Jump to content

Build Theme!
  •  
  • Infected?

WE'RE SURE THAT YOU'LL LOVE US!

Hey there! :wub: Looks like you're enjoying the discussion, but you're not signed up for an account. When you create an account, we remember exactly what you've read, so you always come right back where you left off. You also get notifications, here and via email, whenever new posts are made. You can like posts to share the love. :D Join 92790 other members! Anybody can ask, anybody can answer. Consistently helpful members may be invited to become staff. Here's how it works. Virus cleanup? Start here -> Malware Removal Forum.

Try What the Tech -- It's free!


Photo

ppjoysetup-0-8-4-6.exe installed virus? (logs) [Closed]

installer virus

  • This topic is locked This topic is locked
8 replies to this topic

#1 graham_UK

graham_UK

    New Member

  • New Member
  • Pip
  • 3 posts

Posted 27 August 2014 - 05:55 AM

Hi,

Later version of PPJoy introduced a virus in the installer.  The above version was installed on my system and missed by Kaspersky and Malware bytes and ESET online scanner.  Panda Cloud Cleaner detected installer as Malware, This le me to run the file through Virus Total with a hit detection ration of 18/48

 

https://www.virustot...fd2b0/analysis/

 

 
Information I read conflicts in information, ie it being a variant of Zeus stealing passwords, confidential information, to reading files on access, to just being a downloader of malware.
 
I am not familiar with viruses in installers.  Since i installed PPJoy,  Kaspersky, Malwarebytes and ESET online scanner have been used and no malware/viruses have been detected.  
 
Questions:
1) If i have run the scanners above and they are clean, then can i assume I am clean? 
2) PPJoy installs joystick drivers - could i be infected at the driver level
3) I use a password manager to copy and paste my passwords into the system - can this password file be copied off my PC and can my master password of been stolen which then gives access to my other passwords?
 
I use this pc for work so am keen to be sure.  Thank you in advance.
Graham

    Advertisements

Register to Remove


#2 ken545

ken545

    Forum God

  • Retired Classroom Teacher
  • 23,219 posts
  • Interests:Fighting Malware and cooking some great Italian and TexMex food
  • MVP

Posted 27 August 2014 - 06:39 PM

:welcome:

 

We can run a few scans and see whats going on and if there is still a problem

 

1QYkxTZ.jpg Please download aswMBR to your desktop.
 
  • Double click the aswMBR icon to run it.
  • Click the Scan button to start scan.
  • If you are asked to update the Avast Virus database please allow it to do so.
  • When it finishes, press the save log button, save the logfile to your desktop and post its contents in your next reply.
 
I just want to see the report....Please Do Not Fix Anything
 
============================================================================
 
 
 

Please download Farbar Recovery Scan Tool and save it to your desktop.
 
Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.
 
How to determine whether a computer is running a 32-bit version or 64-bit version of the Windows operating system
A simple way to check your system: Start --> Computer (right click) --> Properties
 
 
  •  
  • Right click to run as administrator (XP users click run after receipt of Windows Security Warning - Open File). When the tool opens click Yes to disclaimer.
  • Please make sure All Users is checked
  • Do not check 
*List BCD
*Drivers MD5
*Shortcut txt
  • Press Scan button.
  • It will produce a log called FRST.txt in the same directory the tool is run from.
  • Please copy and paste log back here.
  • The first time the tool is run it generates another log (Addition.txt - also located in the same directory as FRST.exe/FRST64.exe). Please also paste that along with the FRST.txt into your reply.
 
 


 
 
The forum is staffed by volunteers who donate their time and expertise.
If you feel you have been helped, please consider a donation.
donate.gif
 
Find us on Facebook
Please LIKE and SHARE
 
 
Just a reminder that threads will be closed if no reply in 3 days.

#3 ken545

ken545

    Forum God

  • Retired Classroom Teacher
  • 23,219 posts
  • Interests:Fighting Malware and cooking some great Italian and TexMex food
  • MVP

Posted 30 August 2014 - 02:00 PM

Due to inactivity this topic will be closed.
If you need help please start a new thread.

New members follow the instructions here http://forums.whatth...ed_t106388.html and start a new topic

 
 
The forum is staffed by volunteers who donate their time and expertise.
If you feel you have been helped, please consider a donation.
donate.gif
 
Find us on Facebook
Please LIKE and SHARE
 
 
Just a reminder that threads will be closed if no reply in 3 days.

#4 graham_UK

graham_UK

    New Member

  • New Member
  • Pip
  • 3 posts

Posted 31 August 2014 - 09:55 AM

As per instructions from Ken545.  Thank you in advance to who looks at this.

 

aswMBR version 1.0.1.2041 Copyright© 2014 AVAST Software
Run date: 2014-08-31 15:55:36
-----------------------------
15:55:36.334    OS Version: Windows x64 6.1.7601 Service Pack 1
15:55:36.334    Number of processors: 4 586 0x2A07
15:55:36.334    ComputerName: UBER2  UserName: Work
15:55:36.580    Initialize success
15:55:36.790    VM: initialized successfully
15:55:36.798    VM: Intel CPU supported 
15:55:39.715    VM: supported disk I/O iaStor.sys
15:56:53.401    AVAST engine defs: 14083100
15:57:37.419    Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
15:57:37.420    Disk 0 Vendor: Samsung_ DXM0 Size: 244198MB BusType: 3
15:57:37.421    Disk 1  \Device\Harddisk1\DR1 -> \Device\Ide\IAAStorageDevice-2
15:57:37.422    Disk 1 Vendor: M4-CT064 000F Size: 61057MB BusType: 3
15:57:37.424    Disk 2  \Device\Harddisk2\DR2 -> \Device\Ide\IAAStorageDevice-3
15:57:37.425    Disk 2 Vendor: ST316081 3.AA Size: 152627MB BusType: 3
15:57:37.433    VM: Disk 0 MBR read successfully
15:57:37.435    Disk 0 MBR scan
15:57:37.437    Disk 0 Windows 7 default MBR code
15:57:37.439    Disk 0 Partition 1 80 (A) 07    HPFS/NTFS NTFS       219824 MB offset 2048
15:57:37.441    Disk 0 default boot code
15:57:37.452    Disk 0 scanning C:\Windows\system32\drivers
15:57:39.474    Service scanning
15:57:44.049    Modules scanning
15:57:44.051    Disk 0 trace - called modules:
15:57:44.053    ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys iaStor.sys hal.dll 
15:57:44.055    1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa80099b9060]
15:57:44.057    3 CLASSPNP.SYS[fffff88001c0143f] -> nt!IofCallDriver -> [0xfffffa800677fe40]
15:57:44.059    5 ACPI.sys[fffff880017837a1] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0xfffffa80070f8050]
15:57:44.185    AVAST engine scan C:\Windows
15:57:44.859    AVAST engine scan C:\Windows\system32
15:58:59.515    AVAST engine scan C:\Windows\system32\drivers
15:59:01.676    AVAST engine scan C:\Users\Work
16:02:10.678    AVAST engine scan C:\ProgramData
16:03:01.108    Scan finished successfully
16:36:15.985    Disk 0 MBR has been saved successfully to "C:\Users\Work\Desktop\MBR.dat"
16:36:15.987    The log file has been saved successfully to "C:\Users\Work\Desktop\aswMBR.txt"
 
 
FARBAR
-----------
 
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 31-08-2014
Ran by Work (administrator) on UBER2 on 31-08-2014 16:38:46
Running from C:\Users\Work\Downloads
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Normal
 
The only official download link for FRST:
Download link from any site other than Bleeping Computer is unpermitted or outdated.
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(AMD) C:\Windows\System32\atiesrxx.exe
(Logitech, Inc.) C:\Program Files\Logitech\SolarApp\L4301_Solar.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\AAHM\1.00.18\aaHMSvc.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe
(Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
(Micro-Star International) C:\Program Files (x86)\MSI\Live Update\MSI_LiveUpdate_Service.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Mr. John aka japamd) C:\Program Files (x86)\RadeonPro\RadeonProSupport.exe
() C:\Program Files (x86)\CyberLink\Shared Files\RichVideo.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(Thrustmaster®) C:\Program Files\Thrustmaster\T500 RS Racing wheel\drivers\amd64\tmInstall.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(AMD) C:\Windows\System32\atieclxx.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
() C:\Windows\SysWOW64\HsMgr.exe
() C:\Windows\system\HsMgr64.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\tv_w32.exe
(CMedia) C:\Program Files\ASUS Xonar D2X Audio\Customapp\AsusAudioCenter.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\tv_x64.exe
(Valve Corporation) C:\Games\Steam\Steam.exe
(Citrix Online, a division of Citrix Systems, Inc.) C:\Users\Work\AppData\Local\Citrix\GoToMeeting\1312\g2mstart.exe
(Citrix Online, a division of Citrix Systems, Inc.) C:\Users\Work\AppData\Local\Citrix\GoToMeeting\1312\g2mcomm.exe
(Citrix Online, a division of Citrix Systems, Inc.) C:\Users\Work\AppData\Local\Citrix\GoToMeeting\1312\g2mlauncher.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe
(Dropbox, Inc.) C:\Users\Work\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Kaspersky Lab ZAO) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Valve Corporation) C:\Games\Steam\bin\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\prevhost.exe
 
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [Cmaudio8788] => C:\Windows\syswow64\RunDll32.exe C:\Windows\Syswow64\cmicnfgp.dll,CMICtrlWnd
HKLM\...\Run: [Cmaudio8788GX] => C:\Windows\syswow64\HsMgr.exe [200704 2008-07-11] ()
HKLM\...\Run: [Cmaudio8788GX64] => C:\Windows\system\HsMgr64.exe [282112 2008-07-11] ()
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM-x32\...\Run: [AVP] => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe [206448 2013-05-24] (Kaspersky Lab ZAO)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe [284440 2011-08-23] (Intel Corporation)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767200 2014-04-17] (Advanced Micro Devices, Inc.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\klogon: C:\Windows\System32\klogon.dll (Kaspersky Lab ZAO)
HKU\.DEFAULT\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [301568 2013-05-24] (Microsoft Corporation)
HKU\S-1-5-21-3416957298-1943888354-2837341212-1003\...\Run: [Steam] => C:\Games\Steam\Steam.exe [1939136 2014-08-28] (Valve Corporation)
HKU\S-1-5-21-3416957298-1943888354-2837341212-1003\...\Run: [GoToMeeting] => C:\Users\Work\AppData\Local\Citrix\GoToMeeting\1312\g2mstart.exe [40304 2014-03-14] (Citrix Online, a division of Citrix Systems, Inc.)
HKU\S-1-5-21-3416957298-1943888354-2837341212-1003\...\Run: [f.lux] => C:\Users\Graham\AppData\Local\FluxSoftware\Flux\flux.exe [1016712 2013-10-16] (Flux Software LLC)
HKU\S-1-5-21-3416957298-1943888354-2837341212-1003\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [21650016 2014-07-24] (Skype Technologies S.A.)
HKU\S-1-5-21-3416957298-1943888354-2837341212-1003\...\Run: [LightScribe Control Panel] => C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe [2736128 2010-11-22] (Hewlett-Packard Company)
Startup: C:\Users\Graham\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Work\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
Startup: C:\Users\Work\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Work\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
BootExecute: autocheck autochk * PCloudBroom64.exe \systemroot\system32\BroomData.bitPCloudBroom64.exe \systemroot\system32\BroomData.bitPCloudBroom64.exe \systemroot\system32\BroomData.bit
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://e2007.email....star.co.uk/owa/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://uk.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x007CCE611F7ACE01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-GB
HKCU\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://support.esell...cket/View/54515
SearchScopes: HKLM-x32 - DefaultScope value is missing.
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
DPF: HKLM {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} http://appldnld.appl...ex/qtplugin.cab
DPF: HKLM {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.m...ash/swflash.cab
DPF: HKLM-x32 {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset...lineScanner.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 194.168.4.100 194.168.8.100
Tcpip\..\Interfaces\{3C1468AF-09A9-4887-88AA-2782D1C56A67}: [NameServer] 208.67.222.222,208.67.220.220
 
