WE'RE SURE THAT YOU'LL LOVE US!

Hey there! :wub: Looks like you're enjoying the discussion, but you're not signed up for an account. When you create an account, we remember exactly what you've read, so you always come right back where you left off. You also get notifications, here and via email, whenever new posts are made. You can like posts to share the love. Join 93084 other members! Anybody can ask, anybody can answer. Consistently helpful members may be invited to become staff. Here's how it works. Virus cleanup? Start here -> Malware Removal Forum.

Try What the Tech -- It's free!

Javascript Disabled Detected

You currently have javascript disabled. Several functions may not work. Please re-enable javascript to access full functionality.

Internet Explorer Proxy Tick Virus [Solved]

Started by itsbmo , Sep 27 2014 01:48 PM

This topic is locked

30 replies to this topic

#16 ken545

Forum God

Retired Classroom Teacher
23,225 posts

Interests:Fighting Malware and cooking some great Italian and TexMex food

Posted 28 September 2014 - 11:11 AM

When finished FRST will generate a log on the Desktop (Fixlog.txt). Please post it to your reply.

Then run a new scan with FRST, check additions and post both logs

The forum is staffed by volunteers who donate their time and expertise.
If you feel you have been helped, please consider a donation.

Find us on Facebook
Please LIKE and SHARE

Just a reminder that threads will be closed if no reply in 3 days.

Advertisements

Register to Remove

#17 itsbmo

New Member

Authentic Member
17 posts

Posted 28 September 2014 - 11:17 AM

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 27-09-2014
Ran by BMo at 2014-09-28 13:12:53
Running from C:\Users\BMo\Desktop
Boot Mode: Normal
==========================================================

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 27-09-2014
Ran by BMo (administrator) on BMO-PC on 28-09-2014 13:12:02
Running from C:\Users\BMo\Desktop
Loaded Profile: BMo (Available profiles: BMo)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe
(Hi-Rez Studios) C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
(A-Volute) C:\ProgramData\Razer\Synapse\Devices\Razer Surround\Driver\RzMaelstromVADStreamingService.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(Check Point Software Technologies, Ltd.) C:\Program Files (x86)\CheckPoint\ZoneAlarm\ZAPrivacyService.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Spotify Ltd) C:\Users\BMo\AppData\Roaming\Spotify\spotify.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Nota Inc.) C:\Program Files (x86)\Gyazo\GyStation.exe
(Spotify Ltd) C:\Users\BMo\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(SteelSeries ApS) C:\Program Files\SteelSeries\SteelSeries Engine\SteelSeriesEngine.exe
() C:\Program Files\SteelSeries\SteelSeries Engine 3\SteelSeriesEngine3.exe
(Dropbox, Inc.) C:\Users\BMo\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(BlueStack Systems, Inc.) C:\Program Files (x86)\BlueStacks\HD-Agent.exe
(Razer Inc.) C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\tv_w32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\tv_x64.exe
() C:\Users\BMo\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\BMo\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\BMo\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\BMo\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
() C:\Users\BMo\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe

==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7560296 2011-12-12] (Realtek Semiconductor)
HKLM-x32\...\Run: [ZoneAlarm] => C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe [134624 2014-07-23] (Check Point Software Technologies Ltd.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-08-01] (Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-07-25] (Oracle Corporation)
HKLM-x32\...\Run: [BlueStacks Agent] => C:\Program Files (x86)\BlueStacks\HD-Agent.exe [831192 2014-07-03] (BlueStack Systems, Inc.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [Razer Synapse] => C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe [585560 2014-06-23] (Razer Inc.)
HKU\S-1-5-21-1418505120-3983750565-1456373324-1001\...\Run: [Spotify] => C:\Users\BMo\AppData\Roaming\Spotify\Spotify.exe [6342200 2014-09-19] (Spotify Ltd)
HKU\S-1-5-21-1418505120-3983750565-1456373324-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [21650016 2014-07-24] (Skype Technologies S.A.)
HKU\S-1-5-21-1418505120-3983750565-1456373324-1001\...\Run: [Gyazo] => C:\Program Files (x86)\Gyazo\GyStation.exe [3095328 2014-09-16] (Nota Inc.)
HKU\S-1-5-21-1418505120-3983750565-1456373324-1001\...\Run: [Spotify Web Helper] => C:\Users\BMo\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1245752 2014-09-19] (Spotify Ltd)
HKU\S-1-5-21-1418505120-3983750565-1456373324-1001\...\Run: [SteelSeries Engine] => C:\Program Files\SteelSeries\SteelSeries Engine\SteelSeriesEngine.exe [87040 2014-06-26] (SteelSeries ApS)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SteelSeries Engine 3.lnk
ShortcutTarget: SteelSeries Engine 3.lnk -> C:\Program Files\SteelSeries\SteelSeries Engine 3\SteelSeriesEngine3.exe ()
Startup: C:\Users\BMo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\BMo\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.2.1

FireFox:
========
FF ProfilePath: C:\Users\BMo\AppData\Roaming\Mozilla\Firefox\Profiles\fvlston6.default
FF NewTab: user_pref("browser.newtab.url", "");
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll No File
FF Plugin-x32: @raidcall.en/RCplugin -> C:\Users\BMo\AppData\Roaming\raidcall\plugins\nprcplugin.dll (Raidcall)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\BMo\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
FF Extension: Mp3Olimp widget - C:\Users\BMo\AppData\Roaming\Mozilla\Firefox\Profiles\fvlston6.default\Extensions\jid0-SlJAN1IqVQffaO5onLnWK2zcA1Q@jetpack.xpi [2014-08-13]
FF Extension: Adblock Plus - C:\Users\BMo\AppData\Roaming\Mozilla\Firefox\Profiles\fvlston6.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-08-07]

Chrome:
=======
CHR DefaultSuggestURL: Default -> http://api.searchpre...d={searchTerms}
CHR Profile: C:\Users\BMo\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\BMo\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-09-20]
CHR Extension: (Google Docs) - C:\Users\BMo\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-09-20]
CHR Extension: (Google Drive) - C:\Users\BMo\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-09-20]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\BMo\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-09-20]
CHR Extension: (Adguard AdBlocker) - C:\Users\BMo\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnkhhnnamicmpeenaelnjfhikgbkllg [2014-09-20]
CHR Extension: (YouTube) - C:\Users\BMo\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-09-20]
CHR Extension: (Adblock for Youtube) - C:\Users\BMo\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmedhionkhpnakcndndgjdbohmhepckk [2014-09-20]
CHR Extension: (Google Search) - C:\Users\BMo\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-09-20]
CHR Extension: (Dark Vibe) - C:\Users\BMo\AppData\Local\Google\Chrome\User Data\Default\Extensions\dkckeanhmkjaechlhllmapjaaglgpcbj [2014-09-20]
CHR Extension: (Google Sheets) - C:\Users\BMo\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-09-20]
CHR Extension: (Google Wallet) - C:\Users\BMo\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-09-20]
CHR Extension: (Gmail) - C:\Users\BMo\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-09-20]
CHR StartMenuInternet: Google Chrome - chrome.exe

