Step 1:
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 21-12-2014 01
Ran by Zues (administrator) on ZUES-PC on 21-12-2014 14:37:45
Running from D:\Downloads
Loaded Profile: Zues (Available profiles: Zues & DefaultAppPool)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Webroot) C:\Program Files\Webroot\WRSA.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Adobe Systems Incorporated) D:\Program Files (x86)\Adobe\Elements 10 Organizer\PhotoshopElementsFileAgent.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(cFos Software GmbH) C:\Program Files\ASRock\XFast LAN\spd.exe
() C:\Program Files (x86)\CyberLink\PowerDVD11\Kernel\DMP\CLHNServiceForPowerDVD.exe
(CyberLink) C:\Program Files (x86)\CyberLink\PowerDVD11\Common\MediaServer\CLMSMonitorService.exe
(CyberLink) C:\Program Files (x86)\CyberLink\PowerDVD11\Common\MediaServer\CLMSServerForPDVD11.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Webroot) C:\Program Files\Webroot\WRSA.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
() C:\Windows\System32\PnkBstrA.exe
(Ralink Technology, Corp.) C:\Program Files (x86)\EnGenius\Common\RaRegistry.exe
(Ralink Technology, Corp.) C:\Program Files (x86)\EnGenius\Common\RaRegistry64.exe
(TuneUp Software) D:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesService64.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(cFos Software GmbH) C:\Program Files\ASRock\XFast LAN\cfosspeed.exe
(Logitech Inc.) C:\Program Files\Logitech\GamePanel Software\LGDevAgt.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Logitech Inc.) C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\AppleIEDAV.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Microsoft® Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Works Shared\WkCalRem.exe
(TuneUp Software) D:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesApp64.exe
(Dropbox, Inc.) C:\Users\Zues\AppData\Roaming\Dropbox\bin\Dropbox.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
(FNet Co., Ltd.) C:\Program Files (x86)\XFastUsb\XFastUsb.exe
(ROCCAT GmbH) C:\Program Files (x86)\ROCCAT\Kone XTD Mouse\KoneXTDMonitor.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD11\PDVD11Serv.exe
(Creative Technology Ltd) C:\Windows\SysWOW64\Ctxfihlp.exe
(Creative Technology Ltd) C:\Windows\SysWOW64\CTxfispi.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Electronic Arts) C:\Program Files (x86)\Origin\Origin.exe
(Electronic Arts) C:\Program Files (x86)\Origin\OriginClientService.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dplaysvr.exe
(Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
(Microsoft Corporation) C:\Windows\SysWOW64\upnpcont.exe
(Microsoft Corporation) C:\Windows\SysWOW64\msfeedssync.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [XFast LAN] => C:\Program Files\ASRock\XFast LAN\cFosSpeed.exe [1441152 2011-07-04] (cFos Software GmbH)
HKLM\...\Run: [Launch LgDeviceAgent] => C:\Program Files\Logitech\GamePanel Software\LgDevAgt.exe [415752 2009-08-13] (Logitech Inc.)
HKLM\...\Run: [Launch LGDCore] => C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe [4195848 2009-08-13] (Logitech Inc.)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2531472 2014-12-12] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [XFastUsb] => C:\Program Files (x86)\XFastUsb\XFastUsb.exe [4838912 2012-04-01] (FNet Co., Ltd.)
HKLM-x32\...\Run: [WRSVC] => C:\Program Files\Webroot\WRSA.exe [770728 2014-12-10] (Webroot)
HKLM-x32\...\Run: [RoccatKoneXTD] => C:\Program Files (x86)\ROCCAT\Kone XTD Mouse\KoneXTDMonitor.EXE [552960 2013-07-30] (ROCCAT GmbH)
HKLM-x32\...\Run: [Microsoft Works Portfolio] => C:\Program Files (x86)\Microsoft Works\WksSb.exe [311350 2000-08-15] (Microsoft® Corporation)
HKLM-x32\...\Run: [RemoteControl11] => C:\Program Files (x86)\CyberLink\PowerDVD11\PDVD11Serv.exe [237120 2013-08-06] (CyberLink Corp.)
HKLM-x32\...\Run: [CTxfiHlp] => CTXFIHLP.EXE
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKLM\...\Policies\Explorer: [NoFolderOptions] 0
HKLM\...\Policies\Explorer: [NoViewOnDrive] 0
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKLM\...\Policies\Explorer: [DisableLocalMachineRun] 0
HKLM\...\Policies\Explorer: [DisableLocalMachineRunOnce] 0
HKLM\...\Policies\Explorer: [DisableCurrentUserRun] 0
HKLM\...\Policies\Explorer: [DisableCurrentUserRunOnce] 0
HKLM\...\Policies\Explorer: [NoViewContextMenu] 0
HKLM\...\Policies\Explorer: [NoShellSearchButton] 0
HKLM\...\Policies\Explorer: [NoFind] 0
HKLM\...\Policies\Explorer: [NoFile] 0
HKLM\...\Policies\Explorer: [HideClock] 0
HKLM\...\Policies\Explorer: [NoTrayContextMenu] 0
HKLM\...\Policies\Explorer: [NoTrayItemsDisplay] 0
HKLM\...\Policies\Explorer: [NoSetFolders] 0
HKLM\...\Policies\Explorer: [NoDevMgrUpdate] 0
HKLM\...\Policies\Explorer: [NoSetTaskbar] 0
HKLM\...\Policies\Explorer: [NoDeletePrinter] 0
HKLM\...\Policies\Explorer: [NoDFSTab] 0
HKLM\...\Policies\Explorer: [NoChangeStartMenu] 0
HKLM\...\Policies\Explorer: [NoLogoff] 0
HKLM\...\Policies\Explorer: [NoWindowsUpdate] 0
HKLM\...\Policies\Explorer: [NoEncryptOnMove] 0
HKLM\...\Policies\Explorer: [NoRunasInstallPrompt] 0
HKLM\...\Policies\Explorer: [NoResolveSearch] 0
HKLM\...\Policies\Explorer: [NoSaveSettings] 0
HKLM\...\Policies\Explorer: [NoHardwareTab] 0
HKLM\...\Policies\Explorer: [NoStartMenuSubFolders] 0
HKLM\...\Policies\Explorer: [NoDesktop] 0
HKU\S-1-5-19\...\Policies\system: [DisableCMD] 0
HKU\S-1-5-19\...\Policies\system: [NoDispAppearancePage] 0
HKU\S-1-5-19\...\Policies\system: [NoDispBackgroundPage] 0
HKU\S-1-5-19\...\Policies\system: [NoDispSettingsPage] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoFolderOptions] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoViewOnDrive] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-19\...\Policies\Explorer: [DisableLocalMachineRun] 0
HKU\S-1-5-19\...\Policies\Explorer: [DisableLocalMachineRunOnce] 0
HKU\S-1-5-19\...\Policies\Explorer: [DisableCurrentUserRun] 0
HKU\S-1-5-19\...\Policies\Explorer: [DisableCurrentUserRunOnce] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoViewContextMenu] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoShellSearchButton] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoFind] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoFile] 0
HKU\S-1-5-19\...\Policies\Explorer: [HideClock] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoTrayContextMenu] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoTrayItemsDisplay] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoSetFolders] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoDevMgrUpdate] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoSetTaskbar] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoDeletePrinter] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoDFSTab] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoChangeStartMenu] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoLogoff] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoWindowsUpdate] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoEncryptOnMove] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoRunasInstallPrompt] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoResolveSearch] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoSaveSettings] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoHardwareTab] 0
HKU\S-1-5-19\...\Policies\Explorer: [NoStartMenuSubFolders] 0
HKU\S-1-5-20\...\Policies\system: [DisableCMD] 0
HKU\S-1-5-20\...\Policies\system: [NoDispAppearancePage] 0
HKU\S-1-5-20\...\Policies\system: [NoDispBackgroundPage] 0
HKU\S-1-5-20\...\Policies\system: [NoDispSettingsPage] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoFolderOptions] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoViewOnDrive] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-20\...\Policies\Explorer: [DisableLocalMachineRun] 0
HKU\S-1-5-20\...\Policies\Explorer: [DisableLocalMachineRunOnce] 0
HKU\S-1-5-20\...\Policies\Explorer: [DisableCurrentUserRun] 0
HKU\S-1-5-20\...\Policies\Explorer: [DisableCurrentUserRunOnce] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoViewContextMenu] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoShellSearchButton] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoFind] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoFile] 0
HKU\S-1-5-20\...\Policies\Explorer: [HideClock] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoTrayContextMenu] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoTrayItemsDisplay] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoSetFolders] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoDevMgrUpdate] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoSetTaskbar] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoDeletePrinter] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoDFSTab] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoChangeStartMenu] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoLogoff] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoWindowsUpdate] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoEncryptOnMove] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoRunasInstallPrompt] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoResolveSearch] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoSaveSettings] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoHardwareTab] 0
HKU\S-1-5-20\...\Policies\Explorer: [NoStartMenuSubFolders] 0
HKU\S-1-5-21-153555263-3126299475-2757101510-1000\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [1940160 2014-11-18] (Valve Corporation)
HKU\S-1-5-21-153555263-3126299475-2757101510-1000\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [43816 2014-08-07] (Apple Inc.)
HKU\S-1-5-21-153555263-3126299475-2757101510-1000\...\Run: [ApplePhotoStreams] => C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [43816 2014-08-14] (Apple Inc.)
HKU\S-1-5-21-153555263-3126299475-2757101510-1000\...\Run: [AppleIEDAV] => C:\Program Files (x86)\Common Files\Apple\Internet Services\AppleIEDAV.exe [1080104 2014-08-04] (Apple Inc.)
HKU\S-1-5-21-153555263-3126299475-2757101510-1000\...\Run: [iCloudDrive] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe [43816 2014-08-15] (Apple Inc.)