FireFox:
========
FF ProfilePath: C:\Users\Work\AppData\Roaming\Mozilla\Firefox\Profiles\qwyzerd8.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_14_0_0_145.dll ()
FF Plugin: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll ()
FF Plugin-x32: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tracker-software.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.1 -> e:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin HKCU: @citrixonline.com/appdetectorplugin -> C:\Users\Work\AppData\Local\Citrix\Plugins\104\npappdetector.dll (Citrix Online)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npPDFXCviewNPPlugin.dll (Tracker Software Products (Canada) Ltd.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazon-en-GB.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\chambers-en-GB.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-en-GB.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-en-GB.xml
FF Extension: YouTube Video and Audio Downloader - C:\Users\Work\AppData\Roaming\Mozilla\Firefox\Profiles\qwyzerd8.default\Extensions\feca4b87-3be4-43da-a1b1-137c24220968@jetpack.xpi [2013-11-25]
FF Extension: Simple Timer - C:\Users\Work\AppData\Roaming\Mozilla\Firefox\Profiles\qwyzerd8.default\Extensions\simpletimer@grbradt.org.xpi [2014-03-14]
FF HKLM-x32\...\Firefox\Extensions: [linkfilter@kaspersky.ru] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\FFExt\linkfilter@kaspersky.ru
FF Extension: Kaspersky URL Advisor - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\FFExt\linkfilter@kaspersky.ru [2013-05-24]
FF HKLM-x32\...\Firefox\Extensions: [virtualKeyboard@kaspersky.ru] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\FFExt\virtualKeyboard@kaspersky.ru
FF Extension: Kaspersky Virtual Keyboard - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\FFExt\virtualKeyboard@kaspersky.ru [2013-05-24]
FF HKLM-x32\...\Firefox\Extensions: [KavAntiBanner@Kaspersky.ru] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\FFExt\KavAntiBanner@Kaspersky.ru
FF Extension: Anti-Banner - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\FFExt\KavAntiBanner@Kaspersky.ru [2013-05-24]
 
Chrome: 
=======
CHR Profile: C:\Users\Work\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Work\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-05-23]
CHR Extension: (Google Drive) - C:\Users\Work\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-05-23]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Work\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-05-23]
CHR Extension: (YouTube) - C:\Users\Work\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-05-23]
CHR Extension: (Google Search) - C:\Users\Work\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-05-23]
CHR Extension: (Kaspersky URL Advisor) - C:\Users\Work\AppData\Local\Google\Chrome\User Data\Default\Extensions\dchlnpcodkpfdpacogkljefecpegganj [2014-05-23]
CHR Extension: (Virtual Keyboard) - C:\Users\Work\AppData\Local\Google\Chrome\User Data\Default\Extensions\jagncdcchgajhfhijbbhecadmaiegcmh [2014-05-23]
CHR Extension: (Google Wallet) - C:\Users\Work\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-05-23]
CHR Extension: (Gmail) - C:\Users\Work\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-05-23]
CHR Extension: (Anti-Banner) - C:\Users\Work\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjldcfjmnllhmgjclecdnfampinooman [2014-05-23]
CHR HKLM-x32\...\Chrome\Extension: [dchlnpcodkpfdpacogkljefecpegganj] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\ChromeExt\urladvisor.crx [2011-10-14]
CHR HKLM-x32\...\Chrome\Extension: [jagncdcchgajhfhijbbhecadmaiegcmh] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\ChromeExt\virtkbd.crx [2011-10-14]
CHR HKLM-x32\...\Chrome\Extension: [pjldcfjmnllhmgjclecdnfampinooman] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\ChromeExt\ab.crx [2011-10-14]
 
==================== Services (Whitelisted) =================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 asHmComSvc; C:\Program Files (x86)\ASUS\AAHM\1.00.18\aaHMSvc.exe [950912 2014-06-24] (ASUSTeK Computer Inc.)
R2 AVP; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\avp.exe [206448 2013-05-24] (Kaspersky Lab ZAO)
S3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [282112 2012-10-26] (Brother Industries, Ltd.) [File not signed]
S2 CLKMSVC10_38F51D56; C:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\kmsvc.exe [241648 2010-11-12] (CyberLink)
S3 Futuremark SystemInfo Service; C:\Program Files (x86)\Futuremark\SystemInfo\FMSISvc.exe [528096 2014-06-08] (Futuremark)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [165144 2012-05-10] (Intel Corporation)
R2 L4301_Solar; C:\Program Files\Logitech\SolarApp\L4301_Solar.exe [405744 2013-01-30] (Logitech, Inc.)
R2 LightScribeService; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [73728 2010-11-22] (Hewlett-Packard Company) [File not signed]
R2 MSI_LiveUpdate_Service; C:\Program Files (x86)\MSI\Live Update\MSI_LiveUpdate_Service.exe [83952 2014-03-27] (Micro-Star International)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [75136 2013-08-28] ()
R2 RadeonPro Support Service; C:\Program Files (x86)\RadeonPro\RadeonProSupport.exe [20608 2013-04-13] (Mr. John aka japamd)
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared Files\RichVideo.exe [167936 2005-08-08] () [File not signed]
R2 tmInstall; C:\Program Files\Thrustmaster\T500 RS Racing wheel\drivers\amd64\tmInstall.EXE [28160 2013-08-22] (Thrustmaster®)
 
==================== Drivers (Whitelisted) ====================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [13440 2013-07-13] ()
R3 cmudaxp; C:\Windows\System32\drivers\cmudaxp.sys [2725376 2011-03-10] (C-Media Inc)
R1 CSN5PDTS82x64; C:\Windows\System32\Drivers\CSN5PDTS82x64.sys [34840 2012-10-24] (Colasoft Co., Ltd.)
S3 FanatecWheelFilterUsb; C:\Windows\System32\DRIVERS\FWFilterUsb.sys [63728 2012-11-23] (Windows ® Codename Longhorn DDK provider)
R0 KL1; C:\Windows\System32\DRIVERS\kl1.sys [460888 2011-03-04] (Kaspersky Lab ZAO)
R1 kl2; C:\Windows\System32\DRIVERS\kl2.sys [11864 2011-03-04] (Kaspersky Lab ZAO)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [637272 2013-05-24] (Kaspersky Lab)
R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [29488 2011-03-10] (Kaspersky Lab ZAO)
R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [22544 2009-11-02] (Kaspersky Lab)
S3 NTIOLib_1_0_4; C:\Program Files (x86)\MSI\Live Update\NTIOLib_X64.sys [14136 2010-10-22] (MSI)
S3 PSKMAD; C:\Windows\System32\DRIVERS\PSKMAD.sys [47632 2013-04-29] (Panda Security, S.L.)
S3 SaiHFF12; C:\Windows\System32\DRIVERS\SaiHFF12.sys [171144 2007-05-01] (Saitek)
S3 SaiIFF12; C:\Windows\System32\DRIVERS\SaiIFF12.sys [20608 2007-05-01] (Saitek)
S3 SAlphamHid; C:\Windows\System32\DRIVERS\SAlpham64.sys [38016 2013-06-25] (SteelSeries Corporation)
S3 Serial; C:\Windows\system32\DRIVERS\serial.sys [94208 2009-07-14] (Brother Industries Ltd.)
S3 tmbulk; C:\Windows\System32\Drivers\tmbulk.sys [88368 2013-06-12] (© Guillemot R&D, 2011. All rights reserved.)
S3 tmhidusb; C:\Windows\System32\DRIVERS\tmhidusb.sys [149296 2013-08-27] (Thrustmaster)
S3 vhidmini; C:\Windows\System32\DRIVERS\vjoy.sys [15104 2012-10-15] (Headsoft)
S3 WinRing0_1_2_0; E:\Program Files\RealT\WinRing0x64.sys [14544 2013-07-14] (OpenLibSys.org)
S3 atillk64; \??\C:\Users\Graham\Desktop\ati389\winflash\atillk64.sys [X]
R3 cpuz136; \??\e:\MYDOCU~1\Temp\cpuz136\cpuz136_x64.sys [X]
S3 cpuz137; \??\e:\MYDOCU~1\Temp\cpuz137\cpuz137_x64.sys [X]
S1 CSN5PDTS82; System32\Drivers\CSN5PDTS82.sys [X]
S3 GPUZ; \??\e:\Temp\GPUZ.sys [X]
U3 aswMBR; \??\e:\Temp\aswMBR.sys [X]
U3 aswVmm; \??\e:\Temp\aswVmm.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
 