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

S2 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [405208 2014-07-03] (BlueStack Systems, Inc.)
R2 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [384728 2014-07-03] (BlueStack Systems, Inc.)
R2 BstHdUpdaterSvc; C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe [773848 2014-07-03] (BlueStack Systems, Inc.)
R2 HiPatchService; C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [9216 2014-08-22] (Hi-Rez Studios) [File not signed]
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation)
R2 RzMaelstromVADStreamingService; C:\ProgramData\Razer\Synapse\Devices\Razer Surround\Driver\RzMaelstromVADStreamingService.exe [4250624 2014-06-09] (A-Volute) [File not signed]
S2 vsmon; C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe [3596240 2014-07-23] (Check Point Software Technologies Ltd.)
R2 ZAPrivacyService; C:\Program Files (x86)\CheckPoint\ZoneAlarm\ZaPrivacyService.exe [93712 2014-07-03] (Check Point Software Technologies, Ltd.)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [122072 2014-07-03] (BlueStack Systems)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2014-05-12] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [122584 2014-09-28] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2014-05-12] (Malwarebytes Corporation)
R3 RTL8023x64; C:\Windows\System32\DRIVERS\Rtnic64.sys [51712 2009-06-10] (Realtek Semiconductor Corporation )
R3 RZMAELSTROMVADService; C:\Windows\System32\drivers\RzMaelstromVAD.sys [32768 2014-06-09] (Windows ® Win 7 DDK provider)
R3 SAlphamHid; C:\Windows\System32\DRIVERS\SAlpham64.sys [39168 2014-05-27] (SteelSeries Corporation)
R1 Serial; C:\Windows\System32\DRIVERS\serial.sys [94208 2009-07-13] (Brother Industries Ltd.)
S3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [42184 2014-05-16] (Anchorfree Inc.)
R1 Vsdatant; C:\Windows\System32\DRIVERS\vsdatant.sys [450456 2014-07-23] (Check Point Software Technologies Ltd.)
S3 XFDriver64; C:\Program Files (x86)\Xfire2\XFDriver64.sys [17160 2013-03-14] (XFire)

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)