HKU\S-1-5-21-153555263-3126299475-2757101510-1000\...\Run: [DAEMON Tools Lite] => D:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3672384 2012-04-11] (DT Soft Ltd)
HKU\S-1-5-21-153555263-3126299475-2757101510-1000\...\Run: [MoneyStartUp] => C:\Program Files (x86)\Microsoft Money\System\Money Startup.exe [24625 2000-07-19] (Microsoft Corporation)
HKU\S-1-5-21-153555263-3126299475-2757101510-1000\...\Run: [swnyrqr] => regsvr32.exe /s "C:\Users\Zues\AppData\Local\Logitech\swnyrqr.dll" <===== ATTENTION
HKU\S-1-5-21-153555263-3126299475-2757101510-1000\...\Policies\system: [DisableCMD] 0
HKU\S-1-5-21-153555263-3126299475-2757101510-1000\...\Policies\system: [NoDispAppearancePage] 0
HKU\S-1-5-21-153555263-3126299475-2757101510-1000\...\Policies\system: [NoDispBackgroundPage] 0
HKU\S-1-5-21-153555263-3126299475-2757101510-1000\...\Policies\system: [NoDispSettingsPage] 0
HKU\S-1-5-21-153555263-3126299475-2757101510-1000\...\Policies\Explorer: [NoFolderOptions] 0
HKU\S-1-5-21-153555263-3126299475-2757101510-1000\...\Policies\Explorer: [NoViewOnDrive] 0
HKU\S-1-5-21-153555263-3126299475-2757101510-1000\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-21-153555263-3126299475-2757101510-1000\...\Policies\Explorer: [DisableLocalMachineRun] 0
HKU\S-1-5-21-153555263-3126299475-2757101510-1000\...\Policies\Explorer: [DisableLocalMachineRunOnce] 0
HKU\S-1-5-21-153555263-3126299475-2757101510-1000\...\Policies\Explorer: [DisableCurrentUserRun] 0
HKU\S-1-5-21-153555263-3126299475-2757101510-1000\...\Policies\Explorer: [DisableCurrentUserRunOnce] 0
HKU\S-1-5-21-153555263-3126299475-2757101510-1000\...\Policies\Explorer: [NoViewContextMenu] 0
HKU\S-1-5-21-153555263-3126299475-2757101510-1000\...\Policies\Explorer: [NoShellSearchButton] 0
HKU\S-1-5-21-153555263-3126299475-2757101510-1000\...\Policies\Explorer: [NoFind] 0
HKU\S-1-5-21-153555263-3126299475-2757101510-1000\...\Policies\Explorer: [NoFile] 0
HKU\S-1-5-21-153555263-3126299475-2757101510-1000\...\Policies\Explorer: [HideClock] 0
HKU\S-1-5-21-153555263-3126299475-2757101510-1000\...\Policies\Explorer: [NoTrayContextMenu] 0
HKU\S-1-5-21-153555263-3126299475-2757101510-1000\...\Policies\Explorer: [NoTrayItemsDisplay] 0
HKU\S-1-5-21-153555263-3126299475-2757101510-1000\...\Policies\Explorer: [NoSetFolders] 0
HKU\S-1-5-21-153555263-3126299475-2757101510-1000\...\Policies\Explorer: [NoDevMgrUpdate] 0
HKU\S-1-5-21-153555263-3126299475-2757101510-1000\...\Policies\Explorer: [NoSetTaskbar] 0
HKU\S-1-5-21-153555263-3126299475-2757101510-1000\...\Policies\Explorer: [NoDeletePrinter] 0
HKU\S-1-5-21-153555263-3126299475-2757101510-1000\...\Policies\Explorer: [NoDFSTab] 0
HKU\S-1-5-21-153555263-3126299475-2757101510-1000\...\Policies\Explorer: [NoChangeStartMenu] 0
HKU\S-1-5-21-153555263-3126299475-2757101510-1000\...\Policies\Explorer: [NoLogoff] 0
HKU\S-1-5-21-153555263-3126299475-2757101510-1000\...\Policies\Explorer: [NoWindowsUpdate] 0
HKU\S-1-5-21-153555263-3126299475-2757101510-1000\...\Policies\Explorer: [NoEncryptOnMove] 0
HKU\S-1-5-21-153555263-3126299475-2757101510-1000\...\Policies\Explorer: [NoRunasInstallPrompt] 0
HKU\S-1-5-21-153555263-3126299475-2757101510-1000\...\Policies\Explorer: [NoResolveSearch] 0
HKU\S-1-5-21-153555263-3126299475-2757101510-1000\...\Policies\Explorer: [NoSaveSettings] 0
HKU\S-1-5-21-153555263-3126299475-2757101510-1000\...\Policies\Explorer: [NoHardwareTab] 0
HKU\S-1-5-21-153555263-3126299475-2757101510-1000\...\Policies\Explorer: [NoStartMenuSubFolders] 0
HKU\S-1-5-21-153555263-3126299475-2757101510-1000\...A8F59079A8D5}\localserver32: rundll32.exe javascript:"\..\mshtml.dll,RunHTMLApplication ";eval("epdvnfou/xsjuf)(=tdsjqu!mbohvbhf> (the data entry has 243 more characters). <==== Poweliks!
HKU\S-1-5-18\...\Run: [CtxfiReg] => CTXFIREG.exe /FAIL1
HKU\S-1-5-18\...\Policies\system: [DisableCMD] 0
HKU\S-1-5-18\...\Policies\system: [NoDispAppearancePage] 0
HKU\S-1-5-18\...\Policies\system: [NoDispBackgroundPage] 0
HKU\S-1-5-18\...\Policies\system: [NoDispSettingsPage] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoFolderOptions] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoViewOnDrive] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoControlPanel] 0
HKU\S-1-5-18\...\Policies\Explorer: [DisableLocalMachineRun] 0
HKU\S-1-5-18\...\Policies\Explorer: [DisableLocalMachineRunOnce] 0
HKU\S-1-5-18\...\Policies\Explorer: [DisableCurrentUserRun] 0
HKU\S-1-5-18\...\Policies\Explorer: [DisableCurrentUserRunOnce] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoViewContextMenu] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoShellSearchButton] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoFind] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoFile] 0
HKU\S-1-5-18\...\Policies\Explorer: [HideClock] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoTrayContextMenu] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoTrayItemsDisplay] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoSetFolders] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoDevMgrUpdate] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoSetTaskbar] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoDeletePrinter] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoDFSTab] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoChangeStartMenu] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoLogoff] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoWindowsUpdate] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoEncryptOnMove] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoRunasInstallPrompt] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoResolveSearch] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoSaveSettings] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoHardwareTab] 0
HKU\S-1-5-18\...\Policies\Explorer: [NoStartMenuSubFolders] 0
SecurityProviders: msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft Works Calendar Reminders.lnk
ShortcutTarget: Microsoft Works Calendar Reminders.lnk -> C:\Program Files (x86)\Common Files\Microsoft Shared\Works Shared\WkCalRem.exe (Microsoft® Corporation)
Startup: C:\Users\Zues\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Dropbox.lnk
ShortcutTarget: Dropbox.lnk -> C:\Users\Zues\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ ] -> {1914B27A-33C8-46F8-A1C2-F993268D4564} => C:\Windows\system32\WRusr.dll (Webroot)
ShellIconOverlayIdentifiers: [ ] -> {C14874EA-ACE4-4A47-8A81-18C4D1C40868} => C:\Windows\system32\WRusr.dll (Webroot)
ShellIconOverlayIdentifiers: [ ] -> {6DA1ED92-315E-4D0B-B354-9D5F519DBA95} => C:\Windows\system32\WRusr.dll (Webroot)
ShellIconOverlayIdentifiers: [ ] -> {8D7FC74C-E409-42DF-8EEE-69D45FAE2F30} => C:\Windows\system32\WRusr.dll (Webroot)
ShellIconOverlayIdentifiers: [_WrSyncExcl] -> {8D7FC74C-E409-42DF-8EEE-69D45FAE2F30} => C:\Windows\system32\WRusr.dll (Webroot)
ShellIconOverlayIdentifiers: [_WrSyncGreen] -> {6DA1ED92-315E-4D0B-B354-9D5F519DBA95} => C:\Windows\system32\WRusr.dll (Webroot)
ShellIconOverlayIdentifiers: [_WrSyncRed] -> {1914B27A-33C8-46F8-A1C2-F993268D4564} => C:\Windows\system32\WRusr.dll (Webroot)
ShellIconOverlayIdentifiers: [_WrSyncYellow] -> {C14874EA-ACE4-4A47-8A81-18C4D1C40868} => C:\Windows\system32\WRusr.dll (Webroot)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-153555263-3126299475-2757101510-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Webroot Vault -> {c8d5d964-2be8-4c5b-8cf5-6e975aa88504} -> C:\ProgramData\WRData\pkg\LPBar64.dll (Webroot)
BHO: Webroot Filtering Extension -> {C9C42510-9B41-42c1-9DCD-7282A2D07C61} -> C:\Program Files\Webroot\WRData\PKG\Vistax64\wrflt.dll (Webroot)
BHO-x32: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll (Hewlett-Packard Co.)
BHO-x32: DivX Plus Web Player HTML5 <video> -> {326E768D-4182-46FD-9C16-1449A49795F4} -> d:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
BHO-x32: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\ssv.dll (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO-x32: Webroot Vault -> {c8d5d964-2be8-4c5b-8cf5-6e975aa88504} -> C:\ProgramData\WRData\pkg\LPBar.dll (Webroot)
BHO-x32: Webroot Filtering Extension -> {C9C42510-9B41-42c1-9DCD-7282A2D07C61} -> C:\Program Files\Webroot\WRData\PKG\Vistax86\wrflt.dll (Webroot)
BHO-x32: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll (Hewlett-Packard Co.)
Toolbar: HKLM - Webroot Toolbar - {97ab88ef-346b-4179-a0b1-7445896547a5} - C:\ProgramData\WRData\pkg\LPBar64.dll (Webroot)
Toolbar: HKLM-x32 - Webroot Toolbar - {97ab88ef-346b-4179-a0b1-7445896547a5} - C:\ProgramData\WRData\pkg\LPBar.dll (Webroot)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
FireFox:
========
FF ProfilePath: C:\Users\Zues\AppData\Roaming\Mozilla\Firefox\Profiles\jxdft5p2.default
FF DefaultSearchEngine: Yahoo!
FF SelectedSearchEngine: Yahoo!
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_246.dll ()
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 -> C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @esn/npbattlelog,version=2.5.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.0\npbattlelogx64.dll No File
FF Plugin: @esn/npbattlelog,version=2.5.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.1\npbattlelogx64.dll (EA Digital Illusions CE AB)
FF Plugin: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelogx64.dll (EA Digital Illusions CE AB)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.31211.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_246.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw_1204144.dll No File
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> D:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @divx.com/DivX Browser Plugin,version=1.0.0 -> d:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF Plugin-x32: @divx.com/DivX VOD Helper,version=1.0.0 -> d:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin-x32: @esn/esnlaunch,version=1.122.0 -> C:\Program Files (x86)\Battlelog Web Plugins\1.122.0\npesnlaunch.dll No File
FF Plugin-x32: @esn/esnlaunch,version=1.138.0 -> C:\Program Files (x86)\Battlelog Web Plugins\1.138.0\npesnlaunch.dll No File
FF Plugin-x32: @esn/esnlaunch,version=2.1.3 -> C:\Program Files (x86)\Battlelog Web Plugins\2.1.3\npesnlaunch.dll No File
FF Plugin-x32: @esn/npbattlelog,version=2.4.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.4.0\npbattlelog.dll No File
FF Plugin-x32: @esn/npbattlelog,version=2.5.1 -> C:\Program Files (x86)\Battlelog Web Plugins\2.5.1\npbattlelog.dll (EA Digital Illusions CE AB)
FF Plugin-x32: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelog.dll (EA Digital Illusions CE AB)
FF Plugin-x32: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.31211.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll (Adobe Systems)
FF Plugin HKU\S-1-5-21-153555263-3126299475-2757101510-1000: amazon.com/AmazonMP3DownloaderPlugin -> d:\Program Files (x86)\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin101721.dll (Amazon.com, Inc.)