 
==================== One Month Created Files and Folders ========
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2014-08-31 16:38 - 2014-08-31 16:38 - 00020255 _____ () C:\Users\Work\Downloads\FRST.txt
2014-08-31 16:36 - 2014-08-31 16:36 - 00002294 _____ () C:\Users\Work\Desktop\aswMBR.txt
2014-08-31 16:36 - 2014-08-31 16:36 - 00000512 _____ () C:\Users\Work\Desktop\MBR.dat
2014-08-31 15:55 - 2014-08-31 16:38 - 00000000 ____D () C:\FRST
2014-08-31 15:54 - 2014-08-31 15:54 - 02104320 _____ (Farbar) C:\Users\Work\Downloads\FRST64.exe
2014-08-31 15:53 - 2014-08-31 15:53 - 05185536 _____ (AVAST Software) C:\Users\Work\Downloads\aswMBR.exe
2014-08-31 10:12 - 2014-08-28 20:16 - 87256135 ____N () C:\Users\Graham\Desktop\20140828_201529.mp4
2014-08-30 17:05 - 2014-01-09 03:22 - 05694464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2014-08-30 17:05 - 2014-01-03 23:44 - 06574592 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2014-08-29 19:34 - 2014-08-31 15:49 - 00000504 _____ () C:\Windows\setupact.log
2014-08-29 19:34 - 2014-08-29 19:34 - 00000000 _____ () C:\Windows\setuperr.log
2014-08-29 19:34 - 2013-10-02 03:22 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\TsUsbFlt.sys
2014-08-29 19:34 - 2013-10-02 03:11 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyControl.exe
2014-08-29 19:34 - 2013-10-02 03:08 - 00012800 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
2014-08-29 19:34 - 2013-10-02 02:48 - 00056832 _____ (Microsoft Corporation) C:\Windows\system32\MsRdpWebAccess.dll
2014-08-29 19:34 - 2013-10-02 02:48 - 00018944 _____ (Microsoft Corporation) C:\Windows\system32\wksprtPS.dll
2014-08-29 19:34 - 2013-10-02 02:29 - 00062976 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2014-08-29 19:34 - 2013-10-02 02:10 - 00044544 _____ (Microsoft Corporation) C:\Windows\system32\TsUsbGDCoInstaller.dll
2014-08-29 19:34 - 2013-10-02 01:15 - 01057280 _____ (Microsoft Corporation) C:\Windows\system32\rdvidcrl.dll
2014-08-29 19:34 - 2013-10-02 01:14 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MsRdpWebAccess.dll
2014-08-29 19:34 - 2013-10-02 01:14 - 00017920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wksprtPS.dll
2014-08-29 19:34 - 2013-10-02 01:08 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2014-08-29 19:34 - 2013-10-02 01:01 - 00420864 _____ (Microsoft Corporation) C:\Windows\system32\wksprt.exe
2014-08-29 19:34 - 2013-10-02 00:58 - 00053248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2014-08-29 19:34 - 2013-10-02 00:31 - 01147392 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
2014-08-29 19:34 - 2013-10-02 00:08 - 00855552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdvidcrl.dll
2014-08-29 19:34 - 2013-10-01 23:34 - 01068544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe
2014-08-29 19:34 - 2013-09-25 03:23 - 01030144 _____ (Microsoft Corporation) C:\Windows\system32\TSWorkspace.dll
2014-08-29 19:34 - 2013-09-25 02:57 - 00792576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSWorkspace.dll
2014-08-29 18:53 - 2014-08-23 03:07 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-08-29 18:53 - 2014-08-23 02:45 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-08-29 18:53 - 2014-08-23 01:59 - 03163648 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-08-27 11:37 - 2014-08-27 11:37 - 04181856 _____ (Kaspersky Lab ZAO) C:\Users\Work\Downloads\tdsskiller.exe
2014-08-27 10:57 - 2014-08-27 11:30 - 00000449 _____ () C:\Users\Work\Desktop\doidge.txt
2014-08-27 08:56 - 2014-08-27 08:56 - 00000468 _____ () C:\Users\Work\Desktop\71157.txt
2014-08-27 08:50 - 2013-04-08 16:30 - 00022752 _____ () C:\Windows\system32\PCloudBroom64.exe
2014-08-27 08:32 - 2014-08-27 08:32 - 00001286 _____ () C:\Users\Public\Desktop\Panda Cloud Cleaner.lnk
2014-08-27 08:32 - 2014-08-27 08:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Panda Security
2014-08-27 08:32 - 2014-08-27 08:32 - 00000000 ____D () C:\Program Files (x86)\Panda Security
2014-08-27 08:32 - 2013-04-29 09:17 - 00047632 _____ (Panda Security, S.L.) C:\Windows\system32\Drivers\PSKMAD.sys
2014-08-27 08:30 - 2014-08-27 08:31 - 30412088 _____ (Panda Security ) C:\Users\Work\Downloads\PandaCloudCleaner.exe
2014-08-27 08:24 - 2014-08-27 08:24 - 00000000 ____D () C:\ProgramData\F-Secure
2014-08-27 08:23 - 2014-08-27 08:23 - 05124208 _____ (F-Secure Corporation) C:\Users\Work\Downloads\F-SecureOnlineScanner-HC (1).exe
2014-08-27 08:22 - 2014-08-27 08:45 - 00002085 _____ () C:\Users\Work\Desktop\eSellerPro.lnk
2014-08-27 08:22 - 2014-08-27 08:22 - 05124208 _____ (F-Secure Corporation) C:\Users\Work\Downloads\F-SecureOnlineScanner-HC.exe
2014-08-27 08:22 - 2014-08-27 08:22 - 00000000 ____D () C:\Users\Work\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Sandbourne Systems
2014-08-15 21:33 - 2014-06-30 23:24 - 00008856 _____ (Microsoft Corporation) C:\Windows\system32\icardres.dll
2014-08-15 21:33 - 2014-06-30 23:14 - 00008856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardres.dll
2014-08-15 21:33 - 2014-06-06 07:16 - 00035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe
2014-08-15 21:33 - 2014-06-06 07:12 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2014-08-15 21:33 - 2014-03-09 22:48 - 01389208 _____ (Microsoft Corporation) C:\Windows\system32\icardagt.exe
2014-08-15 21:33 - 2014-03-09 22:48 - 00171160 _____ (Microsoft Corporation) C:\Windows\system32\infocardapi.dll
2014-08-15 21:33 - 2014-03-09 22:47 - 00619672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardagt.exe
2014-08-15 21:33 - 2014-03-09 22:47 - 00099480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\infocardapi.dll
2014-08-15 16:41 - 2014-08-01 00:41 - 00348856 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-08-15 16:41 - 2014-08-01 00:16 - 00307384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-08-15 16:41 - 2014-07-25 15:52 - 23645696 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-08-15 16:41 - 2014-07-25 15:02 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-08-15 16:41 - 2014-07-25 15:01 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-08-15 16:41 - 2014-07-25 14:51 - 17524224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-08-15 16:41 - 2014-07-25 14:30 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-08-15 16:41 - 2014-07-25 14:28 - 00548352 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-08-15 16:41 - 2014-07-25 14:28 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-08-15 16:41 - 2014-07-25 14:25 - 02774528 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-08-15 16:41 - 2014-07-25 14:25 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-08-15 16:41 - 2014-07-25 14:11 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-08-15 16:41 - 2014-07-25 14:10 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-08-15 16:41 - 2014-07-25 14:04 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-08-15 16:41 - 2014-07-25 14:03 - 00598016 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-08-15 16:41 - 2014-07-25 14:00 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-08-15 16:41 - 2014-07-25 14:00 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-08-15 16:41 - 2014-07-25 13:59 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-08-15 16:41 - 2014-07-25 13:47 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-08-15 16:41 - 2014-07-25 13:40 - 00452096 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-08-15 16:41 - 2014-07-25 13:34 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-08-15 16:41 - 2014-07-25 13:34 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-08-15 16:41 - 2014-07-25 13:33 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-08-15 16:41 - 2014-07-25 13:30 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-08-15 16:41 - 2014-07-25 13:28 - 05824512 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-08-15 16:41 - 2014-07-25 13:28 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-08-15 16:41 - 2014-07-25 13:21 - 02184704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-08-15 16:41 - 2014-07-25 13:19 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-08-15 16:41 - 2014-07-25 13:18 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-08-15 16:41 - 2014-07-25 13:17 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-08-15 16:41 - 2014-07-25 13:17 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-08-15 16:41 - 2014-07-25 13:12 - 00438784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-08-15 16:41 - 2014-07-25 13:10 - 00292864 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-08-15 16:41 - 2014-07-25 13:10 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-08-15 16:41 - 2014-07-25 13:08 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-08-15 16:41 - 2014-07-25 13:06 - 04204032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-08-15 16:41 - 2014-07-25 12:52 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-08-15 16:41 - 2014-07-25 12:47 - 00631808 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-08-15 16:41 - 2014-07-25 12:43 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-08-15 16:41 - 2014-07-25 12:42 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-08-15 16:41 - 2014-07-25 12:39 - 02087936 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-08-15 16:41 - 2014-07-25 12:39 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-08-15 16:41 - 2014-07-25 12:36 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-08-15 16:41 - 2014-07-25 12:34 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-08-15 16:41 - 2014-07-25 12:29 - 00239616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-08-15 16:41 - 2014-07-25 12:23 - 13547008 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-08-15 16:41 - 2014-07-25 12:13 - 00526336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-08-15 16:41 - 2014-07-25 12:07 - 02001920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-08-15 16:41 - 2014-07-25 12:07 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-08-15 16:41 - 2014-07-25 12:03 - 11772928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-08-15 16:41 - 2014-07-25 11:52 - 02266624 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-08-15 16:41 - 2014-07-25 11:26 - 01431040 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-08-15 16:41 - 2014-07-25 11:17 - 00846336 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-08-15 16:41 - 2014-07-25 11:09 - 00704512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-08-15 16:41 - 2014-07-25 11:05 - 01792512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-08-15 16:41 - 2014-07-25 11:00 - 01169920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-08-15 16:20 - 2014-07-16 04:23 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-08-15 16:20 - 2014-07-16 03:46 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-08-15 16:20 - 2014-07-09 03:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDYAK.DLL
2014-08-15 16:20 - 2014-07-09 03:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDTAT.DLL
2014-08-15 16:20 - 2014-07-09 03:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU1.DLL
2014-08-15 16:20 - 2014-07-09 03:03 - 00007168 _____ (Microsoft Corporation) C:\Windows\system32\KBDBASH.DLL
2014-08-15 16:20 - 2014-07-09 03:03 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\KBDRU.DLL
2014-08-15 16:20 - 2014-07-09 02:31 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDYAK.DLL
2014-08-15 16:20 - 2014-07-09 02:31 - 00007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDTAT.DLL
2014-08-15 16:20 - 2014-07-09 02:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU1.DLL
2014-08-15 16:20 - 2014-07-09 02:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDRU.DLL
2014-08-15 16:20 - 2014-07-09 02:31 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KBDBASH.DLL
2014-08-15 16:20 - 2014-07-08 23:38 - 00419992 _____ () C:\Windows\system32\locale.nls
2014-08-15 16:20 - 2014-07-08 23:30 - 00419992 _____ () C:\Windows\SysWOW64\locale.nls
2014-08-15 16:17 - 2014-06-25 03:05 - 14175744 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-08-15 16:17 - 2014-06-25 02:41 - 12874240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-08-15 16:17 - 2014-06-16 03:10 - 00985536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2014-08-15 16:17 - 2014-06-03 11:02 - 03241984 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2014-08-15 16:17 - 2014-06-03 11:02 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2014-08-15 16:17 - 2014-06-03 11:02 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2014-08-15 16:17 - 2014-06-03 11:02 - 00112064 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2014-08-15 16:17 - 2014-06-03 10:29 - 02363392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2014-08-15 16:17 - 2014-06-03 10:29 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2014-08-15 16:17 - 2014-06-03 10:29 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2014-08-15 16:14 - 2014-08-07 03:06 - 00529920 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-08-15 16:14 - 2014-08-07 03:01 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-08-15 16:14 - 2014-07-14 03:02 - 01216000 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2014-08-15 16:14 - 2014-07-14 02:40 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2014-08-14 17:12 - 2014-08-14 17:12 - 00000672 _____ () C:\Users\Graham\Desktop\EDTrackerUtilV2 - Shortcut.lnk
2014-08-10 19:36 - 2014-08-12 18:39 - 00000136 _____ () C:\Users\Graham\Desktop\trade.txt
2014-08-10 08:31 - 2014-08-10 08:31 - 00272808 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-08-10 08:31 - 2014-08-10 08:31 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-08-10 08:31 - 2014-08-10 08:31 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-08-10 08:31 - 2014-08-10 08:31 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-08-10 08:31 - 2014-08-10 08:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-08-10 08:31 - 2014-08-10 08:31 - 00000000 ____D () C:\Program Files (x86)\Java
2014-08-05 18:41 - 2014-08-05 18:43 - 00000111 _____ () C:\Users\Graham\Desktop\New Text Document (3).txt
2014-08-04 17:22 - 2014-08-03 21:47 - 00186374 _____ () C:\Users\Graham\Desktop\Elite Dangerous Cobra MkIII A4-Profile-1.vap
2014-08-01 17:36 - 2014-05-14 17:23 - 02477536 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2014-08-01 17:36 - 2014-05-14 17:23 - 00700384 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2014-08-01 17:36 - 2014-05-14 17:23 - 00581600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2014-08-01 17:36 - 2014-05-14 17:23 - 00058336 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2014-08-01 17:36 - 2014-05-14 17:23 - 00044512 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2014-08-01 17:36 - 2014-05-14 17:23 - 00038880 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2014-08-01 17:36 - 2014-05-14 17:23 - 00036320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2014-08-01 17:36 - 2014-05-14 17:21 - 02620928 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2014-08-01 17:36 - 2014-05-14 17:20 - 00097792 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2014-08-01 17:36 - 2014-05-14 17:17 - 00092672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2014-08-01 17:36 - 2014-05-14 09:23 - 00198600 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2014-08-01 17:36 - 2014-05-14 09:23 - 00179656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2014-08-01 17:36 - 2014-05-14 09:20 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2014-08-01 17:36 - 2014-05-14 09:17 - 00033792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
 