==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-28 01:33 - 2014-09-28 01:33 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-09-27 19:33 - 2014-09-28 13:12 - 00013509 _____ () C:\Users\BMo\Desktop\FRST.txt
2014-09-27 19:24 - 2014-09-27 19:24 - 00001489 _____ () C:\Users\BMo\Desktop\JRT.txt
2014-09-27 19:20 - 2014-09-27 19:20 - 01699276 _____ (Thisisu) C:\Users\BMo\Downloads\JRT(1).exe
2014-09-27 19:00 - 2014-09-27 19:00 - 01373475 _____ () C:\Users\BMo\Desktop\AdwCleaner.exe
2014-09-27 19:00 - 2014-09-27 19:00 - 00000595 _____ () C:\Users\BMo\Downloads\Result.txt
2014-09-27 18:59 - 2014-09-27 18:59 - 00401920 _____ (Farbar) C:\Users\BMo\Desktop\MiniToolBox.exe
2014-09-27 18:02 - 2014-09-27 18:03 - 00031428 _____ () C:\Users\BMo\Downloads\Addition.txt
2014-09-27 18:01 - 2014-09-28 13:12 - 00000000 ____D () C:\FRST
2014-09-27 18:01 - 2014-09-27 18:03 - 00041605 _____ () C:\Users\BMo\Downloads\FRST.txt
2014-09-27 17:39 - 2014-09-27 17:39 - 00001822 _____ () C:\Users\BMo\Desktop\aswMBR.txt
2014-09-27 17:39 - 2014-09-27 17:39 - 00000512 _____ () C:\Users\BMo\Desktop\MBR.dat
2014-09-27 17:18 - 2014-09-27 17:19 - 05185536 _____ (AVAST Software) C:\Users\BMo\Downloads\aswMBR.exe
2014-09-27 17:18 - 2014-09-27 17:19 - 02108928 _____ (Farbar) C:\Users\BMo\Desktop\FRST64.exe
2014-09-27 15:26 - 2014-09-27 15:26 - 00000000 ____D () C:\Windows\ERUNT
2014-09-27 15:24 - 2014-09-27 15:24 - 01699276 _____ (Thisisu) C:\Users\BMo\Desktop\JRT.exe
2014-09-27 15:24 - 2014-09-27 15:24 - 01373475 _____ () C:\Users\BMo\Downloads\adwcleaner_3.310.exe
2014-09-27 15:14 - 2014-09-27 15:14 - 00662016 _____ () C:\Users\BMo\Downloads\MicrosoftFixit50566.msi
2014-09-27 10:03 - 2014-09-27 10:03 - 00000687 _____ () C:\awh6FC7.tmp
2014-09-27 09:59 - 2014-09-27 09:59 - 00000000 ____D () C:\Users\BMo\AppData\Local\CrashRpt
2014-09-27 09:58 - 2014-09-27 09:59 - 00000000 ____D () C:\Program Files (x86)\Search Extensions
2014-09-27 09:58 - 2014-09-27 09:58 - 00000000 __SHD () C:\Users\BMo\AppData\Local\EmieUserList
2014-09-27 09:58 - 2014-09-27 09:58 - 00000000 __SHD () C:\Users\BMo\AppData\Local\EmieSiteList
2014-09-27 09:58 - 2014-09-27 09:58 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_webinstrNew_01009.Wdf
2014-09-27 09:56 - 2014-09-27 09:56 - 00000077 _____ () C:\Users\BMo\AppData\Roaming\die.bat
2014-09-27 09:33 - 2014-09-27 09:33 - 00862208 _____ () C:\Windows\AdobeUpdater.exe
2014-09-27 09:32 - 2014-09-27 09:32 - 00000000 ____D () C:\Users\BMo\Desktop\New folder
2014-09-27 09:24 - 2014-09-27 09:32 - 00000000 ____D () C:\Users\BMo\Desktop\Update
2014-09-26 21:03 - 2014-09-26 21:07 - 00000000 ____D () C:\Users\BMo\Downloads\The Sims 4 Digital Deluxe Edition Update 2 and 3DM Crack v6
2014-09-26 19:28 - 2014-09-26 19:28 - 00000000 ____D () C:\Program Files (x86)\Origin Games
2014-09-26 19:27 - 2014-09-26 19:28 - 00000000 ____D () C:\Users\BMo\AppData\Roaming\Origin
2014-09-26 19:27 - 2014-09-26 19:28 - 00000000 ____D () C:\Users\BMo\AppData\Local\Origin
2014-09-26 19:25 - 2014-09-26 19:27 - 00000000 ____D () C:\Program Files (x86)\Origin
2014-09-26 19:25 - 2014-09-26 19:25 - 00000983 _____ () C:\Users\Public\Desktop\Origin.lnk
2014-09-26 19:25 - 2014-09-26 19:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Origin
2014-09-26 19:25 - 2014-09-26 19:25 - 00000000 ____D () C:\ProgramData\Electronic Arts
2014-09-26 19:24 - 2014-09-27 10:01 - 00000000 ____D () C:\ProgramData\Origin
2014-09-26 19:07 - 2014-09-26 19:22 - 00000000 ____D () C:\ProgramData\Package Cache
2014-09-26 18:44 - 2014-09-27 10:28 - 00000000 ____D () C:\Program Files (x86)\GMT-MAX.ORG
2014-09-25 20:47 - 2014-09-25 20:47 - 00000000 ____D () C:\Users\BMo\Documents\My Games
2014-09-24 02:07 - 2014-09-09 18:11 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-09-24 02:07 - 2014-09-09 17:47 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-09-22 17:47 - 2014-09-22 17:47 - 00000986 _____ () C:\Users\Public\Desktop\Gyazo.lnk
2014-09-22 17:47 - 2014-09-22 17:47 - 00000986 _____ () C:\Users\Public\Desktop\Gyazo GIF.lnk
2014-09-22 05:01 - 2014-09-22 05:01 - 00000000 ____D () C:\ProgramData\Gyazo
2014-09-21 12:03 - 2014-09-21 12:03 - 00000000 ____D () C:\Users\BMo\AppData\Roaming\Microsoft Games
2014-09-21 12:00 - 2014-09-21 12:11 - 00000000 ____D () C:\Program Files (x86)\Viva Pinata
2014-09-21 11:52 - 2014-09-21 11:52 - 00000000 ____D () C:\ProgramData\RzMaelstromVAD_1.1.58.1854
2014-09-21 11:50 - 2014-09-25 22:05 - 00000000 ____D () C:\Users\BMo\Downloads\GMT.KZ_The_Sims_4_Deluxe_Edition_RePack_MAXAGENT
2014-09-21 10:57 - 2014-09-21 10:57 - 00000000 ____D () C:\Users\BMo\AppData\Local\Razer
2014-09-20 20:34 - 2014-09-27 15:28 - 00001290 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-09-20 20:34 - 2014-09-27 15:28 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-09-20 20:29 - 2014-09-28 12:34 - 00000892 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-09-20 20:29 - 2014-09-28 12:12 - 00000888 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-09-20 20:29 - 2014-09-20 20:34 - 00000000 ____D () C:\Users\BMo\AppData\Local\Google
2014-09-20 20:29 - 2014-09-20 20:34 - 00000000 ____D () C:\Program Files (x86)\Google
2014-09-20 20:29 - 2014-09-20 20:29 - 00003888 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-09-20 20:29 - 2014-09-20 20:29 - 00003636 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-09-20 18:49 - 2014-09-20 18:49 - 00895120 _____ (Google Inc.) C:\Users\BMo\Downloads\ChromeSetup.exe
2014-09-20 15:02 - 2014-09-20 15:02 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_Kernel_rzudd_01009.Wdf
2014-09-20 15:01 - 2014-09-20 15:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Razer
2014-09-16 17:37 - 2014-09-16 17:38 - 87256095 _____ () C:\Users\BMo\Downloads\Dunkey_Album.zip
2014-09-13 03:03 - 2014-08-19 14:05 - 00374968 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-09-13 03:03 - 2014-08-19 13:39 - 00327872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-09-13 03:03 - 2014-08-18 19:01 - 23591424 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-09-13 03:03 - 2014-08-18 18:29 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-09-13 03:03 - 2014-08-18 18:29 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-09-13 03:03 - 2014-08-18 18:26 - 17455104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-09-13 03:03 - 2014-08-18 18:20 - 02793984 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-09-13 03:03 - 2014-08-18 18:19 - 05833728 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-09-13 03:03 - 2014-08-18 18:15 - 00547328 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-09-13 03:03 - 2014-08-18 18:15 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-09-13 03:03 - 2014-08-18 18:14 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-09-13 03:03 - 2014-08-18 18:14 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-09-13 03:03 - 2014-08-18 18:08 - 04232704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-09-13 03:03 - 2014-08-18 18:08 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-09-13 03:03 - 2014-08-18 18:08 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-09-13 03:03 - 2014-08-18 18:05 - 00596480 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-09-13 03:03 - 2014-08-18 18:03 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-09-13 03:03 - 2014-08-18 18:03 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-09-13 03:03 - 2014-08-18 18:03 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-09-13 03:03 - 2014-08-18 17:57 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-09-13 03:03 - 2014-08-18 17:56 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-09-13 03:03 - 2014-08-18 17:51 - 00446464 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-09-13 03:03 - 2014-08-18 17:46 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-09-13 03:03 - 2014-08-18 17:45 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-09-13 03:03 - 2014-08-18 17:45 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-09-13 03:03 - 2014-08-18 17:44 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-09-13 03:03 - 2014-08-18 17:44 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-09-13 03:03 - 2014-08-18 17:42 - 02185728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-09-13 03:03 - 2014-08-18 17:40 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-09-13 03:03 - 2014-08-18 17:39 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-09-13 03:03 - 2014-08-18 17:39 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-09-13 03:03 - 2014-08-18 17:39 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-09-13 03:03 - 2014-08-18 17:38 - 00289280 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-09-13 03:03 - 2014-08-18 17:37 - 00440320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-09-13 03:03 - 2014-08-18 17:36 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-09-13 03:03 - 2014-08-18 17:35 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-09-13 03:03 - 2014-08-18 17:27 - 00365056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-09-13 03:03 - 2014-08-18 17:25 - 00727040 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-09-13 03:03 - 2014-08-18 17:25 - 00707072 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-09-13 03:03 - 2014-08-18 17:23 - 02104832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-09-13 03:03 - 2014-08-18 17:23 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-09-13 03:03 - 2014-08-18 17:22 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-09-13 03:03 - 2014-08-18 17:19 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-09-13 03:03 - 2014-08-18 17:17 - 00243200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-09-13 03:03 - 2014-08-18 17:17 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-09-13 03:03 - 2014-08-18 17:16 - 13588480 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-09-13 03:03 - 2014-08-18 17:15 - 11769856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-09-13 03:03 - 2014-08-18 17:15 - 02310656 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-09-13 03:03 - 2014-08-18 17:09 - 00603136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-09-13 03:03 - 2014-08-18 17:08 - 02014208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-09-13 03:03 - 2014-08-18 17:07 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-09-13 03:03 - 2014-08-18 16:55 - 01447424 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-09-13 03:03 - 2014-08-18 16:46 - 01812992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-09-13 03:03 - 2014-08-18 16:38 - 01190400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-09-13 03:03 - 2014-08-18 16:38 - 00775168 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-09-13 03:03 - 2014-08-18 16:36 - 00678400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-09-13 03:00 - 2014-06-26 22:08 - 02777088 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2014-09-13 03:00 - 2014-06-26 21:45 - 02285056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2014-09-12 15:28 - 2014-09-12 15:28 - 00000000 ____D () C:\Users\BMo\AppData\Local\Razer_Inc
2014-09-12 10:08 - 2014-08-01 07:53 - 01031168 _____ (Microsoft Corporation) C:\Windows\system32\TSWorkspace.dll
2014-09-12 10:08 - 2014-08-01 07:35 - 00793600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSWorkspace.dll
2014-09-12 10:06 - 2014-06-23 23:29 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2014-09-12 10:06 - 2014-06-23 22:59 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2014-09-12 10:03 - 2014-09-04 22:10 - 00578048 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-09-12 10:03 - 2014-09-04 22:05 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-09-12 10:03 - 2014-07-06 22:06 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-09-12 10:03 - 2014-07-06 22:06 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-09-12 10:03 - 2014-07-06 21:40 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-09-12 10:03 - 2014-07-06 21:40 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-09-12 10:03 - 2014-07-06 21:39 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-09-11 12:20 - 2014-09-11 12:20 - 41945432 _____ (Apple Inc.) C:\Users\BMo\Downloads\QuickTimeInstaller.exe
2014-09-10 13:47 - 2014-09-10 13:47 - 20366120 _____ () C:\Users\BMo\Downloads\DoomedDungeonv1.2.rar
2014-09-10 13:22 - 2014-09-10 13:22 - 03978307 _____ () C:\Users\BMo\Downloads\SDP.zip
2014-09-10 13:18 - 2014-09-10 13:18 - 00525431 _____ () C:\Users\BMo\Downloads\gamev2dup.exe
2014-09-01 12:38 - 2014-09-01 12:38 - 00000000 ____D () C:\Users\BMo\AppData\Roaming\SteelSeries
2014-09-01 12:38 - 2014-09-01 12:38 - 00000000 ____D () C:\Users\BMo\AppData\Local\SteelSeries_ApS
2014-09-01 12:31 - 2014-09-01 12:36 - 53001320 _____ () C:\Users\BMo\Downloads\SteelSeriesEngine_2.8.0450.exe
2014-09-01 12:11 - 2014-09-01 12:38 - 00000000 ____D () C:\Users\BMo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SteelSeries
2014-09-01 12:11 - 2014-09-01 12:30 - 00000000 ____D () C:\Users\BMo\AppData\Local\SteelSeries Engine 3 Client
2014-09-01 12:10 - 2014-09-20 15:02 - 00056538 _____ () C:\Windows\DPINST.LOG
2014-09-01 12:10 - 2014-09-01 12:38 - 00000000 ____D () C:\ProgramData\SteelSeries
2014-09-01 12:10 - 2014-09-01 12:36 - 00000000 ____D () C:\Program Files\SteelSeries
2014-09-01 12:10 - 2014-09-01 12:10 - 00000000 ____D () C:\Users\admin
2014-09-01 12:03 - 2014-09-01 12:10 - 52914144 _____ () C:\Users\BMo\Downloads\SteelSeriesEngine_3.2.7.exe
2014-09-01 11:18 - 2014-09-21 11:56 - 1266272256 ____R () C:\Users\BMo\Downloads\Viva_Pinata!_RePack.iso
2014-09-01 11:16 - 2014-09-01 11:16 - 00000000 ____D () C:\Users\BMo\Downloads\Viva Pinata Pc Retail
2014-08-31 19:24 - 2014-08-31 19:25 - 00000000 ____D () C:\Users\BMo\AppData\Local\Adobe
2014-08-31 14:09 - 2014-08-31 14:09 - 00000000 ____D () C:\Users\BMo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Game Dev Tycoon v1.4.16 build 240714
2014-08-31 14:09 - 2014-08-31 14:09 - 00000000 ____D () C:\Users\BMo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\1-click run
2014-08-31 14:06 - 2014-08-31 14:06 - 00000000 ____D () C:\Users\BMo\Downloads\Viva Pinata
2014-08-31 12:57 - 2014-08-31 12:57 - 00000000 ____D () C:\Users\BMo\AppData\Roaming\Awesomium
2014-08-31 12:56 - 2014-08-31 12:56 - 00002037 _____ () C:\Users\Public\Desktop\Hi-Rez Diagnostics and Support.lnk
2014-08-31 12:56 - 2014-08-31 12:56 - 00002028 _____ () C:\Users\Public\Desktop\Smite.lnk
2014-08-31 12:56 - 2014-08-31 12:56 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hi-Rez Studios
2014-08-31 12:56 - 2014-08-31 12:56 - 00000000 ____D () C:\ProgramData\Hi-Rez Studios
2014-08-31 12:56 - 2014-08-31 12:56 - 00000000 ____D () C:\Program Files (x86)\Hi-Rez Studios
2014-08-31 12:54 - 2014-08-31 12:55 - 46860733 _____ (Hi-Rez Studios) C:\Users\BMo\Downloads\InstallHiRezGamesEnglish.exe
2014-08-30 09:36 - 2014-08-30 09:36 - 00078336 _____ (Razer Inc) C:\Windows\SysWOW64\rzvirtualdev.dll