FF Plugin HKU\S-1-5-21-153555263-3126299475-2757101510-1000: ubisoft.com/uplaypc -> d:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll ()
FF SearchPlugin: C:\Users\Zues\AppData\Roaming\Mozilla\Firefox\Profiles\jxdft5p2.default\searchplugins\yahoo_ff.xml
FF Extension: Webroot Password Manager - C:\Users\Zues\AppData\Roaming\Mozilla\Firefox\Profiles\jxdft5p2.default\Extensions\{8ac62a8b-8b3f-43ba-9b1a-90c299b9dfda} [2013-12-11]
FF Extension: Adblock Plus - C:\Users\Zues\AppData\Roaming\Mozilla\Firefox\Profiles\jxdft5p2.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-09-14]
FF HKLM-x32\...\Firefox\Extensions: [
[email protected]] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: HP Smart Web Printing - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2012-04-01]
FF HKLM-x32\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] - d:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF Extension: DivX Plus Web Player HTML5 <video> - d:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2013-01-24]
FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt
FF HKLM-x32\...\Firefox\Extensions: [
[email protected]] - C:\ProgramData\WRData\PKG\FIREFOX\WebrootSecure_SocketServer
FF Extension: Webroot Filtering Extension - C:\ProgramData\WRData\PKG\FIREFOX\WebrootSecure_SocketServer [2013-11-14]
FF HKU\S-1-5-21-153555263-3126299475-2757101510-1000\...\Firefox\Extensions: [
[email protected]] - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
Chrome:
=======
CHR Profile: C:\Users\Zues\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\Zues\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-03-17]
CHR Extension: (Google Drive) - C:\Users\Zues\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-03-17]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Zues\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-05-27]
CHR Extension: (YouTube) - C:\Users\Zues\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-03-17]
CHR Extension: (Google Search) - C:\Users\Zues\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-03-17]
CHR Extension: (Webroot Filtering Extension) - C:\Users\Zues\AppData\Local\Google\Chrome\User Data\Default\Extensions\kjeghcllfecehndceplomkocgfbklffd [2014-01-31]
CHR Extension: (Google Wallet) - C:\Users\Zues\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-22]
CHR Extension: (DivX Plus Web Player HTML5 <video>) - C:\Users\Zues\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm [2014-03-17]
CHR Extension: (Webroot Password Manager) - C:\Users\Zues\AppData\Local\Google\Chrome\User Data\Default\Extensions\okfhiodnpcnnnpgbjbhfebjnbagmfhab [2012-11-15]
CHR Extension: (Gmail) - C:\Users\Zues\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-03-17]
CHR HKU\S-1-5-21-153555263-3126299475-2757101510-1000\...\Chrome\Extension: [dkjaldeegndmngnahlmdbfnejdobkmil] - C:\Users\Zues\AppData\Local\CRE\dkjaldeegndmngnahlmdbfnejdobkmil.crx [Not Found]
CHR HKLM-x32\...\Chrome\Extension: [kjeghcllfecehndceplomkocgfbklffd] - C:\ProgramData\WRData\PKG\CHROME\CHROME_1.0.0.32.crx [2014-03-07]
CHR HKLM-x32\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - d:\Program Files (x86)\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx [2011-12-12]
CHR HKLM-x32\...\Chrome\Extension: [okfhiodnpcnnnpgbjbhfebjnbagmfhab] - C:\ProgramData\WRData\pkg\lpchrome.crx [2012-11-15]
==================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdobeActiveFileMonitor10.0; D:\Program Files (x86)\Adobe\Elements 10 Organizer\PhotoshopElementsFileAgent.exe [169624 2011-09-14] (Adobe Systems Incorporated)
R2 cFosSpeedS; C:\Program Files\ASRock\XFast LAN\spd.exe [395136 2011-07-04] (cFos Software GmbH)
R2 CLHNServiceForPowerDVD; C:\Program Files (x86)\CyberLink\PowerDVD11\Kernel\DMP\CLHNServiceForPowerDVD.exe [85568 2013-08-06] ()
S3 Creative ALchemy AL6 Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [79360 2014-11-16] (Creative Labs) [File not signed]
S3 Creative Audio Engine Licensing Service; C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [79360 2012-04-01] (Creative Labs) [File not signed]
R2 CTAudSvcService; C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe [286720 2010-02-12] (Creative Technology Ltd) [File not signed]
R2 CyberLink PowerDVD 11.0 Monitor Service; C:\Program Files (x86)\CyberLink\PowerDVD11\Common\MediaServer\CLMSMonitorService.exe [77576 2014-02-12] (CyberLink)
R2 CyberLink PowerDVD 11.0 Service; C:\Program Files (x86)\CyberLink\PowerDVD11\Common\MediaServer\CLMSServerForPDVD11.exe [294664 2014-02-12] (CyberLink)
S3 Futuremark SystemInfo Service; C:\Program Files (x86)\Futuremark\SystemInfo\FMSISvc.exe [614624 2014-09-02] (Futuremark)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1148560 2014-12-12] (NVIDIA Corporation)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2009-05-14] (Hewlett-Packard) [File not signed]
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1701520 2014-12-12] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [19823248 2014-12-12] (NVIDIA Corporation)
R3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [1903472 2014-12-20] (Electronic Arts)
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2009-05-14] (Hewlett-Packard) [File not signed]
R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [76152 2014-08-28] ()
R2 RalinkRegistryWriter; C:\Program Files (x86)\EnGenius\Common\RaRegistry.exe [185632 2009-10-20] (Ralink Technology, Corp.)
R2 RalinkRegistryWriter64; C:\Program Files (x86)\EnGenius\Common\RaRegistry64.exe [212256 2009-10-20] (Ralink Technology, Corp.)
R2 TuneUp.UtilitiesSvc; D:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesService64.exe [2143552 2012-02-09] (TuneUp Software)
R2 W3SVC; C:\Windows\system32\inetsrv\iisw3adm.dll [453120 2010-11-20] (Microsoft Corporation)
R2 WRSVC; C:\Program Files\Webroot\WRSA.exe [770728 2014-12-10] (Webroot)
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R3 AnyDVD; C:\Windows\System32\Drivers\AnyDVD.sys [139352 2013-07-31] (SlySoft, Inc.)
R3 AnyDVD; C:\Windows\SysWOW64\Drivers\AnyDVD.sys [139352 2013-07-31] (SlySoft, Inc.)
U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-13] (Microsoft Corporation)
R0 asahci64; C:\Windows\System32\DRIVERS\asahci64.sys [36448 2011-03-23] (Asmedia Technology)
R3 AsrHidFilter; C:\Windows\System32\DRIVERS\AsrHidFilter.sys [17928 2011-02-17] (ASRock Inc.)
R0 AsrRamDisk; C:\Windows\System32\DRIVERS\AsrRamDisk.sys [34640 2012-08-09] (ASRock Inc.)
S3 cpudrv64; C:\Program Files (x86)\SystemRequirementsLab\cpudrv64.sys [17864 2011-06-02] ()
S3 CrystalSysInfo; D:\Program Files\MediaCoder\SysInfoX64.sys [18128 2007-09-25] ()
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2012-04-12] (DT Soft Ltd)
S3 FNETTBOH_305; C:\Windows\System32\drivers\FNETTBOH_305.SYS [31808 2012-04-20] (FNet Co., Ltd.)
R1 FNETURPX; C:\Windows\System32\drivers\FNETURPX.SYS [15936 2012-04-01] (FNet Co., Ltd.)
S3 ikbevent; C:\Windows\System32\DRIVERS\ikbevent.sys [25536 2012-02-09] ()
S3 imsevent; C:\Windows\System32\DRIVERS\imsevent.sys [25536 2012-02-09] ()
R3 ISCT; C:\Windows\System32\DRIVERS\ISCTD64.sys [46568 2013-01-19] ()
S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [129752 2014-11-07] (Malwarebytes Corporation)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2014-12-12] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [38032 2014-11-22] (NVIDIA Corporation)
S3 SaiH8000; C:\Windows\System32\DRIVERS\SaiH8000.sys [178560 2008-04-04] (Saitek)
R3 TuneUpUtilitiesDrv; D:\Program Files (x86)\TuneUp Utilities 2012\TuneUpUtilitiesDriver64.sys [11856 2011-10-20] (TuneUp Software)
S3 WinRing0_1_2_0; D:\Downloads\RealTemp_370\WinRing0x64.sys [14544 2008-07-26] (OpenLibSys.org)
R0 WRkrn; C:\Windows\System32\drivers\WRkrn.sys [114176 2014-12-10] (Webroot)
R2 {329F96B6-DF1E-4328-BFDA-39EA953C1312}; C:\Program Files (x86)\CyberLink\PowerDVD11\Common\NavFilter\000.fcl [32456 2014-02-12] (CyberLink Corp.)
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
U0 SR; No ImagePath
U2 srservice; No ImagePath
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-12-21 14:37 - 2014-12-21 14:37 - 00000000 ____D () C:\FRST
2014-12-21 14:03 - 2014-12-21 14:05 - 00001052 _____ () C:\Users\Public\Desktop\The Sims 4.lnk
2014-12-21 14:03 - 2014-12-21 14:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The Sims 4
2014-12-21 02:47 - 2014-12-21 03:32 - 00016896 _____ () C:\Users\Zues\Documents\crystal.wps
2014-12-20 16:17 - 2014-12-20 16:17 - 00000000 ____D () C:\Program Files (x86)\Microsoft ASP.NET
2014-12-20 00:14 - 2014-11-22 04:46 - 00038032 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2014-12-20 00:14 - 2014-11-22 04:46 - 00032400 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2014-12-18 10:37 - 2014-12-12 23:09 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-12-18 10:37 - 2014-12-12 21:33 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-12-13 17:05 - 2014-12-13 17:05 - 00000000 ____D () C:\Users\Zues\AppData\Local\{514F7C19-ECAA-4B14-8D4B-CCBB68A97513}
2014-12-11 22:01 - 2014-12-11 22:28 - 00001066 _____ () C:\Users\Zues\Desktop\Skyrim (SKSE).lnk
2014-12-11 21:48 - 2014-12-11 21:48 - 00000783 _____ () C:\Users\Public\Desktop\Nexus Mod Manager.lnk
2014-12-10 16:12 - 2014-12-10 16:12 - 00000000 ____D () C:\Windows\system32\appraiser
2014-12-09 23:27 - 2014-10-17 20:05 - 04121600 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2014-12-09 23:27 - 2014-10-17 19:33 - 03209728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2014-12-09 16:13 - 2014-12-03 20:50 - 00830976 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2014-12-09 16:13 - 2014-12-03 20:50 - 00741376 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2014-12-09 16:13 - 2014-12-03 20:50 - 00413184 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2014-12-09 16:13 - 2014-12-03 20:50 - 00396800 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2014-12-09 16:13 - 2014-12-03 20:50 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-12-09 16:13 - 2014-12-03 20:50 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2014-12-09 16:13 - 2014-12-03 20:44 - 01083392 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-12-09 16:13 - 2014-12-01 17:28 - 01232040 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2014-12-09 16:13 - 2014-11-26 19:43 - 00389296 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-12-09 16:13 - 2014-11-26 19:10 - 00342200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-12-09 16:13 - 2014-11-21 21:13 - 25059840 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-12-09 16:13 - 2014-11-21 21:06 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-12-09 16:13 - 2014-11-21 21:06 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-12-09 16:13 - 2014-11-21 20:50 - 00580096 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-12-09 16:13 - 2014-11-21 20:50 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-12-09 16:13 - 2014-11-21 20:49 - 02885120 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-12-09 16:13 - 2014-11-21 20:49 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-12-09 16:13 - 2014-11-21 20:48 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-12-09 16:13 - 2014-11-21 20:41 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-12-09 16:13 - 2014-11-21 20:40 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-12-09 16:13 - 2014-11-21 20:37 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-12-09 16:13 - 2014-11-21 20:35 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-12-09 