WE'RE SURE THAT YOU'LL LOVE US!

Hey there! :wub: Looks like you're enjoying the discussion, but you're not signed up for an account. When you create an account, we remember exactly what you've read, so you always come right back where you left off. You also get notifications, here and via email, whenever new posts are made. You can like posts to share the love. Join 93084 other members! Anybody can ask, anybody can answer. Consistently helpful members may be invited to become staff. Here's how it works. Virus cleanup? Start here -> Malware Removal Forum.

Try What the Tech -- It's free!

Javascript Disabled Detected

You currently have javascript disabled. Several functions may not work. Please re-enable javascript to access full functionality.

ppjoysetup-0-8-4-6.exe installed virus? (logs) [Closed]

Started by graham_UK , Aug 27 2014 05:55 AM

installer virus

This topic is locked

8 replies to this topic

#1 graham_UK

New Member

New Member
3 posts

Posted 27 August 2014 - 05:55 AM

Hi,

Later version of PPJoy introduced a virus in the installer. The above version was installed on my system and missed by Kaspersky and Malware bytes and ESET online scanner. Panda Cloud Cleaner detected installer as Malware, This le me to run the file through Virus Total with a hit detection ration of 18/48

https://www.virustot...fd2b0/analysis/

Information I read conflicts in information, ie it being a variant of Zeus stealing passwords, confidential information, to reading files on access, to just being a downloader of malware.

I am not familiar with viruses in installers. Since i installed PPJoy, Kaspersky, Malwarebytes and ESET online scanner have been used and no malware/viruses have been detected.

Questions:

1) If i have run the scanners above and they are clean, then can i assume I am clean?

2) PPJoy installs joystick drivers - could i be infected at the driver level

3) I use a password manager to copy and paste my passwords into the system - can this password file be copied off my PC and can my master password of been stolen which then gives access to my other passwords?

I use this pc for work so am keen to be sure. Thank you in advance.

Graham

Advertisements

Register to Remove

#2 ken545

Forum God

Retired Classroom Teacher
23,225 posts

Interests:Fighting Malware and cooking some great Italian and TexMex food

Posted 27 August 2014 - 06:39 PM

:welcome:

We can run a few scans and see whats going on and if there is still a problem

Please download aswMBR to your desktop.

Double click the aswMBR icon to run it.

Click the Scan button to start scan.

If you are asked to update the Avast Virus database please allow it to do so.

When it finishes, press the save log button, save the logfile to your desktop and post its contents in your next reply.

I just want to see the report....Please Do Not Fix Anything

============================================================================

Please download Farbar Recovery Scan Tool and save it to your desktop.

Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.

How to determine whether a computer is running a 32-bit version or 64-bit version of the Windows operating system

A simple way to check your system: Start --> Computer (right click) --> Properties

Right click to run as administrator (XP users click run after receipt of Windows Security Warning - Open File). When the tool opens click Yes to disclaimer.

Please make sure All Users is checked

Do not check

*List BCD

*Drivers MD5

*Shortcut txt

Press Scan button.

It will produce a log called FRST.txt in the same directory the tool is run from.

Please copy and paste log back here.

The first time the tool is run it generates another log (Addition.txt - also located in the same directory as FRST.exe/FRST64.exe). Please also paste that along with the FRST.txt into your reply.

The forum is staffed by volunteers who donate their time and expertise.
If you feel you have been helped, please consider a donation.

Find us on Facebook
Please LIKE and SHARE

Just a reminder that threads will be closed if no reply in 3 days.

#3 ken545

Forum God

Retired Classroom Teacher
23,225 posts

Interests:Fighting Malware and cooking some great Italian and TexMex food

Posted 30 August 2014 - 02:00 PM

Due to inactivity this topic will be closed.
If you need help please start a new thread.

New members follow the instructions here http://forums.whatth...ed_t106388.html and start a new topic

The forum is staffed by volunteers who donate their time and expertise.
If you feel you have been helped, please consider a donation.

Find us on Facebook
Please LIKE and SHARE

Just a reminder that threads will be closed if no reply in 3 days.

#4 graham_UK

New Member

New Member
3 posts

Posted 31 August 2014 - 09:55 AM

As per instructions from Ken545. Thank you in advance to who looks at this.

Run date: 2014-08-31 15:55:36

-----------------------------

15:55:36.334 OS Version: Windows x64 6.1.7601 Service Pack 1

15:55:36.334 Number of processors: 4 586 0x2A07

15:55:36.334 ComputerName: UBER2 UserName: Work

15:55:36.580 Initialize success

15:55:36.790 VM: initialized successfully

15:55:36.798 VM: Intel CPU supported

15:55:39.715 VM: supported disk I/O iaStor.sys

15:56:53.401 AVAST engine defs: 14083100

15:57:37.419 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1

15:57:37.420 Disk 0 Vendor: Samsung_ DXM0 Size: 244198MB BusType: 3

15:57:37.421 Disk 1 \Device\Harddisk1\DR1 -> \Device\Ide\IAAStorageDevice-2

15:57:37.422 Disk 1 Vendor: M4-CT064 000F Size: 61057MB BusType: 3

15:57:37.424 Disk 2 \Device\Harddisk2\DR2 -> \Device\Ide\IAAStorageDevice-3

15:57:37.425 Disk 2 Vendor: ST316081 3.AA Size: 152627MB BusType: 3

15:57:37.433 VM: Disk 0 MBR read successfully

15:57:37.435 Disk 0 MBR scan

15:57:37.437 Disk 0 Windows 7 default MBR code

15:57:37.439 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 219824 MB offset 2048

15:57:37.441 Disk 0 default boot code

15:57:37.452 Disk 0 scanning C:\Windows\system32\drivers

15:57:39.474 Service scanning

15:57:44.049 Modules scanning

15:57:44.051 Disk 0 trace - called modules:

15:57:44.053 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys iaStor.sys hal.dll

15:57:44.055 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa80099b9060]

15:57:44.057 3 CLASSPNP.SYS[fffff88001c0143f] -> nt!IofCallDriver -> [0xfffffa800677fe40]

15:57:44.059 5 ACPI.sys[fffff880017837a1] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa80070f8050]

15:57:44.185 AVAST engine scan C:\Windows

15:57:44.859 AVAST engine scan C:\Windows\system32

15:58:59.515 AVAST engine scan C:\Windows\system32\drivers

15:59:01.676 AVAST engine scan C:\Users\Work

16:02:10.678 AVAST engine scan C:\ProgramData

16:03:01.108 Scan finished successfully

16:36:15.985 Disk 0 MBR has been saved successfully to "C:\Users\Work\Desktop\MBR.dat"

16:36:15.987 The log file has been saved successfully to "C:\Users\Work\Desktop\aswMBR.txt"

FARBAR

-----------

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 31-08-2014

Ran by Work (administrator) on UBER2 on 31-08-2014 16:38:46

Running from C:\Users\Work\Downloads

Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)

Internet Explorer Version 11

Boot Mode: Normal

The only official download link for FRST:

Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/

Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/

Download link from any site other than Bleeping Computer is unpermitted or outdated.

See tutorial for FRST: http://www.geekstogo...very-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe

(Logitech, Inc.) C:\Program Files\Logitech\SolarApp\L4301_Solar.exe

(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AAHM\1.00.18\aaHMSvc.exe

(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe

(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe

(Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe

(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe

(Micro-Star International) C:\Program Files (x86)\MSI\Live Update\MSI_LiveUpdate_Service.exe

() C:\Windows\SysWOW64\PnkBstrA.exe

(Mr. John aka japamd) C:\Program Files (x86)\RadeonPro\RadeonProSupport.exe

() C:\Program Files (x86)\CyberLink\Shared Files\RichVideo.exe

(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe

(Thrustmaster®) C:\Program Files\Thrustmaster\T500 RS Racing wheel\drivers\amd64\tmInstall.exe

(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE

(AMD) C:\Windows\System32\atieclxx.exe

(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe

() C:\Windows\SysWOW64\HsMgr.exe

() C:\Windows\system\HsMgr64.exe

(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\tv_w32.exe

(CMedia) C:\Program Files\ASUS Xonar D2X Audio\Customapp\AsusAudioCenter.exe

(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\tv_x64.exe

(Valve Corporation) C:\Games\Steam\Steam.exe

(Citrix Online, a division of Citrix Systems, Inc.) C:\Users\Work\AppData\Local\Citrix\GoToMeeting\1312\g2mstart.exe

(Citrix Online, a division of Citrix Systems, Inc.) C:\Users\Work\AppData\Local\Citrix\GoToMeeting\1312\g2mcomm.exe

(Citrix Online, a division of Citrix Systems, Inc.) C:\Users\Work\AppData\Local\Citrix\GoToMeeting\1312\g2mlauncher.exe

(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe

(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe

(Dropbox, Inc.) C:\Users\Work\AppData\Roaming\Dropbox\bin\Dropbox.exe

(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe

(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe

(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Valve Corporation) C:\Games\Steam\bin\steamwebhelper.exe

(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe

(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

(Microsoft Corporation) C:\Windows\System32\prevhost.exe

==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Cmaudio8788] => C:\Windows\syswow64\RunDll32.exe C:\Windows\Syswow64\cmicnfgp.dll,CMICtrlWnd

HKLM\...\Run: [Cmaudio8788GX] => C:\Windows\syswow64\HsMgr.exe [200704 2008-07-11] ()

HKLM\...\Run: [Cmaudio8788GX64] => C:\Windows\system\HsMgr64.exe [282112 2008-07-11] ()

HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch

HKLM-x32\...\Run: [AVP] => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe [206448 2013-05-24] (Kaspersky Lab ZAO)

HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [284440 2011-08-23] (Intel Corporation)

HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767200 2014-04-17] (Advanced Micro Devices, Inc.)

Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)

Winlogon\Notify\klogon: C:\Windows\System32\klogon.dll (Kaspersky Lab ZAO)

HKU\.DEFAULT\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [301568 2013-05-24] (Microsoft Corporation)

HKU\S-1-5-21-3416957298-1943888354-2837341212-1003\...\Run: [Steam] => C:\Games\Steam\Steam.exe [1939136 2014-08-28] (Valve Corporation)

HKU\S-1-5-21-3416957298-1943888354-2837341212-1003\...\Run: [GoToMeeting] => C:\Users\Work\AppData\Local\Citrix\GoToMeeting\1312\g2mstart.exe [40304 2014-03-14] (Citrix Online, a division of Citrix Systems, Inc.)

HKU\S-1-5-21-3416957298-1943888354-2837341212-1003\...\Run: [f.lux] => C:\Users\Graham\AppData\Local\FluxSoftware\Flux\flux.exe [1016712 2013-10-16] (Flux Software LLC)

HKU\S-1-5-21-3416957298-1943888354-2837341212-1003\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [21650016 2014-07-24] (Skype Technologies S.A.)

HKU\S-1-5-21-3416957298-1943888354-2837341212-1003\...\Run: [LightScribe Control Panel] => C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe [2736128 2010-11-22] (Hewlett-Packard Company)

Startup: C:\Users\Graham\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk

ShortcutTarget: Dropbox.lnk -> C:\Users\Work\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)

Startup: C:\Users\Work\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk

ShortcutTarget: Dropbox.lnk -> C:\Users\Work\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)

BootExecute: autocheck autochk * PCloudBroom64.exe \systemroot\system32\BroomData.bitPCloudBroom64.exe \systemroot\system32\BroomData.bitPCloudBroom64.exe \systemroot\system32\BroomData.bit

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://e2007.email....star.co.uk/owa/

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://uk.msn.com/?ocid=iehp

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x007CCE611F7ACE01

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-GB

HKCU\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://support.esell...cket/View/54515

http://esellerpro.no-ip.org:81/db/

SearchScopes: HKLM-x32 - DefaultScope value is missing.

BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)

BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)

DPF: HKLM {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} http://appldnld.appl...ex/qtplugin.cab

DPF: HKLM {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ash/swflash.cab

DPF: HKLM-x32 {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset...lineScanner.cab

Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)

Tcpip\Parameters: [DhcpNameServer] 194.168.4.100 194.168.8.100

Tcpip\..\Interfaces\{3C1468AF-09A9-4887-88AA-2782D1C56A67}: [NameServer] 208.67.222.222,208.67.220.220

FireFox:

========

FF ProfilePath: C:\Users\Work\AppData\Roaming\Mozilla\Firefox\Profiles\qwyzerd8.default

FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_145.dll ()

FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)

FF Plugin: @microsoft.com/GENUINE -> disabled No File

FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)

FF Plugin: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)

FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll ()

FF Plugin-x32: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)

FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)

FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)

FF Plugin-x32: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)

FF Plugin-x32: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)

FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File

FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)

FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)

FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)

FF Plugin-x32: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)

FF Plugin-x32: @videolan.org/vlc,version=2.1.1 -> e:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)

FF Plugin HKCU: @citrixonline.com/appdetectorplugin -> C:\Users\Work\AppData\Local\Citrix\Plugins\104\npappdetector.dll (Citrix Online)

FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)

FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazon-en-GB.xml

FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\chambers-en-GB.xml

FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-en-GB.xml

FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-en-GB.xml

FF Extension: YouTube Video and Audio Downloader - C:\Users\Work\AppData\Roaming\Mozilla\Firefox\Profiles\qwyzerd8.default\Extensions\feca4b87-3be4-43da-a1b1-137c24220968@jetpack.xpi [2013-11-25]

FF Extension: Simple Timer - C:\Users\Work\AppData\Roaming\Mozilla\Firefox\Profiles\qwyzerd8.default\Extensions\simpletimer@grbradt.org.xpi [2014-03-14]

FF HKLM-x32\...\Firefox\Extensions: [linkfilter@kaspersky.ru] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\FFExt\linkfilter@kaspersky.ru

FF Extension: Kaspersky URL Advisor - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\FFExt\linkfilter@kaspersky.ru [2013-05-24]

FF HKLM-x32\...\Firefox\Extensions: [virtualKeyboard@kaspersky.ru] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\FFExt\virtualKeyboard@kaspersky.ru

FF Extension: Kaspersky Virtual Keyboard - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\FFExt\virtualKeyboard@kaspersky.ru [2013-05-24]

FF HKLM-x32\...\Firefox\Extensions: [KavAntiBanner@Kaspersky.ru] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\FFExt\KavAntiBanner@Kaspersky.ru

FF Extension: Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\FFExt\KavAntiBanner@Kaspersky.ru [2013-05-24]

Chrome:

=======

CHR Profile: C:\Users\Work\AppData\Local\Google\Chrome\User Data\Default

CHR Extension: (Google Docs) - C:\Users\Work\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-05-23]

CHR Extension: (Google Drive) - C:\Users\Work\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-05-23]

CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Work\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-05-23]

CHR Extension: (YouTube) - C:\Users\Work\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-05-23]

CHR Extension: (Google Search) - C:\Users\Work\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-05-23]

CHR Extension: (Kaspersky URL Advisor) - C:\Users\Work\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj [2014-05-23]

CHR Extension: (Virtual Keyboard) - C:\Users\Work\AppData\Local\Google\Chrome\User Data\Default\Extensions\jagncdcchgajhfhijbbhecadmaiegcmh [2014-05-23]

CHR Extension: (Google Wallet) - C:\Users\Work\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-05-23]

CHR Extension: (Gmail) - C:\Users\Work\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-05-23]

CHR Extension: (Anti-Banner) - C:\Users\Work\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjldcfjmnllhmgjclecdnfampinooman [2014-05-23]

CHR HKLM-x32\...\Chrome\Extension: [dchlnpcodkpfdpacogkljefecpegganj] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\ChromeExt\urladvisor.crx [2011-10-14]

CHR HKLM-x32\...\Chrome\Extension: [jagncdcchgajhfhijbbhecadmaiegcmh] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\ChromeExt\virtkbd.crx [2011-10-14]

CHR HKLM-x32\...\Chrome\Extension: [pjldcfjmnllhmgjclecdnfampinooman] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\ChromeExt\ab.crx [2011-10-14]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 asHmComSvc; C:\Program Files (x86)\ASUS\AAHM\1.00.18\aaHMSvc.exe [950912 2014-06-24] (ASUSTeK Computer Inc.)

R2 AVP; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe [206448 2013-05-24] (Kaspersky Lab ZAO)

S3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [282112 2012-10-26] (Brother Industries, Ltd.) [File not signed]

S2 CLKMSVC10_38F51D56; C:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\kmsvc.exe [241648 2010-11-12] (CyberLink)

S3 Futuremark SystemInfo Service; C:\Program Files (x86)\Futuremark\SystemInfo\FMSISvc.exe [528096 2014-06-08] (Futuremark)

R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [165144 2012-05-10] (Intel Corporation)

R2 L4301_Solar; C:\Program Files\Logitech\SolarApp\L4301_Solar.exe [405744 2013-01-30] (Logitech, Inc.)

R2 LightScribeService; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [73728 2010-11-22] (Hewlett-Packard Company) [File not signed]

R2 MSI_LiveUpdate_Service; C:\Program Files (x86)\MSI\Live Update\MSI_LiveUpdate_Service.exe [83952 2014-03-27] (Micro-Star International)

R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [75136 2013-08-28] ()

R2 RadeonPro Support Service; C:\Program Files (x86)\RadeonPro\RadeonProSupport.exe [20608 2013-04-13] (Mr. John aka japamd)

R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared Files\RichVideo.exe [167936 2005-08-08] () [File not signed]

R2 tmInstall; C:\Program Files\Thrustmaster\T500 RS Racing wheel\drivers\amd64\tmInstall.EXE [28160 2013-08-22] (Thrustmaster®)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [13440 2013-07-13] ()

R3 cmudaxp; C:\Windows\System32\drivers\cmudaxp.sys [2725376 2011-03-10] (C-Media Inc)

R1 CSN5PDTS82x64; C:\Windows\System32\Drivers\CSN5PDTS82x64.sys [34840 2012-10-24] (Colasoft Co., Ltd.)

S3 FanatecWheelFilterUsb; C:\Windows\System32\DRIVERS\FWFilterUsb.sys [63728 2012-11-23] (Windows ® Codename Longhorn DDK provider)

R0 KL1; C:\Windows\System32\DRIVERS\kl1.sys [460888 2011-03-04] (Kaspersky Lab ZAO)

R1 kl2; C:\Windows\System32\DRIVERS\kl2.sys [11864 2011-03-04] (Kaspersky Lab ZAO)

R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [637272 2013-05-24] (Kaspersky Lab)

R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [29488 2011-03-10] (Kaspersky Lab ZAO)

R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [22544 2009-11-02] (Kaspersky Lab)

S3 NTIOLib_1_0_4; C:\Program Files (x86)\MSI\Live Update\NTIOLib_X64.sys [14136 2010-10-22] (MSI)

S3 PSKMAD; C:\Windows\System32\DRIVERS\PSKMAD.sys [47632 2013-04-29] (Panda Security, S.L.)

S3 SaiHFF12; C:\Windows\System32\DRIVERS\SaiHFF12.sys [171144 2007-05-01] (Saitek)

S3 SaiIFF12; C:\Windows\System32\DRIVERS\SaiIFF12.sys [20608 2007-05-01] (Saitek)

S3 SAlphamHid; C:\Windows\System32\DRIVERS\SAlpham64.sys [38016 2013-06-25] (SteelSeries Corporation)

S3 Serial; C:\Windows\system32\DRIVERS\serial.sys [94208 2009-07-14] (Brother Industries Ltd.)

S3 tmhidusb; C:\Windows\System32\DRIVERS\tmhidusb.sys [149296 2013-08-27] (Thrustmaster)

S3 vhidmini; C:\Windows\System32\DRIVERS\vjoy.sys [15104 2012-10-15] (Headsoft)

S3 WinRing0_1_2_0; E:\Program Files\RealT\WinRing0x64.sys [14544 2013-07-14] (OpenLibSys.org)

S3 atillk64; \??\C:\Users\Graham\Desktop\ati389\winflash\atillk64.sys [X]

R3 cpuz136; \??\e:\MYDOCU~1\Temp\cpuz136\cpuz136_x64.sys [X]

S3 cpuz137; \??\e:\MYDOCU~1\Temp\cpuz137\cpuz137_x64.sys [X]

S1 CSN5PDTS82; System32\Drivers\CSN5PDTS82.sys [X]

S3 GPUZ; \??\e:\Temp\GPUZ.sys [X]

U3 aswMBR; \??\e:\Temp\aswMBR.sys [X]

U3 aswVmm; \??\e:\Temp\aswVmm.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)

==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-08-31 16:38 - 2014-08-31 16:38 - 00020255 _____ () C:\Users\Work\Downloads\FRST.txt

2014-08-31 16:36 - 2014-08-31 16:36 - 00002294 _____ () C:\Users\Work\Desktop\aswMBR.txt

2014-08-31 16:36 - 2014-08-31 16:36 - 00000512 _____ () C:\Users\Work\Desktop\MBR.dat

2014-08-31 15:55 - 2014-08-31 16:38 - 00000000 ____D () C:\FRST

2014-08-31 15:54 - 2014-08-31 15:54 - 02104320 _____ (Farbar) C:\Users\Work\Downloads\FRST64.exe

2014-08-31 15:53 - 2014-08-31 15:53 - 05185536 _____ (AVAST Software) C:\Users\Work\Downloads\aswMBR.exe

2014-08-31 10:12 - 2014-08-28 20:16 - 87256135 ____N () C:\Users\Graham\Desktop\20140828_201529.mp4

2014-08-30 17:05 - 2014-01-09 03:22 - 05694464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll

2014-08-30 17:05 - 2014-01-03 23:44 - 06574592 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll

2014-08-29 19:34 - 2014-08-31 15:49 - 00000504 _____ () C:\Windows\setupact.log

2014-08-29 19:34 - 2014-08-29 19:34 - 00000000 _____ () C:\Windows\setuperr.log

2014-08-29 19:34 - 2013-10-02 03:22 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\TsUsbFlt.sys

2014-08-29 19:34 - 2013-10-02 03:11 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyControl.exe

2014-08-29 19:34 - 2013-10-02 03:08 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyExtension.dll

2014-08-29 19:34 - 2013-10-02 02:48 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\MsRdpWebAccess.dll

2014-08-29 19:34 - 2013-10-02 02:48 - 00018944 _____ (Microsoft Corporation) C:\Windows\system32\wksprtPS.dll

2014-08-29 19:34 - 2013-10-02 02:29 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll

2014-08-29 19:34 - 2013-10-02 02:10 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbGDCoInstaller.dll

2014-08-29 19:34 - 2013-10-02 01:15 - 01057280 _____ (Microsoft Corporation) C:\Windows\system32\rdvidcrl.dll

2014-08-29 19:34 - 2013-10-02 01:14 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MsRdpWebAccess.dll

2014-08-29 19:34 - 2013-10-02 01:14 - 00017920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wksprtPS.dll

2014-08-29 19:34 - 2013-10-02 01:08 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe

2014-08-29 19:34 - 2013-10-02 01:01 - 00420864 _____ (Microsoft Corporation) C:\Windows\system32\wksprt.exe