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-09-28 13:00 - 2014-08-07 17:37 - 00122584 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2014-09-28 12:21 - 2009-07-14 00:45 - 00025536 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-09-28 12:21 - 2009-07-14 00:45 - 00025536 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-09-28 12:17 - 2014-08-07 19:24 - 01272025 _____ () C:\Windows\WindowsUpdate.log
2014-09-28 12:17 - 2014-08-07 18:08 - 00000000 ____D () C:\Users\BMo\AppData\Roaming\Spotify
2014-09-28 12:15 - 2014-08-07 17:32 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-09-28 12:14 - 2014-08-07 17:13 - 00000000 ___RD () C:\Users\BMo\Dropbox
2014-09-28 12:14 - 2014-08-07 17:11 - 00000000 ____D () C:\Users\BMo\AppData\Roaming\Dropbox
2014-09-28 12:13 - 2014-08-07 20:19 - 00000000 ____D () C:\Users\BMo\AppData\Roaming\Skype
2014-09-28 12:12 - 2014-08-07 17:03 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2014-09-28 12:12 - 2010-11-20 23:47 - 00281448 _____ () C:\Windows\PFRO.log
2014-09-28 12:12 - 2009-07-14 01:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-09-28 12:12 - 2009-07-14 00:51 - 00038071 _____ () C:\Windows\setupact.log
2014-09-28 06:38 - 2014-08-07 17:10 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-09-27 21:33 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\rescache
2014-09-27 19:08 - 2014-08-07 17:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-09-27 19:02 - 2014-01-04 18:10 - 00000000 ____D () C:\AdwCleaner
2014-09-27 15:28 - 2014-08-07 17:03 - 00001065 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-09-27 15:28 - 2014-08-07 17:03 - 00001053 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-09-27 15:28 - 2014-08-07 16:47 - 00000985 _____ () C:\Users\BMo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-09-27 15:25 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\system32\NDF
2014-09-27 12:59 - 2009-07-13 23:20 - 00000000 ____D () C:\Windows\IME
2014-09-27 10:00 - 2009-07-13 23:20 - 00000000 ____D () C:\Program Files\Common Files\System
2014-09-26 19:23 - 2014-08-07 20:24 - 00000000 ___HD () C:\Windows\msdownld.tmp
2014-09-26 19:23 - 2014-08-07 20:24 - 00000000 ____D () C:\Windows\SysWOW64\directx
2014-09-25 20:46 - 2014-08-07 20:27 - 00081562 _____ () C:\Windows\DirectX.log
2014-09-24 01:14 - 2014-08-07 17:32 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-09-24 01:14 - 2014-08-07 17:32 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-09-24 01:14 - 2014-08-07 17:32 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-09-22 18:36 - 2014-08-14 18:36 - 00000000 ____D () C:\Users\BMo\AppData\Roaming\.minecraft
2014-09-22 17:47 - 2014-08-09 19:01 - 00003734 _____ () C:\Windows\System32\Tasks\GyazoUpdateTaskMachine
2014-09-22 17:47 - 2014-08-09 19:01 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gyazo
2014-09-22 17:47 - 2014-08-09 19:01 - 00000000 ____D () C:\Program Files (x86)\Gyazo
2014-09-21 19:44 - 2014-08-07 18:16 - 00000000 ____D () C:\Users\BMo\AppData\Local\Spotify
2014-09-21 19:42 - 2014-08-24 20:14 - 00000000 ____D () C:\Program Files (x86)\Razer
2014-09-21 19:42 - 2009-07-14 00:45 - 00274160 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-09-21 11:48 - 2014-08-07 17:27 - 00061504 _____ () C:\Users\BMo\AppData\Local\GDIPFONTCACHEV1.DAT
2014-09-19 18:12 - 2014-08-07 17:13 - 00000000 ____D () C:\Users\BMo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-09-16 19:28 - 2014-08-07 17:39 - 00000000 ____D () C:\Users\BMo\AppData\Roaming\TS3Client
2014-09-16 17:29 - 2014-08-07 17:30 - 00001102 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 9.lnk
2014-09-16 17:29 - 2014-08-07 17:30 - 00001090 _____ () C:\Users\Public\Desktop\TeamViewer 9.lnk
2014-09-15 09:06 - 2010-11-20 23:27 - 00278152 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-09-13 03:02 - 2014-08-10 03:22 - 00773536 _____ () C:\Windows\SysWOW64\PerfStringBackup.INI
2014-09-13 03:02 - 2009-07-14 01:13 - 00773536 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-09-13 03:00 - 2014-08-09 08:16 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-08-31 15:20 - 2014-08-20 12:28 - 00000000 ____D () C:\Users\BMo\AppData\Local\Game Dev Tycoon - Steam
2014-08-31 14:08 - 2014-08-20 12:25 - 00000000 ____D () C:\2-click run
2014-08-31 12:56 - 2014-08-07 16:54 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information

