exe) failed with the following error code:

hr=0xC004F074

Command-line arguments:

RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=c06b6981-d7fd-4a35-b7b4-054742b7af67;NotificationInterval=1440;Trigger=NetworkAvailable

 

 

System errors:

=============

Error: (08/25/2014 06:06:10 PM) (Source: Service Control Manager) (EventID: 7001) (User: )

Description: The Windows Media Player Network Sharing Service service depends on the Windows Search service which failed to start because of the following error: 

%%1058

 

Error: (08/25/2014 05:43:18 PM) (Source: Service Control Manager) (EventID: 7001) (User: )

Description: The Windows Media Player Network Sharing Service service depends on the Windows Search service which failed to start because of the following error: 

%%1058

 

Error: (08/25/2014 05:41:18 PM) (Source: Service Control Manager) (EventID: 7024) (User: )

Description: The HitmanPro 3.7 Crusader (Boot) service terminated with the following service-specific error: 

%%0

 

Error: (08/25/2014 05:40:32 PM) (Source: Service Control Manager) (EventID: 7006) (User: )

Description: The ScRegSetValueExW call failed for DeleteFlag with the following error: 

%%5

 

Error: (08/25/2014 05:20:47 PM) (Source: Service Control Manager) (EventID: 7001) (User: )

Description: The Windows Media Player Network Sharing Service service depends on the Windows Search service which failed to start because of the following error: 

%%1058

 

Error: (08/25/2014 01:51:44 PM) (Source: DCOM) (EventID: 10010) (User: Zveriukas)

Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}

 

Error: (08/25/2014 01:51:14 PM) (Source: DCOM) (EventID: 10010) (User: Zveriukas)

Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}

 

Error: (08/25/2014 11:15:40 AM) (Source: Service Control Manager) (EventID: 7001) (User: )

Description: The Windows Media Player Network Sharing Service service depends on the Windows Search service which failed to start because of the following error: 

%%1058

 

Error: (08/25/2014 02:44:47 AM) (Source: DCOM) (EventID: 10010) (User: Zveriukas)

Description: {9BA05972-F6A8-11CF-A442-00A0C90A8F39}

 

Error: (08/25/2014 02:44:47 AM) (Source: DCOM) (EventID: 10010) (User: Zveriukas)

Description: {9BA05972-F6A8-11CF-A442-00A0C90A8F39}

 

 

Microsoft Office Sessions:

=========================

Error: (08/25/2014 06:04:59 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )

Description: hr=0xC004F074RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=c06b6981-d7fd-4a35-b7b4-054742b7af67;NotificationInterval=1440;Trigger=NetworkAvailable

 

Error: (08/25/2014 06:04:35 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )

Description: hr=0xC004F074RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=c06b6981-d7fd-4a35-b7b4-054742b7af67;NotificationInterval=1440;Trigger=UserLogon;SessionId=1

 

Error: (08/25/2014 05:42:06 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )

Description: hr=0xC004F074RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=c06b6981-d7fd-4a35-b7b4-054742b7af67;NotificationInterval=1440;Trigger=NetworkAvailable

 

Error: (08/25/2014 05:41:44 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )

Description: hr=0xC004F074RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=c06b6981-d7fd-4a35-b7b4-054742b7af67;NotificationInterval=1440;Trigger=UserLogon;SessionId=1

 

Error: (08/25/2014 05:39:26 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )

Description: 

Details:

AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol.

 

System Error:

Access is denied.

 

Error: (08/25/2014 05:39:25 PM) (Source: VSS) (EventID: 8194) (User: )

Description: 0x80070005, Access is denied.

 

 

Operation:

   Gathering Writer Data

 

Context:

   Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}

   Writer Name: System Writer

   Writer Instance ID: {5a7a358a-3b1e-4203-a407-c09fbd1a94e6}

 

Error: (08/25/2014 05:19:32 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )

Description: hr=0xC004F074RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=c06b6981-d7fd-4a35-b7b4-054742b7af67;NotificationInterval=1440;Trigger=NetworkAvailable

 

Error: (08/25/2014 05:19:11 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )

Description: hr=0xC004F074RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=c06b6981-d7fd-4a35-b7b4-054742b7af67;NotificationInterval=1440;Trigger=UserLogon;SessionId=1

 

Error: (08/25/2014 01:53:52 PM) (Source: SideBySide) (EventID: 33) (User: )

Description: Microsoft.VC80.DebugCRT,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"D:\ADOBE\Adobe After Effects CC\Support Files\Plug-ins\MAXON CINEWARE AE\(CINEWARE Support)\bin\resource\modules\python\res\Python.win64.framework\Lib\distutils\command\wininst-8_d.exe

 

Error: (08/25/2014 11:14:27 AM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )

Description: hr=0xC004F074RuleId=502ff3ba-669a-4674-bbb1-601f34a3b968;Action=AutoActivateSilent;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=c06b6981-d7fd-4a35-b7b4-054742b7af67;NotificationInterval=1440;Trigger=NetworkAvailable

 

 

==================== Memory info =========================== 

 

Processor: Intel® Core i5-4670 CPU @ 3.40GHz

Percentage of memory in use: 32%

Total physical RAM: 8097.93 MB

Available physical RAM: 5433.14 MB

Total Pagefile: 8897.93 MB

Available Pagefile: 5911.95 MB

Total Virtual: 131072 MB

Available Virtual: 131071.79 MB

 

==================== Drives ================================

 

Drive c: () (Fixed) (Total:111.27 GB) (Free:25.84 GB) NTFS

Drive d: () (Fixed) (Total:931.39 GB) (Free:115.95 GB) NTFS

 

==================== MBR & Partition Table ==================

 

========================================================

Disk: 0 (MBR Code: Windows 7 or 8) (Size: 111.8 GB) (Disk ID: 00000000)

 

Partition: GPT Partition Type.

 

========================================================

Disk: 1 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 00000000)

 

Partition: GPT Partition Type.

 

==================== End Of Log ============================

Link to post
Share on other sites

warning.gif Rules and policies

We won't support any piracy.

That being told, if any evidence of illegal OS, software, cracks/keygens or any other will be revealed, any further assistance will be suspended. If you are aware that there is this kind of stuff on your machine, remove it before proceeding!

The same applies to any use of P2P software: uTorrent, BitTorrent, Vuze, Kazaa, Ares... We don't provide any help for P2P, except for their removal. All P2P software has to be uninstalled or at least fully disabled before proceeding!

Failure to follow these guidelines will result with closing your topic and withdrawning any assistance.

It's the second time you're not going with the rules here. I wonder if you really pay attention to what I post to you.

However, until these policies will be obeyed, no assistance will be provided.

Regards,

Naat

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.