2014-08-29 19:34 - 2013-10-02 00:58 - 00053248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll

2014-08-29 19:34 - 2013-10-02 00:31 - 01147392 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe

2014-08-29 19:34 - 2013-10-02 00:08 - 00855552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdvidcrl.dll

2014-08-29 19:34 - 2013-10-01 23:34 - 01068544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe

2014-08-29 19:34 - 2013-09-25 03:23 - 01030144 _____ (Microsoft Corporation) C:\Windows\system32\TSWorkspace.dll

2014-08-29 19:34 - 2013-09-25 02:57 - 00792576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSWorkspace.dll

2014-08-29 18:53 - 2014-08-23 03:07 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll

2014-08-29 18:53 - 2014-08-23 02:45 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll

2014-08-29 18:53 - 2014-08-23 01:59 - 03163648 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys

2014-08-27 11:37 - 2014-08-27 11:37 - 04181856 _____ (Kaspersky Lab ZAO) C:\Users\Work\Downloads\tdsskiller.exe

2014-08-27 10:57 - 2014-08-27 11:30 - 00000449 _____ () C:\Users\Work\Desktop\doidge.txt

2014-08-27 08:56 - 2014-08-27 08:56 - 00000468 _____ () C:\Users\Work\Desktop\71157.txt

2014-08-27 08:50 - 2013-04-08 16:30 - 00022752 _____ () C:\Windows\system32\PCloudBroom64.exe

2014-08-27 08:32 - 2014-08-27 08:32 - 00001286 _____ () C:\Users\Public\Desktop\Panda Cloud Cleaner.lnk

2014-08-27 08:32 - 2014-08-27 08:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Panda Security

2014-08-27 08:32 - 2014-08-27 08:32 - 00000000 ____D () C:\Program Files (x86)\Panda Security

2014-08-27 08:32 - 2013-04-29 09:17 - 00047632 _____ (Panda Security, S.L.) C:\Windows\system32\Drivers\PSKMAD.sys

2014-08-27 08:30 - 2014-08-27 08:31 - 30412088 _____ (Panda Security ) C:\Users\Work\Downloads\PandaCloudCleaner.exe

2014-08-27 08:24 - 2014-08-27 08:24 - 00000000 ____D () C:\ProgramData\F-Secure

2014-08-27 08:23 - 2014-08-27 08:23 - 05124208 _____ (F-Secure Corporation) C:\Users\Work\Downloads\F-SecureOnlineScanner-HC (1).exe

2014-08-27 08:22 - 2014-08-27 08:45 - 00002085 _____ () C:\Users\Work\Desktop\eSellerPro.lnk

2014-08-27 08:22 - 2014-08-27 08:22 - 05124208 _____ (F-Secure Corporation) C:\Users\Work\Downloads\F-SecureOnlineScanner-HC.exe

2014-08-27 08:22 - 2014-08-27 08:22 - 00000000 ____D () C:\Users\Work\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Sandbourne Systems

2014-08-15 21:33 - 2014-06-30 23:24 - 00008856 _____ (Microsoft Corporation) C:\Windows\system32\icardres.dll

2014-08-15 21:33 - 2014-06-30 23:14 - 00008856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardres.dll

2014-08-15 21:33 - 2014-06-06 07:16 - 00035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe

2014-08-15 21:33 - 2014-06-06 07:12 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe

2014-08-15 21:33 - 2014-03-09 22:48 - 01389208 _____ (Microsoft Corporation) C:\Windows\system32\icardagt.exe

2014-08-15 21:33 - 2014-03-09 22:48 - 00171160 _____ (Microsoft Corporation) C:\Windows\system32\infocardapi.dll

2014-08-15 21:33 - 2014-03-09 22:47 - 00619672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardagt.exe

2014-08-15 21:33 - 2014-03-09 22:47 - 00099480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\infocardapi.dll

2014-08-15 16:41 - 2014-08-01 00:41 - 00348856 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll

2014-08-15 16:41 - 2014-08-01 00:16 - 00307384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll

2014-08-15 16:41 - 2014-07-25 15:52 - 23645696 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll

2014-08-15 16:41 - 2014-07-25 15:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb

2014-08-15 16:41 - 2014-07-25 15:01 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll

2014-08-15 16:41 - 2014-07-25 14:51 - 17524224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll

2014-08-15 16:41 - 2014-07-25 14:30 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll

2014-08-15 16:41 - 2014-07-25 14:28 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll

2014-08-15 16:41 - 2014-07-25 14:28 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll

2014-08-15 16:41 - 2014-07-25 14:25 - 02774528 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll

2014-08-15 16:41 - 2014-07-25 14:25 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll

2014-08-15 16:41 - 2014-07-25 14:11 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll

2014-08-15 16:41 - 2014-07-25 14:10 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll

2014-08-15 16:41 - 2014-07-25 14:04 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb

2014-08-15 16:41 - 2014-07-25 14:03 - 00598016 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll

2014-08-15 16:41 - 2014-07-25 14:00 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe

2014-08-15 16:41 - 2014-07-25 14:00 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe

2014-08-15 16:41 - 2014-07-25 13:59 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll

2014-08-15 16:41 - 2014-07-25 13:47 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe

2014-08-15 16:41 - 2014-07-25 13:40 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll

2014-08-15 16:41 - 2014-07-25 13:34 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll

2014-08-15 16:41 - 2014-07-25 13:34 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll

2014-08-15 16:41 - 2014-07-25 13:33 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll

2014-08-15 16:41 - 2014-07-25 13:30 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll

2014-08-15 16:41 - 2014-07-25 13:28 - 05824512 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll

2014-08-15 16:41 - 2014-07-25 13:28 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll

2014-08-15 16:41 - 2014-07-25 13:21 - 02184704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll

2014-08-15 16:41 - 2014-07-25 13:19 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll

2014-08-15 16:41 - 2014-07-25 13:18 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll

2014-08-15 16:41 - 2014-07-25 13:17 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll

2014-08-15 16:41 - 2014-07-25 13:17 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll

2014-08-15 16:41 - 2014-07-25 13:12 - 00438784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll

2014-08-15 16:41 - 2014-07-25 13:10 - 00292864 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll

2014-08-15 16:41 - 2014-07-25 13:10 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe

2014-08-15 16:41 - 2014-07-25 13:08 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll

2014-08-15 16:41 - 2014-07-25 13:06 - 04204032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll

2014-08-15 16:41 - 2014-07-25 12:52 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll

2014-08-15 16:41 - 2014-07-25 12:47 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll

2014-08-15 16:41 - 2014-07-25 12:43 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll

2014-08-15 16:41 - 2014-07-25 12:42 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe

2014-08-15 16:41 - 2014-07-25 12:39 - 02087936 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl

2014-08-15 16:41 - 2014-07-25 12:39 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll

2014-08-15 16:41 - 2014-07-25 12:36 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll

2014-08-15 16:41 - 2014-07-25 12:34 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll

2014-08-15 16:41 - 2014-07-25 12:29 - 00239616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll

2014-08-15 16:41 - 2014-07-25 12:23 - 13547008 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll

2014-08-15 16:41 - 2014-07-25 12:13 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll

2014-08-15 16:41 - 2014-07-25 12:07 - 02001920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl

2014-08-15 16:41 - 2014-07-25 12:07 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll

2014-08-15 16:41 - 2014-07-25 12:03 - 11772928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll

2014-08-15 16:41 - 2014-07-25 11:52 - 02266624 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll

2014-08-15 16:41 - 2014-07-25 11:26 - 01431040 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll

2014-08-15 16:41 - 2014-07-25 11:17 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll

2014-08-15 16:41 - 2014-07-25 11:09 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll

2014-08-15 16:41 - 2014-07-25 11:05 - 01792512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll

2014-08-15 16:41 - 2014-07-25 11:00 - 01169920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll

2014-08-15 16:20 - 2014-07-16 04:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll

2014-08-15 16:20 - 2014-07-16 03:46 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll

2014-08-15 16:20 - 2014-07-09 03:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDYAK.DLL

2014-08-15 16:20 - 2014-07-09 03:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDTAT.DLL

2014-08-15 16:20 - 2014-07-09 03:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU1.DLL

2014-08-15 16:20 - 2014-07-09 03:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDBASH.DLL

2014-08-15 16:20 - 2014-07-09 03:03 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU.DLL

2014-08-15 16:20 - 2014-07-09 02:31 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDYAK.DLL

2014-08-15 16:20 - 2014-07-09 02:31 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDTAT.DLL

2014-08-15 16:20 - 2014-07-09 02:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU1.DLL

2014-08-15 16:20 - 2014-07-09 02:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU.DLL

2014-08-15 16:20 - 2014-07-09 02:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDBASH.DLL

2014-08-15 16:20 - 2014-07-08 23:38 - 00419992 _____ () C:\Windows\system32\locale.nls

2014-08-15 16:20 - 2014-07-08 23:30 - 00419992 _____ () C:\Windows\SysWOW64\locale.nls

2014-08-15 16:17 - 2014-06-25 03:05 - 14175744 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll

2014-08-15 16:17 - 2014-06-25 02:41 - 12874240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll

2014-08-15 16:17 - 2014-06-16 03:10 - 00985536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys

2014-08-15 16:17 - 2014-06-03 11:02 - 03241984 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll

2014-08-15 16:17 - 2014-06-03 11:02 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll

2014-08-15 16:17 - 2014-06-03 11:02 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll

2014-08-15 16:17 - 2014-06-03 11:02 - 00112064 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe

2014-08-15 16:17 - 2014-06-03 10:29 - 02363392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll

2014-08-15 16:17 - 2014-06-03 10:29 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll

2014-08-15 16:17 - 2014-06-03 10:29 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll

2014-08-15 16:14 - 2014-08-07 03:06 - 00529920 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll

2014-08-15 16:14 - 2014-08-07 03:01 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll

2014-08-15 16:14 - 2014-07-14 03:02 - 01216000 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll

2014-08-15 16:14 - 2014-07-14 02:40 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll

2014-08-14 17:12 - 2014-08-14 17:12 - 00000672 _____ () C:\Users\Graham\Desktop\EDTrackerUtilV2 - Shortcut.lnk

2014-08-10 19:36 - 2014-08-12 18:39 - 00000136 _____ () C:\Users\Graham\Desktop\trade.txt

2014-08-10 08:31 - 2014-08-10 08:31 - 00272808 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe

2014-08-10 08:31 - 2014-08-10 08:31 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe

2014-08-10 08:31 - 2014-08-10 08:31 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe

2014-08-10 08:31 - 2014-08-10 08:31 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll

2014-08-10 08:31 - 2014-08-10 08:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java

2014-08-10 08:31 - 2014-08-10 08:31 - 00000000 ____D () C:\Program Files (x86)\Java

2014-08-05 18:41 - 2014-08-05 18:43 - 00000111 _____ () C:\Users\Graham\Desktop\New Text Document (3).txt

2014-08-04 17:22 - 2014-08-03 21:47 - 00186374 _____ () C:\Users\Graham\Desktop\Elite Dangerous Cobra MkIII A4-Profile-1.vap

2014-08-01 17:36 - 2014-05-14 17:23 - 02477536 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll

2014-08-01 17:36 - 2014-05-14 17:23 - 00700384 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll

2014-08-01 17:36 - 2014-05-14 17:23 - 00581600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll

2014-08-01 17:36 - 2014-05-14 17:23 - 00058336 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe

2014-08-01 17:36 - 2014-05-14 17:23 - 00044512 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll

2014-08-01 17:36 - 2014-05-14 17:23 - 00038880 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll

2014-08-01 17:36 - 2014-05-14 17:23 - 00036320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll

2014-08-01 17:36 - 2014-05-14 17:21 - 02620928 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll

2014-08-01 17:36 - 2014-05-14 17:20 - 00097792 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll

2014-08-01 17:36 - 2014-05-14 17:17 - 00092672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll

2014-08-01 17:36 - 2014-05-14 09:23 - 00198600 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll

2014-08-01 17:36 - 2014-05-14 09:23 - 00179656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll

2014-08-01 17:36 - 2014-05-14 09:20 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe

2014-08-01 17:36 - 2014-05-14 09:17 - 00033792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-08-31 16:39 - 2014-05-23 08:28 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job

2014-08-31 16:38 - 2014-08-31 16:38 - 00020255 _____ () C:\Users\Work\Downloads\FRST.txt

2014-08-31 16:38 - 2014-08-31 15:55 - 00000000 ____D () C:\FRST

2014-08-31 16:36 - 2014-08-31 16:36 - 00002294 _____ () C:\Users\Work\Desktop\aswMBR.txt

2014-08-31 16:36 - 2014-08-31 16:36 - 00000512 _____ () C:\Users\Work\Desktop\MBR.dat

2014-08-31 16:34 - 2013-08-19 15:41 - 00000000 ____D () C:\Users\Work\AppData\Roaming\Skype

2014-08-31 16:33 - 2014-03-14 10:48 - 00000556 _____ () C:\Windows\Tasks\G2MUpdateTask-S-1-5-21-3416957298-1943888354-2837341212-1003.job

2014-08-31 16:22 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache

2014-08-31 16:17 - 2013-05-24 20:47 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job

2014-08-31 16:05 - 2013-05-24 17:54 - 00000000 ____D () C:\ProgramData\Kaspersky Lab

2014-08-31 15:57 - 2009-07-14 05:45 - 00022768 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

2014-08-31 15:57 - 2009-07-14 05:45 - 00022768 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

2014-08-31 15:55 - 2009-07-14 06:13 - 00782642 _____ () C:\Windows\system32\PerfStringBackup.INI

2014-08-31 15:54 - 2014-08-31 15:54 - 02104320 _____ (Farbar) C:\Users\Work\Downloads\FRST64.exe

2014-08-31 15:53 - 2014-08-31 15:53 - 05185536 _____ (AVAST Software) C:\Users\Work\Downloads\aswMBR.exe

2014-08-31 15:53 - 2014-07-28 17:45 - 01959788 _____ () C:\Windows\WindowsUpdate.log

2014-08-31 15:52 - 2013-07-06 09:10 - 00000000 ____D () C:\Users\Work\AppData\Roaming\Dropbox

2014-08-31 15:51 - 2014-05-23 08:28 - 00000890 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job

2014-08-31 15:50 - 2014-06-11 19:44 - 00000000 ____D () C:\Program Files (x86)\RivaTuner Statistics Server

2014-08-31 15:50 - 2013-10-30 15:59 - 00003018 _____ () C:\Windows\System32\Tasks\MSIAfterburner

2014-08-31 15:50 - 2013-06-13 19:54 - 00000000 ____D () C:\Program Files (x86)\MSI Afterburner

2014-08-31 15:50 - 2013-05-24 21:09 - 00000000 ____D () C:\Users\Graham\AppData\Roaming\Dropbox

2014-08-31 15:49 - 2014-08-29 19:34 - 00000504 _____ () C:\Windows\setupact.log

2014-08-31 15:49 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT

2014-08-31 10:12 - 2013-11-29 19:00 - 00000000 ____D () C:\Users\Graham\AppData\Roaming\vlc

2014-08-29 20:10 - 2014-06-24 16:34 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys

2014-08-29 19:35 - 2009-07-14 05:45 - 00337352 _____ () C:\Windows\system32\FNTCACHE.DAT

2014-08-29 19:35 - 2009-07-14 04:20 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories

2014-08-29 19:34 - 2014-08-29 19:34 - 00000000 _____ () C:\Windows\setuperr.log

2014-08-28 20:16 - 2014-08-31 10:12 - 87256135 ____N () C:\Users\Graham\Desktop\20140828_201529.mp4

2014-08-27 16:02 - 2013-07-06 09:15 - 00000000 ____D () C:\Users\Work\AppData\Roaming\KeePass

2014-08-27 15:08 - 2013-12-25 12:13 - 00000000 ____D () C:\Program Files (x86)\FanaLEDs

2014-08-27 11:37 - 2014-08-27 11:37 - 04181856 _____ (Kaspersky Lab ZAO) C:\Users\Work\Downloads\tdsskiller.exe

2014-08-27 11:30 - 2014-08-27 10:57 - 00000449 _____ () C:\Users\Work\Desktop\doidge.txt

2014-08-27 08:56 - 2014-08-27 08:56 - 00000468 _____ () C:\Users\Work\Desktop\71157.txt

2014-08-27 08:50 - 2013-05-23 21:12 - 00000000 ____D () C:\Windows\System32\Tasks\ASUS

2014-08-27 08:45 - 2014-08-27 08:22 - 00002085 _____ () C:\Users\Work\Desktop\eSellerPro.lnk

2014-08-27 08:32 - 2014-08-27 08:32 - 00001286 _____ () C:\Users\Public\Desktop\Panda Cloud Cleaner.lnk

2014-08-27 08:32 - 2014-08-27 08:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Panda Security

2014-08-27 08:32 - 2014-08-27 08:32 - 00000000 ____D () C:\Program Files (x86)\Panda Security

2014-08-27 08:31 - 2014-08-27 08:30 - 30412088 _____ (Panda Security ) C:\Users\Work\Downloads\PandaCloudCleaner.exe

2014-08-27 08:24 - 2014-08-27 08:24 - 00000000 ____D () C:\ProgramData\F-Secure

2014-08-27 08:23 - 2014-08-27 08:23 - 05124208 _____ (F-Secure Corporation) C:\Users\Work\Downloads\F-SecureOnlineScanner-HC (1).exe

2014-08-27 08:22 - 2014-08-27 08:22 - 05124208 _____ (F-Secure Corporation) C:\Users\Work\Downloads\F-SecureOnlineScanner-HC.exe

2014-08-27 08:22 - 2014-08-27 08:22 - 00000000 ____D () C:\Users\Work\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Sandbourne Systems

2014-08-27 08:10 - 2013-07-06 09:10 - 00000000 ____D () C:\Users\Work\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox

2014-08-27 08:10 - 2013-05-28 12:31 - 00000000 ____D () C:\ProgramData\Skype

2014-08-23 03:07 - 2014-08-29 18:53 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll

2014-08-23 02:45 - 2014-08-29 18:53 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll

2014-08-23 01:59 - 2014-08-29 18:53 - 03163648 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys

2014-08-22 18:45 - 2013-05-24 21:05 - 00000000 ____D () C:\Users\Graham\AppData\Roaming\KeePass

2014-08-16 06:47 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\PolicyDefinitions

2014-08-15 21:36 - 2013-08-18 16:28 - 00000000 ____D () C:\Windows\system32\MRT

2014-08-15 21:34 - 2013-05-24 18:13 - 99218768 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe

2014-08-15 21:33 - 2014-05-06 21:45 - 00000000 ___SD () C:\Windows\system32\CompatTel

2014-08-14 17:12 - 2014-08-14 17:12 - 00000672 _____ () C:\Users\Graham\Desktop\EDTrackerUtilV2 - Shortcut.lnk

2014-08-13 20:11 - 2013-05-28 14:12 - 00000000 ____D () C:\Users\Graham\AppData\Roaming\MusicBee

2014-08-12 18:39 - 2014-08-10 19:36 - 00000136 _____ () C:\Users\Graham\Desktop\trade.txt

2014-08-10 08:31 - 2014-08-10 08:31 - 00272808 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe

2014-08-10 08:31 - 2014-08-10 08:31 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe

2014-08-10 08:31 - 2014-08-10 08:31 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe

2014-08-10 08:31 - 2014-08-10 08:31 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll

2014-08-10 08:31 - 2014-08-10 08:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java

2014-08-10 08:31 - 2014-08-10 08:31 - 00000000 ____D () C:\Program Files (x86)\Java

2014-08-08 22:00 - 2014-06-18 20:04 - 00001102 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 9.lnk

2014-08-08 18:12 - 2014-04-02 20:57 - 00000000 ____D () C:\ProgramData\TEMP

2014-08-07 03:06 - 2014-08-15 16:14 - 00529920 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll

2014-08-07 03:01 - 2014-08-15 16:14 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll

2014-08-05 18:43 - 2014-08-05 18:41 - 00000111 _____ () C:\Users\Graham\Desktop\New Text Document (3).txt

2014-08-05 09:20 - 2013-05-24 18:04 - 00270496 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe

2014-08-03 21:47 - 2014-08-04 17:22 - 00186374 _____ () C:\Users\Graham\Desktop\Elite Dangerous Cobra MkIII A4-Profile-1.vap

2014-08-01 00:41 - 2014-08-15 16:41 - 00348856 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll

2014-08-01 00:16 - 2014-08-15 16:41 - 00307384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed

C:\Windows\System32\wininit.exe => File is digitally signed

C:\Windows\SysWOW64\wininit.exe => File is digitally signed

C:\Windows\explorer.exe => File is digitally signed

C:\Windows\SysWOW64\explorer.exe => File is digitally signed

C:\Windows\System32\svchost.exe => File is digitally signed

C:\Windows\SysWOW64\svchost.exe => File is digitally signed

C:\Windows\System32\services.exe => File is digitally signed

C:\Windows\System32\User32.dll => File is digitally signed

C:\Windows\SysWOW64\User32.dll => File is digitally signed

C:\Windows\System32\userinit.exe => File is digitally signed

C:\Windows\SysWOW64\userinit.exe => File is digitally signed

C:\Windows\System32\rpcss.dll => File is digitally signed

C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2014-08-31 16:15

==================== End Of Log ============================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 31-08-2014

Ran by Work at 2014-08-31 15:55:35

Running from C:\Users\Work\Downloads

Boot Mode: Normal

==========================================================

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Kaspersky Internet Security (Enabled - Up to date) {2EAA32A5-1EE1-1B22-95DA-337730C6E984}

AS: Kaspersky Internet Security (Enabled - Up to date) {95CBD341-38DB-14AC-AF6A-08054B41A339}

AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

FW: Kaspersky Internet Security (Enabled) {1691B380-548E-1A7A-BE85-9A42CE15AEFF}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

3DMark (HKLM-x32\...\{4198fd8f-98bd-4240-9b3a-ab2643e532f6}) (Version: 1.3.708.0 - Futuremark)

3DMark (Version: 1.3.708.0 - Futuremark) Hidden

7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)

ACE COMBAT™ ASSAULT HORIZON Enhanced Edition (HKLM-x32\...\Steam App 228400) (Version: - Namco)

Adobe Flash Player 14 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 14.0.0.145 - Adobe Systems Incorporated)

Adobe Flash Player 14 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 14.0.0.145 - Adobe Systems Incorporated)

AMD Accelerated Video Transcoding (Version: 13.30.100.40417 - Advanced Micro Devices, Inc.) Hidden

AMD Catalyst Control Center (x32 Version: 2014.0417.2226.38446 - Advanced Micro Devices, Inc.) Hidden

AMD Catalyst Install Manager (HKLM\...\{6119B3A6-3603-9695-0398-CDF2AF0A13F8}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)