Some content of TEMP:
====================
C:\Users\BMo\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmplllcgs.dll
C:\Users\BMo\AppData\Local\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpqodcey.dll

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2014-09-26 00:39

==================== End Of Log ============================

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: ZoneAlarm Free Firewall Firewall (Disabled) {1B8D532F-88B1-B2AD-ED22-AED92687A1D2}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Flash Player 15 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 15.0.0.167 - Adobe Systems Incorporated)
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.152 - Adobe Systems Incorporated)
AMD Accelerated Video Transcoding (Version: 2.00.0001 - Advanced Micro Devices, Inc.) Hidden
AMD APP SDK Runtime (Version: 10.0.898.1 - Advanced Micro Devices Inc.) Hidden
AMD AVIVO64 Codecs (Version: 12.3.103.20214 - Advanced Micro Devices, Inc.) Hidden
AMD Catalyst Install Manager (HKLM\...\{74D2047B-19F2-3C44-174E-78C4C0C88107}) (Version: 3.0.868.0 - Advanced Micro Devices, Inc.)
Apple Application Support (HKLM-x32\...\{78002155-F025-4070-85B3-7C0453561701}) (Version: 3.0.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{6AF2AC2A-3532-43FD-9F4D-BDC9C0D724C7}) (Version: 7.1.2.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
ASUS Utility (x32 Version: 1.00.0000 - ASUSTek) Hidden
ASUS VGA Driver (x32 Version: 3.0.0.1 - ASUSTek) Hidden
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
BlueStacks App Player (HKLM-x32\...\BlueStacks App Player) (Version: 0.8.12.3119 - BlueStack Systems, Inc.)
BlueStacks Notification Center (HKLM-x32\...\{1AFACC2A-9A60-43EF-ABDB-2CEECA5EA77F}) (Version: 0.8.12.3119 - BlueStack Systems, Inc.)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center (x32 Version: 2012.0214.2218.39913 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2012.0214.2218.39913 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2012.0214.2218.39913 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Profiles Desktop (x32 Version: 2012.0214.2218.39913 - Advanced Micro Devices, Inc.) Hidden
CCC Help English (x32 Version: 2012.0214.2217.39913 - Advanced Micro Devices, Inc.) Hidden
ccc-utility64 (Version: 2012.0214.2218.39913 - Advanced Micro Devices, Inc.) Hidden
Cheat Engine 6.4 (HKLM-x32\...\Cheat Engine 6.4_is1) (Version: - Cheat Engine)
Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version: - Valve)
Dota 2 (HKLM-x32\...\Steam App 570) (Version: - Valve)
Dropbox (HKCU\...\Dropbox) (Version: 2.10.30 - Dropbox, Inc.)
EverQuest II (HKCU\...\SOE-EverQuest II) (Version: 1.0.3.183 - Sony Online Entertainment)
Game Dev Tycoon v1.4.16 build 240714 (HKLM-x32\...\Game Dev Tycoon v1.4.16 build 2407141.4.16) (Version: 1.4.16 - Friends in War)
Garry's Mod (HKLM-x32\...\Steam App 4000) (Version: - Facepunch Studios)
GIMP 2.8.10 (HKLM\...\GIMP-2_is1) (Version: 2.8.10 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 37.0.2062.124 - Google Inc.)
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
Gyazo 2.2 (HKLM-x32\...\{6DB8C365-E719-4BA5-9594-10DFC244D3FD}_is1) (Version: - Nota Inc.)
Hearthstone (HKLM-x32\...\Hearthstone) (Version: - Blizzard Entertainment)
Hi-Rez Studios Authenticate and Update Service (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF1FC}) (Version: 3.0.0.0 - Hi-Rez Studios)
HydraVision (x32 Version: 4.2.230.0 - Advanced Micro Devices, Inc.) Hidden
InViewer version 0.81 (HKLM-x32\...\{7E575733-1DF5-4064-AE38-289BA932398A}_is1) (Version: 0.81 - Stefan Wobbe)
Itibiti RTC (HKLM-x32\...\{730E03E4-350E-48E5-9D3E-4329903D454D}) (Version: 0.0.1 - Itibiti Inc)
iTunes (HKLM\...\{77DE5105-D05E-448C-96CB-7FA381903753}) (Version: 11.3.1.2 - Apple Inc.)
Java 7 Update 67 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217067FF}) (Version: 7.0.670 - Oracle)
Java Auto Updater (x32 Version: 2.1.67.1 - Oracle, Inc.) Hidden
League of Legends (HKLM-x32\...\League of Legends 3.0.0) (Version: 3.0.0 - Riot Games)
League of Legends (x32 Version: 3.0.0 - Riot Games) Hidden
Malwarebytes Anti-Malware version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft .NET Framework 4.5.1 (Version: 4.5.50938 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005 (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005 (Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (x32 Version: 12.0.21005 - Microsoft Corporation) Hidden
Mozilla Firefox 32.0.3 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 32.0.3 (x86 en-US)) (Version: 32.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 31.0 - Mozilla)
Open Broadcaster Software (HKLM-x32\...\Open Broadcaster Software) (Version: - )
Origin (HKLM-x32\...\Origin) (Version: 9.4.22.2815 - Electronic Arts, Inc.)
RaidCall (HKLM-x32\...\RaidCall) (Version: 7.3.6-1.0.12952.91 - raidcall.com)
Razer Surround (HKLM-x32\...\Razer Surround) (Version: 1.05.10 - Razer Inc.)
Razer Synapse 2.0 (HKLM-x32\...\{0D78BEE2-F8FF-4498-AF1A-3FF81CED8AC6}) (Version: 1.18.15.20888 - Razer Inc.)
Realm of the Mad God (HKLM-x32\...\Steam App 200210) (Version: - Wild Shadow Studios)
Realtek Ethernet Diagnostic Utility (HKLM-x32\...\{DADC7AB0-E554-4705-9F6A-83EA82ED708E}) (Version: 1.00.0000 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6526 - Realtek Semiconductor Corp.)
Skype 6.18 (HKLM-x32\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.18.106 - Skype Technologies S.A.)
Smite (HKLM-x32\...\{3C87E0FF-BC0A-4F5E-951B-68DC3F8DF017}) (Version: 1.0.2298.12 - Hi-Rez Studios)
Speccy (HKLM\...\Speccy) (Version: 1.11 - Piriform)
Spotify (HKCU\...\Spotify) (Version: 0.9.13.24.g5dbb3103 - Spotify AB)
Steam (HKLM-x32\...\Steam) (Version: - Valve Corporation)
SteelSeries Engine (HKLM\...\SteelSeries Engine) (Version: 2.8.450.22786 - SteelSeries)
SteelSeries Engine 3.2.7 (HKLM\...\SteelSeries Engine 3) (Version: 3.2.7 - SteelSeries ApS)
Super Hexagon (HKLM-x32\...\Steam App 221640) (Version: - Terry Cavanagh)
TeamSpeak 3 Client (HKCU\...\TeamSpeak 3 Client) (Version: 3.0.16 - TeamSpeak Systems GmbH)
TeamViewer 9 (HKLM-x32\...\TeamViewer 9) (Version: 9.0.32494 - TeamViewer)
The Mighty Quest For Epic Loot (HKLM-x32\...\Steam App 239220) (Version: - Ubisoft Montreal)
Unity Web Player (HKCU\...\UnityWebPlayer) (Version: 4.5.2f1 - Unity Technologies ApS)
WinRAR 5.11 beta 1 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.11.1 - win.rar GmbH)
WinZip 18.5 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C240E3}) (Version: 18.5.11111 - WinZip Computing, S.L. )
Xfire 2.0 (HKLM-x32\...\{43ADAE00-A4ED-4379-A76D-A1FF5D9D334A}_is1) (Version: 2.0 - Xfire, Inc.)
Xfire Codec (remove only) (HKLM-x32\...\XfireCodec) (Version: - )
ZoneAlarm Firewall (x32 Version: 13.3.052.000 - Check Point Software Technologies Ltd.) Hidden
ZoneAlarm Free Firewall (HKLM-x32\...\ZoneAlarm Free Firewall) (Version: 13.3.052.000 - Check Point)
ZoneAlarm Security (x32 Version: 13.3.052.000 - Check Point Software Technologies Ltd.) Hidden
ZoneAlarm Security Toolbar (HKCU\...\zonealarm) (Version: 1.8.29.17 - Check Point Software Technologies LTD)
ZoneAlarm Security Toolbar (HKLM-x32\...\zonealarm) (Version: 1.8.29.17 - Check Point Software Technologies LTD)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