16:13 - 2014-11-21 20:34 - 06039552 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-12-09 16:13 - 2014-11-21 20:34 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-12-09 16:13 - 2014-11-21 20:26 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-12-09 16:13 - 2014-11-21 20:22 - 19749376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-12-09 16:13 - 2014-11-21 20:22 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-12-09 16:13 - 2014-11-21 20:20 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-12-09 16:13 - 2014-11-21 20:14 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-12-09 16:13 - 2014-11-21 20:09 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-12-09 16:13 - 2014-11-21 20:08 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-12-09 16:13 - 2014-11-21 20:07 - 00501248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-12-09 16:13 - 2014-11-21 20:07 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-12-09 16:13 - 2014-11-21 20:06 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-12-09 16:13 - 2014-11-21 20:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-12-09 16:13 - 2014-11-21 20:05 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-12-09 16:13 - 2014-11-21 20:01 - 02277888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-12-09 16:13 - 2014-11-21 19:59 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-12-09 16:13 - 2014-11-21 19:58 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-12-09 16:13 - 2014-11-21 19:56 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-12-09 16:13 - 2014-11-21 19:54 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-12-09 16:13 - 2014-11-21 19:49 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-12-09 16:13 - 2014-11-21 19:49 - 00718848 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-12-09 16:13 - 2014-11-21 19:47 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-12-09 16:13 - 2014-11-21 19:46 - 02125312 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-12-09 16:13 - 2014-11-21 19:45 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-12-09 16:13 - 2014-11-21 19:43 - 14412800 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-12-09 16:13 - 2014-11-21 19:40 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-12-09 16:13 - 2014-11-21 19:36 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-12-09 16:13 - 2014-11-21 19:35 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-12-09 16:13 - 2014-11-21 19:33 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-12-09 16:13 - 2014-11-21 19:29 - 04299264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-12-09 16:13 - 2014-11-21 19:28 - 02358272 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-12-09 16:13 - 2014-11-21 19:23 - 00688640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-12-09 16:13 - 2014-11-21 19:22 - 02052096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-12-09 16:13 - 2014-11-21 19:21 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-12-09 16:13 - 2014-11-21 19:15 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-12-09 16:13 - 2014-11-21 19:13 - 12836864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-12-09 16:13 - 2014-11-21 19:03 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-12-09 16:13 - 2014-11-21 19:00 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-12-09 16:13 - 2014-11-21 18:56 - 01307136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-12-09 16:13 - 2014-11-21 18:54 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-12-09 16:13 - 2014-11-10 21:09 - 01424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2014-12-09 16:13 - 2014-11-10 20:44 - 01230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2014-12-09 16:13 - 2014-11-10 19:46 - 00119296 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys
2014-12-09 16:13 - 2014-11-07 21:16 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2014-12-09 16:13 - 2014-11-07 20:45 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2014-12-09 16:13 - 2014-10-29 20:03 - 00165888 _____ (Microsoft Corporation) C:\Windows\system32\charmap.exe
2014-12-09 16:13 - 2014-10-29 19:45 - 00155136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\charmap.exe
2014-12-09 16:13 - 2014-10-02 20:12 - 02020352 _____ (Microsoft Corporation) C:\Windows\system32\WsmSvc.dll
2014-12-09 16:13 - 2014-10-02 20:12 - 00346624 _____ (Microsoft Corporation) C:\Windows\system32\WSManMigrationPlugin.dll
2014-12-09 16:13 - 2014-10-02 20:12 - 00310272 _____ (Microsoft Corporation) C:\Windows\system32\WsmWmiPl.dll
2014-12-09 16:13 - 2014-10-02 20:12 - 00181248 _____ (Microsoft Corporation) C:\Windows\system32\WsmAuto.dll
2014-12-09 16:13 - 2014-10-02 20:11 - 00266240 _____ (Microsoft Corporation) C:\Windows\system32\WSManHTTPConfig.exe
2014-12-09 16:13 - 2014-10-02 19:45 - 01177088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmSvc.dll
2014-12-09 16:13 - 2014-10-02 19:45 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManMigrationPlugin.dll
2014-12-09 16:13 - 2014-10-02 19:45 - 00214016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmWmiPl.dll
2014-12-09 16:13 - 2014-10-02 19:45 - 00145920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WsmAuto.dll
2014-12-09 16:13 - 2014-10-02 19:44 - 00198656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSManHTTPConfig.exe
2014-12-03 16:53 - 2014-12-03 16:54 - 00000000 ____D () C:\Users\Zues\AppData\Local\{343ED417-0356-48EB-95A1-696B0F5A9FC3}
2014-12-03 16:49 - 2014-12-03 16:49 - 00000000 ____D () C:\Users\Zues\AppData\Local\{E274035F-3EEB-4F99-9037-55B0D4E5C364}
2014-11-30 20:40 - 2014-11-30 20:40 - 00000000 ____D () C:\Users\Zues\AppData\Roaming\NVIDIA
2014-11-28 14:01 - 2014-11-28 14:12 - 00000000 ____D () C:\Users\Zues\Documents\Gray
2014-11-26 22:18 - 2014-11-26 22:18 - 00000000 ____D () C:\Users\Zues\AppData\Local\{6CCBC787-9208-49AD-8B15-126ED1F0FB59}
2014-11-24 21:32 - 2014-11-24 21:38 - 00000000 ____D () C:\Users\Zues\Documents\Assassin's Creed Unity
2014-11-24 21:31 - 2014-11-24 21:31 - 00016525 _____ () C:\Windows\DirectX.log
2014-11-24 03:06 - 2014-12-21 13:43 - 00011975 _____ () C:\Windows\setupact.log
2014-11-24 03:06 - 2014-12-21 13:43 - 00001072 _____ () C:\Windows\PFRO.log
2014-11-24 01:17 - 2014-11-24 01:17 - 00000233 _____ () C:\Users\Zues\Desktop\Assassin’s Creed Unity.url
2014-11-24 01:17 - 2014-11-24 01:17 - 00000233 _____ () C:\Users\Zues\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Assassin’s Creed Unity.url
2014-11-24 01:16 - 2014-11-24 01:16 - 00000917 _____ () C:\Users\Zues\Desktop\Uplay.lnk
2014-11-23 23:01 - 2014-12-21 13:43 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-11-23 23:01 - 2014-11-12 15:56 - 06897352 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2014-11-23 23:01 - 2014-11-12 15:56 - 03534152 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2014-11-23 23:01 - 2014-11-12 15:56 - 02559808 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2014-11-23 23:01 - 2014-11-12 15:56 - 00934032 _____ (NVIDIA Corporation) C:\Windows\system32\nvvsvc.exe
2014-11-23 23:01 - 2014-11-12 15:56 - 00386368 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2014-11-23 23:01 - 2014-11-12 15:56 - 00062608 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2014-11-23 23:01 - 2014-11-12 14:46 - 00615624 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2014-11-23 23:01 - 2014-11-11 04:29 - 04100776 _____ () C:\Windows\system32\nvcoproc.bin
2014-11-23 23:00 - 2014-11-17 16:18 - 01538880 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdagenco6420103.dll
2014-11-23 23:00 - 2014-11-17 16:18 - 00197408 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys
2014-11-23 23:00 - 2014-11-17 16:18 - 00031520 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll
2014-11-23 23:00 - 2014-11-12 18:20 - 31893136 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2014-11-23 23:00 - 2014-11-12 18:20 - 24557712 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2014-11-23 23:00 - 2014-11-12 18:20 - 20986592 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
2014-11-23 23:00 - 2014-11-12 18:20 - 20922512 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2014-11-23 23:00 - 2014-11-12 18:20 - 19966344 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
2014-11-23 23:00 - 2014-11-12 18:20 - 18514616 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
2014-11-23 23:00 - 2014-11-12 18:20 - 17259664 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2014-11-23 23:00 - 2014-11-12 18:20 - 16884632 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
2014-11-23 23:00 - 2014-11-12 18:20 - 14032984 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2014-11-23 23:00 - 2014-11-12 18:20 - 13944952 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2014-11-23 23:00 - 2014-11-12 18:20 - 13213512 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
2014-11-23 23:00 - 2014-11-12 18:20 - 11397744 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2014-11-23 23:00 - 2014-11-12 18:20 - 11336432 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2014-11-23 23:00 - 2014-11-12 18:20 - 04292416 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2014-11-23 23:00 - 2014-11-12 18:20 - 04011208 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2014-11-23 23:00 - 2014-11-12 18:20 - 03262784 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2014-11-23 23:00 - 2014-11-12 18:20 - 02874456 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2014-11-23 23:00 - 2014-11-12 18:20 - 01876296 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6434475.dll
2014-11-23 23:00 - 2014-11-12 18:20 - 01540424 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6434475.dll
2014-11-23 23:00 - 2014-11-12 18:20 - 00989056 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
2014-11-23 23:00 - 2014-11-12 18:20 - 00964928 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2014-11-23 23:00 - 2014-11-12 18:20 - 00935240 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2014-11-23 23:00 - 2014-11-12 18:20 - 00923792 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2014-11-23 23:00 - 2014-11-12 18:20 - 00900928 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2014-11-23 23:00 - 2014-11-12 18:20 - 00871648 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
2014-11-23 23:00 - 2014-11-12 18:20 - 00500880 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2014-11-23 23:00 - 2014-11-12 18:20 - 00418112 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2014-11-23 23:00 - 2014-11-12 18:20 - 00393024 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2014-11-23 23:00 - 2014-11-12 18:20 - 00352016 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
2014-11-23 23:00 - 2014-11-12 18:20 - 00348304 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2014-11-23 23:00 - 2014-11-12 18:20 - 00303600 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
2014-11-23 23:00 - 2014-11-12 18:20 - 00174856 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
2014-11-23 23:00 - 2014-11-12 18:20 - 00156840 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
2014-11-23 23:00 - 2014-11-12 18:20 - 00027094 _____ () C:\Windows\system32\nvinfo.pb
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-12-21 14:28 - 2014-03-17 12:53 - 00000898 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-12-21 14:23 - 2012-04-01 05:08 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-12-21 14:07 - 2012-04-22 17:01 - 00000000 ____D () C:\Users\Zues\Documents\Electronic Arts