==================== One Month Modified Files and Folders =======
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2014-08-31 16:39 - 2014-05-23 08:28 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-08-31 16:38 - 2014-08-31 16:38 - 00020255 _____ () C:\Users\Work\Downloads\FRST.txt
2014-08-31 16:38 - 2014-08-31 15:55 - 00000000 ____D () C:\FRST
2014-08-31 16:36 - 2014-08-31 16:36 - 00002294 _____ () C:\Users\Work\Desktop\aswMBR.txt
2014-08-31 16:36 - 2014-08-31 16:36 - 00000512 _____ () C:\Users\Work\Desktop\MBR.dat
2014-08-31 16:34 - 2013-08-19 15:41 - 00000000 ____D () C:\Users\Work\AppData\Roaming\Skype
2014-08-31 16:33 - 2014-03-14 10:48 - 00000556 _____ () C:\Windows\Tasks\G2MUpdateTask-S-1-5-21-3416957298-1943888354-2837341212-1003.job
2014-08-31 16:22 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\rescache
2014-08-31 16:17 - 2013-05-24 20:47 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-08-31 16:05 - 2013-05-24 17:54 - 00000000 ____D () C:\ProgramData\Kaspersky Lab
2014-08-31 15:57 - 2009-07-14 05:45 - 00022768 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-08-31 15:57 - 2009-07-14 05:45 - 00022768 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-08-31 15:55 - 2009-07-14 06:13 - 00782642 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-08-31 15:54 - 2014-08-31 15:54 - 02104320 _____ (Farbar) C:\Users\Work\Downloads\FRST64.exe
2014-08-31 15:53 - 2014-08-31 15:53 - 05185536 _____ (AVAST Software) C:\Users\Work\Downloads\aswMBR.exe
2014-08-31 15:53 - 2014-07-28 17:45 - 01959788 _____ () C:\Windows\WindowsUpdate.log
2014-08-31 15:52 - 2013-07-06 09:10 - 00000000 ____D () C:\Users\Work\AppData\Roaming\Dropbox
2014-08-31 15:51 - 2014-05-23 08:28 - 00000890 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-08-31 15:50 - 2014-06-11 19:44 - 00000000 ____D () C:\Program Files (x86)\RivaTuner Statistics Server
2014-08-31 15:50 - 2013-10-30 15:59 - 00003018 _____ () C:\Windows\System32\Tasks\MSIAfterburner
2014-08-31 15:50 - 2013-06-13 19:54 - 00000000 ____D () C:\Program Files (x86)\MSI Afterburner
2014-08-31 15:50 - 2013-05-24 21:09 - 00000000 ____D () C:\Users\Graham\AppData\Roaming\Dropbox
2014-08-31 15:49 - 2014-08-29 19:34 - 00000504 _____ () C:\Windows\setupact.log
2014-08-31 15:49 - 2009-07-14 06:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-08-31 10:12 - 2013-11-29 19:00 - 00000000 ____D () C:\Users\Graham\AppData\Roaming\vlc
2014-08-29 20:10 - 2014-06-24 16:34 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-08-29 19:35 - 2009-07-14 05:45 - 00337352 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-08-29 19:35 - 2009-07-14 04:20 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2014-08-29 19:34 - 2014-08-29 19:34 - 00000000 _____ () C:\Windows\setuperr.log
2014-08-28 20:16 - 2014-08-31 10:12 - 87256135 ____N () C:\Users\Graham\Desktop\20140828_201529.mp4
2014-08-27 16:02 - 2013-07-06 09:15 - 00000000 ____D () C:\Users\Work\AppData\Roaming\KeePass
2014-08-27 15:08 - 2013-12-25 12:13 - 00000000 ____D () C:\Program Files (x86)\FanaLEDs
2014-08-27 11:37 - 2014-08-27 11:37 - 04181856 _____ (Kaspersky Lab ZAO) C:\Users\Work\Downloads\tdsskiller.exe
2014-08-27 11:30 - 2014-08-27 10:57 - 00000449 _____ () C:\Users\Work\Desktop\doidge.txt
2014-08-27 08:56 - 2014-08-27 08:56 - 00000468 _____ () C:\Users\Work\Desktop\71157.txt
2014-08-27 08:50 - 2013-05-23 21:12 - 00000000 ____D () C:\Windows\System32\Tasks\ASUS
2014-08-27 08:45 - 2014-08-27 08:22 - 00002085 _____ () C:\Users\Work\Desktop\eSellerPro.lnk
2014-08-27 08:32 - 2014-08-27 08:32 - 00001286 _____ () C:\Users\Public\Desktop\Panda Cloud Cleaner.lnk
2014-08-27 08:32 - 2014-08-27 08:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Panda Security
2014-08-27 08:32 - 2014-08-27 08:32 - 00000000 ____D () C:\Program Files (x86)\Panda Security
2014-08-27 08:31 - 2014-08-27 08:30 - 30412088 _____ (Panda Security ) C:\Users\Work\Downloads\PandaCloudCleaner.exe
2014-08-27 08:24 - 2014-08-27 08:24 - 00000000 ____D () C:\ProgramData\F-Secure
2014-08-27 08:23 - 2014-08-27 08:23 - 05124208 _____ (F-Secure Corporation) C:\Users\Work\Downloads\F-SecureOnlineScanner-HC (1).exe
2014-08-27 08:22 - 2014-08-27 08:22 - 05124208 _____ (F-Secure Corporation) C:\Users\Work\Downloads\F-SecureOnlineScanner-HC.exe
2014-08-27 08:22 - 2014-08-27 08:22 - 00000000 ____D () C:\Users\Work\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Sandbourne Systems
2014-08-27 08:10 - 2013-07-06 09:10 - 00000000 ____D () C:\Users\Work\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-08-27 08:10 - 2013-05-28 12:31 - 00000000 ____D () C:\ProgramData\Skype
2014-08-23 03:07 - 2014-08-29 18:53 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-08-23 02:45 - 2014-08-29 18:53 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-08-23 01:59 - 2014-08-29 18:53 - 03163648 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-08-22 18:45 - 2013-05-24 21:05 - 00000000 ____D () C:\Users\Graham\AppData\Roaming\KeePass
2014-08-16 06:47 - 2009-07-14 04:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-08-15 21:36 - 2013-08-18 16:28 - 00000000 ____D () C:\Windows\system32\MRT
2014-08-15 21:34 - 2013-05-24 18:13 - 99218768 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-08-15 21:33 - 2014-05-06 21:45 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-08-14 17:12 - 2014-08-14 17:12 - 00000672 _____ () C:\Users\Graham\Desktop\EDTrackerUtilV2 - Shortcut.lnk
2014-08-13 20:11 - 2013-05-28 14:12 - 00000000 ____D () C:\Users\Graham\AppData\Roaming\MusicBee
2014-08-12 18:39 - 2014-08-10 19:36 - 00000136 _____ () C:\Users\Graham\Desktop\trade.txt
2014-08-10 08:31 - 2014-08-10 08:31 - 00272808 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-08-10 08:31 - 2014-08-10 08:31 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-08-10 08:31 - 2014-08-10 08:31 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-08-10 08:31 - 2014-08-10 08:31 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-08-10 08:31 - 2014-08-10 08:31 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-08-10 08:31 - 2014-08-10 08:31 - 00000000 ____D () C:\Program Files (x86)\Java
2014-08-08 22:00 - 2014-06-18 20:04 - 00001102 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 9.lnk
2014-08-08 18:12 - 2014-04-02 20:57 - 00000000 ____D () C:\ProgramData\TEMP
2014-08-07 03:06 - 2014-08-15 16:14 - 00529920 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-08-07 03:01 - 2014-08-15 16:14 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-08-05 18:43 - 2014-08-05 18:41 - 00000111 _____ () C:\Users\Graham\Desktop\New Text Document (3).txt
2014-08-05 09:20 - 2013-05-24 18:04 - 00270496 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-08-03 21:47 - 2014-08-04 17:22 - 00186374 _____ () C:\Users\Graham\Desktop\Elite Dangerous Cobra MkIII A4-Profile-1.vap
2014-08-01 00:41 - 2014-08-15 16:41 - 00348856 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-08-01 00:16 - 2014-08-15 16:41 - 00307384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2014-08-31 16:15
 
==================== End Of Log ============================
 
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 31-08-2014
Ran by Work at 2014-08-31 15:55:35
Running from C:\Users\Work\Downloads
Boot Mode: Normal
==========================================================
 
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Kaspersky Internet Security (Enabled - Up to date) {2EAA32A5-1EE1-1B22-95DA-337730C6E984}
AS: Kaspersky Internet Security (Enabled - Up to date) {95CBD341-38DB-14AC-AF6A-08054B41A339}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Internet Security (Enabled) {1691B380-548E-1A7A-BE85-9A42CE15AEFF}
 