CustomCLSID: HKU\S-1-5-21-1418505120-3983750565-1456373324-1001_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\BMo\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1418505120-3983750565-1456373324-1001_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\BMo\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1418505120-3983750565-1456373324-1001_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\BMo\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1418505120-3983750565-1456373324-1001_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\BMo\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1418505120-3983750565-1456373324-1001_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\BMo\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1418505120-3983750565-1456373324-1001_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\BMo\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1418505120-3983750565-1456373324-1001_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\BMo\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1418505120-3983750565-1456373324-1001_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\BMo\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-1418505120-3983750565-1456373324-1001_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\BMo\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)

==================== Restore Points =========================

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-13 22:34 - 2014-09-28 12:10 - 00000035 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {13BD6EC2-F8D1-45D8-9DCE-E6FDD0472B75} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-09-24] (Adobe Systems Incorporated)
Task: {2E079B8F-9C95-42BB-8DCC-5DB2A45CCA2B} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-09-20] (Google Inc.)
Task: {70634B6F-124F-469A-8EE2-F9F4A02B87D7} - System32\Tasks\GyazoUpdateTaskMachine => C:\Program Files (x86)\Gyazo\GyazoUpdate.exe [2014-07-03] ()
Task: {723EFDC3-CB55-4856-B6EF-ACAFBAD3B283} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-09-20] (Google Inc.)
Task: {B97E290A-0CD9-4CE7-9AD7-69D1719BA95E} - System32\Tasks\ASUS\i-Setup165519 => C:\Windows\Chipset\AsusSetup.exe [2010-09-08] (ASUSTeK Computer Inc.)
Task: {F53B2BC9-7504-4F17-88D0-A51E2CE0D05D} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) =============

2014-06-26 14:39 - 2014-06-26 14:39 - 00504832 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\SSEngineLib.dll
2014-06-26 14:39 - 2014-06-26 14:39 - 09315328 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\SSEngineWinGui.dll
2014-06-26 14:39 - 2014-06-26 14:39 - 00015872 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\Localization.dll
2014-06-26 14:39 - 2014-06-26 14:39 - 00011264 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\ISSPlugin.dll
2014-06-26 14:39 - 2014-06-26 14:39 - 00011264 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\Utilities.dll
2014-06-26 14:39 - 2014-06-26 14:39 - 00115200 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\DriverCommunication.dll
2014-05-16 11:57 - 2014-05-16 11:57 - 00047616 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\SteelSeriesDrivers\x2api.dll
2014-06-26 14:39 - 2014-06-26 14:39 - 00034304 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\DBUtils.dll
2014-05-16 11:57 - 2014-05-16 11:57 - 01102336 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\System.Data.SQLite.dll
2014-06-26 14:39 - 2014-06-26 14:39 - 00189440 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\MousePlugin.dll
2014-06-26 14:39 - 2014-06-26 14:39 - 00030720 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\D3MousePlugin.dll
2014-06-26 14:39 - 2014-06-26 14:39 - 00031744 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\KKMousePlugin.dll
2014-06-26 14:39 - 2014-06-26 14:39 - 00030720 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\SRawPlugin.dll
2014-06-26 14:39 - 2014-06-26 14:39 - 00159744 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\MLGSenseiPlugin.dll
2014-06-26 14:39 - 2014-06-26 14:39 - 00020992 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\WoWGoldPlugin.dll
2014-06-26 14:39 - 2014-06-26 14:39 - 00030720 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\GW2MousePlugin.dll
2014-06-26 14:39 - 2014-06-26 14:39 - 00029696 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\CSGOMousePlugin.dll
2014-06-26 14:39 - 2014-06-26 14:39 - 00030208 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\DOTA2MousePlugin.dll
2014-06-26 14:39 - 2014-06-26 14:39 - 00023040 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\WoWWirelessPlugin.dll
2014-06-26 14:39 - 2014-06-26 14:39 - 00030720 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\CODMousePlugin.dll
2014-06-26 14:39 - 2014-06-26 14:39 - 00030208 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\WoTMousePlugin.dll
2014-08-13 17:05 - 2014-08-13 17:05 - 17422848 _____ () C:\Program Files\SteelSeries\SteelSeries Engine 3\SteelSeriesEngine3.exe
2014-08-07 18:16 - 2014-09-19 18:09 - 00606776 _____ () C:\Users\BMo\AppData\Roaming\Spotify\Data\SpotifyHelper.exe
2014-07-31 12:16 - 2014-07-31 12:16 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-07-31 12:16 - 2014-07-31 12:16 - 01044776 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2014-08-07 18:16 - 2014-09-19 18:09 - 36966968 _____ () C:\Users\BMo\AppData\Roaming\Spotify\Data\libcef.dll
2014-09-28 12:13 - 2014-09-28 12:13 - 00043008 _____ () c:\users\bmo\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmplllcgs.dll
2013-08-23 15:01 - 2013-08-23 15:01 - 25100288 _____ () C:\Users\BMo\AppData\Roaming\Dropbox\bin\libcef.dll
2014-08-07 18:16 - 2014-09-19 18:09 - 00867896 _____ () C:\Users\BMo\AppData\Roaming\Spotify\Data\ffmpegsumo.dll
2014-08-07 18:16 - 2014-09-19 18:09 - 00886840 _____ () C:\Users\BMo\AppData\Roaming\Spotify\Data\libglesv2.dll
2014-08-07 18:16 - 2014-09-19 18:09 - 00108600 _____ () C:\Users\BMo\AppData\Roaming\Spotify\Data\libegl.dll
2014-09-28 01:33 - 2014-09-28 01:33 - 03715184 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
2014-09-28 13:12 - 2014-09-28 13:12 - 00043008 _____ () c:\users\bmo\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmp7sk6zo.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\vsmon => ""="Service"

==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)

==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)

MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^AML Device Install.lnk => C:\Windows\pss\AML Device Install.lnk.CommonStartup
MSCONFIG\startupreg: StartCCC => "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun

========================= Accounts: ==========================

Administrator (S-1-5-21-1418505120-3983750565-1456373324-500 - Administrator - Disabled)
BMo (S-1-5-21-1418505120-3983750565-1456373324-1001 - Administrator - Enabled) => C:\Users\BMo
Guest (S-1-5-21-1418505120-3983750565-1456373324-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1418505120-3983750565-1456373324-1002 - Limited - Enabled)

==================== Faulty Device Manager Devices =============

Name: PCI Simple Communications Controller
Description: PCI Simple Communications Controller
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: SM Bus Controller
Description: SM Bus Controller
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

==================== Event log errors: =========================

Application errors:
==================
Error: (09/28/2014 00:15:02 PM) (Source: BstHdAndroidSvc) (EventID: 0) (User: )
Description: Service cannot be started. System.ApplicationException: Cannot start service. Service did not stop gracefully the last time it was run.
at BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
at System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)

Error: (09/28/2014 00:14:18 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

System errors:
=============
Error: (09/28/2014 00:15:02 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The BlueStacks Android Service service terminated with the following error:
%%1064

Error: (09/28/2014 00:14:03 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: The BlueStacks Android Service service hung on starting.