2014-12-21 14:04 - 2012-04-01 03:58 - 01877551 _____ () C:\Windows\WindowsUpdate.log
2014-12-21 14:03 - 2013-09-30 16:07 - 00000000 ____D () C:\ProgramData\Package Cache
2014-12-21 14:03 - 2009-07-13 23:32 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-12-21 13:50 - 2009-07-13 22:45 - 00023824 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-12-21 13:50 - 2009-07-13 22:45 - 00023824 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-12-21 13:49 - 2009-07-13 23:13 - 00007132 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-12-21 13:47 - 2012-04-01 05:46 - 00000000 ____D () C:\Program Files (x86)\Origin
2014-12-21 13:47 - 2012-04-01 04:30 - 00000000 ____D () C:\ProgramData\Origin
2014-12-21 13:43 - 2014-10-12 09:58 - 00000000 ___RD () C:\Users\Zues\iCloudDrive
2014-12-21 13:43 - 2014-03-17 12:53 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-12-21 13:43 - 2013-01-22 10:38 - 00000000 ____D () C:\Users\Zues\AppData\Roaming\Dropbox
2014-12-21 13:43 - 2009-07-13 23:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-12-21 13:43 - 2009-03-03 23:26 - 00000000 ____D () C:\Program Files (x86)\Steam
2014-12-21 13:34 - 2012-06-13 07:14 - 00000000 ____D () C:\ProgramData\WRData
2014-12-21 13:33 - 2012-06-28 16:10 - 00000000 ____D () C:\Users\Zues\AppData\Local\Logitech
2014-12-21 12:55 - 2009-07-13 23:32 - 00000000 ____D () C:\Windows\system32\FxsTmp
2014-12-21 02:00 - 2012-04-01 23:00 - 00000000 ____D () C:\Users\Zues\AppData\Local\Adobe
2014-12-20 00:41 - 2013-10-31 12:26 - 00215416 _____ () C:\Windows\SysWOW64\PnkBstrB.exe
2014-12-16 17:02 - 2013-09-06 04:51 - 00003694 _____ () C:\Windows\System32\Tasks\Adobe online update program
2014-12-15 13:28 - 2013-11-05 18:00 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2014-12-13 16:07 - 2013-07-31 18:09 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-12-13 16:07 - 2013-07-31 18:09 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-12-13 12:32 - 2013-07-31 18:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2014-12-13 11:58 - 2012-04-01 05:08 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-12-13 11:58 - 2012-04-01 05:08 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-12-13 11:58 - 2012-04-01 04:33 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-12-12 18:12 - 2014-11-07 01:13 - 02824504 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2014-12-12 18:12 - 2014-11-07 01:13 - 02210040 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2014-12-12 18:12 - 2014-11-07 01:13 - 01715224 _____ (NVIDIA Corporation) C:\Windows\system32\nvspbridge64.dll
2014-12-12 18:12 - 2014-11-07 01:13 - 01291464 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspbridge.dll
2014-12-12 01:25 - 2013-10-31 12:26 - 00215416 _____ () C:\Windows\SysWOW64\PnkBstrB.ex0
2014-12-12 01:23 - 2011-09-29 12:35 - 00000000 ____D () C:\Program Files (x86)\Battlelog Web Plugins
2014-12-12 00:42 - 2012-04-01 04:20 - 00000000 ____D () C:\Users\Zues\AppData\Local\Skyrim
2014-12-11 23:13 - 2013-01-22 10:38 - 00000000 ____D () C:\Users\Zues\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Dropbox
2014-12-11 21:51 - 2013-03-05 21:34 - 00000000 ____D () C:\Users\Zues\Documents\SimCity
2014-12-11 21:48 - 2014-07-09 02:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nexus Mod Manager
2014-12-10 18:07 - 2009-07-13 21:20 - 00000000 ____D () C:\Windows\rescache
2014-12-10 17:13 - 2012-06-13 07:14 - 00114176 _____ (Webroot) C:\Windows\system32\Drivers\WRkrn.sys
2014-12-10 16:12 - 2014-05-05 22:18 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-12-10 16:12 - 2009-07-13 21:20 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-12-10 16:12 - 2009-07-13 21:20 - 00000000 ____D () C:\Windows\AppCompat
2014-12-09 23:31 - 2013-08-09 15:30 - 00000000 ____D () C:\Windows\system32\MRT
2014-12-09 23:28 - 2012-04-01 03:54 - 112710672 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-11-30 20:39 - 2014-06-07 16:27 - 00000000 ____D () C:\Users\Zues\AppData\Roaming\.minecraft
2014-11-24 01:09 - 2012-07-22 18:35 - 00000000 ____D () C:\Windows\Minidump
2014-11-23 23:28 - 2012-04-01 04:25 - 00000000 ____D () C:\Users\Zues\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2014-11-23 23:01 - 2013-05-24 16:56 - 00000000 ____D () C:\ProgramData\NVIDIA Corporation
2014-11-23 23:01 - 2012-04-01 03:27 - 00000000 ____D () C:\Program Files (x86)\NVIDIA Corporation
2014-11-23 23:01 - 2012-04-01 03:25 - 00000000 ____D () C:\Program Files\NVIDIA Corporation
2014-11-23 23:01 - 2009-07-13 21:20 - 00000000 ____D () C:\Windows\Help
2014-11-23 15:09 - 2012-04-04 12:44 - 00153256 ____N (Webroot) C:\Windows\SysWOW64\WRusr.dll
2014-11-22 04:46 - 2014-11-07 01:13 - 00035472 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcap64v.dll
2014-11-21 17:20 - 2014-11-16 17:52 - 00001080 _____ () C:\Windows\system32\settingsbkup.sfm
2014-11-21 17:20 - 2014-11-16 17:52 - 00001080 _____ () C:\Windows\system32\settings.sfm
2014-11-21 02:23 - 2014-10-27 11:38 - 00000000 ____D () C:\Users\Zues\Desktop\desktop shortcuts
Some content of TEMP:
====================
C:\Users\Zues\AppData\Local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpfxj3fx.dll
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-12-15 13:42
==================== End Of Log ============================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 21-12-2014 01
Ran by Zues at 2014-12-21 14:38:08
Running from D:\Downloads
Boot Mode: Normal
==========================================================
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Webroot SecureAnywhere (Enabled - Up to date) {66A6FE14-08CB-F415-3742-517201416109}
AS: Webroot SecureAnywhere (Enabled - Up to date) {DDC71FF0-2EF1-FB9B-0DF2-6A007AC62BB4}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
3DMark (HKLM-x32\...\Steam App 223850) (Version: - Futuremark)
64 Bit HP CIO Components Installer (Version: 6.2.2 - Hewlett-Packard) Hidden
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Acrobat.com (x32 Version: 0.0.0 - Adobe Systems Incorporated) Hidden
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 2.0.2.12610 - Adobe Systems Inc.)
Adobe Download Assistant (HKLM-x32\...\com.adobe.downloadassistant.AdobeDownloadAssistant) (Version: 1.2 - Adobe Systems Incorporated)
Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.246 - Adobe Systems Incorporated)
Adobe Flash Player 16 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 16.0.0.235 - Adobe Systems Incorporated)
Adobe Photoshop Elements 10 (HKLM-x32\...\Adobe Photoshop Elements 10) (Version: 10.0 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.10) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.0 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.0.3.133 - Adobe Systems, Inc.)
Amazon Cloud Player (HKU\S-1-5-21-153555263-3126299475-2757101510-1000\...\Amazon Amazon Cloud Player) (Version: 2.1.0.381 - Amazon Services LLC)
Amazon MP3 Downloader 1.0.17 (HKLM-x32\...\Amazon MP3 Downloader) (Version: 1.0.17 - Amazon Services LLC)
AnyDVD (HKLM-x32\...\AnyDVD) (Version: 7.3.5.0 - SlySoft)
Apple Application Support (HKLM-x32\...\{83CAF0DE-8D3B-4C37-A631-2B8F16EC3031}) (Version: 3.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{BDD99690-3541-4619-9D2A-3CDDB3E15F9E}) (Version: 8.0.5.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
applicationupdater (HKU\S-1-5-21-153555263-3126299475-2757101510-1000\...\SOE-C:/Users/Zues/AppData/Local/Sony Online Entertainment/ApplicationUpdater) (Version: - Sony Online Entertainment)
Asmedia ASM104x USB 3.0 Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.10.1.0 - Asmedia Technology)
Asmedia ASM106x SATA Host Controller Driver (HKLM-x32\...\{61942EF5-2CD8-47D4-869C-2E9A8BB085F1}) (Version: 1.2.2.000 - Asmedia Technology)
ASRock App Charger v1.0.4 (HKLM\...\ASRock App Charger_is1) (Version: - ASRock Inc.)
ASRock RapidStart v1.0.5 (HKLM\...\ASRock RapidStart_is1) (Version: - ASRock Inc.)
ASRock SmartConnect v1.0.6 (HKLM\...\ASRock SmartConnect_is1) (Version: - ASRock Inc.)
ASRock XFast RAM v2.0.28 (HKLM\...\ASRock XFast RAM_is1) (Version: - ASRock Inc.)
Assassin's Creed Unity (HKLM-x32\...\Uplay Install 720) (Version: - Ubisoft)
AviSynth 2.5 (HKLM-x32\...\AviSynth) (Version: - )
Batman: Arkham City™ (x32 Version: 1.0.0003.131 - WB Games) Hidden
Battlefield 4™ (HKLM-x32\...\{ABADE36E-EC37-413B-8179-B432AD3FACE7}) (Version: 1.4.2.23831 - Electronic Arts)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.6.2 - EA Digital Illusions CE AB)
BF4 Settings Editor (HKLM\...\{EF4C9459-47DE-4FCD-B9E0-CEB5BA03FC64}) (Version: 1.1 - Realmware)
BitTorrent (HKU\S-1-5-21-153555263-3126299475-2757101510-1000\...\BitTorrent) (Version: 7.9.2.34947 - BitTorrent Inc.)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
BOSS (HKLM-x32\...\BOSS) (Version: 2.1.1 - BOSS Development Team)
BufferChm (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.)
CleanMem (HKLM-x32\...\CleanMem) (Version: v2.4.3 - PcWinTech.com)
CloneDVD2 (HKLM-x32\...\CloneDVD2) (Version: - Elaborate Bytes)
CPUID CPU-Z 1.60 (HKLM\...\CPUID CPU-Z_is1) (Version: - )
Creation Kit (HKLM-x32\...\Steam App 202480) (Version: - bgs.bethsoft.com)
Creative 3DMIDI Player (HKLM-x32\...\3DMIDI) (Version: 1.11 - Creative Technology Limited)
Creative ALchemy (HKLM-x32\...\ALchemy) (Version: 1.43 - Creative Technology Limited)
Creative Audio Control Panel (HKLM-x32\...\AudioCS) (Version: 3.00 - Creative Technology Limited)
Creative Console Launcher (HKLM-x32\...\Console Launcher) (Version: 2.61 - Creative Technology Limited)
Creative Diagnostics (HKLM-x32\...\Diagnostics 4_5) (Version: 5.11 - Creative Technology Limited)
Creative MediaSource 5 (HKLM-x32\...\{BEEFC4F8-2909-48B3-AFAA-55D3533FDEDD}) (Version: 5.26 - Creative Technology Limited)
Creative Software AutoUpdate (HKLM-x32\...\Creative Software AutoUpdate) (Version: 1.41 - Creative Technology Limited)
Creative Sound Blaster Properties x64 Edition (HKLM-x32\...\Creative Sound Blaster Properties x64 Edition) (Version: 1.03 - Creative Technology Limited)
Creative System Information (HKLM-x32\...\SysInfo) (Version: - )
Creative WaveStudio 7 (HKLM-x32\...\WaveStudio 7) (Version: 7.14 - Creative Technology Limited)
CyberLink PowerDVD 11 (HKLM-x32\...\InstallShield_{F232C87C-6E92-4775-8210-DFE90B7777D9}) (Version: 11.0.5012.58 - CyberLink Corp.)
D110 (x32 Version: 140.0.142.000 - Hewlett-Packard) Hidden
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.45.4.0314 - DT Soft Ltd)
DARK SOULS™ II (HKLM-x32\...\Steam App 236430) (Version: - FromSoftware, Inc)
Davis's Drug Guide For Nurses, 13e (HKLM-x32\...\DavisDrugGuideForNurses13e) (Version: 1.0 - F.A. Davis)
Davis's Drug Guide For Nurses, 13e (x32 Version: 1.0 - F.A. Davis) Hidden
Destinations (x32 Version: 140.0.77.000 - Hewlett-Packard) Hidden
DeviceDiscovery (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
DivX Setup (HKLM-x32\...\DivX Setup) (Version: 2.6.1.22 - DivX, LLC)
Dolby Digital Live Pack (HKLM-x32\...\Dolby Digital Live Pack) (Version: 3.00 - Creative Technology Limited)
Dropbox (HKU\S-1-5-21-153555263-3126299475-2757101510-1000\...\Dropbox) (Version: 3.0.3 - Dropbox, Inc.)
DTS Connect Pack (HKLM-x32\...\DTS Connect Pack) (Version: 1.00 - Creative Technology Limited)
DVD Rebuilder (HKLM-x32\...\{0186F98B-19A2-4791-8ECA-BD7870FD0C65}_is1) (Version: Free v0.98.2 - jdobbs softworks and rockas association)
DVDFab 8.2.2.9 (18/06/2013) Qt (HKLM-x32\...\DVDFab 8 Qt_is1) (Version: - Fengtao Software Inc.)