==================== Installed Programs ======================
 
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
3DMark (HKLM-x32\...\{4198fd8f-98bd-4240-9b3a-ab2643e532f6}) (Version: 1.3.708.0 - Futuremark)
3DMark (Version: 1.3.708.0 - Futuremark) Hidden
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
ACE COMBAT™ ASSAULT HORIZON Enhanced Edition (HKLM-x32\...\Steam App 228400) (Version:  - Namco)
Adobe Flash Player 14 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 14.0.0.145 - Adobe Systems Incorporated)
Adobe Flash Player 14 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 14.0.0.145 - Adobe Systems Incorporated)
AMD Accelerated Video Transcoding (Version: 13.30.100.40417 - Advanced Micro Devices, Inc.) Hidden
AMD Catalyst Control Center (x32 Version: 2014.0417.2226.38446 - Advanced Micro Devices, Inc.) Hidden
AMD Catalyst Install Manager (HKLM\...\{6119B3A6-3603-9695-0398-CDF2AF0A13F8}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
AMD Drag and Drop Transcoding (Version: 2.00.0000 - Advanced Micro Devices, Inc.) Hidden
AMD Wireless Display v3.0 (Version: 1.0.0.15 - Advanced Micro Devices, Inc.) Hidden
Amiga Forever (HKLM-x32\...\{2B88501E-A0AB-48E0-855C-39F6DC92B653}) (Version: 2012.0.12 - Cloanto)
Arma 2 (HKLM-x32\...\Steam App 33900) (Version:  - Bohemia Interactive)
ARMA 2: British Armed Forces - Data cache removal (HKLM-x32\...\A2BAF Data cache removal) (Version:  - )
Arma 2: British Armed Forces (HKLM-x32\...\Steam App 65700) (Version:  - Bohemia Interactive)
Arma 2: DayZ Mod (HKLM-x32\...\Steam App 224580) (Version:  - Bohemia Interactive)
Arma 2: Operation Arrowhead (HKLM-x32\...\Steam App 33930) (Version:  - Bohemia Interactive)
ARMA 2: Private Military Company - Data cache removal (HKLM-x32\...\A2PMC Data cache removal) (Version:  - )
Arma 2: Private Military Company (HKLM-x32\...\Steam App 65720) (Version:  - Bohemia Interactive)
Asmedia ASM104x USB 3.0 Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.16.12.0 - Asmedia Technology)
Assetto Corsa (HKLM-x32\...\Steam App 244210) (Version:  - Kunos Simulazioni)
ASUS Xonar D2X Audio Driver (HKLM\...\C-Media Oxygen HD Audio Driver) (Version:  - )
Avidemux 2.6 (32-bit) (HKLM-x32\...\Avidemux 2.6) (Version: 2.6.4.8696 - )
Brother MFL-Pro Suite DCP-J132W (HKLM-x32\...\{B742757A-7658-4E09-A51A-085CF0F7F4D3}) (Version: 1.0.0.0 - Brother Industries, Ltd.)
Bullzip PDF Printer 10.2.0.2141 (HKLM\...\Bullzip PDF Printer_is1) (Version: 10.2.0.2141 - Bullzip)
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2014.0417.2226.38446 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2014.0417.2226.38446 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2014.0417.2226.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Standard (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Traditional (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Czech (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Danish (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Dutch (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help English (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Finnish (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help French (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help German (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Greek (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Hungarian (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Italian (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Japanese (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Korean (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Norwegian (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Polish (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Portuguese (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Russian (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Spanish (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Swedish (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Thai (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
CCC Help Turkish (x32 Version: 2014.0417.2225.38446 - Advanced Micro Devices, Inc.) Hidden
ccc-utility64 (Version: 2014.0417.2226.38446 - Advanced Micro Devices, Inc.) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 4.09 - Piriform)
CCS64 V3.9 (HKLM-x32\...\{B7B5A370-3DFF-4F0E-AE11-FD267C4938AA}) (Version: 1.0.0 - Computerbrains C.C.S.)
Citrix Online Launcher (HKLM-x32\...\{AC7E7905-8C59-4806-A96D-30936A2B1FC5}) (Version: 1.0.168 - Citrix)
CL-Eye Driver (HKLM-x32\...\CL-Eye Driver) (Version: 5.3.0.0341 - Code Laboratories, Inc.)
Colasoft Capsa 7 Free (HKLM-x32\...\Colasoft Capsa 7 Free_is1) (Version: 7.7.2.4050 - Colasoft)
Corsair Link (HKLM-x32\...\{658EFB3F-8606-4576-8FEC-B0CED48F1E68}) (Version: 2.5.5145 - Corsair)
Corsair Link™ USB Dongle (Driver Removal) (HKLM-x32\...\CMIUSB&1B1C&1C00) (Version:  - Corsair Memory, Inc.)
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version:  - Valve)
CPUID CPU-Z 1.69.2 (HKLM\...\CPUID CPU-Z_is1) (Version:  - )
CyberLink Blu-ray Disc Suite (HKLM-x32\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 6.0.4703 - CyberLink Corp.)
CyberLink Blu-ray Disc Suite (x32 Version: 6.0.4703 - CyberLink Corp.) Hidden
CyberLink LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.3620 - CyberLink Corp.)
CyberLink LabelPrint (x32 Version: 2.5.3620 - CyberLink Corp.) Hidden
CyberLink PowerBackup (HKLM-x32\...\{ADD5DB49-72CF-11D8-9D75-000129760D75}) (Version: 2.5.6023 - CyberLink Corp.)
CyberLink PowerDVD 10 (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.2425.52 - CyberLink Corp.)
CyberLink PowerDVD 10 (x32 Version: 10.0.2425.52 - CyberLink Corp.) Hidden
CyberLink PowerProducer (HKLM-x32\...\InstallShield_{B7A0CE06-068E-11D6-97FD-0050BACBF861}) (Version: 5.0.2.2429 - CyberLink Corp.)
CyberLink PowerProducer (x32 Version: 5.0.2.2429 - CyberLink Corp.) Hidden
DayZ (HKLM-x32\...\Steam App 221100) (Version:  - Bohemia Interactive)
DayZ Commander (HKLM-x32\...\{B3653588-3AC0-4A1D-950F-D96531E84374}) (Version: 0.92.91 - Dotjosh Studios)
DiRT 3 (HKLM-x32\...\Steam App 44320) (Version:  - Codemasters Racing Studio)
Dropbox (HKCU\...\Dropbox) (Version: 2.10.28 - Dropbox, Inc.)
Elite Dangerous Launcher version 0.3.1310.0 (HKLM-x32\...\{696F8871-C91D-4CB1-825D-36BE18065575}_is1) (Version: 0.3.1310.0 - Frontier Developments)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version:  - )
f.lux (HKCU\...\Flux) (Version:  - )
FaceTrackingAPI_NC 3.2 (HKLM-x32\...\InstallShield_{2CA31F85-8C72-4BB1-9835-A7E2AD61CBF3}) (Version: 3.2.6 - Seeing Machines Ltd.)
FaceTrackingAPI_NC 3.2 (x32 Version: 3.2.6 - Seeing Machines Ltd.) Hidden
FaceTrackNoIR version 1.7.2 (HKLM-x32\...\FaceTrackNoIR_is1) (Version: 1.7.2 - FaceTrackNoIR Team)
FanaLEDs (HKLM-x32\...\FanaLEDs) (Version: 2.2e - Gerben bol & Dirk Teurlings)
Fanatec Wheel (HKLM\...\{1212516D-C434-4A14-9107-CE271E186019}) (Version: 8.14.4 - Endor AG)
Futuremark SystemInfo (HKLM-x32\...\{4115C9AA-35E0-45D8-9363-47635B8750C7}) (Version: 4.29.438.0 - Futuremark)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 36.0.1985.143 - Google Inc.)
Google Update Helper (x32 Version: 1.3.24.7 - Google Inc.) Hidden
GoToMeeting 6.3.0.1468 (HKCU\...\GoToMeeting) (Version: 6.3.0.1468 - CitrixOnline)
HandBrake 0.9.9.1 (HKLM-x32\...\HandBrake) (Version: 0.9.9.1 - )
Helium (HKLM-x32\...\{9A781940-AC41-4D5E-8E1E-76A04B916FB9}) (Version: 1.0.0 - ClockworkMod)
Intel® IPP Run-Time Installer 5.3 Update 4 for Windows* on IA-32 (HKLM-x32\...\{754854DC-2E0A-49D8-A1A1-426C1F9B1459}) (Version: 5.3.4.087 - Intel Corporation)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.0.12.1498 - Intel Corporation)
Intel® Network Connections 18.5.54.0 (HKLM\...\PROSetDX) (Version: 18.5.54.0 - Intel)
Intel® Network Connections 18.5.54.0 (Version: 18.5.54.0 - Intel) Hidden
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.3062 - Intel Corporation)
Intel® Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.6.2.1001 - Intel Corporation)
Intel® SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
Intel® Trusted Connect Service Client (Version: 1.24.388.1 - Intel Corporation) Hidden
iReport 3.7.6 (HKLM-x32\...\iReport-3.7.6.exe) (Version: 3.7.6 - Jaspersoft Corp.)
Java 7 Update 67 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217067FF}) (Version: 7.0.670 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Kaspersky Internet Security 2012 (HKLM-x32\...\InstallWIX_{45E557D6-2271-4F13-8101-C620B4285AB0}) (Version: 12.0.0.374 - Kaspersky Lab)
Kaspersky Internet Security 2012 (x32 Version: 12.0.0.374 - Kaspersky Lab) Hidden
KeePass Password Safe 2.26 (HKLM-x32\...\KeePassPasswordSafe2_is1) (Version: 2.26 - Dominik Reichl)
LibreOffice 4.2.3.3 (HKLM-x32\...\{4117DF3C-6677-4A22-90B7-FF06923417E9}) (Version: 4.2.3.3 - The Document Foundation)
LightScribe System Software (HKLM-x32\...\{FD7F0DB8-0E96-4D64-AD4D-9B5A936AF2A8}) (Version: 1.18.20.1 - LightScribe)
Logitech Gaming Software 5.10 (HKLM\...\{1444D2EE-C7AD-44A8-844F-2634B49353D1}) (Version: 5.10.127 - Logitech)
Logitech Solar App 1.10 (HKLM\...\SolarApp) (Version: 1.10.3 - Logitech)
Malwarebytes Anti-Malware version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{42AA4CA8-DCD8-4308-BCAB-0B6D75856A9D}) (Version: 3.5.95.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.61030 (x32 Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.61030 (x32 Version: 11.0.61030 - Microsoft Corporation) Hidden
Mozilla Firefox 31.0 (x86 en-GB) (HKLM-x32\...\Mozilla Firefox 31.0 (x86 en-GB)) (Version: 31.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
MSI Afterburner 3.0.1 (HKLM-x32\...\Afterburner) (Version: 3.0.1 - MSI Co., LTD)
MSI Live Update (HKLM-x32\...\{4F46CF54-47D2-41F4-B230-B0954C544420}}_is1) (Version: 6.0.005 - MSI)
MusicBee 2.0 (HKLM-x32\...\MusicBee) (Version: 2.0 - Steven Mayall)
MyFreeCodec (HKCU\...\MyFreeCodec) (Version:  - )
NVIDIA PhysX (HKLM-x32\...\{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}) (Version: 9.12.1031 - NVIDIA Corporation)
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
Origin (HKLM-x32\...\Origin) (Version: 9.3.1.4482 - Electronic Arts, Inc.)
paint.net (HKLM\...\{F509C1F4-0029-49F9-B145-A4C4E8DF481A}) (Version: 4.0.3 - dotPDN LLC)
Panda Cloud Cleaner (HKLM-x32\...\{92B2B132-C7F0-43DC-921A-4493C04F78A4}_is1) (Version: 1.0.103 - Panda Security)
PDF-XChange Lite 2012 (HKLM\...\{AD09CC9A-6901-4921-B66D-9402FF32EF27}_is1) (Version: 5.0.270.0 - Tracker Software Products Ltd)
Poker Night 2 (HKLM-x32\...\Steam App 234710) (Version:  - Telltale Games)
Populous (HKLM-x32\...\{476CD9DE-C45F-4443-BFA7-E51C58B7E455}) (Version: 1.0.0.0 - Electronic Arts)
PowerDVD (HKLM-x32\...\{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}) (Version: 7.0.2414.0 - CyberLink Corporation)
Pro Evolution Soccer 2014 (HKLM-x32\...\{5EFD3544-2371-4900-8ACA-F157BA80FB0C}) (Version: 1.06.0000 - KONAMI)
RadeonPro 1.0 (Build 1.1.1.0) (HKLM-x32\...\RadeonPro_is1) (Version:  - )
Rapture3D 2.4.8 Game (HKLM-x32\...\{D2FCA41E-AC01-4DCD-B3A7-DC9E32363065}}_is1) (Version:  - Blue Ripple Sound)
Revo Uninstaller 1.95 (HKLM-x32\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group)
rFactor2 (HKLM-x32\...\rFactor2) (Version:  - )
RivaTuner Statistics Server 6.1.2 (HKLM-x32\...\RTSS) (Version: 6.1.2 - Unwinder)
Saitek NT Controller Drivers (HKLM-x32\...\{350A0AB4-2BEB-416A-9748-F56116635F8A}) (Version:  - )
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.27.0 - SAMSUNG Electronics Co., Ltd.)
Sid Meier's Civilization V (HKLM-x32\...\Steam App 8930) (Version:  - 2K Games, Inc.)
SimCity 4 Deluxe (HKLM-x32\...\{3F0D0ABE-CDAF-431A-00BC-CBBE018EA74E}) (Version: 1.0.0.0 - Electronic Arts)
Skype™ 6.18 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.18.106 - Skype Technologies S.A.)
Software Director (HKLM-x32\...\Cloanto Software Director) (Version: 3.8.8.0 - Cloanto Corporation)
Spectaculator 8.0 (HKLM-x32\...\{B21AE9DA-E837-4F82-B061-7848B4F3096B}) (Version: 8.0.0.3092 - spectaculator.com)
Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
SteelSeries Engine (HKLM\...\SteelSeries Engine) (Version: 2.8.59.30483 - SteelSeries)
Super Street Fighter IV: Arcade Edition (HKLM-x32\...\Steam App 45760) (Version:  - Capcom)
System Requirements Lab for Intel (64-bit) (HKLM\...\{419B57C2-BEB5-4201-91F5-CEF73F24C219}) (Version: 4.5.13.0 - Husdawg, LLC)
T500 RS racing wheel drivers (HKLM-x32\...\{28B758EA-5C83-48B1-B352-C70F12C73F5A}) (Version: 2.TTRS.2013 - Thrustmaster)
TeamSpeak 3 Client (HKLM-x32\...\TeamSpeak 3 Client) (Version: 3.0.13 - TeamSpeak Systems GmbH)
TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.31064 - TeamViewer)
The Elder Scrolls V: Skyrim (HKLM-x32\...\Steam App 72850) (Version:  - Bethesda Game Studios)
The Swapper (HKLM-x32\...\Steam App 231160) (Version:  - Olli Harjola, Otto Hantula, Tom Jubert, Carlo Castellano)
Tom Clancy's Splinter Cell Blacklist (HKLM-x32\...\Steam App 235600) (Version:  - Ubisoft Toronto)
Ubisoft Game Launcher (HKLM-x32\...\{888F1505-C2B3-4FDE-835D-36353EBD4754}) (Version: 1.0.0.0 - UBISOFT)
Ultra Defragmenter (HKLM-x32\...\UltraDefrag) (Version: 6.0.2 - UltraDefrag Development Team)
VIRTU 1.2.108 (HKLM\...\VIRTU_is1) (Version: 1.2.108 - Lucidlogix Technologies LTD)
VJoy Virtual Joystick Driver 1.2 (HKLM-x32\...\VJoy Virtual Joystick Driver_is1) (Version:  - Headsoft)
VLC media player 2.1.1 (HKLM-x32\...\VLC media player) (Version: 2.1.1 - VideoLAN)
VoiceAttack (HKLM-x32\...\{2B30309F-6B71-4DE1-A0E0-7059612C5A27}) (Version: 1.5.5 - VoiceAttack.com)
Windows Live ID Sign-in Assistant (HKLM\...\{9B48B0AC-C813-4174-9042-476A887592C7}) (Version: 6.500.3165.0 - Microsoft Corporation)
X-COM: Apocalypse (HKLM-x32\...\Steam App 7660) (Version:  - MicroProse Software, Inc)
 