Error: (09/28/2014 10:40:17 AM) (Source: volsnap) (EventID: 36) (User: )
Description: The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit.

Error: (09/27/2014 08:14:57 PM) (Source: volsnap) (EventID: 36) (User: )
Description: The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit.

Microsoft Office Sessions:
=========================
Error: (09/28/2014 00:15:02 PM) (Source: BstHdAndroidSvc) (EventID: 0) (User: )
Description: Service cannot be started. System.ApplicationException: Cannot start service. Service did not stop gracefully the last time it was run.
at BlueStacks.hyperDroid.Service.Service.OnStart(String[] args)
at System.ServiceProcess.ServiceBase.ServiceQueuedMainCallback(Object state)

Error: (09/28/2014 00:14:18 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

==================== Memory info ===========================

Processor: Intel® Core™ i3-2100 CPU @ 3.10GHz
Percentage of memory in use: 38%
Total physical RAM: 4063.14 MB
Available physical RAM: 2488.06 MB
Total Pagefile: 8124.46 MB
Available Pagefile: 5253.79 MB
Total Virtual: 8192 MB
Available Virtual: 8191.84 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:297.99 GB) (Free:102.61 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298.1 GB) (Disk ID: 2AD15114)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=298 GB) - (Type=07 NTFS)

==================== End Of Log ============================

#18 itsbmo

New Member

Authentic Member
17 posts

Posted 28 September 2014 - 11:20 AM

Also found this when looking at programs:

http://gyazo.com/8ab...542cf7bc8b3e0cc

#19 itsbmo

New Member

Authentic Member
17 posts

Posted 28 September 2014 - 12:04 PM

Fixlog: Fix result of Farbar Recovery Tool (FRST writ 27-09-2014 ten by Farbar) (x64) Version:
Ran by BMo at 2014-09-28 12:10:51 Run:1
Running from C:\Users\BMo\Desktop
Loaded Profile: BMo (Available profiles: BMo)
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
Start
Startup: C:\Users\BMo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\StormWatch.lnk
ShortcutTarget: StormWatch.lnk -> C:\Users\BMo\AppData\Local\StormWatch\StormWatch.exe (No File)
FF Extension: ProxMate - Proxy on steroids! - C:\Users\BMo\AppData\Roaming\Mozilla\Firefox\Profiles\fvlston6.default\Extensions\jid1-QpHD8URtZWJC2A@jetpack.xpi [2014-08-22]
FF HKCU\...\Firefox\Extensions: [ConsumerInput@Compete] - C:\Program Files (x86)\Consumer Input\Firefox\ciff-3.2.0-12171.xpi
FF NetworkProxy: "autoconfig_url", "data:text/javascript,function%20FindProxyForURL(url%2C%20host)%20%7Bif%20(shExpMatch(url%2C%20'http%3A%2F%2Fgrooveshark.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fretro.grooveshark.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fhtml5.grooveshark.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Flisten.grooveshark.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.grooveshark.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fpreview.grooveshark.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fpiki.fm*')%20%7C%7C%20shExpMatch(url%2C%20'https%3A%2F%2Fpiki.fm*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.funimation.com*')%20%7C%7C%20shExpMatch(url%2C%20'https%3A%2F%2Fsecure.funimation.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.mtv.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fmedia.mtvnservices.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.iheart.com*')%20%7C%7C%20shExpMatch(url%2C%20'https%3A%2F%2Faccount.beatsmusic.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.beatsmusic.com*')%20%7C%7C%20host%20%3D%3D%20'www.pandora.com'%20%7C%7C%20url.indexOf('southparkstudios.com')%20!%3D%20-1%20%7C%7C%20shExpMatch(url%2C%20'https%3A%2F%2Fwww.daisuki.net*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.rdio.com*')%20%7C%7C%20url.indexOf('play.google.com')%20!%3D%20-1%20%7C%7C%20(url.indexOf('youtube.com%2Fvideoplayback')%20!%3D%20-1%20%26%26%20url.indexOf('%26gcr%3Dus')%20!%3D%20-1%20%26%26%20url.indexOf('%26ptchn')%20!%3D%20-1)%20%7C%7C%20(url.indexOf('proxmate%3Dactive')%20!%3D%20-1%20%26%26%20url.indexOf('amazonaws.com')%20%3D%3D%20-1)%20%7C%7C%20(url.indexOf('proxmate%3Dus')%20!%3D%20-1)%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fsongza.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fnew.songza.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fplay.spotify.com*')%20%7C%7C%20shExpMatch(url%2C%20'https%3A%2F%2Fplay.spotify.com*')%20%7C%7C%20shExpMatch(url%2C%20'https%3A%2F%2Fwww.spotify.com*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.spotify.com*')%20%7C%7C%20url.indexOf('vevo.com')%20!%3D%20-1%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.last.fm*')%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fext.last.fm*')%20%7C%7C%20host%20%3D%3D%20's.hulu.com'%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fwww.crunchyroll.com*')%20%7C%7C%20url.indexOf('discoverymedia.com')%20!%3D%20-1%20%7C%7C%20shExpMatch(url%2C%20'http%3A%2F%2Fdsc.discovery.com%2F*'))%20%7B%20return%20'PROXY%20us05.sq.proxmate.me%3A8000%3B%20PROXY%20us11.sq.proxmate.me%3A8000%3B%20PROXY%20us10.sq.proxmate.me%3A8000%3B%20PROXY%20us02.sq.proxmate.me%3A8000%3B%20PROXY%20us01.sq.proxmate.me%3A8000%3B%20PROXY%20us08.sq.proxmate.me%3A8000%3B%20PROXY%20us06.sq.proxmate.me%3A8000%3B%20PROXY%20us04.sq.proxmate.me%3A8000%3B%20PROXY%20us09.sq.proxmate.me%3A8000%3B%20PROXY%20us03.sq.proxmate.me%3A8000%3B%20PROXY%20us07.sq.proxmate.me%3A8000'%3B%7D%20%20else%20%7B%20return%20'DIRECT'%3B%20%7D%7D"
FF NetworkProxy: "type", 2
CHR DefaultSuggestURL: Default -> http://api.searchpre...d={searchTerms}
2014-09-27 09:58 - 2014-09-27 09:58 - 00000000 ____D () C:\Users\BMo\AppData\Local\Weather_Protector_LLC
2014-09-27 09:57 - 2014-09-27 10:25 - 00000000 ____D () C:\Users\BMo\AppData\Local\StormWatch
2014-09-27 18:59 - 2014-08-16 15:12 - 00000000 ____D () C:\Users\BMo\AppData\Roaming\BitTorrent
Itibiti RTC (x32 Version: 0.0.1 - Itibiti Inc) Hidden
Task: {275F1C83-F6DD-4EC2-AB62-CB3DC2179950} - System32\Tasks\CIMT_S-1-5-21-1418505120-3983750565-1456373324-1001 => C:\Program Files (x86)\Consumer Input\Monitoring\dca-monitoring.exe
Task: {379E6390-D311-478D-AF63-A29FB93A0E22} - System32\Tasks\Microsoft\Windows\Multimedia\SMupdate3 => Rundll32.exe C:\PROGRA~1\COMMON~1\System\SysMenu.dll ,Command701 update3 <==== ATTENTION
Task: {9CE861BE-69F1-4688-8770-ABFA0552E211} - System32\Tasks\Microsoft\Windows\Maintenance\SMupdate2 => Rundll32.exe C:\PROGRA~1\COMMON~1\System\SysMenu.dll ,Command701 update2 <==== ATTENTION
Task: {E3BA6313-1D59-4566-B1C7-C21D6C291A36} - \PastaQuotes No Task File <==== ATTENTION
Task: C:\Windows\Tasks\CIMT_S-1-5-21-1418505120-3983750565-1456373324-1001.job => C:\Program Files (x86)\Consumer Input\Monitoring\dca-monitoring.exe
Hosts:
EmptyTemp:
End
*****************