Elements 10 Organizer (x32 Version: 10.0 - Adobe Systems Incorporated) Hidden
EnGenius 11n Wireless USB Adapter (HKLM-x32\...\{F912EF57-65C8-48E8-911F-7FCAF8ADD62E}) (Version: 1.5.5.0 - EnGenius)
eReg (x32 Version: 1.20.138.34 - Logitech, Inc.) Hidden
EVGA OC Scanner X 2.0.1 (HKLM-x32\...\{CB92C58B-7BDF-48E3-92E3-51768DCCA585}_is1) (Version: - EVGA)
EVGA Precision X 3.0.1 (HKLM-x32\...\PrecisionX) (Version: 3.0.1 - EVGA Corporation)
ffdshow v1.1.3882 [2011-06-13] (HKLM-x32\...\ffdshow_is1) (Version: 1.1.3882.0 - )
Fraps (HKLM-x32\...\Fraps) (Version: - )
F-Stream Tuning v0.1.73.31001 (HKLM-x32\...\F-Stream Tuning_is1) (Version: - )
Futuremark SystemInfo (HKLM-x32\...\{E114E635-F06E-43B4-A800-74A22536B1B0}) (Version: 4.30.472.0 - Futuremark)
GameFly Download Manager (HKU\S-1-5-21-153555263-3126299475-2757101510-1000\...\7998bdbe8c95db7f) (Version: 1.0.0.84 - GameFly)
gamelauncher-ps2-live (HKU\S-1-5-21-153555263-3126299475-2757101510-1000\...\SOE-) (Version: - Sony Online Entertainment)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 39.0.2171.95 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
GPBaseService2 (x32 Version: 140.0.211.000 - Hewlett-Packard) Hidden
Haali Media Splitter (HKLM-x32\...\HaaliMkx) (Version: - )
HP Customer Participation Program 14.0 (HKLM\...\HPExtendedCapabilities) (Version: 14.0 - HP)
HP Imaging Device Functions 14.0 (HKLM\...\HP Imaging Device Functions) (Version: 14.0 - HP)
HP Photosmart D110 All-In-One Driver Software 14.0 Rel. 7 (HKLM\...\{14BC6853-A74E-4874-B50D-679889D1544D}) (Version: 14.0 - HP)
HP Smart Web Printing 4.60 (HKLM\...\HP Smart Web Printing) (Version: 4.60 - HP)
HP Solution Center 14.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 14.0 - HP)
HP Update (HKLM-x32\...\{74DC0593-6BC6-4001-AD5F-D810AFB68D86}) (Version: 5.002.002.002 - Hewlett-Packard)
HPAppStudio (x32 Version: 140.0.95.000 - Hewlett-Packard) Hidden
HPPhotoGadget (x32 Version: 140.0.524.000 - Hewlett-Packard) Hidden
HPProductAssistant (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
iCloud (HKLM\...\{6096C0CC-7E19-4355-87F0-627EC5AA146D}) (Version: 4.0.3.56 - Apple Inc.)
ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.8.0 - LIGHTNING UK!)
Intel® OpenCL CPU Runtime (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: - Intel Corporation)
iTunes (HKLM\...\{2ABBBD91-91E5-4AD7-929A-FE15D1DC0576}) (Version: 12.0.1.26 - Apple Inc.)
Java 8 Update 25 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218025F0}) (Version: 8.0.250 - Oracle Corporation)
Landmark Beta (HKU\S-1-5-21-153555263-3126299475-2757101510-1000\...\SOE-Landmark Beta) (Version: 1.0.3.183 - Sony Online Entertainment)
Learn to Read with Phonics 1st and 2nd Grade (HKLM-x32\...\Learn to Read with Phonics 1st and 2nd Grade) (Version: - )
LG Cloud version 0.994 (HKLM\...\LG Cloud_is1) (Version: 0.994 - )
Logitech GamePanel Software 3.03.133 (HKLM\...\{6CC95B76-D380-46B2-9022-9353938E48BA}) (Version: 3.03.133 - Logitech Inc.)
Malwarebytes Anti-Malware version 2.0.3.1025 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.3.1025 - Malwarebytes Corporation)
MarketResearch (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
Marvel Heroes Game (HKLM-x32\...\{ca6069b5-fc6b-4ce8-a03e-2304143706b7}_is1) (Version: 1.0 - Gazillion Entertainment)
Max Payne 3 (HKLM-x32\...\Steam App 204100) (Version: - Rockstar Studios)
MediaCoder x64 0.8.18.5356 (HKLM\...\MediaCoder x64) (Version: 0.8.18.5356 - Broad Intelligence)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}) (Version: 3.5.92.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)
Microsoft Money 2001 (HKLM-x32\...\{D085A1B6-90A4-11D3-82B7-00C04FA309DE}) (Version: 9.0.0.0 - Microsoft)
Microsoft OneDrive (HKU\S-1-5-21-153555263-3126299475-2757101510-1000\...\OneDriveSetup.exe) (Version: 17.0.4023.1211 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.31211.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{A49F249F-0C91-497F-86DF-B2585E8E76B7}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Works 6.0 (HKLM-x32\...\{F8D0829C-9C6F-11D3-8080-00C04FA329AA}) (Version: 06.00.1829 - Microsoft Corporation)
Microsoft Works and Money 2001 Setup Launcher (HKLM-x32\...\Works2001Setup) (Version: - )
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
Microsoft Xbox 360 Accessories 1.2 (HKLM\...\{D9C50188-12D5-4D3E-8F00-682346C2AA5F}) (Version: 1.20.146.0 - Microsoft)
Mozilla Firefox 31.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 31.0 (x86 en-US)) (Version: 31.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Network64 (Version: 140.0.212.000 - Hewlett-Packard) Hidden
Nexus Mod Manager (HKLM\...\6af12c54-643b-4752-87d0-8335503010de_is1) (Version: 0.52.3 - Black Tree Gaming)
NVIDIA 3D Vision Controller Driver 344.75 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 344.75 - NVIDIA Corporation)
NVIDIA 3D Vision Driver 344.75 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 344.75 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.1.5 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.1.5 - NVIDIA Corporation)
NVIDIA Graphics Driver 344.75 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 344.75 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.32.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.32.1 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.14.0702 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.14.0702 - NVIDIA Corporation)
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
Origin (HKLM-x32\...\Origin) (Version: 8.5.0.4554 - Electronic Arts, Inc.)
PlanetSide 2 (HKLM-x32\...\Steam App 218230) (Version: - Sony Online Entertainment)
PlanetSide 2 (HKU\S-1-5-21-153555263-3126299475-2757101510-1000\...\SOE-PlanetSide 2) (Version: - Sony Online Entertainment)
Plex Media Server (HKLM-x32\...\{1A7638A1-E022-4F99-ADF3-F46DB04689C1}) (Version: 0.9.722 - Plex, Inc.)
PS_AIO_07_D110_SW_Min (x32 Version: 140.0.142.000 - Hewlett-Packard) Hidden
PSE10 STI Installer (x32 Version: 10.0 - Adobe Systems Incorporated) Hidden
QuickTime 7 (HKLM-x32\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.)
QuickTransfer (x32 Version: 140.0.98.000 - Hewlett-Packard) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.48.823.2011 - Realtek)
ROCCAT Kone XTD Mouse Driver (HKLM-x32\...\{7133137D-DF48-4522-AD88-13C82B7D0A63}) (Version: - Roccat GmbH)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.1.0.6 - Rockstar Games)
Scan (x32 Version: 140.0.77.000 - Hewlett-Packard) Hidden
SHIELD Streaming (Version: 3.1.3000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (Version: 16.18.9 - NVIDIA Corporation) Hidden
SilvestriRN5e (HKLM-x32\...\SilvestriRN5e) (Version: - Elsevier)
SimCity™ (HKLM-x32\...\{F70FDE4B-8F86-4eb6-8C8E-636EC89F6419}) (Version: 4.0.86.0859 - Electronic Arts)
SmartWebPrinting (x32 Version: 140.0.186.000 - Hewlett-Packard) Hidden
SolutionCenter (x32 Version: 140.0.211.000 - Hewlett-Packard) Hidden
Sound Blaster X-Fi (HKLM-x32\...\{20288888-A7AF-4B24-8AEB-398D20CD563C}) (Version: 1.0 - Creative Technology Limited)
Status (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
System Requirements Lab for Intel (HKLM-x32\...\{C5DA59CF-2BB8-48D5-8E5B-17F2E0F0FEE4}) (Version: 4.5.5.0 - Husdawg, LLC)
The Elder Scrolls V: Skyrim (HKLM-x32\...\Steam App 72850) (Version: - Bethesda Game Studios)
The Sims™ 3 (HKLM-x32\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}) (Version: 1.55.4 - Electronic Arts)
The Sims™ 3 Pets (HKLM-x32\...\{C12631C6-804D-4B32-B0DD-8A496462F106}) (Version: 10.0.96 - Electronic Arts)
The Sims™ 3 World Adventures (HKLM-x32\...\{BA26FFA5-6D47-47DB-BE56-34C357B5F8CC}) (Version: 2.0.86 - Electronic Arts)
The Sims™ 4 (HKLM-x32\...\{48EBEBBF-B9F8-4520-A3CF-89A730721917}) (Version: 1.3.18.1010 - Electronic Arts Inc.)
The Testament of Sherlock Holmes (HKLM-x32\...\Steam App 205650) (Version: - Frogwares)
Titanfall™ (HKLM-x32\...\{347EE0C3-0690-48F6-A231-53853C2A80D6}) (Version: 1.0.7.2 - Electronic Arts)
Toolbox (x32 Version: 140.0.424.000 - Hewlett-Packard) Hidden
Total War: Rome II Additional Depots (HKLM-x32\...\Steam App 243660) (Version: - )
TrayApp (x32 Version: 140.0.212.000 - Hewlett-Packard) Hidden
TuneUp Utilities 2012 (HKLM-x32\...\TuneUp Utilities 2012) (Version: 12.0.3010.5 - TuneUp Software)
TuneUp Utilities 2012 (x32 Version: 12.0.3010.5 - TuneUp Software) Hidden
TuneUp Utilities Language Pack (en-US) (x32 Version: 12.0.3010.5 - TuneUp Software) Hidden
Unknown Device Identifier 8.00 (HKLM\...\Unknown Device Identifier_is1) (Version: - Huntersoft)
Uplay (HKLM-x32\...\Uplay) (Version: 4.9 - Ubisoft)
VC80CRTRedist - 8.0.50727.6195 (x32 Version: 1.2.0 - DivX, Inc) Hidden
Ventrilo Client for Windows x64 (HKLM\...\{EEB3F6BB-318D-4CE5-989F-8191FCBFB578}) (Version: 3.0.8.0 - Flagship Industries, Inc.)
VitalSource Bookshelf (HKLM-x32\...\{ACBF0550-A317-4C22-AC93-0DDB73087412}) (Version: 6.01.0018 - Ingram Content Group)
WebReg (x32 Version: 140.0.212.017 - Hewlett-Packard) Hidden
Webroot SecureAnywhere (HKLM-x32\...\WRUNINST) (Version: 8.0.6.28 - Webroot)
Widevine Media Transformer Plugin 5.0.0 (HKLM-x32\...\transformer_ie) (Version: 5.0.0.4679 - Widevine Technologies)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
Works Suite OS Pack (x32 Version: 1.0.0.0000 - Microsoft Corporation) Hidden
XFast LAN v6.61 (HKLM\...\XFast LAN) (Version: 6.61 - cFos Software GmbH, Bonn)
XFastUsb (HKLM-x32\...\XFastUsb) (Version: - )
==================== Custom CLSID (selected items): ==========================
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
CustomCLSID: HKU\S-1-5-21-153555263-3126299475-2757101510-1000_Classes\CLSID\{005A3A96-BAC4-4B0A-94EA-C0CE100EA736}\localserver32 -> C:\Users\Zues\AppData\Roaming\Dropbox\bin\Dropbox.exe (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-153555263-3126299475-2757101510-1000_Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E}\InprocServer32 -> C:\Users\Zues\AppData\Local\Microsoft\SkyDrive\17.0.4023.1211\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-153555263-3126299475-2757101510-1000_Classes\CLSID\{AB8902B4-09CA-4bb6-B78D-A8F59079A8D5}\localserver32 -> rundll32.exe javascript:"\..\mshtml.dll,RunHTMLApplication ";eval("epdvnfou/xsjuf)(=tdsjqu!mbohvbhf> (the data entry has 251 more characters). <==== Poweliks?