==================== Custom CLSID (selected items): ==========================
 
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
 
CustomCLSID: HKU\S-1-5-21-3416957298-1943888354-2837341212-1003_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Work\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3416957298-1943888354-2837341212-1003_Classes\CLSID\{84B5A313-CD5D-4904-8BA2-AFDC81C1B309}\InprocServer32 -> C:\Users\Work\AppData\Local\Citrix\GoToMeeting\1312\G2MOutlookAddin64.dll (Citrix Online, a division of Citrix Systems, Inc.)
CustomCLSID: HKU\S-1-5-21-3416957298-1943888354-2837341212-1003_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Work\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3416957298-1943888354-2837341212-1003_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Work\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3416957298-1943888354-2837341212-1003_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Work\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3416957298-1943888354-2837341212-1003_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Work\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3416957298-1943888354-2837341212-1003_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Work\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3416957298-1943888354-2837341212-1003_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Work\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3416957298-1943888354-2837341212-1003_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Work\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-3416957298-1943888354-2837341212-1003_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Work\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
 
==================== Restore Points  =========================
 
27-08-2014 07:12:00 Windows Update
29-08-2014 18:34:30 Windows Update
30-08-2014 17:46:18 Windows Update
 
==================== Hosts content: ==========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2009-07-14 03:34 - 2009-06-10 22:00 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
 
==================== Scheduled Tasks (whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
 
Task: {0B72D51F-C1D1-449F-AAFC-27517A9296B7} - System32\Tasks\Microsoft\Windows\WindowsBackup\AutomaticBackup => Rundll32.exe /d sdengin2.dll,ExecuteScheduledBackup
Task: {4A7ADD17-754E-435B-9E77-37267DA5BE9E} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-07-09] (Adobe Systems Incorporated)
Task: {6AA68BCA-E06E-4770-A53C-F1388D53C658} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-05-23] (Google Inc.)
Task: {6B26A568-47B9-4802-A95F-3788159D5D73} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-12-17] (Piriform Ltd)
Task: {77BB793A-7743-4337-A20C-E20B72FC6ECE} - System32\Tasks\MSIAfterburner => C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe [2014-06-10] ()
Task: {A997DDAB-67E0-4AAE-B086-11160A9F2CA8} - System32\Tasks\Start Corsair Link => C:\Program Files (x86)\Corsair\Corsair Link\CorsairLINK.exe [2013-12-05] ()
Task: {BA4A234E-5086-4467-8A71-48596C2D16D6} - System32\Tasks\G2MUpdateTask-S-1-5-21-3416957298-1943888354-2837341212-1003 => C:\Users\Work\AppData\Local\Citrix\GoToMeeting\1468\g2mupdate.exe [2014-07-21] (Citrix Online, a division of Citrix Systems, Inc.)
Task: {E0962E8A-FB85-4477-9420-D39A9149D9FF} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-05-23] (Google Inc.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\G2MUpdateTask-S-1-5-21-3416957298-1943888354-2837341212-1003.job => C:\Users\Work\AppData\Local\Citrix\GoToMeeting\1468\g2mupdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
 
==================== Loaded Modules (whitelisted) =============
 
2013-08-26 15:35 - 2013-08-28 21:27 - 00075136 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2013-08-18 18:16 - 2005-08-08 06:54 - 00167936 ____N () C:\Program Files (x86)\CyberLink\Shared Files\RichVideo.exe
2014-06-23 11:44 - 2005-04-22 05:36 - 00143360 _____ () C:\Windows\system32\BrSNMP64.dll
2013-05-24 19:07 - 2008-07-11 15:04 - 00200704 ____N () C:\Windows\SysWOW64\HsMgr.exe
2013-05-24 19:07 - 2008-07-11 15:03 - 00282112 ____N () C:\Windows\system\HsMgr64.exe
2014-05-24 15:45 - 2011-04-19 14:56 - 00143360 ____N () C:\Program Files\ASUS Xonar D2X Audio\Customapp\VmixP8.dll
2014-08-22 17:04 - 2014-08-21 19:15 - 01171456 _____ () C:\Games\Steam\libavcodec-56.dll
2014-08-22 17:04 - 2014-08-21 19:15 - 00442368 _____ () C:\Games\Steam\libavutil-54.dll
2014-08-22 17:04 - 2014-08-21 19:15 - 00332800 _____ () C:\Games\Steam\libavresample-2.dll
2013-04-23 18:30 - 2014-08-20 23:38 - 00774656 _____ () C:\Games\Steam\SDL2.dll
2014-05-04 18:00 - 2014-08-28 12:48 - 02224320 _____ () C:\Games\Steam\video.dll
2014-08-22 17:04 - 2014-08-21 19:15 - 00403968 _____ () C:\Games\Steam\libavformat-56.dll
2014-08-22 17:04 - 2014-08-21 19:15 - 00485888 _____ () C:\Games\Steam\libswscale-3.dll
2013-05-03 15:35 - 2014-08-28 12:48 - 00678080 _____ () C:\Games\Steam\bin\chromehtml.DLL
2010-11-22 14:00 - 2010-11-22 14:00 - 02121728 _____ () C:\Program Files (x86)\Common Files\LightScribe\QtCore4.dll
2010-11-22 14:00 - 2010-11-22 14:00 - 07745536 _____ () C:\Program Files (x86)\Common Files\LightScribe\QtGui4.dll
2010-11-22 14:00 - 2010-11-22 14:00 - 00135168 _____ () C:\Program Files (x86)\Common Files\LightScribe\plugins\imageformats\qjpeg4.dll
2014-08-31 15:52 - 2014-08-31 15:52 - 00043008 _____ () e:\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpvmxqgh.dll
2013-08-23 20:01 - 2013-08-23 20:01 - 25100288 _____ () C:\Users\Work\AppData\Roaming\Dropbox\bin\libcef.dll
2011-04-24 23:13 - 2011-04-24 23:13 - 02118032 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\QtCore4.dll
2011-04-24 23:13 - 2011-04-24 23:13 - 07008656 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\QtGui4.dll
2011-04-24 23:13 - 2011-04-24 23:13 - 02089360 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\QtDeclarative4.dll
2011-04-24 23:13 - 2011-04-24 23:13 - 01270160 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\QtScript4.dll
2011-04-24 23:13 - 2011-04-24 23:13 - 00192912 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\QtSql4.dll
2011-04-24 23:13 - 2011-04-24 23:13 - 00758160 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\QtNetwork4.dll
2011-04-20 19:56 - 2011-04-20 19:56 - 00025088 _____ () C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 2012\imageformats\qgif4.dll
2013-05-24 17:35 - 2011-08-23 21:37 - 00059904 _____ () C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IsdiInterop.dll
2013-05-24 17:32 - 2012-05-10 15:03 - 01198872 _____ () C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\ACE.dll
2014-08-14 17:40 - 2014-08-07 04:20 - 00718152 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.143\libglesv2.dll
2014-08-14 17:40 - 2014-08-07 04:20 - 00126280 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.143\libegl.dll
2013-03-26 16:16 - 2014-08-20 23:38 - 34589376 _____ () C:\Games\Steam\bin\libcef.dll
2014-08-14 17:40 - 2014-08-07 04:20 - 08537928 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.143\pdf.dll
2014-08-14 17:40 - 2014-08-07 04:20 - 00353096 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.143\ppGoogleNaClPluginChrome.dll
2014-08-14 17:40 - 2014-08-07 04:20 - 01732936 _____ () C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.143\ffmpegsumo.dll
 