AMD Drag and Drop Transcoding (Version: 2.00.0000 - Advanced Micro Devices, Inc.) Hidden

AMD Wireless Display v3.0 (Version: 1.0.0.15 - Advanced Micro Devices, Inc.) Hidden

Amiga Forever (HKLM-x32\...\{2B88501E-A0AB-48E0-855C-39F6DC92B653}) (Version: 2012.0.12 - Cloanto)

Arma 2 (HKLM-x32\...\Steam App 33900) (Version: - Bohemia Interactive)

ARMA 2: British Armed Forces - Data cache removal (HKLM-x32\...\A2BAF Data cache removal) (Version: - )

Arma 2: British Armed Forces (HKLM-x32\...\Steam App 65700) (Version: - Bohemia Interactive)

Arma 2: DayZ Mod (HKLM-x32\...\Steam App 224580) (Version: - Bohemia Interactive)

Arma 2: Operation Arrowhead (HKLM-x32\...\Steam App 33930) (Version: - Bohemia Interactive)

ARMA 2: Private Military Company - Data cache removal (HKLM-x32\...\A2PMC Data cache removal) (Version: - )

Arma 2: Private Military Company (HKLM-x32\...\Steam App 65720) (Version: - Bohemia Interactive)

Asmedia ASM104x USB 3.0 Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.16.12.0 - Asmedia Technology)

Assetto Corsa (HKLM-x32\...\Steam App 244210) (Version: - Kunos Simulazioni)

ASUS Xonar D2X Audio Driver (HKLM\...\C-Media Oxygen HD Audio Driver) (Version: - )

Avidemux 2.6 (32-bit) (HKLM-x32\...\Avidemux 2.6) (Version: 2.6.4.8696 - )

Brother MFL-Pro Suite DCP-J132W (HKLM-x32\...\{B742757A-7658-4E09-A51A-085CF0F7F4D3}) (Version: 1.0.0.0 - Brother Industries, Ltd.)

Bullzip PDF Printer 10.2.0.2141 (HKLM\...\Bullzip PDF Printer_is1) (Version: 10.2.0.2141 - Bullzip)

Catalyst Control Center - Branding (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden

Catalyst Control Center Graphics Previews Common (x32 Version: 2014.0417.2226.38446 - Advanced Micro Devices, Inc.) Hidden

Catalyst Control Center InstallProxy (x32 Version: 2014.0417.2226.38446 - Advanced Micro Devices, Inc.) Hidden

Catalyst Control Center Localization All (x32 Version: 2014.0417.2226.38446 - Advanced Micro Devices, Inc.) Hidden

CCC Help Chinese Standard (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden

CCC Help Chinese Traditional (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden

CCC Help Czech (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden

CCC Help Danish (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden

CCC Help Dutch (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden

CCC Help English (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden

CCC Help Finnish (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden

CCC Help French (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden

CCC Help German (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden

CCC Help Greek (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden

CCC Help Hungarian (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden

CCC Help Italian (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden

CCC Help Japanese (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden

CCC Help Korean (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden

CCC Help Norwegian (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden

CCC Help Polish (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden

CCC Help Portuguese (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden

CCC Help Russian (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden

CCC Help Spanish (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden

CCC Help Swedish (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden

CCC Help Thai (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden

CCC Help Turkish (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden

ccc-utility64 (Version: 2014.0417.2226.38446 - Advanced Micro Devices, Inc.) Hidden

CCleaner (HKLM\...\CCleaner) (Version: 4.09 - Piriform)

CCS64 V3.9 (HKLM-x32\...\{B7B5A370-3DFF-4F0E-AE11-FD267C4938AA}) (Version: 1.0.0 - Computerbrains C.C.S.)

Citrix Online Launcher (HKLM-x32\...\{AC7E7905-8C59-4806-A96D-30936A2B1FC5}) (Version: 1.0.168 - Citrix)

CL-Eye Driver (HKLM-x32\...\CL-Eye Driver) (Version: 5.3.0.0341 - Code Laboratories, Inc.)

Colasoft Capsa 7 Free (HKLM-x32\...\Colasoft Capsa 7 Free_is1) (Version: 7.7.2.4050 - Colasoft)

Corsair Link (HKLM-x32\...\{658EFB3F-8606-4576-8FEC-B0CED48F1E68}) (Version: 2.5.5145 - Corsair)

Corsair Link™ USB Dongle (Driver Removal) (HKLM-x32\...\CMIUSB&1B1C&1C00) (Version: - Corsair Memory, Inc.)

Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version: - Valve)

CPUID CPU-Z 1.69.2 (HKLM\...\CPUID CPU-Z_is1) (Version: - )

CyberLink Blu-ray Disc Suite (HKLM-x32\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 6.0.4703 - CyberLink Corp.)

CyberLink Blu-ray Disc Suite (x32 Version: 6.0.4703 - CyberLink Corp.) Hidden

CyberLink LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.3620 - CyberLink Corp.)

CyberLink LabelPrint (x32 Version: 2.5.3620 - CyberLink Corp.) Hidden

CyberLink PowerBackup (HKLM-x32\...\{ADD5DB49-72CF-11D8-9D75-000129760D75}) (Version: 2.5.6023 - CyberLink Corp.)

CyberLink PowerDVD 10 (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.2425.52 - CyberLink Corp.)

CyberLink PowerDVD 10 (x32 Version: 10.0.2425.52 - CyberLink Corp.) Hidden

CyberLink PowerProducer (HKLM-x32\...\InstallShield_{B7A0CE06-068E-11D6-97FD-0050BACBF861}) (Version: 5.0.2.2429 - CyberLink Corp.)

CyberLink PowerProducer (x32 Version: 5.0.2.2429 - CyberLink Corp.) Hidden

DayZ (HKLM-x32\...\Steam App 221100) (Version: - Bohemia Interactive)

DayZ Commander (HKLM-x32\...\{B3653588-3AC0-4A1D-950F-D96531E84374}) (Version: 0.92.91 - Dotjosh Studios)

DiRT 3 (HKLM-x32\...\Steam App 44320) (Version: - Codemasters Racing Studio)

Dropbox (HKCU\...\Dropbox) (Version: 2.10.28 - Dropbox, Inc.)

Elite Dangerous Launcher version 0.3.1310.0 (HKLM-x32\...\{696F8871-C91D-4CB1-825D-36BE18065575}_is1) (Version: 0.3.1310.0 - Frontier Developments)

ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version: - )

f.lux (HKCU\...\Flux) (Version: - )

FaceTrackingAPI_NC 3.2 (HKLM-x32\...\InstallShield_{2CA31F85-8C72-4BB1-9835-A7E2AD61CBF3}) (Version: 3.2.6 - Seeing Machines Ltd.)

FaceTrackingAPI_NC 3.2 (x32 Version: 3.2.6 - Seeing Machines Ltd.) Hidden

FaceTrackNoIR version 1.7.2 (HKLM-x32\...\FaceTrackNoIR_is1) (Version: 1.7.2 - FaceTrackNoIR Team)

FanaLEDs (HKLM-x32\...\FanaLEDs) (Version: 2.2e - Gerben bol & Dirk Teurlings)

Fanatec Wheel (HKLM\...\{1212516D-C434-4A14-9107-CE271E186019}) (Version: 8.14.4 - Endor AG)

Futuremark SystemInfo (HKLM-x32\...\{4115C9AA-35E0-45D8-9363-47635B8750C7}) (Version: 4.29.438.0 - Futuremark)

Google Chrome (HKLM-x32\...\Google Chrome) (Version: 36.0.1985.143 - Google Inc.)

Google Update Helper (x32 Version: 1.3.24.7 - Google Inc.) Hidden

GoToMeeting 6.3.0.1468 (HKCU\...\GoToMeeting) (Version: 6.3.0.1468 - CitrixOnline)

HandBrake 0.9.9.1 (HKLM-x32\...\HandBrake) (Version: 0.9.9.1 - )

Helium (HKLM-x32\...\{9A781940-AC41-4D5E-8E1E-76A04B916FB9}) (Version: 1.0.0 - ClockworkMod)

Intel® IPP Run-Time Installer 5.3 Update 4 for Windows* on IA-32 (HKLM-x32\...\{754854DC-2E0A-49D8-A1A1-426C1F9B1459}) (Version: 5.3.4.087 - Intel Corporation)

Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.0.12.1498 - Intel Corporation)

Intel® Network Connections 18.5.54.0 (HKLM\...\PROSetDX) (Version: 18.5.54.0 - Intel)

Intel® Network Connections 18.5.54.0 (Version: 18.5.54.0 - Intel) Hidden

Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.3062 - Intel Corporation)

Intel® Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.6.2.1001 - Intel Corporation)

Intel® SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)

Intel® Trusted Connect Service Client (Version: 1.24.388.1 - Intel Corporation) Hidden

iReport 3.7.6 (HKLM-x32\...\iReport-3.7.6.exe) (Version: 3.7.6 - Jaspersoft Corp.)

Java 7 Update 67 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217067FF}) (Version: 7.0.670 - Oracle)

Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden

Kaspersky Internet Security 2012 (HKLM-x32\...\InstallWIX_{45E557D6-2271-4F13-8101-C620B4285AB0}) (Version: 12.0.0.374 - Kaspersky Lab)

Kaspersky Internet Security 2012 (x32 Version: 12.0.0.374 - Kaspersky Lab) Hidden

KeePass Password Safe 2.26 (HKLM-x32\...\KeePassPasswordSafe2_is1) (Version: 2.26 - Dominik Reichl)

LibreOffice 4.2.3.3 (HKLM-x32\...\{4117DF3C-6677-4A22-90B7-FF06923417E9}) (Version: 4.2.3.3 - The Document Foundation)

LightScribe System Software (HKLM-x32\...\{FD7F0DB8-0E96-4D64-AD4D-9B5A936AF2A8}) (Version: 1.18.20.1 - LightScribe)

Logitech Gaming Software 5.10 (HKLM\...\{1444D2EE-C7AD-44A8-844F-2634B49353D1}) (Version: 5.10.127 - Logitech)

Logitech Solar App 1.10 (HKLM\...\SolarApp) (Version: 1.10.3 - Logitech)

Malwarebytes Anti-Malware version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)

Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)

Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden

Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{42AA4CA8-DCD8-4308-BCAB-0B6D75856A9D}) (Version: 3.5.95.0 - Microsoft Corporation)

Microsoft Games for Windows Marketplace (HKLM-x32\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)

Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)

Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)

Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)

Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)

Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)

Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)

Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)

Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)

Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden

Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (Version: 11.0.61030 - Microsoft Corporation) Hidden

Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden

Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (Version: 11.0.61030 - Microsoft Corporation) Hidden

Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (x32 Version: 11.0.61030 - Microsoft Corporation) Hidden

Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (x32 Version: 11.0.61030 - Microsoft Corporation) Hidden

Mozilla Firefox 31.0 (x86 en-GB) (HKLM-x32\...\Mozilla Firefox 31.0 (x86 en-GB)) (Version: 31.0 - Mozilla)

Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)

MSI Afterburner 3.0.1 (HKLM-x32\...\Afterburner) (Version: 3.0.1 - MSI Co., LTD)

MSI Live Update (HKLM-x32\...\{4F46CF54-47D2-41F4-B230-B0954C544420}}_is1) (Version: 6.0.005 - MSI)

MusicBee 2.0 (HKLM-x32\...\MusicBee) (Version: 2.0 - Steven Mayall)

MyFreeCodec (HKCU\...\MyFreeCodec) (Version: - )

NVIDIA PhysX (HKLM-x32\...\{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}) (Version: 9.12.1031 - NVIDIA Corporation)

OpenAL (HKLM-x32\...\OpenAL) (Version: - )