CustomCLSID: HKU\S-1-5-21-153555263-3126299475-2757101510-1000_Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524}\InprocServer32 -> C:\Users\Zues\AppData\Local\Microsoft\SkyDrive\17.0.4023.1211\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-153555263-3126299475-2757101510-1000_Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B}\InprocServer32 -> C:\Users\Zues\AppData\Local\Microsoft\SkyDrive\17.0.4023.1211\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-153555263-3126299475-2757101510-1000_Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A}\InprocServer32 -> C:\Users\Zues\AppData\Local\Microsoft\SkyDrive\17.0.4023.1211\amd64\SkyDriveShell64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-153555263-3126299475-2757101510-1000_Classes\CLSID\{F8071786-1FD0-4A66-81A1-3CBE29274458}\InprocServer32 -> C:\Users\Zues\AppData\Local\Microsoft\SkyDrive\17.0.4023.1211\amd64\FileSyncApi64.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-153555263-3126299475-2757101510-1000_Classes\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Zues\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-153555263-3126299475-2757101510-1000_Classes\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Zues\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-153555263-3126299475-2757101510-1000_Classes\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Zues\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-153555263-3126299475-2757101510-1000_Classes\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Zues\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-153555263-3126299475-2757101510-1000_Classes\CLSID\{FB314EDD-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Zues\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-153555263-3126299475-2757101510-1000_Classes\CLSID\{FB314EDE-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Zues\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-153555263-3126299475-2757101510-1000_Classes\CLSID\{FB314EDF-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Zues\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
CustomCLSID: HKU\S-1-5-21-153555263-3126299475-2757101510-1000_Classes\CLSID\{FB314EE0-A251-47B7-93E1-CDD82E34AF8B}\InprocServer32 -> C:\Users\Zues\AppData\Roaming\Dropbox\bin\DropboxExt64.24.dll (Dropbox, Inc.)
==================== Restore Points =========================
12-12-2014 14:22:35 Windows Update
13-12-2014 12:32:00 Windows Update
18-12-2014 10:52:58 Windows Update
20-12-2014 16:17:03 Windows Update
21-12-2014 14:03:29 Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005
21-12-2014 14:03:39 Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-13 20:34 - 2014-11-06 01:14 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1 localhost
==================== Scheduled Tasks (whitelisted) =============
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
Task: {0FC62325-86CC-4412-A467-0044ECD4D1CB} - System32\Tasks\Norton WSC Integration => d:\Program Files (x86)\Norton 360\Engine\6.2.1.5\WSCStub.exe
Task: {150BE75D-FEE8-4AF3-9947-F30CD5C54446} - System32\Tasks\Java Update Scheduler => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2014-10-07] (Oracle Corporation)
Task: {1A6687BF-4E22-4F69-B942-2B799414A540} - System32\Tasks\Norton 360\Norton Error Processor => d:\Program Files (x86)\Norton 360\Engine\6.2.1.5\SymErr.exe
Task: {1BF6753E-AB18-4101-8ED8-C3FB556F9D87} - System32\Tasks\{917EC329-177F-4E10-9FB3-CD5B0D9C1ECD} => pcalua.exe -a C:\Users\Zues\Desktop\bios\ME_Win7-64_Win7_Vista64_Vista_XP64_XP(v8.0.2.1410_1.5M)\ME(v8.0.2.1410_1.5M)\setup.exe -d C:\Users\Zues\Desktop\bios\ME_Win7-64_Win7_Vista64_Vista_XP64_XP(v8.0.2.1410_1.5M)\ME(v8.0.2.1410_1.5M)
Task: {23CBB1B2-BD0D-4267-AB78-97ED5A2B894B} - System32\Tasks\Google Updater and Installer => C:\Users\Zues\AppData\Local\Google\Update\GoogleUpdate.exe [2012-08-30] (Google Inc.)
Task: {30735416-FDA8-4F97-B407-CE3F2E3A6A71} - System32\Tasks\{3CEE358A-587A-40BD-8F5E-B3F6D37223BE} => pcalua.exe -a D:\Downloads\ME_Win7-64_Win7_Vista64_Vista_XP64_XP(v8.0.2.1410_1.5M)\ME(v8.0.2.1410_1.5M)\setup.exe -d D:\Downloads\ME_Win7-64_Win7_Vista64_Vista_XP64_XP(v8.0.2.1410_1.5M)\ME(v8.0.2.1410_1.5M)
Task: {3968BDAA-9280-49AA-9908-74CB25EDD195} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-03-17] (Google Inc.)
Task: {3C371308-887F-4043-994D-488138F62B42} - System32\Tasks\{511B7713-94D3-4447-879D-79EF3E3F0CB7} => pcalua.exe -a "C:\Program Files (x86)\Steam\steam.exe" -c steam://uninstall/202480
Task: {4BDC026A-12D0-4FD1-93D3-7B1B91539A91} - System32\Tasks\TuneUpUtilities_Task_BkGndMaintenance2012 => D:\Program Files (x86)\TuneUp Utilities 2012\OneClick.exe [2012-02-09] (TuneUp Software)
Task: {57AE68D0-60D8-4FA4-BC1B-7DCB6C0277D1} - System32\Tasks\AdobeAAMUpdater-1.0-Zues-PC-Zues => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2012-09-20] (Adobe Systems Incorporated)
Task: {6159DD7B-0D7A-48E2-B9FF-FCF3641EB5E9} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {62C35AB1-AC67-43A3-9212-1B7EAE36B30C} - System32\Tasks\elbyExecuteWithUAC => C:\Program Files (x86)\SlySoft\AnyDVD\ExecuteWithUAC.exe
Task: {6D241CEC-475F-4E35-95AB-A21CC6F3B423} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe
Task: {6EC71B4C-34C6-45E0-B276-D23B6A3CFCE7} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-12-13] (Adobe Systems Incorporated)
Task: {705683C3-7F51-47E9-9EF0-1CB3B867F3C0} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-03-17] (Google Inc.)
Task: {7B7552FD-C4D8-4EF1-8404-9D172290E2BF} - System32\Tasks\HP online update program => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [2009-11-18] (Hewlett-Packard)
Task: {A25089DB-926E-42B0-977D-66B2EB537FFC} - System32\Tasks\Norton 360\Norton Error Analyzer => d:\Program Files (x86)\Norton 360\Engine\6.2.1.5\SymErr.exe
Task: {B928328E-DB8A-4291-B2B4-39AEB63E60E9} - System32\Tasks\Amazon Music Helper => C:\Users\Zues\AppData\Local\Amazon Cloud Player\Amazon Music Helper.exe [2013-11-24] ()
Task: {C4460CC7-9543-4291-BB32-87A14B7BC448} - System32\Tasks\Divx online update program => C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [2012-11-29] ()
Task: {DF8A40D9-D751-45DD-9D1B-0EA3DB07BD49} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {E2B83377-2A51-4CDB-AA8D-EA878E7DC8CB} - System32\Tasks\Adobe online update program => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2014-11-20] (Adobe Systems Incorporated)
Task: {EB9440A6-5629-4FE4-854E-1770C2AA19EE} - System32\Tasks\Works Update Detect => C:\Program Files (x86)\Microsoft Works\WkDetect.exe [2000-08-15] (Microsoft® Corporation)
Task: {FC91D58C-09CD-48DC-93D5-E8881C9B5E15} - System32\Tasks\Clean System Memory => C:\Windows\syswow64\CleanMem.exe [2012-09-20] (PcWinTech.com)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Loaded Modules (whitelisted) =============
2014-11-23 23:01 - 2014-11-12 15:56 - 00118080 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2014-11-14 21:09 - 2013-08-06 01:36 - 00085568 _____ () C:\Program Files (x86)\CyberLink\PowerDVD11\Kernel\DMP\CLHNServiceForPowerDVD.exe
2013-10-31 12:25 - 2014-08-28 23:18 - 00076152 _____ () C:\Windows\system32\PnkBstrA.exe
2012-06-22 07:39 - 2012-01-05 16:24 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2014-02-12 20:58 - 2014-02-12 20:58 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-10-11 13:05 - 2014-10-11 13:05 - 01044776 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2014-11-14 21:09 - 2011-11-04 01:28 - 00260096 _____ () C:\Program Files (x86)\CyberLink\PowerDVD11\Common\MediaServer\sqlite3.dll
2014-08-31 09:06 - 2014-11-11 12:48 - 01171456 _____ () C:\Program Files (x86)\Steam\libavcodec-56.dll
2014-08-31 09:06 - 2014-11-11 12:48 - 00442368 _____ () C:\Program Files (x86)\Steam\libavutil-54.dll
2014-08-31 09:06 - 2014-11-11 12:48 - 00332800 _____ () C:\Program Files (x86)\Steam\libavresample-2.dll
2013-03-12 16:10 - 2014-11-11 12:47 - 00774656 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2014-05-21 12:43 - 2014-11-18 14:23 - 02227904 _____ () C:\Program Files (x86)\Steam\video.dll
2014-08-31 09:06 - 2014-11-11 12:48 - 00403968 _____ () C:\Program Files (x86)\Steam\libavformat-56.dll
2014-08-31 09:06 - 2014-11-11 12:48 - 00485888 _____ () C:\Program Files (x86)\Steam\libswscale-3.dll
2011-07-14 21:45 - 2014-11-18 14:23 - 00690880 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2014-10-21 18:22 - 2014-10-21 18:22 - 00750080 _____ () C:\Users\Zues\AppData\Roaming\Dropbox\bin\libGLESv2.dll
2014-12-21 13:43 - 2014-12-21 13:43 - 00043008 _____ () c:\users\zues\appdata\local\temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpfxj3fx.dll
2014-10-21 18:22 - 2014-10-21 18:22 - 00047616 _____ () C:\Users\Zues\AppData\Roaming\Dropbox\bin\libEGL.dll
2014-10-21 18:22 - 2014-10-21 18:22 - 00863744 _____ () C:\Users\Zues\AppData\Roaming\Dropbox\bin\plugins\platforms\qwindows.dll
2014-10-21 18:22 - 2014-10-21 18:22 - 00200704 _____ () C:\Users\Zues\AppData\Roaming\Dropbox\bin\plugins\imageformats\qjpeg.dll
2013-10-23 02:54 - 2012-06-17 10:20 - 00061440 _____ () C:\Program Files (x86)\ROCCAT\Kone XTD Mouse\hiddriver.dll
2014-02-28 19:14 - 2014-02-28 19:14 - 00002560 _____ () C:\Windows\SysWOW64\CTXFIRES.DLL
2012-04-01 03:40 - 2009-06-29 10:54 - 00164864 _____ () C:\Windows\SysWOW64\APOMngr.DLL
2010-05-13 12:48 - 2014-11-11 12:48 - 34589888 _____ () C:\Program Files (x86)\Steam\bin\libcef.dll
2014-02-16 09:39 - 2014-12-20 00:00 - 01007104 _____ () C:\Program Files (x86)\Origin\platforms\qwindows.dll
2014-02-16 09:39 - 2014-12-20 00:00 - 00023552 _____ () C:\Program Files (x86)\Origin\imageformats\qgif.dll
2014-02-16 09:39 - 2014-12-20 00:00 - 00024576 _____ () C:\Program Files (x86)\Origin\imageformats\qico.dll
2014-02-16 09:39 - 2014-12-20 00:00 - 00216576 _____ () C:\Program Files (x86)\Origin\imageformats\qjpeg.dll
2014-02-16 09:39 - 2014-12-20 00:00 - 00261120 _____ () C:\Program Files (x86)\Origin\imageformats\qmng.dll
2014-02-16 09:39 - 2014-12-20 00:00 - 00019456 _____ () C:\Program Files (x86)\Origin\imageformats\qtga.dll
2014-02-16 09:39 - 2014-12-20 00:00 - 00337408 _____ () C:\Program Files (x86)\Origin\imageformats\qtiff.dll
2014-02-16 09:39 - 2014-12-20 00:00 - 00018944 _____ () C:\Program Files (x86)\Origin\imageformats\qwbmp.dll
2014-11-07 19:51 - 2014-12-20 00:00 - 00060928 _____ () C:\Program Files (x86)\Origin\audio\qtaudio_windows.dll
2014-12-10 16:29 - 2014-12-05 19:50 - 01077064 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\libglesv2.dll
2014-12-10 16:29 - 2014-12-05 19:50 - 00211272 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\libegl.dll
2014-12-10 16:29 - 2014-12-05 19:50 - 09009480 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\pdf.dll
2014-12-10 16:29 - 2014-12-05 19:50 - 01677128 _____ () C:\Program Files (x86)\Google\Chrome\Application\39.0.2171.95\ffmpegsumo.dll
==================== Alternate Data Streams (whitelisted) =========
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
==================== Safe Mode (whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WRkrn => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WRSVC => ""="Service"
==================== EXE Association (whitelisted) =============
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
HKU\.DEFAULT\Software\Classes\.exe: exefile => "%1" %* <===== ATTENTION!