==================== Alternate Data Streams (whitelisted) =========
 
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
 
AlternateDataStreams: C:\ProgramData\TEMP:CD30FA91
 
==================== Safe Mode (whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\44846597.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\44846597.sys => ""="Driver"
 
==================== EXE Association (whitelisted) =============
 
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
 
 
==================== MSCONFIG/TASK MANAGER disabled items =========
 
(Currently there is no automatic fix for this section.)
 
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Software Director Scheduler.lnk => C:\Windows\pss\Software Director Scheduler.lnk.CommonStartup
MSCONFIG\startupreg: BDRegion => C:\Program Files (x86)\Cyberlink\Shared files\brs.exe
MSCONFIG\startupreg: BrHelp => C:\Program Files (x86)\Brother\Brother Help\BrotherHelp.exe /AUTORUN
MSCONFIG\startupreg: BrStsMon00 => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe /AUTORUN
MSCONFIG\startupreg: Cmaudio8788GX => C:\Windows\syswow64\HsMgr.exe Envoke
MSCONFIG\startupreg: Cmaudio8788GX64 => C:\Windows\system\HsMgr64.exe Envoke
MSCONFIG\startupreg: ControlCenter4 => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe /autorun
MSCONFIG\startupreg: EADM => "c:\Program Files (x86)\Origin\Origin.exe" -AutoStart
MSCONFIG\startupreg: KeePass 2 PreLoad => "C:\Program Files (x86)\KeePass Password Safe 2\KeePass.exe" --preload
MSCONFIG\startupreg: KiesPreload => C:\Program Files (x86)\Samsung\Kies\Kies.exe /preload
MSCONFIG\startupreg: KiesTrayAgent => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
MSCONFIG\startupreg: LanguageShortcut => "e:\Program Files (x86)\CyberLink\PowerDVD\Language\Language.exe"
MSCONFIG\startupreg: LightScribe Control Panel => C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
MSCONFIG\startupreg: Live Update => C:\Program Files (x86)\MSI\Live Update\StartLiveUpdate.exe /REMINDER
MSCONFIG\startupreg: Profiler => C:\Program Files (x86)\Saitek\Software\Profiler.exe
MSCONFIG\startupreg: RemoteControl => "e:\Program Files (x86)\CyberLink\PowerDVD\PDVDServ.exe"
MSCONFIG\startupreg: RemoteControl10 => "C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe"
MSCONFIG\startupreg: SaiSmart => C:\Program Files (x86)\Saitek\Software\SaiSmart.exe
MSCONFIG\startupreg: Start WingMan Profiler => C:\Program Files\Logitech\Gaming Software\LWEMon.exe /noui
MSCONFIG\startupreg: SteelSeries Engine => C:\Program Files\SteelSeries\SteelSeries Engine\SteelSeriesEngine.exe
MSCONFIG\startupreg: TomTomHOME.exe => "C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe"
MSCONFIG\startupreg: UpdatePPShortCut => "C:\Program Files (x86)\CyberLink\PowerProducer\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\PowerProducer" UpdateWithCreateOnce "Software\CyberLink\PowerProducer\5.0"
MSCONFIG\startupreg: UpdatePSTShortCut => "C:\Program Files (x86)\CyberLink\Blu-ray Disc Suite\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\CyberLink\Blu-ray Disc Suite" UpdateWithCreateOnce "Software\CyberLink\PowerStarter"
MSCONFIG\startupreg: VIRTU => C:\Program Files\Lucidlogix Technologies\VIRTU\VirtuControlPanel.Exe /hide
 
==================== Faulty Device Manager Devices =============
 
Name: VJoy Virtual Joystick
Description: VJoy Virtual Joystick
Class Guid: {745a17a0-74d3-11d0-b6fe-00a0c90f57da}
Manufacturer: Headsoft
Service: vhidmini
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (08/31/2014 03:50:44 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: ASUSAUDIOCENTER.EXE, version: 0.3.0.36, time stamp: 0x4d802c45
Faulting module name: ASUSAUDIOCENTER.EXE, version: 0.3.0.36, time stamp: 0x4d802c45
Exception code: 0xc0000005
Fault offset: 0x0002182f
Faulting process id: 0xb00
Faulting application start time: 0xASUSAUDIOCENTER.EXE0
Faulting application path: ASUSAUDIOCENTER.EXE1
Faulting module path: ASUSAUDIOCENTER.EXE2
Report Id: ASUSAUDIOCENTER.EXE3
 
Error: (08/30/2014 05:31:35 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: ASUSAUDIOCENTER.EXE, version: 0.3.0.36, time stamp: 0x4d802c45
Faulting module name: ASUSAUDIOCENTER.EXE, version: 0.3.0.36, time stamp: 0x4d802c45
Exception code: 0xc0000005
Fault offset: 0x0002182f
Faulting process id: 0xa54
Faulting application start time: 0xASUSAUDIOCENTER.EXE0
Faulting application path: ASUSAUDIOCENTER.EXE1
Faulting module path: ASUSAUDIOCENTER.EXE2
Report Id: ASUSAUDIOCENTER.EXE3
 
Error: (08/30/2014 05:21:40 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: ASUSAUDIOCENTER.EXE, version: 0.3.0.36, time stamp: 0x4d802c45
Faulting module name: ASUSAUDIOCENTER.EXE, version: 0.3.0.36, time stamp: 0x4d802c45
Exception code: 0xc0000005
Fault offset: 0x0002182f
Faulting process id: 0x9bc
Faulting application start time: 0xASUSAUDIOCENTER.EXE0
Faulting application path: ASUSAUDIOCENTER.EXE1
Faulting module path: ASUSAUDIOCENTER.EXE2
Report Id: ASUSAUDIOCENTER.EXE3
 
Error: (08/30/2014 05:15:35 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: ASUSAUDIOCENTER.EXE, version: 0.3.0.36, time stamp: 0x4d802c45
Faulting module name: ASUSAUDIOCENTER.EXE, version: 0.3.0.36, time stamp: 0x4d802c45
Exception code: 0xc0000005
Fault offset: 0x0002182f
Faulting process id: 0xa00
Faulting application start time: 0xASUSAUDIOCENTER.EXE0
Faulting application path: ASUSAUDIOCENTER.EXE1
Faulting module path: ASUSAUDIOCENTER.EXE2
Report Id: ASUSAUDIOCENTER.EXE3
 
Error: (08/30/2014 05:03:42 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: ASUSAUDIOCENTER.EXE, version: 0.3.0.36, time stamp: 0x4d802c45
Faulting module name: ASUSAUDIOCENTER.EXE, version: 0.3.0.36, time stamp: 0x4d802c45
Exception code: 0xc0000005
Fault offset: 0x0002182f
Faulting process id: 0xc38
Faulting application start time: 0xASUSAUDIOCENTER.EXE0
Faulting application path: ASUSAUDIOCENTER.EXE1
Faulting module path: ASUSAUDIOCENTER.EXE2
Report Id: ASUSAUDIOCENTER.EXE3
 
Error: (08/30/2014 00:19:53 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: CorsairLINK.exe, version: 2.5.5145.25519, time stamp: 0x52a0a804
Faulting module name: clr.dll, version: 4.0.30319.18444, time stamp: 0x52717e84
Exception code: 0xc0000409
Fault offset: 0x00243b81
Faulting process id: 0xa18
Faulting application start time: 0xCorsairLINK.exe0
Faulting application path: CorsairLINK.exe1
Faulting module path: CorsairLINK.exe2
Report Id: CorsairLINK.exe3
 
Error: (08/29/2014 09:13:18 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: ASUSAUDIOCENTER.EXE, version: 0.3.0.36, time stamp: 0x4d802c45
Faulting module name: ASUSAUDIOCENTER.EXE, version: 0.3.0.36, time stamp: 0x4d802c45
Exception code: 0xc0000005
Fault offset: 0x0002182f
Faulting process id: 0xc80
Faulting application start time: 0xASUSAUDIOCENTER.EXE0
Faulting application path: ASUSAUDIOCENTER.EXE1
Faulting module path: ASUSAUDIOCENTER.EXE2
Report Id: ASUSAUDIOCENTER.EXE3
 
Error: (08/27/2014 03:44:08 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program jp2launcher.exe version 10.67.2.1 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
 
Process ID: 2960
 
Start Time: 01cfc201c11d676b
 
Termination Time: 50
 
Application Path: C:\Program Files (x86)\Java\jre7\bin\jp2launcher.exe
 
Report Id:
 
Error: (08/25/2014 04:39:01 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: ASUSAUDIOCENTER.EXE, version: 0.3.0.36, time stamp: 0x4d802c45
Faulting module name: ASUSAUDIOCENTER.EXE, version: 0.3.0.36, time stamp: 0x4d802c45
Exception code: 0xc0000005
Fault offset: 0x0002182f
Faulting process id: 0xc34
Faulting application start time: 0xASUSAUDIOCENTER.EXE0
Faulting application path: ASUSAUDIOCENTER.EXE1
Faulting module path: ASUSAUDIOCENTER.EXE2
Report Id: ASUSAUDIOCENTER.EXE3
 
Error: (08/23/2014 09:25:14 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifest.
 