Origin (HKLM-x32\...\Origin) (Version: 9.3.1.4482 - Electronic Arts, Inc.)

paint.net (HKLM\...\{F509C1F4-0029-49F9-B145-A4C4E8DF481A}) (Version: 4.0.3 - dotPDN LLC)

Panda Cloud Cleaner (HKLM-x32\...\{92B2B132-C7F0-43DC-921A-4493C04F78A4}_is1) (Version: 1.0.103 - Panda Security)

PDF-XChange Lite 2012 (HKLM\...\{AD09CC9A-6901-4921-B66D-9402FF32EF27}_is1) (Version: 5.0.270.0 - Tracker Software Products Ltd)

Poker Night 2 (HKLM-x32\...\Steam App 234710) (Version: - Telltale Games)

Populous (HKLM-x32\...\{476CD9DE-C45F-4443-BFA7-E51C58B7E455}) (Version: 1.0.0.0 - Electronic Arts)

PowerDVD (HKLM-x32\...\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}) (Version: 7.0.2414.0 - CyberLink Corporation)

Pro Evolution Soccer 2014 (HKLM-x32\...\{5EFD3544-2371-4900-8ACA-F157BA80FB0C}) (Version: 1.06.0000 - KONAMI)

RadeonPro 1.0 (Build 1.1.1.0) (HKLM-x32\...\RadeonPro_is1) (Version: - )

Rapture3D 2.4.8 Game (HKLM-x32\...\{D2FCA41E-AC01-4DCD-B3A7-DC9E32363065}}_is1) (Version: - Blue Ripple Sound)

Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)

rFactor2 (HKLM-x32\...\rFactor2) (Version: - )

RivaTuner Statistics Server 6.1.2 (HKLM-x32\...\RTSS) (Version: 6.1.2 - Unwinder)

Saitek NT Controller Drivers (HKLM-x32\...\{350A0AB4-2BEB-416A-9748-F56116635F8A}) (Version: - )

SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.27.0 - SAMSUNG Electronics Co., Ltd.)

Sid Meier's Civilization V (HKLM-x32\...\Steam App 8930) (Version: - 2K Games, Inc.)

SimCity 4 Deluxe (HKLM-x32\...\{3F0D0ABE-CDAF-431A-00BC-CBBE018EA74E}) (Version: 1.0.0.0 - Electronic Arts)

Skype™ 6.18 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.18.106 - Skype Technologies S.A.)

Software Director (HKLM-x32\...\Cloanto Software Director) (Version: 3.8.8.0 - Cloanto Corporation)

Spectaculator 8.0 (HKLM-x32\...\{B21AE9DA-E837-4F82-B061-7848B4F3096B}) (Version: 8.0.0.3092 - spectaculator.com)

Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)

SteelSeries Engine (HKLM\...\SteelSeries Engine) (Version: 2.8.59.30483 - SteelSeries)

Super Street Fighter IV: Arcade Edition (HKLM-x32\...\Steam App 45760) (Version: - Capcom)

System Requirements Lab for Intel (64-bit) (HKLM\...\{419B57C2-BEB5-4201-91F5-CEF73F24C219}) (Version: 4.5.13.0 - Husdawg, LLC)

T500 RS racing wheel drivers (HKLM-x32\...\{28B758EA-5C83-48B1-B352-C70F12C73F5A}) (Version: 2.TTRS.2013 - Thrustmaster)

TeamSpeak 3 Client (HKLM-x32\...\TeamSpeak 3 Client) (Version: 3.0.13 - TeamSpeak Systems GmbH)

TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.31064 - TeamViewer)

The Elder Scrolls V: Skyrim (HKLM-x32\...\Steam App 72850) (Version: - Bethesda Game Studios)

The Swapper (HKLM-x32\...\Steam App 231160) (Version: - Olli Harjola, Otto Hantula, Tom Jubert, Carlo Castellano)

Tom Clancy's Splinter Cell Blacklist (HKLM-x32\...\Steam App 235600) (Version: - Ubisoft Toronto)

Ubisoft Game Launcher (HKLM-x32\...\{888F1505-C2B3-4FDE-835D-36353EBD4754}) (Version: 1.0.0.0 - UBISOFT)

Ultra Defragmenter (HKLM-x32\...\UltraDefrag) (Version: 6.0.2 - UltraDefrag Development Team)

VIRTU 1.2.108 (HKLM\...\VIRTU_is1) (Version: 1.2.108 - Lucidlogix Technologies LTD)

VJoy Virtual Joystick Driver 1.2 (HKLM-x32\...\VJoy Virtual Joystick Driver_is1) (Version: - Headsoft)

VLC media player 2.1.1 (HKLM-x32\...\VLC media player) (Version: 2.1.1 - VideoLAN)

VoiceAttack (HKLM-x32\...\{2B30309F-6B71-4DE1-A0E0-7059612C5A27}) (Version: 1.5.5 - VoiceAttack.com)

Windows Live ID Sign-in Assistant (HKLM\...\{9B48B0AC-C813-4174-9042-476A887592C7}) (Version: 6.500.3165.0 - Microsoft Corporation)

X-COM: Apocalypse (HKLM-x32\...\Steam App 7660) (Version: - MicroProse Software, Inc)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-3416957298-1943888354-2837341212-1003_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Work\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-3416957298-1943888354-2837341212-1003_Classes\CLSID\{84B5A313-CD5D-4904-8BA2-AFDC81C1B309}\InprocServer32 -> C:\Users\Work\AppData\Local\Citrix\GoToMeeting\1312\G2MOutlookAddin64.dll (Citrix Online, a division of Citrix Systems, Inc.)

CustomCLSID: HKU\S-1-5-21-3416957298-1943888354-2837341212-1003_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Work\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-3416957298-1943888354-2837341212-1003_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Work\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-3416957298-1943888354-2837341212-1003_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Work\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-3416957298-1943888354-2837341212-1003_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Work\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-3416957298-1943888354-2837341212-1003_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Work\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-3416957298-1943888354-2837341212-1003_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Work\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-3416957298-1943888354-2837341212-1003_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Work\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)

CustomCLSID: HKU\S-1-5-21-3416957298-1943888354-2837341212-1003_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Work\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)

==================== Restore Points =========================

27-08-2014 07:12:00 Windows Update

29-08-2014 18:34:30 Windows Update

30-08-2014 17:46:18 Windows Update

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {0B72D51F-C1D1-449F-AAFC-27517A9296B7} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup

Task: {4A7ADD17-754E-435B-9E77-37267DA5BE9E} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-07-09] (Adobe Systems Incorporated)

Task: {6AA68BCA-E06E-4770-A53C-F1388D53C658} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-05-23] (Google Inc.)

Task: {6B26A568-47B9-4802-A95F-3788159D5D73} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-12-17] (Piriform Ltd)

Task: {77BB793A-7743-4337-A20C-E20B72FC6ECE} - System32\Tasks\MSIAfterburner => C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe [2014-06-10] ()

Task: {A997DDAB-67E0-4AAE-B086-11160A9F2CA8} - System32\Tasks\Start Corsair Link => C:\Program Files (x86)\Corsair\Corsair Link\CorsairLINK.exe [2013-12-05] ()

Task: {BA4A234E-5086-4467-8A71-48596C2D16D6} - System32\Tasks\G2MUpdateTask-S-1-5-21-3416957298-1943888354-2837341212-1003 => C:\Users\Work\AppData\Local\Citrix\GoToMeeting\1468\g2mupdate.exe [2014-07-21] (Citrix Online, a division of Citrix Systems, Inc.)

Task: {E0962E8A-FB85-4477-9420-D39A9149D9FF} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-05-23] (Google Inc.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

Task: C:\Windows\Tasks\G2MUpdateTask-S-1-5-21-3416957298-1943888354-2837341212-1003.job => C:\Users\Work\AppData\Local\Citrix\GoToMeeting\1468\g2mupdate.exe

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2013-08-26 15:35 - 2013-08-28 21:27 - 00075136 _____ () C:\Windows\SysWOW64\PnkBstrA.exe

2013-08-18 18:16 - 2005-08-08 06:54 - 00167936 ____N () C:\Program Files (x86)\CyberLink\Shared Files\RichVideo.exe

2014-06-23 11:44 - 2005-04-22 05:36 - 00143360 _____ () C:\Windows\system32\BrSNMP64.dll

2013-05-24 19:07 - 2008-07-11 15:04 - 00200704 ____N () C:\Windows\SysWOW64\HsMgr.exe

2013-05-24 19:07 - 2008-07-11 15:03 - 00282112 ____N () C:\Windows\system\HsMgr64.exe

2014-05-24 15:45 - 2011-04-19 14:56 - 00143360 ____N () C:\Program Files\ASUS Xonar D2X Audio\Customapp\VmixP8.dll

2014-08-22 17:04 - 2014-08-21 19:15 - 01171456 _____ () C:\Games\Steam\libavcodec-56.dll

2014-08-22 17:04 - 2014-08-21 19:15 - 00442368 _____ () C:\Games\Steam\libavutil-54.dll

2014-08-22 17:04 - 2014-08-21 19:15 - 00332800 _____ () C:\Games\Steam\libavresample-2.dll

2013-04-23 18:30 - 2014-08-20 23:38 - 00774656 _____ () C:\Games\Steam\SDL2.dll

2014-05-04 18:00 - 2014-08-28 12:48 - 02224320 _____ () C:\Games\Steam\video.dll

2014-08-22 17:04 - 2014-08-21 19:15 - 00403968 _____ () C:\Games\Steam\libavformat-56.dll

2014-08-22 17:04 - 2014-08-21 19:15 - 00485888 _____ () C:\Games\Steam\libswscale-3.dll

2013-05-03 15:35 - 2014-08-28 12:48 - 00678080 _____ () C:\Games\Steam\bin\chromehtml.DLL

2010-11-22 14:00 - 2010-11-22 14:00 - 02121728 _____ () C:\Program Files (x86)\Common Files\LightScribe\QtCore4.dll

2010-11-22 14:00 - 2010-11-22 14:00 - 07745536 _____ () C:\Program Files (x86)\Common Files\LightScribe\QtGui4.dll

2010-11-22 14:00 - 2010-11-22 14:00 - 00135168 _____ () C:\Program Files (x86)\Common Files\LightScribe\plugins\imageformats\qjpeg4.dll

2014-08-31 15:52 - 2014-08-31 15:52 - 00043008 _____ () e:\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpvmxqgh.dll

2013-08-23 20:01 - 2013-08-23 20:01 - 25100288 _____ () C:\Users\Work\AppData\Roaming\Dropbox\bin\libcef.dll

2011-04-24 23:13 - 2011-04-24 23:13 - 02118032 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\QtCore4.dll

2011-04-24 23:13 - 2011-04-24 23:13 - 07008656 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\QtGui4.dll

2011-04-24 23:13 - 2011-04-24 23:13 - 02089360 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\QtDeclarative4.dll

2011-04-24 23:13 - 2011-04-24 23:13 - 01270160 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\QtScript4.dll

2011-04-24 23:13 - 2011-04-24 23:13 - 00192912 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\QtSql4.dll

2011-04-24 23:13 - 2011-04-24 23:13 - 00758160 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\QtNetwork4.dll

2011-04-20 19:56 - 2011-04-20 19:56 - 00025088 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\imageformats\qgif4.dll

2013-05-24 17:35 - 2011-08-23 21:37 - 00059904 _____ () C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IsdiInterop.dll

2013-05-24 17:32 - 2012-05-10 15:03 - 01198872 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\ACE.dll

2014-08-14 17:40 - 2014-08-07 04:20 - 00718152 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.143\libglesv2.dll