C:\Users\BMo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\StormWatch.lnk => Moved successfully.
C:\Users\BMo\AppData\Local\StormWatch\StormWatch.exe not found.
C:\Users\BMo\AppData\Roaming\Mozilla\Firefox\Profiles\fvlston6.default\Extensions\jid1-QpHD8URtZWJC2A@jetpack.xpi => Moved successfully.
HKCU\Software\Mozilla\Firefox\Extensions\\ConsumerInput@Compete => value deleted successfully.
Firefox Proxy settings were reset.
Firefox Proxy settings were reset.
Chrome DefaultSuggestURL deleted successfully.
C:\Users\BMo\AppData\Local\Weather_Protector_LLC => Moved successfully.
C:\Users\BMo\AppData\Local\StormWatch => Moved successfully.
C:\Users\BMo\AppData\Roaming\BitTorrent => Moved successfully.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{730E03E4-350E-48E5-9D3E-4329903D454D}\\SystemComponent => value deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{275F1C83-F6DD-4EC2-AB62-CB3DC2179950}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{275F1C83-F6DD-4EC2-AB62-CB3DC2179950}" => Key deleted successfully.
C:\Windows\System32\Tasks\CIMT_S-1-5-21-1418505120-3983750565-1456373324-1001 => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\CIMT_S-1-5-21-1418505120-3983750565-1456373324-1001" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{379E6390-D311-478D-AF63-A29FB93A0E22}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{379E6390-D311-478D-AF63-A29FB93A0E22}" => Key deleted successfully.
C:\Windows\System32\Tasks\Microsoft\Windows\Multimedia\SMupdate3 => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Multimedia\SMupdate3" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{9CE861BE-69F1-4688-8770-ABFA0552E211}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9CE861BE-69F1-4688-8770-ABFA0552E211}" => Key deleted successfully.
C:\Windows\System32\Tasks\Microsoft\Windows\Maintenance\SMupdate2 => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Maintenance\SMupdate2" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E3BA6313-1D59-4566-B1C7-C21D6C291A36}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E3BA6313-1D59-4566-B1C7-C21D6C291A36}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\PastaQuotes" => Key deleted successfully.
C:\Windows\Tasks\CIMT_S-1-5-21-1418505120-3983750565-1456373324-1001.job => Moved successfully.
C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.
EmptyTemp: => Removed 1.5 GB temporary data.

The system needed a reboot.

==== End of Fixlog ====

#20 ken545

Forum God

Retired Classroom Teacher
23,225 posts

Interests:Fighting Malware and cooking some great Italian and TexMex food

Posted 28 September 2014 - 12:22 PM

Open Firefox

Click on Help > Troubleshooting Information > Reset Firefox to its default state

The forum is staffed by volunteers who donate their time and expertise.
If you feel you have been helped, please consider a donation.

Find us on Facebook
Please LIKE and SHARE

Just a reminder that threads will be closed if no reply in 3 days.

#21 itsbmo

New Member

Authentic Member
17 posts

Posted 28 September 2014 - 12:58 PM

I did, nothing happened.

#22 ken545

Forum God

Retired Classroom Teacher
23,225 posts

Interests:Fighting Malware and cooking some great Italian and TexMex food

Posted 28 September 2014 - 01:02 PM

Then uninstall FF via Programs and Features in the Control Panel , then download and reinstall it

The forum is staffed by volunteers who donate their time and expertise.
If you feel you have been helped, please consider a donation.

Find us on Facebook
Please LIKE and SHARE

Just a reminder that threads will be closed if no reply in 3 days.

#23 itsbmo

New Member

Authentic Member
17 posts

Posted 28 September 2014 - 01:10 PM

I cant redownload it. Im typing all this on my phone and I dont have my old firefox downloader. All my browsers are broken.

#24 ken545

Forum God

Retired Classroom Teacher
23,225 posts

Interests:Fighting Malware and cooking some great Italian and TexMex food

Posted 28 September 2014 - 01:18 PM

Do a System Restore

http://windows.micro.../system-restore

The forum is staffed by volunteers who donate their time and expertise.
If you feel you have been helped, please consider a donation.

Find us on Facebook
Please LIKE and SHARE

Just a reminder that threads will be closed if no reply in 3 days.

#25 itsbmo

New Member

Authentic Member
17 posts

Posted 30 September 2014 - 03:40 PM

I have no reset point or a microsoft disc to reinstall windows.

Advertisements

Register to Remove

#26 ken545

Forum God

Retired Classroom Teacher
23,225 posts

Interests:Fighting Malware and cooking some great Italian and TexMex food

Posted 30 September 2014 - 04:27 PM

When you say there broken , what do you mean, do they open but you just cant get online ? How are you set up are you using a cable modem and a router ? Do you have other computers that access that router and can they get online ?

Open IE

Go to Tools> Internet Options > Advanced Tab

Reset Internet Explorer Setting

Reset

This will take a few seconds

Close IE and then reopen it and see if it helped

Click the Chrome menu

on the browser toolbar.

Select Settings.

Scroll down to Show advanced settings...

Down on the bottom you will see an option for RESET BROWSER SETTINGS

Click on it and it will set Chome back to defaults

The forum is staffed by volunteers who donate their time and expertise.
If you feel you have been helped, please consider a donation.

Find us on Facebook
Please LIKE and SHARE

Just a reminder that threads will be closed if no reply in 3 days.

#27 itsbmo

New Member

Authentic Member
17 posts

Posted 30 September 2014 - 04:42 PM

They open, just dont get online. They say "no proxy server available". Cable modem. Other computers can. And nothing helped with setting it to default.

#28 ken545

Forum God

Retired Classroom Teacher
23,225 posts

Interests:Fighting Malware and cooking some great Italian and TexMex food

Posted 30 September 2014 - 05:43 PM

So you tried opening IE and going to Tools > Internet Options > Lan Setting and check AUTOMATICALLY DETECT SETTING

The forum is staffed by volunteers who donate their time and expertise.
If you feel you have been helped, please consider a donation.

Find us on Facebook
Please LIKE and SHARE

Just a reminder that threads will be closed if no reply in 3 days.

#29 itsbmo

New Member

Authentic Member
17 posts

Posted 03 October 2014 - 03:45 PM

Nevermind. I just reset it to factory settings. Thanks for the help though! :thumbup:

#30 ken545

Forum God

Retired Classroom Teacher
23,225 posts

Interests:Fighting Malware and cooking some great Italian and TexMex food

Posted 03 October 2014 - 04:20 PM

Thanks for letting me know, much appreciated

You had so many 3rd party programs installed along with many gaming sites, most of those so called free programs not all the time but the better percentage of them include some sort or adware or malware

I am really glad your system is back to normal and running good for you

How did I get infected in the first place ?

Read these links and find out how to prevent getting infected again.

Tutorial for System Restore <-- Do this first to prevent yourself from being reinfected.

WhattheTech

Grinler BleepingComputer

GeeksTo Go

Dslreports

Safe Surfn

Ken

The forum is staffed by volunteers who donate their time and expertise.
If you feel you have been helped, please consider a donation.

Find us on Facebook
Please LIKE and SHARE

Just a reminder that threads will be closed if no reply in 3 days.

Body Background

skin color theme