 
System errors:
=============
Error: (08/31/2014 03:49:58 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load: 
CSN5PDTS82
 
Error: (08/31/2014 10:07:06 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load: 
CSN5PDTS82
 
Error: (08/30/2014 05:30:19 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load: 
CSN5PDTS82
 
Error: (08/30/2014 05:30:17 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 17:29:20 on ‎30/‎08/‎2014 was unexpected.
 
Error: (08/30/2014 05:21:26 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load: 
CSN5PDTS82
 
Error: (08/30/2014 05:21:24 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 17:20:16 on ‎30/‎08/‎2014 was unexpected.
 
Error: (08/30/2014 05:15:21 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load: 
CSN5PDTS82
 
Error: (08/30/2014 05:15:19 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 17:14:43 on ‎30/‎08/‎2014 was unexpected.
 
Error: (08/30/2014 05:00:49 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load: 
CSN5PDTS82
 
Error: (08/30/2014 08:51:43 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load: 
CSN5PDTS82
 
 
Microsoft Office Sessions:
=========================
Error: (08/31/2014 03:50:44 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: ASUSAUDIOCENTER.EXE0.3.0.364d802c45ASUSAUDIOCENTER.EXE0.3.0.364d802c45c00000050002182fb0001cfc52ad5cfe74dC:\Program Files\ASUS Xonar D2X Audio\Customapp\ASUSAUDIOCENTER.EXEC:\Program Files\ASUS Xonar D2X Audio\Customapp\ASUSAUDIOCENTER.EXE2f02f223-311e-11e4-94d2-14dae91c476c
 
Error: (08/30/2014 05:31:35 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: ASUSAUDIOCENTER.EXE0.3.0.364d802c45ASUSAUDIOCENTER.EXE0.3.0.364d802c45c00000050002182fa5401cfc46faffdd937C:\Program Files\ASUS Xonar D2X Audio\Customapp\ASUSAUDIOCENTER.EXEC:\Program Files\ASUS Xonar D2X Audio\Customapp\ASUSAUDIOCENTER.EXE1b202f6e-3063-11e4-af0c-14dae91c476c
 
Error: (08/30/2014 05:21:40 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: ASUSAUDIOCENTER.EXE0.3.0.364d802c45ASUSAUDIOCENTER.EXE0.3.0.364d802c45c00000050002182f9bc01cfc46e72500128C:\Program Files\ASUS Xonar D2X Audio\Customapp\ASUSAUDIOCENTER.EXEC:\Program Files\ASUS Xonar D2X Audio\Customapp\ASUSAUDIOCENTER.EXEb8a90a81-3061-11e4-aeff-14dae91c476c
 
Error: (08/30/2014 05:15:35 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: ASUSAUDIOCENTER.EXE0.3.0.364d802c45ASUSAUDIOCENTER.EXE0.3.0.364d802c45c00000050002182fa0001cfc46d98e588ddC:\Program Files\ASUS Xonar D2X Audio\Customapp\ASUSAUDIOCENTER.EXEC:\Program Files\ASUS Xonar D2X Audio\Customapp\ASUSAUDIOCENTER.EXEdf25471b-3060-11e4-afe3-14dae91c476c
 
Error: (08/30/2014 05:03:42 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: ASUSAUDIOCENTER.EXE0.3.0.364d802c45ASUSAUDIOCENTER.EXE0.3.0.364d802c45c00000050002182fc3801cfc46b91127240C:\Program Files\ASUS Xonar D2X Audio\Customapp\ASUSAUDIOCENTER.EXEC:\Program Files\ASUS Xonar D2X Audio\Customapp\ASUSAUDIOCENTER.EXE36122d09-305f-11e4-9a8a-14dae91c476c
 
Error: (08/30/2014 00:19:53 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: CorsairLINK.exe2.5.5145.2551952a0a804clr.dll4.0.30319.1844452717e84c000040900243b81a1801cfc4273d47a832C:\Program Files (x86)\Corsair\Corsair Link\CorsairLINK.exeC:\Windows\Microsoft.NET\Framework\v4.0.30319\clr.dll8ff0bde4-3037-11e4-98bb-14dae91c476c
 
Error: (08/29/2014 09:13:18 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: ASUSAUDIOCENTER.EXE0.3.0.364d802c45ASUSAUDIOCENTER.EXE0.3.0.364d802c45c00000050002182fc8001cfc3c51867a3f9C:\Program Files\ASUS Xonar D2X Audio\Customapp\ASUSAUDIOCENTER.EXEC:\Program Files\ASUS Xonar D2X Audio\Customapp\ASUSAUDIOCENTER.EXEea42c16d-2fb8-11e4-b3a6-14dae91c476c
 
Error: (08/27/2014 03:44:08 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: jp2launcher.exe10.67.2.1296001cfc201c11d676b50C:\Program Files (x86)\Java\jre7\bin\jp2launcher.exe
 
Error: (08/25/2014 04:39:01 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: ASUSAUDIOCENTER.EXE0.3.0.364d802c45ASUSAUDIOCENTER.EXE0.3.0.364d802c45c00000050002182fc3401cfc07199b524dbC:\Program Files\ASUS Xonar D2X Audio\Customapp\ASUSAUDIOCENTER.EXEC:\Program Files\ASUS Xonar D2X Audio\Customapp\ASUSAUDIOCENTER.EXEef7db63f-2c6d-11e4-b383-14dae91c476c
 
Error: (08/23/2014 09:25:14 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2.manifestd:\Games\rFactor2\Support\Tools\MAS2.exe
 
 
==================== Memory info =========================== 
 
Processor: Intel® Core™ i5-2500K CPU @ 3.30GHz
Percentage of memory in use: 32%
Total physical RAM: 8159.14 MB
Available physical RAM: 5492.19 MB
Total Pagefile: 16316.46 MB
Available Pagefile: 13262.9 MB
Total Virtual: 8192 MB
Available Virtual: 8191.82 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:214.67 GB) (Free:123.27 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (SSD2) (Fixed) (Total:59.62 GB) (Free:3.11 GB) NTFS
Drive e: (Slow Access) (Fixed) (Total:60.82 GB) (Free:5.48 GB) NTFS
Drive f: (Documents) (Fixed) (Total:58.59 GB) (Free:28.82 GB) NTFS
Drive g: (PES2014_R1) (CDROM) (Total:5.08 GB) (Free:0 GB) UDF
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 238.5 GB) (Disk ID: 5018E64F)
Partition 1: (Active) - (Size=214.7 GB) - (Type=07 NTFS)
 
========================================================
Disk: 1 (Size: 59.6 GB) (Disk ID: 00068A25)
Partition 1: (Not Active) - (Size=59.6 GB) - (Type=07 NTFS)
 
========================================================
Disk: 2 (Size: 149.1 GB) (Disk ID: 0001847F)
Partition 1: (Active) - (Size=21.7 GB) - (Type=83)
Partition 2: (Not Active) - (Size=60.8 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=58.6 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=7.9 GB) - (Type=05)
 
==================== End Of Log ============================

 

 



#5 ken545

ken545

    Forum God

  • Retired Classroom Teacher
  • 23,219 posts
  • Interests:Fighting Malware and cooking some great Italian and TexMex food
  • MVP

Posted 31 August 2014 - 02:32 PM

I closed your original topic due to lack of response, I have since reopened it and merged it with this one, looking at your logs now, be right back



 
 
The forum is staffed by volunteers who donate their time and expertise.
If you feel you have been helped, please consider a donation.
donate.gif
 
Find us on Facebook
Please LIKE and SHARE
 
 
Just a reminder that threads will be closed if no reply in 3 days.

#6 ken545

ken545

    Forum God

  • Retired Classroom Teacher
  • 23,219 posts
  • Interests:Fighting Malware and cooking some great Italian and TexMex food
  • MVP

Posted 31 August 2014 - 02:47 PM

aswMBR checks for a rootkit and your log looks fine, out side of some application errors I am not looking at any sign of Malware

 

Download Malwarebytes' Anti-Malware  to your desktop. 
 
  • Windows XP : Double click on the icon to run it.
  • Windows Vista, Windows 7 & 8 : Right click and select "Run as Administrator"
  •  
    MBAMDashboard_zpsddef9b5f.gif
     
  • On the Dashboard click on Update Now
  • Go to the Setting Tab
  • Under Setting go to Detection and Protection
  • Under PUP and PUM make sure both are set to show Treat Detections as Malware
  • Go to Advanced setting and make sure Automatically Quarantine Detected Items is checked
  • Then on the Dashboard click on Scan
  • Make sure to select THREAT SCAN
  • Then click on Scan
  • When the scan is finished and the log pops up...select Copy to Clipboard
  • Please paste the log back into this thread for review
  • Exit Malwarebytes


     
     
    The forum is staffed by volunteers who donate their time and expertise.
    If you feel you have been helped, please consider a donation.
    donate.gif
     
    Find us on Facebook
    Please LIKE and SHARE
     
     
    Just a reminder that threads will be closed if no reply in 3 days.

    #7 graham_UK

    graham_UK

      New Member

    • New Member
    • Pip
    • 3 posts

    Posted 02 September 2014 - 12:30 PM

    Hi, Please see attached

     

     

    Attached Files



    #8 ken545

    ken545

      Forum God

    • Retired Classroom Teacher
    • 23,219 posts
    • Interests:Fighting Malware and cooking some great Italian and TexMex food
    • MVP

    Posted 02 September 2014 - 01:32 PM

    I cant read your log, don't know why its a .xmi log, its should have opened up in Notepad as a text log

     

    Open Up Malwarebytes and on the Dashboard go to History > Application logs > Scan Logs and click on the one you just ran to open it, when its open click on Copy To Clipboard ( as per my previous instructions for downloading and running Malwarebytes ) then paste it into this thread, do not attach it.

     

    Did it find and remove any threats ?



     
     
    The forum is staffed by volunteers who donate their time and expertise.
    If you feel you have been helped, please consider a donation.
    donate.gif
     
    Find us on Facebook
    Please LIKE and SHARE
     
     
    Just a reminder that threads will be closed if no reply in 3 days.

    #9 ken545

    ken545

      Forum God

    • Retired Classroom Teacher
    • 23,219 posts
    • Interests:Fighting Malware and cooking some great Italian and TexMex food
    • MVP

    Posted 06 September 2014 - 05:10 AM

    Due to inactivity this topic will be closed.
    If you need help please start a new thread.

    New members follow the instructions here http://forums.whatth...ed_t106388.html and start a new topic

     
     
    The forum is staffed by volunteers who donate their time and expertise.
    If you feel you have been helped, please consider a donation.
    donate.gif
     
    Find us on Facebook
    Please LIKE and SHARE
     
     
    Just a reminder that threads will be closed if no reply in 3 days.

    Related Topics



    0 user(s) are reading this topic

    0 members, 0 guests, 0 anonymous users