2014-08-14 17:40 - 2014-08-07 04:20 - 00126280 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.143\libegl.dll

2013-03-26 16:16 - 2014-08-20 23:38 - 34589376 _____ () C:\Games\Steam\bin\libcef.dll

2014-08-14 17:40 - 2014-08-07 04:20 - 08537928 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.143\pdf.dll

2014-08-14 17:40 - 2014-08-07 04:20 - 00353096 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.143\ppGoogleNaClPluginChrome.dll

2014-08-14 17:40 - 2014-08-07 04:20 - 01732936 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.143\ffmpegsumo.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\ProgramData\TEMP:CD30FA91

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\44846597.sys => ""="Driver"

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\44846597.sys => ""="Driver"

==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)

==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Software Director Scheduler.lnk => C:\Windows\pss\Software Director Scheduler.lnk.CommonStartup

MSCONFIG\startupreg: BDRegion => C:\Program Files (x86)\Cyberlink\Shared files\brs.exe

MSCONFIG\startupreg: BrHelp => C:\Program Files (x86)\Brother\Brother Help\BrotherHelp.exe /AUTORUN

MSCONFIG\startupreg: BrStsMon00 => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe /AUTORUN

MSCONFIG\startupreg: Cmaudio8788GX => C:\Windows\syswow64\HsMgr.exe Envoke

MSCONFIG\startupreg: Cmaudio8788GX64 => C:\Windows\system\HsMgr64.exe Envoke

MSCONFIG\startupreg: ControlCenter4 => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe /autorun

MSCONFIG\startupreg: EADM => "c:\Program Files (x86)\Origin\Origin.exe" -AutoStart

MSCONFIG\startupreg: KeePass 2 PreLoad => "C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe" --preload

MSCONFIG\startupreg: KiesPreload => C:\Program Files (x86)\Samsung\Kies\Kies.exe /preload

MSCONFIG\startupreg: KiesTrayAgent => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe

MSCONFIG\startupreg: LanguageShortcut => "e:\Program Files (x86)\CyberLink\PowerDVD\Language\Language.exe"

MSCONFIG\startupreg: LightScribe Control Panel => C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden

MSCONFIG\startupreg: Live Update => C:\Program Files (x86)\MSI\Live Update\StartLiveUpdate.exe /REMINDER

MSCONFIG\startupreg: Profiler => C:\Program Files (x86)\Saitek\Software\Profiler.exe

MSCONFIG\startupreg: RemoteControl => "e:\Program Files (x86)\CyberLink\PowerDVD\PDVDServ.exe"

MSCONFIG\startupreg: RemoteControl10 => "C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe"

MSCONFIG\startupreg: SaiSmart => C:\Program Files (x86)\Saitek\Software\SaiSmart.exe

MSCONFIG\startupreg: Start WingMan Profiler => C:\Program Files\Logitech\Gaming Software\LWEMon.exe /noui

MSCONFIG\startupreg: SteelSeries Engine => C:\Program Files\SteelSeries\SteelSeries Engine\SteelSeriesEngine.exe

MSCONFIG\startupreg: TomTomHOME.exe => "C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe"

MSCONFIG\startupreg: UpdatePPShortCut => "C:\Program Files (x86)\CyberLink\PowerProducer\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\PowerProducer" UpdateWithCreateOnce "Software\CyberLink\PowerProducer\5.0"

MSCONFIG\startupreg: UpdatePSTShortCut => "C:\Program Files (x86)\CyberLink\Blu-ray Disc Suite\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\Blu-ray Disc Suite" UpdateWithCreateOnce "Software\CyberLink\PowerStarter"

MSCONFIG\startupreg: VIRTU => C:\Program Files\Lucidlogix Technologies\VIRTU\VirtuControlPanel.Exe /hide

==================== Faulty Device Manager Devices =============

Name: VJoy Virtual Joystick

Description: VJoy Virtual Joystick

Class Guid: {745a17a0-74d3-11d0-b6fe-00a0c90f57da}

Manufacturer: Headsoft

Service: vhidmini

Problem: : This device is disabled. (Code 22)

Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

==================== Event log errors: =========================

Application errors:

==================

Error: (08/31/2014 03:50:44 PM) (Source: Application Error) (EventID: 1000) (User: )

Description: Faulting application name: ASUSAUDIOCENTER.EXE, version: 0.3.0.36, time stamp: 0x4d802c45

Faulting module name: ASUSAUDIOCENTER.EXE, version: 0.3.0.36, time stamp: 0x4d802c45

Exception code: 0xc0000005

Fault offset: 0x0002182f

Faulting process id: 0xb00

Faulting application start time: 0xASUSAUDIOCENTER.EXE0

Faulting application path: ASUSAUDIOCENTER.EXE1

Faulting module path: ASUSAUDIOCENTER.EXE2

Report Id: ASUSAUDIOCENTER.EXE3

Error: (08/30/2014 05:31:35 PM) (Source: Application Error) (EventID: 1000) (User: )

Description: Faulting application name: ASUSAUDIOCENTER.EXE, version: 0.3.0.36, time stamp: 0x4d802c45

Faulting module name: ASUSAUDIOCENTER.EXE, version: 0.3.0.36, time stamp: 0x4d802c45

Exception code: 0xc0000005

Fault offset: 0x0002182f

Faulting process id: 0xa54

Faulting application start time: 0xASUSAUDIOCENTER.EXE0

Faulting application path: ASUSAUDIOCENTER.EXE1

Faulting module path: ASUSAUDIOCENTER.EXE2

Report Id: ASUSAUDIOCENTER.EXE3

Error: (08/30/2014 05:21:40 PM) (Source: Application Error) (EventID: 1000) (User: )

Description: Faulting application name: ASUSAUDIOCENTER.EXE, version: 0.3.0.36, time stamp: 0x4d802c45

Faulting module name: ASUSAUDIOCENTER.EXE, version: 0.3.0.36, time stamp: 0x4d802c45

Exception code: 0xc0000005

Fault offset: 0x0002182f

Faulting process id: 0x9bc

Faulting application start time: 0xASUSAUDIOCENTER.EXE0

Faulting application path: ASUSAUDIOCENTER.EXE1

Faulting module path: ASUSAUDIOCENTER.EXE2

Report Id: ASUSAUDIOCENTER.EXE3

Error: (08/30/2014 05:15:35 PM) (Source: Application Error) (EventID: 1000) (User: )

Description: Faulting application name: ASUSAUDIOCENTER.EXE, version: 0.3.0.36, time stamp: 0x4d802c45

Faulting module name: ASUSAUDIOCENTER.EXE, version: 0.3.0.36, time stamp: 0x4d802c45

Exception code: 0xc0000005

Fault offset: 0x0002182f

Faulting process id: 0xa00

Faulting application start time: 0xASUSAUDIOCENTER.EXE0

Faulting application path: ASUSAUDIOCENTER.EXE1

Faulting module path: ASUSAUDIOCENTER.EXE2

Report Id: ASUSAUDIOCENTER.EXE3

Error: (08/30/2014 05:03:42 PM) (Source: Application Error) (EventID: 1000) (User: )

Description: Faulting application name: ASUSAUDIOCENTER.EXE, version: 0.3.0.36, time stamp: 0x4d802c45

Faulting module name: ASUSAUDIOCENTER.EXE, version: 0.3.0.36, time stamp: 0x4d802c45

Exception code: 0xc0000005

Fault offset: 0x0002182f

Faulting process id: 0xc38

Faulting application start time: 0xASUSAUDIOCENTER.EXE0

Faulting application path: ASUSAUDIOCENTER.EXE1

Faulting module path: ASUSAUDIOCENTER.EXE2

Report Id: ASUSAUDIOCENTER.EXE3

Error: (08/30/2014 00:19:53 PM) (Source: Application Error) (EventID: 1000) (User: )

Description: Faulting application name: CorsairLINK.exe, version: 2.5.5145.25519, time stamp: 0x52a0a804

Faulting module name: clr.dll, version: 4.0.30319.18444, time stamp: 0x52717e84

Exception code: 0xc0000409

Fault offset: 0x00243b81

Faulting process id: 0xa18

Faulting application start time: 0xCorsairLINK.exe0

Faulting application path: CorsairLINK.exe1

Faulting module path: CorsairLINK.exe2

Report Id: CorsairLINK.exe3

Error: (08/29/2014 09:13:18 PM) (Source: Application Error) (EventID: 1000) (User: )

Description: Faulting application name: ASUSAUDIOCENTER.EXE, version: 0.3.0.36, time stamp: 0x4d802c45

Faulting module name: ASUSAUDIOCENTER.EXE, version: 0.3.0.36, time stamp: 0x4d802c45

Exception code: 0xc0000005

Fault offset: 0x0002182f

Faulting process id: 0xc80

Faulting application start time: 0xASUSAUDIOCENTER.EXE0

Faulting application path: ASUSAUDIOCENTER.EXE1

Faulting module path: ASUSAUDIOCENTER.EXE2

Report Id: ASUSAUDIOCENTER.EXE3

Error: (08/27/2014 03:44:08 PM) (Source: Application Hang) (EventID: 1002) (User: )

Description: The program jp2launcher.exe version 10.67.2.1 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 2960

Start Time: 01cfc201c11d676b

Termination Time: 50

Application Path: C:\Program Files (x86)\Java\jre7\bin\jp2launcher.exe

Report Id:

Error: (08/25/2014 04:39:01 PM) (Source: Application Error) (EventID: 1000) (User: )

Description: Faulting application name: ASUSAUDIOCENTER.EXE, version: 0.3.0.36, time stamp: 0x4d802c45

Faulting module name: ASUSAUDIOCENTER.EXE, version: 0.3.0.36, time stamp: 0x4d802c45

Exception code: 0xc0000005

Fault offset: 0x0002182f

Faulting process id: 0xc34

Faulting application start time: 0xASUSAUDIOCENTER.EXE0

Faulting application path: ASUSAUDIOCENTER.EXE1

Faulting module path: ASUSAUDIOCENTER.EXE2

Report Id: ASUSAUDIOCENTER.EXE3

Error: (08/23/2014 09:25:14 PM) (Source: SideBySide) (EventID: 80) (User: )

Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.

A component version required by the application conflicts with another component version already active.

Conflicting components are:.

Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.

Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.

System errors:

=============

Error: (08/31/2014 03:49:58 PM) (Source: Service Control Manager) (EventID: 7026) (User: )

Description: The following boot-start or system-start driver(s) failed to load:

CSN5PDTS82

Error: (08/31/2014 10:07:06 AM) (Source: Service Control Manager) (EventID: 7026) (User: )

Description: The following boot-start or system-start driver(s) failed to load:

CSN5PDTS82

Error: (08/30/2014 05:30:19 PM) (Source: Service Control Manager) (EventID: 7026) (User: )

Description: The following boot-start or system-start driver(s) failed to load:

CSN5PDTS82

Error: (08/30/2014 05:30:17 PM) (Source: EventLog) (EventID: 6008) (User: )

Description: The previous system shutdown at 17:29:20 on ‎30/‎08/‎2014 was unexpected.

Error: (08/30/2014 05:21:26 PM) (Source: Service Control Manager) (EventID: 7026) (User: )

Description: The following boot-start or system-start driver(s) failed to load:

CSN5PDTS82

Error: (08/30/2014 05:21:24 PM) (Source: EventLog) (EventID: 6008) (User: )

Description: The previous system shutdown at 17:20:16 on ‎30/‎08/‎2014 was unexpected.