HKU\.DEFAULT\Software\Classes\exefile: "%1" %* <===== ATTENTION!
HKU\S-1-5-19\Software\Classes\.exe: exefile => "%1" %* <===== ATTENTION!
HKU\S-1-5-19\Software\Classes\exefile: "%1" %* <===== ATTENTION!
HKU\S-1-5-20\Software\Classes\.exe: exefile => "%1" %* <===== ATTENTION!
HKU\S-1-5-20\Software\Classes\exefile: "%1" %* <===== ATTENTION!
HKU\S-1-5-21-153555263-3126299475-2757101510-1000\Software\Classes\.exe: exefile => "%1" %* <===== ATTENTION!
HKU\S-1-5-21-153555263-3126299475-2757101510-1000\Software\Classes\exefile: "%1" %* <===== ATTENTION!
==================== MSCONFIG/TASK MANAGER disabled items =========
(Currently there is no automatic fix for this section.)
MSCONFIG\startupfolder: C:^Users^Zues^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Send to OneNote.lnk => C:\Windows\pss\Send to OneNote.lnk.Startup
MSCONFIG\startupreg: EADM => "C:\Program Files (x86)\Origin\Origin.exe" -AutoStart
========================= Accounts: ==========================
Administrator (S-1-5-21-153555263-3126299475-2757101510-500 - Administrator - Disabled)
Guest (S-1-5-21-153555263-3126299475-2757101510-501 - Limited - Disabled)
Zues (S-1-5-21-153555263-3126299475-2757101510-1000 - Administrator - Enabled) => C:\Users\Zues
==================== Faulty Device Manager Devices =============
Name: Photosmart D110 series
Description: Photosmart D110 series
Class Guid: {4d36e971-e325-11ce-bfc1-08002be10318}
Manufacturer: HP
Service:
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Event log errors: =========================
Application errors:
==================
Error: (12/21/2014 02:29:14 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: iexplore.exe, version: 11.0.9600.17496, time stamp: 0x4ce7a46b
Faulting module name: jscript9.dll, version: 11.0.9600.17496, time stamp: 0x546fe6d5
Exception code: 0xc0000005
Fault offset: 0x000243fc
Faulting process id: 0x51c
Faulting application start time: 0xiexplore.exe0
Faulting application path: iexplore.exe1
Faulting module path: iexplore.exe2
Report Id: iexplore.exe3
Error: (12/21/2014 02:12:13 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: iexplore.exe, version: 11.0.9600.17496, time stamp: 0x4a5bc5e1
Faulting module name: MSHTML.dll, version: 11.0.9600.17496, time stamp: 0x546ff2f9
Exception code: 0xc00000fd
Fault offset: 0x0011fb5c
Faulting process id: 0x3404
Faulting application start time: 0xiexplore.exe0
Faulting application path: iexplore.exe1
Faulting module path: iexplore.exe2
Report Id: iexplore.exe3
Error: (12/21/2014 01:59:21 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: wmpnetwk.exe, version: 12.0.7601.17514, time stamp: 0x4ce7ae7f
Faulting module name: msvcrt.dll, version: 7.0.7601.17744, time stamp: 0x4eeb033f
Exception code: 0xc0000005
Fault offset: 0x0000000000003d53
Faulting process id: 0x6b0
Faulting application start time: 0xwmpnetwk.exe0
Faulting application path: wmpnetwk.exe1
Faulting module path: wmpnetwk.exe2
Report Id: wmpnetwk.exe3
Error: (12/21/2014 01:49:19 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT AUTHORITY)
Description: Unloading the performance counter strings for service WmiApRpl (WmiApRpl) failed. The first DWORD in the Data section contains the error code.
Error: (12/21/2014 01:49:19 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT AUTHORITY)
Description: The performance strings in the Performance registry value is corrupted when process Performance extension counter provider. The BaseIndex value from the Performance registry is the first DWORD in the Data section, LastCounter value is the second DWORD in the Data section, and LastHelp value is the third DWORD in the Data section.
Error: (12/21/2014 01:47:00 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: iexplore.exe, version: 11.0.9600.17496, time stamp: 0x4a5bc959
Faulting module name: MSHTML.dll, version: 11.0.9600.17496, time stamp: 0x546ff2f9
Exception code: 0xc00000fd
Fault offset: 0x001202a2
Faulting process id: 0x40c4
Faulting application start time: 0xiexplore.exe0
Faulting application path: iexplore.exe1
Faulting module path: iexplore.exe2
Report Id: iexplore.exe3
Error: (12/21/2014 01:43:30 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Local Hostname Zues-PC.local already in use; will try Zues-PC-2.local instead
Error: (12/21/2014 01:43:30 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: ProbeCount 2; will deregister 4 Zues-PC.local. Addr 192.168.1.143
Error: (12/21/2014 01:43:30 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Received from 192.168.1.109:5353 4 Zues-PC.local. Addr 192.168.1.109
Error: (12/21/2014 01:43:30 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Resetting to Probing: 16 Zues-PC.local. AAAA FE80:0000:0000:0000:DCF8:B8D6:BBD0:4DC9
System errors:
=============
Error: (12/21/2014 02:25:17 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: The following fatal alert was received: 20.
Error: (12/21/2014 01:59:24 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Windows Media Player Network Sharing Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service.
Error: (12/21/2014 01:44:03 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}
Error: (12/21/2014 01:36:40 PM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)
Description: The following fatal alert was generated: 40. The internal error state is 252.
Error: (12/21/2014 01:36:40 PM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)
Description: The following fatal alert was generated: 40. The internal error state is 252.
Error: (12/21/2014 01:29:55 PM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)
Description: The following fatal alert was generated: 40. The internal error state is 252.
Error: (12/21/2014 01:29:55 PM) (Source: Schannel) (EventID: 4120) (User: NT AUTHORITY)
Description: The following fatal alert was generated: 40. The internal error state is 252.
Error: (12/21/2014 01:05:53 PM) (Source: nvlddmkm) (EventID: 13) (User: )
Description: \Device\Video7Variable String to Large
Error: (12/21/2014 01:05:53 PM) (Source: nvlddmkm) (EventID: 13) (User: )
Description: \Device\Video7NVRM: Graphics TEX Exception on (GPC 3, TPC 1): TEX NACK / Page Fault
Error: (12/21/2014 01:05:53 PM) (Source: nvlddmkm) (EventID: 13) (User: )
Description: \Device\Video7NVRM: Graphics TEX Exception on (GPC 3, TPC 1): TEX LAYOUT
Microsoft Office Sessions:
=========================
Error: (12/21/2014 02:29:14 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: iexplore.exe11.0.9600.174964ce7a46bjscript9.dll11.0.9600.17496546fe6d5c0000005000243fc51c01d01d5ba82c6dd6C:\Program Files\Internet Explorer\iexplore.exeC:\Windows\SysWOW64\jscript9.dll06cd28bf-8950-11e4-b2f6-002522fecc75
Error: (12/21/2014 02:12:13 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: iexplore.exe11.0.9600.174964a5bc5e1MSHTML.dll11.0.9600.17496546ff2f9c00000fd0011fb5c340401d01d5966687e7dC:\Program Files\Internet Explorer\iexplore.exeC:\Windows\system32\MSHTML.dlla643ba9e-894d-11e4-b2f6-002522fecc75
Error: (12/21/2014 01:59:21 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: wmpnetwk.exe12.0.7601.175144ce7ae7fmsvcrt.dll7.0.7601.177444eeb033fc00000050000000000003d536b001d01d5665b36b2cC:\Program Files\Windows Media Player\wmpnetwk.exeC:\Windows\system32\msvcrt.dllda2e0764-894b-11e4-b2f6-002522fecc75
Error: (12/21/2014 01:49:19 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT AUTHORITY)
Description: WmiApRplWmiApRpl8F20300004D070000
Error: (12/21/2014 01:49:19 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT AUTHORITY)
Description: Performance1637070000000000000000000009030000
Error: (12/21/2014 01:47:00 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: iexplore.exe11.0.9600.174964a5bc959MSHTML.dll11.0.9600.17496546ff2f9c00000fd001202a240c401d01d56a2225eddC:\Program Files\Internet Explorer\iexplore.exeC:\Windows\system32\MSHTML.dll20718d04-894a-11e4-b2f6-002522fecc75
Error: (12/21/2014 01:43:30 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Local Hostname Zues-PC.local already in use; will try Zues-PC-2.local instead
Error: (12/21/2014 01:43:30 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: ProbeCount 2; will deregister 4 Zues-PC.local. Addr 192.168.1.143
Error: (12/21/2014 01:43:30 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Received from 192.168.1.109:5353 4 Zues-PC.local. Addr 192.168.1.109
Error: (12/21/2014 01:43:30 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: Resetting to Probing: 16 Zues-PC.local. AAAA FE80:0000:0000:0000:DCF8:B8D6:BBD0:4DC9
CodeIntegrity Errors:
===================================
Date: 2014-11-06 01:11:50.033
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2014-11-06 01:11:50.003
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\ComboFix\catchme.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2013-01-03 22:32:04.881
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\cryptnet.dll because the set of per-page image hashes could not be found on the system.
Date: 2013-01-03 22:32:04.842
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\cryptnet.dll because the set of per-page image hashes could not be found on the system.
Date: 2013-01-03 22:32:04.734
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\cryptnet.dll because the set of per-page image hashes could not be found on the system.
Date: 2013-01-03 22:32:04.635
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\cryptnet.dll because the set of per-page image hashes could not be found on the system.
Date: 2013-01-03 22:32:04.587
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\cryptnet.dll because the set of per-page image hashes could not be found on the system.
Date: 2013-01-03 22:32:04.460
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\cryptnet.dll because the set of per-page image hashes could not be found on the system.
Date: 2013-01-03 22:32:04.432
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\cryptnet.dll because the set of per-page image hashes could not be found on the system.
Date: 2013-01-03 22:32:04.397
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\gpapi.dll because the set of per-page image hashes could not be found on the system.
==================== Memory info ===========================
Processor: Intel® Core i7-3770K CPU @ 3.50GHz
Percentage of memory in use: 32%
Total physical RAM: 16279.78 MB
Available physical RAM: 10920.74 MB
Total Pagefile: 32557.73 MB
Available Pagefile: 25069.67 MB
Total Virtual: 8192 MB
Available Virtual: 8191.81 MB
==================== Drives ================================
Drive c: (Mushkin) (Fixed) (Total:223.57 GB) (Free:41.39 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (Western Digital) (Fixed) (Total:596.17 GB) (Free:71.31 GB) NTFS
Drive f: (Sims3EP05) (CDROM) (Total:5.3 GB) (Free:0 GB) UDF
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 223.6 GB) (Disk ID: 6284C42A)
Partition 1: (Active) - (Size=223.6 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 596.2 GB) (Disk ID: C2E2C322)
Partition 1: (Active) - (Size=596.2 GB) - (Type=07 NTFS)
==================== End Of Log ============================