Error: (08/30/2014 05:15:21 PM) (Source: Service Control Manager) (EventID: 7026) (User: )

Description: The following boot-start or system-start driver(s) failed to load:

CSN5PDTS82

Error: (08/30/2014 05:15:19 PM) (Source: EventLog) (EventID: 6008) (User: )

Description: The previous system shutdown at 17:14:43 on ‎30/‎08/‎2014 was unexpected.

Error: (08/30/2014 05:00:49 PM) (Source: Service Control Manager) (EventID: 7026) (User: )

Description: The following boot-start or system-start driver(s) failed to load:

CSN5PDTS82

Error: (08/30/2014 08:51:43 AM) (Source: Service Control Manager) (EventID: 7026) (User: )

Description: The following boot-start or system-start driver(s) failed to load:

CSN5PDTS82

Microsoft Office Sessions:

=========================

Error: (08/31/2014 03:50:44 PM) (Source: Application Error) (EventID: 1000) (User: )

Description: ASUSAUDIOCENTER.EXE0.3.0.364d802c45ASUSAUDIOCENTER.EXE0.3.0.364d802c45c00000050002182fb0001cfc52ad5cfe74dC:\Program Files\ASUS Xonar D2X Audio\Customapp\ASUSAUDIOCENTER.EXEC:\Program Files\ASUS Xonar D2X Audio\Customapp\ASUSAUDIOCENTER.EXE2f02f223-311e-11e4-94d2-14dae91c476c

Error: (08/30/2014 05:31:35 PM) (Source: Application Error) (EventID: 1000) (User: )

Description: ASUSAUDIOCENTER.EXE0.3.0.364d802c45ASUSAUDIOCENTER.EXE0.3.0.364d802c45c00000050002182fa5401cfc46faffdd937C:\Program Files\ASUS Xonar D2X Audio\Customapp\ASUSAUDIOCENTER.EXEC:\Program Files\ASUS Xonar D2X Audio\Customapp\ASUSAUDIOCENTER.EXE1b202f6e-3063-11e4-af0c-14dae91c476c

Error: (08/30/2014 05:21:40 PM) (Source: Application Error) (EventID: 1000) (User: )

Description: ASUSAUDIOCENTER.EXE0.3.0.364d802c45ASUSAUDIOCENTER.EXE0.3.0.364d802c45c00000050002182f9bc01cfc46e72500128C:\Program Files\ASUS Xonar D2X Audio\Customapp\ASUSAUDIOCENTER.EXEC:\Program Files\ASUS Xonar D2X Audio\Customapp\ASUSAUDIOCENTER.EXEb8a90a81-3061-11e4-aeff-14dae91c476c

Error: (08/30/2014 05:15:35 PM) (Source: Application Error) (EventID: 1000) (User: )

Description: ASUSAUDIOCENTER.EXE0.3.0.364d802c45ASUSAUDIOCENTER.EXE0.3.0.364d802c45c00000050002182fa0001cfc46d98e588ddC:\Program Files\ASUS Xonar D2X Audio\Customapp\ASUSAUDIOCENTER.EXEC:\Program Files\ASUS Xonar D2X Audio\Customapp\ASUSAUDIOCENTER.EXEdf25471b-3060-11e4-afe3-14dae91c476c

Error: (08/30/2014 05:03:42 PM) (Source: Application Error) (EventID: 1000) (User: )

Description: ASUSAUDIOCENTER.EXE0.3.0.364d802c45ASUSAUDIOCENTER.EXE0.3.0.364d802c45c00000050002182fc3801cfc46b91127240C:\Program Files\ASUS Xonar D2X Audio\Customapp\ASUSAUDIOCENTER.EXEC:\Program Files\ASUS Xonar D2X Audio\Customapp\ASUSAUDIOCENTER.EXE36122d09-305f-11e4-9a8a-14dae91c476c

Error: (08/30/2014 00:19:53 PM) (Source: Application Error) (EventID: 1000) (User: )

Description: CorsairLINK.exe2.5.5145.2551952a0a804clr.dll4.0.30319.1844452717e84c000040900243b81a1801cfc4273d47a832C:\Program Files (x86)\Corsair\Corsair Link\CorsairLINK.exeC:\Windows\Microsoft.NET\Framework\v4.0.30319\clr.dll8ff0bde4-3037-11e4-98bb-14dae91c476c

Error: (08/29/2014 09:13:18 PM) (Source: Application Error) (EventID: 1000) (User: )

Description: ASUSAUDIOCENTER.EXE0.3.0.364d802c45ASUSAUDIOCENTER.EXE0.3.0.364d802c45c00000050002182fc8001cfc3c51867a3f9C:\Program Files\ASUS Xonar D2X Audio\Customapp\ASUSAUDIOCENTER.EXEC:\Program Files\ASUS Xonar D2X Audio\Customapp\ASUSAUDIOCENTER.EXEea42c16d-2fb8-11e4-b3a6-14dae91c476c

Error: (08/27/2014 03:44:08 PM) (Source: Application Hang) (EventID: 1002) (User: )

Description: jp2launcher.exe10.67.2.1296001cfc201c11d676b50C:\Program Files (x86)\Java\jre7\bin\jp2launcher.exe

Error: (08/25/2014 04:39:01 PM) (Source: Application Error) (EventID: 1000) (User: )

Description: ASUSAUDIOCENTER.EXE0.3.0.364d802c45ASUSAUDIOCENTER.EXE0.3.0.364d802c45c00000050002182fc3401cfc07199b524dbC:\Program Files\ASUS Xonar D2X Audio\Customapp\ASUSAUDIOCENTER.EXEC:\Program Files\ASUS Xonar D2X Audio\Customapp\ASUSAUDIOCENTER.EXEef7db63f-2c6d-11e4-b383-14dae91c476c

Error: (08/23/2014 09:25:14 PM) (Source: SideBySide) (EventID: 80) (User: )

Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestd:\Games\rFactor2\Support\Tools\MAS2.exe

==================== Memory info ===========================

Processor: Intel® Core™ i5-2500K CPU @ 3.30GHz

Percentage of memory in use: 32%

Total physical RAM: 8159.14 MB

Available physical RAM: 5492.19 MB

Total Pagefile: 16316.46 MB

Available Pagefile: 13262.9 MB

Total Virtual: 8192 MB

Available Virtual: 8191.82 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:214.67 GB) (Free:123.27 GB) NTFS ==>[Drive with boot components (obtained from BCD)]

Drive d: (SSD2) (Fixed) (Total:59.62 GB) (Free:3.11 GB) NTFS

Drive e: (Slow Access) (Fixed) (Total:60.82 GB) (Free:5.48 GB) NTFS

Drive f: (Documents) (Fixed) (Total:58.59 GB) (Free:28.82 GB) NTFS

Drive g: (PES2014_R1) (CDROM) (Total:5.08 GB) (Free:0 GB) UDF

==================== MBR & Partition Table ==================

========================================================

Disk: 0 (MBR Code: Windows 7 or 8) (Size: 238.5 GB) (Disk ID: 5018E64F)

Partition 1: (Active) - (Size=214.7 GB) - (Type=07 NTFS)

========================================================

Disk: 1 (Size: 59.6 GB) (Disk ID: 00068A25)

Partition 1: (Not Active) - (Size=59.6 GB) - (Type=07 NTFS)

========================================================

Disk: 2 (Size: 149.1 GB) (Disk ID: 0001847F)

Partition 1: (Active) - (Size=21.7 GB) - (Type=83)

Partition 2: (Not Active) - (Size=60.8 GB) - (Type=07 NTFS)

Partition 3: (Not Active) - (Size=58.6 GB) - (Type=07 NTFS)

Partition 4: (Not Active) - (Size=7.9 GB) - (Type=05)

==================== End Of Log ============================

#5 ken545

Forum God

Retired Classroom Teacher
23,225 posts

Interests:Fighting Malware and cooking some great Italian and TexMex food

Posted 31 August 2014 - 02:32 PM

I closed your original topic due to lack of response, I have since reopened it and merged it with this one, looking at your logs now, be right back

The forum is staffed by volunteers who donate their time and expertise.
If you feel you have been helped, please consider a donation.

Find us on Facebook
Please LIKE and SHARE

Just a reminder that threads will be closed if no reply in 3 days.

#6 ken545

Forum God

Retired Classroom Teacher
23,225 posts

Interests:Fighting Malware and cooking some great Italian and TexMex food

Posted 31 August 2014 - 02:47 PM

aswMBR checks for a rootkit and your log looks fine, out side of some application errors I am not looking at any sign of Malware

Download Malwarebytes' Anti-Malware to your desktop.

Windows XP : Double click on the icon to run it.

Windows Vista, Windows 7 & 8 : Right click and select "Run as Administrator"

On the Dashboard click on Update Now

Go to the Setting Tab

Under Setting go to Detection and Protection

Under PUP and PUM make sure both are set to show Treat Detections as Malware

Go to Advanced setting and make sure Automatically Quarantine Detected Items is checked

Then on the Dashboard click on Scan

Make sure to select THREAT SCAN

Then click on Scan

When the scan is finished and the log pops up...select Copy to Clipboard

Please paste the log back into this thread for review

Exit Malwarebytes

The forum is staffed by volunteers who donate their time and expertise.
If you feel you have been helped, please consider a donation.

Find us on Facebook
Please LIKE and SHARE

Just a reminder that threads will be closed if no reply in 3 days.

#7 graham_UK

New Member

New Member
3 posts

Posted 02 September 2014 - 12:30 PM

Hi, Please see attached

Attached Files

mbam-log-2014-08-29 (20-10-33).xml 2.43KB 394 downloads

#8 ken545

Forum God

Retired Classroom Teacher
23,225 posts

Interests:Fighting Malware and cooking some great Italian and TexMex food

Posted 02 September 2014 - 01:32 PM

I cant read your log, don't know why its a .xmi log, its should have opened up in Notepad as a text log

Open Up Malwarebytes and on the Dashboard go to History > Application logs > Scan Logs and click on the one you just ran to open it, when its open click on Copy To Clipboard ( as per my previous instructions for downloading and running Malwarebytes ) then paste it into this thread, do not attach it.

Did it find and remove any threats ?

The forum is staffed by volunteers who donate their time and expertise.
If you feel you have been helped, please consider a donation.

Find us on Facebook
Please LIKE and SHARE

Just a reminder that threads will be closed if no reply in 3 days.

#9 ken545

Forum God

Retired Classroom Teacher
23,225 posts

Interests:Fighting Malware and cooking some great Italian and TexMex food

Posted 06 September 2014 - 05:10 AM

Due to inactivity this topic will be closed.
If you need help please start a new thread.

New members follow the instructions here http://forums.whatth...ed_t106388.html and start a new topic

The forum is staffed by volunteers who donate their time and expertise.
If you feel you have been helped, please consider a donation.

Find us on Facebook
Please LIKE and SHARE

Just a reminder that threads will be closed if no reply in 3 days.

Body Background

skin color theme

ppjoysetup-0-8-4-6.exe installed virus? (logs) [Closed]

#1 graham_UK

Advertisements

Register to Remove

#2 ken545

#3 ken545

#4 graham_UK

#5 ken545

#6 ken545

#7 graham_UK

Attached Files

#8 ken545

#9 ken545

Related Topics

0 user(s) are reading this topic

About What the Tech

Follow Us

Body Background

skin color theme

ppjoysetup-0-8-4-6.exe installed virus? (logs) [Closed]

#1 graham_UK

Advertisements Register to Remove

#2 ken545

#3 ken545

#4 graham_UK

#5 ken545

#6 ken545

#7 graham_UK

Attached Files

#8 ken545

#9 ken545

Related Topics

0 user(s) are reading this topic

About What the Tech

Follow Us

Sign In

Advertisements

Register to Remove